[ViewVC] Diff of: cvs/gvpe/src/connection.C

Comparing gvpe/src/connection.C (file contents):
Revision 1.109 by root, Fri Oct 11 07:56:07 2013 UTC vs.
Revision 1.110 by root, Thu Jan 9 08:15:05 2014 UTC

…		…
390	bool	390	bool
391	hmac_packet::hmac_chk (crypto_ctx *ctx)	391	hmac_packet::hmac_chk (crypto_ctx *ctx)
392	{	392	{
393	unsigned char hmac_digest[EVP_MAX_MD_SIZE];	393	unsigned char hmac_digest[EVP_MAX_MD_SIZE];
394	hmac_gen (ctx, hmac_digest);	394	hmac_gen (ctx, hmac_digest);
395	return !memcmp (hmac, hmac_digest, HMACLENGTH);	395	return slow_memeq (hmac, hmac_digest, HMACLENGTH);
396	}	396	}
397		397
398	void	398	void
399	vpn_packet::set_hdr (ptype type_, unsigned int dst)	399	vpn_packet::set_hdr (ptype type_, unsigned int dst)
400	{	400	{
…		…
1118	slog (L_ERR, _("%s(%s): challenge illegal or corrupted (%s). mismatched key or config file?"),	1118	slog (L_ERR, _("%s(%s): challenge illegal or corrupted (%s). mismatched key or config file?"),
1119	conf->nodename, (const char *)rsi, ERR_error_string (ERR_get_error (), 0));	1119	conf->nodename, (const char *)rsi, ERR_error_string (ERR_get_error (), 0));
1120	}	1120	}
1121	else	1121	else
1122	{	1122	{
1123	bool chg = !have_rcv_auth \|\| memcmp (&rcv_auth, &auth, sizeof auth);	1123	bool chg = !have_rcv_auth \|\| !slow_memeq (&rcv_auth, &auth, sizeof auth);
1124		1124
1125	rcv_auth = auth;	1125	rcv_auth = auth;
1126	have_rcv_auth = true;	1126	have_rcv_auth = true;
1127		1127
1128	send_auth_response (rsi);	1128	send_auth_response (rsi);
…		…
1151	slog (L_TRACE, "%s >> PT_AUTH_RES", conf->nodename);	1151	slog (L_TRACE, "%s >> PT_AUTH_RES", conf->nodename);
1152		1152
1153	auth_mac local_mac;	1153	auth_mac local_mac;
1154	auth_hash (snd_auth, p->response.ecdh, local_mac);	1154	auth_hash (snd_auth, p->response.ecdh, local_mac);
1155		1155
1156	if (memcmp (&p->response.mac, local_mac, sizeof local_mac))	1156	if (!slow_memeq (&p->response.mac, local_mac, sizeof local_mac))
1157	{	1157	{
1158	slog (L_ERR, _("%s(%s): unrequested or outdated auth response, ignoring."),	1158	slog (L_ERR, _("%s(%s): unrequested or outdated auth response, ignoring."),
1159	conf->nodename, (const char *)rsi);	1159	conf->nodename, (const char *)rsi);
1160	}	1160	}
1161	else if (!have_snd_auth)	1161	else if (!have_snd_auth)

Diff Legend

-–
+Removed lines
-+
+Added lines
-<
+Changed lines
->
+Changed lines

Comparing gvpe/src/connection.C (file contents): Revision 1.109 by root, Fri Oct 11 07:56:07 2013 UTC vs. Revision 1.110 by root, Thu Jan 9 08:15:05 2014 UTC

Diff Legend

Comparing gvpe/src/connection.C (file contents):
Revision 1.109 by root, Fri Oct 11 07:56:07 2013 UTC vs.
Revision 1.110 by root, Thu Jan 9 08:15:05 2014 UTC