Extend sptps logging to farfuture and check the seqno before decryption in sptps_receive_data_datagram

src/logger.c

@@ -128,8 +128,9 @@ static void sptps_logger(sptps_t *s, int s_errno, const char *format, va_list ap
 			message[--len] = 0;
 
 		len += snprintf(message + len, sizeof message - len,
-										" [init:%d udp:%d state:%d instate:%d outstate:%d inseqno:%d outseqno:%d] ", s->initiator, s->datagram,
-										s->state, s->instate, s->outstate, s->inseqno, s->outseqno);
+										" [init:%d udp:%d state:%d instate:%d outstate:%d inseqno:%d outseqno:%d farfuture:%d] ", s->initiator, s->datagram,
+										s->state, s->instate, s->outstate, s->inseqno, s->outseqno,
+										s->farfuture);
 
 		// WARNING: s->handle can point to a connection_t or a node_t,
 		// but both types have the name and hostname fields at the same offsets.

src/sptps.c

@@ -512,8 +512,12 @@ static bool sptps_receive_data_datagram(sptps_t *s, const char *data, size_t len
 		return receive_handshake(s, data, len);
 	}
 
-	// Decrypt
+	if(!sptps_check_seqno(s, seqno, true)) {
+		warning(s, "%s@%d: %x/%x\n", __FUNCTION__, __LINE__, s->state, s->outstate);
+		return false;
+	}
 
+	// Decrypt
 	char buffer[len];
 	memset(buffer, 0x00, len);
 	size_t outlen;
@@ -521,10 +525,6 @@ static bool sptps_receive_data_datagram(sptps_t *s, const char *data, size_t len
 	if(!chacha_poly1305_decrypt(s->incipher, seqno, data, len, buffer, &outlen))
 		return error(s, EIO, "Failed to decrypt and verify packet");
 
-	if(!sptps_check_seqno(s, seqno, true)) {
-		warning(s, "%s@%d: %x/%x\n", __FUNCTION__, __LINE__, s->state, s->outstate);
-		return false;
-	}
 
 	// Append a NULL byte for safety.
 	buffer[outlen] = 0;