X-Git-Url: https://tinc-vpn.org/git/browse?a=blobdiff_plain;f=src%2Finvitation.c;h=1a2f93f5696678a44559b4d7917daf5c98b644bb;hb=a196e9b0fde1e8a67108eacd51ac663eac5a63ae;hp=a6996cc692aee9857fc8866b3ce30a7a7c5919c2;hpb=ef5e8b6920d1dd3097f36bd0c50170100acf2f28;p=tinc

diff --git a/src/invitation.c b/src/invitation.c
index a6996cc6..1a2f93f5 100644
--- a/src/invitation.c
+++ b/src/invitation.c
@@ -33,6 +33,8 @@
 #include "utils.h"
 #include "xalloc.h"
 
+#include "ed25519/sha512.h"
+
 int addressfamily = AF_UNSPEC;
 
 static void scan_for_hostname(const char *filename, char **hostname, char **port) {
@@ -270,8 +272,6 @@ int cmd_invite(int argc, char *argv[]) {
 		}
 	}
 
-	char hash[25];
-
 	xasprintf(&filename, "%s" SLASH "invitations", confbase);
 	if(mkdir(filename, 0700) && errno != EEXIST) {
 		fprintf(stderr, "Could not create directory %s: %s\n", filename, strerror(errno));
@@ -365,11 +365,9 @@ int cmd_invite(int argc, char *argv[]) {
 		return 1;
 
 	// Create a hash of the key.
+	char hash[64];
 	char *fingerprint = ecdsa_get_base64_public_key(key);
-	digest_t *digest = digest_open_by_name("sha256", 18);
-	if(!digest)
-		abort();
-	digest_create(digest, fingerprint, strlen(fingerprint), hash);
+	sha512(fingerprint, strlen(fingerprint), hash);
 	b64encode_urlsafe(hash, hash, 18);
 
 	// Create a random cookie for this invitation.
@@ -378,10 +376,10 @@ int cmd_invite(int argc, char *argv[]) {
 
 	// Create a filename that doesn't reveal the cookie itself
 	char buf[18 + strlen(fingerprint)];
-	char cookiehash[25];
+	char cookiehash[64];
 	memcpy(buf, cookie, 18);
 	memcpy(buf + 18, fingerprint, sizeof buf - 18);
-	digest_create(digest, buf, sizeof buf, cookiehash);
+	sha512(buf, sizeof buf, cookiehash);
 	b64encode_urlsafe(cookiehash, cookiehash, 18);
 
 	b64encode_urlsafe(cookie, cookie, 18);
@@ -613,6 +611,7 @@ make_names:
 	FILE *fh = fopen(filename, "w");
 	if(!fh) {
 		fprintf(stderr, "Could not create file %s: %s\n", filename, strerror(errno));
+		fclose(f);
 		return false;
 	}
 
@@ -738,8 +737,9 @@ make_names:
 
 	sptps_send_record(&sptps, 1, b64key, strlen(b64key));
 	free(b64key);
+	ecdsa_free(key);
 
-
+#ifndef DISABLE_LEGACY
 	rsa_t *rsa = rsa_generate(2048, 0x1001);
 	xasprintf(&filename, "%s" SLASH "rsa_key.priv", confbase);
 	f = fopenmask(filename, "w", 0600);
@@ -750,8 +750,8 @@ make_names:
 	rsa_write_pem_public_key(rsa, fh);
 	fclose(fh);
 
-	ecdsa_free(key);
 	rsa_free(rsa);
+#endif
 
 	check_port(name);
 
@@ -786,7 +786,7 @@ ask_netname:
 }
 
 
-static bool invitation_send(void *handle, uint8_t type, const char *data, size_t len) {
+static bool invitation_send(void *handle, uint8_t type, const void *data, size_t len) {
 	while(len) {
 		int result = send(sock, data, len, 0);
 		if(result == -1 && errno == EINTR)
@@ -799,7 +799,7 @@ static bool invitation_send(void *handle, uint8_t type, const char *data, size_t
 	return true;
 }
 
