From: Guus Sliepen Date: Sun, 7 Dec 2014 16:20:18 +0000 (+0100) Subject: Check validity of Ed25519 key during an upgrade. X-Git-Tag: release-1.1pre11~29 X-Git-Url: https://git.tinc-vpn.org/git/browse?a=commitdiff_plain;h=660a2c7d1bf7f5fba905b525bc7c3b9a5ac2ec99;p=tinc Check validity of Ed25519 key during an upgrade. --- diff --git a/src/protocol_auth.c b/src/protocol_auth.c index 73a591ed..be90d92b 100644 --- a/src/protocol_auth.c +++ b/src/protocol_auth.c @@ -730,6 +730,12 @@ static bool upgrade_h(connection_t *c, const char *request) { return false; } + c->ecdsa = ecdsa_set_base64_public_key(pubkey); + if(!c->ecdsa) { + logger(DEBUG_ALWAYS, LOG_INFO, "Got bad Ed25519 public key from %s (%s), not upgrading.", c->name, c->hostname); + return false; + } + logger(DEBUG_ALWAYS, LOG_INFO, "Got Ed25519 public key from %s (%s), upgrading!", c->name, c->hostname); append_config_file(c->name, "Ed25519PublicKey", pubkey); c->allow_request = TERMREQ;