summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/cipher.c8
-rw-r--r--src/cipher.h3
-rw-r--r--src/key_derivation.c18
-rw-r--r--src/key_derivation.h10
-rw-r--r--src/options.c6
-rw-r--r--src/options.h2
-rw-r--r--src/uanytun.c6
7 files changed, 13 insertions, 40 deletions
diff --git a/src/cipher.c b/src/cipher.c
index 13b2fa6..5fba4af 100644
--- a/src/cipher.c
+++ b/src/cipher.c
@@ -44,12 +44,11 @@
#include <stdlib.h>
#include <string.h>
-int cipher_init(cipher_t* c, const char* type, int8_t anytun02_compat)
+int cipher_init(cipher_t* c, const char* type)
{
if(!c)
return -1;
- c->anytun02_compat_ = anytun02_compat;
c->key_length_ = 0;
c->type_ = c_unknown;
@@ -262,11 +261,6 @@ int cipher_aesctr_calc_ctr(cipher_t* c, key_derivation_t* kd, key_derivation_dir
if(ret < 0)
return ret;
- if(c->anytun02_compat_) {
- if(!c->salt_.buf_[0])
- c->salt_.buf_[0] = 1;
- }
-
memcpy(params->ctr_.salt_.buf_, c->salt_.buf_, C_AESCTR_SALT_LENGTH);
params->ctr_.salt_.zero_ = 0;
params->ctr_.params_.mux_ ^= MUX_T_HTON(mux);
diff --git a/src/cipher.h b/src/cipher.h
index 8a7e65d..f53e412 100644
--- a/src/cipher.h
+++ b/src/cipher.h
@@ -54,14 +54,13 @@ typedef enum cipher_type_enum cipher_type_t;
struct cipher_struct {
cipher_type_t type_;
u_int16_t key_length_;
- int8_t anytun02_compat_;
buffer_t key_;
buffer_t salt_;
void* params_;
};
typedef struct cipher_struct cipher_t;
-int cipher_init(cipher_t* c, const char* type, int8_t anytun02_compat);
+int cipher_init(cipher_t* c, const char* type);
void cipher_close(cipher_t* c);
int cipher_encrypt(cipher_t* c, key_derivation_t* kd, key_derivation_dir_t dir, plain_packet_t* in, encrypted_packet_t* out, seq_nr_t seq_nr, sender_id_t sender_id, mux_t mux);
diff --git a/src/key_derivation.c b/src/key_derivation.c
index 531b02b..e9ab15f 100644
--- a/src/key_derivation.c
+++ b/src/key_derivation.c
@@ -45,13 +45,12 @@
#include <stdlib.h>
#include <string.h>
-int key_derivation_init(key_derivation_t* kd, const char* type, role_t role, int8_t anytun02_compat, const char* passphrase, u_int8_t* key, u_int32_t key_len, u_int8_t* salt, u_int32_t salt_len)
+int key_derivation_init(key_derivation_t* kd, const char* type, role_t role, const char* passphrase, u_int8_t* key, u_int32_t key_len, u_int8_t* salt, u_int32_t salt_len)
{
if(!kd)
return -1;
kd->role_ = role;
- kd->anytun02_compat_ = anytun02_compat;
kd->key_length_ = 0;
kd->type_ = kd_unknown;
@@ -74,6 +73,11 @@ int key_derivation_init(key_derivation_t* kd, const char* type, role_t role, int
return -1;
}
+ switch(role) {
+ case ROLE_LEFT: log_printf(NOTICE, "key derivation role: left"); break;
+ case ROLE_RIGHT: log_printf(NOTICE, "key derivation role: right"); break;
+ default: log_printf(NOTICE, "key derivation role: unknown"); break;
+ }
kd->params_ = NULL;
if(!key) {
@@ -404,14 +408,8 @@ int key_derivation_aesctr_calc_ctr(key_derivation_t* kd, key_derivation_dir_t di
}
memcpy(params->ctr_.salt_.buf_, kd->master_salt_.buf_, KD_AESCTR_SALT_LENGTH);
params->ctr_.salt_.zero_ = 0;
- if(kd->anytun02_compat_) {
- params->ctr_.params_compat_.label_ ^= label;
- params->ctr_.params_compat_.seq_ ^= SEQ_NR_T_HTON(seq_nr);
- }
- else {
- params->ctr_.params_.label_ ^= SATP_PRF_LABEL_T_HTON(convert_label(kd->role_, dir, label));
- params->ctr_.params_.seq_ ^= SEQ_NR_T_HTON(seq_nr);
- }
+ params->ctr_.params_.label_ ^= SATP_PRF_LABEL_T_HTON(convert_label(kd->role_, dir, label));
+ params->ctr_.params_.seq_ ^= SEQ_NR_T_HTON(seq_nr);
return 0;
}
diff --git a/src/key_derivation.h b/src/key_derivation.h
index cf97a82..c6212f1 100644
--- a/src/key_derivation.h
+++ b/src/key_derivation.h
@@ -64,14 +64,13 @@ struct key_derivation_struct {
key_derivation_type_t type_;
u_int16_t key_length_;
role_t role_;
- int8_t anytun02_compat_;
buffer_t master_key_;
buffer_t master_salt_;
