projects / tinc / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Fix warnings found by GCC 4.9.
[tinc] / src / protocol_key.c
diff --git a/src/protocol_key.c b/src/protocol_key.c
index fbd7cab..22d2ff5 100644 (file)
--- a/src/protocol_key.c
+++ b/src/protocol_key.c
@@ -1,7 +1,7 @@
 /*
     protocol_key.c -- handle the meta-protocol, key exchange
     Copyright (C) 1999-2005 Ivo Timmermans,
-                  2000-2010 Guus Sliepen <guus@tinc-vpn.org>
+                  2000-2012 Guus Sliepen <guus@tinc-vpn.org>
 
     This program is free software; you can redistribute it and/or modify
     it under the terms of the GNU General Public License as published by
@@ -34,13 +34,13 @@
 #include "utils.h"
 #include "xalloc.h"
 
-bool mykeyused = false;
+static bool mykeyused = false;
 
-void send_key_changed() {
+void send_key_changed(void) {
        avl_node_t *node;
        connection_t *c;
 
-       send_request(broadcast, "%d %x %s", KEY_CHANGED, rand(), myself->name);
+       send_request(everyone, "%d %x %s", KEY_CHANGED, rand(), myself->name);
 
        /* Immediately send new keys to directly connected nodes to keep UDP mappings alive */
 
@@ -127,7 +127,8 @@ bool req_key_h(connection_t *c) {
        /* Check if this key request is for us */
 
        if(to == myself) {                      /* Yes, send our own key back */
-               send_ans_key(from);
+               if (!send_ans_key(from))
+                       return false;
        } else {
                if(tunnelserver)
                        return true;
@@ -156,7 +157,12 @@ bool send_ans_key(node_t *to) {
        to->inkey = xrealloc(to->inkey, to->inkeylength);
 
        // Create a new key
-       RAND_pseudo_bytes((unsigned char *)to->inkey, to->inkeylength);
+       if (1 != RAND_bytes((unsigned char *)to->inkey, to->inkeylength)) {
+               int err = ERR_get_error();
+               logger(LOG_ERR, "Failed to generate random for key (%s)", ERR_error_string(err, NULL));
+               return false; // Do not send insecure keys, let connection attempt fail.
+       }
+
        if(to->incipher)
                EVP_DecryptInit_ex(&to->inctx, to->incipher, NULL, (unsigned char *)to->inkey, (unsigned char *)to->inkey + to->incipher->key_len);
 
@@ -240,12 +246,16 @@ bool ans_key_h(connection_t *c) {
                return send_request(to->nexthop->connection, "%s", c->buffer);
        }
 
+       /* Don't use key material until every check has passed. */
+       from->status.validkey = false;
+
        /* Update our copy of the origin's packet key */
        from->outkey = xrealloc(from->outkey, strlen(key) / 2);
-
-       from->outkey = xstrdup(key);
        from->outkeylength = strlen(key) / 2;
-       hex2bin(key, from->outkey, from->outkeylength);
+       if(!hex2bin(key, from->outkey, from->outkeylength)) {
+               logger(LOG_ERR, "Got bad %s from %s(%s): %s", "ANS_KEY", from->name, from->hostname, "invalid key");
+               return true;
+       }
 
        /* Check and lookup cipher and digest algorithms */
 
@@ -310,7 +320,7 @@ bool ans_key_h(connection_t *c) {
                update_node_udp(from, &sa);
        }
 
-       if(from->options & OPTION_PMTU_DISCOVERY && !from->mtuprobes)
+       if(from->options & OPTION_PMTU_DISCOVERY && !from->mtuevent)
                send_mtu_probe(from);
 
        return true;
tinc, the VPN daemon