-void NetConn_UpdateCleartime(double *cleartime, int rate, int burstsize, int len)
+static void NetConn_UpdateCleartime(double *cleartime, int rate, int burstsize, int len)
{
double bursttime = burstsize / (double)rate;
@@ -685,6+707,27 @@ void NetConn_UpdateCleartime(double *cleartime, int rate, int burstsize, int len
}
}
+static int NetConn_AddCryptoFlag(crypto_t *crypto)
+{
+ // HACK: if an encrypted connection is used, randomly set some unused
+ // flags. When AES encryption is enabled, that will make resends differ
+ // from the original, so that e.g. substring filters in a router/IPS
+ // are unlikely to match a second time. See also "startkeylogger".
+ int flag = 0;
+ if (crypto->authenticated)
+ {
+ // Let's always set at least one of the bits.
+ int r = rand() % 7 + 1;
+ if (r & 1)
+ flag |= NETFLAG_CRYPTO0;
+ if (r & 2)
+ flag |= NETFLAG_CRYPTO1;
+ if (r & 4)
+ flag |= NETFLAG_CRYPTO2;
+ }
+ return flag;
+}
+
int NetConn_SendUnreliableMessage(netconn_t *conn, sizebuf_t *data, protocolversion_t protocol, int rate, int burstsize, qboolean quakesignon_suppressreliables)
{
int totallen = 0;
@@ -721,9+764,9 @@ int NetConn_SendUnreliableMessage(netconn_t *conn, sizebuf_t *data, protocolvers
sendreliable = true;
}
// outgoing unreliable packet number, and outgoing reliable packet number (0 or 1)