projects
/
tinc
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Handle truncated message authentication codes.
[tinc]
/
src
/
protocol_auth.c
diff --git
a/src/protocol_auth.c
b/src/protocol_auth.c
index
291c4b0
..
aa0fd36
100644
(file)
--- a/
src/protocol_auth.c
+++ b/
src/protocol_auth.c
@@
-1,7
+1,7
@@
/*
protocol_auth.c -- handle the meta-protocol, authentication
Copyright (C) 1999-2005 Ivo Timmermans,
/*
protocol_auth.c -- handle the meta-protocol, authentication
Copyright (C) 1999-2005 Ivo Timmermans,
- 2000-200
7
Guus Sliepen <guus@tinc-vpn.org>
+ 2000-200
9
Guus Sliepen <guus@tinc-vpn.org>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@
-40,6
+40,8
@@
bool send_id(connection_t *c) {
cp();
bool send_id(connection_t *c) {
cp();
+ gettimeofday(&c->start, NULL);
+
return send_request(c, "%d %s %d", ID, myself->connection->name,
myself->connection->protocol_version);
}
return send_request(c, "%d %s %d", ID, myself->connection->name,
myself->connection->protocol_version);
}
@@
-122,7
+124,7
@@
bool send_metakey(connection_t *c) {
if(!cipher_open_blowfish_ofb(&c->outcipher))
return false;
if(!cipher_open_blowfish_ofb(&c->outcipher))
return false;
- if(!digest_open_sha1(&c->outdigest))
+ if(!digest_open_sha1(&c->outdigest
, -1
))
return false;
/* Create a random key */
return false;
/* Create a random key */
@@
-205,7
+207,7
@@
bool metakey_h(connection_t *c, char *request) {
/* Decrypt the meta key */
if(!rsa_private_decrypt(&myself->connection->rsa, enckey, len, key)) {
/* Decrypt the meta key */
if(!rsa_private_decrypt(&myself->connection->rsa, enckey, len, key)) {
- logger(LOG_ERR, _("Error during
en
cryption of meta key for %s (%s)"), c->name, c->hostname);
+ logger(LOG_ERR, _("Error during
de
cryption of meta key for %s (%s)"), c->name, c->hostname);
return false;
}
return false;
}
@@
-222,7
+224,7
@@
bool metakey_h(connection_t *c, char *request) {
return false;
}
return false;
}
- if(!digest_open_by_nid(&c->indigest, digest)) {
+ if(!digest_open_by_nid(&c->indigest, digest
, -1
)) {
logger(LOG_ERR, _("Error during initialisation of digest from %s (%s)"), c->name, c->hostname);
return false;
}
logger(LOG_ERR, _("Error during initialisation of digest from %s (%s)"), c->name, c->hostname);
return false;
}
@@
-241,7
+243,7
@@
bool send_challenge(connection_t *c) {
cp();
if(!c->hischallenge)
cp();
if(!c->hischallenge)
- c->hischallenge = x
malloc(
len);
+ c->hischallenge = x
realloc(c->hischallenge,
len);
/* Copy random data to the buffer */
/* Copy random data to the buffer */
@@
-333,6
+335,7
@@
bool chal_reply_h(connection_t *c, char *request) {
*/
free(c->hischallenge);
*/
free(c->hischallenge);
+ c->hischallenge = NULL;
c->allow_request = ACK;
return send_ack(c);
c->allow_request = ACK;
return send_ack(c);
@@
-360,7
+363,7
@@
bool send_ack(connection_t *c) {
if((get_config_bool(lookup_config(c->config_tree, "TCPOnly"), &choice) && choice) || myself->options & OPTION_TCPONLY)
c->options |= OPTION_TCPONLY | OPTION_INDIRECT;
if((get_config_bool(lookup_config(c->config_tree, "TCPOnly"), &choice) && choice) || myself->options & OPTION_TCPONLY)
c->options |= OPTION_TCPONLY | OPTION_INDIRECT;
- if(
(get_config_bool(lookup_config(c->config_tree, "PMTUDiscovery"), &choice) && choice) ||
myself->options & OPTION_PMTU_DISCOVERY)
+ if(myself->options & OPTION_PMTU_DISCOVERY)
c->options |= OPTION_PMTU_DISCOVERY;
get_config_int(lookup_config(c->config_tree, "Weight"), &c->estimated_weight);
c->options |= OPTION_PMTU_DISCOVERY;
get_config_int(lookup_config(c->config_tree, "Weight"), &c->estimated_weight);
@@
-445,6
+448,10
@@
bool ack_h(connection_t *c, char *request) {
n->connection = c;
c->node = n;
n->connection = c;
c->node = n;
+ if(!(c->options & options & OPTION_PMTU_DISCOVERY)) {
+ c->options &= ~OPTION_PMTU_DISCOVERY;
+ options &= ~OPTION_PMTU_DISCOVERY;
+ }
c->options |= options;
if(get_config_int(lookup_config(c->config_tree, "PMTU"), &mtu) && mtu < n->mtu)
c->options |= options;
if(get_config_int(lookup_config(c->config_tree, "PMTU"), &mtu) && mtu < n->mtu)