X-Git-Url: https://www.tinc-vpn.org/git/browse?a=blobdiff_plain;f=src%2Fprotocol_auth.c;h=f030b86bd1a43fbc45da8c723411eb148e25d5de;hb=3c163a3796c984deb874fb1cca1ed9a85fc1d087;hp=7940ab8064976ef6ba15cc628c12f52064356ed4;hpb=9b9230a0a79c670b86f54fadd2807b864ff9d91f;p=tinc

diff --git a/src/protocol_auth.c b/src/protocol_auth.c
index 7940ab80..f030b86b 100644
--- a/src/protocol_auth.c
+++ b/src/protocol_auth.c
@@ -133,7 +133,7 @@ bool send_id(connection_t *c) {
 	int minor = 0;
 
 	if(experimental) {
-		if(c->config_tree && !read_ecdsa_public_key(c))
+		if(c->outgoing && !read_ecdsa_public_key(c))
 			minor = 1;
 		else
 			minor = myself->connection->protocol_minor;
@@ -273,7 +273,8 @@ bool send_metakey(connection_t *c) {
 
 	key[0] &= 0x7F;
 
-	cipher_set_key_from_rsa(c->outcipher, key, len, true);
+	if(!cipher_set_key_from_rsa(c->outcipher, key, len, true))
+		return false;
 
 	if(debug_level >= DEBUG_SCARY_THINGS) {
 		bin2hex(key, hexkey, len);
@@ -403,11 +404,10 @@ bool challenge_h(connection_t *c, const char *request) {
 		return false;
 	}
 
-	c->allow_request = CHAL_REPLY;
-
 	/* Calculate the hash from the challenge we received */
 
-	digest_create(c->indigest, buffer, len, digest);
+	if(!digest_create(c->indigest, buffer, len, digest))
+		return false;
 
 	/* Convert the hash to a hexadecimal formatted string */
 
@@ -415,6 +415,8 @@ bool challenge_h(connection_t *c, const char *request) {
 
 	/* Send the reply */
 
+	c->allow_request = CHAL_REPLY;
+
 	return send_request(c, "%d %s", CHAL_REPLY, buffer);
 }