summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTheo de Raadt <deraadt@cvs.openbsd.org>2005-04-08 16:06:26 +0000
committerTheo de Raadt <deraadt@cvs.openbsd.org>2005-04-08 16:06:26 +0000
commit2ee307bc61874da9da57c2e522b072b503efd457 (patch)
treeea474f533cd9acf54956c4271c233c5eae8e2957
parenta26db2f0b98e349beb5eab2b74a71922172a45d5 (diff)
app.c
-rw-r--r--sbin/isakmpd/Makefile4
-rw-r--r--sbin/isakmpd/app.c4
-rw-r--r--sbin/isakmpd/crypto.c10
-rw-r--r--sbin/isakmpd/crypto.h23
-rw-r--r--sbin/isakmpd/sysdep.h3
-rw-r--r--sbin/isakmpd/sysdep/openbsd/sysdep.c17
6 files changed, 8 insertions, 53 deletions
diff --git a/sbin/isakmpd/Makefile b/sbin/isakmpd/Makefile
index baba698da00..489fa7175ac 100644
--- a/sbin/isakmpd/Makefile
+++ b/sbin/isakmpd/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.61 2005/04/08 15:49:10 deraadt Exp $
+# $OpenBSD: Makefile,v 1.62 2005/04/08 16:06:25 deraadt Exp $
# $EOM: Makefile,v 1.78 2000/10/15 21:33:42 niklas Exp $
#
@@ -110,7 +110,7 @@ SUBDIR+= samples
.endif
.if !make(install) && !defined(NO_REGRESS)
-SUBDIR+= regress
+#SUBDIR+= regress
.endif
.for FEATURE in ${FEATURES}
diff --git a/sbin/isakmpd/app.c b/sbin/isakmpd/app.c
index a04aa14a8e4..c1035b63d65 100644
--- a/sbin/isakmpd/app.c
+++ b/sbin/isakmpd/app.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: app.c,v 1.9 2004/04/15 18:39:25 deraadt Exp $ */
+/* $OpenBSD: app.c,v 1.10 2005/04/08 16:06:25 deraadt Exp $ */
/* $EOM: app.c,v 1.6 1999/05/01 20:21:06 niklas Exp $ */
/*
@@ -51,7 +51,7 @@ app_init(void)
{
if (app_none)
return;
- app_socket = sysdep_app_open();
+ app_socket = monitor_pf_key_v2_open();
if (app_socket == -1)
log_fatal("app_init: cannot open connection to application");
}
diff --git a/sbin/isakmpd/crypto.c b/sbin/isakmpd/crypto.c
index 5cffb0f27a3..3fd8e778a7c 100644
--- a/sbin/isakmpd/crypto.c
+++ b/sbin/isakmpd/crypto.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: crypto.c,v 1.24 2005/04/08 16:04:17 deraadt Exp $ */
+/* $OpenBSD: crypto.c,v 1.25 2005/04/08 16:06:25 deraadt Exp $ */
/* $EOM: crypto.c,v 1.32 2000/03/07 20:08:51 niklas Exp $ */
/*
@@ -78,22 +78,18 @@ struct crypto_xf transforms[] = {
blf_init,
blf_encrypt, blf_decrypt
},
-#ifdef USE_CAST
{
CAST_CBC, "CAST (CBC-Mode)", 12, 16,
BLOCKSIZE, 0,
cast_init,
cast1_encrypt, cast1_decrypt
},
-#endif
-#ifdef USE_AES
{
AES_CBC, "AES (CBC-Mode)", 16, 32,
AES_BLOCK_SIZE, 0,
aes_init,
aes_encrypt, aes_decrypt
},
-#endif
};
/* Hmm, the function prototypes for des are really dumb */
@@ -221,7 +217,6 @@ blf_decrypt(struct keystate *ks, u_int8_t *data, u_int16_t len)
XOR64(data, ks->riv);
}
-#ifdef USE_CAST
enum cryptoerr
cast_init(struct keystate *ks, u_int8_t *key, u_int16_t len)
{
@@ -258,9 +253,7 @@ cast1_decrypt(struct keystate *ks, u_int8_t *data, u_int16_t len)
cast_decrypt(&ks->ks_cast, data, data);
XOR64(data, ks->riv);
}
-#endif /* USE_CAST */
-#ifdef USE_AES
enum cryptoerr
aes_init(struct keystate *ks, u_int8_t *key, u_int16_t len)
{
@@ -286,7 +279,6 @@ aes_decrypt(struct keystate *ks, u_int8_t *data, u_int16_t len)
memcpy(iv, ks->riv, ks->xf->blocksize);
AES_cbc_encrypt(data, data, len, &ks->ks_aes[1], iv, AES_DECRYPT);
