projects
/
tinc
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (from parent 1:
1af8ca5
)
Fix building with --disable-legacy-protocol.
author
Guus Sliepen
<guus@tinc-vpn.org>
Thu, 18 Oct 2018 14:42:18 +0000
(16:42 +0200)
committer
Guus Sliepen
<guus@tinc-vpn.org>
Thu, 18 Oct 2018 14:42:18 +0000
(16:42 +0200)
configure.ac
patch
|
blob
|
history
src/net_packet.c
patch
|
blob
|
history
src/net_setup.c
patch
|
blob
|
history
src/nolegacy/crypto.c
patch
|
blob
|
history
src/protocol_auth.c
patch
|
blob
|
history
src/protocol_key.c
patch
|
blob
|
history
src/tincctl.c
patch
|
blob
|
history
diff --git
a/configure.ac
b/configure.ac
index
1b8b887
..
5a82c69
100644
(file)
--- a/
configure.ac
+++ b/
configure.ac
@@
-95,6
+95,7
@@
AC_ARG_ENABLE(vde,
AS_HELP_STRING([--enable-vde], [enable support for Virtual Distributed Ethernet]),
[ AS_IF([test "x$enable_vde" = "xyes"],
[ AC_CHECK_HEADERS(libvdeplug_dyn.h, [], [AC_MSG_ERROR([VDE plug header files not found.]); break])
AS_HELP_STRING([--enable-vde], [enable support for Virtual Distributed Ethernet]),
[ AS_IF([test "x$enable_vde" = "xyes"],
[ AC_CHECK_HEADERS(libvdeplug_dyn.h, [], [AC_MSG_ERROR([VDE plug header files not found.]); break])
+ AC_CHECK_LIB(dl, dlopen, [LIBS="$LIBS -ldl"], [AC_MSG_ERROR([VDE plug depends on libdl.]); break])
AC_DEFINE(ENABLE_VDE, 1, [Support for VDE])
vde=true
],
AC_DEFINE(ENABLE_VDE, 1, [Support for VDE])
vde=true
],
diff --git
a/src/net_packet.c
b/src/net_packet.c
index
6b40f2a
..
d589228
100644
(file)
--- a/
src/net_packet.c
+++ b/
src/net_packet.c
@@
-314,13
+314,6
@@
static bool try_mac(node_t *n, const vpn_packet_t *inpkt) {
}
static bool receive_udppacket(node_t *n, vpn_packet_t *inpkt) {
}
static bool receive_udppacket(node_t *n, vpn_packet_t *inpkt) {
- vpn_packet_t pkt1, pkt2;
- vpn_packet_t *pkt[] = { &pkt1, &pkt2, &pkt1, &pkt2 };
- int nextpkt = 0;
- size_t outlen;
- pkt1.offset = DEFAULT_PACKET_OFFSET;
- pkt2.offset = DEFAULT_PACKET_OFFSET;
-
if(n->status.sptps) {
if(!n->sptps.state) {
if(!n->status.waitingforkey) {
if(n->status.sptps) {
if(!n->sptps.state) {
if(!n->status.waitingforkey) {
@@
-356,6
+349,12
@@
static bool receive_udppacket(node_t *n, vpn_packet_t *inpkt) {
#ifdef DISABLE_LEGACY
return false;
#else
#ifdef DISABLE_LEGACY
return false;
#else
+ vpn_packet_t pkt1, pkt2;
+ vpn_packet_t *pkt[] = { &pkt1, &pkt2, &pkt1, &pkt2 };
+ int nextpkt = 0;
+ size_t outlen;
+ pkt1.offset = DEFAULT_PACKET_OFFSET;
+ pkt2.offset = DEFAULT_PACKET_OFFSET;
if(!n->status.validkey_in) {
logger(DEBUG_TRAFFIC, LOG_DEBUG, "Got packet from %s (%s) but he hasn't got our key yet", n->name, n->hostname);
if(!n->status.validkey_in) {
logger(DEBUG_TRAFFIC, LOG_DEBUG, "Got packet from %s (%s) but he hasn't got our key yet", n->name, n->hostname);
@@
-699,18
+698,6
@@
static void choose_local_address(const node_t *n, const sockaddr_t **sa, int *so
}
static void send_udppacket(node_t *n, vpn_packet_t *origpkt) {
}
static void send_udppacket(node_t *n, vpn_packet_t *origpkt) {
- vpn_packet_t pkt1, pkt2;
- vpn_packet_t *pkt[] = { &pkt1, &pkt2, &pkt1, &pkt2 };
