| @@ -1,284 +1,233 @@ | | | @@ -1,284 +1,233 @@ |
1 | $NetBSD: patch-lfd__encrypt.c,v 1.1 2019/10/03 12:11:43 kardel Exp $ | | 1 | $NetBSD: patch-lfd__encrypt.c,v 1.2 2021/04/21 07:36:24 nia Exp $ |
2 | | | 2 | |
3 | Adjust to compile also with openssl>=1.1 | | 3 | Adjust to compile also with openssl>=1.1 |
4 | | | 4 | |
5 | --- lfd_encrypt.c.orig 2019-08-23 08:37:39.608971418 +0000 | | 5 | --- lfd_encrypt.c.orig 2016-10-01 21:27:51.000000000 +0000 |
6 | +++ lfd_encrypt.c | | 6 | +++ lfd_encrypt.c |
7 | @@ -77,6 +77,11 @@ struct vtun_host *phost; | | 7 | @@ -95,11 +95,11 @@ static unsigned long sequence_num; |
8 | | | 8 | static char * pkey; |
9 | extern int send_a_packet; | | 9 | static char * iv_buf; |
10 | | | 10 | |
11 | +static int send_msg(int len, char *in, char **out); | | 11 | -static EVP_CIPHER_CTX ctx_enc; /* encrypt */ |
12 | +static int send_ib_mesg(int *len, char **in); | | 12 | -static EVP_CIPHER_CTX ctx_dec; /* decrypt */ |
13 | +static int recv_msg(int len, char *in, char **out); | | 13 | +static EVP_CIPHER_CTX *ctx_enc; /* encrypt */ |
14 | +static int recv_ib_mesg(int *len, char **in); | | 14 | +static EVP_CIPHER_CTX *ctx_dec; /* decrypt */ |
| | | 15 | |
| | | 16 | -static EVP_CIPHER_CTX ctx_enc_ecb; /* sideband ecb encrypt */ |
| | | 17 | -static EVP_CIPHER_CTX ctx_dec_ecb; /* sideband ecb decrypt */ |
| | | 18 | +static EVP_CIPHER_CTX *ctx_enc_ecb; /* sideband ecb encrypt */ |
| | | 19 | +static EVP_CIPHER_CTX *ctx_dec_ecb; /* sideband ecb decrypt */ |
| | | 20 | |
| | | 21 | static int send_msg(int len, char *in, char **out); |
| | | 22 | static int recv_msg(int len, char *in, char **out); |
| | | 23 | @@ -156,6 +156,11 @@ static int alloc_encrypt(struct vtun_hos |
| | | 24 | EVP_CIPHER_CTX *pctx_enc; |
| | | 25 | EVP_CIPHER_CTX *pctx_dec; |
| | | 26 | |
| | | 27 | + ctx_enc = EVP_CIPHER_CTX_new(); |
| | | 28 | + ctx_dec = EVP_CIPHER_CTX_new(); |
| | | 29 | + ctx_enc_ecb = EVP_CIPHER_CTX_new(); |
| | | 30 | + ctx_dec_ecb = EVP_CIPHER_CTX_new(); |
15 | + | | 31 | + |
16 | /* out of sync packet threshold before forcing a re-init */ | | | |
17 | #define MAX_GIBBERISH 10 | | | |
18 | #define MIN_GIBBERISH 1 | | | |
19 | @@ -95,11 +100,11 @@ unsigned long sequence_num; | | | |
20 | char * pkey; | | | |
21 | char * iv_buf; | | | |
22 | | | | |
23 | -EVP_CIPHER_CTX ctx_enc; /* encrypt */ | | | |
24 | -EVP_CIPHER_CTX ctx_dec; /* decrypt */ | | | |
25 | +EVP_CIPHER_CTX *ctx_enc = NULL; /* encrypt */ | | | |
26 | +EVP_CIPHER_CTX *ctx_dec = NULL; /* decrypt */ | | | |
