1 --- vtun-3.0.4.orig/lfd_encrypt.c 2016-10-01 23:27:51.000000000 +0200
2 +++ vtun-3.0.4/lfd_encrypt.c 2018-09-30 12:17:00.134149092 +0200
7 -static EVP_CIPHER_CTX ctx_enc; /* encrypt */
8 -static EVP_CIPHER_CTX ctx_dec; /* decrypt */
9 +static EVP_CIPHER_CTX *ctx_enc; /* encrypt */
10 +static EVP_CIPHER_CTX *ctx_dec; /* decrypt */
12 -static EVP_CIPHER_CTX ctx_enc_ecb; /* sideband ecb encrypt */
13 -static EVP_CIPHER_CTX ctx_dec_ecb; /* sideband ecb decrypt */
14 +static EVP_CIPHER_CTX *ctx_enc_ecb; /* sideband ecb encrypt */
15 +static EVP_CIPHER_CTX *ctx_dec_ecb; /* sideband ecb decrypt */
17 static int send_msg(int len, char *in, char **out);
18 static int recv_msg(int len, char *in, char **out);
19 @@ -157,6 +157,11 @@ int alloc_encrypt(struct vtun_host *host
20 EVP_CIPHER_CTX *pctx_enc;
21 EVP_CIPHER_CTX *pctx_dec;
23 + ctx_enc = EVP_CIPHER_CTX_new();
24 + ctx_dec = EVP_CIPHER_CTX_new();
25 + ctx_enc_ecb = EVP_CIPHER_CTX_new();
26 + ctx_dec_ecb = EVP_CIPHER_CTX_new();
28 enc_init_first_time = 1;
29 dec_init_first_time = 1;
34 cipher_type = EVP_aes_256_ecb();
35 - pctx_enc = &ctx_enc_ecb;
36 - pctx_dec = &ctx_dec_ecb;
37 + pctx_enc = ctx_enc_ecb;
38 + pctx_dec = ctx_dec_ecb;
41 case VTUN_ENC_AES256ECB:
44 - pctx_enc = &ctx_enc;
45 - pctx_dec = &ctx_dec;
48 cipher_type = EVP_aes_256_ecb();
49 strcpy(cipher_name,"AES-256-ECB");
54 cipher_type = EVP_aes_128_ecb();
55 - pctx_enc = &ctx_enc_ecb;
56 - pctx_dec = &ctx_dec_ecb;
57 + pctx_enc = ctx_enc_ecb;
58 + pctx_dec = ctx_dec_ecb;
60 case VTUN_ENC_AES128ECB:
63 - pctx_enc = &ctx_enc;
64 - pctx_dec = &ctx_dec;
67 cipher_type = EVP_aes_128_ecb();
68 strcpy(cipher_name,"AES-128-ECB");
73 cipher_type = EVP_bf_ecb();
74 - pctx_enc = &ctx_enc_ecb;
75 - pctx_dec = &ctx_dec_ecb;
76 + pctx_enc = ctx_enc_ecb;
77 + pctx_dec = ctx_dec_ecb;
80 case VTUN_ENC_BF256ECB:
84 - pctx_enc = &ctx_enc;
85 - pctx_dec = &ctx_dec;
88 cipher_type = EVP_bf_ecb();
89 strcpy(cipher_name,"Blowfish-256-ECB");
94 cipher_type = EVP_bf_ecb();
95 - pctx_enc = &ctx_enc_ecb;
96 - pctx_dec = &ctx_dec_ecb;
97 + pctx_enc = ctx_enc_ecb;
98 + pctx_dec = ctx_dec_ecb;
100 case VTUN_ENC_BF128ECB: /* blowfish 128 ecb is the default */
105 - pctx_enc = &ctx_enc;
106 - pctx_dec = &ctx_dec;
107 + pctx_enc = ctx_enc;
108 + pctx_dec = ctx_dec;
109 cipher_type = EVP_bf_ecb();
110 strcpy(cipher_name,"Blowfish-128-ECB");
112 @@ -294,10 +294,10 @@
113 lfd_free(enc_buf); enc_buf = NULL;
114 lfd_free(dec_buf); dec_buf = NULL;
116 - EVP_CIPHER_CTX_cleanup(&ctx_enc);
117 - EVP_CIPHER_CTX_cleanup(&ctx_dec);
118 - EVP_CIPHER_CTX_cleanup(&ctx_enc_ecb);
119 - EVP_CIPHER_CTX_cleanup(&ctx_dec_ecb);
120 + EVP_CIPHER_CTX_free(ctx_enc);
121 + EVP_CIPHER_CTX_free(ctx_dec);
122 + EVP_CIPHER_CTX_free(ctx_enc_ecb);
123 + EVP_CIPHER_CTX_free(ctx_dec_ecb);
129 if (pad == blocksize)
130 RAND_bytes(in_ptr+len, blocksize-1);
131 - EVP_EncryptUpdate(&ctx_enc, out_ptr, &outlen, in_ptr, len+pad);
132 + EVP_EncryptUpdate(ctx_enc, out_ptr, &outlen, in_ptr, len+pad);
