diff options
-rw-r--r-- | src/Makefile | 2 | ||||
-rw-r--r-- | src/authAlgo.cpp | 8 | ||||
-rw-r--r-- | src/bsd/tunDevice.cpp | 20 | ||||
-rw-r--r-- | src/cipher.cpp | 16 | ||||
-rw-r--r-- | src/cryptinit.hpp | 8 | ||||
-rw-r--r-- | src/datatypes.h | 2 | ||||
-rw-r--r-- | src/keyDerivation.cpp | 20 | ||||
-rw-r--r-- | src/linux/tunDevice.cpp | 20 | ||||
-rw-r--r-- | src/log.cpp | 22 | ||||
-rw-r--r-- | src/log.h | 25 |
10 files changed, 72 insertions, 71 deletions
diff --git a/src/Makefile b/src/Makefile index 52956e6..af26638 100644 --- a/src/Makefile +++ b/src/Makefile @@ -38,8 +38,6 @@ LDFLAGS = -g -Wall -O2 -lboost_thread -lgcrypt -lgpg-error -lboost_serialization #LDFLAGS = -g -Wall -O2 -lboost_thread -lcrypto -lboost_serialization -lboost_system ifeq ($(TARGET),Linux) - CFLAGS += -D_XOPEN_SOURCE=600 - CXXFLAGS += -D_XOPEN_SOURCE=600 LDFLAGS += -ldl endif ifeq ($(TARGET),OpenBSD) diff --git a/src/authAlgo.cpp b/src/authAlgo.cpp index 6a4c20b..6bbf651 100644 --- a/src/authAlgo.cpp +++ b/src/authAlgo.cpp @@ -89,9 +89,7 @@ void Sha1AuthAlgo::generate(KeyDerivation& kd, EncryptedPacket& packet) #ifndef USE_SSL_CRYPTO gcry_error_t err = gcry_md_setkey(handle_, key_.getBuf(), key_.getLength()); if(err) { - char buf[STERROR_TEXT_MAX]; - buf[0] = 0; - cLog.msg(Log::PRIO_ERR) << "Sha1AuthAlgo::setKey: Failed to set hmac key: " << gpg_strerror_r(err, buf, STERROR_TEXT_MAX); + cLog.msg(Log::PRIO_ERR) << "Sha1AuthAlgo::setKey: Failed to set hmac key: " << LogGpgError(err); return; } @@ -131,9 +129,7 @@ bool Sha1AuthAlgo::checkTag(KeyDerivation& kd, EncryptedPacket& packet) #ifndef USE_SSL_CRYPTO gcry_error_t err = gcry_md_setkey(handle_, key_.getBuf(), key_.getLength()); if(err) { - char buf[STERROR_TEXT_MAX]; - buf[0] = 0; - cLog.msg(Log::PRIO_ERR) << "Sha1AuthAlgo::setKey: Failed to set hmac key: " << gpg_strerror_r(err, buf, STERROR_TEXT_MAX); + cLog.msg(Log::PRIO_ERR) << "Sha1AuthAlgo::setKey: Failed to set hmac key: " << LogGpgError(err); return false; } diff --git a/src/bsd/tunDevice.cpp b/src/bsd/tunDevice.cpp index 31e986c..ce2a413 100644 --- a/src/bsd/tunDevice.cpp +++ b/src/bsd/tunDevice.cpp @@ -46,10 +46,9 @@ #include "tunDevice.h" #include "threadUtils.hpp" +#include "log.h" #define DEVICE_FILE_MAX 255 -#include <iostream> - TunDevice::TunDevice(std::string dev_name, std::string dev_type, std::string ifcfg_lp, std::string ifcfg_rnmp) : conf_(dev_name, dev_type, ifcfg_lp, ifcfg_rnmp, 1400) { std::string device_file = "/dev/"; @@ -84,19 +83,12 @@ TunDevice::TunDevice(std::string dev_name, std::string dev_type, std::string ifc fd_ = ::open(device_file.c_str(), O_RDWR); if(fd_ < 0) { - std::string msg; + std::stringstream msg; if(dynamic) - msg = "can't open device file dynamically: no unused node left"; - else { - msg = "can't open device file ("; - msg.append(device_file); - msg.append("): "); - char