diff options
author | Nils Durner <durner@gnunet.org> | 2010-10-08 13:47:49 +0000 |
---|---|---|
committer | Nils Durner <durner@gnunet.org> | 2010-10-08 13:47:49 +0000 |
commit | 60cc64dd7d31a761c0c3c75e3bcb9b31bbd596c4 (patch) | |
tree | 1610ef620b1c6bf67e68290ab55b3ae34c715e1b /src/core | |
parent | b36cf857a67f73f308b7623e74eca7754e2a7acc (diff) | |
download | gnunet-60cc64dd7d31a761c0c3c75e3bcb9b31bbd596c4.tar.gz gnunet-60cc64dd7d31a761c0c3c75e3bcb9b31bbd596c4.zip |
alignment, byte order, discard fake messages faster
Diffstat (limited to 'src/core')
-rw-r--r-- | src/core/gnunet-service-core.c | 110 |
1 files changed, 51 insertions, 59 deletions
diff --git a/src/core/gnunet-service-core.c b/src/core/gnunet-service-core.c index bc4ac407d..f222e2a42 100644 --- a/src/core/gnunet-service-core.c +++ b/src/core/gnunet-service-core.c | |||
@@ -172,17 +172,17 @@ struct EncryptedMessage | |||
172 | struct GNUNET_MessageHeader header; | 172 | struct GNUNET_MessageHeader header; |
173 | 173 | ||
174 | /** | 174 | /** |
175 | * MAC of the encrypted message (starting at 'sequence_number'), | 175 | * Random value used for IV generation. |
176 | * used to verify message integrity. | ||
177 | */ | 176 | */ |
178 | GNUNET_HashCode hmac; | 177 | uint32_t iv_seed GNUNET_PACKED; |
179 | 178 | ||
180 | /** | 179 | /** |
181 | * Random value used for IV generation. Everything after this value | 180 | * MAC of the encrypted message (starting at 'sequence_number'), |
181 | * used to verify message integrity. Everything after this value | ||
182 | * (excluding this value itself) will be encrypted and authenticated. | 182 | * (excluding this value itself) will be encrypted and authenticated. |
183 | * ENCRYPTED_HEADER_SIZE must be set to the offset of the *next* field. | 183 | * ENCRYPTED_HEADER_SIZE must be set to the offset of the *next* field. |
184 | */ | 184 | */ |
185 | uint32_t iv_seed GNUNET_PACKED; | 185 | GNUNET_HashCode hmac; |
186 | 186 | ||
187 | /** | 187 | /** |
188 | * Sequence number, in network byte order. This field | 188 | * Sequence number, in network byte order. This field |
@@ -230,15 +230,15 @@ struct PingMessage | |||
230 | uint32_t iv_seed GNUNET_PACKED; | 230 | uint32_t iv_seed GNUNET_PACKED; |
231 | 231 | ||
232 | /** | 232 | /** |
233 | * Random number chosen to make reply harder. | ||
234 | */ | ||
235 | uint32_t challenge GNUNET_PACKED; | ||
236 | |||
237 | /** | ||
238 | * Intended target of the PING, used primarily to check | 233 | * Intended target of the PING, used primarily to check |
239 | * that decryption actually worked. | 234 | * that decryption actually worked. |
240 | */ | 235 | */ |
241 | struct GNUNET_PeerIdentity target; | 236 | struct GNUNET_PeerIdentity target; |
237 | |||
238 | /** | ||
239 | * Random number chosen to make reply harder. | ||
240 | */ | ||
241 | uint32_t challenge GNUNET_PACKED; | ||
242 | }; | 242 | }; |
243 | 243 | ||
244 | 244 | ||
@@ -260,17 +260,12 @@ struct PongMessage | |||
260 | uint32_t iv_seed GNUNET_PACKED; | 260 | uint32_t iv_seed GNUNET_PACKED; |
261 | 261 | ||
