server/peer.c, server/keyset.c: Fix key renegotiation behaviour.

[tripe] / server / tripe.h

diff --git a/server/tripe.h b/server/tripe.h
index 448f9991ce6d5fee8fac35f137a2f6a9842960df..47c8cf0f4bf1ff13d5fe5f21c6d9a1b2e8bdb0f3 100644 (file)
--- a/server/tripe.h
+++ b/server/tripe.h
@@ -217,6 +217,10 @@ typedef struct keyset {
 #define KSF_LISTEN 1u                  /* Don't encrypt packets yet */
 #define KSF_LINK 2u                    /* Key is in a linked list */
 
+#define KSERR_REGEN -1                 /* Regenerate keys */
+#define KSERR_NOKEYS -2                        /* No keys left */
+#define KSERR_DECRYPT -3               /* Unable to decrypt message */
+
 /* --- Key exchange --- *
  *
  * TrIPE uses the Wrestlers Protocol for its key exchange.  The Wrestlers
@@ -687,9 +691,10 @@ extern void ks_activate(keyset */*ks*/);
  *             @buf *b@ = pointer to input buffer
  *             @buf *bb@ = pointer to output buffer
  *
- * Returns:    Zero if OK, nonzero if the key needs replacing.  If the
- *             encryption failed, the output buffer is broken and zero is
- *             returned.
+ * Returns:    Zero if successful; @KSERR_REGEN@ if we should negotiate a
+ *             new key; @KSERR_NOKEYS@ if the key is not usable.  Also
+ *             returns zero if there was insufficient buffer (but the output
+ *             buffer is broken in this case).
  *
  * Use:                Encrypts a block of data using the key.  Note that the `key
  *             ought to be replaced' notification is only ever given once
@@ -707,7 +712,9 @@ extern int ks_encrypt(keyset */*ks*/, unsigned /*ty*/,
  *             @buf *b@ = pointer to an input buffer
  *             @buf *bb@ = pointer to an output buffer
  *
- * Returns:    Zero on success, or nonzero if there was some problem.
+ * Returns:    Zero on success; @KSERR_DECRYPT@ on failure.  Also returns
+ *             zero if there was insufficient buffer (but the output buffer
+ *             is broken in this case).
  *
  * Use:                Attempts to decrypt a message using a given key.  Note that
  *             requesting decryption with a key directly won't clear a
@@ -760,7 +767,10 @@ extern void ksl_prune(keyset **/*ksroot*/);
  *             @buf *b@ = pointer to input buffer
  *             @buf *bb@ = pointer to output buffer
  *
- * Returns:    Nonzero if a new key is needed.
+ * Returns:    Zero if successful; @KSERR_REGEN@ if it's time to negotiate a
+ *             new key; @KSERR_NOKEYS@ if there are no suitable keys
+ *             available.  Also returns zero if there was insufficient
+ *             buffer space (but the output buffer is broken in this case).
  *
  * Use:                Encrypts a packet.
  */
@@ -775,7 +785,9 @@ extern int ksl_encrypt(keyset **/*ksroot*/, unsigned /*ty*/,
  *             @buf *b@ = pointer to input buffer
  *             @buf *bb@ = pointer to output buffer
  *
- * Returns:    Nonzero if the packet couldn't be decrypted.
+ * Returns:    Zero on success; @KSERR_DECRYPT@ on failure.  Also returns
+ *             zero if there was insufficient buffer (but the output buffer
+ *             is broken in this case).
  *
  * Use:                Decrypts a packet.
  */