warp-vpn

point to point VPN implementation
git clone git://git.2f30.org/warp-vpn
Log | Files | Refs | README
commit 07db83b86b96fdf98a1d1ed39750c4cf2b058c35
parent 81340b1de24e268b408755978b0da4ae44493507
Author: sin <sin@2f30.org>
Date:   Wed,  6 Apr 2016 14:25:28 +0100

factor out aead init to a separate function

Diffstat:

Mstun.c | 42+++++++++++++++++++++++-------------------


1 file changed, 23 insertions(+), 19 deletions(-)

diff --git a/stun.c b/stun.c
@@ -92,10 +92,12 @@ enum {
 
 EVP_AEAD_CTX ectx, dctx;
 const EVP_AEAD *aead;
+unsigned char key[EVP_MAX_KEY_LENGTH];
 char *argv0;
 char *bindaddr;
 char *host;
 char *port = "12080";
+char *cipher = DEFCIPHER;
 int devtype = TUNDEV;
 int debug;
 int foreground;
@@ -674,6 +676,25 @@ aead_from_name(const EVP_AEAD **aead, const char *name)
 }
 
 void
+aeadinit(unsigned char *pw)
+{
+	size_t keylen;
+
+	aead_from_name(&aead, cipher);
+	keylen = EVP_AEAD_key_length(aead);
+	if (!PKCS5_PBKDF2_HMAC_SHA1(pw, strlen(pw), NULL, 0, NROUNDS,
+		                    keylen, key))
+		logerr("PKCS5_PBKDF2_HMAC_SHA1 failed");
+
+	if (!EVP_AEAD_CTX_init(&ectx, aead, key, keylen,
+	                       EVP_AEAD_DEFAULT_TAG_LENGTH, NULL))
+		logerr("EVP_AEAD_CTX_init failed");
+	if (!EVP_AEAD_CTX_init(&dctx, aead, key, keylen,
+	                       EVP_AEAD_DEFAULT_TAG_LENGTH, NULL))
+		logerr("EVP_AEAD_CTX_init failed");
+}
+
+void
 usage(void)
 {
 	fprintf(stderr, "usage: stun [-df] -s [-b address] [-p port] [-t devtype] [-c cipher] interface\n");
@@ -684,9 +705,7 @@ usage(void)
 int
 main(int argc, char *argv[])
 {
-	unsigned char *key;
-	size_t keylen;
-	char *arg, *pw, *cipher = DEFCIPHER;
+	char *arg, *pw;
 	int devfd;
 
 	ARGBEGIN {
@@ -736,24 +755,9 @@ main(int argc, char *argv[])
 
 	if (!(pw = getenv("STUNPW")))
 		logerr("STUNPW is not set");
-
-	/* derive key from password */
-	aead_from_name(&aead, cipher);
-	keylen = EVP_AEAD_key_length(aead);
-	if (!(key = malloc(keylen)))
-		logerr("out of memory");
-	if (!PKCS5_PBKDF2_HMAC_SHA1(pw, strlen(pw), NULL, 0, NROUNDS, keylen, key))
-		logerr("PKCS5_PBKDF2_HMAC_SHA1 failed");
+	aeadinit(pw);
 	explicit_bzero(pw, strlen(pw));
 
-	/* initialize cipher */
-	if (!EVP_AEAD_CTX_init(&ectx, aead, key, keylen,
-	                       EVP_AEAD_DEFAULT_TAG_LENGTH, NULL))
-		logerr("EVP_AEAD_CTX_init failed");
-	if (!EVP_AEAD_CTX_init(&dctx, aead, key, keylen,
-	                       EVP_AEAD_DEFAULT_TAG_LENGTH, NULL))
-		logerr("EVP_AEAD_CTX_init failed");
-
 	if (sflag)
 		return serversetup(devfd);
 	revokeprivs();