summaryrefslogtreecommitdiffstats
path: root/src/wireguard.h
diff options
context:
space:
mode:
authorMatt Dunwoodie <ncon@mail.noconroy.net>2019-09-09 12:40:07 +1000
committerMatt Dunwoodie <ncon@mail.noconroy.net>2019-09-09 12:40:07 +1000
commitb519644ae604bac0843224f125f3ba2e0c1baf2f (patch)
treec6267961f4cb3d12cd819a0ae9a3101c759b9cae /src/wireguard.h
parentAdd sysctl support for WireGuard (diff)
downloadwireguard-openbsd-b519644ae604bac0843224f125f3ba2e0c1baf2f.tar.xz
wireguard-openbsd-b519644ae604bac0843224f125f3ba2e0c1baf2f.zip
Move handshake rate limiting to wireguard.c
Diffstat (limited to 'src/wireguard.h')
-rw-r--r--src/wireguard.h12
1 files changed, 7 insertions, 5 deletions
diff --git a/src/wireguard.h b/src/wireguard.h
index aaa5a95ead1..5d90ef65a29 100644
--- a/src/wireguard.h
+++ b/src/wireguard.h
@@ -86,10 +86,12 @@ struct wg_cookie_maker {
struct wg_handshake {
struct rwlock hs_lock;
- uint8_t hs_spub[WG_KEY_SIZE];
- uint8_t hs_shared[WG_KEY_SIZE];
+ uint8_t hs_attempts;
+ uint8_t hs_spub[WG_KEY_SIZE];
+ uint8_t hs_shared[WG_KEY_SIZE];
struct wg_cookie hs_cookie;
struct wg_keypair *hs_skey;
+ struct timespec hs_last_initiation;
struct {
enum wg_state ss_state;
@@ -153,7 +155,6 @@ struct wg_timers {
struct timeout t_broken;
struct timeout t_reinit;
struct timeout t_cleanup;
- struct timespec t_last_initiation;
struct timespec t_last_handshake;
uint16_t t_pka_interval;
};
@@ -199,6 +200,8 @@ struct wg_msg_transport {
enum wg_error {
WG_OK = 0,
WG_TIMESTAMP,
+ WG_HS_ATTEMPTS,
+ WG_HS_RATE,
WG_DECRYPT,
WG_REPLAY,
WG_REJECT,
@@ -226,6 +229,7 @@ enum wg_error wg_handshake_recv_cookie(struct wg_handshake *, struct wg_msg_cook
enum wg_error wg_handshake_initiation_valid_mac2(struct wg_cookie *, struct wg_msg_initiation *);
enum wg_error wg_handshake_response_valid_mac2(struct wg_cookie *, struct wg_msg_response *);
enum wg_error wg_handshake_merge(struct wg_handshake *, struct wg_handshake *);
+void wg_handshake_reset_attempts(struct wg_handshake *);
enum wg_error wg_session_encrypt(struct wg_session *, struct wg_msg_transport *, size_t);
enum wg_error wg_session_decrypt(struct wg_session *, struct wg_msg_transport *, size_t);
@@ -252,8 +256,6 @@ void wg_timer_broken_flag(struct wg_timers *);
void wg_timer_broken_unflag(struct wg_timers *);
void wg_timer_reinit_flag(struct wg_timers *);
void wg_timer_reinit_unflag(struct wg_timers *);
-void wg_timer_initiation_made(struct wg_timers *);
-int wg_timer_initiation_ok(struct wg_timers *);
void wg_timer_session_made(struct wg_timers *);
struct timespec wg_timer_session_last(struct wg_timers *);