27 | | | | |
28 | -EVP_CIPHER_CTX ctx_enc_ecb; /* sideband ecb encrypt */ | | | |
29 | -EVP_CIPHER_CTX ctx_dec_ecb; /* sideband ecb decrypt */ | | | |
30 | +EVP_CIPHER_CTX *ctx_enc_ecb = NULL; /* sideband ecb encrypt */ | | | |
31 | +EVP_CIPHER_CTX *ctx_dec_ecb = NULL; /* sideband ecb decrypt */ | | | |
32 | | | | |
33 | int prep_key(char **key, int size, struct vtun_host *host) | | | |
34 | { | | | |
35 | @@ -154,6 +159,14 @@ int alloc_encrypt(struct vtun_host *host | | | |
36 | enc_init_first_time = 1; | | 32 | enc_init_first_time = 1; |
37 | dec_init_first_time = 1; | | 33 | dec_init_first_time = 1; |
38 | | | 34 | |
39 | + if (ctx_enc == NULL) { | | 35 | @@ -182,15 +187,15 @@ static int alloc_encrypt(struct vtun_hos |
40 | + ctx_enc = EVP_CIPHER_CTX_new(); /* encrypt */ | | | |
41 | + ctx_dec = EVP_CIPHER_CTX_new(); /* decrypt */ | | | |
42 | + | | | |
43 | + ctx_enc_ecb = EVP_CIPHER_CTX_new(); /* sideband ecb encrypt */ | | | |
44 | + ctx_dec_ecb = EVP_CIPHER_CTX_new(); /* sideband ecb decrypt */ | | | |
45 | + } | | | |
46 | + | | | |
47 | if( !(enc_buf = lfd_alloc(ENC_BUF_SIZE)) ){ | | | |
48 | vtun_syslog(LOG_ERR,"Can't allocate buffer for encryptor"); | | | |
49 | return -1; | | | |
50 | @@ -177,15 +190,15 @@ int alloc_encrypt(struct vtun_host *host | | | |
51 | keysize = 32; | | 36 | keysize = 32; |
52 | sb_init = 1; | | 37 | sb_init = 1; |
53 | cipher_type = EVP_aes_256_ecb(); | | 38 | cipher_type = EVP_aes_256_ecb(); |
54 | - pctx_enc = &ctx_enc_ecb; | | 39 | - pctx_enc = &ctx_enc_ecb; |
55 | - pctx_dec = &ctx_dec_ecb; | | 40 | - pctx_dec = &ctx_dec_ecb; |
56 | + pctx_enc = ctx_enc_ecb; | | 41 | + pctx_enc = ctx_enc_ecb; |
57 | + pctx_dec = ctx_dec_ecb; | | 42 | + pctx_dec = ctx_dec_ecb; |
58 | break; | | 43 | break; |
59 | | | 44 | |
60 | case VTUN_ENC_AES256ECB: | | 45 | case VTUN_ENC_AES256ECB: |
61 | blocksize = 16; | | 46 | blocksize = 16; |
62 | keysize = 32; | | 47 | keysize = 32; |
63 | - pctx_enc = &ctx_enc; | | 48 | - pctx_enc = &ctx_enc; |
64 | - pctx_dec = &ctx_dec; | | 49 | - pctx_dec = &ctx_dec; |
65 | + pctx_enc = ctx_enc; | | 50 | + pctx_enc = ctx_enc; |
66 | + pctx_dec = ctx_dec; | | 51 | + pctx_dec = ctx_dec; |
67 | cipher_type = EVP_aes_256_ecb(); | | 52 | cipher_type = EVP_aes_256_ecb(); |
68 | strcpy(cipher_name,"AES-256-ECB"); | | 53 | strcpy(cipher_name,"AES-256-ECB"); |
69 | break; | | 54 | break; |
70 | @@ -196,14 +209,14 @@ int alloc_encrypt(struct vtun_host *host | | 55 | @@ -201,14 +206,14 @@ static int alloc_encrypt(struct vtun_hos |
