X-Git-Url: https://www.tinc-vpn.org/git/browse?p=tinc;a=blobdiff_plain;f=src%2Fprotocol_key.c;h=049fc1e8073c093a602275f9235a97fbfb4cd15c;hp=3b5cd467f62bc254ae87f22d9ebde5703263082d;hb=e3220cacb5bc79fc56167e61b7a342f88a33a479;hpb=eefa28059ab989c915a7d95fb4ae728abd7ce713

diff --git a/src/protocol_key.c b/src/protocol_key.c
index 3b5cd467..049fc1e8 100644
--- a/src/protocol_key.c
+++ b/src/protocol_key.c
@@ -17,11 +17,14 @@
     along with this program; if not, write to the Free Software
     Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 
-    $Id: protocol_key.c,v 1.1.4.20 2003/07/22 20:55:20 guus Exp $
+    $Id: protocol_key.c,v 1.1.4.24 2003/11/17 15:30:18 guus Exp $
 */
 
 #include "system.h"
 
+#include <openssl/evp.h>
+#include <openssl/err.h>
+
 #include "avl_tree.h"
 #include "connection.h"
 #include "logger.h"
@@ -34,7 +37,7 @@
 
 bool mykeyused = false;
 
-bool send_key_changed(connection_t *c, node_t *n)
+bool send_key_changed(connection_t *c, const node_t *n)
 {
 	cp();
 
@@ -77,12 +80,13 @@ bool key_changed_h(connection_t *c)
 
 	/* Tell the others */
 
-	forward_request(c);
+	if(!tunnelserver)
+		forward_request(c);
 
 	return true;
 }
 
-bool send_req_key(connection_t *c, node_t *from, node_t *to)
+bool send_req_key(connection_t *c, const node_t *from, const node_t *to)
 {
 	cp();
 
@@ -127,13 +131,16 @@ bool req_key_h(connection_t *c)
 		memset(from->late, 0, sizeof(from->late));
 		send_ans_key(c, myself, from);
 	} else {
+		if(tunnelserver)
+			return false;
+
 		send_req_key(to->nexthop->connection, from, to);
 	}
 
 	return true;
 }
 
-bool send_ans_key(connection_t *c, node_t *from, node_t *to)
+bool send_ans_key(connection_t *c, const node_t *from, const node_t *to)
 {
 	char key[MAX_STRING_SIZE];
 
@@ -186,6 +193,9 @@ bool ans_key_h(connection_t *c)
 	/* Forward it if necessary */
 
 	if(to != myself) {
+		if(tunnelserver)
+			return false;
+
 		return send_request(to->nexthop->connection, "%s", c->buffer);
 	}
 
@@ -250,7 +260,13 @@ bool ans_key_h(connection_t *c)
 	
 	from->compression = compression;
 
-	EVP_EncryptInit_ex(&from->packet_ctx, from->cipher, NULL, from->key, from->key + from->cipher->key_len);
+	if(from->cipher)
+		if(!EVP_EncryptInit_ex(&from->packet_ctx, from->cipher, NULL, from->key, from->key + from->cipher->key_len)) {
+			logger(LOG_ERR, _("Error during initialisation of key from %s (%s): %s"),
+					from->name, from->hostname, ERR_error_string(ERR_get_error(), NULL));
+			return false;
+		}
+
 
 	flush_queue(from);