summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/Makefile2
-rw-r--r--src/cipher.c10
-rw-r--r--src/uanytun.c9
3 files changed, 16 insertions, 5 deletions
diff --git a/src/Makefile b/src/Makefile
index e366af1..8372395 100644
--- a/src/Makefile
+++ b/src/Makefile
@@ -42,7 +42,7 @@ ifeq ($(TARGET),Linux)
LDFLAGS += -ldl
endif
ifeq ($(TARGET),OpenBSD)
- CCFLAGS += -DNO_UDPV6
+ CCFLAGS += -I/usr/local/include -DNO_UDPV6 -DNO_SEC_MEM
LDFLAGS += -L/usr/local/lib
endif
diff --git a/src/cipher.c b/src/cipher.c
index ae981cd..3a74641 100644
--- a/src/cipher.c
+++ b/src/cipher.c
@@ -79,7 +79,7 @@ int cipher_init(cipher_t* c, const char* type)
void cipher_set_key(cipher_t* c, u_int8_t* key, u_int32_t len)
{
- if(!c)
+ if(!c || !key)
return;
if(c->type_ == null)
return;
@@ -97,7 +97,7 @@ void cipher_set_key(cipher_t* c, u_int8_t* key, u_int32_t len)
void cipher_set_salt(cipher_t* c, u_int8_t* salt, u_int32_t len)
{
- if(!c)
+ if(!c || !salt)
return;
if(c->type_ == null)
return;
@@ -257,8 +257,10 @@ buffer_t cipher_aesctr_calc_ctr(cipher_t* c, seq_nr_t seq_nr, sender_id_t sender
u_int32_t cipher_aesctr_crypt(cipher_t* c, u_int8_t* in, u_int32_t ilen, u_int8_t* out, u_int32_t olen, seq_nr_t seq_nr, sender_id_t sender_id, mux_t mux)
{
- if(!c)
- return;
+ if(!c || !c->key_.buf_ || !c->salt_.buf_) {
+ log_printf(ERR, "cipher not initialized or no key or salt set");
+ return 0;
+ }
gcry_error_t err = gcry_cipher_setkey(c->handle_, c->key_.buf_, c->key_.length_);
if(err) {
diff --git a/src/uanytun.c b/src/uanytun.c
index b72c7fb..8725b40 100644
--- a/src/uanytun.c
+++ b/src/uanytun.c
@@ -67,11 +67,20 @@ int init_libgcrypt()
return -1;
}
+#ifndef NO_SEC_MEM
gcry_error_t err = gcry_control(GCRYCTL_INIT_SECMEM, 16384, 0);
if(err) {
log_printf(ERR, "failed initialize secure memory: %s/%s", gcry_strerror(err), gcry_strsource(err));
return -1;
}
+#else
+ gcry_error_t err = gcry_control(GCRYCTL_DISABLE_SECMEM, 0);
+ if(err) {
+ log_printf(ERR, "failed disable secure memory: %s/%s", gcry_strerror(err), gcry_strsource(err));
+ return -1;
+ }
+#endif
+
// Tell Libgcrypt that initialization has completed.
err = gcry_control(GCRYCTL_INITIALIZATION_FINISHED);
if(err) {