j3d1/tinc
1
0
Fork 0
Code Issues 1 Pull requests Releases Wiki Activity

Initial revision

Browse source
This commit is contained in:
Ivo Timmermans 2000-03-26 00:33:07 +00:00
commit 1243156a5e
87 changed files with 27214 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
AUTHORS Normal file
View file

@ -0,0 +1,10 @@
Main tinc authors:
Guus Sliepen <guus@sliepen.warande.net>
Ivo Timmermans <zarq@iname.com>
Robert van der Meulen <emphyrio@null.net>
These files are from other sources:
* lib/pidfile.h and lib/pidfile.c are by Martin Schulze, taken from
the syslog 1.3 sources.
* The files cipher/blowfish/ and cipher/idea/ are from the SSLeay
package by Eric Young.

339
COPYING Normal file
View file

@ -0,0 +1,339 @@
GNU GENERAL PUBLIC LICENSE
Version 2, June 1991
Copyright (C) 1989, 1991 Free Software Foundation, Inc.
675 Mass Ave, Cambridge, MA 02139, USA
Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed.
Preamble
The licenses for most software are designed to take away your
freedom to share and change it. By contrast, the GNU General Public
License is intended to guarantee your freedom to share and change free
software--to make sure the software is free for all its users. This
General Public License applies to most of the Free Software
Foundation's software and to any other program whose authors commit to
using it. (Some other Free Software Foundation software is covered by
the GNU Library General Public License instead.) You can apply it to
your programs, too.
When we speak of free software, we are referring to freedom, not
price. Our General Public Licenses are designed to make sure that you
have the freedom to distribute copies of free software (and charge for
this service if you wish), that you receive source code or can get it
if you want it, that you can change the software or use pieces of it
in new free programs; and that you know you can do these things.
To protect your rights, we need to make restrictions that forbid
anyone to deny you these rights or to ask you to surrender the rights.
These restrictions translate to certain responsibilities for you if you
distribute copies of the software, or if you modify it.
For example, if you distribute copies of such a program, whether
gratis or for a fee, you must give the recipients all the rights that
you have. You must make sure that they, too, receive or can get the
source code. And you must show them these terms so they know their
rights.
We protect your rights with two steps: (1) copyright the software, and
(2) offer you this license which gives you legal permission to copy,
distribute and/or modify the software.
Also, for each author's protection and ours, we want to make certain
that everyone understands that there is no warranty for this free
software. If the software is modified by someone else and passed on, we
want its recipients to know that what they have is not the original, so
that any problems introduced by others will not reflect on the original
authors' reputations.
Finally, any free program is threatened constantly by software
patents. We wish to avoid the danger that redistributors of a free
program will individually obtain patent licenses, in effect making the
program proprietary. To prevent this, we have made it clear that any
patent must be licensed for everyone's free use or not licensed at all.
The precise terms and conditions for copying, distribution and
modification follow.
GNU GENERAL PUBLIC LICENSE
TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
0. This License applies to any program or other work which contains
a notice placed by the copyright holder saying it may be distributed
under the terms of this General Public License. The "Program", below,
refers to any such program or work, and a "work based on the Program"
means either the Program or any derivative work under copyright law:
that is to say, a work containing the Program or a portion of it,
either verbatim or with modifications and/or translated into another
language. (Hereinafter, translation is included without limitation in
the term "modification".) Each licensee is addressed as "you".
Activities other than copying, distribution and modification are not
covered by this License; they are outside its scope. The act of
running the Program is not restricted, and the output from the Program
is covered only if its contents constitute a work based on the
Program (independent of having been made by running the Program).
Whether that is true depends on what the Program does.
1. You may copy and distribute verbatim copies of the Program's
source code as you receive it, in any medium, provided that you
conspicuously and appropriately publish on each copy an appropriate
copyright notice and disclaimer of warranty; keep intact all the
notices that refer to this License and to the absence of any warranty;
and give any other recipients of the Program a copy of this License
along with the Program.
You may charge a fee for the physical act of transferring a copy, and
you may at your option offer warranty protection in exchange for a fee.
2. You may modify your copy or copies of the Program or any portion
of it, thus forming a work based on the Program, and copy and
distribute such modifications or work under the terms of Section 1
above, provided that you also meet all of these conditions:
a) You must cause the modified files to carry prominent notices
stating that you changed the files and the date of any change.
b) You must cause any work that you distribute or publish, that in
whole or in part contains or is derived from the Program or any
part thereof, to be licensed as a whole at no charge to all third
parties under the terms of this License.
c) If the modified program normally reads commands interactively
when run, you must cause it, when started running for such
interactive use in the most ordinary way, to print or display an
announcement including an appropriate copyright notice and a
notice that there is no warranty (or else, saying that you provide
a warranty) and that users may redistribute the program under
these conditions, and telling the user how to view a copy of this
License. (Exception: if the Program itself is interactive but
does not normally print such an announcement, your work based on
the Program is not required to print an announcement.)
These requirements apply to the modified work as a whole. If
identifiable sections of that work are not derived from the Program,
and can be reasonably considered independent and separate works in
themselves, then this License, and its terms, do not apply to those
sections when you distribute them as separate works. But when you
distribute the same sections as part of a whole which is a work based
on the Program, the distribution of the whole must be on the terms of
this License, whose permissions for other licensees extend to the
entire whole, and thus to each and every part regardless of who wrote it.
Thus, it is not the intent of this section to claim rights or contest
your rights to work written entirely by you; rather, the intent is to
exercise the right to control the distribution of derivative or
collective works based on the Program.
In addition, mere aggregation of another work not based on the Program
with the Program (or with a work based on the Program) on a volume of
a storage or distribution medium does not bring the other work under
the scope of this License.
3. You may copy and distribute the Program (or a work based on it,
under Section 2) in object code or executable form under the terms of
Sections 1 and 2 above provided that you also do one of the following:
a) Accompany it with the complete corresponding machine-readable
source code, which must be distributed under the terms of Sections
1 and 2 above on a medium customarily used for software interchange; or,
b) Accompany it with a written offer, valid for at least three
years, to give any third party, for a charge no more than your
cost of physically performing source distribution, a complete
machine-readable copy of the corresponding source code, to be
distributed under the terms of Sections 1 and 2 above on a medium
customarily used for software interchange; or,
c) Accompany it with the information you received as to the offer
to distribute corresponding source code. (This alternative is
allowed only for noncommercial distribution and only if you
received the program in object code or executable form with such
an offer, in accord with Subsection b above.)
The source code for a work means the preferred form of the work for
making modifications to it. For an executable work, complete source
code means all the source code for all modules it contains, plus any
associated interface definition files, plus the scripts used to
control compilation and installation of the executable. However, as a
special exception, the source code distributed need not include
anything that is normally distributed (in either source or binary
form) with the major components (compiler, kernel, and so on) of the
operating system on which the executable runs, unless that component
itself accompanies the executable.
If distribution of executable or object code is made by offering
access to copy from a designated place, then offering equivalent
access to copy the source code from the same place counts as
distribution of the source code, even though third parties are not
compelled to copy the source along with the object code.
4. You may not copy, modify, sublicense, or distribute the Program
except as expressly provided under this License. Any attempt
otherwise to copy, modify, sublicense or distribute the Program is
void, and will automatically terminate your rights under this License.
However, parties who have received copies, or rights, from you under
this License will not have their licenses terminated so long as such
parties remain in full compliance.
5. You are not required to accept this License, since you have not
signed it. However, nothing else grants you permission to modify or
distribute the Program or its derivative works. These actions are
prohibited by law if you do not accept this License. Therefore, by
modifying or distributing the Program (or any work based on the
Program), you indicate your acceptance of this License to do so, and
all its terms and conditions for copying, distributing or modifying
the Program or works based on it.
6. Each time you redistribute the Program (or any work based on the
Program), the recipient automatically receives a license from the
original licensor to copy, distribute or modify the Program subject to
these terms and conditions. You may not impose any further
restrictions on the recipients' exercise of the rights granted herein.
You are not responsible for enforcing compliance by third parties to
this License.
7. If, as a consequence of a court judgment or allegation of patent
infringement or for any other reason (not limited to patent issues),
conditions are imposed on you (whether by court order, agreement or
otherwise) that contradict the conditions of this License, they do not
excuse you from the conditions of this License. If you cannot
distribute so as to satisfy simultaneously your obligations under this
License and any other pertinent obligations, then as a consequence you
may not distribute the Program at all. For example, if a patent
license would not permit royalty-free redistribution of the Program by
all those who receive copies directly or indirectly through you, then
the only way you could satisfy both it and this License would be to
refrain entirely from distribution of the Program.
If any portion of this section is held invalid or unenforceable under
any particular circumstance, the balance of the section is intended to
apply and the section as a whole is intended to apply in other
circumstances.
It is not the purpose of this section to induce you to infringe any
patents or other property right claims or to contest validity of any
such claims; this section has the sole purpose of protecting the
integrity of the free software distribution system, which is
implemented by public license practices. Many people have made
generous contributions to the wide range of software distributed
through that system in reliance on consistent application of that
system; it is up to the author/donor to decide if he or she is willing
to distribute software through any other system and a licensee cannot
impose that choice.
This section is intended to make thoroughly clear what is believed to
be a consequence of the rest of this License.
8. If the distribution and/or use of the Program is restricted in
certain countries either by patents or by copyrighted interfaces, the
original copyright holder who places the Program under this License
may add an explicit geographical distribution limitation excluding
those countries, so that distribution is permitted only in or among
countries not thus excluded. In such case, this License incorporates
the limitation as if written in the body of this License.
9. The Free Software Foundation may publish revised and/or new versions
of the General Public License from time to time. Such new versions will
be similar in spirit to the present version, but may differ in detail to
address new problems or concerns.
Each version is given a distinguishing version number. If the Program
specifies a version number of this License which applies to it and "any
later version", you have the option of following the terms and conditions
either of that version or of any later version published by the Free
Software Foundation. If the Program does not specify a version number of
this License, you may choose any version ever published by the Free Software
Foundation.
10. If you wish to incorporate parts of the Program into other free
programs whose distribution conditions are different, write to the author
to ask for permission. For software which is copyrighted by the Free
Software Foundation, write to the Free Software Foundation; we sometimes
make exceptions for this. Our decision will be guided by the two goals
of preserving the free status of all derivatives of our free software and
of promoting the sharing and reuse of software generally.
NO WARRANTY
11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN
OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS
TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE
PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
REPAIR OR CORRECTION.
12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
POSSIBILITY OF SUCH DAMAGES.
END OF TERMS AND CONDITIONS
Appendix: How to Apply These Terms to Your New Programs
If you develop a new program, and you want it to be of the greatest
possible use to the public, the best way to achieve this is to make it
free software which everyone can redistribute and change under these terms.
To do so, attach the following notices to the program. It is safest
to attach them to the start of each source file to most effectively
convey the exclusion of warranty; and each file should have at least
the "copyright" line and a pointer to where the full notice is found.
<one line to give the program's name and a brief idea of what it does.>
Copyright (C) 19yy <name of author>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
Also add information on how to contact you by electronic and paper mail.
If the program is interactive, make it output a short notice like this
when it starts in an interactive mode:
Gnomovision version 69, Copyright (C) 19yy name of author
Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
This is free software, and you are welcome to redistribute it
under certain conditions; type `show c' for details.
The hypothetical commands `show w' and `show c' should show the appropriate
parts of the General Public License. Of course, the commands you use may
be called something other than `show w' and `show c'; they could even be
mouse-clicks or menu items--whatever suits your program.
You should also get your employer (if you work as a programmer) or your
school, if any, to sign a "copyright disclaimer" for the program, if
necessary. Here is a sample; alter the names:
Yoyodyne, Inc., hereby disclaims all copyright interest in the program
`Gnomovision' (which makes passes at compilers) written by James Hacker.
<signature of Ty Coon>, 1 April 1989
Ty Coon, President of Vice
This General Public License does not permit incorporating your program into
proprietary programs. If your program is a subroutine library, you may
consider it more useful to permit linking proprietary applications with the
library. If this is what you want to do, use the GNU Library General
Public License instead of this License.

623
ChangeLog Normal file
View file

@ -0,0 +1,623 @@
2000-02-07 Guus Sliepen <guus@sliepen.warande.net>
* Version 0.3.3
* src/net.c: fixed add_mac_addresses to work with the latest
kernels. Requires properly set up MAC address of the tap
device and some changes to config file.
1999-10-20 Ivo Timmermans <zarq@iname.com>
* src/net.c (add_queue), src/net.h: removed `prev' element
1999-09-17 Ivo Timmermans <zarq@iname.com>
* configure.in: define __USE_BSD, used in lib/xmalloc.c
1999-08-23 Ivo Timmermans <zarq@iname.com>
* src/tincd.c (detach): initialize xalloc_fail_func
* src/protocol.c (key_changed_h): use key_changed_t
1999-08-20 Ivo Timmermans <zarq@iname.com>
* Version 0.3
* cipher/Makefile.am src/Makefile.am: remove the -ansi -Wall
compiler flags
1999-08-19 Ivo Timmermans <zarq@iname.com>
* src/net.c: made some messages more userfriendly
(xsend, xrecv): the right amount of bytes
(handle_tap_input): check for short IP packets
* cipher/cipher.c (do_encrypt): calculate out->len the readable
way; added two bytes to in->len in calculation
1999-08-15 Ivo Timmermans <zarq@iname.com>
* Version 0.2.26
* src/net.c (send_packet): open an udp socket if necessary
(setup_vpn_connection): set status.dataopen to 1
(write_n): new function, called from xrecv
* src/protocol.c (add_host_h): don't open a data connection yet
* src/net.h: new status flag `dataopen'
* src/net.c, src/protocol.c, src/tincd.c: revisited syslog
messages
* src/net.c (flush_queue): largely copied from prune_conn_list in
netutl.c
1999-08-13 Ivo Timmermans <zarq@iname.com>
* src/protocol.c (ans_key_h): test if the key's for us with an
exact match
1999-08-12 Ivo Timmermans <zarq@iname.com>
* src/net.c (send_packet): add two more bytes to the queue
(send_broadcast_ping): remember time
(main_loop): test for timeout even when select didn't timeout
* src/netutl.h (dump_conn_list): added proto for dump_conn_list
* src/tincd.c (make_names): use CONFDIR as base directory, from a
patch by James
(sigusr2_handler): new function, call regenerate_keys
(setup_signals): install sigusr2_handler
* src/net.c (xrecv): write two more bytes to the tap device
* src/Makefile.am: define CONFDIR
* src/netutl.c (lookup_conn): check for exact match first
1999-08-08 Ivo Timmermans <zarq@iname.com>
* src/net.c (send_packet): do not check for our own idea of an
expired key, we would have known about this anyway, via the
KEY_CHANGED request.
* Version 0.2.25
* Did some rechecking on the debuglevels
* src/protocol.c (notify_one): call getsockopt
(ack_h): check if another request follows me
(add_host_h): idem
* src/netutl.c (prune_conn_list): rewritten
* src/protocol.c (del_host_h): return 0 when deleting someone that
we do not know of, as this is not fatal.
* src/net.c (close_network_connections): moved the send_termreq
over to where it belongs
* src/netutl.c (dump_conn_list): new function, called from
sigusr1_handler
* src/tincd.c (sigusr1_handler): new function
1999-08-07 Ivo Timmermans <zarq@iname.com>
* Version 0.2.24
* doc/tincd.conf.5: added documentation for the KeyExpire value
* src/tincd.c (sigsegv_handler): act nicely on a second segv
* src/encr.c (recalculate_encryption_keys): new function, called
from regenerate_keys
* src/protocol.c (set_keys): alloc strlen(ek) instead of k->len
bytes for encryption key
* src/protocol.h: added prototype for send_key_changed2
* src/protocol.c (send_key_changed): new function
(key_changed_h): new function
(send_key_changed2): new function
* src/protocol.h: new request type: KEY_CHANGED
* src/tincd.c (sigsegv_handler): ignore any following SIGSEGV's
* cipher/cipher.h: add prototype for cipher_init
* src/net.c (send_packet): check for expiring keys
(handle_incoming_vpn_data): idem
* src/protocol.c (send_key_answer): use `my_key_expiry'
* src/encr.c (generate_private_key): adjust my_key_expiry
(regenerate_keys): new function
* src/conf.c: add configure option `KeyExpire'
* src/encr.c: add key expiration times
1999-08-05 Ivo Timmermans <zarq@iname.com>
* Version 0.2.23
* I don't know what I did, but at least everything seems to work
ok now :) Have a look at the diff to know what's changed.
1999-08-03 Ivo Timmermans <zarq@iname.com>
* src/protocol.c (public_key_h): moved the `Connection activated'
message over to send_ack
* src/net.c (send_packet): add 4 bytes less to the sendqueue
(twice)
1999-08-02 Ivo Timmermans <zarq@iname.com>
* src/net.c (add_mac_addresses): switched 30 and 26 in indices, as
Hans suggested
* src/netutl.c (prune_conn_list): changed, partly from a patch
from Hans
* src/tincd.c (detach): added debug level in startup message
1999-06-18 Ivo Timmermans <zarq@iname.com>
* doc/Makefile.am: removed design* from build process
* configure.in: added __USE_BSD define for libc5 systems
1999-05-09 Ivo Timmermans <zarq@iname.com>
* doc/tinc.texi: merged with design.texi
1999-05-08 Ivo Timmermans <zarq@iname.com>
* doc/Makefile.am: included tinc.texi
1999-05-05 Ivo Timmermans <zarq@iname.com>
* cipher/cipher.c, cipher/cipher.h, src/encr.c: replaced all
occurrences of `cypher' by `cipher'
1999-04-16 Ivo Timmermans <zarq@iname.com>
* AUTHORS: added acknowledgements for Martin Schulze and Eric
Young
* TODO: updated a little
1999-04-11 Ivo Timmermans <zarq@iname.com>
* Version 0.2.22
* src/encr.c (free_key): return if key == NULL
* src/protocol.c (send_del_host): new function
(del_host_h): new function
(termreq_h): call notify_others(..., send_del_host)
(add_host_h): update call to notify_others
* src/netutl.c (free_conn_element): call free_key twice
* src/encr.c (free_key): new function, updated encr.h
* src/netutl.c (free_conn_element): free the send/recv queues
(destroy_queue): new function, called by free_conn_element
(destroy_conn_list): use free_conn_element
* src/protocol.h: new request DEL_HOST, new typedef del_host_t
* placed some random comments
* src/net.c (strtoip): moved to netutl.c; updated net.h and
netutl.h
* src/protocol.c (notify_one): new function
1999-04-10 Ivo Timmermans <zarq@iname.com>
* src/net.c (hostlookup): moved to netutl.c; updated netutl.h
* src/protocol.c (public_key_h): removed half of the whole
function, mainly because we handle keys differently now
(notify_others): don't test for `myself'
(public_key_h): call notify_others
(notify_others): test for the source
(public_key_h): updated accordingly
(add_host_h): extended
* src/net.h: removed field `nr' from conn_list_t
* Version 0.2.21
* src/net.c (flush_queue): meddled with some pointers, thanks to
Fruit for helping me out on this one
1999-04-09 Ivo Timmermans <zarq@iname.com>
* src/netutl.c (lookup_conn): removed `const' keyword
* src/net.h: merged sq_element_t and rq_element_t into
queue_element_t and send_queue_t and recv_queue_t into
packet_queue_t; updated conn_list_t
* src/net.c: moved lookup_conn, free_conn_list, prune_conn_list,
new_conn_list, destroy_list to netutl.c, updated net.h and
netutl.h
(flush_queue): written as a generalized version of flush_*_queue
(add_queue): generalized
(add_recv_queue): removed
* src/Makefile.am: added netutl.c and netutl.h
* src/netutl.h: new file
* src/netutl.c: new file
* src/net.c (add_recv_queue): written.. but we need something
better
* src/protocol.c (send_key_request): test for fw == NULL
1999-04-08 Ivo Timmermans <zarq@iname.com>
* src/net.c (xsend): send `from' field
* src/net.h: added field `from' to struct real_packet_t
* src/protocol.h: increased protocol version, protocol 3 or lower
is not supported anymore.
* src/net.c (handle_incoming_vpn_data): test for valid key before
decrypting; updated protocol.h
* src/protocol.c: include utils.h
(set_keys): new function
(ans_key_h): flush queue when key arrived
(send_key_request): removed parameter `cl'
* lib/Makefile.am: updated to include utils.c/h
* lib/utils.c: new file
* lib/utils.h: new file
* src/encr.c (powerize): rewritten, changed name to
make_shared_key, updated src/encr.h
* src/protocol.c (send_passphrase): don't print out that ugly
passphrase
(req_key_h): send key to tmp->from instead of tmp->to :)
(calculate_h, calc_res_h, almost_key_h): removed, we now have a
better way of dealing with keys anyway
* src/net.c (new_conn_list): initialize p->nexthop to p
* src/protocol.c (req_key_h): written
(send_key_answer): new function
(ans_key_h): written
* src/net.h: added field waitingforkey to status_bits_t
added field nexthop to conn_list_t
1999-04-07 Ivo Timmermans <zarq@iname.com>
* src/protocol.c (send_key_request): new function
* src/protocol.h: added REQ_KEY, ANS_KEY, key_req_t
* src/net.h: add `validkey' to struct status_bits_t
* Version 0.2.20 (intermediate)
* src/net.c (handle_incoming_vpn_data): update call to do_decrypt
* cipher/cipher.c (do_encrypt): add parameter `key', call
cipher_set_key
(do_decrypt): idem
* src/net.c (handle_tap_input): moved de_encrypt call to xsend
* src/protocol.c: added req_key_h and ans_key_h
* src/net.c (add_queue): removed `to'
(send_packet): changed call to add_queue accordingly
* src/net.h: removed field `to' from sq_element_t
* src/net.c (flush_queue): new function
(send_packet): call flush_queue before attempting to send
* src/net.h: included public and shared keys in struct conn_list_t
1999-04-06 Ivo Timmermans <zarq@iname.com>
* src/net.c (add_queue): written
* src/net.h: added new field sq to conn_list_t, declared struct
send_queue_t and sq_element_t
* src/key.c: new file
* src/key.h: new file
1999-04-03 Ivo Timmermans <zarq@iname.com>
* Version 0.2.19
* cipher/Makefile.am: don't make and install a libcipher.so
* Version 0.2.18
* src/encr.c (security_init): call cypher_init
* cipher/cipher.c (cypher_init): written, sets values to
dynamically loaded functions
* configure.in: added libtool support, various Makefile.am were
also updated
* src/genauth.c: removed the encrypting part
* src/net.c (handle_incoming_vpn_data): updated call to
do_bf_decrypt to do_encrypt
(handle_tap_input): same with the call to do_bf_encrypt
* cipher/cipher.c (low_bf_crypt_key): written
(do_encrypt, do_decrypt): written (hardcoded to blowfish)
* src/encr.c (low_bf_crypt_key, do_bf_encrypt, do_bf_decrypt):
romeved
* configure.in: added support for libtool, Makefiles in the dir
`cipher' added
* Makefile.am: include this new dir, libbf removed
* new dir `cipher', moved libbf into it, renamed to blowfish
1999-04-02 Ivo Timmermans <zarq@iname.com>
* src/net.c (check_network_activity): handle an error on outgoing
data connection
1999-04-01 Ivo Timmermans <zarq@iname.com>
* Version 0.2.17
* src/net.c (destroy_conn_list): written
(close_network_connections): call destroy_conn_list()
* configure.in: added some more tests.
* src/tincd.c (sigsegv_handler): re-execute with g_argv
* Version 0.2.16
* doc/Makefile.maint: replaced man_MANS with dyn_MANS
* doc/Makefile.am: it didn't install tincd.conf.5
* doc/tincd.conf.5: written
* doc/tincd.conf.sample: rewritten to reflect these changes in
syntax
* src/conf.c (readconfig): rewritten. config file now accepts and
tolerates spaces, and any integer base for integer variables, and
better error reporting. parsing is now case insensitive. = signs
may be omitted.
1999-03-31 Ivo Timmermans <zarq@iname.com>
* doc/Makefile.am (EXTRA_DIST): included tincd.conf.sample
1999-03-29 Ivo Timmermans <zarq@iname.com>
* Version 0.2.15
* src/tincd.c (sighup_handler): close and re-open all network
connections
(sigsegv_handler): ignoring it for now
* src/conf.h (get_config_val): added declaration
* src/net.c (get_timeout): removed, moved code to
setup_network_connections
* src/tincd.c (parse_options): Call add_config_val() instead of
storing it in `timeout'
1999-02-10 Ivo Timmermans <zarq@iname.com>
* Version 0.2.14
* src/net.c (get_timeout): added
(main_loop): call get_timeout
* src/conf.c, src/conf.h: PingTimeout config option added
* src/conf.c, src/conf.h: timeout declared
* src/tincd.c (long_options, usage, parse_options): Added -t option
1999-01-25 Ivo Timmermans <zarq@iname.com>
* src/encr.c (low_bf_crypt): obsolete, removed
* src/net.c (terminate_connection): special case for ping timeouts
(check_dead_connections): set timeout flag
* src/protocol.c (send_timeout, timeout_h): written
1999-01-24 Ivo Timmermans <zarq@iname.com>
* src/net.c (free_conn_element): written; updated prune_conn_list
to use it
(new_conn_list): written
(create_new_connection): uses new_conn_list, updated call from
handle_new_meta_connection
* src/net.h: added hostname field to conn_list_t, updated several
functions to use and initialize it
1999-01-23 Ivo Timmermans <zarq@iname.com>
* src/net.c (prune_conn_list): simplified
* configure.in: increased version number to 0.2.14
* Version 0.2.13
* src/net.c (delete_conn_from_list): removed
(prune_conn_list): written
(setup_outgoing_connection, create_new_connection,
handle_new_meta_connection): status.remove = 0
(main_loop): inserted call to prune_conn_list
(check_network_activity, check_dead_connections,
send_broadcast_ping, terminate_connection): added test for
status.remove
(terminate_connection): set status.remove to 1 instead of just
deleting an entry
* src/net.h: added field `remove' to struct status_bits_t
* configure.in: increased version number to 0.2.13
* Version 0.2.12
* src/net.c (create_new_connection): removed the `initiating
authentication sequence.' part of the message
(delete_conn_from_list): rewritten
(check_dead_connections): all those SEGV's came from here, when a
free'd p was referenced in the next step of the for loop
1999-01-22 Ivo Timmermans <zarq@iname.com>
* src/net.c (terminate_connection): remove calls to shutdown()
* configure.in: increased version number to 0.2.12
* Version 0.2.11
* src/net.c (setup_myself): myself->status.active=1 when
successfully set up, so that the appropriate sockets may be closed
(close_network_connections): updated to use that information
default value for myself is NULL
(close_network_connections): test if myself != NULL before
referencing it
* src/conf.c (add_config_val): new values now get added in front
of the list
* src/conf.h: removed value for privatekeyfile
* src/protocol.c (send_public_key): used sizeof(public_key_t) for
dynamic allocation
1999-01-20 Ivo Timmermans <zarq@iname.com>
* TODO: written; updated Makefile.am to include TODO in
distribution
* doc/tincd.x: written
* src/tincd.c (usage): some text beautifying
1999-01-19 Ivo Timmermans <zarq@iname.com>
* doc/Makefile.am: updated to use help2man
* configure.in: added test for perl which is in m4/perl.m4
* m4/perl.m4, doc/GNUmakefile, doc/Makefile.maint,
doc/Makefile.summ, doc/help2man: included from fileutils 4.0
1999-01-18 Ivo Timmermans <zarq@iname.com>
* src/tincd.c (main): updated to point to COPYING and AUTHORS when
requesting version info
* src/protocol.c (send_public_key): updated to use new
public_key_t struct
* src/encr.c (calculate_shared_key): renamed to set_shared_key,
changed prototype accordingly in src/encr.h
(set_shared_key): dynamic allocation of tmp
removed definitions for his_public_key and our_shared_key
include stdlib.h
(get_public_key): removed, obsolete due to my_public_key_base36,
also removed prototype from src/encr.h
* src/encr.h: changed prototype for powerize
* src/encr.c (powerize): rewritten, args changed
* src/protocol.c (send_calculate): written
* src/protocol.h: added declarations for struct calculate_t and
struct public_key_t
* src/encr.h: add declaration for my_public_key_base36
* src/encr.c (calculate_public_key): also store my public key in
the variable my_public_key_base36, for later use in protocol.c
* src/net.h: added field `nr' to struct conn_list_t
added some comments
* src/protocol.c (public_key_h): starts calculation of a shared
key instead of immediately activating connection
* src/net.c (strtoip): fixed ip->ip assignment
* src/conf.c: #include net.h
(add_config_val): removed superfluous xmalloc
* src/net.h: added prototype tor strtoip
* src/conf.c (strtoip): rewritten to accept textual hostnames
replaced all calls to charpos() with strchr()
removed charpos()
(strtoip): moved to net.c
* configure.in: increased version number to 0.2.11
* Version 0.2.10
* src/tincd.c: Did some function re-ordering and commenting
* src/encr.c (low_bf_crypt_key): copied from low_bf_crypt, this
function also requires an encrypting key to be given
(encrypt_passphrase): Updated to use low_bf_crypt_key
(verify_passphrase): Updated to use low_bf_crypt_key
1999-01-14 Ivo Timmermans <zarq@iname.com>
* src/encr.c (verify_passphrase): written
(encrypt_passphrase): written
* src/protocol.c (send_passphrase): calls encrypt_passphrase
* src/encr.c (read_passphrase): rewritten
(security_init): updated to call read_passphrase
* src/tincd.c (make_names): created new variable confbase
1999-01-13 Ivo Timmermans <zarq@iname.com>
* NEWS: added mention of 0.2.10
* configure.in: increased version to 0.2.10
* restarted this ChangeLog thingy.

182
INSTALL Normal file
View file

@ -0,0 +1,182 @@
Basic Installation
==================
These are generic installation instructions.
The `configure' shell script attempts to guess correct values for
various system-dependent variables used during compilation. It uses
those values to create a `Makefile' in each directory of the package.
It may also create one or more `.h' files containing system-dependent
definitions. Finally, it creates a shell script `config.status' that
you can run in the future to recreate the current configuration, a file
`config.cache' that saves the results of its tests to speed up
reconfiguring, and a file `config.log' containing compiler output
(useful mainly for debugging `configure').
If you need to do unusual things to compile the package, please try
to figure out how `configure' could check whether to do them, and mail
diffs or instructions to the address given in the `README' so they can
be considered for the next release. If at some point `config.cache'
contains results you don't want to keep, you may remove or edit it.
The file `configure.in' is used to create `configure' by a program
called `autoconf'. You only need `configure.in' if you want to change
it or regenerate `configure' using a newer version of `autoconf'.
The simplest way to compile this package is:
1. `cd' to the directory containing the package's source code and type
`./configure' to configure the package for your system. If you're
using `csh' on an old version of System V, you might need to type
`sh ./configure' instead to prevent `csh' from trying to execute
`configure' itself.
Running `configure' takes awhile. While running, it prints some
messages telling which features it is checking for.
2. Type `make' to compile the package.
3. Optionally, type `make check' to run any self-tests that come with
the package.
4. Type `make install' to install the programs and any data files and
documentation.
5. You can remove the program binaries and object files from the
source code directory by typing `make clean'. To also remove the
files that `configure' created (so you can compile the package for
a different kind of computer), type `make distclean'. There is
also a `make maintainer-clean' target, but that is intended mainly
for the package's developers. If you use it, you may have to get
all sorts of other programs in order to regenerate files that came
with the distribution.
Compilers and Options
=====================
Some systems require unusual options for compilation or linking that
the `configure' script does not know about. You can give `configure'
initial values for variables by setting them in the environment. Using
a Bourne-compatible shell, you can do that on the command line like
this:
CC=c89 CFLAGS=-O2 LIBS=-lposix ./configure
Or on systems that have the `env' program, you can do it like this:
env CPPFLAGS=-I/usr/local/include LDFLAGS=-s ./configure
Compiling For Multiple Architectures
====================================
You can compile the package for more than one kind of computer at the
same time, by placing the object files for each architecture in their
own directory. To do this, you must use a version of `make' that
supports the `VPATH' variable, such as GNU `make'. `cd' to the
directory where you want the object files and executables to go and run
the `configure' script. `configure' automatically checks for the
source code in the directory that `configure' is in and in `..'.
If you have to use a `make' that does not supports the `VPATH'
variable, you have to compile the package for one architecture at a time
in the source code directory. After you have installed the package for
one architecture, use `make distclean' before reconfiguring for another
architecture.
Installation Names
==================
By default, `make install' will install the package's files in
`/usr/local/bin', `/usr/local/man', etc. You can specify an
installation prefix other than `/usr/local' by giving `configure' the
option `--prefix=PATH'.
You can specify separate installation prefixes for
architecture-specific files and architecture-independent files. If you
give `configure' the option `--exec-prefix=PATH', the package will use
PATH as the prefix for installing programs and libraries.
Documentation and other data files will still use the regular prefix.
In addition, if you use an unusual directory layout you can give
options like `--bindir=PATH' to specify different values for particular
kinds of files. Run `configure --help' for a list of the directories
you can set and what kinds of files go in them.
If the package supports it, you can cause programs to be installed
with an extra prefix or suffix on their names by giving `configure' the
option `--program-prefix=PREFIX' or `--program-suffix=SUFFIX'.
Optional Features
=================
Some packages pay attention to `--enable-FEATURE' options to
`configure', where FEATURE indicates an optional part of the package.
They may also pay attention to `--with-PACKAGE' options, where PACKAGE
is something like `gnu-as' or `x' (for the X Window System). The
`README' should mention any `--enable-' and `--with-' options that the
package recognizes.
For packages that use the X Window System, `configure' can usually
find the X include and library files automatically, but if it doesn't,
you can use the `configure' options `--x-includes=DIR' and
`--x-libraries=DIR' to specify their locations.
Specifying the System Type
==========================
There may be some features `configure' can not figure out
automatically, but needs to determine by the type of host the package
will run on. Usually `configure' can figure that out, but if it prints
a message saying it can not guess the host type, give it the
`--host=TYPE' option. TYPE can either be a short name for the system
type, such as `sun4', or a canonical name with three fields:
CPU-COMPANY-SYSTEM
See the file `config.sub' for the possible values of each field. If
`config.sub' isn't included in this package, then this package doesn't
need to know the host type.
If you are building compiler tools for cross-compiling, you can also
use the `--target=TYPE' option to select the type of system they will
produce code for and the `--build=TYPE' option to select the type of
system on which you are compiling the package.
Sharing Defaults
================
If you want to set default values for `configure' scripts to share,
you can create a site shell script called `config.site' that gives
default values for variables like `CC', `cache_file', and `prefix'.
`configure' looks for `PREFIX/share/config.site' if it exists, then
`PREFIX/etc/config.site' if it exists. Or, you can set the
`CONFIG_SITE' environment variable to the location of the site script.
A warning: not all `configure' scripts look for a site script.
Operation Controls
==================
`configure' recognizes the following options to control how it
operates.
`--cache-file=FILE'
Use and save the results of the tests in FILE instead of
`./config.cache'. Set FILE to `/dev/null' to disable caching, for
debugging `configure'.
`--help'
Print a summary of the options to `configure', and exit.
`--quiet'
`--silent'
`-q'
Do not print messages saying which checks are being made. To
suppress all normal output, redirect it to `/dev/null' (any error
messages will still be shown).
`--srcdir=DIR'
Look for the package's source code in directory DIR. Usually
`configure' can determine that directory automatically.
`--version'
Print the version of Autoconf used to generate the `configure'
script, and exit.
`configure' also accepts some other, not widely useful, options.

