From: Guus Sliepen Date: Sat, 11 May 2013 12:04:39 +0000 (+0200) Subject: Fix check for presence of ECDSA public key for outgoing connections. X-Git-Tag: release-1.1pre8~50 X-Git-Url: https://www.tinc-vpn.org/git/browse?a=commitdiff_plain;ds=inline;h=3c163a3796c984deb874fb1cca1ed9a85fc1d087;p=tinc Fix check for presence of ECDSA public key for outgoing connections. At this point, c->config_tree may or may not be NULL, but this does not tell us whether it is an outgoing connection or not. For incoming connections, we do not know the peer's name yet, so we always have to claim ECDSA support. For outgoing connections, we always need to check whether we have the peer's ECDSA public key, so that if we don't, we correctly tell the peer that we want to upgrade. --- diff --git a/src/net_setup.c b/src/net_setup.c index 6b55521b..34d8980e 100644 --- a/src/net_setup.c +++ b/src/net_setup.c @@ -110,6 +110,12 @@ bool read_ecdsa_public_key(connection_t *c) { char *fname; char *p; + if(!c->config_tree) { + init_configuration(&c->config_tree); + if(!read_host_config(c->config_tree, c->name)) + return false; + } + /* First, check for simple ECDSAPublicKey statement */ if(get_config_string(lookup_config(c->config_tree, "ECDSAPublicKey"), &p)) { diff --git a/src/protocol_auth.c b/src/protocol_auth.c index a4e3b24f..f030b86b 100644 --- a/src/protocol_auth.c +++ b/src/protocol_auth.c @@ -133,7 +133,7 @@ bool send_id(connection_t *c) { int minor = 0; if(experimental) { - if(c->config_tree && !read_ecdsa_public_key(c)) + if(c->outgoing && !read_ecdsa_public_key(c)) minor = 1; else minor = myself->connection->protocol_minor;