warp-vpn

point to point VPN implementation
git clone git://git.2f30.org/warp-vpn
Log | Files | Refs | README
commit f25ef0893d58c1f6b0c71acb85e0b617ad968729
parent 38c59c0c7da2a81eb031c361f9aabfe9fc6239a9
Author: sin <sin@2f30.org>
Date:   Thu, 14 Apr 2016 09:40:05 +0100

add support for listing ciphers via -c ?

Diffstat:

Mcrypto.c | 35+++++++++++++++++++++++------------


Mstun.8 | 7++++---


Mstun.c | 5+++++


Mstun.h | 1+


4 files changed, 33 insertions(+), 15 deletions(-)

diff --git a/crypto.c b/crypto.c
@@ -8,21 +8,32 @@ static EVP_AEAD_CTX ectx, dctx;
 static const EVP_AEAD *aead;
 static unsigned char key[EVP_MAX_KEY_LENGTH];
 
+static struct cipher {
+	const char *name;
+	const EVP_AEAD *(*aeadfn)(void);
+} ciphers[] = {
+	{ "aes-128-gcm",            EVP_aead_aes_128_gcm            },
+	{ "aes-256-gcm",            EVP_aead_aes_256_gcm            },
+	{ "chacha20-poly1305",      EVP_aead_chacha20_poly1305      },
+#if LIBRESSL_VERSION_NUMBER >= 0x2030200fL
+	{ "chacha20-poly1305-ietf", EVP_aead_chacha20_poly1305_ietf },
+#endif
+	{ NULL, NULL }
+};
+
+void
+listciphers(void)
+{
+	struct cipher *cp;
+
+	for (cp = ciphers; cp->name; cp++)
+		puts(cp->name);
+}
+
 void
 setcipher(char *name)
 {
-	struct {
-		const char *name;
-		const EVP_AEAD *(*aeadfn)(void);
-	} *cp, ciphers[] = {
-		{ "aes-128-gcm",            EVP_aead_aes_128_gcm            },
-		{ "aes-256-gcm",            EVP_aead_aes_256_gcm            },
-		{ "chacha20-poly1305",      EVP_aead_chacha20_poly1305      },
-#if LIBRESSL_VERSION_NUMBER >= 0x2030200fL
-		{ "chacha20-poly1305-ietf", EVP_aead_chacha20_poly1305_ietf },
-#endif
-		{ NULL, NULL }
-	};
+	struct cipher *cp;
 
 	for (cp = ciphers; cp->name; cp++) {
 		if (strcmp(cp->name, name) == 0) {
diff --git a/stun.8 b/stun.8
@@ -54,10 +54,11 @@ Select the tunnel
 .Ar device type .
 The two available device types are TUN and TAP.  The default is TUN.
 .It Fl c Ar cipher
-Use the given
+Select the given
 .Ar cipher .
-One can choose between aes-128-gcm, aes-256-gcm, chacha20-poly1305
-and chacha20-poly1305-ietf.  The default cipher is chacha20-poly1305.
+If the argument is ? then
+.Nm
+will list the available ciphers.  The default cipher is chacha20-poly1305.
 .El
 .Sh BUGS
 This program is an experiment and may not be secure.  Use at your
diff --git a/stun.c b/stun.c
@@ -118,6 +118,11 @@ main(int argc, char *argv[])
 	if (argc != 1 || !(sflag ^ (host != NULL)))
 		usage();
 
+	if (strcmp(cipher, "?") == 0) {
+		listciphers();
+		return 0;
+	}
+
 	/* disable core dumps as memory contains the pre-shared key */
 	rlim.rlim_cur = rlim.rlim_max = 0;
 	if (setrlimit(RLIMIT_CORE, &rlim) < 0)
diff --git a/stun.h b/stun.h
@@ -36,6 +36,7 @@ int response(int);
 int clientconnect(char *, char *);
 
 /* crypto.c */
+void listciphers(void);
 void setcipher(char *);
 void derivekey(char *);
 void cryptoinit(void);