From 322242de5cc66750d5a568f33a357f821fe7c50b Mon Sep 17 00:00:00 2001
From: Davide De Rosa <keeshux@gmail.com>
Date: Sat, 13 Apr 2019 23:31:26 +0200
Subject: [PATCH] Fix malformed key generation message

Make nullTerminated argument explicit, easier to debug.

Fixes #67
---
 CHANGELOG.md                                               | 4 ++++
 TunnelKit/Sources/Core/SessionProxy+Authenticator.swift    | 4 ++--
 TunnelKit/Sources/Core/SessionProxy+EncryptionBridge.swift | 2 +-
 TunnelKit/Sources/Core/ZeroingData.swift                   | 2 +-
 4 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index abf2247..39b4852 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -15,6 +15,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 - Make `hostname` optional and pick `resolvedAddresses` if nil.
 
+### Fixed
+
+- Negotiation times out with SoftEther. [#67](https://github.com/keeshux/tunnelkit/issues/67)
+
 ## 1.6.1 (2019-04-07)
 
 ### Fixed
diff --git a/TunnelKit/Sources/Core/SessionProxy+Authenticator.swift b/TunnelKit/Sources/Core/SessionProxy+Authenticator.swift
index 88832de..364763e 100644
--- a/TunnelKit/Sources/Core/SessionProxy+Authenticator.swift
+++ b/TunnelKit/Sources/Core/SessionProxy+Authenticator.swift
@@ -94,7 +94,7 @@ extension SessionProxy {
             raw.append(random1)
             raw.append(random2)
             
-            // opts
+            // opts (empty string)
             raw.appendSized(Z(UInt8(0)))
             
             // credentials
@@ -107,7 +107,7 @@ extension SessionProxy {
             }
 
             // peer info
-            raw.appendSized(Z(CoreConfiguration.peerInfo))
+            raw.appendSized(Z(CoreConfiguration.peerInfo, nullTerminated: true))
 
             if CoreConfiguration.logsSensitiveData {
                 log.debug("TLS.auth: Put plaintext (\(raw.count) bytes): \(raw.toHex())")
diff --git a/TunnelKit/Sources/Core/SessionProxy+EncryptionBridge.swift b/TunnelKit/Sources/Core/SessionProxy+EncryptionBridge.swift
index edf57b1..b36d22d 100644
--- a/TunnelKit/Sources/Core/SessionProxy+EncryptionBridge.swift
+++ b/TunnelKit/Sources/Core/SessionProxy+EncryptionBridge.swift
@@ -71,7 +71,7 @@ extension SessionProxy {
             _ serverSessionId: Data?,
             _ size: Int) throws -> ZeroingData {
             
-            let seed = Z(label)
+            let seed = Z(label, nullTerminated: false)
             seed.append(clientSeed)
             seed.append(serverSeed)
             if let csi = clientSessionId {
diff --git a/TunnelKit/Sources/Core/ZeroingData.swift b/TunnelKit/Sources/Core/ZeroingData.swift
index 3c96e05..442fcb0 100644
--- a/TunnelKit/Sources/Core/ZeroingData.swift
+++ b/TunnelKit/Sources/Core/ZeroingData.swift
@@ -66,6 +66,6 @@ func Z(_ data: Data) -> ZeroingData {
 //    return ZeroingData(data: data, offset: offset, count: count)
 //}
 
-func Z(_ string: String, nullTerminated: Bool = false) -> ZeroingData {
+func Z(_ string: String, nullTerminated: Bool) -> ZeroingData {
     return ZeroingData(string: string, nullTerminated: nullTerminated)
 }