X-Git-Url: http://git.eversberg.eu/gitweb.cgi?p=lcr.git;a=blobdiff_plain;f=crypt.cpp;h=e3b562b93fc94062c9adf644b84060331e734f55;hp=92f0c1020a1c18aa8527e62d985fb54ed0655f62;hb=034d3a91404addedc1c7a3494862c79532b0b878;hpb=8038fd190f3c0b451c07253190ec1d7de9ea822a diff --git a/crypt.cpp b/crypt.cpp index 92f0c10..e3b562b 100644 --- a/crypt.cpp +++ b/crypt.cpp @@ -140,14 +140,10 @@ the message type is encoded as element */ -#include -#include -#include -#include +#include "main.h" #ifdef CRYPTO #include #endif -#include "main.h" /* convert key string to binary key vector @@ -164,11 +160,9 @@ unsigned char *crypt_key(unsigned char *key, int *binary_len) return(NULL); /* check for 0xXXXX... type of key */ - if (!strncmp((char *)key, "0x", 2)) - { + if (!strncmp((char *)key, "0x", 2)) { key+=2; - while(*key) - { + while(*key) { if (i == (int)sizeof(binary_key)) return(NULL); @@ -210,21 +204,19 @@ unsigned char *crypt_key(unsigned char *key, int *binary_len) /* * support routine to get cpu speed */ -static unsigned long get_bogomips(void) +static unsigned int get_bogomips(void) { FILE *fp; char buffer[64], *p; fp = fopen("/proc/cpuinfo", "r"); - if (!fp) - { + if (!fp) { PERROR("Cannot access /proc/cpuinfo. Will not use cpuinfo for identification of pear\n"); return(0); } fduse++; buffer[sizeof(buffer-1)] = '\0'; - while(fgets(buffer, sizeof(buffer)-1, fp)) - { + while(GETLINE(buffer, fp)) { if (!!strncmp(buffer, "bogomips", 8)) continue; if (!strchr(buffer, ':')) @@ -248,14 +240,13 @@ static unsigned long get_bogomips(void) /* * crc 32 stuff */ -static unsigned long crc_reflect(unsigned long ref, char ch) +static unsigned int crc_reflect(unsigned int ref, char ch) { - unsigned long value = 0; + unsigned int value = 0; int i; i = 1; - while(i < ch+1) - { + while(i < ch+1) { if(ref & 1) value |= 1 << (ch - i); ref >>= 1; @@ -264,21 +255,19 @@ static unsigned long crc_reflect(unsigned long ref, char ch) return(value); } -static unsigned long crc32_table[256]; +static unsigned int crc32_table[256]; static int crc_initialized = 0; void crc_init(void) { - unsigned long ulPolynomial = 0x04c11db7; + unsigned int ulPolynomial = 0x04c11db7; int i, j; i = 0; - while(i < 256) - { + while(i < 256) { crc32_table[i] = crc_reflect(i, 8) << 24; j = 0; - while(j < 8) - { + while(j < 8) { crc32_table[i] = (crc32_table[i] << 1) ^ (crc32_table[i] & (1 << 31) ? ulPolynomial : 0); j++; } @@ -288,9 +277,9 @@ void crc_init(void) crc_initialized = 1; } -unsigned long crc32(unsigned char *data, int len) +unsigned int crc32(unsigned char *data, int len) { - unsigned long crc = 0xffffffff; + unsigned int crc = 0xffffffff; if (!crc_initialized) FATAL("crc not initialized, exitting..."); @@ -304,7 +293,7 @@ unsigned long crc32(unsigned char *data, int len) CM_ST_NAMES /* give name of state */ -static char *statename(int state) +static const char *statename(int state) { if (state>=0 && stateea_endpoint->ep_serial); /* lower priority to keep pbx running fluently */ - if (options.schedule > 0) - { + if (options.schedule > 0) { memset(&schedp, 0, sizeof(schedp)); schedp.sched_priority = 0; ret = sched_setscheduler(0, SCHED_OTHER, &schedp); - if (ret < 0) - { + if (ret < 0) { PERROR("Scheduling to normal priority failed (errno = %d).\nExitting child process...