[PATCH 6/6] site: transport peers: Use source of NAK packets as reply address

Ian Jackson ijackson at chiark.greenend.org.uk
Mon Sep 15 01:01:20 BST 2014

If we get a NAK from our current peer and initiate a key exchange, we
should take the source address of the NAK as a hint for the peer's
public address.

Signed-off-by: Ian Jackson <ijackson at chiark.greenend.org.uk>
 site.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/site.c b/site.c
index 49e04cf..c8206d0 100644
--- a/site.c
+++ b/site.c
@@ -1696,7 +1696,7 @@ static bool_t site_incoming(void *sst, struct buffer_if *buf,
 	       because our peer's forgotten the key */
 	    if (get_uint32(buf->start+4)==st->current.remote_session_id) {
 		bool_t initiated;
-		initiated = initiate_key_setup(st,"received a NAK",0);
+		initiated = initiate_key_setup(st,"received a NAK",source);
 		if (!initiated) generate_send_prod(st,source);
 	    } else {
 		slog(st,LOG_SEC,"bad incoming NAK");

More information about the sgo-software-discuss mailing list