ViewVC Help
View File | Revision Log | Show Annotations | Download File
/cvs/gvpe/src/connection.C
(Generate patch)

Comparing gvpe/src/connection.C (file contents):
Revision 1.9 by pcg, Sun Apr 6 04:31:51 2003 UTC vs.
Revision 1.19 by pcg, Tue Oct 14 03:22:09 2003 UTC

35#include "slog.h" 35#include "slog.h"
36#include "device.h" 36#include "device.h"
37#include "vpn.h" 37#include "vpn.h"
38#include "connection.h" 38#include "connection.h"
39 39
40#include <sys/socket.h>
41#ifdef HAVE_NETINET_IN_H
42# include <netinet/in.h>
43#endif
44#include <arpa/inet.h>
45#include <net/if.h>
46#ifdef HAVE_NETINET_IN_SYSTM_H
47# include <netinet/in_systm.h>
48#endif
49#ifdef HAVE_NETINET_IP_H
50# include <netinet/ip.h>
51#endif
52
53#ifndef IPTOS_TOS_MASK
54# define IPTOS_TOS_MASK (IPTOS_LOWDELAY | IPTOS_THROUGHPUT | IPTOS_RELIABILITY | IPTOS_MINCOST)
55#endif
56
40#if !HAVE_RAND_PSEUDO_BYTES 57#if !HAVE_RAND_PSEUDO_BYTES
41# define RAND_pseudo_bytes RAND_bytes 58# define RAND_pseudo_bytes RAND_bytes
42#endif 59#endif
43 60
44#define MAGIC "vped\xbd\xc6\xdb\x82" // 8 bytes of magic 61#define MAGIC "vped\xbd\xc6\xdb\x82" // 8 bytes of magic
147 } 164 }
148} 165}
149 166
150////////////////////////////////////////////////////////////////////////////// 167//////////////////////////////////////////////////////////////////////////////
151 168
152void pkt_queue::put (tap_packet *p) 169void pkt_queue::put (net_packet *p)
153{ 170{
154 if (queue[i]) 171 if (queue[i])
155 { 172 {
156 delete queue[i]; 173 delete queue[i];
157 j = (j + 1) % QUEUEDEPTH; 174 j = (j + 1) % QUEUEDEPTH;
160 queue[i] = p; 177 queue[i] = p;
161 178
162 i = (i + 1) % QUEUEDEPTH; 179 i = (i + 1) % QUEUEDEPTH;
163} 180}
164 181
165tap_packet *pkt_queue::get () 182net_packet *pkt_queue::get ()
166{ 183{
167 tap_packet *p = queue[j]; 184 net_packet *p = queue[j];
168 185
169 if (p) 186 if (p)
170 { 187 {
171 queue[j] = 0; 188 queue[j] = 0;
172 j = (j + 1) % QUEUEDEPTH; 189 j = (j + 1) % QUEUEDEPTH;
197// only do action once every x seconds per host whole allowing bursts. 214// only do action once every x seconds per host whole allowing bursts.
198// this implementation ("splay list" ;) is inefficient, 215// this implementation ("splay list" ;) is inefficient,
199// but low on resources. 216// but low on resources.
