autoconnect.c autoconnect.h \
buffer.c buffer.h \
cipher.h \
+ compression.h \
conf.c conf.h \
conf_net.c conf_net.h \
connection.c connection.h \
* are only a few reachable nodes, and many unreachable ones, we're
* going to try harder to connect to them. */
- int r = rand() % node_tree->count;
+ unsigned int r = rand() % node_tree->count;
for splay_each(node_t, n, node_tree) {
if(r--) {
return false;
}
- int unit = -1;
+ long unit = -1;
char *p = strstr(device, "utun"), *e = NULL;
if(p) {
}
static bool read_packet(vpn_packet_t *packet) {
- int inlen;
+ ssize_t inlen;
switch(device_type) {
case DEVICE_TYPE_TUN:
#define PPPIOCGUNIT _IOR('t', 86, int)
struct sockaddr_ppp {
- u_int8_t ppp_len;
- u_int8_t ppp_family;
- u_int16_t ppp_proto;
- u_int32_t ppp_cookie;
+ uint8_t ppp_len;
+ uint8_t ppp_family;
+ uint16_t ppp_proto;
+ uint32_t ppp_cookie;
};
enum NPmode {
static int pcap_use_count = 0;
static pcap_t *pcap = NULL;
-static int data_buffer_length = 0;
-static char *data_buffer = NULL;
+static size_t data_buffer_length = 0;
+static uint8_t *data_buffer = NULL;
static void tun_error(char *format, ...) {
va_list vl;
}
}
-static void allocate_data_buffer(int size) {
+static void allocate_data_buffer(size_t size) {
if(data_buffer_length < size) {
free(data_buffer);
data_buffer_length = size;
return ret;
}
-int tunemu_read(int ppp_sockfd, char *buffer, int length) {
- allocate_data_buffer(length + 2);
+ssize_t tunemu_read(int ppp_sockfd, uint8_t *buffer, size_t buflen) {
+ allocate_data_buffer(buflen + 2);
- length = read(ppp_sockfd, data_buffer, length + 2);
+ ssize_t length = read(ppp_sockfd, data_buffer, buflen + 2);
if(length < 0) {
tun_error("reading packet: %s", strerror(errno));
return length;
}
-int tunemu_write(char *buffer, int length) {
- allocate_data_buffer(length + 4);
+ssize_t tunemu_write(uint8_t *buffer, size_t buflen) {
+ allocate_data_buffer(buflen + 4);
data_buffer[0] = 0x02;
data_buffer[1] = 0x00;
data_buffer[2] = 0x00;
data_buffer[3] = 0x00;
- memcpy(data_buffer + 4, buffer, length);
+ memcpy(data_buffer + 4, buffer, buflen);
if(pcap == NULL) {
tun_error("pcap not open");
return -1;
}
- length = pcap_inject(pcap, data_buffer, length + 4);
+ ssize_t length = pcap_inject(pcap, data_buffer, buflen + 4);
if(length < 0) {
tun_error("injecting packet: %s", pcap_geterr(pcap));
#ifndef TUNEMU_H
#define TUNEMU_H
+#include "system.h"
+
typedef char tunemu_device[7];
extern char tunemu_error[];
int tunemu_open(tunemu_device dev);
int tunemu_close(int fd);
-int tunemu_read(int fd, char *buffer, int length);
-int tunemu_write(char *buffer, int length);
+ssize_t tunemu_read(int fd, uint8_t *buffer, size_t buflen);
+ssize_t tunemu_write(uint8_t *buffer, size_t buflen);
#endif
#ifndef TINC_BUFFER_H
#define TINC_BUFFER_H
+#include "system.h"
+
typedef struct buffer_t {
char *data;
uint32_t maxlen;
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#include "system.h"
+
#define CIPHER_MAX_BLOCK_SIZE 32
#define CIPHER_MAX_IV_SIZE 16
#define CIPHER_MAX_KEY_SIZE 32
--- /dev/null
+#ifndef TINC_COMPRESSION_H
+#define TINC_COMPRESSION_H
+
+typedef enum compression_level_t {
+ COMPRESS_NONE = 0,
+
+ COMPRESS_ZLIB_1 = 1,
+ COMPRESS_ZLIB_2 = 2,
+ COMPRESS_ZLIB_3 = 3,
+ COMPRESS_ZLIB_4 = 4,
+ COMPRESS_ZLIB_5 = 5,
+ COMPRESS_ZLIB_6 = 6,
+ COMPRESS_ZLIB_7 = 7,
+ COMPRESS_ZLIB_8 = 8,
+ COMPRESS_ZLIB_9 = 9,
+
+ COMPRESS_LZO_LO = 10,
+ COMPRESS_LZO_HI = 11,
+
+ COMPRESS_LZ4 = 12,
+
+ COMPRESS_GUARD = INT_MAX, /* ensure that sizeof(compression_level_t) == sizeof(int) */
+} compression_level_t;
+
+#endif
return NULL;
}
- p = fgets(buf, buflen, fp);
+ p = fgets(buf, (int) buflen, fp);
if(!p) {
return NULL;
config_t *parse_config_line(char *line, const char *fname, int lineno) {
config_t *cfg;
- int len;
char *variable, *value, *eol;
variable = value = line;
*eol = '\0';
}
- len = strcspn(value, "\t =");
+ size_t len = strcspn(value, "\t =");
value += len;
value += strspn(value, "\t ");
#define OPTION_VERSION(x) ((x) >> 24) /* Top 8 bits are for protocol minor version */
typedef struct connection_status_t {
- unsigned int pinged: 1; /* sent ping */
- unsigned int unused_active: 1;
- unsigned int connecting: 1; /* 1 if we are waiting for a non-blocking connect() to finish */
- unsigned int unused_termreq: 1; /* the termination of this connection was requested */
- unsigned int remove_unused: 1; /* Set to 1 if you want this connection removed */
- unsigned int timeout_unused: 1; /* 1 if gotten timeout */
- unsigned int encryptout: 1; /* 1 if we can encrypt outgoing traffic */
- unsigned int decryptin: 1; /* 1 if we have to decrypt incoming traffic */
- unsigned int mst: 1; /* 1 if this connection is part of a minimum spanning tree */
- unsigned int control: 1; /* 1 if this is a control connection */
- unsigned int pcap: 1; /* 1 if this is a control connection requesting packet capture */
- unsigned int log: 1; /* 1 if this is a control connection requesting log dump */
- unsigned int invitation: 1; /* 1 if this is an invitation */
- unsigned int invitation_used: 1; /* 1 if the invitation has been consumed */
- unsigned int tarpit: 1; /* 1 if the connection should be added to the tarpit */
- unsigned int unused: 17;
+ bool pinged: 1; /* sent ping */
+ bool unused_active: 1;
+ bool connecting: 1; /* 1 if we are waiting for a non-blocking connect() to finish */
+ bool unused_termreq: 1; /* the termination of this connection was requested */
+ bool remove_unused: 1; /* Set to 1 if you want this connection removed */
+ bool timeout_unused: 1; /* 1 if gotten timeout */
+ bool encryptout: 1; /* 1 if we can encrypt outgoing traffic */
+ bool decryptin: 1; /* 1 if we have to decrypt incoming traffic */
+ bool mst: 1; /* 1 if this connection is part of a minimum spanning tree */
+ bool control: 1; /* 1 if this is a control connection */
+ bool pcap: 1; /* 1 if this is a control connection requesting packet capture */
+ bool log: 1; /* 1 if this is a control connection requesting log dump */
+ bool invitation: 1; /* 1 if this is an invitation */
+ bool invitation_used: 1; /* 1 if the invitation has been consumed */
+ bool tarpit: 1; /* 1 if the connection should be added to the tarpit */
+ uint32_t unused: 17;
} connection_status_t;
#include "ecdsa.h"
sptps_t sptps;
int outmaclength;
- int outcompression;
+ int outcompression; /* compression level from compression_level_t */
- char *hischallenge; /* The challenge we sent to him */
- char *mychallenge; /* The challenge we received */
+ uint8_t *hischallenge; /* The challenge we sent to him */
+ uint8_t *mychallenge; /* The challenge we received */
struct buffer_t inbuf;
struct buffer_t outbuf;
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#include "system.h"
+
extern bool init_control(void);
extern void exit_control(void);
extern char controlcookie[];
#ifndef TINC_CRYPTO_H
#define TINC_CRYPTO_H
+#include "system.h"
+
/*
crypto.h -- header for crypto.c
Copyright (C) 2007-2013 Guus Sliepen <guus@tinc-vpn.org>
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#include "system.h"
+
#define DIGEST_MAX_SIZE 64
+#define DIGEST_ALGO_SIZE ((size_t) -1)
#ifndef DISABLE_LEGACY
typedef struct digest digest_t;
-extern digest_t *digest_open_by_name(const char *name, int maclength) __attribute__((__malloc__));
-extern digest_t *digest_open_by_nid(int nid, int maclength) __attribute__((__malloc__));
+extern digest_t *digest_open_by_name(const char *name, size_t maclength) __attribute__((__malloc__));
+extern digest_t *digest_open_by_nid(int nid, size_t maclength) __attribute__((__malloc__));
extern void digest_close(digest_t *digest);
extern bool digest_create(digest_t *digest, const void *indata, size_t inlen, void *outdata) __attribute__((__warn_unused_result__));
extern bool digest_verify(digest_t *digest, const void *indata, size_t inlen, const void *digestdata) __attribute__((__warn_unused_result__));
extern size_t digest_length(const digest_t *digest);
extern bool digest_active(const digest_t *digest);
-#endif
+#endif // DISABLE_LEGACY
-#endif
+#endif // TINC_DIGEST_H
#include "system.h"
+#ifndef HAVE_ASPRINTF
+#include "xalloc.h"
+#endif
+
#ifndef HAVE_DAEMON
/*
Replacement for the daemon() function.