10
Makefile.am Normal file
View file

@ -0,0 +1,10 @@
## Process this file with automake to get Makefile.in
AUTOMAKE_OPTIONS = gnits
SUBDIRS = m4 lib cipher src doc
ACLOCAL_AMFLAGS = -I m4
EXTRA_DIST = TODO

115
NEWS Normal file
View file

@ -0,0 +1,115 @@
version 0.3.4 Feb 19 2000
* The fix that was in 0.3.3 appeared to be wrong. Fixed now.
version 0.3.3 Feb 9 2000
* Fixed bug that made tinc stop working with latest kernels (Guus
Sliepen)
* Updated the manual
version 0.3.2 Nov 12 1999
* no more `Invalid filedescriptor' when working with multiple
connections
* forward unknown packets to uplink
version 0.3.1 Oct 20 1999
* fixed a bug where tinc would exit without a trace
version 0.3 Aug 20 1999
* pings now work immediately
* all packet sizes get transmitted correctly
version 0.2.26 Aug 15 1999
* fixed some remaining bugs
* --sysconfdir works with configure
* last version before 0.3
version 0.2.25 Aug 8 1999
* improved stability, going towards 0.3 now.
version 0.2.24 Aug 7 1999
* added key aging, there's a new config variable, KeyExpire.
* updated man and info pages
version 0.2.23 Aug 5 1999
* all known bugs fixed, this is a candidate for 0.3
version 0.2.22 Apr 11 1999
* multiconnection thing is now working nearly perfect :)
version 0.2.21 Apr 10 1999
* You shouldn't notice a thing, but a lot has changed wrt key
management - except that it refuses to talk to versions < 0.2.20
version 0.2.20
version 0.2.19 Apr 3 1999
* don't install a libcipher.so
version 0.2.18 Apr 3 1999
* blowfish library dynamically loaded upon execution
* included Eric Young's IDEA library
version 0.2.17 Apr 1 1999
* tincd now re-executes itself in case of a segmentation fault.
version 0.2.16 Apr 1 1999
* wrote tincd.conf(5) man page, which still needs a lot of work.
* config file now accepts and tolerates spaces, and any integer base
for integer variables, and better error reporting. See
doc/tincd.conf.sample for an example.
version 0.2.15 Mar 29 1999
* fixed bugs
version 0.2.14 Feb 10 1999
* added --timeout flag and PingTimeout configuration
* did some first syslog cleanup work
version 0.2.13 Jan 23 1999
* bugfixes
version 0.2.12 Jan 23 1999
* fixed nauseating bug so that it would crash whenever a connection
got lost
version 0.2.11 Jan 22 1999
* framework for multiple connections has been done
* simple manpage for tincd
version 0.2.10 Jan 18 1999
* passphrase support added
version 0.2.9 Jan 13 1999
* bugs fixed.
version 0.2.8 Jan 11 1999
* a reworked protocol version
* a ping/pong system
* more reliable networking code
* automatic reconnection
* still does not work with more than one connection :)
* strips MAC addresses before sending, so there's less overhead, and
less redundancy
version 0.2.7 Jan 3 1999
* several updates to make extending more easy.
version 0.2.6 Dec 20 1998
* Point-to-Point connections have been established, including
blowfish encryption and a secret key-exchange.
version 0.2.5 Dec 16 1998
* Project renamed to tinc, in honour of TINC.
version 0.2.4 Dec 16 1998
* now it really does ;)
version 0.2.3 Nov 24 1998
* it sort of works now
version 0.2.2 Nov 20 1998
* uses GNU gmp.
version 0.2.1 Nov 14 1998
* Bare version.

33
README Normal file
View file

@ -0,0 +1,33 @@
This is the README file for tinc version 0.3.
Installation instructions may be found in the INSTALL file.
tinc is Copyright (C) 1998,99 Ivo Timmermans <zarq@iname.com> and
others. For a complete list of authors see the AUTHORS file.
This product includes software developed by Eric Young (eay@mincom.oz.au)
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or (at
your option) any later version. See the file COPYING for more details.
This version of tinc relies on the GNU Multi-Precision Library
(gmp). This library is available from your nearest GNU mirror. Please
install this first even before trying to run configure. If you don't
do this, configure will (hopefully) mention it to you.
This version of tinc supports multiple virtual networks at once. To
use this feature, you may supply a netname via the -n or --net
options. The standard locations for the config files will then be
/etc/tinc/<net>/.
In this version, MAC addresses are stripped off before encoding and
sending a packet. When the packet reaches its destination, the MAC
addresses are rebuilt again. They then have the form
FE:FD:aa:bb:cc:dd. aa, bb, cc and dd are taken from the destination
and source IP address.
tincd regenerates its encryption key pairs. It does this on the first
activity after the keys have expired. This period is adjustable in the
configuration file, and the default time is 3600 seconds (one
hour). If you send a USR2 signal to the daemon, it'll regenerate
immediately.

17
THANKS Normal file
View file

@ -0,0 +1,17 @@
I would like to thank
* Guus Sliepen/guus
* Hans Bayle (for making some useful coding suggestions and fixing a
bug or two)
* James B. MacLean (for fixing several mission critical bugs, and for
giving me a few good ideas, and, most of all, for the wonderful
testing and debugging)
* Robert van der Meulen/Emphyrio
* Sander Smeenk/Fluor
* Tijs van Bakel/smoke
* Wessel Dankers/Fruit (for the name `tinc' and being a royal pain in
the ass (je hebt erom gevraagd))
for their help, support and ideas. Thank you guys!
And especially guus, for starting this whole project...

18
TODO Normal file
View file

@ -0,0 +1,18 @@
* write better documentation
* Adapt it to IPv6 - better yet, any protocol.
* this would require to base routing on MAC addresses instead of IP
addresses, as is done now. If this can be done, IPX is also
supported.
* let tinc assign a MAC address to the tap device, based on some
whacky number
* add a digital signature to each packet, using HMAC
* enable encryption using other ciphers (IDEA)
* the library is already included, but it cannot be used.
* allow multiple outgoing links, or a list of them, so that if a host
is not available, that we can select another from the list.
* support for multiple protocols; PPTP, IPSec, NIAS, L2TP,...

24
acconfig.h Normal file
View file

@ -0,0 +1,24 @@
/* Define to the name name of this package */
#undef PACKAGE
/* Define to the version of the package */
#undef VERSION
/* Define to rpl_malloc if the replacement function should be used. */
#undef malloc
/* Define to rpl_realloc if the replacement function should be used. */
#undef realloc
/* This is always defined. It enables GNU extensions on systems that
have them. */
#if !defined(_GNU_SOURCE)
# undef _GNU_SOURCE
#endif
#if !defined(__USE_BSD)
# undef __USE_BSD
#endif
#undef HAVE_NAMESPACES
#undef HAVE_STL

669
aclocal.m4 vendored Normal file
View file

@ -0,0 +1,669 @@
dnl aclocal.m4 generated automatically by aclocal 1.4
dnl Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc.
dnl This file is free software; the Free Software Foundation
dnl gives unlimited permission to copy and/or distribute it,
dnl with or without modifications, as long as this notice is preserved.
dnl This program is distributed in the hope that it will be useful,
dnl but WITHOUT ANY WARRANTY, to the extent permitted by law; without
dnl even the implied warranty of MERCHANTABILITY or FITNESS FOR A
dnl PARTICULAR PURPOSE.
# Do all the work for Automake. This macro actually does too much --
# some checks are only needed if your package does certain things.
# But this isn't really a big deal.
# serial 1
dnl Usage:
dnl AM_INIT_AUTOMAKE(package,version, [no-define])
AC_DEFUN(AM_INIT_AUTOMAKE,
[AC_REQUIRE([AC_PROG_INSTALL])
PACKAGE=[$1]
AC_SUBST(PACKAGE)
VERSION=[$2]
AC_SUBST(VERSION)
dnl test to see if srcdir already configured
if test "`cd $srcdir && pwd`" != "`pwd`" && test -f $srcdir/config.status; then
AC_MSG_ERROR([source directory already configured; run "make distclean" there first])
fi
ifelse([$3],,
AC_DEFINE_UNQUOTED(PACKAGE, "$PACKAGE", [Name of package])
AC_DEFINE_UNQUOTED(VERSION, "$VERSION", [Version number of package]))
AC_REQUIRE([AM_SANITY_CHECK])
AC_REQUIRE([AC_ARG_PROGRAM])
dnl FIXME This is truly gross.
missing_dir=`cd $ac_aux_dir && pwd`
AM_MISSING_PROG(ACLOCAL, aclocal, $missing_dir)
AM_MISSING_PROG(AUTOCONF, autoconf, $missing_dir)
AM_MISSING_PROG(AUTOMAKE, automake, $missing_dir)
AM_MISSING_PROG(AUTOHEADER, autoheader, $missing_dir)
AM_MISSING_PROG(MAKEINFO, makeinfo, $missing_dir)
AC_REQUIRE([AC_PROG_MAKE_SET])])
#
# Check to make sure that the build environment is sane.
#
AC_DEFUN(AM_SANITY_CHECK,
[AC_MSG_CHECKING([whether build environment is sane])
# Just in case
sleep 1
echo timestamp > conftestfile
# Do `set' in a subshell so we don't clobber the current shell's
# arguments. Must try -L first in case configure is actually a
# symlink; some systems play weird games with the mod time of symlinks
# (eg FreeBSD returns the mod time of the symlink's containing
# directory).
if (
set X `ls -Lt $srcdir/configure conftestfile 2> /dev/null`
if test "[$]*" = "X"; then
# -L didn't work.
set X `ls -t $srcdir/configure conftestfile`
fi
if test "[$]*" != "X $srcdir/configure conftestfile" \
&& test "[$]*" != "X conftestfile $srcdir/configure"; then
# If neither matched, then we have a broken ls. This can happen
# if, for instance, CONFIG_SHELL is bash and it inherits a
# broken ls alias from the environment. This has actually
# happened. Such a system could not be considered "sane".
AC_MSG_ERROR([ls -t appears to fail. Make sure there is not a broken
alias in your environment])
fi
test "[$]2" = conftestfile
)
then
# Ok.
:
else
AC_MSG_ERROR([newly created file is older than distributed files!
Check your system clock])
fi
rm -f conftest*
AC_MSG_RESULT(yes)])
dnl AM_MISSING_PROG(NAME, PROGRAM, DIRECTORY)
dnl The program must properly implement --version.
AC_DEFUN(AM_MISSING_PROG,
[AC_MSG_CHECKING(for working $2)
# Run test in a subshell; some versions of sh will print an error if
# an executable is not found, even if stderr is redirected.
# Redirect stdin to placate older versions of autoconf. Sigh.
if ($2 --version) < /dev/null > /dev/null 2>&1; then
$1=$2
AC_MSG_RESULT(found)
else
$1="$3/missing $2"
AC_MSG_RESULT(missing)
fi
AC_SUBST($1)])
# Like AC_CONFIG_HEADER, but automatically create stamp file.
AC_DEFUN(AM_CONFIG_HEADER,
[AC_PREREQ([2.12])
AC_CONFIG_HEADER([$1])
dnl When config.status generates a header, we must update the stamp-h file.
dnl This file resides in the same directory as the config header
dnl that is generated. We must strip everything past the first ":",
dnl and everything past the last "/".
AC_OUTPUT_COMMANDS(changequote(<<,>>)dnl
ifelse(patsubst(<<$1>>, <<[^ ]>>, <<>>), <<>>,
<<test -z "<<$>>CONFIG_HEADERS" || echo timestamp > patsubst(<<$1>>, <<^\([^:]*/\)?.*>>, <<\1>>)stamp-h<<>>dnl>>,
<<am_indx=1
for am_file in <<$1>>; do
case " <<$>>CONFIG_HEADERS " in
*" <<$>>am_file "*<<)>>
echo timestamp > `echo <<$>>am_file | sed -e 's%:.*%%' -e 's%[^/]*$%%'`stamp-h$am_indx
;;
esac
am_indx=`expr "<<$>>am_indx" + 1`
done<<>>dnl>>)
changequote([,]))])
#serial 1
dnl From Jim Meyering.
dnl Find a new-enough version of Perl.
dnl
AC_DEFUN(jm_PERL,
[
dnl FIXME: don't hard-code 5.003
dnl FIXME: should we cache the result?
AC_MSG_CHECKING([for perl5.003 or newer])
if test "${PERL+set}" = set; then
# `PERL' is set in the user's environment.
candidate_perl_names="$PERL"
perl_specified=yes
else
candidate_perl_names='perl perl5'
perl_specified=no
fi
found=no
AC_SUBST(PERL)
PERL="$missing_dir/missing perl"
for perl in $candidate_perl_names; do
# Run test in a subshell; some versions of sh will print an error if
# an executable is not found, even if stderr is redirected.
if ( $perl -e 'require 5.003' ) > /dev/null 2>&1; then
PERL=$perl
found=yes
break
fi
done
AC_MSG_RESULT($found)
test $found = no && AC_MSG_WARN([
*** You don't seem to have perl5.003 or newer installed.
*** Because of that, you may be unable to regenerate certain files
*** if you modify the sources from which they are derived.] )
])
# serial 40 AC_PROG_LIBTOOL
AC_DEFUN(AC_PROG_LIBTOOL,
[AC_REQUIRE([AC_LIBTOOL_SETUP])dnl
# Save cache, so that ltconfig can load it
AC_CACHE_SAVE
# Actually configure libtool. ac_aux_dir is where install-sh is found.
CC="$CC" CFLAGS="$CFLAGS" CPPFLAGS="$CPPFLAGS" \
LD="$LD" LDFLAGS="$LDFLAGS" LIBS="$LIBS" \
LN_S="$LN_S" NM="$NM" RANLIB="$RANLIB" \
DLLTOOL="$DLLTOOL" AS="$AS" OBJDUMP="$OBJDUMP" \
${CONFIG_SHELL-/bin/sh} $ac_aux_dir/ltconfig --no-reexec \
$libtool_flags --no-verify $ac_aux_dir/ltmain.sh $lt_target \
|| AC_MSG_ERROR([libtool configure failed])
# Reload cache, that may have been modified by ltconfig
AC_CACHE_LOAD
# This can be used to rebuild libtool when needed
LIBTOOL_DEPS="$ac_aux_dir/ltconfig $ac_aux_dir/ltmain.sh"
# Always use our own libtool.
LIBTOOL='$(SHELL) $(top_builddir)/libtool'
AC_SUBST(LIBTOOL)dnl
# Redirect the config.log output again, so that the ltconfig log is not
# clobbered by the next message.
exec 5>>./config.log
])
AC_DEFUN(AC_LIBTOOL_SETUP,
[AC_PREREQ(2.13)dnl
AC_REQUIRE([AC_ENABLE_SHARED])dnl
AC_REQUIRE([AC_ENABLE_STATIC])dnl
AC_REQUIRE([AC_ENABLE_FAST_INSTALL])dnl
AC_REQUIRE([AC_CANONICAL_HOST])dnl
AC_REQUIRE([AC_CANONICAL_BUILD])dnl
AC_REQUIRE([AC_PROG_RANLIB])dnl
AC_REQUIRE([AC_PROG_CC])dnl
AC_REQUIRE([AC_PROG_LD])dnl
AC_REQUIRE([AC_PROG_NM])dnl
AC_REQUIRE([AC_PROG_LN_S])dnl
dnl
case "$target" in
NONE) lt_target="$host" ;;
*) lt_target="$target" ;;
esac
# Check for any special flags to pass to ltconfig.
libtool_flags="--cache-file=$cache_file"
test "$enable_shared" = no && libtool_flags="$libtool_flags --disable-shared"
test "$enable_static" = no && libtool_flags="$libtool_flags --disable-static"
test "$enable_fast_install" = no && libtool_flags="$libtool_flags --disable-fast-install"
test "$ac_cv_prog_gcc" = yes && libtool_flags="$libtool_flags --with-gcc"
test "$ac_cv_prog_gnu_ld" = yes && libtool_flags="$libtool_flags --with-gnu-ld"
ifdef([AC_PROVIDE_AC_LIBTOOL_DLOPEN],
[libtool_flags="$libtool_flags --enable-dlopen"])
ifdef([AC_PROVIDE_AC_LIBTOOL_WIN32_DLL],
[libtool_flags="$libtool_flags --enable-win32-dll"])
AC_ARG_ENABLE(libtool-lock,
[ --disable-libtool-lock avoid locking (might break parallel builds)])
test "x$enable_libtool_lock" = xno && libtool_flags="$libtool_flags --disable-lock"
test x"$silent" = xyes && libtool_flags="$libtool_flags --silent"
# Some flags need to be propagated to the compiler or linker for good
# libtool support.
case "$lt_target" in
*-*-irix6*)
# Find out which ABI we are using.
echo '[#]line __oline__ "configure"' > conftest.$ac_ext
if AC_TRY_EVAL(ac_compile); then
case "`/usr/bin/file conftest.o`" in
*32-bit*)
LD="${LD-ld} -32"
;;
*N32*)
LD="${LD-ld} -n32"
;;
*64-bit*)
LD="${LD-ld} -64"
;;
esac
fi
rm -rf conftest*
;;
*-*-sco3.2v5*)
# On SCO OpenServer 5, we need -belf to get full-featured binaries.
SAVE_CFLAGS="$CFLAGS"
CFLAGS="$CFLAGS -belf"
AC_CACHE_CHECK([whether the C compiler needs -belf], lt_cv_cc_needs_belf,
[AC_LANG_SAVE
AC_LANG_C
AC_TRY_LINK([],[],[lt_cv_cc_needs_belf=yes],[lt_cv_cc_needs_belf=no])
AC_LANG_RESTORE])
if test x"$lt_cv_cc_needs_belf" != x"yes"; then
# this is probably gcc 2.8.0, egcs 1.0 or newer; no need for -belf
CFLAGS="$SAVE_CFLAGS"
fi
;;
ifdef([AC_PROVIDE_AC_LIBTOOL_WIN32_DLL],
[*-*-cygwin* | *-*-mingw*)
AC_CHECK_TOOL(DLLTOOL, dlltool, false)
AC_CHECK_TOOL(AS, as, false)
AC_CHECK_TOOL(OBJDUMP, objdump, false)
;;
])
esac
])
# AC_LIBTOOL_DLOPEN - enable checks for dlopen support
AC_DEFUN(AC_LIBTOOL_DLOPEN, [AC_BEFORE([$0],[AC_LIBTOOL_SETUP])])
# AC_LIBTOOL_WIN32_DLL - declare package support for building win32 dll's
AC_DEFUN(AC_LIBTOOL_WIN32_DLL, [AC_BEFORE([$0], [AC_LIBTOOL_SETUP])])
# AC_ENABLE_SHARED - implement the --enable-shared flag
# Usage: AC_ENABLE_SHARED[(DEFAULT)]
# Where DEFAULT is either `yes' or `no'. If omitted, it defaults to
# `yes'.
AC_DEFUN(AC_ENABLE_SHARED, [dnl
define([AC_ENABLE_SHARED_DEFAULT], ifelse($1, no, no, yes))dnl
AC_ARG_ENABLE(shared,
changequote(<<, >>)dnl
<< --enable-shared[=PKGS] build shared libraries [default=>>AC_ENABLE_SHARED_DEFAULT],
changequote([, ])dnl
[p=${PACKAGE-default}
case "$enableval" in
yes) enable_shared=yes ;;
no) enable_shared=no ;;
*)
enable_shared=no
# Look at the argument we got. We use all the common list separators.
IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS="${IFS}:,"
for pkg in $enableval; do
if test "X$pkg" = "X$p"; then
enable_shared=yes
fi
done
IFS="$ac_save_ifs"
;;
esac],
enable_shared=AC_ENABLE_SHARED_DEFAULT)dnl
])
# AC_DISABLE_SHARED - set the default shared flag to --disable-shared
AC_DEFUN(AC_DISABLE_SHARED, [AC_BEFORE([$0],[AC_LIBTOOL_SETUP])dnl
AC_ENABLE_SHARED(no)])
# AC_ENABLE_STATIC - implement the --enable-static flag
# Usage: AC_ENABLE_STATIC[(DEFAULT)]
# Where DEFAULT is either `yes' or `no'. If omitted, it defaults to
# `yes'.
AC_DEFUN(AC_ENABLE_STATIC, [dnl
define([AC_ENABLE_STATIC_DEFAULT], ifelse($1, no, no, yes))dnl
AC_ARG_ENABLE(static,
changequote(<<, >>)dnl
<< --enable-static[=PKGS] build static libraries [default=>>AC_ENABLE_STATIC_DEFAULT],
changequote([, ])dnl
[p=${PACKAGE-default}
case "$enableval" in
yes) enable_static=yes ;;
no) enable_static=no ;;
*)
enable_static=no
# Look at the argument we got. We use all the common list separators.
IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS="${IFS}:,"
for pkg in $enableval; do
if test "X$pkg" = "X$p"; then
enable_static=yes
fi
done
IFS="$ac_save_ifs"
;;
esac],
enable_static=AC_ENABLE_STATIC_DEFAULT)dnl
])
# AC_DISABLE_STATIC - set the default static flag to --disable-static
AC_DEFUN(AC_DISABLE_STATIC, [AC_BEFORE([$0],[AC_LIBTOOL_SETUP])dnl
AC_ENABLE_STATIC(no)])
# AC_ENABLE_FAST_INSTALL - implement the --enable-fast-install flag
# Usage: AC_ENABLE_FAST_INSTALL[(DEFAULT)]
# Where DEFAULT is either `yes' or `no'. If omitted, it defaults to
# `yes'.
AC_DEFUN(AC_ENABLE_FAST_INSTALL, [dnl
define([AC_ENABLE_FAST_INSTALL_DEFAULT], ifelse($1, no, no, yes))dnl
AC_ARG_ENABLE(fast-install,
changequote(<<, >>)dnl
<< --enable-fast-install[=PKGS] optimize for fast installation [default=>>AC_ENABLE_FAST_INSTALL_DEFAULT],
changequote([, ])dnl
[p=${PACKAGE-default}
case "$enableval" in
yes) enable_fast_install=yes ;;
no) enable_fast_install=no ;;
*)
enable_fast_install=no
# Look at the argument we got. We use all the common list separators.
IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS="${IFS}:,"
for pkg in $enableval; do
if test "X$pkg" = "X$p"; then
enable_fast_install=yes
fi
done
IFS="$ac_save_ifs"
;;
esac],
enable_fast_install=AC_ENABLE_FAST_INSTALL_DEFAULT)dnl
])
# AC_ENABLE_FAST_INSTALL - set the default to --disable-fast-install
AC_DEFUN(AC_DISABLE_FAST_INSTALL, [AC_BEFORE([$0],[AC_LIBTOOL_SETUP])dnl
AC_ENABLE_FAST_INSTALL(no)])
# AC_PROG_LD - find the path to the GNU or non-GNU linker
AC_DEFUN(AC_PROG_LD,
[AC_ARG_WITH(gnu-ld,
[ --with-gnu-ld assume the C compiler uses GNU ld [default=no]],
test "$withval" = no || with_gnu_ld=yes, with_gnu_ld=no)
AC_REQUIRE([AC_PROG_CC])dnl
AC_REQUIRE([AC_CANONICAL_HOST])dnl
AC_REQUIRE([AC_CANONICAL_BUILD])dnl
ac_prog=ld
if test "$ac_cv_prog_gcc" = yes; then
# Check if gcc -print-prog-name=ld gives a path.
AC_MSG_CHECKING([for ld used by GCC])
ac_prog=`($CC -print-prog-name=ld) 2>&5`
case "$ac_prog" in
# Accept absolute paths.
changequote(,)dnl
[\\/]* | [A-Za-z]:[\\/]*)
re_direlt='/[^/][^/]*/\.\./'
changequote([,])dnl
# Canonicalize the path of ld
ac_prog=`echo $ac_prog| sed 's%\\\\%/%g'`
while echo $ac_prog | grep "$re_direlt" > /dev/null 2>&1; do
ac_prog=`echo $ac_prog| sed "s%$re_direlt%/%"`
done
test -z "$LD" && LD="$ac_prog"
;;
"")
# If it fails, then pretend we aren't using GCC.
ac_prog=ld
;;
*)
# If it is relative, then search for the first ld in PATH.
with_gnu_ld=unknown
;;
esac
elif test "$with_gnu_ld" = yes; then
AC_MSG_CHECKING([for GNU ld])
else
AC_MSG_CHECKING([for non-GNU ld])
fi
AC_CACHE_VAL(ac_cv_path_LD,
[if test -z "$LD"; then
IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS="${IFS}${PATH_SEPARATOR-:}"
for ac_dir in $PATH; do
test -z "$ac_dir" && ac_dir=.
if test -f "$ac_dir/$ac_prog" || test -f "$ac_dir/$ac_prog$ac_exeext"; then
ac_cv_path_LD="$ac_dir/$ac_prog"
# Check to see if the program is GNU ld. I'd rather use --version,
# but apparently some GNU ld's only accept -v.
# Break only if it was the GNU/non-GNU ld that we prefer.
if "$ac_cv_path_LD" -v 2>&1 < /dev/null | egrep '(GNU|with BFD)' > /dev/null; then
test "$with_gnu_ld" != no && break
else
test "$with_gnu_ld" != yes && break
fi
fi
done
IFS="$ac_save_ifs"
else
ac_cv_path_LD="$LD" # Let the user override the test with a path.
fi])
LD="$ac_cv_path_LD"
if test -n "$LD"; then
AC_MSG_RESULT($LD)
else
AC_MSG_RESULT(no)
fi
test -z "$LD" && AC_MSG_ERROR([no acceptable ld found in \$PATH])
AC_PROG_LD_GNU
])
AC_DEFUN(AC_PROG_LD_GNU,
[AC_CACHE_CHECK([if the linker ($LD) is GNU ld], ac_cv_prog_gnu_ld,
[# I'd rather use --version here, but apparently some GNU ld's only accept -v.
if $LD -v 2>&1 </dev/null | egrep '(GNU|with BFD)' 1>&5; then
ac_cv_prog_gnu_ld=yes
else
ac_cv_prog_gnu_ld=no
fi])
])
# AC_PROG_NM - find the path to a BSD-compatible name lister
AC_DEFUN(AC_PROG_NM,
[AC_MSG_CHECKING([for BSD-compatible nm])
AC_CACHE_VAL(ac_cv_path_NM,
[if test -n "$NM"; then
# Let the user override the test.
ac_cv_path_NM="$NM"
else
IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS="${IFS}${PATH_SEPARATOR-:}"
for ac_dir in $PATH /usr/ccs/bin /usr/ucb /bin; do
test -z "$ac_dir" && ac_dir=.
if test -f $ac_dir/nm || test -f $ac_dir/nm$ac_exeext ; then
# Check to see if the nm accepts a BSD-compat flag.
# Adding the `sed 1q' prevents false positives on HP-UX, which says:
# nm: unknown option "B" ignored
if ($ac_dir/nm -B /dev/null 2>&1 | sed '1q'; exit 0) | egrep /dev/null >/dev/null; then
ac_cv_path_NM="$ac_dir/nm -B"
break
elif ($ac_dir/nm -p /dev/null 2>&1 | sed '1q'; exit 0) | egrep /dev/null >/dev/null; then
ac_cv_path_NM="$ac_dir/nm -p"
break
else
ac_cv_path_NM=${ac_cv_path_NM="$ac_dir/nm"} # keep the first match, but
continue # so that we can try to find one that supports BSD flags
fi
fi
done
IFS="$ac_save_ifs"
test -z "$ac_cv_path_NM" && ac_cv_path_NM=nm
fi])
NM="$ac_cv_path_NM"
AC_MSG_RESULT([$NM])
])
# AC_CHECK_LIBM - check for math library
AC_DEFUN(AC_CHECK_LIBM,
[AC_REQUIRE([AC_CANONICAL_HOST])dnl
LIBM=
case "$lt_target" in
*-*-beos* | *-*-cygwin*)
# These system don't have libm
;;
*-ncr-sysv4.3*)
AC_CHECK_LIB(mw, _mwvalidcheckl, LIBM="-lmw")
AC_CHECK_LIB(m, main, LIBM="$LIBM -lm")
;;
*)
AC_CHECK_LIB(m, main, LIBM="-lm")
;;
esac
])
# AC_LIBLTDL_CONVENIENCE[(dir)] - sets LIBLTDL to the link flags for
# the libltdl convenience library, adds --enable-ltdl-convenience to
# the configure arguments. Note that LIBLTDL is not AC_SUBSTed, nor
# is AC_CONFIG_SUBDIRS called. If DIR is not provided, it is assumed
# to be `${top_builddir}/libltdl'. Make sure you start DIR with
# '${top_builddir}/' (note the single quotes!) if your package is not
# flat, and, if you're not using automake, define top_builddir as
# appropriate in the Makefiles.
AC_DEFUN(AC_LIBLTDL_CONVENIENCE, [AC_BEFORE([$0],[AC_LIBTOOL_SETUP])dnl
case "$enable_ltdl_convenience" in
no) AC_MSG_ERROR([this package needs a convenience libltdl]) ;;
"") enable_ltdl_convenience=yes
ac_configure_args="$ac_configure_args --enable-ltdl-convenience" ;;
esac
LIBLTDL=ifelse($#,1,$1,['${top_builddir}/libltdl'])/libltdlc.la
INCLTDL=ifelse($#,1,-I$1,['-I${top_builddir}/libltdl'])
])
# AC_LIBLTDL_INSTALLABLE[(dir)] - sets LIBLTDL to the link flags for
# the libltdl installable library, and adds --enable-ltdl-install to
# the configure arguments. Note that LIBLTDL is not AC_SUBSTed, nor
# is AC_CONFIG_SUBDIRS called. If DIR is not provided, it is assumed
# to be `${top_builddir}/libltdl'. Make sure you start DIR with
# '${top_builddir}/' (note the single quotes!) if your package is not
# flat, and, if you're not using automake, define top_builddir as
# appropriate in the Makefiles.
# In the future, this macro may have to be called after AC_PROG_LIBTOOL.
AC_DEFUN(AC_LIBLTDL_INSTALLABLE, [AC_BEFORE([$0],[AC_LIBTOOL_SETUP])dnl
AC_CHECK_LIB(ltdl, main,
[test x"$enable_ltdl_install" != xyes && enable_ltdl_install=no],
[if test x"$enable_ltdl_install" = xno; then
AC_MSG_WARN([libltdl not installed, but installation disabled])
else
enable_ltdl_install=yes
fi
])
if test x"$enable_ltdl_install" = x"yes"; then
ac_configure_args="$ac_configure_args --enable-ltdl-install"
LIBLTDL=ifelse($#,1,$1,['${top_builddir}/libltdl'])/libltdl.la
INCLTDL=ifelse($#,1,-I$1,['-I${top_builddir}/libltdl'])
else
ac_configure_args="$ac_configure_args --enable-ltdl-install=no"
LIBLTDL="-lltdl"
INCLTDL=
fi
])
dnl old names
AC_DEFUN(AM_PROG_LIBTOOL, [indir([AC_PROG_LIBTOOL])])dnl
AC_DEFUN(AM_ENABLE_SHARED, [indir([AC_ENABLE_SHARED], $@)])dnl
AC_DEFUN(AM_ENABLE_STATIC, [indir([AC_ENABLE_STATIC], $@)])dnl
AC_DEFUN(AM_DISABLE_SHARED, [indir([AC_DISABLE_SHARED], $@)])dnl
AC_DEFUN(AM_DISABLE_STATIC, [indir([AC_DISABLE_STATIC], $@)])dnl
AC_DEFUN(AM_PROG_LD, [indir([AC_PROG_LD])])dnl
AC_DEFUN(AM_PROG_NM, [indir([AC_PROG_NM])])dnl
dnl This is just to silence aclocal about the macro not being used
ifelse([AC_DISABLE_FAST_INSTALL])dnl
#serial 1
dnl From Jim Meyering.
dnl Determine whether malloc accepts 0 as its argument.
dnl If it doesn't, arrange to use the replacement function.
dnl
dnl If you use this macro in a package, you should
dnl add the following two lines to acconfig.h:
dnl /* Define to rpl_malloc if the replacement function should be used. */
dnl #undef malloc
dnl
AC_DEFUN(jm_FUNC_MALLOC,
[
if test x = y; then
dnl This code is deliberately never run via ./configure.
dnl FIXME: this is a gross hack to make autoheader put an entry
dnl for this symbol in config.h.in.
AC_CHECK_FUNCS(DONE_WORKING_MALLOC_CHECK)
fi
dnl xmalloc.c requires that this symbol be defined so it doesn't
dnl mistakenly use a broken malloc -- as it might if this test were omitted.
ac_kludge=HAVE_DONE_WORKING_MALLOC_CHECK
AC_DEFINE_UNQUOTED($ac_kludge)
AC_CACHE_CHECK([for working malloc], jm_cv_func_working_malloc,
[AC_TRY_RUN([
char *malloc ();
int
main ()
{
exit (malloc (0) ? 0 : 1);
}
],
jm_cv_func_working_malloc=yes,
jm_cv_func_working_malloc=no,
dnl When crosscompiling, assume malloc is broken.
jm_cv_func_working_malloc=no)
])
if test $jm_cv_func_working_malloc = no; then
LIBOBJS="$LIBOBJS malloc.o"
AC_DEFINE_UNQUOTED(malloc, rpl_malloc)
fi
])
#serial 1
dnl From Jim Meyering.
dnl Determine whether realloc works when both arguments are 0.
dnl If it doesn't, arrange to use the replacement function.
dnl
dnl If you use this macro in a package, you should
dnl add the following two lines to acconfig.h:
dnl /* Define to rpl_realloc if the replacement function should be used. */
dnl #undef realloc
dnl
AC_DEFUN(jm_FUNC_REALLOC,
[
if test x = y; then
dnl This code is deliberately never run via ./configure.
dnl FIXME: this is a gross hack to make autoheader put an entry
dnl for this symbol in config.h.in.
AC_CHECK_FUNCS(DONE_WORKING_REALLOC_CHECK)
fi
dnl xmalloc.c requires that this symbol be defined so it doesn't
dnl mistakenly use a broken realloc -- as it might if this test were omitted.
ac_kludge=HAVE_DONE_WORKING_REALLOC_CHECK
AC_DEFINE_UNQUOTED($ac_kludge)
AC_CACHE_CHECK([for working realloc], jm_cv_func_working_realloc,
[AC_TRY_RUN([
char *realloc ();
int
main ()
{
exit (realloc (0, 0) ? 0 : 1);
}
],
jm_cv_func_working_realloc=yes,
jm_cv_func_working_realloc=no,
dnl When crosscompiling, assume realloc is broken.
jm_cv_func_working_realloc=no)
])
if test $jm_cv_func_working_realloc = no; then
LIBOBJS="$LIBOBJS realloc.o"
AC_DEFINE_UNQUOTED(realloc, rpl_realloc)
fi
])

15
cipher/Makefile.am Normal file
View file

@ -0,0 +1,15 @@
## Process this file with automake to get Makefile.in
SUBDIRS = blowfish idea
noinst_LTLIBRARIES = libcipher.la
INCLUDES = -I. -I$(top_builddir) -I$(top_srcdir)/src
libcipher_la_SOURCES = cipher.c
libcipher_la_LDFLAGS =
noinst_HEADERS = cipher.h
CFLAGS += -DPKGLIBDIR="\"$(pkglibdir)/\""

46
cipher/blowfish/COPYRIGHT Normal file
View file

@ -0,0 +1,46 @@
Copyright (C) 1995-1997 Eric Young (eay@mincom.oz.au)
All rights reserved.
This package is an Blowfish implementation written
by Eric Young (eay@mincom.oz.au).
This library is free for commercial and non-commercial use as long as
the following conditions are aheared to. The following conditions
apply to all code found in this distribution.
Copyright remains Eric Young's, and as such any Copyright notices in
the code are not to be removed.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. All advertising materials mentioning features or use of this software
must display the following acknowledgement:
This product includes software developed by Eric Young (eay@mincom.oz.au)
THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
SUCH DAMAGE.
The license and distribution terms for any publically available version or
derivative of this code cannot be changed. i.e. this code cannot simply be
copied and put under another distrubution license
[including the GNU Public License.]
The reason behind this being stated in this direct manner is past
experience in code simply being copied and the attribution removed
from it and then being distributed as part of other packages. This
implementation was a non-trivial and unpaid effort.