\n", errno); goto done; } } - switch(job) - { + switch(job) { /* generate rsa key pair */ case CK_GENRSA_REQ: #ifndef CRYPTO @@ -361,16 +347,14 @@ static void *keyengine_child(void *arg) exponent = 65537; // if (exponent < 3) exponent = 3; /* >= 3 */ rsa = RSA_generate_key(RSA_BITS, exponent, NULL, NULL); - if (!rsa) - { + if (!rsa) { PERROR("Failed to generate rsa key pair.\n"); apppbx->e_crypt_keyengine_return = -1; break; } ememuse++; apppbx->e_crypt_rsa_n_len = BN_num_bytes(rsa->n); - if (apppbx->e_crypt_rsa_n_len > (int)sizeof(apppbx->e_crypt_rsa_n)) - { + if (apppbx->e_crypt_rsa_n_len > (int)sizeof(apppbx->e_crypt_rsa_n)) { kerror_buffer: PERROR("e_crypt_rsa_* too small for bignum.\n"); apppbx->e_crypt_keyengine_return = -1; @@ -430,8 +414,7 @@ static void *keyengine_child(void *arg) /* generating session key */ srandom(*((unsigned int *)mISDN_rand) ^ random()); i = 0; - while(i < 56) - { + while(i < 56) { apppbx->e_crypt_key[i] = random(); apppbx->e_crypt_key[i] ^= mISDN_rand[random() & 0xff]; i++; @@ -439,8 +422,7 @@ static void *keyengine_child(void *arg) apppbx->e_crypt_key_len = i; /* encrypt via rsa */ rsa = RSA_new(); - if (!rsa) - { + if (!rsa) { PERROR("Failed to allocate rsa structure.\n"); apppbx->e_crypt_keyengine_return = 1; break; @@ -448,16 +430,14 @@ static void *keyengine_child(void *arg) ememuse++; rsa->n = BN_new(); rsa->e = BN_new(); - if (!rsa->n || !rsa->e) - { + if (!rsa->n || !rsa->e) { PERROR("Failed to generate rsa structure.\n"); apppbx->e_crypt_keyengine_return = -1; RSA_free(rsa); ememuse--; break; } - if (!BN_bin2bn(apppbx->e_crypt_rsa_n, apppbx->e_crypt_rsa_n_len, rsa->n)) - { + if (!BN_bin2bn(apppbx->e_crypt_rsa_n, apppbx->e_crypt_rsa_n_len, rsa->n)) { eerror_bin2bn: PERROR("Failed to convert binary to bignum.\n"); apppbx->e_crypt_keyengine_return = -1; @@ -465,8 +445,7 @@ static void *keyengine_child(void *arg) ememuse--; break; } - if ((apppbx->e_crypt_rsa_n_len*8) != BN_num_bits(rsa->n)) - { + if ((apppbx->e_crypt_rsa_n_len*8) != BN_num_bits(rsa->n)) { PERROR("SOFTWARE API ERROR: length not equal stored data. (%d != %d)\n", apppbx->e_crypt_rsa_n_len*8, BN_num_bits(rsa->n)); apppbx->e_crypt_keyengine_return = -1; RSA_free(rsa); @@ -501,8 +480,7 @@ static void *keyengine_child(void *arg) apppbx->e_crypt_keyengine_return = -1; #else rsa = RSA_new(); - if (!rsa) - { + if (!rsa) { PERROR("Failed to allocate rsa structure.\n"); apppbx->e_crypt_keyengine_return = 1; break; @@ -519,16 +497,14 @@ static void *keyengine_child(void *arg) if (!rsa->n || !rsa->e || !rsa->d || !rsa->p || !rsa->q || !rsa->dmp1 - || !rsa->dmq1 || !rsa->iqmp) - { + || !rsa->dmq1 || !rsa->iqmp) { PERROR("Failed to generate rsa structure.\n"); apppbx->e_crypt_keyengine_return = 1; RSA_free(rsa); ememuse--; break; } - if (!BN_bin2bn(apppbx->e_crypt_rsa_n, apppbx->e_crypt_rsa_n_len, rsa->n)) - { + if (!BN_bin2bn(apppbx->e_crypt_rsa_n, apppbx->e_crypt_rsa_n_len, rsa->n)) { derror_bin2bn: PERROR("Failed to convert binary to bignum.\n"); apppbx->e_crypt_keyengine_return = -1; @@ -573,7 +549,8 @@ static void *keyengine_child(void *arg) PDEBUG((DEBUG_EPOINT | DEBUG_CRYPT), "child process done after using libcrypto with return value %d\n", apppbx->e_crypt_keyengine_return); /* exit process */ - apppbx->ea_endpoint->ep_use--; + if (--apppbx->ea_endpoint->ep_use <= 0) + trigger_work(&apppbx->ea_endpoint->ep_delete); FREE(args, sizeof(struct auth_args)); amemuse--; return(NULL); @@ -584,8 +561,7 @@ void EndpointAppPBX::cryptman_keyengine(int job) struct auth_args *arg; pthread_t tid; - if (e_crypt_keyengine_busy) - { + if (e_crypt_keyengine_busy) { e_crypt_keyengine_return = -1; PERROR("engine currently busy.