200struct net_rate_limiter : list<net_rateinfo> 217struct net_rate_limiter : list<net_rateinfo>
201{ 218{
202 static const double ALPHA = 1. - 1. / 180.; // allow bursts 219 static const double ALPHA = 1. - 1. / 600.; // allow bursts
203 static const double CUTOFF = 10.; // one event every CUTOFF seconds 220 static const double CUTOFF = 10.; // one event every CUTOFF seconds
204 static const double EXPIRE = CUTOFF * 30.; // expire entries after this time 221 static const double EXPIRE = CUTOFF * 30.; // expire entries after this time
222 static const double MAXDIF = CUTOFF * (1. / (1. - ALPHA)); // maximum diff /count value
205 223
206 bool can (const sockinfo &si) { return can((u32)si.host); } 224 bool can (const sockinfo &si) { return can((u32)si.host); }
207 bool can (u32 host); 225 bool can (u32 host);
208}; 226};
209 227
210net_rate_limiter auth_rate_limiter, reset_rate_limiter; 228net_rate_limiter auth_rate_limiter, reset_rate_limiter;
211 229
225 { 243 {
226 net_rateinfo ri; 244 net_rateinfo ri;
227 245
228 ri.host = host; 246 ri.host = host;
229 ri.pcnt = 1.; 247 ri.pcnt = 1.;
230 ri.diff = CUTOFF * (1. / (1. - ALPHA)); 248 ri.diff = MAXDIF;
231 ri.last = NOW; 249 ri.last = NOW;
232 250
233 push_front (ri); 251 push_front (ri);
234 252
235 return true; 253 return true;
242 ri.pcnt = ri.pcnt * ALPHA; 260 ri.pcnt = ri.pcnt * ALPHA;
243 ri.diff = ri.diff * ALPHA + (NOW - ri.last); 261 ri.diff = ri.diff * ALPHA + (NOW - ri.last);
244 262
245 ri.last = NOW; 263 ri.last = NOW;
246 264
265 double dif = ri.diff / ri.pcnt;
266
247 bool send = ri.diff / ri.pcnt > CUTOFF; 267 bool send = dif > CUTOFF;
248 268
269 if (dif > MAXDIF)
270 {
271 ri.pcnt = 1.;
272 ri.diff = MAXDIF;
273 }
249 if (send) 274 else if (send)
250 ri.pcnt++; 275 ri.pcnt++;
251 276
252 push_front (ri); 277 push_front (ri);
253 278
254 return send; 279 return send;
467 set_hdr (type, dst); 492 set_hdr (type, dst);
468} 493}
469 494
470bool config_packet::chk_config () const 495bool config_packet::chk_config () const
471{ 496{
472 return prot_major == PROTOCOL_MAJOR 497 if (prot_major != PROTOCOL_MAJOR)
473 && randsize == RAND_SIZE 498 slog (L_WARN, _("major version mismatch (%d <=> %d)"), prot_major, PROTOCOL_MAJOR);
474 && hmaclen == HMACLENGTH 499 else if (randsize != RAND_SIZE)
475 && flags == curflags () 500 slog (L_WARN, _("rand size mismatch (%d <=> %d)"), randsize, RAND_SIZE);
501 else if (hmaclen != HMACLENGTH)
502 slog (L_WARN, _("hmac length mismatch (%d <=> %d)"), hmaclen, HMACLENGTH);
503 else if (flags != curflags ())
504 slog (L_WARN, _("flag mismatch (%x <=> %x)"), flags, curflags ());
476 && challengelen == sizeof (rsachallenge) 505 else if (challengelen != sizeof (rsachallenge))
506 slog (L_WARN, _("challenge length mismatch (%d <=> %d)"), challengelen, sizeof (rsachallenge));
477 && cipher_nid == htonl (EVP_CIPHER_nid (CIPHER)) 507 else if (cipher_nid != htonl (EVP_CIPHER_nid (CIPHER)))
508 slog (L_WARN, _("cipher mismatch (%x <=> %x)"), ntohl (cipher_nid), EVP_CIPHER_nid (CIPHER));
478 && digest_nid == htonl (EVP_MD_type (RSA_HASH)) 509 else if (digest_nid != htonl (EVP_MD_type (RSA_HASH)))
510 slog (L_WARN, _("digest mismatch (%x <=> %x)"), ntohl (digest_nid), EVP_MD_type (RSA_HASH));
479 && hmac_nid == htonl (EVP_MD_type (DIGEST)); 511 else if (hmac_nid != htonl (EVP_MD_type (DIGEST)))
512 slog (L_WARN, _("hmac mismatch (%x <=> %x)"), ntohl (hmac_nid), EVP_MD_type (DIGEST));
513 else
514 return true;
515
516 return false;
480} 517}
481 518
482struct auth_req_packet : config_packet 519struct auth_req_packet : config_packet
483{ 520{
484 char magic[8]; 521 char magic[8];
544 len = sizeof (*this) - sizeof (net_packet); 581 len = sizeof (*this) - sizeof (net_packet);
545 } 582 }
546}; 583};
547 584
548///////////////////////////////////////////////////////////////////////////// 585/////////////////////////////////////////////////////////////////////////////
586
587void
588connection::connection_established ()
589{
590 if (ictx && octx)
591 {
592 connectmode = conf->connectmode;
593
594 rekey.start (NOW + ::conf.rekey);
595 keepalive.start (NOW + ::conf.keepalive);
596
597 // send queued packets
598 if (ictx && octx)
599 {
600 while (tap_packet *p = (tap_packet *)data_queue.get ())