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#include "system.h"
+
#ifndef HAVE_DAEMON
extern int daemon(int, int);
#endif
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#include "system.h"
+
#define ECDH_SIZE 32
#define ECDH_SHARED_SIZE 32
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#include "system.h"
+
#ifndef TINC_ECDSA_INTERNAL
typedef struct ecdsa ecdsa_t;
#endif
// Get and set ECDSA keys
//
ecdsa_t *ecdsa_set_base64_public_key(const char *p) {
- int len = strlen(p);
+ size_t len = strlen(p);
if(len != 43) {
- logger(DEBUG_ALWAYS, LOG_ERR, "Invalid size %d for public key!", len);
+ logger(DEBUG_ALWAYS, LOG_ERR, "Invalid size %zu for public key!", len);
return 0;
}
len = b64decode(p, ecdsa->public, len);
if(len != 32) {
- logger(DEBUG_ALWAYS, LOG_ERR, "Invalid format of public key! len = %d", len);
+ logger(DEBUG_ALWAYS, LOG_ERR, "Invalid format of public key! len = %zu", len);
free(ecdsa);
return 0;
}
}
static inline int32_t shl32(uint32_t a, uint32_t b) {
- return a << b;
+ return (int32_t)(a << b);
}
static inline int64_t shl64(uint64_t a, uint32_t b) {
- return a << b;
+ return (int64_t)(a << b);
}
static inline uint64_t shlu64(uint64_t a, uint32_t b) {
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#include "system.h"
+
#ifndef ETH_ALEN
#define ETH_ALEN 6
#endif
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#include "system.h"
#include "splay_tree.h"
#define IO_READ 1
struct iovec iov = {0};
char cmsgbuf[CMSG_SPACE(sizeof(device_fd))];
struct msghdr msg = {0};
- int ret;
+ ssize_t ret;
struct cmsghdr *cmsgptr;
iov.iov_base = &iobuf;
msg.msg_controllen = sizeof(cmsgbuf);
if((ret = recvmsg(socket, &msg, 0)) < 1) {
- logger(DEBUG_ALWAYS, LOG_ERR, "Could not read from unix socket (error %d)!", ret);
+ logger(DEBUG_ALWAYS, LOG_ERR, "Could not read from unix socket (error %zd)!", ret);
return -1;
}
}
if(cmsgptr->cmsg_len != CMSG_LEN(sizeof(device_fd))) {
- logger(DEBUG_ALWAYS, LOG_ERR, "Wrong CMSG data length: %lu, expected %lu!",
- (unsigned long)cmsgptr->cmsg_len, (unsigned long)CMSG_LEN(sizeof(device_fd)));
+ logger(DEBUG_ALWAYS, LOG_ERR, "Wrong CMSG data length: %zu, expected %zu!",
+ cmsgptr->cmsg_len, CMSG_LEN(sizeof(device_fd)));
return -1;
}
}
static bool read_packet(vpn_packet_t *packet) {
- int lenin = read(device_fd, DATA(packet) + ETH_HLEN, MTU - ETH_HLEN);
+ ssize_t lenin = read(device_fd, DATA(packet) + ETH_HLEN, MTU - ETH_HLEN);
if(lenin <= 0) {
logger(DEBUG_ALWAYS, LOG_ERR, "Error while reading from fd/%d: %s!", device_fd, strerror(errno));
size_t origlen = inlen - padbyte;
- for(int i = inlen - 1; i >= origlen; i--)
+ for(size_t i = inlen - 1; i >= origlen; i--)
if(((uint8_t *)outdata)[i] != padbyte) {
logger(DEBUG_ALWAYS, LOG_ERR, "Error while decrypting: invalid padding");
return false;
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#include "system.h"
+
#include <gcrypt.h>
#define CIPHER_MAX_BLOCK_SIZE 32
typedef struct cipher {
gcry_cipher_hd_t handle;
- char *key;
+ uint8_t *key;
int nid;
uint16_t keylen;
uint16_t blklen;
static struct {
const char *name;
- int algo;
+ enum gcry_md_algos algo;
int nid;
} digesttable[] = {
{"none", GCRY_MD_NONE, 0},
{"sha512", GCRY_MD_SHA512, 674},
};
-static bool nametodigest(const char *name, int *algo) {
+static bool nametodigest(const char *name, enum gcry_md_algos *algo) {
int i;
for(i = 0; i < sizeof(digesttable) / sizeof(*digesttable); i++) {
return false;
}
-static bool nidtodigest(int nid, int *algo) {
- int i;
-
- for(i = 0; i < sizeof(digesttable) / sizeof(*digesttable); i++) {
+static bool nidtodigest(int nid, enum gcry_md_algos *algo) {
+ for(int i = 0; i < sizeof(digesttable) / sizeof(*digesttable); i++) {
if(nid == digesttable[i].nid) {
*algo = digesttable[i].algo;
return true;
return false;
}
-static bool digesttonid(int algo, int *nid) {
- int i;
-
- for(i = 0; i < sizeof(digesttable) / sizeof(*digesttable); i++) {
+static bool digesttonid(enum gcry_md_algos algo, int *nid) {
+ for(int i = 0; i < sizeof(digesttable) / sizeof(*digesttable); i++) {
if(algo == digesttable[i].algo) {
*nid = digesttable[i].nid;
return true;
return false;
}
-static bool digest_open(digest_t *digest, int algo, int maclength) {
+static bool digest_open(digest_t *digest, enum gcry_md_algos algo, size_t maclength) {
if(!digesttonid(algo, &digest->nid)) {
logger(DEBUG_ALWAYS, LOG_DEBUG, "Digest %d has no corresponding nid!", algo);
return false;
return true;
}
-bool digest_open_by_name(digest_t *digest, const char *name, int maclength) {
- int algo;
+bool digest_open_by_name(digest_t *digest, const char *name, size_t maclength) {
+ enum gcry_md_algos algo;
if(!nametodigest(name, &algo)) {
logger(DEBUG_ALWAYS, LOG_DEBUG, "Unknown digest name '%s'!", name);
return digest_open(digest, algo, maclength);
}
-bool digest_open_by_nid(digest_t *digest, int nid, int maclength) {
- int algo;
+bool digest_open_by_nid(digest_t *digest, int nid, size_t maclength) {
+ enum gcry_md_algos algo;
if(!nidtodigest(nid, &algo)) {
logger(DEBUG_ALWAYS, LOG_DEBUG, "Unknown digest ID %d!", nid);
return digest_open(digest, algo, maclength);
}
-bool digest_open_sha1(digest_t *digest, int maclength) {
+bool digest_open_sha1(digest_t *digest, size_t maclength) {
return digest_open(digest, GCRY_MD_SHA1, maclength);
}
unsigned int len = gcry_md_get_algo_dlen(digest->algo);
if(digest->hmac) {
- char *tmpdata;
+ uint8_t *tmpdata;
gcry_md_reset(digest->hmac);
gcry_md_write(digest->hmac, indata, inlen);
tmpdata = gcry_md_read(digest->hmac, digest->algo);
}
bool digest_verify(digest_t *digest, const void *indata, size_t inlen, const void *cmpdata) {
- unsigned int len = digest->maclength;
- char outdata[len];
+ size_t len = digest->maclength;
+ uint8_t outdata[len];
return digest_create(digest, indata, inlen, outdata) && !memcmp(cmpdata, outdata, len);
}
#define DIGEST_MAX_SIZE 64
typedef struct digest {
- int algo;
+ enum gcry_md_algos algo;
int nid;
- int maclength;
+ size_t maclength;
gcry_md_hd_t hmac;
} digest_t;
-extern bool digest_open_by_name(struct digest *, const char *name, int maclength);
-extern bool digest_open_by_nid(struct digest *, int nid, int maclength);
-extern bool digest_open_sha1(struct digest *, int maclength);
+extern bool digest_open_by_name(struct digest *, const char *name, size_t maclength);
+extern bool digest_open_by_nid(struct digest *, int nid, size_t maclength);
+extern bool digest_open_sha1(struct digest *, size_t maclength);
extern void digest_close(struct digest *);
extern bool digest_create(struct digest *, const void *indata, size_t inlen, void *outdata);
extern bool digest_verify(struct digest *, const void *indata, size_t inlen, const void *digestdata);
#include "../prf.h"
#include "../ed25519/sha512.h"
-static void memxor(char *buf, char c, size_t len) {
+static void memxor(uint8_t *buf, uint8_t c, size_t len) {
for(size_t i = 0; i < len; i++) {
buf[i] ^= c;
}
static const size_t mdlen = 64;
static const size_t blklen = 128;
-static bool hmac_sha512(const char *key, size_t keylen, const char *msg, size_t msglen, char *out) {
- char tmp[blklen + mdlen];
+static bool hmac_sha512(const uint8_t *key, size_t keylen, const uint8_t *msg, size_t msglen, uint8_t *out) {
+ uint8_t tmp[blklen + mdlen];
sha512_context md;
if(keylen <= blklen) {
We use SHA512 instead of MD5 and SHA1.
*/
-bool prf(const char *secret, size_t secretlen, char *seed, size_t seedlen, char *out, size_t outlen) {
+bool prf(const uint8_t *secret, size_t secretlen, uint8_t *seed, size_t seedlen, uint8_t *out, size_t outlen) {
/* Data is what the "inner" HMAC function processes.
It consists of the previous HMAC result plus the seed.
*/
- char data[mdlen + seedlen];
+ uint8_t data[mdlen + seedlen];
memset(data, 0, mdlen);
memcpy(data + mdlen, seed, seedlen);
- char hash[mdlen];
+ uint8_t hash[mdlen];
while(outlen > 0) {
/* Inner HMAC */
gcry_mpi_t outmpi = gcry_mpi_new(len * 8);
gcry_mpi_powm(outmpi, inmpi, rsa->e, rsa->n);
- int pad = len - (gcry_mpi_get_nbits(outmpi) + 7) / 8;
+ size_t out_bytes = (gcry_mpi_get_nbits(outmpi) + 7) / 8;
+ size_t pad = len - MIN(out_bytes, len);
while(pad--) {
*(char *)out++ = 0;
gcry_mpi_t outmpi = gcry_mpi_new(len * 8);
gcry_mpi_powm(outmpi, inmpi, rsa->d, rsa->n);
- int pad = len - (gcry_mpi_get_nbits(outmpi) + 7) / 8;
+ size_t pad = len - (gcry_mpi_get_nbits(outmpi) + 7) / 8;
while(pad--) {
*(char *)out++ = 0;
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#include "system.h"
+
typedef struct hash_t {
size_t n;
size_t size;
- char *keys;
+ uint8_t *keys;
const void **values;
} hash_t;
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#include "system.h"
+
extern void ifconfig_dhcp(FILE *out);
extern void ifconfig_dhcp6(FILE *out);
extern void ifconfig_slaac(FILE *out);
}
char *strip_weight(char *netstr) {
- int len = strlen(netstr);
+ size_t len = strlen(netstr);
if(len >= 3 && !strcmp(netstr + len - 3, "#10")) {
netstr[len - 3] = 0;
if(s >= 0) {
send(s, request, sizeof(request) - 1, 0);
- int len = recv(s, line, sizeof(line) - 1, MSG_WAITALL);
+ ssize_t len = recv(s, line, sizeof(line) - 1, MSG_WAITALL);
if(len > 0) {
line[len] = 0;
// Check that the hostname is reasonable
if(hostname) {
for(char *p = hostname; *p; p++) {
- if(isalnum(*p) || *p == '-' || *p == '.' || *p == ':') {
+ if(isalnum((uint8_t) *p) || *p == '-' || *p == '.' || *p == ':') {
continue;
}
}
for(char *p = line; *p; p++) {
- if(isalnum(*p) || *p == '-' || *p == '.') {
+ if(isalnum((uint8_t) *p) || *p == '-' || *p == '.') {
continue;
}
randomize(cookie, 18);
// Create a filename that doesn't reveal the cookie itself
- char buf[18 + strlen(fingerprint)];
+ uint8_t buf[18 + strlen(fingerprint)];
char cookiehash[64];
memcpy(buf, cookie, 18);
memcpy(buf + 18, fingerprint, sizeof(buf) - 18);
return NULL;
}
- if(len && !isprint(**data)) {
+ if(len && !isprint((uint8_t) **data)) {
abort();
}
static char value[1024];
const char *p = data;
- int varlen = strlen(var);
+ size_t varlen = strlen(var);
// Skip all lines not starting with var
while(strncasecmp(p, var, varlen) || !strchr(" \t=", p[varlen])) {
}
// Split line into variable and value
- int len = strcspn(l, "\t =");
+ size_t len = strcspn(l, "\t =");
value = l + len;
value += strspn(value, "\t ");
continue;
}
- int len = strcspn(l, "\t =");
+ size_t len = strcspn(l, "\t =");
if(len == 4 && !strncasecmp(l, "Name", 4)) {
value = l + len;
static bool invitation_send(void *handle, uint8_t type, const void *vdata, size_t len) {
(void)handle;
(void)type;
- const char *data = vdata;
+ const uint8_t *data = vdata;
while(len) {
- int result = send(sock, data, len, 0);
+ ssize_t result = send(sock, data, len, 0);
if(result == -1 && sockwouldblock(sockerrno)) {
continue;
fprintf(stderr, "Connected to %s port %s...\n", address, port);
// Tell him we have an invitation, and give him our throw-away key.