71 | keysize = 16; | | 56 | keysize = 16; |
72 | sb_init=1; | | 57 | sb_init=1; |
73 | cipher_type = EVP_aes_128_ecb(); | | 58 | cipher_type = EVP_aes_128_ecb(); |
74 | - pctx_enc = &ctx_enc_ecb; | | 59 | - pctx_enc = &ctx_enc_ecb; |
75 | - pctx_dec = &ctx_dec_ecb; | | 60 | - pctx_dec = &ctx_dec_ecb; |
76 | + pctx_enc = ctx_enc_ecb; | | 61 | + pctx_enc = ctx_enc_ecb; |
77 | + pctx_dec = ctx_dec_ecb; | | 62 | + pctx_dec = ctx_dec_ecb; |
78 | break; | | 63 | break; |
79 | case VTUN_ENC_AES128ECB: | | 64 | case VTUN_ENC_AES128ECB: |
80 | blocksize = 16; | | 65 | blocksize = 16; |
81 | keysize = 16; | | 66 | keysize = 16; |
82 | - pctx_enc = &ctx_enc; | | 67 | - pctx_enc = &ctx_enc; |
83 | - pctx_dec = &ctx_dec; | | 68 | - pctx_dec = &ctx_dec; |
84 | + pctx_enc = ctx_enc; | | 69 | + pctx_enc = ctx_enc; |
85 | + pctx_dec = ctx_dec; | | 70 | + pctx_dec = ctx_dec; |
86 | cipher_type = EVP_aes_128_ecb(); | | 71 | cipher_type = EVP_aes_128_ecb(); |
87 | strcpy(cipher_name,"AES-128-ECB"); | | 72 | strcpy(cipher_name,"AES-128-ECB"); |
88 | break; | | 73 | break; |
89 | @@ -216,16 +229,16 @@ int alloc_encrypt(struct vtun_host *host | | 74 | @@ -221,16 +226,16 @@ static int alloc_encrypt(struct vtun_hos |
90 | var_key = 1; | | 75 | var_key = 1; |
91 | sb_init = 1; | | 76 | sb_init = 1; |
92 | cipher_type = EVP_bf_ecb(); | | 77 | cipher_type = EVP_bf_ecb(); |
93 | - pctx_enc = &ctx_enc_ecb; | | 78 | - pctx_enc = &ctx_enc_ecb; |
94 | - pctx_dec = &ctx_dec_ecb; | | 79 | - pctx_dec = &ctx_dec_ecb; |
95 | + pctx_enc = ctx_enc_ecb; | | 80 | + pctx_enc = ctx_enc_ecb; |
96 | + pctx_dec = ctx_dec_ecb; | | 81 | + pctx_dec = ctx_dec_ecb; |
97 | break; | | 82 | break; |
98 | | | 83 | |
99 | case VTUN_ENC_BF256ECB: | | 84 | case VTUN_ENC_BF256ECB: |
100 | blocksize = 8; | | 85 | blocksize = 8; |
101 | keysize = 32; | | 86 | keysize = 32; |
102 | var_key = 1; | | 87 | var_key = 1; |
103 | - pctx_enc = &ctx_enc; | | 88 | - pctx_enc = &ctx_enc; |
104 | - pctx_dec = &ctx_dec; | | 89 | - pctx_dec = &ctx_dec; |
105 | + pctx_enc = ctx_enc; | | 90 | + pctx_enc = ctx_enc; |
106 | + pctx_dec = ctx_dec; | | 91 | + pctx_dec = ctx_dec; |
107 | cipher_type = EVP_bf_ecb(); | | 92 | cipher_type = EVP_bf_ecb(); |
108 | strcpy(cipher_name,"Blowfish-256-ECB"); | | 93 | strcpy(cipher_name,"Blowfish-256-ECB"); |
109 | break; | | 94 | break; |
110 | @@ -238,16 +251,16 @@ int alloc_encrypt(struct vtun_host *host | | 95 | @@ -243,16 +248,16 @@ static int alloc_encrypt(struct vtun_hos |
111 | var_key = 1; | | 96 | var_key = 1; |
