Mercurial > hg > quicktun
changeset 55:5685fad38195
Fixed compiler warnings from clang (including small bug in private key loading)
| author | Ivo Smits <Ivo@UCIS.nl> |
|---|---|
| date | Fri, 31 Jan 2014 22:52:46 +0100 |
| parents | 4ff8003d0973 |
| children | 377e7d4fbc10 |
| files | src/common.c src/proto.nacl0.c src/proto.nacltai.c src/proto.salty.c src/run.combined.c |
| diffstat | 5 files changed, 54 insertions(+), 46 deletions(-) [+] |
line wrap: on
line diff
--- a/src/common.c Sat Nov 23 16:58:54 2013 +0100 +++ b/src/common.c Fri Jan 31 22:52:46 2014 +0100 @@ -27,7 +27,9 @@ #include <stdlib.h> #include <string.h> #include <fcntl.h> +#include <unistd.h> #include <pwd.h> +#include <grp.h> #ifndef HAVE_NETINET_IN_H #include <netinet/in.h> #endif @@ -36,6 +38,7 @@ #include <poll.h> #include <netdb.h> #include <stdlib.h> +#include <arpa/inet.h> #include <net/if.h> #ifdef linux #include <linux/if_tun.h> @@ -87,8 +90,10 @@ extern int errorexit(const char*); extern int errorexitp(const char*); extern void print_header(); - extern void hex2bin(unsigned char*, unsigned char*, int); + extern void hex2bin(unsigned char*, const char*, const int); extern int debug; + extern int qtrun(struct qtproto* p); + extern int qtprocessargs(int argc, char** argv); #else char* (*getconf)(const char*) = getenv; @@ -161,14 +166,14 @@ struct addrinfo *ai_local = NULL, *ai_remote = NULL; unsigned short af = 0; int ret; - if (envval = getconf("LOCAL_ADDRESS")) { - if (ret = getaddrinfo(envval, NULL, NULL, &ai_local)) return errorexit2("getaddrinfo(LOCAL_ADDRESS)", gai_strerror(ret)); + if ((envval = getconf("LOCAL_ADDRESS"))) { + if ((ret = getaddrinfo(envval, NULL, NULL, &ai_local))) return errorexit2("getaddrinfo(LOCAL_ADDRESS)", gai_strerror(ret)); if (!ai_local) return errorexit("LOCAL_ADDRESS lookup failed"); if (ai_local->ai_addrlen > sizeof(sockaddr_any)) return errorexit("Resolved LOCAL_ADDRESS is too big"); af = ai_local->ai_family; } - if (envval = getconf("REMOTE_ADDRESS")) { - if (ret = getaddrinfo(envval, NULL, NULL, &ai_remote)) return errorexit2("getaddrinfo(REMOTE_ADDRESS)", gai_strerror(ret)); + if ((envval = getconf("REMOTE_ADDRESS"))) { + if ((ret = getaddrinfo(envval, NULL, NULL, &ai_remote))) return errorexit2("getaddrinfo(REMOTE_ADDRESS)", gai_strerror(ret)); if (!ai_remote) return errorexit("REMOTE_ADDRESS lookup failed"); if (ai_remote->ai_addrlen > sizeof(sockaddr_any)) return errorexit("Resolved REMOTE_ADDRESS is too big"); if (af && af != ai_remote->ai_family) return errorexit("Address families do not match"); @@ -182,7 +187,7 @@ udpaddr.any.sa_family = af; if (ai_local) memcpy(&udpaddr, ai_local->ai_addr, ai_local->ai_addrlen); int port = 2998; - if (envval = getconf("LOCAL_PORT")) port = atoi(envval); + if ((envval = getconf("LOCAL_PORT"))) port = atoi(envval); if (sockaddr_set_port(&udpaddr, port)) return -1; if (bind(sfd, (struct sockaddr*)&udpaddr, sizeof(udpaddr))) return errorexitp("Could not bind socket"); memset(&udpaddr, 0, sizeof(udpaddr)); @@ -193,7 +198,7 @@ } else { session->remote_float = getconf("REMOTE_FLOAT") ? 