- int len = snprintf(line, sizeof(line), "0 ?%s %d.%d\n", b64key, PROT_MAJOR, PROT_MINOR);
+ ssize_t len = snprintf(line, sizeof(line), "0 ?%s %d.%d\n", b64key, PROT_MAJOR, PROT_MINOR);
if(len <= 0 || (size_t)len >= sizeof(line)) {
abort();
char *p = line;
while(len) {
- int done = sptps_receive_data(&sptps, p, len);
+ size_t done = sptps_receive_data(&sptps, p, len);
if(!done) {
return 1;
}
- len -= done;
+ len -= (ssize_t) done;
p += done;
}
}
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#include "system.h"
+
#ifndef AF_INET
#define AF_INET 2
#endif
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#include "system.h"
+
#ifndef AF_INET6
#define AF_INET6 10
#endif
}
static bool read_packet(vpn_packet_t *packet) {
- int inlen;
+ size_t inlen;
switch(device_type) {
case DEVICE_TYPE_TUN:
#include "control_common.h"
#include "process.h"
#include "sptps.h"
+#include "compression.h"
-int debug_level = DEBUG_NOTHING;
+debug_t debug_level = DEBUG_NOTHING;
static logmode_t logmode = LOGMODE_STDERR;
static pid_t logpid;
static FILE *logfile = NULL;
bool logcontrol = false; // controlled by REQ_LOG <level>
int umbilical = 0;
-static bool should_log(int level) {
+static bool should_log(debug_t level) {
return (level <= debug_level && logmode != LOGMODE_NULL) || logcontrol;
}
-static void real_logger(int level, int priority, const char *message) {
+static void real_logger(debug_t level, int priority, const char *message) {
char timestr[32] = "";
static bool suppress = false;
break;
case LOGMODE_NULL:
+ default:
break;
}
logcontrol = true;
- if(level > (c->outcompression >= 0 ? c->outcompression : debug_level)) {
+ if(level > (c->outcompression >= COMPRESS_NONE ? c->outcompression : debug_level)) {
continue;
}
- int len = strlen(message);
+ size_t len = strlen(message);
- if(send_request(c, "%d %d %d", CONTROL, REQ_LOG, len)) {
+ if(send_request(c, "%d %d %zu", CONTROL, REQ_LOG, len)) {
send_meta(c, message, len);
}
}
}
}
-void logger(int level, int priority, const char *format, ...) {
+void logger(debug_t level, int priority, const char *format, ...) {
va_list ap;
char message[1024] = "";
#endif
case LOGMODE_NULL:
+ default:
break;
}
case LOGMODE_NULL:
case LOGMODE_STDERR:
+ default:
break;
}
}
*/
typedef enum debug_t {
+ DEBUG_UNSET = -1, /* Used by tinc as the default debug level. */
DEBUG_NOTHING = 0, /* Quiet mode, only show starting/stopping of the daemon */
DEBUG_ALWAYS = 0,
DEBUG_CONNECTIONS = 1, /* Show (dis)connects of other tinc daemons via TCP */
#include <stdbool.h>
-extern int debug_level;
+extern debug_t debug_level;
extern bool logcontrol;
extern int umbilical;
extern void openlogger(const char *ident, logmode_t mode);
extern void reopenlogger(void);
-extern void logger(int level, int priority, const char *format, ...) __attribute__((__format__(printf, 3, 4)));
+extern void logger(debug_t level, int priority, const char *format, ...) __attribute__((__format__(printf, 3, 4)));
extern void closelogger(void);
#endif
return true;
}
-bool send_meta(connection_t *c, const char *buffer, size_t length) {
+bool send_meta(connection_t *c, const void *buffer, size_t length) {
if(!c) {
logger(DEBUG_ALWAYS, LOG_ERR, "send_meta() called with NULL pointer!");
abort();
}
- logger(DEBUG_META, LOG_DEBUG, "Sending %lu bytes of metadata to %s (%s)", (unsigned long)length,
- c->name, c->hostname);
+ logger(DEBUG_META, LOG_DEBUG, "Sending %zu bytes of metadata to %s (%s)",
+ length, c->name, c->hostname);
if(c->protocol_minor >= 2) {
return sptps_send_record(&c->sptps, 0, buffer, length);
return true;
}
-void send_meta_raw(connection_t *c, const char *buffer, size_t length) {
+void send_meta_raw(connection_t *c, const void *buffer, size_t length) {
if(!c) {
logger(DEBUG_ALWAYS, LOG_ERR, "send_meta() called with NULL pointer!");
abort();
}
- logger(DEBUG_META, LOG_DEBUG, "Sending %lu bytes of raw metadata to %s (%s)", (unsigned long)length,
- c->name, c->hostname);
+ logger(DEBUG_META, LOG_DEBUG, "Sending %zu bytes of raw metadata to %s (%s)",
+ length, c->name, c->hostname);
buffer_add(&c->outbuf, buffer, length);
}
bufp += len;
- inlen -= len;
+ inlen -= (ssize_t)len;
continue;
}
#include "connection.h"
-extern bool send_meta(struct connection_t *c, const char *buffer, size_t length);
-extern void send_meta_raw(struct connection_t *c, const char *buffer, size_t length);
+extern bool send_meta(struct connection_t *c, const void *buffer, size_t length);
+extern void send_meta_raw(struct connection_t *c, const void *buffer, size_t length);
extern bool send_meta_sptps(void *handle, uint8_t type, const void *data, size_t length);
extern bool receive_meta_sptps(void *handle, uint8_t type, const void *data, uint16_t length);
extern void broadcast_meta(struct connection_t *from, const char *buffer, size_t length);
}
static bool read_packet(vpn_packet_t *packet) {
- int lenin;
+ ssize_t lenin;
if((lenin = recv(device_fd, (void *)DATA(packet), MTU, 0)) <= 0) {
logger(DEBUG_ALWAYS, LOG_ERR, "Error while reading from %s %s: %s", device_info,
}
if(!memcmp(&ignore_src, DATA(packet) + 6, sizeof(ignore_src))) {
- logger(DEBUG_SCARY_THINGS, LOG_DEBUG, "Ignoring loopback packet of %d bytes from %s", lenin, device_info);
+ logger(DEBUG_SCARY_THINGS, LOG_DEBUG, "Ignoring loopback packet of %zd bytes from %s", lenin, device_info);
return false;
}
#endif
if(!unixsocketname) {
- int len = strlen(pidfilename);
+ size_t len = strlen(pidfilename);
unixsocketname = xmalloc(len + 8);
memcpy(unixsocketname, pidfilename, len);
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#include "system.h"
+
extern char *confdir;
extern char *confbase;
extern bool confbase_given;
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#include "system.h"
+
#include "ipv6.h"
#include "cipher.h"
#include "digest.h"
extern void handle_new_unix_connection(void *data, int flags);
extern int setup_listen_socket(const sockaddr_t *sa);
extern int setup_vpn_in_socket(const sockaddr_t *sa);
-extern bool send_sptps_data(node_t *to, node_t *from, int type, const void *data, size_t len);
+extern bool send_sptps_data(struct node_t *to, struct node_t *from, int type, const void *data, size_t len);
extern bool receive_sptps_record(void *handle, uint8_t type, const void *data, uint16_t len);
extern void send_packet(struct node_t *n, vpn_packet_t *packet);
extern void receive_tcppacket(struct connection_t *c, const char *buffer, size_t length);
#include "cipher.h"
#include "conf.h"
#include "connection.h"
+#include "compression.h"
#include "crypto.h"
#include "digest.h"
#include "device.h"
gettimeofday(&now, NULL);
struct timeval rtt;
timersub(&now, &n->udp_ping_sent, &rtt);
- n->udp_ping_rtt = rtt.tv_sec * 1000000 + rtt.tv_usec;
+ n->udp_ping_rtt = (int)(rtt.tv_sec * 1000000 + rtt.tv_usec);
n->status.ping_sent = false;
logger(DEBUG_TRAFFIC, LOG_INFO, "Got type %d UDP probe reply %d from %s (%s) rtt=%d.%03d", DATA(packet)[0], len, n->name, n->hostname, n->udp_ping_rtt / 1000, n->udp_ping_rtt % 1000);
} else {
#endif /* HAVE_LZ4 */
#ifdef HAVE_LZO
-static length_t compress_packet_lzo(uint8_t *dest, const uint8_t *source, length_t len, int level) {
- assert(level == 10 || level == 11);
+static length_t compress_packet_lzo(uint8_t *dest, const uint8_t *source, length_t len, compression_level_t level) {
+ assert(level == COMPRESS_LZO_LO || level == COMPRESS_LZO_HI);
lzo_uint lzolen = MAXSIZE;
int result;
- if(level == 11) {
+ if(level == COMPRESS_LZO_HI) {
result = lzo1x_999_compress(source, len, dest, &lzolen, lzo_wrkmem);
- } else { // level == 10
+ } else { // level == COMPRESS_LZO_LO
result = lzo1x_1_compress(source, len, dest, &lzolen, lzo_wrkmem);
