projects
/
tinc
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Do not break strict aliasing of status_t structs.
[tinc]
/
src
/
protocol_auth.c
diff --git
a/src/protocol_auth.c
b/src/protocol_auth.c
index
94e602f
..
f8a15be
100644
(file)
--- a/
src/protocol_auth.c
+++ b/
src/protocol_auth.c
@@
-1,7
+1,7
@@
/*
protocol_auth.c -- handle the meta-protocol, authentication
/*
protocol_auth.c -- handle the meta-protocol, authentication
- Copyright (C) 1999-200
3 Ivo Timmermans <ivo@o2w.nl>
,
- 2000-200
3 Guus Sliepen <guus@sliepen.eu
.org>
+ Copyright (C) 1999-200
5 Ivo Timmermans
,
+ 2000-200
6 Guus Sliepen <guus@tinc-vpn
.org>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@
-17,7
+17,7
@@
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
- $Id
: protocol_auth.c,v 1.1.4.33 2003/12/20 21:25:17 guus Exp
$
+ $Id$
*/
#include "system.h"
*/
#include "system.h"
@@
-76,8
+76,11
@@
bool id_h(connection_t *c)
c->name);
return false;
}
c->name);
return false;
}
- } else
+ } else {
+ if(c->name)
+ free(c->name);
c->name = xstrdup(name);
c->name = xstrdup(name);
+ }
/* Check if version matches */
/* Check if version matches */
@@
-115,7
+118,7
@@
bool id_h(connection_t *c)
bool send_metakey(connection_t *c)
{
bool send_metakey(connection_t *c)
{
- char
buffer[MAX_STRING_SIZE]
;
+ char
*buffer
;
int len;
bool x;
int len;
bool x;
@@
-125,6
+128,8
@@
bool send_metakey(connection_t *c)
/* Allocate buffers for the meta key */
/* Allocate buffers for the meta key */
+ buffer = alloca(2 * len + 1);
+
if(!c->outkey)
c->outkey = xmalloc(len);
if(!c->outkey)
c->outkey = xmalloc(len);
@@
-133,7
+138,7
@@
bool send_metakey(connection_t *c)
cp();
/* Copy random data to the buffer */
cp();
/* Copy random data to the buffer */
- RAND_pseudo_bytes(c->outkey, len);
+ RAND_pseudo_bytes(
(unsigned char *)
c->outkey, len);
/* The message we send must be smaller than the modulus of the RSA key.
By definition, for a key of k bits, the following formula holds:
/* The message we send must be smaller than the modulus of the RSA key.
By definition, for a key of k bits, the following formula holds:
@@
-161,7
+166,7
@@
bool send_metakey(connection_t *c)
with a length equal to that of the modulus of the RSA key.
*/
with a length equal to that of the modulus of the RSA key.
*/
- if(RSA_public_encrypt(len,
c->outkey,
buffer, c->rsa_key, RSA_NO_PADDING) != len) {
+ if(RSA_public_encrypt(len,
(unsigned char *)c->outkey, (unsigned char *)
buffer, c->rsa_key, RSA_NO_PADDING) != len) {
logger(LOG_ERR, _("Error during encryption of meta key for %s (%s)"),
c->name, c->hostname);
return false;
logger(LOG_ERR, _("Error during encryption of meta key for %s (%s)"),
c->name, c->hostname);
return false;
@@
-183,8
+188,8
@@
bool send_metakey(connection_t *c)
if(c->outcipher) {
if(!EVP_EncryptInit(c->outctx, c->outcipher,
if(c->outcipher) {
if(!EVP_EncryptInit(c->outctx, c->outcipher,
- c->outkey + len - c->outcipher->key_len,
- c->outkey + len - c->outcipher->key_len -
+
(unsigned char *)
c->outkey + len - c->outcipher->key_len,
+
(unsigned char *)
c->outkey + len - c->outcipher->key_len -
c->outcipher->iv_len)) {
logger(LOG_ERR, _("Error during initialisation of cipher for %s (%s): %s"),
c->name, c->hostname, ERR_error_string(ERR_get_error(), NULL));
c->outcipher->iv_len)) {
logger(LOG_ERR, _("Error during initialisation of cipher for %s (%s): %s"),
c->name, c->hostname, ERR_error_string(ERR_get_error(), NULL));
@@
-234,7
+239,7
@@
bool metakey_h(connection_t *c)
/* Decrypt the meta key */
/* Decrypt the meta key */
- if(RSA_private_decrypt(len,
buffer, c->inkey, myself->connection->rsa_key, RSA_NO_PADDING) != len) {
/* See challenge() */
+ if(RSA_private_decrypt(len,
(unsigned char *)buffer, (unsigned char *)c->inkey, myself->connection->rsa_key, RSA_NO_PADDING) != len) {
/* See challenge() */
logger(LOG_ERR, _("Error during encryption of meta key for %s (%s)"),
c->name, c->hostname);
return false;
logger(LOG_ERR, _("Error during encryption of meta key for %s (%s)"),
c->name, c->hostname);
return false;
@@
-259,8
+264,8
@@
bool metakey_h(connection_t *c)
