X-Git-Url: https://git.syn-net.org/debian/?a=blobdiff_plain;f=src%2FencryptedPacket.cpp;h=d5c2a32dd36ac11ecc6e7b3d463943fe3e14480e;hb=326bc57905738d0bd416ce3d0d7cc79b14ef7a4a;hp=46235c549cfb75e067be74735732d65e033f7c08;hpb=f9ad69dfae6bcec427652b0c4230603e465bd544;p=anytun.git diff --git a/src/encryptedPacket.cpp b/src/encryptedPacket.cpp index 46235c5..d5c2a32 100644 --- a/src/encryptedPacket.cpp +++ b/src/encryptedPacket.cpp @@ -6,12 +6,12 @@ * tunnel endpoints. It has less protocol overhead than IPSec in Tunnel * mode and allows tunneling of every ETHER TYPE protocol (e.g. * ethernet, ip, arp ...). satp directly includes cryptography and - * message authentication based on the methodes used by SRTP. It is + * message authentication based on the methods used by SRTP. It is * intended to deliver a generic, scaleable and secure solution for * tunneling and relaying of packets of any protocol. * * - * Copyright (C) 2007-2009 Othmar Gsenger, Erwin Nindl, + * Copyright (C) 2007-2014 Markus Grüneis, Othmar Gsenger, Erwin Nindl, * Christian Pointner * * This file is part of Anytun. @@ -27,7 +27,20 @@ * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License - * along with anytun. If not, see . + * along with Anytun. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ #include @@ -40,184 +53,199 @@ #include "log.h" #include "anytunError.h" -EncryptedPacket::EncryptedPacket(u_int32_t payload_length, u_int32_t auth_tag_length, bool allow_realloc) +EncryptedPacket::EncryptedPacket(uint32_t payload_length, uint32_t auth_tag_length, bool allow_realloc) : Buffer(payload_length + sizeof(struct HeaderStruct), allow_realloc), auth_tag_length_(auth_tag_length) { header_ = reinterpret_cast(buf_); payload_ = buf_ + sizeof(struct HeaderStruct); auth_tag_ = NULL; - if(header_) - { + if(header_) { header_->seq_nr = 0; header_->sender_id = 0; header_->mux = 0; } } -u_int32_t EncryptedPacket::getHeaderLength() +uint32_t EncryptedPacket::getHeaderLength() { return sizeof(struct HeaderStruct); } seq_nr_t EncryptedPacket::getSeqNr() const { - if(header_) + if(header_) { return SEQ_NR_T_NTOH(header_->seq_nr); - + } + return 0; } sender_id_t EncryptedPacket::getSenderId() const { - if(header_) + if(header_) { return SENDER_ID_T_NTOH(header_->sender_id); + } return 0; } mux_t EncryptedPacket::getMux() const { - if(header_) + if(header_) { return MUX_T_NTOH(header_->mux); + } return 0; } void EncryptedPacket::setSeqNr(seq_nr_t seq_nr) { - if(header_) + if(header_) { header_->seq_nr = SEQ_NR_T_HTON(seq_nr); + } } void EncryptedPacket::setSenderId(sender_id_t sender_id) { - if(header_) + if(header_) { header_->sender_id = SENDER_ID_T_HTON(sender_id); + } } void EncryptedPacket::setMux(mux_t mux) { - if(header_) + if(header_) { header_->mux = MUX_T_HTON(mux); + } } void EncryptedPacket::setHeader(seq_nr_t seq_nr, sender_id_t sender_id, mux_t mux) { - if(!header_) + if(!header_) { return; + } header_->seq_nr = SEQ_NR_T_HTON(seq_nr); header_->sender_id = SENDER_ID_T_HTON(sender_id); header_->mux = MUX_T_HTON(mux); } -u_int32_t EncryptedPacket::getPayloadLength() const +uint32_t EncryptedPacket::getPayloadLength() const { - if(!payload_) + if(!payload_) { return 0; + } - if(!auth_tag_) + if(!auth_tag_) { return (length_ > sizeof(struct