From 6294e1da0b5bac2e36ef4fd238af6fcabe86f0f3 Mon Sep 17 00:00:00 2001
From: Darshaka Pathirana <dpat@syn-net.org>
Date: Sun, 22 Jul 2018 14:52:05 +0200
Subject: [PATCH] New upstream version 0.3.7

---
 ChangeLog               |  5 +++++
 doc/anytun-config.8     |  4 ++--
 doc/anytun-controld.8   |  4 ++--
 doc/anytun-showtables.8 |  4 ++--
 doc/anytun.8            |  4 ++--
 src/authAlgo.cpp        | 48 ++++++++++++++++++++++++++++++++++++++----------
 src/authAlgo.h          | 10 ++++++++--
 src/authAlgoFactory.cpp |  9 ++++++++-
 src/cipher.cpp          |  2 +-
 src/cipher.h            |  2 ++
 src/configure           | 11 +++++++----
 src/keyDerivation.cpp   |  6 ++++--
 src/linux/tunDevice.cpp |  2 +-
 src/options.cpp         | 11 +++++------
 src/routingTreeNode.cpp |  2 ++
 version                 |  2 +-
 16 files changed, 90 insertions(+), 36 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index c9dda20..9348e7e 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+2018.06.08 -- version 0.3.7
+
+* fix build for new versions of GCC and Boost
+* add support for OpenSSL 1.1
+
 2016.07.08 -- Version 0.3.6
 
