We are going to introduce another set of these for the previous key,
and putting them together in this struct means we will be able to talk
about themm easily.
This patch is very mechanical: we move the three variables into the
new struct, and simply search-and-replace the references.
No functional change.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
/***** END of transport peers declarations *****/
/***** END of transport peers declarations *****/
+struct data_key {
+ struct transform_inst_if *transform;
+ uint64_t key_timeout; /* End of life of current key */
+ uint32_t remote_session_id;
+};
+
struct site {
closure_t cl;
struct site_if ops;
struct site {
closure_t cl;
struct site_if ops;
uint64_t now; /* Most recently seen time */
/* The currently established session */
uint64_t now; /* Most recently seen time */
/* The currently established session */
- uint32_t remote_session_id;
- struct transform_inst_if *current_transform;
- uint64_t current_key_timeout; /* End of life of current key */
+ struct data_key current;
uint64_t renegotiate_key_time; /* When we can negotiate a new key */
transport_peers peers; /* Current address(es) of peer for data traffic */
uint64_t renegotiate_key_time; /* When we can negotiate a new key */
transport_peers peers; /* Current address(es) of peer for data traffic */
static bool_t current_valid(struct site *st)
{
static bool_t current_valid(struct site *st)
{
- return st->current_transform->valid(st->current_transform->st);
+ return st->current.transform->valid(st->current.transform->st);
}
#define CHECK_AVAIL(b,l) do { if ((b)->size<(l)) return False; } while(0)
}
#define CHECK_AVAIL(b,l) do { if ((b)->size<(l)) return False; } while(0)
/* Keep a copy so we can try decrypting it with multiple keys */
buffer_copy(&st->scratch, msg0);
/* Keep a copy so we can try decrypting it with multiple keys */
buffer_copy(&st->scratch, msg0);
- problem = st->current_transform->reverse(st->current_transform->st,
+ problem = st->current.transform->reverse(st->current.transform->st,
msg0,&transform_err);
if (!problem) return True;
msg0,&transform_err);
if (!problem) return True;
/* We have two transform instances, which we swap between active
and setup */
/* We have two transform instances, which we swap between active
and setup */
- t=st->current_transform;
- st->current_transform=st->new_transform;
+ t=st->current.transform;
+ st->current.transform=st->new_transform;
st->new_transform=t;
t->delkey(t->st);
st->timeout=0;
st->new_transform=t;
t->delkey(t->st);
st->timeout=0;
- st->current_key_timeout=st->now+st->key_lifetime;
+ st->current.key_timeout=st->now+st->key_lifetime;
st->renegotiate_key_time=st->now+st->key_renegotiate_time;
transport_peers_copy(st,&st->peers,&st->setup_peers);
st->renegotiate_key_time=st->now+st->key_renegotiate_time;
transport_peers_copy(st,&st->peers,&st->setup_peers);
- st->remote_session_id=st->setup_session_id;
+ st->current.remote_session_id=st->setup_session_id;
slog(st,LOG_ACTIVATE_KEY,"new key activated");
enter_state_run(st);
slog(st,LOG_ACTIVATE_KEY,"new key activated");
enter_state_run(st);
if (current_valid(st)) {
slog(st,loglevel,"session closed (%s)",reason);
if (current_valid(st)) {
slog(st,loglevel,"session closed (%s)",reason);
- st->current_transform->delkey(st->current_transform->st);
- st->current_key_timeout=0;
+ st->current.transform->delkey(st->current.transform->st);
+ st->current.key_timeout=0;
set_link_quality(st);
}
}
set_link_quality(st);
}
}
buffer_init(&st->buffer,st->transform->max_start_pad+(4*3));
buf_append_uint32(&st->buffer,LABEL_MSG7);
buf_append_string(&st->buffer,reason);
buffer_init(&st->buffer,st->transform->max_start_pad+(4*3));
buf_append_uint32(&st->buffer,LABEL_MSG7);
buf_append_string(&st->buffer,reason);
- st->current_transform->forwards(st->current_transform->st,
+ st->current.transform->forwards(st->current.transform->st,
&st->buffer, &transform_err);
buf_prepend_uint32(&st->buffer,LABEL_MSG0);
buf_prepend_uint32(&st->buffer,st->index);
&st->buffer, &transform_err);
