/* callbacks for making OpenSSL thread safe */
unsigned long ssl_thread_id() {
return (unsigned long)pthread_self();
-};
+}
void ssl_locking_callback(int mode, int type, const char *file, int line) {
if (mode & CRYPTO_LOCK) {
break;
}
}
- // printf("certificate verify returns %d\n", ok);
+ /* printf("certificate verify returns %d\n", ok); */
return ok;
}
for (i = 0; i < l; i++)
printf("%c", v[i]);
printf("\n");
- if (l == strlen(peer->host) && !strncasecmp(peer->host, v, l)) {
+ if (l == strlen(peer->host) && !strncasecmp(peer->host, (char *)v, l)) {
printf("tlsverifycert: Found cn matching host %s, All OK\n", peer->host);
return 1;
}
printf("tlsconnect: sleeping %ds\n", 900);
sleep(900);
} else
- server->lastconnecttry.tv_sec = now.tv_sec; // no sleep at startup
+ server->lastconnecttry.tv_sec = now.tv_sec; /* no sleep at startup */
printf("tlsconnect: trying to open TLS connection to %s port %s\n", server->peer.host, server->peer.port);
if (server->sock >= 0)
close(server->sock);
if (cnt <= 0) {
printf("radtlsget: connection lost\n");
if (SSL_get_error(ssl, cnt) == SSL_ERROR_ZERO_RETURN) {
- //remote end sent close_notify, send one back
+ /* remote end sent close_notify, send one back */
SSL_shutdown(ssl);
}
return NULL;
if (cnt <= 0) {
printf("radtlsget: connection lost\n");
if (SSL_get_error(ssl, cnt) == SSL_ERROR_ZERO_RETURN) {
- //remote end sent close_notify, send one back
+ /* remote end sent close_notify, send one back */
SSL_shutdown(ssl);
}
free(rad);
result = (EVP_DigestInit_ex(&mdctx, EVP_md5(), NULL) &&
EVP_DigestUpdate(&mdctx, rad, RADLEN(rad)) &&
- EVP_DigestUpdate(&mdctx, sec, strlen(sec)) &&
+ EVP_DigestUpdate(&mdctx, sec, strlen((char *)sec)) &&
EVP_DigestFinal_ex(&mdctx, rad + 4, &md_len) &&
md_len == 16);
pthread_mutex_unlock(&lock);
EVP_DigestUpdate(&mdctx, rad, 4) &&
EVP_DigestUpdate(&mdctx, reqauth, 16) &&
(len <= 20 || EVP_DigestUpdate(&mdctx, rad + 20, len - 20)) &&
- EVP_DigestUpdate(&mdctx, sec, strlen(sec)) &&
+ EVP_DigestUpdate(&mdctx, sec, strlen((char *)sec)) &&
EVP_DigestFinal_ex(&mdctx, hash, &len) &&
len == 16 &&
!memcmp(hash, rad + 4, 16));
return result;
}
-int checkmessageauth(char *rad, uint8_t *authattr, char *secret) {
+int checkmessageauth(unsigned char *rad, uint8_t *authattr, char *secret) {
static pthread_mutex_t lock = PTHREAD_MUTEX_INITIALIZER;
static unsigned char first = 1;
static HMAC_CTX hmacctx;
return 1;
}
-int createmessageauth(char *rad, char *authattrval, char *secret) {
+int createmessageauth(unsigned char *rad, unsigned char *authattrval, char *secret) {
static pthread_mutex_t lock = PTHREAD_MUTEX_INITIALIZER;
static unsigned char first = 1;
static HMAC_CTX hmacctx;
pthread_mutex_unlock(&to->newrq_mutex);
}
-void sendreply(struct client *to, struct server *from, char *buf, struct sockaddr_storage *tosa) {
+void sendreply(struct client *to, struct server *from, unsigned char *buf, struct sockaddr_storage *tosa) {
struct replyq *replyq = to->replyq;
pthread_mutex_lock(&replyq->count_mutex);
