projects
/
tinc
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Set $NAME when calling host-up/down and subnet-up/down scripts.
[tinc]
/
src
/
protocol_key.c
diff --git
a/src/protocol_key.c
b/src/protocol_key.c
index
e2e4be5
..
f2f317d
100644
(file)
--- a/
src/protocol_key.c
+++ b/
src/protocol_key.c
@@
-1,7
+1,7
@@
/*
protocol_key.c -- handle the meta-protocol, key exchange
Copyright (C) 1999-2005 Ivo Timmermans,
/*
protocol_key.c -- handle the meta-protocol, key exchange
Copyright (C) 1999-2005 Ivo Timmermans,
- 2000-201
0
Guus Sliepen <guus@tinc-vpn.org>
+ 2000-201
2
Guus Sliepen <guus@tinc-vpn.org>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@
-34,13
+34,13
@@
#include "utils.h"
#include "xalloc.h"
#include "utils.h"
#include "xalloc.h"
-bool mykeyused = false;
+
static
bool mykeyused = false;
-void send_key_changed() {
+void send_key_changed(
void
) {
avl_node_t *node;
connection_t *c;
avl_node_t *node;
connection_t *c;
- send_request(
broadcast
, "%d %x %s", KEY_CHANGED, rand(), myself->name);
+ send_request(
everyone
, "%d %x %s", KEY_CHANGED, rand(), myself->name);
/* Immediately send new keys to directly connected nodes to keep UDP mappings alive */
/* Immediately send new keys to directly connected nodes to keep UDP mappings alive */
@@
-240,12
+240,16
@@
bool ans_key_h(connection_t *c) {
return send_request(to->nexthop->connection, "%s", c->buffer);
}
return send_request(to->nexthop->connection, "%s", c->buffer);
}
+ /* Don't use key material until every check has passed. */
+ from->status.validkey = false;
+
/* Update our copy of the origin's packet key */
from->outkey = xrealloc(from->outkey, strlen(key) / 2);
/* Update our copy of the origin's packet key */
from->outkey = xrealloc(from->outkey, strlen(key) / 2);
-
- from->outkey = xstrdup(key);
from->outkeylength = strlen(key) / 2;
from->outkeylength = strlen(key) / 2;
- hex2bin(key, from->outkey, from->outkeylength);
+ if(!hex2bin(key, from->outkey, from->outkeylength)) {
+ logger(LOG_ERR, "Got bad %s from %s(%s): %s", "ANS_KEY", from->name, from->hostname, "invalid key");
+ return true;
+ }
/* Check and lookup cipher and digest algorithms */
/* Check and lookup cipher and digest algorithms */