From 90cde91141ec61be4354d8deab21edb8fdf01022 Mon Sep 17 00:00:00 2001 From: Kirill Isakov Date: Thu, 21 Apr 2022 11:39:36 +0600 Subject: [PATCH] Minor type improvements in legacy protocol code --- src/cipher.h | 6 ++---- src/compression.h | 4 +++- src/connection.c | 2 +- src/connection.h | 2 +- src/digest.h | 4 ++-- src/gcrypt/cipher.c | 37 +++++++++++++++++++++---------------- src/gcrypt/cipher.h | 8 +++++--- src/gcrypt/digest.c | 30 +++++++++++++++--------------- src/gcrypt/digest.h | 8 ++++++-- src/legacy.h | 6 ++++++ src/net_setup.c | 6 +++++- src/node.h | 5 +++-- src/openssl/cipher.c | 4 ++-- src/openssl/cipher.h | 6 ++++-- src/openssl/digest.c | 4 ++-- src/openssl/digest.h | 2 ++ src/openssl/prf.c | 2 +- src/protocol_key.c | 1 + 18 files changed, 82 insertions(+), 55 deletions(-) create mode 100644 src/legacy.h diff --git a/src/cipher.h b/src/cipher.h index 99751665..7911455d 100644 --- a/src/cipher.h +++ b/src/cipher.h @@ -36,12 +36,10 @@ #error Incorrect cryptographic library, please reconfigure. #endif -typedef struct cipher cipher_t; - extern cipher_t *cipher_alloc(void) ATTR_MALLOC; extern void cipher_free(cipher_t **cipher); extern bool cipher_open_by_name(cipher_t *cipher, const char *name); -extern bool cipher_open_by_nid(cipher_t *cipher, int nid); +extern bool cipher_open_by_nid(cipher_t *cipher, nid_t nid); extern void cipher_close(cipher_t *cipher); extern size_t cipher_keylength(const cipher_t *cipher); extern size_t cipher_blocksize(const cipher_t *cipher); @@ -50,7 +48,7 @@ extern bool cipher_set_key(cipher_t *cipher, void *key, bool encrypt) ATTR_WARN_ extern bool cipher_set_key_from_rsa(cipher_t *cipher, void *rsa, size_t len, bool encrypt) ATTR_WARN_UNUSED; extern bool cipher_encrypt(cipher_t *cipher, const void *indata, size_t inlen, void *outdata, size_t *outlen, bool oneshot) ATTR_WARN_UNUSED; extern bool cipher_decrypt(cipher_t *cipher, const void *indata, size_t inlen, void *outdata, size_t *outlen, bool oneshot) ATTR_WARN_UNUSED; -extern int cipher_get_nid(const cipher_t *cipher); +extern nid_t cipher_get_nid(const cipher_t *cipher); extern bool cipher_active(const cipher_t *cipher); #endif // DISABLE_LEGACY diff --git a/src/compression.h b/src/compression.h index 96fc9ea8..98eca331 100644 --- a/src/compression.h +++ b/src/compression.h @@ -22,4 +22,6 @@ typedef enum compression_level_t { COMPRESS_GUARD = INT_MAX, /* ensure that sizeof(compression_level_t) == sizeof(int) */ } compression_level_t; -#endif +STATIC_ASSERT(sizeof(compression_level_t) == sizeof(int), "compression_level_t has invalid size"); + +#endif // TINC_COMPRESSION_H diff --git a/src/connection.c b/src/connection.c index 16878ea8..533e0245 100644 --- a/src/connection.c +++ b/src/connection.c @@ -58,7 +58,7 @@ connection_t *new_connection(void) { } #ifndef DISABLE_LEGACY -bool init_crypto_by_nid(legacy_crypto_t *c, int cipher, int digest) { +bool init_crypto_by_nid(legacy_crypto_t *c, nid_t cipher, nid_t digest) { if(!cipher_open_by_nid(&c->cipher, cipher)) { return false; } diff --git a/src/connection.h b/src/connection.h index a176988f..98177448 100644 --- a/src/connection.h +++ b/src/connection.h @@ -67,7 +67,7 @@ typedef struct legacy_crypto_t { uint64_t budget; } legacy_crypto_t; -bool init_crypto_by_nid(legacy_crypto_t *c, int cipher, int digest) ATTR_WARN_UNUSED; +bool init_crypto_by_nid(legacy_crypto_t *c, nid_t cipher, nid_t digest) ATTR_WARN_UNUSED; bool init_crypto_by_name(legacy_crypto_t *c, const char *cipher, const char *digest) ATTR_WARN_UNUSED; bool decrease_budget(legacy_crypto_t *c, size_t bytes) ATTR_WARN_UNUSED; diff --git a/src/digest.h b/src/digest.h index 82b46916..fdb1be25 100644 --- a/src/digest.h +++ b/src/digest.h @@ -38,14 +38,14 @@ typedef struct digest digest_t; extern bool digest_open_by_name(digest_t *digest, const char *name, size_t maclength); -extern bool digest_open_by_nid(digest_t *digest, int nid, size_t maclength); +extern bool digest_open_by_nid(digest_t *digest, nid_t nid, size_t maclength); extern digest_t *digest_alloc(void) ATTR_MALLOC; extern void digest_free(digest_t **digest); extern void digest_close(digest_t *digest); extern bool digest_create(digest_t *digest, const void *indata, size_t inlen, void *outdata) ATTR_WARN_UNUSED; extern bool digest_verify(digest_t *digest, const void *indata, size_t inlen, const void *digestdata) ATTR_WARN_UNUSED; extern bool digest_set_key(digest_t *digest, const void *key, size_t len) ATTR_WARN_UNUSED; -extern int digest_get_nid(const digest_t *digest); +extern nid_t digest_get_nid(const digest_t *digest); extern size_t digest_keylength(const digest_t *digest); extern size_t digest_length(const digest_t *digest); extern bool digest_active(const digest_t *digest); diff --git a/src/gcrypt/cipher.c b/src/gcrypt/cipher.c index c1ecf50a..37f232f6 100644 --- a/src/gcrypt/cipher.c +++ b/src/gcrypt/cipher.c @@ -24,18 +24,21 @@ #include "../logger.h" #include "../xalloc.h" +typedef enum gcry_cipher_algos cipher_algo_t; +typedef enum gcry_cipher_modes cipher_mode_t; + static struct { const char *name; - int algo; - int mode; - int nid; + cipher_algo_t algo; + cipher_mode_t mode; + nid_t nid; } ciphertable[] = { {"none", GCRY_CIPHER_NONE, GCRY_CIPHER_MODE_NONE, 0}, - {NULL, GCRY_CIPHER_BLOWFISH, GCRY_CIPHER_MODE_ECB, 92}, + {NULL, GCRY_CIPHER_BLOWFISH, GCRY_CIPHER_MODE_ECB, 92}, {"blowfish", GCRY_CIPHER_BLOWFISH, GCRY_CIPHER_MODE_CBC, 91}, - {NULL, GCRY_CIPHER_BLOWFISH, GCRY_CIPHER_MODE_CFB, 93}, - {NULL, GCRY_CIPHER_BLOWFISH, GCRY_CIPHER_MODE_OFB, 94}, + {NULL, GCRY_CIPHER_BLOWFISH, GCRY_CIPHER_MODE_CFB, 93}, + {NULL, GCRY_CIPHER_BLOWFISH, GCRY_CIPHER_MODE_OFB, 94}, {"aes-128-ecb", GCRY_CIPHER_AES, GCRY_CIPHER_MODE_ECB, 418}, {"aes-128-cbc", GCRY_CIPHER_AES, GCRY_CIPHER_MODE_CBC, 419}, @@ -53,7 +56,7 @@ static struct { {"aes-256-ofb", GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_OFB, 428}, }; -static bool nametocipher(const char *name, int *algo, int *mode) { +static bool nametocipher(const char *name, cipher_algo_t *algo, cipher_mode_t *mode) { for(size_t i = 0; i < sizeof(ciphertable) / sizeof(*ciphertable); i++) { if(ciphertable[i].name && !strcasecmp(name, ciphertable[i].name)) { *algo = ciphertable[i].algo; @@ -65,7 +68,7 @@ static bool nametocipher(const char *name, int *algo, int *mode) { return false; } -static bool nidtocipher(int nid, int *algo, int *mode) { +static bool nidtocipher(cipher_algo_t *algo, cipher_mode_t *mode, nid_t nid) { for(size_t i = 0; i < sizeof(ciphertable) / sizeof(*ciphertable); i++) { if(nid == ciphertable[i].nid) { *algo = ciphertable[i].algo; @@ -77,7 +80,7 @@ static bool nidtocipher(int nid, int *algo, int *mode) { return false; } -static bool ciphertonid(int