Mercurial > hg > quicktun

changeset 62:5b9e742bb704

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Fixed compiler warnings, removed redundant version dependencies in debian package
author Ivo Smits <Ivo@UFO-Net.nl>
date Sat, 07 Jan 2017 15:47:19 +0100
parents 66d9d80215f0
children fa4983c5f7ea
files debian/static/DEBIAN/control src/proto.nacl0.c src/proto.nacltai.c src/proto.salty.c
diffstat 4 files changed, 20 insertions(+), 9 deletions(-) [+]
line wrap: on
line diff
--- a/debian/static/DEBIAN/control	Wed Jan 04 21:42:38 2017 +0100
+++ b/debian/static/DEBIAN/control	Sat Jan 07 15:47:19 2017 +0100
@@ -3,6 +3,6 @@
 Section: net
 Priority: optional
 Architecture: %ARCHITECTURE%
-Depends: bash, daemon, iproute (>= 20100519-3) | iproute2 (>= 20100519-3) | openvpn, passwd, coreutils
+Depends: bash, daemon, iproute (>= 20100519-1) | iproute2 | openvpn, passwd, coreutils
 Maintainer: Ivo Smits <ivo@ucis.nl>
 Description: Very simple, yet secure VPN software
--- a/src/proto.nacl0.c	Wed Jan 04 21:42:38 2017 +0100
+++ b/src/proto.nacl0.c	Sat Jan 07 15:47:19 2017 +0100
@@ -80,7 +80,8 @@
 	} else {
 		return errorexit("Missing PRIVATE_KEY");
 	}
-	crypto_box_curve25519xsalsa20poly1305_beforenm(d->cbefore, cpublickey, csecretkey);
+	if (crypto_box_curve25519xsalsa20poly1305_beforenm(d->cbefore, cpublickey, csecretkey))
+		return errorexit("Encryption key calculation failed");
 	return 0;
 }
 
--- a/src/proto.nacltai.c	Wed Jan 04 21:42:38 2017 +0100
+++ b/src/proto.nacltai.c	Sat Jan 07 15:47:19 2017 +0100
@@ -34,14 +34,15 @@
 };
 
 struct qt_proto_data_nacltai {
-	unsigned char cenonce[crypto_box_curve25519xsalsa20poly1305_NONCEBYTES], cdnonce[crypto_box_curve25519xsalsa20poly1305_NONCEBYTES];
+	unsigned char cenonce[crypto_box_curve25519xsalsa20poly1305_NONCEBYTES];
+	unsigned char cdnonce[crypto_box_curve25519xsalsa20poly1305_NONCEBYTES];
 	unsigned char cbefore[crypto_box_curve25519xsalsa20poly1305_BEFORENMBYTES];
 	struct packedtaia cdtailog[5];
 };
 
 #define noncelength 16
 #define nonceoffset (crypto_box_curve25519xsalsa20poly1305_NONCEBYTES - noncelength)
-static const int overhead                 = crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES + noncelength;
+static const int overhead = crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES + noncelength;
 
 static void taia_now_packed(unsigned char* b, int secoffset) {
 	struct timeval now;
@@ -70,7 +71,8 @@
 	struct qt_proto_data_nacltai* d = (struct qt_proto_data_nacltai*)sess->protocol_data;
 	memset(raw, 0, crypto_box_curve25519xsalsa20poly1305_ZEROBYTES);
 	taia_now_packed(d->cenonce + nonceoffset, 0);
-	if (crypto_box_curve25519xsalsa20poly1305_afternm((unsigned char*)enc, (unsigned char*)raw, len + crypto_box_curve25519xsalsa20poly1305_ZEROBYTES, d->cenonce, d->cbefore)) return errorexit("Encryption failed");
+	if (crypto_box_curve25519xsalsa20poly1305_afternm((unsigned char*)enc, (unsigned char*)raw, len + crypto_box_curve25519xsalsa20poly1305_ZEROBYTES, d->cenonce, d->cbefore))
+		return errorexit("Encryption failed");
 	memcpy((void*)(enc + crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES - noncelength), d->cenonce + nonceoffset, noncelength);
 	len += overhead;
 	if (debug) fprintf(stderr, "Encoded packet of %d bytes from %p to %p\n", len, raw, enc);
@@ -138,7 +140,8 @@
 	} else {
 		return errorexit("Missing PRIVATE_KEY");
 	}
-	crypto_box_curve25519xsalsa20poly1305_beforenm(d->cbefore, cpublickey, csecretkey);
+	if (crypto_box_curve25519xsalsa20poly1305_beforenm(d->cbefore, cpublickey, csecretkey))
+		return errorexit("Encryption key calculation failed");
 
 	memset(d->cenonce, 0, crypto_box_curve25519xsalsa20poly1305_NONCEBYTES);
 	memset(d->cdnonce, 0, crypto_box_curve25519xsalsa20poly1305_NONCEBYTES);
--- a/src/proto.salty.c	Wed Jan 04 21:42:38 2017 +0100
+++ b/src/proto.salty.c	Sat Jan 07 15:47:19 2017 +0100
@@ -209,7 +209,10 @@
 	memset(d->timestamps, 0, 5 * sizeof(uint32));
 	if (debug) dumphex("INIT DECODER SK", lkey, 32);
 	if (debug) dumphex("INIT DECODER RK", rkey, 32);
-	crypto_box_curve25519xsalsa20poly1305_beforenm(d->sharedkey, rkey, lkey);
+	if (crypto_box_curve25519xsalsa20poly1305_beforenm(d->sharedkey, rkey, lkey)) {
+		errorexit("Encryption key calculation failed");
+		abort();
+	}
 }
 
 static void sendkeyupdate(struct qtsession* sess, bool ack) {
@@ -291,7 +294,8 @@
 	} else {
 		return errorexit("Missing PRIVATE_KEY");
 	}
-	crypto_box_curve25519xsalsa20poly1305_beforenm(d->controlkey, cpublickey, csecretkey);
+	if (crypto_box_curve25519xsalsa20poly1305_beforenm(d->controlkey, cpublickey, csecretkey))
+		return errorexit("Encryption key calculation failed");
 	unsigned char cownpublickey[PUBLICKEYBYTES];
 	crypto_scalarmult_curve25519_base(cownpublickey, csecretkey);
 	int role = memcmp(cownpublickey, cpublickey, PUBLICKEYBYTES);
@@ -434,7 +438,10 @@
 			d->datalocalkeynextid = -1;
 		}
 		if (lkeyid == d->datalocalkeyid) {
-			crypto_box_curve25519xsalsa20poly1305_beforenm(enckey->sharedkey, d->dataremotekey, enckey->privatekey);
+			if (crypto_box_curve25519xsalsa20poly1305_beforenm(enckey->sharedkey, d->dataremotekey, enckey->privatekey)) {
+				errorexit("Encryption key calculation failed");
+				abort();
+			}
 			d->dataencoder = enckey;
 		}
 		if (debug) fprintf(stderr, "Decoded control packet: rkid=%d, lkid=%d, ack=%d, lkvalid=%d, uptodate=%d\n", d->dataremotekeyid, (cflags >> 5) & 0x01, (cflags >> 4) & 0x01, lkeyid != -1, d->datalocalkeynextid == -1);