X-Git-Url: https://www.tinc-vpn.org/git/browse?p=tinc;a=blobdiff_plain;f=src%2Ftincd.c;h=98a9a64faa39c624a6dec32e9ca4a06d711a9437;hp=205d0990b2ab53b5027de95eeba7616dee71e1bb;hb=0965a24388b328ea7b5ea287f8629d4cb5ac9a90;hpb=4a5c12ec97fa1e82aae2d327fdc648e5203eb478 diff --git a/src/tincd.c b/src/tincd.c index 205d0990..98a9a64f 100644 --- a/src/tincd.c +++ b/src/tincd.c @@ -1,7 +1,7 @@ /* tincd.c -- the main file for tincd Copyright (C) 1998-2005 Ivo Timmermans - 2000-2016 Guus Sliepen + 2000-2017 Guus Sliepen 2008 Max Rijevski 2009 Michael Tokarev 2010 Julien Muchembled @@ -336,7 +336,7 @@ static bool parse_options(int argc, char **argv) { /* This function prettyprints the key generation process */ -static void indicator(int a, int b, void *p) { +static int indicator(int a, int b, BN_GENCB *cb) { switch (a) { case 0: fprintf(stderr, "."); @@ -368,32 +368,63 @@ static void indicator(int a, int b, void *p) { default: fprintf(stderr, "?"); } + + return 1; +} + +#ifndef HAVE_BN_GENCB_NEW +BN_GENCB *BN_GENCB_new(void) { + return xmalloc_and_zero(sizeof(BN_GENCB)); } +void BN_GENCB_free(BN_GENCB *cb) { + free(cb); +} +#endif + /* Generate a public/private RSA keypair, and ask for a file to store them in. */ static bool keygen(int bits) { + BIGNUM *e = NULL; RSA *rsa_key; FILE *f; - char *pubname, *privname; + char filename[PATH_MAX]; + BN_GENCB *cb; + int result; fprintf(stderr, "Generating %d bits keys:\n", bits); - rsa_key = RSA_generate_key(bits, 0x10001, indicator, NULL); - if(!rsa_key) { + cb = BN_GENCB_new(); + if(!cb) + abort(); + BN_GENCB_set(cb, indicator, NULL); + + rsa_key = RSA_new(); + BN_hex2bn(&e, "10001"); + if(!rsa_key || !e) + abort(); + + result = RSA_generate_key_ex(rsa_key, bits, e, cb); + + BN_free(e); + BN_GENCB_free(cb); + + if(!result) { fprintf(stderr, "Error during key generation!\n"); + RSA_free(rsa_key); return false; } else fprintf(stderr, "Done.\n"); - xasprintf(&privname, "%s/rsa_key.priv", confbase); - f = ask_and_open(privname, "private RSA key"); - free(privname); + snprintf(filename, sizeof filename, "%s/rsa_key.priv", confbase); + f = ask_and_open(filename, "private RSA key"); - if(!f) + if(!f) { + RSA_free(rsa_key); return false; + } #ifdef HAVE_FCHMOD /* Make it unreadable for others. */ @@ -407,22 +438,25 @@ static bool keygen(int bits) { char *name = get_name(); if(name) { - xasprintf(&pubname, "%s/hosts/%s", confbase, name); + snprintf(filename, sizeof filename, "%s/hosts/%s", confbase, name); free(name); } else { - xasprintf(&pubname, "%s/rsa_key.pub", confbase); + snprintf(filename, sizeof filename, "%s/rsa_key.pub", confbase); } - f = ask_and_open(pubname, "public RSA key"); - free(pubname); + f = ask_and_open(filename, "public RSA key"); - if(!f) + if(!f) { + RSA_free(rsa_key); return false; + } fputc('\n', f); PEM_write_RSAPublicKey(f, rsa_key); fclose(f); + RSA_free(rsa_key); + return true; } @@ -553,9 +587,8 @@ int main(int argc, char **argv) { make_names(); if(show_version) { - printf("%s version %s (built %s %s, protocol %d)\n", PACKAGE, - VERSION, __DATE__, __TIME__, PROT_CURRENT); - printf("Copyright (C) 1998-2016 Ivo Timmermans, Guus Sliepen and others.\n" + printf("%s version %s\n", PACKAGE, VERSION); + printf("Copyright (C) 1998-2017 Ivo Timmermans, Guus Sliepen and others.\n" "See the AUTHORS file for a complete list.\n\n" "tinc comes with ABSOLUTELY NO WARRANTY. This is free software,\n" "and you are welcome to redistribute it under certain conditions;\n" @@ -703,11 +736,15 @@ end: EVP_cleanup(); ENGINE_cleanup(); CRYPTO_cleanup_all_ex_data(); +#ifdef HAVE_ERR_REMOVE_STATE + // OpenSSL claims this function was deprecated in 1.0.0, + // but valgrind's leak detector shows you still need to call it to make sure OpenSSL cleans up properly. ERR_remove_state(0); +#endif ERR_free_strings(); exit_configuration(&config_tree); - list_free(cmdline_conf); + list_delete_list(cmdline_conf); free_names(); return status;