|
Added
Link Here
|
| 1 |
--- lfd_encrypt.c.orig 2013-07-07 19:54:35 UTC |
| 2 |
+++ lfd_encrypt.c |
| 3 |
@@ -95,11 +95,11 @@ static unsigned long sequence_num; |
| 4 |
static char * pkey; |
| 5 |
static char * iv_buf; |
| 6 |
|
| 7 |
-static EVP_CIPHER_CTX ctx_enc; /* encrypt */ |
| 8 |
-static EVP_CIPHER_CTX ctx_dec; /* decrypt */ |
| 9 |
+static EVP_CIPHER_CTX *ctx_enc; /* encrypt */ |
| 10 |
+static EVP_CIPHER_CTX *ctx_dec; /* decrypt */ |
| 11 |
|
| 12 |
-static EVP_CIPHER_CTX ctx_enc_ecb; /* sideband ecb encrypt */ |
| 13 |
-static EVP_CIPHER_CTX ctx_dec_ecb; /* sideband ecb decrypt */ |
| 14 |
+static EVP_CIPHER_CTX *ctx_enc_ecb; /* sideband ecb encrypt */ |
| 15 |
+static EVP_CIPHER_CTX *ctx_dec_ecb; /* sideband ecb decrypt */ |
| 16 |
|
| 17 |
static int send_msg(int len, char *in, char **out); |
| 18 |
static int recv_msg(int len, char *in, char **out); |
| 19 |
@@ -156,6 +156,11 @@ static int alloc_encrypt(struct vtun_host *host) |
| 20 |
EVP_CIPHER_CTX *pctx_enc; |
| 21 |
EVP_CIPHER_CTX *pctx_dec; |
| 22 |
|
| 23 |
+ ctx_enc = EVP_CIPHER_CTX_new(); |
| 24 |
+ ctx_dec = EVP_CIPHER_CTX_new(); |
| 25 |
+ ctx_enc_ecb = EVP_CIPHER_CTX_new(); |
| 26 |
+ ctx_dec_ecb = EVP_CIPHER_CTX_new(); |
| 27 |
+ |
| 28 |
enc_init_first_time = 1; |
| 29 |
dec_init_first_time = 1; |
| 30 |
|
| 31 |
@@ -182,15 +187,15 @@ static int alloc_encrypt(struct vtun_host *host) |
| 32 |
keysize = 32; |
| 33 |
sb_init = 1; |
| 34 |
cipher_type = EVP_aes_256_ecb(); |
| 35 |
- pctx_enc = &ctx_enc_ecb; |
| 36 |
- pctx_dec = &ctx_dec_ecb; |
| 37 |
+ pctx_enc = ctx_enc_ecb; |
| 38 |
+ pctx_dec = ctx_dec_ecb; |
| 39 |
break; |
| 40 |
|
| 41 |
case VTUN_ENC_AES256ECB: |
| 42 |
blocksize = 16; |
| 43 |
keysize = 32; |
| 44 |
- pctx_enc = &ctx_enc; |
| 45 |
- pctx_dec = &ctx_dec; |
| 46 |
+ pctx_enc = ctx_enc; |
| 47 |
+ pctx_dec = ctx_dec; |
| 48 |
cipher_type = EVP_aes_256_ecb(); |
| 49 |
strcpy(cipher_name,"AES-256-ECB"); |
| 50 |
break; |
| 51 |
@@ -201,14 +206,14 @@ static int alloc_encrypt(struct vtun_host *host) |
| 52 |
keysize = 16; |
| 53 |
sb_init=1; |
| 54 |
cipher_type = EVP_aes_128_ecb(); |
| 55 |
- pctx_enc = &ctx_enc_ecb; |
| 56 |
- pctx_dec = &ctx_dec_ecb; |
| 57 |
+ pctx_enc = ctx_enc_ecb; |
| 58 |
+ pctx_dec = ctx_dec_ecb; |
| 59 |
break; |
| 60 |
case VTUN_ENC_AES128ECB: |
