diff options
author | Steffan Karger <steffan.karger@fox-it.com> | 2013-03-22 09:54:23 +0100 |
---|---|---|
committer | Gert Doering <gert@greenie.muc.de> | 2013-03-22 16:55:09 +0100 |
commit | f499b921344272eec6405955b9bad2f162f7a2f9 (patch) | |
tree | 17a003e9724d1a94ff0907022de14e547cc12ea2 /src/openvpn/crypto_polarssl.c | |
parent | d572959d35e8920efb8d95d253ededee5d8a34bd (diff) | |
download | openvpn-f499b921344272eec6405955b9bad2f162f7a2f9.tar.gz openvpn-f499b921344272eec6405955b9bad2f162f7a2f9.tar.xz openvpn-f499b921344272eec6405955b9bad2f162f7a2f9.zip |
Config compatibility patch. Added translate_cipher_name.
Added translate_cipher name to crypto_openssl.c and crypto_polarssl.c
to translate between OpenVPN(/OpenSSL) and PolarSSL data channel
cipher algorithm names. OpenSSL does not require any translating,
PolarSSL does for a small number of algorithms. This improves on
config file compatibility between the OpenSSL and PolarSSL builds.
Signed-off-by: Steffan Karger <steffan.karger@fox-it.com>
Acked-by: Adriaan de Jong <dejong@fox-it.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1363942465-3251-5-git-send-email-steffan.karger@fox-it.com>
URL: http://article.gmane.org/gmane.network.openvpn.devel/7435
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Diffstat (limited to 'src/openvpn/crypto_polarssl.c')
-rw-r--r-- | src/openvpn/crypto_polarssl.c | 52 |
1 files changed, 50 insertions, 2 deletions
diff --git a/src/openvpn/crypto_polarssl.c b/src/openvpn/crypto_polarssl.c index ed9db53..1f27d6c 100644 --- a/src/openvpn/crypto_polarssl.c +++ b/src/openvpn/crypto_polarssl.c @@ -94,6 +94,53 @@ crypto_init_dmalloc (void) } #endif /* DMALLOC */ +typedef struct { const char * openvpn_name; const char * polarssl_name; } cipher_name_pair; +cipher_name_pair cipher_name_translation_table[] = { + { "BF-CBC", "BLOWFISH-CBC" }, + { "BF-CFB", "BLOWFISH-CFB64" }, + { "CAMELLIA-128-CFB", "CAMELLIA-128-CFB128" }, + { "CAMELLIA-192-CFB", "CAMELLIA-192-CFB128" }, + { "CAMELLIA-256-CFB", "CAMELLIA-256-CFB128" } +}; + +const cipher_name_pair * +get_cipher_name_pair(const char *cipher_name) { + cipher_name_pair *pair; + size_t i = 0; + + /* Search for a cipher name translation */ + for (; i < sizeof (cipher_name_translation_table) / sizeof (*cipher_name_translation_table); i++) + { + pair = &cipher_name_translation_table[i]; + if (0 == strcmp (cipher_name, pair->openvpn_name) || + 0 == strcmp (cipher_name, pair->polarssl_name)) + return pair; + } + + /* Nothing found, return null */ + return NULL; +} + +const char * +translate_cipher_name_from_openvpn (const char *cipher_name) { + const cipher_name_pair *pair = get_cipher_name_pair(cipher_name); + + if (NULL == pair) + return cipher_name; + + return pair->polarssl_name; +} + +const char * +translate_cipher_name_to_openvpn (const char *cipher_name) { + const cipher_name_pair *pair = get_cipher_name_pair(cipher_name); + + if (NULL == pair) + return cipher_name; + + return pair->openvpn_name; +} + void show_available_ciphers () { @@ -114,7 +161,7 @@ show_available_ciphers () if (info && info->mode == POLARSSL_MODE_CBC) printf ("%s %d bit default key\n", - info->name, cipher_kt_key_size(info) * 8); + cipher_kt_name(info), cipher_kt_key_size(info) * 8); ciphers++; } @@ -331,7 +378,8 @@ cipher_kt_name (const cipher_info_t *cipher_kt) { if (NULL == cipher_kt) return "[null-cipher]"; - return cipher_kt->name; + + return translate_cipher_name_to_openvpn(cipher_kt->name); } int |