From 8689b3a94c043f04e334a7b181a7250ad5940616 Mon Sep 17 00:00:00 2001 From: Stephen Early Date: Mon, 24 Sep 2001 14:25:00 +0100 Subject: [PATCH] Import release 0.08 --- INSTALL | 28 ++++----- Makefile.in | 48 +++++++++------ TODO | 14 +++-- conffile.c | 4 +- config.h.in | 9 +++ configure | 161 +++++++++++++++++++++++++++++++++++++++++++++++---- configure.in | 2 +- md5.c | 6 +- modules.c | 1 - netlink.c | 4 +- random.c | 4 +- secnet.c | 9 +-- secnet.h | 3 +- site.c | 15 +++-- stamp-h.in | 1 + transform.c | 28 ++++++++- udp.c | 5 +- util.c | 6 +- util.h | 3 - 19 files changed, 262 insertions(+), 89 deletions(-) create mode 100644 stamp-h.in diff --git a/INSTALL b/INSTALL index b384b9c..81292a1 100644 --- a/INSTALL +++ b/INSTALL @@ -4,7 +4,8 @@ USE AT YOUR OWN RISK. THIS IS ALPHA TEST SOFTWARE. I DO NOT GUARANTEE THAT THERE WILL BE PROTOCOL COMPATIBILITY BETWEEN DIFFERENT VERSIONS. -PROTOCOL COMPATIBILITY WAS BROKEN BETWEEN secnet-0.06 AND secnet-0.07 +PROTOCOL COMPATIBILITY WAS BROKEN BETWEEN secnet-0.06, secnet-0.07 AND +secnet-0.08 FOR ENDIANNESS FIXES. * Preparation @@ -33,7 +34,7 @@ Note than TUN comes in two flavours, one (called 'tun' in the secnet config file) which has only one device file (usually /dev/net/tun) and the other (called 'tun-old') which has many device files (/dev/tun*). Linux-2.4 has new-style TUN, Linux-2.2, BSD and Solaris have old-style -TUN. Currently only new-style TUN has been tested with secnet. +TUN. ** System and network configuration @@ -48,18 +49,14 @@ the address you see in 'ifconfig' when you look at the tunnel interface). The other will be for secnet itself. These addresses could possibly be allocated from the range used by your internal network: if you do this, you should think about providing appropriate -proxy-ARP on the machine running secnet for the two addresses. -Alternatively the addresses could be from some other range - this -works well if the machine running secnet is the default route out of -your network. +proxy-ARP on the internal network interface of the machine running +secnet (eg. add an entry net/ipv4/conf/eth_whatever/proxy_arp = 1 to +/etc/sysctl.conf on Debian systems and run sysctl -p). Alternatively +the addresses could be from some other range - this works well if the +machine running secnet is the default route out of your network. http://www.ucam.org/cam-grin/ may be useful. -Advanced users: secnet's IP address does not _have_ to be in the range -of networks claimed by your end of the tunnel; it could be in the -range of networks claimed by the other end. Doing this is confusing, -but works. - * Installation To install secnet do @@ -67,13 +64,18 @@ To install secnet do $ ./configure $ make # make install + +If installing for the first time, do + # mkdir /etc/secnet # cp example.conf /etc/secnet/secnet.conf # cd /etc/secnet # ssh-keygen -f key -N "" -(When upgrading, just install the new /usr/local/sbin/secnet; keep -your current configuration file.) +[On BSD use +$ LDFLAGS="-L/usr/local/lib" ./configure +$ gmake CFLAGS="-I/usr/local/include" LDFLAGS="-L/usr/local/lib" +XXX this should eventually be worked out automatically by 'configure'.] Generate a site file fragment for your site (see below), and submit it for inclusion in the vpn-sites file. Download the vpn-sites file to diff --git a/Makefile.in b/Makefile.in index a7d9df8..d910766 100644 --- a/Makefile.in +++ b/Makefile.in @@ -18,7 +18,7 @@ .PHONY: all clean realclean dist install PACKAGE:=secnet -VERSION:=0.07 +VERSION:=0.08 @SET_MAKE@ @@ -31,7 +31,7 @@ CC:=@CC@ INSTALL:=@INSTALL@ INSTALL_PROGRAM:=@INSTALL_PROGRAM@ -CFLAGS:=@CFLAGS@ @DEFS@ -Wall -I. +CFLAGS:=@CFLAGS@ @DEFS@ -Wall -I$(srcdir) -I. LDFLAGS:=@LDFLAGS@ LDLIBS:=@LIBS@ @@ -53,7 +53,7 @@ DISTFILES:=COPYING INSTALL Makefile.in NOTES README TODO conffile.c \ example-sites-file example.conf install.sh linux md5.c md5.h \ modules.c modules.h netlink.c random.c resolver.c rsa.c \ secnet.c secnet.h serpent.c serpent.h serpentsboxes.h \ - site.c transform.c udp.c unaligned.h util.c util.h + site.c