X-Git-Url: https://www.tinc-vpn.org/git/browse?a=blobdiff_plain;f=src%2Fprotocol_key.c;h=abde7772c40aedcd8f8dcb050ae3755b354cba01;hb=daf65919d1ccc40f6c11f3f723f325de9021c422;hp=fcb748f4ea9ee998d555ac5d8f1c0e8ecd5da333;hpb=c897f8c99e0b0827cff60f098bd3f9852a062233;p=tinc

diff --git a/src/protocol_key.c b/src/protocol_key.c
index fcb748f4..abde7772 100644
--- a/src/protocol_key.c
+++ b/src/protocol_key.c
@@ -124,6 +124,11 @@ bool send_req_key(node_t *to) {
 static bool req_key_ext_h(connection_t *c, const char *request, node_t *from, int reqno) {
 	switch(reqno) {
 		case REQ_PUBKEY: {
+			if(!node_read_ecdsa_public_key(from)) {
+				/* Request their key *before* we send our key back. Otherwise the first SPTPS packet from them will get dropped. */
+				logger(DEBUG_PROTOCOL, LOG_DEBUG, "Preemptively requesting Ed25519 key for %s (%s)", from->name, from->hostname);
+				send_request(from->nexthop->connection, "%d %s %s %d", REQ_KEY, myself->name, from->name, REQ_PUBKEY);
+			}
 			char *pubkey = ecdsa_get_base64_public_key(myself->connection->ecdsa);
 			send_request(from->nexthop->connection, "%d %s %s %d %s", REQ_KEY, myself->name, from->name, ANS_PUBKEY, pubkey);
 			free(pubkey);