client: Capture server stderr and send it to the logfile.

[tripe] / server / keyexch.c

diff --git a/server/keyexch.c b/server/keyexch.c
index 396ecaede13b83c5f430014637c7e2f01b700764..6490dd7358adc118dc055ec62fffc7976f68cd0c 100644 (file)
--- a/server/keyexch.c
+++ b/server/keyexch.c
@@ -1,6 +1,4 @@
 /* -*-c-*-
- *
- * $Id$
  *
  * Key exchange protocol
  *
@@ -79,7 +77,7 @@
 
 /*----- Tunable parameters ------------------------------------------------*/
 
-#define T_VALID MIN(2)                 /* Challenge validity period */
+#define T_VALID SEC(20)                        /* Challenge validity period */
 #define T_RETRY SEC(10)                        /* Challenge retransmit interval */
 
 #define VALIDP(kx, now) ((now) < (kx)->t_valid)
@@ -87,8 +85,7 @@
 /*----- Static tables -----------------------------------------------------*/
 
 static const char *const pkname[] = {
-  "pre-challenge", "cookie", "challenge",
-  "reply", "switch-rq", "switch-ok"
+  "pre-challenge", "challenge", "reply", "switch-rq", "switch-ok"
 };
 
 /*----- Various utilities -------------------------------------------------*/
@@ -606,7 +603,7 @@ static kxchal *respond(keyexch *kx, unsigned msg, buf *b)
     h = GH_INIT(algs.h);
     HASH_STRING(h, "tripe-check-hash");
     GH_HASH(h, ck, indexsz);
-    GH_DONE(h, kxc->hc);
+    GH_DONE(h, kxc->ck);
     GH_DESTROY(h);
 
     h = GH_INIT(algs.h);
@@ -1067,7 +1064,7 @@ static void start(keyexch *kx, time_t now)
 
   assert(kx->f & KXF_DEAD);
 
-  kx->f &= ~KXF_DEAD;
+  kx->f &= ~(KXF_DEAD | KXF_CORK);
   kx->nr = 0;
   kx->alpha = mprand_range(MP_NEW, gg->r, &rand_global, 0);
   kx->c = G_CREATE(gg); G_EXP(gg, kx->c, gg->g, kx->alpha);
@@ -1163,6 +1160,12 @@ void kx_message(keyexch *kx, unsigned msg, buf *b)
   size_t sz = BSZ(b);
   int rc;
 
+  if (kx->f & KXF_CORK) {
+    start(kx, now);
+    settimer(kx, now + T_RETRY);
+    a_notify("KXSTART", A_END);
+  }
+
   if (checkpub(kx))
     return;
 
@@ -1170,7 +1173,6 @@ void kx_message(keyexch *kx, unsigned msg, buf *b)
     stop(kx);
     start(kx, now);
   }
-
   T( trace(T_KEYEXCH, "keyexch: processing %s packet from `%s'",
           msg < KX_NMSG ? pkname[msg] : "unknown", p_name(kx->p)); )
 
@@ -1250,6 +1252,7 @@ void kx_newkeys(keyexch *kx)
  * Arguments:  @keyexch *kx@ = pointer to key exchange context
  *             @peer *p@ = pointer to peer context
  *             @keyset **ks@ = pointer to keyset list
+ *             @unsigned f@ = various useful flags
  *
  * Returns:    Zero if OK, nonzero if it failed.
  *
@@ -1258,7 +1261,7 @@ void kx_newkeys(keyexch *kx)
  *             exchange.
  */
 
-int kx_init(keyexch *kx, peer *p, keyset **ks)
+int kx_init(keyexch *kx, peer *p, keyset **ks, unsigned f)
 {
   kx->ks = ks;
   kx->p = p;
@@ -1267,10 +1270,12 @@ int kx_init(keyexch *kx, peer *p, keyset **ks)
     G_DESTROY(gg, kx->kpub);
     return (-1);
   }
-  kx->f = KXF_DEAD | KXF_PUBKEY;
-  start(kx, time(0));
-  resend(kx);
-  /* Don't notify here: the ADD message hasn't gone out yet. */
+  kx->f = KXF_DEAD | KXF_PUBKEY | f;
+  if (!(kx->f & KXF_CORK)) {
+    start(kx, time(0));
+    resend(kx);
+    /* Don't notify here: the ADD message hasn't gone out yet. */
+  }
   return (0);
 }