diff options
| author | Christian Pointner <equinox@anytun.org> | 2009-01-18 23:31:33 +0000 |
|---|---|---|
| committer | Christian Pointner <equinox@anytun.org> | 2009-01-18 23:31:33 +0000 |
| commit | a39dd07546ab48648021f03e87b2831ffaf50df8 (patch) | |
| tree | 788b8db0b2dd4162318084739b863412b7a73612 | |
| parent | doing replay protection before learning remote host (diff) | |
some cleanup
| -rw-r--r-- | src/anytun.cpp | 26 | ||||
| -rw-r--r-- | src/anytun.vcproj | 4 | ||||
| -rw-r--r-- | src/authAlgo.cpp | 2 | ||||
| -rw-r--r-- | src/authAlgo.h | 4 | ||||
| -rw-r--r-- | src/authAlgoFactory.cpp | 2 | ||||
| -rw-r--r-- | src/cipher.cpp | 2 | ||||
| -rw-r--r-- | src/cipher.h | 4 | ||||
| -rw-r--r-- | src/cipherFactory.cpp | 2 | ||||
| -rw-r--r-- | src/cryptinit.hpp | 2 | ||||
| -rw-r--r-- | src/daemon.hpp | 2 | ||||
| -rw-r--r-- | src/keyDerivation.cpp | 8 | ||||
| -rw-r--r-- | src/keyDerivation.h | 4 | ||||
| -rw-r--r-- | src/keyDerivationFactory.cpp | 2 | ||||
| -rw-r--r-- | src/log.cpp | 12 | ||||
| -rw-r--r-- | src/log.h | 6 | ||||
| -rw-r--r-- | src/options.cpp | 23 | ||||
| -rw-r--r-- | src/sysexec.hpp | 2 |
17 files changed, 66 insertions, 41 deletions
diff --git a/src/anytun.cpp b/src/anytun.cpp index 47d2cb6..6e08f4a 100644 --- a/src/anytun.cpp +++ b/src/anytun.cpp @@ -48,7 +48,7 @@ #include "cipherFactory.h" #include "authAlgoFactory.h" #include "keyDerivationFactory.h" -#ifndef NOSIGNALCONTROLLER +#ifndef NO_SIGNALCONTROLLER #include "signalController.h" #endif #include "packetSource.h" @@ -56,7 +56,7 @@ #include "options.h" #include "seqWindow.h" #include "connectionList.h" -#ifndef NOROUTING +#ifndef NO_ROUTING #include "routingTable.h" #include "networkAddress.h" #endif @@ -92,7 +92,7 @@ void createConnection(const PacketSourceEndpoint & remote_end, window_size_t seq SyncCommand sc (gConnectionList,mux); gSyncQueue.push(sc); #endif -#ifndef NOROUTING +#ifndef NO_ROUTING if (gOpt.getIfconfigParamRemoteNetmask() != "") { NetworkAddress addr(gOpt.getIfconfigParamRemoteNetmask()); @@ -182,7 +182,7 @@ void sender(void* p) continue; //std::cout << "got Packet for plain "<<plain_packet.getDstAddr().toString(); ConnectionMap::iterator cit; -#ifndef NOROUTING +#ifndef NO_ROUTING try { mux = gRoutingTable.getRoute(plain_packet.getDstAddr()); @@ -352,6 +352,7 @@ int main(int argc, char* argv[]) exit(-1); } +#ifndef NO_DAEMON std::ofstream pidFile; if(gOpt.getPidFile() != "") { pidFile.open(gOpt.getPidFile().c_str()); @@ -359,8 +360,9 @@ int main(int argc, char* argv[]) std::cout << "can't open pid file" << std::endl; } } +#endif -#ifndef NOCRYPT +#ifndef NO_CRYPT #ifndef USE_SSL_CRYPTO // this must be called before any other libgcrypt call if(!initLibGCrypt()) @@ -372,7 +374,7 @@ int main(int argc, char* argv[]) cLog.msg(Log::PRIO_NOTICE) << "dev