diff options
-rw-r--r-- | src/cipher.c | 8 | ||||
-rw-r--r-- | src/cipher.h | 3 | ||||
-rw-r--r-- | src/key_derivation.c | 18 | ||||
-rw-r--r-- | src/key_derivation.h | 10 | ||||
-rw-r--r-- | src/options.c | 6 | ||||
-rw-r--r-- | src/options.h | 2 | ||||
-rw-r--r-- | src/uanytun.c | 6 |
7 files changed, 13 insertions, 40 deletions
diff --git a/src/cipher.c b/src/cipher.c index 13b2fa6..5fba4af 100644 --- a/src/cipher.c +++ b/src/cipher.c @@ -44,12 +44,11 @@ #include <stdlib.h> #include <string.h> -int cipher_init(cipher_t* c, const char* type, int8_t anytun02_compat) +int cipher_init(cipher_t* c, const char* type) { if(!c) return -1; - c->anytun02_compat_ = anytun02_compat; c->key_length_ = 0; c->type_ = c_unknown; @@ -262,11 +261,6 @@ int cipher_aesctr_calc_ctr(cipher_t* c, key_derivation_t* kd, key_derivation_dir if(ret < 0) return ret; - if(c->anytun02_compat_) { - if(!c->salt_.buf_[0]) - c->salt_.buf_[0] = 1; - } - memcpy(params->ctr_.salt_.buf_, c->salt_.buf_, C_AESCTR_SALT_LENGTH); params->ctr_.salt_.zero_ = 0; params->ctr_.params_.mux_ ^= MUX_T_HTON(mux); diff --git a/src/cipher.h b/src/cipher.h index 8a7e65d..f53e412 100644 --- a/src/cipher.h +++ b/src/cipher.h @@ -54,14 +54,13 @@ typedef enum cipher_type_enum cipher_type_t; struct cipher_struct { cipher_type_t type_; u_int16_t key_length_; - int8_t anytun02_compat_; buffer_t key_; buffer_t salt_; void* params_; }; typedef struct cipher_struct cipher_t; -int cipher_init(cipher_t* c, const char* type, int8_t anytun02_compat); +int cipher_init(cipher_t* c, const char* type); void cipher_close(cipher_t* c); int cipher_encrypt(cipher_t* c, key_derivation_t* kd, key_derivation_dir_t dir, plain_packet_t* in, encrypted_packet_t* out, seq_nr_t seq_nr, sender_id_t sender_id, mux_t mux); diff --git a/src/key_derivation.c b/src/key_derivation.c index 531b02b..e9ab15f 100644 --- a/src/key_derivation.c +++ b/src/key_derivation.c @@ -45,13 +45,12 @@ #include <stdlib.h> #include <string.h> -int key_derivation_init(key_derivation_t* kd, const char* type, role_t role, int8_t anytun02_compat, const char* passphrase, u_int8_t* key, u_int32_t key_len, u_int8_t* salt, u_int32_t salt_len) +int key_derivation_init(key_derivation_t* kd, const char* type, role_t role, const char* passphrase, u_int8_t* key, u_int32_t key_len, u_int8_t* salt, u_int32_t salt_len) { if(!kd) return -1; kd->role_ = role; - kd->anytun02_compat_ = anytun02_compat; kd->key_length_ = 0; kd->type_ = kd_unknown; @@ -74,6 +73,11 @@ int key_derivation_init(key_derivation_t* kd, const char* type, role_t role, int return -1; } + switch(role) { + case ROLE_LEFT: log_printf(NOTICE, "key derivation role: left"); break; + case ROLE_RIGHT: log_printf(NOTICE, "key derivation role: right"); break; + default: log_printf(NOTICE, "key derivation role: unknown"); break; + } kd->params_ = NULL; if(!key) { @@ -404,14 +408,8 @@ int key_derivation_aesctr_calc_ctr(key_derivation_t* kd, key_derivation_dir_t di } memcpy(params->ctr_.salt_.buf_, kd->master_salt_.buf_, KD_AESCTR_SALT_LENGTH); params->ctr_.salt_.zero_ = 0; - if(kd->anytun02_compat_) { - params->ctr_.params_compat_.label_ ^= label; - params->ctr_.params_compat_.seq_ ^= SEQ_NR_T_HTON(seq_nr); - } - else { - params->ctr_.params_.label_ ^= SATP_PRF_LABEL_T_HTON(convert_label(kd->role_, dir, label)); - params->ctr_.params_.seq_ ^= SEQ_NR_T_HTON(seq_nr); - } + params->ctr_.params_.label_ ^= SATP_PRF_LABEL_T_HTON(convert_label(kd->role_, dir, label)); + params->ctr_.params_.seq_ ^= SEQ_NR_T_HTON(seq_nr); return 0; } diff --git a/src/key_derivation.h b/src/key_derivation.h index cf97a82..c6212f1 100644 --- a/src/key_derivation.h +++ b/src/key_derivation.h @@ -64,14 +64,13 @@ struct key_derivation_struct { key_derivation_type_t type_; u_int16_t key_length_; role_t role_; - int8_t anytun02_compat_; buffer_t master_key_; buffer_t