warp-vpn

point to point VPN implementation
git clone git://git.2f30.org/warp-vpn
Log | Files | Refs | README
commit 190deec3928e9323cf2ee8d7200924a17ddba4f9
parent 964ca0d06f57cdebdacd8c942f98bf2b0f527578
Author: sin <sin@2f30.org>
Date:   Thu, 31 Mar 2016 17:25:21 +0100

style changes

Diffstat:

Mstun.c | 57+++++++++++++++++++++++++++++----------------------------


1 file changed, 29 insertions(+), 28 deletions(-)

diff --git a/stun.c b/stun.c
@@ -83,7 +83,7 @@
 #define HDRLEN		2
 #define IVLEN		12
 #define TAGLEN		16
-#define MAXPKTLEN	(MTU + AES_BLOCK_SIZE + HDRLEN + IVLEN + TAGLEN)
+#define MAXPKTLEN	(TAGLEN + IVLEN + HDRLEN + MTU + AES_BLOCK_SIZE)
 #define BADPKT		0x8000
 
 enum {
@@ -262,11 +262,11 @@ aesinit(EVP_CIPHER_CTX *ectx, EVP_CIPHER_CTX *dctx)
 }
 
 int
-aesenc(EVP_CIPHER_CTX *ctx, unsigned char *ct, unsigned char *pt, int plen,
+aesenc(EVP_CIPHER_CTX *ctx, unsigned char *ct, unsigned char *pt, int ptlen,
        unsigned char *key, unsigned char *iv, unsigned char *aad, int aadlen,
        unsigned char *tag, int taglen)
 {
-	int clen, flen;
+	int len, flen;
 
 	if (EVP_EncryptInit_ex(ctx, EVP_aes_256_gcm(), NULL, NULL, NULL) != 1)
 		logerr("EVP_EncryptInit_ex failed");
@@ -274,27 +274,27 @@ aesenc(EVP_CIPHER_CTX *ctx, unsigned char *ct, unsigned char *pt, int plen,
 	if (EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv) != 1)
 		logerr("EVP_EncryptInit_ex failed");
 
-	if (EVP_EncryptUpdate(ctx, NULL, &clen, aad, aadlen) != 1)
+	if (EVP_EncryptUpdate(ctx, NULL, &len, aad, aadlen) != 1)
 		logerr("EVP_EncryptUpdate failed");
 
-	if (EVP_EncryptUpdate(ctx, ct, &clen, pt, plen) != 1)
+	if (EVP_EncryptUpdate(ctx, ct, &len, pt, ptlen) != 1)
 		logerr("EVP_EncryptUpdate failed");
 
-	if (EVP_EncryptFinal_ex(ctx, ct + clen, &flen) != 1)
+	if (EVP_EncryptFinal_ex(ctx, ct + len, &flen) != 1)
 		logerr("EVP_EncryptFinal_ex failed");
 
 	if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, TAGLEN, tag) != 1)
 		logerr("EVP_CTRL_GCM_GET_TAG failed");
 
-	return clen + flen;
+	return len + flen;
 }
 
 int
-aesdec(EVP_CIPHER_CTX *ctx, unsigned char *pt, unsigned char *ct, int clen,
+aesdec(EVP_CIPHER_CTX *ctx, unsigned char *pt, unsigned char *ct, int ctlen,
        unsigned char *key, unsigned char *iv, unsigned char *aad, int aadlen,
        unsigned char *tag, int taglen)
 {
-	int plen, flen;
+	int len, flen;
 
 	if (EVP_DecryptInit_ex(ctx, EVP_aes_256_gcm(), NULL, NULL, NULL) != 1)
 		logerr("EVP_DecryptInit_ex failed");
@@ -302,20 +302,20 @@ aesdec(EVP_CIPHER_CTX *ctx, unsigned char *pt, unsigned char *ct, int clen,
 	if (EVP_DecryptInit_ex(ctx, NULL, NULL, key, iv) != 1)
 		logerr("EVP_DecryptInit_ex failed");
 