algo, int mode, int *nid) { +static bool ciphertonid(nid_t *nid, cipher_algo_t algo, cipher_mode_t mode) { for(size_t i = 0; i < sizeof(ciphertable) / sizeof(*ciphertable); i++) { if(algo == ciphertable[i].algo && mode == ciphertable[i].mode) { *nid = ciphertable[i].nid; @@ -88,10 +91,10 @@ static bool ciphertonid(int algo, int mode, int *nid) { return false; } -static bool cipher_open(cipher_t *cipher, int algo, int mode) { +static bool cipher_open(cipher_t *cipher, cipher_algo_t algo, cipher_mode_t mode) { gcry_error_t err; - if(!ciphertonid(algo, mode, &cipher->nid)) { + if(!ciphertonid(&cipher->nid, algo, mode)) { logger(DEBUG_ALWAYS, LOG_DEBUG, "Cipher %d mode %d has no corresponding nid!", algo, mode); return false; } @@ -110,7 +113,8 @@ static bool cipher_open(cipher_t *cipher, int algo, int mode) { } bool cipher_open_by_name(cipher_t *cipher, const char *name) { - int algo, mode; + cipher_algo_t algo; + cipher_mode_t mode; if(!nametocipher(name, &algo, &mode)) { logger(DEBUG_ALWAYS, LOG_DEBUG, "Unknown cipher name '%s'!", name); @@ -120,10 +124,11 @@ bool cipher_open_by_name(cipher_t *cipher, const char *name) { return cipher_open(cipher, algo, mode); } -bool cipher_open_by_nid(cipher_t *cipher, int nid) { - int algo, mode; +bool cipher_open_by_nid(cipher_t *cipher, nid_t nid) { + cipher_algo_t algo; + cipher_mode_t mode; - if(!nidtocipher(nid, &algo, &mode)) { + if(!nidtocipher(&algo, &mode, nid)) { logger(DEBUG_ALWAYS, LOG_DEBUG, "Unknown cipher ID %d!", nid); return false; } @@ -288,7 +293,7 @@ bool cipher_decrypt(cipher_t *cipher, const void *indata, size_t inlen, void *ou return true; } -int cipher_get_nid(const cipher_t *cipher) { +nid_t cipher_get_nid(const cipher_t *cipher) { if(!cipher || !cipher->nid) { return 0; } diff --git a/src/gcrypt/cipher.h b/src/gcrypt/cipher.h index 2067db68..5f93a384 100644 --- a/src/gcrypt/cipher.h +++ b/src/gcrypt/cipher.h @@ -24,13 +24,15 @@ #include -struct cipher { +#include "../legacy.h" + +typedef struct cipher { gcry_cipher_hd_t handle; uint8_t *key; - int nid; + nid_t nid; uint16_t keylen; uint16_t blklen; bool padding; -}; +} cipher_t; #endif diff --git a/src/gcrypt/digest.c b/src/gcrypt/digest.c index 1795277e..50446f6e 100644 --- a/src/gcrypt/digest.c +++ b/src/gcrypt/digest.c @@ -25,17 +25,17 @@ static struct { const char *name; - enum gcry_md_algos algo; - int nid; + md_algo_t algo; + nid_t nid; } digesttable[] = { - {"none", GCRY_MD_NONE, 0}, - {"sha1", GCRY_MD_SHA1, 64}, + {"none", GCRY_MD_NONE, 0}, + {"sha1", GCRY_MD_SHA1, 64}, {"sha256", GCRY_MD_SHA256, 672}, {"sha384", GCRY_MD_SHA384, 673}, {"sha512", GCRY_MD_SHA512, 674}, }; -static bool nametodigest(const char *name, enum gcry_md_algos *algo) { +static bool nametodigest(md_algo_t *algo, const char *name) { for(size_t i = 0; i < sizeof(digesttable) / sizeof(*digesttable); i++) { if(digesttable[i].name && !strcasecmp(name, digesttable[i].name)) { *algo = digesttable[i].algo; @@ -46,7 +46,7 @@ static bool nametodigest(const char *name, enum gcry_md_algos *algo) { return false; } -static bool nidtodigest(int nid, enum gcry_md_algos *algo) { +static bool nidtodigest(md_algo_t *algo, nid_t nid) { for(size_t i = 0; i < sizeof(digesttable) / sizeof(*digesttable); i++) { if(nid == digesttable[i].nid) { *algo = digesttable[i].algo; @@ -57,7 +57,7 @@ static bool nidtodigest(int nid, enum