/* Add our data to buffer */
if(c->status.encryptout) {
- result = EVP_EncryptUpdate(c->outctx, c->outbuf + c->outbufstart + c->outbuflen,
- &outlen, buffer, length);
+ result = EVP_EncryptUpdate(c->outctx, (unsigned char *)c->outbuf + c->outbufstart + c->outbuflen,
+ &outlen, (unsigned char *)buffer, length);
if(!result || outlen < length) {
logger(LOG_ERR, _("Error while encrypting metadata to %s (%s): %s"),
c->name, c->hostname, ERR_error_string(ERR_get_error(), NULL));
/* Decrypt */
if(c->status.decryptin && !decrypted) {
- result = EVP_DecryptUpdate(c->inctx, inbuf, &lenout, c->buffer + oldlen, lenin);
+ result = EVP_DecryptUpdate(c->inctx, (unsigned char *)inbuf, &lenout, (unsigned char *)c->buffer + oldlen, lenin);
if(!result || lenout != lenin) {
logger(LOG_ERR, _("Error while decrypting metadata from %s (%s): %s"),
c->name, c->hostname, ERR_error_string(ERR_get_error(), NULL));
connection_t *c;
avl_node_t *node;
int result, i;
- int len = sizeof(result);
+ socklen_t len = sizeof(result);
vpn_packet_t packet;
cp();
if(keyexpires < now) {
ifdebug(STATUS) logger(LOG_INFO, _("Regenerating symmetric key"));
- RAND_pseudo_bytes(myself->key, myself->keylength);
+ RAND_pseudo_bytes((unsigned char *)myself->key, myself->keylength);
if(myself->cipher)
- EVP_DecryptInit_ex(&packet_ctx, myself->cipher, NULL, myself->key, myself->key + myself->cipher->key_len);
+ EVP_DecryptInit_ex(&packet_ctx, myself->cipher, NULL, (unsigned char *)myself->key, (unsigned char *)myself->key + myself->cipher->key_len);
send_key_changed(broadcast, myself);
keyexpires = now + keylifetime;
}
int nextpkt = 0;
vpn_packet_t *outpkt = pkt[0];
int outlen, outpad;
- char hmac[EVP_MAX_MD_SIZE];
+ unsigned char hmac[EVP_MAX_MD_SIZE];
int i;
cp();
if(myself->digest && myself->maclength) {
inpkt->len -= myself->maclength;
HMAC(myself->digest, myself->key, myself->keylength,
- (char *) &inpkt->seqno, inpkt->len, hmac, NULL);
+ (unsigned char *) &inpkt->seqno, inpkt->len, (unsigned char *)hmac, NULL);
if(memcmp(hmac, (char *) &inpkt->seqno + inpkt->len, myself->maclength)) {
ifdebug(TRAFFIC) logger(LOG_DEBUG, _("Got unauthenticated packet from %s (%s)"),
outpkt = pkt[nextpkt++];
if(!EVP_DecryptInit_ex(&packet_ctx, NULL, NULL, NULL, NULL)
- || !EVP_DecryptUpdate(&packet_ctx, (char *) &outpkt->seqno, &outlen,
- (char *) &inpkt->seqno, inpkt->len)
- || !EVP_DecryptFinal_ex(&packet_ctx, (char *) &outpkt->seqno + outlen, &outpad)) {
+ || !EVP_DecryptUpdate(&packet_ctx, (unsigned char *) &outpkt->seqno, &outlen,
+ (unsigned char *) &inpkt->seqno, inpkt->len)
+ || !EVP_DecryptFinal_ex(&packet_ctx, (unsigned char *) &outpkt->seqno + outlen, &outpad)) {
ifdebug(TRAFFIC) logger(LOG_DEBUG, _("Error decrypting packet from %s (%s): %s"),
n->name, n->hostname, ERR_error_string(ERR_get_error(), NULL));
return;
outpkt = pkt[nextpkt++];
if(!EVP_EncryptInit_ex(&n->packet_ctx, NULL, NULL, NULL, NULL)
- || !EVP_EncryptUpdate(&n->packet_ctx, (char *) &outpkt->seqno, &outlen,
- (char *) &inpkt->seqno, inpkt->len)
- || !EVP_EncryptFinal_ex(&n->packet_ctx, (char *) &outpkt->seqno + outlen, &outpad)) {
+ || !EVP_EncryptUpdate(&n->packet_ctx, (unsigned char *) &outpkt->seqno, &outlen,
+ (unsigned char *) &inpkt->seqno, inpkt->len)
+ || !EVP_EncryptFinal_ex(&n->packet_ctx, (unsigned char *) &outpkt->seqno + outlen, &outpad)) {
ifdebug(TRAFFIC) logger(LOG_ERR, _("Error while encrypting packet to %s (%s): %s"),
n->name, n->hostname, ERR_error_string(ERR_get_error(), NULL));
goto end;
/* Add the message authentication code */
if(n->digest && n->maclength) {
- HMAC(n->digest, n->key, n->keylength, (char *) &inpkt->seqno,
- inpkt->len, (char *) &inpkt->seqno + inpkt->len, &outlen);
+ HMAC(n->digest, n->key, n->keylength, (unsigned char *) &inpkt->seqno,
+ inpkt->len, (unsigned char *) &inpkt->seqno + inpkt->len, NULL);
inpkt->len += n->maclength;
}
myself->connection->outcipher = EVP_bf_ofb();
myself->key = xmalloc(myself->keylength);
- RAND_pseudo_bytes(myself->key, myself->keylength);
+ RAND_pseudo_bytes((unsigned char *)myself->key, myself->keylength);
if(!get_config_int(lookup_config(config_tree, "KeyExpire"), &keylifetime))
keylifetime = 3600;
if(myself->cipher) {
EVP_CIPHER_CTX_init(&packet_ctx);
- if(!EVP_DecryptInit_ex(&packet_ctx, myself->cipher, NULL, myself->key, myself->key + myself->cipher->key_len)) {
+ if(!EVP_DecryptInit_ex(&packet_ctx, myself->cipher, NULL, (unsigned char *)myself->key, (unsigned char *)myself->key + myself->cipher->key_len)) {
logger(LOG_ERR, _("Error during initialisation of cipher for %s (%s): %s"),
myself->name, myself->hostname, ERR_error_string(ERR_get_error(), NULL));
return false;
int option;
connection_t *c;
sockaddr_t sa;
- int fd, len = sizeof(sa);
+ int fd;
+ socklen_t len = sizeof(sa);
cp();
cp();
/* Copy random data to the buffer */
- RAND_pseudo_bytes(c->outkey, len);
+ RAND_pseudo_bytes((unsigned char *)c->outkey, len);
/* The message we send must be smaller than the modulus of the RSA key.