14
cipher/blowfish/INSTALL Normal file
View file

@ -0,0 +1,14 @@
This Eric Young's blowfish implementation, taken from his SSLeay library
and made available as a separate library.
The version number (0.7.2m) is the SSLeay version that this library was
taken from.
To build, just unpack and type make.
If you are not using gcc, edit the Makefile.
If you are compiling for an x86 box, try the assembler (it needs improving).
There are also some compile time options that can improve performance,
these are documented in the Makefile.
eric 15-Apr-1997

14
cipher/blowfish/Makefile.am Normal file
View file

@ -0,0 +1,14 @@
## Process this file with automake to produce Makefile.in
pkglib_LTLIBRARIES = libblowfish.la
INCLUDES = -I.. -I$(srcdir)
libblowfish_la_SOURCES = bf_skey.c bf_ecb.c bf_enc.c bf_cbc.c \
bf_cfb64.c bf_ofb64.c
libblowfish_la_LDFLAGS = -version-info 0:1:0 -export-dynamic
noinst_HEADERS = bf_locl.h blowfish.h bf_pi.h
EXTRA_DIST = COPYRIGHT README

12
cipher/blowfish/README Normal file
View file

@ -0,0 +1,12 @@
This comes straight from the libbf package. What follows is the
original README. The copyright for these files is in the COPYRIGHT
file. -- IT.
This is a quick packaging up of my blowfish code into a library.
It has been lifted from SSLeay.
The copyright notices seem a little harsh because I have not spent the
time to rewrite the conditions from the normal SSLeay ones.
Basically if you just want to play with the library, not a problem.
eric 15-Apr-1997

148
cipher/blowfish/bf_cbc.c Normal file
View file

@ -0,0 +1,148 @@
/* crypto/bf/bf_cbc.c */
/* Copyright (C) 1995-1997 Eric Young (eay@mincom.oz.au)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@mincom.oz.au).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@mincom.oz.au).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@mincom.oz.au)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@mincom.oz.au)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include "blowfish.h"
#include "bf_locl.h"
void BF_cbc_encrypt(in, out, length, ks, iv, encrypt)
unsigned char *in;
unsigned char *out;
long length;
BF_KEY *ks;
unsigned char *iv;
int encrypt;
{
register BF_LONG tin0,tin1;
register BF_LONG tout0,tout1,xor0,xor1;
register long l=length;
BF_LONG tin[2];
if (encrypt)
{
n2l(iv,tout0);
n2l(iv,tout1);
iv-=8;
for (l-=8; l>=0; l-=8)
{
n2l(in,tin0);
n2l(in,tin1);
tin0^=tout0;
tin1^=tout1;
tin[0]=tin0;
tin[1]=tin1;
BF_encrypt(tin,ks,BF_ENCRYPT);
tout0=tin[0];
tout1=tin[1];
l2n(tout0,out);
l2n(tout1,out);
}
if (l != -8)
{
n2ln(in,tin0,tin1,l+8);
tin0^=tout0;
tin1^=tout1;
tin[0]=tin0;
tin[1]=tin1;
BF_encrypt(tin,ks,BF_ENCRYPT);
tout0=tin[0];
tout1=tin[1];
l2n(tout0,out);
l2n(tout1,out);
}
l2n(tout0,iv);
l2n(tout1,iv);
}
else
{
n2l(iv,xor0);
n2l(iv,xor1);
iv-=8;
for (l-=8; l>=0; l-=8)
{
n2l(in,tin0);
n2l(in,tin1);
tin[0]=tin0;
tin[1]=tin1;
BF_encrypt(tin,ks,BF_DECRYPT);
tout0=tin[0]^xor0;
tout1=tin[1]^xor1;
l2n(tout0,out);
l2n(tout1,out);
xor0=tin0;
xor1=tin1;
}
if (l != -8)
{
n2l(in,tin0);
n2l(in,tin1);
tin[0]=tin0;
tin[1]=tin1;
BF_encrypt(tin,ks,BF_DECRYPT);
tout0=tin[0]^xor0;
tout1=tin[1]^xor1;
l2nn(tout0,tout1,out,l+8);
xor0=tin0;
xor1=tin1;
}
l2n(xor0,iv);
l2n(xor1,iv);
}
tin0=tin1=tout0=tout1=xor0=xor1=0;
tin[0]=tin[1]=0;
}

127
cipher/blowfish/bf_cfb64.c Normal file
View file

@ -0,0 +1,127 @@
/* crypto/bf/bf_cfb64.c */
/* Copyright (C) 1995-1997 Eric Young (eay@mincom.oz.au)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@mincom.oz.au).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@mincom.oz.au).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@mincom.oz.au)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@mincom.oz.au)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include "blowfish.h"
#include "bf_locl.h"
/* The input and output encrypted as though 64bit cfb mode is being
* used. The extra state information to record how much of the
* 64bit block we have used is contained in *num;
*/
void BF_cfb64_encrypt(in, out, length, schedule, ivec, num, encrypt)
unsigned char *in;
unsigned char *out;
long length;
BF_KEY *schedule;
unsigned char *ivec;
int *num;
int encrypt;
{
register BF_LONG v0,v1,t;
register int n= *num;
register long l=length;
BF_LONG ti[2];
unsigned char *iv,c,cc;
iv=(unsigned char *)ivec;
if (encrypt)
{
while (l--)
{
if (n == 0)
{
n2l(iv,v0); ti[0]=v0;
n2l(iv,v1); ti[1]=v1;
BF_encrypt((unsigned long *)ti,schedule,BF_ENCRYPT);
iv=(unsigned char *)ivec;
t=ti[0]; l2n(t,iv);
t=ti[1]; l2n(t,iv);
iv=(unsigned char *)ivec;
}
c= *(in++)^iv[n];
*(out++)=c;
iv[n]=c;
n=(n+1)&0x07;
}
}
else
{
while (l--)
{
if (n == 0)
{
n2l(iv,v0); ti[0]=v0;
n2l(iv,v1); ti[1]=v1;
BF_encrypt((unsigned long *)ti,schedule,BF_ENCRYPT);
iv=(unsigned char *)ivec;
t=ti[0]; l2n(t,iv);
t=ti[1]; l2n(t,iv);
iv=(unsigned char *)ivec;
}
cc= *(in++);
c=iv[n];
iv[n]=cc;
*(out++)=c^cc;
n=(n+1)&0x07;
}
}
v0=v1=ti[0]=ti[1]=t=c=cc=0;
*num=n;
}

95
cipher/blowfish/bf_ecb.c Normal file
View file

@ -0,0 +1,95 @@
/* crypto/bf/bf_ecb.c */
/* Copyright (C) 1995-1997 Eric Young (eay@mincom.oz.au)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@mincom.oz.au).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@mincom.oz.au).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@mincom.oz.au)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@mincom.oz.au)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include "blowfish.h"
#include "bf_locl.h"
/* Blowfish as implemented from 'Blowfish: Springer-Verlag paper'
* (From LECTURE NOTES IN COIMPUTER SCIENCE 809, FAST SOFTWARE ENCRYPTION,
* CAMBRIDGE SECURITY WORKSHOP, CAMBRIDGE, U.K., DECEMBER 9-11, 1993)
*/
char *BF_version="BlowFish part of SSLeay 0.7.0 30-Jan-1997";
char *BF_options()
{
#ifdef BF_PTR
return("blowfish(ptr)");
#elif defined(BF_PTR2)
return("blowfish(ptr2)");
#else
return("blowfish(idx)");
#endif
}
void BF_ecb_encrypt(in, out, ks, encrypt)
unsigned char *in;
unsigned char *out;
BF_KEY *ks;
int encrypt;
{
BF_LONG l,d[2];
n2l(in,l); d[0]=l;
n2l(in,l); d[1]=l;
BF_encrypt(d,ks,encrypt);
l=d[0]; l2n(l,out);
l=d[1]; l2n(l,out);
l=d[0]=d[1]=0;
}

140
cipher/blowfish/bf_enc.c Normal file
View file

@ -0,0 +1,140 @@
/* crypto/bf/bf_enc.c */
/* Copyright (C) 1995-1997 Eric Young (eay@mincom.oz.au)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@mincom.oz.au).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@mincom.oz.au).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@mincom.oz.au)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@mincom.oz.au)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include "blowfish.h"
#include "bf_locl.h"
/* Blowfish as implemented from 'Blowfish: Springer-Verlag paper'
* (From LECTURE NOTES IN COIMPUTER SCIENCE 809, FAST SOFTWARE ENCRYPTION,
* CAMBRIDGE SECURITY WORKSHOP, CAMBRIDGE, U.K., DECEMBER 9-11, 1993)
*/
#if (BF_ROUNDS != 16) && (BF_ROUNDS != 20)
If you set BF_ROUNDS to some value other than 16 or 20, you will have
to modify the code.
#endif
void BF_encrypt(data,key,encrypt)
BF_LONG *data;
BF_KEY *key;
int encrypt;
{
register BF_LONG l,r,*p,*s;
p=key->P;
s= &(key->S[0]);
l=data[0];
r=data[1];
if (encrypt)
{
l^=p[0];
BF_ENC(r,l,s,p[ 1]);
BF_ENC(l,r,s,p[ 2]);
BF_ENC(r,l,s,p[ 3]);
BF_ENC(l,r,s,p[ 4]);
BF_ENC(r,l,s,p[ 5]);
BF_ENC(l,r,s,p[ 6]);
BF_ENC(r,l,s,p[ 7]);
BF_ENC(l,r,s,p[ 8]);
BF_ENC(r,l,s,p[ 9]);
BF_ENC(l,r,s,p[10]);
BF_ENC(r,l,s,p[11]);
BF_ENC(l,r,s,p[12]);
BF_ENC(r,l,s,p[13]);
BF_ENC(l,r,s,p[14]);
BF_ENC(r,l,s,p[15]);
BF_ENC(l,r,s,p[16]);
#if BF_ROUNDS == 20
BF_ENC(r,l,s,p[17]);
BF_ENC(l,r,s,p[18]);
BF_ENC(r,l,s,p[19]);
BF_ENC(l,r,s,p[20]);
#endif
r^=p[BF_ROUNDS+1];
}
else
{
l^=p[BF_ROUNDS+1];
#if BF_ROUNDS == 20
BF_ENC(r,l,s,p[20]);
BF_ENC(l,r,s,p[19]);
BF_ENC(r,l,s,p[18]);
BF_ENC(l,r,s,p[17]);
#endif
BF_ENC(r,l,s,p[16]);
BF_ENC(l,r,s,p[15]);
BF_ENC(r,l,s,p[14]);
BF_ENC(l,r,s,p[13]);
BF_ENC(r,l,s,p[12]);
BF_ENC(l,r,s,p[11]);
BF_ENC(r,l,s,p[10]);
BF_ENC(l,r,s,p[ 9]);
BF_ENC(r,l,s,p[ 8]);
BF_ENC(l,r,s,p[ 7]);
BF_ENC(r,l,s,p[ 6]);
BF_ENC(l,r,s,p[ 5]);
BF_ENC(r,l,s,p[ 4]);
BF_ENC(l,r,s,p[ 3]);
BF_ENC(r,l,s,p[ 2]);
BF_ENC(l,r,s,p[ 1]);
r^=p[0];
}
data[1]=l&0xffffffff;
data[0]=r&0xffffffff;
}

215
cipher/blowfish/bf_locl.h Normal file
View file

@ -0,0 +1,215 @@
/* crypto/bf/bf_local.h */
/* Copyright (C) 1995-1997 Eric Young (eay@mincom.oz.au)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@mincom.oz.au).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@mincom.oz.au).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@mincom.oz.au)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@mincom.oz.au)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
*
* Always modify bf_locl.org since bf_locl.h is automatically generated from
* it during SSLeay configuration.
*
* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
*/
#undef c2l
#define c2l(c,l) (l =((unsigned long)(*((c)++))) , \
l|=((unsigned long)(*((c)++)))<< 8L, \
l|=((unsigned long)(*((c)++)))<<16L, \
l|=((unsigned long)(*((c)++)))<<24L)
/* NOTE - c is not incremented as per c2l */
#undef c2ln
#define c2ln(c,l1,l2,n) { \
c+=n; \
l1=l2=0; \
switch (n) { \
case 8: l2 =((unsigned long)(*(--(c))))<<24L; \
case 7: l2|=((unsigned long)(*(--(c))))<<16L; \
case 6: l2|=((unsigned long)(*(--(c))))<< 8L; \
case 5: l2|=((unsigned long)(*(--(c)))); \
case 4: l1 =((unsigned long)(*(--(c))))<<24L; \
case 3: l1|=((unsigned long)(*(--(c))))<<16L; \
case 2: l1|=((unsigned long)(*(--(c))))<< 8L; \
case 1: l1|=((unsigned long)(*(--(c)))); \
} \
}
#undef l2c
#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
*((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
*((c)++)=(unsigned char)(((l)>>16L)&0xff), \
*((c)++)=(unsigned char)(((l)>>24L)&0xff))
/* NOTE - c is not incremented as per l2c */
#undef l2cn
#define l2cn(l1,l2,c,n) { \
c+=n; \
switch (n) { \
case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \
case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \
} \
}
/* NOTE - c is not incremented as per n2l */
#define n2ln(c,l1,l2,n) { \
c+=n; \
l1=l2=0; \
switch (n) { \
case 8: l2 =((unsigned long)(*(--(c)))) ; \
case 7: l2|=((unsigned long)(*(--(c))))<< 8; \
case 6: l2|=((unsigned long)(*(--(c))))<<16; \
case 5: l2|=((unsigned long)(*(--(c))))<<24; \
case 4: l1 =((unsigned long)(*(--(c)))) ; \
case 3: l1|=((unsigned long)(*(--(c))))<< 8; \
case 2: l1|=((unsigned long)(*(--(c))))<<16; \
case 1: l1|=((unsigned long)(*(--(c))))<<24; \
} \
}
/* NOTE - c is not incremented as per l2n */
#define l2nn(l1,l2,c,n) { \
c+=n; \
switch (n) { \
case 8: *(--(c))=(unsigned char)(((l2) )&0xff); \
case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
case 4: *(--(c))=(unsigned char)(((l1) )&0xff); \
case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
} \
}
#undef n2l
#define n2l(c,l) (l =((unsigned long)(*((c)++)))<<24L, \
l|=((unsigned long)(*((c)++)))<<16L, \
l|=((unsigned long)(*((c)++)))<< 8L, \
l|=((unsigned long)(*((c)++))))
#undef l2n
#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
*((c)++)=(unsigned char)(((l)>>16L)&0xff), \
*((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
*((c)++)=(unsigned char)(((l) )&0xff))
/* This is actually a big endian algorithm, the most significate byte
* is used to lookup array 0 */
/* use BF_PTR2 for intel boxes,
* BF_PTR for sparc and MIPS/SGI
* use nothing for Alpha and HP.
*/
#if !defined(BF_PTR) && !defined(BF_PTR2)
#undef BF_PTR
#endif
#define BF_M 0x3fc
#define BF_0 22L
#define BF_1 14L
#define BF_2 6L
#define BF_3 2L /* left shift */
#if defined(BF_PTR2)
/* This is basically a special pentium verson */
#define BF_ENC(LL,R,S,P) \
{ \
BF_LONG t,u,v; \
u=R>>BF_0; \
v=R>>BF_1; \
u&=BF_M; \
v&=BF_M; \
t= *(BF_LONG *)((unsigned char *)&(S[ 0])+u); \
u=R>>BF_2; \
t+= *(BF_LONG *)((unsigned char *)&(S[256])+v); \
v=R<<BF_3; \
u&=BF_M; \
v&=BF_M; \
t^= *(BF_LONG *)((unsigned char *)&(S[512])+u); \
LL^=P; \
t+= *(BF_LONG *)((unsigned char *)&(S[768])+v); \
LL^=t; \
}
#elif defined(BF_PTR)
/* This is normally very good */
#define BF_ENC(LL,R,S,P) \
LL^=P; \
LL^= (((*(BF_LONG *)((unsigned char *)&(S[ 0])+((R>>BF_0)&BF_M))+ \
*(BF_LONG *)((unsigned char *)&(S[256])+((R>>BF_1)&BF_M)))^ \
*(BF_LONG *)((unsigned char *)&(S[512])+((R>>BF_2)&BF_M)))+ \
*(BF_LONG *)((unsigned char *)&(S[768])+((R<<BF_3)&BF_M)));
#else
/* This will always work, even on 64 bit machines and strangly enough,
* on the Alpha it is faster than the pointer versions (both 32 and 64
* versions of BF_LONG) */
#define BF_ENC(LL,R,S,P) \
LL^=P; \
LL^=((( S[ (R>>24L) ] + \
S[0x0100+((R>>16L)&0xff)])^ \
S[0x0200+((R>> 8L)&0xff)])+ \
S[0x0300+((R )&0xff)])&0xffffffff;
#endif

115
cipher/blowfish/bf_ofb64.c Normal file
View file

@ -0,0 +1,115 @@
/* crypto/bf/bf_ofb64.c */
/* Copyright (C) 1995-1997 Eric Young (eay@mincom.oz.au)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@mincom.oz.au).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@mincom.oz.au).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@mincom.oz.au)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@mincom.oz.au)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include "blowfish.h"
#include "bf_locl.h"
/* The input and output encrypted as though 64bit ofb mode is being
* used. The extra state information to record how much of the
* 64bit block we have used is contained in *num;
*/
void BF_ofb64_encrypt(in, out, length, schedule, ivec, num)
unsigned char *in;
unsigned char *out;
long length;
BF_KEY *schedule;
unsigned char *ivec;
int *num;
{
register unsigned long v0,v1,t;
register int n= *num;
register long l=length;
unsigned char d[8];
register char *dp;
unsigned long ti[2];
unsigned char *iv;
int save=0;
iv=(unsigned char *)ivec;
n2l(iv,v0);
n2l(iv,v1);
ti[0]=v0;
ti[1]=v1;
dp=(char *)d;
l2n(v0,dp);
l2n(v1,dp);
while (l--)
{
if (n == 0)
{
BF_encrypt((unsigned long *)ti,schedule,BF_ENCRYPT);
dp=(char *)d;
t=ti[0]; l2n(t,dp);
t=ti[1]; l2n(t,dp);
save++;
}
*(out++)= *(in++)^d[n];
n=(n+1)&0x07;
}
if (save)
{
v0=ti[0];
v1=ti[1];
iv=(unsigned char *)ivec;
l2n(v0,iv);
l2n(v1,iv);
}
t=v0=v1=ti[0]=ti[1]=0;
*num=n;
}

325
cipher/blowfish/bf_pi.h Normal file
View file

@ -0,0 +1,325 @@
/* crypto/bf/bf_pi.h */
/* Copyright (C) 1995-1997 Eric Young (eay@mincom.oz.au)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@mincom.oz.au).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@mincom.oz.au).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@mincom.oz.au)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@mincom.oz.au)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
static BF_KEY bf_init= {
{
0x243f6a88L, 0x85a308d3L, 0x13198a2eL, 0x03707344L,
0xa4093822L, 0x299f31d0L, 0x082efa98L, 0xec4e6c89L,
0x452821e6L, 0x38d01377L, 0xbe5466cfL, 0x34e90c6cL,
0xc0ac29b7L, 0xc97c50ddL, 0x3f84d5b5L, 0xb5470917L,
0x9216d5d9L, 0x8979fb1b
},{
0xd1310ba6L, 0x98dfb5acL, 0x2ffd72dbL, 0xd01adfb7L,
0xb8e1afedL, 0x6a267e96L, 0xba7c9045L, 0xf12c7f99L,
0x24a19947L, 0xb3916cf7L, 0x0801f2e2L, 0x858efc16L,
0x636920d8L, 0x71574e69L, 0xa458fea3L, 0xf4933d7eL,
0x0d95748fL, 0x728eb658L, 0x718bcd58L, 0x82154aeeL,
0x7b54a41dL, 0xc25a59b5L, 0x9c30d539L, 0x2af26013L,
0xc5d1b023L, 0x286085f0L, 0xca417918L, 0xb8db38efL,
0x8e79dcb0L, 0x603a180eL, 0x6c9e0e8bL, 0xb01e8a3eL,
0xd71577c1L, 0xbd314b27L, 0x78af2fdaL, 0x55605c60L,
0xe65525f3L, 0xaa55ab94L, 0x57489862L, 0x63e81440L,
0x55ca396aL, 0x2aab10b6L, 0xb4cc5c34L, 0x1141e8ceL,
0xa15486afL, 0x7c72e993L, 0xb3ee1411L, 0x636fbc2aL,
0x2ba9c55dL, 0x741831f6L, 0xce5c3e16L, 0x9b87931eL,
0xafd6ba33L, 0x6c24cf5cL, 0x7a325381L, 0x28958677L,
0x3b8f4898L, 0x6b4bb9afL, 0xc4bfe81bL, 0x66282193L,
0x61d809ccL, 0xfb21a991L, 0x487cac60L, 0x5dec8032L,
0xef845d5dL, 0xe98575b1L, 0xdc262302L, 0xeb651b88L,
0x23893e81L, 0xd396acc5L, 0x0f6d6ff3L, 0x83f44239L,
0x2e0b4482L, 0xa4842004L, 0x69c8f04aL, 0x9e1f9b5eL,
0x21c66842L, 0xf6e96c9aL, 0x670c9c61L, 0xabd388f0L,
0x6a51a0d2L, 0xd8542f68L, 0x960fa728L, 0xab5133a3L,
0x6eef0b6cL, 0x137a3be4L, 0xba3bf050L, 0x7efb2a98L,
0xa1f1651dL, 0x39af0176L, 0x66ca593eL, 0x82430e88L,
0x8cee8619L, 0x456f9fb4L, 0x7d84a5c3L, 0x3b8b5ebeL,
0xe06f75d8L, 0x85c12073L, 0x401a449fL, 0x56c16aa6L,
0x4ed3aa62L, 0x363f7706L, 0x1bfedf72L, 0x429b023dL,
0x37d0d724L, 0xd00a1248L, 0xdb0fead3L, 0x49f1c09bL,
0x075372c9L, 0x80991b7bL, 0x25d479d8L, 0xf6e8def7L,
0xe3fe501aL, 0xb6794c3bL, 0x976ce0bdL, 0x04c006baL,
0xc1a94fb6L, 0x409f60c4L, 0x5e5c9ec2L, 0x196a2463L,
0x68fb6fafL, 0x3e6c53b5L, 0x1339b2ebL, 0x3b52ec6fL,
0x6dfc511fL, 0x9b30952cL, 0xcc814544L, 0xaf5ebd09L,
0xbee3d004L, 0xde334afdL, 0x660f2807L, 0x192e4bb3L,
0xc0cba857L, 0x45c8740fL, 0xd20b5f39L, 0xb9d3fbdbL,
0x5579c0bdL, 0x1a60320aL, 0xd6a100c6L, 0x402c7279L,
0x679f25feL, 0xfb1fa3ccL, 0x8ea5e9f8L, 0xdb3222f8L,
0x3c7516dfL, 0xfd616b15L, 0x2f501ec8L, 0xad0552abL,
0x323db5faL, 0xfd238760L, 0x53317b48L, 0x3e00df82L,
0x9e5c57bbL, 0xca6f8ca0L, 0x1a87562eL, 0xdf1769dbL,
0xd542a8f6L, 0x287effc3L, 0xac6732c6L, 0x8c4f5573L,
0x695b27b0L, 0xbbca58c8L, 0xe1ffa35dL, 0xb8f011a0L,
0x10fa3d98L, 0xfd2183b8L, 0x4afcb56cL, 0x2dd1d35bL,
0x9a53e479L, 0xb6f84565L, 0xd28e49bcL, 0x4bfb9790L,
0xe1ddf2daL, 0xa4cb7e33L, 0x62fb1341L, 0xcee4c6e8L,
0xef20cadaL, 0x36774c01L, 0xd07e9efeL, 0x2bf11fb4L,
0x95dbda4dL, 0xae909198L, 0xeaad8e71L, 0x6b93d5a0L,
0xd08ed1d0L, 0xafc725e0L, 0x8e3c5b2fL, 0x8e7594b7L,
0x8ff6e2fbL, 0xf2122b64L, 0x8888b812L, 0x900df01cL,
0x4fad5ea0L, 0x688fc31cL, 0xd1cff191L, 0xb3a8c1adL,
0x2f2f2218L, 0xbe0e1777L, 0xea752dfeL, 0x8b021fa1L,
0xe5a0cc0fL, 0xb56f74e8L, 0x18acf3d6L, 0xce89e299L,
0xb4a84fe0L, 0xfd13e0b7L, 0x7cc43b81L, 0xd2ada8d9L,
0x165fa266L, 0x80957705L, 0x93cc7314L, 0x211a1477L,
0xe6ad2065L, 0x77b5fa86L, 0xc75442f5L, 0xfb9d35cfL,
0xebcdaf0cL, 0x7b3e89a0L, 0xd6411bd3L, 0xae1e7e49L,
0x00250e2dL, 0x2071b35eL, 0x226800bbL, 0x57b8e0afL,
0x2464369bL, 0xf009b91eL, 0x5563911dL, 0x59dfa6aaL,
0x78c14389L, 0xd95a537fL, 0x207d5ba2L, 0x02e5b9c5L,
0x83260376L, 0x6295cfa9L, 0x11c81968L, 0x4e734a41L,
0xb3472dcaL, 0x7b14a94aL, 0x1b510052L, 0x9a532915L,
0xd60f573fL, 0xbc9bc6e4L, 0x2b60a476L, 0x81e67400L,
0x08ba6fb5L, 0x571be91fL, 0xf296ec6bL, 0x2a0dd915L,
0xb6636521L, 0xe7b9f9b6L, 0xff34052eL, 0xc5855664L,
0x53b02d5dL, 0xa99f8fa1L, 0x08ba4799L, 0x6e85076aL,
0x4b7a70e9L, 0xb5b32944L, 0xdb75092eL, 0xc4192623L,
0xad6ea6b0L, 0x49a7df7dL, 0x9cee60b8L, 0x8fedb266L,
0xecaa8c71L, 0x699a17ffL, 0x5664526cL, 0xc2b19ee1L,
0x193602a5L, 0x75094c29L, 0xa0591340L, 0xe4183a3eL,
0x3f54989aL, 0x5b429d65L, 0x6b8fe4d6L, 0x99f73fd6L,
0xa1d29c07L, 0xefe830f5L, 0x4d2d38e6L, 0xf0255dc1L,
0x4cdd2086L, 0x8470eb26L, 0x6382e9c6L, 0x021ecc5eL,
0x09686b3fL, 0x3ebaefc9L, 0x3c971814L, 0x6b6a70a1L,
0x687f3584L, 0x52a0e286L, 0xb79c5305L, 0xaa500737L,
0x3e07841cL, 0x7fdeae5cL, 0x8e7d44ecL, 0x5716f2b8L,
0xb03ada37L, 0xf0500c0dL, 0xf01c1f04L, 0x0200b3ffL,
0xae0cf51aL, 0x3cb574b2L, 0x25837a58L, 0xdc0921bdL,
0xd19113f9L, 0x7ca92ff6L, 0x94324773L, 0x22f54701L,
0x3ae5e581L, 0x37c2dadcL, 0xc8b57634L, 0x9af3dda7L,
0xa9446146L, 0x0fd0030eL, 0xecc8c73eL, 0xa4751e41L,
0xe238cd99L, 0x3bea0e2fL, 0x3280bba1L, 0x183eb331L,
0x4e548b38L, 0x4f6db908L, 0x6f420d03L, 0xf60a04bfL,
0x2cb81290L, 0x24977c79L, 0x5679b072L, 0xbcaf89afL,
0xde9a771fL, 0xd9930810L, 0xb38bae12L, 0xdccf3f2eL,
0x5512721fL, 0x2e6b7124L, 0x501adde6L, 0x9f84cd87L,
0x7a584718L, 0x7408da17L, 0xbc9f9abcL, 0xe94b7d8cL,
0xec7aec3aL, 0xdb851dfaL, 0x63094366L, 0xc464c3d2L,
0xef1c1847L, 0x3215d908L, 0xdd433b37L, 0x24c2ba16L,
0x12a14d43L, 0x2a65c451L, 0x50940002L, 0x133ae4ddL,
0x71dff89eL, 0x10314e55L, 0x81ac77d6L, 0x5f11199bL,
0x043556f1L, 0xd7a3c76bL, 0x3c11183bL, 0x5924a509L,
0xf28fe6edL, 0x97f1fbfaL, 0x9ebabf2cL, 0x1e153c6eL,
0x86e34570L, 0xeae96fb1L, 0x860e5e0aL, 0x5a3e2ab3L,
0x771fe71cL, 0x4e3d06faL, 0x2965dcb9L, 0x99e71d0fL,
0x803e89d6L, 0x5266c825L, 0x2e4cc978L, 0x9c10b36aL,
0xc6150ebaL, 0x94e2ea78L, 0xa5fc3c53L, 0x1e0a2df4L,
0xf2f74ea7L, 0x361d2b3dL, 0x1939260fL, 0x19c27960L,
0x5223a708L, 0xf71312b6L, 0xebadfe6eL, 0xeac31f66L,
0xe3bc4595L, 0xa67bc883L, 0xb17f37d1L, 0x018cff28L,
0xc332ddefL, 0xbe6c5aa5L, 0x65582185L, 0x68ab9802L,
0xeecea50fL, 0xdb2f953bL, 0x2aef7dadL, 0x5b6e2f84L,
0x1521b628L, 0x29076170L, 0xecdd4775L, 0x619f1510L,
0x13cca830L, 0xeb61bd96L, 0x0334fe1eL, 0xaa0363cfL,
0xb5735c90L, 0x4c70a239L, 0xd59e9e0bL, 0xcbaade14L,
0xeecc86bcL, 0x60622ca7L, 0x9cab5cabL, 0xb2f3846eL,
0x648b1eafL, 0x19bdf0caL, 0xa02369b9L, 0x655abb50L,
0x40685a32L, 0x3c2ab4b3L, 0x319ee9d5L, 0xc021b8f7L,
0x9b540b19L, 0x875fa099L, 0x95f7997eL, 0x623d7da8L,
0xf837889aL, 0x97e32d77L, 0x11ed935fL, 0x16681281L,
0x0e358829L, 0xc7e61fd6L, 0x96dedfa1L, 0x7858ba99L,
0x57f584a5L, 0x1b227263L, 0x9b83c3ffL, 0x1ac24696L,
0xcdb30aebL, 0x532e3054L, 0x8fd948e4L, 0x6dbc3128L,
0x58ebf2efL, 0x34c6ffeaL, 0xfe28ed61L, 0xee7c3c73L,
0x5d4a14d9L, 0xe864b7e3L, 0x42105d14L, 0x203e13e0L,
0x45eee2b6L, 0xa3aaabeaL, 0xdb6c4f15L, 0xfacb4fd0L,
0xc742f442L, 0xef6abbb5L, 0x654f3b1dL, 0x41cd2105L,
0xd81e799eL, 0x86854dc7L, 0xe44b476aL, 0x3d816250L,
0xcf62a1f2L, 0x5b8d2646L, 0xfc8883a0L, 0xc1c7b6a3L,
0x7f1524c3L, 0x69cb7492L, 0x47848a0bL, 0x5692b285L,
0x095bbf00L, 0xad19489dL, 0x1462b174L, 0x23820e00L,
0x58428d2aL, 0x0c55f5eaL, 0x1dadf43eL, 0x233f7061L,
0x3372f092L, 0x8d937e41L, 0xd65fecf1L, 0x6c223bdbL,
0x7cde3759L, 0xcbee7460L, 0x4085f2a7L, 0xce77326eL,
0xa6078084L, 0x19f8509eL, 0xe8efd855L, 0x61d99735L,
0xa969a7aaL, 0xc50c06c2L, 0x5a04abfcL, 0x800bcadcL,
0x9e447a2eL, 0xc3453484L, 0xfdd56705L, 0x0e1e9ec9L,
0xdb73dbd3L, 0x105588cdL, 0x675fda79L, 0xe3674340L,
0xc5c43465L, 0x713e38d8L, 0x3d28f89eL, 0xf16dff20L,
0x153e21e7L, 0x8fb03d4aL, 0xe6e39f2bL, 0xdb83adf7L,
0xe93d5a68L, 0x948140f7L, 0xf64c261cL, 0x94692934L,
0x411520f7L, 0x7602d4f7L, 0xbcf46b2eL, 0xd4a20068L,
0xd4082471L, 0x3320f46aL, 0x43b7d4b7L, 0x500061afL,
0x1e39f62eL, 0x97244546L, 0x14214f74L, 0xbf8b8840L,
0x4d95fc1dL, 0x96b591afL, 0x70f4ddd3L, 0x66a02f45L,
0xbfbc09ecL, 0x03bd9785L, 0x7fac6dd0L, 0x31cb8504L,
0x96eb27b3L, 0x55fd3941L, 0xda2547e6L, 0xabca0a9aL,
0x28507825L, 0x530429f4L, 0x0a2c86daL, 0xe9b66dfbL,
0x68dc1462L, 0xd7486900L, 0x680ec0a4L, 0x27a18deeL,
0x4f3ffea2L, 0xe887ad8cL, 0xb58ce006L, 0x7af4d6b6L,
0xaace1e7cL, 0xd3375fecL, 0xce78a399L, 0x406b2a42L,
0x20fe9e35L, 0xd9f385b9L, 0xee39d7abL, 0x3b124e8bL,
0x1dc9faf7L, 0x4b6d1856L, 0x26a36631L, 0xeae397b2L,
0x3a6efa74L, 0xdd5b4332L, 0x6841e7f7L, 0xca7820fbL,
0xfb0af54eL, 0xd8feb397L, 0x454056acL, 0xba489527L,
0x55533a3aL, 0x20838d87L, 0xfe6ba9b7L, 0xd096954bL,
0x55a867bcL, 0xa1159a58L, 0xcca92963L, 0x99e1db33L,
0xa62a4a56L, 0x3f3125f9L, 0x5ef47e1cL, 0x9029317cL,
0xfdf8e802L, 0x04272f70L, 0x80bb155cL, 0x05282ce3L,
0x95c11548L, 0xe4c66d22L, 0x48c1133fL, 0xc70f86dcL,
0x07f9c9eeL, 0x41041f0fL, 0x404779a4L, 0x5d886e17L,
0x325f51ebL, 0xd59bc0d1L, 0xf2bcc18fL, 0x41113564L,
0x257b7834L, 0x602a9c60L, 0xdff8e8a3L, 0x1f636c1bL,
0x0e12b4c2L, 0x02e1329eL, 0xaf664fd1L, 0xcad18115L,
0x6b2395e0L, 0x333e92e1L, 0x3b240b62L, 0xeebeb922L,
0x85b2a20eL, 0xe6ba0d99L, 0xde720c8cL, 0x2da2f728L,
0xd0127845L, 0x95b794fdL, 0x647d0862L, 0xe7ccf5f0L,
0x5449a36fL, 0x877d48faL, 0xc39dfd27L, 0xf33e8d1eL,
0x0a476341L, 0x992eff74L, 0x3a6f6eabL, 0xf4f8fd37L,
0xa812dc60L, 0xa1ebddf8L, 0x991be14cL, 0xdb6e6b0dL,
0xc67b5510L, 0x6d672c37L, 0x2765d43bL, 0xdcd0e804L,
0xf1290dc7L, 0xcc00ffa3L, 0xb5390f92L, 0x690fed0bL,
0x667b9ffbL, 0xcedb7d9cL, 0xa091cf0bL, 0xd9155ea3L,
0xbb132f88L, 0x515bad24L, 0x7b9479bfL, 0x763bd6ebL,
0x37392eb3L, 0xcc115979L, 0x8026e297L, 0xf42e312dL,
0x6842ada7L, 0xc66a2b3bL, 0x12754cccL, 0x782ef11cL,
0x6a124237L, 0xb79251e7L, 0x06a1bbe6L, 0x4bfb6350L,
0x1a6b1018L, 0x11caedfaL, 0x3d25bdd8L, 0xe2e1c3c9L,
0x44421659L, 0x0a121386L, 0xd90cec6eL, 0xd5abea2aL,
0x64af674eL, 0xda86a85fL, 0xbebfe988L, 0x64e4c3feL,
0x9dbc8057L, 0xf0f7c086L, 0x60787bf8L, 0x6003604dL,
0xd1fd8346L, 0xf6381fb0L, 0x7745ae04L, 0xd736fcccL,
0x83426b33L, 0xf01eab71L, 0xb0804187L, 0x3c005e5fL,
0x77a057beL, 0xbde8ae24L, 0x55464299L, 0xbf582e61L,
0x4e58f48fL, 0xf2ddfda2L, 0xf474ef38L, 0x8789bdc2L,
0x5366f9c3L, 0xc8b38e74L, 0xb475f255L, 0x46fcd9b9L,
0x7aeb2661L, 0x8b1ddf84L, 0x846a0e79L, 0x915f95e2L,
0x466e598eL, 0x20b45770L, 0x8cd55591L, 0xc902de4cL,
0xb90bace1L, 0xbb8205d0L, 0x11a86248L, 0x7574a99eL,
0xb77f19b6L, 0xe0a9dc09L, 0x662d09a1L, 0xc4324633L,
0xe85a1f02L, 0x09f0be8cL, 0x4a99a025L, 0x1d6efe10L,
0x1ab93d1dL, 0x0ba5a4dfL, 0xa186f20fL, 0x2868f169L,
0xdcb7da83L, 0x573906feL, 0xa1e2ce9bL, 0x4fcd7f52L,
0x50115e01L, 0xa70683faL, 0xa002b5c4L, 0x0de6d027L,
0x9af88c27L, 0x773f8641L, 0xc3604c06L, 0x61a806b5L,
0xf0177a28L, 0xc0f586e0L, 0x006058aaL, 0x30dc7d62L,
0x11e69ed7L, 0x2338ea63L, 0x53c2dd94L, 0xc2c21634L,
0xbbcbee56L, 0x90bcb6deL, 0xebfc7da1L, 0xce591d76L,
0x6f05e409L, 0x4b7c0188L, 0x39720a3dL, 0x7c927c24L,
0x86e3725fL, 0x724d9db9L, 0x1ac15bb4L, 0xd39eb8fcL,
0xed545578L, 0x08fca5b5L, 0xd83d7cd3L, 0x4dad0fc4L,
0x1e50ef5eL, 0xb161e6f8L, 0xa28514d9L, 0x6c51133cL,
0x6fd5c7e7L, 0x56e14ec4L, 0x362abfceL, 0xddc6c837L,
0xd79a3234L, 0x92638212L, 0x670efa8eL, 0x406000e0L,
0x3a39ce37L, 0xd3faf5cfL, 0xabc27737L, 0x5ac52d1bL,
0x5cb0679eL, 0x4fa33742L, 0xd3822740L, 0x99bc9bbeL,
0xd5118e9dL, 0xbf0f7315L, 0xd62d1c7eL, 0xc700c47bL,
0xb78c1b6bL, 0x21a19045L, 0xb26eb1beL, 0x6a366eb4L,
0x5748ab2fL, 0xbc946e79L, 0xc6a376d2L, 0x6549c2c8L,
0x530ff8eeL, 0x468dde7dL, 0xd5730a1dL, 0x4cd04dc6L,
0x2939bbdbL, 0xa9ba4650L, 0xac9526e8L, 0xbe5ee304L,
0xa1fad5f0L, 0x6a2d519aL, 0x63ef8ce2L, 0x9a86ee22L,
0xc089c2b8L, 0x43242ef6L, 0xa51e03aaL, 0x9cf2d0a4L,
0x83c061baL, 0x9be96a4dL, 0x8fe51550L, 0xba645bd6L,
0x2826a2f9L, 0xa73a3ae1L, 0x4ba99586L, 0xef5562e9L,
0xc72fefd3L, 0xf752f7daL, 0x3f046f69L, 0x77fa0a59L,
0x80e4a915L, 0x87b08601L, 0x9b09e6adL, 0x3b3ee593L,
0xe990fd5aL, 0x9e34d797L, 0x2cf0b7d9L, 0x022b8b51L,
0x96d5ac3aL, 0x017da67dL, 0xd1cf3ed6L, 0x7c7d2d28L,
0x1f9f25cfL, 0xadf2b89bL, 0x5ad6b472L, 0x5a88f54cL,
0xe029ac71L, 0xe019a5e6L, 0x47b0acfdL, 0xed93fa9bL,
0xe8d3c48dL, 0x283b57ccL, 0xf8d56629L, 0x79132e28L,
0x785f0191L, 0xed756055L, 0xf7960e44L, 0xe3d35e8cL,
0x15056dd4L, 0x88f46dbaL, 0x03a16125L, 0x0564f0bdL,
0xc3eb9e15L, 0x3c9057a2L, 0x97271aecL, 0xa93a072aL,
0x1b3f6d9bL, 0x1e6321f5L, 0xf59c66fbL, 0x26dcf319L,
0x7533d928L, 0xb155fdf5L, 0x03563482L, 0x8aba3cbbL,
0x28517711L, 0xc20ad9f8L, 0xabcc5167L, 0xccad925fL,
0x4de81751L, 0x3830dc8eL, 0x379d5862L, 0x9320f991L,
0xea7a90c2L, 0xfb3e7bceL, 0x5121ce64L, 0x774fbe32L,
0xa8b6e37eL, 0xc3293d46L, 0x48de5369L, 0x6413e680L,
0xa2ae0810L, 0xdd6db224L, 0x69852dfdL, 0x09072166L,
0xb39a460aL, 0x6445c0ddL, 0x586cdecfL, 0x1c20c8aeL,
0x5bbef7ddL, 0x1b588d40L, 0xccd2017fL, 0x6bb4e3bbL,
0xdda26a7eL, 0x3a59ff45L, 0x3e350a44L, 0xbcb4cdd5L,
0x72eacea8L, 0xfa6484bbL, 0x8d6612aeL, 0xbf3c6f47L,
0xd29be463L, 0x542f5d9eL, 0xaec2771bL, 0xf64e6370L,
0x740e0d8dL, 0xe75b1357L, 0xf8721671L, 0xaf537d5dL,
0x4040cb08L, 0x4eb4e2ccL, 0x34d2466aL, 0x0115af84L,
0xe1b00428L, 0x95983a1dL, 0x06b89fb4L, 0xce6ea048L,
0x6f3f3b82L, 0x3520ab82L, 0x011a1d4bL, 0x277227f8L,
0x611560b1L, 0xe7933fdcL, 0xbb3a792bL, 0x344525bdL,
0xa08839e1L, 0x51ce794bL, 0x2f32c9b7L, 0xa01fbac9L,
0xe01cc87eL, 0xbcc7d1f6L, 0xcf0111c3L, 0xa1e8aac7L,
0x1a908749L, 0xd44fbd9aL, 0xd0dadecbL, 0xd50ada38L,
0x0339c32aL, 0xc6913667L, 0x8df9317cL, 0xe0b12b4fL,
0xf79e59b7L, 0x43f5bb3aL, 0xf2d519ffL, 0x27d9459cL,
0xbf97222cL, 0x15e6fc2aL, 0x0f91fc71L, 0x9b941525L,
0xfae59361L, 0xceb69cebL, 0xc2a86459L, 0x12baa8d1L,
0xb6c1075eL, 0xe3056a0cL, 0x10d25065L, 0xcb03a442L,
0xe0ec6e0eL, 0x1698db3bL, 0x4c98a0beL, 0x3278e964L,
0x9f1f9532L, 0xe0d392dfL, 0xd3a0342bL, 0x8971f21eL,
0x1b0a7441L, 0x4ba3348cL, 0xc5be7120L, 0xc37632d8L,
0xdf359f8dL, 0x9b992f2eL, 0xe60b6f47L, 0x0fe3f11dL,
0xe54cda54L, 0x1edad891L, 0xce6279cfL, 0xcd3e7e6fL,
0x1618b166L, 0xfd2c1d05L, 0x848fd2c5L, 0xf6fb2299L,
0xf523f357L, 0xa6327623L, 0x93a83531L, 0x56cccd02L,
0xacf08162L, 0x5a75ebb5L, 0x6e163697L, 0x88d273ccL,
0xde966292L, 0x81b949d0L, 0x4c50901bL, 0x71c65614L,
0xe6c6c7bdL, 0x327a140aL, 0x45e1d006L, 0xc3f27b9aL,
0xc9aa53fdL, 0x62a80f00L, 0xbb25bfe2L, 0x35bdd2f6L,
0x71126905L, 0xb2040222L, 0xb6cbcf7cL, 0xcd769c2bL,
0x53113ec0L, 0x1640e3d3L, 0x38abbd60L, 0x2547adf0L,
0xba38209cL, 0xf746ce76L, 0x77afa1c5L, 0x20756060L,
0x85cbfe4eL, 0x8ae88dd8L, 0x7aaaf9b0L, 0x4cf9aa7eL,
0x1948c25cL, 0x02fb8a8cL, 0x01c36ae4L, 0xd6ebe1f9L,
0x90d4f869L, 0xa65cdea0L, 0x3f09252dL, 0xc208e69fL,
0xb74e6132L, 0xce77e25bL, 0x578fdfe3L, 0x3ac372e6L,
}
};