112 | sb_init = 1; | | 97 | sb_init = 1; |
113 | cipher_type = EVP_bf_ecb(); | | 98 | cipher_type = EVP_bf_ecb(); |
114 | - pctx_enc = &ctx_enc_ecb; | | 99 | - pctx_enc = &ctx_enc_ecb; |
115 | - pctx_dec = &ctx_dec_ecb; | | 100 | - pctx_dec = &ctx_dec_ecb; |
116 | + pctx_enc = ctx_enc_ecb; | | 101 | + pctx_enc = ctx_enc_ecb; |
117 | + pctx_dec = ctx_dec_ecb; | | 102 | + pctx_dec = ctx_dec_ecb; |
118 | break; | | 103 | break; |
119 | case VTUN_ENC_BF128ECB: /* blowfish 128 ecb is the default */ | | 104 | case VTUN_ENC_BF128ECB: /* blowfish 128 ecb is the default */ |
120 | default: | | 105 | default: |
121 | blocksize = 8; | | 106 | blocksize = 8; |
122 | keysize = 16; | | 107 | keysize = 16; |
123 | var_key = 1; | | 108 | var_key = 1; |
124 | - pctx_enc = &ctx_enc; | | 109 | - pctx_enc = &ctx_enc; |
125 | - pctx_dec = &ctx_dec; | | 110 | - pctx_dec = &ctx_dec; |
126 | + pctx_enc = ctx_enc; | | 111 | + pctx_enc = ctx_enc; |
127 | + pctx_dec = ctx_dec; | | 112 | + pctx_dec = ctx_dec; |
128 | cipher_type = EVP_bf_ecb(); | | 113 | cipher_type = EVP_bf_ecb(); |
129 | strcpy(cipher_name,"Blowfish-128-ECB"); | | 114 | strcpy(cipher_name,"Blowfish-128-ECB"); |
130 | break; | | 115 | break; |
131 | @@ -289,10 +302,10 @@ int free_encrypt() | | 116 | @@ -294,10 +299,10 @@ static int free_encrypt() |
132 | lfd_free(enc_buf); enc_buf = NULL; | | 117 | lfd_free(enc_buf); enc_buf = NULL; |
133 | lfd_free(dec_buf); dec_buf = NULL; | | 118 | lfd_free(dec_buf); dec_buf = NULL; |
134 | | | 119 | |
135 | - EVP_CIPHER_CTX_cleanup(&ctx_enc); | | 120 | - EVP_CIPHER_CTX_cleanup(&ctx_enc); |
136 | - EVP_CIPHER_CTX_cleanup(&ctx_dec); | | 121 | - EVP_CIPHER_CTX_cleanup(&ctx_dec); |
137 | - EVP_CIPHER_CTX_cleanup(&ctx_enc_ecb); | | 122 | - EVP_CIPHER_CTX_cleanup(&ctx_enc_ecb); |
138 | - EVP_CIPHER_CTX_cleanup(&ctx_dec_ecb); | | 123 | - EVP_CIPHER_CTX_cleanup(&ctx_dec_ecb); |
139 | + EVP_CIPHER_CTX_cleanup(ctx_enc); | | 124 | + EVP_CIPHER_CTX_cleanup(ctx_enc); |
140 | + EVP_CIPHER_CTX_cleanup(ctx_dec); | | 125 | + EVP_CIPHER_CTX_cleanup(ctx_dec); |
141 | + EVP_CIPHER_CTX_cleanup(ctx_enc_ecb); | | 126 | + EVP_CIPHER_CTX_cleanup(ctx_enc_ecb); |
142 | + EVP_CIPHER_CTX_cleanup(ctx_dec_ecb); | | 127 | + EVP_CIPHER_CTX_cleanup(ctx_dec_ecb); |
143 | | | 128 | |
144 | return 0; | | 129 | return 0; |
145 | } | | 130 | } |
146 | @@ -318,7 +331,7 @@ int encrypt_buf(int len, char *in, char | | 131 | @@ -323,7 +328,7 @@ static int encrypt_buf(int len, char *in |
147 | outlen=len+pad; | | 132 | outlen=len+pad; |
