- case CL_RECEIVED_CHALLENGE: /* send decrypted challenge */
- PARA_INFO_LOG("--> %lu\n", pcd->challenge_nr);
- t->ret = send_va_buffer(pcd->fd, "%s%lu", CHALLENGE_RESPONSE_MSG,
- pcd->challenge_nr);
- if (t->ret > 0)
- pcd->status = CL_SENT_CH_RESPONSE;
+ case CL_SENT_AUTH:
+ /*
+ * Receive challenge and session keys, decrypt the challenge and
+ * send back the hash of the decrypted challenge.
+ */
+ {
+ /* decrypted challenge/session key buffer */
+ unsigned char crypt_buf[1024];
+ /* the SHA1 of the decrypted challenge */
+ unsigned char challenge_hash[HASH_SIZE];
+
+ ret = client_recv_buffer(ct, &s->rfds, buf, sizeof(buf), &n);
+ if (ret < 0 || n == 0)
+ goto out;
+ PARA_INFO_LOG("<-- [challenge] (%zu bytes)\n", n);
+ ret = priv_decrypt(ct->key_file, crypt_buf,
+ (unsigned char *)buf, n);
+ if (ret < 0)
+ goto out;
+ hash_function((char *)crypt_buf, CHALLENGE_SIZE, challenge_hash);
+ ct->scc.send = sc_new(crypt_buf + CHALLENGE_SIZE, SESSION_KEY_LEN);
+ ct->scc.recv = sc_new(crypt_buf + CHALLENGE_SIZE + SESSION_KEY_LEN,
+ SESSION_KEY_LEN);
+ hash_to_asc(challenge_hash, buf);
+ PARA_INFO_LOG("--> %s\n", buf);
+ ret = write_all(ct->scc.fd, (char *)challenge_hash, HASH_SIZE);
+ if (ret < 0)
+ goto out;
+ ct->status = CL_SENT_CH_RESPONSE;