ViewVC Help
View File | Revision Log | Show Annotations | Download File
/cvs/gvpe/src/connection.C
(Generate patch)

Comparing gvpe/src/connection.C (file contents):
Revision 1.7 by pcg, Sat Apr 5 17:54:22 2003 UTC vs.
Revision 1.15 by pcg, Fri Aug 8 10:58:28 2003 UTC

147 } 147 }
148} 148}
149 149
150////////////////////////////////////////////////////////////////////////////// 150//////////////////////////////////////////////////////////////////////////////
151 151
152void pkt_queue::put (tap_packet *p) 152void pkt_queue::put (net_packet *p)
153{ 153{
154 if (queue[i]) 154 if (queue[i])
155 { 155 {
156 delete queue[i]; 156 delete queue[i];
157 j = (j + 1) % QUEUEDEPTH; 157 j = (j + 1) % QUEUEDEPTH;
160 queue[i] = p; 160 queue[i] = p;
161 161
162 i = (i + 1) % QUEUEDEPTH; 162 i = (i + 1) % QUEUEDEPTH;
163} 163}
164 164
165tap_packet *pkt_queue::get () 165net_packet *pkt_queue::get ()
166{ 166{
167 tap_packet *p = queue[j]; 167 net_packet *p = queue[j];
168 168
169 if (p) 169 if (p)
170 { 170 {
171 queue[j] = 0; 171 queue[j] = 0;
172 j = (j + 1) % QUEUEDEPTH; 172 j = (j + 1) % QUEUEDEPTH;
197// only do action once every x seconds per host whole allowing bursts. 197// only do action once every x seconds per host whole allowing bursts.
198// this implementation ("splay list" ;) is inefficient, 198// this implementation ("splay list" ;) is inefficient,
199// but low on resources. 199// but low on resources.
200struct net_rate_limiter : list<net_rateinfo> 200struct net_rate_limiter : list<net_rateinfo>
201{ 201{
202 static const double ALPHA = 1. - 1. / 90.; // allow bursts 202 static const double ALPHA = 1. - 1. / 180.; // allow bursts
203 static const double CUTOFF = 20.; // one event every CUTOFF seconds 203 static const double CUTOFF = 10.; // one event every CUTOFF seconds
204 static const double EXPIRE = CUTOFF * 30.; // expire entries after this time 204 static const double EXPIRE = CUTOFF * 30.; // expire entries after this time
205 static const double MAXDIF = CUTOFF * (1. / (1. - ALPHA)); // maximum diff /count value
205 206
206 bool can (const sockinfo &si) { return can((u32)si.host); } 207 bool can (const sockinfo &si) { return can((u32)si.host); }
207 bool can (u32 host); 208 bool can (u32 host);
208}; 209};
209 210
225 { 226 {
226 net_rateinfo ri; 227 net_rateinfo ri;
227 228
228 ri.host = host; 229 ri.host = host;
229 ri.pcnt = 1.; 230 ri.pcnt = 1.;
230 ri.diff = CUTOFF * (1. / (1. - ALPHA)); 231 ri.diff = MAXDIF;
231 ri.last = NOW; 232 ri.last = NOW;
232 233
233 push_front (ri); 234 push_front (ri);
234 235
235 return true; 236 return true;
242 ri.pcnt = ri.pcnt * ALPHA; 243 ri.pcnt = ri.pcnt * ALPHA;
243 ri.diff = ri.diff * ALPHA + (NOW - ri.last); 244 ri.diff = ri.diff * ALPHA + (NOW - ri.last);
244 245
245 ri.last = NOW; 246 ri.last = NOW;
246 247
248 double dif = ri.diff / ri.pcnt;
249
247 bool send = ri.diff / ri.pcnt > CUTOFF; 250 bool send = dif > CUTOFF;
248 251
252 if (dif > MAXDIF)
253 {
254 ri.pcnt = 1.;
255 ri.diff = MAXDIF;
256 }
249 if (send) 257 else if (send)
250 ri.pcnt++; 258 ri.pcnt++;
251 259
252 push_front (ri); 260 push_front (ri);
253 261
254 return send; 262 return send;
467 set_hdr (type, dst); 475 set_hdr (type, dst);
468} 476}
469 477
470bool config_packet::chk_config () const 478bool config_packet::chk_config () const
471{ 479{
472 return prot_major == PROTOCOL_MAJOR 480 if (prot_major != PROTOCOL_MAJOR)
473 && randsize == RAND_SIZE 481 slog (L_WARN, _("major version mismatch (%d <=> %d)"), prot_major, PROTOCOL_MAJOR);
474 && hmaclen == HMACLENGTH 482 else if (randsize != RAND_SIZE)
