ViewVC Help
View File | Revision Log | Show Annotations | Download File
/cvs/gvpe/src/connection.C
(Generate patch)

Comparing gvpe/src/connection.C (file contents):
Revision 1.8 by pcg, Sun Apr 6 04:17:36 2003 UTC vs.
Revision 1.19 by pcg, Tue Oct 14 03:22:09 2003 UTC

35#include "slog.h" 35#include "slog.h"
36#include "device.h" 36#include "device.h"
37#include "vpn.h" 37#include "vpn.h"
38#include "connection.h" 38#include "connection.h"
39 39
40#include <sys/socket.h>
41#ifdef HAVE_NETINET_IN_H
42# include <netinet/in.h>
43#endif
44#include <arpa/inet.h>
45#include <net/if.h>
46#ifdef HAVE_NETINET_IN_SYSTM_H
47# include <netinet/in_systm.h>
48#endif
49#ifdef HAVE_NETINET_IP_H
50# include <netinet/ip.h>
51#endif
52
53#ifndef IPTOS_TOS_MASK
54# define IPTOS_TOS_MASK (IPTOS_LOWDELAY | IPTOS_THROUGHPUT | IPTOS_RELIABILITY | IPTOS_MINCOST)
55#endif
56
40#if !HAVE_RAND_PSEUDO_BYTES 57#if !HAVE_RAND_PSEUDO_BYTES
41# define RAND_pseudo_bytes RAND_bytes 58# define RAND_pseudo_bytes RAND_bytes
42#endif 59#endif
43 60
44#define MAGIC "vped\xbd\xc6\xdb\x82" // 8 bytes of magic 61#define MAGIC "vped\xbd\xc6\xdb\x82" // 8 bytes of magic
147 } 164 }
148} 165}
149 166
150////////////////////////////////////////////////////////////////////////////// 167//////////////////////////////////////////////////////////////////////////////
151 168
152void pkt_queue::put (tap_packet *p) 169void pkt_queue::put (net_packet *p)
153{ 170{
154 if (queue[i]) 171 if (queue[i])
155 { 172 {
156 delete queue[i]; 173 delete queue[i];
157 j = (j + 1) % QUEUEDEPTH; 174 j = (j + 1) % QUEUEDEPTH;
160 queue[i] = p; 177 queue[i] = p;
161 178
162 i = (i + 1) % QUEUEDEPTH; 179 i = (i + 1) % QUEUEDEPTH;
163} 180}
164 181
165tap_packet *pkt_queue::get () 182net_packet *pkt_queue::get ()
166{ 183{
167 tap_packet *p = queue[j]; 184 net_packet *p = queue[j];
168 185
169 if (p) 186 if (p)
170 { 187 {
171 queue[j] = 0; 188 queue[j] = 0;
172 j = (j + 1) % QUEUEDEPTH; 189 j = (j + 1) % QUEUEDEPTH;
197// only do action once every x seconds per host whole allowing bursts. 214// only do action once every x seconds per host whole allowing bursts.
198// this implementation ("splay list" ;) is inefficient, 215// this implementation ("splay list" ;) is inefficient,
199// but low on resources. 216// but low on resources.
