[SECNET PATCH 00/12] Fix polypath asymmetric routing

[Ian Jackson]

If polypath has asymmetric routing, where path A upload is faster than
path B, but path A download is completely broken, then the server
needs to update the peer addresses even for the slow packets via B.

Otherwise, things work for a bit but eventually (by default, 2 minutes
after this situation arises) the server discards the address for path
B because it has had no recent `valid' packets.

Restarting either end then does not work either because the key setup
exchange is afflicted by the same problem: the server never sees a
`valid' packet via path B at all - all of them are `stale' copies.

This bug actually happened to my remote access arrangement while
I was trying to fix a network hundreds of km away...

Ian Jackson (12):
  NOTES: tiny fix
  configure: rerun autogen.sh with autoconf 2.69-10
  site: Rename setup_priority to our_name_later
  site: Break out we_have_priority
  polypath asymmetric routing: Priority to mobile sites
  site: Make return value of transforms be an enum
  site: Change return value of decrypt_msg0
  Introduce transform_apply_return_badseq
  Introduce transform_apply_seqdupe
  polypath asymmetric routing: Handle data packet dupes
  polypath asymmetric routing: Handle MSG1 late dupes
  polypath asymmetric routing: Handle MSG2-4 late dupes

 NOTES              |   2 +-
 configure          |  14 +++++-
 magic.h            |   5 ++-
 secnet.h           |  25 ++++++++---
 site.c             | 124 +++++++++++++++++++++++++++++++++++++++++------------
 transform-cbcmac.c |  16 +++----
 transform-common.h |   6 +--
 transform-eax.c    |  12 +++---
 8 files changed, 148 insertions(+), 56 deletions(-)

-- 
2.11.0