262 | /** | 262 | /** |
263 | * Random number proochosen to make reply harder. Must be | 263 | * Random number to make faking the reply harder. Must be |
264 | * first field after header (this is where we start to encrypt!). | 264 | * first field after header (this is where we start to encrypt!). |
265 | */ | 265 | */ |
266 | uint32_t challenge GNUNET_PACKED; | 266 | uint32_t challenge GNUNET_PACKED; |
267 | 267 | ||
268 | /** | 268 | /** |
269 | * Must be zero. | ||
270 | */ | ||
271 | uint32_t reserved GNUNET_PACKED; | ||
272 | |||
273 | /** | ||
274 | * Desired bandwidth (how much we should send to this | 269 | * Desired bandwidth (how much we should send to this |
275 | * peer / how much is the sender willing to receive). | 270 | * peer / how much is the sender willing to receive). |
276 | */ | 271 | */ |
@@ -737,16 +732,19 @@ derive_auth_key (struct GNUNET_CRYPTO_AuthKey *akey, | |||
737 | uint32_t seed, | 732 | uint32_t seed, |
738 | struct GNUNET_TIME_Absolute creation_time) | 733 | struct GNUNET_TIME_Absolute creation_time) |
739 | { | 734 | { |
740 | static char ctx[] = "authentication key"; | 735 | static const char ctx[] = "authentication key"; |
736 | struct GNUNET_TIME_AbsoluteNBO ctbe; | ||
737 | |||
741 | 738 | ||
739 | ctbe = GNUNET_TIME_absolute_hton (creation_time); | ||
742 | GNUNET_CRYPTO_hmac_derive_key (akey, | 740 | GNUNET_CRYPTO_hmac_derive_key (akey, |
743 | skey, | 741 | skey, |
744 | &seed, | 742 | &seed, |
745 | sizeof(seed), | 743 | sizeof(seed), |
746 | &skey->key, | 744 | &skey->key, |
747 | sizeof(skey->key), | 745 | sizeof(skey->key), |
748 | &creation_time, | 746 | &ctbe, |
749 | sizeof(creation_time), | 747 | sizeof(ctbe), |
750 | ctx, | 748 | ctx, |
751 | sizeof(ctx), NULL); | 749 | sizeof(ctx), NULL); |
752 | } | 750 | } |
@@ -760,7 +758,7 @@ derive_iv (struct GNUNET_CRYPTO_AesInitializationVector *iv, | |||
760 | const struct GNUNET_CRYPTO_AesSessionKey *skey, uint32_t seed, | 758 | const struct GNUNET_CRYPTO_AesSessionKey *skey, uint32_t seed, |
761 | const struct GNUNET_PeerIdentity *identity) | 759 | const struct GNUNET_PeerIdentity *identity) |
762 | { | 760 | { |
763 | static char ctx[] = "initialization vector"; | 761 | static const char ctx[] = "initialization vector"; |
764 | 762 | ||
765 | GNUNET_CRYPTO_aes_derive_iv (iv, | 763 | GNUNET_CRYPTO_aes_derive_iv (iv, |
766 | skey, | 764 | skey, |
@@ -780,7 +778,7 @@ derive_pong_iv (struct GNUNET_CRYPTO_AesInitializationVector *iv, | |||
780 | const struct GNUNET_CRYPTO_AesSessionKey *skey, uint32_t seed, | 778 | const struct GNUNET_CRYPTO_AesSessionKey *skey, uint32_t seed, |
781 | uint32_t challenge, const struct GNUNET_PeerIdentity *identity) | 779 | uint32_t challenge, const struct GNUNET_PeerIdentity *identity) |
782 | { | 780 | { |
783 | static char ctx[] = "pong initialization vector"; | 781 | static const char ctx[] = "pong initialization vector"; |
784 | 782 | ||
785 | GNUNET_CRYPTO_aes_derive_iv (iv, | 783 | GNUNET_CRYPTO_aes_derive_iv (iv, |
786 | skey, | 784 | skey, |
@@ -1047,7 +1045,6 @@ handle_client_init (void *cls, | |||