119
cipher/blowfish/bf_skey.c Normal file
View file

@ -0,0 +1,119 @@
/* crypto/bf/bf_skey.c */
/* Copyright (C) 1995-1997 Eric Young (eay@mincom.oz.au)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@mincom.oz.au).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@mincom.oz.au).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@mincom.oz.au)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@mincom.oz.au)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include <stdio.h>
#include <string.h>
#include "blowfish.h"
#include "bf_locl.h"
#include "bf_pi.h"
void BF_set_key(key,len,data)
BF_KEY *key;
int len;
unsigned char *data;
{
int i;
BF_LONG *p,ri,in[2];
unsigned char *d,*end;
memcpy((char *)key,(char *)&bf_init,sizeof(BF_KEY));
p=key->P;
if (len > ((BF_ROUNDS+2)*4)) len=(BF_ROUNDS+2)*4;
d=data;
end= &(data[len]);
for (i=0; i<(BF_ROUNDS+2); i++)
{
ri= *(d++);
if (d >= end) d=data;
ri<<=8;
ri|= *(d++);
if (d >= end) d=data;
ri<<=8;
ri|= *(d++);
if (d >= end) d=data;
ri<<=8;
ri|= *(d++);
if (d >= end) d=data;
p[i]^=ri;
}
in[0]=0L;
in[1]=0L;
for (i=0; i<(BF_ROUNDS+2); i+=2)
{
BF_encrypt(in,key,BF_ENCRYPT);
p[i ]=in[0];
p[i+1]=in[1];
}
p=key->S;
for (i=0; i<4*256; i+=2)
{
BF_encrypt(in,key,BF_ENCRYPT);
p[i ]=in[0];
p[i+1]=in[1];
}
}

114
cipher/blowfish/blowfish.h Normal file
View file

@ -0,0 +1,114 @@
/* crypto/bf/blowfish.h */
/* Copyright (C) 1995-1997 Eric Young (eay@mincom.oz.au)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@mincom.oz.au).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@mincom.oz.au).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@mincom.oz.au)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@mincom.oz.au)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#ifndef HEADER_BLOWFISH_H
#define HEADER_BLOWFISH_H
#ifdef __cplusplus
extern "C" {
#endif
#define BF_ENCRYPT 1
#define BF_DECRYPT 0
/* If you make this 'unsigned int' the pointer variants will work on
* the Alpha, otherwise they will not. Strangly using the '8 byte'
* BF_LONG and the default 'non-pointer' inner loop is the best configuration
* for the Alpha */
#define BF_LONG unsigned long
#define BF_ROUNDS 16
#define BF_BLOCK 8
typedef struct bf_key_st
{
BF_LONG P[BF_ROUNDS+2];
BF_LONG S[4*256];
} BF_KEY;
#ifndef NOPROTO
void BF_set_key(BF_KEY *key, int len, unsigned char *data);
void BF_ecb_encrypt(unsigned char *in,unsigned char *out,BF_KEY *key,
int encrypt);
void BF_encrypt(BF_LONG *data,BF_KEY *key,int encrypt);
void BF_cbc_encrypt(unsigned char *in, unsigned char *out, long length,
BF_KEY *ks, unsigned char *iv, int encrypt);
void BF_cfb64_encrypt(unsigned char *in, unsigned char *out, long length,
BF_KEY *schedule, unsigned char *ivec, int *num, int encrypt);
void BF_ofb64_encrypt(unsigned char *in, unsigned char *out, long length,
BF_KEY *schedule, unsigned char *ivec, int *num);
char *BF_options(void);
#else
void BF_set_key();
void BF_ecb_encrypt();
void BF_encrypt();
void BF_cbc_encrypt();
void BF_cfb64_encrypt();
void BF_ofb64_encrypt();
char *BF_options();
#endif
#ifdef __cplusplus
}
#endif
#endif

107
cipher/cipher.c Normal file
View file

@ -0,0 +1,107 @@
/*
cipher.c -- wrapper functions for encryption algorithms
Copyright (C) 1999 Ivo Timmermans <zarq@iname.com>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
#include "config.h"
#include <dlfcn.h>
#include <string.h>
#include <syslog.h>
#include <cipher.h>
#include "blowfish/blowfish.h"
#include "idea/idea.h"
#include "net.h"
void (*blowfish_cfb64_encrypt) (unsigned char*, unsigned char*, int,
BF_KEY*, unsigned char*, int*, int) = NULL;
void (*blowfish_set_key) (BF_KEY*, int, char*) = NULL;
unsigned char initvec[] = { 0x22, 0x7b, 0xad, 0x55, 0x41, 0xf4, 0x3e, 0xf3 };
BF_KEY encryption_key;
void low_crypt_key(unsigned char *in, unsigned char *out, BF_KEY *k, long len, int c)
{
int count = 7;
unsigned char ivec[8];
memcpy(ivec, initvec, 8);
blowfish_cfb64_encrypt(in, out, len, k, &ivec[0], &count, c);
}
void do_encrypt(vpn_packet_t *in, real_packet_t *out, enc_key_t *key)
{
unsigned char ivec[8];
int r;
memcpy(ivec, initvec, 8);
cipher_set_key(&encryption_key, key->length, key->key);
low_crypt_key((char*)(&in->data), (char*)(&out->data.data),
&encryption_key, in->len, BF_ENCRYPT);
out->len = in->len + 2;
r = (in->len + 2) % 8;
if(r)
out->len += (8-r);
out->len += 8;
/* The smallest multiple of 8 greater
than or equal to in->len + 8 */
out->data.len = in->len;
}
void do_decrypt(real_packet_t *in, vpn_packet_t *out, enc_key_t *key)
{
unsigned char ivec[8];
memcpy(ivec, initvec, 8);
cipher_set_key(&encryption_key, key->length, key->key);
low_crypt_key((char*)(&in->data.data), (char*)(&out->data),
&encryption_key, in->data.len, BF_DECRYPT);
out->len = in->data.len;
}
void cipher_set_key(BF_KEY *k, int l, char *t)
{
blowfish_set_key(k, l, t);
}
int cipher_init(int which)
{
void *dlhandle;
char *error;
if((dlhandle = dlopen(PKGLIBDIR "libblowfish.so.0", RTLD_LAZY)) == NULL)
{
syslog(LOG_ERR, "%s: %m", PKGLIBDIR "libblowfish.so.0");
return -1;
}
blowfish_cfb64_encrypt = dlsym(dlhandle, "BF_cfb64_encrypt");
if((error = dlerror()) != NULL)
{
syslog(LOG_ERR, "%s", error);
return -1;
}
blowfish_set_key = dlsym(dlhandle, "BF_set_key");
return 0;
}

41
cipher/cipher.h Normal file
View file

@ -0,0 +1,41 @@
/*
cipher.c -- header file for cipher.c
Copyright (C) 1999 Ivo Timmermans <zarq@iname.com>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
#ifndef __TINC_CIPHER_H__
#define __TINC_CIPHER_H__
#include "blowfish/blowfish.h"
#include "net.h"
enum {
CIPHER_BLOWFISH = 1,
CIPHER_IDEA
};
extern BF_KEY encryption_key;
void low_crypt_key(unsigned char*, unsigned char*, BF_KEY*, long, int);
void do_encrypt(vpn_packet_t *in, real_packet_t *out, enc_key_t *);
void do_decrypt(real_packet_t *in, vpn_packet_t *out, enc_key_t *);
void cipher_set_key(BF_KEY*, int, char*);
int cipher_init(int);
#endif /* __TINC_CIPHER_H__ */

46
cipher/idea/COPYRIGHT Normal file
View file

@ -0,0 +1,46 @@
Copyright (C) 1995-1997 Eric Young (eay@mincom.oz.au)
All rights reserved.
This package is an Blowfish implementation written
by Eric Young (eay@mincom.oz.au).
This library is free for commercial and non-commercial use as long as
the following conditions are aheared to. The following conditions
apply to all code found in this distribution.
Copyright remains Eric Young's, and as such any Copyright notices in
the code are not to be removed.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. All advertising materials mentioning features or use of this software
must display the following acknowledgement:
This product includes software developed by Eric Young (eay@mincom.oz.au)
THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
SUCH DAMAGE.
The license and distribution terms for any publically available version or
derivative of this code cannot be changed. i.e. this code cannot simply be
copied and put under another distrubution license
[including the GNU Public License.]
The reason behind this being stated in this direct manner is past
experience in code simply being copied and the attribution removed
from it and then being distributed as part of other packages. This
implementation was a non-trivial and unpaid effort.

14
cipher/idea/Makefile.am Normal file
View file

@ -0,0 +1,14 @@
## Process this file with automake to produce Makefile.in
pkglib_LTLIBRARIES = libidea.la
INCLUDES = -I.. -I$(srcdir)
libidea_la_SOURCES = i_skey.c i_ecb.c i_cbc.c \
i_cfb64.c i_ofb64.c
libidea_la_LDFLAGS = -version-info 0:1:0 -export-dynamic
noinst_HEADERS = idea_lcl.h idea.h
EXTRA_DIST = COPYRIGHT

175
cipher/idea/i_cbc.c Normal file
View file

@ -0,0 +1,175 @@
/* crypto/idea/i_cbc.c */
/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include "idea.h"
#include "idea_lcl.h"
void idea_cbc_encrypt(in, out, length, ks, iv, encrypt)
unsigned char *in;
unsigned char *out;
long length;
IDEA_KEY_SCHEDULE *ks;
unsigned char *iv;
int encrypt;
{
register unsigned long tin0,tin1;
register unsigned long tout0,tout1,xor0,xor1;
register long l=length;
unsigned long tin[2];
if (encrypt)
{
n2l(iv,tout0);
n2l(iv,tout1);
iv-=8;
for (l-=8; l>=0; l-=8)
{
n2l(in,tin0);
n2l(in,tin1);
tin0^=tout0;
tin1^=tout1;
tin[0]=tin0;
tin[1]=tin1;
idea_encrypt(tin,ks);
tout0=tin[0]; l2n(tout0,out);
tout1=tin[1]; l2n(tout1,out);
}
if (l != -8)
{
n2ln(in,tin0,tin1,l+8);
tin0^=tout0;
tin1^=tout1;
tin[0]=tin0;
tin[1]=tin1;
idea_encrypt(tin,ks);
tout0=tin[0]; l2n(tout0,out);
tout1=tin[1]; l2n(tout1,out);
}
l2n(tout0,iv);
l2n(tout1,iv);
}
else
{
n2l(iv,xor0);
n2l(iv,xor1);
iv-=8;
for (l-=8; l>=0; l-=8)
{
n2l(in,tin0); tin[0]=tin0;
n2l(in,tin1); tin[1]=tin1;
idea_encrypt(tin,ks);
tout0=tin[0]^xor0;
tout1=tin[1]^xor1;
l2n(tout0,out);
l2n(tout1,out);
xor0=tin0;
xor1=tin1;
}
if (l != -8)
{
n2l(in,tin0); tin[0]=tin0;
n2l(in,tin1); tin[1]=tin1;
idea_encrypt(tin,ks);
tout0=tin[0]^xor0;
tout1=tin[1]^xor1;
l2nn(tout0,tout1,out,l+8);
xor0=tin0;
xor1=tin1;
}
l2n(xor0,iv);
l2n(xor1,iv);
}
tin0=tin1=tout0=tout1=xor0=xor1=0;
tin[0]=tin[1]=0;
}
void idea_encrypt(d,key)
unsigned long *d;
IDEA_KEY_SCHEDULE *key;
{
register IDEA_INT *p;
register unsigned long x1,x2,x3,x4,t0,t1,ul;
x2=d[0];
x1=(x2>>16);
x4=d[1];
x3=(x4>>16);
p= &(key->data[0][0]);
E_IDEA(0);
E_IDEA(1);
E_IDEA(2);
E_IDEA(3);
E_IDEA(4);
E_IDEA(5);
E_IDEA(6);
E_IDEA(7);
x1&=0xffff;
idea_mul(x1,x1,*p,ul); p++;
t0= x3+ *(p++);
t1= x2+ *(p++);
x4&=0xffff;
idea_mul(x4,x4,*p,ul);
d[0]=(t0&0xffff)|((x1&0xffff)<<16);
d[1]=(x4&0xffff)|((t1&0xffff)<<16);
}

127
cipher/idea/i_cfb64.c Normal file
View file

@ -0,0 +1,127 @@
/* crypto/idea/i_cfb64.c */
/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include "idea.h"
#include "idea_lcl.h"
/* The input and output encrypted as though 64bit cfb mode is being
* used. The extra state information to record how much of the
* 64bit block we have used is contained in *num;
*/
void idea_cfb64_encrypt(in, out, length, schedule, ivec, num, encrypt)
unsigned char *in;
unsigned char *out;
long length;
IDEA_KEY_SCHEDULE *schedule;
unsigned char *ivec;
int *num;
int encrypt;
{
register unsigned long v0,v1,t;
register int n= *num;
register long l=length;
unsigned long ti[2];
unsigned char *iv,c,cc;
iv=(unsigned char *)ivec;
if (encrypt)
{
while (l--)
{
if (n == 0)
{
n2l(iv,v0); ti[0]=v0;
n2l(iv,v1); ti[1]=v1;
idea_encrypt((unsigned long *)ti,schedule);
iv=(unsigned char *)ivec;
t=ti[0]; l2n(t,iv);
t=ti[1]; l2n(t,iv);
iv=(unsigned char *)ivec;
}
c= *(in++)^iv[n];
*(out++)=c;
iv[n]=c;
n=(n+1)&0x07;
}
}
else
{
while (l--)
{
if (n == 0)
{
n2l(iv,v0); ti[0]=v0;
n2l(iv,v1); ti[1]=v1;
idea_encrypt((unsigned long *)ti,schedule);
iv=(unsigned char *)ivec;
t=ti[0]; l2n(t,iv);
t=ti[1]; l2n(t,iv);
iv=(unsigned char *)ivec;
}
cc= *(in++);
c=iv[n];
iv[n]=cc;
*(out++)=c^cc;
n=(n+1)&0x07;
}
}
v0=v1=ti[0]=ti[1]=t=c=cc=0;
*num=n;
}

86
cipher/idea/i_ecb.c Normal file
View file

@ -0,0 +1,86 @@
/* crypto/idea/i_ecb.c */
/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include "idea.h"
#include "idea_lcl.h"
char *IDEA_version="IDEA part of SSLeay 0.8.2b 08-Jan-1998";
char *idea_options()
{
if (sizeof(short) != sizeof(IDEA_INT))
return("idea(int)");
else
return("idea(short)");
}
void idea_ecb_encrypt(in, out, ks)
unsigned char *in;
unsigned char *out;
IDEA_KEY_SCHEDULE *ks;
{
unsigned long l0,l1,d[2];
n2l(in,l0); d[0]=l0;
n2l(in,l1); d[1]=l1;
idea_encrypt(d,ks);
l0=d[0]; l2n(l0,out);
l1=d[1]; l2n(l1,out);
l0=l1=d[0]=d[1]=0;
}

115
cipher/idea/i_ofb64.c Normal file
View file

@ -0,0 +1,115 @@
/* crypto/idea/i_ofb64.c */
/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include "idea.h"
#include "idea_lcl.h"
/* The input and output encrypted as though 64bit ofb mode is being
* used. The extra state information to record how much of the
* 64bit block we have used is contained in *num;
*/
void idea_ofb64_encrypt(in, out, length, schedule, ivec, num)
unsigned char *in;
unsigned char *out;
long length;
IDEA_KEY_SCHEDULE *schedule;
unsigned char *ivec;
int *num;
{
register unsigned long v0,v1,t;
register int n= *num;
register long l=length;
unsigned char d[8];
register char *dp;
unsigned long ti[2];
unsigned char *iv;
int save=0;
iv=(unsigned char *)ivec;
n2l(iv,v0);
n2l(iv,v1);
ti[0]=v0;
ti[1]=v1;
dp=(char *)d;
l2n(v0,dp);
l2n(v1,dp);
while (l--)
{
if (n == 0)
{
idea_encrypt((unsigned long *)ti,schedule);
dp=(char *)d;
t=ti[0]; l2n(t,dp);
t=ti[1]; l2n(t,dp);
save++;
}
*(out++)= *(in++)^d[n];
n=(n+1)&0x07;
}
if (save)
{
v0=ti[0];
v1=ti[1];
iv=(unsigned char *)ivec;
l2n(v0,iv);
l2n(v1,iv);
}
t=v0=v1=ti[0]=ti[1]=0;
*num=n;
}

166
cipher/idea/i_skey.c Normal file
View file

@ -0,0 +1,166 @@
/* crypto/idea/i_skey.c */
/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include "idea.h"
#include "idea_lcl.h"
#ifndef NOPROTO
static IDEA_INT inverse(unsigned int xin);
#else
static IDEA_INT inverse();
#endif
void idea_set_encrypt_key(key, ks)
unsigned char *key;
IDEA_KEY_SCHEDULE *ks;
{
int i;
register IDEA_INT *kt,*kf,r0,r1,r2;
kt= &(ks->data[0][0]);
n2s(key,kt[0]); n2s(key,kt[1]); n2s(key,kt[2]); n2s(key,kt[3]);
n2s(key,kt[4]); n2s(key,kt[5]); n2s(key,kt[6]); n2s(key,kt[7]);
kf=kt;
kt+=8;
for (i=0; i<6; i++)
{
r2= kf[1];
r1= kf[2];
*(kt++)= ((r2<<9) | (r1>>7))&0xffff;
r0= kf[3];
*(kt++)= ((r1<<9) | (r0>>7))&0xffff;
r1= kf[4];
*(kt++)= ((r0<<9) | (r1>>7))&0xffff;
r0= kf[5];
*(kt++)= ((r1<<9) | (r0>>7))&0xffff;
r1= kf[6];
*(kt++)= ((r0<<9) | (r1>>7))&0xffff;
r0= kf[7];
*(kt++)= ((r1<<9) | (r0>>7))&0xffff;
r1= kf[0];
if (i >= 5) break;
*(kt++)= ((r0<<9) | (r1>>7))&0xffff;
*(kt++)= ((r1<<9) | (r2>>7))&0xffff;
kf+=8;
}
}
void idea_set_decrypt_key(ek, dk)
IDEA_KEY_SCHEDULE *ek;
IDEA_KEY_SCHEDULE *dk;
{
int r;
register IDEA_INT *fp,*tp,t;
tp= &(dk->data[0][0]);
fp= &(ek->data[8][0]);
for (r=0; r<9; r++)
{
*(tp++)=inverse(fp[0]);
*(tp++)=((int)(0x10000L-fp[2])&0xffff);
*(tp++)=((int)(0x10000L-fp[1])&0xffff);
*(tp++)=inverse(fp[3]);
if (r == 8) break;
fp-=6;
*(tp++)=fp[4];
*(tp++)=fp[5];
}
tp= &(dk->data[0][0]);
t=tp[1];
tp[1]=tp[2];
tp[2]=t;
t=tp[49];
tp[49]=tp[50];
tp[50]=t;
}
/* taken directly from the 'paper' I'll have a look at it later */
static IDEA_INT inverse(xin)
unsigned int xin;
{
long n1,n2,q,r,b1,b2,t;
if (xin == 0)
b2=0;
else
{
n1=0x10001;
n2=xin;
b2=1;
b1=0;
do {
r=(n1%n2);
q=(n1-r)/n2;
if (r == 0)
{ if (b2 < 0) b2=0x10001+b2; }
else
{
n1=n2;
n2=r;
t=b2;
b2=b1-q*b2;
b1=t;
}
} while (r != 0);
}
return((IDEA_INT)b2);
}

116
cipher/idea/idea.h Normal file
View file

@ -0,0 +1,116 @@
/* crypto/idea/idea.org */
/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
*
* Always modify idea.org since idea.h is automatically generated from
* it during SSLeay configuration.
*
* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
*/
#ifndef HEADER_IDEA_H
#define HEADER_IDEA_H
#ifdef __cplusplus
extern "C" {
#endif
#define IDEA_ENCRYPT 1
#define IDEA_DECRYPT 0
#define IDEA_INT unsigned int
#define IDEA_BLOCK 8
#define IDEA_KEY_LENGTH 16
typedef struct idea_key_st
{
IDEA_INT data[9][6];
} IDEA_KEY_SCHEDULE;
#ifndef NOPROTO
char *idea_options(void);
void idea_ecb_encrypt(unsigned char *in, unsigned char *out,
IDEA_KEY_SCHEDULE *ks);
void idea_set_encrypt_key(unsigned char *key, IDEA_KEY_SCHEDULE *ks);
void idea_set_decrypt_key(IDEA_KEY_SCHEDULE *ek, IDEA_KEY_SCHEDULE *dk);
void idea_cbc_encrypt(unsigned char *in, unsigned char *out,
long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,int enc);
void idea_cfb64_encrypt(unsigned char *in, unsigned char *out,
long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,
int *num,int enc);
void idea_ofb64_encrypt(unsigned char *in, unsigned char *out,
long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv, int *num);
void idea_encrypt(unsigned long *in, IDEA_KEY_SCHEDULE *ks);
#else
char *idea_options();
void idea_ecb_encrypt();
void idea_set_encrypt_key();
void idea_set_decrypt_key();
void idea_cbc_encrypt();
void idea_cfb64_encrypt();
void idea_ofb64_encrypt();
void idea_encrypt();
#endif
#ifdef __cplusplus
}
#endif
#endif

215
cipher/idea/idea_lcl.h Normal file
View file

@ -0,0 +1,215 @@
/* crypto/idea/idea_lcl.h */
/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
/* The new form of this macro (check if the a*b == 0) was sugested by
* Colin Plumb <colin@nyx10.cs.du.edu> */
/* Removal of the inner if from from Wei Dai 24/4/96 */
#define idea_mul(r,a,b,ul) \
ul=(unsigned long)a*b; \
if (ul != 0) \
{ \
r=(ul&0xffff)-(ul>>16); \
r-=((r)>>16); \
} \
else \
r=(-(int)a-b+1); /* assuming a or b is 0 and in range */ \
#ifdef undef
#define idea_mul(r,a,b,ul,sl) \
if (a == 0) r=(0x10001-b)&0xffff; \
else if (b == 0) r=(0x10001-a)&0xffff; \
else { \
ul=(unsigned long)a*b; \
sl=(ul&0xffff)-(ul>>16); \
if (sl <= 0) sl+=0x10001; \
r=sl; \
}
#endif
/* 7/12/95 - Many thanks to Rhys Weatherley <rweather@us.oracle.com>
* for pointing out that I was assuming little endian
* byte order for all quantities what idea
* actually used bigendian. No where in the spec does it mention
* this, it is all in terms of 16 bit numbers and even the example
* does not use byte streams for the input example :-(.
* If you byte swap each pair of input, keys and iv, the functions
* would produce the output as the old version :-(.
*/
/* NOTE - c is not incremented as per n2l */
#define n2ln(c,l1,l2,n) { \
c+=n; \
l1=l2=0; \
switch (n) { \
case 8: l2 =((unsigned long)(*(--(c)))) ; \
case 7: l2|=((unsigned long)(*(--(c))))<< 8; \
case 6: l2|=((unsigned long)(*(--(c))))<<16; \
case 5: l2|=((unsigned long)(*(--(c))))<<24; \
case 4: l1 =((unsigned long)(*(--(c)))) ; \
case 3: l1|=((unsigned long)(*(--(c))))<< 8; \
case 2: l1|=((unsigned long)(*(--(c))))<<16; \
case 1: l1|=((unsigned long)(*(--(c))))<<24; \
} \
}
/* NOTE - c is not incremented as per l2n */
#define l2nn(l1,l2,c,n) { \
c+=n; \
switch (n) { \
case 8: *(--(c))=(unsigned char)(((l2) )&0xff); \
case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
case 4: *(--(c))=(unsigned char)(((l1) )&0xff); \
case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
} \
}
#undef n2l
#define n2l(c,l) (l =((unsigned long)(*((c)++)))<<24L, \
l|=((unsigned long)(*((c)++)))<<16L, \
l|=((unsigned long)(*((c)++)))<< 8L, \
l|=((unsigned long)(*((c)++))))
#undef l2n
#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
*((c)++)=(unsigned char)(((l)>>16L)&0xff), \
*((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
*((c)++)=(unsigned char)(((l) )&0xff))
#undef s2n
#define s2n(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
*((c)++)=(unsigned char)(((l)>> 8L)&0xff))
#undef n2s
#define n2s(c,l) (l =((IDEA_INT)(*((c)++)))<< 8L, \
l|=((IDEA_INT)(*((c)++))) )
#ifdef undef
/* NOTE - c is not incremented as per c2l */
#define c2ln(c,l1,l2,n) { \
c+=n; \
l1=l2=0; \
switch (n) { \
case 8: l2 =((unsigned long)(*(--(c))))<<24; \
case 7: l2|=((unsigned long)(*(--(c))))<<16; \
case 6: l2|=((unsigned long)(*(--(c))))<< 8; \
case 5: l2|=((unsigned long)(*(--(c)))); \
case 4: l1 =((unsigned long)(*(--(c))))<<24; \
case 3: l1|=((unsigned long)(*(--(c))))<<16; \
case 2: l1|=((unsigned long)(*(--(c))))<< 8; \
case 1: l1|=((unsigned long)(*(--(c)))); \
} \
}
/* NOTE - c is not incremented as per l2c */
#define l2cn(l1,l2,c,n) { \
c+=n; \
switch (n) { \
case 8: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
case 7: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
case 6: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \
case 4: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
case 3: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
case 2: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \
} \
}
#undef c2s
#define c2s(c,l) (l =((unsigned long)(*((c)++))) , \
l|=((unsigned long)(*((c)++)))<< 8L)
#undef s2c
#define s2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
*((c)++)=(unsigned char)(((l)>> 8L)&0xff))
#undef c2l
#define c2l(c,l) (l =((unsigned long)(*((c)++))) , \
l|=((unsigned long)(*((c)++)))<< 8L, \
l|=((unsigned long)(*((c)++)))<<16L, \
l|=((unsigned long)(*((c)++)))<<24L)
#undef l2c
#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
*((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
*((c)++)=(unsigned char)(((l)>>16L)&0xff), \
*((c)++)=(unsigned char)(((l)>>24L)&0xff))
#endif
#define E_IDEA(num) \
x1&=0xffff; \
idea_mul(x1,x1,*p,ul); p++; \
x2+= *(p++); \
x3+= *(p++); \
x4&=0xffff; \
idea_mul(x4,x4,*p,ul); p++; \
t0=(x1^x3)&0xffff; \
idea_mul(t0,t0,*p,ul); p++; \
t1=(t0+(x2^x4))&0xffff; \
idea_mul(t1,t1,*p,ul); p++; \
t0+=t1; \
x1^=t1; \
x4^=t0; \
ul=x2^t0; /* do the swap to x3 */ \
x2=x3^t1; \
x3=ul;