}
}
#endif
-static length_t compress_packet(uint8_t *dest, const uint8_t *source, length_t len, int level) {
+static length_t compress_packet(uint8_t *dest, const uint8_t *source, length_t len, compression_level_t level) {
switch(level) {
#ifdef HAVE_LZ4
- case 12:
+ case COMPRESS_LZ4:
return compress_packet_lz4(dest, source, len);
#endif
#ifdef HAVE_LZO
- case 11:
- case 10:
+ case COMPRESS_LZO_HI:
+ case COMPRESS_LZO_LO:
return compress_packet_lzo(dest, source, len, level);
#endif
#ifdef HAVE_ZLIB
- case 9:
- case 8:
- case 7:
- case 6:
- case 5:
- case 4:
- case 3:
- case 2:
- case 1: {
+ case COMPRESS_ZLIB_9:
+ case COMPRESS_ZLIB_8:
+ case COMPRESS_ZLIB_7:
+ case COMPRESS_ZLIB_6:
+ case COMPRESS_ZLIB_5:
+ case COMPRESS_ZLIB_4:
+ case COMPRESS_ZLIB_3:
+ case COMPRESS_ZLIB_2:
+ case COMPRESS_ZLIB_1: {
unsigned long dest_len = MAXSIZE;
- if(compress2(dest, (unsigned long *) &dest_len, source, len, level) == Z_OK) {
+ if(compress2(dest, &dest_len, source, len, level) == Z_OK) {
return dest_len;
} else {
return 0;
#endif
- case 0:
+ case COMPRESS_NONE:
memcpy(dest, source, len);
return len;
}
}
-static length_t uncompress_packet(uint8_t *dest, const uint8_t *source, length_t len, int level) {
+static length_t uncompress_packet(uint8_t *dest, const uint8_t *source, length_t len, compression_level_t level) {
switch(level) {
#ifdef HAVE_LZ4
- case 12:
+ case COMPRESS_LZ4:
return LZ4_decompress_safe((char *)source, (char *) dest, len, MAXSIZE);
#endif
#ifdef HAVE_LZO
- case 11:
- case 10: {
+ case COMPRESS_LZO_HI:
+ case COMPRESS_LZO_LO: {
lzo_uint dst_len = MAXSIZE;
- if(lzo1x_decompress_safe(source, len, dest, (lzo_uint *) &dst_len, NULL) == LZO_E_OK) {
+ if(lzo1x_decompress_safe(source, len, dest, &dst_len, NULL) == LZO_E_OK) {
return dst_len;
} else {
return 0;
#endif
#ifdef HAVE_ZLIB
- case 9:
- case 8:
- case 7:
- case 6:
- case 5:
- case 4:
- case 3:
- case 2:
- case 1: {
+ case COMPRESS_ZLIB_9:
+ case COMPRESS_ZLIB_8:
+ case COMPRESS_ZLIB_7:
+ case COMPRESS_ZLIB_6:
+ case COMPRESS_ZLIB_5:
+ case COMPRESS_ZLIB_4:
+ case COMPRESS_ZLIB_3:
+ case COMPRESS_ZLIB_2:
+ case COMPRESS_ZLIB_1: {
unsigned long destlen = MAXSIZE;
static z_stream stream;
#endif
- case 0:
+ case COMPRESS_NONE:
memcpy(dest, source, len);
return len;
length_t origlen = inpkt->len;
- if(n->incompression) {
+ if(n->incompression != COMPRESS_NONE) {
vpn_packet_t *outpkt = pkt[nextpkt++];
if(!(outpkt->len = uncompress_packet(DATA(outpkt), DATA(inpkt), inpkt->len, n->incompression))) {
int offset = 0;
if((!(DATA(origpkt)[12] | DATA(origpkt)[13])) && (n->sptps.outstate)) {
- sptps_send_record(&n->sptps, PKT_PROBE, (char *)DATA(origpkt), origpkt->len);
+ sptps_send_record(&n->sptps, PKT_PROBE, DATA(origpkt), origpkt->len);
return;
}
vpn_packet_t outpkt;
- if(n->outcompression) {
+ if(n->outcompression != COMPRESS_NONE) {
outpkt.offset = 0;
length_t len = compress_packet(DATA(&outpkt) + offset, DATA(origpkt) + offset, origpkt->len - offset, n->outcompression);
} else {
sptps_send_record(&n->sptps, type, DATA(origpkt) + offset, origpkt->len - offset);
}
-
- return;
}
-static void adapt_socket(const sockaddr_t *sa, int *sock) {
+static void adapt_socket(const sockaddr_t *sa, size_t *sock) {
/* Make sure we have a suitable socket for the chosen address */
if(listen_socket[*sock].sa.sa.sa_family != sa->sa.sa_family) {
for(int i = 0; i < listen_sockets; i++) {
}
}
-static void choose_udp_address(const node_t *n, const sockaddr_t **sa, int *sock) {
+static void choose_udp_address(const node_t *n, const sockaddr_t **sa, size_t *sock) {
/* Latest guess */
*sa = &n->address;
*sock = n->sock;
/* Otherwise, address are found in edges to this node.
So we pick a random edge and a random socket. */
- int i = 0;
- int j = rand() % n->edge_tree->count;
+ unsigned int i = 0;
+ unsigned int j = rand() % n->edge_tree->count;
edge_t *candidate = NULL;
for splay_each(edge_t, e, n->edge_tree) {
adapt_socket(*sa, sock);
}
-static void choose_local_address(const node_t *n, const sockaddr_t **sa, int *sock) {
+static void choose_local_address(const node_t *n, const sockaddr_t **sa, size_t *sock) {
*sa = NULL;
/* Pick one of the edges from this node at random, then use its local address. */
- int i = 0;
- int j = rand() % n->edge_tree->count;
+ unsigned int i = 0;
+ unsigned int j = rand() % n->edge_tree->count;
edge_t *candidate = NULL;
for splay_each(edge_t, e, n->edge_tree) {
/* Compress the packet */
- if(n->outcompression) {
+ if(n->outcompression != COMPRESS_NONE) {
outpkt = pkt[nextpkt++];
if(!(outpkt->len = compress_packet(DATA(outpkt), DATA(inpkt), inpkt->len, n->outcompression))) {
/* Send the packet */
const sockaddr_t *sa = NULL;
- int sock;
+ size_t sock;
if(n->status.send_locally) {
choose_local_address(n, &sa, &sock);
if(type == SPTPS_HANDSHAKE || tcponly || (!direct && !relay_supported) || (type != PKT_PROBE && (len - SPTPS_DATAGRAM_OVERHEAD) > relay->minmtu)) {
if(type != SPTPS_HANDSHAKE && (to->nexthop->connection->options >> 24) >= 7) {
- char buf[len + sizeof(to->id) + sizeof(from->id)];
- char *buf_ptr = buf;
+ uint8_t buf[len + sizeof(to->id) + sizeof(from->id)];
+ uint8_t *buf_ptr = buf;
memcpy(buf_ptr, &to->id, sizeof(to->id));
buf_ptr += sizeof(to->id);
memcpy(buf_ptr, &from->id, sizeof(from->id));
overhead += sizeof(to->id) + sizeof(from->id);
}
- char buf[len + overhead];
- char *buf_ptr = buf;
+ uint8_t buf[len + overhead];
+ uint8_t *buf_ptr = buf;
if(relay_supported) {
if(direct) {
buf_ptr += len;
const sockaddr_t *sa = NULL;
- int sock;
+ size_t sock;
if(relay->status.send_locally) {
choose_local_address(relay, &sa, &sock);
return;
}
-static void send_udp_probe_packet(node_t *n, int len) {
+static void send_udp_probe_packet(node_t *n, size_t len) {
vpn_packet_t packet;
if(len > sizeof(packet.data)) {
- logger(DEBUG_TRAFFIC, LOG_INFO, "Truncating probe length %d to %s (%s)", len, n->name, n->hostname);
+ logger(DEBUG_TRAFFIC, LOG_INFO, "Truncating probe length %zu to %s (%s)", len, n->name, n->hostname);
len = sizeof(packet.data);
}
packet.len = len;
packet.priority = 0;
- logger(DEBUG_TRAFFIC, LOG_INFO, "Sending UDP probe length %d to %s (%s)", len, n->name, n->hostname);
+ logger(DEBUG_TRAFFIC, LOG_INFO, "Sending UDP probe length %zu to %s (%s)", len, n->name, n->hostname);
send_udppacket(n, &packet);
}
struct timeval ping_tx_elapsed;
timersub(&now, &n->udp_ping_sent, &ping_tx_elapsed);
- int interval = n->status.udp_confirmed ? udp_discovery_keepalive_interval : udp_discovery_interval;
+ int interval = n->status.udp_confirmed
+ ? udp_discovery_keepalive_interval
+ : udp_discovery_interval;
if(ping_tx_elapsed.tv_sec >= interval) {
gettimeofday(&now, NULL);
int sock = -1;
const sockaddr_t *sa = NULL;
- int sockindex;
+ size_t sockindex;
choose_udp_address(n, &sa, &sockindex);
if(!sa) {
This fine-tuning is only valid for maxmtu = MTU; if maxmtu is smaller,
then it's better to use a multiplier of 1. Indeed, this leads to an interesting scenario
if choose_initial_maxmtu() returns the actual MTU value - it will get confirmed with one single probe. */
- const float multiplier = (n->maxmtu == MTU) ? 0.97 : 1;
+ const float multiplier = (n->maxmtu == MTU) ? 0.97f : 1.0f;
- const float cycle_position = probes_per_cycle - (n->mtuprobes % probes_per_cycle) - 1;
+ const float cycle_position = (float) probes_per_cycle - (float)(n->mtuprobes % probes_per_cycle) - 1.0f;
const length_t minmtu = MAX(n->minmtu, 512);
- const float interval = n->maxmtu - minmtu;
+ const float interval = (float)(n->maxmtu - minmtu);
length_t offset = 0;
on the precise MTU as we are approaching it.