gcry_md_algos *algo) { return false; } -static bool digesttonid(enum gcry_md_algos algo, int *nid) { +static bool digesttonid(nid_t *nid, md_algo_t algo) { for(size_t i = 0; i < sizeof(digesttable) / sizeof(*digesttable); i++) { if(algo == digesttable[i].algo) { *nid = digesttable[i].nid; @@ -68,8 +68,8 @@ static bool digesttonid(enum gcry_md_algos algo, int *nid) { return false; } -static bool digest_open(digest_t *digest, enum gcry_md_algos algo, size_t maclength) { - if(!digesttonid(algo, &digest->nid)) { +static bool digest_open(digest_t *digest, md_algo_t algo, size_t maclength) { + if(!digesttonid(&digest->nid, algo)) { logger(DEBUG_ALWAYS, LOG_DEBUG, "Digest %d has no corresponding nid!", algo); return false; } @@ -89,9 +89,9 @@ static bool digest_open(digest_t *digest, enum gcry_md_algos algo, size_t maclen } bool digest_open_by_name(digest_t *digest, const char *name, size_t maclength) { - enum gcry_md_algos algo; + md_algo_t algo; - if(!nametodigest(name, &algo)) { + if(!nametodigest(&algo, name)) { logger(DEBUG_ALWAYS, LOG_DEBUG, "Unknown digest name '%s'!", name); return false; } @@ -99,10 +99,10 @@ bool digest_open_by_name(digest_t *digest, const char *name, size_t maclength) { return digest_open(digest, algo, maclength); } -bool digest_open_by_nid(digest_t *digest, int nid, size_t maclength) { - enum gcry_md_algos algo; +bool digest_open_by_nid(digest_t *digest, nid_t nid, size_t maclength) { + md_algo_t algo; - if(!nidtodigest(nid, &algo)) { + if(!nidtodigest(&algo, nid)) { logger(DEBUG_ALWAYS, LOG_DEBUG, "Unknown digest ID %d!", nid); return false; } @@ -160,7 +160,7 @@ bool digest_verify(digest_t *digest, const void *indata, size_t inlen, const voi return digest_create(digest, indata, inlen, outdata) && !memcmp(cmpdata, outdata, len); } -int digest_get_nid(const digest_t *digest) { +nid_t digest_get_nid(const digest_t *digest) { if(!digest || !digest->nid) { return 0; } diff --git a/src/gcrypt/digest.h b/src/gcrypt/digest.h index a83535d3..2ba5be26 100644 --- a/src/gcrypt/digest.h +++ b/src/gcrypt/digest.h @@ -22,9 +22,13 @@ #include +#include "../legacy.h" + +typedef enum gcry_md_algos md_algo_t; + typedef struct digest { - enum gcry_md_algos algo; - int nid; + md_algo_t algo; + nid_t nid; size_t maclength; gcry_md_hd_t hmac; } digest_t; diff --git a/src/legacy.h b/src/legacy.h new file mode 100644 index 00000000..c4c3ea1d --- /dev/null +++ b/src/legacy.h @@ -0,0 +1,6 @@ +#ifndef TINC_LEGACY_H +#define TINC_LEGACY_H + +typedef int nid_t; + +#endif // TINC_LEGACY_H diff --git a/src/net_setup.c b/src/net_setup.c index f2534a47..79bed8c5 100644 --- a/src/net_setup.c +++ b/src/net_setup.c @@ -948,7 +948,11 @@ static bool setup_myself(void) { #endif /* Compression */ - if(get_config_int(lookup_config(&config_tree, "Compression"), &myself->incompression)) { + int incompression = 0; + + if(get_config_int(lookup_config(&config_tree, "Compression"), &incompression)) { + myself->incompression = incompression; + switch(myself->incompression) { case COMPRESS_LZ4: #ifdef HAVE_LZ4 diff --git a/src/node.h b/src/node.h index 0818a027..1e877ab6 100644 --- a/src/node.h +++ b/src/node.h @@ -27,6 +27,7 @@ #include "digest.h" #include "event.h" #include "subnet.h" +#include "compression.h" typedef union node_status_t { struct { @@ -71,8 +72,8 @@ typedef struct node_t { digest_t *outdigest; /* Digest