pthread_mutex_unlock(&replyq->count_mutex);
}
-int pwdencrypt(uint8_t *in, uint8_t len, uint8_t *shared, uint8_t sharedlen, uint8_t *auth) {
+int pwdencrypt(uint8_t *in, uint8_t len, char *shared, uint8_t sharedlen, uint8_t *auth) {
static pthread_mutex_t lock = PTHREAD_MUTEX_INITIALIZER;
static unsigned char first = 1;
static EVP_MD_CTX mdctx;
input = auth;
for (;;) {
if (!EVP_DigestInit_ex(&mdctx, EVP_md5(), NULL) ||
- !EVP_DigestUpdate(&mdctx, shared, sharedlen) ||
+ !EVP_DigestUpdate(&mdctx, (uint8_t *)shared, sharedlen) ||
!EVP_DigestUpdate(&mdctx, input, 16) ||
!EVP_DigestFinal_ex(&mdctx, hash, &md_len) ||
md_len != 16) {
return 1;
}
-int pwddecrypt(uint8_t *in, uint8_t len, uint8_t *shared, uint8_t sharedlen, uint8_t *auth) {
+int pwddecrypt(uint8_t *in, uint8_t len, char *shared, uint8_t sharedlen, uint8_t *auth) {
static pthread_mutex_t lock = PTHREAD_MUTEX_INITIALIZER;
static unsigned char first = 1;
static EVP_MD_CTX mdctx;
input = auth;
for (;;) {
if (!EVP_DigestInit_ex(&mdctx, EVP_md5(), NULL) ||
- !EVP_DigestUpdate(&mdctx, shared, sharedlen) ||
+ !EVP_DigestUpdate(&mdctx, (uint8_t *)shared, sharedlen) ||
!EVP_DigestUpdate(&mdctx, input, 16) ||
!EVP_DigestFinal_ex(&mdctx, hash, &md_len) ||
md_len != 16) {
return i < MAX_REQUESTS;
}
-struct server *radsrv(struct request *rq, char *buf, struct client *from) {
+struct server *radsrv(struct request *rq, unsigned char *buf, struct client *from) {
uint8_t code, id, *auth, *attr, attrvallen;
uint8_t *usernameattr = NULL, *userpwdattr = NULL, *tunnelpwdattr = NULL, *messageauthattr = NULL;
int i;
printf("\n");
}
- to = id2server(&usernameattr[RAD_Attr_Value], usernameattr[RAD_Attr_Length] - 2);
+ to = id2server((char *)&usernameattr[RAD_Attr_Value], usernameattr[RAD_Attr_Length] - 2);
if (!to) {
printf("radsrv: ignoring request, don't know where to send it\n");
return NULL;
rq->messageauthattrval = (messageauthattr ? &messageauthattr[RAD_Attr_Value] : NULL);
memcpy(rq->origauth, auth, 16);
memcpy(auth, newauth, 16);
- printauth("rq->origauth", rq->origauth);
+ printauth("rq->origauth", (unsigned char *)rq->origauth);
printauth("auth", auth);
return to;
}
continue;
}
- if (!validauth(buf, server->requests[i].buf + 4, server->peer.secret)) {
+ if (!validauth(buf, server->requests[i].buf + 4, (unsigned char *)server->peer.secret)) {
pthread_mutex_unlock(&server->newrq_mutex);
printf("clientrd: invalid auth, ignoring\n");
continue;
goto getnext;
}
if (attr[RAD_Attr_Type] == RAD_Attr_Vendor_Specific &&
- ((uint16_t *)attr)[1] == 0 && ntohs(((uint16_t *)attr)[2]) == 311) { // 311 == MS
+ ((uint16_t *)attr)[1] == 0 && ntohs(((uint16_t *)attr)[2]) == 311) { /* 311 == MS */
subleft = attr[RAD_Attr_Length] - 6;
subattr = attr + 6;
while (subleft > 1) {
if (subattr[RAD_Attr_Length] < 20)
continue;
- if (!msmppdecrypt(subattr + 4, subattr[RAD_Attr_Length] - 4,
- server->peer.secret, strlen(server->peer.secret), server->requests[i].buf + 4, subattr + 2)) {
