CIPE-Win32: communication breakdown|
Christof Meerwald <cmeerw,AT,web,DOT,de>|
Fri, 6 Jun 2003 18:24:11 +0200|
I experienced some random communication breakdowns when using a CIPE link
between CIPE-Win32 and (Linux)-CIPE. I finally tracked it down to a bug in
CIPE-Win32 where it doesn't correctly implement the CIPE protocol.
"The key negotiation procedure normally runs as follows: The sender sends
a NK_IND with the new key, then invalidates its own sending key."
But CIPE-Win32 doesn't invalidate the sending key, instead it keeps using
the previous sending key until it receives an NK_ACK. So in case the NK_ACK
is lost, CIPE-Win32 still encrypts using the previous sending key, but the
remote end already expects the new key.
A simple fix is to add the following statement to
m_HaveKey [p_KeyType] = FALSE;
http://cmeerw.org JID: cmeerw,AT,jabber,DOT,at
mailto cmeerw at web.de