| blob | ab715a6b6a3c9af3edab267f190455977c38ac95 |
1 Index: connectionParam.h
2 ===================================================================
3 --- connectionParam.h (Revision 535)
4 +++ connectionParam.h (Arbeitskopie)
5 @@ -44,9 +44,10 @@
6 {
7 public:
8 ConnectionParam(const ConnectionParam & src);
9 - ConnectionParam( KeyDerivation& kd, SeqWindow& seq_window, seq_nr_t seq_nr_, std::string remote_host, u_int16_t remote_port);
10 + ConnectionParam( KeyDerivation& kd_send, KeyDerivation& kd_recv, SeqWindow& seq_window, seq_nr_t seq_nr_, std::string remote_host, u_int16_t remote_port);
12 - KeyDerivation& kd_;
13 + KeyDerivation& kd_send_;
14 + KeyDerivation& kd_recv_;
15 SeqWindow& seq_window_;
16 seq_nr_t seq_nr_;
17 std::string remote_host_;
18 @@ -60,7 +61,8 @@
19 void serialize(Archive & ar, const unsigned int version)
20 {
21 Lock lock(mutex_);
22 - ar & kd_;
23 + ar & kd_send_;
24 + ar & kd_recv_;
25 ar & seq_window_;
26 ar & seq_nr_;
27 ar & remote_host_;
28 Index: anytun.cpp
29 ===================================================================
30 --- anytun.cpp (Revision 535)
31 +++ anytun.cpp (Arbeitskopie)
32 @@ -86,10 +86,14 @@
33 {
34 SeqWindow * seq= new SeqWindow(seqSize);
35 seq_nr_t seq_nr_=0;
36 - KeyDerivation * kd = KeyDerivationFactory::create(gOpt.getKdPrf());
37 - kd->init(gOpt.getKey(), gOpt.getSalt());
38 +
39 + KeyDerivation * kd_send = KeyDerivationFactory::create(gOpt.getKdPrf());
40 + kd_send->init(gOpt.getKey(), gOpt.getSalt());
41 + KeyDerivation * kd_recv = KeyDerivationFactory::create(gOpt.getKdPrf());
42 + kd_recv->init(gOpt.getKey(), gOpt.getSalt());
43 +
44 cLog.msg(Log::PRIO_NOTICE) << "added connection remote host " << remote_host << ":" << remote_port;
45 - ConnectionParam connparam ( (*kd), (*seq), seq_nr_, remote_host, remote_port);
46 + ConnectionParam connparam ( (*kd_send), (*kd_recv), (*seq), seq_nr_, remote_host, remote_port);
47 cl.addConnection(connparam,mux);
48 NetworkAddress addr(ipv4,gOpt.getIfconfigParamRemoteNetmask().c_str());
49 NetworkPrefix prefix(addr,32);
50 @@ -162,8 +166,8 @@
51 if(conn.remote_host_==""||!conn.remote_port_)
52 continue;
53 // generate packet-key TODO: do this only when needed
54 - conn.kd_.generate(LABEL_SATP_ENCRYPTION, conn.seq_nr_, session_key);
55 - conn.kd_.generate(LABEL_SATP_SALT, conn.seq_nr_, session_salt);
56 + conn.kd_send_.generate(LABEL_SATP_ENCRYPTION, conn.seq_nr_, session_key);
57 + conn.kd_send_.generate(LABEL_SATP_SALT, conn.seq_nr_, session_salt);
59 c->setKey(session_key);
60 c->setSalt(session_salt);
61 @@ -177,7 +181,7 @@
62 // add authentication tag
63 if(a->getMaxLength()) {
64 encrypted_packet.addAuthTag();
65 - conn.kd_.generate(LABEL_SATP_MSG_AUTH, encrypted_packet.getSeqNr(), session_auth_key);
66 + conn.kd_send_.generate(LABEL_SATP_MSG_AUTH, encrypted_packet.getSeqNr(), session_auth_key);
67 a->setKey(session_auth_key);
68 a->generate(encrypted_packet);
69 }
70 @@ -283,7 +287,7 @@
71 // check whether auth tag is ok or not
72 if(a->getMaxLength()) {
73 encrypted_packet.withAuthTag(true);