| 61 |
blocksize = 16; |
| 62 |
keysize = 16; |
| 63 |
- pctx_enc = &ctx_enc; |
| 64 |
- pctx_dec = &ctx_dec; |
| 65 |
+ pctx_enc = ctx_enc; |
| 66 |
+ pctx_dec = ctx_dec; |
| 67 |
cipher_type = EVP_aes_128_ecb(); |
| 68 |
strcpy(cipher_name,"AES-128-ECB"); |
| 69 |
break; |
| 70 |
@@ -221,16 +226,16 @@ static int alloc_encrypt(struct vtun_host *host) |
| 71 |
var_key = 1; |
| 72 |
sb_init = 1; |
| 73 |
cipher_type = EVP_bf_ecb(); |
| 74 |
- pctx_enc = &ctx_enc_ecb; |
| 75 |
- pctx_dec = &ctx_dec_ecb; |
| 76 |
+ pctx_enc = ctx_enc_ecb; |
| 77 |
+ pctx_dec = ctx_dec_ecb; |
| 78 |
break; |
| 79 |
|
| 80 |
case VTUN_ENC_BF256ECB: |
| 81 |
blocksize = 8; |
| 82 |
keysize = 32; |
| 83 |
var_key = 1; |
| 84 |
- pctx_enc = &ctx_enc; |
| 85 |
- pctx_dec = &ctx_dec; |
| 86 |
+ pctx_enc = ctx_enc; |
| 87 |
+ pctx_dec = ctx_dec; |
| 88 |
cipher_type = EVP_bf_ecb(); |
| 89 |
strcpy(cipher_name,"Blowfish-256-ECB"); |
| 90 |
break; |
| 91 |
@@ -243,16 +248,16 @@ static int alloc_encrypt(struct vtun_host *host) |
| 92 |
var_key = 1; |
| 93 |
sb_init = 1; |
| 94 |
cipher_type = EVP_bf_ecb(); |
| 95 |
- pctx_enc = &ctx_enc_ecb; |
| 96 |
- pctx_dec = &ctx_dec_ecb; |
| 97 |
+ pctx_enc = ctx_enc_ecb; |
| 98 |
+ pctx_dec = ctx_dec_ecb; |
| 99 |
break; |
| 100 |
case VTUN_ENC_BF128ECB: /* blowfish 128 ecb is the default */ |
| 101 |
default: |
| 102 |
blocksize = 8; |
| 103 |
keysize = 16; |
| 104 |
var_key = 1; |
| 105 |
- pctx_enc = &ctx_enc; |
| 106 |
- pctx_dec = &ctx_dec; |
| 107 |
+ pctx_enc = ctx_enc; |
| 108 |
+ pctx_dec = ctx_dec; |
| 109 |
cipher_type = EVP_bf_ecb(); |
| 110 |
strcpy(cipher_name,"Blowfish-128-ECB"); |
| 111 |
break; |
| 112 |
@@ -294,10 +299,10 @@ static int free_encrypt() |
| 113 |
lfd_free(enc_buf); enc_buf = NULL; |
| 114 |
lfd_free(dec_buf); dec_buf = NULL; |
| 115 |
|
| 116 |
- EVP_CIPHER_CTX_cleanup(&ctx_enc); |
| 117 |
- EVP_CIPHER_CTX_cleanup(&ctx_dec); |
| 118 |
- EVP_CIPHER_CTX_cleanup(&ctx_enc_ecb); |
| 119 |
- EVP_CIPHER_CTX_cleanup(&ctx_dec_ecb); |
| 120 |
+ EVP_CIPHER_CTX_cleanup(ctx_enc); |
| 121 |
+ EVP_CIPHER_CTX_cleanup(ctx_dec); |
| 122 |
+ EVP_CIPHER_CTX_cleanup(ctx_enc_ecb); |
| 123 |
+ EVP_CIPHER_CTX_cleanup(ctx_dec_ecb); |
| 124 |
|
| 125 |
return 0; |
| 126 |
} |
| 127 |
@@ -323,7 +328,7 @@ static int encrypt_buf(int len, char *in, char **out) |
