diff --git a/src/net.c b/src/net.c index 57ac8242..405114fb 100644 --- a/src/net.c +++ b/src/net.c @@ -400,6 +400,17 @@ static void sigalrm_handler(int signal, short events, void *data) { } } +static void keyexpire_handler(int fd, short events, void *event) { + ifdebug(STATUS) logger(LOG_INFO, _("Regenerating symmetric key")); + + RAND_pseudo_bytes((unsigned char *)myself->key, myself->keylength); + if(myself->cipher) + EVP_DecryptInit_ex(&packet_ctx, myself->cipher, NULL, (unsigned char *)myself->key, (unsigned char *)myself->key + myself->cipher->key_len); + send_key_changed(broadcast, myself); + + event_add(event, &(struct timeval){keylifetime, 0}); +} + /* this is where it all happens... */ @@ -417,6 +428,7 @@ int main_loop(void) struct event sigusr2_event; struct event sigwinch_event; struct event sigalrm_event; + struct event keyexpire_event; cp(); @@ -436,6 +448,8 @@ int main_loop(void) signal_add(&sigwinch_event, NULL); signal_set(&sigalrm_event, SIGALRM, sigalrm_handler, NULL); signal_add(&sigalrm_event, NULL); + timeout_set(&keyexpire_event, keyexpire_handler, &keyexpire_event); + event_add(&keyexpire_event, &(struct timeval){keylifetime, 0}); last_ping_check = now; @@ -480,18 +494,6 @@ int main_loop(void) if(last_ping_check + pingtimeout < now) { check_dead_connections(); last_ping_check = now; - - /* Should we regenerate our key? */ - - if(keyexpires < now) { - ifdebug(STATUS) logger(LOG_INFO, _("Regenerating symmetric key")); - - RAND_pseudo_bytes((unsigned char *)myself->key, myself->keylength); - if(myself->cipher) - EVP_DecryptInit_ex(&packet_ctx, myself->cipher, NULL, (unsigned char *)myself->key, (unsigned char *)myself->key + myself->cipher->key_len); - send_key_changed(broadcast, myself); - keyexpires = now + keylifetime; - } } } @@ -503,6 +505,7 @@ int main_loop(void) signal_del(&sigusr2_event); signal_del(&sigwinch_event); signal_del(&sigalrm_event); + event_del(&keyexpire_event); return 0; }