]> git.meshlink.io Git - meshlink/commitdiff
Fix spurious misidentification of incoming UDP packets.
authorGuus Sliepen <guus@tinc-vpn.org>
Fri, 18 Feb 2011 22:02:11 +0000 (23:02 +0100)
committerGuus Sliepen <guus@tinc-vpn.org>
Fri, 18 Feb 2011 22:02:11 +0000 (23:02 +0100)
When a UDP packet was received with an unknown source address/port, and if it
failed a HMAC check against known keys, it could still incorrectly assign that
UDP address to another node. This would temporarily cause outgoing UDP packets
to go to the wrong destination address, until packets from the correct address
were received again.

src/net_packet.c

index aef55342353cac99096822d10d41c728f34c503e..13f132565016bbe908a66bbb01ce34939b9dacec 100644 (file)
@@ -575,6 +575,7 @@ static node_t *try_harder(const sockaddr_t *from, const vpn_packet_t *pkt) {
        avl_node_t *node;
        edge_t *e;
        node_t *n = NULL;
+       bool hard = false;
        static time_t last_hard_try = 0;
 
        for(node = edge_weight_tree->head; node; node = node->next) {
@@ -583,12 +584,9 @@ static node_t *try_harder(const sockaddr_t *from, const vpn_packet_t *pkt) {
                if(sockaddrcmp_noport(from, &e->address)) {
                        if(last_hard_try == now)
                                continue;
-                       last_hard_try = now;
+                       hard = true;
                }
 
-               if(!n)
-                       n = e->to;
-
                if(!try_mac(e->to, pkt))
                        continue;
 
@@ -596,6 +594,9 @@ static node_t *try_harder(const sockaddr_t *from, const vpn_packet_t *pkt) {
                break;
        }
 
+       if(hard)
+               last_hard_try = now;
+
        return n;
 }