diff options
author | Andreas Steffen <andreas.steffen@strongswan.org> | 2009-04-30 18:31:48 +0000 |
---|---|---|
committer | Andreas Steffen <andreas.steffen@strongswan.org> | 2009-04-30 18:31:48 +0000 |
commit | bc2e33ca964b8e3dfcc70e4edd0b111187fb12fa (patch) | |
tree | 42d7a611fb8072efff1e1ebda222059e0bd309b8 /src/pluto/ipsec_doi.c | |
parent | 8af25c56af21a1756f9d6a323c8c5338fb802856 (diff) | |
download | strongswan-bc2e33ca964b8e3dfcc70e4edd0b111187fb12fa.tar.bz2 strongswan-bc2e33ca964b8e3dfcc70e4edd0b111187fb12fa.tar.xz |
pluto and scepclient use the random plugin from libstrongswan
Diffstat (limited to 'src/pluto/ipsec_doi.c')
-rw-r--r-- | src/pluto/ipsec_doi.c | 305 |
1 files changed, 124 insertions, 181 deletions
diff --git a/src/pluto/ipsec_doi.c b/src/pluto/ipsec_doi.c index e0ca9541b..a9a06cb4f 100644 --- a/src/pluto/ipsec_doi.c +++ b/src/pluto/ipsec_doi.c @@ -28,7 +28,10 @@ #include <freeswan.h> #include <ipsec_policy.h> + +#include <library.h> #include <asn1/asn1.h> +#include <crypto/rngs/rng.h> #include "constants.h" #include "defs.h" @@ -52,7 +55,6 @@ #include "server.h" #include "spdb.h" #include "timer.h" -#include "rnd.h" #include "ipsec_doi.h" /* needs demux.h and state.h */ #include "whack.h" #include "fetch.h" @@ -120,9 +122,8 @@ echo_hdr(struct msg_digest *md, bool enc, u_int8_t np) * We make the leap that the length should be that of the group * (see quoted passage at start of ACCEPT_KE). */ -static void -compute_dh_shared(struct state *st, const chunk_t g -, const struct oakley_group_desc *group) +static void compute_dh_shared(struct state *st, const chunk_t g, + const struct oakley_group_desc *group) { MP_INT mp_g, mp_shared; struct timeval tv0, tv1; @@ -158,16 +159,19 @@ compute_dh_shared(struct state *st, const chunk_t g /* if we haven't already done so, compute a local DH secret (st->st_sec) and * the corresponding public value (g). This is emitted as a KE payload. */ -static bool -build_and_ship_KE(struct state *st, chunk_t *g -, const struct oakley_group_desc *group, pb_stream *outs, u_int8_t np) +static bool build_and_ship_KE(struct state *st, chunk_t *g, + const struct oakley_group_desc *group, + pb_stream *outs, u_int8_t np) { if (!st->st_sec_in_use) { u_char tmp[LOCALSECRETSIZE]; MP_INT mp_g; - - get_rnd_bytes(tmp, LOCALSECRETSIZE); + rng_t *rng; + + rng = lib->crypto->create_rng(lib->crypto, RNG_STRONG); + rng->get_bytes(rng, LOCALSECRETSIZE, tmp); + rng->destroy(rng); st->st_sec_in_use = TRUE; n_to_mpz(&st->st_sec, tmp, LOCALSECRETSIZE); @@ -192,10 +196,9 @@ build_and_ship_KE(struct state *st, chunk_t *g * Diffie-Hellman group enforced, if necessary, by pre-pending the * value with zeros. */ -static notification_t -accept_KE(chunk_t *dest, const char *val_name -, const struct oakley_group_desc *gr -, pb_stream *pbs) +static notification_t accept_KE(chunk_t *dest, const char *val_name, + const struct oakley_group_desc *gr, + pb_stream *pbs) { if (pbs_left(pbs) != gr->bytes) { @@ -216,9 +219,8 @@ accept_KE(chunk_t *dest, const char *val_name * Check and accept optional Quick Mode KE payload for PFS. * Extends ACCEPT_PFS to check whether KE is allowed or required. */ -static notification_t -accept_PFS_KE(struct msg_digest *md, chunk_t *dest -, const char *val_name, const char *msg_name) +static notification_t accept_PFS_KE(struct msg_digest *md, chunk_t *dest, + const char *val_name, const char *msg_name) { struct state *st = md->st; struct payload_digest *const ke_pd = md->chain[ISAKMP_NEXT_KE]; @@ -249,18 +251,20 @@ accept_PFS_KE(struct msg_digest *md, chunk_t *dest return NOTHING_WRONG; } -static bool -build_and_ship_nonce(chunk_t *n, pb_stream *outs, u_int8_t np -, const char *name) +static bool build_and_ship_nonce(chunk_t *n, pb_stream *outs, u_int8_t np, + const char *name) { + rng_t *rng; + free(n->ptr); *n = chunk_create(malloc(DEFAULT_NONCE_SIZE), DEFAULT_NONCE_SIZE); - get_rnd_bytes(n->ptr, DEFAULT_NONCE_SIZE); + rng = lib->crypto->create_rng(lib->crypto, RNG_WEAK); + rng->get_bytes(rng, DEFAULT_NONCE_SIZE, n->ptr); + rng->destroy(rng); return out_generic_chunk(np, &isakmp_nonce_desc, outs, *n, name); } -static bool -collect_rw_ca_candidates(struct msg_digest *md, generalName_t **top) +static bool collect_rw_ca_candidates(struct msg_digest *md, generalName_t **top) { struct connection *d = find_host_connection(&md->iface->addr , pluto_port, (ip_address*)NULL, md->sender_port, LEMPTY); @@ -295,8 +299,8 @@ collect_rw_ca_candidates(struct msg_digest *md, generalName_t **top) return *top != NULL; } -static bool -build_and_ship_CR(u_int8_t type, chunk_t ca, pb_stream *outs, u_int8_t np) +static bool build_and_ship_CR(u_int8_t type, chunk_t ca, pb_stream *outs, + u_int8_t np) { pb_stream cr_pbs; struct isakmp_cr cr_hd; @@ -321,10 +325,10 @@ build_and_ship_CR(u_int8_t type, chunk_t ca, pb_stream *outs, u_int8_t np) * whether to send the notification, based on the type and the * destination, if we care to. */ -static void -send_notification(struct state *sndst, u_int16_t type, struct state *encst, - msgid_t msgid, u_char *icookie, u_char *rcookie, - u_char *spi, size_t spisize, u_char protoid) +static void send_notification(struct state *sndst, u_int16_t type, + struct state *encst, msgid_t msgid, + u_char *icookie, u_char *rcookie, + u_char *spi, size_t spisize, u_char protoid) { u_char buffer[1024]; pb_stream pbs, r_hdr_pbs; @@ -451,9 +455,8 @@ send_notification(struct state *sndst, u_int16_t type, struct state *encst, } } -void -send_notification_from_state(struct state *st, enum state_kind state, - u_int16_t type) +void send_notification_from_state(struct state *st, enum state_kind state, + u_int16_t type) { struct state *p1st; @@ -487,8 +490,7 @@ send_notification_from_state(struct state *st, enum state_kind state, } } -void -send_notification_from_md(struct msg_digest *md, u_int16_t type) +void send_notification_from_md(struct msg_digest *md, u_int16_t type) { /** * Create a dummy state to be able to use send_packet in @@ -519,8 +521,7 @@ send_notification_from_md(struct msg_digest *md, u_int16_t type) * inbound IPSEC SAs. Does nothing if no such SAs are being deleted. * Delete Notifications cannot announce deletion of outbound IPSEC/ISAKMP SAs. */ -void -send_delete(struct state *st) +void send_delete(struct state *st) { pb_stream reply_pbs; pb_stream r_hdr_pbs; @@ -686,8 +687,8 @@ send_delete(struct state *st) } } -void -accept_delete(struct state *st, struct msg_digest *md, struct payload_digest *p) +void accept_delete(struct state *st, struct msg_digest *md, + struct payload_digest *p) { struct isakmp_delete *d = &(p->payload.delete); size_t sizespi; @@ -869,8 +870,7 @@ accept_delete(struct state *st, struct msg_digest *md, struct payload_digest *p) * rfc2408 3.6 Transform Payload. * Note: it talks about 4 BYTE boundaries! */ -void -close_message(pb_stream *pbs) +void close_message(pb_stream *pbs) { size_t padding = pad_up(pbs_offset(pbs), 