\n"); return; @@ -598,8 +574,7 @@ void EndpointAppPBX::cryptman_keyengine(int job) e_crypt_keyengine_busy = job; ea_endpoint->ep_use++; - if ((pthread_create(&tid, NULL, keyengine_child, arg)<0)) - { + if ((pthread_create(&tid, NULL, keyengine_child, arg)<0)) { ea_endpoint->ep_use--; PERROR("failed to create keyengine-thread.\n"); e_crypt_keyengine_return = -1; @@ -614,42 +589,47 @@ void EndpointAppPBX::cryptman_keyengine(int job) /* handler for authentication (called by apppbx's handler) */ -void EndpointAppPBX::cryptman_handler(void) +int crypt_handler(struct lcr_timer *timer, void *instance, int index) { - if (e_crypt_keyengine_busy) - { - if (e_crypt_keyengine_return < 0) - { - e_crypt_keyengine_busy = 0; - cryptman_message(CK_ERROR_IND, NULL, 0); + class EndpointAppPBX *ea = (class EndpointAppPBX *)instance; + struct timeval current_time; + + if (ea->e_crypt_keyengine_busy) { + if (ea->e_crypt_keyengine_return < 0) { + ea->e_crypt_keyengine_busy = 0; + ea->cryptman_message(CK_ERROR_IND, NULL, 0); } else - if (e_crypt_keyengine_return > 0) - { - switch(e_crypt_keyengine_busy) - { + if (ea->e_crypt_keyengine_return > 0) { + switch(ea->e_crypt_keyengine_busy) { case CK_GENRSA_REQ: - e_crypt_keyengine_busy = 0; - cryptman_message(CK_GENRSA_CONF, NULL, 0); + ea->e_crypt_keyengine_busy = 0; + ea->cryptman_message(CK_GENRSA_CONF, NULL, 0); break; case CK_CPTRSA_REQ: - e_crypt_keyengine_busy = 0; - cryptman_message(CK_CPTRSA_CONF, NULL, 0); + ea->e_crypt_keyengine_busy = 0; + ea->cryptman_message(CK_CPTRSA_CONF, NULL, 0); break; case CK_DECRSA_REQ: - e_crypt_keyengine_busy = 0; - cryptman_message(CK_DECRSA_CONF, NULL, 0); + ea->e_crypt_keyengine_busy = 0; + ea->cryptman_message(CK_DECRSA_CONF, NULL, 0); break; } } } /* check for event, make next event */ - if (e_crypt_timeout_sec) if (e_crypt_timeout_sece_crypt_timeout_sec) if (ea->e_crypt_timeout_sece_crypt_timeout_sec==current_time.tv_sec && ea->e_crypt_timeout_usece_crypt_timeout_sec = 0; + ea->e_crypt_timeout_usec = 0; + ea->cryptman_message(CT_TIMEOUT, NULL, 0); } + + /* trigger until state is 0 */ + if (ea->e_crypt_state != CM_ST_NULL) + schedule_timer(&ea->e_crypt_handler, 0, 100000); + + return 0; } @@ -660,33 +640,29 @@ void EndpointAppPBX::cryptman_handler(void) void EndpointAppPBX::cr_ident(int message, unsigned char *param, int len) { unsigned char buf[4], *p; - unsigned long bogomips = 0, ran; + unsigned int bogomips = 0, ran; int l; l = CM_SIZEOFINF(CM_INFO_RANDOM); - if (l != 4) - { + if (l != 4) { PDEBUG(DEBUG_CRYPT, "EPOINT(%d) missing (or corrupt) random number, ignoring (len = %d)\n", ea_endpoint->ep_serial, l); return; } p = CM_GETINF(CM_INFO_RANDOM, buf); ran = (p[0]<<24) + (p[1]<<16) + (p[2]<<8) + p[3]; l = CM_SIZEOFINF(CM_INFO_BOGOMIPS); - if (l != 4) - { + if (l != 4) { PDEBUG(DEBUG_CRYPT, "EPOINT(%d) missing (or corrupt) random bogomips, just comparing random (len = %d)\n", ea_endpoint->ep_serial, l); goto compare_random; } p = CM_GETINF(CM_INFO_BOGOMIPS, buf); bogomips = (p[0]<<24) + (p[1]<<16) + (p[2]<<8) + p[3]; - if (e_crypt_bogomips > bogomips) - { + if (e_crypt_bogomips > bogomips) { PDEBUG(DEBUG_CRYPT, "EPOINT(%d) our cpu is faster, so we are master (%d > %d)\n", ea_endpoint->ep_serial, e_crypt_bogomips, bogomips); cr_master(message, NULL, 