 * fixed build for GCC-6 and C++0x
diff --git a/doc/anytun-config.8 b/doc/anytun-config.8
index bbb0b2e..f958056 100644
--- a/doc/anytun-config.8
+++ b/doc/anytun-config.8
@@ -2,12 +2,12 @@
 .\"     Title: anytun-config
 .\"    Author: [see the "AUTHORS" section]
 .\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
-.\"      Date: 07/08/2016
+.\"      Date: 06/09/2018
 .\"    Manual: \ \&
 .\"    Source: \ \&
 .\"  Language: English
 .\"
-.TH "ANYTUN\-CONFIG" "8" "07/08/2016" "\ \&" "\ \&"
+.TH "ANYTUN\-CONFIG" "8" "06/09/2018" "\ \&" "\ \&"
 .\" -----------------------------------------------------------------
 .\" * Define some portability stuff
 .\" -----------------------------------------------------------------
diff --git a/doc/anytun-controld.8 b/doc/anytun-controld.8
index 4cc0c41..a8ce738 100644
--- a/doc/anytun-controld.8
+++ b/doc/anytun-controld.8
@@ -2,12 +2,12 @@
 .\"     Title: anytun-controld
 .\"    Author: [see the "AUTHORS" section]
 .\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
-.\"      Date: 07/08/2016
+.\"      Date: 06/09/2018
 .\"    Manual: \ \&
 .\"    Source: \ \&
 .\"  Language: English
 .\"
-.TH "ANYTUN\-CONTROLD" "8" "07/08/2016" "\ \&" "\ \&"
+.TH "ANYTUN\-CONTROLD" "8" "06/09/2018" "\ \&" "\ \&"
 .\" -----------------------------------------------------------------
 .\" * Define some portability stuff
 .\" -----------------------------------------------------------------
diff --git a/doc/anytun-showtables.8 b/doc/anytun-showtables.8
index 74d39e5..f75de02 100644
--- a/doc/anytun-showtables.8
+++ b/doc/anytun-showtables.8
@@ -2,12 +2,12 @@
 .\"     Title: anytun-showtables
 .\"    Author: [see the "AUTHORS" section]
 .\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
-.\"      Date: 07/08/2016
+.\"      Date: 06/09/2018
 .\"    Manual: \ \&
 .\"    Source: \ \&
 .\"  Language: English
 .\"
-.TH "ANYTUN\-SHOWTABLES" "8" "07/08/2016" "\ \&" "\ \&"
+.TH "ANYTUN\-SHOWTABLES" "8" "06/09/2018" "\ \&" "\ \&"
 .\" -----------------------------------------------------------------
 .\" * Define some portability stuff
 .\" -----------------------------------------------------------------
diff --git a/doc/anytun.8 b/doc/anytun.8
index 7a35e5a..2539aec 100644
--- a/doc/anytun.8
+++ b/doc/anytun.8
@@ -2,12 +2,12 @@
 .\"     Title: anytun
 .\"    Author: [see the "AUTHORS" section]
 .\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
-.\"      Date: 07/08/2016
+.\"      Date: 06/09/2018
 .\"    Manual: \ \&
 .\"    Source: \ \&
 .\"  Language: English
 .\"
-.TH "ANYTUN" "8" "07/08/2016" "\ \&" "\ \&"
+.TH "ANYTUN" "8" "06/09/2018" "\ \&" "\ \&"
 .\" -----------------------------------------------------------------
 .\" * Define some portability stuff
 .\" -----------------------------------------------------------------
diff --git a/src/authAlgo.cpp b/src/authAlgo.cpp
index f0e3303..561b0b6 100644
--- a/src/authAlgo.cpp
+++ b/src/authAlgo.cpp
@@ -68,23 +68,51 @@ bool NullAuthAlgo::checkTag(KeyDerivation& kd, EncryptedPacket& packet)
 Sha1AuthAlgo::Sha1AuthAlgo(kd_dir_t d) : AuthAlgo(d), key_(DIGEST_LENGTH)
 {
 #if defined(USE_SSL_CRYPTO)
-  HMAC_CTX_init(&ctx_);
-  HMAC_Init_ex(&ctx_, NULL, 0, EVP_sha1(), NULL);
+  ctx_ = NULL;
+#elif defined(USE_NETTLE)
+  // nothing here
+#else  // USE_GCRYPT is the default
+  handle_ = 0;
+#endif
+}
+
+bool Sha1AuthAlgo::Init()
+{
+#if defined(USE_SSL_CRYPTO)
+# if OPENSSL_VERSION_NUMBER >= 0x10100000L
+  if ((ctx_ = HMAC_CTX_new()) == NULL) {
+    return false;
+  }
+# else
+  if ((ctx_ = (HMAC_CTX*)calloc(1, sizeof(HMAC_CTX))) == NULL) {
+    return false;
+  }
+  HMAC_CTX_init(ctx_);
+# endif
+  HMAC_Init_ex(ctx_, NULL, 0, EVP_sha1(), NULL);
 #elif defined(USE_NETTLE)
   // nothing here
 #else  // USE_GCRYPT is the default
   gcry_error_t err = gcry_md_open(&handle_, GCRY_MD_SHA1, GCRY_MD_FLAG_HMAC);
   if(err) {
     cLog.msg(Log::PRIO_ERROR) << "Sha1AuthAlgo::Sha1AuthAlgo: Failed to open message digest algo";
-    return;
+    return false;
   }
 #endif
+  return true;
 }
 
 Sha1AuthAlgo::~Sha1AuthAlgo()
 {
 #if defined(USE_SSL_CRYPTO)
-  HMAC_CTX_cleanup(&ctx_);
+  if(ctx_) {
+# if OPENSSL_VERSION_NUMBER >= 0x10100000L
+    HMAC_CTX_free(ctx_);
+# else
+    HMAC_CTX_cleanup(ctx_);
+    free(ctx_);
+# endif
+  }
 #elif defined(USE_NETTLE)
   // nothing here
 #else  // USE_GCRYPT is the default
@@ -109,11 +137,11 @@ void Sha1AuthAlgo::generate(KeyDerivation& kd, EncryptedPacket& packet)
 
   kd.generate(dir_, LABEL_AUTH, packet.getSeqNr(), key_);
 #if defined(USE_SSL_CRYPTO)
-  HMAC_Init_ex(&ctx_, key_.getBuf(), key_.getLength(), EVP_sha1(), NULL);
+  HMAC_Init_ex(ctx_, key_.getBuf(), key_.getLength(), EVP_sha1(), NULL);
 
   uint8_t hmac[DIGEST_LENGTH];
-  HMAC_Update(&ctx_, packet.getAuthenticatedPortion(), packet.getAuthenticatedPortionLength());
-  HMAC_Final(&ctx_, hmac, NULL);
+  HMAC_Update(ctx_, packet.getAuthenticatedPortion(), packet.getAuthenticatedPortionLength());
+  HMAC_Final(ctx_, hmac, NULL);
 #elif defined(USE_NETTLE)
   hmac_sha1_set_key(&ctx_, key_.getLength(), key_.getBuf());
 