The last probe of the cycle is always 1 byte in size - this is to make sure we'll get at least one
reply per cycle so that we can make progress. */
- offset = powf(interval, multiplier * cycle_position / (probes_per_cycle - 1));
+ offset = (length_t) powf(interval, multiplier * cycle_position / ((float) probes_per_cycle - 1.0f));
}
length_t maxmtu = n->maxmtu;
#ifdef HAVE_RECVMMSG
#define MAX_MSG 64
- static int num = MAX_MSG;
+ static ssize_t num = MAX_MSG;
static vpn_packet_t pkt[MAX_MSG];
static sockaddr_t addr[MAX_MSG];
static struct mmsghdr msg[MAX_MSG];
socklen_t addrlen = sizeof(addr);
pkt.offset = 0;
- int len = recvfrom(ls->udp.fd, (void *)DATA(&pkt), MAXSIZE, 0, &addr.sa, &addrlen);
+ ssize_t len = recvfrom(ls->udp.fd, (void *)DATA(&pkt), MAXSIZE, 0, &addr.sa, &addrlen);
if(len <= 0 || (size_t)len > MAXSIZE) {
if(!sockwouldblock(sockerrno)) {
#include "conf_net.h"
#include "conf.h"
#include "connection.h"
+#include "compression.h"
#include "control.h"
#include "device.h"
#include "digest.h"
#endif
/* Compression */
-
if(get_config_int(lookup_config(config_tree, "Compression"), &myself->incompression)) {
switch(myself->incompression) {
- case 12:
+ case COMPRESS_LZ4:
#ifdef HAVE_LZ4
break;
#else
return false;
#endif
- case 11:
- case 10:
+ case COMPRESS_LZO_HI:
+ case COMPRESS_LZO_LO:
#ifdef HAVE_LZO
break;
#else
return false;
#endif
- case 9:
- case 8:
- case 7:
- case 6:
- case 5:
- case 4:
- case 3:
- case 2:
- case 1:
+ case COMPRESS_ZLIB_9:
+ case COMPRESS_ZLIB_8:
+ case COMPRESS_ZLIB_7:
+ case COMPRESS_ZLIB_6:
+ case COMPRESS_ZLIB_5:
+ case COMPRESS_ZLIB_4:
+ case COMPRESS_ZLIB_3:
+ case COMPRESS_ZLIB_2:
+ case COMPRESS_ZLIB_1:
#ifdef HAVE_ZLIB
break;
#else
return false;
#endif
- case 0:
+ case COMPRESS_NONE:
break;
default:
return false;
}
} else {
- myself->incompression = 0;
+ myself->incompression = COMPRESS_NONE;
}
- myself->connection->outcompression = 0;
+ myself->connection->outcompression = COMPRESS_NONE;
/* Done */
static sockaddr_t prev_sa;
if(!sockaddrcmp_noport(&sa, &prev_sa)) {
- static int samehost_burst;
- static int samehost_burst_time;
+ static time_t samehost_burst;
+ static time_t samehost_burst_time;
if(now.tv_sec - samehost_burst_time > samehost_burst) {
samehost_burst = 0;
// Check if we get many connections from different hosts
- static int connection_burst;
- static int connection_burst_time;
+ static time_t connection_burst;
+ static time_t connection_burst_time;
if(now.tv_sec - connection_burst_time > connection_burst) {
connection_burst = 0;
}
id[sizeof(id) - 1] = 0;
- send_request(c, "%d %d %s %s %s %d %d %d %d %x %x %s %s %d %d %d %d %ld %d %"PRIu64" %"PRIu64" %"PRIu64" %"PRIu64, CONTROL, REQ_DUMP_NODES,
+ send_request(c, "%d %d %s %s %s %d %d %zu %d %x %x %s %s %d %d %d %d %ld %d %"PRIu64" %"PRIu64" %"PRIu64" %"PRIu64, CONTROL, REQ_DUMP_NODES,
n->name, id, n->hostname ? n->hostname : "unknown port unknown",
#ifdef DISABLE_LEGACY
- 0, 0, 0,
+ 0, 0, 0UL,
#else
- cipher_get_nid(n->outcipher), digest_get_nid(n->outdigest), (int)digest_length(n->outdigest),
+ cipher_get_nid(n->outcipher), digest_get_nid(n->outdigest), digest_length(n->outdigest),
#endif
n->outcompression, n->options, bitfield_to_int(&n->status, sizeof(n->status)),
n->nexthop ? n->nexthop->name : "-", n->via && n->via->name ? n->via->name : "-", n->distance,
#include "subnet.h"
typedef struct node_status_t {
- unsigned int unused_active: 1; /* 1 if active (not used for nodes) */
- unsigned int validkey: 1; /* 1 if we currently have a valid key for him */
- unsigned int waitingforkey: 1; /* 1 if we already sent out a request */
- unsigned int visited: 1; /* 1 if this node has been visited by one of the graph algorithms */
- unsigned int reachable: 1; /* 1 if this node is reachable in the graph */
- unsigned int indirect: 1; /* 1 if this node is not directly reachable by us */
- unsigned int sptps: 1; /* 1 if this node supports SPTPS */
- unsigned int udp_confirmed: 1; /* 1 if the address is one that we received UDP traffic on */
- unsigned int send_locally: 1; /* 1 if the next UDP packet should be sent on the local network */
- unsigned int udppacket: 1; /* 1 if the most recently received packet was UDP */
- unsigned int validkey_in: 1; /* 1 if we have sent a valid key to him */
- unsigned int has_address: 1; /* 1 if we know an external address for this node */
- unsigned int ping_sent: 1; /* 1 if we sent a UDP probe but haven't received the reply yet */
- unsigned int unused: 19;
+ bool unused_active: 1; /* 1 if active (not used for nodes) */
+ bool validkey: 1; /* 1 if we currently have a valid key for him */
+ bool waitingforkey: 1; /* 1 if we already sent out a request */
+ bool visited: 1; /* 1 if this node has been visited by one of the graph algorithms */
+ bool reachable: 1; /* 1 if this node is reachable in the graph */
+ bool indirect: 1; /* 1 if this node is not directly reachable by us */
+ bool sptps: 1; /* 1 if this node supports SPTPS */
+ bool udp_confirmed: 1; /* 1 if the address is one that we received UDP traffic on */
+ bool send_locally: 1; /* 1 if the next UDP packet should be sent on the local network */
+ bool udppacket: 1; /* 1 if the most recently received packet was UDP */
+ bool validkey_in: 1; /* 1 if we have sent a valid key to him */
+ bool has_address: 1; /* 1 if we know an external address for this node */
+ bool ping_sent: 1; /* 1 if we sent a UDP probe but haven't received the reply yet */
+ uint32_t unused: 19;
} node_status_t;
typedef struct node_t {
node_id_t id; /* unique node ID (name hash) */
uint32_t options; /* options turned on for this node */
- int sock; /* Socket to use for outgoing UDP packets */
+ size_t sock; /* Socket to use for outgoing UDP packets */
sockaddr_t address; /* his real (internet) ip to send UDP packets to */
node_status_t status;
uint32_t received_seqno; /* Sequence number last received from this node */
uint32_t received; /* Total valid packets received from this node */
uint32_t farfuture; /* Packets in a row that have arrived from the far future */
- unsigned char *late; /* Bitfield marking late packets */
+ uint8_t *late; /* Bitfield marking late packets */
struct timeval udp_reply_sent; /* Last time a (gratuitous) UDP probe reply was sent */
struct timeval udp_ping_sent; /* Last time a UDP probe was sent */
}
void randomize(void *vout, size_t outlen) {
- char *out = vout;
+ uint8_t *out = vout;
while(outlen) {
ssize_t len = read(random_fd, out, outlen);
#include "../prf.h"
#include "../ed25519/sha512.h"
-static void memxor(char *buf, char c, size_t len) {
+static void memxor(uint8_t *buf, uint8_t c, size_t len) {
for(size_t i = 0; i < len; i++) {
buf[i] ^= c;
}
static const size_t mdlen = 64;
static const size_t blklen = 128;
-static bool hmac_sha512(const char *key, size_t keylen, const char *msg, size_t msglen, char *out) {
- char tmp[blklen + mdlen];
+static bool hmac_sha512(const uint8_t *key, size_t keylen, const uint8_t *msg, size_t msglen, uint8_t *out) {
+ uint8_t tmp[blklen + mdlen];
sha512_context md;
if(keylen <= blklen) {
We use SHA512 instead of MD5 and SHA1.
*/
-bool prf(const char *secret, size_t secretlen, char *seed, size_t seedlen, char *out, size_t outlen) {
+bool prf(const uint8_t *secret, size_t secretlen, uint8_t *seed, size_t seedlen, uint8_t *out, size_t outlen) {
/* Data is what the "inner" HMAC function processes.
It consists of the previous HMAC result plus the seed.
*/
- char data[mdlen + seedlen];
+ uint8_t data[mdlen + seedlen];
memset(data, 0, mdlen);
memcpy(data + mdlen, seed, seedlen);
- char hash[mdlen];
+ uint8_t hash[mdlen];
while(outlen > 0) {
/* Inner HMAC */
int len, pad;
if(EVP_EncryptInit_ex(cipher->ctx, NULL, NULL, NULL, NULL)
- && EVP_EncryptUpdate(cipher->ctx, (unsigned char *)outdata, &len, indata, inlen)
+ && EVP_EncryptUpdate(cipher->ctx, (unsigned char *)outdata, &len, indata, (int)inlen)
&& EVP_EncryptFinal_ex(cipher->ctx, (unsigned char *)outdata + len, &pad)) {
if(outlen) {
*outlen = len + pad;
} else {
int len;
- if(EVP_EncryptUpdate(cipher->ctx, outdata, &len, indata, inlen)) {
+ if(EVP_EncryptUpdate(cipher->ctx, outdata, &len, indata, (int)inlen)) {
if(outlen) {
*outlen = len;
}
int len, pad;
if(EVP_DecryptInit_ex(cipher->ctx, NULL, NULL, NULL, NULL)
- && EVP_DecryptUpdate(cipher->ctx, (unsigned char *)outdata, &len, indata, inlen)
+ && EVP_DecryptUpdate(cipher->ctx, (unsigned char *)outdata, &len, indata, (int)inlen)
&& EVP_DecryptFinal_ex(cipher->ctx, (unsigned char *)outdata + len, &pad)) {
if(outlen) {
*outlen = len + pad;
} else {
int len;
- if(EVP_DecryptUpdate(cipher->ctx, outdata, &len, indata, inlen)) {
+ if(EVP_DecryptUpdate(cipher->ctx, outdata, &len, indata, (int)inlen)) {
if(outlen) {
*outlen = len;
}
}
void randomize(void *vout, size_t outlen) {
- char *out = vout;
+ uint8_t *out = vout;
while(outlen) {
ssize_t len = read(random_fd, out, outlen);
#include "../digest.h"
#include "../logger.h"
-static digest_t *digest_open(const EVP_MD *evp_md, int maclength) {
+static digest_t *digest_open(const EVP_MD *evp_md, size_t maclength) {
digest_t *digest = xzalloc(sizeof(*digest));
digest->digest = evp_md;
- int digestlen = EVP_MD_size(digest->digest);
+ size_t digestlen = EVP_MD_size(digest->digest);
- if(maclength > digestlen || maclength < 0) {
+ if(maclength == DIGEST_ALGO_SIZE || maclength > digestlen) {
digest->maclength = digestlen;
} else {
digest->maclength = maclength;
return digest;
}
-digest_t *digest_open_by_name(const char *name, int maclength) {
+digest_t *digest_open_by_name(const char *name, size_t maclength) {
const EVP_MD *evp_md = EVP_get_digestbyname(name);
if(!evp_md) {
return digest_open(evp_md, maclength);
}
-digest_t *digest_open_by_nid(int nid, int maclength) {
+digest_t *digest_open_by_nid(int nid, size_t maclength) {
const EVP_MD *evp_md = EVP_get_digestbynid(nid);
if(!evp_md) {
bool digest_set_key(digest_t *digest, const void *key, size_t len) {
digest->hmac_ctx = HMAC_CTX_new();
- HMAC_Init_ex(digest->hmac_ctx, key, len, digest->digest, NULL);
+ HMAC_Init_ex(digest->hmac_ctx, key, (int)len, digest->digest, NULL);
if(!digest->hmac_ctx) {
abort();
const EVP_MD *digest;
HMAC_CTX *hmac_ctx;
EVP_MD_CTX *md_ctx;
- int maclength;
+ size_t maclength;
};
#endif
We use SHA512 instead of MD5 and SHA1.
