ViewVC Help
View File | Revision Log | Show Annotations | Download File
/cvs/gvpe/src/connection.C
(Generate patch)

Comparing gvpe/src/connection.C (file contents):
Revision 1.56 by pcg, Fri Jun 3 05:07:31 2005 UTC vs.
Revision 1.57 by pcg, Thu Jul 7 14:41:51 2005 UTC

18 along with gvpe; if not, write to the Free Software 18 along with gvpe; if not, write to the Free Software
19 Foundation, Inc. 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA 19 Foundation, Inc. 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
20*/ 20*/
21 21
22#include "config.h" 22#include "config.h"
23
24#include <cassert>
25 23
26#include <list> 24#include <list>
27 25
28#include <openssl/rand.h> 26#include <openssl/rand.h>
29#include <openssl/evp.h> 27#include <openssl/evp.h>
1084 case vpn_packet::PT_CONNECT_REQ: 1082 case vpn_packet::PT_CONNECT_REQ:
1085 if (ictx && octx && rsi == si && pkt->hmac_chk (ictx)) 1083 if (ictx && octx && rsi == si && pkt->hmac_chk (ictx))
1086 { 1084 {
1087 connect_req_packet *p = (connect_req_packet *) pkt; 1085 connect_req_packet *p = (connect_req_packet *) pkt;
1088 1086
1089 assert (p->id > 0 && p->id <= vpn->conns.size ()); // hmac-auth does not mean we accept anything 1087 if (p->id > 0 && p->id <= vpn->conns.size ())
1090 connection *c = vpn->conns[p->id - 1];
1091 conf->protocols = p->protocols;
1092
1093 slog (L_TRACE, "<<%d PT_CONNECT_REQ(%d) [%d]\n",
1094 conf->id, p->id, c->ictx && c->octx);
1095
1096 if (c->ictx && c->octx)
1097 { 1088 {
1089 connection *c = vpn->conns[p->id - 1];
1090 conf->protocols = p->protocols;
1091
1092 slog (L_TRACE, "<<%d PT_CONNECT_REQ(%d) [%d]\n",
1093 conf->id, p->id, c->ictx && c->octx);
1094
1095 if (c->ictx && c->octx)
1096 {
1098 // send connect_info packets to both sides, in case one is 1097 // send connect_info packets to both sides, in case one is
1099 // behind a nat firewall (or both ;) 1098 // behind a nat firewall (or both ;)
1100 c->send_connect_info (conf->id, si, conf->protocols); 1099 c->send_connect_info (conf->id, si, conf->protocols);
1101 send_connect_info (c->conf->id, c->si, c->conf->protocols); 1100 send_connect_info (c->conf->id, c->si, c->conf->protocols);
1101 }
1102 else
1103 c->establish_connection ();
1102 } 1104 }
1103 else 1105 else
1104 c->establish_connection (); 1106 slog (L_WARN,
1107 _("received authenticated connection request from unknown node #%d, config file mismatch?"),
1108 p->id);
1105 } 1109 }
1106 1110
1107 break; 1111 break;
1108 1112
1109 case vpn_packet::PT_CONNECT_INFO: 1113 case vpn_packet::PT_CONNECT_INFO:
1110 if (ictx && octx && rsi == si && pkt->hmac_chk (ictx)) 1114 if (ictx && octx && rsi == si && pkt->hmac_chk (ictx))
1111 { 1115 {
1112 connect_info_packet *p = (connect_info_packet *)pkt; 1116 connect_info_packet *p = (connect_info_packet *)pkt;
1113 1117
1114 if (p->id > 0 && p->id <= vpn->conns.size ()) // hmac-auth does not mean we accept anything 1118 if (p->id > 0 && p->id <= vpn->conns.size ())
1115 { 1119 {
1116 connection *c = vpn->conns[p->id - 1]; 1120 connection *c = vpn->conns[p->id - 1];
1117 1121
1118 c->conf->protocols = p->protocols; 1122 c->conf->protocols = p->protocols;
1119 protocol = best_protocol (c->conf->protocols & THISNODE->protocols & p->si.supported_protocols (c->conf)); 1123 protocol = best_protocol (c->conf->protocols & THISNODE->protocols & p->si.supported_protocols (c->conf));
1125 const sockinfo &dsi = forward_si (p->si); 1129 const sockinfo &dsi = forward_si (p->si);
1126 1130
1127 if (dsi.valid ()) 1131 if (dsi.valid ())
1128 c->send_auth_request (dsi, true); 1132 c->send_auth_request (dsi, true);
1129 } 1133 }
1134 else
1135 slog (L_WARN,
1136 _("received authenticated connection request from unknown node #%d, config file mismatch?"),
1137 p->id);
1130 } 1138 }
1131 1139
1132 break; 1140 break;
1133 1141
1134 default: 1142 default:

Diff Legend

Removed lines
+ Added lines
< Changed lines
> Changed lines