diff options
Diffstat (limited to 'src/cookie.c')
-rw-r--r-- | src/cookie.c | 14 |
1 files changed, 3 insertions, 11 deletions
diff --git a/src/cookie.c b/src/cookie.c index ce22b53..0e9c211 100644 --- a/src/cookie.c +++ b/src/cookie.c @@ -4,6 +4,7 @@ #include "peer.h" #include "device.h" #include "messages.h" +#include "ratelimiter.h" #include "crypto/blake2s.h" #include "crypto/chacha20poly1305.h" @@ -11,16 +12,12 @@ #include <net/ipv6.h> #include <crypto/algapi.h> -int cookie_checker_init(struct cookie_checker *checker, struct wireguard_device *wg) +void cookie_checker_init(struct cookie_checker *checker, struct wireguard_device *wg) { - int ret = ratelimiter_init(&checker->ratelimiter, wg); - if (ret) - return ret; init_rwsem(&checker->secret_lock); checker->secret_birthdate = get_jiffies_64(); get_random_bytes(checker->secret, NOISE_HASH_LEN); checker->device = wg; - return 0; } enum { COOKIE_KEY_LABEL_LEN = 8 }; @@ -56,11 +53,6 @@ void cookie_checker_precompute_peer_keys(struct wireguard_peer *peer) precompute_key(peer->latest_cookie.message_mac1_key, peer->handshake.remote_static, mac1_key_label); } -void cookie_checker_uninit(struct cookie_checker *checker) -{ - ratelimiter_uninit(&checker->ratelimiter); -} - void cookie_init(struct cookie *cookie) { memset(cookie, 0, sizeof(struct cookie)); @@ -127,7 +119,7 @@ enum cookie_mac_state cookie_validate_packet(struct cookie_checker *checker, str goto out; ret = VALID_MAC_WITH_COOKIE_BUT_RATELIMITED; - if (!ratelimiter_allow(&checker->ratelimiter, skb)) + if (!ratelimiter_allow(skb, dev_net(netdev_pub(checker->device)))) goto out; ret = VALID_MAC_WITH_COOKIE; |