for UDP packets */ #endif - int incompression; /* Compressionlevel, 0 = no compression */ - int outcompression; /* Compressionlevel, 0 = no compression */ + compression_level_t incompression; /* Compression level, 0 = no compression */ + compression_level_t outcompression; /* Compression level, 0 = no compression */ int distance; struct node_t *nexthop; /* nearest node from us to him */ diff --git a/src/openssl/cipher.c b/src/openssl/cipher.c index 77538b14..d19cad47 100644 --- a/src/openssl/cipher.c +++ b/src/openssl/cipher.c @@ -52,7 +52,7 @@ bool cipher_open_by_name(cipher_t *cipher, const char *name) { return true; } -bool cipher_open_by_nid(cipher_t *cipher, int nid) { +bool cipher_open_by_nid(cipher_t *cipher, nid_t nid) { const EVP_CIPHER *evp_cipher = EVP_get_cipherbynid(nid); if(!evp_cipher) { @@ -179,7 +179,7 @@ bool cipher_decrypt(cipher_t *cipher, const void *indata, size_t inlen, void *ou EVP_DecryptInit_ex, EVP_DecryptUpdate, EVP_DecryptFinal_ex); } -int cipher_get_nid(const cipher_t *cipher) { +nid_t cipher_get_nid(const cipher_t *cipher) { if(!cipher || !cipher->cipher) { return 0; } diff --git a/src/openssl/cipher.h b/src/openssl/cipher.h index 360596c6..e5404a60 100644 --- a/src/openssl/cipher.h +++ b/src/openssl/cipher.h @@ -22,9 +22,11 @@ #include -struct cipher { +#include "../legacy.h" + +typedef struct cipher { EVP_CIPHER_CTX *ctx; const EVP_CIPHER *cipher; -}; +} cipher_t; #endif diff --git a/src/openssl/digest.c b/src/openssl/digest.c index 5778c523..b497c93b 100644 --- a/src/openssl/digest.c +++ b/src/openssl/digest.c @@ -55,7 +55,7 @@ bool digest_open_by_name(digest_t *digest, const char *name, size_t maclength) { return true; } -bool digest_open_by_nid(digest_t *digest, int nid, size_t maclength) { +bool digest_open_by_nid(digest_t *digest, nid_t nid, size_t maclength) { const EVP_MD *evp_md = EVP_get_digestbynid(nid); if(!evp_md) { @@ -189,7 +189,7 @@ bool digest_verify(digest_t *digest, const void *indata, size_t inlen, const voi return digest_create(digest, indata, inlen, outdata) && !memcmp(cmpdata, outdata, digest->maclength); } -int digest_get_nid(const digest_t *digest) { +nid_t digest_get_nid(const digest_t *digest) { if(!digest || !digest->digest) { return 0; } diff --git a/src/openssl/digest.h b/src/openssl/digest.h index d6efacfa..7081f5ce 100644 --- a/src/openssl/digest.h +++ b/src/openssl/digest.h @@ -23,6 +23,8 @@ #include #include +#include "../legacy.h" + struct digest { const EVP_MD *digest; #if OPENSSL_VERSION_MAJOR < 3 diff --git a/src/openssl/prf.c b/src/openssl/prf.c index ddad522f..a402b8ff 100644 --- a/src/openssl/prf.c +++ b/src/openssl/prf.c @@ -29,7 +29,7 @@ We use SHA512 instead of MD5 and SHA1. */ -static bool prf_xor(int nid, const uint8_t *secret, size_t secretlen, uint8_t *seed, size_t seedlen, uint8_t *out, size_t outlen) { +static bool prf_xor(nid_t nid, const uint8_t *secret, size_t secretlen, uint8_t *seed, size_t seedlen, uint8_t *out, size_t outlen) { digest_t digest = {0}; if(!digest_open_by_nid(&digest, nid, DIGEST_ALGO_SIZE)) { diff --git a/src/protocol_key.c b/src/protocol_key.c index 2796c7ed..740d2fb4 100644 --- a/src/protocol_key.c +++ b/src/protocol_key.c @@ -33,6 +33,7 @@ #include "utils.h" #include "compression.h" #include "random.h" +#include "legacy.h" void send_key_changed(void) { #ifndef DISABLE_LEGACY -- 2.20.1