Fix check for presence of ECDSA public key for outgoing connections.

[tinc] / src / protocol_auth.c

diff --git a/src/protocol_auth.c b/src/protocol_auth.c
index 7940ab8..f030b86 100644 (file)
--- a/src/protocol_auth.c
+++ b/src/protocol_auth.c
@@ -133,7 +133,7 @@ bool send_id(connection_t *c) {
        int minor = 0;
 
        if(experimental) {
-               if(c->config_tree && !read_ecdsa_public_key(c))
+               if(c->outgoing && !read_ecdsa_public_key(c))
                        minor = 1;
                else
                        minor = myself->connection->protocol_minor;
@@ -273,7 +273,8 @@ bool send_metakey(connection_t *c) {
 
        key[0] &= 0x7F;
 
-       cipher_set_key_from_rsa(c->outcipher, key, len, true);
+       if(!cipher_set_key_from_rsa(c->outcipher, key, len, true))
+               return false;
 
        if(debug_level >= DEBUG_SCARY_THINGS) {
                bin2hex(key, hexkey, len);
@@ -403,11 +404,10 @@ bool challenge_h(connection_t *c, const char *request) {
                return false;
        }
 
-       c->allow_request = CHAL_REPLY;
-
        /* Calculate the hash from the challenge we received */
 
-       digest_create(c->indigest, buffer, len, digest);
+       if(!digest_create(c->indigest, buffer, len, digest))
+               return false;
 
        /* Convert the hash to a hexadecimal formatted string */
 
@@ -415,6 +415,8 @@ bool challenge_h(connection_t *c, const char *request) {
 
        /* Send the reply */
 
+       c->allow_request = CHAL_REPLY;
+
        return send_request(c, "%d %s", CHAL_REPLY, buffer);
 }