X-Git-Url: https://www.tinc-vpn.org/git/browse?a=blobdiff_plain;f=src%2Fmeta.c;h=4b357982779ccc82e1c3037883d005a7dd413d32;hb=979acc48aded5bb04f1574128d174d56550be302;hp=1c29fe9caee9579f3e12bfbd341dd7202a00e85c;hpb=04fc19112da5e7fcefefcf6e490987cdcfb6f620;p=tinc

diff --git a/src/meta.c b/src/meta.c
index 1c29fe9c..4b357982 100644
--- a/src/meta.c
+++ b/src/meta.c
@@ -30,6 +30,10 @@
 #include "utils.h"
 #include "xalloc.h"
 
+#ifndef MIN
+#define MIN(x, y) (((x)<(y))?(x):(y))
+#endif
+
 bool send_meta_sptps(void *handle, uint8_t type, const void *buffer, size_t length) {
 	connection_t *c = handle;
 
@@ -61,6 +65,13 @@ bool send_meta(connection_t *c, const char *buffer, int length) {
 #ifdef DISABLE_LEGACY
 		return false;
 #else
+		if(length > c->outbudget) {
+			logger(DEBUG_META, LOG_ERR, "Byte limit exceeded for encryption to %s (%s)", c->name, c->hostname);
+			return false;
+		} else {
+			c->outbudget -= length;
+		}
+
 		size_t outlen = length;
 
 		if(!cipher_encrypt(c->outcipher, buffer, length, buffer_prepare(&c->outbuf, length), &outlen, false) || outlen != length) {
@@ -78,6 +89,20 @@ bool send_meta(connection_t *c, const char *buffer, int length) {
 	return true;
 }
 
+void send_meta_raw(connection_t *c, const char *buffer, int length) {
+	if(!c) {
+		logger(DEBUG_ALWAYS, LOG_ERR, "send_meta() called with NULL pointer!");
+		abort();
+	}
+
+	logger(DEBUG_META, LOG_DEBUG, "Sending %d bytes of raw metadata to %s (%s)", length,
+			   c->name, c->hostname);
+
+	buffer_add(&c->outbuf, buffer, length);
+
+	io_set(&c->io, IO_READ | IO_WRITE);
+}
+
 void broadcast_meta(connection_t *from, const char *buffer, int length) {
 	for list_each(connection_t, c, connection_list)
 		if(c != from && c->edge)
@@ -159,8 +184,33 @@ bool receive_meta(connection_t *c) {
 	}
 
 	do {
-		if(c->protocol_minor >= 2)
-			return sptps_receive_data(&c->sptps, bufp, inlen);
+		/* Are we receiving a SPTPS packet? */
+
+		if(c->sptpslen) {
+			int len = MIN(inlen, c->sptpslen - c->inbuf.len);
+			buffer_add(&c->inbuf, bufp, len);
+
+			char *sptpspacket = buffer_read(&c->inbuf, c->sptpslen);
+			if(!sptpspacket)
+				return true;
+
+			if(!receive_tcppacket_sptps(c, sptpspacket, c->sptpslen))
+				return false;
+			c->sptpslen = 0;
+
+			bufp += len;
+			inlen -= len;
+			continue;
+		}
+
+		if(c->protocol_minor >= 2) {
+			int len = sptps_receive_data(&c->sptps, bufp, inlen);
+			if(!len)
+				return false;
+			bufp += len;
+			inlen -= len;
+			continue;
+		}
 
 		if(!c->status.decryptin) {
 			endp = memchr(bufp, '\n', inlen);
@@ -177,6 +227,13 @@ bool receive_meta(connection_t *c) {
 #ifdef DISABLE_LEGACY
 			return false;
 #else
+			if(inlen > c->inbudget) {
+				logger(DEBUG_META, LOG_ERR, "yte limit exceeded for decryption from %s (%s)", c->name, c->hostname);
+				return false;
+			} else {
+				c->inbudget -= inlen;
+			}
+
 			size_t outlen = inlen;
 
 			if(!cipher_decrypt(c->incipher, bufp, inlen, buffer_prepare(&c->inbuf, inlen), &outlen, false) || inlen != outlen) {