buf[STERROR_TEXT_MAX]; - buf[0] = 0; - strerror_r(errno, buf, STERROR_TEXT_MAX); - msg.append(buf); - } - throw std::runtime_error(msg); + msg << "can't open device file dynamically: no unused node left"; + else + msg << "can't open device file (" << device_file << "): " << LogErrno(errno); + throw std::runtime_error(msg.str()); } if(dynamic) { diff --git a/src/cipher.cpp b/src/cipher.cpp index 6e325d9..69686bb 100644 --- a/src/cipher.cpp +++ b/src/cipher.cpp @@ -100,9 +100,7 @@ void AesIcmCipher::init(u_int16_t key_length) gcry_error_t err = gcry_cipher_open(&handle_, algo, GCRY_CIPHER_MODE_CTR, 0); if( err ) { - char buf[STERROR_TEXT_MAX]; - buf[0] = 0; - cLog.msg(Log::PRIO_CRIT) << "AesIcmCipher::AesIcmCipher: Failed to open cipher" << gpg_strerror_r(err, buf, STERROR_TEXT_MAX); + cLog.msg(Log::PRIO_CRIT) << "AesIcmCipher::AesIcmCipher: Failed to open cipher" << LogGpgError(err); } #endif } @@ -163,9 +161,7 @@ void AesIcmCipher::calc(KeyDerivation& kd, u_int8_t* in, u_int32_t ilen, u_int8_ #else gcry_error_t err = gcry_cipher_setkey(handle_, key_.getBuf(), key_.getLength()); if(err) { - char buf[STERROR_TEXT_MAX]; - buf[0] = 0; - cLog.msg(Log::PRIO_ERR) << "AesIcmCipher: Failed to set cipher key: " << gpg_strerror_r(err, buf, STERROR_TEXT_MAX); + cLog.msg(Log::PRIO_ERR) << "AesIcmCipher: Failed to set cipher key: " << LogGpgError(err); return; } #endif @@ -175,17 +171,13 @@ void AesIcmCipher::calc(KeyDerivation& kd, u_int8_t* in, u_int32_t ilen, u_int8_ #ifndef USE_SSL_CRYPTO err = gcry_cipher_setctr(handle_, ctr_.buf_, CTR_LENGTH); if(err) { - char buf[STERROR_TEXT_MAX]; - buf[0] = 0; - cLog.msg(Log::PRIO_ERR) << "AesIcmCipher: Failed to set cipher CTR: " << gpg_strerror_r(err, buf, STERROR_TEXT_MAX); + cLog.msg(Log::PRIO_ERR) << "AesIcmCipher: Failed to set cipher CTR: " << LogGpgError(err); return; } err = gcry_cipher_encrypt(handle_, out, olen, in, ilen); if(err) { - char buf[STERROR_TEXT_MAX]; - buf[0] = 0; - cLog.msg(Log::PRIO_ERR) << "AesIcmCipher: Failed to de/encrypt packet: " << gpg_strerror_r(err, buf, STERROR_TEXT_MAX); + cLog.msg(Log::PRIO_ERR) << "AesIcmCipher: Failed to de/encrypt packet: " << LogGpgError(err); return; } #else diff --git a/src/cryptinit.hpp b/src/cryptinit.hpp index 80f4e14..e5bbc08 100644 --- a/src/cryptinit.hpp +++ b/src/cryptinit.hpp @@ -92,18 +92,14 @@ bool initLibGCrypt() gcry_error_t err = gcry_control (GCRYCTL_DISABLE_SECMEM, 0); if( err ) { - char buf[STERROR_TEXT_MAX]; - buf[0] = 0; - std::cout << "initLibGCrypt: Failed to disable secure memory: " << gpg_strerror_r(err, buf, STERROR_TEXT_MAX) << std::endl; + std::cout << "initLibGCrypt: Failed to disable secure memory: " << LogGpgError(err) << std::endl; return false; } // Tell Libgcrypt that initialization has completed. err = gcry_control(GCRYCTL_INITIALIZATION_FINISHED); if( err ) { - char buf[STERROR_TEXT_MAX]; - buf[0] = 0; - std::cout << "initLibGCrypt: Failed to finish initialization: " << gpg_strerror_r(err, buf, STERROR_TEXT_MAX) << std::endl; + std::cout << "initLibGCrypt: Failed to finish initialization: " << LogGpgError(err) << std::endl; return false; } diff --git a/src/datatypes.h b/src/datatypes.h index 536719c..fef1cbf 100644 --- a/src/datatypes.h +++ b/src/datatypes.h @@ -51,7 +51,5 @@ typedef u_int32_t seq_nr_t; typedef u_int16_t sender_id_t; typedef u_int16_t payload_type_t; typedef u_int16_t mux_t; -//typedef u_int32_t auth_tag_t; -#define STERROR_TEXT_MAX 100 #endif diff --git a/src/keyDerivation.cpp b/src/keyDerivation.cpp index 689f97a..75ebe02 100644 --- a/src/keyDerivation.cpp +++ b/src/keyDerivation.cpp @@ -126,17 +126,13 @@ void AesIcmKeyDerivation::updateMasterKey() gcry_error_t err = gcry_cipher_open(&handle_[i], algo, GCRY_CIPHER_MODE_CTR, 0); if(err) { - char buf[STERROR_TEXT_MAX]; - buf[0] = 0; - cLog.msg(Log::PRIO_ERR) << "KeyDerivation::updateMasterKey: Failed to open cipher: " << gpg_strerror_r(err, buf, STERROR_TEXT_MAX); + cLog.msg(Log::PRIO_ERR) << "KeyDerivation::updateMasterKey: Failed to open cipher: " << LogGpgError(err); return; } err = gcry_cipher_setkey(handle_[i], master_key_.getBuf(), master_key_.getLength()); if(err) { - char buf[STERROR_TEXT_MAX]; - buf[0] = 0; - cLog.msg(Log::PRIO_ERR) << "KeyDerivation::updateMasterKey: Failed to set cipher key: " << gpg_strerror_r(err, buf, STERROR_TEXT_MAX); + cLog.msg(Log::PRIO_ERR) << "KeyDerivation::updateMasterKey: Failed to set cipher key: " << LogGpgError(err); return; } } @@ -209,25 +205,19 @@ bool AesIcmKeyDerivation::generate(kd_dir_t dir, satp_prf_label_t label, seq_nr_ #ifndef USE_SSL_CRYPTO gcry_error_t err = gcry_cipher_reset(handle_[dir]); if(err) { - char buf[STERROR_TEXT_MAX]; - buf[0] = 0; - cLog.msg(Log::PRIO_ERR) << "KeyDerivation::generate: Failed to reset cipher: " << gpg_strerror_r(err, buf, STERROR_TEXT_MAX); + cLog.msg(Log::PRIO_ERR) << "KeyDerivation::generate: Failed to reset cipher: " << LogGpgError(err); } err = gcry_cipher_setctr(handle_[dir], ctr_[dir].buf_, CTR_LENGTH); if(err) { - char buf[STERROR_TEXT_MAX]; - buf[0] = 0; - cLog.msg(Log::PRIO_ERR) << "KeyDerivation::generate: Failed to set CTR: " << gpg_strerror_r(err, buf, STERROR_TEXT_MAX); + cLog.msg(Log::PRIO_ERR) << "KeyDerivation::generate: Failed to set CTR: " << LogGpgError(err); return false; } std::memset(key.getBuf(), 0, key.getLength()); err = gcry_cipher_encrypt(handle_[dir], key, key.getLength(), NULL, 0); if(err) { - char buf[STERROR_TEXT_MAX]; - buf[0] = 0; - cLog.msg(Log::PRIO_ERR) << "KeyDerivation::generate: Failed to generate cipher bitstream: " << gpg_strerror_r(err, buf, STERROR_TEXT_MAX); + cLog.msg(Log::PRIO_ERR) << "KeyDerivation::generate: Failed to generate