[PATCH 6/6] site: transport peers: Use source of NAK packets as reply address
Ian Jackson
ijackson at chiark.greenend.org.uk
Mon Sep 15 01:01:20 BST 2014
If we get a NAK from our current peer and initiate a key exchange, we
should take the source address of the NAK as a hint for the peer's
public address.
Signed-off-by: Ian Jackson <ijackson at chiark.greenend.org.uk>
---
site.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/site.c b/site.c
index 49e04cf..c8206d0 100644
--- a/site.c
+++ b/site.c
@@ -1696,7 +1696,7 @@ static bool_t site_incoming(void *sst, struct buffer_if *buf,
because our peer's forgotten the key */
if (get_uint32(buf->start+4)==st->current.remote_session_id) {
bool_t initiated;
- initiated = initiate_key_setup(st,"received a NAK",0);
+ initiated = initiate_key_setup(st,"received a NAK",source);
if (!initiated) generate_send_prod(st,source);
} else {
slog(st,LOG_SEC,"bad incoming NAK");
--
1.7.10.4
More information about the sgo-software-discuss
mailing list