X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ian/git?p=secnet.git;a=blobdiff_plain;f=site.c;h=c8206d03943a7f4617f89209ff65750e593d7431;hp=379ab0d96976aefc90f5928c60a6e5b492165144;hb=e5e67212fe07bc0672e887b4caa796d383bb8a25;hpb=c22c3541042ff7907144945abace305350297806

diff --git a/site.c b/site.c
index 379ab0d..c8206d0 100644
--- a/site.c
+++ b/site.c
@@ -207,7 +207,11 @@ static void transport_setup_msgok(struct site *st, const struct comm_addr *a);
 static void transport_data_msgok(struct site *st, const struct comm_addr *a);
 static bool_t transport_compute_setupinit_peers(struct site *st,
         const struct comm_addr *configured_addr /* 0 if none or not found */,
-        const struct comm_addr *prod_hint_addr /* 0 if none */);
+        const struct comm_addr *incoming_packet_addr /* 0 if none */);
+static void transport_resolve_complete(struct site *st,
+                                      const struct comm_addr *a);
+static void transport_resolve_complete_tardy(struct site *st,
+					     const struct comm_addr *ca_use);
 static void transport_record_peer(struct site *st, transport_peers *peers,
 				  const struct comm_addr *addr, const char *m);
 
@@ -1182,8 +1186,7 @@ static void site_resolve_callback(void *sst, struct in_addr *address)
 	     * It's best to store it in st->peers now because we might
 	     * go via SENTMSG5, WAIT, and a MSG0, straight into using
 	     * the new key (without updating the data peer addrs). */
-	    transport_record_peer(st,&st->peers,ca_use,"resolved data");
-	    transport_record_peer(st,&st->setup_peers,ca_use,"resolved setup");
+	    transport_resolve_complete(st,ca_use);
 	} else if (st->local_mobile) {
 	    /* We can't let this rest because we may have a peer
 	     * address which will break in the future. */
@@ -1201,7 +1204,7 @@ static void site_resolve_callback(void *sst, struct in_addr *address)
 	if (ca_use) {
 	    slog(st,LOG_SETUP_INIT,"resolution of %s completed tardily,"
 		 " updating peer address(es)",st->address);
-	    transport_record_peer(st,&st->peers,ca_use,"resolved tardily");
+	    transport_resolve_complete_tardy(st,ca_use);
 	} else if (st->local_mobile) {
 	    /* Not very good.  We should queue (another) renegotiation
 	     * so that we can update the peer address. */
@@ -1627,11 +1630,11 @@ static bool_t site_incoming(void *sst, struct buffer_if *buf,
 	if (st->state==SITE_RUN || st->state==SITE_RESOLVE ||
 	    st->state==SITE_WAIT) {
 	    /* We should definitely process it */
-	    transport_record_peer(st,&st->setup_peers,source,"msg1");
+	    transport_compute_setupinit_peers(st,0,source);
 	    if (process_msg1(st,buf,source,&named_msg)) {
 		slog(st,LOG_SETUP_INIT,"key setup initiated by peer");
 		bool_t entered=enter_new_state(st,SITE_SENTMSG2);
-		if (entered && st->address)
+		if (entered && st->address && st->local_mobile)
 		    /* We must do this as the very last thing, because
 		       the resolver callback might reenter us. */
 		    ensure_resolving(st);
@@ -1693,7 +1696,7 @@ static bool_t site_incoming(void *sst, struct buffer_if *buf,
 	       because our peer's forgotten the key */
 	    if (get_uint32(buf->start+4)==st->current.remote_session_id) {
 		bool_t initiated;
-		initiated = initiate_key_setup(st,"received a NAK",0);
+		initiated = initiate_key_setup(st,"received a NAK",source);
 		if (!initiated) generate_send_prod(st,source);
 	    } else {
 		slog(st,LOG_SEC,"bad incoming NAK");
@@ -2091,16 +2094,16 @@ static void transport_record_peer(struct site *st, transport_peers *peers,
 
 static bool_t transport_compute_setupinit_peers(struct site *st,
         const struct comm_addr *configured_addr /* 0 if none or not found */,
-        const struct comm_addr *prod_hint_addr /* 0 if none */) {
+        const struct comm_addr *incoming_packet_addr /* 0 if none */) {
 
-    if (!configured_addr && !prod_hint_addr &&
+    if (!configured_addr && !incoming_packet_addr &&
 	!transport_peers_valid(&st->peers))
 	return False;
 
     slog(st,LOG_SETUP_INIT,
 	 "using:%s%s %d old peer address(es)",
 	 configured_addr ? " configured address;" : "",
-	 prod_hint_addr ? " PROD hint address;" : "",
+	 incoming_packet_addr ? " incoming packet address;" : "",
 	 st->peers.npeers);
 
     /* Non-mobile peers have st->peers.npeers==0 or ==1, since they
@@ -2111,8 +2114,9 @@ static bool_t transport_compute_setupinit_peers(struct site *st,
 
     transport_peers_copy(st,&st->setup_peers,&st->peers);
 
-    if (prod_hint_addr)
-	transport_record_peer(st,&st->setup_peers,prod_hint_addr,"prod");
+    if (incoming_packet_addr)
+	transport_record_peer(st,&st->setup_peers,incoming_packet_addr,
+			      "incoming");
 
     if (configured_addr)
 	transport_record_peer(st,&st->setup_peers,configured_addr,"setupinit");
@@ -2145,6 +2149,17 @@ static void transport_peers_copy(struct site *st, transport_peers *dst,
 			  src->npeers, &src->peers->addr, sizeof(*src->peers));
 }
 
+static void transport_resolve_complete(struct site *st,
+				       const struct comm_addr *ca_use) {
+    transport_record_peer(st,&st->peers,ca_use,"resolved data");
+    transport_record_peer(st,&st->setup_peers,ca_use,"resolved setup");
+}
+
+static void transport_resolve_complete_tardy(struct site *st,
+					     const struct comm_addr *ca_use) {
+    transport_record_peer(st,&st->peers,ca_use,"resolved tardily");
+}
+
 void transport_xmit(struct site *st, transport_peers *peers,
 		    struct buffer_if *buf, bool_t candebug) {
     int slot;