0); return; } - if (e_crypt_bogomips < bogomips) - { + if (e_crypt_bogomips < bogomips) { PDEBUG(DEBUG_CRYPT, "EPOINT(%d) our cpu is slower, so we are slave (%d < %d)\n", ea_endpoint->ep_serial, e_crypt_bogomips, bogomips); cr_slave(message, NULL, 0); return; @@ -694,14 +670,12 @@ void EndpointAppPBX::cr_ident(int message, unsigned char *param, int len) PDEBUG(DEBUG_CRYPT, "EPOINT(%d) our cpu is equal speed, so we check for random value (%d == %d)\n", ea_endpoint->ep_serial, e_crypt_bogomips, bogomips); compare_random: /* bogomips are equal, so we compare */ - if (e_crypt_random > ran) - { + if (e_crypt_random > ran) { PDEBUG(DEBUG_CRYPT, "EPOINT(%d) our random value is greater, so we are master (%d > %d)\n", ea_endpoint->ep_serial, e_crypt_random, ran); cr_master(message, NULL, 0); return; } - if (e_crypt_random < ran) - { + if (e_crypt_random < ran) { PDEBUG(DEBUG_CRYPT, "EPOINT(%d) our random value is smaller, so we are slave (%d < %d)\n", ea_endpoint->ep_serial, e_crypt_random, ran); cr_slave(message, NULL, 0); return; @@ -716,6 +690,7 @@ void EndpointAppPBX::cr_activate(int message, unsigned char *param, int len) unsigned char buf[128] = ""; unsigned char msg; unsigned char bogomips[4], ran[4]; + struct timeval current_time; /* activate listener */ cryptman_msg2crengine(CR_LISTEN_REQ, NULL, 0); @@ -723,7 +698,8 @@ void EndpointAppPBX::cr_activate(int message, unsigned char *param, int len) msg = CMSG_IDENT; CM_ADDINF(CM_INFO_MESSAGE, 1, &msg); /* random number element */ - srandom(now_tv.tv_sec ^ now_tv.tv_usec ^ random()); + gettimeofday(¤t_time, NULL); + srandom(current_time.tv_sec ^ current_time.tv_usec ^ random()); e_crypt_random = random(); ran[0] = e_crypt_random >> 24; ran[1] = e_crypt_random >> 16; @@ -732,8 +708,7 @@ void EndpointAppPBX::cr_activate(int message, unsigned char *param, int len) CM_ADDINF(CM_INFO_RANDOM, 4, ran); /* cpu speed element */ e_crypt_bogomips = get_bogomips(); - if (e_crypt_bogomips > 0) - { + if (e_crypt_bogomips > 0) { bogomips[0] = e_crypt_bogomips >> 24; bogomips[1] = e_crypt_bogomips >> 16; bogomips[2] = e_crypt_bogomips >> 8; @@ -776,8 +751,7 @@ void EndpointAppPBX::cr_master(int message, unsigned char *param, int len) /* change to master state */ cryptman_state(CM_ST_KEYGEN); - if (message == CP_IDENT) - { + if (message == CP_IDENT) { /* send you-are-slave-message */ msg = CMSG_SLAVE; CM_ADDINF(CM_INFO_MESSAGE, 1, &msg); @@ -799,8 +773,7 @@ void EndpointAppPBX::cr_slave(int message, unsigned char *param, int len) /* change to slave state */ cryptman_state(CM_ST_KEYWAIT); - if (message == CP_IDENT) - { + if (message == CP_IDENT) { /* send you-are-slave-message */ msg = CMSG_MASTER; /* message */ @@ -823,8 +796,7 @@ void EndpointAppPBX::cr_looped(int message, unsigned char *param, int len) cryptman_state(CM_ST_NULL); /* deactivate listener */ cryptman_msg2crengine(CR_UNLISTEN_REQ, NULL, 0); - if (message == CP_IDENT) - { + if (message == CP_IDENT) { /* send looped */ msg = CMSG_LOOPED; /* message */ @@ -843,8 +815,7 @@ void EndpointAppPBX::cr_abort(int message, unsigned char *param, int len) /* if already encrypting */ if (e_crypt_state==CM_ST_WAIT_CRYPT || e_crypt_state==CM_ST_SWAIT - || e_crypt_state==CM_ST_ACTIVE) - { + || e_crypt_state==CM_ST_ACTIVE) { /* deactivate blowfish */ cryptman_msg2crengine(CC_DACT_REQ, NULL, 0); } @@ -945,8 +916,7 @@ void