1047 | /* send init reply message */ | 1045 | /* send init reply message */ |
1048 | irm.header.size = htons (sizeof (struct InitReplyMessage)); | 1046 | irm.header.size = htons (sizeof (struct InitReplyMessage)); |
1049 | irm.header.type = htons (GNUNET_MESSAGE_TYPE_CORE_INIT_REPLY); | 1047 | irm.header.type = htons (GNUNET_MESSAGE_TYPE_CORE_INIT_REPLY); |
1050 | irm.reserved = htonl (0); | ||
1051 | memcpy (&irm.publicKey, | 1048 | memcpy (&irm.publicKey, |
1052 | &my_public_key, | 1049 | &my_public_key, |
1053 | sizeof (struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded)); | 1050 | sizeof (struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded)); |
@@ -1371,10 +1368,10 @@ send_keep_alive (void *cls, | |||
1371 | pm = (struct PingMessage *) &me[1]; | 1368 | pm = (struct PingMessage *) &me[1]; |
1372 | pm->header.size = htons (sizeof (struct PingMessage)); | 1369 | pm->header.size = htons (sizeof (struct PingMessage)); |
1373 | pm->header.type = htons (GNUNET_MESSAGE_TYPE_CORE_PING); | 1370 | pm->header.type = htons (GNUNET_MESSAGE_TYPE_CORE_PING); |
1374 | pm->iv_seed = htonl (GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_NONCE, | 1371 | pm->iv_seed = GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_NONCE, |
1375 | UINT32_MAX)); | 1372 | UINT32_MAX); |
1376 | derive_iv (&iv, &n->encrypt_key, pm->iv_seed, &n->peer); | 1373 | derive_iv (&iv, &n->encrypt_key, pm->iv_seed, &n->peer); |
1377 | pp.challenge = htonl (n->ping_challenge); | 1374 | pp.challenge = n->ping_challenge; |
1378 | pp.target = n->peer; | 1375 | pp.target = n->peer; |
1379 | #if DEBUG_HANDSHAKE | 1376 | #if DEBUG_HANDSHAKE |
1380 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 1377 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
@@ -1388,10 +1385,10 @@ send_keep_alive (void *cls, | |||
1388 | #endif | 1385 | #endif |
1389 | do_encrypt (n, | 1386 | do_encrypt (n, |
1390 | &iv, | 1387 | &iv, |
1391 | &pp.challenge, | 1388 | &pp.target, |
1392 | &pm->challenge, | 1389 | &pm->target, |
1393 | sizeof (struct PingMessage) - | 1390 | sizeof (struct PingMessage) - |
1394 | ((void *) &pm->challenge - (void *) pm)); | 1391 | ((void *) &pm->target - (void *) pm)); |
1395 | process_encrypted_neighbour_queue (n); | 1392 | process_encrypted_neighbour_queue (n); |
1396 | /* reschedule PING job */ | 1393 | /* reschedule PING job */ |
1397 | left = GNUNET_TIME_absolute_get_remaining (GNUNET_TIME_absolute_add (n->last_activity, | 1394 | left = GNUNET_TIME_absolute_get_remaining (GNUNET_TIME_absolute_add (n->last_activity, |
@@ -2790,9 +2787,9 @@ send_key (struct Neighbour *n) | |||
2790 | pm = (struct PingMessage *) &sm[1]; | 2787 | pm = (struct PingMessage *) &sm[1]; |
2791 | pm->header.size = htons (sizeof (struct PingMessage)); | 2788 | pm->header.size = htons (sizeof (struct PingMessage)); |
2792 | pm->header.type = htons (GNUNET_MESSAGE_TYPE_CORE_PING); | 2789 | pm->header.type = htons (GNUNET_MESSAGE_TYPE_CORE_PING); |
