X-Git-Url: https://www.tinc-vpn.org/git/browse?p=tinc;a=blobdiff_plain;f=src%2Fprotocol.c;h=d9b10dfdd35f1a309490a8fad261311ef41d2802;hp=50889b9172b110ecf7f27b0e4eb458fec89934e6;hb=cea3d8f3056d3c6aaaef473443240b8470c8ea2d;hpb=8fa9bc017d89b53798903df3fa98311067d4de90

diff --git a/src/protocol.c b/src/protocol.c
index 50889b91..d9b10dfd 100644
--- a/src/protocol.c
+++ b/src/protocol.c
@@ -17,7 +17,7 @@
     along with this program; if not, write to the Free Software
     Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 
-    $Id: protocol.c,v 1.28.4.50 2000/10/29 09:19:25 guus Exp $
+    $Id: protocol.c,v 1.28.4.51 2000/10/29 10:39:08 guus Exp $
 */
 
 #include "config.h"
@@ -38,6 +38,7 @@
 
 #include <openssl/sha.h>
 #include <openssl/rand.h>
+#include <openssl/evp.h>
 
 #include "conf.h"
 #include "net.h"
@@ -470,6 +471,7 @@ cp
   cl->allow_request = ALL;
   cl->status.active = 1;
   cl->nexthop = cl;
+  cl->cipher_pkttype = EVP_bf_cbc();
 
   if(debug_lvl >= DEBUG_CONNECTIONS)
     syslog(LOG_NOTICE, _("Connection with %s (%s) activated"), cl->name, cl->hostname);
@@ -992,6 +994,7 @@ int req_key_h(conn_list_t *cl)
 {
   char *from_id, *to_id;
   conn_list_t *from, *to;
+  char pktkey[129];
 cp
   if(sscanf(cl->buffer, "%*d %as %as", &from_id, &to_id) != 2)
     {
@@ -1012,7 +1015,9 @@ cp
 
   if(!strcmp(to_id, myself->name))
     {
-      send_ans_key(myself, from, myself->cipher_pktkey);
+      bin2hex(myself->cipher_pktkey, pktkey, 64);
+      pktkey[128] = 0;
+      send_ans_key(myself, from, pktkey);
     }
   else
     {
@@ -1059,46 +1064,42 @@ cp
       return -1;
     }
 
-  /* Check if this key request is for us */
+  /* Update origin's packet key */
 
-  if(!strcmp(to_id, myself->name))
-    {
-      /* It is for us, convert it to binary and set the key with it. */
+  keylength = strlen(pktkey);
 
-      keylength = strlen(pktkey);
-
-      if((keylength%2)!=0 || (keylength <= 0))
-        {
-          syslog(LOG_ERR, _("Got bad ANS_KEY from %s (%s) origin %s: invalid key"),
-                 cl->name, cl->hostname, from->name);
-          free(from_id); free(to_id); free(pktkey);
-          return -1;
-        }
+  if((keylength%2)!=0 || (keylength <= 0))
+    {
+      syslog(LOG_ERR, _("Got bad ANS_KEY from %s (%s) origin %s: invalid key"),
+             cl->name, cl->hostname, from->name);
+      free(from_id); free(to_id); free(pktkey);
+      return -1;
+    }
 
-      if(from->cipher_pktkey)
-        free(from->cipher_pktkey);
+  if(from->cipher_pktkey)
+    free(from->cipher_pktkey);
 
-      keylength /= 2;
-      hex2bin(pktkey, pktkey, keylength);
-      pktkey[keylength] = '\0';
-      from->cipher_pktkey = pktkey;
+  keylength /= 2;
+  hex2bin(pktkey, pktkey, keylength);
+  pktkey[keylength] = '\0';
+  from->cipher_pktkey = pktkey;
 
-      from->status.validkey = 1;
-      from->status.waitingforkey = 0;
-    }
-  else
+  from->status.validkey = 1;
+  from->status.waitingforkey = 0;
+    
+  if(strcmp(to_id, myself->name))
     {
       if(!(to = lookup_id(to_id)))
         {
           syslog(LOG_ERR, _("Got ANS_KEY from %s (%s) destination %s which does not exist in our connection list"),
                  cl->name, cl->hostname, to_id);
-          free(from_id); free(to_id); free(pktkey);
+          free(from_id); free(to_id);
           return -1;
         }
       send_ans_key(from, to, pktkey);
     }
 
-  free(from_id); free(to_id); free(pktkey);
+  free(from_id); free(to_id);
 cp
   return 0;
 }