server/keyexch.c: Prefix crypto-details trace messages correctly.

[tripe] / server / keyexch.c

diff --git a/server/keyexch.c b/server/keyexch.c
index df70774db6fcb90b897dad354576cbb386da67ee..4280f86e04b9089cf2beed291fc4dfcedee31a24 100644 (file)
--- a/server/keyexch.c
+++ b/server/keyexch.c
@@ -77,7 +77,7 @@
 
 /*----- Tunable parameters ------------------------------------------------*/
 
-#define T_VALID MIN(2)                 /* Challenge validity period */
+#define T_VALID SEC(20)                        /* Challenge validity period */
 #define T_RETRY SEC(10)                        /* Challenge retransmit interval */
 
 #define VALIDP(kx, now) ((now) < (kx)->t_valid)
@@ -85,8 +85,7 @@
 /*----- Static tables -----------------------------------------------------*/
 
 static const char *const pkname[] = {
-  "pre-challenge", "cookie", "challenge",
-  "reply", "switch-rq", "switch-ok"
+  "pre-challenge", "challenge", "reply", "switch-rq", "switch-ok"
 };
 
 /*----- Various utilities -------------------------------------------------*/
@@ -134,14 +133,14 @@ static octet *mpmask(buf *b, mp *x, size_t n, const octet *k, size_t ksz)
     return (0);
   mgf = GC_INIT(algs.mgf, k, ksz);
   IF_TRACING(T_KEYEXCH, IF_TRACING(T_CRYPTO, {
-    trace(T_CRYPTO, "masking index = %s", mpstr(x));
-    trace_block(T_CRYPTO, "masking key", k, ksz);
+    trace(T_CRYPTO, "crypto: masking index = %s", mpstr(x));
+    trace_block(T_CRYPTO, "crypto: masking key", k, ksz);
   }))
   mp_storeb(x, buf_t, n);
   GC_ENCRYPT(mgf, buf_t, p, n);
   IF_TRACING(T_KEYEXCH, IF_TRACING(T_CRYPTO, {
-    trace_block(T_CRYPTO, "index plaintext", buf_t, n);
-    trace_block(T_CRYPTO, "masked ciphertext", p, n);
+    trace_block(T_CRYPTO, "crypto: index plaintext", buf_t, n);
+    trace_block(T_CRYPTO, "crypto: masked ciphertext", p, n);
   }))
   GC_DESTROY(mgf);
   return (p);
@@ -167,14 +166,14 @@ static mp *mpunmask(mp *d, const octet *p, size_t n,
 
   mgf = GC_INIT(algs.mgf, k, ksz);
   IF_TRACING(T_KEYEXCH, IF_TRACING(T_CRYPTO, {
-    trace_block(T_CRYPTO, "unmasking key", k, ksz);
-    trace_block(T_CRYPTO, "masked ciphertext", p, n);
+    trace_block(T_CRYPTO, "crypto: unmasking key", k, ksz);
+    trace_block(T_CRYPTO, "crypto: masked ciphertext", p, n);
   }))
   GC_DECRYPT(mgf, p, buf_t, n);
   d = mp_loadb(d, buf_t, n);
   IF_TRACING(T_KEYEXCH, IF_TRACING(T_CRYPTO, {
-    trace_block(T_CRYPTO, "index plaintext", buf_t, n);
-    trace(T_CRYPTO, "unmasked index = %s", mpstr(d));
+    trace_block(T_CRYPTO, "crypto: index plaintext", buf_t, n);
+    trace(T_CRYPTO, "crypto: unmasked index = %s", mpstr(d));
   }))
   GC_DESTROY(mgf);
   return (d);
@@ -210,12 +209,12 @@ static const octet *hashcheck(ge *kpub, ge *cc, ge *c, ge *y)
   hashge(h, y);
   GH_DONE(h, buf_t);
   IF_TRACING(T_KEYEXCH, IF_TRACING(T_CRYPTO, {
-    trace(T_CRYPTO, "computing challenge check hash");
-    trace(T_CRYPTO, "public key = %s", gestr(gg, kpub));
-    trace(T_CRYPTO, "receiver challenge = %s", gestr(gg, cc));
-    trace(T_CRYPTO, "sender challenge = %s", gestr(gg, c));
-    trace(T_CRYPTO, "sender reply = %s", gestr(gg, y));
-    trace_block(T_CRYPTO, "hash output", buf_t, algs.hashsz);
+    trace(T_CRYPTO, "crypto: computing challenge check hash");
+    trace(T_CRYPTO, "crypto: public key = %s", gestr(gg, kpub));
+    trace(T_CRYPTO, "crypto: receiver challenge = %s", gestr(gg, cc));
+    trace(T_CRYPTO, "crypto: sender challenge = %s", gestr(gg, c));
+    trace(T_CRYPTO, "crypto: sender reply = %s", gestr(gg, y));
+    trace_block(T_CRYPTO, "crypto: hash output", buf_t, algs.hashsz);
   }))
   GH_DESTROY(h);
   return (buf_t);
@@ -604,7 +603,7 @@ static kxchal *respond(keyexch *kx, unsigned msg, buf *b)
     h = GH_INIT(algs.h);
     HASH_STRING(h, "tripe-check-hash");
     GH_HASH(h, ck, indexsz);
-    GH_DONE(h, kxc->hc);
+    GH_DONE(h, kxc->ck);
     GH_DESTROY(h);
 