- vpn_packet_t *inpkt = origpkt;
- int nextpkt = 0;
- vpn_packet_t *outpkt;
- int origlen = origpkt->len;
- size_t outlen;
- int origpriority = origpkt->priority;
-
- pkt1.offset = DEFAULT_PACKET_OFFSET;
- pkt2.offset = DEFAULT_PACKET_OFFSET;
-
if(!n->status.reachable) {
logger(DEBUG_TRAFFIC, LOG_INFO, "Trying to send UDP packet to unreachable node %s (%s)", n->name, n->hostname);
return;
if(!n->status.reachable) {
logger(DEBUG_TRAFFIC, LOG_INFO, "Trying to send UDP packet to unreachable node %s (%s)", n->name, n->hostname);
return;
@@
-724,6
+711,18
@@
static void send_udppacket(node_t *n, vpn_packet_t *origpkt) {
#ifdef DISABLE_LEGACY
return;
#else
#ifdef DISABLE_LEGACY
return;
#else
+ vpn_packet_t pkt1, pkt2;
+ vpn_packet_t *pkt[] = { &pkt1, &pkt2, &pkt1, &pkt2 };
+ vpn_packet_t *inpkt = origpkt;
+ int nextpkt = 0;
+ vpn_packet_t *outpkt;
+ int origlen = origpkt->len;
+ size_t outlen;
+ int origpriority = origpkt->priority;
+
+ pkt1.offset = DEFAULT_PACKET_OFFSET;
+ pkt2.offset = DEFAULT_PACKET_OFFSET;
+
/* Make sure we have a valid key */
if(!n->status.validkey) {
/* Make sure we have a valid key */
if(!n->status.validkey) {
diff --git
a/src/net_setup.c
b/src/net_setup.c
index
ed69808
..
7d88c32
100644
(file)
--- a/
src/net_setup.c
+++ b/
src/net_setup.c
@@
-341,6
+341,7
@@
static bool read_rsa_private_key(void) {
}
#endif
}
#endif
+#ifndef DISABLE_LEGACY
static timeout_t keyexpire_timeout;
static void keyexpire_handler(void *data) {
static timeout_t keyexpire_timeout;
static void keyexpire_handler(void *data) {
@@
-349,6
+350,7
@@
static void keyexpire_handler(void *data) {
keylifetime, rand() % 100000
});
}
keylifetime, rand() % 100000
});
}
+#endif
void regenerate_key(void) {
logger(DEBUG_STATUS, LOG_INFO, "Expiring symmetric keys");
void regenerate_key(void) {
logger(DEBUG_STATUS, LOG_INFO, "Expiring symmetric keys");
@@
-822,7
+824,7
@@
void device_disable(void) {
Configure node_t myself and set up the local sockets (listen only)
*/
static bool setup_myself(void) {
Configure node_t myself and set up the local sockets (listen only)
*/
static bool setup_myself(void) {
- char *name, *hostname, *
cipher, *digest, *
type;
+ char *name, *hostname, *type;
char *address = NULL;
bool port_specified = false;
char *address = NULL;
bool port_specified = false;
@@
-967,6
+969,8
@@
static bool setup_myself(void) {
#ifndef DISABLE_LEGACY
/* Generate packet encryption key */
#ifndef DISABLE_LEGACY
/* Generate packet encryption key */
+ char *cipher;
+
if(!get_config_string(lookup_config(config_tree, "Cipher"), &cipher)) {
cipher = xstrdup("aes-256-cbc");
}
if(!get_config_string(lookup_config(config_tree, "Cipher"), &cipher)) {
cipher = xstrdup("aes-256-cbc");
}
@@
-995,6
+999,8
@@
static bool setup_myself(void) {
return false;
}
return false;
}
+ char *digest;
+
if(!get_config_string(lookup_config(config_tree, "Digest"), &digest)) {
digest = xstrdup("sha256");
}
if(!get_config_string(lookup_config(config_tree, "Digest"), &digest)) {
digest = xstrdup("sha256");
}
diff --git
a/src/nolegacy/crypto.c
b/src/nolegacy/crypto.c
index
44692fd
..
