Updated OpenSSL checks

edge.c

@@ -679,6 +679,10 @@ int main(int argc, char* argv[]) {
 
   traceEvent(TRACE_NORMAL, "Starting n2n edge %s %s", PACKAGE_VERSION, PACKAGE_BUILDDATE);
 
+#if defined(N2N_HAVE_AES) || defined(HAVE_OPENSSL_1_1)
+  traceEvent(TRACE_NORMAL, "Using %s", OpenSSL_version(0));
+#endif
+  
   /* Random seed */
   srand(time(NULL));
 

n2n.h

@@ -110,6 +110,8 @@ typedef struct ether_hdr ether_hdr_t;
 #include <unistd.h>
 #include <assert.h>
 #include <sys/stat.h>
+#include <openssl/opensslv.h>
+#include <openssl/crypto.h>
 #include "minilzo.h"
 
 #define closesocket(a) close(a)

transform_aes.c

@@ -83,8 +83,10 @@ char *openssl_err_as_string (void) {
   char *buf = NULL;
   size_t len = BIO_get_mem_data (bio, &buf);
   char *ret = (char *) calloc (1, 1 + len);
+
   if(ret)
     memcpy (ret, buf, len);
+
   BIO_free (bio);
   return ret;
 }
@@ -119,7 +121,7 @@ static void set_aes_cbc_iv(transop_aes_t *priv, n2n_aes_ivec_t ivec, uint64_t iv
  *  [V|II|DDDDDDDDDDDDDDDDDDDDD]
  *       |<---- encrypted ---->|
  */
-static int transop_encode_aes( n2n_trans_op_t * arg,
+static int transop_encode_aes(n2n_trans_op_t * arg,
 			      uint8_t * outbuf,
 			      size_t out_len,
 			      const uint8_t * inbuf,
@@ -140,7 +142,7 @@ static int transop_encode_aes( n2n_trans_op_t * arg,
       traceEvent(TRACE_DEBUG, "encode_aes %lu", in_len);
 
       /* Encode the aes format version. */
-      encode_uint8( outbuf, &idx, N2N_AES_TRANSFORM_VERSION);
+      encode_uint8(outbuf, &idx, N2N_AES_TRANSFORM_VERSION);
 
       /* Generate and encode the IV seed.
        * Using two calls to rand() because RAND_MAX is usually < 64bit
@@ -156,10 +158,10 @@ static int transop_encode_aes( n2n_trans_op_t * arg,
 
       /* The assembly buffer is a source for encrypting data.
        * The whole contents of assembly are encrypted. */
-      memcpy( assembly, inbuf, in_len);
+      memcpy(assembly, inbuf, in_len);
 
       /* Need at least one encrypted byte at the end for the padding. */
-      len2 = ( (len / AES_BLOCK_SIZE) + 1) * AES_BLOCK_SIZE; /* Round up to next whole AES adding at least one byte. */
+      len2 = ((len / AES_BLOCK_SIZE) + 1) * AES_BLOCK_SIZE; /* Round up to next whole AES adding at least one byte. */
       padding = (len2-len);
       assembly[len2 - 1] = padding;
       traceEvent(TRACE_DEBUG, "padding = %u, seed = %016llx", padding, iv_seed);
@@ -192,7 +194,7 @@ static int transop_encode_aes( n2n_trans_op_t * arg,
 
       EVP_CIPHER_CTX_reset(ctx);
 #else
-      AES_cbc_encrypt( assembly, /* source */
+      AES_cbc_encrypt(assembly, /* source */
 		      outbuf + TRANSOP_AES_PREAMBLE_SIZE, /* dest */
 		      len2, /* enc size */
 		      &(priv->enc_key), enc_ivec, AES_ENCRYPT);
@@ -210,7 +212,7 @@ static int transop_encode_aes( n2n_trans_op_t * arg,
 /* ****************************************************** */
 
