/*
protocol_auth.c -- handle the meta-protocol, authentication
- Copyright (C) 1999-2005 Ivo Timmermans <ivo@tinc-vpn.org>,
- 2000-2005 Guus Sliepen <guus@tinc-vpn.org>
+ Copyright (C) 1999-2005 Ivo Timmermans,
+ 2000-2007 Guus Sliepen <guus@tinc-vpn.org>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
#include "utils.h"
#include "xalloc.h"
-bool send_id(connection_t *c)
-{
+bool send_id(connection_t *c) {
cp();
return send_request(c, "%d %s %d", ID, myself->connection->name,
myself->connection->protocol_version);
}
-bool id_h(connection_t *c)
-{
+bool id_h(connection_t *c) {
char name[MAX_STRING_SIZE];
cp();
return false;
}
- /* If we set c->name in advance, make sure we are connected to the right host */
+ /* If this is an outgoing connection, make sure we are connected to the right host */
- if(c->name) {
+ if(c->outgoing) {
if(strcmp(c->name, name)) {
logger(LOG_ERR, _("Peer %s is %s instead of %s"), c->hostname, name,
c->name);
return send_metakey(c);
}
-bool send_metakey(connection_t *c)
-{
+bool send_metakey(connection_t *c) {
char *buffer;
int len;
bool x;
cp();
/* Copy random data to the buffer */
- RAND_pseudo_bytes(c->outkey, len);
+ RAND_pseudo_bytes((unsigned char *)c->outkey, len);
/* The message we send must be smaller than the modulus of the RSA key.
By definition, for a key of k bits, the following formula holds:
with a length equal to that of the modulus of the RSA key.
*/
- if(RSA_public_encrypt(len, c->outkey, buffer, c->rsa_key, RSA_NO_PADDING) != len) {
+ if(RSA_public_encrypt(len, (unsigned char *)c->outkey, (unsigned char *)buffer, c->rsa_key, RSA_NO_PADDING) != len) {
logger(LOG_ERR, _("Error during encryption of meta key for %s (%s)"),
c->name, c->hostname);
return false;
if(c->outcipher) {
if(!EVP_EncryptInit(c->outctx, c->outcipher,
- c->outkey + len - c->outcipher->key_len,
- c->outkey + len - c->outcipher->key_len -
+ (unsigned char *)c->outkey + len - c->outcipher->key_len,
+ (unsigned char *)c->outkey + len - c->outcipher->key_len -
c->outcipher->iv_len)) {
logger(LOG_ERR, _("Error during initialisation of cipher for %s (%s): %s"),
c->name, c->hostname, ERR_error_string(ERR_get_error(), NULL));
return x;
}
-bool metakey_h(connection_t *c)
-{
+bool metakey_h(connection_t *c) {
char buffer[MAX_STRING_SIZE];
int cipher, digest, maclength, compression;
int len;
/* Decrypt the meta key */
- if(RSA_private_decrypt(len, buffer, c->inkey, myself->connection->rsa_key, RSA_NO_PADDING) != len) { /* See challenge() */
+ if(RSA_private_decrypt(len, (unsigned char *)buffer, (unsigned char *)c->inkey, myself->connection->rsa_key, RSA_NO_PADDING) != len) { /* See challenge() */
logger(LOG_ERR, _("Error during encryption of meta key for %s (%s)"),
c->name, c->hostname);
return false;
}
if(!EVP_DecryptInit(c->inctx, c->incipher,
- c->inkey + len - c->incipher->key_len,
- c->inkey + len - c->incipher->key_len -
+ (unsigned char *)c->inkey + len - c->incipher->key_len,
+ (unsigned char *)c->inkey + len - c->incipher->key_len -
c->incipher->iv_len)) {
logger(LOG_ERR, _("Error during initialisation of cipher from %s (%s): %s"),
c->name, c->hostname, ERR_error_string(ERR_get_error(), NULL));
return send_challenge(c);
}
-bool send_challenge(connection_t *c)
-{
+bool send_challenge(connection_t *c) {
char *buffer;
int len;
/* Copy random data to the buffer */
- RAND_pseudo_bytes(c->hischallenge, len);
+ RAND_pseudo_bytes((unsigned char *)c->hischallenge, len);
/* Convert to hex */
return send_request(c, "%d %s", CHALLENGE, buffer);
}
-bool challenge_h(connection_t *c)
-{
+bool challenge_h(connection_t *c) {
char buffer[MAX_STRING_SIZE];
int len;
return send_chal_reply(c);
}
-bool send_chal_reply(connection_t *c)
-{
+bool send_chal_reply(connection_t *c) {
char hash[EVP_MAX_MD_SIZE * 2 + 1];
EVP_MD_CTX ctx;
if(!EVP_DigestInit(&ctx, c->indigest)
|| !EVP_DigestUpdate(&ctx, c->mychallenge, RSA_size(myself->connection->rsa_key))
- || !EVP_DigestFinal(&ctx, hash, NULL)) {
+ || !EVP_DigestFinal(&ctx, (unsigned char *)hash, NULL)) {
logger(LOG_ERR, _("Error during calculation of response for %s (%s): %s"),
c->name, c->hostname, ERR_error_string(ERR_get_error(), NULL));
return false;
return send_request(c, "%d %s", CHAL_REPLY, hash);
}
-bool chal_reply_h(connection_t *c)
-{
+bool chal_reply_h(connection_t *c) {
char hishash[MAX_STRING_SIZE];
char myhash[EVP_MAX_MD_SIZE];
EVP_MD_CTX ctx;
if(!EVP_DigestInit(&ctx, c->outdigest)
|| !EVP_DigestUpdate(&ctx, c->hischallenge, RSA_size(c->rsa_key))
- || !EVP_DigestFinal(&ctx, myhash, NULL)) {
+ || !EVP_DigestFinal(&ctx, (unsigned char *)myhash, NULL)) {
logger(LOG_ERR, _("Error during calculation of response from %s (%s): %s"),
c->name, c->hostname, ERR_error_string(ERR_get_error(), NULL));
return false;
return send_ack(c);
}
-bool send_ack(connection_t *c)
-{
+bool send_ack(connection_t *c) {
/* ACK message contains rest of the information the other end needs
to create node_t and edge_t structures. */
return send_request(c, "%d %s %d %lx", ACK, myport, c->estimated_weight, c->options);
}
-static void send_everything(connection_t *c)
-{
+static void send_everything(connection_t *c) {
avl_node_t *node, *node2;
node_t *n;
subnet_t *s;
}
}
-bool ack_h(connection_t *c)
-{
+bool ack_h(connection_t *c) {
char hisport[MAX_STRING_SIZE];
char *hisaddress, *dummy;
int weight, mtu;