| … | |
… | |
| 289 | bool send = ri.diff / ri.pcnt > CUTOFF; |
289 | bool send = ri.diff / ri.pcnt > CUTOFF; |
| 290 | |
290 | |
| 291 | if (send) |
291 | if (send) |
| 292 | ri.pcnt++; |
292 | ri.pcnt++; |
| 293 | |
293 | |
| 294 | //printf ("RATE %d %f,%f = %f > %f\n", !!send, ri.pcnt, ri.diff, ri.diff / ri.pcnt, CUTOFF); |
|
|
| 295 | |
|
|
| 296 | push_front (ri); |
294 | push_front (ri); |
| 297 | |
295 | |
| 298 | return send; |
296 | return send; |
| 299 | } |
297 | } |
| 300 | } |
298 | } |
| … | |
… | |
| 308 | } |
306 | } |
| 309 | |
307 | |
| 310 | static unsigned char hmac_digest[EVP_MAX_MD_SIZE]; |
308 | static unsigned char hmac_digest[EVP_MAX_MD_SIZE]; |
| 311 | |
309 | |
| 312 | struct hmac_packet:net_packet |
310 | struct hmac_packet:net_packet |
|
|
311 | { |
|
|
312 | u8 hmac[HMACLENGTH]; // each and every packet has a hmac field, but that is not (yet) checked everywhere |
|
|
313 | |
|
|
314 | void hmac_set (crypto_ctx * ctx); |
|
|
315 | bool hmac_chk (crypto_ctx * ctx); |
|
|
316 | |
|
|
317 | private: |
|
|
318 | void hmac_gen (crypto_ctx * ctx) |
| 313 | { |
319 | { |
| 314 | u8 hmac[HMACLENGTH]; // each and every packet has a hmac field, but that is not (yet) checked everywhere |
|
|
| 315 | |
|
|
| 316 | void hmac_set (crypto_ctx * ctx); |
|
|
| 317 | bool hmac_chk (crypto_ctx * ctx); |
|
|
| 318 | |
|
|
| 319 | private: |
|
|
| 320 | void hmac_gen (crypto_ctx * ctx) |
|
|
| 321 | { |
|
|
| 322 | unsigned int xlen; |
320 | unsigned int xlen; |
| 323 | HMAC_CTX *hctx = &ctx->hctx; |
321 | HMAC_CTX *hctx = &ctx->hctx; |
| 324 | |
322 | |
| 325 | HMAC_Init_ex (hctx, 0, 0, 0, 0); |
323 | HMAC_Init_ex (hctx, 0, 0, 0, 0); |
| 326 | HMAC_Update (hctx, ((unsigned char *) this) + sizeof (hmac_packet), |
324 | HMAC_Update (hctx, ((unsigned char *) this) + sizeof (hmac_packet), |
| 327 | len - sizeof (hmac_packet)); |
325 | len - sizeof (hmac_packet)); |
| 328 | HMAC_Final (hctx, (unsigned char *) &hmac_digest, &xlen); |
326 | HMAC_Final (hctx, (unsigned char *) &hmac_digest, &xlen); |
| 329 | } |
|
|
| 330 | }; |
327 | } |
|
|
328 | }; |
| 331 | |
329 | |
| 332 | void |
330 | void |
| 333 | hmac_packet::hmac_set (crypto_ctx * ctx) |
331 | hmac_packet::hmac_set (crypto_ctx * ctx) |
| 334 | { |
332 | { |
| 335 | hmac_gen (ctx); |
333 | hmac_gen (ctx); |
| … | |
… | |
| 722 | } |
720 | } |
| 723 | |
721 | |
| 724 | void |
722 | void |
| 725 | connection::establish_connection_cb (tstamp &ts) |
723 | connection::establish_connection_cb (tstamp &ts) |
| 726 | { |
724 | { |
| 727 | if (ictx || conf == THISNODE || connectmode == conf_node::C_NEVER) |
725 | if (ictx || conf == THISNODE |
|
|
726 | || connectmode == conf_node::C_NEVER |
|
|
727 | || connectmode == conf_node::C_DISABLED) |
| 728 | ts = TSTAMP_CANCEL; |
728 | ts = TSTAMP_CANCEL; |
| 729 | else if (ts <= NOW) |
729 | else if (ts <= NOW) |
| 730 | { |
730 | { |
| 731 | double retry_int = double (retry_cnt & 3 ? (retry_cnt & 3) : 1 << (retry_cnt >> 2)) * 0.6; |
731 | double retry_int = double (retry_cnt & 3 ? (retry_cnt & 3) : 1 << (retry_cnt >> 2)) * 0.6; |
| 732 | |
732 | |
| … | |
… | |
| 909 | send_auth_response (ssa, p->id, k); |
909 | send_auth_response (ssa, p->id, k); |
| 910 | |
910 | |
| 911 | break; |
911 | break; |
| 912 | } |
912 | } |
| 913 | } |
913 | } |
| 914 | |
|
|
| 915 | |
|
|
| 916 | } |
914 | } |
| 917 | |
915 | |
| 918 | send_reset (ssa); |
916 | send_reset (ssa); |
| 919 | break; |
917 | break; |
| 920 | |
918 | |
