--- ansh/src/utils.c	2011/10/14 12:45:09	1.1.1.1.2.12
+++ ansh/src/utils.c	2011/10/31 09:46:18	1.2.2.1
@@ -3,7 +3,7 @@
  *  by Michael Pounov <misho@elwix.org>
  *
  * $Author: misho $
- * $Id: utils.c,v 1.1.1.1.2.12 2011/10/14 12:45:09 misho Exp $
+ * $Id: utils.c,v 1.2.2.1 2011/10/31 09:46:18 misho Exp $
  *
  *************************************************************************
 The ELWIX and AITNET software is distributed under the following
@@ -133,7 +133,6 @@ PrepareL3(const struct sockaddr *sa, int *bpflen)
 	int h, n = 1;
 
 	FTRACE(3);
-	assert(sa);
 
 	h = socket(sa->sa_family, SOCK_RAW, IPPROTO_ICMP);
 	if (h == -1) {
@@ -147,7 +146,7 @@ PrepareL3(const struct sockaddr *sa, int *bpflen)
 		return -1;
 	}
 	*/
-	if (bind(h, sa, sizeof(struct sockaddr)) == -1) {
+	if (sa && bind(h, sa, sizeof(struct sockaddr)) == -1) {
 		printf("Error:: Cant bind to raw socket #%d - %s\n", errno, strerror(errno));
 		close(h);
 		return -1;
@@ -206,6 +205,8 @@ icmpRecv(int s, u_int * __restrict seq, u_short * __re
 			VERB(3) LOG("Channel SECURED:: Plain text communication not supported at this moment ...");
 			return ANSH_FLG_ERR;
 		}
+		if (ntohl(hdr->ansh_nonce) != *crypted)
+			VERB(4) LOG("Detect change of nonce from %x to %x", *crypted, ntohl(hdr->ansh_nonce));
 
 		*crypted = ntohl(hdr->ansh_nonce);
 	}
@@ -285,7 +286,7 @@ icmpSend(int s, u_int seq, u_short id, char flg, u_int
 static int
 _pkt_Send(int s, u_int seq, char flg, u_int crypted, u_char *data, int datlen, struct io_ether_addr *ea)
 {
-	u_char *pos, buf[USHRT_MAX] = { 0 };
+	u_char *pos, *str, buf[USHRT_MAX] = { 0 };
 	struct ether_header *e = (struct ether_header*) buf;
 	struct ansh_hdr *hdr;
 	int ret = 0;
@@ -301,6 +302,14 @@ _pkt_Send(int s, u_int seq, char flg, u_int crypted, u
 
 	memcpy(pos, data, datlen);
 
+	if (Crypted) {
+		str = cryptBuffer(pos, datlen, Crypted);
+		if (str) {
+			memcpy(pos, str, datlen);
+			free(str);
+		}
+	}
+
 	hdr->ansh_ver = ANSH_VERSION;
 	hdr->ansh_flg = flg;
 	hdr->ansh_len = htons(datlen + sizeof(struct ansh_hdr));
@@ -352,6 +361,7 @@ _pkt_Recv(u_char * __restrict buf, int rlen, u_int * _
 	struct bpf_hdr *bpf;
 	struct ansh_hdr *hdr;
 	u_int crc;
+	u_char *str;
 
 	if (rlen < (sizeof(struct bpf_hdr) + ETHER_HDR_LEN + sizeof(struct ansh_hdr))) {
 		VERB(1) LOG("Discard packet too short %d ...", rlen);
@@ -384,6 +394,8 @@ _pkt_Recv(u_char * __restrict buf, int rlen, u_int * _
 			VERB(3) LOG("Channel SECURED:: Plain text communication not supported at this moment ...");
 			return ANSH_FLG_ERR;
 		}
+		if (ntohl(hdr->ansh_nonce) != *crypted)
+			VERB(4) LOG("Detect change of nonce from %x to %x", *crypted, ntohl(hdr->ansh_nonce));
 
 		*crypted = ntohl(hdr->ansh_nonce);
 	}
@@ -400,6 +412,16 @@ _pkt_Recv(u_char * __restrict buf, int rlen, u_int * _
 	/* select data */
 	if (data) {
 		*datlen = ntohs(hdr->ansh_len) - sizeof(struct ansh_hdr);
+		if (Crypted) {
+			str = cryptBuffer(buf + bpf->bh_hdrlen + ETHER_HDR_LEN + sizeof(struct ansh_hdr), 
+					*datlen, Crypted);
+			if (str) {
+				memcpy(buf + bpf->bh_hdrlen + ETHER_HDR_LEN + sizeof(struct ansh_hdr), 
+						str, *datlen);
+				free(str);
+			}
+		}
+
 		memcpy(data, buf + bpf->bh_hdrlen + ETHER_HDR_LEN + sizeof(struct ansh_hdr), *datlen);
 	}