X-Git-Url: https://www.tinc-vpn.org/git/browse?p=tinc;a=blobdiff_plain;f=src%2Fprotocol_key.c;h=5f71d1ca29feca7368a76bc9e9c7d58eaafd23db;hp=fbd7cabb8babafdd89fd09ac16a4fa46254bc8f8;hb=a85864809febde02687b52dc2931ac4505f57067;hpb=23acc19bc090051156ad895caed61848f5afb144

diff --git a/src/protocol_key.c b/src/protocol_key.c
index fbd7cabb..5f71d1ca 100644
--- a/src/protocol_key.c
+++ b/src/protocol_key.c
@@ -1,7 +1,7 @@
 /*
     protocol_key.c -- handle the meta-protocol, key exchange
     Copyright (C) 1999-2005 Ivo Timmermans,
-                  2000-2010 Guus Sliepen <guus@tinc-vpn.org>
+                  2000-2016 Guus Sliepen <guus@tinc-vpn.org>
 
     This program is free software; you can redistribute it and/or modify
     it under the terms of the GNU General Public License as published by
@@ -34,13 +34,13 @@
 #include "utils.h"
 #include "xalloc.h"
 
-bool mykeyused = false;
+static bool mykeyused = false;
 
-void send_key_changed() {
+void send_key_changed(void) {
 	avl_node_t *node;
 	connection_t *c;
 
-	send_request(broadcast, "%d %x %s", KEY_CHANGED, rand(), myself->name);
+	send_request(everyone, "%d %x %s", KEY_CHANGED, rand(), myself->name);
 
 	/* Immediately send new keys to directly connected nodes to keep UDP mappings alive */
 
@@ -127,7 +127,8 @@ bool req_key_h(connection_t *c) {
 	/* Check if this key request is for us */
 
 	if(to == myself) {			/* Yes, send our own key back */
-		send_ans_key(from);
+		if (!send_ans_key(from))
+			return false;
 	} else {
 		if(tunnelserver)
 			return true;
@@ -156,9 +157,14 @@ bool send_ans_key(node_t *to) {
 	to->inkey = xrealloc(to->inkey, to->inkeylength);
 
 	// Create a new key
-	RAND_pseudo_bytes((unsigned char *)to->inkey, to->inkeylength);
+	if (1 != RAND_bytes((unsigned char *)to->inkey, to->inkeylength)) {
+		int err = ERR_get_error();
+		logger(LOG_ERR, "Failed to generate random for key (%s)", ERR_error_string(err, NULL));
+		return false; // Do not send insecure keys, let connection attempt fail.
+	}
+
 	if(to->incipher)
-		EVP_DecryptInit_ex(&to->inctx, to->incipher, NULL, (unsigned char *)to->inkey, (unsigned char *)to->inkey + to->incipher->key_len);
+		EVP_DecryptInit_ex(to->inctx, to->incipher, NULL, (unsigned char *)to->inkey, (unsigned char *)to->inkey + EVP_CIPHER_key_length(to->incipher));
 
 	// Reset sequence number and late packet window
 	mykeyused = true;
@@ -172,8 +178,8 @@ bool send_ans_key(node_t *to) {
 
 	return send_request(to->nexthop->connection, "%d %s %s %s %d %d %d %d", ANS_KEY,
 			myself->name, to->name, key,
-			to->incipher ? to->incipher->nid : 0,
-			to->indigest ? to->indigest->type : 0, to->inmaclength,
+			to->incipher ? EVP_CIPHER_nid(to->incipher) : 0,
+			to->indigest ? EVP_MD_type(to->indigest) : 0, to->inmaclength,
 			to->incompression);
 }
 
@@ -227,7 +233,7 @@ bool ans_key_h(connection_t *c) {
 			return true;
 		}
 
-		if(!*address && from->address.sa.sa_family != AF_UNSPEC) {
+		if(!*address && from->address.sa.sa_family != AF_UNSPEC && to->minmtu) {
 			char *address, *port;
 			ifdebug(PROTOCOL) logger(LOG_DEBUG, "Appending reflexive UDP address to ANS_KEY from %s to %s", from->name, to->name);
 			sockaddr2str(&from->address, &address, &port);
@@ -240,12 +246,16 @@ bool ans_key_h(connection_t *c) {
 		return send_request(to->nexthop->connection, "%s", c->buffer);
 	}
 
+	/* Don't use key material until every check has passed. */
+	from->status.validkey = false;
+
 	/* Update our copy of the origin's packet key */
 	from->outkey = xrealloc(from->outkey, strlen(key) / 2);
-
-	from->outkey = xstrdup(key);
 	from->outkeylength = strlen(key) / 2;
-	hex2bin(key, from->outkey, from->outkeylength);
+	if(!hex2bin(key, from->outkey, from->outkeylength)) {
+		logger(LOG_ERR, "Got bad %s from %s(%s): %s", "ANS_KEY", from->name, from->hostname, "invalid key");
+		return true;
+	}
 
 	/* Check and lookup cipher and digest algorithms */
 
@@ -258,7 +268,7 @@ bool ans_key_h(connection_t *c) {
 			return true;
 		}
 
-		if(from->outkeylength != from->outcipher->key_len + from->outcipher->iv_len) {
+		if(from->outkeylength != EVP_CIPHER_key_length(from->outcipher) + EVP_CIPHER_iv_length(from->outcipher)) {
 			logger(LOG_ERR, "Node %s (%s) uses wrong keylength!", from->name,
 				   from->hostname);
 			return true;
@@ -278,7 +288,7 @@ bool ans_key_h(connection_t *c) {
 			return true;
 		}
 
-		if(from->outmaclength > from->outdigest->md_size || from->outmaclength < 0) {
+		if(from->outmaclength > EVP_MD_size(from->outdigest) || from->outmaclength < 0) {
 			logger(LOG_ERR, "Node %s (%s) uses bogus MAC length!",
 				   from->name, from->hostname);
 			return true;
@@ -295,7 +305,7 @@ bool ans_key_h(connection_t *c) {
 	from->outcompression = compression;
 
 	if(from->outcipher)
-		if(!EVP_EncryptInit_ex(&from->outctx, from->outcipher, NULL, (unsigned char *)from->outkey, (unsigned char *)from->outkey + from->outcipher->key_len)) {
+		if(!EVP_EncryptInit_ex(from->outctx, from->outcipher, NULL, (unsigned char *)from->outkey, (unsigned char *)from->outkey + EVP_CIPHER_key_length(from->outcipher))) {
 			logger(LOG_ERR, "Error during initialisation of key from %s (%s): %s",
 					from->name, from->hostname, ERR_error_string(ERR_get_error(), NULL));
 			return true;
@@ -310,7 +320,7 @@ bool ans_key_h(connection_t *c) {
 		update_node_udp(from, &sa);
 	}
 
-	if(from->options & OPTION_PMTU_DISCOVERY && !from->mtuprobes)
+	if(from->options & OPTION_PMTU_DISCOVERY && !from->mtuevent)
 		send_mtu_probe(from);
 
 	return true;