475 && flags == curflags () 483 slog (L_WARN, _("rand size mismatch (%d <=> %d)"), randsize, RAND_SIZE);
484 else if (hmaclen != HMACLENGTH)
485 slog (L_WARN, _("hmac length mismatch (%d <=> %d)"), hmaclen, HMACLENGTH);
486 else if (flags != curflags ())
487 slog (L_WARN, _("flag mismatch (%x <=> %x)"), flags, curflags ());
476 && challengelen == sizeof (rsachallenge) 488 else if (challengelen != sizeof (rsachallenge))
489 slog (L_WARN, _("challenge length mismatch (%d <=> %d)"), challengelen, sizeof (rsachallenge));
477 && cipher_nid == htonl (EVP_CIPHER_nid (CIPHER)) 490 else if (cipher_nid != htonl (EVP_CIPHER_nid (CIPHER)))
491 slog (L_WARN, _("cipher mismatch (%x <=> %x)"), ntohl (cipher_nid), EVP_CIPHER_nid (CIPHER));
478 && digest_nid == htonl (EVP_MD_type (RSA_HASH)) 492 else if (digest_nid != htonl (EVP_MD_type (RSA_HASH)))
493 slog (L_WARN, _("digest mismatch (%x <=> %x)"), ntohl (digest_nid), EVP_MD_type (RSA_HASH));
479 && hmac_nid == htonl (EVP_MD_type (DIGEST)); 494 else if (hmac_nid != htonl (EVP_MD_type (DIGEST)))
495 slog (L_WARN, _("hmac mismatch (%x <=> %x)"), ntohl (hmac_nid), EVP_MD_type (DIGEST));
496 else
497 return true;
498
499 return false;
480} 500}
481 501
482struct auth_req_packet : config_packet 502struct auth_req_packet : config_packet
483{ 503{
484 char magic[8]; 504 char magic[8];
546}; 566};
547 567
548///////////////////////////////////////////////////////////////////////////// 568/////////////////////////////////////////////////////////////////////////////
549 569
550void 570void
571connection::connection_established ()
572{
573 if (ictx && octx)
574 {
575 connectmode = conf->connectmode;
576
577 rekey.start (NOW + ::conf.rekey);
578 keepalive.start (NOW + ::conf.keepalive);
579
580 // send queued packets
581 if (ictx && octx)
582 {
583 while (tap_packet *p = (tap_packet *)data_queue.get ())
584 {
585 send_data_packet (p);
586 delete p;
587 }
588
589 while (vpn_packet *p = (vpn_packet *)vpn_queue.get ())
590 {
591 send_vpn_packet (p, si, IPTOS_RELIABILITY);
592 delete p;
593 }
594 }
595 }
596 else
597 {
598 retry_cnt = 0;
599 establish_connection.start (NOW + 5);
600 keepalive.reset ();
601 rekey.reset ();
602 }
603}
604
605void
551connection::reset_dstaddr () 606connection::reset_si ()
552{ 607{
553 protocol = best_protocol (THISNODE->protocols & conf->protocols); 608 protocol = best_protocol (THISNODE->protocols & conf->protocols);
554 609
555 // mask out protocols we cannot establish 610 // mask out protocols we cannot establish
556 if (!conf->udp_port) protocol &= ~PROT_UDPv4; 611 if (!conf->udp_port) protocol &= ~PROT_UDPv4;
557 if (!conf->tcp_port) protocol &= ~PROT_TCPv4; 612 if (!conf->tcp_port) protocol &= ~PROT_TCPv4;
558 613
559 si.set (conf, protocol); 614 si.set (conf, protocol);
560} 615}
561 616
617// ensure sockinfo is valid, forward if necessary
618const sockinfo &
619connection::forward_si (const sockinfo &si) const
620{
621 if (!si.valid ())
622 {
623 connection *r = vpn->find_router ();
624
625 if (r)
626 {
627 slog (L_DEBUG, _("%s: no common protocol, trying indirectly through %s"),
628 conf->nodename, r->conf->nodename);
629 return r->si;
630 }
631 else
632 slog (L_DEBUG, _("%s: node unreachable, no common protocol"),
633 conf->nodename);
634 }
635
636 return si;
637}
638
639void
640connection::send_vpn_packet (vpn_packet *pkt, const sockinfo &si, int tos)
641{
642 if (!vpn->send_vpn_packet (pkt, si, tos))
643 reset_connection ();
644}
645
562void 646void
563connection::send_ping (const sockinfo &si, u8 pong) 647connection::send_ping (const sockinfo &si, u8 pong)
564{ 648{