@@ -158,11 +186,11 @@ bool Sha1AuthAlgo::checkTag(KeyDerivation& kd, EncryptedPacket& packet)
 
   kd.generate(dir_, LABEL_AUTH, packet.getSeqNr(), key_);
 #if defined(USE_SSL_CRYPTO)
-  HMAC_Init_ex(&ctx_, key_.getBuf(), key_.getLength(), EVP_sha1(), NULL);
+  HMAC_Init_ex(ctx_, key_.getBuf(), key_.getLength(), EVP_sha1(), NULL);
 
   uint8_t hmac[DIGEST_LENGTH];
-  HMAC_Update(&ctx_, packet.getAuthenticatedPortion(), packet.getAuthenticatedPortionLength());
-  HMAC_Final(&ctx_, hmac, NULL);
+  HMAC_Update(ctx_, packet.getAuthenticatedPortion(), packet.getAuthenticatedPortionLength());
+  HMAC_Final(ctx_, hmac, NULL);
 #elif defined(USE_NETTLE)
   hmac_sha1_set_key(&ctx_, key_.getLength(), key_.getBuf());
 
diff --git a/src/authAlgo.h b/src/authAlgo.h
index a1fcea4..758e754 100644
--- a/src/authAlgo.h
+++ b/src/authAlgo.h
@@ -101,10 +101,13 @@ public:
 //****** Sha1AuthAlgo ******
 //* HMAC SHA1 Auth Tag Generator Class
 
+class AuthAlgoFactory;
+
 class Sha1AuthAlgo : public AuthAlgo
 {
+  friend class AuthAlgoFactory;
+
 public:
-  Sha1AuthAlgo(kd_dir_t d);
   ~Sha1AuthAlgo();
 
   void generate(KeyDerivation& kd, EncryptedPacket& packet);
@@ -113,8 +116,11 @@ public:
   static const uint32_t DIGEST_LENGTH = 20;
 
 private:
+  Sha1AuthAlgo(kd_dir_t d);
+  bool Init();
+
 #if defined(USE_SSL_CRYPTO)
-  HMAC_CTX ctx_;
+  HMAC_CTX *ctx_;
 #elif defined(USE_NETTLE)
   struct hmac_sha1_ctx ctx_;
 #else  // USE_GCRYPT is the default
diff --git a/src/authAlgoFactory.cpp b/src/authAlgoFactory.cpp
index b859f33..e30a4b4 100644
--- a/src/authAlgoFactory.cpp
+++ b/src/authAlgoFactory.cpp
@@ -48,6 +48,7 @@
 
 #include "authAlgoFactory.h"
 #include "authAlgo.h"
+#include "anytunError.h"
 
 
 AuthAlgo* AuthAlgoFactory::create(std::string const& type, kd_dir_t dir)
@@ -57,7 +58,13 @@ AuthAlgo* AuthAlgoFactory::create(std::string const& type, kd_dir_t dir)
   }
 #ifndef NO_CRYPT
   else if(type == "sha1") {
-    return new Sha1AuthAlgo(dir);
+    Sha1AuthAlgo* a = new Sha1AuthAlgo(dir);
+    if(!a || !(a->Init())) {
+      if(a)
+        delete a;
+      AnytunError::throwErr() << "failed to initialize SHA1 auth algo";
+    }
+    return a;
   }
 #endif
   else {
diff --git a/src/cipher.cpp b/src/cipher.cpp
index 52a2543..f3b2ed1 100644
--- a/src/cipher.cpp
+++ b/src/cipher.cpp
@@ -207,7 +207,7 @@ void AesIcmCipher::calc(KeyDerivation& kd, uint8_t* in, uint32_t ilen, uint8_t*
   }
   unsigned int num = 0;
   std::memset(ecount_buf_, 0, AES_BLOCK_SIZE);
-  AES_ctr128_encrypt(in, out, (ilen < olen) ? ilen : olen, &aes_key_, ctr_.buf_, ecount_buf_, &num);
+  CRYPTO_ctr128_encrypt(in, out, (ilen < olen) ? ilen : olen, &aes_key_, ctr_.buf_, ecount_buf_, &num, (block128_f)AES_encrypt);
 #elif defined(USE_NETTLE)
   if(CTR_LENGTH != AES_BLOCK_SIZE) {
     cLog.msg(Log::PRIO_ERROR) << "AesIcmCipher: Failed to set cipher CTR: size doesn't fit";
diff --git a/src/cipher.h b/src/cipher.h
index 6408ffd..e47dab9 100644
--- a/src/cipher.h
+++ b/src/cipher.h
@@ -55,7 +55,9 @@
 #ifndef NO_CRYPT
 
