X-Git-Url: https://www.tinc-vpn.org/git/browse?a=blobdiff_plain;f=src%2Fsptps.c;h=62cfb1f9922cf9375c41f6ed90c286404c30b9d9;hb=22d804d4467cfe9f3926ab6d37b69c3760395b6c;hp=720693408eda950437a8aac4d6b2b7f813f67def;hpb=fa20cfceecee1756ecb7882b6fe9167f4db92777;p=tinc

diff --git a/src/sptps.c b/src/sptps.c
index 72069340..62cfb1f9 100644
--- a/src/sptps.c
+++ b/src/sptps.c
@@ -400,7 +400,7 @@ static bool receive_handshake(sptps_t *s, const char *data, uint16_t len) {
 			return true;
 		// TODO: split ACK into a VERify and ACK?
 		default:
-			return error(s, EIO, "Invalid session state");
+			return error(s, EIO, "Invalid session state %d", s->state);
 	}
 }
 
@@ -466,7 +466,8 @@ static bool sptps_receive_data_datagram(sptps_t *s, const char *data, size_t len
 
 				// Unless we have seen lots of them, in which case we consider the others lost.
 				warning(s, "Lost %d packets\n", seqno - s->inseqno);
-				memset(s->late, 0, s->replaywin);
+				// Mark all packets in the replay window as being late.
+				memset(s->late, 255, s->replaywin);
 			} else if (seqno < s->inseqno) {
 				// If the sequence number is farther in the past than the bitmap goes, or if the packet was already received, drop it.
 				if((s->inseqno >= s->replaywin * 8 && seqno < s->inseqno - s->replaywin * 8) || !(s->late[(seqno / 8) % s->replaywin] & (1 << seqno % 8)))
@@ -483,7 +484,7 @@ static bool sptps_receive_data_datagram(sptps_t *s, const char *data, size_t len
 		s->farfuture = 0;
 	}
 
-	if(seqno > s->inseqno)
+	if(seqno >= s->inseqno)
 		s->inseqno = seqno + 1;
 
 	if(!s->inseqno)
@@ -512,7 +513,7 @@ static bool sptps_receive_data_datagram(sptps_t *s, const char *data, size_t len
 		if(!receive_handshake(s, buffer + 7, len - 21))
 			return false;
 	} else {
-		return error(s, EIO, "Invalid record type");
+		return error(s, EIO, "Invalid record type %d", type);
 	}
 
 	return true;
@@ -521,7 +522,7 @@ static bool sptps_receive_data_datagram(sptps_t *s, const char *data, size_t len
 // Receive incoming data. Check if it contains a complete record, if so, handle it.
 bool sptps_receive_data(sptps_t *s, const char *data, size_t len) {
 	if(!s->state)
-		return error(s, EIO, "Invalid session state");
+		return error(s, EIO, "Invalid session state zero");
 
 	if(s->datagram)
 		return sptps_receive_data_datagram(s, data, len);
@@ -605,7 +606,7 @@ bool sptps_receive_data(sptps_t *s, const char *data, size_t len) {
 			if(!receive_handshake(s, s->inbuf + 7, s->reclen))
 				return false;
 		} else {
-			return error(s, EIO, "Invalid record type");
+			return error(s, EIO, "Invalid record type %d", type);
 		}
 
 		s->buflen = 4;
@@ -629,6 +630,7 @@ bool sptps_start(sptps_t *s, void *handle, bool initiator, bool datagram, ecdsa_
 		s->late = malloc(s->replaywin);
 		if(!s->late)
 			return error(s, errno, strerror(errno));
+		memset(s->late, 0, s->replaywin);
 	}
 
 	s->label = malloc(labellen);