4); @@ -1062,12 +1062,8 @@ main_outI1(int whack_sock, struct connection *c, struct state *predecessor return STF_OK; } -void -ipsecdoi_initiate(int whack_sock -, struct connection *c -, lset_t policy -, unsigned long try -, so_serial_t replacing) +void ipsecdoi_initiate(int whack_sock, struct connection *c, lset_t policy, + unsigned long try, so_serial_t replacing) { /* If there's already an ISAKMP SA established, use that and * go directly to Quick Mode. We are even willing to use one @@ -1114,8 +1110,7 @@ ipsecdoi_initiate(int whack_sock * - duplicate whack fd, if live. * Does not delete the old state -- someone else will do that. */ -void -ipsecdoi_replace(struct state *st, unsigned long try) +void ipsecdoi_replace(struct state *st, unsigned long try) { int whack_sock = dup_any(st->st_whack_sock); lset_t policy = st->st_policy; @@ -1160,8 +1155,7 @@ ipsecdoi_replace(struct state *st, unsigned long try) /* SKEYID for preshared keys. * See draft-ietf-ipsec-ike-01.txt 4.1 */ -static bool -skeyid_preshared(struct state *st) +static bool skeyid_preshared(struct state *st) { const chunk_t *pss = get_preshared_secret(st->st_connection); @@ -1206,8 +1200,7 @@ skeyid_digisig(struct state *st) /* Generate the SKEYID_* and new IV * See draft-ietf-ipsec-ike-01.txt 4.1 */ -static bool -generate_skeyids_iv(struct state *st) +static bool generate_skeyids_iv(struct state *st) { /* Generate the SKEYID */ switch (st->st_oakley.auth) @@ -1347,12 +1340,10 @@ generate_skeyids_iv(struct state *st) */ typedef void (*hash_update_t)(union hash_ctx *, const u_char *, size_t) ; -static void -main_mode_hash_body(struct state *st -, bool hashi /* Initiator? */ -, const pb_stream *idpl /* ID payload, as PBS */ -, union hash_ctx *ctx -, void (*hash_update_void)(void *, const u_char *input, size_t)) + +static void main_mode_hash_body(struct state *st, bool hashi, + const pb_stream *idpl, union hash_ctx *ctx, + void (*hash_update_void)(void *, const u_char *input, size_t)) { #define HASH_UPDATE_T (union hash_ctx *, const u_char *input, unsigned int len) hash_update_t hash_update=(hash_update_t) hash_update_void; @@ -1401,10 +1392,8 @@ main_mode_hash_body(struct state *st } static size_t /* length of hash */ -main_mode_hash(struct state *st -, u_char *hash_val /* resulting bytes */ -, bool hashi /* Initiator? */ -, const pb_stream *idpl) /* ID payload, as PBS; cur must be at end */ +main_mode_hash(struct state *st, u_char *hash_val, bool hashi, + const pb_stream *idpl) { struct hmac_ctx ctx; @@ -1438,10 +1427,8 @@ main_mode_sha1(struct state *st * Use PKCS#1 version 1.5 encryption of hash (called * RSAES-PKCS1-V1_5) in PKCS#2. */ -static size_t -RSA_sign_hash(struct connection *c -, u_char sig_val[RSA_MAX_OCTETS] -, const u_char *hash_val, size_t hash_len) +static size_t RSA_sign_hash(struct connection *c, u_char sig_val[RSA_MAX_OCTETS], + const u_char *hash_val, size_t hash_len) { size_t sz = 0; smartcard_t *sc = c->spd.this.sc; @@ -1511,10 +1498,9 @@ RSA_sign_hash(struct connection *c * it is not: the knowledge of the private key allows more efficient (i.e. * different) computation for encryption. */ -static err_t -try_RSA_signature(const u_char hash_val[MAX_DIGEST_LEN], size_t hash_len -, const pb_stream *sig_pbs, pubkey_t *kr -, struct state *st) +static err_t try_RSA_signature(const u_char hash_val[MAX_DIGEST_LEN], + size_t hash_len, const pb_stream *sig_pbs, + pubkey_t *kr, struct state *st) { const u_char *sig_val = sig_pbs->cur; size_t sig_len = pbs_left(sig_pbs); @@ -1644,10 +1630,8 @@ struct tac_state { char *tn; /* roof of tried[] */ }; -static bool -take_a_crack(struct tac_state *s -, pubkey_t *kr -, const char *story USED_BY_DEBUG) +static bool take_a_crack(struct tac_state *s, pubkey_t *kr, + const char *story USED_BY_DEBUG) { err_t ugh = try_RSA_signature(s->hash_val, s->hash_len, s->sig_pbs , kr, s->st); @@ -1679,17 +1663,13 @@ take_a_crack(struct tac_state *s } } -static stf_status -RSA_check_signature(const struct id* peer -, struct state *st -, const u_char hash_val[MAX_DIGEST_LEN] -, size_t hash_len -, const pb_stream *sig_pbs +static stf_status RSA_check_signature(const struct id* peer, struct state *st, + const u_char hash_val[MAX_DIGEST_LEN], + size_t hash_len, const pb_stream *sig_pbs, #ifdef USE_KEYRR -, const pubkey_list_t *keys_from_dns + const pubkey_list_t *keys_from_dns, #endif /* USE_KEYRR */ -, const struct gw_info *gateways_from_dns -) + const struct gw_info *gateways_from_dns) { const struct connection *c = st->st_connection; struct tac_state s; @@ -1838,8 +1818,8 @@ RSA_check_signature(const struct id* peer } } -static notification_t -accept_nonce(struct msg_digest *md, chunk_t *dest, const char *name) +static notification_t accept_nonce(struct msg_digest *md, chunk_t *dest, + const char *name) { pb_stream *nonce_pbs = &md->chain[ISAKMP_NEXT_NONCE]->pbs; size_t len = pbs_left(nonce_pbs); @@ -1902,9 +1882,9 @@ encrypt_message(pb_stream *pbs, struct state *st) * Used by: quick_outI1, quick_inI1_outR1 (twice), quick_inR1_outI2 * (see RFC 2409 "IKE" 5.5, pg. 18 or draft-ietf-ipsec-ike-01.txt 6.2 pg 25) */ -static size_t -quick_mode_hash12(u_char *dest, const u_char *start, const u_char *roof -, const struct state *st, const msgid_t *msgid, bool hash2) +static size_t quick_mode_hash12(u_char *dest, const u_char *start, + const u_char *roof, const struct state *st, + const msgid_t *msgid, bool hash2) { struct hmac_ctx ctx; @@ -1935,8 +1915,7 @@ quick_mode_hash12(u_char *dest, const u_char *start, const u_char *roof * NOTE: this hash (unlike HASH(1) and HASH(2)) ONLY covers the * Message ID and Nonces. This is a mistake. */ -static size_t -quick_mode_hash3(u_char *dest, struct state *st) +static size_t quick_mode_hash3(u_char *dest, struct state *st) { struct hmac_ctx ctx; @@ -1953,8 +1932,7 @@ quick_mode_hash3(u_char *dest, struct state *st) /* Compute Phase 2 IV. * Uses Phase 1 IV from st_iv; puts result in st_new_iv. */ -void -init_phase2_iv(struct state *st, const msgid_t *msgid) +void init_phase2_iv(struct state *st, const msgid_t *msgid) { const struct hash_desc *h = st->st_oakley.hasher; union hash_ctx ctx; @@ -1981,9 +1959,8 @@ init_phase2_iv(struct state *st, const msgid_t *msgid) * Note: this is not called from demux.c */ -static bool -emit_subnet_id(ip_subnet *net -, u_int8_t np, u_int8_t protoid, u_int16_t port, pb_stream *outs) +static bool emit_subnet_id(ip_subnet *net, u_int8_t np, u_int8_t protoid, + u_int16_t port, pb_stream *outs) { struct isakmp_ipsec_id id; pb_stream id_pbs; @@ -2018,13 +1995,9 @@ emit_subnet_id(ip_subnet *net return TRUE; } -stf_status -quick_outI1(int whack_sock -, struct state *isakmp_sa -, struct connection *c -, lset_t policy -, unsigned long try -, so_serial_t replacing) +stf_status quick_outI1(int whack_sock, struct state *isakmp_sa, + struct connection *c, lset_t policy, unsigned long try, + so_serial_t replacing) { struct