200struct net_rate_limiter : list<net_rateinfo> 217struct net_rate_limiter : list<net_rateinfo>
201{ 218{
202 static const double ALPHA = 1. - 1. / 90.; // allow bursts 219 static const double ALPHA = 1. - 1. / 600.; // allow bursts
203 static const double CUTOFF = 20.; // one event every CUTOFF seconds 220 static const double CUTOFF = 10.; // one event every CUTOFF seconds
204 static const double EXPIRE = CUTOFF * 30.; // expire entries after this time 221 static const double EXPIRE = CUTOFF * 30.; // expire entries after this time
222 static const double MAXDIF = CUTOFF * (1. / (1. - ALPHA)); // maximum diff /count value
205 223
206 bool can (const sockinfo &si) { return can((u32)si.host); } 224 bool can (const sockinfo &si) { return can((u32)si.host); }
207 bool can (u32 host); 225 bool can (u32 host);
208}; 226};
209 227
210net_rate_limiter auth_rate_limiter, reset_rate_limiter; 228net_rate_limiter auth_rate_limiter, reset_rate_limiter;
211 229
225 { 243 {
226 net_rateinfo ri; 244 net_rateinfo ri;
227 245
228 ri.host = host; 246 ri.host = host;
229 ri.pcnt = 1.; 247 ri.pcnt = 1.;
230 ri.diff = CUTOFF * (1. / (1. - ALPHA)); 248 ri.diff = MAXDIF;
231 ri.last = NOW; 249 ri.last = NOW;
232 250
233 push_front (ri); 251 push_front (ri);
234 252
235 return true; 253 return true;
242 ri.pcnt = ri.pcnt * ALPHA; 260 ri.pcnt = ri.pcnt * ALPHA;
243 ri.diff = ri.diff * ALPHA + (NOW - ri.last); 261 ri.diff = ri.diff * ALPHA + (NOW - ri.last);
244 262
245 ri.last = NOW; 263 ri.last = NOW;
246 264
265 double dif = ri.diff / ri.pcnt;
266
247 bool send = ri.diff / ri.pcnt > CUTOFF; 267 bool send = dif > CUTOFF;
248 268
269 if (dif > MAXDIF)
270 {
271 ri.pcnt = 1.;
272 ri.diff = MAXDIF;
273 }
249 if (send) 274 else if (send)
250 ri.pcnt++; 275 ri.pcnt++;
251 276
252 push_front (ri); 277 push_front (ri);
253 278
254 return send; 279 return send;
467 set_hdr (type, dst); 492 set_hdr (type, dst);
468} 493}
469 494
470bool config_packet::chk_config () const 495bool config_packet::chk_config () const
471{ 496{
472 return prot_major == PROTOCOL_MAJOR 497 if (prot_major != PROTOCOL_MAJOR)
473 && randsize == RAND_SIZE 498 slog (L_WARN, _("major version mismatch (%d <=> %d)"), prot_major, PROTOCOL_MAJOR);
474 && hmaclen == HMACLENGTH 499 else if (randsize != RAND_SIZE)
475 && flags == curflags () 500 slog (L_WARN, _("rand size mismatch (%d <=> %d)"), randsize, RAND_SIZE);
501 else if (hmaclen != HMACLENGTH)
502 slog (L_WARN, _("hmac length mismatch (%d <=> %d)"), hmaclen, HMACLENGTH);
503 else if (flags != curflags ())
504 slog (L_WARN, _("flag mismatch (%x <=> %x)"), flags, curflags ());
476 && challengelen == sizeof (rsachallenge) 505 else if (challengelen != sizeof (rsachallenge))
506 slog (L_WARN, _("challenge length mismatch (%d <=> %d)"), challengelen, sizeof (rsachallenge));
477 && cipher_nid == htonl (EVP_CIPHER_nid (CIPHER)) 507 else if (cipher_nid != htonl (EVP_CIPHER_nid (CIPHER)))
508 slog (L_WARN, _("cipher mismatch (%x <=> %x)"), ntohl (cipher_nid), EVP_CIPHER_nid (CIPHER));
478 && digest_nid == htonl (EVP_MD_type (RSA_HASH)) 509 else if (digest_nid != htonl (EVP_MD_type (RSA_HASH)))
510 slog (L_WARN, _("digest mismatch (%x <=> %x)"), ntohl (digest_nid), EVP_MD_type (RSA_HASH));
479 && hmac_nid == htonl (EVP_MD_type (DIGEST)); 511 else if (hmac_nid != htonl (EVP_MD_type (DIGEST)))
512 slog (L_WARN, _("hmac mismatch (%x <=> %x)"), ntohl (hmac_nid), EVP_MD_type (DIGEST));
513 else
514 return true;
515
516 return false;
480} 517}
481 518
482struct auth_req_packet : config_packet 519struct auth_req_packet : config_packet
483{ 520{
484 char magic[8]; 521 char magic[8];
544 len = sizeof (*this) - sizeof (net_packet); 581 len = sizeof (*this) - sizeof (net_packet);
545 } 582 }
546}; 583};
547 584
548///////////////////////////////////////////////////////////////////////////// 585/////////////////////////////////////////////////////////////////////////////
586
587void
588connection::connection_established ()
589{
590 if (ictx && octx)
591 {
592 connectmode = conf->connectmode;
593
594 rekey.start (NOW + ::conf.rekey);
595 keepalive.start (NOW + ::conf.keepalive);
596
597 // send queued packets
598 if (ictx && octx)
599 {
600 while (tap_packet *p = (tap_packet *)data_queue.get ())
