From 85f0a4508a84fc5f52b43910b7b4680639172735 Mon Sep 17 00:00:00 2001
From: Christian Pointner <equinox@anytun.org>
Date: Sat, 10 Jan 2009 00:45:05 +0000
Subject: added posibility to disable passphrase calculation

---
 src/configure        | 18 ++++++++++++++----
 src/key_derivation.c |  4 ++++
 src/key_derivation.h |  2 ++
 src/options.c        |  4 ++++
 4 files changed, 24 insertions(+), 4 deletions(-)

diff --git a/src/configure b/src/configure
index fbbe771..78cf78b 100755
--- a/src/configure
+++ b/src/configure
@@ -40,6 +40,7 @@ LDFLAGS='-g -Wall -O2'
 
 CRYPTO_LIB='gcrypt'
 ANYTUN_02_COMPAT=0
+PASSPHRASE=1
 V4_MAPPED=1
 
 print_usage() {
@@ -47,6 +48,7 @@ print_usage() {
   echo "          --use-ssl-crypto          use ssl crypto library instead of libgcrypt"
   echo "          --disable-crypto          disable crypto at all (only NULL cipher)"
   echo "          --enable-anytun02-compat  enable compatiblity mode for anytun 0.2"
+  echo "          --disable-passphrase      disable master key and salt passphrase"
   echo "          --disable-v4-mapped       disable V4-Mapped addresses (until now this means"
   echo "                                    to disable IPv6 as outer protocol)"
 }
@@ -63,6 +65,9 @@ do
   --enable-anytun02-compat)
     ANYTUN_02_COMPAT=1
   ;;
+  --disable-passphrase)
+    PASSPHRASE=0
+  ;;
   --disable-v4-mapped)
     V4_MAPPED=0 
   ;; 
@@ -106,23 +111,28 @@ esac
 case $CRYPTO_LIB in
   gcrypt)
     LDFLAGS=$LDFLAGS' -lgcrypt -lgpg-error'
-    echo "Using libgcrypt library"
+    echo "using libgcrypt library"
   ;;
   ssl)
     CFLAGS=$CFLAGS' -DUSE_SSL_CRYPTO'
     LDFLAGS=$LDFLAGS' -lcrypto'
-    echo "Using ssl crypto library"
+    echo "using ssl crypto library"
   ;;
   none)
     CFLAGS=$CFLAGS' -DNO_CRYPT'
     echo "NO_CRYPT_OBJ = 1" >> include.mk
-    echo "Disabling crypto"
+    echo "disabling crypto"
   ;;
 esac
 
 if [ $ANYTUN_02_COMPAT -eq 1 ]; then
   CFLAGS=$CFLAGS' -DANYTUN_02_COMPAT'
-  echo "enbabling anytun 0.2 crypto compatiblity mode"
+  echo "enabling anytun 0.2 crypto compatiblity mode"
+fi
+
+if [ $PASSPHRASE -eq 0 ]; then
+  CFLAGS=$CFLAGS' -DNO_PASSPHRASE'
+  echo "disabling master key and salt passphrase"
 fi
 
 if [ $V4_MAPPED -eq 0 ]; then
diff --git a/src/key_derivation.c b/src/key_derivation.c
index d78a493..60d1921 100644
--- a/src/key_derivation.c
+++ b/src/key_derivation.c
@@ -122,6 +122,7 @@ int key_derivation_init(key_derivation_t* kd, const char* type, int8_t ld_kdr, c
   return ret;
 }
 
+#ifndef NO_PASSPHRASE
 int key_derivation_generate_master_key(key_derivation_t* kd, const char* passphrase, u_int16_t key_length)
 {
   if(!kd || !passphrase)
@@ -232,6 +233,7 @@ int key_derivation_generate_master_salt(key_derivation_t* kd, const char* passph
 
   return 0;
 }
+#endif
 
 void key_derivation_close(key_derivation_t* kd)
 {
@@ -301,6 +303,7 @@ int key_derivation_aesctr_init(key_derivation_t* kd, const char* passphrase)
   params->handle_ = 0;
 #endif
 
+#ifndef NO_PASSPHRASE
   if(passphrase) {
     int ret = key_derivation_generate_master_key(kd, passphrase, kd->key_length_);
     if(ret)
@@ -309,6 +312,7 @@ int key_derivation_aesctr_init(key_derivation_t* kd, const char* passphrase)
     if(ret)
       return ret;
   }
+#endif
 
 #ifndef USE_SSL_CRYPTO
   int algo;
diff --git a/src/key_derivation.h b/src/key_derivation.h
index d045527..6cec9c9 100644
--- a/src/key_derivation.h
+++ b/src/key_derivation.h
@@ -70,8 +70,10 @@ struct key_derivation_struct {
 typedef struct key_derivation_struct key_derivation_t;
 
 int key_derivation_init(key_derivation_t* kd, const char* type, int8_t ld_kdr, const char* passphrase, u_int8_t* key, u_int32_t key_len, u_int8_t* salt, u_int32_t salt_len);
+#ifndef NO_PASSPHRASE
 int key_derivation_generate_master_key(key_derivation_t* kd, const char* passphrase, u_int16_t key_length);
 int key_derivation_generate_master_salt(key_derivation_t* kd, const char* passphrase, u_int16_t salt_length);
+#endif
 void key_derivation_close(key_derivation_t* kd);
 int key_derivation_generate(key_derivation_t* kd, satp_prf_label_t label, seq_nr_t seq_nr, u_int8_t* key, u_int32_t len);
 
diff --git a/src/options.c b/src/options.c
index 9bfb030..32f0ce7 100644
--- a/src/options.c
+++ b/src/options.c
@@ -201,7 +201,9 @@ int options_parse(options_t* opt, int argc, char* argv[])
     PARSE_STRING_PARAM("-k","--kd-prf", opt->kd_prf_)
     PARSE_INT_PARAM("-l","--ld-kdr", opt->ld_kdr_)
     PARSE_STRING_PARAM("-a","--auth-algo", opt->auth_algo_)
+#ifndef NO_PASSPHRASE
     PARSE_STRING_PARAM_SEC("-E","--passphrase", opt->passphrase_)
+#endif
     PARSE_HEXSTRING_PARAM_SEC("-K","--key", opt->key_)
     PARSE_HEXSTRING_PARAM_SEC("-A","--salt", opt->salt_)
 #endif
@@ -334,7 +336,9 @@ void options_print_usage()
   printf("        [-a|--auth-algo] <algo type>        message authentication algorithm\n");
   printf("        [-k|--kd-prf] <kd-prf type>         key derivation pseudo random function\n");
   printf("        [-l|--ld-kdr] <ld-kdr>              log2 of key derivation rate\n");
+#ifndef NO_PASSPHRASE
   printf("        [-E|--passphrase <pass phrase>      a passprhase to generate master key and salt from\n");
+#endif
   printf("        [-K|--key] <master key>             master key to use for encryption\n");
   printf("        [-A|--salt] <master salt>           master salt to use for encryption\n");
 #endif
-- 
cgit v1.2.3