148 | if (pad == blocksize) | | 133 | if (pad == blocksize) |
149 | RAND_bytes(in_ptr+len, blocksize-1); | | 134 | RAND_bytes(in_ptr+len, blocksize-1); |
150 | - EVP_EncryptUpdate(&ctx_enc, out_ptr, &outlen, in_ptr, len+pad); | | 135 | - EVP_EncryptUpdate(&ctx_enc, out_ptr, &outlen, in_ptr, len+pad); |
151 | + EVP_EncryptUpdate(ctx_enc, out_ptr, &outlen, in_ptr, len+pad); | | 136 | + EVP_EncryptUpdate(ctx_enc, out_ptr, &outlen, in_ptr, len+pad); |
152 | *out = enc_buf; | | 137 | *out = enc_buf; |
153 | | | 138 | |
154 | sequence_num++; | | 139 | sequence_num++; |
155 | @@ -338,7 +351,7 @@ int decrypt_buf(int len, char *in, char | | 140 | @@ -343,7 +348,7 @@ static int decrypt_buf(int len, char *in |
156 | | | 141 | |
157 | outlen=len; | | 142 | outlen=len; |
158 | if (!len) return 0; | | 143 | if (!len) return 0; |
159 | - EVP_DecryptUpdate(&ctx_dec, out_ptr, &outlen, in_ptr, len); | | 144 | - EVP_DecryptUpdate(&ctx_dec, out_ptr, &outlen, in_ptr, len); |
160 | + EVP_DecryptUpdate(ctx_dec, out_ptr, &outlen, in_ptr, len); | | 145 | + EVP_DecryptUpdate(ctx_dec, out_ptr, &outlen, in_ptr, len); |
161 | recv_ib_mesg(&outlen, &out_ptr); | | 146 | recv_ib_mesg(&outlen, &out_ptr); |
162 | if (!outlen) return 0; | | 147 | if (!outlen) return 0; |
163 | tmp_ptr = out_ptr + outlen; tmp_ptr--; | | 148 | tmp_ptr = out_ptr + outlen; tmp_ptr--; |
164 | @@ -426,13 +439,13 @@ int cipher_enc_init(char * iv) | | 149 | @@ -431,13 +436,13 @@ static int cipher_enc_init(char * iv) |
165 | break; | | 150 | break; |
166 | } /* switch(cipher) */ | | 151 | } /* switch(cipher) */ |
167 | | | 152 | |
168 | - EVP_CIPHER_CTX_init(&ctx_enc); | | 153 | - EVP_CIPHER_CTX_init(&ctx_enc); |
169 | - EVP_EncryptInit_ex(&ctx_enc, cipher_type, NULL, NULL, NULL); | | 154 | - EVP_EncryptInit_ex(&ctx_enc, cipher_type, NULL, NULL, NULL); |
170 | + EVP_CIPHER_CTX_init(ctx_enc); | | 155 | + EVP_CIPHER_CTX_init(ctx_enc); |
171 | + EVP_EncryptInit_ex(ctx_enc, cipher_type, NULL, NULL, NULL); | | 156 | + EVP_EncryptInit_ex(ctx_enc, cipher_type, NULL, NULL, NULL); |
172 | if (var_key) | | 157 | if (var_key) |
173 | - EVP_CIPHER_CTX_set_key_length(&ctx_enc, keysize); | | 158 | - EVP_CIPHER_CTX_set_key_length(&ctx_enc, keysize); |
174 | - EVP_EncryptInit_ex(&ctx_enc, NULL, NULL, pkey, NULL); | | 159 | - EVP_EncryptInit_ex(&ctx_enc, NULL, NULL, pkey, NULL); |
175 | - EVP_EncryptInit_ex(&ctx_enc, NULL, NULL, NULL, iv); | | 160 | - EVP_EncryptInit_ex(&ctx_enc, NULL, NULL, NULL, iv); |
176 | - EVP_CIPHER_CTX_set_padding(&ctx_enc, 0); | | 161 | - EVP_CIPHER_CTX_set_padding(&ctx_enc, 0); |
