// Add trusted CA to Cedar void AddCa(CEDAR *cedar, X *x) { // Validate arguments if (cedar == NULL || x == NULL) { return; } LockList(cedar->CaList); { UINT i; bool ok = true; for (i = 0;i < LIST_NUM(cedar->CaList);i++) { X *exist_x = LIST_DATA(cedar->CaList, i); if (CompareX(exist_x, x)) { ok = false; break; } } if (ok) { Insert(cedar->CaList, CloneX(x)); } } UnlockList(cedar->CaList); }
// Change certificate of Cedar void SetCedarCert(CEDAR *c, X *server_x, K *server_k) { // Validate arguments if (server_x == NULL || server_k == NULL) { return; } Lock(c->lock); { if (c->ServerX != NULL) { FreeX(c->ServerX); } if (c->ServerK != NULL) { FreeK(c->ServerK); } c->ServerX = CloneX(server_x); c->ServerK = CloneK(server_k); } Unlock(c->lock); }
// Get the CA which signed the certificate X *FindCaSignedX(LIST *o, X *x) { X *ret; // Validate arguments if (o == NULL || x == NULL) { return NULL; } ret = NULL; LockList(o); { UINT i; for (i = 0;i < LIST_NUM(o);i++) { X *ca = LIST_DATA(o, i); if (CheckXDateNow(ca)) { if (CompareName(ca->subject_name, x->issuer_name)) { K *k = GetKFromX(ca); if (k != NULL) { if (CheckSignature(x, k)) { ret = CloneX(ca); } FreeK(k); } } else if (CompareX(ca, x)) { ret = CloneX(ca); } } if (ret != NULL) { break; } } } UnlockList(o); return ret; }
// Clone authentication data void *CopyAuthData(void *authdata, UINT authtype) { AUTHPASSWORD *pw = (AUTHPASSWORD *)authdata; AUTHUSERCERT *usercert = (AUTHUSERCERT *)authdata; AUTHROOTCERT *rootcert = (AUTHROOTCERT *)authdata; AUTHRADIUS *radius = (AUTHRADIUS *)authdata; AUTHNT *nt = (AUTHNT *)authdata; // Validate arguments if (authdata == NULL || authtype == AUTHTYPE_ANONYMOUS) { return NULL; } switch (authtype) { case AUTHTYPE_PASSWORD: { AUTHPASSWORD *ret = ZeroMalloc(sizeof(AUTHPASSWORD)); Copy(ret, pw, sizeof(AUTHPASSWORD)); return ret; } break; case AUTHTYPE_USERCERT: { AUTHUSERCERT *ret = ZeroMalloc(sizeof(AUTHUSERCERT)); ret->UserX = CloneX(usercert->UserX); return ret; } break; case AUTHTYPE_ROOTCERT: { AUTHROOTCERT *ret = ZeroMalloc(sizeof(AUTHROOTCERT)); ret->CommonName = CopyUniStr(rootcert->CommonName); ret->Serial = CloneXSerial(rootcert->Serial); return ret; } break; case AUTHTYPE_RADIUS: { AUTHRADIUS *ret = ZeroMalloc(sizeof(AUTHRADIUS)); ret->RadiusUsername = UniCopyStr(radius->RadiusUsername); return ret; } break; case AUTHTYPE_NT: { AUTHNT *ret = ZeroMalloc(sizeof(AUTHNT)); ret->NtUsername = UniCopyStr(nt->NtUsername); return ret; } break; } return NULL; }
// Create an authentication data for user certification void *NewUserCertAuthData(X *x) { AUTHUSERCERT *a; a = ZeroMalloc(sizeof(AUTHUSERCERT)); a->UserX = CloneX(x); return a; }
