chiark
/
gitweb
/
~mdw
/
tripe
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Fix description.
[tripe]
/
keyset.c
diff --git
a/keyset.c
b/keyset.c
index ed98c14f89c560528529a35d4988253654c1bb93..774aa450af007a8ae33f67c9277632d50869f05d 100644
(file)
--- a/
keyset.c
+++ b/
keyset.c
@@
-1,6
+1,6
@@
/* -*-c-*-
*
/* -*-c-*-
*
- * $Id: keyset.c,v 1.
5 2001/06/19 22:07:43
mdw Exp $
+ * $Id: keyset.c,v 1.
6 2003/04/06 10:26:35
mdw Exp $
*
* Handling of symmetric keysets
*
*
* Handling of symmetric keysets
*
@@
-29,6
+29,9
@@
/*----- Revision history --------------------------------------------------*
*
* $Log: keyset.c,v $
/*----- Revision history --------------------------------------------------*
*
* $Log: keyset.c,v $
+ * Revision 1.6 2003/04/06 10:26:35 mdw
+ * Report peer name on decrypt errors.
+ *
* Revision 1.5 2001/06/19 22:07:43 mdw
* Change the encrypted packet format to be non-malleable.
*
* Revision 1.5 2001/06/19 22:07:43 mdw
* Change the encrypted packet format to be non-malleable.
*
@@
-214,6
+217,7
@@
static int dodecrypt(keyset *ks, buf *b, buf *bb, uint32 *seq)
})
h->ops->destroy(h);
if (!eq) {
})
h->ops->destroy(h);
if (!eq) {
+ a_warn("incorrect MAC on packet from `%s'", p_name(ks->p));
IF_TRACING(T_KEYSET, {
trace(T_KEYSET, "keyset: decryption failed");
trace_block(T_CRYPTO, "crypto: expected MAC", pmac, MACSZ);
IF_TRACING(T_KEYSET, {
trace(T_KEYSET, "keyset: decryption failed");
trace_block(T_CRYPTO, "crypto: expected MAC", pmac, MACSZ);
@@
-302,6
+306,7
@@
void ks_drop(keyset *ks)
*
* Arguments: @const void *k@ = pointer to key material
* @size_t x, y, z@ = offsets into key material (see below)
*
* Arguments: @const void *k@ = pointer to key material
* @size_t x, y, z@ = offsets into key material (see below)
+ * @peer *p@ = pointer to peer information
*
* Returns: A pointer to the new keyset.
*
*
* Returns: A pointer to the new keyset.
*
@@
-320,13
+325,13
@@
void ks_drop(keyset *ks)
* calling @ks_encrypt@ directly.
*/
* calling @ks_encrypt@ directly.
*/
-keyset *ks_gen(const void *k, size_t x, size_t y, size_t z)
+keyset *ks_gen(const void *k, size_t x, size_t y, size_t z
, peer *p
)
{
HASH_CTX h;
octet buf[HASHSZ];
keyset *ks = CREATE(keyset);
time_t now = time(0);
{
HASH_CTX h;
octet buf[HASHSZ];
keyset *ks = CREATE(keyset);
time_t now = time(0);
- const octet *p = k;
+ const octet *p
p
= k;
T( static unsigned seq = 0; )
T( trace(T_KEYSET, "keyset: adding new keyset %u", seq); )
T( static unsigned seq = 0; )
T( trace(T_KEYSET, "keyset: adding new keyset %u", seq); )
@@
-336,9
+341,9
@@
keyset *ks_gen(const void *k, size_t x, size_t y, size_t z)
* This is done with macros, because it's quite tedious.
*/
* This is done with macros, because it's quite tedious.
*/
-#define MINE HASH(&h, p, x)
-#define YOURS HASH(&h, p + x, y - x)
-#define OURS HASH(&h, p + y, z - y)
+#define MINE HASH(&h, p
p
, x)
+#define YOURS HASH(&h, p
p
+ x, y - x)
+#define OURS HASH(&h, p
p
+ y, z - y)
#define IN MINE; YOURS; OURS
#define OUT YOURS; MINE; OURS
#define IN MINE; YOURS; OURS
#define OUT YOURS; MINE; OURS
@@
-376,6
+381,7
@@
keyset *ks_gen(const void *k, size_t x, size_t y, size_t z)
ks->oseq = ks->iseq = 0;
ks->iwin = 0;
ks->next = 0;
ks->oseq = ks->iseq = 0;
ks->iwin = 0;
ks->next = 0;
+ ks->p = p;
ks->f = KSF_LISTEN;
BURN(buf);
return (ks);
ks->f = KSF_LISTEN;
BURN(buf);
return (ks);