X-Git-Url: https://tinc-vpn.org/git/browse?a=blobdiff_plain;f=src%2Fprotocol_auth.c;h=49dfd2817d3ebd9e19e017ef8235dc8c9e962ef6;hb=40731d030fef793c6b6405efd9b3e64c26c00045;hp=499e6869ed38c69076dc67b9a4ffd065711b4271;hpb=465837dd7f7b727d489b354e4b75489dd49fd6e3;p=tinc diff --git a/src/protocol_auth.c b/src/protocol_auth.c index 499e6869..49dfd281 100644 --- a/src/protocol_auth.c +++ b/src/protocol_auth.c @@ -37,13 +37,14 @@ #include "netutl.h" #include "node.h" #include "protocol.h" -#include "rsa.h" #include "utils.h" #include "xalloc.h" bool send_id(connection_t *c) { cp(); + gettimeofday(&c->start, NULL); + return send_request(c, "%d %s %d", ID, myself->connection->name, myself->connection->protocol_version); } @@ -117,12 +118,12 @@ bool id_h(connection_t *c, char *request) { bool send_metakey(connection_t *c) { char *buffer; - unsigned int len; + int len; bool x; cp(); - len = get_rsa_size(&c->rsa_key); + len = RSA_size(c->rsa_key); /* Allocate buffers for the meta key */ @@ -164,7 +165,7 @@ bool send_metakey(connection_t *c) { with a length equal to that of the modulus of the RSA key. */ - if(!rsa_public_encrypt(len, (unsigned char *)c->outkey, (unsigned char *)buffer, &c->rsa_key)) { + if(RSA_public_encrypt(len, (unsigned char *)c->outkey, (unsigned char *)buffer, c->rsa_key, RSA_NO_PADDING) != len) { logger(LOG_ERR, _("Error during encryption of meta key for %s (%s)"), c->name, c->hostname); return false; @@ -213,7 +214,7 @@ bool metakey_h(connection_t *c, char *request) { return false; } - len = get_rsa_size(&myself->connection->rsa_key); + len = RSA_size(myself->connection->rsa_key); /* Check if the length of the meta key is all right */ @@ -236,8 +237,9 @@ bool metakey_h(connection_t *c, char *request) { /* Decrypt the meta key */ - if(!rsa_private_decrypt(len, (unsigned char *)buffer, (unsigned char *)c->inkey, &myself->connection->rsa_key)) { - logger(LOG_ERR, _("Error during encryption of meta key for %s (%s)"), c->name, c->hostname); + if(RSA_private_decrypt(len, (unsigned char *)buffer, (unsigned char *)c->inkey, myself->connection->rsa_key, RSA_NO_PADDING) != len) { /* See challenge() */ + logger(LOG_ERR, _("Error during encryption of meta key for %s (%s)"), + c->name, c->hostname); return false; } @@ -306,7 +308,7 @@ bool send_challenge(connection_t *c) { /* CHECKME: what is most reasonable value for len? */ - len = get_rsa_size(&c->rsa_key); + len = RSA_size(c->rsa_key); /* Allocate buffers for the challenge */ @@ -341,7 +343,7 @@ bool challenge_h(connection_t *c, char *request) { return false; } - len = get_rsa_size(&myself->connection->rsa_key); + len = RSA_size(myself->connection->rsa_key); /* Check if the length of the challenge is all right */ @@ -376,7 +378,7 @@ bool send_chal_reply(connection_t *c) { /* Calculate the hash from the challenge we received */ if(!EVP_DigestInit(&ctx, c->indigest) - || !EVP_DigestUpdate(&ctx, c->mychallenge, get_rsa_size(&myself->connection->rsa_key)) + || !EVP_DigestUpdate(&ctx, c->mychallenge, RSA_size(myself->connection->rsa_key)) || !EVP_DigestFinal(&ctx, (unsigned char *)hash, NULL)) { logger(LOG_ERR, _("Error during calculation of response for %s (%s): %s"), c->name, c->hostname, ERR_error_string(ERR_get_error(), NULL)); @@ -421,7 +423,7 @@ bool chal_reply_h(connection_t *c, char *request) { /* Calculate the hash from the challenge we sent */ if(!EVP_DigestInit(&ctx, c->outdigest) - || !EVP_DigestUpdate(&ctx, c->hischallenge, get_rsa_size(&c->rsa_key)) + || !EVP_DigestUpdate(&ctx, c->hischallenge, RSA_size(c->rsa_key)) || !EVP_DigestFinal(&ctx, (unsigned char *)myhash, NULL)) { logger(LOG_ERR, _("Error during calculation of response from %s (%s): %s"), c->name, c->hostname, ERR_error_string(ERR_get_error(), NULL));