master_salt_; void* params_; }; typedef struct key_derivation_struct key_derivation_t; -int key_derivation_init(key_derivation_t* kd, const char* type, role_t role, int8_t anytun02_compat, const char* passphrase, u_int8_t* key, u_int32_t key_len, u_int8_t* salt, u_int32_t salt_len); +int key_derivation_init(key_derivation_t* kd, const char* type, role_t role, const char* passphrase, u_int8_t* key, u_int32_t key_len, u_int8_t* salt, u_int32_t salt_len); #ifndef NO_PASSPHRASE int key_derivation_generate_master_key(key_derivation_t* kd, const char* passphrase, u_int16_t key_length); int key_derivation_generate_master_salt(key_derivation_t* kd, const char* passphrase, u_int16_t salt_length); @@ -99,13 +98,6 @@ union __attribute__((__packed__)) key_derivation_aesctr_ctr_union { seq_nr_t seq_; u_int16_t zero_; } params_; - struct __attribute__((__packed__)) { - u_int8_t fill_[KD_AESCTR_SALT_LENGTH - sizeof(u_int8_t) - 2*sizeof(u_int8_t) - sizeof(seq_nr_t)]; - u_int8_t label_; - u_int8_t seq_fill_[2]; - seq_nr_t seq_; - u_int16_t zero_; - } params_compat_; }; typedef union key_derivation_aesctr_ctr_union key_derivation_aesctr_ctr_t; diff --git a/src/options.c b/src/options.c index f985fc8..2300794 100644 --- a/src/options.c +++ b/src/options.c @@ -253,7 +253,6 @@ int options_parse(options_t* opt, int argc, char* argv[]) PARSE_INT_PARAM("-w","--window-size", opt->seq_window_size_) #ifndef NO_CRYPT PARSE_STRING_PARAM("-k","--kd-prf", opt->kd_prf_) - PARSE_BOOL_PARAM("-O","--anytun02-compat", opt->anytun02_compat_) #ifndef NO_PASSPHRASE PARSE_STRING_PARAM_SEC("-E","--passphrase", opt->passphrase_) #endif @@ -320,9 +319,6 @@ void options_parse_post(options_t* opt) } #endif - if(opt->anytun02_compat_) - log_printf(WARNING, "--anytun02-compat is deprecated and very likly to be removed by the next release"); - if(!(opt->dev_name_) && !(opt->dev_type_)) opt->dev_type_ = strdup("tun"); } @@ -363,7 +359,6 @@ void options_default(options_t* opt) opt->cipher_ = strdup("null"); opt->auth_tag_length_ = 0; #endif - opt->anytun02_compat_ = 0; opt->key_.buf_ = NULL; opt->key_.length_ = 0; opt->salt_.buf_ = NULL; @@ -503,7 +498,6 @@ void options_print(options_t* opt) default: printf("??\n"); break; } #endif - printf("anytun02_compat: %d\n", opt->anytun02_compat_); u_int32_t i; printf("key_[%d]: '", opt->key_.length_); diff --git a/src/options.h b/src/options.h index f61a974..0f73a0b 100644 --- a/src/options.h +++ b/src/options.h @@ -76,7 +76,6 @@ struct options_struct { char* passphrase_; role_t role_; #endif - int anytun02_compat_; u_int32_t auth_tag_length_; buffer_t key_; buffer_t salt_; @@ -94,4 +93,3 @@ void options_print_usage(); void options_print(options_t* opt); #endif - diff --git a/src/uanytun.c b/src/uanytun.c index 553a392..c9c6c44 100644 --- a/src/uanytun.c +++ b/src/uanytun.c @@ -101,7 +101,7 @@ typedef u_int8_t auth_algo_t; int init_main_loop(options_t* opt, cipher_t* c, auth_algo_t* aa, key_derivation_t* kd, seq_win_t* seq_win) { - int ret = cipher_init(c, opt->cipher_, opt->anytun02_compat_); + int ret = cipher_init(c, opt->cipher_); if(ret) { log_printf(ERROR, "could not initialize cipher of type %s", opt->cipher_); return ret; @@ -115,9 +115,7 @@ int init_main_loop(options_t* opt, cipher_t* c, auth_algo_t* aa, key_derivation_ return ret; } - if(opt->anytun02_compat_) - log_printf(NOTICE, "enabling anytun 0.2.x crypto compatiblity mode"); - ret = key_derivation_init(kd, opt->kd_prf_, opt->role_, opt->anytun02_compat_, opt->passphrase_, opt->key_.buf_, opt->key_.length_, opt->salt_.buf_, opt->salt_.length_); + ret = key_derivation_init(kd, opt->kd_prf_, opt->role_, opt->passphrase_, opt->key_.buf_, opt->key_.length_, opt->salt_.buf_, opt->salt_.length_); if(ret) { log_printf(ERROR, "could not initialize key derivation of type %s", opt->kd_prf_); cipher_close(c); |