 /* See transop_encode_aes for packet format */
-static int transop_decode_aes( n2n_trans_op_t * arg,
+static int transop_decode_aes(n2n_trans_op_t * arg,
 			      uint8_t * outbuf,
 			      size_t out_len,
 			      const uint8_t * inbuf,
@@ -220,7 +222,7 @@ static int transop_decode_aes( n2n_trans_op_t * arg,
   transop_aes_t * priv = (transop_aes_t *)arg->priv;
   uint8_t assembly[N2N_PKT_BUF_SIZE];
 
-  if(( (in_len - TRANSOP_AES_PREAMBLE_SIZE) <= N2N_PKT_BUF_SIZE) /* Cipher text fits in assembly */
+  if(((in_len - TRANSOP_AES_PREAMBLE_SIZE) <= N2N_PKT_BUF_SIZE) /* Cipher text fits in assembly */
      && (in_len >= TRANSOP_AES_PREAMBLE_SIZE) /* Has at least version, iv seed */
      )
     {
@@ -230,7 +232,7 @@ static int transop_decode_aes( n2n_trans_op_t * arg,
       uint64_t iv_seed=0;
 
       /* Get the encoding version to make sure it is supported */
-      decode_uint8( &aes_enc_ver, inbuf, &rem, &idx );
+      decode_uint8(&aes_enc_ver, inbuf, &rem, &idx );
 
       if(N2N_AES_TRANSFORM_VERSION == aes_enc_ver) {
 	/* Get the IV seed */
@@ -273,7 +275,7 @@ static int transop_decode_aes( n2n_trans_op_t * arg,
 
 	  EVP_CIPHER_CTX_reset(ctx);
 #else
-	  AES_cbc_encrypt( (inbuf + TRANSOP_AES_PREAMBLE_SIZE),
+	  AES_cbc_encrypt((inbuf + TRANSOP_AES_PREAMBLE_SIZE),
 			  assembly, /* destination */
 			  len, 
 			  &(priv->dec_key),
@@ -290,7 +292,7 @@ static int transop_decode_aes( n2n_trans_op_t * arg,
 	    traceEvent(TRACE_DEBUG, "padding = %u", padding);
 	    len -= padding;
 
-	      memcpy( outbuf, 
+	    memcpy(outbuf, 
 		   assembly, 
 		   len);
 	  } else
@@ -318,13 +320,13 @@ static int setup_aes_key(transop_aes_t *priv, const uint8_t *key, ssize_t key_si
 
   /* Clear out any old possibly longer key matter. */
 #ifdef OPENSSL_1_1
-  memset( &(priv->key), 0, sizeof(priv->key) );
+  memset(&(priv->key), 0, sizeof(priv->key) );
 #else
-  memset( &(priv->enc_key), 0, sizeof(priv->enc_key) );
-  memset( &(priv->dec_key), 0, sizeof(priv->dec_key) );
+  memset(&(priv->enc_key), 0, sizeof(priv->enc_key) );
+  memset(&(priv->dec_key), 0, sizeof(priv->dec_key) );
 #endif
-  memset( &(priv->iv_enc_key), 0, sizeof(priv->iv_enc_key) );
-  memset( &(priv->iv_pad_val), 0, sizeof(priv->iv_pad_val) );
+  memset(&(priv->iv_enc_key), 0, sizeof(priv->iv_enc_key) );
+  memset(&(priv->iv_pad_val), 0, sizeof(priv->iv_pad_val) );
 
   /* Let the user choose the degree of encryption:
    * Long input keys will pick AES192 or AES256 with more robust but expensive encryption.
@@ -371,7 +373,7 @@ static int setup_aes_key(transop_aes_t *priv, const uint8_t *key, ssize_t key_si
   /* is there enough material available? */
   if(key_mat_buf_length < (aes_key_size_bytes + TRANSOP_AES_IV_KEY_BYTES + TRANSOP_AES_IV_PADDING_SIZE)) {
     /* this should never happen */
-      traceEvent( TRACE_ERROR, "AES missing %u bits hashed key material\n",
+    traceEvent(TRACE_ERROR, "AES missing %u bits hashed key material\n",
 	       (aes_key_size_bytes + TRANSOP_AES_IV_KEY_BYTES + TRANSOP_AES_IV_PADDING_SIZE - key_mat_buf_length) * 8);
     return(1);
   }