--- tunip.c.orig 1999-09-21 22:20:40 UTC +++ tunip.c @@ -35,6 +35,8 @@ #include #include #include +#include +#include #include #include #include @@ -58,8 +60,8 @@ #include "defs.h" -#define _PATH_CONF "/etc/ipsec/pipsecd.conf" -#define _PATH_STARTUP "/etc/ipsec/startup" +#define _PATH_CONF FILE_PREFIX "/etc/ipsec/pipsecd.conf" +#define _PATH_STARTUP FILE_PREFIX "/etc/ipsec/startup" #define _PATH_DEV_RANDOM "/dev/random" #ifdef USE_ETHERTAP @@ -100,6 +102,7 @@ struct ethtap_header ethtap; #endif unsigned char buf[MAX_HEADER+MAX_PACKET]; +char *cmd; typedef union { MD5_CTX md5; @@ -124,11 +127,11 @@ typedef struct hash_method { typedef union { BF_KEY bf; - des_key_schedule des; + DES_key_schedule des; struct { - des_key_schedule k1; - des_key_schedule k2; - des_key_schedule k3; + DES_key_schedule k1; + DES_key_schedule k2; + DES_key_schedule k3; } des3; CAST_KEY cast; IDEA_KEY_SCHEDULE idea; @@ -704,13 +707,22 @@ void tun_new(struct tun_method *this, */ int tun_send_ip(struct tun_method *this, struct encap_method *encap, int fd) { - int sent; + int sent, i; if (this->link_header_size) { encap->buflen += this->link_header_size; encap->buf -= this->link_header_size; memcpy(encap->buf, this->link_header, this->link_header_size); } +#if 0 + printf ("Packet sent to tun dev:"); + for (i = 0; i < encap->buflen; i++) { + if (!(i % 16)) + printf ("\n "); + printf (" %02x", encap->buf[i]); + } + printf ("\n\n"); +#endif sent = write(fd, encap->buf, encap->buflen); if (sent != encap->buflen) syslog(LOG_ERR, "truncated in: %d -> %d\n", encap->buflen, sent); @@ -1120,6 +1132,7 @@ void config_read(FILE *cf) } } else if (strcmp(arg, "if") == 0) { int fd; + int i = 0; struct sa_desc *local_sa, *remote_sa; struct peer_desc *peer; @@ -1128,6 +1141,7 @@ void config_read(FILE *cf) perror(arg); continue; } + ioctl (fd, TUNSIFHEAD, &i); local_sa = NULL; remote_sa = NULL; @@ -2006,7 +2020,7 @@ int my_idea_set_decrypt_key(unsigned cha void my_des_cbc_encrypt(unsigned char *iv, crypt_key *ek, unsigned char *t, unsigned int len) { - des_cbc_encrypt(t, t, len, ek->des, iv, DES_ENCRYPT); + DES_cbc_encrypt(t, t, len, &ek->des, iv, DES_ENCRYPT); } void my_des_cbc_decrypt(unsigned char *iv, crypt_key *dk, @@ -2018,7 +2032,7 @@ void my_des_cbc_decrypt(unsigned char *i for (i = 0; i < len; i++) printf(" %02x", ct[i]); printf("\n"); #endif - des_cbc_encrypt(ct, ct, len, dk->des, iv, DES_DECRYPT); + DES_cbc_encrypt(ct, ct, len, &dk->des, iv, DES_DECRYPT); #if 0 printf("%d bytes after decrypt\n", len); for (i = 0; i < len; i++) printf(" %02x", ct[i]); @@ -2029,23 +2043,23 @@ void my_des_cbc_decrypt(unsigned char *i int my_des_setkey(unsigned char *b, unsigned int len, crypt_key *k) { if (len == 8) - return des_set_key(b, k->des); + return DES_set_key(b, &k->des); return -1; } void my_des3_cbc_encrypt(unsigned char *iv, crypt_key *ek, unsigned char *t, unsigned int len) { - des_ede3_cbc_encrypt(t, t, len, - ek->des3.k1, ek->des3.k2, ek->des3.k3, + DES_ede3_cbc_encrypt(t, t, len, + &ek->des3.k1, &ek->des3.k2, &ek->des3.k3, iv, DES_ENCRYPT); } void my_des3_cbc_decrypt(unsigned char *iv, crypt_key *dk, unsigned char *ct, unsigned int len) { - des_ede3_cbc_encrypt(ct, ct, len, - dk->des3.k1, dk->des3.k2, dk->des3.k3, + DES_ede3_cbc_encrypt(ct, ct, len, + &dk->des3.k1, &dk->des3.k2, &dk->des3.k3, iv, DES_DECRYPT); } @@ -2054,11 +2068,11 @@ int my_des3_setkey(unsigned char *b, uns if (len != 24) return -1; - if (des_set_key(b, k->des3.k1) != 0) + if (DES_set_key(b, &k->des3.k1) != 0) return -1; - if (des_set_key(b+8, k->des3.k2) != 0) + if (DES_set_key(b+8, &k->des3.k2) != 0) return -1; - if (des_set_key(b+16, k->des3.k3) != 0) + if (DES_set_key(b+16, &k->des3.k3) != 0) return -1; return 0; @@ -2081,6 +2095,11 @@ int null_setkey(unsigned char *b, unsign return 0; } +void usage() +{ + fprintf(stderr, "%s: usage: [ -c CONFIG ] [ -s SCRIPT ]\n", cmd); + exit(1); +} int main(int argc, char **argv) { time_t t; @@ -2088,9 +2107,14 @@ int main(int argc, char **argv) int pack, i; struct sockaddr_in from; struct stat sb; + int ch; + char *path_conf = _PATH_CONF; + char *path_startup = _PATH_STARTUP; FILE *f; + cmd=argv[0]; + openlog ("pipsecd", LOG_PID, LOG_DAEMON); syslog (LOG_NOTICE, "pipsecd starting"); @@ -2113,7 +2137,21 @@ int main(int argc, char **argv) if (encap_icmp_new(&encap_meth[ENCAP_ICMP], IPPROTO_ICMP) == -1) exit(1); - f = fopen(_PATH_CONF, "r"); + while ((ch = getopt(argc, argv, "c:s:")) != -1) { + switch (ch) { + case 'c': + path_conf = optarg; + break; + case 's': + path_startup = optarg; + break; + case '?': + default: + usage(); + } + } + + f = fopen(path_conf, "r"); if (f == NULL) { perror("configuration file"); exit(1); @@ -2123,8 +2161,8 @@ int main(int argc, char **argv) fclose(f); /* Execute startup script, if any */ - if (stat(_PATH_STARTUP, &sb) == 0 && (sb.st_mode & 0400)) - system(_PATH_STARTUP); + if (stat(path_startup, &sb) == 0 && (sb.st_mode & 0400)) + system(path_startup); /* Send a probe to every peer on startup */ for (i = 0; i < peer_num; i++)