177 | + EVP_CIPHER_CTX_set_key_length(ctx_enc, keysize); | | 162 | + EVP_CIPHER_CTX_set_key_length(ctx_enc, keysize); |
178 | + EVP_EncryptInit_ex(ctx_enc, NULL, NULL, pkey, NULL); | | 163 | + EVP_EncryptInit_ex(ctx_enc, NULL, NULL, pkey, NULL); |
179 | + EVP_EncryptInit_ex(ctx_enc, NULL, NULL, NULL, iv); | | 164 | + EVP_EncryptInit_ex(ctx_enc, NULL, NULL, NULL, iv); |
180 | + EVP_CIPHER_CTX_set_padding(ctx_enc, 0); | | 165 | + EVP_CIPHER_CTX_set_padding(ctx_enc, 0); |
181 | if (enc_init_first_time) | | 166 | if (enc_init_first_time) |
182 | { | | 167 | { |
183 | sprintf(tmpstr,"%s encryption initialized", cipher_name); | | 168 | sprintf(tmpstr,"%s encryption initialized", cipher_name); |
184 | @@ -516,13 +529,13 @@ int cipher_dec_init(char * iv) | | 169 | @@ -521,13 +526,13 @@ static int cipher_dec_init(char * iv) |
185 | break; | | 170 | break; |
186 | } /* switch(cipher) */ | | 171 | } /* switch(cipher) */ |
187 | | | 172 | |
188 | - EVP_CIPHER_CTX_init(&ctx_dec); | | 173 | - EVP_CIPHER_CTX_init(&ctx_dec); |
189 | - EVP_DecryptInit_ex(&ctx_dec, cipher_type, NULL, NULL, NULL); | | 174 | - EVP_DecryptInit_ex(&ctx_dec, cipher_type, NULL, NULL, NULL); |
190 | + EVP_CIPHER_CTX_init(ctx_dec); | | 175 | + EVP_CIPHER_CTX_init(ctx_dec); |
191 | + EVP_DecryptInit_ex(ctx_dec, cipher_type, NULL, NULL, NULL); | | 176 | + EVP_DecryptInit_ex(ctx_dec, cipher_type, NULL, NULL, NULL); |
192 | if (var_key) | | 177 | if (var_key) |
193 | - EVP_CIPHER_CTX_set_key_length(&ctx_dec, keysize); | | 178 | - EVP_CIPHER_CTX_set_key_length(&ctx_dec, keysize); |
194 | - EVP_DecryptInit_ex(&ctx_dec, NULL, NULL, pkey, NULL); | | 179 | - EVP_DecryptInit_ex(&ctx_dec, NULL, NULL, pkey, NULL); |
195 | - EVP_DecryptInit_ex(&ctx_dec, NULL, NULL, NULL, iv); | | 180 | - EVP_DecryptInit_ex(&ctx_dec, NULL, NULL, NULL, iv); |
196 | - EVP_CIPHER_CTX_set_padding(&ctx_dec, 0); | | 181 | - EVP_CIPHER_CTX_set_padding(&ctx_dec, 0); |
197 | + EVP_CIPHER_CTX_set_key_length(ctx_dec, keysize); | | 182 | + EVP_CIPHER_CTX_set_key_length(ctx_dec, keysize); |
198 | + EVP_DecryptInit_ex(ctx_dec, NULL, NULL, pkey, NULL); | | 183 | + EVP_DecryptInit_ex(ctx_dec, NULL, NULL, pkey, NULL); |
199 | + EVP_DecryptInit_ex(ctx_dec, NULL, NULL, NULL, iv); | | 184 | + EVP_DecryptInit_ex(ctx_dec, NULL, NULL, NULL, iv); |
200 | + EVP_CIPHER_CTX_set_padding(ctx_dec, 0); | | 185 | + EVP_CIPHER_CTX_set_padding(ctx_dec, 0); |
201 | if (dec_init_first_time) | | 186 | if (dec_init_first_time) |
202 | { | | 187 | { |