1 : 0; port = 2998; - if (envval = getconf("REMOTE_PORT")) port = atoi(envval); + if ((envval = getconf("REMOTE_PORT"))) port = atoi(envval); if (sockaddr_set_port(&udpaddr, port)) return -1; session->remote_addr = udpaddr; if (session->remote_float) { @@ -213,14 +218,14 @@ fprintf(stderr, "Initializing tun/tap device...\n"); int ttfd; //Tap device file descriptor int tunmode = 0; - if (envval = getconf("TUN_MODE")) tunmode = atoi(envval); + if ((envval = getconf("TUN_MODE"))) tunmode = atoi(envval); session->use_pi = 0; if (tunmode && (envval = getconf("USE_PI"))) session->use_pi = atoi(envval); #if defined(__linux__) struct ifreq ifr; //required for tun/tap setup memset(&ifr, 0, sizeof(ifr)); if ((ttfd = open("/dev/net/tun", O_RDWR)) < 0) return errorexitp("Could not open tun/tap device file"); - if (envval = getconf("INTERFACE")) strcpy(ifr.ifr_name, envval); + if ((envval = getconf("INTERFACE"))) strcpy(ifr.ifr_name, envval); ifr.ifr_flags = tunmode ? IFF_TUN : IFF_TAP; if (!session->use_pi) ifr.ifr_flags |= IFF_NO_PI; if (ioctl(ttfd, TUNSETIFF, (void *)&ifr) < 0) return errorexitp("TUNSETIFF ioctl failed"); @@ -251,12 +256,12 @@ #endif } #endif - if (envval = getconf("TUN_UP_SCRIPT")) system(envval); + if ((envval = getconf("TUN_UP_SCRIPT"))) system(envval); session->fd_dev = ttfd; return ttfd; } -void hex2bin(unsigned char* dest, unsigned char* src, int count) { +void hex2bin(unsigned char* dest, const char* src, const int count) { int i; for (i = 0; i < count; i++) { if (*src >= '0' && *src <= '9') *dest = *src - '0'; @@ -273,11 +278,11 @@ static int drop_privileges() { char* envval; struct passwd *pw = NULL; - if (envval = getconf("SETUID")) { + if ((envval = getconf("SETUID"))) { pw = getpwnam(envval); if (!pw) return errorexitp("getpwnam"); } - if (envval = getconf("CHROOT")) { + if ((envval = getconf("CHROOT"))) { if (chroot(envval)) return errorexitp("chroot"); if (chdir("/")) return errorexitp("chdir /"); } @@ -286,6 +291,7 @@ if (setgid(pw->pw_gid) == -1) return errorexitp("setgid"); if (setuid(pw->pw_uid) == -1) return errorexitp("setuid"); } + return 0; } static void qtsendnetworkpacket(struct qtsession* session, char* msg, int len) { @@ -351,8 +357,8 @@ } if (fds[1].revents & POLLERR) { int out; - len = sizeof(out); - getsockopt(sfd, SOL_SOCKET, SO_ERROR, &out, &len); + socklen_t slen = sizeof(out); + getsockopt(sfd, SOL_SOCKET, SO_ERROR, &out, &slen); fprintf(stderr, "Received error %d on udp socket\n", out); } if (fds[1].revents & POLLIN) { @@ -365,8 +371,8 @@ } if (len < 0) { long long out; - len = sizeof(out); - getsockopt(sfd, SOL_SOCKET, SO_ERROR, &out, &len); + socklen_t slen = sizeof(out); + getsockopt(sfd, SOL_SOCKET, SO_ERROR, &out, &slen); fprintf(stderr, "Received end of file on udp socket (error %lld)\n", out); } else { len = p->decode(&session, buffer_enc, buffer_raw + pi_length, len); @@ -424,6 +430,7 @@ return errorexit("Unexpected command line argument"); } } + return 0; } #endif
