From 5dab783345c40400811602dfe2a427ec1110af98 Mon Sep 17 00:00:00 2001 From: Ian Moffett Date: Fri, 21 Feb 2025 18:34:39 -0500 Subject: auth: Only generate new master session key once Signed-off-by: Ian Moffett --- lib/libostp/auth.c | 24 ++++++++++++++++++------ 1 file changed, 18 insertions(+), 6 deletions(-) (limited to 'lib') diff --git a/lib/libostp/auth.c b/lib/libostp/auth.c index 80f3d63..c1489d4 100644 --- a/lib/libostp/auth.c +++ b/lib/libostp/auth.c @@ -36,6 +36,7 @@ #include #include #include +#include #include #include @@ -45,6 +46,13 @@ struct session_td_args { unsigned char *session_key; }; +/* + * keypair: Master session keypair. + * g_have_link: True when one or more link(s) are established. + */ +static struct x25519_keypair keypair; +bool g_have_link = false; + /* * Check a password to see if it matches with * the hash in /etc/shadow by using the pwcheck @@ -146,13 +154,15 @@ session_td(void *args) send_motd(tmp->c, tmp->session_key); tmp->c->authed = 1; free(args); + return NULL; +#endif + return NULL; } int handle_srq(struct ostp_client *c, struct ostp_listener *lp, struct session_request *srq) { - struct x25519_keypair keypair; struct session_td_args *sargs; struct ostp_session *session; int error; @@ -163,11 +173,12 @@ handle_srq(struct ostp_client *c, struct ostp_listener *lp, struct session_reque return -1; } - printf("Generating keys...\n"); - - if (gen_x25519_keypair(&keypair) < 0) { - printf("Key generation failed!\n"); - return -1; + /* Generate a new keypair if we have no link */ + if (!g_have_link) { + if (gen_x25519_keypair(&keypair) < 0) { + printf("Key generation failed!\n"); + return -1; + } } /* Send back our our public key */ @@ -201,5 +212,6 @@ handle_srq(struct ostp_client *c, struct ostp_listener *lp, struct session_reque return error; } + g_have_link = true; return 0; } -- cgit v1.2.3