X-Git-Url: http://git.tuebingen.mpg.de/?p=paraslash.git;a=blobdiff_plain;f=command.c;h=d82bd5d71ca3ed6bf2fa40777c5a5b1231fd897f;hp=34e6494f972e4fad90ea1dbdeeb2f878e3264ced;hb=c41a04fb296e068ebfec78bba9678bf15daea896;hpb=e4db7671a91a7552c642acc979f0eb278f8d467f diff --git a/command.c b/command.c index 34e6494f..d82bd5d7 100644 --- a/command.c +++ b/command.c @@ -10,7 +10,6 @@ #include #include #include -#include #include #include @@ -26,7 +25,6 @@ #include "list.h" #include "send.h" #include "vss.h" -#include "rc4.h" #include "net.h" #include "daemon.h" #include "fd.h" @@ -36,6 +34,7 @@ #include "afs_command_list.h" #include "sched.h" #include "signal.h" +#include "version.h" /** Commands including options must be shorter than this. */ #define MAX_COMMAND_LEN 32768 @@ -710,7 +709,7 @@ static void reset_signals(void) * calls this function. * * An RSA-based challenge/response is used to authenticate - * the peer. It that authentication succeeds, a random RC4 + * the peer. It that authentication succeeds, a random * session key is generated and sent back to the peer, * encrypted with its RSA public key. From this point on, * all transfers are crypted with this session key. @@ -730,8 +729,8 @@ __noreturn void handle_connect(int fd, const char *peername) { int ret, argc; char buf[4096]; - unsigned char rand_buf[CHALLENGE_SIZE + 2 * RC4_KEY_LEN]; - unsigned char challenge_sha1[HASH_SIZE]; + unsigned char rand_buf[CHALLENGE_SIZE + 2 * SESSION_KEY_LEN]; + unsigned char challenge_hash[HASH_SIZE]; struct user *u; struct server_command *cmd = NULL; char **argv = NULL; @@ -796,21 +795,21 @@ __noreturn void handle_connect(int fd, const char *peername) if (!u) goto net_err; /* - * The correct response is the sha1 of the first CHALLENGE_SIZE bytes + * The correct response is the hash of the first CHALLENGE_SIZE bytes * of the random data. */ ret = -E_BAD_AUTH; if (numbytes != HASH_SIZE) goto net_err; - sha1_hash((char *)rand_buf, CHALLENGE_SIZE, challenge_sha1); - if (memcmp(challenge_sha1, buf, HASH_SIZE)) + hash_function((char *)rand_buf, CHALLENGE_SIZE, challenge_hash); + if (memcmp(challenge_hash, buf, HASH_SIZE)) goto net_err; /* auth successful */ alarm(0); PARA_INFO_LOG("good auth for %s\n", u->name); /* init stream cipher keys with the second part of the random buffer */ - scc.recv = sc_new(rand_buf + CHALLENGE_SIZE, RC4_KEY_LEN); - scc.send = sc_new(rand_buf + CHALLENGE_SIZE + RC4_KEY_LEN, RC4_KEY_LEN); + scc.recv = sc_new(rand_buf + CHALLENGE_SIZE, SESSION_KEY_LEN); + scc.send = sc_new(rand_buf + CHALLENGE_SIZE + SESSION_KEY_LEN, SESSION_KEY_LEN); ret = sc_send_buffer(&scc, PROCEED_MSG); if (ret < 0) goto net_err;