projects
/
tinc
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
c970ecd
)
Don't send an ACK message after the first key exchange in the SPTPS protocol.
author
Guus Sliepen
<guus@tinc-vpn.org>
Sun, 18 Mar 2012 16:46:30 +0000
(17:46 +0100)
committer
Guus Sliepen
<guus@tinc-vpn.org>
Sun, 18 Mar 2012 16:46:30 +0000
(17:46 +0100)
src/sptps.c
patch
|
blob
|
history
diff --git
a/src/sptps.c
b/src/sptps.c
index
fa1594d
..
2449e7b
100644
(file)
--- a/
src/sptps.c
+++ b/
src/sptps.c
@@
-301,7
+301,7
@@
static bool receive_sig(sptps_t *s, const char *data, uint16_t len) {
s->hiskex = NULL;
// Send cipher change record
s->hiskex = NULL;
// Send cipher change record
- if(!send_ack(s))
+ if(
s->outstate &&
!send_ack(s))
return false;
// TODO: only set new keys after ACK has been set/received
return false;
// TODO: only set new keys after ACK has been set/received
@@
-319,8
+319,6
@@
static bool receive_sig(sptps_t *s, const char *data, uint16_t len) {
return false;
}
return false;
}
- s->outstate = true;
-
return true;
}
return true;
}
@@
-352,7
+350,16
@@
static bool receive_handshake(sptps_t *s, const char *data, uint16_t len) {
// If we already sent our secondary public ECDH key, we expect the peer to send his.
if(!receive_sig(s, data, len))
return false;
// If we already sent our secondary public ECDH key, we expect the peer to send his.
if(!receive_sig(s, data, len))
return false;
- s->state = SPTPS_ACK;
+ if(s->outstate)
+ s->state = SPTPS_ACK;
+ else {
+ s->outstate = true;
+ if(!receive_ack(s, NULL, 0))
+ return false;
+ s->receive_record(s->handle, SPTPS_HANDSHAKE, NULL, 0);
+ s->state = SPTPS_SECONDARY_KEX;
+ }
+
return true;
case SPTPS_ACK:
// We expect a handshake message to indicate transition to the new keys.
return true;
case SPTPS_ACK:
// We expect a handshake message to indicate transition to the new keys.