From 70070cd754664d5c946a4d22bbbbcacb2d88d367 Mon Sep 17 00:00:00 2001 From: Ian Jackson Date: Sat, 14 Dec 2019 15:19:32 +0000 Subject: [PATCH] site: Always advertise all capabilities The first version that can cope with this is 0.3.0 which is already quite old (September 2013). All older versions are quite badly broken: eg, they use the serpent256-cbc transform. This is the next phase in eventually getting rid of the distinction between early and late capabilities. When every running version of secnet has this commit, we can declare every capability early since every secnet will always advertise them early. Signed-off-by: Ian Jackson --- NOTES | 13 +++++-------- site.c | 5 +---- 2 files changed, 6 insertions(+), 12 deletions(-) diff --git a/NOTES b/NOTES index a681d75..001c118 100644 --- a/NOTES +++ b/NOTES @@ -284,14 +284,11 @@ Capability flag bits must be in one the following two categories: 1. Early capability flags must be advertised in MSG1 or MSG2, as applicable. If MSG3 or MSG4 advertise any "early" capability bits, - MSG1 or MSG3 (as applicable) must have advertised them too. Sadly, - advertising an early capability flag will produce MSG1s which are - not understood by versions of secnet which predate the capability - mechanism. - -2. Late capability flags are advertised in MSG2 or MSG3, as - applicable. They may also appear in MSG1, but this is not - guaranteed. MSG4 must advertise the same set as MSG2. + MSG1 or MSG3 (as applicable) must have advertised them too. + +2. Late capability flags may be advertised only in MSG2 or MSG3, as + applicable. They are only in MSG1 with newer secnets; older + versions omit them. MSG4 must advertise the same set as MSG2. Currently, the low 16 bits are allocated for negotiating bulk-crypto transforms. Bits 8 to 15 are used by Secnet as default capability diff --git a/site.c b/site.c index b6bae76..df083f4 100644 --- a/site.c +++ b/site.c @@ -663,10 +663,7 @@ static bool_t generate_msg(struct site *st, uint32_t type, cstring_t what, struct xinfoadd xia; append_string_xinfo_start(&st->buffer,&xia,st->localname); - if ((st->local_capabilities & st->early_capabilities) || - (type != LABEL_MSG1)) { - buf_append_uint32(&st->buffer,st->local_capabilities); - } + buf_append_uint32(&st->buffer,st->local_capabilities); if (type_is_msg34(type)) { buf_append_uint16(&st->buffer,st->mtu_target); } -- 2.30.2