]>
Commit | Line | Data |
---|---|---|
b0608415 AG |
1 | --- vtun-3.0.4.orig/lfd_encrypt.c 2016-10-01 23:27:51.000000000 +0200 |
2 | +++ vtun-3.0.4/lfd_encrypt.c 2018-09-30 12:17:00.134149092 +0200 | |
3 | @@ -95,11 +95,11 @@ | |
4 | static char * pkey; | |
5 | static char * iv_buf; | |
6 | ||
7 | -static EVP_CIPHER_CTX ctx_enc; /* encrypt */ | |
8 | -static EVP_CIPHER_CTX ctx_dec; /* decrypt */ | |
9 | +static EVP_CIPHER_CTX *ctx_enc; /* encrypt */ | |
10 | +static EVP_CIPHER_CTX *ctx_dec; /* decrypt */ | |
11 | ||
12 | -static EVP_CIPHER_CTX ctx_enc_ecb; /* sideband ecb encrypt */ | |
13 | -static EVP_CIPHER_CTX ctx_dec_ecb; /* sideband ecb decrypt */ | |
14 | +static EVP_CIPHER_CTX *ctx_enc_ecb; /* sideband ecb encrypt */ | |
15 | +static EVP_CIPHER_CTX *ctx_dec_ecb; /* sideband ecb decrypt */ | |
16 | ||
17 | static int send_msg(int len, char *in, char **out); | |
18 | static int recv_msg(int len, char *in, char **out); | |
15a049f5 AG |
19 | @@ -157,6 +157,11 @@ int alloc_encrypt(struct vtun_host *host |
20 | EVP_CIPHER_CTX *pctx_enc; | |
21 | EVP_CIPHER_CTX *pctx_dec; | |
22 | ||
23 | + ctx_enc = EVP_CIPHER_CTX_new(); | |
24 | + ctx_dec = EVP_CIPHER_CTX_new(); | |
25 | + ctx_enc_ecb = EVP_CIPHER_CTX_new(); | |
26 | + ctx_dec_ecb = EVP_CIPHER_CTX_new(); | |
27 | + | |
28 | enc_init_first_time = 1; | |
29 | dec_init_first_time = 1; | |
30 | ||
b0608415 AG |
31 | @@ -182,15 +182,15 @@ |
32 | keysize = 32; | |
33 | sb_init = 1; | |
34 | cipher_type = EVP_aes_256_ecb(); | |
35 | - pctx_enc = &ctx_enc_ecb; | |
36 | - pctx_dec = &ctx_dec_ecb; | |
37 | + pctx_enc = ctx_enc_ecb; | |
38 | + pctx_dec = ctx_dec_ecb; | |
39 | break; | |
40 | ||
41 | case VTUN_ENC_AES256ECB: | |
42 | blocksize = 16; | |
43 | keysize = 32; | |
44 | - pctx_enc = &ctx_enc; | |
45 | - pctx_dec = &ctx_dec; | |
46 | + pctx_enc = ctx_enc; | |
47 | + pctx_dec = ctx_dec; | |
48 | cipher_type = EVP_aes_256_ecb(); | |
49 | strcpy(cipher_name,"AES-256-ECB"); | |
50 | break; | |
51 | @@ -201,14 +201,14 @@ | |
52 | keysize = 16; | |
53 | sb_init=1; | |
54 | cipher_type = EVP_aes_128_ecb(); | |
55 | - pctx_enc = &ctx_enc_ecb; | |
56 | - pctx_dec = &ctx_dec_ecb; | |
57 | + pctx_enc = ctx_enc_ecb; | |
58 | + pctx_dec = ctx_dec_ecb; | |
59 | break; | |
60 | case VTUN_ENC_AES128ECB: | |
61 | blocksize = 16; | |
62 | keysize = 16; | |
63 | - pctx_enc = &ctx_enc; | |
64 | - pctx_dec = &ctx_dec; | |
65 | + pctx_enc = ctx_enc; | |
66 | + pctx_dec = ctx_dec; | |
67 | cipher_type = EVP_aes_128_ecb(); | |
68 | strcpy(cipher_name,"AES-128-ECB"); | |
69 | break; | |
70 | @@ -221,16 +221,16 @@ | |
71 | var_key = 1; | |
72 | sb_init = 1; | |
73 | cipher_type = EVP_bf_ecb(); | |
74 | - pctx_enc = &ctx_enc_ecb; | |
75 | - pctx_dec = &ctx_dec_ecb; | |
76 | + pctx_enc = ctx_enc_ecb; | |
77 | + pctx_dec = ctx_dec_ecb; | |
78 | break; | |
79 | ||
80 | case VTUN_ENC_BF256ECB: | |