 #if defined(USE_SSL_CRYPTO)
+#include <openssl/crypto.h>
 #include <openssl/aes.h>
+#include <openssl/modes.h>
 #elif defined(USE_NETTLE)
 #include <nettle/aes.h>
 #else  // USE_GCRYPT is the default
diff --git a/src/configure b/src/configure
index 082e523..b8a7f3f 100755
--- a/src/configure
+++ b/src/configure
@@ -283,6 +283,7 @@ if [ -n "$BOOST_PREFIX" ]; then
   LDFLAGS="$LDFLAGS -L\"$BOOST_PREFIX/lib\""
 fi
 
+CRYPTO_LIB_NAME=""
 case $CRYPTO_LIB in
   gcrypt)
     CXXFLAGS=$CXXFLAGS' -DUSE_GCRYPT'
@@ -291,6 +292,7 @@ case $CRYPTO_LIB in
       CXXFLAGS="$CXXFLAGS -I\"$GCRYPT_PREFIX/include\""
       LDFLAGS="$LDFLAGS -L\"$GCRYPT_PREFIX/lib\""
     fi
+    CRYPTO_LIB_NAME="libgcrypt"
     echo "using gcrypt library"
   ;;
   nettle)
@@ -300,6 +302,7 @@ case $CRYPTO_LIB in
       CXXFLAGS="$CXXFLAGS -I\"$NETTLE_PREFIX/include\""
       LDFLAGS="$LDFLAGS -L\"$NETTLE_PREFIX/lib\""
     fi
+    CRYPTO_LIB_NAME="Nettle"
     echo "using nettle library"
   ;;
   ssl)
@@ -309,10 +312,12 @@ case $CRYPTO_LIB in
       CXXFLAGS="$CXXFLAGS -I\"$OPENSSL_PREFIX/include\""
       LDFLAGS="$LDFLAGS -L\"$OPENSSL_PREFIX/lib\""
     fi
+    CRYPTO_LIB_NAME="OpenSSL"
     echo "using openssl crypto library"
   ;;
   none)
     CXXFLAGS=$CXXFLAGS' -DNO_CRYPT'
+    CRYPTO_LIB_NAME="none"
     echo "disabling crypto"
   ;;
 esac
@@ -417,8 +422,6 @@ if which git >/dev/null; then
         VERSION="$VERSION (git $GIT_HASH)"
     fi
 fi
-HOSTNAME=`hostname`
-DATE=`date +"%d.%m.%Y %H:%M:%S %Z"`
 
 cat > version.h <<EOF
 /*
@@ -432,8 +435,8 @@ cat > version.h <<EOF
 #ifndef ANYTUN_version_h_INCLUDED
 #define ANYTUN_version_h_INCLUDED
 
-#define VERSION_STRING_0 " version $VERSION"
-#define VERSION_STRING_1 "built on $HOSTNAME, $DATE"
+#define VERSION_STRING " version $VERSION"
+#define CRYPTO_LIB_NAME "$CRYPTO_LIB_NAME"
 
 #endif
 EOF
diff --git a/src/keyDerivation.cpp b/src/keyDerivation.cpp
index 780a51c..812dc44 100644
--- a/src/keyDerivation.cpp
+++ b/src/keyDerivation.cpp
@@ -61,7 +61,9 @@
 #ifndef NO_PASSPHRASE
 