601 {
602 send_data_packet (p);
603 delete p;
604 }
605
606 while (vpn_packet *p = (vpn_packet *)vpn_queue.get ())
607 {
608 send_vpn_packet (p, si, IPTOS_RELIABILITY);
609 delete p;
610 }
611 }
612 }
613 else
614 {
615 retry_cnt = 0;
616 establish_connection.start (NOW + 5);
617 keepalive.reset ();
618 rekey.reset ();
619 }
620}
549 621
550void 622void
551connection::reset_si () 623connection::reset_si ()
552{ 624{
553 protocol = best_protocol (THISNODE->protocols & conf->protocols); 625 protocol = best_protocol (THISNODE->protocols & conf->protocols);
580 652
581 return si; 653 return si;
582} 654}
583 655
584void 656void
657connection::send_vpn_packet (vpn_packet *pkt, const sockinfo &si, int tos)
658{
659 if (!vpn->send_vpn_packet (pkt, si, tos))
660 reset_connection ();
661}
662
663void
585connection::send_ping (const sockinfo &si, u8 pong) 664connection::send_ping (const sockinfo &si, u8 pong)
586{ 665{
587 ping_packet *pkt = new ping_packet; 666 ping_packet *pkt = new ping_packet;
588 667
589 pkt->setup (conf->id, pong ? ping_packet::PT_PONG : ping_packet::PT_PING); 668 pkt->setup (conf->id, pong ? ping_packet::PT_PONG : ping_packet::PT_PING);
590 vpn->send_vpn_packet (pkt, si, IPTOS_LOWDELAY); 669 send_vpn_packet (pkt, si, IPTOS_LOWDELAY);
591 670
592 delete pkt; 671 delete pkt;
593} 672}
594 673
595void 674void
598 if (reset_rate_limiter.can (si) && connectmode != conf_node::C_DISABLED) 677 if (reset_rate_limiter.can (si) && connectmode != conf_node::C_DISABLED)
599 { 678 {
600 config_packet *pkt = new config_packet; 679 config_packet *pkt = new config_packet;
601 680
602 pkt->setup (vpn_packet::PT_RESET, conf->id); 681 pkt->setup (vpn_packet::PT_RESET, conf->id);
603 vpn->send_vpn_packet (pkt, si, IPTOS_MINCOST); 682 send_vpn_packet (pkt, si, IPTOS_MINCOST);
604 683
605 delete pkt; 684 delete pkt;
606 } 685 }
607} 686}
608 687
620 conf->rsa_key, RSA_PKCS1_OAEP_PADDING)) 699 conf->rsa_key, RSA_PKCS1_OAEP_PADDING))
621 fatal ("RSA_public_encrypt error"); 700 fatal ("RSA_public_encrypt error");
622 701
623 slog (L_TRACE, ">>%d PT_AUTH_REQ [%s]", conf->id, (const char *)si); 702 slog (L_TRACE, ">>%d PT_AUTH_REQ [%s]", conf->id, (const char *)si);
624 703
625 vpn->send_vpn_packet (pkt, si, IPTOS_RELIABILITY | IPTOS_LOWDELAY); // rsa is very very costly 704 send_vpn_packet (pkt, si, IPTOS_RELIABILITY | IPTOS_LOWDELAY); // rsa is very very costly
626
627 705
628 delete pkt; 706 delete pkt;
629} 707}
630 708
631void 709void
639 717
640 pkt->hmac_set (octx); 718 pkt->hmac_set (octx);
641 719
642 slog (L_TRACE, ">>%d PT_AUTH_RES [%s]", conf->id, (const char *)si); 720 slog (L_TRACE, ">>%d PT_AUTH_RES [%s]", conf->id, (const char *)si);
643 721
644 vpn->send_vpn_packet (pkt, si, IPTOS_RELIABILITY); // rsa is very very costly 722 send_vpn_packet (pkt, si, IPTOS_RELIABILITY); // rsa is very very costly
645 723
646 delete pkt; 724 delete pkt;
647} 725}
648 726
649void 727void
653 conf->id, rid, (const char *)rsi); 731 conf->id, rid, (const char *)rsi);
654 732
655 connect_info_packet *r = new connect_info_packet (conf->id, rid, rsi, rprotocols); 733 connect_info_packet *r = new connect_info_packet (conf->id, rid, rsi, rprotocols);
656 734
657 r->hmac_set (octx); 735 r->hmac_set (octx);
658 vpn->send_vpn_packet (r, si); 736 send_vpn_packet (r, si);
659 737
660 delete r; 738 delete r;
661} 739}
662 740
663void 741void
677 w.at = NOW + retry_int; 755 w.at = NOW + retry_int;
678 756
679 reset_si (); 757 reset_si ();
680 758
681 if (si.prot && !si.host) 759 if (si.prot && !si.host)
682 vpn->connect_request (conf->id); 760 vpn->send_connect_request (conf->id);
683 else 761 else
684 { 762 {
685 const sockinfo &dsi = forward_si (si); 763 const sockinfo &dsi = forward_si (si);
686 764
687 if (dsi.valid () && auth_rate_limiter.can (dsi)) 765 if (dsi.valid () && auth_rate_limiter.can (dsi))
742connection::send_data_packet (tap_packet *pkt, bool broadcast) 820connection::send_data_packet (tap_packet *pkt, bool broadcast)
743{ 821{
744 vpndata_packet *p = new vpndata_packet; 822 vpndata_packet *p = new vpndata_packet;
745 int tos = 0; 823 int tos = 0;
746 824
825 // I am not hilarious about peeking into packets, but so be it.
