- Disable RSA_blinding_on() because it segfaults.
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
- $Id: net.h,v 1.9.4.55 2002/09/15 12:26:24 guus Exp $
+ $Id: net.h,v 1.9.4.56 2003/03/28 13:41:49 guus Exp $
*/
#ifndef __TINC_NET_H__
*/
#ifndef __TINC_NET_H__
#include <sys/socket.h>
#include <netinet/in.h>
#include <sys/time.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <sys/time.h>
+#include <openssl/evp.h>
#ifdef HAVE_INTTYPES_H
#include <inttypes.h>
#ifdef HAVE_INTTYPES_H
#include <inttypes.h>
extern int do_purge;
extern char *myport;
extern time_t now;
extern int do_purge;
extern char *myport;
extern time_t now;
+extern EVP_CIPHER_CTX packet_ctx;
extern void retry_outgoing(outgoing_t *);
extern void handle_incoming_vpn_data(int);
extern void retry_outgoing(outgoing_t *);
extern void handle_incoming_vpn_data(int);
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
- $Id: net_packet.c,v 1.1.2.25 2002/11/14 22:09:03 guus Exp $
+ $Id: net_packet.c,v 1.1.2.26 2003/03/28 13:41:49 guus Exp $
int keylifetime = 0;
int keyexpires = 0;
int keylifetime = 0;
int keyexpires = 0;
+EVP_CIPHER_CTX packet_ctx;
#define MAX_SEQNO 1073741824
#define MAX_SEQNO 1073741824
vpn_packet_t *outpkt = pkt[0];
int outlen, outpad;
long int complen = MTU + 12;
vpn_packet_t *outpkt = pkt[0];
int outlen, outpad;
long int complen = MTU + 12;
char hmac[EVP_MAX_MD_SIZE];
cp();
char hmac[EVP_MAX_MD_SIZE];
cp();
if(myself->cipher) {
outpkt = pkt[nextpkt++];
if(myself->cipher) {
outpkt = pkt[nextpkt++];
- EVP_DecryptInit(&ctx, myself->cipher, myself->key,
+ EVP_DecryptInit_ex(&packet_ctx, myself->cipher, NULL, myself->key,
myself->key + myself->cipher->key_len);
myself->key + myself->cipher->key_len);
- EVP_DecryptUpdate(&ctx, (char *) &outpkt->seqno, &outlen,
+ EVP_DecryptUpdate(&packet_ctx, (char *) &outpkt->seqno, &outlen,
(char *) &inpkt->seqno, inpkt->len);
(char *) &inpkt->seqno, inpkt->len);
- EVP_DecryptFinal(&ctx, (char *) &outpkt->seqno + outlen, &outpad);
-
+ EVP_DecryptFinal_ex(&packet_ctx, (char *) &outpkt->seqno + outlen, &outpad);
+
outpkt->len = outlen + outpad;
inpkt = outpkt;
}
outpkt->len = outlen + outpad;
inpkt = outpkt;
}
int origlen;
int outlen, outpad;
long int complen = MTU + 12;
int origlen;
int outlen, outpad;
long int complen = MTU + 12;
vpn_packet_t *copy;
static int priority = 0;
int origpriority;
vpn_packet_t *copy;
static int priority = 0;
int origpriority;
if(n->cipher) {
outpkt = pkt[nextpkt++];
if(n->cipher) {
outpkt = pkt[nextpkt++];
- EVP_EncryptInit(&ctx, n->cipher, n->key, n->key + n->cipher->key_len);
- EVP_EncryptUpdate(&ctx, (char *) &outpkt->seqno, &outlen,
+ EVP_EncryptInit_ex(&packet_ctx, n->cipher, NULL, n->key, n->key + n->cipher->key_len);
+ EVP_EncryptUpdate(&packet_ctx, (char *) &outpkt->seqno, &outlen,
(char *) &inpkt->seqno, inpkt->len);
(char *) &inpkt->seqno, inpkt->len);
- EVP_EncryptFinal(&ctx, (char *) &outpkt->seqno + outlen, &outpad);
+ EVP_EncryptFinal_ex(&packet_ctx, (char *) &outpkt->seqno + outlen, &outpad);
outpkt->len = outlen + outpad;
inpkt = outpkt;
outpkt->len = outlen + outpad;
inpkt = outpkt;
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
- $Id: net_setup.c,v 1.1.2.29 2003/03/14 09:43:10 zarq Exp $
+ $Id: net_setup.c,v 1.1.2.30 2003/03/28 13:41:49 guus Exp $
if(!c->rsa_key) {
c->rsa_key = RSA_new();
if(!c->rsa_key) {
c->rsa_key = RSA_new();
- RSA_blinding_on(c->rsa_key, NULL);
+// RSA_blinding_on(c->rsa_key, NULL);
}
/* First, check for simple PublicKey statement */
}
/* First, check for simple PublicKey statement */
fclose(fp);
if(c->rsa_key) {
fclose(fp);
if(c->rsa_key) {
- RSA_blinding_on(c->rsa_key, NULL);
+// RSA_blinding_on(c->rsa_key, NULL);
if(fp) {
c->rsa_key = PEM_read_RSA_PUBKEY(fp, &c->rsa_key, NULL, NULL);
if(fp) {
c->rsa_key = PEM_read_RSA_PUBKEY(fp, &c->rsa_key, NULL, NULL);
- RSA_blinding_on(c->rsa_key, NULL);
+// RSA_blinding_on(c->rsa_key, NULL);
if(get_config_string(lookup_config(config_tree, "PrivateKey"), &key)) {
myself->connection->rsa_key = RSA_new();
if(get_config_string(lookup_config(config_tree, "PrivateKey"), &key)) {
myself->connection->rsa_key = RSA_new();
- RSA_blinding_on(myself->connection->rsa_key, NULL);
+// RSA_blinding_on(myself->connection->rsa_key, NULL);
BN_hex2bn(&myself->connection->rsa_key->d, key);
BN_hex2bn(&myself->connection->rsa_key->e, "FFFF");
free(key);
BN_hex2bn(&myself->connection->rsa_key->d, key);
BN_hex2bn(&myself->connection->rsa_key->e, "FFFF");
free(key);
keylifetime = 3600;
keyexpires = now + keylifetime;
keylifetime = 3600;
keyexpires = now + keylifetime;
+
+ EVP_CIPHER_CTX_init(&packet_ctx);
/* Check if we want to use message authentication codes... */
/* Check if we want to use message authentication codes... */
projects / tinc / commitdiff