1087
config.guess vendored Normal file
View file

File diff suppressed because it is too large Load diff

116
config.h.in Normal file
View file

@ -0,0 +1,116 @@
/* config.h.in. Generated automatically from configure.in by autoheader. */
/* Define if using alloca.c. */
#undef C_ALLOCA
/* Define to empty if the keyword does not work. */
#undef const
/* Define to one of _getb67, GETB67, getb67 for Cray-2 and Cray-YMP systems.
This function is required for alloca.c support on those systems. */
#undef CRAY_STACKSEG_END
/* Define if you have alloca, as a function or macro. */
#undef HAVE_ALLOCA
/* Define if you have <alloca.h> and it should be used (not on Ultrix). */
#undef HAVE_ALLOCA_H
/* Define to `int' if <sys/types.h> doesn't define. */
#undef pid_t
/* Define as the return type of signal handlers (int or void). */
#undef RETSIGTYPE
/* Define to `unsigned' if <sys/types.h> doesn't define. */
#undef size_t
/* If using the C implementation of alloca, define if you know the
direction of stack growth for your system; otherwise it will be
automatically deduced at run-time.
STACK_DIRECTION > 0 => grows toward higher addresses
STACK_DIRECTION < 0 => grows toward lower addresses
STACK_DIRECTION = 0 => direction of growth unknown
*/
#undef STACK_DIRECTION
/* Define if you have the ANSI C header files. */
#undef STDC_HEADERS
/* Define if you can safely include both <sys/time.h> and <time.h>. */
#undef TIME_WITH_SYS_TIME
/* Define if your <sys/time.h> declares struct tm. */
#undef TM_IN_SYS_TIME
/* Define if your processor stores words with the most significant
byte first (like Motorola and SPARC, unlike Intel and VAX). */
#undef WORDS_BIGENDIAN
/* Define to rpl_malloc if the replacement function should be used. */
#undef malloc
/* Define to rpl_realloc if the replacement function should be used. */
#undef realloc
/* This is always defined. It enables GNU extensions on systems that
have them. */
#if !defined(_GNU_SOURCE)
# undef _GNU_SOURCE
#endif
#if !defined(__USE_BSD)
# undef __USE_BSD
#endif
/* Define if you have the DONE_WORKING_MALLOC_CHECK function. */
#undef HAVE_DONE_WORKING_MALLOC_CHECK
/* Define if you have the DONE_WORKING_REALLOC_CHECK function. */
#undef HAVE_DONE_WORKING_REALLOC_CHECK
/* Define if you have the ftime function. */
#undef HAVE_FTIME
/* Define if you have the select function. */
#undef HAVE_SELECT
/* Define if you have the socket function. */
#undef HAVE_SOCKET
/* Define if you have the strerror function. */
#undef HAVE_STRERROR
/* Define if you have the strtol function. */
#undef HAVE_STRTOL
/* Define if you have the <fcntl.h> header file. */
#undef HAVE_FCNTL_H
/* Define if you have the <gmp.h> header file. */
#undef HAVE_GMP_H
/* Define if you have the <gmp2/gmp.h> header file. */
#undef HAVE_GMP2_GMP_H
/* Define if you have the <limits.h> header file. */
#undef HAVE_LIMITS_H
/* Define if you have the <sys/ioctl.h> header file. */
#undef HAVE_SYS_IOCTL_H
/* Define if you have the <sys/time.h> header file. */
#undef HAVE_SYS_TIME_H
/* Define if you have the <syslog.h> header file. */
#undef HAVE_SYSLOG_H
/* Define if you have the <unistd.h> header file. */
#undef HAVE_UNISTD_H
/* Name of package */
#undef PACKAGE
/* Version number of package */
#undef VERSION

1215
config.sub vendored Normal file
View file

File diff suppressed because it is too large Load diff

64
configure.in Normal file
View file

@ -0,0 +1,64 @@
dnl Process this file with autoconf to produce a configure script.
AC_INIT(src/tincd.c)
AM_INIT_AUTOMAKE(tinc, 0.3.4)
AM_CONFIG_HEADER(config.h)
# Enable GNU extensions.
# Define this here, not in acconfig's @TOP@ section, since definitions
# in the latter don't make it into the configure-time tests.
AC_DEFINE([_GNU_SOURCE])
AC_DEFINE([__USE_BSD])
dnl Checks for programs.
AC_PROG_CC
AC_PROG_CPP
AC_PROG_GCC_TRADITIONAL
AC_PROG_AWK
AC_PROG_INSTALL
AC_PROG_LN_S
AC_PROG_RANLIB
AC_PROG_MAKE_SET
jm_PERL
AM_PROG_LIBTOOL
dnl Checks for libraries.
dnl Checks for header files.
AC_HEADER_STDC
AC_CHECK_HEADERS(fcntl.h limits.h sys/ioctl.h syslog.h unistd.h gmp.h gmp2/gmp.h \
sys/time.h)
dnl Checks for typedefs, structures, and compiler characteristics.
AC_C_CONST
AC_C_BIGENDIAN
AC_TYPE_PID_T
AC_TYPE_SIZE_T
AC_HEADER_TIME
AC_STRUCT_TM
dnl Checks for library functions.
AC_FUNC_MEMCMP
AC_FUNC_ALLOCA
AC_TYPE_SIGNAL
AC_CHECK_FUNCS(ftime socket select strtol strerror)
jm_FUNC_MALLOC
jm_FUNC_REALLOC
# Check for the GNU Multi Precision Library
libgmp=none
AC_CHECK_LIB(gmp2, mpz_powm, [
libgmp=gmp2
])
AC_CHECK_LIB(gmp, mpz_powm, [
libgmp=gmp
])
if test $libgmp = none; then
AC_MSG_ERROR(libgmp is not installed. Please grab it from your
nearest GNU mirror and install it (see README))
else
LIBS="$LIBS -l$libgmp"
fi
AC_OUTPUT([Makefile src/Makefile cipher/Makefile cipher/blowfish/Makefile
cipher/idea/Makefile doc/Makefile lib/Makefile m4/Makefile])

23
doc/GNUmakefile Normal file
View file

@ -0,0 +1,23 @@
# Having a separate GNUmakefile lets me use features of GNU make
# to generate the man pages.
# This makefile is used only if you run GNU Make.
# It is necessary if you want to build targets usually of interest
# only to the maintainer.
have-Makefile := $(shell test -f Makefile && echo yes)
# If the user runs GNU make but has not yet run ./configure,
# give them a diagnostic.
ifeq ($(have-Makefile),yes)
include Makefile
include $(srcdir)/Makefile.maint
else
all:
@echo There seems to be no Makefile in this directory.
@echo "You must run ./configure before running \`make'."
@exit 1
endif

23
doc/Makefile.am Normal file
View file

@ -0,0 +1,23 @@
## Process this file with automake to get Makefile.in
info_TEXINFOS = tinc.texi
dyn_MANS = tincd.8
man_aux = $(dyn_MANS:.8=.x)
man_MANS = tincd.conf.5 $(dyn_MANS)
PERL = @PERL@
HELP2MAN = help2man
MAINTAINERCLEANFILES = $(dyn_MANS)
EXTRA_DIST = $(man_MANS) $(HELP2MAN) $(man_aux) \
Makefile.maint GNUmakefile Makefile.summ tincd.conf.sample
# Use `ginstall' in the definition of man_MANS to avoid
# confusion with the `install' target. The install rule transforms `ginstall'
# to install before applying any user-specified name transformations.
transform = s/ginstall/install/; @program_transform_name@
# For additional rules usually of interest only to the maintainer,
# see GNUmakefile and Makefile.maint.

35
doc/Makefile.maint Normal file
View file

@ -0,0 +1,35 @@
# This -*- Makefile -*- uses features of GNU make.
# It is included via GNUmakefile.
# The following one line summaries were extracted from the
# original man pages using this bit of sh code:
# for i in *.1; do echo "$i: "|tr -d '\012'; \
# grep -A1 SH.NAME $i|sed '/SH NAME/d;s/^[^ ][^ ]* .- //'; done
include Makefile.summ
HELP2MAN-run = $(PERL) -w -- $(srcdir)/$(HELP2MAN)
# Depend on configure.in to get version number changes.
$(dyn_MANS): $(top_srcdir)/configure.in
# Depend on the source file containing the --help text.
# Filter out irregular cases.
regular-men = $(filter-out $(irregular-men),$(dyn_MANS))
$(regular-men): %.8: $(top_srcdir)/src/%.c
executable = $(patsubst %/install,%/ginstall, ../src/$(basename $@))
$(dyn_MANS): %.8: %.x $(HELP2MAN)
@if test -f $(executable); then \
echo "Updating man page $@"; \
rm -f $@-t $@; \
$(HELP2MAN-run) \
--name="$($(basename $@)-summary)" \
--include=$(basename $@).x \
$(executable) > $@-t; \
chmod -w $@-t; \
mv $@-t $@; \
else \
echo "WARNING: The man page $@ cannot be updated yet."; \
echo " Retry once the corresponding executable is built."; \
fi

2
doc/Makefile.summ Normal file
View file

@ -0,0 +1,2 @@
# -*- makefile -*-
tincd-summary = tinc daemon

375
doc/help2man Normal file
View file

@ -0,0 +1,375 @@
#!/usr/bin/perl -w
# Generate a short man page from --help and --version output.
# Copyright © 1997, 98 Free Software Foundation, Inc.
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2, or (at your option)
# any later version.
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software Foundation,
# Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
# Written by Brendan O'Dea <bod@compusol.com.au>
use 5.004;
use strict;
use Getopt::Long;
use POSIX qw(strftime setlocale LC_TIME);
my $this_program = 'help2man';
my $this_version = '1.006';
my $version_info = <<EOT;
$this_program $this_version
Copyright (C) 1997, 98 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Written by Brendan O'Dea <bod\@compusol.com.au>
EOT
my $help_info = <<EOT;
`$this_program' generates a man page out of `--help' and `--version' output.
Usage: $this_program [OPTION]... EXECUTABLE
--name=STRING use `STRING' as the description for the NAME paragraph
--include=FILE include material from `FILE'
--opt-include=FILE include material from `FILE' if it exists
--output=FILE send output to `FILE'
--no-info suppress pointer to Texinfo manual
--help print this help, then exit
--version print $this_program program version number, then exit
EXECUTABLE should accept `--help' and `version' options.
EOT
my ($include, $opt_name, $opt_include, $opt_output, $opt_no_info);
# Parse options.
GetOptions (
'name=s' => \$opt_name,
'include=s' => \$include,
'opt-include=s' => \$opt_include,
'output=s' => \$opt_output,
'no-info' => \$opt_no_info,
help => sub { print $help_info; exit },
version => sub { print $version_info; exit },
) or die $help_info;
die $help_info unless @ARGV == 1;
my %include = ();
my @include = (); # to retain order
# Process include file (if given). Format is:
#
# [section name]
# verbatim text
if ($include or $opt_include)
{
if (open INC, $include || $opt_include)
{
my $sect;
while (<INC>)
{
if (/^\[([^]]+)\]/)
{
$sect = uc $1;
$sect =~ s/^\s+//;
$sect =~ s/\s+$//;
next;
}
# Silently ignore anything before the first
# section--allows for comments and revision info.
next unless $sect;
push @include, $sect unless $include{$sect};
$include{$sect} ||= '';
$include{$sect} .= $_;
}
close INC;
die "$this_program: no valid information found in `$include'\n"
unless %include;
# Compress trailing blank lines.
for (keys %include)
{
$include{$_} =~ s/\n+$//;
$include{$_} .= "\n" unless /^NAME$/;
}
}
else
{
die "$this_program: can't open `$include' ($!)\n" if $include;
}
}
# Turn off localisation of executable's ouput.
@ENV{qw(LANGUAGE LANG LC_ALL)} = ('C') x 3;
# Turn off localisation of date (for strftime)
setlocale LC_TIME, 'C';
# Grab help and version paragraphs from executable
my @help = split /\n\n+/, `$ARGV[0] --help 2>/dev/null`
or die "$this_program: can't get `--help' info from $ARGV[0]\n";
my @version = split /\n\n+/, `$ARGV[0] --version 2>/dev/null`
or die "$this_program: can't get `--version' info from $ARGV[0]\n";
my $date = strftime "%B %Y", localtime;
my $program = $ARGV[0]; $program =~ s!.*/!!;
my $package = $program;
my $version;
if ($opt_output)
{
unlink $opt_output
or die "$this_program: can't unlink $opt_output ($!)\n"
if -e $opt_output;
open STDOUT, ">$opt_output"
or die "$this_program: can't create $opt_output ($!)\n";
}
# The first line of the --version information is assumed to be in one
# of the following formats:
#
# <version>
# <program> <version>
# GNU <program> <version>
# <program> (GNU <package>) <version>
# <program> - GNU <package> <version>
#
# and seperated from any copyright/author details by a blank line.
$_ = shift @version;
if (/^(\S+)\s+\((GNU\s+[^)]+)\)\s+(.*)/ or
/^(\S+)\s+-\s*(GNU\s+\S+)\s+(.*)/)
{
$program = $1;
$package = $2;
$version = $3;
}
elsif (/^(GNU\s+)?(\S+)\s+(.*)/)
{
$program = $2;
$package = $1 ? "$1$2" : $2;
$version = $3;
}
else
{
$version = $_;
}
$program =~ s!.*/!!;
# no info for `info' itself
$opt_no_info = 1 if $program eq 'info';
# --name overrides --include contents
$include{NAME} = "$program \\- $opt_name" if $opt_name;
# Default (useless) NAME paragraph
$include{NAME} ||= "$program \\- manual page for $program $version";
# Man pages traditionally have the page title in caps.
my $PROGRAM = uc $program;
# Header.
print <<EOT;
.\" DO NOT MODIFY THIS FILE! It was generated by $this_program $this_version.
.TH $PROGRAM 1 "$date" "$package $version" "FSF"
.SH NAME
$include{NAME}
EOT
my $accumulate = 1;
my @description = ();
sub convert_option;
# Output converted --help information.
for (@help)
{
chomp;
if (s/^Usage:\s+\S+\s+(.*)\n?//)
{
# Turn the usage clause into a synopsis.
my $synopsis = '';
do {
my $syn = $1;
$syn =~ s/(([][]|\.\.+)+)/\\fR$1\\fI/g;
$syn =~ s/^/\\fI/ unless $syn =~ s/^\\fR//;
$syn .= '\fR';
$syn =~ s/\\fI(\s*)\\fR/$1/g;
$synopsis .= ".br\n" unless $accumulate;
$synopsis .= ".B $program\n";
$synopsis .= "$syn\n";
$accumulate = 0;
} while s/^(?:Usage|\s*or):\s+\S+\s+(.*)\n?//;
# Include file overrides SYNOPSIS.
print ".SH SYNOPSIS\n", $include{SYNOPSIS} || $synopsis;
# Dump any accumulated description text.
print ".SH DESCRIPTION\n";
print @description;
# Add additional description text from include file.
if ($include{DESCRIPTION})
{
print ".PP\n" unless $include{DESCRIPTION} =~ /^\..P/;
print $include{DESCRIPTION};
}
next unless $_;
}
# Accumulate text if the synopsis has not been produced yet.
if ($accumulate)
{
push @description, ".PP\n" if @description;
push @description, "$_\n";
next;
}
# Catch start of options.
if (/^Options:/)
{
print qq(.SH OPTIONS\n);
s/Options://;
}
# Catch bug report text.
if (/^Report bugs |^Email bug reports to /)
{
print qq(.SH "REPORTING BUGS"\n$_\n);
next;
}
# Special case for tar 1.12: --label=NAME\nPATTERN.
s{(\n[ \t]*)(-V,[ \t]+--label=NAME.*)\n[ \t]+PATTERN[ \t]+}
{$1$2$1\\&...=PATTERN };
# Convert options.
s/(\s)(-[][\w=-]+|\\&\S+)/$1 . convert_option $2/ge;
# Option subsections have second line indented.
print qq(.SS "$1"\n) if s/^(\S.*)\n(\s)/$2/;
# Lines indented more than about 10 spaces may be assumed to be
# continuations of the previous line.
s/\n {10,}/ /g;
# Lines following dotted (*) or numbered points may also be
# continued if indented to the same level as the text following
# the point.
1 while s{((?:^|\n)(\s+)(?:[1-9][.)]|\*)(\s+)(?:[^\n]+))\n\2 \3(\S)}
{$1 $4}g;
# Indented paragraph.
if (/^\s/)
{
for (split /\n/)
{
s/^\s+//;
s/([^,])\s+/$1\n/;
print ".TP\n$_\n" if $_;
}
}
# Anything else.
else
{
print ".PP\n$_\n";
}
}
# Print any include items other than the ones we have already dealt
# with.
for (@include)
{
print qq(.SH "$_"\n$include{$_})
unless /^(NAME|SYNOPSIS|DESCRIPTION|SEE ALSO)$/;
}
# Refer to the real documentation.
if ($include{'SEE ALSO'} or !$opt_no_info)
{
print qq(.SH "SEE ALSO"\n);
print $include{'SEE ALSO'}, ".PP\n" if $include{'SEE ALSO'};
print <<EOT unless $opt_no_info;
The full documentation for
.B $program
is maintained as a Texinfo manual. If the
.B info
and
.B $program
programs are properly installed at your site, the command
.IP
.B info $program
.PP
should give you access to the complete manual.
EOT
}
# Output converted --version information.
for (@version)
{
chomp;
# Join hyphenated lines.
s/([A-Za-z])-\n */$1/g;
# Convert copyright symbol or (c) to nroff character.
s/Copyright\s+(?:\xa9|\([Cc]\))/Copyright \\(co/g;
# Insert appropriate headings for copyright and author.
if (/^Copyright\s\\/) { print ".SH COPYRIGHT\n" }
elsif (/^Written\s+by/) { print ".SH AUTHOR\n" }
else { print ".PP\n"; }
# Insert line breaks before additional copyright messages and the
# disclaimer.
s/(.)\n(Copyright\s|This is free software)/$1\n.br\n$2/g;
print "$_\n";
}
exit;
# Convert option dashes to \- to stop nroff from hyphenating 'em, and
# embolden. Option arguments get italicised.
sub convert_option
{
my $option = '\fB' . shift;
$option =~ s/-/\\-/g;
unless ($option =~ s/\[=(.*)\]$/\\fR[=\\fI$1\\fR]/)
{
$option =~ s/=(.)/\\fR=\\fI$1/;
$option =~ s/ (.)/ \\fI$1/;
$option .= '\fR';
}
$option;
}

5484
doc/texinfo.tex Normal file
View file

File diff suppressed because it is too large Load diff

1218
doc/tinc.texi Normal file
View file

File diff suppressed because it is too large Load diff

157
doc/tincd.conf.5 Normal file
View file

@ -0,0 +1,157 @@
.TH TINC 5 "March 1999" "tinc version 0.2.16" "FSF"
.SH NAME
tincd.conf \- tinc daemon configuration
.SH "DESCRIPTION"
The files in the \fI/etc/tinc\fR directory contain runtime and
security information for the \fBtinc\fR(8) daemon.
.PP
.SH "NETWORKS"
It is perfectly ok for you to run more than one tinc daemon. However,
in its default form, you will soon notice that you can't use two
different configuration files without the \fI-c\fR option.
We have thought of another way of dealing with this: network
names. This means that you call \fBtincd\fR with the \fI-n\fR argument,
which will assign a name to this daemon.
The effect of this is that the daemon will set its configuration
``root'' to \fI/etc/tinc/\fBnn\fI/\fR, where \fBnn\fR is your argument
to the \fI-n\fR option. You'll notice that it appears in syslog as
``tincd.\fBnn\fR''.
However, it is not strictly necessary that you call tinc with the -n
option. In this case, the network name would just be empty, and it
will be used as such. tinc now looks for files in \fI/etc/tinc/\fR,
instead of \fI/etc/tinc/\fBnn\fI/\fR; the configuration file should be
\fI/etc/tinc/tincd.conf\fR, and the passphrases are now expected to be
in \fI/etc/tinc/passphrases/\fR.
But it is highly recommended that you use this feature of tinc,
because it will be so much clearer whom your daemon talks to. Hence,
we will assume that you use it.
.PP
.SH "PASSPHRASES"
You should use the \fBgenauth\fR(8) program to generate passphrases.
with, it accepts a single parameter, which is the number of bits the
passphrase should be. Its output should be stored in
\fI/etc/tinc/\fBnn\fI/passphrases/local\fR \-\- where \fBnn\fR stands
for the network (See under \fBNETWORKS\fR) above.
Please see the manpage for \fBgenauth\fR to learn more about setting
up an authentication scheme.
.PP
.SH "CONFIGURATION"
The actual configuration of the daemon is done in the file
\fI/etc/tinc/\fBnn\fI/tincd.conf\fR.
This file consists of comments (lines started with a \fB#\fR) or
assignments in the form of
.PP
.Vb 1
\& \fIVariable \fB= \fIValue\fR.
.Ve
.PP
The variable names are case insensitive, and any spaces, tabs,
newlines and carriage returns are ignored. \fINote\fR: it is not
required that you put in the \fB=\fR sign, but doing so improves
readability. If you leave it out, remember to replace it with at least
one space character.
.PP
.SH "VARIABLES"
.PP
Here are all valid variables, listed in alphabetical order:
.TP
\fBAllowConnect = \fB(\fIyes\fB|\fIno\fB)\fR
If set to \fIyes\fR, anyone may try to connect to you. If you set this
to no, no incoming connections will be accepted. This does not affect
the outgoing connections.
.TP
\fBConnectPort = \fIport\fR
Connect to the upstream host (given with the \fBConnectTo\fR
directive) on port \fIport\fR. \fIport\fR may be given in decimal
(default), octal (when preceded by a single zero) or hexadecimal
(prefixed with \fB0x\fR). \fIport\fR is the port number for both the
UDP and the TCP (meta) connections.
.TP
\fBConnectTo = \fB(\fIIP address\fB|\fIhostname\fB)\fR
Specifies which host to connect to on startup. If the
\fBConnectPort\fR variable is omitted, then tinc will try to connect
to port 655.
If you don't specify a host with \fBConnectTo\fR, tinc won't connect
at all, and will instead just listen for incoming connections. Only
the initiator of a tinc VPN should need this.
.TP
\fBKeyExpire = \fIs\fR
The secret (and public) key expires after \fIs\fR seconds. The default
is 3600 seconds, or one hour.
If you make it shorter, a lot of time and bandwidth is spent
negotiating over the new keys. If you make it longer, you make
yourself more vulnerable to crackers, because they have more data to
work with. The best value depends on the speed of the link, and the
amount of data that goes over it.
.TP
\fBListenPort = \fIport\fR
Listen on local port \fIport\fR. The computer connecting to this
daemon should use this number as the argument for his
\fBConnectPort\fR. Again, the default is 655.
.TP
\fBMyOwnVPNIP = \fInetwork address\fR[\fB/\fImaskbits\fR]
The \fInetwork address\fR is the number that the daemon will propagate
to other daemons on the network when it is identifying itself. Hence
this will be the file name of the passphrase file that the other end
expects to find the passphrase in.
\fImaskbits\fR is the number of bits set to 1 in the netmask part.
.TP
\fBMyVirtualIP = \fInetwork address\fR[\fB/\fImaskbits\fR]
This is an alias for \fBMyOwnVPNIP\fR.
.TP
\fBPassphrases = \fIdirectory\fR
The directory where tinc will look for passphrases when someone tries
to cennect. Please see the manpage for \fBgenauth\fR(8) for more
information about passphrases as used by tinc.
.TP
\fBPingTimeout = \fInumber\fR
The number of seconds of inactivity that tinc will wait before sending
a probe to the other end. If that other end doesn't answer within that
same amount of seconds, the connection is terminated, and the others
will be notified of this.
.TP
\fBTapDevice = \fIdevice\fR
The ethertap device to use. Note that you can only use one device per
daemon. The info pages of the tinc package contain more information
about configuring an ethertap device for linux.
.PP
.SH "FILES"
.TP
\fI/etc/tinc/\fR
The top directory for configuration files.
.TP
\fI/etc/tinc/\fBnn\fI/tincd.conf\fR
The default name of the configuration file for net
\fBnn\fR.
.TP
\fI/etc/tinc/\fBnn\fI/passphrases/\fR
Passphrases are kept in this directory. (See the section
\fBPASSPHRASES\fR above).
.PP
.SH "SEE ALSO"
\fBtincd\fR(8), \fBgenauth\fR(8)
.PP
The full documentation for
.B tinc
is maintained as a Texinfo manual. If the
.B info
and
.B tinc
programs are properly installed at your site, the command
.IP
.B info tinc
.PP
should give you access to the complete manual.
.PP
tinc comes with ABSOLUTELY NO WARRANTY. This is free software,
and you are welcome to redistribute it under certain conditions;
see the file COPYING for details.

40
doc/tincd.conf.sample Normal file
View file

@ -0,0 +1,40 @@
# Sample tinc configuration file
# This is a comment.
# Lines can have a maximum of 80 characters.
# Spaces and tabs are eliminated.
# The = sign isn't strictly necessary any longer, though you may want
# to leave it in as it improves readability :)
# Variable names are treated case insensitive.
# The internet host to connect with
# comment these out to make yourself a listen-only connection
# You may use an IP address or its FQDN.
ConnectTo = 1.2.3.4
# Connect to which port of the `ConnectTo' host
# It is advised that you only connect to ports that are < 1024,
# because some malicious (non-root) user may run a fake tincd on ports
# above 1024.
# The default port is 655, the port that has been assigned to tinc
# by the IANA. If you want tincd to listen on any other port than 655,
# you can use ListenPort for the `server', and ConnectPort for the
# `client'.
# You may use the prefixes 0x or 0 to denote a hexadecimal or octal
# number respectively.
ConnectPort = 0x300
# Listen on which port
ListenPort = 200
# My own VPN IP
# You may use the /nn notation to indicate the number of bits used for
# the mask, /8 is equivalent to the netmask 255.0.0.0 (the first 8
# bits are set to 1).
MyOwnVPNIP = 10.x.x.x/8
# Which local file?
# Default is /dev/tap0
TapDevice = /dev/tap1

20
doc/tincd.x Normal file
View file

@ -0,0 +1,20 @@
[DESCRIPTION]
." Add any additional description here
This is the daemon part of tinc. tinc is a secure virtual private
network (VPN) project.
.SH OPTIONS
[FILES]
.TP
\fI/etc/tinc\fR
The top directory for configuration files.
.PP
[SEE ALSO]
\fBtincd.conf\fR(5)
.TP
\fBhttp://www.cabal.org/\fR

251
install-sh Normal file
View file

@ -0,0 +1,251 @@
#!/bin/sh
#
# install - install a program, script, or datafile
# This comes from X11R5 (mit/util/scripts/install.sh).
#
# Copyright 1991 by the Massachusetts Institute of Technology
#
# Permission to use, copy, modify, distribute, and sell this software and its
# documentation for any purpose is hereby granted without fee, provided that
# the above copyright notice appear in all copies and that both that
# copyright notice and this permission notice appear in supporting
# documentation, and that the name of M.I.T. not be used in advertising or
# publicity pertaining to distribution of the software without specific,
# written prior permission. M.I.T. makes no representations about the
# suitability of this software for any purpose. It is provided "as is"
# without express or implied warranty.
#
# Calling this script install-sh is preferred over install.sh, to prevent
# `make' implicit rules from creating a file called install from it
# when there is no Makefile.
#
# This script is compatible with the BSD install script, but was written
# from scratch. It can only install one file at a time, a restriction
# shared with many OS's install programs.
# set DOITPROG to echo to test this script
# Don't use :- since 4.3BSD and earlier shells don't like it.
doit="${DOITPROG-}"
# put in absolute paths if you don't have them in your path; or use env. vars.
mvprog="${MVPROG-mv}"
cpprog="${CPPROG-cp}"
chmodprog="${CHMODPROG-chmod}"
chownprog="${CHOWNPROG-chown}"
chgrpprog="${CHGRPPROG-chgrp}"
stripprog="${STRIPPROG-strip}"
rmprog="${RMPROG-rm}"
mkdirprog="${MKDIRPROG-mkdir}"
transformbasename=""
transform_arg=""
instcmd="$mvprog"
chmodcmd="$chmodprog 0755"
chowncmd=""
chgrpcmd=""
stripcmd=""
rmcmd="$rmprog -f"
mvcmd="$mvprog"
src=""
dst=""
dir_arg=""
while [ x"$1" != x ]; do
case $1 in
-c) instcmd="$cpprog"
shift
continue;;
-d) dir_arg=true
shift
continue;;
-m) chmodcmd="$chmodprog $2"
shift
shift
continue;;
-o) chowncmd="$chownprog $2"
shift
shift
continue;;
-g) chgrpcmd="$chgrpprog $2"
shift
shift
continue;;
-s) stripcmd="$stripprog"
shift
continue;;
-t=*) transformarg=`echo $1 | sed 's/-t=//'`
shift
continue;;
-b=*) transformbasename=`echo $1 | sed 's/-b=//'`
shift
continue;;
*) if [ x"$src" = x ]
then
src=$1
else
# this colon is to work around a 386BSD /bin/sh bug
:
dst=$1
fi
shift
continue;;
esac
done
if [ x"$src" = x ]
then
echo "install: no input file specified"
exit 1
else
true
fi
if [ x"$dir_arg" != x ]; then
dst=$src
src=""
if [ -d $dst ]; then
instcmd=:
chmodcmd=""
else
instcmd=mkdir
fi
else
# Waiting for this to be detected by the "$instcmd $src $dsttmp" command
# might cause directories to be created, which would be especially bad
# if $src (and thus $dsttmp) contains '*'.
if [ -f $src -o -d $src ]
then
true
else
echo "install: $src does not exist"
exit 1
fi
if [ x"$dst" = x ]
then
echo "install: no destination specified"
exit 1
else
true
fi
# If destination is a directory, append the input filename; if your system
# does not like double slashes in filenames, you may need to add some logic
if [ -d $dst ]
then
dst="$dst"/`basename $src`
else
true
fi
fi
## this sed command emulates the dirname command
dstdir=`echo $dst | sed -e 's,[^/]*$,,;s,/$,,;s,^$,.,'`
# Make sure that the destination directory exists.
# this part is taken from Noah Friedman's mkinstalldirs script
# Skip lots of stat calls in the usual case.
if [ ! -d "$dstdir" ]; then
defaultIFS='
'
IFS="${IFS-${defaultIFS}}"
oIFS="${IFS}"
# Some sh's can't handle IFS=/ for some reason.
IFS='%'
set - `echo ${dstdir} | sed -e 's@/@%@g' -e 's@^%@/@'`
IFS="${oIFS}"
pathcomp=''
while [ $# -ne 0 ] ; do
pathcomp="${pathcomp}${1}"
shift
if [ ! -d "${pathcomp}" ] ;
then
$mkdirprog "${pathcomp}"
else
true
fi
pathcomp="${pathcomp}/"
done
fi
if [ x"$dir_arg" != x ]
then
$doit $instcmd $dst &&
if [ x"$chowncmd" != x ]; then $doit $chowncmd $dst; else true ; fi &&
if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dst; else true ; fi &&
if [ x"$stripcmd" != x ]; then $doit $stripcmd $dst; else true ; fi &&
if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dst; else true ; fi
else
# If we're going to rename the final executable, determine the name now.
if [ x"$transformarg" = x ]
then
dstfile=`basename $dst`
else
dstfile=`basename $dst $transformbasename |
sed $transformarg`$transformbasename
fi
# don't allow the sed command to completely eliminate the filename
if [ x"$dstfile" = x ]
then
dstfile=`basename $dst`
else
true
fi
# Make a temp file name in the proper directory.
dsttmp=$dstdir/#inst.$$#
# Move or copy the file name to the temp name
$doit $instcmd $src $dsttmp &&
trap "rm -f ${dsttmp}" 0 &&
# and set any options; do chmod last to preserve setuid bits
# If any of these fail, we abort the whole thing. If we want to
# ignore errors from any of these, just make sure not to ignore
# errors from the above "$doit $instcmd $src $dsttmp" command.
if [ x"$chowncmd" != x ]; then $doit $chowncmd $dsttmp; else true;fi &&
if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dsttmp; else true;fi &&
if [ x"$stripcmd" != x ]; then $doit $stripcmd $dsttmp; else true;fi &&
if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dsttmp; else true;fi &&
# Now rename the file to the real destination.
$doit $rmcmd -f $dstdir/$dstfile &&
$doit $mvcmd $dsttmp $dstdir/$dstfile
fi &&
exit 0

14
lib/Makefile.am Normal file
View file

@ -0,0 +1,14 @@
## Process this file with automake to produce Makefile.in
noinst_LIBRARIES = libvpn.a
INCLUDES = -I. -I$(top_builddir)
libvpn_a_SOURCES = xmalloc.c pidfile.c utils.c
libvpn_a_LIBADD = @LIBOBJS@ @ALLOCA@
libvpn_a_DEPENDENCIES = $(libvpn_a_LIBADD)
noinst_HEADERS = xalloc.h pidfile.h utils.h
EXTRA_DIST = README

1
lib/README Normal file
View file

@ -0,0 +1 @@
The files in this directory were merely copied from fileutils 4.0.

