In tinc 1.0.x, this was tracked in node->inkey, however in tinc 1.1 we have an abstraction layer for
the legacy cipher and digest, and we don't keep an explicit copy of the key around. We cannot use
cipher_active() or digest_active(), since it is possible to set both to the null algorithm. So add a bit to
node_status_t.
#ifdef DISABLE_LEGACY
return false;
#else
- if(!n->status.validkey) {
+ if(!n->status.validkey_in) {
logger(DEBUG_TRAFFIC, LOG_DEBUG, "Got packet from %s (%s) but he hasn't got our key yet", n->name, n->hostname);
return false;
}
void regenerate_key(void) {
logger(DEBUG_STATUS, LOG_INFO, "Expiring symmetric keys");
send_key_changed();
+ for splay_each(node_t, n, node_tree)
+ n->status.validkey_in = false;
}
/*
unsigned int sptps:1; /* 1 if this node supports SPTPS */
unsigned int udp_confirmed:1; /* 1 if the address is one that we received UDP traffic on */
unsigned int send_locally:1; /* 1 if the next UDP packet should be sent on the local network */
- unsigned int unused:23;
+ unsigned int validkey_in; /* 1 if we have sent a valid key to him */
+ unsigned int unused:22;
} node_status_t;
typedef struct node_t {
to->received = 0;
if(replaywin) memset(to->late, 0, replaywin);
+ to->status.validkey_in = true;
+
return send_request(to->nexthop->connection, "%d %s %s %s %d %d %d %d", ANS_KEY,
myself->name, to->name, key,
cipher_get_nid(to->incipher),
projects / tinc / commitdiff