747 if (conf->inherit_tos 826 if (conf->inherit_tos
748 && (*pkt)[12] == 0x08 && (*pkt)[13] == 0x00 // IP 827 && (*pkt)[12] == 0x08 && (*pkt)[13] == 0x00 // IP
749 && ((*pkt)[14] & 0xf0) == 0x40) // IPv4 828 && ((*pkt)[14] & 0xf0) == 0x40) // IPv4
750 tos = (*pkt)[15] & IPTOS_TOS_MASK; 829 tos = (*pkt)[15] & IPTOS_TOS_MASK;
751 830
752 p->setup (this, broadcast ? 0 : conf->id, &((*pkt)[6 + 6]), pkt->len - 6 - 6, ++oseqno); // skip 2 macs 831 p->setup (this, broadcast ? 0 : conf->id, &((*pkt)[6 + 6]), pkt->len - 6 - 6, ++oseqno); // skip 2 macs
753 vpn->send_vpn_packet (p, si, tos); 832 send_vpn_packet (p, si, tos);
754 833
755 delete p; 834 delete p;
756 835
757 if (oseqno > MAX_SEQNO) 836 if (oseqno > MAX_SEQNO)
758 rekey (); 837 rekey ();
764 if (ictx && octx) 843 if (ictx && octx)
765 send_data_packet (pkt, broadcast); 844 send_data_packet (pkt, broadcast);
766 else 845 else
767 { 846 {
768 if (!broadcast)//DDDD 847 if (!broadcast)//DDDD
769 queue.put (new tap_packet (*pkt)); 848 data_queue.put (new tap_packet (*pkt));
770 849
771 establish_connection (); 850 establish_connection ();
772 } 851 }
773} 852}
774 853
775void connection::inject_vpn_packet (vpn_packet *pkt, int tos) 854void connection::inject_vpn_packet (vpn_packet *pkt, int tos)
776{ 855{
777 if (ictx && octx) 856 if (ictx && octx)
778 vpn->send_vpn_packet (pkt, si, tos); 857 send_vpn_packet (pkt, si, tos);
779 else 858 else
859 {
860 vpn_queue.put (new vpn_packet (*pkt));
861
780 establish_connection (); 862 establish_connection ();
863 }
781} 864}
782 865
783void 866void
784connection::recv_vpn_packet (vpn_packet *pkt, const sockinfo &rsi) 867connection::recv_vpn_packet (vpn_packet *pkt, const sockinfo &rsi)
785{ 868{
844 rsachallenge k; 927 rsachallenge k;
845 928
846 if (0 > RSA_private_decrypt (sizeof (p->encr), 929 if (0 > RSA_private_decrypt (sizeof (p->encr),
847 (unsigned char *)&p->encr, (unsigned char *)&k, 930 (unsigned char *)&p->encr, (unsigned char *)&k,
848 ::conf.rsa_key, RSA_PKCS1_OAEP_PADDING)) 931 ::conf.rsa_key, RSA_PKCS1_OAEP_PADDING))
849 slog (L_ERR, _("%s(%s): challenge illegal or corrupted"), 932 slog (L_ERR, _("%s(%s): challenge illegal or corrupted (%s). mismatched key or config file?"),
850 conf->nodename, (const char *)rsi); 933 conf->nodename, (const char *)rsi, ERR_error_string (ERR_get_error (), 0));
851 else 934 else
852 { 935 {
853 retry_cnt = 0;
854 establish_connection.start (NOW + 8); //? ;)
855 keepalive.reset ();
856 rekey.reset ();
857
858 delete ictx;
859 ictx = 0;
860
861 delete octx; 936 delete octx;
862 937
863 octx = new crypto_ctx (k, 1); 938 octx = new crypto_ctx (k, 1);
864 oseqno = ntohl (*(u32 *)&k[CHG_SEQNO]) & 0x7fffffff; 939 oseqno = ntohl (*(u32 *)&k[CHG_SEQNO]) & 0x7fffffff;
865 940
866 conf->protocols = p->protocols; 941 conf->protocols = p->protocols;
942
867 send_auth_response (rsi, p->id, k); 943 send_auth_response (rsi, p->id, k);
944
945 connection_established ();
868 946
869 break; 947 break;
870 } 948 }
871 } 949 }
950 else
951 slog (L_WARN, _("%s(%s): protocol mismatch"),
952 conf->nodename, (const char *)rsi);
872 953