}
if(!EVP_DecryptInit(c->inctx, c->incipher,
}
if(!EVP_DecryptInit(c->inctx, c->incipher,
- c->inkey + len - c->incipher->key_len,
- c->inkey + len - c->incipher->key_len -
+
(unsigned char *)
c->inkey + len - c->incipher->key_len,
+
(unsigned char *)
c->inkey + len - c->incipher->key_len -
c->incipher->iv_len)) {
logger(LOG_ERR, _("Error during initialisation of cipher from %s (%s): %s"),
c->name, c->hostname, ERR_error_string(ERR_get_error(), NULL));
c->incipher->iv_len)) {
logger(LOG_ERR, _("Error during initialisation of cipher from %s (%s): %s"),
c->name, c->hostname, ERR_error_string(ERR_get_error(), NULL));
@@
-299,7
+304,7
@@
bool metakey_h(connection_t *c)
bool send_challenge(connection_t *c)
{
bool send_challenge(connection_t *c)
{
- char
buffer[MAX_STRING_SIZE]
;
+ char
*buffer
;
int len;
cp();
int len;
cp();
@@
-310,12
+315,14
@@
bool send_challenge(connection_t *c)
/* Allocate buffers for the challenge */
/* Allocate buffers for the challenge */
+ buffer = alloca(2 * len + 1);
+
if(!c->hischallenge)
c->hischallenge = xmalloc(len);
/* Copy random data to the buffer */
if(!c->hischallenge)
c->hischallenge = xmalloc(len);
/* Copy random data to the buffer */
- RAND_pseudo_bytes(c->hischallenge, len);
+ RAND_pseudo_bytes(
(unsigned char *)
c->hischallenge, len);
/* Convert to hex */
/* Convert to hex */
@@
-377,7
+384,7
@@
bool send_chal_reply(connection_t *c)
if(!EVP_DigestInit(&ctx, c->indigest)
|| !EVP_DigestUpdate(&ctx, c->mychallenge, RSA_size(myself->connection->rsa_key))
if(!EVP_DigestInit(&ctx, c->indigest)
|| !EVP_DigestUpdate(&ctx, c->mychallenge, RSA_size(myself->connection->rsa_key))
- || !EVP_DigestFinal(&ctx, hash, NULL)) {
+ || !EVP_DigestFinal(&ctx,
(unsigned char *)
hash, NULL)) {
logger(LOG_ERR, _("Error during calculation of response for %s (%s): %s"),
c->name, c->hostname, ERR_error_string(ERR_get_error(), NULL));
return false;
logger(LOG_ERR, _("Error during calculation of response for %s (%s): %s"),
c->name, c->hostname, ERR_error_string(ERR_get_error(), NULL));
return false;
@@
-423,7
+430,7
@@
bool chal_reply_h(connection_t *c)
if(!EVP_DigestInit(&ctx, c->outdigest)
|| !EVP_DigestUpdate(&ctx, c->hischallenge, RSA_size(c->rsa_key))
if(!EVP_DigestInit(&ctx, c->outdigest)
|| !EVP_DigestUpdate(&ctx, c->hischallenge, RSA_size(c->rsa_key))
- || !EVP_DigestFinal(&ctx, myhash, NULL)) {
+ || !EVP_DigestFinal(&ctx,
(unsigned char *)
myhash, NULL)) {
logger(LOG_ERR, _("Error during calculation of response from %s (%s): %s"),
c->name, c->hostname, ERR_error_string(ERR_get_error(), NULL));
return false;
logger(LOG_ERR, _("Error during calculation of response from %s (%s): %s"),
c->name, c->hostname, ERR_error_string(ERR_get_error(), NULL));
return false;
@@
-479,6
+486,8
@@
bool send_ack(connection_t *c)
if((get_config_bool(lookup_config(c->config_tree, "PMTUDiscovery"), &choice) && choice) || myself->options & OPTION_PMTU_DISCOVERY)
c->options |= OPTION_PMTU_DISCOVERY;
if((get_config_bool(lookup_config(c->config_tree, "PMTUDiscovery"), &choice) && choice) || myself->options & OPTION_PMTU_DISCOVERY)
c->options |= OPTION_PMTU_DISCOVERY;
+ get_config_int(lookup_config(c->config_tree, "Weight"), &c->estimated_weight);
+
return send_request(c, "%d %s %d %lx", ACK, myport, c->estimated_weight, c->options);
}
return send_request(c, "%d %s %d %lx", ACK, myport, c->estimated_weight, c->options);
}
@@
-519,7
+528,7
@@
bool ack_h(connection_t *c)
{
char hisport[MAX_STRING_SIZE];
char *hisaddress, *dummy;
{
char hisport[MAX_STRING_SIZE];
char *hisaddress, *dummy;
- int weight;
+ int weight
, mtu
;
long int options;
node_t *n;
long int options;
node_t *n;
@@
-554,6
+563,12
@@
bool ack_h(connection_t *c)
c->node = n;
c->options |= options;
c->node = n;
c->options |= options;
+ if(get_config_int(lookup_config(c->config_tree, "PMTU"), &mtu) && mtu < n->mtu)
+ n->mtu = mtu;
+
+ if(get_config_int(lookup_config(myself->connection->config_tree, "PMTU"), &mtu) && mtu < n->mtu)
+ n->mtu = mtu;
+
/* Activate this connection */
c->allow_request = ALL;
/* Activate this connection */
c->allow_request = ALL;