X-Git-Url: https://tinc-vpn.org/git/browse?a=blobdiff_plain;f=src%2Fprotocol_auth.c;h=aa0fd36d20ab61ce373cc2952477872f41c54136;hb=4124b9682f8f890acb25d0c92f2583eef670274a;hp=46bb6e645d897665ee3d100ca779a68340e0b4de;hpb=54892b2e3efcbbbd65b26a32f487829bbb8d787c;p=tinc

diff --git a/src/protocol_auth.c b/src/protocol_auth.c
index 46bb6e64..aa0fd36d 100644
--- a/src/protocol_auth.c
+++ b/src/protocol_auth.c
@@ -1,7 +1,7 @@
 /*
     protocol_auth.c -- handle the meta-protocol, authentication
     Copyright (C) 1999-2005 Ivo Timmermans,
-                  2000-2007 Guus Sliepen <guus@tinc-vpn.org>
+                  2000-2009 Guus Sliepen <guus@tinc-vpn.org>
 
     This program is free software; you can redistribute it and/or modify
     it under the terms of the GNU General Public License as published by
@@ -124,7 +124,7 @@ bool send_metakey(connection_t *c) {
 	if(!cipher_open_blowfish_ofb(&c->outcipher))
 		return false;
 	
-	if(!digest_open_sha1(&c->outdigest))
+	if(!digest_open_sha1(&c->outdigest, -1))
 		return false;
 
 	/* Create a random key */
@@ -207,7 +207,7 @@ bool metakey_h(connection_t *c, char *request) {
 	/* Decrypt the meta key */
 
 	if(!rsa_private_decrypt(&myself->connection->rsa, enckey, len, key)) {
-		logger(LOG_ERR, _("Error during encryption of meta key for %s (%s)"), c->name, c->hostname);
+		logger(LOG_ERR, _("Error during decryption of meta key for %s (%s)"), c->name, c->hostname);
 		return false;
 	}
 
@@ -224,7 +224,7 @@ bool metakey_h(connection_t *c, char *request) {
 		return false;
 	}
 
-	if(!digest_open_by_nid(&c->indigest, digest)) {
+	if(!digest_open_by_nid(&c->indigest, digest, -1)) {
 		logger(LOG_ERR, _("Error during initialisation of digest from %s (%s)"), c->name, c->hostname);
 		return false;
 	}
@@ -243,7 +243,7 @@ bool send_challenge(connection_t *c) {
 	cp();
 
 	if(!c->hischallenge)
-		c->hischallenge = xmalloc(len);
+		c->hischallenge = xrealloc(c->hischallenge, len);
 
 	/* Copy random data to the buffer */
 
@@ -335,6 +335,7 @@ bool chal_reply_h(connection_t *c, char *request) {
 	 */
 
 	free(c->hischallenge);
+	c->hischallenge = NULL;
 	c->allow_request = ACK;
 
 	return send_ack(c);
@@ -362,7 +363,7 @@ bool send_ack(connection_t *c) {
 	if((get_config_bool(lookup_config(c->config_tree, "TCPOnly"), &choice) && choice) || myself->options & OPTION_TCPONLY)
 		c->options |= OPTION_TCPONLY | OPTION_INDIRECT;
 
-	if((get_config_bool(lookup_config(c->config_tree, "PMTUDiscovery"), &choice) && choice) || myself->options & OPTION_PMTU_DISCOVERY)
+	if(myself->options & OPTION_PMTU_DISCOVERY)
 		c->options |= OPTION_PMTU_DISCOVERY;
 
 	get_config_int(lookup_config(c->config_tree, "Weight"), &c->estimated_weight);
@@ -447,6 +448,10 @@ bool ack_h(connection_t *c, char *request) {
 
 	n->connection = c;
 	c->node = n;
+	if(!(c->options & options & OPTION_PMTU_DISCOVERY)) {
+		c->options &= ~OPTION_PMTU_DISCOVERY;
+		options &= ~OPTION_PMTU_DISCOVERY;
+	}
 	c->options |= options;
 
 	if(get_config_int(lookup_config(c->config_tree, "PMTU"), &mtu) && mtu < n->mtu)