X-Git-Url: https://www.tinc-vpn.org/git/browse?p=tinc;a=blobdiff_plain;f=src%2Ftincd.c;h=84ce0d45e4c41d9eafad5a2402c5c5406f3fd360;hp=db18dc576cce9e4f7a68c8f3fded6eb466ce96bd;hb=b63280f52f997466f0a8bb70f89a3b705b2eb015;hpb=c40c99592b9512049e85323c59432a380239151f diff --git a/src/tincd.c b/src/tincd.c index db18dc57..84ce0d45 100644 --- a/src/tincd.c +++ b/src/tincd.c @@ -1,7 +1,7 @@ /* tincd.c -- the main file for tincd Copyright (C) 1998-2005 Ivo Timmermans - 2000-2015 Guus Sliepen + 2000-2017 Guus Sliepen 2008 Max Rijevski 2009 Michael Tokarev 2010 Julien Muchembled @@ -336,7 +336,7 @@ static bool parse_options(int argc, char **argv) { /* This function prettyprints the key generation process */ -static void indicator(int a, int b, void *p) { +static int indicator(int a, int b, BN_GENCB *cb) { switch (a) { case 0: fprintf(stderr, "."); @@ -368,29 +368,57 @@ static void indicator(int a, int b, void *p) { default: fprintf(stderr, "?"); } + + return 1; +} + +#ifndef HAVE_BN_GENCB_NEW +BN_GENCB *BN_GENCB_new(void) { + return xmalloc_and_zero(sizeof(BN_GENCB)); } +void BN_GENCB_free(BN_GENCB *cb) { + free(cb); +} +#endif + /* Generate a public/private RSA keypair, and ask for a file to store them in. */ static bool keygen(int bits) { + BIGNUM *e = NULL; RSA *rsa_key; FILE *f; - char *pubname, *privname; + char filename[PATH_MAX]; + BN_GENCB *cb; + int result; fprintf(stderr, "Generating %d bits keys:\n", bits); - rsa_key = RSA_generate_key(bits, 0x10001, indicator, NULL); - if(!rsa_key) { + cb = BN_GENCB_new(); + if(!cb) + abort(); + BN_GENCB_set(cb, indicator, NULL); + + rsa_key = RSA_new(); + BN_hex2bn(&e, "10001"); + if(!rsa_key || !e) + abort(); + + result = RSA_generate_key_ex(rsa_key, bits, e, cb); + + BN_free(e); + BN_GENCB_free(cb); + + if(!result) { fprintf(stderr, "Error during key generation!\n"); return false; } else fprintf(stderr, "Done.\n"); - xasprintf(&privname, "%s/rsa_key.priv", confbase); - f = ask_and_open(privname, "private RSA key"); - free(privname); + snprintf(filename, sizeof filename, "%s/rsa_key.priv", confbase); + f = ask_and_open(filename, "private RSA key"); if(!f) return false; @@ -407,14 +435,13 @@ static bool keygen(int bits) { char *name = get_name(); if(name) { - xasprintf(&pubname, "%s/hosts/%s", confbase, name); + snprintf(filename, sizeof filename, "%s/hosts/%s", confbase, name); free(name); } else { - xasprintf(&pubname, "%s/rsa_key.pub", confbase); + snprintf(filename, sizeof filename, "%s/rsa_key.pub", confbase); } - f = ask_and_open(pubname, "public RSA key"); - free(pubname); + f = ask_and_open(filename, "public RSA key"); if(!f) return false; @@ -553,9 +580,8 @@ int main(int argc, char **argv) { make_names(); if(show_version) { - printf("%s version %s (built %s %s, protocol %d)\n", PACKAGE, - VERSION, __DATE__, __TIME__, PROT_CURRENT); - printf("Copyright (C) 1998-2015 Ivo Timmermans, Guus Sliepen and others.\n" + printf("%s version %s\n", PACKAGE, VERSION); + printf("Copyright (C) 1998-2017 Ivo Timmermans, Guus Sliepen and others.\n" "See the AUTHORS file for a complete list.\n\n" "tinc comes with ABSOLUTELY NO WARRANTY. This is free software,\n" "and you are welcome to redistribute it under certain conditions;\n" @@ -703,7 +729,11 @@ end: EVP_cleanup(); ENGINE_cleanup(); CRYPTO_cleanup_all_ex_data(); +#ifdef HAVE_ERR_REMOVE_STATE + // OpenSSL claims this function was deprecated in 1.0.0, + // but valgrind's leak detector shows you still need to call it to make sure OpenSSL cleans up properly. ERR_remove_state(0); +#endif ERR_free_strings(); exit_configuration(&config_tree);