565 ping_packet *pkt = new ping_packet; 649 ping_packet *pkt = new ping_packet;
566 650
567 pkt->setup (conf->id, pong ? ping_packet::PT_PONG : ping_packet::PT_PING); 651 pkt->setup (conf->id, pong ? ping_packet::PT_PONG : ping_packet::PT_PING);
568 vpn->send_vpn_packet (pkt, si, IPTOS_LOWDELAY); 652 send_vpn_packet (pkt, si, IPTOS_LOWDELAY);
569 653
570 delete pkt; 654 delete pkt;
571} 655}
572 656
573void 657void
576 if (reset_rate_limiter.can (si) && connectmode != conf_node::C_DISABLED) 660 if (reset_rate_limiter.can (si) && connectmode != conf_node::C_DISABLED)
577 { 661 {
578 config_packet *pkt = new config_packet; 662 config_packet *pkt = new config_packet;
579 663
580 pkt->setup (vpn_packet::PT_RESET, conf->id); 664 pkt->setup (vpn_packet::PT_RESET, conf->id);
581 vpn->send_vpn_packet (pkt, si, IPTOS_MINCOST); 665 send_vpn_packet (pkt, si, IPTOS_MINCOST);
582 666
583 delete pkt; 667 delete pkt;
584 } 668 }
585} 669}
586 670
598 conf->rsa_key, RSA_PKCS1_OAEP_PADDING)) 682 conf->rsa_key, RSA_PKCS1_OAEP_PADDING))
599 fatal ("RSA_public_encrypt error"); 683 fatal ("RSA_public_encrypt error");
600 684
601 slog (L_TRACE, ">>%d PT_AUTH_REQ [%s]", conf->id, (const char *)si); 685 slog (L_TRACE, ">>%d PT_AUTH_REQ [%s]", conf->id, (const char *)si);
602 686
603 vpn->send_vpn_packet (pkt, si, IPTOS_RELIABILITY); // rsa is very very costly 687 send_vpn_packet (pkt, si, IPTOS_RELIABILITY | IPTOS_LOWDELAY); // rsa is very very costly
604 688
605 delete pkt; 689 delete pkt;
606} 690}
607 691
608void 692void
616 700
617 pkt->hmac_set (octx); 701 pkt->hmac_set (octx);
618 702
619 slog (L_TRACE, ">>%d PT_AUTH_RES [%s]", conf->id, (const char *)si); 703 slog (L_TRACE, ">>%d PT_AUTH_RES [%s]", conf->id, (const char *)si);
620 704
621 vpn->send_vpn_packet (pkt, si, IPTOS_RELIABILITY); // rsa is very very costly 705 send_vpn_packet (pkt, si, IPTOS_RELIABILITY); // rsa is very very costly
622 706
623 delete pkt; 707 delete pkt;
624} 708}
625 709
626void 710void
630 conf->id, rid, (const char *)rsi); 714 conf->id, rid, (const char *)rsi);
631 715
632 connect_info_packet *r = new connect_info_packet (conf->id, rid, rsi, rprotocols); 716 connect_info_packet *r = new connect_info_packet (conf->id, rid, rsi, rprotocols);
633 717
634 r->hmac_set (octx); 718 r->hmac_set (octx);
635 vpn->send_vpn_packet (r, si); 719 send_vpn_packet (r, si);
636 720
637 delete r; 721 delete r;
638} 722}
639 723
640void 724void
651 if (retry_int < 3600 * 8) 735 if (retry_int < 3600 * 8)
652 retry_cnt++; 736 retry_cnt++;
653 737
654 w.at = NOW + retry_int; 738 w.at = NOW + retry_int;
655 739
656 if (conf->hostname) 740 reset_si ();
741
742 if (si.prot && !si.host)
743 vpn->send_connect_request (conf->id);
744 else
657 { 745 {
658 reset_dstaddr (); 746 const sockinfo &dsi = forward_si (si);
659 747
660 if (si.valid () && auth_rate_limiter.can (si)) 748 if (dsi.valid () && auth_rate_limiter.can (dsi))
661 { 749 {
662 if (retry_cnt < 4) 750 if (retry_cnt < 4)
663 send_auth_request (si, true); 751 send_auth_request (dsi, true);
664 else 752 else
665 send_ping (si, 0); 753 send_ping (dsi, 0);
666 } 754 }
667 } 755 }
668 else
669 vpn->connect_request (conf->id);
670 } 756 }
671} 757}
672 758
673void 759void
674connection::reset_connection () 760connection::reset_connection ()
717connection::send_data_packet (tap_packet *pkt, bool broadcast) 803connection::send_data_packet (tap_packet *pkt, bool broadcast)
718{ 804{
719 vpndata_packet *p = new vpndata_packet; 805 vpndata_packet *p = new vpndata_packet;
720 int tos = 0; 806 int tos = 0;
721 807
808 // I am not hilarious about peeking into packets, but so be it.
