diff options
| author |   Avery Pennarun <apenwarr@tailscale.com> | 2019-10-15 22:39:44 -0400 |
|---|---|---|
| committer |   David Crawshaw <david@zentus.com> | 2020-04-02 15:59:00 +1100 |
| commit | d54f0a61aa623548ad5a6fc3deccf4beca9a0c5a (patch) | |
| tree | 1717061ba736dba3b91359dc9f89694dfa2946bb | |
| parent | device: use wgcfg key types (diff) | |
| download | wireguard-go-d54f0a61aa623548ad5a6fc3deccf4beca9a0c5a.tar.xz wireguard-go-d54f0a61aa623548ad5a6fc3deccf4beca9a0c5a.zip | |
device: add debug logs describing handshake rejection
Useful in testing when bad network stacks repeat or
batch large numbers of packets.
Signed-off-by: Avery Pennarun <apenwarr@tailscale.com>
| -rw-r--r-- | device/noise-protocol.go | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/device/noise-protocol.go b/device/noise-protocol.go index 5d9632c..dbb6f93 100644 --- a/device/noise-protocol.go +++ b/device/noise-protocol.go @@ -315,11 +315,15 @@ func (device *Device) ConsumeMessageInitiation(msg *MessageInitiation) *Peer { // protect against replay & flood - var ok bool - ok = timestamp.After(handshake.lastTimestamp) - ok = ok && time.Since(handshake.lastInitiationConsumption) > HandshakeInitationRate + replay := !timestamp.After(handshake.lastTimestamp) + flood := time.Since(handshake.lastInitiationConsumption) <= HandshakeInitationRate handshake.mutex.RUnlock() - if !ok { + if replay { + device.log.Debug.Printf("%v - ConsumeMessageInitiation: handshake replay @ %v\n", peer, timestamp) + return nil + } + if flood { + device.log.Debug.Printf("%v - ConsumeMessageInitiation: handshake flood\n", peer) return nil } |