*/
-static bool prf_xor(int nid, const char *secret, size_t secretlen, char *seed, size_t seedlen, char *out, size_t outlen) {
- digest_t *digest = digest_open_by_nid(nid, -1);
+static bool prf_xor(int nid, const uint8_t *secret, size_t secretlen, uint8_t *seed, size_t seedlen, uint8_t *out, size_t outlen) {
+ digest_t *digest = digest_open_by_nid(nid, DIGEST_ALGO_SIZE);
if(!digest) {
return false;
memset(data, 0, len);
memcpy(data + len, seed, seedlen);
- char hash[len];
+ uint8_t hash[len];
while(outlen > 0) {
/* Inner HMAC */
return true;
}
-bool prf(const char *secret, size_t secretlen, char *seed, size_t seedlen, char *out, size_t outlen) {
+bool prf(const uint8_t *secret, size_t secretlen, uint8_t *seed, size_t seedlen, uint8_t *out, size_t outlen) {
/* This construction allows us to easily switch back to a scheme where the PRF is calculated using two different digest algorithms. */
memset(out, 0, outlen);
}
bool rsa_public_encrypt(rsa_t *rsa, void *in, size_t len, void *out) {
- if((size_t)RSA_public_encrypt(len, in, out, rsa, RSA_NO_PADDING) == len) {
+ if((size_t)RSA_public_encrypt((int) len, in, out, rsa, RSA_NO_PADDING) == len) {
return true;
}
}
bool rsa_private_decrypt(rsa_t *rsa, void *in, size_t len, void *out) {
- if((size_t)RSA_private_decrypt(len, in, out, rsa, RSA_NO_PADDING) == len) {
+ if((size_t)RSA_private_decrypt((int) len, in, out, rsa, RSA_NO_PADDING) == len) {
return true;
}
BN_set_word(bn_e, exponent);
BN_GENCB_set(cb, indicator, NULL);
- int result = RSA_generate_key_ex(rsa, bits, bn_e, cb);
+ int result = RSA_generate_key_ex(rsa, (int) bits, bn_e, cb);
BN_GENCB_free(cb);
BN_free(bn_e);
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
-extern bool prf(const char *secret, size_t secretlen, char *seed, size_t seedlen, char *out, size_t outlen) __attribute__((__warn_unused_result__));
+#include "system.h"
+
+extern bool prf(const uint8_t *secret, size_t secretlen, uint8_t *seed, size_t seedlen, uint8_t *out, size_t outlen) __attribute__((__warn_unused_result__));
#endif
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#include "system.h"
+
extern bool do_detach;
extern bool detach(void);
logger(DEBUG_META, LOG_DEBUG, "Forwarding %s from %s (%s): %s", request_name[atoi(request)], from->name, from->hostname, request);
// Create a temporary newline-terminated copy of the request
- int len = strlen(request);
+ size_t len = strlen(request);
char tmp[len + 1];
memcpy(tmp, request, len);
tmp[len] = '\n';
extern bool send_req_key(struct node_t *to);
extern bool send_ans_key(struct node_t *to);
extern bool send_tcppacket(struct connection_t *c, const struct vpn_packet_t *packet);
-extern bool send_sptps_tcppacket(struct connection_t *c, const char *packet, int len);
+extern bool send_sptps_tcppacket(struct connection_t *c, const void *packet, size_t len);
extern bool send_udp_info(struct node_t *from, struct node_t *to);
extern bool send_mtu_info(struct node_t *from, struct node_t *to, int mtu);
return false;
}
- char s4req[9 + (proxyuser ? strlen(proxyuser) : 0)];
+ uint8_t s4req[9 + (proxyuser ? strlen(proxyuser) : 0)];
s4req[0] = 4;
s4req[1] = 1;
memcpy(s4req + 2, &c->address.in.sin_port, 2);
}
case PROXY_SOCKS5: {
- int len = 3 + 6 + (c->address.sa.sa_family == AF_INET ? 4 : 16);
+ size_t len = 3 + 6 + (c->address.sa.sa_family == AF_INET ? 4 : 16);
c->tcplen = 2;
if(proxypass) {
len += 3 + strlen(proxyuser) + strlen(proxypass);
}
- char s5req[len];
- int i = 0;
+ uint8_t s5req[len];
+ size_t i = 0;
s5req[i++] = 5;
s5req[i++] = 1;
by Cipher.
*/
- int keylen = cipher_keylength(myself->incipher);
+ size_t keylen = cipher_keylength(myself->incipher);
if(keylen <= 16) {
c->outcipher = cipher_open_by_name("aes-128-cfb");
c->outcipher = cipher_open_by_name("aes-256-cfb");
}
- if(!c) {
- return false;
- }
-
c->outbudget = cipher_budget(c->outcipher);
- if(!(c->outdigest = digest_open_by_name("sha256", -1))) {
+ if(!(c->outdigest = digest_open_by_name("sha256", DIGEST_ALGO_SIZE))) {
return false;
}
c->inbudget = cipher_budget(c->incipher);
if(digest) {
- if(!(c->indigest = digest_open_by_nid(digest, -1))) {
+ if(!(c->indigest = digest_open_by_nid(digest, DIGEST_ALGO_SIZE))) {
logger(DEBUG_ALWAYS, LOG_ERR, "Error during initialisation of digest from %s (%s)", c->name, c->hostname);
return false;
}
/* Estimate weight */
gettimeofday(&now, NULL);
- c->estimated_weight = (now.tv_sec - c->start.tv_sec) * 1000 + (now.tv_usec - c->start.tv_usec) / 1000;
+ c->estimated_weight = (int)((now.tv_sec - c->start.tv_sec) * 1000 + (now.tv_usec - c->start.tv_usec) / 1000);
/* Check some options */
#include "route.h"
#include "sptps.h"
#include "utils.h"
+#include "compression.h"
void send_key_changed(void) {
#ifndef DISABLE_LEGACY
/* This is a SPTPS data packet. */
char buf[MAX_STRING_SIZE];
- int len;
+ size_t len;
if(sscanf(request, "%*d %*s %*s %*d " MAX_STRING, buf) != 1 || !(len = b64decode(buf, buf, strlen(buf)))) {
logger(DEBUG_ALWAYS, LOG_ERR, "Got bad %s from %s (%s) to %s (%s): %s", "SPTPS_PACKET", from->name, from->hostname, to->name, to->hostname, "invalid SPTPS data");
}
if(myself->indigest) {
- to->indigest = digest_open_by_nid(digest_get_nid(myself->indigest), digest_length(myself->indigest));
+ to->indigest = digest_open_by_nid(digest_get_nid(myself->indigest),
+ digest_length(myself->indigest));
if(!to->indigest) {
abort();
to->status.validkey_in = true;
- return send_request(to->nexthop->connection, "%d %s %s %s %d %d %d %d", ANS_KEY,
+ return send_request(to->nexthop->connection, "%d %s %s %s %d %d %zu %d", ANS_KEY,
myself->name, to->name, key,
cipher_get_nid(to->incipher),
digest_get_nid(to->indigest),
- (int)digest_length(to->indigest),
+ digest_length(to->indigest),
to->incompression);
#endif
}
char key[MAX_STRING_SIZE];
char address[MAX_STRING_SIZE] = "";
char port[MAX_STRING_SIZE] = "";
- int cipher, digest, maclength, compression;
+ int cipher, digest;
+ size_t maclength;
+ int compression;
node_t *from, *to;
- if(sscanf(request, "%*d "MAX_STRING" "MAX_STRING" "MAX_STRING" %d %d %d %d "MAX_STRING" "MAX_STRING,
+ if(sscanf(request, "%*d "MAX_STRING" "MAX_STRING" "MAX_STRING" %d %d %zu %d "MAX_STRING" "MAX_STRING,
from_name, to_name, key, &cipher, &digest, &maclength,
&compression, address, port) < 7) {
logger(DEBUG_ALWAYS, LOG_ERR, "Got bad %s from %s (%s)", "ANS_KEY", c->name,
}
switch(compression) {
- case 12:
+ case COMPRESS_LZ4:
#ifdef HAVE_LZ4
break;
#else
return true;
#endif
- case 11:
- case 10:
+ case COMPRESS_LZO_HI:
+ case COMPRESS_LZO_LO:
#ifdef HAVE_LZO
break;
#else
return true;
#endif
- case 9:
- case 8:
- case 7:
- case 6:
- case 5:
- case 4:
- case 3:
- case 2:
- case 1:
+ case COMPRESS_ZLIB_9:
+ case COMPRESS_ZLIB_8:
+ case COMPRESS_ZLIB_7:
+ case COMPRESS_ZLIB_6:
+ case COMPRESS_ZLIB_5:
+ case COMPRESS_ZLIB_4:
+ case COMPRESS_ZLIB_3:
+ case COMPRESS_ZLIB_2:
+ case COMPRESS_ZLIB_1:
#ifdef HAVE_ZLIB
break;
#else
return true;
#endif
- case 0:
+ case COMPRESS_NONE:
break;
default:
/* SPTPS or old-style key exchange? */
if(from->status.sptps) {
- char buf[strlen(key)];
+ uint8_t buf[strlen(key)];
size_t len = b64decode(key, buf, strlen(key));
if(!len || !sptps_receive_data(&from->sptps, buf, len)) {
from->outdigest = NULL;
}
- if((size_t)maclength != digest_length(from->outdigest)) {
+ if(maclength != digest_length(from->outdigest)) {
logger(DEBUG_ALWAYS, LOG_ERR, "Node %s (%s) uses bogus MAC length!", from->name, from->hostname);
return false;
}
return false;
}
- return send_meta(c, (char *)DATA(packet), packet->len);
+ return send_meta(c, DATA(packet), packet->len);
}
bool tcppacket_h(connection_t *c, const char *request) {
return true;
}
-bool send_sptps_tcppacket(connection_t *c, const char *packet, int len) {
+bool send_sptps_tcppacket(connection_t *c, const void *packet, size_t len) {
/* If there already is a lot of data in the outbuf buffer, discard this packet.
