diff options
| author | Matthias Schiffer <mschiffer@universe-factory.net> | 2012-04-19 17:42:56 +0200 |
|---|---|---|
| committer | Matthias Schiffer <mschiffer@universe-factory.net> | 2012-04-19 17:42:56 +0200 |
| commit | 8c91443808ce376947ff387eaffca6e8cfbe9251 (patch) | |
| tree | 227a4367a2c013bbee40dc99c8abafc52da5ee2e /src/fastd.h | |
| parent | c5b12202c834fe484634131ee9a91465b9e6e7bc (diff) | |
| download | fastd-8c91443808ce376947ff387eaffca6e8cfbe9251.tar fastd-8c91443808ce376947ff387eaffca6e8cfbe9251.zip | |
Don't regenerate session handshake keypair for every handshake so a global state can be used; remove the concept of temporary peers
These changes will fix the possibility of a TCP-SYN-Flood-like DoS attack, at the cost of another
protocol change: as we can't count request IDs when we don't know have temporary peers, request IDs
are removed completely.
Diffstat (limited to 'src/fastd.h')
| -rw-r--r-- | src/fastd.h | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/src/fastd.h b/src/fastd.h index c681d34..08ef666 100644 --- a/src/fastd.h +++ b/src/fastd.h @@ -64,10 +64,9 @@ struct _fastd_protocol { fastd_protocol_config* (*init)(fastd_context *ctx); void (*peer_configure)(fastd_context *ctx, fastd_peer_config *peer_conf); - void (*peer_config_purged)(fastd_context *ctx, fastd_peer_config *peer_conf); - void (*handshake_init)(fastd_context *ctx, fastd_peer *peer); - void (*handshake_handle)(fastd_context *ctx, fastd_peer *peer, const fastd_handshake *handshake); + void (*handshake_init)(fastd_context *ctx, const fastd_peer_address *address, const fastd_peer_config *peer_conf); + void (*handshake_handle)(fastd_context *ctx, const fastd_peer_address *address, const fastd_peer_config *peer_conf, const fastd_handshake *handshake); void (*handle_recv)(fastd_context *ctx, fastd_peer *peer, fastd_buffer buffer); void (*send)(fastd_context *ctx, fastd_peer *peer, fastd_buffer buffer); @@ -116,7 +115,6 @@ struct _fastd_config { unsigned keepalive_interval; unsigned peer_stale_time; - unsigned peer_stale_time_temp; unsigned eth_addr_stale_time; char *ifname; @@ -182,6 +180,8 @@ struct _fastd_context { unsigned int randseed; + fastd_protocol_state *protocol_state; + fastd_resolve_return *resolve_returns; }; @@ -191,8 +191,8 @@ struct _fastd_string_stack { }; -void fastd_send(fastd_context *ctx, fastd_peer *peer, fastd_buffer buffer); -void fastd_send_handshake(fastd_context *ctx, fastd_peer *peer, fastd_buffer buffer); +void fastd_send(fastd_context *ctx, const fastd_peer_address *address, fastd_buffer buffer); +void fastd_send_handshake(fastd_context *ctx, const fastd_peer_address *address, fastd_buffer buffer); void fastd_handle_receive(fastd_context *ctx, fastd_peer *peer, fastd_buffer buffer); void fastd_resolve_peer(fastd_context *ctx, const fastd_peer_config *peer); |