b013f1f
100644
(file)
--- a/
src/nolegacy/crypto.c
+++ b/
src/nolegacy/crypto.c
@@
-42,7
+42,9
@@
static void random_exit(void) {
close(random_fd);
}
close(random_fd);
}
-void randomize(void *out, size_t outlen) {
+void randomize(void *vout, size_t outlen) {
+ char *out = vout;
+
while(outlen) {
size_t len = read(random_fd, out, outlen);
while(outlen) {
size_t len = read(random_fd, out, outlen);
diff --git
a/src/protocol_auth.c
b/src/protocol_auth.c
index
3a84c22
..
f78e272
100644
(file)
--- a/
src/protocol_auth.c
+++ b/
src/protocol_auth.c
@@
-486,11
+486,8
@@
bool id_h(connection_t *c, const char *request) {
}
}
}
}
+#ifndef DISABLE_LEGACY
bool send_metakey(connection_t *c) {
bool send_metakey(connection_t *c) {
-#ifdef DISABLE_LEGACY
- return false;
-#else
-
if(!myself->connection->rsa) {
logger(DEBUG_CONNECTIONS, LOG_ERR, "Peer %s (%s) uses legacy protocol which we don't support", c->name, c->hostname);
return false;
if(!myself->connection->rsa) {
logger(DEBUG_CONNECTIONS, LOG_ERR, "Peer %s (%s) uses legacy protocol which we don't support", c->name, c->hostname);
return false;
@@
-580,14
+577,9
@@
bool send_metakey(connection_t *c) {
c->status.encryptout = true;
return result;
c->status.encryptout = true;
return result;
-#endif
}
bool metakey_h(connection_t *c, const char *request) {
}
bool metakey_h(connection_t *c, const char *request) {
-#ifdef DISABLE_LEGACY
- return false;
-#else
-
if(!myself->connection->rsa) {
return false;
}
if(!myself->connection->rsa) {
return false;
}
@@
-655,13
+647,9
@@
bool metakey_h(connection_t *c, const char *request) {
c->allow_request = CHALLENGE;
return send_challenge(c);
c->allow_request = CHALLENGE;
return send_challenge(c);
-#endif
}
bool send_challenge(connection_t *c) {
}
bool send_challenge(connection_t *c) {
-#ifdef DISABLE_LEGACY
- return false;
-#else
const size_t len = rsa_size(c->rsa);
char buffer[len * 2 + 1];
const size_t len = rsa_size(c->rsa);
char buffer[len * 2 + 1];
@@
-678,14
+666,9
@@
bool send_challenge(connection_t *c) {
/* Send the challenge */
return send_request(c, "%d %s", CHALLENGE, buffer);
/* Send the challenge */
return send_request(c, "%d %s", CHALLENGE, buffer);
-#endif
}
bool challenge_h(connection_t *c, const char *request) {
}
bool challenge_h(connection_t *c, const char *request) {
-#ifdef DISABLE_LEGACY
- return false;
-#else
-
if(!myself->connection->rsa) {
return false;
}
if(!myself->connection->rsa) {
return false;
}
@@
-720,8
+703,6
@@
bool challenge_h(connection_t *c, const char *request) {
} else {
return true;
}
} else {
return true;
}
-
-#endif
}
bool send_chal_reply(connection_t *c) {
}
bool send_chal_reply(connection_t *c) {
@@
-748,9
+729,6
@@
bool send_chal_reply(connection_t *c) {
