X-Git-Url: https://tinc-vpn.org/git/browse?a=blobdiff_plain;f=src%2Fprotocol_auth.c;h=4eb61bdf115b59e5a602e7411702f422cb77dd08;hb=a0f795ff5bd671ca10a7203e4234b37a12d8d1cd;hp=41911e4280cb6c262a054be3fb08cc1042ef1260;hpb=fec279a9c54ec8a13bd1ba4c7bec0d2a15454992;p=tinc

diff --git a/src/protocol_auth.c b/src/protocol_auth.c
index 41911e42..4eb61bdf 100644
--- a/src/protocol_auth.c
+++ b/src/protocol_auth.c
@@ -110,6 +110,9 @@ bool id_h(connection_t *c, char *request) {
 		return send_ack(c);
 	}
 
+	if(!experimental)
+		c->protocol_minor = 0;
+
 	if(!c->config_tree) {
 		init_configuration(&c->config_tree);
 
@@ -123,13 +126,10 @@ bool id_h(connection_t *c, char *request) {
 			if(!read_ecdsa_public_key(c))
 				return false;
 	} else {
-		if(!ecdsa_active(&c->ecdsa))
+		if(c->protocol_minor && !ecdsa_active(&c->ecdsa))
 			c->protocol_minor = 1;
 	}
 
-	if(!experimental)
-		c->protocol_minor = 0;
-
 	c->allow_request = METAKEY;
 
 	if(c->protocol_minor >= 2)
@@ -155,7 +155,7 @@ bool send_metakey_ec(connection_t *c) {
 
 	b64encode(key, key, ECDH_SIZE + siglen);
 	
-	bool result = send_request(c, "%d %s", METAKEY, key);
+	return send_request(c, "%d %s", METAKEY, key);
 }
 
 bool send_metakey(connection_t *c) {
@@ -285,10 +285,10 @@ static bool metakey_ec_h(connection_t *c, const char *request) {
 
 	free(seed);
 
-	cipher_set_key(&c->incipher, mykey, true);
+	cipher_set_key(&c->incipher, mykey, false);
 	digest_set_key(&c->indigest, mykey + mykeylen, mykeylen);
 
-	cipher_set_key(&c->outcipher, hiskey, false);
+	cipher_set_key(&c->outcipher, hiskey, true);
 	digest_set_key(&c->outdigest, hiskey + hiskeylen, hiskeylen);
 
 	c->status.decryptin = true;
@@ -547,7 +547,7 @@ static bool upgrade_h(connection_t *c, char *request) {
 	}
 
 	logger(LOG_INFO, "Got ECDSA public key from %s (%s), upgrading!", c->name, c->hostname);
-	append_connection_config(c, "ECDSAPublicKey", pubkey);
+	append_config_file(c->name, "ECDSAPublicKey", pubkey);
 	c->allow_request = TERMREQ;
 	return send_termreq(c);
 }