Ensure peers with a meta connection always have our key.

This keeps UDP probes going, which in turn keeps NAT mappings alive.

diff --git a/src/protocol.h b/src/protocol.h
index e611f6e..703f74b 100644 (file)
--- a/src/protocol.h
+++ b/src/protocol.h
@@ -95,7 +95,7 @@ extern bool send_add_subnet(struct connection_t *, const struct subnet_t *);
 extern bool send_del_subnet(struct connection_t *, const struct subnet_t *);
 extern bool send_add_edge(struct connection_t *, const struct edge_t *);
 extern bool send_del_edge(struct connection_t *, const struct edge_t *);
-extern bool send_key_changed();
+extern void send_key_changed();
 extern bool send_req_key(struct node_t *);
 extern bool send_ans_key(struct node_t *);
 extern bool send_tcppacket(struct connection_t *, struct vpn_packet_t *);

diff --git a/src/protocol_key.c b/src/protocol_key.c
index 341d0ac..67f40af 100644 (file)
--- a/src/protocol_key.c
+++ b/src/protocol_key.c
@@ -36,15 +36,19 @@
 
 bool mykeyused = false;
 
-bool send_key_changed() {
-       /* Only send this message if some other daemon requested our key previously.
-          This reduces unnecessary key_changed broadcasts.
-        */
+void send_key_changed() {
+       avl_node_t *node;
+       connection_t *c;
 
-       if(!mykeyused)
-               return true;
+       send_request(broadcast, "%d %x %s", KEY_CHANGED, rand(), myself->name);
+
+       /* Immediately send new keys to directly connected nodes to keep UDP mappings alive */
 
-       return send_request(broadcast, "%d %x %s", KEY_CHANGED, rand(), myself->name);
+       for(node = connection_tree->head; node; node = node->next) {
+               c = node->data;
+               if(c->status.active && c->node && c->node->status.reachable)
+                       send_ans_key(c->node);
+       }
 }
 
 bool key_changed_h(connection_t *c) {