601 {
602 send_data_packet (p);
603 delete p;
604 }
605
606 while (vpn_packet *p = (vpn_packet *)vpn_queue.get ())
607 {
608 send_vpn_packet (p, si, IPTOS_RELIABILITY);
609 delete p;
610 }
611 }
612 }
613 else
614 {
615 retry_cnt = 0;
616 establish_connection.start (NOW + 5);
617 keepalive.reset ();
618 rekey.reset ();
619 }
620}
549 621
550void 622void
551connection::reset_si () 623connection::reset_si ()
552{ 624{
553 protocol = best_protocol (THISNODE->protocols & conf->protocols); 625 protocol = best_protocol (THISNODE->protocols & conf->protocols);
580 652
581 return si; 653 return si;
582} 654}
583 655
584void 656void
657connection::send_vpn_packet (vpn_packet *pkt, const sockinfo &si, int tos)
658{
659 if (!vpn->send_vpn_packet (pkt, si, tos))
660 reset_connection ();
661}
662
663void
585connection::send_ping (const sockinfo &si, u8 pong) 664connection::send_ping (const sockinfo &si, u8 pong)
586{ 665{
587 ping_packet *pkt = new ping_packet; 666 ping_packet *pkt = new ping_packet;
588 667
589 pkt->setup (conf->id, pong ? ping_packet::PT_PONG : ping_packet::PT_PING); 668 pkt->setup (conf->id, pong ? ping_packet::PT_PONG : ping_packet::PT_PING);
590 vpn->send_vpn_packet (pkt, si, IPTOS_LOWDELAY); 669 send_vpn_packet (pkt, si, IPTOS_LOWDELAY);
591 670
592 delete pkt; 671 delete pkt;
593} 672}
594 673
595void 674void
598 if (reset_rate_limiter.can (si) && connectmode != conf_node::C_DISABLED) 677 if (reset_rate_limiter.can (si) && connectmode != conf_node::C_DISABLED)
599 { 678 {
600 config_packet *pkt = new config_packet; 679 config_packet *pkt = new config_packet;
601 680
602 pkt->setup (vpn_packet::PT_RESET, conf->id); 681 pkt->setup (vpn_packet::PT_RESET, conf->id);
603 vpn->send_vpn_packet (pkt, si, IPTOS_MINCOST); 682 send_vpn_packet (pkt, si, IPTOS_MINCOST);
604 683
605 delete pkt; 684 delete pkt;
606 } 685 }
607} 686}
608 687
620 conf->rsa_key, RSA_PKCS1_OAEP_PADDING)) 699 conf->rsa_key, RSA_PKCS1_OAEP_PADDING))
621 fatal ("RSA_public_encrypt error"); 700 fatal ("RSA_public_encrypt error");
622 701
623 slog (L_TRACE, ">>%d PT_AUTH_REQ [%s]", conf->id, (const char *)si); 702 slog (L_TRACE, ">>%d PT_AUTH_REQ [%s]", conf->id, (const char *)si);
624 703
625 vpn->send_vpn_packet (pkt, si, IPTOS_RELIABILITY | IPTOS_LOWDELAY); // rsa is very very costly 704 send_vpn_packet (pkt, si, IPTOS_RELIABILITY | IPTOS_LOWDELAY); // rsa is very very costly
626 705
627 delete pkt; 706 delete pkt;
628} 707}
629 708
630void 709void
638 717
639 pkt->hmac_set (octx); 718 pkt->hmac_set (octx);
640 719
641 slog (L_TRACE, ">>%d PT_AUTH_RES [%s]", conf->id, (const char *)si); 720 slog (L_TRACE, ">>%d PT_AUTH_RES [%s]", conf->id, (const char *)si);
642 721
643 vpn->send_vpn_packet (pkt, si, IPTOS_RELIABILITY); // rsa is very very costly 722 send_vpn_packet (pkt, si, IPTOS_RELIABILITY); // rsa is very very costly
644 723
645 delete pkt; 724 delete pkt;
646} 725}
647 726
648void 727void
652 conf->id, rid, (const char *)rsi); 731 conf->id, rid, (const char *)rsi);
653 732
654 connect_info_packet *r = new connect_info_packet (conf->id, rid, rsi, rprotocols); 733 connect_info_packet *r = new connect_info_packet (conf->id, rid, rsi, rprotocols);
655 734
656 r->hmac_set (octx); 735 r->hmac_set (octx);
657 vpn->send_vpn_packet (r, si); 736 send_vpn_packet (r, si);
658 737
659 delete r; 738 delete r;
660} 739}
661 740
662void 741void
676 w.at = NOW + retry_int; 755 w.at = NOW + retry_int;
677 756
678 reset_si (); 757 reset_si ();
679 758
680 if (si.prot && !si.host) 759 if (si.prot && !si.host)
681 vpn->connect_request (conf->id); 760 vpn->send_connect_request (conf->id);
682 else 761 else
683 { 762 {
684 const sockinfo &dsi = forward_si (si); 763 const sockinfo &dsi = forward_si (si);
685 764
686 if (dsi.valid () && auth_rate_limiter.can (dsi)) 765 if (dsi.valid () && auth_rate_limiter.can (dsi))
741connection::send_data_packet (tap_packet *pkt, bool broadcast) 820connection::send_data_packet (tap_packet *pkt, bool broadcast)
742{ 821{
743 vpndata_packet *p = new vpndata_packet; 822 vpndata_packet *p = new vpndata_packet;
744 int tos = 0; 823 int tos = 0;
745 824
825 // I am not hilarious about peeking into packets, but so be it.
