From: Steffan Karger <steffan@karger.me>
Date: Sun, 21 Feb 2016 01:08:11 +0000 (+0100)
Subject: Minor AEAD patch cleanup
X-Git-Tag: v2.4_alpha1~136
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b3560c98d7e4877f3ff6283dde1751654e6f7d6d;p=thirdparty%2Fopenvpn.git

Minor AEAD patch cleanup

 * Remove stale function declaration.
   This slipped into the AEAD cipher modes patch, but the function is
   now implemented as a static function is ssl.c.
 * Add ASSERT() to ensure frame is not NULL.
 * Fix "ENCRYPT TO" log message in openvpn_encrypt_aead().

Signed-off-by: Steffan Karger <steffan@karger.me>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1456016892-8671-1-git-send-email-steffan@karger.me>
URL: http://article.gmane.org/gmane.network.openvpn.devel/11233
Signed-off-by: Gert Doering <gert@greenie.muc.de>
---

diff --git a/src/openvpn/crypto.c b/src/openvpn/crypto.c
index e8ab27a8f..6d9c11941 100644
--- a/src/openvpn/crypto.c
+++ b/src/openvpn/crypto.c
@@ -161,10 +161,10 @@ openvpn_encrypt_aead (struct buffer *buf, struct buffer work,
   /* Write authentication tag */
   ASSERT (cipher_ctx_get_tag (ctx->cipher, mac_out, mac_len));
 
-  dmsg (D_PACKET_CONTENT, "ENCRYPT TO: %s", format_hex (BPTR (buf), BLEN (buf), 80, &gc));
-
   *buf = work;
 
+  dmsg (D_PACKET_CONTENT, "ENCRYPT TO: %s", format_hex (BPTR (buf), BLEN (buf), 80, &gc));
+
 cleanup:
   gc_free (&gc);
   return;
@@ -397,6 +397,7 @@ openvpn_decrypt_aead (struct buffer *buf, struct buffer work,
   gc_init (&gc);
 
   ASSERT (opt);
+  ASSERT (frame);
   ASSERT (buf->len > 0);
   ASSERT (ctx->cipher);
   ASSERT (cipher_kt_mode_aead (cipher_kt));
diff --git a/src/openvpn/crypto.h b/src/openvpn/crypto.h
index 14b6ab7cb..d3e08c1e6 100644
--- a/src/openvpn/crypto.h
+++ b/src/openvpn/crypto.h
@@ -311,17 +311,6 @@ void free_key_ctx (struct key_ctx *ctx);
 
 void free_key_ctx_bi (struct key_ctx_bi *ctx);
 
-/**
- * Set an implicit IV for a key context.
- *
- * @param ctx	The key context to update
- * @param iv	The implicit IV to load into ctx
- * @param len	The length (in bytes) of iv
- */
-bool key_ctx_set_implicit_iv (struct key_ctx *ctx, const uint8_t *iv,
-    size_t len);
-
-
 
 /**************************************************************************/
 /** @name Functions for performing security operations on data channel packets