--- gvpe/src/connection.h	2013/07/16 16:44:36	1.37
+++ gvpe/src/connection.h	2016/06/30 11:43:38	1.43
@@ -1,6 +1,6 @@
 /*
     connection.h -- header for connection.C
-    Copyright (C) 2003-2008,2013 Marc Lehmann <gvpe@schmorp.de>
+    Copyright (C) 2003-2008,2013,2016 Marc Lehmann <gvpe@schmorp.de>
  
     This file is part of GVPE.
 
@@ -40,6 +40,7 @@
 #include "util.h"
 #include "device.h"
 #include "curve25519.h"
+#include "iv_gen.h"
 
 struct vpn;
 
@@ -50,21 +51,17 @@
 
 struct rsa_data
 {
-  u32 seqno;
-  u8 auth_key[AUTH_SIZE];
-  u8 mac_key[MAC_KEYSIZE]; // used to generate hmac key
-  u8 cipher_key[CIPHER_KEYSIZE]; // used to generate cipher key
-  u8 hkdf_salt[HKDF_SALT]; // used as hkdf salt
-  u8 ikm[IKM_SIZE]; // used as additional keying material for both sides
-  u8 pad[
+  u32 seqno;                     // (ictx) initial sequence nr (31 bits)
+  u8 mac_key[MAC_IKMSIZE];       // (ictx) used to generate hmac key
+  u8 cipher_key[CIPHER_IKMSIZE]; // (ictx) used to generate cipher key
+  u8 hkdf_salt[HKDF_SALT];       // (octx) used as hkdf salt
+  u8 extra_auth[                 // (ictx) additional auth randomness
     (RSABITS >> 3)
-    - 41 // OAEP
+    - RSA_OAEP_SIZE
     - sizeof (u32) // seqno
-    - AUTH_SIZE
-    - MAC_KEYSIZE
-    - CIPHER_KEYSIZE
+    - MAC_IKMSIZE
+    - CIPHER_IKMSIZE
     - HKDF_SALT
-    - IKM_SIZE
     - 3 // struct alignment...
   ];
 };
@@ -99,13 +96,11 @@
 {
   u8 hmac[HMACLENGTH];		// each and every packet has a hmac field, but that is not (yet) checked everywhere
 
-  void hmac_set (crypto_ctx * ctx);
-  bool hmac_chk (crypto_ctx * ctx);
+  void hmac_set (crypto_ctx *ctx);
+  bool hmac_chk (crypto_ctx *ctx);
 
 private:
-  static unsigned char hmac_digest[EVP_MAX_MD_SIZE];
-
-  void hmac_gen (crypto_ctx * ctx);
+  void hmac_gen (crypto_ctx *ctx, u8 *hmac_digest);
 };
 
 struct vpn_packet : hmac_packet
@@ -199,7 +194,6 @@
 
   u8 protocol;
   u8 features;
-  bool is_direct; // current connection (si) is direct?
 
   pkt_queue data_queue, vpn_queue;
 
@@ -208,10 +202,10 @@
   void generate_auth_data ();
 
   ev_tstamp auth_expire; // when the snd_* and *_ecdh values expire
+  ev_tstamp hmac_error; // time of first hmac error in a series
 
   // send auth data - used for octx
   auth_data snd_auth;
-  auth_mac snd_auth_mac; // expected response mac
   ecdh_key snd_ecdh_a; // the secret ecdh key we used for our request
   ecdh_key snd_ecdh_b; // the public ecdh key we received in the response
   bool have_snd_auth; // received response for our req
@@ -234,10 +228,10 @@
 
   void shutdown ();
   void connection_established (const sockinfo &rsi);
-  void reset_connection ();
+  void reset_connection (const char *reason);
 
   void establish_connection_cb (ev::timer &w, int revents); ev::timer establish_connection;
-  void rekey_cb (ev::timer &w, int revents); ev::timer rekey; // next rekying (actually current reset + reestablishing)
+  void rekey_cb (ev::timer &w, int revents); ev::timer rekey; // next rekeying (actually current reset + reestablishing)
   void keepalive_cb (ev::timer &w, int revents); ev::timer keepalive; // next keepalive probe
 
   void send_connect_request (int id);