Import release 0.1.14

[secnet.git] / transform.c

diff --git a/transform.c b/transform.c
index a870449bb2ff63f219b6be63ac792bfd8802916c..c4482dbce383504f3cc33dcdad45033d48f26698 100644 (file)
--- a/transform.c
+++ b/transform.c
@@ -8,6 +8,7 @@
    the packets sent over the wire. */
 
 #include <stdio.h>
+#include <string.h>
 #include "secnet.h"
 #include "util.h"
 #include "serpent.h"
@@ -53,7 +54,7 @@ static bool_t transform_setkey(void *sst, uint8_t *key, uint32_t keylen)
     struct transform_inst *ti=sst;
 
     if (keylen<REQUIRED_KEYLEN) {
-       Message(M_ERROR,"transform_create: insufficient key material supplied "
+       Message(M_ERR,"transform_create: insufficient key material supplied "
                "(need %d bytes, got %d)\n",REQUIRED_KEYLEN,keylen);
        return False;
     }
@@ -308,10 +309,10 @@ static uint32_t transform_reverse(void *sst, struct buffer_if *buf,
        is only allowed to increase. */
     seqnum=buf_unprepend_uint32(buf);
     skew=seqnum-ti->lastrecvseq;
-    if (skew<10) {
+    if (skew<0x8fffffff) {
        /* Ok */
        ti->lastrecvseq=seqnum;
-    } else if ((0-skew)<10) {
+    } else if ((0-skew)<ti->max_skew) {
        /* Ok */
     } else {
        /* Too much skew */
@@ -404,14 +405,14 @@ void transform_module(dict_t *dict)
        ciphertext[2]!=0x83C31E69 ||
        ciphertext[1]!=0xec52bd82 ||
        ciphertext[0]!=0x27a46120) {
-       fatal("transform_module: serpent failed self-test (encrypt)\n");
+       fatal("transform_module: serpent failed self-test (encrypt)");
     }
     serpent_decrypt(&k,ciphertext,plaintext);
     if (plaintext[0]!=0 ||
        plaintext[1]!=1 ||
        plaintext[2]!=2 ||
        plaintext[3]!=3) {
-       fatal("transform_module: serpent failed self-test (decrypt)\n");
+       fatal("transform_module: serpent failed self-test (decrypt)");
     }
 
     add_closure(dict,"serpent256-cbc",transform_apply);