X-Git-Url: https://git.distorted.org.uk/~mdw/tripe/blobdiff_plain/5bb41301a3d2b183d260f41a9eff5819683f6fdc..2ab54e099dbb3827aa61d170e8cd3fda83b373ae:/peer.c

diff --git a/peer.c b/peer.c
index 2f3d09ab..3df4c4fe 100644
--- a/peer.c
+++ b/peer.c
@@ -1,6 +1,6 @@
 /* -*-c-*-
  *
- * $Id: peer.c,v 1.4 2001/02/16 21:40:24 mdw Exp $
+ * $Id: peer.c,v 1.10 2003/10/15 09:29:38 mdw Exp $
  *
  * Communication with the peer
  *
@@ -29,6 +29,30 @@
 /*----- Revision history --------------------------------------------------* 
  *
  * $Log: peer.c,v $
+ * Revision 1.10  2003/10/15 09:29:38  mdw
+ * Cosmetic fix to changelog comment.
+ *
+ * Revision 1.9  2003/07/13 11:19:49  mdw
+ * Incompatible protocol fix!  Include message type code under MAC tag to
+ * prevent cut-and-paste from key-exchange messages to general packet
+ * transport.
+ *
+ * Revision 1.8  2003/05/16 12:09:03  mdw
+ * Allow binding to a chosen address.
+ *
+ * Revision 1.7  2003/04/15 14:12:05  mdw
+ * Insert a newline to improve readability.
+ *
+ * Revision 1.6  2001/06/19 22:07:59  mdw
+ * Use magic number for packet size.
+ *
+ * Revision 1.5  2001/03/03 11:15:19  mdw
+ * Set the socket send and receive buffers to maximum.  At least this way,
+ * we won't drop large packets on the floor.  If the administrator wants to
+ * prevent fragmentation of TrIPE messages, he can lower the MTU on the
+ * tunnel interface.  Getting path-MTU stuff out of the kernel is too much
+ * system-specific hard work for this program.
+ *
  * Revision 1.4  2001/02/16 21:40:24  mdw
  * Change key exchange message interface.  Maintain statistics.
  *
@@ -119,7 +143,7 @@ found:
 	return;
       }
       buf_init(&bb, buf_o, sizeof(buf_o));
-      if (ksl_decrypt(&p->ks, &b, &bb)) {
+      if (ksl_decrypt(&p->ks, MSG_PACKET, &b, &bb)) {
 	p->st.n_reject++;
 	a_warn("couldn't decrypt inbound packet from `%s'", p->name);
 	return;
@@ -200,8 +224,9 @@ void p_txend(peer *p)
 void p_tun(peer *p, buf *b)
 {
   buf *bb = p_txstart(p, MSG_PACKET);
+
   TIMER;
-  if (ksl_encrypt(&p->ks, b, bb))
+  if (ksl_encrypt(&p->ks, MSG_PACKET, b, bb))
     kx_start(&p->kx);
   if (BOK(bb) && BLEN(bb)) {
     p->st.n_ipout++;
@@ -262,26 +287,41 @@ const addr *p_addr(peer *p) { return (&p->peer); }
 
 /* --- @p_init@ --- *
  *
- * Arguments:	@unsigned port@ = port number to listen to
+ * Arguments:	@struct in_addr addr@ = address to bind to
+ *		@unsigned port@ = port number to listen to
  *
  * Returns:	---
  *
  * Use:		Initializes the peer system; creates the socket.
  */
 
-void p_init(unsigned port)
+void p_init(struct in_addr addr, unsigned port)
 {
   int fd;
   struct sockaddr_in sin;
+  int len = PKBUFSZ;
+
+  /* --- Note on socket buffer sizes --- *
+   *
+   * For some bizarre reason, Linux 2.2 (at least) doubles the socket buffer
+   * sizes I pass to @setsockopt@.  I'm not putting special-case code here
+   * for Linux: BSD (at least TCPv2) does what I tell it rather than second-
+   * guessing me.
+   */
 
   if ((fd = socket(PF_INET, SOCK_DGRAM, 0)) < 0)
     die(EXIT_FAILURE, "socket creation failed: %s", strerror(errno));
   BURN(sin);
   sin.sin_family = AF_INET;
-  sin.sin_addr.s_addr = INADDR_ANY;
+  sin.sin_addr = addr;
   sin.sin_port = htons(port);
   if (bind(fd, (struct sockaddr *)&sin, sizeof(sin)))
     die(EXIT_FAILURE, "bind failed: %s", strerror(errno));
+  if (setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &len, sizeof(len)) ||
+      setsockopt(fd, SOL_SOCKET, SO_SNDBUF, &len, sizeof(len))) {
+    die(EXIT_FAILURE, "failed to set socket buffer sizes: %s",
+	strerror(errno));
+  }
   fdflags(fd, O_NONBLOCK, O_NONBLOCK, FD_CLOEXEC, FD_CLOEXEC);
   sel_initfile(&sel, &sock, fd, SEL_READ, p_read, 0);
   sel_addfile(&sock);