buf_prepend_uint32(&st->buffer,LABEL_MSG0);
buf_prepend_uint32(&st->buffer,st->index);
- buf_prepend_uint32(&st->buffer,st->remote_session_id);
+ buf_prepend_uint32(&st->buffer,st->current.remote_session_id);
transport_xmit(st,&st->peers,&st->buffer,True);
BUF_FREE(&st->buffer);
return True;
transport_xmit(st,&st->peers,&st->buffer,True);
BUF_FREE(&st->buffer);
return True;
st->now=*now;
/* Work out when our next timeout is. The earlier of 'timeout' or
st->now=*now;
/* Work out when our next timeout is. The earlier of 'timeout' or
- 'current_key_timeout'. A stored value of '0' indicates no timeout
+ 'current.key_timeout'. A stored value of '0' indicates no timeout
active. */
site_settimeout(st->timeout, timeout_io);
active. */
site_settimeout(st->timeout, timeout_io);
- site_settimeout(st->current_key_timeout, timeout_io);
+ site_settimeout(st->current.key_timeout, timeout_io);
return 0; /* success */
}
return 0; /* success */
}
- if (st->current_key_timeout && *now>st->current_key_timeout) {
+ if (st->current.key_timeout && *now>st->current.key_timeout) {
delete_key(st,"maximum key life exceeded",LOG_TIMEOUT_KEY);
}
}
delete_key(st,"maximum key life exceeded",LOG_TIMEOUT_KEY);
}
}
/* Transform it and send it */
if (buf->size>0) {
buf_prepend_uint32(buf,LABEL_MSG9);
/* Transform it and send it */
if (buf->size>0) {
buf_prepend_uint32(buf,LABEL_MSG9);
- st->current_transform->forwards(st->current_transform->st,
+ st->current.transform->forwards(st->current.transform->st,
buf, &transform_err);
buf_prepend_uint32(buf,LABEL_MSG0);
buf_prepend_uint32(buf,st->index);
buf, &transform_err);
buf_prepend_uint32(buf,LABEL_MSG0);
buf_prepend_uint32(buf,st->index);
- buf_prepend_uint32(buf,st->remote_session_id);
+ buf_prepend_uint32(buf,st->current.remote_session_id);
transport_xmit(st,&st->peers,buf,False);
}
BUF_FREE(buf);
transport_xmit(st,&st->peers,buf,False);
}
BUF_FREE(buf);
case 0: /* NAK */
/* If the source is our current peer then initiate a key setup,
because our peer's forgotten the key */
case 0: /* NAK */
/* If the source is our current peer then initiate a key setup,
because our peer's forgotten the key */
- if (get_uint32(buf->start+4)==st->remote_session_id) {
+ if (get_uint32(buf->start+4)==st->current.remote_session_id) {
initiate_key_setup(st,"received a NAK");
} else {
slog(st,LOG_SEC,"bad incoming NAK");
initiate_key_setup(st,"received a NAK");
} else {
slog(st,LOG_SEC,"bad incoming NAK");
slog(st,LOG_SEC,"invalid MSG5");
}
} else if (st->state==SITE_RUN) {
slog(st,LOG_SEC,"invalid MSG5");
}
} else if (st->state==SITE_RUN) {
- if (process_msg5(st,buf,source,st->current_transform)) {
+ if (process_msg5(st,buf,source,st->current.transform)) {
slog(st,LOG_DROP,"got MSG5, retransmitting MSG6");
transport_setup_msgok(st,source);
slog(st,LOG_DROP,"got MSG5, retransmitting MSG6");
transport_setup_msgok(st,source);
- create_msg6(st,st->current_transform,st->remote_session_id);
+ create_msg6(st,st->current.transform,
+ st->current.remote_session_id);
transport_xmit(st,&st->peers,&st->buffer,True);
BUF_FREE(&st->buffer);
} else {
transport_xmit(st,&st->peers,&st->buffer,True);
BUF_FREE(&st->buffer);
} else {
register_for_poll(st, site_beforepoll, site_afterpoll, 0, "site");
st->timeout=0;
register_for_poll(st, site_beforepoll, site_afterpoll, 0, "site");
st->timeout=0;
- st->current_key_timeout=0;
+ st->current.key_timeout=0;
transport_peers_clear(st,&st->peers);
transport_peers_clear(st,&st->setup_peers);
/* XXX mlock these */
transport_peers_clear(st,&st->peers);
transport_peers_clear(st,&st->setup_peers);
/* XXX mlock these */
for (i=0; i<st->ncomms; i++)
st->comms[i]->request_notify(st->comms[i]->st, st, site_incoming);
for (i=0; i<st->ncomms; i++)
st->comms[i]->request_notify(st->comms[i]->st, st, site_incoming);
- st->current_transform=st->transform->create(st->transform->st);
+ st->current.transform=st->transform->create(st->transform->st);
st->new_transform=st->transform->create(st->transform->st);
enter_state_stop(st);
st->new_transform=st->transform->create(st->transform->st);
enter_state_stop(st);