X-Git-Url: https://www.tinc-vpn.org/git/browse?p=tinc;a=blobdiff_plain;f=src%2Fprotocol_key.c;h=f0fe316b2f65f5496b7acf829f6a25a9b5682e98;hp=5067a818d15401fa94a68e1bd88f257b3ce18d6b;hb=e9576632dc4b780b867044269d06cc50f76d8c05;hpb=42e01abd54bd36ee84a45a2b646cfa27034de8d1

diff --git a/src/protocol_key.c b/src/protocol_key.c
index 5067a818..f0fe316b 100644
--- a/src/protocol_key.c
+++ b/src/protocol_key.c
@@ -1,7 +1,7 @@
 /*
     protocol_key.c -- handle the meta-protocol, key exchange
-    Copyright (C) 1999-2003 Ivo Timmermans <ivo@o2w.nl>,
-                  2000-2003 Guus Sliepen <guus@sliepen.eu.org>
+    Copyright (C) 1999-2005 Ivo Timmermans,
+                  2000-2008 Guus Sliepen <guus@tinc-vpn.org>
 
     This program is free software; you can redistribute it and/or modify
     it under the terms of the GNU General Public License as published by
@@ -17,7 +17,7 @@
     along with this program; if not, write to the Free Software
     Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 
-    $Id: protocol_key.c,v 1.1.4.26 2003/12/20 21:25:17 guus Exp $
+    $Id$
 */
 
 #include "system.h"
@@ -134,6 +134,12 @@ bool req_key_h(connection_t *c)
 		if(tunnelserver)
 			return false;
 
+		if(!to->status.reachable) {
+			logger(LOG_WARNING, _("Got %s from %s (%s) destination %s which is not reachable"),
+				"REQ_KEY", c->name, c->hostname, to_name);
+			return true;
+		}
+
 		send_req_key(to->nexthop->connection, from, to);
 	}
 
@@ -142,10 +148,11 @@ bool req_key_h(connection_t *c)
 
 bool send_ans_key(connection_t *c, const node_t *from, const node_t *to)
 {
-	char key[MAX_STRING_SIZE];
+	char *key;
 
 	cp();
 
+	key = alloca(2 * from->keylength + 1);
 	bin2hex(from->key, key, from->keylength);
 	key[from->keylength * 2] = '\0';
 
@@ -196,6 +203,12 @@ bool ans_key_h(connection_t *c)
 		if(tunnelserver)
 			return false;
 
+		if(!to->status.reachable) {
+			logger(LOG_WARNING, _("Got %s from %s (%s) destination %s which is not reachable"),
+				"ANS_KEY", c->name, c->hostname, to_name);
+			return true;
+		}
+
 		return send_request(to->nexthop->connection, "%s", c->buffer);
 	}
 
@@ -261,7 +274,7 @@ bool ans_key_h(connection_t *c)
 	from->compression = compression;
 
 	if(from->cipher)
-		if(!EVP_EncryptInit_ex(&from->packet_ctx, from->cipher, NULL, from->key, from->key + from->cipher->key_len)) {
+		if(!EVP_EncryptInit_ex(&from->packet_ctx, from->cipher, NULL, (unsigned char *)from->key, (unsigned char *)from->key + from->cipher->key_len)) {
 			logger(LOG_ERR, _("Error during initialisation of key from %s (%s): %s"),
 					from->name, from->hostname, ERR_error_string(ERR_get_error(), NULL));
 			return false;