cipher bitstream: " << LogGpgError(err); } return true; #else diff --git a/src/linux/tunDevice.cpp b/src/linux/tunDevice.cpp index 0c51047..b95cb32 100644 --- a/src/linux/tunDevice.cpp +++ b/src/linux/tunDevice.cpp @@ -50,14 +50,9 @@ TunDevice::TunDevice(std::string dev_name, std::string dev_type, std::string ifc { fd_ = ::open(DEFAULT_DEVICE, O_RDWR); if(fd_ < 0) { - std::string msg("can't open device file ("); - msg.append(DEFAULT_DEVICE); - msg.append("): "); - char buf[STERROR_TEXT_MAX]; - buf[0] = 0; - strerror_r(errno, buf, STERROR_TEXT_MAX); - msg.append(buf); - throw std::runtime_error(msg); + std::stringstream msg; + msg << "can't open device file (" << DEFAULT_DEVICE << "): " << LogErrno(errno); + throw std::runtime_error(msg.str()); } struct ifreq ifr; @@ -82,12 +77,9 @@ TunDevice::TunDevice(std::string dev_name, std::string dev_type, std::string ifc } else if(!ioctl(fd_, (('T' << 8) | 202), &ifr)) { actual_name_ = ifr.ifr_name; } else { - std::string msg("tun/tap device ioctl failed: "); - char buf[STERROR_TEXT_MAX]; - buf[0] = 0; - strerror_r(errno, buf, STERROR_TEXT_MAX); - msg.append(buf); - throw std::runtime_error(msg); + std::stringstream msg; + msg << "tun/tap device ioctl failed: " << LogErrno(errno); + throw std::runtime_error(msg.str()); } if(ifcfg_lp != "" && ifcfg_rnmp != "") diff --git a/src/log.cpp b/src/log.cpp index 272fc53..3fb569c 100644 --- a/src/log.cpp +++ b/src/log.cpp @@ -29,6 +29,8 @@ * along with anytun. If not, see <http://www.gnu.org/licenses/>. */ +#define _XOPEN_SOURCE 600 + #include <iostream> #include <string> @@ -40,6 +42,26 @@ Log* Log::inst = NULL; Mutex Log::instMutex; Log& cLog = Log::instance(); +#ifndef NOCRYPT +#ifndef USE_SSL_CRYPTO +std::ostream& operator<<(std::ostream& stream, LogGpgError const& value) +{ + char buf[STERROR_TEXT_MAX]; + buf[0] = 0; + gpg_strerror_r(value.err_, buf, STERROR_TEXT_MAX); + return stream << buf; +} +#endif +#endif +std::ostream& operator<<(std::ostream& stream, LogErrno const& value) +{ + char buf[STERROR_TEXT_MAX]; + buf[0] = 0; +// TODO: fix to use XSI Compliant strerror_r + char* tmp = strerror_r(value.err_, buf, STERROR_TEXT_MAX); + return stream << tmp; +} + LogStringBuilder::LogStringBuilder(LogStringBuilder const& src) : log(src.log), prio(src.prio) { stream << src.stream.str(); @@ -40,6 +40,31 @@ #include "threadUtils.hpp" + +#define STERROR_TEXT_MAX 100 + +#ifndef NOCRYPT +#ifndef USE_SSL_CRYPTO +#include <gcrypt.h> + +class LogGpgError +{ +public: + LogGpgError(gcry_error_t e) : err_(e) {}; + gcry_error_t err_; +}; +std::ostream& operator<<(std::ostream& stream, LogGpgError const& value); +#endif +#endif + +class LogErrno +{ +public: + LogErrno(int e) : err_(e) {}; + int err_; +}; +std::ostream& operator<<(std::ostream& stream, LogErrno const& value); + class Log; class LogStringBuilder |