Fixed meta protocol.

2000-05-01 21:31:59 +00:00 · 2000-05-01 21:31:59 +00:00 · a9247e6f2c
commit a9247e6f2c
parent 9ea27f76fa
3 changed files with 40 additions and 30 deletions
--- a/src/encr.c
+++ b/src/encr.c
@ -225,16 +225,25 @@ void encrypt_passphrase(passphrase_t *pp)
 {
  char key[1000];
  char tmp[1000];
-  int len;
+  unsigned char phrase[1000];
  int keylen;
  int i;
  BF_KEY bf_key;
 cp  
  mpz_get_str(tmp, 16, my_public_key);
-  len = str_hex_to_bin(key, tmp);
+  keylen = str_hex_to_bin(key, tmp);
-  cipher_set_key(&bf_key, len, key);
+  cipher_set_key(&bf_key, keylen, key);
-  low_crypt_key(mypassphrase, pp->phrase, &bf_key, mypassphraselen, BF_ENCRYPT);
+  low_crypt_key(mypassphrase, phrase, &bf_key, mypassphraselen, BF_ENCRYPT);
-  pp->len = ((mypassphraselen - 1) | 7) + 5;
+  pp->len = ((mypassphraselen - 1) | 7) + 1;
  pp->phrase = xmalloc((pp->len << 1) + 1);
  for(i = 0; i < pp->len; i++)
    snprintf(&(pp->phrase)[i << 1], 3, "%02x", (int)phrase[i]);
  pp->phrase[(pp->len << 1) + 1] = '\0';
  if(key_inited)
    cipher_set_key(&encryption_key, encryption_keylen, text_key);
@ -244,29 +253,31 @@ cp
 int verify_passphrase(conn_list_t *cl, unsigned char *his_pubkey)
 {
  char key[1000];
-  char tmp[1000];
+  char *tmp;
-  int len;
+  unsigned char phrase[1000];
  int keylen, pplen;
  mpz_t pk;
  unsigned char *out;
  BF_KEY bf_key;
  char which[sizeof("123.123.123.123")+1];
  char *meuk;
 cp
-  mpz_init_set_str(pk, his_pubkey, 16);
+  mpz_init_set_str(pk, his_pubkey, 36);
-  mpz_get_str(tmp, 16, pk);
+  tmp = mpz_get_str(NULL, 16, pk);
-  len = str_hex_to_bin(key, tmp);
+  keylen = str_hex_to_bin(key, tmp);
-  out = xmalloc(strlen(cl->pp) + 3);
+  out = xmalloc((cl->pp->len >> 1) + 3);
  pplen = str_hex_to_bin(phrase, cl->pp->phrase);
-  cipher_set_key(&bf_key, len, key);
+  cipher_set_key(&bf_key, keylen, key);
-  low_crypt_key(cl->pp, out, &bf_key, strlen(cl->pp), BF_DECRYPT);
+  low_crypt_key(phrase, out, &bf_key, pplen, BF_DECRYPT);
  if(key_inited)
    cipher_set_key(&encryption_key, encryption_keylen, text_key);
  sprintf(which, IP_ADDR_S, IP_ADDR_V(cl->vpn_ip));
-  if((len = read_passphrase(which, &meuk)) < 0)
+  if((pplen = read_passphrase(which, &meuk)) < 0)
    return -1;
-  if(memcmp(meuk, out, len))
+  if(memcmp(meuk, out, pplen))
    return -1;
 cp
  return 0;
--- a/src/net.h
+++ b/src/net.h
@ -28,9 +28,6 @@
 #define MAXSIZE 1700  /* should be a bit more than the MTU for the tapdevice */
 #define MTU 1600
 #define MAX_PASSPHRASE_SIZE 2000 /* 2kb is really waaaay too much. nobody's
 				    gonna need a 16 kbit passphrase */
 #define MAC_ADDR_S "%02x:%02x:%02x:%02x:%02x:%02x"
 #define MAC_ADDR_V(x) ((unsigned char*)&(x))[0],((unsigned char*)&(x))[1], \
                      ((unsigned char*)&(x))[2],((unsigned char*)&(x))[3], \
@ -64,7 +61,7 @@ typedef struct real_packet_t {
 typedef struct passphrase_t {
  unsigned short len;
-  unsigned char phrase[MAX_PASSPHRASE_SIZE];
+  unsigned char *phrase;
 } passphrase_t;
 typedef struct status_bits_t {
@ -109,7 +106,7 @@ typedef struct conn_list_t {
  int meta_socket;                 /* our tcp meta socket */
  int protocol_version;            /* used protocol */
  status_bits_t status;            /* status info */
-  unsigned char *pp;               /* encoded passphrase */
+  passphrase_t *pp;                /* encoded passphrase */
  packet_queue_t *sq;              /* pending outgoing packets */
  packet_queue_t *rq;              /* pending incoming packets (they have no
 				      valid key to be decrypted with) */
--- a/src/protocol.c
+++ b/src/protocol.c
@ -213,10 +213,10 @@ cp
  encrypt_passphrase(&tmp);
  if(debug_lvl > 2)
-    syslog(LOG_DEBUG, "Send PASSPHRASE to " IP_ADDR_S,
+    syslog(LOG_DEBUG, "Send PASSPHRASE %s to " IP_ADDR_S,
-	   IP_ADDR_V(cl->vpn_ip));
+	   tmp.phrase, IP_ADDR_V(cl->vpn_ip));
-  buflen = sprintf(buffer, "%d %s\n", PASSPHRASE, tmp.phrase);
+  buflen = snprintf(buffer, MAXBUFSIZE, "%d %s\n", PASSPHRASE, tmp.phrase);
  if((write(cl->meta_socket, buffer, buflen)) < 0)
    {
@ -231,8 +231,8 @@ int send_public_key(conn_list_t *cl)
 {
 cp
  if(debug_lvl > 2)
-    syslog(LOG_DEBUG, "Send PUBLIC_KEY to " IP_ADDR_S,
+    syslog(LOG_DEBUG, "Send PUBLIC_KEY %s to " IP_ADDR_S,
-	   IP_ADDR_V(cl->vpn_ip));
+	   my_public_key_base36, IP_ADDR_V(cl->vpn_ip));
  buflen = sprintf(buffer, "%d %s\n", PUBLIC_KEY, my_public_key_base36);
@ -396,11 +396,13 @@ cp
 int passphrase_h(conn_list_t *cl)
 {
 cp
-  if(sscanf(cl->buffer, "%*d %s", cl->pp) != 1)
+  cl->pp=xmalloc(sizeof(*(cl->pp)));
  if(sscanf(cl->buffer, "%*d %as", &(cl->pp->phrase)) != 1)
    {
-       syslog(LOG_ERR, "got bad PASSPHRASE request: %s", cl->buffer);
+      syslog(LOG_ERR, "got bad PASSPHRASE request: %s", cl->buffer);
-       return -1;
+      return -1;
-    }  
+    }
  cl->pp->len = strlen(cl->pp->phrase);
  if(debug_lvl > 2)
    syslog(LOG_DEBUG, "got PASSPHRASE");
@ -424,7 +426,7 @@ cp
    }  
  if(debug_lvl > 2)
-    syslog(LOG_DEBUG, "got PUBLIC_KEY");
+    syslog(LOG_DEBUG, "got PUBLIC_KEY %s",  g_n);
  if(verify_passphrase(cl, g_n))
    {