created (opened)"; cLog.msg(Log::PRIO_NOTICE) << "dev opened - actual name is '" << dev.getActualName() << "'"; cLog.msg(Log::PRIO_NOTICE) << "dev type is '" << dev.getTypeString() << "'"; -#ifndef NOEXEC +#ifndef NO_EXEC if(gOpt.getPostUpScript() != "") { int postup_ret = execScript(gOpt.getPostUpScript(), dev.getActualName()); cLog.msg(Log::PRIO_NOTICE) << "post up script '" << gOpt.getPostUpScript() << "' returned " << postup_ret; @@ -415,7 +417,7 @@ int main(int argc, char* argv[]) std::cout << " to set them)"<< std::endl; return -1; } -#ifndef NODAEMON +#ifndef NO_DAEMON if(gOpt.getChroot()) chrootAndDrop(gOpt.getChrootDir(), gOpt.getUsername()); if(gOpt.getDaemonize()) @@ -431,7 +433,7 @@ int main(int argc, char* argv[]) } #endif -#ifndef NOSIGNALCONTROLLER +#ifndef NO_SIGNALCONTROLLER SignalController sig; sig.init(); #endif @@ -440,7 +442,7 @@ int main(int argc, char* argv[]) ThreadParam p(dev, *src, *connTo); boost::thread senderThread(boost::bind(sender,&p)); -#ifndef NOSIGNALCONTROLLER +#ifndef NO_SIGNALCONTROLLER boost::thread receiverThread(boost::bind(receiver,&p)); #endif #ifndef ANYTUN_NOSYNC @@ -455,7 +457,7 @@ int main(int argc, char* argv[]) } #endif -#ifndef NOSIGNALCONTROLLER +#ifndef NO_SIGNALCONTROLLER int ret = sig.run(); #else receiver(&p); @@ -491,7 +493,7 @@ int main(int argc, char* argv[]) catch(std::runtime_error& e) { cLog.msg(Log::PRIO_ERR) << "uncaught runtime error, exiting: " << e.what(); -#ifndef LOGSTDOUT +#ifndef LOG_STDOUT if(!daemonized) std::cout << "uncaught runtime error, exiting: " << e.what() << std::endl; #endif @@ -499,7 +501,7 @@ int main(int argc, char* argv[]) catch(std::exception& e) { cLog.msg(Log::PRIO_ERR) << "uncaught exception, exiting: " << e.what(); -#ifndef LOGSTDOUT +#ifndef LOG_STDOUT if(!daemonized) std::cout << "uncaught exception, exiting: " << e.what() << std::endl; #endif diff --git a/src/anytun.vcproj b/src/anytun.vcproj index 29e7b81..8f03789 100644 --- a/src/anytun.vcproj +++ b/src/anytun.vcproj @@ -42,7 +42,7 @@ Name="VCCLCompilerTool"
AdditionalOptions="/I "C:\Program Files\boost\boost_1_35_0\""
Optimization="0"
- PreprocessorDefinitions="LOGSTDOUT;USE_SSL_CRYPTO;NODAEMON;NOEXEC;NOSYSLOG;NOSIGNALCONTROLLER;WIN32_LEAN_AND_MEAN"
+ PreprocessorDefinitions="LOG_STDOUT;USE_SSL_CRYPTO;NO_DAEMON;NO_EXEC;NO_SYSLOG;NO_SIGNALCONTROLLER;WIN32_LEAN_AND_MEAN"
MinimalRebuild="true"
BasicRuntimeChecks="3"
RuntimeLibrary="3"
@@ -116,7 +116,7 @@ />
<Tool
Name="VCCLCompilerTool"
- PreprocessorDefinitions="USE_SSL_CRYPTO;NODAEMON;NOEXEC;NOSYSLOG;NOSIGNALCONTROLLER;WIN32_LEAN_AND_MEAN"
+ PreprocessorDefinitions="USE_SSL_CRYPTO;NO_DAEMON;NO_EXEC;NO_SYSLOG;NO_SIGNALCONTROLLER;WIN32_LEAN_AND_MEAN"
RuntimeLibrary="2"
UsePrecompiledHeader="0"
WarningLevel="3"
diff --git a/src/authAlgo.cpp b/src/authAlgo.cpp index 6bbf651..a4f88cc 100644 --- a/src/authAlgo.cpp +++ b/src/authAlgo.cpp @@ -47,7 +47,7 @@ bool NullAuthAlgo::checkTag(KeyDerivation& kd, EncryptedPacket& packet) return true; } -#ifndef NOCRYPT +#ifndef NO_CRYPT //****** Sha1AuthAlgo ****** Sha1AuthAlgo::Sha1AuthAlgo(kd_dir_t d) : AuthAlgo(d), key_(DIGEST_LENGTH) diff --git a/src/authAlgo.h b/src/authAlgo.h index 809880d..cca706d 100644 --- a/src/authAlgo.h +++ b/src/authAlgo.h @@ -36,7 +36,7 @@ #include "buffer.h" #include "encryptedPacket.h" -#ifndef NOCRYPT +#ifndef NO_CRYPT #ifndef USE_SSL_CRYPTO #include <gcrypt.h> #else @@ -77,7 +77,7 @@ public: bool checkTag(KeyDerivation& kd, EncryptedPacket& packet); }; -#ifndef NOCRYPT +#ifndef NO_CRYPT //****** Sha1AuthAlgo ****** //* HMAC SHA1 Auth Tag Generator Class diff --git a/src/authAlgoFactory.cpp b/src/authAlgoFactory.cpp index 648d6f8..8fa16fc 100644 --- a/src/authAlgoFactory.cpp +++ b/src/authAlgoFactory.cpp @@ -40,7 +40,7 @@ AuthAlgo* AuthAlgoFactory::create(std::string const& type, kd_dir_t dir) { if( type == "null" ) return new NullAuthAlgo(); -#ifndef NOCRYPT +#ifndef NO_CRYPT else if( type == "sha1" ) return new Sha1AuthAlgo(dir); #endif diff --git a/src/cipher.cpp b/src/cipher.cpp index 3dc2314..46865ab 100644 --- a/src/cipher.cpp +++ b/src/cipher.cpp @@ -70,7 +70,7 @@ u_int32_t NullCipher::decipher(KeyDerivation& kd, u_int8_t* in, u_int32_t ilen, return (ilen < olen) ? ilen : olen; } -#ifndef NOCRYPT +#ifndef NO_CRYPT //****** AesIcmCipher ****** AesIcmCipher::AesIcmCipher(kd_dir_t d) : Cipher(d), key_(u_int32_t(DEFAULT_KEY_LENGTH/8)), salt_(u_int32_t(SALT_LENGTH)) diff --git a/src/cipher.h b/src/cipher.h index b26416b..628e6e7 100644 --- a/src/cipher.h +++ b/src/cipher.h @@ -38,7 +38,7 @@ #include "plainPacket.h" #include "keyDerivation.h" -#ifndef NOCRYPT +#ifndef NO_CRYPT #ifndef USE_SSL_CRYPTO #include <gcrypt.h> #else @@ -72,7 +72,7 @@ protected: u_int32_t decipher(KeyDerivation& kd, u_int8_t* in, u_int32_t ilen, u_int8_t* out, u_int32_t olen, seq_nr_t seq_nr, sender_id_t sender_id, mux_t mux); }; -#ifndef NOCRYPT +#ifndef NO_CRYPT //****** AesIcmCipher ****** class AesIcmCipher : public Cipher diff --git a/src/cipherFactory.cpp b/src/cipherFactory.cpp index 02fff5d..e53620e 100644 --- a/src/cipherFactory.cpp +++ b/src/cipherFactory.cpp @@ -40,7 +40,7 @@ Cipher* CipherFactory::create(std::string const& type, kd_dir_t dir) { if( type == "null" ) return new NullCipher(); -#ifndef NOCRYPT +#ifndef NO_CRYPT else if( type == "aes-ctr" ) return new AesIcmCipher(dir); else if( type == "aes-ctr-128" ) diff --git a/src/cryptinit.hpp b/src/cryptinit.hpp index e5bbc08..2caa4cb 100644 --- a/src/cryptinit.hpp +++ b/src/cryptinit.hpp @@ -32,7 +32,7 @@ #ifndef _CRYPTINIT_HPP #define _CRYPTINIT_HPP -#ifndef NOCRYPT +#ifndef NO_CRYPT #ifndef USE_SSL_CRYPTO #include <gcrypt.h> diff --git a/src/daemon.hpp b/src/daemon.hpp index 6ed74aa..0bcd7f3 100644 --- a/src/daemon.hpp +++ b/src/daemon.hpp @@ -31,7 +31,7 @@ #ifndef _DAEMON_HPP #define _DAEMON_HPP -#ifndef NODAEMON +#ifndef NO_DAEMON #include <poll.h> #include <fcntl.h> diff --git a/src/keyDerivation.cpp b/src/keyDerivation.cpp index 48db034..db8cc1b 100644 --- a/src/keyDerivation.cpp +++ b/src/keyDerivation.cpp @@ -41,9 +41,13 @@ #include <sstream> #include <string> +#ifndef NO_CRYPT +#ifndef NO_PASSPHRASE #ifdef USE_SSL_CRYPTO #include <openssl/sha.h> #endif +#endif +#endif void KeyDerivation::setLogKDRate(const int8_t log_rate) { @@ -53,6 +57,7 @@ void KeyDerivation::setLogKDRate(const int8_t log_rate) ld_kdr_ = sizeof(seq_nr_t) * 8; } +#ifndef NO_CRYPT #ifndef NO_PASSPHRASE void KeyDerivation::calcMasterKey(std::string passphrase, u_int16_t length) { @@ -112,6 +117,7 @@ void KeyDerivation::calcMasterSalt(std::string passphrase, u_int16_t length) memcpy(master_salt_.getBuf(), &digest.getBuf()[digest.getLength() - master_salt_.getLength()], master_salt_.getLength()); } #endif +#endif //****** NullKeyDerivation ****** @@ -121,7 +127,7 @@ bool NullKeyDerivation::generate(kd_dir_t dir, satp_prf_label_t label, seq_nr_t return true; } -#ifndef NOCRYPT +#ifndef NO_CRYPT //****** AesIcmKeyDerivation ****** AesIcmKeyDerivation::AesIcmKeyDerivation() : KeyDerivation(DEFAULT_KEY_LENGTH) diff --git a/src/keyDerivation.h b/src/keyDerivation.h index 518a498..ea5f359 100644 --- a/src/keyDerivation.h +++ b/src/keyDerivation.h @@ -37,7 +37,7 @@ #include "threadUtils.hpp" #include "syncBuffer.h" -#ifndef NOCRYPT +#ifndef NO_CRYPT #ifndef USE_SSL_CRYPTO #include <gcrypt.h> #else @@ -135,7 +135,7 @@ private: }; -#ifndef NOCRYPT +#ifndef NO_CRYPT //****** AesIcmKeyDerivation ****** class AesIcmKeyDerivation : public KeyDerivation diff --git a/src/keyDerivationFactory.cpp b/src/keyDerivationFactory.cpp index c0e06ab..c241b37 100644 --- a/src/keyDerivationFactory.cpp +++ b/src/keyDerivationFactory.cpp @@ -40,7 +40,7 @@ KeyDerivation* KeyDerivationFactory::create(std::string const& type) { if( type == "null" ) return new NullKeyDerivation(); -#ifndef NOCRYPT +#ifndef NO_CRYPT else if( type == "aes-ctr" ) return new AesIcmKeyDerivation(); else if( type == "aes-ctr-128" ) diff --git a/src/log.cpp b/src/log.cpp index 8b24025..6ffc560 100644 --- a/src/log.cpp +++ b/src/log.cpp @@ -40,7 +40,7 @@ Log* Log::inst = NULL; Mutex Log::instMutex; Log& cLog = Log::instance(); -#ifndef NOCRYPT +#ifndef NO_CRYPT #ifndef USE_SSL_CRYPTO std::ostream& operator<<(std::ostream& stream, LogGpgError const& value) { @@ -71,10 +71,10 @@ LogStringBuilder::LogStringBuilder(Log& l, int p) : log(l), prio(p) LogStringBuilder::~LogStringBuilder() { Lock