+/*
+Copyright (C) 2010-2015 Rudolf Polzer (divVerent)
+Copyright (C) 2010-2020 Ashley Rose Hale (LadyHavoc)
+
+This program is free software; you can redistribute it and/or
+modify it under the terms of the GNU General Public License
+as published by the Free Software Foundation; either version 2
+of the License, or (at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+
+See the GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program; if not, write to the Free Software
+Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+
+*/
+
#include "quakedef.h"
#include "crypto.h"
#include "common.h"
return true;
// Load the DLL
- return Sys_LoadLibrary (dllnames, &d0_blind_id_dll, d0_blind_id_funcs);
+ return Sys_LoadDependency (dllnames, &d0_blind_id_dll, d0_blind_id_funcs);
}
static void Crypto_CloseLibrary (void)
return true;
// Load the DLL
- return Sys_LoadLibrary (dllnames, &d0_rijndael_dll, d0_rijndael_funcs);
+ return Sys_LoadDependency (dllnames, &d0_rijndael_dll, d0_rijndael_funcs);
}
static void Crypto_Rijndael_CloseLibrary (void)
if(keyid)
*keyid = hk->keyid;
if(keyfp)
- strlcpy(keyfp, pubkeys_fp64[hk->keyid], keyfplen);
+ dp_strlcpy(keyfp, pubkeys_fp64[hk->keyid], keyfplen);
if(idfp)
- strlcpy(idfp, hk->idfp, idfplen);
+ dp_strlcpy(idfp, hk->idfp, idfplen);
if(aeslevel)
*aeslevel = hk->aeslevel;
if(issigned)
if(!pubkeys[keyid])
return -1;
if(keyfp)
- strlcpy(keyfp, pubkeys_fp64[keyid], keyfplen);
+ dp_strlcpy(keyfp, pubkeys_fp64[keyid], keyfplen);
if(idfp)
if(pubkeys_havepriv[keyid])
- strlcpy(idfp, pubkeys_priv_fp64[keyid], idfplen);
+ dp_strlcpy(idfp, pubkeys_priv_fp64[keyid], idfplen);
if(issigned)
*issigned = pubkeys_havesig[keyid];
return 1;
dpsnprintf(crypto_idstring_buf, sizeof(crypto_idstring_buf), "%d", d0_rijndael_dll ? crypto_aeslevel.integer : 0);
for (i = 0; i < MAX_PUBKEYS; ++i)
if (pubkeys[i])
- strlcat(crypto_idstring_buf, va(vabuf, sizeof(vabuf), " %s@%s%s", pubkeys_priv_fp64[i], pubkeys_havesig[i] ? "" : "~", pubkeys_fp64[i]), sizeof(crypto_idstring_buf));
+ dp_strlcat(crypto_idstring_buf, va(vabuf, sizeof(vabuf), " %s@%s%s", pubkeys_priv_fp64[i], pubkeys_havesig[i] ? "" : "~", pubkeys_fp64[i]), sizeof(crypto_idstring_buf));
crypto_idstring = crypto_idstring_buf;
}
{
if(length_received >= 5 && Crypto_LittleLong((const char *) buffer) == FOURCC_D0ER)
{
- Con_Printf("Error response from keygen server: %.*s\n", (int)(length_received - 5), buffer + 5);
+ Con_Printf(CON_ERROR "Error response from keygen server: %.*s\n", (int)(length_received - 5), buffer + 5);
}
else
{
- Con_Printf("Invalid response from keygen server:\n");
+ Con_Printf(CON_ERROR "Invalid response from keygen server:\n");
Com_HexDumpToConsole(buffer, (int)length_received);
}
keygen_i = -1;
{
Con_Printf("Generated private ID key_%d.d0pk (public key fingerprint: %s)\n", keygen_i, pubkeys_priv_fp64[keygen_i]);
pubkeys_havepriv[keygen_i] = true;
- strlcat(crypto_idstring_buf, va(vabuf, sizeof(vabuf), " %s@%s", pubkeys_priv_fp64[keygen_i], pubkeys_fp64[keygen_i]), sizeof(crypto_idstring_buf));
+ dp_strlcat(crypto_idstring_buf, va(vabuf, sizeof(vabuf), " %s@%s", pubkeys_priv_fp64[keygen_i], pubkeys_fp64[keygen_i]), sizeof(crypto_idstring_buf));
crypto_idstring = crypto_idstring_buf;
Crypto_BuildChallengeAppend();
}
if(CDATA->s >= 0)
{
// I am the server, and my key is ok... so let's set server_keyfp and server_idfp
- strlcpy(crypto->server_keyfp, pubkeys_fp64[CDATA->s], sizeof(crypto->server_keyfp));
- strlcpy(crypto->server_idfp, pubkeys_priv_fp64[CDATA->s], sizeof(crypto->server_idfp));
+ dp_strlcpy(crypto->server_keyfp, pubkeys_fp64[CDATA->s], sizeof(crypto->server_keyfp));
