diff options
| -rw-r--r-- | sbin/isakmpd/Makefile | 4 | ||||
| -rw-r--r-- | sbin/isakmpd/app.c | 4 | ||||
| -rw-r--r-- | sbin/isakmpd/crypto.c | 10 | ||||
| -rw-r--r-- | sbin/isakmpd/crypto.h | 23 | ||||
| -rw-r--r-- | sbin/isakmpd/sysdep.h | 3 | ||||
| -rw-r--r-- | sbin/isakmpd/sysdep/openbsd/sysdep.c | 17 |
6 files changed, 8 insertions, 53 deletions
diff --git a/sbin/isakmpd/Makefile b/sbin/isakmpd/Makefile index baba698da00..489fa7175ac 100644 --- a/sbin/isakmpd/Makefile +++ b/sbin/isakmpd/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.61 2005/04/08 15:49:10 deraadt Exp $ +# $OpenBSD: Makefile,v 1.62 2005/04/08 16:06:25 deraadt Exp $ # $EOM: Makefile,v 1.78 2000/10/15 21:33:42 niklas Exp $ # @@ -110,7 +110,7 @@ SUBDIR+= samples .endif .if !make(install) && !defined(NO_REGRESS) -SUBDIR+= regress +#SUBDIR+= regress .endif .for FEATURE in ${FEATURES} diff --git a/sbin/isakmpd/app.c b/sbin/isakmpd/app.c index a04aa14a8e4..c1035b63d65 100644 --- a/sbin/isakmpd/app.c +++ b/sbin/isakmpd/app.c @@ -1,4 +1,4 @@ -/* $OpenBSD: app.c,v 1.9 2004/04/15 18:39:25 deraadt Exp $ */ +/* $OpenBSD: app.c,v 1.10 2005/04/08 16:06:25 deraadt Exp $ */ /* $EOM: app.c,v 1.6 1999/05/01 20:21:06 niklas Exp $ */ /* @@ -51,7 +51,7 @@ app_init(void) { if (app_none) return; - app_socket = sysdep_app_open(); + app_socket = monitor_pf_key_v2_open(); if (app_socket == -1) log_fatal("app_init: cannot open connection to application"); } diff --git a/sbin/isakmpd/crypto.c b/sbin/isakmpd/crypto.c index 5cffb0f27a3..3fd8e778a7c 100644 --- a/sbin/isakmpd/crypto.c +++ b/sbin/isakmpd/crypto.c @@ -1,4 +1,4 @@ -/* $OpenBSD: crypto.c,v 1.24 2005/04/08 16:04:17 deraadt Exp $ */ +/* $OpenBSD: crypto.c,v 1.25 2005/04/08 16:06:25 deraadt Exp $ */ /* $EOM: crypto.c,v 1.32 2000/03/07 20:08:51 niklas Exp $ */ /* @@ -78,22 +78,18 @@ struct crypto_xf transforms[] = { blf_init, blf_encrypt, blf_decrypt }, -#ifdef USE_CAST { CAST_CBC, "CAST (CBC-Mode)", 12, 16, BLOCKSIZE, 0, cast_init, cast1_encrypt, cast1_decrypt }, -#endif -#ifdef USE_AES { AES_CBC, "AES (CBC-Mode)", 16, 32, AES_BLOCK_SIZE, 0, aes_init, aes_encrypt, aes_decrypt }, -#endif }; /* Hmm, the function prototypes for des are really dumb */ @@ -221,7 +217,6 @@ blf_decrypt(struct keystate *ks, u_int8_t *data, u_int16_t len) XOR64(data, ks->riv); } -#ifdef USE_CAST enum cryptoerr cast_init(struct keystate *ks, u_int8_t *key, u_int16_t len) { @@ -258,9 +253,7 @@ cast1_decrypt(struct keystate *ks, u_int8_t *data, u_int16_t len) cast_decrypt(&ks->ks_cast, data, data); XOR64(data, ks->riv); } -#endif /* USE_CAST */ -#ifdef USE_AES enum cryptoerr aes_init(struct keystate *ks, u_int8_t *key, u_int16_t len) { @@ -286,7 +279,6 @@ aes_decrypt(struct keystate *ks, u_int8_t *data, u_int16_t len) memcpy(iv, ks->riv, ks->xf->blocksize); AES_cbc_encrypt(data, data, len, &ks->ks_aes[1], iv, AES_DECRYPT); } -#endif /* USE_AES */ struct crypto_xf * crypto_get(enum transform id) diff --git a/sbin/isakmpd/crypto.h b/sbin/isakmpd/crypto.h index 