lock(log.mutex); -#ifndef NOSYSLOG +#ifndef NO_SYSLOG syslog(prio | log.getFacility(), "%s", stream.str().c_str()); #endif -#ifdef LOGSTDOUT +#ifdef LOG_STDOUT std::cout << "LOG-" << Log::prioToString(prio) << ": " << stream.str() << std::endl; #endif } @@ -98,12 +98,12 @@ Log::Log() Log::~Log() { -#ifndef NOSYSLOG +#ifndef NO_SYSLOG closelog(); #endif } -#ifdef NOSYSLOG +#ifdef NO_SYSLOG std::string Log::prioToString(int prio) { switch(prio) { @@ -122,7 +122,7 @@ std::string Log::prioToString(int prio) void Log::open() { -#ifndef NOSYSLOG +#ifndef NO_SYSLOG openlog(logName.c_str(), LOG_PID, facility); #endif } @@ -34,7 +34,7 @@ #include <string> #include <sstream> -#ifndef NOSYSLOG +#ifndef NO_SYSLOG #include <syslog.h> #endif @@ -43,7 +43,7 @@ #define STERROR_TEXT_MAX 100 -#ifndef NOCRYPT +#ifndef NO_CRYPT #ifndef USE_SSL_CRYPTO #include <gcrypt.h> @@ -86,7 +86,7 @@ private: class Log : public std::ostringstream { public: -#ifndef NOSYSLOG +#ifndef NO_SYSLOG static const int FAC_USER = LOG_USER; static const int FAC_MAIL = LOG_MAIL; static const int FAC_DAEMON = LOG_DAEMON; diff --git a/src/options.cpp b/src/options.cpp index d241eae..58ac181 100644 --- a/src/options.cpp +++ b/src/options.cpp @@ -169,9 +169,15 @@ Options::Options() : key_(u_int32_t(0)), salt_(u_int32_t(0)) mux_ = 0; seq_window_size_ = 0; +#ifndef NO_CRYPT cipher_ = "aes-ctr"; auth_algo_ = "sha1"; kd_prf_ = "aes-ctr"; +#else + cipher_ = "null"; + auth_algo_ = "null"; + kd_prf_ = "null"; +#endif ld_kdr_ = 0; } @@ -305,11 +311,13 @@ bool Options::parse(int argc, char* argv[]) if(str == "-h" || str == "--help") return false; +#ifndef NO_DAEMON PARSE_INVERSE_BOOL_PARAM("-D","--nodaemonize", daemonize_) PARSE_BOOL_PARAM("-C","--chroot", chroot_) PARSE_SCALAR_PARAM("-u","--username", username_) PARSE_SCALAR_PARAM("-H","--chroot-dir", chroot_dir_) PARSE_SCALAR_PARAM("-P","--write-pid", pid_file_) +#endif // PARSE_SCALAR_PARAM("-f","--file", file_name_) // PARSE_SCALAR_PARAM("-X","--control-host", bind_to_) @@ -326,13 +334,16 @@ bool Options::parse(int argc, char* argv[]) PARSE_SCALAR_PARAM("-d","--dev", dev_name_) PARSE_SCALAR_PARAM("-t","--type", dev_type_) PARSE_SCALAR_PARAM2("-n","--ifconfig", ifconfig_param_local_, ifconfig_param_remote_netmask_) +#ifndef NO_EXEC PARSE_SCALAR_PARAM("-x","--post-up-script", post_up_script_) +#endif PARSE_CSLIST_PARAM("-R","--route", routes_, OptionRoute) PARSE_SCALAR_PARAM("-s","--sender-id", sender_id_) PARSE_SCALAR_PARAM("-m","--mux", mux_) PARSE_SCALAR_PARAM("-w","--window-size", seq_window_size_) +#ifndef NO_CRYPT PARSE_SCALAR_PARAM("-c","--cipher", cipher_) PARSE_SCALAR_PARAM("-a","--auth-algo", auth_algo_) PARSE_SCALAR_PARAM("-k","--kd-prf", kd_prf_) @@ -342,6 +353,7 @@ bool Options::parse(int argc, char* argv[]) #endif