--- gvpe/src/connection.C	2003/09/01 21:23:35	1.17
+++ gvpe/src/connection.C	2003/10/14 03:22:09	1.19
@@ -37,6 +37,23 @@
 #include "vpn.h"
 #include "connection.h"
 
+#include <sys/socket.h>
+#ifdef HAVE_NETINET_IN_H
+# include <netinet/in.h>
+#endif
+#include <arpa/inet.h>
+#include <net/if.h>
+#ifdef HAVE_NETINET_IN_SYSTM_H
+# include <netinet/in_systm.h>
+#endif
+#ifdef HAVE_NETINET_IP_H
+# include <netinet/ip.h>
+#endif
+
+#ifndef IPTOS_TOS_MASK
+# define IPTOS_TOS_MASK (IPTOS_LOWDELAY | IPTOS_THROUGHPUT | IPTOS_RELIABILITY | IPTOS_MINCOST)
+#endif
+
 #if !HAVE_RAND_PSEUDO_BYTES
 # define  RAND_pseudo_bytes RAND_bytes
 #endif
@@ -956,7 +973,7 @@
 
               if (!rsa_cache.find (p->id, chg))
                 {
-                  slog (L_ERR, _("%s(%s): unrequested auth response"),
+                  slog (L_ERR, _("%s(%s): unrequested auth response ignored"),
                         conf->nodename, (const char *)rsi);
                   break;
                 }
@@ -965,9 +982,12 @@
                   crypto_ctx *cctx = new crypto_ctx (chg, 0);
 
                   if (!p->hmac_chk (cctx))
-                    slog (L_ERR, _("%s(%s): hmac authentication error on auth response, received invalid packet\n"
-                                   "could be an attack, or just corruption or an synchronization error"),
-                          conf->nodename, (const char *)rsi);
+                    {
+                      slog (L_ERR, _("%s(%s): hmac authentication error on auth response, received invalid packet\n"
+                                     "could be an attack, or just corruption or an synchronization error"),
+                            conf->nodename, (const char *)rsi);
+                      break;
+                    }
                   else
                     {
                       rsaresponse h;