873 send_reset (rsi); 954 send_reset (rsi);
874 } 955 }
875 956
876 break; 957 break;
889 PROTOCOL_MINOR, conf->nodename, p->prot_minor); 970 PROTOCOL_MINOR, conf->nodename, p->prot_minor);
890 971
891 rsachallenge chg; 972 rsachallenge chg;
892 973
893 if (!rsa_cache.find (p->id, chg)) 974 if (!rsa_cache.find (p->id, chg))
975 {
894 slog (L_ERR, _("%s(%s): unrequested auth response"), 976 slog (L_ERR, _("%s(%s): unrequested auth response ignored"),
895 conf->nodename, (const char *)rsi); 977 conf->nodename, (const char *)rsi);
978 break;
979 }
896 else 980 else
897 { 981 {
898 crypto_ctx *cctx = new crypto_ctx (chg, 0); 982 crypto_ctx *cctx = new crypto_ctx (chg, 0);
899 983
900 if (!p->hmac_chk (cctx)) 984 if (!p->hmac_chk (cctx))
985 {
901 slog (L_ERR, _("%s(%s): hmac authentication error on auth response, received invalid packet\n" 986 slog (L_ERR, _("%s(%s): hmac authentication error on auth response, received invalid packet\n"
902 "could be an attack, or just corruption or an synchronization error"), 987 "could be an attack, or just corruption or an synchronization error"),
903 conf->nodename, (const char *)rsi); 988 conf->nodename, (const char *)rsi);
989 break;
990 }
904 else 991 else
905 { 992 {
906 rsaresponse h; 993 rsaresponse h;
907 994
908 rsa_hash (p->id, chg, h); 995 rsa_hash (p->id, chg, h);
916 iseqno.reset (ntohl (*(u32 *)&chg[CHG_SEQNO]) & 0x7fffffff); // at least 2**31 sequence numbers are valid 1003 iseqno.reset (ntohl (*(u32 *)&chg[CHG_SEQNO]) & 0x7fffffff); // at least 2**31 sequence numbers are valid
917 1004
918 si = rsi; 1005 si = rsi;
919 protocol = rsi.prot; 1006 protocol = rsi.prot;
920 1007
921 rekey.start (NOW + ::conf.rekey); 1008 connection_established ();
922 keepalive.start (NOW + ::conf.keepalive);
923
924 // send queued packets
925 while (tap_packet *p = queue.get ())
926 {
927 send_data_packet (p);
928 delete p;
929 }
930
931 connectmode = conf->connectmode;
932 1009
933 slog (L_INFO, _("%s(%s): connection established, protocol version %d.%d"), 1010 slog (L_INFO, _("%s(%s): connection established, protocol version %d.%d"),
934 conf->nodename, (const char *)rsi, 1011 conf->nodename, (const char *)rsi,
935 p->prot_major, p->prot_minor); 1012 p->prot_major, p->prot_minor);
936 1013
962 1039
963 if (ictx && octx) 1040 if (ictx && octx)
964 { 1041 {
965 vpndata_packet *p = (vpndata_packet *)pkt; 1042 vpndata_packet *p = (vpndata_packet *)pkt;
966 1043
967 if (rsi == si) 1044 if (!p->hmac_chk (ictx))
1045 slog (L_ERR, _("%s(%s): hmac authentication error, received invalid packet\n"
1046 "could be an attack, or just corruption or an synchronization error"),
1047 conf->nodename, (const char *)rsi);
1048 else
968 { 1049 {
969 if (!p->hmac_chk (ictx))
970 slog (L_ERR, _("%s(%s): hmac authentication error, received invalid packet\n"
971 "could be an attack, or just corruption or an synchronization error"),
972 conf->nodename, (const char *)rsi);
973 else 1050 u32 seqno;
1051 tap_packet *d = p->unpack (this, seqno);
1052
1053 if (iseqno.recv_ok (seqno))
974 { 1054 {
975 u32 seqno; 1055 vpn->tap->send (d);
