From: Ian Jackson <ijackson@chiark.greenend.org.uk>
Date: Wed, 25 Jun 2014 20:43:00 +0000 (+0100)
Subject: site: transport peers: Use source of NAK packets as reply address
X-Git-Tag: debian/0.3.3_beta1~1
X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ian/git?p=secnet.git;a=commitdiff_plain;h=e5e67212fe07bc0672e887b4caa796d383bb8a25

site: transport peers: Use source of NAK packets as reply address

If we get a NAK from our current peer and initiate a key exchange, we
should take the source address of the NAK as a hint for the peer's
public address.

Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
---

diff --git a/site.c b/site.c
index 49e04cf..c8206d0 100644
--- a/site.c
+++ b/site.c
@@ -1696,7 +1696,7 @@ static bool_t site_incoming(void *sst, struct buffer_if *buf,
 	       because our peer's forgotten the key */
 	    if (get_uint32(buf->start+4)==st->current.remote_session_id) {
 		bool_t initiated;
-		initiated = initiate_key_setup(st,"received a NAK",0);
+		initiated = initiate_key_setup(st,"received a NAK",source);
 		if (!initiated) generate_send_prod(st,source);
 	    } else {
 		slog(st,LOG_SEC,"bad incoming NAK");