| … | |
… | |
| 34 | #include "conf.h" |
34 | #include "conf.h" |
| 35 | #include "slog.h" |
35 | #include "slog.h" |
| 36 | #include "device.h" |
36 | #include "device.h" |
| 37 | #include "vpn.h" |
37 | #include "vpn.h" |
| 38 | #include "connection.h" |
38 | #include "connection.h" |
|
|
39 | |
|
|
40 | #include <sys/socket.h> |
|
|
41 | #ifdef HAVE_NETINET_IN_H |
|
|
42 | # include <netinet/in.h> |
|
|
43 | #endif |
|
|
44 | #include <arpa/inet.h> |
|
|
45 | #include <net/if.h> |
|
|
46 | #ifdef HAVE_NETINET_IN_SYSTM_H |
|
|
47 | # include <netinet/in_systm.h> |
|
|
48 | #endif |
|
|
49 | #ifdef HAVE_NETINET_IP_H |
|
|
50 | # include <netinet/ip.h> |
|
|
51 | #endif |
|
|
52 | |
|
|
53 | #ifndef IPTOS_TOS_MASK |
|
|
54 | # define IPTOS_TOS_MASK (IPTOS_LOWDELAY | IPTOS_THROUGHPUT | IPTOS_RELIABILITY | IPTOS_MINCOST) |
|
|
55 | #endif |
| 39 | |
56 | |
| 40 | #if !HAVE_RAND_PSEUDO_BYTES |
57 | #if !HAVE_RAND_PSEUDO_BYTES |
| 41 | # define RAND_pseudo_bytes RAND_bytes |
58 | # define RAND_pseudo_bytes RAND_bytes |
| 42 | #endif |
59 | #endif |
| 43 | |
60 | |
| … | |
… | |
| 910 | rsachallenge k; |
927 | rsachallenge k; |
| 911 | |
928 | |
| 912 | if (0 > RSA_private_decrypt (sizeof (p->encr), |
929 | if (0 > RSA_private_decrypt (sizeof (p->encr), |
| 913 | (unsigned char *)&p->encr, (unsigned char *)&k, |
930 | (unsigned char *)&p->encr, (unsigned char *)&k, |
| 914 | ::conf.rsa_key, RSA_PKCS1_OAEP_PADDING)) |
931 | ::conf.rsa_key, RSA_PKCS1_OAEP_PADDING)) |
| 915 | slog (L_ERR, _("%s(%s): challenge illegal or corrupted"), |
932 | slog (L_ERR, _("%s(%s): challenge illegal or corrupted (%s). mismatched key or config file?"), |
| 916 | conf->nodename, (const char *)rsi); |
933 | conf->nodename, (const char *)rsi, ERR_error_string (ERR_get_error (), 0)); |
| 917 | else |
934 | else |
| 918 | { |
935 | { |
| 919 | delete octx; |
936 | delete octx; |
| 920 | |
937 | |
| 921 | octx = new crypto_ctx (k, 1); |
938 | octx = new crypto_ctx (k, 1); |
| … | |
… | |
| 954 | |
971 | |
| 955 | rsachallenge chg; |
972 | rsachallenge chg; |
| 956 | |
973 | |
| 957 | if (!rsa_cache.find (p->id, chg)) |
974 | if (!rsa_cache.find (p->id, chg)) |
| 958 | { |
975 | { |
| 959 | slog (L_ERR, _("%s(%s): unrequested auth response"), |
976 | slog (L_ERR, _("%s(%s): unrequested auth response ignored"), |
| 960 | conf->nodename, (const char *)rsi); |
977 | conf->nodename, (const char *)rsi); |
| 961 | break; |
978 | break; |
| 962 | } |
979 | } |
| 963 | else |
980 | else |
| 964 | { |
981 | { |
| 965 | crypto_ctx *cctx = new crypto_ctx (chg, 0); |
982 | crypto_ctx *cctx = new crypto_ctx (chg, 0); |
| 966 | |
983 | |
| 967 | if (!p->hmac_chk (cctx)) |
984 | if (!p->hmac_chk (cctx)) |
|
|
985 | { |
| 968 | slog (L_ERR, _("%s(%s): hmac authentication error on auth response, received invalid packet\n" |
986 | slog (L_ERR, _("%s(%s): hmac authentication error on auth response, received invalid packet\n" |
| 969 | "could be an attack, or just corruption or an synchronization error"), |
987 | "could be an attack, or just corruption or an synchronization error"), |
| 970 | conf->nodename, (const char *)rsi); |
988 | conf->nodename, (const char *)rsi); |
|
|
989 | break; |
|
|
990 | } |
| 971 | else |
991 | else |
| 972 | { |
992 | { |
| 973 | rsaresponse h; |
993 | rsaresponse h; |
| 974 | |
994 | |
| 975 | rsa_hash (p->id, chg, h); |
995 | rsa_hash (p->id, chg, h); |