-	if (EVP_DecryptUpdate(ctx, NULL, &plen, aad, aadlen) != 1)
+	if (EVP_DecryptUpdate(ctx, NULL, &len, aad, aadlen) != 1)
 		logerr("EVP_DecryptUpdate failed");
 
-	if (EVP_DecryptUpdate(ctx, pt, &plen, ct, clen) != 1)
+	if (EVP_DecryptUpdate(ctx, pt, &len, ct, ctlen) != 1)
 		logerr("EVP_DecryptUpdate failed");
 
 	if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, TAGLEN, tag) != 1)
 		logerr("EVP_CTRL_GCM_SET_TAG failed");
 
 	/* if this fails, someone has tampered with the packet in transit */
-	if (EVP_DecryptFinal_ex(ctx, pt + plen, &flen) != 1)
+	if (EVP_DecryptFinal_ex(ctx, pt + len, &flen) != 1)
 		return -1;
 
-	return plen + flen;
+	return len + flen;
 }
 
 #if defined(__linux__)
@@ -464,27 +464,28 @@ readdev(int fd, unsigned char *buf, int len)
 int
 writenet(int fd, unsigned char *pt, int len)
 {
-	unsigned char payload[MTU + AES_BLOCK_SIZE];
+	unsigned char ct[MTU + AES_BLOCK_SIZE];
 	unsigned char hdr[HDRLEN], iv[IVLEN], tag[TAGLEN];
 	unsigned char pkt[MAXPKTLEN];
+	int pktlen;
 
 	pack16(hdr, len);
 	arc4random_buf(iv, IVLEN);
-	aesenc(&ectx, payload, pt, len, aeskey, iv, hdr, HDRLEN, tag, TAGLEN);
+	aesenc(&ectx, ct, pt, len, aeskey, iv, hdr, HDRLEN, tag, TAGLEN);
 	memcpy(pkt, tag, TAGLEN);
 	memcpy(&pkt[TAGLEN], iv, IVLEN);
 	memcpy(&pkt[TAGLEN + IVLEN], hdr, HDRLEN);
-	memcpy(&pkt[TAGLEN + IVLEN + HDRLEN], payload, len);
-	len += TAGLEN + IVLEN + HDRLEN;
-	return writeall(fd, pkt, len);
+	memcpy(&pkt[TAGLEN + IVLEN + HDRLEN], ct, len);
+	pktlen = TAGLEN + IVLEN + HDRLEN + len;
+	return writeall(fd, pkt, pktlen);
 }
 
 int
 readnet(int fd, unsigned char *pt, int len)
 {
-	unsigned char payload[MTU + AES_BLOCK_SIZE];
+	unsigned char ct[MTU + AES_BLOCK_SIZE];
 	unsigned char hdr[HDRLEN], iv[IVLEN], tag[TAGLEN];
-	int n, payloadlen;
+	int n, ctlen;
 
 #define CHECKERR(n) do { \
 	if ((n) == 0) { \
@@ -505,18 +506,18 @@ readnet(int fd, unsigned char *pt, int len)
 	n = readall(fd, hdr, HDRLEN);
 	CHECKERR(n);
 
-	payloadlen = unpack16(hdr);
-	if (payloadlen > MTU + AES_BLOCK_SIZE)
-		payloadlen = MTU + AES_BLOCK_SIZE;
+	ctlen = unpack16(hdr);
+	if (ctlen > MTU + AES_BLOCK_SIZE)
+		ctlen = MTU + AES_BLOCK_SIZE;
 
-	n = readall(fd, payload, payloadlen);
+	n = readall(fd, ct, ctlen);
 	CHECKERR(n);
 
-	payloadlen = aesdec(&dctx, pt, payload, payloadlen, aeskey, iv,
-	                    hdr, HDRLEN, tag, TAGLEN);
-	if (payloadlen < 0)
+	n = aesdec(&dctx, pt, ct, ctlen, aeskey, iv,
+	           hdr, HDRLEN, tag, TAGLEN);
+	if (n < 0)
 		return BADPKT;
-	return payloadlen;
+	return n;
 }
 
 int