746 if (conf->inherit_tos 826 if (conf->inherit_tos
747 && (*pkt)[12] == 0x08 && (*pkt)[13] == 0x00 // IP 827 && (*pkt)[12] == 0x08 && (*pkt)[13] == 0x00 // IP
748 && ((*pkt)[14] & 0xf0) == 0x40) // IPv4 828 && ((*pkt)[14] & 0xf0) == 0x40) // IPv4
749 tos = (*pkt)[15] & IPTOS_TOS_MASK; 829 tos = (*pkt)[15] & IPTOS_TOS_MASK;
750 830
751 p->setup (this, broadcast ? 0 : conf->id, &((*pkt)[6 + 6]), pkt->len - 6 - 6, ++oseqno); // skip 2 macs 831 p->setup (this, broadcast ? 0 : conf->id, &((*pkt)[6 + 6]), pkt->len - 6 - 6, ++oseqno); // skip 2 macs
752 vpn->send_vpn_packet (p, si, tos); 832 send_vpn_packet (p, si, tos);
753 833
754 delete p; 834 delete p;
755 835
756 if (oseqno > MAX_SEQNO) 836 if (oseqno > MAX_SEQNO)
757 rekey (); 837 rekey ();
763 if (ictx && octx) 843 if (ictx && octx)
764 send_data_packet (pkt, broadcast); 844 send_data_packet (pkt, broadcast);
765 else 845 else
766 { 846 {
767 if (!broadcast)//DDDD 847 if (!broadcast)//DDDD
768 queue.put (new tap_packet (*pkt)); 848 data_queue.put (new tap_packet (*pkt));
769 849
770 establish_connection (); 850 establish_connection ();
771 } 851 }
772} 852}
773 853
774void connection::inject_vpn_packet (vpn_packet *pkt, int tos) 854void connection::inject_vpn_packet (vpn_packet *pkt, int tos)
775{ 855{
776 if (ictx && octx) 856 if (ictx && octx)
777 vpn->send_vpn_packet (pkt, si, tos); 857 send_vpn_packet (pkt, si, tos);
778 else 858 else
859 {
860 vpn_queue.put (new vpn_packet (*pkt));
861
779 establish_connection (); 862 establish_connection ();
863 }
780} 864}
781 865
782void 866void
783connection::recv_vpn_packet (vpn_packet *pkt, const sockinfo &rsi) 867connection::recv_vpn_packet (vpn_packet *pkt, const sockinfo &rsi)
784{ 868{
843 rsachallenge k; 927 rsachallenge k;
844 928
845 if (0 > RSA_private_decrypt (sizeof (p->encr), 929 if (0 > RSA_private_decrypt (sizeof (p->encr),
846 (unsigned char *)&p->encr, (unsigned char *)&k, 930 (unsigned char *)&p->encr, (unsigned char *)&k,
847 ::conf.rsa_key, RSA_PKCS1_OAEP_PADDING)) 931 ::conf.rsa_key, RSA_PKCS1_OAEP_PADDING))
848 slog (L_ERR, _("%s(%s): challenge illegal or corrupted"), 932 slog (L_ERR, _("%s(%s): challenge illegal or corrupted (%s). mismatched key or config file?"),
849 conf->nodename, (const char *)rsi); 933 conf->nodename, (const char *)rsi, ERR_error_string (ERR_get_error (), 0));
850 else 934 else
851 { 935 {
852 retry_cnt = 0;
853 establish_connection.start (NOW + 8); //? ;)
854 keepalive.reset ();
855 rekey.reset ();
856
857 delete ictx;
858 ictx = 0;
859
860 delete octx; 936 delete octx;
861 937
862 octx = new crypto_ctx (k, 1); 938 octx = new crypto_ctx (k, 1);
863 oseqno = ntohl (*(u32 *)&k[CHG_SEQNO]) & 0x7fffffff; 939 oseqno = ntohl (*(u32 *)&k[CHG_SEQNO]) & 0x7fffffff;
864 940
865 conf->protocols = p->protocols; 941 conf->protocols = p->protocols;
942
866 send_auth_response (rsi, p->id, k); 943 send_auth_response (rsi, p->id, k);
944
945 connection_established ();
867 946
868 break; 947 break;
869 } 948 }
870 } 949 }
950 else
951 slog (L_WARN, _("%s(%s): protocol mismatch"),
952 conf->nodename, (const char *)rsi);
871 953