81 | blocksize = 8; | |
82 | keysize = 32; | |
83 | var_key = 1; | |
84 | - pctx_enc = &ctx_enc; | |
85 | - pctx_dec = &ctx_dec; | |
86 | + pctx_enc = ctx_enc; | |
87 | + pctx_dec = ctx_dec; | |
88 | cipher_type = EVP_bf_ecb(); | |
89 | strcpy(cipher_name,"Blowfish-256-ECB"); | |
90 | break; | |
91 | @@ -243,16 +243,16 @@ | |
92 | var_key = 1; | |
93 | sb_init = 1; | |
94 | cipher_type = EVP_bf_ecb(); | |
95 | - pctx_enc = &ctx_enc_ecb; | |
96 | - pctx_dec = &ctx_dec_ecb; | |
97 | + pctx_enc = ctx_enc_ecb; | |
98 | + pctx_dec = ctx_dec_ecb; | |
99 | break; | |
100 | case VTUN_ENC_BF128ECB: /* blowfish 128 ecb is the default */ | |
101 | default: | |
102 | blocksize = 8; | |
103 | keysize = 16; | |
104 | var_key = 1; | |
105 | - pctx_enc = &ctx_enc; | |
106 | - pctx_dec = &ctx_dec; | |
107 | + pctx_enc = ctx_enc; | |
108 | + pctx_dec = ctx_dec; | |
109 | cipher_type = EVP_bf_ecb(); | |
110 | strcpy(cipher_name,"Blowfish-128-ECB"); | |
111 | break; | |
112 | @@ -294,10 +294,10 @@ | |
113 | lfd_free(enc_buf); enc_buf = NULL; | |
114 | lfd_free(dec_buf); dec_buf = NULL; | |
115 | ||
116 | - EVP_CIPHER_CTX_cleanup(&ctx_enc); | |
117 | - EVP_CIPHER_CTX_cleanup(&ctx_dec); | |
118 | - EVP_CIPHER_CTX_cleanup(&ctx_enc_ecb); | |
119 | - EVP_CIPHER_CTX_cleanup(&ctx_dec_ecb); | |
120 | + EVP_CIPHER_CTX_free(ctx_enc); | |
121 | + EVP_CIPHER_CTX_free(ctx_dec); | |
122 | + EVP_CIPHER_CTX_free(ctx_enc_ecb); | |
123 | + EVP_CIPHER_CTX_free(ctx_dec_ecb); | |
124 | ||
125 | return 0; | |
126 | } | |
127 | @@ -323,7 +323,7 @@ | |
128 | outlen=len+pad; | |
129 | if (pad == blocksize) | |
130 | RAND_bytes(in_ptr+len, blocksize-1); | |
131 | - EVP_EncryptUpdate(&ctx_enc, out_ptr, &outlen, in_ptr, len+pad); | |
132 | + EVP_EncryptUpdate(ctx_enc, out_ptr, &outlen, in_ptr, len+pad); | |
133 | *out = enc_buf; | |
134 | ||
135 | sequence_num++; | |
136 | @@ -343,7 +343,7 @@ | |
137 | ||
138 | outlen=len; | |
139 | if (!len) return 0; | |
140 | - EVP_DecryptUpdate(&ctx_dec, out_ptr, &outlen, in_ptr, len); | |
141 | + EVP_DecryptUpdate(ctx_dec, out_ptr, &outlen, in_ptr, len); | |
142 | recv_ib_mesg(&outlen, &out_ptr); | |
143 | if (!outlen) return 0; | |
144 | tmp_ptr = out_ptr + outlen; tmp_ptr--; | |
145 | @@ -431,13 +431,13 @@ | |
146 | break; | |
147 | } /* switch(cipher) */ | |
148 | ||
149 | - EVP_CIPHER_CTX_init(&ctx_enc); | |
150 | - EVP_EncryptInit_ex(&ctx_enc, cipher_type, NULL, NULL, NULL); | |
151 | + EVP_CIPHER_CTX_init(ctx_enc); | |
152 | + EVP_EncryptInit_ex(ctx_enc, cipher_type, NULL, NULL, NULL); | |
153 | if (var_key) | |
154 | - EVP_CIPHER_CTX_set_key_length(&ctx_enc, keysize); | |
155 | - EVP_EncryptInit_ex(&ctx_enc, NULL, NULL, pkey, NULL); | |
156 | - EVP_EncryptInit_ex(&ctx_enc, NULL, NULL, NULL, iv); | |
157 | - EVP_CIPHER_CTX_set_padding(&ctx_enc, 0); | |
158 | + EVP_CIPHER_CTX_set_key_length(ctx_enc, keysize); | |