EndpointAppPBX::cr_pubkey(int message, unsigned char *param, int len) int l; l = CM_SIZEOFINF(CM_INFO_PUBKEY); - if (l<1 || l>(int)sizeof(e_crypt_rsa_n)) - { + if (l<1 || l>(int)sizeof(e_crypt_rsa_n)) { size_error: /* change to idle state */ cryptman_state(CM_ST_NULL); @@ -1013,8 +983,7 @@ void EndpointAppPBX::cr_cskey(int message, unsigned char *param, int len) /* disable timeout */ cryptman_timeout(0); l = CM_SIZEOFINF(CM_INFO_CSKEY); - if (l<1 || l>(int)sizeof(e_crypt_ckey)) - { + if (l<1 || l>(int)sizeof(e_crypt_ckey)) { /* change to idle state */ cryptman_state(CM_ST_NULL); /* deactivate listener */ @@ -1145,7 +1114,7 @@ CM_MSG_NAMES void EndpointAppPBX::cryptman_message(int message, unsigned char *param, int len) { - char *msgtext = "<>"; + const char *msgtext = "<>"; if (message>=0 && messageep_serial); - if (len == 0) - { + if (len == 0) { PDEBUG(DEBUG_CRYPT, "ignoring message with 0-length.\n"); return; } i = 0; p = param; - while(*p) - { - if (i == len) - { + while(*p) { + if (i == len) { PDEBUG(DEBUG_CRYPT, "end of message without 0-termination.\n"); return; } - if (i+3 > len) - { + if (i+3 > len) { PDEBUG(DEBUG_CRYPT, "message with element size, outside the frame length.\n"); return; } l = (p[1]<<8) + p[2]; // PDEBUG(DEBUG_CRYPT, " inf %d (len = %d)\n", *p, l); - if (i+3+l > len) - { + if (i+3+l > len) { PDEBUG(DEBUG_CRYPT, "message with element data, outside the frame length.\n"); return; } i += l + 3; p += l + 3; } - if (i+1 != len) - { + if (i+1 != len) { PDEBUG(DEBUG_CRYPT, "warning: received null-element before end of frame.\n"); } l = CM_SIZEOFINF(CM_INFO_MESSAGE); - if (l != 1) - { + if (l != 1) { PDEBUG(DEBUG_CRYPT, "received message without (valid) message element (len = %d)\n", len); return; } CM_GETINF(CM_INFO_MESSAGE, &msg); - switch (msg) - { + switch (msg) { case CMSG_IDENT: cryptman_message(CP_IDENT, param, len); break; @@ -1384,11 +1344,9 @@ void EndpointAppPBX::cryptman_addinf(unsigned char *buf, int buf_size, int eleme int l; /* skip what we already have in the buffer */ - while (buf[0]) - { + while (buf[0]) { l = (buf[1]<<8) + buf[2]; - if (l >= buf_size-3) - { + if (l >= buf_size-3) { PERROR("EPOINT(%d) buffer overflow while adding information to peer message.\n", ea_endpoint->ep_serial); return; } @@ -1396,8 +1354,7 @@ void EndpointAppPBX::cryptman_addinf(unsigned char *buf, int buf_size, int eleme buf += l + 3; } /* check if we have not enough space to add element including id, len, data, and the null-termination */ - if (len+4 > buf_size) - { + if (len+4 > buf_size) { PERROR("EPOINT(%d) cannot add element to message, because buffer would overflow.\n", ea_endpoint->ep_serial); return; } @@ -1415,8 +1372,7 @@ int EndpointAppPBX::cryptman_sizeofinf(unsigned char *buf, int element) int l; /* skip what we already have in the buffer */ - while (buf[0]) - { + while (buf[0]) { l = (buf[1]<<8) + buf[2]; if (buf[0] == element) return(l); @@ -1433,11 +1389,9 @@ unsigned char *EndpointAppPBX::cryptman_getinf(unsigned char *buf, int element, int l; /* skip what we already have in the buffer */ - while (buf[0]) - { + while (buf[0]) { l = (buf[1]<<8) + buf[2]; - if (buf[0] == element) - { + if (buf[0] == element) { memcpy(to, buf+3, l); return(to); } @@ -1457,14 +1411,12 @@ void EndpointAppPBX::cryptman_msg2peer(unsigned char *buf) int l; /* get len */ - while(p[0]) - { + while(p[0]) { l = (p[1]<<8) + p[2]; len += l + 3; p += l + 3; } - if (len+1 > (int)sizeof(message->param.crypt.data)) - { + if (len+1 > (int)sizeof(message->param.crypt.data)) { PERROR("EPOINT(%d) message larger than allowed in param->crypt.data.