722 if (conf->inherit_tos 809 if (conf->inherit_tos
723 && (*pkt)[12] == 0x08 && (*pkt)[13] == 0x00 // IP 810 && (*pkt)[12] == 0x08 && (*pkt)[13] == 0x00 // IP
724 && ((*pkt)[14] & 0xf0) == 0x40) // IPv4 811 && ((*pkt)[14] & 0xf0) == 0x40) // IPv4
725 tos = (*pkt)[15] & IPTOS_TOS_MASK; 812 tos = (*pkt)[15] & IPTOS_TOS_MASK;
726 813
727 p->setup (this, broadcast ? 0 : conf->id, &((*pkt)[6 + 6]), pkt->len - 6 - 6, ++oseqno); // skip 2 macs 814 p->setup (this, broadcast ? 0 : conf->id, &((*pkt)[6 + 6]), pkt->len - 6 - 6, ++oseqno); // skip 2 macs
728 vpn->send_vpn_packet (p, si, tos); 815 send_vpn_packet (p, si, tos);
729 816
730 delete p; 817 delete p;
731 818
732 if (oseqno > MAX_SEQNO) 819 if (oseqno > MAX_SEQNO)
733 rekey (); 820 rekey ();
739 if (ictx && octx) 826 if (ictx && octx)
740 send_data_packet (pkt, broadcast); 827 send_data_packet (pkt, broadcast);
741 else 828 else
742 { 829 {
743 if (!broadcast)//DDDD 830 if (!broadcast)//DDDD
744 queue.put (new tap_packet (*pkt)); 831 data_queue.put (new tap_packet (*pkt));
832
833 establish_connection ();
834 }
835}
836
837void connection::inject_vpn_packet (vpn_packet *pkt, int tos)
838{
839 if (ictx && octx)
840 send_vpn_packet (pkt, si, tos);
841 else
842 {
843 vpn_queue.put (new vpn_packet (*pkt));
745 844
746 establish_connection (); 845 establish_connection ();
747 } 846 }
748} 847}
749 848
815 ::conf.rsa_key, RSA_PKCS1_OAEP_PADDING)) 914 ::conf.rsa_key, RSA_PKCS1_OAEP_PADDING))
816 slog (L_ERR, _("%s(%s): challenge illegal or corrupted"), 915 slog (L_ERR, _("%s(%s): challenge illegal or corrupted"),
817 conf->nodename, (const char *)rsi); 916 conf->nodename, (const char *)rsi);
818 else 917 else
819 { 918 {
820 retry_cnt = 0;
821 establish_connection.start (NOW + 8); //? ;)
822 keepalive.reset ();
823 rekey.reset ();
824
825 delete ictx;
826 ictx = 0;
827
828 delete octx; 919 delete octx;
829 920
830 octx = new crypto_ctx (k, 1); 921 octx = new crypto_ctx (k, 1);
831 oseqno = ntohl (*(u32 *)&k[CHG_SEQNO]) & 0x7fffffff; 922 oseqno = ntohl (*(u32 *)&k[CHG_SEQNO]) & 0x7fffffff;
832 923
833 conf->protocols = p->protocols; 924 conf->protocols = p->protocols;
925
834 send_auth_response (rsi, p->id, k); 926 send_auth_response (rsi, p->id, k);
927
928 connection_established ();
835 929
836 break; 930 break;
837 } 931 }
838 } 932 }
933 else
934 slog (L_WARN, _("%s(%s): protocol mismatch"),
935 conf->nodename, (const char *)rsi);
839 936
840 send_reset (rsi); 937 send_reset (rsi);
841 } 938 }
842 939
843 break; 940 break;
856 PROTOCOL_MINOR, conf->nodename, p->prot_minor); 953 PROTOCOL_MINOR, conf->nodename, p->prot_minor);
857 954
858 rsachallenge chg; 955 rsachallenge chg;
859 956
860 if (!rsa_cache.find (p->id, chg)) 957 if (!rsa_cache.find (p->id, chg))
958 {
861 slog (L_ERR, _("%s(%s): unrequested auth response"), 959 slog (L_ERR, _("%s(%s): unrequested auth response"),
862 conf->nodename, (const char *)rsi); 960 conf->nodename, (const char *)rsi);
961 break;
962 }
863 else 963 else
864 { 964 {