HeaderStruct)) ? (length_ - sizeof(struct HeaderStruct)) : 0; - + } + return (length_ > (sizeof(struct HeaderStruct) + auth_tag_length_)) ? (length_ - sizeof(struct HeaderStruct) - auth_tag_length_) : 0; } -void EncryptedPacket::setPayloadLength(u_int32_t payload_length) +void EncryptedPacket::setPayloadLength(uint32_t payload_length) { Buffer::setLength(payload_length + sizeof(struct HeaderStruct)); - // depending on allow_realloc buf_ may point to another address - // therefore in this case reinit() gets called by Buffer::setLength() + // depending on allow_realloc buf_ may point to another address + // therefore in this case reinit() gets called by Buffer::setLength() } void EncryptedPacket::reinit() { header_ = reinterpret_cast(buf_); payload_ = buf_ + sizeof(struct HeaderStruct); - - if(length_ <= (sizeof(struct HeaderStruct))) + + if(length_ <= (sizeof(struct HeaderStruct))) { payload_ = NULL; - + } + if(length_ < (sizeof(struct HeaderStruct))) { header_ = NULL; - AnytunError::throwErr() << "encrypted packet can't be initialized, buffer is too small"; - } - - if(auth_tag_) - { + AnytunError::throwErr() << "encrypted packet can't be initialized, buffer is too small"; + } + + if(auth_tag_) { if(length_ < (sizeof(struct HeaderStruct) + auth_tag_length_)) { auth_tag_ = NULL; - AnytunError::throwErr() << "auth-tag can't be enabled, buffer is too small"; + AnytunError::throwErr() << "auth-tag can't be enabled, buffer is too small"; } auth_tag_ = buf_ + length_ - auth_tag_length_; - } + } } -u_int8_t* EncryptedPacket::getPayload() +uint8_t* EncryptedPacket::getPayload() { return payload_; } -u_int8_t* EncryptedPacket::getAuthenticatedPortion() +uint8_t* EncryptedPacket::getAuthenticatedPortion() { return buf_; } -u_int32_t EncryptedPacket::getAuthenticatedPortionLength() +uint32_t EncryptedPacket::getAuthenticatedPortionLength() { - if(!buf_) + if(!buf_) { return 0; + } - if(!auth_tag_) + if(!auth_tag_) { return length_; - + } + return (length_ > auth_tag_length_) ? (length_ - auth_tag_length_) : 0; } void EncryptedPacket::withAuthTag(bool b) { - if((b && auth_tag_) || (!b && !auth_tag_)) + if((b && auth_tag_) || (!b && !auth_tag_)) { return; - - if(b) - { - if(length_ < (sizeof(struct HeaderStruct) + auth_tag_length_)) + } + + if(b) { + if(length_ < (sizeof(struct HeaderStruct) + auth_tag_length_)) { AnytunError::throwErr() << "auth-tag can't be enabled, buffer is too small"; - + } + auth_tag_ = buf_ + length_ - auth_tag_length_; - } - else + } else { auth_tag_ = NULL; + } } void EncryptedPacket::addAuthTag() { - if(auth_tag_) + if(auth_tag_) { return; + } auth_tag_ = buf_; // will be set to the correct value @ reinit setLength(length_ + auth_tag_length_); - if(auth_tag_ == buf_) // reinit was not called by setLength + if(auth_tag_ == buf_) { // reinit was not called by setLength reinit(); + } } void EncryptedPacket::removeAuthTag() { - if(!auth_tag_) + if(!auth_tag_) { return; + } auth_tag_ = NULL; setLength(length_ - auth_tag_length_); } -u_int8_t* EncryptedPacket::getAuthTag() +uint8_t* EncryptedPacket::getAuthTag() { return auth_tag_; } -u_int32_t EncryptedPacket::getAuthTagLength() +uint32_t EncryptedPacket::getAuthTagLength() { - if(auth_tag_) + if(auth_tag_) { return auth_tag_length_; + } return 0; }