src - OpenBSD base system

diff options


context:
space:
mode:

author	Hakan Olsson <ho@cvs.openbsd.org>	2001-01-27 15:39:56 +0000
committer	Hakan Olsson <ho@cvs.openbsd.org>	2001-01-27 15:39:56 +0000
commit	894f758b8cb6917aceac129069fada41cdd0dab7 (patch)
tree	76e46ac416088ca2b6ebd7acaab34c1eb12b0340 /sbin/isakmpd/dnssec.c
parent	83ddad5afb1ef8895859420fadb7e75c955c52fe (diff)

Call OpenSSL functions with LC (). Various style nits.

Diffstat (limited to 'sbin/isakmpd/dnssec.c')

-rw-r--r--

sbin/isakmpd/dnssec.c

1 files changed, 33 insertions, 34 deletions

diff --git a/sbin/isakmpd/dnssec.c b/sbin/isakmpd/dnssec.c
index 646fc883161..2203d99ef4d 100644
--- a/sbin/isakmpd/dnssec.c
+++ b/sbin/isakmpd/dnssec.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: dnssec.c,v 1.2 2001/01/27 12:03:32 niklas Exp $ */

+/* $OpenBSD: dnssec.c,v 1.3 2001/01/27 15:39:54 ho Exp $ */

@@ -26,34 +26,33 @@

* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

-#include <stdlib.h>

-#include <string.h>

+#include <sys/types.h>

#include <netinet/in.h>

#include <arpa/nameser.h>

#include <arpa/inet.h>

+#include <stdlib.h>

+#include <openssl/rsa.h>

#include <dns/keyvalues.h>

#include <lwres/lwres.h>

#include <lwres/netdb.h>

-#include <openssl/rsa.h>

#include "sysdep.h"

+#include "dnssec.h"

#include "exchange.h"

+#include "ipsec_num.h"

+#include "libcrypto.h"

#include "log.h"

#include "message.h"

#include "transport.h"

-#include "ipsec_num.h"

-#include "dnssec.h"

/* adapted from <dns/rdatastruct.h> / RFC 2535 */

struct dns_rdata_key {

- u_int16_t flags;

- u_int8_t protocol;

- u_int8_t algorithm;

- u_int16_t datalen;

+ u_int16_t flags;

+ u_int8_t protocol;

+ u_int8_t algorithm;

+ u_int16_t datalen;

unsigned char *data;

};

@@ -76,18 +75,18 @@ dns_get_key (int type, struct message *msg, int *keylen)

case IKE_AUTH_RSA_ENC:

case IKE_AUTH_RSA_ENC_REV:

- /* XXX Not yes. */

+ /* XXX Not yet. */

/* algorithm = DNS_KEYALG_RSA; */

- return NULL;

+ return 0;

case IKE_AUTH_DSS:

/* XXX Not yet. */

/* algorithm = DNS_KEYALG_DSS; */

- return NULL;

+ return 0;

case IKE_AUTH_PRE_SHARED:

default:

- return NULL;

+ return 0;

}

/* Get peer IP address */

@@ -102,7 +101,7 @@ dns_get_key (int type, struct message *msg, int *keylen)

"dns_get_key: lwres_gethostbyaddr (%s) failed: %s",

inet_ntoa (((struct sockaddr_in *)dst)->sin_addr),

lwres_hstrerror (lwres_h_errno)));

- return NULL;

+ return 0;

}

/* Try host official name */

@@ -119,7 +118,7 @@ dns_get_key (int type, struct message *msg, int *keylen)

hostent->h_aliases[i]));

ret = lwres_getrrsetbyname (hostent->h_aliases[i], C_IN, T_KEY, 0,

&rr);

- i ++;

+ i++;

}

@@ -127,7 +126,7 @@ dns_get_key (int type, struct message *msg, int *keylen)

{

LOG_DBG ((LOG_MISC, 30, "dns_get_key: no DNS responses (error %d)",

ret));

- return NULL;

+ return 0;

}

LOG_DBG ((LOG_MISC, 80,

@@ -140,7 +139,7 @@ dns_get_key (int type, struct message *msg, int *keylen)