865 crypto_ctx *cctx = new crypto_ctx (chg, 0); 965 crypto_ctx *cctx = new crypto_ctx (chg, 0);
866 966
867 if (!p->hmac_chk (cctx)) 967 if (!p->hmac_chk (cctx))
883 iseqno.reset (ntohl (*(u32 *)&chg[CHG_SEQNO]) & 0x7fffffff); // at least 2**31 sequence numbers are valid 983 iseqno.reset (ntohl (*(u32 *)&chg[CHG_SEQNO]) & 0x7fffffff); // at least 2**31 sequence numbers are valid
884 984
885 si = rsi; 985 si = rsi;
886 protocol = rsi.prot; 986 protocol = rsi.prot;
887 987
888 rekey.start (NOW + ::conf.rekey); 988 connection_established ();
889 keepalive.start (NOW + ::conf.keepalive);
890
891 // send queued packets
892 while (tap_packet *p = queue.get ())
893 {
894 send_data_packet (p);
895 delete p;
896 }
897
898 connectmode = conf->connectmode;
899 989
900 slog (L_INFO, _("%s(%s): connection established, protocol version %d.%d"), 990 slog (L_INFO, _("%s(%s): connection established, protocol version %d.%d"),
901 conf->nodename, (const char *)rsi, 991 conf->nodename, (const char *)rsi,
902 p->prot_major, p->prot_minor); 992 p->prot_major, p->prot_minor);
903 993
929 1019
930 if (ictx && octx) 1020 if (ictx && octx)
931 { 1021 {
932 vpndata_packet *p = (vpndata_packet *)pkt; 1022 vpndata_packet *p = (vpndata_packet *)pkt;
933 1023
934 if (rsi == si) 1024 if (!p->hmac_chk (ictx))
1025 slog (L_ERR, _("%s(%s): hmac authentication error, received invalid packet\n"
1026 "could be an attack, or just corruption or an synchronization error"),
1027 conf->nodename, (const char *)rsi);
1028 else
935 { 1029 {
936 if (!p->hmac_chk (ictx))
937 slog (L_ERR, _("%s(%s): hmac authentication error, received invalid packet\n"
938 "could be an attack, or just corruption or an synchronization error"),
939 conf->nodename, (const char *)rsi);
940 else 1030 u32 seqno;
1031 tap_packet *d = p->unpack (this, seqno);
1032
1033 if (iseqno.recv_ok (seqno))
941 { 1034 {
942 u32 seqno; 1035 vpn->tap->send (d);
943 tap_packet *d = p->unpack (this, seqno);
944 1036
945 if (iseqno.recv_ok (seqno)) 1037 if (p->dst () == 0) // re-broadcast
1038 for (vpn::conns_vector::iterator i = vpn->conns.begin (); i != vpn->conns.end (); ++i)
1039 {
1040 connection *c = *i;
1041
1042 if (c->conf != THISNODE && c->conf != conf)
1043 c->inject_data_packet (d);
1044 }
1045
1046 if (si != rsi)
946 { 1047 {
947 vpn->tap->send (d); 1048 // fast re-sync on connection changes, useful especially for tcp/ip
948
949 if (p->dst () == 0) // re-broadcast
950 for (vpn::conns_vector::iterator i = vpn->conns.begin (); i != vpn->conns.end (); ++i)
951 {
952 connection *c = *i;
953
954 if (c->conf != THISNODE && c->conf != conf)
955 c->inject_data_packet (d);
956 }
957
958 delete d;
959
960 break; 1049 si = rsi;
1050
1051 slog (L_INFO, _("%s(%s): socket address changed to %s"),
1052 conf->nodename, (const char *)si, (const char *)rsi);
961 } 1053 }
1054
1055 delete d;
1056
1057 break;
962 } 1058 }
963 } 1059 }
964 else
965 slog (L_ERR, _("received data packet from unknown source %s"), (const char *)rsi);
966 } 1060 }
967 1061
968 send_reset (rsi); 1062 send_reset (rsi);