+ if (!msmppdecrypt(subattr + 4, subattr[RAD_Attr_Length] - 4, (unsigned char *)server->peer.secret,
+ strlen(server->peer.secret), server->requests[i].buf + 4, subattr + 2)) {
printf("clientrd: failed to decrypt msppe key\n");
continue;
}
- if (!msmppencrypt(subattr + 4, subattr[RAD_Attr_Length] - 4,
- from->peer.secret, strlen(from->peer.secret), server->requests[i].origauth, subattr + 2)) {
+ if (!msmppencrypt(subattr + 4, subattr[RAD_Attr_Length] - 4, (unsigned char *)from->peer.secret,
+ strlen(from->peer.secret), (unsigned char *)server->requests[i].origauth, subattr + 2)) {
printf("clientrd: failed to encrypt msppe key\n");
continue;
}
server->requests[i].received = 1;
pthread_mutex_unlock(&server->newrq_mutex);
- if (!radsign(buf, from->peer.secret)) {
+ if (!radsign(buf, (unsigned char *)from->peer.secret)) {
printf("clientrd: failed to sign message\n");
continue;
}
printf("tls server writer, got signal\n");
}
if (!client->peer.ssl) {
- //ssl might have changed while waiting
+ /* ssl might have changed while waiting */
pthread_mutex_unlock(&replyq->count_mutex);
printf("tlsserverwr: exiting as requested\n");
pthread_exit(NULL);
sendrq(to, client, &rq);
}
printf("tlsserverrd: connection lost\n");
- // stop writer by setting peer.ssl to NULL and give signal in case waiting for data
+ /* stop writer by setting peer.ssl to NULL and give signal in case waiting for data */
client->peer.ssl = NULL;
pthread_mutex_lock(&client->replyq->count_mutex);
pthread_cond_signal(&client->replyq->count_cond);
int ipv6 = 0;
p = s;
- // allow literal addresses and port, e.g. [2001:db8::1]:1812
+ /* allow literal addresses and port, e.g. [2001:db8::1]:1812 */
if (*p == '[') {
p++;
field = p;
return p;
}
-// * is default, else longest match ... ";" used for separator
+/* * is default, else longest match ... ";" used for separator */
char *parserealmlist(char *s, struct server *server) {
char *p;
int i, n, l;
}
if (strlen(filename) + 1 <= sizeof(pathname)) {
- // basename() might modify the string
+ /* basename() might modify the string */
strcpy(pathname, filename);
base = basename(pathname);
f = fopen(base, "r");
for (p = line; *p == ' ' || *p == '\t'; p++);
if (*p == '#' || *p == '\n')
continue;
- peer->type = *p; // we already know it must be U or T
+ peer->type = *p; /* we already know it must be U or T */
for (p++; *p == ' ' || *p == '\t'; p++);
p = parsehostport(p, peer);
for (; *p == ' ' || *p == '\t'; p++);
int main(int argc, char **argv) {
pthread_t udpserverth;
- // pthread_attr_t joinable;
+ /* pthread_attr_t joinable; */
int i;
- // parseargs(argc, argv);
+ /* parseargs(argc, argv); */
getmainconfig(CONFIG_MAIN);
getconfig(CONFIG_SERVERS, NULL);
getconfig(NULL, CONFIG_CLIENTS);
- // pthread_attr_init(&joinable);
- // pthread_attr_setdetachstate(&joinable, PTHREAD_CREATE_JOINABLE);
+ /* pthread_attr_init(&joinable); */
+ /* pthread_attr_setdetachstate(&joinable, PTHREAD_CREATE_JOINABLE); */
if (client_udp_count)
if (pthread_create(&udpserverth, NULL /*&joinable*/, udpserverrd, NULL))