494
lib/alloca.c Normal file
View file

@ -0,0 +1,494 @@
/* alloca.c -- allocate automatically reclaimed memory
(Mostly) portable public-domain implementation -- D A Gwyn
This implementation of the PWB library alloca function,
which is used to allocate space off the run-time stack so
that it is automatically reclaimed upon procedure exit,
was inspired by discussions with J. Q. Johnson of Cornell.
J.Otto Tennant <jot@cray.com> contributed the Cray support.
There are some preprocessor constants that can
be defined when compiling for your specific system, for
improved efficiency; however, the defaults should be okay.
The general concept of this implementation is to keep
track of all alloca-allocated blocks, and reclaim any
that are found to be deeper in the stack than the current
invocation. This heuristic does not reclaim storage as
soon as it becomes invalid, but it will do so eventually.
As a special case, alloca(0) reclaims storage without
allocating any. It is a good idea to use alloca(0) in
your main control loop, etc. to force garbage collection. */
#ifdef HAVE_CONFIG_H
# include <config.h>
#endif
#ifdef emacs
# include "blockinput.h"
#endif
/* If compiling with GCC 2, this file's not needed. */
#if !defined (__GNUC__) || __GNUC__ < 2
/* If someone has defined alloca as a macro,
there must be some other way alloca is supposed to work. */
# ifndef alloca
# ifdef emacs
# ifdef static
/* actually, only want this if static is defined as ""
-- this is for usg, in which emacs must undefine static
in order to make unexec workable
*/
# ifndef STACK_DIRECTION
you
lose
-- must know STACK_DIRECTION at compile-time
# endif /* STACK_DIRECTION undefined */
# endif /* static */
# endif /* emacs */
/* If your stack is a linked list of frames, you have to
provide an "address metric" ADDRESS_FUNCTION macro. */
# if defined (CRAY) && defined (CRAY_STACKSEG_END)
long i00afunc ();
# define ADDRESS_FUNCTION(arg) (char *) i00afunc (&(arg))
# else
# define ADDRESS_FUNCTION(arg) &(arg)
# endif
# if __STDC__
typedef void *pointer;
# else
typedef char *pointer;
# endif
# ifndef NULL
# define NULL 0
# endif
/* Different portions of Emacs need to call different versions of
malloc. The Emacs executable needs alloca to call xmalloc, because
ordinary malloc isn't protected from input signals. On the other
hand, the utilities in lib-src need alloca to call malloc; some of
them are very simple, and don't have an xmalloc routine.
Non-Emacs programs expect this to call xmalloc.
Callers below should use malloc. */
# ifndef emacs
# define malloc xmalloc
# endif
extern pointer malloc ();
/* Define STACK_DIRECTION if you know the direction of stack
growth for your system; otherwise it will be automatically
deduced at run-time.
STACK_DIRECTION > 0 => grows toward higher addresses
STACK_DIRECTION < 0 => grows toward lower addresses
STACK_DIRECTION = 0 => direction of growth unknown */
# ifndef STACK_DIRECTION
# define STACK_DIRECTION 0 /* Direction unknown. */
# endif
# if STACK_DIRECTION != 0
# define STACK_DIR STACK_DIRECTION /* Known at compile-time. */
# else /* STACK_DIRECTION == 0; need run-time code. */
static int stack_dir; /* 1 or -1 once known. */
# define STACK_DIR stack_dir
static void
find_stack_direction ()
{
static char *addr = NULL; /* Address of first `dummy', once known. */
auto char dummy; /* To get stack address. */
if (addr == NULL)
{ /* Initial entry. */
addr = ADDRESS_FUNCTION (dummy);
find_stack_direction (); /* Recurse once. */
}
else
{
/* Second entry. */
if (ADDRESS_FUNCTION (dummy) > addr)
stack_dir = 1; /* Stack grew upward. */
else
stack_dir = -1; /* Stack grew downward. */
}
}
# endif /* STACK_DIRECTION == 0 */
/* An "alloca header" is used to:
(a) chain together all alloca'ed blocks;
(b) keep track of stack depth.
It is very important that sizeof(header) agree with malloc
alignment chunk size. The following default should work okay. */
# ifndef ALIGN_SIZE
# define ALIGN_SIZE sizeof(double)
# endif
typedef union hdr
{
char align[ALIGN_SIZE]; /* To force sizeof(header). */
struct
{
union hdr *next; /* For chaining headers. */
char *deep; /* For stack depth measure. */
} h;
} header;
static header *last_alloca_header = NULL; /* -> last alloca header. */
/* Return a pointer to at least SIZE bytes of storage,
which will be automatically reclaimed upon exit from
the procedure that called alloca. Originally, this space
was supposed to be taken from the current stack frame of the
caller, but that method cannot be made to work for some
implementations of C, for example under Gould's UTX/32. */
pointer
alloca (size)
unsigned size;
{
auto char probe; /* Probes stack depth: */
register char *depth = ADDRESS_FUNCTION (probe);
# if STACK_DIRECTION == 0
if (STACK_DIR == 0) /* Unknown growth direction. */
find_stack_direction ();
# endif
/* Reclaim garbage, defined as all alloca'd storage that
was allocated from deeper in the stack than currently. */
{
register header *hp; /* Traverses linked list. */
# ifdef emacs
BLOCK_INPUT;
# endif
for (hp = last_alloca_header; hp != NULL;)
if ((STACK_DIR > 0 && hp->h.deep > depth)
|| (STACK_DIR < 0 && hp->h.deep < depth))
{
register header *np = hp->h.next;
free ((pointer) hp); /* Collect garbage. */
hp = np; /* -> next header. */
}
else
break; /* Rest are not deeper. */
last_alloca_header = hp; /* -> last valid storage. */
# ifdef emacs
UNBLOCK_INPUT;
# endif
}
if (size == 0)
return NULL; /* No allocation required. */
/* Allocate combined header + user data storage. */
{
register pointer new = malloc (sizeof (header) + size);
/* Address of header. */
((header *) new)->h.next = last_alloca_header;
((header *) new)->h.deep = depth;
last_alloca_header = (header *) new;
/* User storage begins just after header. */
return (pointer) ((char *) new + sizeof (header));
}
}
# if defined (CRAY) && defined (CRAY_STACKSEG_END)
# ifdef DEBUG_I00AFUNC
# include <stdio.h>
# endif
# ifndef CRAY_STACK
# define CRAY_STACK
# ifndef CRAY2
/* Stack structures for CRAY-1, CRAY X-MP, and CRAY Y-MP */
struct stack_control_header
{
long shgrow:32; /* Number of times stack has grown. */
long shaseg:32; /* Size of increments to stack. */
long shhwm:32; /* High water mark of stack. */
long shsize:32; /* Current size of stack (all segments). */
};
/* The stack segment linkage control information occurs at
the high-address end of a stack segment. (The stack
grows from low addresses to high addresses.) The initial
part of the stack segment linkage control information is
0200 (octal) words. This provides for register storage
for the routine which overflows the stack. */
struct stack_segment_linkage
{
long ss[0200]; /* 0200 overflow words. */
long sssize:32; /* Number of words in this segment. */
long ssbase:32; /* Offset to stack base. */
long:32;
long sspseg:32; /* Offset to linkage control of previous
segment of stack. */
long:32;
long sstcpt:32; /* Pointer to task common address block. */
long sscsnm; /* Private control structure number for
microtasking. */
long ssusr1; /* Reserved for user. */
long ssusr2; /* Reserved for user. */
long sstpid; /* Process ID for pid based multi-tasking. */
long ssgvup; /* Pointer to multitasking thread giveup. */
long sscray[7]; /* Reserved for Cray Research. */
long ssa0;
long ssa1;
long ssa2;
long ssa3;
long ssa4;
long ssa5;
long ssa6;
long ssa7;
long sss0;
long sss1;
long sss2;
long sss3;
long sss4;
long sss5;
long sss6;
long sss7;
};
# else /* CRAY2 */
/* The following structure defines the vector of words
returned by the STKSTAT library routine. */
struct stk_stat
{
long now; /* Current total stack size. */
long maxc; /* Amount of contiguous space which would
be required to satisfy the maximum
stack demand to date. */
long high_water; /* Stack high-water mark. */
long overflows; /* Number of stack overflow ($STKOFEN) calls. */
long hits; /* Number of internal buffer hits. */
long extends; /* Number of block extensions. */
long stko_mallocs; /* Block allocations by $STKOFEN. */
long underflows; /* Number of stack underflow calls ($STKRETN). */
long stko_free; /* Number of deallocations by $STKRETN. */
long stkm_free; /* Number of deallocations by $STKMRET. */
long segments; /* Current number of stack segments. */
long maxs; /* Maximum number of stack segments so far. */
long pad_size; /* Stack pad size. */
long current_address; /* Current stack segment address. */
long current_size; /* Current stack segment size. This
number is actually corrupted by STKSTAT to
include the fifteen word trailer area. */
long initial_address; /* Address of initial segment. */
long initial_size; /* Size of initial segment. */
};
/* The following structure describes the data structure which trails
any stack segment. I think that the description in 'asdef' is
out of date. I only describe the parts that I am sure about. */
struct stk_trailer
{
long this_address; /* Address of this block. */
long this_size; /* Size of this block (does not include
this trailer). */
long unknown2;
long unknown3;
long link; /* Address of trailer block of previous
segment. */
long unknown5;
long unknown6;
long unknown7;
long unknown8;
long unknown9;
long unknown10;
long unknown11;
long unknown12;
long unknown13;
long unknown14;
};
# endif /* CRAY2 */
# endif /* not CRAY_STACK */
# ifdef CRAY2
/* Determine a "stack measure" for an arbitrary ADDRESS.
I doubt that "lint" will like this much. */
static long
i00afunc (long *address)
{
struct stk_stat status;
struct stk_trailer *trailer;
long *block, size;
long result = 0;
/* We want to iterate through all of the segments. The first
step is to get the stack status structure. We could do this
more quickly and more directly, perhaps, by referencing the
$LM00 common block, but I know that this works. */
STKSTAT (&status);
/* Set up the iteration. */
trailer = (struct stk_trailer *) (status.current_address
+ status.current_size
- 15);
/* There must be at least one stack segment. Therefore it is
a fatal error if "trailer" is null. */
if (trailer == 0)
abort ();
/* Discard segments that do not contain our argument address. */
while (trailer != 0)
{
block = (long *) trailer->this_address;
size = trailer->this_size;
if (block == 0 || size == 0)
abort ();
trailer = (struct stk_trailer *) trailer->link;
if ((block <= address) && (address < (block + size)))
break;
}
/* Set the result to the offset in this segment and add the sizes
of all predecessor segments. */
result = address - block;
if (trailer == 0)
{
return result;
}
do
{
if (trailer->this_size <= 0)
abort ();
result += trailer->this_size;
trailer = (struct stk_trailer *) trailer->link;
}
while (trailer != 0);
/* We are done. Note that if you present a bogus address (one
not in any segment), you will get a different number back, formed
from subtracting the address of the first block. This is probably
not what you want. */
return (result);
}
# else /* not CRAY2 */
/* Stack address function for a CRAY-1, CRAY X-MP, or CRAY Y-MP.
Determine the number of the cell within the stack,
given the address of the cell. The purpose of this
routine is to linearize, in some sense, stack addresses
for alloca. */
static long
i00afunc (long address)
{
long stkl = 0;
long size, pseg, this_segment, stack;
long result = 0;
struct stack_segment_linkage *ssptr;
/* Register B67 contains the address of the end of the
current stack segment. If you (as a subprogram) store
your registers on the stack and find that you are past
the contents of B67, you have overflowed the segment.
B67 also points to the stack segment linkage control
area, which is what we are really interested in. */
stkl = CRAY_STACKSEG_END ();
ssptr = (struct stack_segment_linkage *) stkl;
/* If one subtracts 'size' from the end of the segment,
one has the address of the first word of the segment.
If this is not the first segment, 'pseg' will be
nonzero. */
pseg = ssptr->sspseg;
size = ssptr->sssize;
this_segment = stkl - size;
/* It is possible that calling this routine itself caused
a stack overflow. Discard stack segments which do not
contain the target address. */
while (!(this_segment <= address && address <= stkl))
{
# ifdef DEBUG_I00AFUNC
fprintf (stderr, "%011o %011o %011o\n", this_segment, address, stkl);
# endif
if (pseg == 0)
break;
stkl = stkl - pseg;
ssptr = (struct stack_segment_linkage *) stkl;
size = ssptr->sssize;
pseg = ssptr->sspseg;
this_segment = stkl - size;
}
result = address - this_segment;
/* If you subtract pseg from the current end of the stack,
you get the address of the previous stack segment's end.
This seems a little convoluted to me, but I'll bet you save
a cycle somewhere. */
while (pseg != 0)
{
# ifdef DEBUG_I00AFUNC
fprintf (stderr, "%011o %011o\n", pseg, size);
# endif
stkl = stkl - pseg;
ssptr = (struct stack_segment_linkage *) stkl;
size = ssptr->sssize;
pseg = ssptr->sspseg;
result += size;
}
return (result);
}
# endif /* not CRAY2 */
# endif /* CRAY */
# endif /* no alloca */
#endif /* not GCC version 2 */

39
lib/malloc.c Normal file
View file

@ -0,0 +1,39 @@
/* Work around bug on some systems where malloc (0) fails.
Copyright (C) 1997 Free Software Foundation, Inc.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2, or (at your option)
any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software Foundation,
Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */
/* written by Jim Meyering */
#if HAVE_CONFIG_H
# include <config.h>
#endif
#undef malloc
#include <sys/types.h>
char *malloc ();
/* Allocate an N-byte block of memory from the heap.
If N is zero, allocate a 1-byte block. */
char *
rpl_malloc (n)
size_t n;
{
if (n == 0)
n = 1;
return malloc (n);
}

391
lib/memcmp.c Normal file
View file

@ -0,0 +1,391 @@
/* Copyright (C) 1991, 1993, 1995, 1997, 1998 Free Software Foundation, Inc.
Contributed by Torbjorn Granlund (tege@sics.se).
NOTE: The canonical source of this file is maintained with the GNU C Library.
Bugs can be reported to bug-glibc@prep.ai.mit.edu.
This program is free software; you can redistribute it and/or modify it
under the terms of the GNU General Public License as published by the
Free Software Foundation; either version 2, or (at your option) any
later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
USA. */
#ifdef HAVE_CONFIG_H
# include "config.h"
#endif
#undef __ptr_t
#if defined __cplusplus || (defined __STDC__ && __STDC__)
# define __ptr_t void *
#else /* Not C++ or ANSI C. */
# undef const
# define const
# define __ptr_t char *
#endif /* C++ or ANSI C. */
#ifndef __P
# if defined __GNUC__ || (defined __STDC__ && __STDC__)
# define __P(args) args
# else
# define __P(args) ()
# endif /* GCC. */
#endif /* Not __P. */
#if defined HAVE_STRING_H || defined _LIBC
# include <string.h>
#endif
#undef memcmp
#ifdef _LIBC
# include <memcopy.h>
#else /* Not in the GNU C library. */
# include <sys/types.h>
/* Type to use for aligned memory operations.
This should normally be the biggest type supported by a single load
and store. Must be an unsigned type. */
# define op_t unsigned long int
# define OPSIZ (sizeof(op_t))
/* Threshold value for when to enter the unrolled loops. */
# define OP_T_THRES 16
/* Type to use for unaligned operations. */
typedef unsigned char byte;
# ifndef WORDS_BIGENDIAN
# define MERGE(w0, sh_1, w1, sh_2) (((w0) >> (sh_1)) | ((w1) << (sh_2)))
# else
# define MERGE(w0, sh_1, w1, sh_2) (((w0) << (sh_1)) | ((w1) >> (sh_2)))
# endif
#endif /* In the GNU C library. */
#ifdef WORDS_BIGENDIAN
# define CMP_LT_OR_GT(a, b) ((a) > (b) ? 1 : -1)
#else
# define CMP_LT_OR_GT(a, b) memcmp_bytes ((a), (b))
#endif
/* BE VERY CAREFUL IF YOU CHANGE THIS CODE! */
/* The strategy of this memcmp is:
1. Compare bytes until one of the block pointers is aligned.
2. Compare using memcmp_common_alignment or
memcmp_not_common_alignment, regarding the alignment of the other
block after the initial byte operations. The maximum number of
full words (of type op_t) are compared in this way.
3. Compare the few remaining bytes. */
#ifndef WORDS_BIGENDIAN
/* memcmp_bytes -- Compare A and B bytewise in the byte order of the machine.
A and B are known to be different.
This is needed only on little-endian machines. */
static int memcmp_bytes __P((op_t, op_t));
# ifdef __GNUC__
__inline
# endif
static int
memcmp_bytes (a, b)
op_t a, b;
{
long int srcp1 = (long int) &a;
long int srcp2 = (long int) &b;
op_t a0, b0;
do
{
a0 = ((byte *) srcp1)[0];
b0 = ((byte *) srcp2)[0];
srcp1 += 1;
srcp2 += 1;
}
while (a0 == b0);
return a0 - b0;
}
#endif
static int memcmp_common_alignment __P((long, long, size_t));
/* memcmp_common_alignment -- Compare blocks at SRCP1 and SRCP2 with LEN `op_t'
objects (not LEN bytes!). Both SRCP1 and SRCP2 should be aligned for
memory operations on `op_t's. */
#ifdef __GNUC__
__inline
#endif
static int
memcmp_common_alignment (srcp1, srcp2, len)
long int srcp1;
long int srcp2;
size_t len;
{
op_t a0, a1;
op_t b0, b1;
switch (len % 4)
{
default: /* Avoid warning about uninitialized local variables. */
case 2:
a0 = ((op_t *) srcp1)[0];
b0 = ((op_t *) srcp2)[0];
srcp1 -= 2 * OPSIZ;
srcp2 -= 2 * OPSIZ;
len += 2;
goto do1;
case 3:
a1 = ((op_t *) srcp1)[0];
b1 = ((op_t *) srcp2)[0];
srcp1 -= OPSIZ;
srcp2 -= OPSIZ;
len += 1;
goto do2;
case 0:
if (OP_T_THRES <= 3 * OPSIZ && len == 0)
return 0;
a0 = ((op_t *) srcp1)[0];
b0 = ((op_t *) srcp2)[0];
goto do3;
case 1:
a1 = ((op_t *) srcp1)[0];
b1 = ((op_t *) srcp2)[0];
srcp1 += OPSIZ;
srcp2 += OPSIZ;
len -= 1;
if (OP_T_THRES <= 3 * OPSIZ && len == 0)
goto do0;
/* Fall through. */
}
do
{
a0 = ((op_t *) srcp1)[0];
b0 = ((op_t *) srcp2)[0];
if (a1 != b1)
return CMP_LT_OR_GT (a1, b1);
do3:
a1 = ((op_t *) srcp1)[1];
b1 = ((op_t *) srcp2)[1];
if (a0 != b0)
return CMP_LT_OR_GT (a0, b0);
do2:
a0 = ((op_t *) srcp1)[2];
b0 = ((op_t *) srcp2)[2];
if (a1 != b1)
return CMP_LT_OR_GT (a1, b1);
do1:
a1 = ((op_t *) srcp1)[3];
b1 = ((op_t *) srcp2)[3];
if (a0 != b0)
return CMP_LT_OR_GT (a0, b0);
srcp1 += 4 * OPSIZ;
srcp2 += 4 * OPSIZ;
len -= 4;
}
while (len != 0);
/* This is the right position for do0. Please don't move
it into the loop. */
do0:
if (a1 != b1)
return CMP_LT_OR_GT (a1, b1);
return 0;
}
static int memcmp_not_common_alignment __P((long, long, size_t));
/* memcmp_not_common_alignment -- Compare blocks at SRCP1 and SRCP2 with LEN
`op_t' objects (not LEN bytes!). SRCP2 should be aligned for memory
operations on `op_t', but SRCP1 *should be unaligned*. */
#ifdef __GNUC__
__inline
#endif
static int
memcmp_not_common_alignment (srcp1, srcp2, len)
long int srcp1;
long int srcp2;
size_t len;
{
op_t a0, a1, a2, a3;
op_t b0, b1, b2, b3;
op_t x;
int shl, shr;
/* Calculate how to shift a word read at the memory operation
aligned srcp1 to make it aligned for comparison. */
shl = 8 * (srcp1 % OPSIZ);
shr = 8 * OPSIZ - shl;
/* Make SRCP1 aligned by rounding it down to the beginning of the `op_t'
it points in the middle of. */
srcp1 &= -OPSIZ;
switch (len % 4)
{
default: /* Avoid warning about uninitialized local variables. */
case 2:
a1 = ((op_t *) srcp1)[0];
a2 = ((op_t *) srcp1)[1];
b2 = ((op_t *) srcp2)[0];
srcp1 -= 1 * OPSIZ;
srcp2 -= 2 * OPSIZ;
len += 2;
goto do1;
case 3:
a0 = ((op_t *) srcp1)[0];
a1 = ((op_t *) srcp1)[1];
b1 = ((op_t *) srcp2)[0];
srcp2 -= 1 * OPSIZ;
len += 1;
goto do2;
case 0:
if (OP_T_THRES <= 3 * OPSIZ && len == 0)
return 0;
a3 = ((op_t *) srcp1)[0];
a0 = ((op_t *) srcp1)[1];
b0 = ((op_t *) srcp2)[0];
srcp1 += 1 * OPSIZ;
goto do3;
case 1:
a2 = ((op_t *) srcp1)[0];
a3 = ((op_t *) srcp1)[1];
b3 = ((op_t *) srcp2)[0];
srcp1 += 2 * OPSIZ;
srcp2 += 1 * OPSIZ;
len -= 1;
if (OP_T_THRES <= 3 * OPSIZ && len == 0)
goto do0;
/* Fall through. */
}
do
{
a0 = ((op_t *) srcp1)[0];
b0 = ((op_t *) srcp2)[0];
x = MERGE(a2, shl, a3, shr);
if (x != b3)
return CMP_LT_OR_GT (x, b3);
do3:
a1 = ((op_t *) srcp1)[1];
b1 = ((op_t *) srcp2)[1];
x = MERGE(a3, shl, a0, shr);
if (x != b0)
return CMP_LT_OR_GT (x, b0);
do2:
a2 = ((op_t *) srcp1)[2];
b2 = ((op_t *) srcp2)[2];
x = MERGE(a0, shl, a1, shr);
if (x != b1)
return CMP_LT_OR_GT (x, b1);
do1:
a3 = ((op_t *) srcp1)[3];
b3 = ((op_t *) srcp2)[3];
x = MERGE(a1, shl, a2, shr);
if (x != b2)
return CMP_LT_OR_GT (x, b2);
srcp1 += 4 * OPSIZ;
srcp2 += 4 * OPSIZ;
len -= 4;
}
while (len != 0);
/* This is the right position for do0. Please don't move
it into the loop. */
do0:
x = MERGE(a2, shl, a3, shr);
if (x != b3)
return CMP_LT_OR_GT (x, b3);
return 0;
}
int
rpl_memcmp (s1, s2, len)
const __ptr_t s1;
const __ptr_t s2;
size_t len;
{
op_t a0;
op_t b0;
long int srcp1 = (long int) s1;
long int srcp2 = (long int) s2;
op_t res;
if (len >= OP_T_THRES)
{
/* There are at least some bytes to compare. No need to test
for LEN == 0 in this alignment loop. */
while (srcp2 % OPSIZ != 0)
{
a0 = ((byte *) srcp1)[0];
b0 = ((byte *) srcp2)[0];
srcp1 += 1;
srcp2 += 1;
res = a0 - b0;
if (res != 0)
return res;
len -= 1;
}
/* SRCP2 is now aligned for memory operations on `op_t'.
SRCP1 alignment determines if we can do a simple,
aligned compare or need to shuffle bits. */
if (srcp1 % OPSIZ == 0)
res = memcmp_common_alignment (srcp1, srcp2, len / OPSIZ);
else
res = memcmp_not_common_alignment (srcp1, srcp2, len / OPSIZ);
if (res != 0)
return res;
/* Number of bytes remaining in the interval [0..OPSIZ-1]. */
srcp1 += len & -OPSIZ;
srcp2 += len & -OPSIZ;
len %= OPSIZ;
}
/* There are just a few bytes to compare. Use byte memory operations. */
while (len != 0)
{
a0 = ((byte *) srcp1)[0];
b0 = ((byte *) srcp2)[0];
srcp1 += 1;
srcp2 += 1;
res = a0 - b0;
if (res != 0)
return res;
len -= 1;
}
return 0;
}
#ifdef weak_alias
# undef bcmp
weak_alias (memcmp, bcmp)
#endif

131
lib/pidfile.c Normal file
View file

@ -0,0 +1,131 @@
/*
pidfile.c - interact with pidfiles
Copyright (c) 1995 Martin Schulze <Martin.Schulze@Linux.DE>
This file is part of the sysklogd package, a kernel and system log daemon.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111, USA
*/
/* left unaltered for tinc -- Ivo Timmermans */
/*
* Sat Aug 19 13:24:33 MET DST 1995: Martin Schulze
* First version (v0.2) released
*/
#include <stdio.h>
#include <unistd.h>
#include <sys/stat.h>
#include <sys/file.h>
#include <string.h>
#include <errno.h>
#include <signal.h>
/* read_pid
*
* Reads the specified pidfile and returns the read pid.
* 0 is returned if either there's no pidfile, it's empty
* or no pid can be read.
*/
int read_pid (char *pidfile)
{
FILE *f;
int pid;
if (!(f=fopen(pidfile,"r")))
return 0;
fscanf(f,"%d", &pid);
fclose(f);
return pid;
}
/* check_pid
*
* Reads the pid using read_pid and looks up the pid in the process
* table (using /proc) to determine if the process already exists. If
* so 1 is returned, otherwise 0.
*/
int check_pid (char *pidfile)
{
int pid = read_pid(pidfile);
/* Amazing ! _I_ am already holding the pid file... */
if ((!pid) || (pid == getpid ()))
return 0;
/*
* The 'standard' method of doing this is to try and do a 'fake' kill
* of the process. If an ESRCH error is returned the process cannot
* be found -- GW
*/
/* But... errno is usually changed only on error.. */
if (kill(pid, 0) && errno == ESRCH)
return(0);
return pid;
}
/* write_pid
*
* Writes the pid to the specified file. If that fails 0 is
* returned, otherwise the pid.
*/
int write_pid (char *pidfile)
{
FILE *f;
int fd;
int pid;
if ( ((fd = open(pidfile, O_RDWR|O_CREAT, 0644)) == -1)
|| ((f = fdopen(fd, "r+")) == NULL) ) {
fprintf(stderr, "Can't open or create %s.\n", pidfile);
return 0;
}
if (flock(fd, LOCK_EX|LOCK_NB) == -1) {
fscanf(f, "%d", &pid);
fclose(f);
printf("Can't lock, lock is held by pid %d.\n", pid);
return 0;
}
pid = getpid();
if (!fprintf(f,"%d\n", pid)) {
printf("Can't write pid , %s.\n", strerror(errno));
close(fd);
return 0;
}
fflush(f);
if (flock(fd, LOCK_UN) == -1) {
printf("Can't unlock pidfile %s, %s.\n", pidfile, strerror(errno));
close(fd);
return 0;
}
close(fd);
return pid;
}
/* remove_pid
*
* Remove the the specified file. The result from unlink(2)
* is returned
*/
int remove_pid (char *pidfile)
{
return unlink (pidfile);
}

50
lib/pidfile.h Normal file
View file

@ -0,0 +1,50 @@
/*
pidfile.h - interact with pidfiles
Copyright (c) 1995 Martin Schulze <Martin.Schulze@Linux.DE>
This file is part of the sysklogd package, a kernel and system log daemon.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111, USA.
*/
/* read_pid
*
* Reads the specified pidfile and returns the read pid.
* 0 is returned if either there's no pidfile, it's empty
* or no pid can be read.
*/
int read_pid (char *pidfile);
/* check_pid
*
* Reads the pid using read_pid and looks up the pid in the process
* table (using /proc) to determine if the process already exists. If
* so 1 is returned, otherwise 0.
*/
int check_pid (char *pidfile);
/* write_pid
*
* Writes the pid to the specified file. If that fails 0 is
* returned, otherwise the pid.
*/
int write_pid (char *pidfile);
/* remove_pid
*
* Remove the the specified file. The result from unlink(2)
* is returned
*/
int remove_pid (char *pidfile);

44
lib/realloc.c Normal file
View file

@ -0,0 +1,44 @@
/* Work around bug on some systems where realloc (NULL, 0) fails.
Copyright (C) 1997 Free Software Foundation, Inc.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2, or (at your option)
any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software Foundation,
Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */
/* written by Jim Meyering */
#if HAVE_CONFIG_H
# include <config.h>
#endif
#undef realloc
#include <sys/types.h>
char *malloc ();
char *realloc ();
/* Change the size of an allocated block of memory P to N bytes,
with error checking. If N is zero, change it to 1. If P is NULL,
use malloc. */
char *
rpl_realloc (p, n)
char *p;
size_t n;
{
if (n == 0)
n = 1;
if (p == 0)
return malloc (n);
return realloc (p, n);
}

26
lib/utils.c Normal file
View file

@ -0,0 +1,26 @@
/*
utils.c -- gathering of some stupid small functions
Copyright (C) 1999 Ivo Timmermans <zarq@iname.com>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
#include "config.h"
#include <utils.h>
volatile int cp_line;
volatile char *cp_file;

30
lib/utils.h Normal file
View file

@ -0,0 +1,30 @@
/*
utils.h -- header file for utils.c
Copyright (C) 1999 Ivo Timmermans <zarq@iname.com>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
#ifndef __TINC_UTILS_H__
#define __TINC_UTILS_H__
#define min(a,b) (((a)<(b))?(a):(b))
#define cp { cp_line = __LINE__; cp_file = __FILE__; }
extern volatile int cp_line;
extern volatile char *cp_file;
#endif /* __TINC_UTILS_H__ */

21
lib/xalloc.h Normal file
View file

@ -0,0 +1,21 @@
#ifndef PARAMS
# if defined PROTOTYPES || (defined __STDC__ && __STDC__)
# define PARAMS(Args) Args
# else
# define PARAMS(Args) ()
# endif
#endif
/* Exit value when the requested amount of memory is not available.
The caller may set it to some other value. */
extern int xalloc_exit_failure;
/* FIXME: describe */
extern char *const xalloc_msg_memory_exhausted;
/* FIXME: describe */
extern void (*xalloc_fail_func) ();
void *xmalloc PARAMS ((size_t n));
void *xcalloc PARAMS ((size_t n, size_t s));
void *xrealloc PARAMS ((void *p, size_t n));

133
lib/xmalloc.c Normal file
View file

@ -0,0 +1,133 @@
/* xmalloc.c -- malloc with out of memory checking
Copyright (C) 1990, 91, 92, 93, 94, 95, 96, 97 Free Software Foundation, Inc.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2, or (at your option)
any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software Foundation,
Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */
#if HAVE_CONFIG_H
# include <config.h>
#endif
#include <sys/types.h>
#if STDC_HEADERS
# include <stdlib.h>
#else
void *calloc ();
void *malloc ();
void *realloc ();
void free ();
#endif
#if ENABLE_NLS
# include <libintl.h>
# define _(Text) gettext (Text)
#else
# define textdomain(Domain)
# define _(Text) Text
#endif
#define N_(Text) Text
#include "error.h"
#include "xalloc.h"
#ifndef EXIT_FAILURE
# define EXIT_FAILURE 1
#endif
/* Prototypes for functions defined here. */
#if defined (__STDC__) && __STDC__
void *xmalloc (size_t n);
void *xcalloc (size_t n, size_t s);
void *xrealloc (void *p, size_t n);
#endif
#ifndef HAVE_DONE_WORKING_MALLOC_CHECK
you must run the autoconf test for a properly working malloc -- see malloc.m4
#endif
#ifndef HAVE_DONE_WORKING_REALLOC_CHECK
you must run the autoconf test for a properly working realloc -- see realloc.m4
#endif
/* Exit value when the requested amount of memory is not available.
The caller may set it to some other value. */
int xalloc_exit_failure = EXIT_FAILURE;
/* FIXME: describe */
char *const xalloc_msg_memory_exhausted = N_("Memory exhausted");
/* FIXME: describe */
void (*xalloc_fail_func) () = 0;
#if __STDC__ && (HAVE_VPRINTF || HAVE_DOPRNT)
void error (int, int, const char *, ...);
#else
void error ();
#endif
static void
xalloc_fail ()
{
if (xalloc_fail_func)
(*xalloc_fail_func) ();
error (xalloc_exit_failure, 0, xalloc_msg_memory_exhausted);
}
/* Allocate N bytes of memory dynamically, with error checking. */
void *
xmalloc (n)
size_t n;
{
void *p;
p = malloc (n);
if (p == 0)
xalloc_fail ();
return p;
}
/* Change the size of an allocated block of memory P to N bytes,
with error checking.
If P is NULL, run xmalloc. */
void *
xrealloc (p, n)
void *p;
size_t n;
{
p = realloc (p, n);
if (p == 0)
xalloc_fail ();
return p;
}
#ifdef NOT_USED
/* Allocate memory for N elements of S bytes, with error checking. */
void *
xcalloc (n, s)
size_t n, s;
{
void *p;
p = calloc (n, s);
if (p == 0)
xalloc_fail ();
return p;
}
#endif /* NOT_USED */

3017
ltconfig Normal file
View file

File diff suppressed because it is too large Load diff

3975
ltmain.sh Normal file
View file

File diff suppressed because it is too large Load diff

18
m4/Makefile.am Normal file
View file

@ -0,0 +1,18 @@
## Process this file with automake to produce Makefile.in -*-Makefile-*-
##m4-files-begin
EXTRA_DIST = README Makefile.am.in malloc.m4 perl.m4 realloc.m4
##m4-files-end
Makefile.am: Makefile.am.in
rm -f $@ $@t
sed -n '1,/^##m4-files-begin/p' $< > $@t
( echo EXTRA_DIST = README Makefile.am.in; \
find . -type f -name '*.m4' -print |sed 's,^\./,,' |sort ) \
|fmt | (tr '\012' @; echo) \
|sed 's/@$$/%/;s/@/ \\@/g' |tr @% '\012\012' \
>> $@t
sed -n '/^##m4-files-end/,$$p' $< >> $@t
chmod a-w $@t
mv $@t $@

16
m4/Makefile.am.in Normal file
View file

@ -0,0 +1,16 @@
## Process this file with automake to produce Makefile.in -*-Makefile-*-
##m4-files-begin
##m4-files-end
Makefile.am: Makefile.am.in
rm -f $@ $@t
sed -n '1,/^##m4-files-begin/p' $< > $@t
( echo EXTRA_DIST = README Makefile.am.in; \
find . -type f -name '*.m4' -print |sed 's,^\./,,' |sort ) \
|fmt | (tr '\012' @; echo) \
|sed 's/@$$/%/;s/@/ \\@/g' |tr @% '\012\012' \
>> $@t
sed -n '/^##m4-files-end/,$$p' $< >> $@t
chmod a-w $@t
mv $@t $@

8
m4/README Normal file
View file

@ -0,0 +1,8 @@
These files are used by a program called aclocal (part of the GNU automake
package). aclocal uses these files to create aclocal.m4 which is in turn
used by autoconf to create the configure script at the the top level in
this distribution.
The Makefile.am file in this directory is automatically generated
from the template file, Makefile.am.in. The generation will fail
if you don't have all the right tools.

