return true;
}
-static bool receive_invitation_sptps(void *handle, uint8_t type, const char *data, uint16_t len) {
+static bool receive_invitation_sptps(void *handle, uint8_t type, const void *data, uint16_t len) {
connection_t *c = handle;
if(type == 128)
}
if(experimental)
- if(!read_ecdsa_public_key(c))
- return false;
- } else {
- if(c->protocol_minor && !ecdsa_active(c->ecdsa))
- c->protocol_minor = 1;
+ read_ecdsa_public_key(c);
+ /* Ignore failures if no key known yet */
}
+ if(c->protocol_minor && !ecdsa_active(c->ecdsa))
+ c->protocol_minor = 1;
+
/* Forbid version rollback for nodes whose Ed25519 key we know */
if(ecdsa_active(c->ecdsa) && c->protocol_minor < 2) {
}
bool send_metakey(connection_t *c) {
+ if(!myself->connection->rsa) {
+ logger(DEBUG_CONNECTIONS, LOG_ERR, "Peer %s (%s) uses legacy protocol which we don't support", c->name, c->hostname);
+ return false;
+ }
+
if(!read_rsa_public_key(c))
return false;
if(!(c->outdigest = digest_open_sha1(-1)))
return false;
- size_t len = rsa_size(c->rsa);
+ const size_t len = rsa_size(c->rsa);
char key[len];
char enckey[len];
char hexkey[2 * len + 1];
}
bool metakey_h(connection_t *c, const char *request) {
+ if(!myself->connection->rsa)
+ return false;
+
char hexkey[MAX_STRING_SIZE];
int cipher, digest, maclength, compression;
- size_t len = rsa_size(myself->connection->rsa);
+ const size_t len = rsa_size(myself->connection->rsa);
char enckey[len];
char key[len];
}
bool send_challenge(connection_t *c) {
- size_t len = rsa_size(c->rsa);
+ const size_t len = rsa_size(c->rsa);
char buffer[len * 2 + 1];
if(!c->hischallenge)
}
bool challenge_h(connection_t *c, const char *request) {
+ if(!myself->connection->rsa)
+ return false;
+
char buffer[MAX_STRING_SIZE];
- size_t len = rsa_size(myself->connection->rsa);
+ const size_t len = rsa_size(myself->connection->rsa);
size_t digestlen = digest_length(c->indigest);
char digest[digestlen];
}
if(ecdsa_active(c->ecdsa) || read_ecdsa_public_key(c)) {
- logger(DEBUG_ALWAYS, LOG_INFO, "Already have Ed25519 public key from %s (%s), not upgrading.", c->name, c->hostname);
+ char *knownkey = ecdsa_get_base64_public_key(c->ecdsa);
+ bool different = strcmp(knownkey, pubkey);
+ free(knownkey);
+ if(different) {
+ logger(DEBUG_ALWAYS, LOG_ERR, "Already have an Ed25519 public key from %s (%s) which is different from the one presented now!", c->name, c->hostname);
+ return false;
+ }
+ logger(DEBUG_ALWAYS, LOG_INFO, "Already have Ed25519 public key from %s (%s), ignoring.", c->name, c->hostname);
+ c->allow_request = TERMREQ;
+ return send_termreq(c);
+ }
+
+ c->ecdsa = ecdsa_set_base64_public_key(pubkey);
+ if(!c->ecdsa) {
+ logger(DEBUG_ALWAYS, LOG_INFO, "Got bad Ed25519 public key from %s (%s), not upgrading.", c->name, c->hostname);
return false;
}
projects / tinc / blobdiff