From 8c91443808ce376947ff387eaffca6e8cfbe9251 Mon Sep 17 00:00:00 2001 From: Matthias Schiffer Date: Thu, 19 Apr 2012 17:42:56 +0200 Subject: Don't regenerate session handshake keypair for every handshake so a global state can be used; remove the concept of temporary peers These changes will fix the possibility of a TCP-SYN-Flood-like DoS attack, at the cost of another protocol change: as we can't count request IDs when we don't know have temporary peers, request IDs are removed completely. --- src/types.h | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) (limited to 'src/types.h') diff --git a/src/types.h b/src/types.h index c48cf59..6efd224 100644 --- a/src/types.h +++ b/src/types.h @@ -47,13 +47,6 @@ typedef enum _fastd_mode { MODE_TUN, } fastd_mode; -typedef enum _fastd_peer_state { - STATE_RESOLVE, - STATE_WAIT, - STATE_TEMP, - STATE_ESTABLISHED, -} fastd_peer_state; - typedef struct _fastd_buffer fastd_buffer; @@ -78,6 +71,7 @@ typedef struct _fastd_resolve_return fastd_resolve_return; /* May be defined by the protocol/method however it likes */ typedef struct _fastd_protocol_config fastd_protocol_config; +typedef struct _fastd_protocol_state fastd_protocol_state; typedef struct _fastd_protocol_peer_config fastd_protocol_peer_config; typedef struct _fastd_protocol_peer_state fastd_protocol_peer_state; typedef struct _fastd_method_session_state fastd_method_session_state; -- cgit v1.2.3