872 send_reset (rsi); 954 send_reset (rsi);
873 } 955 }
874 956
875 break; 957 break;
888 PROTOCOL_MINOR, conf->nodename, p->prot_minor); 970 PROTOCOL_MINOR, conf->nodename, p->prot_minor);
889 971
890 rsachallenge chg; 972 rsachallenge chg;
891 973
892 if (!rsa_cache.find (p->id, chg)) 974 if (!rsa_cache.find (p->id, chg))
975 {
893 slog (L_ERR, _("%s(%s): unrequested auth response"), 976 slog (L_ERR, _("%s(%s): unrequested auth response ignored"),
894 conf->nodename, (const char *)rsi); 977 conf->nodename, (const char *)rsi);
978 break;
979 }
895 else 980 else
896 { 981 {
897 crypto_ctx *cctx = new crypto_ctx (chg, 0); 982 crypto_ctx *cctx = new crypto_ctx (chg, 0);
898 983
899 if (!p->hmac_chk (cctx)) 984 if (!p->hmac_chk (cctx))
985 {
900 slog (L_ERR, _("%s(%s): hmac authentication error on auth response, received invalid packet\n" 986 slog (L_ERR, _("%s(%s): hmac authentication error on auth response, received invalid packet\n"
901 "could be an attack, or just corruption or an synchronization error"), 987 "could be an attack, or just corruption or an synchronization error"),
902 conf->nodename, (const char *)rsi); 988 conf->nodename, (const char *)rsi);
989 break;
990 }
903 else 991 else
904 { 992 {
905 rsaresponse h; 993 rsaresponse h;
906 994
907 rsa_hash (p->id, chg, h); 995 rsa_hash (p->id, chg, h);
915 iseqno.reset (ntohl (*(u32 *)&chg[CHG_SEQNO]) & 0x7fffffff); // at least 2**31 sequence numbers are valid 1003 iseqno.reset (ntohl (*(u32 *)&chg[CHG_SEQNO]) & 0x7fffffff); // at least 2**31 sequence numbers are valid
916 1004
917 si = rsi; 1005 si = rsi;
918 protocol = rsi.prot; 1006 protocol = rsi.prot;
919 1007
920 rekey.start (NOW + ::conf.rekey); 1008 connection_established ();
921 keepalive.start (NOW + ::conf.keepalive);
922
923 // send queued packets
924 while (tap_packet *p = queue.get ())
925 {
926 send_data_packet (p);
927 delete p;
928 }
929
930 connectmode = conf->connectmode;
931 1009
932 slog (L_INFO, _("%s(%s): connection established, protocol version %d.%d"), 1010 slog (L_INFO, _("%s(%s): connection established, protocol version %d.%d"),
933 conf->nodename, (const char *)rsi, 1011 conf->nodename, (const char *)rsi,
934 p->prot_major, p->prot_minor); 1012 p->prot_major, p->prot_minor);
935 1013
961 1039
962 if (ictx && octx) 1040 if (ictx && octx)
963 { 1041 {
964 vpndata_packet *p = (vpndata_packet *)pkt; 1042 vpndata_packet *p = (vpndata_packet *)pkt;
965 1043
966 if (rsi == si) 1044 if (!p->hmac_chk (ictx))
1045 slog (L_ERR, _("%s(%s): hmac authentication error, received invalid packet\n"
1046 "could be an attack, or just corruption or an synchronization error"),
1047 conf->nodename, (const char *)rsi);
1048 else
967 { 1049 {
968 if (!p->hmac_chk (ictx))
969 slog (L_ERR, _("%s(%s): hmac authentication error, received invalid packet\n"
970 "could be an attack, or just corruption or an synchronization error"),
971 conf->nodename, (const char *)rsi);
972 else 1050 u32 seqno;
1051 tap_packet *d = p->unpack (this, seqno);
1052
1053 if (iseqno.recv_ok (seqno))
973 { 1054 {
974 u32 seqno; 1055 vpn->tap->send (d);