--- a/src/proto.nacl0.c Sat Nov 23 16:58:54 2013 +0100 +++ b/src/proto.nacl0.c Fri Jan 31 22:52:46 2014 +0100 @@ -33,21 +33,20 @@ static int encode(struct qtsession* sess, char* raw, char* enc, int len) { struct qt_proto_data_nacl0* d = (struct qt_proto_data_nacl0*)sess->protocol_data; memset(raw, 0, crypto_box_curve25519xsalsa20poly1305_ZEROBYTES); - if (crypto_box_curve25519xsalsa20poly1305_afternm(enc, raw, len+crypto_box_curve25519xsalsa20poly1305_ZEROBYTES, d->cnonce, d->cbefore)) return errorexit("Crypto failed"); + if (crypto_box_curve25519xsalsa20poly1305_afternm((unsigned char*)enc, (unsigned char*)raw, len+crypto_box_curve25519xsalsa20poly1305_ZEROBYTES, d->cnonce, d->cbefore)) return errorexit("Crypto failed"); return len + crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES; } static int decode(struct qtsession* sess, char* enc, char* raw, int len) { struct qt_proto_data_nacl0* d = (struct qt_proto_data_nacl0*)sess->protocol_data; - int i; if (len < crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES) { fprintf(stderr, "Short packet received: %d\n", len); return -1; } len -= crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES; memset(enc, 0, crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES); - if (i = crypto_box_curve25519xsalsa20poly1305_open_afternm(raw, enc, len+crypto_box_curve25519xsalsa20poly1305_ZEROBYTES, d->cnonce, d->cbefore)) { - fprintf(stderr, "Decryption failed len=%d result=%d\n", len, i); + if (crypto_box_curve25519xsalsa20poly1305_open_afternm((unsigned char*)raw, (unsigned char*)enc, len+crypto_box_curve25519xsalsa20poly1305_ZEROBYTES, d->cnonce, d->cbefore)) { + fprintf(stderr, "Decryption failed len=%d\n", len); return -1; } return len; @@ -62,17 +61,17 @@ if (!(envval = getconf("PUBLIC_KEY"))) return errorexit("Missing PUBLIC_KEY"); if (strlen(envval) != 2*crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES) return errorexit("PUBLIC_KEY length"); hex2bin(cpublickey, envval, crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES); - if (envval = getconf("PRIVATE_KEY")) { + if ((envval = getconf("PRIVATE_KEY"))) { if (strlen(envval) != 2*crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES) return errorexit("PRIVATE_KEY length"); hex2bin(csecretkey, envval, crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES); - } else if (envval = getconf("PRIVATE_KEY_FILE")) { + } else if ((envval = getconf("PRIVATE_KEY_FILE"))) { FILE* pkfile = fopen(envval, "rb"); if (!pkfile) return errorexitp("Could not open PRIVATE_KEY_FILE"); char pktextbuf[crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES * 2]; - size_t pktextsize = fread(pktextbuf, 1, sizeof(pktextbuf), pkfile); + const size_t pktextsize = fread(pktextbuf, 1, sizeof(pktextbuf), pkfile); if (pktextsize == crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES) { memcpy(csecretkey, pktextbuf, crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES); - } else if (pktextsize = 2 * crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES) { + } else if (pktextsize == 2 * crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES) { hex2bin(csecretkey, pktextbuf, crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES); } else { return errorexit("PRIVATE_KEY length");