PARSE_HEXSTRING_PARAM_SEC("-K","--key", key_) PARSE_HEXSTRING_PARAM_SEC("-A","--salt", salt_) +#endif else throw syntax_error(str, 0); } @@ -363,12 +375,13 @@ void Options::printUsage() std::cout << "USAGE:" << std::endl; std::cout << "anytun " << std::endl; std::cout << " [-h|--help] prints this..." << std::endl; - +#ifndef NO_DAEMON std::cout << " [-D|--nodaemonize] don't run in background" << std::endl; std::cout << " [-C|--chroot] chroot and drop privileges" << std::endl; std::cout << " [-u|--username] <username> if chroot change to this user" << std::endl; std::cout << " [-H|--chroot-dir] <path> chroot to this directory" << std::endl; std::cout << " [-P|--write-pid] <path> write pid to this file" << std::endl; +#endif // std::cout << " [-f|--file] <path> path to input file" << std::endl; // std::cout << " [-X|--control-host] < <hostname|ip>[:<port>] | :<port> >" << std::endl; @@ -387,15 +400,18 @@ void Options::printUsage() std::cout << " [-d|--dev] <name> device name" << std::endl; std::cout << " [-t|--type] <tun|tap> device type" << std::endl; - std::cout << " [-n|--ifconfig] <local> the local address for the tun/tap device" << std::endl - << " <remote|netmask> the remote address(tun) or netmask(tap)" << std::endl; + std::cout << " [-n|--ifconfig] <local> the local address for the tun/tap device" << std::endl; + std::cout << " <remote|netmask> the remote address(tun) or netmask(tap)" << std::endl; +#ifndef NO_EXEC std::cout << " [-x|--post-up-script] <script> script gets called after interface is created" << std::endl; +#endif std::cout << " [-R|--route] <net>/<prefix length> add a route to connection, can be invoked several times" << std::endl; std::cout << " [-s|--sender-id ] <sender id> the sender id to use" << std::endl; std::cout << " [-m|--mux] <mux-id> the multiplex id to use" << std::endl; std::cout << " [-w|--window-size] <window size> seqence number window size" << std::endl; +#ifndef NO_CRYPT std::cout << " [-c|--cipher] <cipher type> payload encryption algorithm" << std::endl; std::cout << " [-a|--auth-algo] <algo type> message authentication algorithm" << std::endl; std::cout << " [-k|--kd-prf] <kd-prf type> key derivation pseudo random function" << std::endl; @@ -405,6 +421,7 @@ void Options::printUsage() #endif std::cout << " [-K|--key] <master key> master key to use for encryption" << std::endl; std::cout << " [-A|--salt] <master salt> master salt to use for encryption" << std::endl; +#endif } void Options::printOptions() diff --git a/src/sysexec.hpp b/src/sysexec.hpp index 91b102f..f2d5d35 100644 --- a/src/sysexec.hpp +++ b/src/sysexec.hpp @@ -31,7 +31,7 @@ #ifndef _SYSEXEC_HPP #define _SYSEXEC_HPP -#ifndef NOEXEC +#ifndef NO_EXEC int execScript(std::string const& script, std::string const& ifname) { |