From: Steffan Karger <steffan.kar...@fox-it.com> The functions packet_id_alloc_outgoing() and packet_id_write() were always called in tandem. Instead of forcing the caller to allocate a packet_id_net to do so, merge the two functions. This simplifies the API and reduces the chance on mistakes in the future.
This patch was cherry-picked from 5d747770 (release/2.3), with the unit tests removed because release/2.2 does not have unit tests. Signed-off-by: Steffan Karger <steffan.kar...@fox-it.com> --- crypto.c | 12 +++--------- packet_id.c | 24 +++++++++++++++++++++--- packet_id.h | 34 +++++++++++++--------------------- 3 files changed, 37 insertions(+), 33 deletions(-) diff --git a/crypto.c b/crypto.c index 6dd6a5f..b7b2f01 100644 --- a/crypto.c +++ b/crypto.c @@ -119,23 +119,19 @@ openvpn_encrypt (struct buffer *buf, struct buffer work, /* Put packet ID in plaintext buffer or IV, depending on cipher mode */ if (opt->packet_id) { - struct packet_id_net pin; - packet_id_alloc_outgoing (&opt->packet_id->send, &pin, BOOL_CAST (opt->flags & CO_PACKET_ID_LONG_FORM)); - ASSERT (packet_id_write (&pin, buf, BOOL_CAST (opt->flags & CO_PACKET_ID_LONG_FORM), true)); + ASSERT (packet_id_write (&opt->packet_id->send, buf, BOOL_CAST (opt->flags & CO_PACKET_ID_LONG_FORM), true)); } } else if (mode == EVP_CIPH_CFB_MODE || mode == EVP_CIPH_OFB_MODE) { - struct packet_id_net pin; struct buffer b; ASSERT (opt->flags & CO_USE_IV); /* IV and packet-ID required */ ASSERT (opt->packet_id); /* for this mode. */ - packet_id_alloc_outgoing (&opt->packet_id->send, &pin, true); memset (iv_buf, 0, iv_size); buf_set_write (&b, iv_buf, iv_size); - ASSERT (packet_id_write (&pin, &b, true, false)); + ASSERT (packet_id_write (&opt->packet_id->send, &b, true, false)); } else /* We only support CBC, CFB, or OFB modes right now */ { @@ -193,9 +189,7 @@ openvpn_encrypt (struct buffer *buf, struct buffer work, { if (opt->packet_id) { - struct packet_id_net pin; - packet_id_alloc_outgoing (&opt->packet_id->send, &pin, BOOL_CAST (opt->flags & CO_PACKET_ID_LONG_FORM)); - ASSERT (packet_id_write (&pin, buf, BOOL_CAST (opt->flags & CO_PACKET_ID_LONG_FORM), true)); + ASSERT (packet_id_write (&opt->packet_id->send, buf, BOOL_CAST (opt->flags & CO_PACKET_ID_LONG_FORM), true)); } work = *buf; } diff --git a/packet_id.c b/packet_id.c index b11e71f..d190074 100644 --- a/packet_id.c +++ b/packet_id.c @@ -248,12 +248,30 @@ packet_id_read (struct packet_id_net *pin, struct buffer *buf, bool long_form) return true; } +static void +packet_id_send_update(struct packet_id_send *p, bool long_form) +{ + if (!p->time) + { + p->time = now; + } + p->id++; + if (!p->id) + { + ASSERT(long_form); + p->time = now; + p->id = 1; + } +} + bool -packet_id_write (const struct packet_id_net *pin, struct buffer *buf, bool long_form, bool prepend) +packet_id_write (struct packet_id_send *p, struct buffer *buf, bool long_form, + bool prepend) { - packet_id_type net_id = htonpid (pin->id); - net_time_t net_time = htontime (pin->time); + packet_id_send_update(p, long_form); + const packet_id_type net_id = htonpid(p->id); + const net_time_t net_time = htontime(p->time); if (prepend) { if (long_form) diff --git a/packet_id.h b/packet_id.h index 12c1df3..59b7a7b 100644 --- a/packet_id.h +++ b/packet_id.h @@ -249,7 +249,19 @@ const char *packet_id_persist_print (const struct packet_id_persist *p, struct g */ bool packet_id_read (struct packet_id_net *pin, struct buffer *buf, bool long_form); -bool packet_id_write (const struct packet_id_net *pin, struct buffer *buf, bool long_form, bool prepend); + +/** + * Write a packet ID to buf, and update the packet ID state. + * + * @param p Packet ID state. + * @param buf Buffer to write the packet ID too + * @param long_form If true, also update and write time_t to buf + * @param prepend If true, prepend to buffer, otherwise apppend. + * + * @return true if successful, false otherwise. + */ +bool packet_id_write (struct packet_id_send *p, struct buffer *buf, + bool long_form, bool prepend); /* * Inline functions. @@ -291,26 +303,6 @@ packet_id_close_to_wrapping (const struct packet_id_send *p) return p->id >= PACKET_ID_WRAP_TRIGGER; } -/* - * Allocate an outgoing packet id. - * Sequence number ranges from 1 to 2^32-1. - * In long_form, a time_t is added as well. - */ -static inline void -packet_id_alloc_outgoing (struct packet_id_send *p, struct packet_id_net *pin, bool long_form) -{ - if (!p->time) - p->time = now; - pin->id = ++p->id; - if (!pin->id) - { - ASSERT (long_form); - p->time = now; - pin->id = p->id = 1; - } - pin->time = p->time; -} - static inline bool check_timestamp_delta (time_t remote, unsigned int max_delta) { -- 2.7.4 ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel