chiark
/
gitweb
/
~mdw
/
tripe
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
server/tests.at, t/keyring-*: Handle three-party tests.
[tripe]
/
server
/
keyexch.c
diff --git
a/server/keyexch.c
b/server/keyexch.c
index e70527294b2eb0f0fad01b46ac87965869d56e96..8eaf1e88a72ce7bc198db1d099538e0cbf706071 100644
(file)
--- a/
server/keyexch.c
+++ b/
server/keyexch.c
@@
-77,7
+77,7
@@
/*----- Tunable parameters ------------------------------------------------*/
/*----- Tunable parameters ------------------------------------------------*/
-#define T_VALID
MIN(2)
/* Challenge validity period */
+#define T_VALID
SEC(20)
/* Challenge validity period */
#define T_RETRY SEC(10) /* Challenge retransmit interval */
#define VALIDP(kx, now) ((now) < (kx)->t_valid)
#define T_RETRY SEC(10) /* Challenge retransmit interval */
#define VALIDP(kx, now) ((now) < (kx)->t_valid)
@@
-85,8
+85,7
@@
/*----- Static tables -----------------------------------------------------*/
static const char *const pkname[] = {
/*----- Static tables -----------------------------------------------------*/
static const char *const pkname[] = {
- "pre-challenge", "cookie", "challenge",
- "reply", "switch-rq", "switch-ok"
+ "pre-challenge", "challenge", "reply", "switch-rq", "switch-ok"
};
/*----- Various utilities -------------------------------------------------*/
};
/*----- Various utilities -------------------------------------------------*/
@@
-604,7
+603,7
@@
static kxchal *respond(keyexch *kx, unsigned msg, buf *b)
h = GH_INIT(algs.h);
HASH_STRING(h, "tripe-check-hash");
GH_HASH(h, ck, indexsz);
h = GH_INIT(algs.h);
HASH_STRING(h, "tripe-check-hash");
GH_HASH(h, ck, indexsz);
- GH_DONE(h, kxc->
hc
);
+ GH_DONE(h, kxc->
ck
);
GH_DESTROY(h);
h = GH_INIT(algs.h);
GH_DESTROY(h);
h = GH_INIT(algs.h);
@@
-793,6
+792,7
@@
static int decryptrest(keyexch *kx, kxchal *kxc, unsigned msg, buf *b)
a_warn("KX", "?PEER", kx->p, "decrypt-failed", "%s", pkname[msg], A_END);
return (-1);
}
a_warn("KX", "?PEER", kx->p, "decrypt-failed", "%s", pkname[msg], A_END);
return (-1);
}
+ if (!BOK(&bb)) return (-1);
buf_init(b, BBASE(&bb), BLEN(&bb));
return (0);
}
buf_init(b, BBASE(&bb), BLEN(&bb));
return (0);
}
@@
-1236,7
+1236,7
@@
void kx_free(keyexch *kx)
void kx_newkeys(keyexch *kx)
{
void kx_newkeys(keyexch *kx)
{
- if (km_getpubkey(p_
name
(kx->p), kx->kpub, &kx->texp_kpub))
+ if (km_getpubkey(p_
tag
(kx->p), kx->kpub, &kx->texp_kpub))
return;
kx->f |= KXF_PUBKEY;
if ((kx->f & KXF_DEAD) || kx->s != KXS_SWITCH) {
return;
kx->f |= KXF_PUBKEY;
if ((kx->f & KXF_DEAD) || kx->s != KXS_SWITCH) {
@@
-1267,7
+1267,7
@@
int kx_init(keyexch *kx, peer *p, keyset **ks, unsigned f)
kx->ks = ks;
kx->p = p;
kx->kpub = G_CREATE(gg);
kx->ks = ks;
kx->p = p;
kx->kpub = G_CREATE(gg);
- if (km_getpubkey(p_
name
(p), kx->kpub, &kx->texp_kpub)) {
+ if (km_getpubkey(p_
tag
(p), kx->kpub, &kx->texp_kpub)) {
G_DESTROY(gg, kx->kpub);
return (-1);
}
G_DESTROY(gg, kx->kpub);
return (-1);
}