Don't send probe replies if we don't have the other's key.

This can happen with the legacy protocol. Don't try to send anything
back in this case, otherwise it will be sent via TCP, which is silly.
This commit is contained in:
Guus Sliepen 2015-01-10 23:58:35 +01:00
parent f3801cb543
commit 6fcfe763aa

View file

@ -97,10 +97,16 @@ static void udp_probe_timeout_handler(void *data) {
static void udp_probe_h(node_t *n, vpn_packet_t *packet, length_t len) {
if(!DATA(packet)[0]) {
logger(DEBUG_TRAFFIC, LOG_INFO, "Got UDP probe request %d from %s (%s)", packet->len, n->name, n->hostname);
/* It's a probe request, send back a reply */
if(!n->status.sptps && !n->status.validkey) {
// But not if we don't have his key.
logger(DEBUG_TRAFFIC, LOG_INFO, "Got UDP probe request from %s (%s) but we don't have his key yet", n->name, n->hostname);
return;
}
logger(DEBUG_TRAFFIC, LOG_INFO, "Got UDP probe request %d from %s (%s)", packet->len, n->name, n->hostname);
/* Type 2 probe replies were introduced in protocol 17.3 */
if ((n->options >> 24) >= 3) {
uint8_t *data = DATA(packet);