By definition, for a key of k bits, the following formula holds:
with a length equal to that of the modulus of the RSA key.
*/
- if(RSA_public_encrypt(len, c->outkey, buffer, c->rsa_key, RSA_NO_PADDING) != len) {
+ if(RSA_public_encrypt(len, (unsigned char *)c->outkey, (unsigned char *)buffer, c->rsa_key, RSA_NO_PADDING) != len) {
logger(LOG_ERR, _("Error during encryption of meta key for %s (%s)"),
c->name, c->hostname);
return false;
if(c->outcipher) {
if(!EVP_EncryptInit(c->outctx, c->outcipher,
- c->outkey + len - c->outcipher->key_len,
- c->outkey + len - c->outcipher->key_len -
+ (unsigned char *)c->outkey + len - c->outcipher->key_len,
+ (unsigned char *)c->outkey + len - c->outcipher->key_len -
c->outcipher->iv_len)) {
logger(LOG_ERR, _("Error during initialisation of cipher for %s (%s): %s"),
c->name, c->hostname, ERR_error_string(ERR_get_error(), NULL));
/* Decrypt the meta key */
- if(RSA_private_decrypt(len, buffer, c->inkey, myself->connection->rsa_key, RSA_NO_PADDING) != len) { /* See challenge() */
+ if(RSA_private_decrypt(len, (unsigned char *)buffer, (unsigned char *)c->inkey, myself->connection->rsa_key, RSA_NO_PADDING) != len) { /* See challenge() */
logger(LOG_ERR, _("Error during encryption of meta key for %s (%s)"),
c->name, c->hostname);
return false;
}
if(!EVP_DecryptInit(c->inctx, c->incipher,
- c->inkey + len - c->incipher->key_len,
- c->inkey + len - c->incipher->key_len -
+ (unsigned char *)c->inkey + len - c->incipher->key_len,
+ (unsigned char *)c->inkey + len - c->incipher->key_len -
c->incipher->iv_len)) {
logger(LOG_ERR, _("Error during initialisation of cipher from %s (%s): %s"),
c->name, c->hostname, ERR_error_string(ERR_get_error(), NULL));
/* Copy random data to the buffer */
- RAND_pseudo_bytes(c->hischallenge, len);
+ RAND_pseudo_bytes((unsigned char *)c->hischallenge, len);
/* Convert to hex */
if(!EVP_DigestInit(&ctx, c->indigest)
|| !EVP_DigestUpdate(&ctx, c->mychallenge, RSA_size(myself->connection->rsa_key))
- || !EVP_DigestFinal(&ctx, hash, NULL)) {
+ || !EVP_DigestFinal(&ctx, (unsigned char *)hash, NULL)) {
logger(LOG_ERR, _("Error during calculation of response for %s (%s): %s"),
c->name, c->hostname, ERR_error_string(ERR_get_error(), NULL));
return false;
if(!EVP_DigestInit(&ctx, c->outdigest)
|| !EVP_DigestUpdate(&ctx, c->hischallenge, RSA_size(c->rsa_key))
- || !EVP_DigestFinal(&ctx, myhash, NULL)) {
+ || !EVP_DigestFinal(&ctx, (unsigned char *)myhash, NULL)) {
logger(LOG_ERR, _("Error during calculation of response from %s (%s): %s"),
c->name, c->hostname, ERR_error_string(ERR_get_error(), NULL));
return false;
from->compression = compression;
if(from->cipher)
- if(!EVP_EncryptInit_ex(&from->packet_ctx, from->cipher, NULL, from->key, from->key + from->cipher->key_len)) {
+ if(!EVP_EncryptInit_ex(&from->packet_ctx, from->cipher, NULL, (unsigned char *)from->key, (unsigned char *)from->key + from->cipher->key_len)) {
logger(LOG_ERR, _("Error during initialisation of key from %s (%s): %s"),
from->name, from->hostname, ERR_error_string(ERR_get_error(), NULL));
return false;
if(!send_request(c, "%d %hd", PACKET, packet->len))
return false;
- return send_meta(c, packet->data, packet->len);
+ return send_meta(c, (char *)packet->data, packet->len);
}
bool tcppacket_h(connection_t *c)
projects / tinc / commitdiff