summaryrefslogtreecommitdiffstats
path: root/src/wireguard.h
diff options
context:
space:
mode:
authorMatt Dunwoodie <ncon@mail.noconroy.net>2019-08-20 21:11:39 +1000
committerMatt Dunwoodie <ncon@mail.noconroy.net>2019-08-20 21:11:39 +1000
commitad9b5e43cb84b77ee05092e530a548ef305cfb4c (patch)
treee0eb383a4d73a038a779b1cfa5856916c4a59c17 /src/wireguard.h
parentSimplify initiation timeout (diff)
downloadwireguard-openbsd-ad9b5e43cb84b77ee05092e530a548ef305cfb4c.tar.xz
wireguard-openbsd-ad9b5e43cb84b77ee05092e530a548ef305cfb4c.zip
Start rework of cookies
Cookies were horribly broken, so this is our new way of handling them.
Diffstat (limited to 'src/wireguard.h')
-rw-r--r--src/wireguard.h12
1 files changed, 10 insertions, 2 deletions
diff --git a/src/wireguard.h b/src/wireguard.h
index 039086665f7..c3e6f3e4203 100644
--- a/src/wireguard.h
+++ b/src/wireguard.h
@@ -78,6 +78,11 @@ struct wg_cookie {
struct timespec time;
};
+struct wg_cookie_maker {
+ uint8_t seed[WG_COOKIE_SIZE];
+ struct timespec time;
+};
+
struct wg_handshake {
struct rwlock hs_lock;
@@ -184,13 +189,15 @@ uint32_t wg_session_clean(struct wg_session *);
enum wg_error wg_handshake_make_initiation(struct wg_handshake *, uint32_t, struct wg_msg_initiation *, struct wg_timers *);
enum wg_error wg_handshake_make_response(struct wg_handshake *, uint32_t, struct wg_msg_response *);
-enum wg_error wg_handshake_make_cookie(struct wg_keypair *kp, struct wg_cookie *, uint32_t, uint8_t *, uint8_t, uint8_t mac[WG_MAC_SIZE], struct wg_msg_cookie *);
+enum wg_error wg_handshake_make_cookie(struct wg_keypair *kp, struct wg_cookie *, uint32_t, uint8_t mac[WG_MAC_SIZE], struct wg_msg_cookie *);
+enum wg_error wg_handshake_make_cookie(struct wg_keypair *, struct wg_cookie *, uint32_t sender, uint8_t mac[WG_MAC_SIZE], struct wg_msg_cookie *m);
enum wg_error wg_handshake_recv_initiation(struct wg_handshake *, struct wg_keypair *, struct wg_msg_initiation *);
enum wg_error wg_handshake_recv_response(struct wg_handshake *, struct wg_msg_response *);
enum wg_error wg_handshake_recv_cookie(struct wg_handshake *, struct wg_msg_cookie *);
-enum wg_error wg_handshake_valid_mac2(struct wg_cookie *, uint8_t *, uint8_t);
+enum wg_error wg_handshake_initiation_valid_mac2(struct wg_cookie *, struct wg_msg_initiation *);
+enum wg_error wg_handshake_response_valid_mac2(struct wg_cookie *, struct wg_msg_response *);
enum wg_error wg_handshake_merge(struct wg_handshake *, struct wg_handshake *);
enum wg_error wg_session_encrypt(struct wg_session *, struct wg_msg_transport *, size_t);
@@ -200,6 +207,7 @@ enum wg_error wg_session_from_handshake(struct wg_session *, struct wg_handshake
void wg_keypair_from_bytes(struct wg_keypair *, const uint8_t [WG_KEY_SIZE]);
void wg_keypair_generate(struct wg_keypair *);
enum wg_pkt_type wg_pkt_type(uint8_t *, size_t);
+void wg_cookie_from_ip(struct wg_cookie *, struct wg_cookie_maker *, uint8_t *, uint8_t);
/* Timer functions */
void wg_timer_setup(struct wg_timers *, void *, void (*)(void *),