We use a very simple Random Early Drop algorithm. */
return true;
}
- if(!send_request(c, "%d %d", SPTPS_PACKET, len)) {
+ if(!send_request(c, "%d %zu", SPTPS_PACKET, len)) {
return false;
}
}
static bool read_packet(vpn_packet_t *packet) {
- int inlen;
+ ssize_t inlen;
if((inlen = read(device_fd, DATA(packet), MTU)) <= 0) {
logger(DEBUG_ALWAYS, LOG_ERR, "Error while reading from %s %s: %s", device_info,
todo = ntohs(ip.ip_len) - ip_size;
if(ether_size + ip_size + todo != packet->len) {
- logger(DEBUG_TRAFFIC, LOG_WARNING, "Length of packet (%d) doesn't match length in IPv4 header (%d)", packet->len, (int)(ether_size + ip_size + todo));
+ logger(DEBUG_TRAFFIC, LOG_WARNING, "Length of packet (%d) doesn't match length in IPv4 header (%zu)", packet->len, ether_size + ip_size + todo);
return;
}
}
if(send_request(c, "%d %d %d", CONTROL, REQ_PCAP, len)) {
- send_meta(c, (char *)DATA(packet), len);
+ send_meta(c, DATA(packet), len);
}
}
}
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#include "system.h"
+
#ifndef TINC_RSA_INTERNAL
typedef struct rsa rsa_t;
#endif
return;
}
- int len = e - p;
+ ptrdiff_t len = e - p;
#ifndef HAVE_UNSETENV
#ifdef HAVE_MINGW
// Windows requires putenv("FOO=") to unset %FOO%
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#include "system.h"
+
typedef struct environment {
int n;
int size;
char *ptr = device;
get_config_string(lookup_config(config_tree, "Interface"), &ptr);
- while(*ptr && !isdigit(*ptr)) {
+ while(*ptr && !isdigit((uint8_t) *ptr)) {
ptr++;
}
}
// Generate key material from the shared secret created from the ECDHE key exchange.
-static bool generate_key_material(sptps_t *s, const char *shared, size_t len) {
+static bool generate_key_material(sptps_t *s, const uint8_t *shared, size_t len) {
// Initialise cipher and digest structures if necessary
if(!s->outstate) {
s->incipher = chacha_poly1305_init();
}
// Create the HMAC seed, which is "key expansion" + session label + server nonce + client nonce
- char seed[s->labellen + 64 + 13];
+ uint8_t seed[s->labellen + 64 + 13];
memcpy(seed, "key expansion", 13);
if(s->initiator) {
}
// Compute shared secret.
- char shared[ECDH_SHARED_SIZE];
+ uint8_t shared[ECDH_SHARED_SIZE];
if(!ecdh_compute_shared(s->ecdh, s->hiskex + 1 + 32, shared)) {
return error(s, EINVAL, "Failed to compute ECDH shared secret");
return error(s, EIO, "Received short packet");
}
- const char *data = vdata;
+ const uint8_t *data = vdata;
uint32_t seqno;
memcpy(&seqno, data, 4);
seqno = ntohl(seqno);
return false;
}
- char buffer[len];
+ uint8_t buffer[len];
size_t outlen;
return chacha_poly1305_decrypt(s->incipher, seqno, data + 4, len - 4, buffer, &outlen);
}
#define SPTPS_ALERT 129 // Warning or error messages
#define SPTPS_CLOSE 130 // Application closed the connection
-// Key exchange states
-#define SPTPS_KEX 1 // Waiting for the first Key EXchange record
-#define SPTPS_SECONDARY_KEX 2 // Ready to receive a secondary Key EXchange record
-#define SPTPS_SIG 3 // Waiting for a SIGnature record
-#define SPTPS_ACK 4 // Waiting for an ACKnowledgement record
-
// Overhead for datagrams
#define SPTPS_DATAGRAM_OVERHEAD 21
typedef bool (*send_data_t)(void *handle, uint8_t type, const void *data, size_t len);
typedef bool (*receive_record_t)(void *handle, uint8_t type, const void *data, uint16_t len);
+// Key exchange states
+typedef enum sptps_state_t {
+ SPTPS_KEX = 1, // Waiting for the first Key EXchange record
+ SPTPS_SECONDARY_KEX = 2, // Ready to receive a secondary Key EXchange record
+ SPTPS_SIG = 3, // Waiting for a SIGnature record
+ SPTPS_ACK = 4, // Waiting for an ACKnowledgement record
+} sptps_state_t;
+
typedef struct sptps {
bool initiator;
bool datagram;
- int state;
+ sptps_state_t state;
uint8_t *inbuf;
size_t buflen;
uint32_t received;
unsigned int replaywin;
unsigned int farfuture;
- char *late;
+ uint8_t *late;
bool outstate;
chacha_poly1305_ctx_t *outcipher;
ecdsa_t *hiskey;
ecdh_t *ecdh;
- char *mykex;
- char *hiskex;
- char *key;
- char *label;
+ uint8_t *mykex;
+ uint8_t *hiskex;
+ uint8_t *key;
+ uint8_t *label;
size_t labellen;
void *handle;
#include "crypto.h"
#include "ecdsagen.h"
+#include "logger.h"
static char *program_name;
-void logger(int level, int priority, const char *format, ...) {
+void logger(debug_t level, int priority, const char *format, ...) {
(void)level;
(void)priority;
va_list ap;
}
static void receive_data(sptps_t *sptps) {
- char buf[4096], *bufp = buf;
+ uint8_t buf[4096], *bufp = buf;
int fd = *(int *)sptps->handle;
size_t len = recv(fd, buf, sizeof(buf), 0);
static bool clock_countto(double seconds) {
clock_gettime(CLOCK_PROCESS_CPUTIME_ID, &end);
- elapsed = end.tv_sec + end.tv_nsec * 1e-9 - start.tv_sec - start.tv_nsec * 1e-9;
+ elapsed = (double) end.tv_sec + (double) end.tv_nsec * 1e-9
+ - (double) start.tv_sec - (double) start.tv_nsec * 1e-9;
if(elapsed < seconds) {
return ++count;
ecdsa_t *key1, *key2;
ecdh_t *ecdh1, *ecdh2;
sptps_t sptps1, sptps2;
- char buf1[4096], buf2[4096], buf3[4096];
+ uint8_t buf1[4096], buf2[4096], buf3[4096];
double duration = argc > 1 ? atof(argv[1]) : 10;
crypto_init();
bin2hex(data, hex, len);
if(verbose) {
- fprintf(stderr, "Sending %d bytes of data:\n%s\n", (int)len, hex);
+ fprintf(stderr, "Sending %zu bytes of data:\n%s\n", len, hex);
}
const int *sock = handle;
fprintf(stderr, "New connection received from :%d\n", ntohs(sa.sin_port));
}
- char buf[1024];
+ uint8_t buf[1024];
ssize_t nread;
while((nread = read(STDIN_FILENO, buf, sizeof(buf))) > 0) {
fprintf(stderr, "Read %lld bytes from input\n", nread);
}
- char *start = buf;
+ uint8_t *start = buf;
ssize_t nleft = nread;
while(nleft) {
} else {
fprintf(stderr, "Listening...\n");
- char buf[65536];
+ uint8_t buf[65536];
struct sockaddr addr;
socklen_t addrlen = sizeof(addr);
if(verbose) {
char hex[len * 2 + 1];
bin2hex(buf, hex, len);
- fprintf(stderr, "Received %d bytes of data:\n%s\n", (int)len, hex);
+ fprintf(stderr, "Received %zd bytes of data:\n%s\n", len, hex);
}
if(packetloss && (rand() % 100) < packetloss) {
}
bufp += done;
- len -= done;
+ len -= (ssize_t) done;
}
}
}
extern void subnet_add(struct node_t *owner, subnet_t *subnet);
extern void subnet_del(struct node_t *owner, subnet_t *subnet);
extern void subnet_update(struct node_t *owner, subnet_t *subnet, bool up);
-extern int maskcmp(const void *a, const void *b, int masklen);
-extern void maskcpy(void *dest, const void *src, int masklen, int len);
-extern void mask(void *mask, int masklen, int len);
+extern int maskcmp(const void *a, const void *b, size_t masklen);
+extern void maskcpy(void *dest, const void *src, size_t masklen, size_t len);
+extern void mask(void *mask, size_t masklen, size_t len);
extern bool subnetcheck(const subnet_t subnet);
-extern bool maskcheck(const void *mask, int masklen, int len);
-extern bool net2str(char *netstr, int len, const subnet_t *subnet);
+extern bool maskcheck(const void *mask, size_t masklen, size_t len);
+extern bool net2str(char *netstr, size_t len, const subnet_t *subnet);
extern bool str2net(subnet_t *subnet, const char *netstr);
extern subnet_t *lookup_subnet(const struct node_t *owner, const subnet_t *subnet);
extern subnet_t *lookup_subnet_mac(const struct node_t *owner, const mac_t *address);
/* Subnet mask handling */
-int maskcmp(const void *va, const void *vb, int masklen) {
- int i, m, result;
- const char *a = va;
- const char *b = vb;
+int maskcmp(const void *va, const void *vb, size_t masklen) {
+ size_t i, m;
+ const uint8_t *a = va;
+ const uint8_t *b = vb;
for(m = masklen, i = 0; m >= 8; m -= 8, i++) {
- result = a[i] - b[i];
+ int result = a[i] - b[i];
if(result) {
return result;
return 0;
}
-void mask(void *va, int masklen, int len) {
- int i;
- char *a = va;
+void mask(void *va, size_t masklen, size_t len) {
+ size_t i;
+ uint8_t *a = va;
i = masklen / 8;
masklen %= 8;
}
}
-void maskcpy(void *va, const void *vb, int masklen, int len) {
- int i, m;
- char *a = va;
- const char *b = vb;
+void maskcpy(void *va, const void *vb, size_t masklen, size_t len) {
+ size_t i, m;
+ uint8_t *a = va;
+ const uint8_t *b = vb;
for(m = masklen, i = 0; m >= 8; m -= 8, i++) {
a[i] = b[i];
return true;
}
-bool maskcheck(const void *va, int masklen, int len) {
- int i;
- const char *a = va;
+bool maskcheck(const void *va, size_t masklen, size_t len) {
+ size_t i;
+ const uint8_t *a = va;
i = masklen / 8;
masklen %= 8;
return false;
}
-bool net2str(char *netstr, int len, const subnet_t *subnet) {
+bool net2str(char *netstr, size_t len, const subnet_t *subnet) {
if(!netstr || !subnet) {
logger(DEBUG_ALWAYS, LOG_ERR, "net2str() was called with netstr=%p, subnet=%p!", (void *)netstr, (void *)subnet);
return false;
}
while(!(newline = memchr(buffer, '\n', blen))) {
- int result = recv(fd, buffer + blen, sizeof(buffer) - blen, 0);
+ ssize_t nrecv = recv(fd, buffer + blen, sizeof(buffer) - blen, 0);
- if(result == -1 && sockerrno == EINTR) {
+ if(nrecv == -1 && sockerrno == EINTR) {
continue;
- } else if(result <= 0) {
+ } else if(nrecv <= 0) {
return false;
}
- blen += result;
+ blen += nrecv;
}
if((size_t)(newline - buffer) >= len) {
static bool recvdata(int fd, char *data, size_t len) {
while(blen < len) {
- int result = recv(fd, buffer + blen, sizeof(buffer) - blen, 0);
+ ssize_t nrecv = recv(fd, buffer + blen, sizeof(buffer) - blen, 0);
- if(result == -1 && sockerrno == EINTR) {
+ if(nrecv == -1 && sockerrno == EINTR) {
continue;
- } else if(result <= 0) {
+ } else if(nrecv <= 0) {
return false;
}
- blen += result;
+ blen += nrecv;
}
memcpy(data, buffer, len);
bool sendline(int fd, char *format, ...) {
static char buffer[4096];
char *p = buffer;
- int blen;
+ ssize_t blen;
va_list ap;
va_start(ap, format);
blen++;
while(blen) {
- int result = send(fd, p, blen, MSG_NOSIGNAL);
+ ssize_t nsend = send(fd, p, blen, MSG_NOSIGNAL);
- if(result == -1 && sockerrno == EINTR) {
+ if(nsend == -1 && sockerrno == EINTR) {
continue;
- } else if(result <= 0) {
+ } else if(nsend <= 0) {
return false;
}
- p += result;
- blen -= result;
+ p += nsend;
+ blen -= nsend;
}
return true;
char line[32];
while(recvline(fd, line, sizeof(line))) {
- int code, req, len;
- int n = sscanf(line, "%d %d %d", &code, &req, &len);
+ int code, req;
+ size_t len;
+ int n = sscanf(line, "%d %d %zd", &code, &req, &len);
gettimeofday(&tv, NULL);
- if(n != 3 || code != CONTROL || req != REQ_PCAP || len < 0 || (size_t)len > sizeof(data)) {
+ if(n != 3 || code != CONTROL || req != REQ_PCAP || len > sizeof(data)) {
break;
}
free(nargv);
- int status = -1, result;
#ifdef SIGINT
signal(SIGINT, SIG_IGN);
#endif
// Pass all log messages from the umbilical to stderr.
