+ if(!ecdh_compute_shared(&from->ecdh, key + 5, shared))
+ return false;
+
+ /* Update our crypto end */
+
+ size_t mykeylen = cipher_keylength(&myself->incipher);
+ size_t hiskeylen = cipher_keylength(&from->outcipher);
+
+ char *mykey;
+ char *hiskey;
+ char *seed;
+
+ if(strcmp(myself->name, from->name) < 0) {
+ mykey = key;
+ hiskey = key + mykeylen * 2;
+ xasprintf(&seed, "tinc UDP key expansion %s %s", myself->name, from->name);
+ } else {
+ mykey = key + hiskeylen * 2;
+ hiskey = key;
+ xasprintf(&seed, "tinc UDP key expansion %s %s", from->name, myself->name);
+ }
+
+ if(!prf(shared, ECDH_SHARED_SIZE, seed, strlen(seed), key, hiskeylen * 2 + mykeylen * 2))
+ return false;
+
+ free(seed);
+
+ cipher_open_by_nid(&from->incipher, cipher_get_nid(&myself->incipher));
+ digest_open_by_nid(&from->indigest, digest_get_nid(&myself->indigest), digest_length(&myself->indigest));
+ from->incompression = myself->incompression;
+
+ cipher_set_key(&from->incipher, mykey, true);
+ digest_set_key(&from->indigest, mykey + mykeylen, mykeylen);
+
+ cipher_set_key(&from->outcipher, hiskey, false);
+ digest_set_key(&from->outdigest, hiskey + hiskeylen, hiskeylen);
+
+ // Reset sequence number and late packet window
+ mykeyused = true;
+ from->received_seqno = 0;
+ if(replaywin)
+ memset(from->late, 0, replaywin);
+
+ if(strcmp(myself->name, from->name) < 0)
+ memmove(key, key + mykeylen * 2, hiskeylen * 2);
+ } else {
+ keylen = hex2bin(key, key, sizeof key);
+
+ if(keylen != cipher_keylength(&from->outcipher)) {
+ logger(LOG_ERR, "Node %s (%s) uses wrong keylength!", from->name, from->hostname);
+ return false;
+ }
+
+ /* Update our copy of the origin's packet key */
+
+ cipher_set_key(&from->outcipher, key, false);
+ digest_set_key(&from->outdigest, key, keylen);
+ }