2793 | pm->iv_seed = htonl (GNUNET_CRYPTO_random_u32(GNUNET_CRYPTO_QUALITY_NONCE, UINT32_MAX)); | 2790 | pm->iv_seed = GNUNET_CRYPTO_random_u32(GNUNET_CRYPTO_QUALITY_NONCE, UINT32_MAX); |
2794 | derive_iv (&iv, &n->encrypt_key, pm->iv_seed, &n->peer); | 2791 | derive_iv (&iv, &n->encrypt_key, pm->iv_seed, &n->peer); |
2795 | pp.challenge = htonl (n->ping_challenge); | 2792 | pp.challenge = n->ping_challenge; |
2796 | pp.target = n->peer; | 2793 | pp.target = n->peer; |
2797 | #if DEBUG_HANDSHAKE | 2794 | #if DEBUG_HANDSHAKE |
2798 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 2795 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
@@ -2806,10 +2803,10 @@ send_key (struct Neighbour *n) | |||
2806 | #endif | 2803 | #endif |
2807 | do_encrypt (n, | 2804 | do_encrypt (n, |
2808 | &iv, | 2805 | &iv, |
2809 | &pp.challenge, | 2806 | &pp.target, |
2810 | &pm->challenge, | 2807 | &pm->target, |
2811 | sizeof (struct PingMessage) - | 2808 | sizeof (struct PingMessage) - |
2812 | ((void *) &pm->challenge - (void *) pm)); | 2809 | ((void *) &pm->target - (void *) pm)); |
2813 | GNUNET_STATISTICS_update (stats, | 2810 | GNUNET_STATISTICS_update (stats, |
2814 | gettext_noop ("# SET_KEY and PING messages created"), | 2811 | gettext_noop ("# SET_KEY and PING messages created"), |
2815 | 1, | 2812 | 1, |
@@ -2924,17 +2921,17 @@ handle_ping (struct Neighbour *n, const struct PingMessage *m) | |||
2924 | if (GNUNET_OK != | 2921 | if (GNUNET_OK != |
2925 | do_decrypt (n, | 2922 | do_decrypt (n, |
2926 | &iv, | 2923 | &iv, |
2927 | &m->challenge, | 2924 | &m->target, |
2928 | &t.challenge, | 2925 | &t.target, |
2929 | sizeof (struct PingMessage) - | 2926 | sizeof (struct PingMessage) - |
2930 | ((void *) &m->challenge - (void *) m))) | 2927 | ((void *) &m->target - (void *) m))) |
2931 | return; | 2928 | return; |
2932 | #if DEBUG_HANDSHAKE | 2929 | #if DEBUG_HANDSHAKE |
2933 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 2930 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
2934 | "Decrypted `%s' to `%4s' with challenge %u decrypted using key %u, IV %u (salt %u)\n", | 2931 | "Decrypted `%s' to `%4s' with challenge %u decrypted using key %u, IV %u (salt %u)\n", |
2935 | "PING", | 2932 | "PING", |
2936 | GNUNET_i2s (&t.target), | 2933 | GNUNET_i2s (&t.target), |
2937 | (unsigned int) ntohl (t.challenge), | 2934 | (unsigned int) t.challenge, |
2938 | (unsigned int) n->decrypt_key.crc32, | 2935 | (unsigned int) n->decrypt_key.crc32, |
2939 | GNUNET_CRYPTO_crc32_n (&iv, sizeof(iv)), | 2936 | GNUNET_CRYPTO_crc32_n (&iv, sizeof(iv)), |
2940 | m->iv_seed); | 2937 | m->iv_seed); |
@@ -2958,14 +2955,13 @@ handle_ping (struct Neighbour *n, const struct PingMessage *m) | |||
2958 | me->deadline = GNUNET_TIME_relative_to_absolute (MAX_PONG_DELAY); | 2955 | me->deadline = GNUNET_TIME_relative_to_absolute (MAX_PONG_DELAY); |
2959 | me->priority = PONG_PRIORITY; | 2956 | me->priority = PONG_PRIORITY; |
2960 | me->size = sizeof (struct PongMessage); | 2957 | me->size = sizeof (struct PongMessage); |
2961 | tx.reserved = htonl (0); | ||
2962 | tx.inbound_bw_limit = n->bw_in; | 2958 | tx.inbound_bw_limit = n->bw_in; |