975 tap_packet *d = p->unpack (this, seqno);
976 1056
977 if (iseqno.recv_ok (seqno)) 1057 if (p->dst () == 0) // re-broadcast
1058 for (vpn::conns_vector::iterator i = vpn->conns.begin (); i != vpn->conns.end (); ++i)
1059 {
1060 connection *c = *i;
1061
1062 if (c->conf != THISNODE && c->conf != conf)
1063 c->inject_data_packet (d);
1064 }
1065
1066 if (si != rsi)
978 { 1067 {
979 vpn->tap->send (d); 1068 // fast re-sync on connection changes, useful especially for tcp/ip
980
981 if (p->dst () == 0) // re-broadcast
982 for (vpn::conns_vector::iterator i = vpn->conns.begin (); i != vpn->conns.end (); ++i)
983 {
984 connection *c = *i;
985
986 if (c->conf != THISNODE && c->conf != conf)
987 c->inject_data_packet (d);
988 }
989
990 delete d;
991
992 break; 1069 si = rsi;
1070
1071 slog (L_INFO, _("%s(%s): socket address changed to %s"),
1072 conf->nodename, (const char *)si, (const char *)rsi);
993 } 1073 }
1074
1075 delete d;
1076
1077 break;
994 } 1078 }
995 } 1079 }
996 else
997 slog (L_ERR, _("received data packet from unknown source %s"), (const char *)rsi);
998 } 1080 }
999 1081
1000 send_reset (rsi); 1082 send_reset (rsi);
1001 break; 1083 break;
1002 1084
1017 // send connect_info packets to both sides, in case one is 1099 // send connect_info packets to both sides, in case one is
1018 // behind a nat firewall (or both ;) 1100 // behind a nat firewall (or both ;)
1019 c->send_connect_info (conf->id, si, conf->protocols); 1101 c->send_connect_info (conf->id, si, conf->protocols);
1020 send_connect_info (c->conf->id, c->si, c->conf->protocols); 1102 send_connect_info (c->conf->id, c->si, c->conf->protocols);
1021 } 1103 }
1104 else
1105 c->establish_connection ();
1022 } 1106 }
1023 1107
1024 break; 1108 break;
1025 1109
1026 case vpn_packet::PT_CONNECT_INFO: 1110 case vpn_packet::PT_CONNECT_INFO:
1066 || THISNODE->connectmode != conf_node::C_ONDEMAND) 1150 || THISNODE->connectmode != conf_node::C_ONDEMAND)
1067 { 1151 {
1068 send_ping (si); 1152 send_ping (si);
1069 w.at = NOW + 5; 1153 w.at = NOW + 5;
1070 } 1154 }
1155 else if (NOW < last_activity + ::conf.keepalive + 10)
1156 // hold ondemand connections implicitly a few seconds longer
1157 // should delete octx, though, or something like that ;)
1158 w.at = last_activity + ::conf.keepalive + 10;
1071 else 1159 else
1072 reset_connection (); 1160 reset_connection ();
1073} 1161}
1074 1162
1075void connection::connect_request (int id) 1163void connection::send_connect_request (int id)
1076{ 1164{
1077 connect_req_packet *p = new connect_req_packet (conf->id, id, conf->protocols); 1165 connect_req_packet *p = new connect_req_packet (conf->id, id, conf->protocols);
1078 1166
1079 slog (L_TRACE, ">>%d PT_CONNECT_REQ(%d)", conf->id, id); 1167 slog (L_TRACE, ">>%d PT_CONNECT_REQ(%d)", conf->id, id);
1080 p->hmac_set (octx); 1168 p->hmac_set (octx);
1081 vpn->send_vpn_packet (p, si); 1169 send_vpn_packet (p, si);
1082 1170
1083 delete p; 1171 delete p;
1084} 1172}
1085 1173
1086void connection::script_node () 1174void connection::script_node ()

Diff Legend

Removed lines
+ Added lines
< Changed lines
> Changed lines