+ dp_strlcpy(crypto->server_idfp, pubkeys_priv_fp64[CDATA->s], sizeof(crypto->server_idfp));
crypto->server_issigned = pubkeys_havesig[CDATA->s];
if(!CDATA->id)
CLEAR_CDATA;
return Crypto_ServerError(data_out, len_out, "d0_blind_id_authenticate_with_private_id_verify failed (authentication error)", "Authentication error");
}
- strlcpy(crypto->client_keyfp, pubkeys_fp64[CDATA->c], sizeof(crypto->client_keyfp));
+ dp_strlcpy(crypto->client_keyfp, pubkeys_fp64[CDATA->c], sizeof(crypto->client_keyfp));
crypto->client_issigned = status;
memset(crypto->client_idfp, 0, sizeof(crypto->client_idfp));
return CRYPTO_DISCARD;
}
-int Crypto_ClientParsePacket(const char *data_in, size_t len_in, char *data_out, size_t *len_out, lhnetaddress_t *peeraddress)
+int Crypto_ClientParsePacket(const char *data_in, size_t len_in, char *data_out, size_t *len_out, lhnetaddress_t *peeraddress, const char *peeraddressstring)
{
crypto_t *crypto = &cls.crypto;
const char *string = data_in;
// Must check the source IP here, if we want to prevent other servers' replies from falsely advancing the crypto state, preventing successful connect to the real server.
if (net_sourceaddresscheck.integer && LHNETADDRESS_Compare(peeraddress, &cls.connect_address))
- return Crypto_SoftClientError(data_out, len_out, "challenge message from wrong server");
+ {
+ char warn_msg[128];
+
+ dpsnprintf(warn_msg, sizeof(warn_msg), "ignoring challenge message from wrong server %s", peeraddressstring);
+ return Crypto_SoftClientError(data_out, len_out, warn_msg);
+ }
// if we have a stored host key for the server, assume serverid to already be selected!
// (the loop will refuse to overwrite this one then)
CDATA->s = serverid;
CDATA->c = clientid;
memset(crypto->dhkey, 0, sizeof(crypto->dhkey));
- strlcpy(CDATA->challenge, challenge, sizeof(CDATA->challenge));
+ dp_strlcpy(CDATA->challenge, challenge, sizeof(CDATA->challenge));
crypto->client_keyfp[0] = 0;
crypto->client_idfp[0] = 0;
crypto->server_keyfp[0] = 0;
if(clientid >= 0)
{
// I am the client, and my key is ok... so let's set client_keyfp and client_idfp
- strlcpy(crypto->client_keyfp, pubkeys_fp64[CDATA->c], sizeof(crypto->client_keyfp));
- strlcpy(crypto->client_idfp, pubkeys_priv_fp64[CDATA->c], sizeof(crypto->client_idfp));
+ dp_strlcpy(crypto->client_keyfp, pubkeys_fp64[CDATA->c], sizeof(crypto->client_keyfp));
+ dp_strlcpy(crypto->client_idfp, pubkeys_priv_fp64[CDATA->c], sizeof(crypto->client_idfp));
crypto->client_issigned = pubkeys_havesig[CDATA->c];
}
// Must check the source IP here, if we want to prevent other servers' replies from falsely advancing the crypto state, preventing successful connect to the real server.
if (net_sourceaddresscheck.integer && LHNETADDRESS_Compare(peeraddress, &cls.connect_address))
- return Crypto_SoftClientError(data_out, len_out, "d0pk\\ message from wrong server");
+ {
+ char warn_msg[128];
+
+ dpsnprintf(warn_msg, sizeof(warn_msg), "ignoring d0pk\\ message from wrong server %s", peeraddressstring);
+ return Crypto_SoftClientError(data_out, len_out, warn_msg);
+ }
cnt = InfoString_GetValue(string + 4, "id", infostringvalue, sizeof(infostringvalue));
id = (cnt ? atoi(cnt) : -1);
return Crypto_ClientError(data_out, len_out, "d0_blind_id_authenticate_with_private_id_verify failed (server authentication error)");
}
- strlcpy(crypto->server_keyfp, pubkeys_fp64[CDATA->s], sizeof(crypto->server_keyfp));
+ dp_strlcpy(crypto->server_keyfp, pubkeys_fp64[CDATA->s], sizeof(crypto->server_keyfp));
if (!status && CDATA->wantserver_issigned)
{
CLEAR_CDATA;