transport_peer peers[MAX_MOBILE_PEERS_MAX];
} transport_peers;
+/* Basic operations on transport peer address sets */
static void transport_peers_clear(struct site *st, transport_peers *peers);
static int transport_peers_valid(transport_peers *peers);
static void transport_peers_copy(struct site *st, transport_peers *dst,
const transport_peers *src);
+/* Record address of incoming setup packet; resp. data packet. */
static void transport_setup_msgok(struct site *st, const struct comm_addr *a);
static void transport_data_msgok(struct site *st, const struct comm_addr *a);
+
+/* Initialise the setup addresses. Called before we send the first
+ * packet in a key exchange. If we are the initiator, as a result of
+ * resolve completing (or being determined not to be relevant) or an
+ * incoming PROD; if we are the responder, as a result of the MSG1. */
static bool_t transport_compute_setupinit_peers(struct site *st,
const struct comm_addr *configured_addr /* 0 if none or not found */,
const struct comm_addr *incoming_packet_addr /* 0 if none */);
+
+/* Called if we are the responder in a key setup, when the resolve
+ * completes. transport_compute_setupinit_peers will hvae been called
+ * earlier. If _complete is called, we are still doing the key setup
+ * (and we should use the new values for both the rest of the key
+ * setup and the ongoing data exchange); if _tardy is called, the key
+ * setup is done (either completed or not) and only the data peers are
+ * relevant */
static void transport_resolve_complete(struct site *st,
const struct comm_addr *a);
static void transport_resolve_complete_tardy(struct site *st,
const struct comm_addr *ca_use);
-static void transport_record_peer(struct site *st, transport_peers *peers,
- const struct comm_addr *addr, const char *m);
static void transport_xmit(struct site *st, transport_peers *peers,
struct buffer_if *buf, bool_t candebug);
append_string_xinfo_done(&st->buffer,&xia);
buf_append_string(&st->buffer,st->remotename);
- memcpy(buf_append(&st->buffer,NONCELEN),st->localN,NONCELEN);
+ BUF_ADD_OBJ(append,&st->buffer,st->localN);
if (type==LABEL_MSG1) return True;
- memcpy(buf_append(&st->buffer,NONCELEN),st->remoteN,NONCELEN);
+ BUF_ADD_OBJ(append,&st->buffer,st->remoteN);
if (type==LABEL_MSG2) return True;
if (hacky_par_mid_failnow()) return False;
st->setup_session_id=0;
transport_peers_clear(st,&st->setup_peers);
- memset(st->localN,0,NONCELEN);
- memset(st->remoteN,0,NONCELEN);
+ FILLZERO(st->localN);
+ FILLZERO(st->remoteN);
dispose_transform(&st->new_transform);
memset(st->dhsecret,0,st->dh->len);
memset(st->sharedsecret,0,st->sharedsecretlen);
st->transport_peers_max= !st->peer_mobile ? 1 : dict_read_number(
dict,"mobile-peers-max",False,"site",loc,DEFAULT_MOBILE_PEERS_MAX);
if (st->transport_peers_max<1 ||
- st->transport_peers_max>=MAX_MOBILE_PEERS_MAX) {
+ st->transport_peers_max>MAX_MOBILE_PEERS_MAX) {
cfgfatal(loc,"site","mobile-peers-max must be in range 1.."
STRING(MAX_MOBILE_PEERS_MAX) "\n");
}
static void transport_peers_copy(struct site *st, transport_peers *dst,
const transport_peers *src) {
dst->npeers=src->npeers;
- memcpy(dst->peers, src->peers, sizeof(*dst->peers) * dst->npeers);
+ COPY_ARRAY(dst->peers, src->peers, dst->npeers);
transport_peers_debug(st,dst,"copy",
src->npeers, &src->peers->addr, sizeof(*src->peers));
}