master secret doesn't need to be generated by the server

src/cookies.h

@@ -5,7 +5,6 @@
 
 struct __attribute__ ((__packed__)) stored_cookie_st {
 	char username[MAX_USERNAME_SIZE];
-	uint8_t master_secret[TLS_MASTER_SIZE];
 	uint8_t session_id[GNUTLS_MAX_SESSION_ID];
 	time_t expiration;
 };

src/main-auth.c

@@ -70,20 +70,16 @@ static int send_auth_reply(cmd_auth_reply_t r, struct proc_list_st* proc, struct
 		iov[1].iov_len = sizeof(proc->cookie);
 		hdr.msg_iovlen++;
 
-		iov[2].iov_base = proc->master_secret;
-		iov[2].iov_len = sizeof(proc->master_secret);
+		iov[2].iov_base = proc->session_id;
+		iov[2].iov_len = sizeof(proc->session_id);
 		hdr.msg_iovlen++;
 
-		iov[3].iov_base = proc->session_id;
-		iov[3].iov_len = sizeof(proc->session_id);
+		iov[3].iov_base = lease->name;
+		iov[3].iov_len = sizeof(lease->name);
 		hdr.msg_iovlen++;
 
-		iov[4].iov_base = lease->name;
-		iov[4].iov_len = sizeof(lease->name);
-		hdr.msg_iovlen++;
-
-		iov[5].iov_base = proc->username;
-		iov[5].iov_len = MAX_USERNAME_SIZE;
+		iov[4].iov_base = proc->username;
+		iov[4].iov_len = MAX_USERNAME_SIZE;
 		hdr.msg_iovlen++;
 
 		/* Send the tun fd */
@@ -116,7 +112,6 @@ struct stored_cookie_st sc;
 	
 	memcpy(proc->cookie, req->cookie, sizeof(proc->cookie));
 	memcpy(proc->username, sc.username, sizeof(proc->username));
-	memcpy(proc->master_secret, sc.master_secret, sizeof(proc->master_secret));
 	memcpy(proc->session_id, sc.session_id, sizeof(proc->session_id));
 	
 	ret = open_tun(config, tun, lease);
@@ -133,9 +128,6 @@ int ret;
 struct stored_cookie_st sc;
 
 	ret = gnutls_rnd(GNUTLS_RND_RANDOM, proc->cookie, sizeof(proc->cookie));
-	if (ret < 0)
-		return -2;
-	ret = gnutls_rnd(GNUTLS_RND_RANDOM, proc->master_secret, sizeof(proc->master_secret));
 	if (ret < 0)
 		return -2;
 	ret = gnutls_rnd(GNUTLS_RND_NONCE, proc->session_id, sizeof(proc->session_id));
@@ -146,7 +138,6 @@ struct stored_cookie_st sc;
 	sc.expiration = time(0) + config->cookie_validity;
 	
 	memcpy(sc.username, proc->username, sizeof(sc.username));
-	memcpy(sc.master_secret, proc->master_secret, sizeof(sc.master_secret));
 	memcpy(sc.session_id, proc->session_id, sizeof(sc.session_id));
 	
 	ret = store_cookie(config, proc->cookie, sizeof(proc->cookie), &sc);

src/vpn.h

@@ -152,7 +152,6 @@ struct proc_list_st {
 	socklen_t remote_addr_len;
 	char username[MAX_USERNAME_SIZE]; /* the owner */
 	uint8_t cookie[COOKIE_SIZE]; /* the cookie associate with the session */
-	uint8_t master_secret[TLS_MASTER_SIZE];
 	uint8_t session_id[GNUTLS_MAX_SESSION_ID];
 	
 	/* the tun lease this process has */

src/worker-auth.c

@@ -193,7 +193,6 @@ static int recv_auth_reply(worker_st *ws)
 				memcpy(ws->tun_name, resp.vname, sizeof(ws->tun_name));
 				memcpy(ws->username, resp.user, sizeof(ws->username));
 				memcpy(ws->cookie, resp.cookie, sizeof(ws->cookie));
-				memcpy(ws->master_secret, resp.master_secret, sizeof(ws->master_secret));
 				memcpy(ws->session_id, resp.session_id, sizeof(ws->session_id));
 				ws->auth_ok = 1;
 			} else

src/worker-auth.h

@@ -42,7 +42,6 @@ struct __attribute__ ((__packed__)) cmd_auth_req_st {
 struct __attribute__ ((__packed__)) cmd_auth_reply_st {
 	uint8_t reply;
 	uint8_t cookie[COOKIE_SIZE];
-	uint8_t master_secret[TLS_MASTER_SIZE];
 	uint8_t session_id[GNUTLS_MAX_SESSION_ID];
 	char vname[IFNAMSIZ]; /* interface name */
 	char user[MAX_USERNAME_SIZE];