warp-vpn

simple point to point tunnel
git clone git://git.2f30.org/warp-vpn.git
Log | Files | Refs | README

commit 07db83b86b96fdf98a1d1ed39750c4cf2b058c35
parent 81340b1de24e268b408755978b0da4ae44493507
Author: sin <sin@2f30.org>
Date:   Wed Apr  6 14:25:28 +0100

factor out aead init to a separate function

Diffstat:
stun.c | 42+++++++++++++++++++++++-------------------
1 file changed, 23 insertions(+), 19 deletions(-)
diff --git a/stun.c b/stun.c @@ -92,10 +92,12 @@ enum { EVP_AEAD_CTX ectx, dctx; const EVP_AEAD *aead; +unsigned char key[EVP_MAX_KEY_LENGTH]; char *argv0; char *bindaddr; char *host; char *port = "12080"; +char *cipher = DEFCIPHER; int devtype = TUNDEV; int debug; int foreground; @@ -674,6 +676,25 @@ aead_from_name(const EVP_AEAD **aead, const char *name) } void +aeadinit(unsigned char *pw) +{ + size_t keylen; + + aead_from_name(&aead, cipher); + keylen = EVP_AEAD_key_length(aead); + if (!PKCS5_PBKDF2_HMAC_SHA1(pw, strlen(pw), NULL, 0, NROUNDS, + keylen, key)) + logerr("PKCS5_PBKDF2_HMAC_SHA1 failed"); + + if (!EVP_AEAD_CTX_init(&ectx, aead, key, keylen, + EVP_AEAD_DEFAULT_TAG_LENGTH, NULL)) + logerr("EVP_AEAD_CTX_init failed"); + if (!EVP_AEAD_CTX_init(&dctx, aead, key, keylen, + EVP_AEAD_DEFAULT_TAG_LENGTH, NULL)) + logerr("EVP_AEAD_CTX_init failed"); +} + +void usage(void) { fprintf(stderr, "usage: stun [-df] -s [-b address] [-p port] [-t devtype] [-c cipher] interface\n"); @@ -684,9 +705,7 @@ usage(void) int main(int argc, char *argv[]) { - unsigned char *key; - size_t keylen; - char *arg, *pw, *cipher = DEFCIPHER; + char *arg, *pw; int devfd; ARGBEGIN { @@ -736,24 +755,9 @@ main(int argc, char *argv[]) if (!(pw = getenv("STUNPW"))) logerr("STUNPW is not set"); - - /* derive key from password */ - aead_from_name(&aead, cipher); - keylen = EVP_AEAD_key_length(aead); - if (!(key = malloc(keylen))) - logerr("out of memory"); - if (!PKCS5_PBKDF2_HMAC_SHA1(pw, strlen(pw), NULL, 0, NROUNDS, keylen, key)) - logerr("PKCS5_PBKDF2_HMAC_SHA1 failed"); + aeadinit(pw); explicit_bzero(pw, strlen(pw)); - /* initialize cipher */ - if (!EVP_AEAD_CTX_init(&ectx, aead, key, keylen, - EVP_AEAD_DEFAULT_TAG_LENGTH, NULL)) - logerr("EVP_AEAD_CTX_init failed"); - if (!EVP_AEAD_CTX_init(&dctx, aead, key, keylen, - EVP_AEAD_DEFAULT_TAG_LENGTH, NULL)) - logerr("EVP_AEAD_CTX_init failed"); - if (sflag) return serversetup(devfd); revokeprivs();