X-Git-Url: https://tinc-vpn.org/git/browse?p=tinc;a=blobdiff_plain;f=src%2Fprotocol_key.c;h=0ba5ad34f71b3f04cf9e510fa640806b7f62fdbe;hp=1a184fb8f3ba817dccb4553a051361a4bf4b61a9;hb=8794274a30d535d49636fec825a0afbf30d8010d;hpb=4712d8f92e63e86e835ffb624d6399343ee568ea

diff --git a/src/protocol_key.c b/src/protocol_key.c
index 1a184fb8..0ba5ad34 100644
--- a/src/protocol_key.c
+++ b/src/protocol_key.c
@@ -156,7 +156,7 @@ bool send_ans_key(node_t *to) {
 	to->inkey = xrealloc(to->inkey, to->inkeylength);
 
 	// Create a new key
-	RAND_pseudo_bytes((unsigned char *)to->inkey, to->inkeylength);
+	RAND_bytes((unsigned char *)to->inkey, to->inkeylength);
 	if(to->incipher)
 		EVP_DecryptInit_ex(&to->inctx, to->incipher, NULL, (unsigned char *)to->inkey, (unsigned char *)to->inkey + to->incipher->key_len);
 
@@ -240,10 +240,16 @@ bool ans_key_h(connection_t *c) {
 		return send_request(to->nexthop->connection, "%s", c->buffer);
 	}
 
+	/* Don't use key material until every check has passed. */
+	from->status.validkey = false;
+
 	/* Update our copy of the origin's packet key */
 	from->outkey = xrealloc(from->outkey, strlen(key) / 2);
 	from->outkeylength = strlen(key) / 2;
-	hex2bin(key, from->outkey, from->outkeylength);
+	if(!hex2bin(key, from->outkey, from->outkeylength)) {
+		logger(LOG_ERR, "Got bad %s from %s(%s): %s", "ANS_KEY", from->name, from->hostname, "invalid key");
+		return true;
+	}
 
 	/* Check and lookup cipher and digest algorithms */