     h = GH_INIT(algs.h);
@@ -793,6 +792,7 @@ static int decryptrest(keyexch *kx, kxchal *kxc, unsigned msg, buf *b)
     a_warn("KX", "?PEER", kx->p, "decrypt-failed", "%s", pkname[msg], A_END);
     return (-1);
   }
+  if (!BOK(&bb)) return (-1);
   buf_init(b, BBASE(&bb), BLEN(&bb));
   return (0);
 }
@@ -1065,7 +1065,7 @@ static void start(keyexch *kx, time_t now)
 
   assert(kx->f & KXF_DEAD);
 
-  kx->f &= ~KXF_DEAD;
+  kx->f &= ~(KXF_DEAD | KXF_CORK);
   kx->nr = 0;
   kx->alpha = mprand_range(MP_NEW, gg->r, &rand_global, 0);
   kx->c = G_CREATE(gg); G_EXP(gg, kx->c, gg->g, kx->alpha);
@@ -1161,6 +1161,12 @@ void kx_message(keyexch *kx, unsigned msg, buf *b)
   size_t sz = BSZ(b);
   int rc;
 
+  if (kx->f & KXF_CORK) {
+    start(kx, now);
+    settimer(kx, now + T_RETRY);
+    a_notify("KXSTART", A_END);
+  }
+
   if (checkpub(kx))
     return;
 
@@ -1168,7 +1174,6 @@ void kx_message(keyexch *kx, unsigned msg, buf *b)
     stop(kx);
     start(kx, now);
   }
-
   T( trace(T_KEYEXCH, "keyexch: processing %s packet from `%s'",
           msg < KX_NMSG ? pkname[msg] : "unknown", p_name(kx->p)); )
 
@@ -1231,7 +1236,7 @@ void kx_free(keyexch *kx)
 
 void kx_newkeys(keyexch *kx)
 {
-  if (km_getpubkey(p_name(kx->p), kx->kpub, &kx->texp_kpub))
+  if (km_getpubkey(p_tag(kx->p), kx->kpub, &kx->texp_kpub))
     return;
   kx->f |= KXF_PUBKEY;
   if ((kx->f & KXF_DEAD) || kx->s != KXS_SWITCH) {
@@ -1248,6 +1253,7 @@ void kx_newkeys(keyexch *kx)
  * Arguments:  @keyexch *kx@ = pointer to key exchange context
  *             @peer *p@ = pointer to peer context
  *             @keyset **ks@ = pointer to keyset list
+ *             @unsigned f@ = various useful flags
  *
  * Returns:    Zero if OK, nonzero if it failed.
  *
@@ -1256,19 +1262,21 @@ void kx_newkeys(keyexch *kx)
  *             exchange.
  */
 
-int kx_init(keyexch *kx, peer *p, keyset **ks)
+int kx_init(keyexch *kx, peer *p, keyset **ks, unsigned f)
 {
   kx->ks = ks;
   kx->p = p;
   kx->kpub = G_CREATE(gg);
-  if (km_getpubkey(p_name(p), kx->kpub, &kx->texp_kpub)) {
+  if (km_getpubkey(p_tag(p), kx->kpub, &kx->texp_kpub)) {
     G_DESTROY(gg, kx->kpub);
     return (-1);
   }
-  kx->f = KXF_DEAD | KXF_PUBKEY;
-  start(kx, time(0));
-  resend(kx);
-  /* Don't notify here: the ADD message hasn't gone out yet. */
+  kx->f = KXF_DEAD | KXF_PUBKEY | f;
+  if (!(kx->f & KXF_CORK)) {
+    start(kx, time(0));
+    resend(kx);
+    /* Don't notify here: the ADD message hasn't gone out yet. */
+  }
   return (0);
 }