void* params_;
};
typedef struct key_derivation_struct key_derivation_t;
-int key_derivation_init(key_derivation_t* kd, const char* type, role_t role, int8_t anytun02_compat, const char* passphrase, u_int8_t* key, u_int32_t key_len, u_int8_t* salt, u_int32_t salt_len);
+int key_derivation_init(key_derivation_t* kd, const char* type, role_t role, const char* passphrase, u_int8_t* key, u_int32_t key_len, u_int8_t* salt, u_int32_t salt_len);
#ifndef NO_PASSPHRASE
int key_derivation_generate_master_key(key_derivation_t* kd, const char* passphrase, u_int16_t key_length);
int key_derivation_generate_master_salt(key_derivation_t* kd, const char* passphrase, u_int16_t salt_length);
@@ -99,13 +98,6 @@ union __attribute__((__packed__)) key_derivation_aesctr_ctr_union {
seq_nr_t seq_;
u_int16_t zero_;
} params_;
- struct __attribute__((__packed__)) {
- u_int8_t fill_[KD_AESCTR_SALT_LENGTH - sizeof(u_int8_t) - 2*sizeof(u_int8_t) - sizeof(seq_nr_t)];
- u_int8_t label_;
- u_int8_t seq_fill_[2];
- seq_nr_t seq_;
- u_int16_t zero_;
- } params_compat_;
};
typedef union key_derivation_aesctr_ctr_union key_derivation_aesctr_ctr_t;
diff --git a/src/options.c b/src/options.c
index f985fc8..2300794 100644
--- a/src/options.c
+++ b/src/options.c
@@ -253,7 +253,6 @@ int options_parse(options_t* opt, int argc, char* argv[])
PARSE_INT_PARAM("-w","--window-size", opt->seq_window_size_)
#ifndef NO_CRYPT
PARSE_STRING_PARAM("-k","--kd-prf", opt->kd_prf_)
- PARSE_BOOL_PARAM("-O","--anytun02-compat", opt->anytun02_compat_)
#ifndef NO_PASSPHRASE
PARSE_STRING_PARAM_SEC("-E","--passphrase", opt->passphrase_)
#endif
@@ -320,9 +319,6 @@ void options_parse_post(options_t* opt)
}
#endif
- if(opt->anytun02_compat_)
- log_printf(WARNING, "--anytun02-compat is deprecated and very likly to be removed by the next release");
-
if(!(opt->dev_name_) && !(opt->dev_type_))
opt->dev_type_ = strdup("tun");
}
@@ -363,7 +359,6 @@ void options_default(options_t* opt)
opt->cipher_ = strdup("null");
opt->auth_tag_length_ = 0;
#endif
- opt->anytun02_compat_ = 0;
opt->key_.buf_ = NULL;
opt->key_.length_ = 0;
opt->salt_.buf_ = NULL;
@@ -503,7 +498,6 @@ void options_print(options_t* opt)
default: printf("??\n"); break;
}
#endif
- printf("anytun02_compat: %d\n", opt->anytun02_compat_);
u_int32_t i;
printf("key_[%d]: '", opt->key_.length_);
diff --git a/src/options.h b/src/options.h
index f61a974..0f73a0b 100644
--- a/src/options.h
+++ b/src/options.h
@@ -76,7 +76,6 @@ struct options_struct {
char* passphrase_;
role_t role_;
#endif
- int anytun02_compat_;
u_int32_t auth_tag_length_;
buffer_t key_;
buffer_t salt_;
@@ -94,4 +93,3 @@ void options_print_usage();
void options_print(options_t* opt);
#endif
-
diff --git a/src/uanytun.c b/src/uanytun.c
index 553a392..c9c6c44 100644
--- a/src/uanytun.c
+++ b/src/uanytun.c
@@ -101,7 +101,7 @@ typedef u_int8_t auth_algo_t;
int init_main_loop(options_t* opt, cipher_t* c, auth_algo_t* aa, key_derivation_t* kd, seq_win_t* seq_win)
{
- int ret = cipher_init(c, opt->cipher_, opt->anytun02_compat_);
+ int ret = cipher_init(c, opt->cipher_);
if(ret) {
log_printf(ERROR, "could not initialize cipher of type %s", opt->cipher_);
return ret;
@@ -115,9 +115,7 @@ int init_main_loop(options_t* opt, cipher_t* c, auth_algo_t* aa, key_derivation_
return ret;
}
- if(opt->anytun02_compat_)
- log_printf(NOTICE, "enabling anytun 0.2.x crypto compatiblity mode");
- ret = key_derivation_init(kd, opt->kd_prf_, opt->role_, opt->anytun02_compat_, opt->passphrase_, opt->key_.buf_, opt->key_.length_, opt->salt_.buf_, opt->salt_.length_);
+ ret = key_derivation_init(kd, opt->kd_prf_, opt->role_, opt->passphrase_, opt->key_.buf_, opt->key_.length_, opt->salt_.buf_, opt->salt_.length_);
if(ret) {
log_printf(ERROR, "could not initialize key derivation of type %s", opt->kd_prf_);
cipher_close(c);