| 128 |
outlen=len+pad; |
| 129 |
if (pad == blocksize) |
| 130 |
RAND_bytes(in_ptr+len, blocksize-1); |
| 131 |
- EVP_EncryptUpdate(&ctx_enc, out_ptr, &outlen, in_ptr, len+pad); |
| 132 |
+ EVP_EncryptUpdate(ctx_enc, out_ptr, &outlen, in_ptr, len+pad); |
| 133 |
*out = enc_buf; |
| 134 |
|
| 135 |
sequence_num++; |
| 136 |
@@ -343,7 +348,7 @@ static int decrypt_buf(int len, char *in, char **out) |
| 137 |
|
| 138 |
outlen=len; |
| 139 |
if (!len) return 0; |
| 140 |
- EVP_DecryptUpdate(&ctx_dec, out_ptr, &outlen, in_ptr, len); |
| 141 |
+ EVP_DecryptUpdate(ctx_dec, out_ptr, &outlen, in_ptr, len); |
| 142 |
recv_ib_mesg(&outlen, &out_ptr); |
| 143 |
if (!outlen) return 0; |
| 144 |
tmp_ptr = out_ptr + outlen; tmp_ptr--; |
| 145 |
@@ -431,13 +436,13 @@ static int cipher_enc_init(char * iv) |
| 146 |
break; |
| 147 |
} /* switch(cipher) */ |
| 148 |
|
| 149 |
- EVP_CIPHER_CTX_init(&ctx_enc); |
| 150 |
- EVP_EncryptInit_ex(&ctx_enc, cipher_type, NULL, NULL, NULL); |
| 151 |
+ EVP_CIPHER_CTX_init(ctx_enc); |
| 152 |
+ EVP_EncryptInit_ex(ctx_enc, cipher_type, NULL, NULL, NULL); |
| 153 |
if (var_key) |
| 154 |
- EVP_CIPHER_CTX_set_key_length(&ctx_enc, keysize); |
| 155 |
- EVP_EncryptInit_ex(&ctx_enc, NULL, NULL, pkey, NULL); |
| 156 |
- EVP_EncryptInit_ex(&ctx_enc, NULL, NULL, NULL, iv); |
| 157 |
- EVP_CIPHER_CTX_set_padding(&ctx_enc, 0); |
| 158 |
+ EVP_CIPHER_CTX_set_key_length(ctx_enc, keysize); |
| 159 |
+ EVP_EncryptInit_ex(ctx_enc, NULL, NULL, pkey, NULL); |
| 160 |
+ EVP_EncryptInit_ex(ctx_enc, NULL, NULL, NULL, iv); |
| 161 |
+ EVP_CIPHER_CTX_set_padding(ctx_enc, 0); |
| 162 |
if (enc_init_first_time) |
| 163 |
{ |
| 164 |
sprintf(tmpstr,"%s encryption initialized", cipher_name); |
| 165 |
@@ -521,13 +526,13 @@ static int cipher_dec_init(char * iv) |
| 166 |
break; |
| 167 |
} /* switch(cipher) */ |
| 168 |
|
| 169 |
- EVP_CIPHER_CTX_init(&ctx_dec); |
| 170 |
- EVP_DecryptInit_ex(&ctx_dec, cipher_type, NULL, NULL, NULL); |
| 171 |
+ EVP_CIPHER_CTX_init(ctx_dec); |
| 172 |
+ EVP_DecryptInit_ex(ctx_dec, cipher_type, NULL, NULL, NULL); |
| 173 |
if (var_key) |
| 174 |
- EVP_CIPHER_CTX_set_key_length(&ctx_dec, keysize); |
| 175 |
- EVP_DecryptInit_ex(&ctx_dec, NULL, NULL, pkey, NULL); |
| 176 |
- EVP_DecryptInit_ex(&ctx_dec, NULL, NULL, NULL, iv); |
