On Wed, Nov 15, 2006 at 01:05:51PM +0100, Narcis wrote:
> can anyone enlighten me? it looks like the address (ip?) and port of
> the client (server?) are used in the decryption of the rsa key.

Yes.  The first few bytes of the message are replaced with the unencoded
32-bit IPv4 address of the server, and the port number, both of which
were obtained using getpeername.

This may be a misguided attempt to increase the difficulty of
man-in-the-middle attack on the scheme, written in the days when it
wasn't trivial to do network address translation.

James Cameron    mailto:quozl at us.netrek.org     http://quozl.netrek.org/