// A nul-byte right before closure means tincd started successfully.
bool failure = true;
- char buf[1024];
+ uint8_t buf[1024];
ssize_t len;
while((len = read(pfd[0], buf, sizeof(buf))) > 0) {
close(pfd[0]);
// Make sure the child process is really gone.
- result = waitpid(pid, &status, 0);
+ int status = -1;
+ pid_t result = waitpid(pid, &status, 0);
#ifdef SIGINT
signal(SIGINT, SIG_DFL);
}
if(do_graph) {
- float w = 1 + 65536.0 / weight;
+ float w = 1.0f + 65536.0f / (float)weight;
if(do_graph == 1 && strcmp(node1, node2) > 0) {
printf(" \"%s\" -- \"%s\" [w = %f, weight = %f];\n", node1, node2, w, w);
return 0;
}
-int rstrip(char *value) {
- int len = strlen(value);
+size_t rstrip(char *value) {
+ size_t len = strlen(value);
while(len && strchr("\t\r\n ", value[len - 1])) {
value[--len] = 0;
char *value;
while(fgets(buf, sizeof(buf), f)) {
- int len = strcspn(buf, "\t =");
+ size_t len = strcspn(buf, "\t =");
value = buf + len;
value += strspn(value, "\t ");
char *value;
while(fgets(buf, sizeof(buf), f)) {
- int len = strcspn(buf, "\t =");
+ size_t len = strcspn(buf, "\t =");
value = buf + len;
value += strspn(value, "\t ");
// Parse line in a simple way
char *bvalue;
- int len;
- len = strcspn(buf2, "\t =");
+ size_t len = strcspn(buf2, "\t =");
bvalue = buf2 + len;
bvalue += strspn(bvalue, "\t ");
return 1;
}
- int len = rstrip(buf);
+ size_t len = rstrip(buf);
if(!len) {
fprintf(stderr, "No name given!\n");
long t = time(NULL);
char *trailer;
xasprintf(&trailer, " %s %ld", name, t);
- int trailer_len = strlen(trailer);
+ size_t trailer_len = strlen(trailer);
data = xrealloc(data, len + trailer_len);
memcpy(data + len, trailer, trailer_len);
char *trailer;
xasprintf(&trailer, " %s %ld", signer, t);
- int trailer_len = strlen(trailer);
+ size_t trailer_len = strlen(trailer);
data = xrealloc(data, len + trailer_len);
memcpy(data + len, trailer, trailer_len);
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#include "system.h"
+#include "ecdsa.h"
+
extern bool tty;
extern bool force;
extern char line[4096];
extern const var_t variables[];
-extern int rstrip(char *value);
+extern size_t rstrip(char *value);
extern char *get_my_name(bool verbose);
extern bool connect_tincd(bool verbose);
extern bool sendline(int fd, char *format, ...);
uid = pw->pw_uid;
- if(initgroups(switchuser, pw->pw_gid) != 0 ||
+ // The second parameter to initgroups on macOS requires int,
+ // but __gid_t is unsigned int. There's not much we can do here.
+ if(initgroups(switchuser, pw->pw_gid) != 0 || // NOLINT(bugprone-narrowing-conversions)
setgid(pw->pw_gid) != 0) {
logger(DEBUG_ALWAYS, LOG_ERR, "System call `%s' failed: %s",
"initgroups", strerror(errno));
return 1;
}
- if(!debug_level) {
- get_config_int(lookup_config(config_tree, "LogLevel"), &debug_level);
+ if(debug_level == DEBUG_NOTHING) {
+ int level = 0;
+
+ if(get_config_int(lookup_config(config_tree, "LogLevel"), &level)) {
+ debug_level = level;
+ }
}
#ifdef HAVE_LZO
timersub(&cur, &prev, &diff);
prev = cur;
- float interval = diff.tv_sec + diff.tv_usec * 1e-6;
+ float interval = (float) diff.tv_sec + (float) diff.tv_usec * 1e-6f;
char line[4096];
char name[4096];
}
found->known = true;
- found->in_packets_rate = (in_packets - found->in_packets) / interval;
- found->in_bytes_rate = (in_bytes - found->in_bytes) / interval;
- found->out_packets_rate = (out_packets - found->out_packets) / interval;
- found->out_bytes_rate = (out_bytes - found->out_bytes) / interval;
+ found->in_packets_rate = (float)(in_packets - found->in_packets) / interval;
+ found->in_bytes_rate = (float)(in_bytes - found->in_bytes) / interval;
+ found->out_packets_rate = (float)(out_packets - found->out_packets) / interval;
+ found->out_bytes_rate = (float)(out_bytes - found->out_bytes) / interval;
found->in_packets = in_packets;
found->in_bytes = in_bytes;
found->out_packets = out_packets;
if(cumulative)
mvprintw(row, 0, "%-16s %10.0f %10.0f %10.0f %10.0f",
- node->name, node->in_packets * pscale, node->in_bytes * bscale, node->out_packets * pscale, node->out_bytes * bscale);
+ node->name, (float) node->in_packets * pscale, (float) node->in_bytes * bscale,
+ (float) node->out_packets * pscale, (float) node->out_bytes * bscale);
else
mvprintw(row, 0, "%-16s %10.0f %10.0f %10.0f %10.0f",
node->name, node->in_packets_rate * pscale, node->in_bytes_rate * bscale, node->out_packets_rate * pscale, node->out_bytes_rate * bscale);
switch(getch()) {
case 's': {
timeout(-1);
- float input = delay * 1e-3;
+ float input = (float)delay * 1e-3f;
mvprintw(1, 0, "Change delay from %.1fs to: ", input);
scanw("%f", &input);
if(input < 0.1) {
- input = 0.1;
+ input = 0.1f;
}
- delay = input * 1e3;
+ delay = (int)(input * 1e3f);
timeout(delay);
break;
}
case 'k':
bunit = "kbyte";
- bscale = 1e-3;
+ bscale = 1e-3f;
punit = "pkts";
pscale = 1;
break;
case 'M':
bunit = "Mbyte";
- bscale = 1e-6;
+ bscale = 1e-6f;
punit = "kpkt";
- pscale = 1e-3;
+ pscale = 1e-3f;
break;
case 'G':
bunit = "Gbyte";
- bscale = 1e-9;
+ bscale = 1e-9f;
punit = "Mpkt";
- pscale = 1e-6;
+ pscale = 1e-6f;
break;
case 'q':
name.zero = 0;
name.pid = getpid();
gettimeofday(&tv, NULL);
- name.usecs = tv.tv_usec;
+ name.usecs = (int) tv.tv_usec;
memcpy(&data_sun.sun_path, &name, sizeof(name));
if(bind(data_fd, (struct sockaddr *)&data_sun, sizeof(data_sun)) < 0) {
}
static bool read_packet(vpn_packet_t *packet) {
- int inlen;
+ ssize_t inlen;
switch(state) {
case 0: {
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
};
-static int charhex2bin(char c) {
- if(isdigit(c)) {
- return c - '0';
+static uint8_t charhex2bin(char c) {
+ uint8_t cu = (uint8_t) c;
+
+ if(isdigit(cu)) {
+ return cu - '0';
} else {
- return toupper(c) - 'A' + 10;
+ return toupper(cu) - 'A' + 10;
}
}
uint8_t *dst = vdst;
size_t i;
- for(i = 0; i < length && isxdigit(src[i * 2]) && isxdigit(src[i * 2 + 1]); i++) {
+ for(i = 0; i < length && isxdigit((uint8_t) src[i * 2]) && isxdigit((uint8_t) src[i * 2 + 1]); i++) {
dst[i] = charhex2bin(src[i * 2]) * 16 + charhex2bin(src[i * 2 + 1]);
}
}
for(; *id; id++)
- if(!isalnum(*id) && *id != '_') {
+ if(!isalnum((uint8_t) *id) && *id != '_') {
return false;
}
}
for(const char *c = netname; *c; c++) {
- if(iscntrl(*c)) {
+ if(iscntrl((uint8_t) *c)) {
return false;
}
ret_name = xstrdup(envname);
for(char *c = ret_name; *c; c++)
- if(!isalnum(*c)) {
+ if(!isalnum((uint8_t) *c)) {
*c = '_';
}
} else {
#ifdef HAVE_FCHMOD
- if((perms & 0444) && f) {
+ if(perms & 0444) {
fchmod(fileno(f), perms);
}
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#include "system.h"
+
extern size_t hex2bin(const char *src, void *dst, size_t length);
extern size_t bin2hex(const void *src, char *dst, size_t length);
#include "names.h"
#include "net.h"
#include "logger.h"
-#include "utils.h"
#include "route.h"
#include "xalloc.h"
}
static bool read_packet(vpn_packet_t *packet) {
- int lenin = (ssize_t)plug.vde_recv(conn, DATA(packet), MTU, 0);
+ ssize_t lenin = (ssize_t) plug.vde_recv(conn, DATA(packet), MTU, 0);
if(lenin <= 0) {
logger(DEBUG_ALWAYS, LOG_ERR, "Error while reading from %s %s: %s", device_info, device, strerror(errno));
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
+#include "system.h"
+
static inline void *xmalloc(size_t n) __attribute__((__malloc__));
static inline void *xmalloc(size_t n) {
void *p = malloc(n);
projects / tinc / commitdiff