| 177 |
- EVP_CIPHER_CTX_set_padding(&ctx_dec, 0); |
| 178 |
+ EVP_CIPHER_CTX_set_key_length(ctx_dec, keysize); |
| 179 |
+ EVP_DecryptInit_ex(ctx_dec, NULL, NULL, pkey, NULL); |
| 180 |
+ EVP_DecryptInit_ex(ctx_dec, NULL, NULL, NULL, iv); |
| 181 |
+ EVP_CIPHER_CTX_set_padding(ctx_dec, 0); |
| 182 |
if (dec_init_first_time) |
| 183 |
{ |
| 184 |
sprintf(tmpstr,"%s decryption initialized", cipher_name); |
| 185 |
@@ -559,7 +564,7 @@ static int send_msg(int len, char *in, char **out) |
| 186 |
|
| 187 |
in_ptr = in - blocksize*2; |
| 188 |
outlen = blocksize*2; |
| 189 |
- EVP_EncryptUpdate(&ctx_enc_ecb, in_ptr, |
| 190 |
+ EVP_EncryptUpdate(ctx_enc_ecb, in_ptr, |
| 191 |
&outlen, in_ptr, blocksize*2); |
| 192 |
*out = in_ptr; |
| 193 |
len = outlen; |
| 194 |
@@ -586,7 +591,7 @@ static int recv_msg(int len, char *in, char **out) |
| 195 |
in_ptr = in; |
| 196 |
iv = malloc(blocksize); |
| 197 |
outlen = blocksize*2; |
| 198 |
- EVP_DecryptUpdate(&ctx_dec_ecb, in_ptr, &outlen, in_ptr, blocksize*2); |
| 199 |
+ EVP_DecryptUpdate(ctx_dec_ecb, in_ptr, &outlen, in_ptr, blocksize*2); |
| 200 |
|
| 201 |
if ( !strncmp(in_ptr, "ivec", 4) ) |
| 202 |
{ |
| 203 |
@@ -629,7 +634,7 @@ static int recv_msg(int len, char *in, char **out) |
| 204 |
if (cipher_enc_state != CIPHER_INIT) |
| 205 |
{ |
| 206 |
cipher_enc_state = CIPHER_INIT; |
| 207 |
- EVP_CIPHER_CTX_cleanup(&ctx_enc); |
| 208 |
+ EVP_CIPHER_CTX_cleanup(ctx_enc); |
| 209 |
#ifdef LFD_ENCRYPT_DEBUG |
| 210 |
vtun_syslog(LOG_INFO, |
| 211 |
"Forcing local encryptor re-init"); |
| 212 |
@@ -710,7 +715,7 @@ static int recv_ib_mesg(int *len, char **in) |
| 213 |
if (cipher_enc_state != CIPHER_INIT) |
| 214 |
{ |
| 215 |
cipher_enc_state = CIPHER_INIT; |
| 216 |
- EVP_CIPHER_CTX_cleanup(&ctx_enc); |
| 217 |
+ EVP_CIPHER_CTX_cleanup(ctx_enc); |
| 218 |
} |
| 219 |
#ifdef LFD_ENCRYPT_DEBUG |
| 220 |
vtun_syslog(LOG_INFO, "Remote requests encryptor re-init"); |
| 221 |
@@ -724,7 +729,7 @@ static int recv_ib_mesg(int *len, char **in) |
| 222 |
cipher_enc_state != CIPHER_REQ_INIT && |
| 223 |
cipher_enc_state != CIPHER_INIT) |
| 224 |
{ |
| 225 |
- EVP_CIPHER_CTX_cleanup (&ctx_dec); |
| 226 |
+ EVP_CIPHER_CTX_cleanup (ctx_dec); |
| 227 |
cipher_dec_state = CIPHER_INIT; |
| 228 |
cipher_enc_state = CIPHER_REQ_INIT; |
| 229 |
} |