2963 | tx.challenge = t.challenge; | 2959 | tx.challenge = t.challenge; |
2964 | tx.target = t.target; | 2960 | tx.target = t.target; |
2965 | tp = (struct PongMessage *) &me[1]; | 2961 | tp = (struct PongMessage *) &me[1]; |
2966 | tp->header.type = htons (GNUNET_MESSAGE_TYPE_CORE_PONG); | 2962 | tp->header.type = htons (GNUNET_MESSAGE_TYPE_CORE_PONG); |
2967 | tp->header.size = htons (sizeof (struct PongMessage)); | 2963 | tp->header.size = htons (sizeof (struct PongMessage)); |
2968 | tp->iv_seed = htonl (GNUNET_CRYPTO_random_u32(GNUNET_CRYPTO_QUALITY_NONCE, UINT32_MAX)); | 2964 | tp->iv_seed = GNUNET_CRYPTO_random_u32(GNUNET_CRYPTO_QUALITY_NONCE, UINT32_MAX); |
2969 | derive_pong_iv (&iv, &n->encrypt_key, tp->iv_seed, t.challenge, &n->peer); | 2965 | derive_pong_iv (&iv, &n->encrypt_key, tp->iv_seed, t.challenge, &n->peer); |
2970 | do_encrypt (n, | 2966 | do_encrypt (n, |
2971 | &iv, | 2967 | &iv, |
@@ -2981,7 +2977,7 @@ handle_ping (struct Neighbour *n, const struct PingMessage *m) | |||
2981 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 2977 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
2982 | "Encrypting `%s' with challenge %u using key %u, IV %u (salt %u)\n", | 2978 | "Encrypting `%s' with challenge %u using key %u, IV %u (salt %u)\n", |
2983 | "PONG", | 2979 | "PONG", |
2984 | (unsigned int) ntohl (t.challenge), | 2980 | (unsigned int) t.challenge, |
2985 | (unsigned int) n->encrypt_key.crc32, | 2981 | (unsigned int) n->encrypt_key.crc32, |
2986 | GNUNET_CRYPTO_crc32_n (&iv, sizeof(iv)), | 2982 | GNUNET_CRYPTO_crc32_n (&iv, sizeof(iv)), |
2987 | tp->iv_seed); | 2983 | tp->iv_seed); |
@@ -3012,7 +3008,7 @@ handle_pong (struct Neighbour *n, | |||
3012 | #endif | 3008 | #endif |
3013 | /* mark as garbage, just to be sure */ | 3009 | /* mark as garbage, just to be sure */ |
3014 | memset (&t, 255, sizeof (t)); | 3010 | memset (&t, 255, sizeof (t)); |
3015 | derive_pong_iv (&iv, &n->decrypt_key, m->iv_seed, htonl (n->ping_challenge), | 3011 | derive_pong_iv (&iv, &n->decrypt_key, m->iv_seed, n->ping_challenge, |
3016 | &my_identity); | 3012 | &my_identity); |
3017 | if (GNUNET_OK != | 3013 | if (GNUNET_OK != |
3018 | do_decrypt (n, | 3014 | do_decrypt (n, |
@@ -3034,20 +3030,15 @@ handle_pong (struct Neighbour *n, | |||
3034 | "Decrypted `%s' from `%4s' with challenge %u using key %u, IV %u (salt %u)\n", | 3030 | "Decrypted `%s' from `%4s' with challenge %u using key %u, IV %u (salt %u)\n", |
3035 | "PONG", | 3031 | "PONG", |
3036 | GNUNET_i2s (&t.target), | 3032 | GNUNET_i2s (&t.target), |
3037 | (unsigned int) ntohl (t.challenge), | 3033 | (unsigned int) t.challenge, |
3038 | (unsigned int) n->decrypt_key.crc32, | 3034 | (unsigned int) n->decrypt_key.crc32, |
3039 | GNUNET_CRYPTO_crc32_n (&iv, sizeof(iv)), | 3035 | GNUNET_CRYPTO_crc32_n (&iv, sizeof(iv)), |
3040 | m->iv_seed); | 3036 | m->iv_seed); |
3041 | #endif | 3037 | #endif |
3042 | if (0 != ntohl (t.reserved)) | ||
3043 | { | ||
3044 | GNUNET_break_op (0); | ||
3045 | return; | ||
3046 | } | ||
