no need to send multiple probe packets as an ESP keepalive

author Daniel Lenski <dlenski@gmail.com>

Sun, 6 Jan 2019 10:07:51 +0000 (02:07 -0800)

committer Daniel Lenski <dlenski@gmail.com>

Wed, 9 Jan 2019 19:46:21 +0000 (11:46 -0800)
author Daniel Lenski <dlenski@gmail.com>
Sun, 6 Jan 2019 10:07:51 +0000 (02:07 -0800)
committer Daniel Lenski <dlenski@gmail.com>
Wed, 9 Jan 2019 19:46:21 +0000 (11:46 -0800)
diff --git a/oncp.c b/oncp.c

index 4e625e004005ac86dc0748f85da815092ea087f2..3a878700aa957f9bdb5d4461adc49f766f0f3de9 100644 (file)
--- a/oncp.c
+++ b/oncp.c
@@ -1282,7 +1282,7 @@ void oncp_esp_close(struct openconnect_info *vpninfo)
  int oncp_esp_send_probes(struct openconnect_info *vpninfo)
  {
         struct pkt *pkt;
-       int pktlen;
+       int pktlen, seq;
  
         if (vpninfo->dtls_fd == -1) {
                 int fd = udp_connect(vpninfo);
@@ -1301,18 +1301,13 @@ int oncp_esp_send_probes(struct openconnect_info *vpninfo)
         if (!pkt)
                 return -ENOMEM;
  
-       pkt->len = 1;
-       pkt->data[0] = 0;
-       pktlen = encrypt_esp_packet(vpninfo, pkt);
-       if (pktlen >= 0)
-               send(vpninfo->dtls_fd, (void *)&pkt->esp, pktlen, 0);
-
-       pkt->len = 1;
-       pkt->data[0] = 0;
-       pktlen = encrypt_esp_packet(vpninfo, pkt);
-       if (pktlen >= 0)
-               send(vpninfo->dtls_fd, (void *)&pkt->esp, pktlen, 0);
-
+       for (seq=1; seq <= (vpninfo->dtls_state==DTLS_CONNECTED ? 1 : 2); seq++) {
+               pkt->len = 1;
+               pkt->data[0] = 0;
+               pktlen = encrypt_esp_packet(vpninfo, pkt);
+               if (pktlen >= 0)
+                       send(vpninfo->dtls_fd, (void *)&pkt->esp, pktlen, 0);
+       }
         free(pkt);
  
         vpninfo->dtls_times.last_tx = time(&vpninfo->new_dtls_started);
author	Daniel Lenski <dlenski@gmail.com>
	Sun, 6 Jan 2019 10:07:51 +0000 (02:07 -0800)
committer	Daniel Lenski <dlenski@gmail.com>
	Wed, 9 Jan 2019 19:46:21 +0000 (11:46 -0800)