j3d1/tinc
1
0
Fork 0
Code Issues 1 Pull requests Releases Wiki Activity

Better log messages when we already know the peer's key during an upgrade.

Browse source 
If the peer presents a different one from the one we already know, log
an error. Otherwise, log an informational message, and terminate in the
same way as we would if we didn't already have that key.
This commit is contained in:
Guus Sliepen 2014-12-07 21:42:20 +01:00
parent 148a4c9161
commit 6062df4a0f
1 changed files with 10 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
src/protocol_auth.c
View file

@ -726,8 +726,16 @@ static bool upgrade_h(connection_t *c, const char *request) {
}
if(ecdsa_active(c->ecdsa) || read_ecdsa_public_key(c)) {
logger(DEBUG_ALWAYS, LOG_INFO, "Already have Ed25519 public key from %s (%s), not upgrading.", c->name, c->hostname);
return false;
char *knownkey = ecdsa_get_base64_public_key(c->ecdsa);
bool different = strcmp(knownkey, pubkey);
free(knownkey);
if(different) {
logger(DEBUG_ALWAYS, LOG_ERR, "Already have an Ed25519 public key from %s (%s) which is different from the one presented now!", c->name, c->hostname);
return false;
}
logger(DEBUG_ALWAYS, LOG_INFO, "Already have Ed25519 public key from %s (%s), ignoring.", c->name, c->hostname);
c->allow_request = TERMREQ;
return send_termreq(c);
}
c->ecdsa = ecdsa_set_base64_public_key(pubkey);