From: Avery Pennarun <apenwarr@tailscale.com>
Date: Wed, 16 Oct 2019 02:39:44 +0000 (-0400)
Subject: device: add debug logs describing handshake rejection
X-Git-Tag: 0.0.20201118~44
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d60857e1a7d82735c01f893f644455fc7ccc423f;p=thirdparty%2Fwireguard-go.git

device: add debug logs describing handshake rejection

Useful in testing when bad network stacks repeat or
batch large numbers of packets.

Signed-off-by: Avery Pennarun <apenwarr@tailscale.com>
---

diff --git a/device/noise-protocol.go b/device/noise-protocol.go
index 6dcc831..a848c47 100644
--- a/device/noise-protocol.go
+++ b/device/noise-protocol.go
@@ -314,11 +314,15 @@ func (device *Device) ConsumeMessageInitiation(msg *MessageInitiation) *Peer {
 
 	// protect against replay & flood
 
-	var ok bool
-	ok = timestamp.After(handshake.lastTimestamp)
-	ok = ok && time.Since(handshake.lastInitiationConsumption) > HandshakeInitationRate
+	replay := !timestamp.After(handshake.lastTimestamp)
+	flood := time.Since(handshake.lastInitiationConsumption) <= HandshakeInitationRate
 	handshake.mutex.RUnlock()
-	if !ok {
+	if replay {
+		device.log.Debug.Printf("%v - ConsumeMessageInitiation: handshake replay @ %v\n", peer, timestamp)
+		return nil
+	}
+	if flood {
+		device.log.Debug.Printf("%v - ConsumeMessageInitiation: handshake flood\n", peer)
 		return nil
 	}