Prevent oracle attacks (CVE-2018-16737, CVE-2018-16738)

[oweals/tinc.git] / src / connection.h

diff --git a/src/connection.h b/src/connection.h
index 30a645ad4c4dcb725589a1dffa275bceea15b457..629e16b9cc1bc555db64ce91a2abede82865f24c 100644 (file)
--- a/src/connection.h
+++ b/src/connection.h
@@ -42,7 +42,8 @@ typedef struct connection_status_t {
        unsigned int decryptin: 1;      /* 1 if we have to decrypt incoming traffic */
        unsigned int mst: 1;            /* 1 if this connection is part of a minimum spanning tree */
        unsigned int proxy_passed: 1;   /* 1 if we are connecting via a proxy and we have finished talking with it */
-       unsigned int unused: 22;
+       unsigned int tarpit: 1;         /* 1 if the connection should be added to the tarpit */
+       unsigned int unused: 21;
 } connection_status_t;
 
 #include "edge.h"
@@ -109,10 +110,10 @@ extern connection_t *everyone;
 extern void init_connections(void);
 extern void exit_connections(void);
 extern connection_t *new_connection(void) __attribute__((__malloc__));
-extern void free_connection(connection_t *);
-extern void free_connection_partially(connection_t *);
-extern void connection_add(connection_t *);
-extern void connection_del(connection_t *);
+extern void free_connection(connection_t *c);
+extern void free_connection_partially(connection_t *c);
+extern void connection_add(connection_t *c);
+extern void connection_del(connection_t *c);
 extern void dump_connections(void);
 
 #endif