{

LOG_DBG ((LOG_MISC, 10, "dns_get_key: got unvalidated response"));

lwres_freerrset (rr);

- return NULL;

+ return 0;

}

/* Sanity. */

@@ -148,16 +147,16 @@ dns_get_key (int type, struct message *msg, int *keylen)

{

LOG_DBG ((LOG_MISC, 30, "dns_get_key: no KEY RRs recieved"));

lwres_freerrset (rr);

- return NULL;

+ return 0;

}

- memset (&key_rr, 0, sizeof (key_rr));

+ memset (&key_rr, 0, sizeof key_rr);

* Find a key with the wanted algorithm, if any.

* XXX If there are several keys present, we currently only find the first.

- for (i = 0; i < rr->rri_nrdatas && key_rr.datalen == 0; i ++)

+ for (i = 0; i < rr->rri_nrdatas && key_rr.datalen == 0; i++)

{

key_rr.flags = ntohs ((u_int16_t) *rr->rri_rdatas[i].rdi_data);

key_rr.protocol = *(rr->rri_rdatas[i].rdi_data + 2);

@@ -175,7 +174,7 @@ dns_get_key (int type, struct message *msg, int *keylen)

continue;

}

- key_rr.datalen = rr->rri_rdatas[i].rdi_length - 4;

+ key_rr.datalen = rr->rri_rdatas[i].rdi_length - 4;

if (key_rr.datalen <= 0)

{

LOG_DBG ((LOG_MISC, 50, "dns_get_key: ignored bad key"));

@@ -189,7 +188,7 @@ dns_get_key (int type, struct message *msg, int *keylen)

{

log_error ("dns_get_key: malloc (%d) failed", key_rr.datalen);

lwres_freerrset (rr);

- return NULL;

+ return 0;

}

memcpy (key_rr.data, rr->rri_rdatas[i].rdi_data + 4, key_rr.datalen);

*keylen = key_rr.datalen;

@@ -200,7 +199,7 @@ dns_get_key (int type, struct message *msg, int *keylen)

if (key_rr.datalen)

return key_rr.data;

else

- return NULL;

+ return 0;

}

int

@@ -216,8 +215,8 @@ dns_RSA_dns_to_x509 (u_int8_t *key, int keylen, RSA **rsa_key)

return -1;

}

- rsa = RSA_new ();

- if (!rsa)

+ rsa = LC (RSA_new, ());

+ if (rsa == NULL)

{

log_error ("dns_RSA_dns_to_x509: failed to allocate new RSA struct");

return -1;

@@ -231,7 +230,7 @@ dns_RSA_dns_to_x509 (u_int8_t *key, int keylen, RSA **rsa_key)

if (keylen < 3)

{

log_print ("dns_RSA_dns_to_x509: invalid public key");

- RSA_free (rsa);

+ LC (RSA_free, (rsa));

return -1;

}

e_len = *(key + key_offset++) << 8;

@@ -241,21 +240,21 @@ dns_RSA_dns_to_x509 (u_int8_t *key, int keylen, RSA **rsa_key)

if (e_len > (keylen - key_offset))

{

log_print ("dns_RSA_dns_to_x509: invalid public key");

- RSA_free (rsa);

+ LC (RSA_free, (rsa));

return -1;

}

- rsa->e = BN_bin2bn (key + key_offset, e_len, NULL);

+ rsa->e = LC (BN_bin2bn, (key + key_offset, e_len, NULL));

key_offset += e_len;

/* XXX if (keylen <= key_offset) -> "invalid public key" ? */

- rsa->n = BN_bin2bn (key + key_offset, keylen - key_offset, NULL);

+ rsa->n = LC (BN_bin2bn, (key + key_offset, keylen - key_offset, NULL));

*rsa_key = rsa;

LOG_DBG ((LOG_MISC, 30, "dns_RSA_dns_to_x509: got %d bits RSA key",

- BN_num_bits (rsa->n)));

+ LC (BN_num_bits, (rsa->n))));

return 0;

}