+ if(!c->config_tree)
+ {
+ init_configuration(&c->config_tree);
+
+ if((bla = read_connection_config(c)))
+ {
+ syslog(LOG_ERR, _("Peer %s had unknown identity (%s)"), c->hostname, c->name);
+ return -1;
+ }
+ }
+
+ if(read_rsa_public_key(c))
+ {
+ return -1;
+ }
+
+ c->allow_request = METAKEY;
+cp
+ return send_metakey(c);
+}
+
+int send_metakey(connection_t *c)
+{
+ char *buffer;
+ int len, x;
+cp
+ len = RSA_size(c->rsa_key);
+
+ /* Allocate buffers for the meta key */
+
+ buffer = xmalloc(len*2+1);
+
+ if(!c->outkey)
+ c->outkey = xmalloc(len);
+
+ if(!c->outctx)
+ c->outctx = xmalloc(sizeof(*c->outctx));
+cp
+ /* Copy random data to the buffer */
+
+ RAND_bytes(c->outkey, len);
+
+ /* The message we send must be smaller than the modulus of the RSA key.
+ By definition, for a key of k bits, the following formula holds:
+
+ 2^(k-1) <= modulus < 2^(k)
+
+ Where ^ means "to the power of", not "xor".
+ This means that to be sure, we must choose our message < 2^(k-1).
+ This can be done by setting the most significant bit to zero.
+ */
+
+ c->outkey[0] &= 0x7F;
+
+ if(debug_lvl >= DEBUG_SCARY_THINGS)
+ {
+ bin2hex(c->outkey, buffer, len);
+ buffer[len*2] = '\0';
+ syslog(LOG_DEBUG, _("Generated random meta key (unencrypted): %s"), buffer);
+ }