X-Git-Url: https://tinc-vpn.org/git/browse?a=blobdiff_plain;f=src%2Fprotocol_auth.c;h=a542ca9ea922813b75cc741f24dbe8d1f2550c9c;hb=3fba80174dbe29bcfe0d121a2a1d2e61be5ee57b;hp=fe935e1f594ea2f998e0005f365a59a64eac94fa;hpb=303dd1e70219a7542921f6e63d9391ab326d434f;p=tinc

diff --git a/src/protocol_auth.c b/src/protocol_auth.c
index fe935e1f..a542ca9e 100644
--- a/src/protocol_auth.c
+++ b/src/protocol_auth.c
@@ -110,6 +110,9 @@ bool id_h(connection_t *c, char *request) {
 		return send_ack(c);
 	}
 
+	if(!experimental)
+		c->protocol_minor = 0;
+
 	if(!c->config_tree) {
 		init_configuration(&c->config_tree);
 
@@ -123,13 +126,10 @@ bool id_h(connection_t *c, char *request) {
 			if(!read_ecdsa_public_key(c))
 				return false;
 	} else {
-		if(!ecdsa_active(&c->ecdsa))
+		if(c->protocol_minor && !ecdsa_active(&c->ecdsa))
 			c->protocol_minor = 1;
 	}
 
-	if(!experimental)
-		c->protocol_minor = 0;
-
 	c->allow_request = METAKEY;
 
 	if(c->protocol_minor >= 2)
@@ -226,7 +226,6 @@ bool send_metakey(connection_t *c) {
 static bool metakey_ec_h(connection_t *c, const char *request) {
 	size_t siglen = ecdsa_size(&c->ecdsa);
 	char key[MAX_STRING_SIZE];
-	char sig[siglen];
 
 	logger(LOG_DEBUG, "Got ECDH metakey from %s", c->name);
 
@@ -285,10 +284,10 @@ static bool metakey_ec_h(connection_t *c, const char *request) {
 
 	free(seed);
 
-	cipher_set_key(&c->incipher, mykey, true);
+	cipher_set_key(&c->incipher, mykey, false);
 	digest_set_key(&c->indigest, mykey + mykeylen, mykeylen);
 
-	cipher_set_key(&c->outcipher, hiskey, false);
+	cipher_set_key(&c->outcipher, hiskey, true);
 	digest_set_key(&c->outdigest, hiskey + hiskeylen, hiskeylen);
 
 	c->status.decryptin = true;
@@ -547,7 +546,7 @@ static bool upgrade_h(connection_t *c, char *request) {
 	}
 
 	logger(LOG_INFO, "Got ECDSA public key from %s (%s), upgrading!", c->name, c->hostname);
-	append_connection_config(c, "ECDSAPublicKey", pubkey);
+	append_config_file(c->name, "ECDSAPublicKey", pubkey);
 	c->allow_request = TERMREQ;
 	return send_termreq(c);
 }
@@ -652,7 +651,7 @@ bool ack_h(connection_t *c, char *request) {
 	if(tunnelserver)
 		send_add_edge(c, c->edge);
 	else
-		send_add_edge(broadcast, c->edge);
+		send_add_edge(everyone, c->edge);
 
 	/* Run MST and SSSP algorithms */