- if(sscanf(c->buffer, "%*d %d %d %d %d " MAX_STRING, &cipher, &digest, &maclength, &compression, buffer) != 5) {
- logger(DEBUG_ALWAYS, LOG_ERR, _("Got bad %s from %s (%s)"), "METAKEY", c->name,
- c->hostname);
- return -1;
+ char shared[ECDH_SHARED_SIZE * 2 + 1];
+
+ if(!ecdh_compute_shared(&c->ecdh, key, shared))
+ return false;
+
+ /* Update our crypto end */
+
+ if(!cipher_open_by_name(&c->incipher, "aes-256-ofb"))
+ return false;
+ if(!digest_open_by_name(&c->indigest, "sha512", -1))
+ return false;
+ if(!cipher_open_by_name(&c->outcipher, "aes-256-ofb"))
+ return false;
+ if(!digest_open_by_name(&c->outdigest, "sha512", -1))
+ return false;
+
+ size_t mykeylen = cipher_keylength(&c->incipher);
+ size_t hiskeylen = cipher_keylength(&c->outcipher);
+
+ char *mykey;
+ char *hiskey;
+ char *seed;
+
+ if(strcmp(myself->name, c->name) < 0) {
+ mykey = key;
+ hiskey = key + mykeylen * 2;
+ xasprintf(&seed, "tinc TCP key expansion %s %s", myself->name, c->name);
+ } else {
+ mykey = key + hiskeylen * 2;
+ hiskey = key;
+ xasprintf(&seed, "tinc TCP key expansion %s %s", c->name, myself->name);