Host_LockSession(); // we use the session ID here
- SV_LockThreadMutex();
-
// load keys
// note: we are just a CLIENT
// so we load:
}
if(crypto_keyfp_recommended_length < 7)
crypto_keyfp_recommended_length = 7;
-
- SV_UnlockThreadMutex();
}
static void Crypto_UnloadKeys(void)
{
int i;
- SV_LockThreadMutex();
-
keygen_i = -1;
for(i = 0; i < MAX_PUBKEYS; ++i)
{
challenge_append_length = 0;
}
crypto_idstring = NULL;
-
- SV_UnlockThreadMutex();
}
static mempool_t *cryptomempool;
{
int wantserverid = -1;
Crypto_RetrieveHostKey(&cls.connect_address, &wantserverid, NULL, 0, NULL, 0, NULL);
- if(!crypto || !crypto->authenticated)
+ if(!crypto || !crypto->authenticated) // we ALSO get here if we are using an encrypted connection, so let's rule this out
{
if(wantserverid >= 0)
return Crypto_ClientError(data_out, len_out, "Server tried an unauthenticated connection even though a host key is present");
}
return CRYPTO_NOMATCH;
}
- else if (len_in >= 1 && string[0] == 'j' && cls.connect_trying && d0_rijndael_dll && crypto_aeslevel.integer >= 3)
+ else if (len_in >= 1 && string[0] == 'j' && cls.connect_trying && d0_rijndael_dll)
{
int wantserverid = -1;
Crypto_RetrieveHostKey(&cls.connect_address, &wantserverid, NULL, 0, NULL, 0, NULL);
- if(!crypto || !crypto->authenticated)
+ //if(!crypto || !crypto->authenticated)
+ {
+ if(wantserverid >= 0)
+ return Crypto_ClientError(data_out, len_out, "Server tried an unauthenticated connection even though a host key is present");
+ if(crypto_aeslevel.integer >= 3)
+ return Crypto_ClientError(data_out, len_out, "This server requires encryption to be not required (crypto_aeslevel <= 2)");
+ }
+ return CRYPTO_NOMATCH;
+ }
+ else if (len_in >= 5 && BuffLittleLong((unsigned char *) string) == ((int)NETFLAG_CTL | (int)len_in))
+ {
+ int wantserverid = -1;
+
+ // these three are harmless
+ if(string[4] == CCREP_SERVER_INFO)
+ return CRYPTO_NOMATCH;
+ if(string[4] == CCREP_PLAYER_INFO)
+ return CRYPTO_NOMATCH;
+ if(string[4] == CCREP_RULE_INFO)
+ return CRYPTO_NOMATCH;
+
+ Crypto_RetrieveHostKey(&cls.connect_address, &wantserverid, NULL, 0, NULL, 0, NULL);
+ //if(!crypto || !crypto->authenticated)
{
if(wantserverid >= 0)
return Crypto_ClientError(data_out, len_out, "Server tried an unauthenticated connection even though a host key is present");