From 8c91443808ce376947ff387eaffca6e8cfbe9251 Mon Sep 17 00:00:00 2001 From: Matthias Schiffer Date: Thu, 19 Apr 2012 17:42:56 +0200 Subject: Don't regenerate session handshake keypair for every handshake so a global state can be used; remove the concept of temporary peers These changes will fix the possibility of a TCP-SYN-Flood-like DoS attack, at the cost of another protocol change: as we can't count request IDs when we don't know have temporary peers, request IDs are removed completely. --- src/handshake.h | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) (limited to 'src/handshake.h') diff --git a/src/handshake.h b/src/handshake.h index 9bb1a56..5e7ee1d 100644 --- a/src/handshake.h +++ b/src/handshake.h @@ -61,16 +61,15 @@ typedef struct _fastd_handshake_record { } fastd_handshake_record; struct _fastd_handshake { - uint8_t req_id; uint8_t type; fastd_handshake_record records[RECORD_MAX]; }; -fastd_buffer fastd_handshake_new_init(fastd_context *ctx, fastd_peer *peer, size_t tail_space); -fastd_buffer fastd_handshake_new_reply(fastd_context *ctx, fastd_peer *peer, const fastd_handshake *handshake, size_t tail_space); +fastd_buffer fastd_handshake_new_init(fastd_context *ctx, size_t tail_space); +fastd_buffer fastd_handshake_new_reply(fastd_context *ctx, const fastd_handshake *handshake, size_t tail_space); -void fastd_handshake_handle(fastd_context *ctx, fastd_peer *peer, fastd_buffer buffer); +void fastd_handshake_handle(fastd_context *ctx, const fastd_peer_address *address, const fastd_peer_config *peer_conf, fastd_buffer buffer); static inline void fastd_handshake_add(fastd_context *ctx, fastd_buffer *buffer, fastd_handshake_record_type type, size_t len, const void *data) { -- cgit v1.2.3