44
m4/malloc.m4 Normal file
View file

@ -0,0 +1,44 @@
#serial 1
dnl From Jim Meyering.
dnl Determine whether malloc accepts 0 as its argument.
dnl If it doesn't, arrange to use the replacement function.
dnl
dnl If you use this macro in a package, you should
dnl add the following two lines to acconfig.h:
dnl /* Define to rpl_malloc if the replacement function should be used. */
dnl #undef malloc
dnl
AC_DEFUN(jm_FUNC_MALLOC,
[
if test x = y; then
dnl This code is deliberately never run via ./configure.
dnl FIXME: this is a gross hack to make autoheader put an entry
dnl for this symbol in config.h.in.
AC_CHECK_FUNCS(DONE_WORKING_MALLOC_CHECK)
fi
dnl xmalloc.c requires that this symbol be defined so it doesn't
dnl mistakenly use a broken malloc -- as it might if this test were omitted.
ac_kludge=HAVE_DONE_WORKING_MALLOC_CHECK
AC_DEFINE_UNQUOTED($ac_kludge)
AC_CACHE_CHECK([for working malloc], jm_cv_func_working_malloc,
[AC_TRY_RUN([
char *malloc ();
int
main ()
{
exit (malloc (0) ? 0 : 1);
}
],
jm_cv_func_working_malloc=yes,
jm_cv_func_working_malloc=no,
dnl When crosscompiling, assume malloc is broken.
jm_cv_func_working_malloc=no)
])
if test $jm_cv_func_working_malloc = no; then
LIBOBJS="$LIBOBJS malloc.o"
AC_DEFINE_UNQUOTED(malloc, rpl_malloc)
fi
])

39
m4/perl.m4 Normal file
View file

@ -0,0 +1,39 @@
#serial 1
dnl From Jim Meyering.
dnl Find a new-enough version of Perl.
dnl
AC_DEFUN(jm_PERL,
[
dnl FIXME: don't hard-code 5.003
dnl FIXME: should we cache the result?
AC_MSG_CHECKING([for perl5.003 or newer])
if test "${PERL+set}" = set; then
# `PERL' is set in the user's environment.
candidate_perl_names="$PERL"
perl_specified=yes
else
candidate_perl_names='perl perl5'
perl_specified=no
fi
found=no
AC_SUBST(PERL)
PERL="$missing_dir/missing perl"
for perl in $candidate_perl_names; do
# Run test in a subshell; some versions of sh will print an error if
# an executable is not found, even if stderr is redirected.
if ( $perl -e 'require 5.003' ) > /dev/null 2>&1; then
PERL=$perl
found=yes
break
fi
done
AC_MSG_RESULT($found)
test $found = no && AC_MSG_WARN([
*** You don't seem to have perl5.003 or newer installed.
*** Because of that, you may be unable to regenerate certain files
*** if you modify the sources from which they are derived.] )
])

44
m4/realloc.m4 Normal file
View file

@ -0,0 +1,44 @@
#serial 1
dnl From Jim Meyering.
dnl Determine whether realloc works when both arguments are 0.
dnl If it doesn't, arrange to use the replacement function.
dnl
dnl If you use this macro in a package, you should
dnl add the following two lines to acconfig.h:
dnl /* Define to rpl_realloc if the replacement function should be used. */
dnl #undef realloc
dnl
AC_DEFUN(jm_FUNC_REALLOC,
[
if test x = y; then
dnl This code is deliberately never run via ./configure.
dnl FIXME: this is a gross hack to make autoheader put an entry
dnl for this symbol in config.h.in.
AC_CHECK_FUNCS(DONE_WORKING_REALLOC_CHECK)
fi
dnl xmalloc.c requires that this symbol be defined so it doesn't
dnl mistakenly use a broken realloc -- as it might if this test were omitted.
ac_kludge=HAVE_DONE_WORKING_REALLOC_CHECK
AC_DEFINE_UNQUOTED($ac_kludge)
AC_CACHE_CHECK([for working realloc], jm_cv_func_working_realloc,
[AC_TRY_RUN([
char *realloc ();
int
main ()
{
exit (realloc (0, 0) ? 0 : 1);
}
],
jm_cv_func_working_realloc=yes,
jm_cv_func_working_realloc=no,
dnl When crosscompiling, assume realloc is broken.
jm_cv_func_working_realloc=no)
])
if test $jm_cv_func_working_realloc = no; then
LIBOBJS="$LIBOBJS realloc.o"
AC_DEFINE_UNQUOTED(realloc, rpl_realloc)
fi
])

190
missing Normal file
View file

@ -0,0 +1,190 @@
#! /bin/sh
# Common stub for a few missing GNU programs while installing.
# Copyright (C) 1996, 1997 Free Software Foundation, Inc.
# Franc,ois Pinard <pinard@iro.umontreal.ca>, 1996.
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2, or (at your option)
# any later version.
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
# 02111-1307, USA.
if test $# -eq 0; then
echo 1>&2 "Try \`$0 --help' for more information"
exit 1
fi
case "$1" in
-h|--h|--he|--hel|--help)
echo "\
$0 [OPTION]... PROGRAM [ARGUMENT]...
Handle \`PROGRAM [ARGUMENT]...' for when PROGRAM is missing, or return an
error status if there is no known handling for PROGRAM.
Options:
-h, --help display this help and exit
-v, --version output version information and exit
Supported PROGRAM values:
aclocal touch file \`aclocal.m4'
autoconf touch file \`configure'
autoheader touch file \`config.h.in'
automake touch all \`Makefile.in' files
bison create \`y.tab.[ch]', if possible, from existing .[ch]
flex create \`lex.yy.c', if possible, from existing .c
lex create \`lex.yy.c', if possible, from existing .c
makeinfo touch the output file
yacc create \`y.tab.[ch]', if possible, from existing .[ch]"
;;
-v|--v|--ve|--ver|--vers|--versi|--versio|--version)
echo "missing - GNU libit 0.0"
;;
-*)
echo 1>&2 "$0: Unknown \`$1' option"
echo 1>&2 "Try \`$0 --help' for more information"
exit 1
;;
aclocal)
echo 1>&2 "\
WARNING: \`$1' is missing on your system. You should only need it if
you modified \`acinclude.m4' or \`configure.in'. You might want
to install the \`Automake' and \`Perl' packages. Grab them from
any GNU archive site."
touch aclocal.m4
;;
autoconf)
echo 1>&2 "\
WARNING: \`$1' is missing on your system. You should only need it if
you modified \`configure.in'. You might want to install the
\`Autoconf' and \`GNU m4' packages. Grab them from any GNU
archive site."
touch configure
;;
autoheader)
echo 1>&2 "\
WARNING: \`$1' is missing on your system. You should only need it if
you modified \`acconfig.h' or \`configure.in'. You might want
to install the \`Autoconf' and \`GNU m4' packages. Grab them
from any GNU archive site."
files=`sed -n 's/^[ ]*A[CM]_CONFIG_HEADER(\([^)]*\)).*/\1/p' configure.in`
test -z "$files" && files="config.h"
touch_files=
for f in $files; do
case "$f" in
*:*) touch_files="$touch_files "`echo "$f" |
sed -e 's/^[^:]*://' -e 's/:.*//'`;;
*) touch_files="$touch_files $f.in";;
esac
done
touch $touch_files
;;
automake)
echo 1>&2 "\
WARNING: \`$1' is missing on your system. You should only need it if
you modified \`Makefile.am', \`acinclude.m4' or \`configure.in'.
You might want to install the \`Automake' and \`Perl' packages.
Grab them from any GNU archive site."
find . -type f -name Makefile.am -print |
sed 's/\.am$/.in/' |
while read f; do touch "$f"; done
;;
bison|yacc)
echo 1>&2 "\
WARNING: \`$1' is missing on your system. You should only need it if
you modified a \`.y' file. You may need the \`Bison' package
in order for those modifications to take effect. You can get
\`Bison' from any GNU archive site."
rm -f y.tab.c y.tab.h
if [ $# -ne 1 ]; then
eval LASTARG="\${$#}"
case "$LASTARG" in
*.y)
SRCFILE=`echo "$LASTARG" | sed 's/y$/c/'`
if [ -f "$SRCFILE" ]; then
cp "$SRCFILE" y.tab.c
fi
SRCFILE=`echo "$LASTARG" | sed 's/y$/h/'`
if [ -f "$SRCFILE" ]; then
cp "$SRCFILE" y.tab.h
fi
;;
esac
fi
if [ ! -f y.tab.h ]; then
echo >y.tab.h
fi
if [ ! -f y.tab.c ]; then
echo 'main() { return 0; }' >y.tab.c
fi
;;
lex|flex)
echo 1>&2 "\
WARNING: \`$1' is missing on your system. You should only need it if
you modified a \`.l' file. You may need the \`Flex' package
in order for those modifications to take effect. You can get
\`Flex' from any GNU archive site."
rm -f lex.yy.c
if [ $# -ne 1 ]; then
eval LASTARG="\${$#}"
case "$LASTARG" in
*.l)
SRCFILE=`echo "$LASTARG" | sed 's/l$/c/'`
if [ -f "$SRCFILE" ]; then
cp "$SRCFILE" lex.yy.c
fi
;;
esac
fi
if [ ! -f lex.yy.c ]; then
echo 'main() { return 0; }' >lex.yy.c
fi
;;
makeinfo)
echo 1>&2 "\
WARNING: \`$1' is missing on your system. You should only need it if
you modified a \`.texi' or \`.texinfo' file, or any other file
indirectly affecting the aspect of the manual. The spurious
call might also be the consequence of using a buggy \`make' (AIX,
DU, IRIX). You might want to install the \`Texinfo' package or
the \`GNU make' package. Grab either from any GNU archive site."
file=`echo "$*" | sed -n 's/.*-o \([^ ]*\).*/\1/p'`
if test -z "$file"; then
file=`echo "$*" | sed 's/.* \([^ ]*\) *$/\1/'`
file=`sed -n '/^@setfilename/ { s/.* \([^ ]*\) *$/\1/; p; q; }' $file`
fi
touch $file
;;
*)
echo 1>&2 "\
WARNING: \`$1' is needed, and you do not seem to have it handy on your
system. You might have modified some files without having the
proper tools for further handling them. Check the \`README' file,
it often tells you about the needed prerequirements for installing
this package. You may also peek at any GNU archive site, in case
some other package would contain this missing \`$1' program."
exit 1
;;
esac
exit 0

40
mkinstalldirs Normal file
View file

@ -0,0 +1,40 @@
#! /bin/sh
# mkinstalldirs --- make directory hierarchy
# Author: Noah Friedman <friedman@prep.ai.mit.edu>
# Created: 1993-05-16
# Public domain
# $Id: mkinstalldirs,v 1.1 2000/03/26 00:33:59 zarq Exp $
errstatus=0
for file
do
set fnord `echo ":$file" | sed -ne 's/^:\//#/;s/^://;s/\// /g;s/^#/\//;p'`
shift
pathcomp=
for d
do
pathcomp="$pathcomp$d"
case "$pathcomp" in
-* ) pathcomp=./$pathcomp ;;
esac
if test ! -d "$pathcomp"; then
echo "mkdir $pathcomp"
mkdir "$pathcomp" || lasterr=$?
if test ! -d "$pathcomp"; then
errstatus=$lasterr
fi
fi
pathcomp="$pathcomp/"
done
done
exit $errstatus
# mkinstalldirs ends here

19
src/Makefile.am Normal file
View file

@ -0,0 +1,19 @@
## Produce this file with automake to get Makefile.in
sbin_PROGRAMS = tincd genauth
genauth_SOURCES = genauth.c
tincd_SOURCES = conf.c encr.c net.c netutl.c protocol.c tincd.c
INCLUDES = -I$(top_builddir) -I$(top_srcdir)/cipher -I$(top_srcdir)/lib
noinst_HEADERS = conf.h encr.h net.h netutl.h protocol.h
LIBS = @LIBS@
tincd_LDADD = $(top_builddir)/cipher/libcipher.la \
$(top_builddir)/lib/libvpn.a -ldl
genauth_LDADD = $(top_builddir)/lib/libvpn.a
CFLAGS += -DPKGLIBDIR=$(pkglibdir) -DCONFDIR=\"@sysconfdir@\"

203
src/conf.c Normal file
View file

@ -0,0 +1,203 @@
/*
conf.c -- configuration code
Copyright (C) 1998 Emphyrio,
Copyright (C) 1998,99 Ivo Timmermans <zarq@iname.com>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
/* foute config read code, GPL, emphyrio 1998 */
/* Mutilated by me -- Ivo */
#include "config.h"
#include <ctype.h>
#include <errno.h>
#include <netdb.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <xalloc.h>
#include "conf.h"
#include "netutl.h" /* for strtoip */
config_t *config;
int debug_lvl = 0;
int timeout = 0; /* seconds before timeout */
typedef struct internal_config_t {
char *name;
enum which_t which;
int argtype;
} internal_config_t;
/*
These are all the possible configurable values
*/
static internal_config_t hazahaza[] = {
{ "AllowConnect", allowconnect, TYPE_BOOL },
{ "ConnectTo", upstreamip, TYPE_IP },
{ "ConnectPort", upstreamport, TYPE_INT },
{ "ListenPort", listenport, TYPE_INT },
{ "MyOwnVPNIP", myvpnip, TYPE_IP },
{ "MyVirtualIP", myvpnip, TYPE_IP }, /* an alias */
{ "Passphrases", passphrasesdir, TYPE_NAME },
{ "PingTimeout", pingtimeout, TYPE_INT },
{ "TapDevice", tapdevice, TYPE_NAME },
{ "KeyExpire", keyexpire, TYPE_INT },
{ NULL, 0, 0 }
};
/*
Add given value to the list of configs cfg
*/
config_t *
add_config_val(config_t **cfg, int argtype, char *val)
{
config_t *p;
char *q;
p = (config_t*)xmalloc(sizeof(config_t));
p->data.val = 0;
switch(argtype)
{
case TYPE_INT:
p->data.val = strtol(val, &q, 0);
if(q && *q)
p->data.val = 0;
break;
case TYPE_NAME:
p->data.ptr = xmalloc(strlen(val) + 1);
strcpy(p->data.ptr, val);
break;
case TYPE_IP:
p->data.ip = strtoip(val);
break;
case TYPE_BOOL:
if(!strcasecmp("yes", val))
p->data.val = stupid_true;
else if(!strcasecmp("no", val))
p->data.val = stupid_false;
else
p->data.val = 0;
}
if(p->data.val)
{
p->next = *cfg;
*cfg = p;
return p;
}
free(p);
return NULL;
}
/*
Get variable from a section in a configfile. returns -1 on failure.
*/
int
readconfig(const char *fname, FILE *fp)
{
char line[81];
char *p, *q;
int i, lineno = 0;
config_t *cfg;
for(;;)
{
if(fgets(line, 80, fp) == NULL)
return 0;
lineno++;
if((p = strtok(line, "\t\n\r =")) == NULL)
continue; /* no tokens on this line */
if(p[0] == '#')
continue; /* comment: ignore */
for(i = 0; hazahaza[i].name != NULL; i++)
if(!strcasecmp(hazahaza[i].name, p))
break;
if(!hazahaza[i].name)
{
fprintf(stderr, "%s: %d: Invalid variable name `%s'.\n",
fname, lineno, p);
return -1;
}
if(((q = strtok(NULL, "\t\n\r =")) == NULL) || q[0] == '#')
{
fprintf(stderr, "%s: %d: No value given for `%s'.\n",
fname, lineno, hazahaza[i].name);
return -1;
}
cfg = add_config_val(&config, hazahaza[i].argtype, q);
if(cfg == NULL)
{
fprintf(stderr, "%s: %d: Invalid value `%s' for variable `%s'.\n",
fname, lineno, q, hazahaza[i].name);
return -1;
}
cfg->which = hazahaza[i].which;
if(!config)
config = cfg;
}
}
/*
wrapper function for readconfig
*/
int
read_config_file(const char *fname)
{
FILE *fp;
if((fp = fopen (fname, "r")) == NULL)
{
fprintf(stderr, "Could not open %s: %s\n", fname, sys_errlist[errno]);
return 1;
}
if(readconfig(fname, fp))
return -1;
fclose (fp);
return 0;
}
/*
Look up the value of the config option type
*/
const config_t *
get_config_val(which_t type)
{
config_t *p;
for(p = config; p != NULL; p = p->next)
if(p->which == type)
return p;
/* Not found */
return NULL;
}

72
src/conf.h Normal file
View file

@ -0,0 +1,72 @@
/*
conf.h -- header for conf.c
Copyright (C) 1998,99 Ivo Timmermans <zarq@iname.com>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
#ifndef __TINC_CONF_H__
#define __TINC_CONF_H__
typedef struct ip_mask_t {
unsigned long ip;
unsigned long mask;
} ip_mask_t;
typedef union data_t {
unsigned long val;
void *ptr;
ip_mask_t *ip;
} data_t;
typedef enum which_t {
passphrasesdir = 1,
upstreamip,
upstreamport,
listenport,
myvpnip,
tapdevice,
allowconnect,
pingtimeout,
keyexpire,
} which_t;
typedef struct config_t {
struct config_t *next;
which_t which;
data_t data;
} config_t;
enum {
stupid_false = 1,
stupid_true
};
enum {
TYPE_NAME = 1,
TYPE_INT,
TYPE_IP,
TYPE_BOOL
};
extern config_t *config;
extern int debug_lvl;
extern int timeout;
extern config_t *add_config_val(config_t **, int, char *);
extern int read_config_file(const char *);
extern const config_t *get_config_val(which_t type);
#endif /* __TINC_CONF_H__ */

325
src/encr.c Normal file
View file

@ -0,0 +1,325 @@
/*
encr.c -- everything that deals with encryption
Copyright (C) 1998,99 Ivo Timmermans <zarq@iname.com>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
#include "config.h"
#include <ctype.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <syslog.h>
#include <sys/socket.h>
#include <sys/time.h>
#ifdef HAVE_GMP_H
# include <gmp.h>
#else
# ifdef HAVE_GMP2_GMP_H
# include <gmp2/gmp.h>
# endif
#endif
#include <utils.h>
#include <xalloc.h>
#include <cipher.h>
#include "conf.h"
#include "encr.h"
#include "net.h"
#include "protocol.h"
#define ENCR_GENERATOR "0xd"
#define ENCR_PRIME "0x7fffffffffffffffffffffffffffffff" /* Mersenne :) */
char text_key[1000];
char *my_public_key_base36;
int key_inited = 0, encryption_keylen;
mpz_t my_private_key, my_public_key, generator, shared_prime;
int my_key_expiry = (time_t)(-1);
static char* mypassphrase;
static int mypassphraselen;
int char_hex_to_bin(int c)
{
if(isdigit(c))
return c - '0';
else
return tolower(c) - 'a' + 10;
}
int str_hex_to_bin(unsigned char *bin, unsigned char *hex)
{
int i = 0, j = 0, l = strlen(hex);
if(l&1)
{
i = j = 1;
bin[0] = char_hex_to_bin(hex[0]);
}
for(; i < l; i+=2, j++)
bin[j] = (char_hex_to_bin(hex[i]) << 4) + char_hex_to_bin(hex[i+1]);
return j&1?j+1:j;
}
int read_passphrase(char *which, char **out)
{
FILE *f;
config_t const *cfg;
char *filename;
int size;
extern char *confbase;
char *pp;
if((cfg = get_config_val(passphrasesdir)) == NULL)
{
filename = xmalloc(strlen(confbase)+13+strlen(which));
sprintf(filename, "%spassphrases/%s", confbase, which);
}
else
{
filename = xmalloc(strlen(cfg->data.ptr)+2+strlen(which));
sprintf(filename, "%s/%s", (char*)cfg->data.ptr, which);
}
if((f = fopen(filename, "rb")) == NULL)
{
syslog(LOG_ERR, "Could not open %s: %m", filename);
return -1;
}
fscanf(f, "%d ", &size);
size >>= 2; /* nibbles->bits */
pp = xmalloc(size+2);
fgets(pp, size+1, f);
fclose(f);
*out = xmalloc(size);
return str_hex_to_bin(*out, pp);
}
int read_my_passphrase(void)
{
if((mypassphraselen = read_passphrase("local", &mypassphrase)) < 0)
return -1;
return 0;
}
int generate_private_key(void)
{
FILE *f;
int i;
char *s;
config_t const *cfg;
if((cfg = get_config_val(keyexpire)) == NULL)
my_key_expiry = (time_t)(time(NULL) + 3600);
else
my_key_expiry = (time_t)(time(NULL) + cfg->data.val);
syslog(LOG_NOTICE, "Generating %d bits keys.", PRIVATE_KEY_BITS);
if((f = fopen("/dev/urandom", "r")) == NULL)
{
syslog(LOG_ERR, "Opening /dev/urandom failed: %m");
return -1;
}
s = xmalloc((2 * PRIVATE_KEY_LENGTH) + 1);
for(i = 0; i < PRIVATE_KEY_LENGTH; i++)
sprintf(&s[i << 1], "%02x", fgetc(f));
s[2 * PRIVATE_KEY_LENGTH] = '\0';
mpz_set_str(my_private_key, s, 16);
return 0;
}
void calculate_public_key(void)
{
mpz_powm(my_public_key, generator, my_private_key, shared_prime);
my_public_key_base36 = mpz_get_str(NULL, 36, my_public_key);
}
unsigned char static_key[] = { 0x9c, 0xbf, 0x36, 0xa9, 0xce, 0x20, 0x1b, 0x8b, 0x67, 0x56, 0x21, 0x5d, 0x27, 0x1b, 0xd8, 0x7a };
int security_init(void)
{
mpz_init(my_private_key);
mpz_init(my_public_key);
mpz_init_set_str(shared_prime, ENCR_PRIME, 0);
mpz_init_set_str(generator, ENCR_GENERATOR, 0);
if(read_my_passphrase() < 0)
return -1;
if(generate_private_key() < 0)
return -1;
if(cipher_init(CIPHER_BLOWFISH) < 0)
return -1;
calculate_public_key();
return 0;
}
void set_shared_key(char *almost_key)
{
char *tmp;
int len;
mpz_t ak, our_shared_key;
mpz_init_set_str(ak, almost_key, 36);
mpz_init(our_shared_key);
mpz_powm(our_shared_key, ak, my_private_key, shared_prime);
tmp = mpz_get_str(NULL, 16, our_shared_key);
len = str_hex_to_bin(text_key, tmp);
cipher_set_key(&encryption_key, len, &text_key[0]);
key_inited = 1;
encryption_keylen = len;
if(debug_lvl > 2)
syslog(LOG_INFO, "Encryption key set to %s", tmp);
free(tmp);
mpz_clear(ak);
mpz_clear(our_shared_key);
}
void encrypt_passphrase(passphrase_t *pp)
{
char key[1000];
char tmp[1000];
int len;
BF_KEY bf_key;
mpz_get_str(&tmp[0], 16, my_public_key);
len = str_hex_to_bin(key, tmp);
cipher_set_key(&bf_key, len, &key[0]);
low_crypt_key(mypassphrase, pp->phrase, &bf_key, mypassphraselen, BF_ENCRYPT);
pp->len = ((mypassphraselen - 1) | 7) + 5;
if(key_inited)
cipher_set_key(&encryption_key, encryption_keylen, &text_key[0]);
}
int verify_passphrase(conn_list_t *cl, unsigned char *his_pubkey)
{
char key[1000];
char tmp[1000];
int len;
mpz_t pk;
unsigned char *out;
BF_KEY bf_key;
char which[sizeof("123.123.123.123")+1];
char *meuk;
mpz_init_set_str(pk, his_pubkey, 36);
mpz_get_str(&tmp[0], 16, pk);
len = str_hex_to_bin(key, tmp);
out = xmalloc(cl->pp->len+3);
cipher_set_key(&bf_key, len, &key[0]);
low_crypt_key(cl->pp->phrase, out, &bf_key, cl->pp->len, BF_DECRYPT);
if(key_inited)
cipher_set_key(&encryption_key, encryption_keylen, &text_key[0]);
sprintf(&which[0], IP_ADDR_S, IP_ADDR_V(cl->vpn_ip));
if((len = read_passphrase(which, &meuk)) < 0)
return -1;
if(memcmp(meuk, out, len))
return -1;
return 0;
}
char *make_shared_key(char *pk)
{
mpz_t tmp, res;
char *r;
mpz_init_set_str(tmp, pk, 36);
mpz_init(res);
mpz_powm(res, tmp, my_private_key, shared_prime);
r = mpz_get_str(NULL, 36, res);
mpz_clear(res);
mpz_clear(tmp);
return r;
}
/*
free a key after overwriting it
*/
void free_key(enc_key_t *k)
{
if(!k)
return;
if(k->key)
{
memset(k->key, (char)(-1), k->length);
free(k->key);
}
free(k);
}
void recalculate_encryption_keys(void)
{
conn_list_t *p;
char *ek;
for(p = conn_list; p != NULL; p = p->next)
{
if(!p->public_key || !p->public_key->key)
continue;
ek = make_shared_key(p->public_key->key);
if(!p->key)
{
p->key = xmalloc(sizeof(enc_key_t));
p->key->key = NULL;
}
if(p->key->key)
free(p->key->key);
p->key->length = strlen(ek);
p->key->expiry = p->public_key->expiry;
p->key->key = xmalloc(strlen(ek) + 1);
strcpy(p->key->key, ek);
}
}
void regenerate_keys(void)
{
generate_private_key();
calculate_public_key();
send_key_changed2();
recalculate_encryption_keys();
}

47
src/encr.h Normal file
View file

@ -0,0 +1,47 @@
/*
encr.h -- header for encr.c
Copyright (C) 1998,99 Ivo Timmermans <zarq@iname.com>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
#ifndef __TINC_ENCR_H__
#define __TINC_ENCR_H__
#include "net.h"
#define PRIVATE_KEY_BITS 128
#define PRIVATE_KEY_LENGTH (PRIVATE_KEY_BITS >> 3)
extern char *my_public_key_base36;
extern int my_key_expiry;
extern int security_init(void);
extern void do_bf_encrypt(vpn_packet_t *, real_packet_t *);
extern void do_bf_decrypt(real_packet_t *, vpn_packet_t *);
extern int send_portnumbers(int);
extern void set_shared_key(char *);
extern int send_passphrase(conn_list_t *);
extern int send_public_key(conn_list_t *);
extern int verify_passphrase(conn_list_t *, unsigned char *);
extern char *make_shared_key(char*);
extern void encrypt_passphrase(passphrase_t *pp);
extern void free_key(enc_key_t*);
extern void regenerate_keys(void);
#endif /* __TINC_ENCR_H__ */

94
src/genauth.c Normal file
View file

@ -0,0 +1,94 @@
/*
genauth.c -- generate a random passphrase
Copyright (C) 1998,99 Ivo Timmermans <zarq@iname.com>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
#include "config.h"
#include <stdio.h>
#include <stdlib.h>
#include <time.h>
#include <xalloc.h>
#include "encr.h"
unsigned char initvec[] = { 0x22, 0x7b, 0xad, 0x55, 0x41, 0xf4, 0x3e, 0xf3 };
int main(int argc, char **argv)
{
FILE *fp;
int bits, c, i, bytes;
unsigned char *p;
if(argc != 2)
{
fprintf(stderr, "Usage: %s bits\n", argv[0]);
return 1;
}
if(!(bits = atol(argv[1])))
{
fprintf(stderr, "Illegal number: %s\n", argv[1]);
return 1;
}
bits = ((bits - 1) | 63) + 1;
fprintf(stderr, "Generating %d bits number", bits);
bytes = bits >> 3;
if((fp = fopen("/dev/urandom", "r")) == NULL)
{
perror("Opening /dev/urandom");
return 1;
}
p = xmalloc(bytes);
setbuf(stdout, NULL);
for(i = 0; i < 128; i++)
{
c = fgetc(fp);
if(feof(fp))
{
puts("");
fprintf(stderr, "File was empty!\n");
}
p[i] = c;
}
for(i = 0; i < (bytes); i++)
{
c = fgetc(fp);
if(feof(fp))
{
puts("");
fprintf(stderr, "File was empty!\n");
}
p[i] = c;
}
fclose(fp);
printf("%d ", bits);
for(i = 0; i < bytes; i++)
printf("%02x", p[i]);
puts("");
return 0;
}

1094
src/net.c Normal file
View file

File diff suppressed because it is too large Load diff

139
src/net.h Normal file
View file

@ -0,0 +1,139 @@
/*
net.h -- header for net.c
Copyright (C) 1998,99 Ivo Timmermans <zarq@iname.com>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
#ifndef __TINC_NET_H__
#define __TINC_NET_H__
#include <sys/time.h>
#include "config.h"
#include "conf.h"
#define MAXSIZE 1700 /* should be a bit more than the MTU for the tapdevice */
#define MTU 1600
#define MAX_PASSPHRASE_SIZE 2000 /* 2kb is really waaaay too much. nobody's
gonna need a 16 kbit passphrase */
#define MAC_ADDR_S "%02x:%02x:%02x:%02x:%02x:%02x"
#define MAC_ADDR_V(x) ((unsigned char*)&(x))[0],((unsigned char*)&(x))[1], \
((unsigned char*)&(x))[2],((unsigned char*)&(x))[3], \
((unsigned char*)&(x))[4],((unsigned char*)&(x))[5]
#define IP_ADDR_S "%d.%d.%d.%d"
#ifdef WORDS_BIGENDIAN
# define IP_ADDR_V(x) ((unsigned char*)&(x))[0],((unsigned char*)&(x))[1], \
((unsigned char*)&(x))[2],((unsigned char*)&(x))[3]
#else
# define IP_ADDR_V(x) ((unsigned char*)&(x))[3],((unsigned char*)&(x))[2], \
((unsigned char*)&(x))[1],((unsigned char*)&(x))[0]
#endif
typedef unsigned long ip_t;
typedef short length_t;
typedef struct vpn_packet_t {
length_t len; /* the actual number of bytes in the `data' field */
unsigned char data[MAXSIZE];
} vpn_packet_t;
typedef struct real_packet_t {
length_t len; /* the length of the entire packet */
ip_t from; /* where the packet came from */
vpn_packet_t data; /* encrypted vpn_packet_t */
} real_packet_t;
typedef struct passphrase_t {
unsigned char type;
unsigned short len;
unsigned char phrase[MAX_PASSPHRASE_SIZE];
} passphrase_t;
typedef struct status_bits_t {
int pinged:1; /* sent ping */
int got_pong:1; /* received pong */
int meta:1; /* meta connection exists */
int active:1; /* 1 if active.. */
int outgoing:1; /* I myself asked for this conn */
int termreq:1; /* the termination of this connection was requested */
int remove:1; /* Set to 1 if you want this connection removed */
int timeout:1; /* 1 if gotten timeout */
int validkey:1; /* 1 if we currently have a valid key for him */
int waitingforkey:1; /* 1 if we already sent out a request */
int dataopen:1; /* 1 if we have a valid UDP connection open */
int unused:22;
} status_bits_t;
typedef struct queue_element_t {
void *packet;
struct queue_element_t *next;
} queue_element_t;
typedef struct packet_queue_t {
queue_element_t *head;
queue_element_t *tail;
} packet_queue_t;
typedef struct enc_key_t {
int length;
char *key;
time_t expiry;
} enc_key_t;
typedef struct conn_list_t {
ip_t vpn_ip; /* his vpn ip */
ip_t vpn_mask; /* his vpn network address */
ip_t real_ip; /* his real (internet) ip */
char *hostname; /* the hostname of its real ip */
short int port; /* his portnumber */
int socket; /* our udp vpn socket */
int meta_socket; /* our tcp meta socket */
unsigned char protocol_version; /* used protocol */
status_bits_t status; /* status info */
passphrase_t *pp; /* encoded passphrase */
packet_queue_t *sq; /* pending outgoing packets */
packet_queue_t *rq; /* pending incoming packets (they have no
valid key to be decrypted with) */
enc_key_t *public_key; /* the other party's public key */
enc_key_t *key; /* encrypt with this key */
struct conn_list_t *nexthop; /* nearest meta-hop in this direction */
struct conn_list_t *next; /* after all, it's a list of connections */
} conn_list_t;
extern int tap_fd;
extern int total_tap_in;
extern int total_tap_out;
extern int total_socket_in;
extern int total_socket_out;
extern conn_list_t *conn_list;
extern conn_list_t *myself;
extern int send_packet(ip_t, vpn_packet_t *);
extern int send_broadcast(conn_list_t *, vpn_packet_t *);
extern int setup_network_connections(void);
extern void close_network_connections(void);
extern void main_loop(void);
extern int setup_vpn_connection(conn_list_t *);
extern void terminate_connection(conn_list_t *);
extern void flush_queues(conn_list_t*);
#endif /* __TINC_NET_H__ */

232
src/netutl.c Normal file
View file

@ -0,0 +1,232 @@
/*
netutl.c -- some supporting network utility code
Copyright (C) 1998,99 Ivo Timmermans <zarq@iname.com>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
#include "config.h"
#include <arpa/inet.h>
#include <netdb.h>
#include <netinet/in.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/socket.h>
#include <syslog.h>
#include <utils.h>
#include <xalloc.h>
#include "encr.h"
#include "net.h"
#include "netutl.h"
/*
look for a connection associated with the given vpn ip,
return its connection structure
*/
conn_list_t *lookup_conn(ip_t ip)
{
conn_list_t *p = conn_list;
/* Exact match suggested by James B. MacLean */
for(p = conn_list; p != NULL; p = p->next)
if(ip == p->vpn_ip)
return p;
for(p = conn_list; p != NULL; p = p->next)
if((ip & p->vpn_mask) == (p->vpn_ip & p->vpn_mask))
return p;
return NULL;
}
/*
free a queue and all of its elements
*/
void destroy_queue(packet_queue_t *pq)
{
queue_element_t *p, *q;
for(p = pq->head; p != NULL; p = q)
{
q = p->next;
if(p->packet)
free(p->packet);
free(p);
}
free(pq);
}
/*
free a conn_list_t element and all its pointers
*/
void free_conn_element(conn_list_t *p)
{
if(p->hostname)
free(p->hostname);
if(p->pp)
free(p->pp);
if(p->sq)
destroy_queue(p->sq);
if(p->rq)
destroy_queue(p->rq);
free_key(p->public_key);
free_key(p->key);
free(p);
}
/*
remove all marked connections
*/
void prune_conn_list(void)
{
conn_list_t *p, *prev = NULL, *next = NULL;
for(p = conn_list; p != NULL; )
{
next = p->next;
if(p->status.remove)
{
if(prev)
prev->next = next;
else
conn_list = next;
free_conn_element(p);
}
else
prev = p;
p = next;
}
}
/*
creates new conn_list element, and initializes it
*/
conn_list_t *new_conn_list(void)
{
conn_list_t *p = xmalloc(sizeof(conn_list_t));
/* initialise all those stupid pointers at once */
memset(p, '\0', sizeof(conn_list_t));
p->nexthop = p;
return p;
}
/*
free all elements of conn_list
*/
void destroy_conn_list(void)
{
conn_list_t *p, *next;
cp
for(p = conn_list; p != NULL; )
{
next = p->next;
free_conn_element(p);
p = next;
}
cp
conn_list = NULL;
}
/*
look up the name associated with the ip
address `addr'
*/
char *hostlookup(unsigned long addr)
{
char *name;
struct hostent *host = NULL;
struct in_addr in;
in.s_addr = addr;
host = gethostbyaddr((char *)&in, sizeof(in), AF_INET);
if(host)
{
name = xmalloc(strlen(host->h_name)+20);
sprintf(name, "%s (%s)", host->h_name, inet_ntoa(in));
}
else
{
name = xmalloc(20);
sprintf(name, "%s", inet_ntoa(in));
}
return name;
}
/*
Turn a string into an IP addy with netmask
return NULL on failure
*/
ip_mask_t *strtoip(char *str)
{
ip_mask_t *ip;
int masker;
char *q, *p;
struct hostent *h;
p = str;
if((q = strchr(p, '/')))
{
*q = '\0';
q++; /* q now points to netmask part, or NULL if no mask */
}
if(!(h = gethostbyname(p)))
{
fprintf(stderr, "Error looking up `%s': %s\n", p, sys_errlist[h_errno]);
return NULL;
}
masker = 0;
if(q)
{
masker = strtol(q, &p, 10);
if(q == p || (*p))
return NULL;
}
ip = xmalloc(sizeof(ip_mask_t));
ip->ip = ntohl(*((ip_t*)(h->h_addr_list[0])));
ip->mask = masker ? ~((1 << (32 - masker)) - 1) : 0;
return ip;
}
void dump_conn_list(void)
{
conn_list_t *p;
syslog(LOG_DEBUG, "Connection list:");
for(p = conn_list; p != NULL; p = p->next)
{
syslog(LOG_DEBUG, " " IP_ADDR_S "/" IP_ADDR_S ": %04x (%d|%d)",
IP_ADDR_V(p->vpn_ip), IP_ADDR_V(p->vpn_mask), p->status,
p->socket, p->meta_socket);
}
}

35
src/netutl.h Normal file
View file

@ -0,0 +1,35 @@
/*
netutl.h -- header file for netutl.c
Copyright (C) 1998,99 Ivo Timmermans <zarq@iname.com>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
#ifndef __TINC_NETUTL_H__
#define __TINC_NETUTL_H__
#include "net.h"
extern conn_list_t *lookup_conn(ip_t);
extern void free_conn_element(conn_list_t *);
extern void free_conn_list(conn_list_t*);
extern void prune_conn_list(void);
extern conn_list_t *new_conn_list(void);
extern void destroy_conn_list(void);
extern char *hostlookup(unsigned long);
extern ip_mask_t *strtoip(char*);
extern void dump_conn_list(void);
#endif /* __TINC_NETUTL_H__ */

