diff --git a/src/net_packet.c b/src/net_packet.c index 07f578e5..724eaa33 100644 --- a/src/net_packet.c +++ b/src/net_packet.c @@ -17,7 +17,7 @@ along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - $Id: net_packet.c,v 1.1.2.26 2003/03/28 13:41:49 guus Exp $ + $Id: net_packet.c,v 1.1.2.27 2003/04/18 21:18:36 guus Exp $ */ #include "config.h" @@ -95,6 +95,7 @@ void receive_udppacket(node_t *n, vpn_packet_t *inpkt) int outlen, outpad; long int complen = MTU + 12; char hmac[EVP_MAX_MD_SIZE]; + int i; cp(); @@ -133,16 +134,26 @@ void receive_udppacket(node_t *n, vpn_packet_t *inpkt) inpkt->len -= sizeof(inpkt->seqno); inpkt->seqno = ntohl(inpkt->seqno); - if(inpkt->seqno <= n->received_seqno) { - if(debug_lvl >= DEBUG_TRAFFIC) - syslog(LOG_DEBUG, - _("Got late or replayed packet from %s (%s), seqno %d"), - n->name, n->hostname, inpkt->seqno); - return; + if(inpkt->seqno != n->received_seqno + 1) { + if(inpkt->seqno >= n->received_seqno + sizeof(n->late) * 8) { + if(debug_lvl >= DEBUG_TRAFFIC) + syslog(LOG_WARNING, _("Lost %d packets from %s (%s)"), + inpkt->seqno - n->received_seqno - 1, n->name, n->hostname); + + memset(n->late, 0, sizeof(n->late)); + } else if (inpkt->seqno <= n->received_seqno) { + if(inpkt->seqno <= n->received_seqno - sizeof(n->late) * 8 || !(n->late[(inpkt->seqno / 8) % sizeof(n->late)] & (1 << inpkt->seqno % 8))) { + syslog(LOG_WARNING, _("Got late or replayed packet from %s (%s), seqno %d, last received %d"), + n->name, n->hostname, inpkt->seqno, n->received_seqno, n->late[(inpkt->seqno / 8) % sizeof(n->late)]); + } else + for(i = n->received_seqno + 1; i < inpkt->seqno; i++) + n->late[(inpkt->seqno / 8) % sizeof(n->late)] |= 1 << i % 8; + } } - + n->received_seqno = inpkt->seqno; - + n->late[(n->received_seqno / 8) % sizeof(n->late)] &= ~(1 << n->received_seqno % 8); + if(n->received_seqno > MAX_SEQNO) keyexpires = 0; diff --git a/src/node.h b/src/node.h index e4dcd524..6e5e68eb 100644 --- a/src/node.h +++ b/src/node.h @@ -17,7 +17,7 @@ along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - $Id: node.h,v 1.1.2.20 2002/09/09 21:24:41 guus Exp $ + $Id: node.h,v 1.1.2.21 2003/04/18 21:18:36 guus Exp $ */ #ifndef __TINC_NODE_H__ @@ -73,6 +73,7 @@ typedef struct node_t { uint32_t sent_seqno; /* Sequence number last sent to this node */ uint32_t received_seqno; /* Sequence number last received from this node */ + unsigned char late[16]; /* Bitfield marking late packets */ } node_t; extern struct node_t *myself; diff --git a/src/protocol_key.c b/src/protocol_key.c index 2453975d..786a8a17 100644 --- a/src/protocol_key.c +++ b/src/protocol_key.c @@ -17,7 +17,7 @@ along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - $Id: protocol_key.c,v 1.1.4.14 2002/09/09 22:33:03 guus Exp $ + $Id: protocol_key.c,v 1.1.4.15 2003/04/18 21:18:36 guus Exp $ */ #include "config.h" @@ -135,6 +135,7 @@ int req_key_h(connection_t *c) if(to == myself) { /* Yes, send our own key back */ mykeyused = 1; from->received_seqno = 0; + memset(from->late, 0, sizeof(from->late)); send_ans_key(c, myself, from); } else { send_req_key(to->nexthop->connection, from, to);