projects / tinc / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Make datagram SPTPS key exchange more robust.
[tinc] / src / graph.c
diff --git a/src/graph.c b/src/graph.c
index b3a2c25..621dd9b 100644 (file)
--- a/src/graph.c
+++ b/src/graph.c
@@ -188,7 +188,8 @@ static void sssp_bfs(void) {
                        e->to->options = e->options;
                        e->to->distance = n->distance + 1;
 
-                       if(e->to->address.sa.sa_family == AF_UNSPEC && e->address.sa.sa_family != AF_UNKNOWN)
+                       if(!e->to->status.reachable || (e->to->address.sa.sa_family == AF_UNSPEC && e->address.sa.sa_family != AF_UNKNOWN)
+)
                                update_node_udp(e->to, &e->address);
 
                        list_insert_tail(todo_list, e->to);
@@ -217,6 +218,7 @@ static void check_reachability(void) {
 
                if(n->status.visited != n->status.reachable) {
                        n->status.reachable = !n->status.reachable;
+                       n->last_state_change = time(NULL);
 
                        if(n->status.reachable) {
                                logger(DEBUG_TRAFFIC, LOG_DEBUG, "Node %s (%s) became reachable",
@@ -226,9 +228,16 @@ static void check_reachability(void) {
                                           n->name, n->hostname);
                        }
 
+                       if(experimental && OPTION_VERSION(n->options) >= 2)
+                               n->status.sptps = true;
+
                        /* TODO: only clear status.validkey if node is unreachable? */
 
                        n->status.validkey = false;
+                       if(n->status.sptps) {
+                               sptps_stop(&n->sptps);
+                               n->status.waitingforkey = false;
+                       }
                        n->last_req_key = 0;
 
                        n->maxmtu = MTU;
@@ -263,10 +272,16 @@ static void check_reachability(void) {
 
                        subnet_update(n, NULL, n->status.reachable);
 
-                       if(!n->status.reachable)
+                       if(!n->status.reachable) {
                                update_node_udp(n, NULL);
-                       else if(n->connection)
-                               send_ans_key(n);
+                       } else if(n->connection) {
+                               if(n->status.sptps) {
+                                       if(n->connection->outgoing)
+                                               send_req_key(n);
+                               } else {
+                                       send_ans_key(n);
+                               }
+                       }
                }
        }
 }
tinc, the VPN daemon