739
src/protocol.c Normal file
View file

@ -0,0 +1,739 @@
/*
protocol.c -- handle the meta-protocol
Copyright (C) 1999 Ivo Timmermans <zarq@iname.com>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
#include "config.h"
#include <stdlib.h>
#include <string.h>
#include <syslog.h>
#include <sys/socket.h>
#include <utils.h>
#include <xalloc.h>
#include "conf.h"
#include "encr.h"
#include "net.h"
#include "netutl.h"
#include "protocol.h"
int send_ack(conn_list_t *cl)
{
unsigned char tmp = ACK;
if(debug_lvl > 2)
syslog(LOG_DEBUG, "Send ACK to %s", cl->hostname);
syslog(LOG_NOTICE, "Connection with %s activated.", cl->hostname);
if((send(cl->meta_socket, &tmp, sizeof(tmp), 0)) < 0)
{
syslog(LOG_ERR, "send failed: %d:%d: %m", __FILE__, __LINE__);
return -1;
}
return 0;
}
int send_termreq(conn_list_t *cl)
{
termreq_t tmp;
tmp.type = TERMREQ;
tmp.vpn_ip = myself->vpn_ip;
if(debug_lvl > 2)
syslog(LOG_DEBUG, "Send TERMREQ(" IP_ADDR_S ") to " IP_ADDR_S, IP_ADDR_V(tmp.vpn_ip),
IP_ADDR_V(cl->vpn_ip));
if((send(cl->meta_socket, &tmp, sizeof(tmp), 0)) < 0)
{
syslog(LOG_ERR, "send failed: %s:%d: %m", __FILE__, __LINE__);
return -1;
}
return 0;
}
int send_timeout(conn_list_t *cl)
{
termreq_t tmp;
tmp.type = PINGTIMEOUT;
tmp.vpn_ip = myself->vpn_ip;
if(debug_lvl > 2)
syslog(LOG_DEBUG, "Send TIMEOUT(" IP_ADDR_S ") to " IP_ADDR_S, IP_ADDR_V(tmp.vpn_ip),
IP_ADDR_V(cl->vpn_ip));
if((send(cl->meta_socket, &tmp, sizeof(tmp), 0)) < 0)
{
syslog(LOG_ERR, "send failed: %s:%d: %m", __FILE__, __LINE__);
return -1;
}
return 0;
}
int send_del_host(conn_list_t *cl, conn_list_t *new_host)
{
del_host_t tmp;
tmp.type = DEL_HOST;
tmp.vpn_ip = new_host->vpn_ip;
if(debug_lvl > 2)
syslog(LOG_DEBUG, "Sending delete host %lx to " IP_ADDR_S,
tmp.vpn_ip, IP_ADDR_V(cl->vpn_ip));
if((send(cl->meta_socket, (unsigned char*)&tmp, sizeof(del_host_t), 0)) < 0)
{
syslog(LOG_ERR, "send failed: %s:%d: %m", __FILE__, __LINE__);
return -1;
}
return 0;
}
int send_ping(conn_list_t *cl)
{
unsigned char tmp = PING;
if(debug_lvl > 3)
syslog(LOG_DEBUG, "pinging " IP_ADDR_S, IP_ADDR_V(cl->vpn_ip));
if((send(cl->meta_socket, &tmp, sizeof(tmp), 0)) < 0)
{
syslog(LOG_ERR, "send failed: %s:%d: %m", __FILE__, __LINE__);
return -1;
}
return 0;
}
int send_pong(conn_list_t *cl)
{
unsigned char tmp = PONG;
if((send(cl->meta_socket, &tmp, sizeof(tmp), 0)) < 0)
{
syslog(LOG_ERR, "send failed: %s:%d: %m", __FILE__, __LINE__);
return -1;
}
return 0;
}
int send_add_host(conn_list_t *cl, conn_list_t *new_host)
{
add_host_t tmp;
tmp.type = ADD_HOST;
tmp.real_ip = new_host->real_ip;
tmp.vpn_ip = new_host->vpn_ip;
tmp.vpn_mask = new_host->vpn_mask;
tmp.portnr = new_host->port;
if(debug_lvl > 2)
syslog(LOG_DEBUG, "Sending add host (%lx/%lx %lx:%hd) to " IP_ADDR_S,
tmp.vpn_ip, tmp.vpn_mask, tmp.real_ip, tmp.portnr,
IP_ADDR_V(cl->vpn_ip));
if((send(cl->meta_socket, (unsigned char*)&tmp, sizeof(add_host_t), 0)) < 0)
{
syslog(LOG_ERR, "send failed: %s:%d: %m", __FILE__, __LINE__);
return -1;
}
return 0;
}
int send_key_changed(conn_list_t *cl, conn_list_t *src)
{
key_changed_t tmp;
tmp.type = KEY_CHANGED;
tmp.from = src->vpn_ip;
if(debug_lvl > 2)
syslog(LOG_DEBUG, "Sending KEY_CHANGED (%lx) to " IP_ADDR_S,
tmp.from, IP_ADDR_V(cl->vpn_ip));
if((send(cl->meta_socket, (unsigned char*)&tmp, sizeof(key_changed_t), 0)) < 0)
{
syslog(LOG_ERR, "send failed: %s:%d: %m", __FILE__, __LINE__);
return -1;
}
return 0;
}
void send_key_changed2(void)
{
conn_list_t *p;
for(p = conn_list; p != NULL; p = p->next)
if(p->status.meta && p->protocol_version > PROT_3)
send_key_changed(p, myself);
}
int send_basic_info(conn_list_t *cl)
{
basic_info_t tmp;
tmp.type = BASIC_INFO;
tmp.protocol = PROT_CURRENT;
tmp.portnr = myself->port;
tmp.vpn_ip = myself->vpn_ip;
tmp.vpn_mask = myself->vpn_mask;
if(debug_lvl > 2)
syslog(LOG_DEBUG, "Send BASIC_INFO(%d,%hd," IP_ADDR_S "," IP_ADDR_S ") to " IP_ADDR_S,
tmp.protocol, tmp.portnr, IP_ADDR_V(tmp.vpn_ip), IP_ADDR_V(tmp.vpn_mask),
IP_ADDR_V(cl->real_ip));
if((send(cl->meta_socket, &tmp, sizeof(tmp), 0)) < 0)
{
syslog(LOG_ERR, "send failed: %s:%d: %m", __FILE__, __LINE__);
return -1;
}
return 0;
}
int send_passphrase(conn_list_t *cl)
{
passphrase_t tmp;
tmp.type = PASSPHRASE;
encrypt_passphrase(&tmp);
if(debug_lvl > 2)
syslog(LOG_DEBUG, "Send PASSPHRASE(%hd,...) to " IP_ADDR_S, tmp.len,
IP_ADDR_V(cl->vpn_ip));
if((send(cl->meta_socket, &tmp, tmp.len+3, 0)) < 0)
{
syslog(LOG_ERR, "send failed: %s:%d: %m", __FILE__, __LINE__);
return -1;
}
return 0;
}
int send_public_key(conn_list_t *cl)
{
public_key_t *tmp;
tmp = (public_key_t*)xmalloc(strlen(my_public_key_base36)+sizeof(public_key_t));
tmp->type = PUBLIC_KEY;
tmp->len = strlen(my_public_key_base36);
strcpy(&tmp->key, my_public_key_base36);
if(debug_lvl > 2)
syslog(LOG_DEBUG, "Send PUBLIC_KEY(%hd,%s) to " IP_ADDR_S, tmp->len, &tmp->key,
IP_ADDR_V(cl->vpn_ip));
if((send(cl->meta_socket, tmp, tmp->len+sizeof(public_key_t), 0)) < 0)
{
syslog(LOG_ERR, "send failed: %s:%d: %m", __FILE__, __LINE__);
return -1;
}
return 0;
}
int send_calculate(conn_list_t *cl, char *k)
{
calculate_t *tmp;
tmp = xmalloc(strlen(k)+sizeof(calculate_t));
tmp->type = CALCULATE;
tmp->len = strlen(k);
strcpy(&tmp->key, k);
if(send(cl->meta_socket, tmp, tmp->len+4, 0) < 0)
{
syslog(LOG_ERR, "send failed: %s:%d: %m", __FILE__, __LINE__);
return -1;
}
return 0;
}
int send_key_request(ip_t to)
{
key_req_t *tmp;
conn_list_t *fw;
tmp = xmalloc(sizeof(key_req_t));
tmp->type = REQ_KEY;
tmp->to = to;
tmp->from = myself->vpn_ip;
tmp->len = 0;
fw = lookup_conn(to);
if(!fw)
{
syslog(LOG_ERR, "Attempting to send key request to " IP_ADDR_S ", which does not exist?",
IP_ADDR_V(to));
return -1;
}
if(debug_lvl > 2)
syslog(LOG_DEBUG, "Sending out request for public key to " IP_ADDR_S,
IP_ADDR_V(fw->nexthop->vpn_ip));
if(send(fw->nexthop->meta_socket, tmp, sizeof(key_req_t), 0) < 0)
{
syslog(LOG_ERR, "send failed: %s:%d: %m", __FILE__, __LINE__);
return -1;
}
fw->status.waitingforkey = 1;
return 0;
}
int send_key_answer(conn_list_t *cl, ip_t to)
{
key_req_t *tmp;
conn_list_t *fw;
tmp = xmalloc(sizeof(key_req_t)+strlen(my_public_key_base36));
tmp->type = ANS_KEY;
tmp->to = to;
tmp->from = myself->vpn_ip;
tmp->expiry = my_key_expiry;
tmp->len = strlen(my_public_key_base36);
strcpy(&tmp->key, my_public_key_base36);
fw = lookup_conn(to);
if(debug_lvl > 2)
syslog(LOG_DEBUG, "Sending public key to " IP_ADDR_S,
IP_ADDR_V(fw->nexthop->vpn_ip));
if(send(fw->nexthop->meta_socket, tmp, sizeof(key_req_t)+tmp->len, 0) < 0)
{
syslog(LOG_ERR, "send failed: %s:%d: %m", __FILE__, __LINE__);
return -1;
}
return 0;
}
/*
notify all my direct connections of a new host
that was added to the vpn, with the exception
of the source of the announcement.
*/
int notify_others(conn_list_t *new, conn_list_t *source,
int (*function)(conn_list_t*, conn_list_t*))
{
conn_list_t *p;
for(p = conn_list; p != NULL; p = p->next)
if(p != new && p != source && p->status.meta && p->protocol_version > PROT_3)
function(p, new);
return 0;
}
/*
notify one connection of everything
i have connected
*/
int notify_one(conn_list_t *new)
{
conn_list_t *p;
for(p = conn_list; p != NULL; p = p->next)
if(p != new && p->protocol_version > PROT_3)
send_add_host(new, p);
return 0;
}
/*
The incoming request handlers
*/
int basic_info_h(conn_list_t *cl, unsigned char *d, int len)
{
basic_info_t *tmp = (basic_info_t*)d;
cl->protocol_version = tmp->protocol;
cl->port = tmp->portnr;
cl->vpn_ip = tmp->vpn_ip;
cl->vpn_mask = tmp->vpn_mask;
if(cl->protocol_version < PROT_CURRENT)
{
syslog(LOG_ERR, "Peer uses protocol version %d which is too old.",
cl->protocol_version);
return -1;
}
if(debug_lvl > 2)
syslog(LOG_DEBUG, "got BASIC_INFO(%hd," IP_ADDR_S "," IP_ADDR_S ")", cl->port,
IP_ADDR_V(cl->vpn_ip), IP_ADDR_V(cl->vpn_mask));
if(debug_lvl > 1)
syslog(LOG_DEBUG, "Peer uses protocol version %d",
cl->protocol_version);
if(cl->status.outgoing)
{
if(setup_vpn_connection(cl) < 0)
return -1;
send_basic_info(cl);
}
else
{
if(setup_vpn_connection(cl) < 0)
return -1;
send_passphrase(cl);
}
cl->status.active = 0;
return 0;
}
int passphrase_h(conn_list_t *cl, unsigned char *d, int len)
{
passphrase_t *tmp = (passphrase_t*)d;
cl->pp = xmalloc(tmp->len+3);
memcpy(cl->pp, tmp, tmp->len+3);
if(debug_lvl > 2)
syslog(LOG_DEBUG, "got PASSPHRASE(%hd,...)", cl->pp->len);
if(cl->status.outgoing)
send_passphrase(cl);
else
send_public_key(cl);
return 0;
}
int public_key_h(conn_list_t *cl, unsigned char *d, int len)
{
char *g_n;
public_key_t *tmp = (public_key_t*)d;
if(debug_lvl > 2)
syslog(LOG_DEBUG, "got PUBLIC_KEY(%hd,%s)", tmp->len, &tmp->key);
g_n = xmalloc(tmp->len+1);
strcpy(g_n, &tmp->key);
if(verify_passphrase(cl, g_n))
{
/* intruder! */
syslog(LOG_ERR, "Intruder: passphrase does not match.");
return -1;
}
if(debug_lvl > 2)
syslog(LOG_INFO, "Passphrase OK");
if(cl->status.outgoing)
send_public_key(cl);
else
send_ack(cl);
cl->status.active = 1;
notify_others(cl, NULL, send_add_host);
notify_one(cl);
return 0;
}
int ack_h(conn_list_t *cl, unsigned char *d, int len)
{
if(debug_lvl > 2)
syslog(LOG_DEBUG, "got ACK");
cl->status.active = 1;
syslog(LOG_NOTICE, "Connection with %s activated.", cl->hostname);
/*
Now I'm going to cheat. The meta protocol is actually
a stream of requests, that may come in in the same TCP
packet. This is the only place that it will happen,
though.
I may change it in the future, if it appears that this
is not retainable.
*/
if(len > 1) /* An ADD_HOST follows */
{
if(request_handlers[d[1]] == NULL)
syslog(LOG_ERR, "Unknown request %d.", d[1]);
if(request_handlers[d[1]](cl, d, len - 1) < 0)
return -1;
}
return 0;
}
int termreq_h(conn_list_t *cl, unsigned char *d, int len)
{
syslog(LOG_NOTICE, IP_ADDR_S " wants to quit", IP_ADDR_V(cl->vpn_ip));
cl->status.termreq = 1;
terminate_connection(cl);
notify_others(cl, NULL, send_del_host);
return 0;
}
int timeout_h(conn_list_t *cl, unsigned char *d, int len)
{
syslog(LOG_NOTICE, IP_ADDR_S " says it's gotten a timeout from us", IP_ADDR_V(cl->vpn_ip));
cl->status.termreq = 1;
terminate_connection(cl);
return 0;
}
int del_host_h(conn_list_t *cl, unsigned char *d, int len)
{
del_host_t *tmp = (del_host_t*)d;
conn_list_t *fw;
if(debug_lvl > 2)
syslog(LOG_DEBUG, "got DEL_HOST for " IP_ADDR_S,
IP_ADDR_V(tmp->vpn_ip));
if(!(fw = lookup_conn(tmp->vpn_ip)))
{
syslog(LOG_ERR, "Somebody wanted to delete " IP_ADDR_S " which does not exist?",
IP_ADDR_V(tmp->vpn_ip));
return 0;
}
notify_others(cl, fw, send_del_host);
fw->status.termreq = 1;
terminate_connection(fw);
return 0;
}
int ping_h(conn_list_t *cl, unsigned char *d, int len)
{
if(debug_lvl > 3)
syslog(LOG_DEBUG, "responding to ping from " IP_ADDR_S, IP_ADDR_V(cl->vpn_ip));
cl->status.pinged = 0;
cl->status.got_pong = 1;
send_pong(cl);
return 0;
}
int pong_h(conn_list_t *cl, unsigned char *d, int len)
{
if(debug_lvl > 3)
syslog(LOG_DEBUG, "ok, got pong from " IP_ADDR_S, IP_ADDR_V(cl->vpn_ip));
cl->status.got_pong = 1;
return 0;
}
int add_host_h(conn_list_t *cl, unsigned char *d, int len)
{
add_host_t *tmp = (add_host_t*)d;
conn_list_t *ncn, *fw;
if(debug_lvl > 2)
syslog(LOG_DEBUG, "Add host request from " IP_ADDR_S, IP_ADDR_V(cl->vpn_ip));
if(debug_lvl > 3)
syslog(LOG_DEBUG, "got ADD_HOST(" IP_ADDR_S "," IP_ADDR_S ",%hd)",
IP_ADDR_V(tmp->vpn_ip), IP_ADDR_V(tmp->vpn_mask), tmp->portnr);
/*
Suggestion of Hans Bayle
*/
if((fw = lookup_conn(tmp->vpn_ip)))
{
notify_others(fw, cl, send_add_host);
return 0;
}
ncn = new_conn_list();
ncn->real_ip = tmp->real_ip;
ncn->vpn_ip = tmp->vpn_ip;
ncn->vpn_mask = tmp->vpn_mask;
ncn->port = tmp->portnr;
ncn->hostname = hostlookup(tmp->real_ip);
ncn->nexthop = cl;
ncn->next = conn_list;
conn_list = ncn;
ncn->status.active = 1;
notify_others(ncn, cl, send_add_host);
/*
again, i'm cheating here. see the comment in ack_h.
*/
if(len > sizeof(add_host_t)) /* Another ADD_HOST follows */
{
if(request_handlers[d[sizeof(add_host_t)]] == NULL)
syslog(LOG_ERR, "Unknown request %d.", d[sizeof(add_host_t)]);
if(request_handlers[d[sizeof(add_host_t)]](cl, d, len - sizeof(add_host_t)) < 0)
return -1;
}
return 0;
}
int req_key_h(conn_list_t *cl, unsigned char *d, int len)
{
key_req_t *tmp = (key_req_t*)d;
conn_list_t *fw;
if(debug_lvl > 2)
syslog(LOG_DEBUG, "got REQ_KEY from " IP_ADDR_S " for " IP_ADDR_S,
IP_ADDR_V(tmp->from), IP_ADDR_V(tmp->to));
if((tmp->to & myself->vpn_mask) == (myself->vpn_ip & myself->vpn_mask))
{ /* hey! they want something from ME! :) */
send_key_answer(cl, tmp->from);
return 0;
}
fw = lookup_conn(tmp->to);
if(debug_lvl > 3)
syslog(LOG_DEBUG, "Forwarding request for public key to " IP_ADDR_S,
IP_ADDR_V(fw->nexthop->vpn_ip));
if(send(fw->nexthop->meta_socket, tmp, sizeof(key_req_t), 0) < 0)
{
syslog(LOG_ERR, "send failed: %s:%d: %m", __FILE__, __LINE__);
return -1;
}
return 0;
}
void set_keys(conn_list_t *cl, key_req_t *k)
{
char *ek;
if(!cl->public_key)
{
cl->public_key = xmalloc(sizeof(enc_key_t));
cl->public_key->key = NULL;
}
if(cl->public_key->key)
free(cl->public_key->key);
cl->public_key->length = k->len;
cl->public_key->expiry = k->expiry;
cl->public_key->key = xmalloc(k->len + 1);
strcpy(cl->public_key->key, &(k->key));
ek = make_shared_key(&(k->key));
if(!cl->key)
{
cl->key = xmalloc(sizeof(enc_key_t));
cl->key->key = NULL;
}
if(cl->key->key)
free(cl->key->key);
cl->key->length = strlen(ek);
cl->key->expiry = k->expiry;
cl->key->key = xmalloc(strlen(ek) + 1);
strcpy(cl->key->key, ek);
}
int ans_key_h(conn_list_t *cl, unsigned char *d, int len)
{
key_req_t *tmp = (key_req_t*)d;
conn_list_t *fw, *gk;
if(debug_lvl > 3)
syslog(LOG_DEBUG, "got ANS_KEY from " IP_ADDR_S " for " IP_ADDR_S,
IP_ADDR_V(tmp->from), IP_ADDR_V(tmp->to));
if(tmp->to == myself->vpn_ip)
{ /* hey! that key's for ME! :) */
if(debug_lvl > 2)
syslog(LOG_DEBUG, "Yeah! key arrived. Now do something with it.");
gk = lookup_conn(tmp->from);
set_keys(gk, tmp);
gk->status.validkey = 1;
gk->status.waitingforkey = 0;
flush_queues(gk);
return 0;
}
fw = lookup_conn(tmp->to);
if(debug_lvl > 2)
syslog(LOG_DEBUG, "Forwarding public key to " IP_ADDR_S,
IP_ADDR_V(fw->nexthop->vpn_ip));
if(send(fw->nexthop->meta_socket, tmp, sizeof(key_req_t)+tmp->len, 0) < 0)
{
syslog(LOG_ERR, "send failed: %s:%d: %m", __FILE__, __LINE__);
return -1;
}
return 0;
}
int key_changed_h(conn_list_t *cl, unsigned char *d, int len)
{
key_changed_t *tmp = (key_changed_t*)d;
conn_list_t *ik;
if(debug_lvl > 2)
syslog(LOG_DEBUG, "got KEY_CHANGED from " IP_ADDR_S,
IP_ADDR_V(tmp->from));
ik = lookup_conn(tmp->from);
ik->status.validkey = 0;
ik->status.waitingforkey = 0;
if(debug_lvl > 3)
syslog(LOG_DEBUG, "Forwarding key invalidation request");
notify_others(cl, ik, send_key_changed);
return 0;
}
int (*request_handlers[256])(conn_list_t*, unsigned char*, int) = {
0, ack_h, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
termreq_h, timeout_h, del_host_h, 0, 0, 0, 0, 0, 0, 0,
ping_h, pong_h, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
add_host_h, basic_info_h, passphrase_h, public_key_h, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
req_key_h, ans_key_h, key_changed_h, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
};

124
src/protocol.h Normal file
View file

@ -0,0 +1,124 @@
/*
protocol.h -- header for protocol.c
Copyright (C) 1999 Ivo Timmermans <zarq@iname.com>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
#ifndef __TINC_PROTOCOL_H__
#define __TINC_PROTOCOL_H__
#include "net.h"
enum {
PROT_RESERVED = 0, /* reserved: do not use. */
PROT_NOT_IN_USE,
PROT_TOO_OLD = 2,
PROT_3,
PROT_CURRENT, /* protocol currently in use */
};
enum {
ACK = 1, /* acknowledged */
AUTH_S_INIT = 10, /* initiate authentication */
AUTH_C_INIT,
AUTH_S_SPP, /* send passphrase */
AUTH_C_SPP,
AUTH_S_SKEY, /* send g^k */
AUTH_C_SKEY,
AUTH_S_SACK, /* send ack */
AUTH_C_RACK, /* waiting for ack */
TERMREQ = 30, /* terminate connection */
PINGTIMEOUT, /* terminate due to ping t.o. */
DEL_HOST, /* forward a termreq to others */
PING = 40, /* ping */
PONG,
ADD_HOST = 60, /* Add new given host to connection list */
BASIC_INFO, /* some basic info follows */
PASSPHRASE, /* encrypted passphrase */
PUBLIC_KEY, /* public key in base-36 */
HOLD = 80, /* don't send any data */
RESUME, /* resume dataflow with new encryption key */
CALCULATE = 100, /* calculate the following numer^privkey and send me the result */
CALC_RES, /* result of the above */
ALMOST_KEY, /* this number^privkey is the shared key */
REQ_KEY = 160, /* request public key */
ANS_KEY, /* answer to such request */
KEY_CHANGED, /* public key has changed */
};
typedef struct add_host_t {
unsigned char type;
ip_t real_ip;
ip_t vpn_ip;
ip_t vpn_mask;
unsigned short portnr;
} add_host_t;
typedef struct termreq_t {
unsigned char type;
ip_t vpn_ip;
} termreq_t;
typedef struct basic_info_t {
unsigned char type;
unsigned char protocol;
unsigned short portnr;
ip_t vpn_ip;
ip_t vpn_mask;
} basic_info_t;
typedef struct calculate_t {
unsigned char type;
unsigned short len;
char key;
} calculate_t;
typedef struct public_key_t {
unsigned char type;
unsigned short len;
char key;
} public_key_t;
typedef struct key_req_t {
unsigned char type;
ip_t from;
ip_t to;
time_t expiry;
short int len; /* 0 if requesting */
char key;
} key_req_t;
typedef struct key_changed_t {
unsigned char type;
ip_t from;
} key_changed_t;
typedef struct del_host_t {
unsigned char type;
ip_t vpn_ip;
} del_host_t;
extern int (*request_handlers[256])(conn_list_t*, unsigned char*, int);
extern int send_ping(conn_list_t*);
extern int send_basic_info(conn_list_t *);
extern int send_termreq(conn_list_t *);
extern int send_timeout(conn_list_t *);
extern int send_key_request(ip_t);
extern void send_key_changed2(void);
#endif /* __TINC_PROTOCOL_H__ */

468
src/tincd.c Normal file
View file

@ -0,0 +1,468 @@
/*
tincd.c -- the main file for tincd
Copyright (C) 1998,99 Ivo Timmermans <zarq@iname.com>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
#include "config.h"
#include <errno.h>
#include <fcntl.h>
#include <getopt.h>
#include <signal.h>
#include <stdio.h>
#include <sys/types.h>
#include <syslog.h>
#include <unistd.h>
#ifdef HAVE_SYS_IOCTL_H
# include <sys/ioctl.h>
#endif
#include <pidfile.h>
#include <utils.h>
#include <xalloc.h>
#include "conf.h"
#include "encr.h"
#include "net.h"
#include "netutl.h"
/* The name this program was run with. */
char *program_name;
/* If nonzero, display usage information and exit. */
static int show_help;
/* If nonzero, print the version on standard output and exit. */
static int show_version;
/* If nonzero, it will attempt to kill a running tincd and exit. */
static int kill_tincd = 0;
char *confbase = NULL; /* directory in which all config files are */
char *configfilename = NULL; /* configuration file name */
char *identname; /* program name for syslog */
char *netname = NULL; /* name of the vpn network */
char *pidfilename; /* pid file location */
static pid_t ppid; /* pid of non-detached part */
char **g_argv; /* a copy of the cmdline arguments */
void cleanup_and_exit(int);
int detach(void);
int kill_other(void);
void make_names(void);
RETSIGTYPE parent_exit(int a);
void setup_signals(void);
int write_pidfile(void);
static struct option const long_options[] =
{
{ "kill", no_argument, NULL, 'k' },
{ "net", required_argument, NULL, 'n' },
{ "timeout", required_argument, NULL, 'p' },
{ "help", no_argument, &show_help, 1 },
{ "version", no_argument, &show_version, 1 },
{ NULL, 0, NULL, 0 }
};
static void
usage(int status)
{
if(status != 0)
fprintf(stderr, "Try `%s --help\' for more information.\n", program_name);
else
{
printf("Usage: %s [option]...\n\n", program_name);
printf(" -c, --config=FILE Read configuration options from FILE.\n"
" -d Increase debug level.\n"
" -k, --kill Attempt to kill a running tincd and exit.\n"
" -n, --net=NETNAME Connect to net NETNAME.\n"
" -t, --timeout=TIMEOUT Seconds to wait before giving a timeout.\n");
printf(" --help Display this help and exit.\n"
" --version Output version information and exit.\n\n");
printf("Report bugs to zarq@iname.com.\n");
}
exit(status);
}
void
parse_options(int argc, char **argv, char **envp)
{
int r;
int option_index = 0;
config_t *p;
while((r = getopt_long(argc, argv, "c:dkn:t:", long_options, &option_index)) != EOF)
{
switch(r)
{
case 0: /* long option */
break;
case 'c': /* config file */
configfilename = xmalloc(strlen(optarg)+1);
strcpy(configfilename, optarg);
break;
case 'd': /* inc debug level */
debug_lvl++;
break;
case 'k': /* kill old tincds */
kill_tincd = 1;
break;
case 'n': /* net name given */
netname = xmalloc(strlen(optarg)+1);
strcpy(netname, optarg);
break;
case 't': /* timeout */
if(!(p = add_config_val(&config, TYPE_INT, optarg)))
{
printf("Invalid timeout value `%s'.\n", optarg);
usage(1);
}
break;
case '?':
usage(1);
default:
break;
}
}
}
void memory_full(void)
{
syslog(LOG_ERR, "Memory exhausted; exiting.");
exit(1);
}
/*
Detach from current terminal, write pidfile, kill parent
*/
int detach(void)
{
int fd;
pid_t pid;
ppid = getpid();
if((pid = fork()) < 0)
{
perror("fork");
return -1;
}
if(pid) /* parent process */
{
signal(SIGTERM, parent_exit);
sleep(600); /* wait 10 minutes */
exit(1);
}
if(write_pidfile())
return -1;
if((fd = open("/dev/tty", O_RDWR)) >= 0)
{
if(ioctl(fd, TIOCNOTTY, NULL))
{
perror("ioctl");
return -1;
}
close(fd);
}
kill(ppid, SIGTERM);
if(setsid() < 0)
return -1;
chdir("/"); /* avoid keeping a mointpoint busy */
openlog(identname, LOG_CONS | LOG_PID, LOG_DAEMON);
if(debug_lvl > 1)
syslog(LOG_NOTICE, "tincd %s (%s %s) starting, debug level %d.",
VERSION, __DATE__, __TIME__, debug_lvl);
else
syslog(LOG_NOTICE, "tincd %s starting, debug level %d.", VERSION, debug_lvl);
xalloc_fail_func = memory_full;
return 0;
}
/*
Close network connections, and terminate neatly
*/
void cleanup_and_exit(int c)
{
close_network_connections();
if(debug_lvl > 0)
syslog(LOG_INFO, "Total bytes written: tap %d, socket %d; bytes read: tap %d, socket %d.",
total_tap_out, total_socket_out, total_tap_in, total_socket_in);
closelog();
kill(ppid, SIGTERM);
exit(c);
}
/*
check for an existing tinc for this net, and write pid to pidfile
*/
int write_pidfile(void)
{
int pid;
if((pid = check_pid(pidfilename)))
{
if(netname)
fprintf(stderr, "A tincd is already running for net `%s' with pid %d.\n",
netname, pid);
else
fprintf(stderr, "A tincd is already running with pid %d.\n", pid);
return 1;
}
/* if it's locked, write-protected, or whatever */
if(!write_pid(pidfilename))
return 1;
return 0;
}
/*
kill older tincd for this net
*/
int kill_other(void)
{
int pid;
if(!(pid = read_pid(pidfilename)))
{
if(netname)
fprintf(stderr, "No other tincd is running for net `%s'.\n", netname);
else
fprintf(stderr, "No other tincd is running.\n");
return 1;
}
errno = 0; /* No error, sometimes errno is only changed on error */
/* ESRCH is returned when no process with that pid is found */
if(kill(pid, SIGTERM) && errno == ESRCH)
fprintf(stderr, "Removing stale lock file.\n");
remove_pid(pidfilename);
return 0;
}
/*
Set all files and paths according to netname
*/
void make_names(void)
{
if(!configfilename)
{
if(netname)
{
configfilename = xmalloc(strlen(netname)+18+strlen(CONFDIR));
sprintf(configfilename, "%s/tinc/%s/tincd.conf", CONFDIR, netname);
}
else
{
configfilename = xmalloc(17+strlen(CONFDIR));
sprintf(configfilename, "%s/tinc/tincd.conf", CONFDIR);
}
}
if(netname)
{
pidfilename = xmalloc(strlen(netname)+20);
sprintf(pidfilename, "/var/run/tincd.%s.pid", netname);
confbase = xmalloc(strlen(netname)+8+strlen(CONFDIR));
sprintf(confbase, "%s/tinc/%s/", CONFDIR, netname);
identname = xmalloc(strlen(netname)+7);
sprintf(identname, "tincd.%s", netname);
}
else
{
pidfilename = "/var/run/tincd.pid";
confbase = xmalloc(7+strlen(CONFDIR));
sprintf(confbase, "%s/tinc/", CONFDIR);
identname = "tincd";
}
}
int
main(int argc, char **argv, char **envp)
{
program_name = argv[0];
parse_options(argc, argv, envp);
if(show_version)
{
printf("%s version %s\nCopyright (C) 1998,99 Ivo Timmermans and others,\n"
"see the AUTHORS file for a complete list.\n\n"
"tinc comes with ABSOLUTELY NO WARRANTY. This is free software,\n"
"and you are welcome to redistribute it under certain conditions;\n"
"see the file COPYING for details.\n\n", PACKAGE, VERSION);
printf("This product includes software developed by Eric Young (eay@mincom.oz.au)\n");
return 0;
}
if(show_help)
usage(0);
if(geteuid())
{
fprintf(stderr, "You must be root to run this program. sorry.\n");
return 1;
}
g_argv = argv;
make_names();
if(kill_tincd)
exit(kill_other());
if(read_config_file(configfilename))
return 1;
setup_signals();
if(detach())
cleanup_and_exit(1);
if(security_init())
return 1;
if(setup_network_connections())
cleanup_and_exit(1);
main_loop();
cleanup_and_exit(1);
return 1;
}
RETSIGTYPE
sigterm_handler(int a)
{
if(debug_lvl > 0)
syslog(LOG_NOTICE, "Got TERM signal");
cleanup_and_exit(0);
}
RETSIGTYPE
sigquit_handler(int a)
{
if(debug_lvl > 0)
syslog(LOG_NOTICE, "Got QUIT signal");
cleanup_and_exit(0);
}
RETSIGTYPE
sigsegv_square(int a)
{
syslog(LOG_NOTICE, "Got another SEGV signal: not restarting");
exit(0);
}
RETSIGTYPE
sigsegv_handler(int a)
{
if(cp_file)
syslog(LOG_NOTICE, "Got SEGV signal after %s line %d. Trying to re-execute.",
cp_file, cp_line);
else
syslog(LOG_NOTICE, "Got SEGV signal; trying to re-execute.");
signal(SIGSEGV, sigsegv_square);
close_network_connections();
remove_pid(pidfilename);
execvp(g_argv[0], g_argv);
}
RETSIGTYPE
sighup_handler(int a)
{
if(debug_lvl > 0)
syslog(LOG_NOTICE, "Got HUP signal");
close_network_connections();
setup_network_connections();
/* FIXME: read config-file and re-establish network connections */
}
RETSIGTYPE
sigint_handler(int a)
{
if(debug_lvl > 0)
syslog(LOG_NOTICE, "Got INT signal");
cleanup_and_exit(0);
}
RETSIGTYPE
sigusr1_handler(int a)
{
dump_conn_list();
}
RETSIGTYPE
sigusr2_handler(int a)
{
if(debug_lvl > 1)
syslog(LOG_NOTICE, "Forcing new keys");
regenerate_keys();
}
RETSIGTYPE
sighuh(int a)
{
if(cp_file)
syslog(LOG_NOTICE, "Got unexpected signal after %s line %d.",
cp_file, cp_line);
else
syslog(LOG_NOTICE, "Got unexpected signal.");
}
void
setup_signals(void)
{
int i;
for(i=0;i<32;i++)
signal(i,sighuh);
if(signal(SIGTERM, SIG_IGN) != SIG_ERR)
signal(SIGTERM, sigterm_handler);
if(signal(SIGQUIT, SIG_IGN) != SIG_ERR)
signal(SIGQUIT, sigquit_handler);
if(signal(SIGSEGV, SIG_IGN) != SIG_ERR)
signal(SIGSEGV, sigsegv_handler);
if(signal(SIGHUP, SIG_IGN) != SIG_ERR)
signal(SIGHUP, sighup_handler);
signal(SIGPIPE, SIG_IGN);
if(signal(SIGINT, SIG_IGN) != SIG_ERR)
signal(SIGINT, sigint_handler);
signal(SIGUSR1, sigusr1_handler);
signal(SIGUSR2, sigusr2_handler);
}
RETSIGTYPE parent_exit(int a)
{
exit(0);
}

1
stamp-h.in Normal file
View file

@ -0,0 +1 @@
timestamp