From 4168b5038bc87475fa9534e40463de7a084074ad Mon Sep 17 00:00:00 2001
From: Russ Magee <rmagee+simplyembedded@gmail.com>
Date: Mon, 22 Nov 2021 18:38:46 -0800
Subject: [PATCH] Fixed IV feed into initial HMAC during chan setup

---
 Makefile      | 2 +-
 xsnet/chan.go | 4 +++-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/Makefile b/Makefile
index fc2efd0..3ab910d 100644
--- a/Makefile
+++ b/Makefile
@@ -1,4 +1,4 @@
-VERSION := 0.9.3
+VERSION := 0.9.4
 .PHONY: lint vis clean common client server passwd subpkgs install uninstall reinstall
 
 ## Tag version of binaries with build info wrt.
diff --git a/xsnet/chan.go b/xsnet/chan.go
index 819083d..6e5a0f3 100644
--- a/xsnet/chan.go
+++ b/xsnet/chan.go
@@ -105,9 +105,11 @@ func (hc *Conn) getStream(keymat []byte) (rc cipher.Stream, mc hash.Hash, err er
 		log.Printf("[cipher BLOWFISH_64 (%d)]\n", copts)
 	case CAlgCryptMT1:
 		rc = cryptmt.New(nil, nil, keymat)
+		//NOTE: this alg is not based on block cipher, no IV
 		log.Printf("[cipher CRYPTMT1 (%d)]\n", copts)
 	case CAlgHopscotch:
 		rc = hopscotch.New(nil, nil, 4, keymat)
+		//NOTE: this alg is not based on block cipher, no IV
 		log.Printf("[cipher HOPSCOTCH (%d)]\n", copts)
 	case CAlgChaCha20_12:
 		keymat = expandKeyMat(keymat, chacha.KeySize)
@@ -152,7 +154,7 @@ func (hc *Conn) getStream(keymat []byte) (rc cipher.Stream, mc hash.Hash, err er
 		//os.Exit(1)
 	}
 
-	if err != nil {
+	if err == nil && ivlen > 0 {
 		// Feed the IV into the hmac: all traffic in the connection must
 		// feed its data into the hmac afterwards, so both ends can xor
 		// that with the stream to detect corruption.