X-Git-Url: http://git.tuebingen.mpg.de/?a=blobdiff_plain;f=client_common.c;h=f8ee80c9d7a01956769284eaa117f1606c59cd76;hb=d440a71683940a58747de6dc32643db452d9cf54;hp=c25da96b169126ab36f5b6e7f95a2161d19a3aa9;hpb=88bf6848d1c58ad0e0d9b62d7da2a81cea5bf0ff;p=paraslash.git diff --git a/client_common.c b/client_common.c index c25da96b..f8ee80c9 100644 --- a/client_common.c +++ b/client_common.c @@ -258,6 +258,11 @@ static int send_sb_command(struct client_task *ct) return send_sb(ct, 0, command, len, SBD_COMMAND, false); } +static bool has_feature(const char *feature, struct client_task *ct) +{ + return find_arg(feature, ct->features) >= 0? true : false; +} + /* * This function reads or writes to the socket file descriptor which * corresponds to an established connection between the client and the server. @@ -290,16 +295,25 @@ static int client_post_select(struct sched *s, void *context) ct->status = CL_RECEIVED_WELCOME; return 0; case CL_RECEIVED_WELCOME: /* send auth command */ + { + /* + * Use sha256 iff the server announced the feature. After 0.7.0 + * we may request and use the feature unconditionally. After + * 0.8.0 we no longer need to request the feature. + */ + bool has_sha256; if (!FD_ISSET(ct->scc.fd, &s->wfds)) return 0; - sprintf(buf, AUTH_REQUEST_MSG "%s sideband,aes_ctr128", - ct->user); + has_sha256 = has_feature("sha256", ct); + sprintf(buf, AUTH_REQUEST_MSG "%s%s", ct->user, has_sha256? + " sha256" : ""); PARA_INFO_LOG("--> %s\n", buf); ret = write_buffer(ct->scc.fd, buf); if (ret < 0) goto out; ct->status = CL_SENT_AUTH; return 0; + } case CL_SENT_AUTH: /* * Receive challenge and session keys, decrypt the challenge and @@ -325,19 +339,29 @@ static int client_post_select(struct sched *s, void *context) free(sbb.iov.iov_base); if (ret < 0) goto out; - ct->challenge_hash = para_malloc(HASH_SIZE); - hash_function((char *)crypt_buf, APC_CHALLENGE_SIZE, ct->challenge_hash); + ct->challenge_hash = para_malloc(HASH2_SIZE); + + if (has_feature("sha256", ct)) { + hash2_function((char *)crypt_buf, APC_CHALLENGE_SIZE, ct->challenge_hash); + hash2_to_asc(ct->challenge_hash, buf); + } else { + hash_function((char *)crypt_buf, APC_CHALLENGE_SIZE, ct->challenge_hash); + hash_to_asc(ct->challenge_hash, buf); + } ct->scc.send = sc_new(crypt_buf + APC_CHALLENGE_SIZE, SESSION_KEY_LEN); ct->scc.recv = sc_new(crypt_buf + APC_CHALLENGE_SIZE + SESSION_KEY_LEN, SESSION_KEY_LEN); - hash_to_asc(ct->challenge_hash, buf); PARA_INFO_LOG("--> %s\n", buf); ct->status = CL_RECEIVED_CHALLENGE; return 0; } case CL_RECEIVED_CHALLENGE: - ret = send_sb(ct, 0, ct->challenge_hash, HASH_SIZE, - SBD_CHALLENGE_RESPONSE, false); + if (has_feature("sha256", ct)) + ret = send_sb(ct, 0, ct->challenge_hash, HASH2_SIZE, + SBD_CHALLENGE_RESPONSE, false); + else + ret = send_sb(ct, 0, ct->challenge_hash, HASH_SIZE, + SBD_CHALLENGE_RESPONSE, false); if (ret != 0) ct->challenge_hash = NULL; if (ret <= 0) @@ -428,8 +452,7 @@ out: return 0; btr_remove_node(&ct->btrn[0]); btr_remove_node(&ct->btrn[1]); - if (ret != -E_SERVER_CMD_SUCCESS && ret != -E_SERVER_CMD_FAILURE) - PARA_ERROR_LOG("%s\n", para_strerror(-ret)); + PARA_NOTICE_LOG("closing connection (%s)\n", para_strerror(-ret)); if (ct->scc.fd >= 0) { close(ct->scc.fd); ct->scc.fd = -1;