state *st = duplicate_state(isakmp_sa); pb_stream reply; /* not really a reply */ @@ -2236,8 +2209,7 @@ quick_outI1(int whack_sock /* * Decode the CERT payload of Phase 1. */ -static void -decode_cert(struct msg_digest *md) +static void decode_cert(struct msg_digest *md) { struct payload_digest *p; @@ -2291,8 +2263,7 @@ decode_cert(struct msg_digest *md) /* * Decode the CR payload of Phase 1. */ -static void -decode_cr(struct msg_digest *md, struct connection *c) +static void decode_cr(struct msg_digest *md, struct connection *c) { struct payload_digest *p; @@ -2342,8 +2313,7 @@ decode_cr(struct msg_digest *md, struct connection *c) * We must be called before SIG or HASH are decoded since we * may change the peer's RSA key or ID. */ -static bool -decode_peer_id(struct msg_digest *md, struct id *peer) +static bool decode_peer_id(struct msg_digest *md, struct id *peer) { struct state *const st = md->st; struct payload_digest *const id_pld = md->chain[ISAKMP_NEXT_ID]; @@ -2457,8 +2427,8 @@ decode_peer_id(struct msg_digest *md, struct id *peer) * - if the initiation was explicit, we'd be ignoring user's intent * - if opportunistic, we'll lose our HOLD info */ -static bool -switch_connection(struct msg_digest *md, struct id *peer, bool initiator) +static bool switch_connection(struct msg_digest *md, struct id *peer, + bool initiator) { struct state *const st = md->st; struct connection *c = st->st_connection; @@ -2569,11 +2539,8 @@ switch_connection(struct msg_digest *md, struct id *peer, bool initiator) * Rejects 0.0.0.0/32 or IPv6 equivalent because * (1) it is wrong and (2) we use this value for inband signalling. */ -static bool -decode_net_id(struct isakmp_ipsec_id *id -, pb_stream *id_pbs -, ip_subnet *net -, const char *which) +static bool decode_net_id(struct isakmp_ipsec_id *id, pb_stream *id_pbs, + ip_subnet *net, const char *which) { const struct af_info *afi = NULL; @@ -2737,14 +2704,9 @@ decode_net_id(struct isakmp_ipsec_id *id } /* like decode, but checks that what is received matches what was sent */ -static bool - -check_net_id(struct isakmp_ipsec_id *id -, pb_stream *id_pbs -, u_int8_t *protoid -, u_int16_t *port -, ip_subnet *net -, const char *which) +static bool check_net_id(struct isakmp_ipsec_id *id, pb_stream *id_pbs, + u_int8_t *protoid, u_int16_t *port, ip_subnet *net, + const char *which) { ip_subnet net_temp; @@ -2763,8 +2725,7 @@ check_net_id(struct isakmp_ipsec_id *id /* * look for the existence of a non-expiring preloaded public key */ -static bool -has_preloaded_public_key(struct state *st) +static bool has_preloaded_public_key(struct state *st) { struct connection *c = st->st_connection; @@ -2797,10 +2758,8 @@ has_preloaded_public_key(struct state *st) * RFC 2409 "IKE" section 5.5 * specifies how this is to be done. */ -static void -compute_proto_keymat(struct state *st -, u_int8_t protoid -, struct ipsec_proto_info *pi) +static void compute_proto_keymat(struct state *st, u_int8_t protoid, + struct ipsec_proto_info *pi) { size_t needed_len = 0; /* bytes of keying material needed */ @@ -2945,8 +2904,7 @@ compute_proto_keymat(struct state *st DBG_dump("Peer KEYMAT computed:\n", pi->peer_keymat, pi->keymat_len)); } -static void -compute_keymats(struct state *st) +static void compute_keymats(struct state *st) { if (st->st_ah.present) compute_proto_keymat(st, PROTO_IPSEC_AH, &st->st_ah); @@ -3245,8 +3203,7 @@ main_inI1_outR1(struct msg_digest *md) * * We must verify