976 tap_packet *d = p->unpack (this, seqno);
977 1056
978 if (iseqno.recv_ok (seqno)) 1057 if (p->dst () == 0) // re-broadcast
1058 for (vpn::conns_vector::iterator i = vpn->conns.begin (); i != vpn->conns.end (); ++i)
1059 {
1060 connection *c = *i;
1061
1062 if (c->conf != THISNODE && c->conf != conf)
1063 c->inject_data_packet (d);
1064 }
1065
1066 if (si != rsi)
979 { 1067 {
980 vpn->tap->send (d); 1068 // fast re-sync on connection changes, useful especially for tcp/ip
981
982 if (p->dst () == 0) // re-broadcast
983 for (vpn::conns_vector::iterator i = vpn->conns.begin (); i != vpn->conns.end (); ++i)
984 {
985 connection *c = *i;
986
987 if (c->conf != THISNODE && c->conf != conf)
988 c->inject_data_packet (d);
989 }
990
991 delete d;
992
993 break; 1069 si = rsi;
1070
1071 slog (L_INFO, _("%s(%s): socket address changed to %s"),
1072 conf->nodename, (const char *)si, (const char *)rsi);
994 } 1073 }
1074
1075 delete d;
1076
1077 break;
995 } 1078 }
996 } 1079 }
997 else
998 slog (L_ERR, _("received data packet from unknown source %s"), (const char *)rsi);
999 } 1080 }
1000 1081
1001 send_reset (rsi); 1082 send_reset (rsi);
1002 break; 1083 break;
1003 1084
1018 // send connect_info packets to both sides, in case one is 1099 // send connect_info packets to both sides, in case one is
1019 // behind a nat firewall (or both ;) 1100 // behind a nat firewall (or both ;)
1020 c->send_connect_info (conf->id, si, conf->protocols); 1101 c->send_connect_info (conf->id, si, conf->protocols);
1021 send_connect_info (c->conf->id, c->si, c->conf->protocols); 1102 send_connect_info (c->conf->id, c->si, c->conf->protocols);
1022 } 1103 }
1104 else
1105 c->establish_connection ();
1023 } 1106 }
1024 1107
1025 break; 1108 break;
1026 1109
1027 case vpn_packet::PT_CONNECT_INFO: 1110 case vpn_packet::PT_CONNECT_INFO:
1067 || THISNODE->connectmode != conf_node::C_ONDEMAND) 1150 || THISNODE->connectmode != conf_node::C_ONDEMAND)
1068 { 1151 {
1069 send_ping (si); 1152 send_ping (si);
1070 w.at = NOW + 5; 1153 w.at = NOW + 5;
1071 } 1154 }
1155 else if (NOW < last_activity + ::conf.keepalive + 10)
1156 // hold ondemand connections implicitly a few seconds longer
1157 // should delete octx, though, or something like that ;)
1158 w.at = last_activity + ::conf.keepalive + 10;
1072 else 1159 else
1073 reset_connection (); 1160 reset_connection ();
1074} 1161}
1075 1162
1076void connection::connect_request (int id) 1163void connection::send_connect_request (int id)
1077{ 1164{
1078 connect_req_packet *p = new connect_req_packet (conf->id, id, conf->protocols); 1165 connect_req_packet *p = new connect_req_packet (conf->id, id, conf->protocols);
1079 1166
1080 slog (L_TRACE, ">>%d PT_CONNECT_REQ(%d)", conf->id, id); 1167 slog (L_TRACE, ">>%d PT_CONNECT_REQ(%d)", conf->id, id);
1081 p->hmac_set (octx); 1168 p->hmac_set (octx);
1082 vpn->send_vpn_packet (p, si); 1169 send_vpn_packet (p, si);
1083 1170
1084 delete p; 1171 delete p;
1085} 1172}
1086 1173
1087void connection::script_node () 1174void connection::script_node ()

Diff Legend

Removed lines
+ Added lines
< Changed lines
> Changed lines