summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--doc/uanytun.8.txt2
-rw-r--r--src/key_derivation.c26
-rw-r--r--src/uanytun.c11
3 files changed, 20 insertions, 19 deletions
diff --git a/doc/uanytun.8.txt b/doc/uanytun.8.txt
index e258a6e..bb58f87 100644
--- a/doc/uanytun.8.txt
+++ b/doc/uanytun.8.txt
@@ -256,7 +256,7 @@ This passphrase is used to generate the master key and master salt.
For the master key the last n bits of the SHA256 digest of the
passphrase (where n is the length of the master key in bits) is used.
The master salt gets generated with the SHA1 digest.
-This overrides any setting for *--key* or *--salt*.
+You may force a specific key and or salt by using *--key* and *--salt*.
-K|--key <master key>
~~~~~~~~~~~~~~~~~~~~~
diff --git a/src/key_derivation.c b/src/key_derivation.c
index f2094e0..d78a493 100644
--- a/src/key_derivation.c
+++ b/src/key_derivation.c
@@ -127,6 +127,12 @@ int key_derivation_generate_master_key(key_derivation_t* kd, const char* passphr
if(!kd || !passphrase)
return -1;
+ if(kd->master_key_.buf_) {
+ log_printf(ERR, "master key and passphrase provided, ignoring passphrase");
+ return 0;
+ }
+ log_printf(NOTICE, "using passphrase to generate master key");
+
if(!key_length || (key_length % 8)) {
log_printf(ERR, "bad master key length");
return -1;
@@ -141,13 +147,6 @@ int key_derivation_generate_master_key(key_derivation_t* kd, const char* passphr
return -1;
}
- if(kd->master_key_.buf_) {
- log_printf(ERR, "master key and passphrase provided, overwriting given master key");
- free(kd->master_key_.buf_);
- kd->master_key_.buf_ = NULL;
- kd->master_key_.length_ = 0;
- }
-
buffer_t digest;
#ifndef USE_SSL_CRYPTO
digest.length_ = gcry_md_get_algo_dlen(GCRY_MD_SHA256);
@@ -184,6 +183,12 @@ int key_derivation_generate_master_salt(key_derivation_t* kd, const char* passph
if(!kd || !passphrase)
return -1;
+ if(kd->master_salt_.buf_) {
+ log_printf(ERR, "master salt and passphrase provided, ignoring passphrase");
+ return 0;
+ }
+ log_printf(NOTICE, "using passphrase to generate master salt");
+
if(!salt_length || (salt_length % 8)) {
log_printf(ERR, "bad master salt length");
return -1;
@@ -198,13 +203,6 @@ int key_derivation_generate_master_salt(key_derivation_t* kd, const char* passph
return -1;
}
- if(kd->master_salt_.buf_) {
- log_printf(ERR, "master salt and passphrase provided, overwriting given master salt");
- free(kd->master_salt_.buf_);
- kd->master_salt_.buf_ = NULL;
- kd->master_salt_.length_ = 0;
- }
-
buffer_t digest;
#ifndef USE_SSL_CRYPTO
digest.length_ = gcry_md_get_algo_dlen(GCRY_MD_SHA1);
diff --git a/src/uanytun.c b/src/uanytun.c
index e403d40..15e3238 100644
--- a/src/uanytun.c
+++ b/src/uanytun.c
@@ -322,16 +322,21 @@ void print_hex_dump(const u_int8_t* buf, u_int32_t len)
int main(int argc, char* argv[])
{
log_init("uanytun", DAEMON);
+ log_printf(NOTICE, "just started...");
signal_init();
options_t opt;
int ret = options_parse(&opt, argc, argv);
if(ret) {
options_clear(&opt);
- if(ret > 0)
+ if(ret > 0) {
fprintf(stderr, "syntax error near: %s\n\n", argv[ret]);
- if(ret == -2)
+ log_printf(ERR, "syntax error, exitting");
+ }
+ if(ret == -2) {
fprintf(stderr, "memory error on options_parse, exitting\n");
+ log_printf(ERR, "memory error on options_parse, exitting");
+ }
if(ret == -1 || ret > 0)
options_print_usage();
@@ -339,8 +344,6 @@ int main(int argc, char* argv[])
exit(ret);
}
- log_printf(NOTICE, "just started...");
-
#ifndef NO_CRYPT
#ifndef USE_SSL_CRYPTO
ret = init_libgcrypt();