that the proposal received matches one we sent. */ -stf_status -main_inR1_outI2(struct msg_digest *md) +stf_status main_inR1_outI2(struct msg_digest *md) { struct state *const st = md->st; @@ -3346,8 +3303,7 @@ main_inR1_outI2(struct msg_digest *md) * HDR, [ HASH(1), ] <Ni_b>Pubkey_r, <KE_b>Ke_i, <IDi1_b>Ke_i [,<<Cert-I_b>Ke_i] * --> HDR, <Nr_b>PubKey_i, <KE_b>Ke_r, <IDr1_b>Ke_r */ -stf_status -main_inI2_outR2(struct msg_digest *md) +stf_status main_inI2_outR2(struct msg_digest *md) { struct state *const st = md->st; pb_stream *keyex_pbs = &md->chain[ISAKMP_NEXT_KE]->pbs; @@ -3487,8 +3443,7 @@ main_inI2_outR2(struct msg_digest *md) * SMF_RPKE_AUTH: HDR, <Nr_b>PubKey_i, <KE_b>Ke_r, <IDr1_b>Ke_r * --> HDR*, HASH_I */ -stf_status -main_inR2_outI3(struct msg_digest *md) +stf_status main_inR2_outI3(struct msg_digest *md) { struct state *const st = md->st; pb_stream *const keyex_pbs = &md->chain[ISAKMP_NEXT_KE]->pbs; @@ -3672,8 +3627,8 @@ struct key_continuation { typedef stf_status (key_tail_fn)(struct msg_digest *md , struct key_continuation *kc); -static void -report_key_dns_failure(struct id *id, err_t ugh) + +static void report_key_dns_failure(struct id *id, err_t ugh) { char id_buf[BUF_LEN]; /* arbitrary limit on length of ID reported */ @@ -3843,10 +3798,8 @@ main_id_and_auth(struct msg_digest *md * to find authentication, or we run out of things * to try. */ -static void -key_continue(struct adns_continuation *cr -, err_t ugh -, key_tail_fn *tail) +static void key_continue(struct adns_continuation *cr, err_t ugh, + key_tail_fn *tail) { struct key_continuation *kc = (void *)cr; struct state *st = kc->md->st; @@ -3898,14 +3851,12 @@ key_continue(struct adns_continuation *cr */ static key_tail_fn main_inI3_outR3_tail; /* forward */ -stf_status -main_inI3_outR3(struct msg_digest *md) +stf_status main_inI3_outR3(struct msg_digest *md) { return main_inI3_outR3_tail(md, NULL); } -static void -main_inI3_outR3_continue(struct adns_continuation *cr, err_t ugh) +static void main_inI3_outR3_continue(struct adns_continuation *cr, err_t ugh) { key_continue(cr, ugh, main_inI3_outR3_tail); } @@ -4077,21 +4028,18 @@ main_inI3_outR3_tail(struct msg_digest *md static key_tail_fn main_inR3_tail; /* forward */ -stf_status -main_inR3(struct msg_digest *md) +stf_status main_inR3(struct msg_digest *md) { return main_inR3_tail(md, NULL); } -static void -main_inR3_continue(struct adns_continuation *cr, err_t ugh) +static void main_inR3_continue(struct adns_continuation *cr, err_t ugh) { key_continue(cr, ugh, main_inR3_tail); } -static stf_status -main_inR3_tail(struct msg_digest *md -, struct key_continuation *kc) +static stf_status main_inR3_tail(struct msg_digest *md, + struct key_continuation *kc) { struct state *const st = md->st; @@ -4233,8 +4181,7 @@ struct verify_oppo_continuation { static stf_status quick_inI1_outR1_tail(struct verify_oppo_bundle *b , struct adns_continuation *ac); -stf_status -quick_inI1_outR1(struct msg_digest *md) +stf_status quick_inI1_outR1(struct msg_digest *md) { const struct state *const p1st = md->st; struct connection *c = p1st->st_connection; @@ -4341,8 +4288,7 @@ report_verify_failure(struct verify_oppo_bundle *b, err_t ugh) , fgwb, cb, which, ugh); } -static void -quick_inI1_outR1_continue(struct adns_continuation *cr, err_t ugh) +static void quick_inI1_outR1_continue(struct adns_continuation *cr, err_t ugh) { stf_status r; struct verify_oppo_continuation *vc = (void *)cr; @@ -4372,9 +4318,8 @@ quick_inI1_outR1_continue(struct adns_continuation *cr, err_t ugh) cur_state = NULL; } -static stf_status -quick_inI1_outR1_start_query(struct verify_oppo_bundle *b -, enum verify_oppo_step next_step) +static stf_status quick_inI1_outR1_start_query(struct verify_oppo_bundle *b, + enum verify_oppo_step next_step) { struct msg_digest *md = b->md; struct state *p1st = md->st; @@ -4489,10 +4434,10 @@ quick_inI1_outR1_start_query(struct verify_oppo_bundle *b } } -static enum verify_oppo_step -quick_inI1_outR1_process_answer(struct verify_oppo_bundle *b -, struct adns_continuation *ac -, struct state *p1st) +static enum verify_oppo_step quick_inI1_outR1_process_answer( + struct verify_oppo_bundle *b, + struct adns_continuation *ac, + struct state *p1st) { struct connection *c = p1st->st_connection; enum verify_oppo_step next_step = vos_our_client; @@ -4665,9 +4610,8 @@ quick_inI1_outR1_process_answer(struct verify_oppo_bundle *b return next_step; } -static stf_status -quick_inI1_outR1_tail(struct verify_oppo_bundle *b -, struct adns_continuation *ac) +static stf_status quick_inI1_outR1_tail(struct verify_oppo_bundle *b, + struct adns_continuation *ac) { struct msg_digest *md = b->md; struct state *const p1st = md->st; @@ -5019,8 +4963,7 @@ quick_inI1_outR1_tail(struct verify_oppo_bundle *b /* * Initialize RFC 3706 Dead Peer Detection */ -static void -dpd_init(struct state *st) +static void dpd_init(struct state *st) { struct state *p1st = find_state(st->st_icookie, st->st_rcookie , &st->st_connection->spd.that.host_addr, 0); @@ -5044,8 +4987,7 @@ dpd_init(struct state *st) * (see RFC 2409 "IKE" 5.5) * Installs inbound and outbound IPsec SAs, routing, etc. */ -stf_status -quick_inR1_outI2(struct msg_digest *md) +stf_status quick_inR1_outI2(struct msg_digest *md) { struct state *const st = md->st; const struct connection *c = st->st_connection; @@ -5197,8 +5139,7 @@ quick_inR1_outI2(struct msg_digest *md) * (see RFC 2409 "IKE" 5.5) * Installs outbound IPsec SAs, routing, etc. */ -stf_status -quick_inI2(struct msg_digest *md) +stf_status quick_inI2(struct msg_digest *md) { struct state *const st = md->st; @@ -5243,9 +5184,8 @@ quick_inI2(struct msg_digest *md) return STF_OK; } -static stf_status -send_isakmp_notification(struct state *st, u_int16_t type - , const void *data, size_t len) +static stf_status send_isakmp_notification(struct state *st, u_int16_t type, + const void *data, size_t len) { msgid_t msgid; pb_stream reply; @@ -5350,8 +5290,7 @@ send_isakmp_notification(struct state *st, u_int16_t type /* * DPD Out Initiator */ -void -dpd_outI(struct state *p2st) +void dpd_outI(struct state *p2st) { struct state *st; u_int32_t seqno; @@ -5411,8 +5350,12 @@ dpd_outI(struct state *p2st) if (!st->st_dpd_seqno) { + rng_t *rng; + /* Get a non-zero random value that has room to grow */ - get_rnd_bytes((u_char *)&st->st_dpd_seqno, sizeof(st->st_dpd_seqno)); + rng = lib->crypto->create_rng(lib->crypto, RNG_WEAK); + rng->get_bytes(rng, sizeof(st->st_dpd_seqno), (u_char *)&st->st_dpd_seqno); + rng->destroy(rng); st->st_dpd_seqno &= 0x7fff; st->st_dpd_seqno++; } @@ -5512,8 +5455,8 @@ dpd_inI_outR(struct state *st, struct isakmp_notification *const n, pb_stream *p /* * DPD out Responder */ -stf_status -dpd_inR(struct state *st, struct isakmp_notification *const n, pb_stream *pbs) +stf_status dpd_inR(struct state *st, struct isakmp_notification *const n, + pb_stream *pbs) { u_int32_t seqno; |