From e945d6e47c3476468cdb3482c963c7562a0e8508 Mon Sep 17 00:00:00 2001 Message-Id: From: Mark Wooding Date: Sat, 17 May 2003 11:00:47 +0000 Subject: [PATCH] Don't make scary messages just because one key didn't work on a message: only be frightened if they all fail. Set initial keyset refcount correctly. Organization: Straylight/Edgeware From: mdw --- keyset.c | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/keyset.c b/keyset.c index 774aa450..12ade4f3 100644 --- a/keyset.c +++ b/keyset.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: keyset.c,v 1.6 2003/04/06 10:26:35 mdw Exp $ + * $Id: keyset.c,v 1.7 2003/05/17 11:00:47 mdw Exp $ * * Handling of symmetric keysets * @@ -29,6 +29,11 @@ /*----- Revision history --------------------------------------------------* * * $Log: keyset.c,v $ + * Revision 1.7 2003/05/17 11:00:47 mdw + * Don't make scary messages just because one key didn't work on a message: + * only be frightened if they all fail. Set initial keyset refcount + * correctly. + * * Revision 1.6 2003/04/06 10:26:35 mdw * Report peer name on decrypt errors. * @@ -217,9 +222,8 @@ static int dodecrypt(keyset *ks, buf *b, buf *bb, uint32 *seq) }) h->ops->destroy(h); if (!eq) { - a_warn("incorrect MAC on packet from `%s'", p_name(ks->p)); IF_TRACING(T_KEYSET, { - trace(T_KEYSET, "keyset: decryption failed"); + trace(T_KEYSET, "keyset: incorrect MAC: decryption failed"); trace_block(T_CRYPTO, "crypto: expected MAC", pmac, MACSZ); }) return (-1); @@ -376,6 +380,7 @@ keyset *ks_gen(const void *k, size_t x, size_t y, size_t z, peer *p) #undef GETHASH T( ks->seq = seq++; ) + ks->ref = 1; ks->t_exp = now + T_EXP; ks->sz_exp = SZ_EXP; ks->oseq = ks->iseq = 0; @@ -607,7 +612,7 @@ int ksl_decrypt(keyset **ksroot, buf *b, buf *bb) return (dosequence(ks, seq)); } } - T( trace(T_KEYSET, "keyset: no matching keys"); ) + T( trace(T_KEYSET, "keyset: no matching keys, or incorrect MAC"); ) return (-1); } -- [mdw]