 #if defined(USE_SSL_CRYPTO)
+#include <openssl/crypto.h>
 #include <openssl/sha.h>
+#include <openssl/modes.h>
 #elif defined(USE_NETTLE)
 #include <nettle/sha1.h>
 #include <nettle/sha2.h>
@@ -363,9 +365,9 @@ bool AesIcmKeyDerivation::generate(kd_dir_t dir, satp_prf_label_t label, seq_nr_
     return false;
   }
   unsigned int num = 0;
-  std::memset(ecount_buf_[dir], 0, AES_BLOCK_SIZE);
   std::memset(key.getBuf(), 0, key.getLength());
-  AES_ctr128_encrypt(key.getBuf(), key.getBuf(), key.getLength(), &aes_key_[dir], ctr_[dir].buf_, ecount_buf_[dir], &num);
+  std::memset(ecount_buf_[dir], 0, AES_BLOCK_SIZE);
+  CRYPTO_ctr128_encrypt(key.getBuf(), key.getBuf(), key.getLength(), &aes_key_[dir], ctr_[dir].buf_, ecount_buf_[dir], &num, (block128_f)AES_encrypt);
 #elif defined(USE_NETTLE)
   if(CTR_LENGTH != AES_BLOCK_SIZE) {
     cLog.msg(Log::PRIO_ERROR) << "AesIcmCipher: Failed to set cipher CTR: size doesn't fit";
diff --git a/src/linux/tunDevice.cpp b/src/linux/tunDevice.cpp
index e3f5bf4..97a7ede 100644
--- a/src/linux/tunDevice.cpp
+++ b/src/linux/tunDevice.cpp
@@ -79,7 +79,7 @@ TunDevice::TunDevice(std::string dev_name, std::string dev_type, std::string ifc
   }
 
   if(dev_name != "") {
-    strncpy(ifr.ifr_name, dev_name.c_str(), IFNAMSIZ);
+    strncpy(ifr.ifr_name, dev_name.c_str(), IFNAMSIZ-1);
   }
 
   fd_ = ::open(DEFAULT_DEVICE, O_RDWR);
diff --git a/src/options.cpp b/src/options.cpp
index 038e7b7..8cfc480 100644
--- a/src/options.cpp
+++ b/src/options.cpp
@@ -558,17 +558,16 @@ void Options::printVersion()
 #else
   std::cout << "anytun";
 #endif
-  std::cout << VERSION_STRING_0 << std::endl;
+  std::cout << VERSION_STRING << std::endl;
 
 #if defined(__clang__)
-  std::cout << VERSION_STRING_1 << ", using CLANG " << __clang_version__ << std::endl;
+  std::cout << "built using CLANG " << __clang_version__ << " with " << CRYPTO_LIB_NAME << " crypto library." << std::endl;
 #elif defined(__GNUC__)
-  std::cout << VERSION_STRING_1 << ", using GCC " << __GNUC__ << '.' << __GNUC_MINOR__
-            << '.' << __GNUC_PATCHLEVEL__ << std::endl;
+  std::cout << "built using GCC " << __GNUC__ << '.' << __GNUC_MINOR__ << '.' << __GNUC_PATCHLEVEL__
+            << " with " << CRYPTO_LIB_NAME << " crypto library." << std::endl;
 #else
-  std::cout << VERSION_STRING_1 << std::endl;
+  std::cout << "built using an unknown compiler " << CRYPTO_LIB_NAME << " crypto library." << std::endl;
 #endif
-
 }
 
 void Options::printUsage()
diff --git a/src/routingTreeNode.cpp b/src/routingTreeNode.cpp
index cee0eb2..880285b 100644
--- a/src/routingTreeNode.cpp
+++ b/src/routingTreeNode.cpp
@@ -43,6 +43,8 @@
  *  files in the program, then also delete it here.
  */
 
+#include <iostream>
+
 #include "routingTreeNode.h"
 
 RoutingTreeNode::RoutingTreeNode():mux_(0),valid_(false)
diff --git a/version b/version
index 449d7e7..0f82685 100644
--- a/version
+++ b/version
@@ -1 +1 @@
-0.3.6
+0.3.7
-- 
2.1.4