void
get_user_pass_auto_userid(struct user_pass *up, const char *tag)
{
struct gc_arena gc = gc_new();
struct buffer buf;
uint8_t macaddr[6];
static uint8_t digest [MD5_DIGEST_LENGTH];
static const uint8_t hashprefix[] = "AUTO_USERID_DIGEST";
const md_kt_t *md5_kt = md_kt_get("MD5");
md_ctx_t *ctx;
CLEAR(*up);
buf_set_write(&buf, (uint8_t *)up->username, USER_PASS_LEN);
buf_printf(&buf, "%s", TARGET_PREFIX);
if (get_default_gateway_mac_addr(macaddr))
{
dmsg(D_AUTO_USERID, "GUPAU: macaddr=%s", format_hex_ex(macaddr, sizeof(macaddr), 0, 1, ":", &gc));
ctx = md_ctx_new();
md_ctx_init(ctx, md5_kt);
md_ctx_update(ctx, hashprefix, sizeof(hashprefix) - 1);
md_ctx_update(ctx, macaddr, sizeof(macaddr));
md_ctx_final(ctx, digest);
md_ctx_cleanup(ctx);
md_ctx_free(ctx);
buf_printf(&buf, "%s", format_hex_ex(digest, sizeof(digest), 0, 256, " ", &gc));
}
else
{
buf_printf(&buf, "UNKNOWN");
}
if (tag && strcmp(tag, "stdin"))
{
buf_printf(&buf, "-%s", tag);
}
up->defined = true;
gc_free(&gc);
dmsg(D_AUTO_USERID, "GUPAU: AUTO_USERID: '%s'", up->username);
}
int
read_passphrase_hash (const char *passphrase_file,
const md_kt_t *digest,
uint8_t *output,
int len)
{
unsigned int outlen = 0;
md_ctx_t md;
ASSERT (len >= md_kt_size(digest));
memset (output, 0, len);
md_ctx_init(&md, digest);
/* read passphrase file */
{
const int min_passphrase_size = 8;
uint8_t buf[64];
int total_size = 0;
int fd = platform_open (passphrase_file, O_RDONLY, 0);
if (fd == -1)
msg (M_ERR, "Cannot open passphrase file: '%s'", passphrase_file);
for (;;)
{
int size = read (fd, buf, sizeof (buf));
if (size == 0)
break;
if (size == -1)
msg (M_ERR, "Read error on passphrase file: '%s'",
passphrase_file);
md_ctx_update(&md, buf, size);
total_size += size;
}
close (fd);
warn_if_group_others_accessible (passphrase_file);
if (total_size < min_passphrase_size)
msg (M_FATAL,
"Passphrase file '%s' is too small (must have at least %d characters)",
passphrase_file, min_passphrase_size);
}
md_ctx_final(&md, output);
md_ctx_cleanup(&md);
return md_kt_size(digest);
}
static void
push_update_digest(md_ctx_t *ctx, struct buffer *buf, const struct options *opt)
{
char line[OPTION_PARM_SIZE];
while (buf_parse(buf, ',', line, sizeof(line)))
{
/* peer-id might change on restart and this should not trigger reopening tun */
if (strprefix(line, "peer-id "))
{
continue;
}
/* tun reopen only needed if cipher change can change tun MTU */
if (strprefix(line, "cipher ") && !opt->ce.tun_mtu_defined)
{
continue;
}
md_ctx_update(ctx, (const uint8_t *) line, strlen(line)+1);
}
}
void
md5_state_update (struct md5_state *s, void *data, size_t len)
{
md_ctx_update(&s->ctx, data, len);
}
int
process_incoming_push_msg (struct context *c,
const struct buffer *buffer,
bool honor_received_options,
unsigned int permission_mask,
unsigned int *option_types_found)
{
int ret = PUSH_MSG_ERROR;
struct buffer buf = *buffer;
#if P2MP_SERVER
if (buf_string_compare_advance (&buf, "PUSH_REQUEST"))
{
ret = process_incoming_push_request(c);
}
else
#endif
if (honor_received_options && buf_string_compare_advance (&buf, "PUSH_REPLY"))
{
const uint8_t ch = buf_read_u8 (&buf);
if (ch == ',')
{
struct buffer buf_orig = buf;
if (!c->c2.pulled_options_md5_init_done)
{
md_ctx_init(&c->c2.pulled_options_state, md_kt_get("MD5"));
c->c2.pulled_options_md5_init_done = true;
}
if (!c->c2.did_pre_pull_restore)
{
pre_pull_restore (&c->options, &c->c2.gc);
c->c2.did_pre_pull_restore = true;
}
if (apply_push_options (&c->options,
&buf,
permission_mask,
option_types_found,
c->c2.es))
switch (c->options.push_continuation)
{
case 0:
case 1:
md_ctx_update (&c->c2.pulled_options_state, BPTR(&buf_orig), BLEN(&buf_orig));
md_ctx_final (&c->c2.pulled_options_state, c->c2.pulled_options_digest.digest);
md_ctx_cleanup (&c->c2.pulled_options_state);
c->c2.pulled_options_md5_init_done = false;
ret = PUSH_MSG_REPLY;
break;
case 2:
md_ctx_update (&c->c2.pulled_options_state, BPTR(&buf_orig), BLEN(&buf_orig));
ret = PUSH_MSG_CONTINUATION;
break;
}
}
else if (ch == '\0')
{
ret = PUSH_MSG_REPLY;
}
/* show_settings (&c->options); */
}
return ret;
}
