From: Ian Jackson <ijackson@chiark.greenend.org.uk>
Date: Wed, 20 Jun 2012 22:38:14 +0000 (+0100)
Subject: site: Break out separate function for decrypting msg0
X-Git-Tag: debian/0.3.0_beta1~12
X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ian/git?p=secnet.git;a=commitdiff_plain;h=065e1922e00c787775b595badce0e40a999a6afb;ds=sidebyside

site: Break out separate function for decrypting msg0

The control flow here is going to become more complicated, and this
change will make the next patches, and the resulting code, clearer.

Note that process_msg0's return value is never used; it is only
defined to return bool_t so that it can use the CHECK_AVAIL macro.
Knowing this will make it easier to see that the patch is correct.

Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
---

diff --git a/site.c b/site.c
index 05206f6..f65051f 100644
--- a/site.c
+++ b/site.c
@@ -709,26 +709,37 @@ static bool_t process_msg6(struct site *st, struct buffer_if *msg6,
     return True;
 }
 
-static bool_t process_msg0(struct site *st, struct buffer_if *msg0,
-			   const struct comm_addr *src)
+static bool_t decrypt_msg0(struct site *st, struct buffer_if *msg0)
 {
-    struct msg0 m;
     cstring_t transform_err;
-    uint32_t type;
+    struct msg0 m;
+    uint32_t problem;
 
     if (!st->current_valid) {
 	slog(st,LOG_DROP,"incoming message but no current key -> dropping");
-	return initiate_key_setup(st,"incoming message but no current key");
+	initiate_key_setup(st,"incoming message but no current key");
+	return False;
     }
 
     if (!unpick_msg0(st,msg0,&m)) return False;
 
-    if (st->current_transform->reverse(st->current_transform->st,
-				       msg0,&transform_err)) {
-	/* There's a problem */
-	slog(st,LOG_SEC,"transform: %s",transform_err);
-	return initiate_key_setup(st,"incoming message would not decrypt");
-    }
+    problem = st->current_transform->reverse(st->current_transform->st,
+					     msg0,&transform_err);
+    if (!problem) return True;
+
+    slog(st,LOG_SEC,"transform: %s",transform_err);
+    initiate_key_setup(st,"incoming message would not decrypt");
+    return False;
+}
+
+static bool_t process_msg0(struct site *st, struct buffer_if *msg0,
+			   const struct comm_addr *src)
+{
+    uint32_t type;
+
+    if (!decrypt_msg0(st,msg0))
+	return False;
+
     CHECK_AVAIL(msg0,4);
     type=buf_unprepend_uint32(msg0);
     switch(type) {