From: Guus Sliepen <guus@tinc-vpn.org>
Date: Sat, 11 May 2013 12:04:39 +0000 (+0200)
Subject: Fix check for presence of ECDSA public key for outgoing connections.
X-Git-Tag: release-1.1pre8~50
X-Git-Url: https://www.tinc-vpn.org/git/browse?p=tinc;a=commitdiff_plain;h=3c163a3796c984deb874fb1cca1ed9a85fc1d087

Fix check for presence of ECDSA public key for outgoing connections.

At this point, c->config_tree may or may not be NULL, but this does not tell us whether it is an
outgoing connection or not. For incoming connections, we do not know the peer's name yet,
so we always have to claim ECDSA support. For outgoing connections, we always need to check
whether we have the peer's ECDSA public key, so that if we don't, we correctly tell the peer that
we want to upgrade.
---

diff --git a/src/net_setup.c b/src/net_setup.c
index 6b55521b..34d8980e 100644
--- a/src/net_setup.c
+++ b/src/net_setup.c
@@ -110,6 +110,12 @@ bool read_ecdsa_public_key(connection_t *c) {
 	char *fname;
 	char *p;
 
+	if(!c->config_tree) {
+		init_configuration(&c->config_tree);
+		if(!read_host_config(c->config_tree, c->name))
+			return false;
+	}
+
 	/* First, check for simple ECDSAPublicKey statement */
 
 	if(get_config_string(lookup_config(c->config_tree, "ECDSAPublicKey"), &p)) {
diff --git a/src/protocol_auth.c b/src/protocol_auth.c
index a4e3b24f..f030b86b 100644
--- a/src/protocol_auth.c
+++ b/src/protocol_auth.c
@@ -133,7 +133,7 @@ bool send_id(connection_t *c) {
 	int minor = 0;
 
 	if(experimental) {
-		if(c->config_tree && !read_ecdsa_public_key(c))
+		if(c->outgoing && !read_ecdsa_public_key(c))
 			minor = 1;
 		else
 			minor = myself->connection->protocol_minor;