diff options
| author | Othmar Gsenger <otti@anytun.org> | 2007-12-09 14:02:46 +0000 |
|---|---|---|
| committer | Othmar Gsenger <otti@anytun.org> | 2007-12-09 14:02:46 +0000 |
| commit | cdb9796aa53a5a75d8ba97f678cb3c371ea5f8c8 (patch) | |
| tree | b212f9275b065b51441013484518a372403a1863 | |
| parent | disabled replay protection (diff) | |
testing replay protection
| -rw-r--r-- | anytun.cpp | 8 |
1 files changed, 6 insertions, 2 deletions
@@ -151,7 +151,11 @@ bool checkPacketSeqNr(Packet & pack,ConnectionParam & conn) u_int16_t seq = pack.getSeqNr(); // compare sender_id and seq with window if(conn.seq_window_.hasSeqNr(pack.getSenderId(), pack.getSeqNr())) + { + cLog.msg(Log::PRIO_NOTICE) << "Replay attack from " << conn.remote_host_<<":"<< conn.remote_port_<< " seq:"<<pack.getSeqNr() << " sid: "<<pack.getSenderId(); return false; + } + conn.seq_window_.addSeqNr(pack.getSenderId(), pack.getSeqNr()); return true; } @@ -251,8 +255,8 @@ void* receiver(void* p) } //Replay Protection - //if (!checkPacketSeqNr(pack,conn)) - // continue; + if (!checkPacketSeqNr(pack,conn)) + continue; pack.removeHeader(); if (!decryptPacket(pack, c, conn)) |