diff options
| author |   Jason A. Donenfeld <Jason@zx2c4.com> | 2016-12-09 18:18:55 +0100 |
|---|---|---|
| committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2016-12-09 21:31:12 +0100 |
| commit | 23a7fa09ddd6123dc8e89539d48bb3dffc28fb23 (patch) | |
| tree | 4966d428a2d847d9fd35a4fe639608e2baba9b2a | |
| parent | contrib: add wg-config (diff) | |
| download | wireguard-monolithic-historical-23a7fa09ddd6123dc8e89539d48bb3dffc28fb23.tar.xz wireguard-monolithic-historical-23a7fa09ddd6123dc8e89539d48bb3dffc28fb23.zip | |
socket: clear src address when retrying handshake
| -rw-r--r-- | src/socket.c | 8 | ||||
| -rw-r--r-- | src/socket.h | 1 | ||||
| -rw-r--r-- | src/timers.c | 6 |
3 files changed, 15 insertions, 0 deletions
diff --git a/src/socket.c b/src/socket.c index 0b97818..8506075 100644 --- a/src/socket.c +++ b/src/socket.c @@ -255,6 +255,14 @@ out: read_unlock_bh(&peer->endpoint_lock); } +void socket_clear_peer_endpoint_src(struct wireguard_peer *peer) +{ + write_lock_bh(&peer->endpoint_lock); + memset(&peer->endpoint.src6, 0, sizeof(peer->endpoint.src6)); + dst_cache_reset(&peer->endpoint_cache); + write_unlock_bh(&peer->endpoint_lock); +} + static int receive(struct sock *sk, struct sk_buff *skb) { struct wireguard_device *wg; diff --git a/src/socket.h b/src/socket.h index 5bc9a18..f0d4277 100644 --- a/src/socket.h +++ b/src/socket.h @@ -19,5 +19,6 @@ int socket_send_buffer_as_reply_to_skb(struct wireguard_device *wg, struct sk_bu int socket_endpoint_from_skb(struct endpoint *endpoint, struct sk_buff *skb); void socket_set_peer_endpoint(struct wireguard_peer *peer, struct endpoint *endpoint); +void socket_clear_peer_endpoint_src(struct wireguard_peer *peer); #endif diff --git a/src/timers.c b/src/timers.c index 0b536d3..a11eb90 100644 --- a/src/timers.c +++ b/src/timers.c @@ -39,6 +39,10 @@ static void expired_retransmit_handshake(unsigned long ptr) mod_timer(&peer->timer_kill_ephemerals, jiffies + (REJECT_AFTER_TIME * 3)); goto out; } + + /* We clear the endpoint address src address, in case this is the cause of trouble. */ + socket_clear_peer_endpoint_src(peer); + packet_queue_handshake_initiation(peer); ++peer->timer_handshake_attempts; out: @@ -60,6 +64,8 @@ static void expired_new_handshake(unsigned long ptr) { peer_get_from_ptr(ptr); pr_debug("Retrying handshake with peer %Lu (%pISpfsc) because we stopped hearing back after %d seconds\n", peer->internal_id, &peer->endpoint.addr_storage, (KEEPALIVE_TIMEOUT + REKEY_TIMEOUT) / HZ); + /* We clear the endpoint address src address, in case this is the cause of trouble. */ + socket_clear_peer_endpoint_src(peer); packet_queue_handshake_initiation(peer); peer_put(peer); } |