// Create Cedar object CEDAR *NewCedar(X *server_x, K *server_k) { CEDAR *c; char tmp[MAX_SIZE]; char tmp2[MAX_SIZE]; char *beta_str; CedarForceLink(); c = ZeroMalloc(sizeof(CEDAR)); c->CurrentActiveLinks = NewCounter(); c->AcceptingSockets = NewCounter(); c->CedarSuperLock = NewLock(); c->CurrentRegionLock = NewLock(); StrCpy(c->OpenVPNDefaultClientOption, sizeof(c->OpenVPNDefaultClientOption), OVPN_DEF_CLIENT_OPTION_STRING); #ifdef BETA_NUMBER c->Beta = BETA_NUMBER; #endif // BETA_NUMBER InitNoSslList(c); c->AssignedBridgeLicense = NewCounter(); c->AssignedClientLicense = NewCounter(); c->CurrentTcpQueueSizeLock = NewLock(); c->QueueBudgetLock = NewLock(); c->FifoBudgetLock = NewLock(); Rand(c->UniqueId, sizeof(c->UniqueId)); c->CreatedTick = Tick64(); c->lock = NewLock(); c->ref = NewRef(); c->OpenVPNPublicPortsLock = NewLock(); c->CurrentTcpConnections = GetNumTcpConnectionsCounter(); c->ListenerList = NewList(CompareListener); c->UDPEntryList = NewList(CompareUDPEntry); c->HubList = NewList(CompareHub); c->ConnectionList = NewList(CompareConnection); c->ConnectionIncrement = NewCounter(); c->CurrentSessions = NewCounter(); if (server_k && server_x) { c->ServerK = CloneK(server_k); c->ServerX = CloneX(server_x); } c->Version = CEDAR_VER; c->Build = CEDAR_BUILD; c->ServerStr = CopyStr(CEDAR_SERVER_STR); GetMachineName(tmp, sizeof(tmp)); c->MachineName = CopyStr(tmp); c->HttpUserAgent = CopyStr(DEFAULT_USER_AGENT); c->HttpAccept = CopyStr(DEFAULT_ACCEPT); c->HttpAcceptLanguage = CopyStr("ja"); c->HttpAcceptEncoding = CopyStr(DEFAULT_ENCODING); c->Traffic = NewTraffic(); c->TrafficLock = NewLock(); c->CaList = NewList(CompareCert); c->TrafficDiffList = NewList(NULL); SetCedarCipherList(c, "RC4-MD5"); c->ClientId = _II("CLIENT_ID"); c->UdpPortList = NewIntList(false); InitNetSvcList(c); InitLocalBridgeList(c); InitCedarLayer3(c); c->WebUI = WuNewWebUI(c); #ifdef ALPHA_VERSION beta_str = "Alpha"; #else // ALPHA_VERSION #ifndef RELEASE_CANDIDATE beta_str = "Beta"; #else // RELEASE_CANDIDATE beta_str = "Release Candidate"; #endif // RELEASE_CANDIDATE #endif // ALPHA_VERSION ToStr(tmp2, c->Beta); Format(tmp, sizeof(tmp), "Version %u.%02u Build %u %s %s (%s)", CEDAR_VER / 100, CEDAR_VER - (CEDAR_VER / 100) * 100, CEDAR_BUILD, c->Beta == 0 ? "" : beta_str, c->Beta == 0 ? "" : tmp2, _SS("LANGSTR")); Trim(tmp); if (true) { SYSTEMTIME st; Zero(&st, sizeof(st)); st.wYear = BUILD_DATE_Y; st.wMonth = BUILD_DATE_M; st.wDay = BUILD_DATE_D; c->BuiltDate = SystemToUINT64(&st); } c->VerString = CopyStr(tmp); Format(tmp, sizeof(tmp), "Compiled %04u/%02u/%02u %02u:%02u:%02u by %s at %s", BUILD_DATE_Y, BUILD_DATE_M, BUILD_DATE_D, BUILD_DATE_HO, BUILD_DATE_MI, BUILD_DATE_SE, BUILDER_NAME, BUILD_PLACE); c->BuildInfo = CopyStr(tmp); return c; }