969 break; 1063 break;
970 1064
985 // send connect_info packets to both sides, in case one is 1079 // send connect_info packets to both sides, in case one is
986 // behind a nat firewall (or both ;) 1080 // behind a nat firewall (or both ;)
987 c->send_connect_info (conf->id, si, conf->protocols); 1081 c->send_connect_info (conf->id, si, conf->protocols);
988 send_connect_info (c->conf->id, c->si, c->conf->protocols); 1082 send_connect_info (c->conf->id, c->si, c->conf->protocols);
989 } 1083 }
1084 else
1085 c->establish_connection ();
990 } 1086 }
991 1087
992 break; 1088 break;
993 1089
994 case vpn_packet::PT_CONNECT_INFO: 1090 case vpn_packet::PT_CONNECT_INFO:
1004 protocol = best_protocol (c->conf->protocols & THISNODE->protocols & p->si.supported_protocols (c->conf)); 1100 protocol = best_protocol (c->conf->protocols & THISNODE->protocols & p->si.supported_protocols (c->conf));
1005 p->si.upgrade_protocol (protocol, c->conf); 1101 p->si.upgrade_protocol (protocol, c->conf);
1006 1102
1007 slog (L_TRACE, "<<%d PT_CONNECT_INFO(%d,%s) (%d)", 1103 slog (L_TRACE, "<<%d PT_CONNECT_INFO(%d,%s) (%d)",
1008 conf->id, p->id, (const char *)p->si, !c->ictx && !c->octx); 1104 conf->id, p->id, (const char *)p->si, !c->ictx && !c->octx);
1009 //slog (L_ERR, "%d PROTOCL(C%x,T%x,0S%x,S%x,P%x,SP%x)",
1010 // p->id, c->conf->protocols, THISNODE->protocols, p->si.supported_protocols(0), p->si.supported_protocols (c->conf),
1011 // protocol, p->si.prot);
1012 1105
1106 const sockinfo &dsi = forward_si (p->si);
1107
1108 if (dsi.valid ())
1013 c->send_auth_request (p->si, true); 1109 c->send_auth_request (dsi, true);
1014 } 1110 }
1015 1111
1016 break; 1112 break;
1017 1113
1018 default: 1114 default:
1034 || THISNODE->connectmode != conf_node::C_ONDEMAND) 1130 || THISNODE->connectmode != conf_node::C_ONDEMAND)
1035 { 1131 {
1036 send_ping (si); 1132 send_ping (si);
1037 w.at = NOW + 5; 1133 w.at = NOW + 5;
1038 } 1134 }
1135 else if (NOW < last_activity + ::conf.keepalive + 10)
1136 // hold ondemand connections implicitly a few seconds longer
1137 // should delete octx, though, or something like that ;)
1138 w.at = last_activity + ::conf.keepalive + 10;
1039 else 1139 else
1040 reset_connection (); 1140 reset_connection ();
1041} 1141}
1042 1142
1043void connection::connect_request (int id) 1143void connection::send_connect_request (int id)
1044{ 1144{
1045 connect_req_packet *p = new connect_req_packet (conf->id, id, conf->protocols); 1145 connect_req_packet *p = new connect_req_packet (conf->id, id, conf->protocols);
1046 1146
1047 slog (L_TRACE, ">>%d PT_CONNECT_REQ(%d)", conf->id, id); 1147 slog (L_TRACE, ">>%d PT_CONNECT_REQ(%d)", conf->id, id);
1048 p->hmac_set (octx); 1148 p->hmac_set (octx);
1049 vpn->send_vpn_packet (p, si); 1149 send_vpn_packet (p, si);
1050 1150
1051 delete p; 1151 delete p;
1052} 1152}
1053 1153
1054void connection::script_node () 1154void connection::script_node ()

Diff Legend

Removed lines
+ Added lines
< Changed lines
> Changed lines