\n", ea_endpoint->ep_serial); return; } @@ -1475,12 +1427,10 @@ void EndpointAppPBX::cryptman_msg2peer(unsigned char *buf) memcpy(message->param.crypt.data, buf, len+1); message_put(message); - if (options.deb & DEBUG_CRYPT) - { + if (options.deb & DEBUG_CRYPT) { PDEBUG(DEBUG_CRYPT, "EPOINT(%d) sending message\n", ea_endpoint->ep_serial); p = buf; - while(p[0]) - { + while(p[0]) { l = (p[1]<<8) + p[2]; PDEBUG(DEBUG_CRYPT, " inf %d (len = %d)\n", p[0], l); len += l + 3; @@ -1495,8 +1445,7 @@ void EndpointAppPBX::cryptman_msg2crengine(int msg, unsigned char *buf, int len) { struct lcr_msg *message; - if (len > (int)sizeof(message->param.crypt.data)) - { + if (len > (int)sizeof(message->param.crypt.data)) { PERROR("EPOINT(%d) message larger than allowed in param->crypt.data.\n", ea_endpoint->ep_serial); return; } @@ -1508,9 +1457,8 @@ void EndpointAppPBX::cryptman_msg2crengine(int msg, unsigned char *buf, int len) memcpy(message->param.crypt.data, buf, len); message_put(message); - if (options.deb & DEBUG_CRYPT) - { - char *msgtext = "<>"; + if (options.deb & DEBUG_CRYPT) { + const char *msgtext = "<>"; if (msg>=0 && msgparam.crypt.data, e_crypt_info, sizeof(message->param.crypt.data)-1); message->param.crypt.len = strlen((char *)message->param.crypt.data)+1; } message_put(message); - if (options.deb & DEBUG_CRYPT) - { - char *msgtext = "<>"; + if (options.deb & DEBUG_CRYPT) { + const char *msgtext = "<>"; if (msg>=0 && msg> 8; lencheck[1] = p_m_crypt_listen_len & 0xff; - if (crc32(lencheck, 2) != p_m_crypt_listen_crc) - { + if (crc32(lencheck, 2) != p_m_crypt_listen_crc) { PDEBUG(DEBUG_CRYPT, "PmISDN(%s) received a block of %d bytes, but checksumme of length is incorrect (must %08x is %08x\n", p_name, p_m_crypt_listen_len, crc32(lencheck, 2), p_m_crypt_listen_crc); p_m_crypt_listen_state = 0; goto retry; } - if (p_m_crypt_listen_len > (int)sizeof(p_m_crypt_listen_msg)) - { + if (p_m_crypt_listen_len > (int)sizeof(p_m_crypt_listen_msg)) { PDEBUG(DEBUG_CRYPT, "PmISDN(%s) received a block of %d bytes, but too big for buffer (%d bytes)\n", p_name, p_m_crypt_listen_len, sizeof(p_m_crypt_listen_msg)); p_m_crypt_listen_state = 0; goto retry; } - if (!p_m_crypt_listen_len) - { + if (!p_m_crypt_listen_len) { PDEBUG(DEBUG_CRYPT, "PmISDN(%s) received a block of 0 bytes\n", p_name); p_m_crypt_listen_state = 0; goto retry; @@ -1722,42 +1657,36 @@ void PmISDN::cryptman_listen_bch(unsigned char *p, int l) return; } /* read message */ - while (p_m_crypt_listen_state>=14 && p_m_crypt_listen_state<(p_m_crypt_listen_len+14)) - { + while (p_m_crypt_listen_state>=14 && p_m_crypt_listen_state<(p_m_crypt_listen_len+14)) { p_m_crypt_listen_msg[p_m_crypt_listen_state-14] = *p++; p_m_crypt_listen_state++; if (!(--l)) return; } /* crc */ - if (p_m_crypt_listen_state == 14+p_m_crypt_listen_len) - { + if (p_m_crypt_listen_state == 14+p_m_crypt_listen_len) { p_m_crypt_listen_crc = (*p++) << 24; p_m_crypt_listen_state++; if (!(--l)) return; } - if (p_m_crypt_listen_state == 15+p_m_crypt_listen_len) - { + if (p_m_crypt_listen_state == 15+p_m_crypt_listen_len) { p_m_crypt_listen_crc += (*p++) << 16; p_m_crypt_listen_state++; if (!