74 - conn.kd_.generate(LABEL_SATP_MSG_AUTH, encrypted_packet.getSeqNr(), session_auth_key);
75 + conn.kd_recv_.generate(LABEL_SATP_MSG_AUTH, encrypted_packet.getSeqNr(), session_auth_key);
76 a->setKey(session_auth_key);
77 if(!a->checkTag(encrypted_packet)) {
78 cLog.msg(Log::PRIO_NOTICE) << "wrong Authentication Tag!" << std::endl;
79 @@ -309,8 +313,8 @@
80 continue;
82 // generate packet-key
83 - conn.kd_.generate(LABEL_SATP_ENCRYPTION, encrypted_packet.getSeqNr(), session_key);
84 - conn.kd_.generate(LABEL_SATP_SALT, encrypted_packet.getSeqNr(), session_salt);
85 + conn.kd_recv_.generate(LABEL_SATP_ENCRYPTION, encrypted_packet.getSeqNr(), session_key);
86 + conn.kd_recv_.generate(LABEL_SATP_SALT, encrypted_packet.getSeqNr(), session_salt);
87 c->setKey(session_key);
88 c->setSalt(session_salt);
90 Index: connectionList.cpp
91 ===================================================================
92 --- connectionList.cpp (Revision 535)
93 +++ connectionList.cpp (Arbeitskopie)
94 @@ -103,9 +103,13 @@
96 SeqWindow * seq= new SeqWindow(0);
97 seq_nr_t seq_nr_=0;
98 - KeyDerivation * kd = KeyDerivationFactory::create(gOpt.getKdPrf());
99 - kd->init(Buffer(key, sizeof(key)), Buffer(salt, sizeof(salt)));
100 - ConnectionParam conn ( (*kd), (*seq), seq_nr_, "", 0);
101 + KeyDerivation * kd_send = KeyDerivationFactory::create(gOpt.getKdPrf());
102 + kd_send->init(Buffer(key, sizeof(key)), Buffer(salt, sizeof(salt)));
103 +
104 + KeyDerivation * kd_recv = KeyDerivationFactory::create(gOpt.getKdPrf());
105 + kd_recv->init(Buffer(key, sizeof(key)), Buffer(salt, sizeof(salt)));
106 +
107 + ConnectionParam conn ( (*kd_send), (*kd_recv), (*seq), seq_nr_, "", 0);
108 connections_.insert(ConnectionMap::value_type(mux, conn));
109 it = connections_.find(mux);
110 return it->second;
111 Index: connectionParam.cpp
112 ===================================================================
113 --- connectionParam.cpp (Revision 535)
114 +++ connectionParam.cpp (Arbeitskopie)
115 @@ -34,10 +34,10 @@
116 //{
117 //}
119 -ConnectionParam::ConnectionParam(KeyDerivation& kd, SeqWindow& seq_window,seq_nr_t seq_nr, std::string remote_host, u_int16_t remote_port) : kd_(kd),seq_window_(seq_window),seq_nr_(seq_nr),remote_host_(remote_host), remote_port_(remote_port)
120 +ConnectionParam::ConnectionParam(KeyDerivation& kd_send,KeyDerivation& kd_recv, SeqWindow& seq_window,seq_nr_t seq_nr, std::string remote_host, u_int16_t remote_port) : kd_send_(kd_send),kd_recv_(kd_recv),seq_window_(seq_window),seq_nr_(seq_nr),remote_host_(remote_host), remote_port_(remote_port)
121 {
122 }
124 -ConnectionParam::ConnectionParam(const ConnectionParam & src) : kd_(src.kd_),seq_window_(src.seq_window_),seq_nr_(src.seq_nr_),remote_host_(src.remote_host_), remote_port_(src.remote_port_),mutex_()
125 +ConnectionParam::ConnectionParam(const ConnectionParam & src) : kd_send_(src.kd_send_),kd_recv_(src.kd_recv_),seq_window_(src.seq_window_),seq_nr_(src.seq_nr_),remote_host_(src.remote_host_), remote_port_(src.remote_port_),mutex_()
126 {
127 }