X-Git-Url: https://tinc-vpn.org/git/browse?a=blobdiff_plain;f=src%2Fprotocol_key.c;h=9ab174359d684348958f0919332c1ebed44f5d85;hb=fb0cfccf7dc2240b576011edcf74fd5b058916cb;hp=cb652c1e197c49e5bb45a8f25ca4b9324b9ece2b;hpb=83263b74460656ba557fd9bb84dc27258549e9cd;p=tinc diff --git a/src/protocol_key.c b/src/protocol_key.c index cb652c1e..9ab17435 100644 --- a/src/protocol_key.c +++ b/src/protocol_key.c @@ -1,7 +1,7 @@ /* protocol_key.c -- handle the meta-protocol, key exchange - Copyright (C) 1999-2003 Ivo Timmermans , - 2000-2003 Guus Sliepen + Copyright (C) 1999-2005 Ivo Timmermans, + 2000-2006 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -17,12 +17,15 @@ along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - $Id: protocol_key.c,v 1.1.4.22 2003/07/24 12:08:16 guus Exp $ + $Id$ */ #include "system.h" -#include "avl_tree.h" +#include +#include + +#include "splay_tree.h" #include "connection.h" #include "logger.h" #include "net.h" @@ -34,8 +37,7 @@ bool mykeyused = false; -bool send_key_changed(connection_t *c, const node_t *n) -{ +bool send_key_changed(connection_t *c, const node_t *n) { cp(); /* Only send this message if some other daemon requested our key previously. @@ -48,8 +50,7 @@ bool send_key_changed(connection_t *c, const node_t *n) return send_request(c, "%d %lx %s", KEY_CHANGED, random(), n->name); } -bool key_changed_h(connection_t *c) -{ +bool key_changed_h(connection_t *c) { char name[MAX_STRING_SIZE]; node_t *n; @@ -77,20 +78,19 @@ bool key_changed_h(connection_t *c) /* Tell the others */ - forward_request(c); + if(!tunnelserver) + forward_request(c); return true; } -bool send_req_key(connection_t *c, const node_t *from, const node_t *to) -{ +bool send_req_key(connection_t *c, const node_t *from, const node_t *to) { cp(); return send_request(c, "%d %s %s", REQ_KEY, from->name, to->name); } -bool req_key_h(connection_t *c) -{ +bool req_key_h(connection_t *c) { char from_name[MAX_STRING_SIZE]; char to_name[MAX_STRING_SIZE]; node_t *from, *to; @@ -127,18 +127,21 @@ bool req_key_h(connection_t *c) memset(from->late, 0, sizeof(from->late)); send_ans_key(c, myself, from); } else { + if(tunnelserver) + return false; + send_req_key(to->nexthop->connection, from, to); } return true; } -bool send_ans_key(connection_t *c, const node_t *from, const node_t *to) -{ - char key[MAX_STRING_SIZE]; +bool send_ans_key(connection_t *c, const node_t *from, const node_t *to) { + char *key; cp(); + key = alloca(2 * from->keylength + 1); bin2hex(from->key, key, from->keylength); key[from->keylength * 2] = '\0'; @@ -149,8 +152,7 @@ bool send_ans_key(connection_t *c, const node_t *from, const node_t *to) from->compression); } -bool ans_key_h(connection_t *c) -{ +bool ans_key_h(connection_t *c) { char from_name[MAX_STRING_SIZE]; char to_name[MAX_STRING_SIZE]; char key[MAX_STRING_SIZE]; @@ -186,6 +188,9 @@ bool ans_key_h(connection_t *c) /* Forward it if necessary */ if(to != myself) { + if(tunnelserver) + return false; + return send_request(to->nexthop->connection, "%s", c->buffer); } @@ -251,7 +256,14 @@ bool ans_key_h(connection_t *c) from->compression = compression; if(from->cipher) - EVP_EncryptInit_ex(&from->packet_ctx, from->cipher, NULL, from->key, from->key + from->cipher->key_len); + if(!EVP_EncryptInit_ex(&from->packet_ctx, from->cipher, NULL, (unsigned char *)from->key, (unsigned char *)from->key + from->cipher->key_len)) { + logger(LOG_ERR, _("Error during initialisation of key from %s (%s): %s"), + from->name, from->hostname, ERR_error_string(ERR_get_error(), NULL)); + return false; + } + + if(from->options & OPTION_PMTU_DISCOVERY && !from->mtuprobes) + send_mtu_probe(from); flush_queue(from);