#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <ctype.h>
#include <ntp.h>
#include <ntp_debug.h>
#include <lib_strbuf.h>
#ifdef OPENSSL
#include "openssl/err.h"
#include "openssl/rand.h"
int ssl_init_done;
void
ssl_init(void)
{
if (ssl_init_done)
return;
ERR_load_crypto_strings();
OpenSSL_add_all_algorithms();
ssl_init_done = 1;
}
void
ssl_check_version(void)
{
if ((SSLeay() ^ OPENSSL_VERSION_NUMBER) & ~0xff0L) {
msyslog(LOG_WARNING,
"OpenSSL version mismatch. Built against %lx, you have %lx",
OPENSSL_VERSION_NUMBER, SSLeay());
fprintf(stderr,
"OpenSSL version mismatch. Built against %lx, you have %lx\n",
OPENSSL_VERSION_NUMBER, SSLeay());
}
INIT_SSL();
}
#endif
int
keytype_from_text(
const char *text,
size_t *pdigest_len
)
{
int key_type;
u_int digest_len;
#ifdef OPENSSL
u_char digest[EVP_MAX_MD_SIZE];
char * upcased;
char * pch;
EVP_MD_CTX ctx;
INIT_SSL();
LIB_GETBUF(upcased);
strncpy(upcased, text, LIB_BUFLENGTH);
for (pch = upcased; '\0' != *pch; pch++)
*pch = (char)toupper(*pch);
key_type = OBJ_sn2nid(upcased);
#else
key_type = 0;
#endif
if (!key_type && 'm' == tolower(text[0]))
key_type = NID_md5;
if (!key_type)
return 0;
if (NULL != pdigest_len) {
#ifdef OPENSSL
EVP_DigestInit(&ctx, EVP_get_digestbynid(key_type));
EVP_DigestFinal(&ctx, digest, &digest_len);
if (digest_len + sizeof(keyid_t) > MAX_MAC_LEN) {
fprintf(stderr,
"key type %s %u octet digests are too big, max %u\n",
keytype_name(key_type), digest_len,
MAX_MAC_LEN - sizeof(keyid_t));
msyslog(LOG_ERR,
"key type %s %u octet digests are too big, max %u",
keytype_name(key_type), digest_len,
MAX_MAC_LEN - sizeof(keyid_t));
return 0;
}
#else
digest_len = 16;
#endif
*pdigest_len = digest_len;
}
return key_type;
}
const char *
keytype_name(
int nid
)
{
static const char unknown_type[] = "(unknown key type)";
const char *name;
#ifdef OPENSSL
INIT_SSL();
name = OBJ_nid2sn(nid);
if (NULL == name)
name = unknown_type;
#else
if (NID_md5 == nid)
name = "MD5";
else
name = unknown_type;
#endif
return name;
}