(--l)) return; } - if (p_m_crypt_listen_state == 16+p_m_crypt_listen_len) - { + if (p_m_crypt_listen_state == 16+p_m_crypt_listen_len) { p_m_crypt_listen_crc += (*p++) << 8; p_m_crypt_listen_state++; if (!(--l)) return; } - if (p_m_crypt_listen_state == 17+p_m_crypt_listen_len) - { + if (p_m_crypt_listen_state == 17+p_m_crypt_listen_len) { l--; p_m_crypt_listen_crc += *p++; /* check for CRC */ - if (crc32(p_m_crypt_listen_msg, p_m_crypt_listen_len) != p_m_crypt_listen_crc) - { + if (crc32(p_m_crypt_listen_msg, p_m_crypt_listen_len) != p_m_crypt_listen_crc) { PDEBUG(DEBUG_CRYPT, "PmISDN(%s) received a block of %d bytes, but checksumme of data block is incorrect\n", p_name, p_m_crypt_listen_len); p_m_crypt_listen_state = 0; if (!l) @@ -1767,8 +1696,7 @@ void PmISDN::cryptman_listen_bch(unsigned char *p, int l) /* now send message */ p_m_crypt_listen_state = 0; PDEBUG(DEBUG_CRYPT, "PmISDN(%s) received a block of %d bytes sending to crypt manager\n", p_name, p_m_crypt_listen_len); - if ((int)sizeof(message->param.crypt.data) < p_m_crypt_listen_len+1) /* null-terminated */ - { + if ((int)sizeof(message->param.crypt.data) < p_m_crypt_listen_len+1) /* null-terminated */ { PDEBUG(DEBUG_CRYPT, "PmISDN(%s) received a block of %d bytes that is too large for message buffer\n", p_name, p_m_crypt_listen_len); if (!l) return; @@ -1792,16 +1720,15 @@ void PmISDN::cryptman_listen_bch(unsigned char *p, int l) void EndpointAppPBX::encrypt_shared(void) { struct lcr_msg *message; - char *errstr = ""; + const char *errstr = ""; class Port *port; - int type, key_len; + int key_len; unsigned char *key; char *auth_pointer, *crypt_pointer, *key_pointer; int ret; /* redisplay current crypt display */ - if (e_crypt != CRYPT_OFF) - { + if (e_crypt != CRYPT_OFF) { PDEBUG(DEBUG_EPOINT, "EPOINT(%d) encryption in progress, so we request the current message.\n", ea_endpoint->ep_serial); message = message_create(ea_endpoint->ep_serial, ea_endpoint->ep_join_id, EPOINT_TO_JOIN, MESSAGE_CRYPT); message->param.crypt.type = CU_INFO_REQ; @@ -1809,8 +1736,7 @@ void EndpointAppPBX::encrypt_shared(void) return; } - if (check_external(&errstr, &port)) - { + if (check_external(&errstr, &port)) { reject: message = message_create(ea_endpoint->ep_serial, ea_endpoint->ep_portlist->port_id, EPOINT_TO_PORT, MESSAGE_NOTIFY); SCPY(message->param.notifyinfo.display, errstr); @@ -1823,58 +1749,48 @@ void EndpointAppPBX::encrypt_shared(void) /* check the key for the call */ if (port->p_type==PORT_TYPE_DSS1_TE_OUT || port->p_type==PORT_TYPE_DSS1_NT_OUT) ret = parse_secrets((char *)e_ext.number, (char *)port->p_dialinginfo.id, &auth_pointer, &crypt_pointer, &key_pointer); - else - { - if (!port->p_callerinfo.id[0]) - { + else { + if (!port->p_callerinfo.id[0]) { PDEBUG(DEBUG_EPOINT, "EPOINT(%d) incoming remote call has no caller ID.\n", ea_endpoint->ep_serial); errstr = "No Remote ID"; goto reject; } - ret = parse_secrets((char *)e_ext.number, (char *)numberrize_callerinfo(port->p_callerinfo.id, port->p_callerinfo.ntype), &auth_pointer, &crypt_pointer, &key_pointer); + ret = parse_secrets((char *)e_ext.number, (char *)numberrize_callerinfo(port->p_callerinfo.id, port->p_callerinfo.ntype, options.national, options.international), &auth_pointer, &crypt_pointer, &key_pointer); } - if (!ret) - { + if (!ret) { PDEBUG(DEBUG_EPOINT, "EPOINT(%d) Key was not found.