]> git.meshlink.io Git - meshlink/commitdiff
projects / meshlink / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: f13c6d9)
Also renew SPTPS keys for meta-connections.
authorGuus Sliepen <guus@meshlink.io>
Sat, 11 Apr 2020 15:25:53 +0000 (17:25 +0200)
committerGuus Sliepen <guus@meshlink.io>
Sat, 11 Apr 2020 15:25:53 +0000 (17:25 +0200)
src/connection.h patch | blob | history
src/net.c patch | blob | history
src/protocol_auth.c patch | blob | history

diff --git a/src/connection.h b/src/connection.h
index 25e122d05f0726de19da9d04f665e7b11a975b31..5160422b346b9a01d054d7f828983dbe8421416a 100644 (file)
--- a/src/connection.h
+++ b/src/connection.h
@@ -67,6 +67,7 @@ typedef struct connection_t {
        int tcplen;                     /* length of incoming TCPpacket */
        int allow_request;              /* defined if there's only one request possible */
        time_t last_ping_time;          /* last time we saw some activity from the other end or pinged them */
+       time_t last_key_renewal;        /* last time we renewed the SPTPS key */
 
        struct outgoing_t *outgoing;    /* used to keep track of outgoing connections */
 
diff --git a/src/net.c b/src/net.c
index d80df2fd84c3d6d728a79bac55301e60a43e6d1d..2ee8aee446bc1df899354fb1cb93c1373e7aa844 100644 (file)
--- a/src/net.c
+++ b/src/net.c
@@ -123,6 +123,16 @@ static void timeout_handler(event_loop_t *loop, void *data) {
                        }
                }
 
+               if(c->status.active && c->last_key_renewal + 3600 < mesh->loop.now.tv_sec) {
+                       if(!sptps_force_kex(&c->sptps)) {
+                               logger(mesh, MESHLINK_ERROR, "SPTPS key renewal for connection with %s failed", c->name);
+                               terminate_connection(mesh, c, true);
+                               continue;
+                       } else {
+                               c->last_key_renewal = mesh->loop.now.tv_sec;
+                       }
+               }
+
                if(c->last_ping_time + pingtimeout <= mesh->loop.now.tv_sec) {
                        if(c->status.active) {
                                if(c->status.pinged) {
diff --git a/src/protocol_auth.c b/src/protocol_auth.c
index 5632c5a216d23c044e07d820da8661fc4b501f8e..c17d9e8214b9b196c30b4725c2a456e204142a1e 100644 (file)
--- a/src/protocol_auth.c
+++ b/src/protocol_auth.c
@@ -365,6 +365,7 @@ bool ack_h(meshlink_handle_t *mesh, connection_t *c, const char *request) {
        /* Activate this connection */
 
        c->allow_request = ALL;
+       c->last_key_renewal = mesh->loop.now.tv_sec;
        c->status.active = true;
 
        logger(mesh, MESHLINK_INFO, "Connection with %s activated", c->name);
MeshLink library, based on tinc 1.1