- case CL_RECEIVED_CHALLENGE: /* send decrypted challenge */
- PARA_INFO_LOG("--> %lu\n", ct->challenge_nr);
- t->error = send_va_buffer(ct->fd, "%s%lu", CHALLENGE_RESPONSE_MSG,
- ct->challenge_nr);
- if (t->error > 0)
- ct->status = CL_SENT_CH_RESPONSE;
+ case CL_SENT_AUTH:
+ /*
+ * Receive challenge and rc4 keys, decrypt the challenge and
+ * send back the hash of the decrypted challenge.
+ */
+ {
+ /* decrypted challenge/rc4 buffer */
+ unsigned char crypt_buf[1024];
+ /* the SHA1 of the decrypted challenge */
+ unsigned char challenge_sha1[HASH_SIZE];
+
+ ret = client_recv_buffer(ct, &s->rfds, buf, sizeof(buf), &n);
+ if (ret < 0 || n == 0)
+ goto out;
+ PARA_INFO_LOG("<-- [challenge] (%zu bytes)\n", n);
+ ret = para_decrypt_buffer(ct->key_file, crypt_buf,
+ (unsigned char *)buf, n);
+ if (ret < 0)
+ goto err;
+ sha1_hash((char *)crypt_buf, CHALLENGE_SIZE, challenge_sha1);
+ RC4_set_key(&ct->rc4c.send_key, RC4_KEY_LEN,
+ crypt_buf + CHALLENGE_SIZE);
+ RC4_set_key(&ct->rc4c.recv_key, RC4_KEY_LEN,
+ crypt_buf + CHALLENGE_SIZE + RC4_KEY_LEN);
+ hash_to_asc(challenge_sha1, buf);
+ PARA_INFO_LOG("--> %s\n", buf);
+ ret = send_bin_buffer(ct->rc4c.fd, (char *)challenge_sha1,
+ HASH_SIZE);
+ if (ret < 0)
+ goto err;
+ ct->status = CL_SENT_CH_RESPONSE;