/* -*-c-*-
*
- * $Id: peer.c,v 1.4 2001/02/16 21:40:24 mdw Exp $
+ * $Id: peer.c,v 1.9 2003/07/13 11:19:49 mdw Exp $
*
* Communication with the peer
*
/*----- Revision history --------------------------------------------------*
*
* $Log: peer.c,v $
+ * Revision 1.9 2003/07/13 11:19:49 mdw
+ * Incopatible protocol fix! Include message type code under MAC tag to prevent
+ * cut-and-paste from key-exchange messages to general packet transport.
+ *
+ * Revision 1.8 2003/05/16 12:09:03 mdw
+ * Allow binding to a chosen address.
+ *
+ * Revision 1.7 2003/04/15 14:12:05 mdw
+ * Insert a newline to improve readability.
+ *
+ * Revision 1.6 2001/06/19 22:07:59 mdw
+ * Use magic number for packet size.
+ *
+ * Revision 1.5 2001/03/03 11:15:19 mdw
+ * Set the socket send and receive buffers to maximum. At least this way,
+ * we won't drop large packets on the floor. If the administrator wants to
+ * prevent fragmentation of TrIPE messages, he can lower the MTU on the
+ * tunnel interface. Getting path-MTU stuff out of the kernel is too much
+ * system-specific hard work for this program.
+ *
* Revision 1.4 2001/02/16 21:40:24 mdw
* Change key exchange message interface. Maintain statistics.
*
return;
}
buf_init(&bb, buf_o, sizeof(buf_o));
- if (ksl_decrypt(&p->ks, &b, &bb)) {
+ if (ksl_decrypt(&p->ks, MSG_PACKET, &b, &bb)) {
p->st.n_reject++;
a_warn("couldn't decrypt inbound packet from `%s'", p->name);
return;
void p_tun(peer *p, buf *b)
{
buf *bb = p_txstart(p, MSG_PACKET);
+
TIMER;
- if (ksl_encrypt(&p->ks, b, bb))
+ if (ksl_encrypt(&p->ks, MSG_PACKET, b, bb))
kx_start(&p->kx);
if (BOK(bb) && BLEN(bb)) {
p->st.n_ipout++;
/* --- @p_init@ --- *
*
- * Arguments: @unsigned port@ = port number to listen to
+ * Arguments: @struct in_addr addr@ = address to bind to
+ * @unsigned port@ = port number to listen to
*
* Returns: ---
*
* Use: Initializes the peer system; creates the socket.
*/
-void p_init(unsigned port)
+void p_init(struct in_addr addr, unsigned port)
{
int fd;
struct sockaddr_in sin;
+ int len = PKBUFSZ;
+
+ /* --- Note on socket buffer sizes --- *
+ *
+ * For some bizarre reason, Linux 2.2 (at least) doubles the socket buffer
+ * sizes I pass to @setsockopt@. I'm not putting special-case code here
+ * for Linux: BSD (at least TCPv2) does what I tell it rather than second-
+ * guessing me.
+ */
if ((fd = socket(PF_INET, SOCK_DGRAM, 0)) < 0)
die(EXIT_FAILURE, "socket creation failed: %s", strerror(errno));
BURN(sin);
sin.sin_family = AF_INET;
- sin.sin_addr.s_addr = INADDR_ANY;
+ sin.sin_addr = addr;
sin.sin_port = htons(port);
if (bind(fd, (struct sockaddr *)&sin, sizeof(sin)))
die(EXIT_FAILURE, "bind failed: %s", strerror(errno));
+ if (setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &len, sizeof(len)) ||
+ setsockopt(fd, SOL_SOCKET, SO_SNDBUF, &len, sizeof(len))) {
+ die(EXIT_FAILURE, "failed to set socket buffer sizes: %s",
+ strerror(errno));
+ }
fdflags(fd, O_NONBLOCK, O_NONBLOCK, FD_CLOEXEC, FD_CLOEXEC);
sel_initfile(&sel, &sock, fd, SEL_READ, p_read, 0);
sel_addfile(&sock);