\n", ea_endpoint->ep_serial); errstr = "No Key"; goto reject; } key = crypt_key((unsigned char *)key_pointer, &key_len); - if (!key) - { + if (!key) { PDEBUG(DEBUG_EPOINT, "EPOINT(%d) Key invalid.\n", ea_endpoint->ep_serial); errstr = "Invalid Key"; goto reject; } - if (key_len > 128) - { + if (key_len > 128) { PDEBUG(DEBUG_EPOINT, "EPOINT(%d) Key too long.\n", ea_endpoint->ep_serial); errstr = "Key Too Long"; goto reject; } - if (!!strcasecmp(auth_pointer, "manual")) - { + if (!!strcasecmp(auth_pointer, "manual")) { PDEBUG(DEBUG_EPOINT, "EPOINT(%d) Wrong authentication method.\n", ea_endpoint->ep_serial); errstr = "Wrong Auth Type"; goto reject; } - if (!strcasecmp(crypt_pointer, "blowfish")) - { - type = CC_ACTBF_REQ; - if (key_len < 4) - { + if (!strcasecmp(crypt_pointer, "blowfish")) { +// type = CC_ACTBF_REQ; + if (key_len < 4) { PDEBUG(DEBUG_EPOINT, "EPOINT(%d) Key too short.\n", ea_endpoint->ep_serial); errstr = "Key Too Short"; goto reject; } - if (key_len > 56) - { + if (key_len > 56) { PDEBUG(DEBUG_EPOINT, "EPOINT(%d) Key too long.\n", ea_endpoint->ep_serial); errstr = "Key Too Long"; goto reject; } - } else - { + } else { PDEBUG(DEBUG_EPOINT, "EPOINT(%d) Wrong crypt method.\n", ea_endpoint->ep_serial); errstr = "Wrong Crypt Type"; goto reject; @@ -1898,12 +1814,11 @@ void EndpointAppPBX::encrypt_shared(void) void EndpointAppPBX::encrypt_keyex(void) { struct lcr_msg *message; - char *errstr = ""; + const char *errstr = ""; class Port *port; /* redisplay current crypt display */ - if (e_crypt != CRYPT_OFF) - { + if (e_crypt != CRYPT_OFF) { PDEBUG(DEBUG_EPOINT, "EPOINT(%d) encryption in progress, so we request the current message.\n", ea_endpoint->ep_serial); message = message_create(ea_endpoint->ep_serial, ea_endpoint->ep_join_id, EPOINT_TO_JOIN, MESSAGE_CRYPT); message->param.crypt.type = CU_INFO_REQ; @@ -1912,8 +1827,7 @@ void EndpointAppPBX::encrypt_keyex(void) } - if (check_external(&errstr, &port)) - { + if (check_external(&errstr, &port)) { message = message_create(ea_endpoint->ep_serial, ea_endpoint->ep_portlist->port_id, EPOINT_TO_PORT, MESSAGE_NOTIFY); SCPY(message->param.notifyinfo.display, errstr); message_put(message); @@ -1950,15 +1864,13 @@ void EndpointAppPBX::encrypt_off(void) { struct lcr_msg *message; - if (e_crypt!=CRYPT_ON && e_crypt!=CRYPT_OFF) - { + if (e_crypt!=CRYPT_ON && e_crypt!=CRYPT_OFF) { message = message_create(ea_endpoint->ep_serial, ea_endpoint->ep_portlist->port_id, EPOINT_TO_PORT, MESSAGE_NOTIFY); SCPY(message->param.notifyinfo.display, "Please Wait"); message_put(message); return; } - if (e_crypt == CRYPT_OFF) - { + if (e_crypt == CRYPT_OFF) { message = message_create(ea_endpoint->ep_serial, ea_endpoint->ep_portlist->port_id, EPOINT_TO_PORT, MESSAGE_NOTIFY); SCPY(message->param.notifyinfo.display, "No Encryption"); message_put(message); @@ -1987,8 +1899,7 @@ void EndpointAppPBX::encrypt_result(int msg, char *text) { struct lcr_msg *message; - switch(msg) - { + switch(msg) { case CU_ACTK_CONF: case CU_ACTS_CONF: PDEBUG(DEBUG_EPOINT, "EPOINT(%d) encryption now active.\n", ea_endpoint->ep_serial); @@ -1996,8 +1907,7 @@ void EndpointAppPBX::encrypt_result(int msg, char *text) e_tone[0] = '\0'; e_crypt = CRYPT_ON; display: - if (text) if (text[0]) - { + if (text) if (text[0]) { SCPY(e_crypt_info, text); message = message_create(ea_endpoint->ep_serial, ea_endpoint->ep_portlist->port_id, EPOINT_TO_PORT, MESSAGE_NOTIFY); SCPY(message->param.notifyinfo.display, e_crypt_info);