}
-#endif /* USE_AES */
struct crypto_xf *
crypto_get(enum transform id)
diff --git a/sbin/isakmpd/crypto.h b/sbin/isakmpd/crypto.h
index 597d8a65553..ff3f06c9bf2 100644
--- a/sbin/isakmpd/crypto.h
+++ b/sbin/isakmpd/crypto.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: crypto.h,v 1.15 2005/01/31 10:07:59 hshoexer Exp $ */
+/* $OpenBSD: crypto.h,v 1.16 2005/04/08 16:06:25 deraadt Exp $ */
/* $EOM: crypto.h,v 1.12 2000/10/15 21:56:41 niklas Exp $ */
/*
@@ -35,28 +35,18 @@
#if defined (__APPLE__)
#include <openssl/des.h>
-#ifdef USE_BLOWFISH
#include <openssl/blowfish.h>
-#endif
-#ifdef USE_CAST
#include <openssl/cast.h>
-#endif
#else
#include <des.h>
-#ifdef USE_BLOWFISH
#include <blf.h>
-#endif
-#ifdef USE_CAST
#include <cast.h>
-#endif
#endif /* __APPLE__ */
-#ifdef USE_AES
#include <openssl/aes.h>
-#endif
#define USE_32BIT
#if defined (USE_64BIT)
@@ -92,12 +82,7 @@
* Keep MAXBLK uptodate.
*/
#define BLOCKSIZE 8
-
-#ifdef USE_AES
#define MAXBLK AES_BLOCK_SIZE
-#else
-#define MAXBLK BLOCKSIZE
-#endif
struct keystate {
struct crypto_xf *xf; /* Back pointer */
@@ -106,15 +91,9 @@ struct keystate {
u_int8_t *riv, *liv;
union {
des_key_schedule desks[3];
-#ifdef USE_BLOWFISH
blf_ctx blfks;
-#endif
-#ifdef USE_CAST
cast_key castks;
-#endif
-#ifdef USE_AES
AES_KEY aesks[2];
-#endif
} keydata;
};
diff --git a/sbin/isakmpd/sysdep.h b/sbin/isakmpd/sysdep.h
index 434d30b6a60..b4811838870 100644
--- a/sbin/isakmpd/sysdep.h
+++ b/sbin/isakmpd/sysdep.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: sysdep.h,v 1.20 2005/04/08 15:47:24 deraadt Exp $ */
+/* $OpenBSD: sysdep.h,v 1.21 2005/04/08 16:06:25 deraadt Exp $ */
/* $EOM: sysdep.h,v 1.17 2000/12/04 04:46:35 angelos Exp $ */
/*
@@ -45,7 +45,6 @@ struct sa;
struct sockaddr;
extern void sysdep_app_handler(int);
-extern int sysdep_app_open(void);
extern int sysdep_cleartext(int, int);
extern void sysdep_connection_check(char *);
extern int sysdep_ipsec_delete_spi(struct sa *, struct proto *, int);
diff --git a/sbin/isakmpd/sysdep/openbsd/sysdep.c b/sbin/isakmpd/sysdep/openbsd/sysdep.c
index 195a41494a2..ff292606b2a 100644
--- a/sbin/isakmpd/sysdep/openbsd/sysdep.c
+++ b/sbin/isakmpd/sysdep/openbsd/sysdep.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sysdep.c,v 1.29 2005/04/08 15:56:48 deraadt Exp $ */
+/* $OpenBSD: sysdep.c,v 1.30 2005/04/08 16:06:25 deraadt Exp $ */
/* $EOM: sysdep.c,v 1.9 2000/12/04 04:46:35 angelos Exp $ */
/*
@@ -55,8 +55,6 @@
#endif /* NEED_SYSDEP_APP */
#include "log.h"
-extern char *__progname;
-
/*
* An as strong as possible random number generator, reverting to a
* deterministic pseudo-random one if regrand is set.
@@ -79,19 +77,6 @@ sysdep_sa_len(struct sockaddr *sa)
/* As regress/ use this file I protect the sysdep_app_* stuff like this. */
#ifdef NEED_SYSDEP_APP
-/*
- * Prepare the application we negotiate SAs for (i.e. the IPsec stack)
- * for communication. We return a file descriptor useable to select(2) on.
- */
-int
-sysdep_app_open()
-{
-#ifdef USE_PRIVSEP
- return monitor_pf_key_v2_open();
-#else
- return KEY_API(open)();
-#endif
-}
/*
* When select(2) has noticed our application needs attendance, this is what