server/{keyexch,peer}.c: Maybe key-exchange messages come out of the blue.

Don't insist in `p_read' that key-exchange messages always come from a
known address.  Instead, leave this to `kx_message' to sort out.

This involves a change of interface to `kx_message', passing in the
sender address, and passing out an indication as to whether the address
was recognized.  It also means that there's a little extra fancy
footwork involved because `kx_message' might not have a key-exchange
control block conveniently to hand.

diff --git a/server/keyexch.c b/server/keyexch.c
index 7d1fa7d..4a990ee 100644 (file)
--- a/server/keyexch.c
+++ b/server/keyexch.c
@@ -1320,24 +1320,27 @@ void kx_start(keyexch *kx, int forcep)
 /* --- @kx_message@ --- *
  *
  * Arguments:  @keyexch *kx@ = pointer to key exchange context
+ *             @const addr *a@ = sender's IP address and port
  *             @unsigned msg@ = the message code
  *             @buf *b@ = pointer to buffer containing the packet
  *
- * Returns:    ---
+ * Returns:    Nonzero if the sender's address was unknown.
  *
  * Use:                Reads a packet containing key exchange messages and handles
  *             it.
  */
 
-void kx_message(keyexch *kx, unsigned msg, buf *b)
+int kx_message(keyexch *kx, const addr *a, unsigned msg, buf *b)
 {
   size_t sz = BSZ(b);
   int rc;
 
-  if (notice_message(kx)) return;
+  T( trace(T_KEYEXCH, "keyexch: processing %s packet from %c%s%c",
+          msg < KX_NMSG ? pkname[msg] : "unknown",
+          kx ? '`' : '<', kx ? p_name(kx->p) : "nil", kx ? '\'' : '>'); )
 
-  T( trace(T_KEYEXCH, "keyexch: processing %s packet from `%s'",
-          msg < KX_NMSG ? pkname[msg] : "unknown", p_name(kx->p)); )
+  if (!kx) return (-1);
+  if (notice_message(kx)) return (0);
 
   switch (msg) {
     case KX_PRECHAL: rc = doprechallenge(kx, b); break;
@@ -1352,6 +1355,7 @@ void kx_message(keyexch *kx, unsigned msg, buf *b)
   }
 
   update_stats_rx(kx, !rc, sz);
+  return (0);
 }
 
 /* --- @kx_free@ --- *

diff --git a/server/peer.c b/server/peer.c
index e9b8f66..2eb30bf 100644 (file)
--- a/server/peer.c
+++ b/server/peer.c
@@ -413,9 +413,8 @@ static void p_read(int fd, unsigned mode, void *v)
       }
       break;
     case MSG_KEYEXCH:
-      if (!p) goto unexp;
-      p_rxupdstats(p, n);
-      kx_message(&p->kx, ch & MSG_TYPEMASK, &b);
+      if (p) p_rxupdstats(p, n);
+      if (kx_message(p ? &p->kx : 0, &a, ch & MSG_TYPEMASK, &b)) goto unexp;
       break;
     case MSG_MISC:
       switch (ch & MSG_TYPEMASK) {

diff --git a/server/tripe.h b/server/tripe.h
index d3dce08..c796d07 100644 (file)
--- a/server/tripe.h
+++ b/server/tripe.h
@@ -903,16 +903,18 @@ extern void kx_start(keyexch */*kx*/, int /*forcep*/);
 /* --- @kx_message@ --- *
  *
  * Arguments:  @keyexch *kx@ = pointer to key exchange context
+ *             @const addr *a@ = sender's IP address and port
  *             @unsigned msg@ = the message code
  *             @buf *b@ = pointer to buffer containing the packet
  *
- * Returns:    ---
+ * Returns:    Nonzero if the sender's address was unknown.
  *
  * Use:                Reads a packet containing key exchange messages and handles
  *             it.
  */
 
-extern void kx_message(keyexch */*kx*/, unsigned /*msg*/, buf */*b*/);
+extern int kx_message(keyexch */*kx*/, const addr */*a*/,
+                     unsigned /*msg*/, buf */*b*/);
 
 /* --- @kx_free@ --- *
  *