}
bool chal_reply_h(connection_t *c, const char *request) {
}
bool chal_reply_h(connection_t *c, const char *request) {
-#ifdef DISABLE_LEGACY
- return false;
-#else
char hishash[MAX_STRING_SIZE];
if(sscanf(request, "%*d " MAX_STRING, hishash) != 1) {
char hishash[MAX_STRING_SIZE];
if(sscanf(request, "%*d " MAX_STRING, hishash) != 1) {
@@
-791,13
+769,9
@@
bool chal_reply_h(connection_t *c, const char *request) {
}
return send_ack(c);
}
return send_ack(c);
-#endif
}
static bool send_upgrade(connection_t *c) {
}
static bool send_upgrade(connection_t *c) {
-#ifdef DISABLE_LEGACY
- return false;
-#else
/* Special case when protocol_minor is 1: the other end is Ed25519 capable,
* but doesn't know our key yet. So send it now. */
/* Special case when protocol_minor is 1: the other end is Ed25519 capable,
* but doesn't know our key yet. So send it now. */
@@
-810,8
+784,46
@@
static bool send_upgrade(connection_t *c) {
bool result = send_request(c, "%d %s", ACK, pubkey);
free(pubkey);
return result;
bool result = send_request(c, "%d %s", ACK, pubkey);
free(pubkey);
return result;
-#endif
}
}
+#else
+bool send_metakey(connection_t *c) {
+ (void)c;
+ return false;
+}
+
+bool metakey_h(connection_t *c, const char *request) {
+ (void)c;
+ (void)request;
+ return false;
+}
+
+bool send_challenge(connection_t *c) {
+ (void)c;
+ return false;
+}
+
+bool challenge_h(connection_t *c, const char *request) {
+ (void)c;
+ (void)request;
+ return false;
+}
+
+bool send_chal_reply(connection_t *c) {
+ (void)c;
+ return false;
+}
+
+bool chal_reply_h(connection_t *c, const char *request) {
+ (void)c;
+ (void)request;
+ return false;
+}
+
+static bool send_upgrade(connection_t *c) {
+ (void)c;
+ return false;
+}
+#endif
bool send_ack(connection_t *c) {
if(c->protocol_minor == 1) {
bool send_ack(connection_t *c) {
if(c->protocol_minor == 1) {
diff --git
a/src/protocol_key.c
b/src/protocol_key.c
index
58a3bd2
..
d9c58d9
100644
(file)
--- a/
src/protocol_key.c
+++ b/
src/protocol_key.c
@@
-34,7
+34,9
@@
#include "utils.h"
#include "xalloc.h"
#include "utils.h"
#include "xalloc.h"
+#ifndef DISABLE_LEGACY
static bool mykeyused = false;
static bool mykeyused = false;
+#endif
void send_key_changed(void) {
#ifndef DISABLE_LEGACY
void send_key_changed(void) {
#ifndef DISABLE_LEGACY
diff --git
a/src/tincctl.c
b/src/tincctl.c
index
a4bb591
..
8181dd9
100644
(file)
--- a/
src/tincctl.c
+++ b/
src/tincctl.c
@@
-2301,6
+2301,7
@@
static int cmd_init(int argc, char *argv[]) {
static int cmd_generate_keys(int argc, char *argv[]) {
#ifdef DISABLE_LEGACY
static int cmd_generate_keys(int argc, char *argv[]) {
#ifdef DISABLE_LEGACY
+ (void)argv;
if(argc > 1) {
#else
if(argc > 1) {
#else