597d8a65553..ff3f06c9bf2 100644 --- a/sbin/isakmpd/crypto.h +++ b/sbin/isakmpd/crypto.h @@ -1,4 +1,4 @@ -/* $OpenBSD: crypto.h,v 1.15 2005/01/31 10:07:59 hshoexer Exp $ */ +/* $OpenBSD: crypto.h,v 1.16 2005/04/08 16:06:25 deraadt Exp $ */ /* $EOM: crypto.h,v 1.12 2000/10/15 21:56:41 niklas Exp $ */ /* @@ -35,28 +35,18 @@ #if defined (__APPLE__) #include <openssl/des.h> -#ifdef USE_BLOWFISH #include <openssl/blowfish.h> -#endif -#ifdef USE_CAST #include <openssl/cast.h> -#endif #else #include <des.h> -#ifdef USE_BLOWFISH #include <blf.h> -#endif -#ifdef USE_CAST #include <cast.h> -#endif #endif /* __APPLE__ */ -#ifdef USE_AES #include <openssl/aes.h> -#endif #define USE_32BIT #if defined (USE_64BIT) @@ -92,12 +82,7 @@ * Keep MAXBLK uptodate. */ #define BLOCKSIZE 8 - -#ifdef USE_AES #define MAXBLK AES_BLOCK_SIZE -#else -#define MAXBLK BLOCKSIZE -#endif struct keystate { struct crypto_xf *xf; /* Back pointer */ @@ -106,15 +91,9 @@ struct keystate { u_int8_t *riv, *liv; union { des_key_schedule desks[3]; -#ifdef USE_BLOWFISH blf_ctx blfks; -#endif -#ifdef USE_CAST cast_key castks; -#endif -#ifdef USE_AES AES_KEY aesks[2]; -#endif } keydata; }; diff --git a/sbin/isakmpd/sysdep.h b/sbin/isakmpd/sysdep.h index 434d30b6a60..b4811838870 100644 --- a/sbin/isakmpd/sysdep.h +++ b/sbin/isakmpd/sysdep.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sysdep.h,v 1.20 2005/04/08 15:47:24 deraadt Exp $ */ +/* $OpenBSD: sysdep.h,v 1.21 2005/04/08 16:06:25 deraadt Exp $ */ /* $EOM: sysdep.h,v 1.17 2000/12/04 04:46:35 angelos Exp $ */ /* @@ -45,7 +45,6 @@ struct sa; struct sockaddr; extern void sysdep_app_handler(int); -extern int sysdep_app_open(void); extern int sysdep_cleartext(int, int); extern void sysdep_connection_check(char *); extern int sysdep_ipsec_delete_spi(struct sa *, struct proto *, int); diff --git a/sbin/isakmpd/sysdep/openbsd/sysdep.c b/sbin/isakmpd/sysdep/openbsd/sysdep.c index 195a41494a2..ff292606b2a 100644 --- a/sbin/isakmpd/sysdep/openbsd/sysdep.c +++ b/sbin/isakmpd/sysdep/openbsd/sysdep.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sysdep.c,v 1.29 2005/04/08 15:56:48 deraadt Exp $ */ +/* $OpenBSD: sysdep.c,v 1.30 2005/04/08 16:06:25 deraadt Exp $ */ /* $EOM: sysdep.c,v 1.9 2000/12/04 04:46:35 angelos Exp $ */ /* @@ -55,8 +55,6 @@ #endif /* NEED_SYSDEP_APP */ #include "log.h" -extern char *__progname; - /* * An as strong as possible random number generator, reverting to a * deterministic pseudo-random one if regrand is set. @@ -79,19 +77,6 @@ sysdep_sa_len(struct sockaddr *sa) /* As regress/ use this file I protect the sysdep_app_* stuff like this. */ #ifdef NEED_SYSDEP_APP -/* - * Prepare the application we negotiate SAs for (i.e. the IPsec stack) - * for communication. We return a file descriptor useable to select(2) on. - */ -int -sysdep_app_open() -{ -#ifdef USE_PRIVSEP - return monitor_pf_key_v2_open(); -#else - return KEY_API(open)(); -#endif -} /* * When select(2) has noticed our application needs attendance, this is what |