Make use of counter_type instead of int when counting bytes and network packets

This is in response to a reported Debian bug, where the connection counter overflows.
<http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=576827>

Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
Acked-by: Gert Doering <gert@greenie.muc.de>

diff --git a/ssl.c b/ssl.c
index 1b275afeabd725481281c7cd707630999c8ec9cb..ddd5ee7e15839a731678808599e25d1779fb57db 100644 (file)
--- a/ssl.c
+++ b/ssl.c
@@ -3747,7 +3747,8 @@ tls_process (struct tls_multi *multi,
           && ks->n_packets >= session->opt->renegotiate_packets)
        || (packet_id_close_to_wrapping (&ks->packet_id.send))))
     {
-      msg (D_TLS_DEBUG_LOW, "TLS: soft reset sec=%d bytes=%d/%d pkts=%d/%d",
+      msg (D_TLS_DEBUG_LOW,
+           "TLS: soft reset sec=%d bytes=" counter_format "/%d pkts=" counter_format "/%d",
           (int)(ks->established + session->opt->renegotiate_seconds - now),
           ks->n_bytes, session->opt->renegotiate_bytes,
           ks->n_packets, session->opt->renegotiate_packets);

diff --git a/ssl.h b/ssl.h
index 9737f265a3facb93cc82d0f8c8338600887b91b2..f3f76c4505e5609c0a18a5169d3f6c1c30a71271 100644 (file)
--- a/ssl.h
+++ b/ssl.h
@@ -376,8 +376,8 @@ struct key_state
   struct reliable *rec_reliable;  /* order incoming ciphertext packets before we pass to TLS */
   struct reliable_ack *rec_ack;          /* buffers all packet IDs we want to ACK back to sender */
 
-  int n_bytes;                  /* how many bytes sent/recvd since last key exchange */
-  int n_packets;                /* how many packets sent/recvd since last key exchange */
+  counter_type n_bytes;                 /* how many bytes sent/recvd since last key exchange */
+  counter_type n_packets;       /* how many packets sent/recvd since last key exchange */
 
   /*
    * If bad username/password, TLS connection will come up but 'authenticated' will be false.