203 | sprintf(tmpstr,"%s decryption initialized", cipher_name); | | 188 | sprintf(tmpstr,"%s decryption initialized", cipher_name); |
204 | @@ -532,7 +545,7 @@ int cipher_dec_init(char * iv) | | 189 | @@ -559,7 +564,7 @@ static int send_msg(int len, char *in, c |
205 | return 0; | | | |
206 | } | | | |
207 | | | | |
208 | -int send_msg(int len, char *in, char **out) | | | |
209 | +static int send_msg(int len, char *in, char **out) | | | |
210 | { | | | |
211 | char * iv; char * in_ptr; | | | |
212 | int outlen; | | | |
213 | @@ -554,7 +567,7 @@ int send_msg(int len, char *in, char **o | | | |
214 | | | 190 | |
215 | in_ptr = in - blocksize*2; | | 191 | in_ptr = in - blocksize*2; |
216 | outlen = blocksize*2; | | 192 | outlen = blocksize*2; |
217 | - EVP_EncryptUpdate(&ctx_enc_ecb, in_ptr, | | 193 | - EVP_EncryptUpdate(&ctx_enc_ecb, in_ptr, |
218 | + EVP_EncryptUpdate(ctx_enc_ecb, in_ptr, | | 194 | + EVP_EncryptUpdate(ctx_enc_ecb, in_ptr, |
219 | &outlen, in_ptr, blocksize*2); | | 195 | &outlen, in_ptr, blocksize*2); |
220 | *out = in_ptr; | | 196 | *out = in_ptr; |
221 | len = outlen; | | 197 | len = outlen; |
222 | @@ -570,7 +583,7 @@ int send_msg(int len, char *in, char **o | | 198 | @@ -586,7 +591,7 @@ static int recv_msg(int len, char *in, c |
223 | return len; | | | |
224 | } | | | |
225 | | | | |
226 | -int recv_msg(int len, char *in, char **out) | | | |
227 | +static int recv_msg(int len, char *in, char **out) | | | |
228 | { | | | |
229 | char * iv; char * in_ptr; | | | |
230 | int outlen; | | | |
231 | @@ -581,7 +594,7 @@ int recv_msg(int len, char *in, char **o | | | |
232 | in_ptr = in; | | 199 | in_ptr = in; |
233 | iv = malloc(blocksize); | | 200 | iv = malloc(blocksize); |
234 | outlen = blocksize*2; | | 201 | outlen = blocksize*2; |
235 | - EVP_DecryptUpdate(&ctx_dec_ecb, in_ptr, &outlen, in_ptr, blocksize*2); | | 202 | - EVP_DecryptUpdate(&ctx_dec_ecb, in_ptr, &outlen, in_ptr, blocksize*2); |
236 | + EVP_DecryptUpdate(ctx_dec_ecb, in_ptr, &outlen, in_ptr, blocksize*2); | | 203 | + EVP_DecryptUpdate(ctx_dec_ecb, in_ptr, &outlen, in_ptr, blocksize*2); |
237 | | | 204 | |
238 | if ( !strncmp(in_ptr, "ivec", 4) ) | | 205 | if ( !strncmp(in_ptr, "ivec", 4) ) |
239 | { | | 206 | { |
240 | @@ -624,7 +637,7 @@ int recv_msg(int len, char *in, char **o | | 207 | @@ -629,7 +634,7 @@ static int recv_msg(int len, char *in, c |
241 | if (cipher_enc_state != CIPHER_INIT) | | 208 | if (cipher_enc_state != CIPHER_INIT) |
242 | { | | 209 | { |
243 | cipher_enc_state = CIPHER_INIT; | | 210 | cipher_enc_state = CIPHER_INIT; |