140 - EVP_DecryptUpdate(&ctx_dec, out_ptr, &outlen, in_ptr, len);
141 + EVP_DecryptUpdate(ctx_dec, out_ptr, &outlen, in_ptr, len);
142 recv_ib_mesg(&outlen, &out_ptr);
143 if (!outlen) return 0;
144 tmp_ptr = out_ptr + outlen; tmp_ptr--;
145 @@ -431,13 +431,13 @@
147 } /* switch(cipher) */
149 - EVP_CIPHER_CTX_init(&ctx_enc);
150 - EVP_EncryptInit_ex(&ctx_enc, cipher_type, NULL, NULL, NULL);
151 + EVP_CIPHER_CTX_init(ctx_enc);
152 + EVP_EncryptInit_ex(ctx_enc, cipher_type, NULL, NULL, NULL);
154 - EVP_CIPHER_CTX_set_key_length(&ctx_enc, keysize);
155 - EVP_EncryptInit_ex(&ctx_enc, NULL, NULL, pkey, NULL);
156 - EVP_EncryptInit_ex(&ctx_enc, NULL, NULL, NULL, iv);
157 - EVP_CIPHER_CTX_set_padding(&ctx_enc, 0);
158 + EVP_CIPHER_CTX_set_key_length(ctx_enc, keysize);
159 + EVP_EncryptInit_ex(ctx_enc, NULL, NULL, pkey, NULL);
160 + EVP_EncryptInit_ex(ctx_enc, NULL, NULL, NULL, iv);
161 + EVP_CIPHER_CTX_set_padding(ctx_enc, 0);
162 if (enc_init_first_time)
164 sprintf(tmpstr,"%s encryption initialized", cipher_name);
165 @@ -521,13 +521,13 @@
167 } /* switch(cipher) */
169 - EVP_CIPHER_CTX_init(&ctx_dec);
170 - EVP_DecryptInit_ex(&ctx_dec, cipher_type, NULL, NULL, NULL);
171 + EVP_CIPHER_CTX_init(ctx_dec);
172 + EVP_DecryptInit_ex(ctx_dec, cipher_type, NULL, NULL, NULL);
174 - EVP_CIPHER_CTX_set_key_length(&ctx_dec, keysize);
175 - EVP_DecryptInit_ex(&ctx_dec, NULL, NULL, pkey, NULL);
176 - EVP_DecryptInit_ex(&ctx_dec, NULL, NULL, NULL, iv);
177 - EVP_CIPHER_CTX_set_padding(&ctx_dec, 0);
178 + EVP_CIPHER_CTX_set_key_length(ctx_dec, keysize);
179 + EVP_DecryptInit_ex(ctx_dec, NULL, NULL, pkey, NULL);
180 + EVP_DecryptInit_ex(ctx_dec, NULL, NULL, NULL, iv);
181 + EVP_CIPHER_CTX_set_padding(ctx_dec, 0);
182 if (dec_init_first_time)
184 sprintf(tmpstr,"%s decryption initialized", cipher_name);
187 in_ptr = in - blocksize*2;
188 outlen = blocksize*2;
189 - EVP_EncryptUpdate(&ctx_enc_ecb, in_ptr,
190 + EVP_EncryptUpdate(ctx_enc_ecb, in_ptr,
191 &outlen, in_ptr, blocksize*2);
196 iv = malloc(blocksize);
197 outlen = blocksize*2;
198 - EVP_DecryptUpdate(&ctx_dec_ecb, in_ptr, &outlen, in_ptr, blocksize*2);
199 + EVP_DecryptUpdate(ctx_dec_ecb, in_ptr, &outlen, in_ptr, blocksize*2);
201 if ( !strncmp(in_ptr, "ivec", 4) )
204 if (cipher_enc_state != CIPHER_INIT)
206 cipher_enc_state = CIPHER_INIT;
207 - EVP_CIPHER_CTX_cleanup(&ctx_enc);
208 + EVP_CIPHER_CTX_cleanup(ctx_enc);
209 #ifdef LFD_ENCRYPT_DEBUG
210 vtun_syslog(LOG_INFO,
211 "Forcing local encryptor re-init");
213 if (cipher_enc_state != CIPHER_INIT)
215 cipher_enc_state = CIPHER_INIT;
216 - EVP_CIPHER_CTX_cleanup(&ctx_enc);
217 + EVP_CIPHER_CTX_cleanup(ctx_enc);
219 #ifdef LFD_ENCRYPT_DEBUG
220 vtun_syslog(LOG_INFO, "Remote requests encryptor re-init");
222 cipher_enc_state != CIPHER_REQ_INIT &&
223 cipher_enc_state != CIPHER_INIT)
225 - EVP_CIPHER_CTX_cleanup (&ctx_dec);
226 + EVP_CIPHER_CTX_cleanup (ctx_dec);
227 cipher_dec_state = CIPHER_INIT;
228 cipher_enc_state = CIPHER_REQ_INIT;