-static bool invitation_receive(void *handle, uint8_t type, const char *msg, uint16_t len) {
+static bool invitation_receive(void *handle, uint8_t type, const void *msg, uint16_t len) {
 	switch(type) {
 		case SPTPS_HANDSHAKE:
 			return sptps_send_record(&sptps, 0, cookie, sizeof cookie);
@@ -921,16 +921,31 @@ int cmd_join(int argc, char *argv[]) {
 	if(!ai)
 		return 1;
 
-	sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
+	struct addrinfo *aip = NULL;
+
+next:
+	if(!aip)
+		aip = ai;
+	else {
+		aip = aip->ai_next;
+		if(!aip)
+			return 1;
+	}
+
+	sock = socket(aip->ai_family, aip->ai_socktype, aip->ai_protocol);
 	if(sock <= 0) {
 		fprintf(stderr, "Could not open socket: %s\n", strerror(errno));
-		return 1;
+		goto next;
 	}
 
-	if(connect(sock, ai->ai_addr, ai->ai_addrlen)) {
-		fprintf(stderr, "Could not connect to %s port %s: %s\n", address, port, strerror(errno));
+	if(connect(sock, aip->ai_addr, aip->ai_addrlen)) {
+		char *addrstr, *portstr;
+		sockaddr2str((sockaddr_t *)aip->ai_addr, &addrstr, &portstr);
+		fprintf(stderr, "Could not connect to %s port %s: %s\n", addrstr, portstr, strerror(errno));
+		free(addrstr);
+		free(portstr);
 		closesocket(sock);
-		return 1;
+		goto next;
 	}
 
 	fprintf(stderr, "Connected to %s port %s...\n", address, port);
@@ -943,7 +958,7 @@ int cmd_join(int argc, char *argv[]) {
 	if(!sendline(sock, "0 ?%s %d.%d", b64key, PROT_MAJOR, 1)) {
 		fprintf(stderr, "Error sending request to %s port %s: %s\n", address, port, strerror(errno));
 		closesocket(sock);
-		return 1;
+		goto next;
 	}
 
 	char hisname[4096] = "";
@@ -952,16 +967,13 @@ int cmd_join(int argc, char *argv[]) {
 	if(!recvline(sock, line, sizeof line) || sscanf(line, "%d %s %d.%d", &code, hisname, &hismajor, &hisminor) < 3 || code != 0 || hismajor != PROT_MAJOR || !check_id(hisname) || !recvline(sock, line, sizeof line) || !rstrip(line) || sscanf(line, "%d ", &code) != 1 || code != ACK || strlen(line) < 3) {
 		fprintf(stderr, "Cannot read greeting from peer\n");
 		closesocket(sock);
-		return 1;
+		goto next;
 	}
 
 	// Check if the hash of the key he gave us matches the hash in the URL.
 	char *fingerprint = line + 2;
-	digest_t *digest = digest_open_by_name("sha256", 18);
-	if(!digest)
-		abort();
-	char hishash[18];
-	if(!digest_create(digest, fingerprint, strlen(fingerprint), hishash)) {
+	char hishash[64];
+	if(sha512(fingerprint, strlen(fingerprint), hishash)) {
 		fprintf(stderr, "Could not create digest\n%s\n", line + 2);
 		return 1;
 	}
@@ -991,8 +1003,14 @@ int cmd_join(int argc, char *argv[]) {
 			return 1;
 		}
 
-		if(!sptps_receive_data(&sptps, line, len))
-			return 1;
+		char *p = line;
+		while(len) {
+			int done = sptps_receive_data(&sptps, p, len);
+			if(!done)
+				return 1;
+			len -= done;
+			p += done;
+		}
 	}
 	
 	sptps_stop(&sptps);