244 | - EVP_CIPHER_CTX_cleanup(&ctx_enc); | | 211 | - EVP_CIPHER_CTX_cleanup(&ctx_enc); |
245 | + EVP_CIPHER_CTX_cleanup(ctx_enc); | | 212 | + EVP_CIPHER_CTX_cleanup(ctx_enc); |
246 | #ifdef LFD_ENCRYPT_DEBUG | | 213 | #ifdef LFD_ENCRYPT_DEBUG |
247 | vtun_syslog(LOG_INFO, | | 214 | vtun_syslog(LOG_INFO, |
248 | "Forcing local encryptor re-init"); | | 215 | "Forcing local encryptor re-init"); |
249 | @@ -645,7 +658,7 @@ int recv_msg(int len, char *in, char **o | | 216 | @@ -710,7 +715,7 @@ static int recv_ib_mesg(int *len, char * |
250 | } | | | |
251 | | | | |
252 | /* Send In-Band Message */ | | | |
253 | -int send_ib_mesg(int *len, char **in) | | | |
254 | +static int send_ib_mesg(int *len, char **in) | | | |
255 | { | | | |
256 | char *in_ptr = *in; | | | |
257 | | | | |
258 | @@ -684,7 +697,7 @@ int send_ib_mesg(int *len, char **in) | | | |
259 | } | | | |
260 | | | | |
261 | /* Receive In-Band Message */ | | | |
262 | -int recv_ib_mesg(int *len, char **in) | | | |
263 | +static int recv_ib_mesg(int *len, char **in) | | | |
264 | { | | | |
265 | char *in_ptr = *in; | | | |
266 | | | | |
267 | @@ -705,7 +718,7 @@ int recv_ib_mesg(int *len, char **in) | | | |
268 | if (cipher_enc_state != CIPHER_INIT) | | 217 | if (cipher_enc_state != CIPHER_INIT) |
269 | { | | 218 | { |
270 | cipher_enc_state = CIPHER_INIT; | | 219 | cipher_enc_state = CIPHER_INIT; |
271 | - EVP_CIPHER_CTX_cleanup(&ctx_enc); | | 220 | - EVP_CIPHER_CTX_cleanup(&ctx_enc); |
272 | + EVP_CIPHER_CTX_cleanup(ctx_enc); | | 221 | + EVP_CIPHER_CTX_cleanup(ctx_enc); |
273 | } | | 222 | } |
274 | #ifdef LFD_ENCRYPT_DEBUG | | 223 | #ifdef LFD_ENCRYPT_DEBUG |
275 | vtun_syslog(LOG_INFO, "Remote requests encryptor re-init"); | | 224 | vtun_syslog(LOG_INFO, "Remote requests encryptor re-init"); |
276 | @@ -719,7 +732,7 @@ int recv_ib_mesg(int *len, char **in) | | 225 | @@ -724,7 +729,7 @@ static int recv_ib_mesg(int *len, char * |
277 | cipher_enc_state != CIPHER_REQ_INIT && | | 226 | cipher_enc_state != CIPHER_REQ_INIT && |
278 | cipher_enc_state != CIPHER_INIT) | | 227 | cipher_enc_state != CIPHER_INIT) |
279 | { | | 228 | { |
280 | - EVP_CIPHER_CTX_cleanup (&ctx_dec); | | 229 | - EVP_CIPHER_CTX_cleanup (&ctx_dec); |
281 | + EVP_CIPHER_CTX_cleanup (ctx_dec); | | 230 | + EVP_CIPHER_CTX_cleanup (ctx_dec); |
282 | cipher_dec_state = CIPHER_INIT; | | 231 | cipher_dec_state = CIPHER_INIT; |
283 | cipher_enc_state = CIPHER_REQ_INIT; | | 232 | cipher_enc_state = CIPHER_REQ_INIT; |
284 | } | | 233 | } |