/*
protocol_key.c -- handle the meta-protocol, key exchange
Copyright (C) 1999-2005 Ivo Timmermans,
- 2000-2009 Guus Sliepen <guus@tinc-vpn.org>
+ 2000-2014 Guus Sliepen <guus@tinc-vpn.org>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
#include "utils.h"
#include "xalloc.h"
-bool mykeyused = false;
+static bool mykeyused = false;
-bool send_key_changed() {
- /* Only send this message if some other daemon requested our key previously.
- This reduces unnecessary key_changed broadcasts.
- */
+void send_key_changed(void) {
+ avl_node_t *node;
+ connection_t *c;
- if(!mykeyused)
- return true;
+ send_request(everyone, "%d %x %s", KEY_CHANGED, rand(), myself->name);
+
+ /* Immediately send new keys to directly connected nodes to keep UDP mappings alive */
- return send_request(broadcast, "%d %x %s", KEY_CHANGED, rand(), myself->name);
+ for(node = connection_tree->head; node; node = node->next) {
+ c = node->data;
+ if(c->status.active && c->node && c->node->status.reachable)
+ send_ans_key(c->node);
+ }
}
bool key_changed_h(connection_t *c) {
/* Check if this key request is for us */
if(to == myself) { /* Yes, send our own key back */
- send_ans_key(from);
+ if (!send_ans_key(from))
+ return false;
} else {
if(tunnelserver)
return true;
}
bool send_ans_key(node_t *to) {
- char *key;
-
// Set key parameters
to->incipher = myself->incipher;
to->inkeylength = myself->inkeylength;
to->inkey = xrealloc(to->inkey, to->inkeylength);
// Create a new key
- RAND_pseudo_bytes((unsigned char *)to->inkey, to->inkeylength);
+ if (1 != RAND_bytes((unsigned char *)to->inkey, to->inkeylength)) {
+ int err = ERR_get_error();
+ logger(LOG_ERR, "Failed to generate random for key (%s)", ERR_error_string(err, NULL));
+ return false; // Do not send insecure keys, let connection attempt fail.
+ }
+
if(to->incipher)
EVP_DecryptInit_ex(&to->inctx, to->incipher, NULL, (unsigned char *)to->inkey, (unsigned char *)to->inkey + to->incipher->key_len);
// Reset sequence number and late packet window
mykeyused = true;
to->received_seqno = 0;
- memset(to->late, 0, sizeof(to->late));
+ if(replaywin) memset(to->late, 0, replaywin);
// Convert to hexadecimal and send
- key = alloca(2 * to->inkeylength + 1);
+ char key[2 * to->inkeylength + 1];
bin2hex(to->inkey, key, to->inkeylength);
key[to->inkeylength * 2] = '\0';
return true;
}
- if(!*address) {
+ if(!*address && from->address.sa.sa_family != AF_UNSPEC && to->minmtu) {
char *address, *port;
ifdebug(PROTOCOL) logger(LOG_DEBUG, "Appending reflexive UDP address to ANS_KEY from %s to %s", from->name, to->name);
sockaddr2str(&from->address, &address, &port);
return send_request(to->nexthop->connection, "%s", c->buffer);
}
+ /* Don't use key material until every check has passed. */
+ from->status.validkey = false;
+
/* Update our copy of the origin's packet key */
from->outkey = xrealloc(from->outkey, strlen(key) / 2);
-
- from->outkey = xstrdup(key);
from->outkeylength = strlen(key) / 2;
- hex2bin(key, from->outkey, from->outkeylength);
+ if(!hex2bin(key, from->outkey, from->outkeylength)) {
+ logger(LOG_ERR, "Got bad %s from %s(%s): %s", "ANS_KEY", from->name, from->hostname, "invalid key");
+ return true;
+ }
/* Check and lookup cipher and digest algorithms */
update_node_udp(from, &sa);
}
- if(from->options & OPTION_PMTU_DISCOVERY && !from->mtuprobes)
+ if(from->options & OPTION_PMTU_DISCOVERY && !from->mtuevent)
send_mtu_probe(from);
return true;