3047 | if ((0 != memcmp (&t.target, | 3038 | if ((0 != memcmp (&t.target, |
3048 | &n->peer, | 3039 | &n->peer, |
3049 | sizeof (struct GNUNET_PeerIdentity))) || | 3040 | sizeof (struct GNUNET_PeerIdentity))) || |
3050 | (n->ping_challenge != ntohl (t.challenge))) | 3041 | (n->ping_challenge != t.challenge)) |
3051 | { | 3042 | { |
3052 | /* PONG malformed */ | 3043 | /* PONG malformed */ |
3053 | #if DEBUG_CORE | 3044 | #if DEBUG_CORE |
@@ -3059,7 +3050,7 @@ handle_pong (struct Neighbour *n, | |||
3059 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 3050 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
3060 | "Received malformed `%s' received from `%4s' with challenge %u\n", | 3051 | "Received malformed `%s' received from `%4s' with challenge %u\n", |
3061 | "PONG", GNUNET_i2s (&t.target), | 3052 | "PONG", GNUNET_i2s (&t.target), |
3062 | (unsigned int) ntohl (t.challenge)); | 3053 | (unsigned int) t.challenge); |
3063 | #endif | 3054 | #endif |
3064 | GNUNET_break_op (0); | 3055 | GNUNET_break_op (0); |
3065 | return; | 3056 | return; |
@@ -3437,16 +3428,6 @@ handle_encrypted_message (struct Neighbour *n, | |||
3437 | "Core service receives `%s' request from `%4s'.\n", | 3428 | "Core service receives `%s' request from `%4s'.\n", |
3438 | "ENCRYPTED_MESSAGE", GNUNET_i2s (&n->peer)); | 3429 | "ENCRYPTED_MESSAGE", GNUNET_i2s (&n->peer)); |
3439 | #endif | 3430 | #endif |
3440 | derive_iv (&iv, &n->decrypt_key, m->iv_seed, &my_identity); | ||
3441 | /* decrypt */ | ||
3442 | if (GNUNET_OK != | ||
3443 | do_decrypt (n, | ||
3444 | &iv, | ||
3445 | &m->sequence_number, | ||
3446 | &buf[ENCRYPTED_HEADER_SIZE], | ||
3447 | size - ENCRYPTED_HEADER_SIZE)) | ||
3448 | return; | ||
3449 | pt = (struct EncryptedMessage *) buf; | ||
3450 | /* validate hash */ | 3431 | /* validate hash */ |
3451 | derive_auth_key (&auth_key, | 3432 | derive_auth_key (&auth_key, |
3452 | &n->decrypt_key, | 3433 | &n->decrypt_key, |
@@ -3463,6 +3444,7 @@ handle_encrypted_message (struct Neighbour *n, | |||
3463 | size - ENCRYPTED_HEADER_SIZE), | 3444 | size - ENCRYPTED_HEADER_SIZE), |
3464 | GNUNET_h2s (&ph)); | 3445 | GNUNET_h2s (&ph)); |
3465 | #endif | 3446 | #endif |
3447 | |||
3466 | if (0 != memcmp (&ph, | 3448 | if (0 != memcmp (&ph, |
3467 | &m->hmac, | 3449 | &m->hmac, |
3468 | sizeof (GNUNET_HashCode))) | 3450 | sizeof (GNUNET_HashCode))) |
@@ -3471,6 +3453,16 @@ handle_encrypted_message (struct Neighbour *n, | |||
3471 | GNUNET_break_op (0); | 3453 | GNUNET_break_op (0); |
3472 | return; | 3454 | return; |
3473 | } | 3455 | } |
3456 | derive_iv (&iv, &n->decrypt_key, m->iv_seed, &my_identity); | ||
3457 | /* decrypt */ | ||
3458 | if (GNUNET_OK != | ||
3459 | do_decrypt (n, | ||
3460 | &iv, | ||
3461 | &m->sequence_number, | ||
3462 | &buf[ENCRYPTED_HEADER_SIZE], | ||
3463 | size - ENCRYPTED_HEADER_SIZE)) | ||
3464 | return; | ||
3465 | pt = (struct EncryptedMessage *) buf; | ||
3474 | 3466 | ||
3475 | /* validate sequence number */ | 3467 | /* validate sequence number */ |
3476 | snum = ntohl (pt->sequence_number); | 3468 | snum = ntohl (pt->sequence_number); |