X-Git-Url: https://tinc-vpn.org/git/browse?a=blobdiff_plain;f=src%2Fprotocol_key.c;h=3b022679dbadb6fae80a6001ed2c3726bc0f8afe;hb=c845bc109c85e6fb350096c63e13ef8e617ee29b;hp=aae5516c04b519f82b17e71a14970aa51c520a75;hpb=10d609b1f0dd9eeb024cd40359683d48542aecbf;p=tinc

diff --git a/src/protocol_key.c b/src/protocol_key.c
index aae5516c..3b022679 100644
--- a/src/protocol_key.c
+++ b/src/protocol_key.c
@@ -139,6 +139,7 @@ bool send_ans_key(node_t *to) {
 
 	randomize(key, keylen);
 	cipher_set_key(&to->incipher, key, true);
+	digest_set_key(&to->indigest, key, keylen);
 
 	bin2hex(key, key, keylen);
 	key[keylen * 2] = '\0';
@@ -160,7 +161,7 @@ bool ans_key_h(connection_t *c, char *request) {
 	char from_name[MAX_STRING_SIZE];
 	char to_name[MAX_STRING_SIZE];
 	char key[MAX_STRING_SIZE];
-	int cipher, digest, maclength, compression;
+	int cipher, digest, maclength, compression, keylen;
 	node_t *from, *to;
 
 	if(sscanf(request, "%*d "MAX_STRING" "MAX_STRING" "MAX_STRING" %d %d %d %d",
@@ -209,7 +210,9 @@ bool ans_key_h(connection_t *c, char *request) {
 		return false;
 	}
 
-	if(strlen(key) / 2 != cipher_keylength(&from->outcipher)) {
+	keylen = strlen(key) / 2;
+
+	if(keylen != cipher_keylength(&from->outcipher)) {
 		logger(LOG_ERR, "Node %s (%s) uses wrong keylength!", from->name, from->hostname);
 		return false;
 	}
@@ -233,8 +236,9 @@ bool ans_key_h(connection_t *c, char *request) {
 
 	/* Update our copy of the origin's packet key */
 
-	hex2bin(key, key, cipher_keylength(&from->outcipher));
+	hex2bin(key, key, keylen);
 	cipher_set_key(&from->outcipher, key, false);
+	digest_set_key(&from->outdigest, key, keylen);
 
 	from->status.validkey = true;
 	from->status.waitingforkey = false;