--- a/src/proto.nacltai.c Sat Nov 23 16:58:54 2013 +0100 +++ b/src/proto.nacltai.c Fri Jan 31 22:52:46 2014 +0100 @@ -60,7 +60,7 @@ b[9] = (nano >> 16) & 0xff; b[10] = (nano >> 8) & 0xff; b[11] = (nano >> 0) & 0xff; - ++b[15] == 0 && ++b[14] == 0 && ++b[13] == 0 && ++b[12] == 0; + if (++b[15] == 0 && ++b[14] == 0 && ++b[13] == 0) ++b[12]; } //Packet format: <16 bytes taia packed timestamp><16 bytes checksum><n bytes encrypted data> @@ -70,7 +70,7 @@ struct qt_proto_data_nacltai* d = (struct qt_proto_data_nacltai*)sess->protocol_data; memset(raw, 0, crypto_box_curve25519xsalsa20poly1305_ZEROBYTES); taia_now_packed(d->cenonce + nonceoffset, 0); - if (crypto_box_curve25519xsalsa20poly1305_afternm(enc, raw, len + crypto_box_curve25519xsalsa20poly1305_ZEROBYTES, d->cenonce, d->cbefore)) return errorexit("Encryption failed"); + if (crypto_box_curve25519xsalsa20poly1305_afternm((unsigned char*)enc, (unsigned char*)raw, len + crypto_box_curve25519xsalsa20poly1305_ZEROBYTES, d->cenonce, d->cbefore)) return errorexit("Encryption failed"); memcpy((void*)(enc + crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES - noncelength), d->cenonce + nonceoffset, noncelength); len += overhead; if (debug) fprintf(stderr, "Encoded packet of %d bytes from %p to %p\n", len, raw, enc); @@ -102,8 +102,8 @@ } memcpy(d->cdnonce + nonceoffset, enc, noncelength); memset(enc, 0, crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES); - if (i = crypto_box_curve25519xsalsa20poly1305_open_afternm(raw, enc, len + crypto_box_curve25519xsalsa20poly1305_ZEROBYTES, d->cdnonce, d->cbefore)) { - fprintf(stderr, "Decryption failed len=%d result=%d\n", len, i); + if (crypto_box_curve25519xsalsa20poly1305_open_afternm((unsigned char*)raw, (unsigned char*)enc, len + crypto_box_curve25519xsalsa20poly1305_ZEROBYTES, d->cdnonce, d->cbefore)) { + fprintf(stderr, "Decryption failed len=%d\n", len); return -1; } memcpy(taiold, d->cdnonce + nonceoffset, 16); @@ -119,17 +119,17 @@ if (!(envval = getconf("PUBLIC_KEY"))) return errorexit("Missing PUBLIC_KEY"); if (strlen(envval) != 2*crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES) return errorexit("PUBLIC_KEY length"); hex2bin(cpublickey, envval, crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES); - if (envval = getconf("PRIVATE_KEY")) { + if ((envval = getconf("PRIVATE_KEY"))) { if (strlen(envval) != 2*crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES) return errorexit("PRIVATE_KEY length"); hex2bin(csecretkey, envval, crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES); - } else if (envval = getconf("PRIVATE_KEY_FILE")) { + } else if ((envval = getconf("PRIVATE_KEY_FILE"))) { FILE* pkfile = fopen(envval, "rb"); if (!pkfile) return errorexitp("Could not open PRIVATE_KEY_FILE"); char pktextbuf[crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES * 2]; - size_t pktextsize = fread(pktextbuf, 1, sizeof(pktextbuf), pkfile); + const size_t pktextsize = fread(pktextbuf, 1, sizeof(pktextbuf), pkfile); if (pktextsize == crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES) { memcpy(csecretkey, pktextbuf, crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES); - } else if (pktextsize = 2 * crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES) { + } else if (pktextsize == 2 * crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES) { hex2bin(csecretkey, pktextbuf, crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES); } else { return errorexit("PRIVATE_KEY length"); @@ -146,7 +146,7 @@ crypto_scalarmult_curve25519_base(cownpublickey, csecretkey); - if (envval = getconf("TIME_WINDOW")) { + if ((envval = getconf("TIME_WINDOW"))) { struct packedtaia* tailog = d->cdtailog; taia_now_packed((unsigned char*)&tailog[0], -atol(envval)); tailog[4] = tailog[3] = tailog[2] = tailog[1] = tailog[0]; @@ -154,7 +154,7 @@ fprintf(stderr, "Warning: TIME_WINDOW not set, risking an initial replay attack\n"); } int role = memcmp(cownpublickey, cpublickey, crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES); - if (envval = getconf("ROLE")) role = atoi(envval) ? 1 : -1; + if ((envval = getconf("ROLE"))) role = atoi(envval) ? 1 : -1; role = (role == 0) ? 0 : ((role > 0) ? 1 : 2); d->cenonce[nonceoffset-1] = role & 1; d->cdnonce[nonceoffset-1] = (role >> 1) & 1;
--- a/src/proto.salty.c Sat Nov 23 16:58:54 2013 +0100 +++ b/src/proto.salty.c Fri Jan 31 22:52:46 2014 +0100 @@ -120,6 +120,7 @@ #include <sys/types.h> #include <sys/time.h> #include <stdbool.h> +#include <time.h> #define NONCEBYTES crypto_box_curve25519xsalsa20poly1305_NONCEBYTES #define BEFORENMBYTES crypto_box_curve25519xsalsa20poly1305_BEFORENMBYTES @@ -167,7 +168,7 @@ unsigned char* b = (unsigned char*)sb; return (b[0] << 24) | (b[1] << 16) | (b[2] << 8) | b[3]; } -static void encodeuint64(char* b, uint64 v) { +static void encodeuint64(unsigned char* b, uint64 v) { b[0] = (v >> 56) & 255; b[1] = (v >> 48) & 255; b[2] = (v >> 40) & 255; @@ -184,7 +185,7 @@ static int devurandomfd = -1; -static void dumphex(unsigned char* lbl, unsigned char* buffer, int len) { +static void dumphex(char* lbl, unsigned char* buffer, int len) { fprintf(stderr, "%s: ", lbl); for (; len > 0; len--, buffer++) fprintf(stderr, "%02x", *buffer); fprintf(stderr, "\n"); @@ -232,7 +233,7 @@ if (crypto_box_curve25519xsalsa20poly1305_afternm(encbuffer, buffer, 32 + (1 + 32 + 24 + 32 + 24 + 8), nonce, d->controlkey)) return; memcpy(encbuffer + 16 - 8, nonce + 16, 8); encbuffer[16 - 1 - 8] = 0x80; - if (sess->sendnetworkpacket) sess->sendnetworkpacket(sess, encbuffer + 16 - 1 - 8, 1 + 8 + 16 + (1 + 32 + 24 + 32 + 24 + 8)); + if (sess->sendnetworkpacket) sess->sendnetworkpacket(sess, (char*)encbuffer + 16 - 1 - 8, 1 + 8 + 16 + (1 + 32 + 24 + 32 + 24 + 8)); d->lastkeyupdatesent = time(NULL); } @@ -250,6 +251,7 @@ initdecoder(&d->datadecoders[(d->dataremotekeyid << 1) | d->datalocalkeynextid], d->dataremotekey, enckey->privatekey, d->dataremotenonce); sendkeyupdate(sess, false); d->lastkeyupdate = time(NULL); + return true; } static void beginkeyupdateifnecessary(struct qtsession* sess) { @@ -270,17 +272,17 @@ if (!