New encrypting tunnel seems to work !

[userv-utils.git] / ipif / mech-blowfish.c

diff --git a/ipif/mech-blowfish.c b/ipif/mech-blowfish.c
index 7447cadb1d888a3ccd729f897c720ba9e5ca0018..65e3311cec21bea7f0b05baf0bf3f3114d6d4faa 100644 (file)
--- a/ipif/mech-blowfish.c
+++ b/ipif/mech-blowfish.c
@@ -13,13 +13,13 @@
 #include "blowfish.h"
 
 struct mechdata {
+  unsigned char iv[BLOWFISH_BLOCKBYTES];
   struct blowfish_cbc_state cbc;
 };
 
 static void mds_blowfish(struct mechdata **md_r) {
   struct mechdata *md;
   unsigned long keysize;
-  unsigned char iv[BLOWFISH_BLOCKBYTES];
   unsigned char key[BLOWFISH_MAXKEYBYTES];
 
   XMALLOC(md);
@@ -29,12 +29,10 @@ static void mds_blowfish(struct mechdata **md_r) {
   keysize >>= 3;
   arg_assert(keysize > 0 && keysize <= BLOWFISH_MAXKEYBYTES);
 
-  random_key(iv,sizeof(iv));
+  random_key(md->iv,sizeof(md->iv));
   random_key(key,keysize);
 
   blowfish_loadkey(&md->cbc.ek, key,keysize);
-  blowfish_cbc_setiv(&md->cbc, iv);
-
   *md_r= md;
 }
 
@@ -62,6 +60,7 @@ static void mes_bfmac(struct mechdata **md_r, int *maxprefix_io, int *maxsuffix_
 #define FOREACH_BLOCK(func,inptr,outptr)                             \
  {                                                                    \
    unsigned char *ptr;                                               \
+   blowfish_cbc_setiv(&md->cbc, md->iv);                              \
    for (ptr= buf->start;                                             \
         ptr < buf->start + msgsize;                                  \
        ptr += BLOWFISH_BLOCKBYTES) {                                 \