159 | + EVP_EncryptInit_ex(ctx_enc, NULL, NULL, pkey, NULL); | |
160 | + EVP_EncryptInit_ex(ctx_enc, NULL, NULL, NULL, iv); | |
161 | + EVP_CIPHER_CTX_set_padding(ctx_enc, 0); | |
162 | if (enc_init_first_time) | |
163 | { | |
164 | sprintf(tmpstr,"%s encryption initialized", cipher_name); | |
165 | @@ -521,13 +521,13 @@ | |
166 | break; | |
167 | } /* switch(cipher) */ | |
168 | ||
169 | - EVP_CIPHER_CTX_init(&ctx_dec); | |
170 | - EVP_DecryptInit_ex(&ctx_dec, cipher_type, NULL, NULL, NULL); | |
171 | + EVP_CIPHER_CTX_init(ctx_dec); | |
172 | + EVP_DecryptInit_ex(ctx_dec, cipher_type, NULL, NULL, NULL); | |
173 | if (var_key) | |
174 | - EVP_CIPHER_CTX_set_key_length(&ctx_dec, keysize); | |
175 | - EVP_DecryptInit_ex(&ctx_dec, NULL, NULL, pkey, NULL); | |
176 | - EVP_DecryptInit_ex(&ctx_dec, NULL, NULL, NULL, iv); | |
177 | - EVP_CIPHER_CTX_set_padding(&ctx_dec, 0); | |
178 | + EVP_CIPHER_CTX_set_key_length(ctx_dec, keysize); | |
179 | + EVP_DecryptInit_ex(ctx_dec, NULL, NULL, pkey, NULL); | |
180 | + EVP_DecryptInit_ex(ctx_dec, NULL, NULL, NULL, iv); | |
181 | + EVP_CIPHER_CTX_set_padding(ctx_dec, 0); | |
182 | if (dec_init_first_time) | |
183 | { | |
184 | sprintf(tmpstr,"%s decryption initialized", cipher_name); | |
185 | @@ -559,7 +559,7 @@ | |
186 | ||
187 | in_ptr = in - blocksize*2; | |
188 | outlen = blocksize*2; | |
189 | - EVP_EncryptUpdate(&ctx_enc_ecb, in_ptr, | |
190 | + EVP_EncryptUpdate(ctx_enc_ecb, in_ptr, | |
191 | &outlen, in_ptr, blocksize*2); | |
192 | *out = in_ptr; | |
193 | len = outlen; | |
194 | @@ -586,7 +586,7 @@ | |
195 | in_ptr = in; | |
196 | iv = malloc(blocksize); | |
197 | outlen = blocksize*2; | |
198 | - EVP_DecryptUpdate(&ctx_dec_ecb, in_ptr, &outlen, in_ptr, blocksize*2); | |
199 | + EVP_DecryptUpdate(ctx_dec_ecb, in_ptr, &outlen, in_ptr, blocksize*2); | |
200 | ||
201 | if ( !strncmp(in_ptr, "ivec", 4) ) | |
202 | { | |
203 | @@ -629,7 +629,7 @@ | |
204 | if (cipher_enc_state != CIPHER_INIT) | |
205 | { | |
206 | cipher_enc_state = CIPHER_INIT; | |
207 | - EVP_CIPHER_CTX_cleanup(&ctx_enc); | |
208 | + EVP_CIPHER_CTX_cleanup(ctx_enc); | |
209 | #ifdef LFD_ENCRYPT_DEBUG | |
210 | vtun_syslog(LOG_INFO, | |
211 | "Forcing local encryptor re-init"); | |
212 | @@ -710,7 +710,7 @@ | |
213 | if (cipher_enc_state != CIPHER_INIT) | |
214 | { | |
215 | cipher_enc_state = CIPHER_INIT; | |
216 | - EVP_CIPHER_CTX_cleanup(&ctx_enc); | |
217 | + EVP_CIPHER_CTX_cleanup(ctx_enc); | |
218 | } | |
219 | #ifdef LFD_ENCRYPT_DEBUG | |
220 | vtun_syslog(LOG_INFO, "Remote requests encryptor re-init"); | |
221 | @@ -724,7 +724,7 @@ | |
222 | cipher_enc_state != CIPHER_REQ_INIT && | |
223 | cipher_enc_state != CIPHER_INIT) | |
224 | { | |
225 | - EVP_CIPHER_CTX_cleanup (&ctx_dec); | |
226 | + EVP_CIPHER_CTX_cleanup (ctx_dec); | |
227 | cipher_dec_state = CIPHER_INIT; | |
228 | cipher_enc_state = CIPHER_REQ_INIT; | |
229 | } |