(envval = getconf("PUBLIC_KEY"))) return errorexit("Missing PUBLIC_KEY"); if (strlen(envval) != 2*PUBLICKEYBYTES) return errorexit("PUBLIC_KEY length"); hex2bin(cpublickey, envval, PUBLICKEYBYTES); - if (envval = getconf("PRIVATE_KEY")) { + if ((envval = getconf("PRIVATE_KEY"))) { if (strlen(envval) != 2 * PUBLICKEYBYTES) return errorexit("PRIVATE_KEY length"); hex2bin(csecretkey, envval, PRIVATEKEYBYTES); - } else if (envval = getconf("PRIVATE_KEY_FILE")) { + } else if ((envval = getconf("PRIVATE_KEY_FILE"))) { FILE* pkfile = fopen(envval, "rb"); if (!pkfile) return errorexitp("Could not open PRIVATE_KEY_FILE"); char pktextbuf[PRIVATEKEYBYTES * 2]; - size_t pktextsize = fread(pktextbuf, 1, sizeof(pktextbuf), pkfile); + const size_t pktextsize = fread(pktextbuf, 1, sizeof(pktextbuf), pkfile); if (pktextsize == PRIVATEKEYBYTES) { memcpy(csecretkey, pktextbuf, PRIVATEKEYBYTES); - } else if (pktextsize = 2 * PRIVATEKEYBYTES) { + } else if (pktextsize == 2 * PRIVATEKEYBYTES) { hex2bin(csecretkey, pktextbuf, PRIVATEKEYBYTES); } else { return errorexit("PRIVATE_KEY length"); @@ -329,7 +331,7 @@ if (e->nonce[20] & 0xE0) return 0; if (debug) dumphex("ENCODE KEY", e->sharedkey, 32); memset(raw, 0, crypto_box_curve25519xsalsa20poly1305_ZEROBYTES); - if (crypto_box_curve25519xsalsa20poly1305_afternm(enc, raw, len + 32, e->nonce, e->sharedkey)) return errorexit("Encryption failed"); + if (crypto_box_curve25519xsalsa20poly1305_afternm((unsigned char*)enc, (unsigned char*)raw, len + 32, e->nonce, e->sharedkey)) return errorexit("Encryption failed"); enc[12] = (e->nonce[20] & 0x1F) | (0 << 7) | (d->datalocalkeyid << 6) | (d->dataremotekeyid << 5); enc[13] = e->nonce[21]; enc[14] = e->nonce[22]; @@ -379,7 +381,7 @@ dec->nonce[23] = enc[15]; memset(enc, 0, crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES); if (debug) dumphex("DECODE KEY", dec->sharedkey, 32); - if (crypto_box_curve25519xsalsa20poly1305_open_afternm(raw, enc, len - 4 + 16, dec->nonce, dec->sharedkey)) { + if (crypto_box_curve25519xsalsa20poly1305_open_afternm((unsigned char*)raw, (unsigned char*)enc, len - 4 + 16, dec->nonce, dec->sharedkey)) { fprintf(stderr, "Decryption of data packet failed len=%d\n", len); return -1; } @@ -402,7 +404,7 @@ cnonce[0] = (d->controlroles >> 1) & 1; memcpy(cnonce + 16, enc + 13, 8); memset(enc + 12 + 1 + 8 - 16, 0, 16); - if (crypto_box_curve25519xsalsa20poly1305_open_afternm(raw, enc + 12 + 1 + 8 - 16, len - 1 - 8 + 16, cnonce, d->controlkey)) { + if (crypto_box_curve25519xsalsa20poly1305_open_afternm((unsigned char*)raw, (unsigned char*)enc + 12 + 1 + 8 - 16, len - 1 - 8 + 16, cnonce, d->controlkey)) { fprintf(stderr, "Decryption of control packet failed len=%d\n", len); return -1; }
--- a/src/run.combined.c Sat Nov 23 16:58:54 2013 +0100 +++ b/src/run.combined.c Fri Jan 31 22:52:46 2014 +0100 @@ -52,7 +52,7 @@ #endif if (qtprocessargs(argc, argv) < 0) return -1; char* envval; - if (envval = getconf("PROTOCOL")) { + if ((envval = getconf("PROTOCOL"))) { if (strcmp(envval, "raw") == 0) { return qtrun(&qtproto_raw); } else if (strcmp(envval, "nacl0") == 0) {