stamp-h.in transform.c udp.c unaligned.h util.c util.h %.c: %.y @@ -61,20 +61,33 @@ DISTFILES:=COPYING INSTALL Makefile.in NOTES README TODO conffile.c \ flex -o$@ $< %.tab.c: %.y - bison -d $< + bison -d -o $@ $< all: $(TARGETS) +# Automatic remaking of configuration files, from autoconf documentation +${srcdir}/configure: configure.in + cd ${srcdir} && autoconf + +# autoheader might not change config.h.in, so touch a stamp file. +${srcdir}/config.h.in: stamp-h.in +${srcdir}/stamp-h.in: configure.in config.h.top config.h.bot + cd ${srcdir} && autoheader + echo timestamp > ${srcdir}/stamp-h.in + +config.h: stamp-h +stamp-h: config.h.in config.status + ./config.status + Makefile: Makefile.in config.status - $(SHELL) config.status + ./config.status config.status: configure - $(srcdir)/configure --no-create - -config.h: config.h.in config.status - $(SHELL) config.status + ./config.status --recheck +# End of config file remaking rules +# Manual dependencies section - XXX use autodep eventually $(OBJECTS): config.h secnet.h util.h conffile.o conffile.tab.o conffile.yy.o: conffile.h conffile_internal.h secnet.c: conffile.h @@ -83,6 +96,9 @@ serpent.o transform.o: serpent.h serpent.o: serpentsboxes.h conffile.o: modules.h site.c util.c: unaligned.h +conffile.yy.c: conffile.fl conffile.tab.c +conffile.tab.c: conffile.y +# End of manual dependencies section secnet: $(OBJECTS) @@ -93,22 +109,18 @@ install: all $(INSTALL_PROGRAM) secnet $(sbindir)/`echo secnet|sed '$(transform)'` clean: - $(RM) -f $(srcdir)/*.o $(srcdir)/*~ $(srcdir)/*.yy.c \ - $(srcdir)/*.tab.[ch] + $(RM) -f *.o *.yy.c *.tab.[ch] $(TARGETS) core version.c realclean: clean - $(RM) -f $(TARGETS) $(srcdir)/Makefile $(srcdir)/config.h \ - $(srcdir)/config.log $(srcdir)/config.status $(srcdir)/config.cache \ - $(srcdir)/Makefile.bak core + $(RM) -f *~ Makefile config.h \ + config.log config.status config.cache \ + stamp-h Makefile.bak pfname:=$(PACKAGE)-$(VERSION) dist: $(RM) -rf $(pfname) mkdir $(pfname) - for i in $(DISTFILES) ; do ln -s ../$$i $(pfname)/ ; done + for i in $(DISTFILES) ; do ln -s ../$(srcdir)/$$i $(pfname)/ ; done tar hcf ../$(pfname).tar $(pfname) gzip -9f ../$(pfname).tar $(RM) -rf $(pfname) - -conffile.yy.c: conffile.fl conffile.tab.c -conffile.tab.c: conffile.y diff --git a/TODO b/TODO index 45ee330..3f5f028 100644 --- a/TODO +++ b/TODO @@ -4,24 +4,30 @@ Makefile.in: autodep stuff conffile.c: done -dh.c: change format to binary from decimal string +dh.c: change format to binary from decimal string (without introducing +endianness problems) -netlink.c: done. Test tun-old code. +netlink.c: done. jdamery reports tun-old code works on Linux-2.2 random.c: test resolver.c: done rsa.c: check padding type, change format to binary from decimal string +(without introducing endianness problems) secnet.c: done site.c: the site_incoming() routing could be implemented much more cleanly using a table. There's still quite a lot of redundancy in this -file. +file. Abandon key exchanges when a bad packet is received. Tell +netlink link is down if it's down and we don't have address for other +end. -transform.c: done +transform.c: done. Needs checking for endianness problems. udp.c: done util.c: sort out logging + +General: check over MBM's patches for BSD. diff --git a/conffile.c b/conffile.c index 746b654..45889ba 100644 --- a/conffile.c +++ b/conffile.c @@ -6,11 +6,9 @@ /* #define DUMP_PARSE_TREE */ +#include "secnet.h" #include -#include #include - -#include "secnet.h" #include "conffile.h" #include "conffile_internal.h" #include "util.h" diff --git a/config.h.in b/config.h.in index c52fd8c..54e8a6f 100644 --- a/config.h.in +++ b/config.h.in @@ -25,8 +25,17 @@ /* Define if you have the fl library (-lfl). */ #undef HAVE_LIBFL +/* Define if you have the getopt library (-lgetopt). */ +#undef HAVE_LIBGETOPT + +/* Define if you have the gmp library (-lgmp). */ +#undef HAVE_LIBGMP + /* Define if you have the gmp2 library (-lgmp2). */ #undef HAVE_LIBGMP2 + +/* Define if you have the gnugetopt library (-lgnugetopt). */ +#undef HAVE_LIBGNUGETOPT /* -*- c -*- */ /* These are from config.h.bot, pasted onto the end of config.h.in. */ diff --git a/configure b/configure index 3bcb172..b834570 100755 --- a/configure +++ b/configure @@ -1255,8 +1255,55 @@ EOF fi +echo $ac_n "checking for mpz_init_set_str in -lgmp""... $ac_c" 1>&6 +echo "configure:1260: checking for mpz_init_set_str in -lgmp" >&5 +ac_lib_var=`echo gmp'_'mpz_init_set_str | sed 'y%./+-%__p_%'` +if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + ac_save_LIBS="$LIBS" +LIBS="-lgmp $LIBS" +cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=yes" +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=no" +fi +rm -f conftest* +LIBS="$ac_save_LIBS" + +fi +if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then + echo "$ac_t""yes" 1>&6 + ac_tr_lib=HAVE_LIB`echo gmp | sed -e 's/[^a-zA-Z0-9_]/_/g' \ + -e 'y/abcdefghijklmnopqrstuvwxyz/ABCDEFGHIJKLMNOPQRSTUVWXYZ/'` + cat >> confdefs.h <&6 +fi + echo $ac_n "checking for mpz_init_set_str in -lgmp2""... $ac_c" 1>&6 -echo "configure:1260: checking for mpz_init_set_str in -lgmp2" >&5 +echo "configure:1307: checking for mpz_init_set_str in -lgmp2" >&5 ac_lib_var=`echo gmp2'_'mpz_init_set_str | sed 'y%./+-%__p_%'` if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 @@ -1264,7 +1311,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lgmp2 $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:1326: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -1303,7 +1350,7 @@ else fi echo $ac_n "checking for yywrap in -lfl""... $ac_c" 1>&6 -echo "configure:1307: checking for yywrap in -lfl" >&5 +echo "configure:1354: checking for yywrap in -lfl" >&5 ac_lib_var=`echo fl'_'yywrap | sed 'y%./+-%__p_%'` if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 @@ -1311,7 +1358,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lfl $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:1373: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -1350,7 +1397,7 @@ else fi echo $ac_n "checking for adns_init in -ladns""... $ac_c" 1>&6 -echo "configure:1354: checking for adns_init in -ladns" >&5 +echo "configure:1401: checking for adns_init in -ladns" >&5 ac_lib_var=`echo adns'_'adns_init | sed 'y%./+-%__p_%'` if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 @@ -1358,7 +1405,7 @@ else ac_save_LIBS="$LIBS" LIBS="-ladns $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:1420: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -1396,6 +1443,100 @@ else echo "$ac_t""no" 1>&6 fi +echo $ac_n "checking for getopt_long in -lgetopt""... $ac_c" 1>&6 +echo "configure:1448: checking for getopt_long in -lgetopt" >&5 +ac_lib_var=`echo getopt'_'getopt_long | sed 'y%./+-%__p_%'` +if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + ac_save_LIBS="$LIBS" +LIBS="-lgetopt $LIBS" +cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=yes" +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=no" +fi +rm -f conftest* +LIBS="$ac_save_LIBS" + +fi +if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then + echo "$ac_t""yes" 1>&6 + ac_tr_lib=HAVE_LIB`echo getopt | sed -e 's/[^a-zA-Z0-9_]/_/g' \ + -e 'y/abcdefghijklmnopqrstuvwxyz/ABCDEFGHIJKLMNOPQRSTUVWXYZ/'` + cat >> confdefs.h <&6 +fi + +echo $ac_n "checking for getopt_long in -lgnugetopt""... $ac_c" 1>&6 +echo "configure:1495: checking for getopt_long in -lgnugetopt" >&5 +ac_lib_var=`echo gnugetopt'_'getopt_long | sed 'y%./+-%__p_%'` +if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + ac_save_LIBS="$LIBS" +LIBS="-lgnugetopt $LIBS" +cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=yes" +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=no" +fi +rm -f conftest* +LIBS="$ac_save_LIBS" + +fi +if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then + echo "$ac_t""yes" 1>&6 + ac_tr_lib=HAVE_LIB`echo gnugetopt | sed -e 's/[^a-zA-Z0-9_]/_/g' \ + -e 'y/abcdefghijklmnopqrstuvwxyz/ABCDEFGHIJKLMNOPQRSTUVWXYZ/'` + cat >> confdefs.h <&6 +fi + trap '' 1 2 15 cat > confcache <<\EOF @@ -1749,7 +1890,7 @@ cat >> $CONFIG_STATUS <> $CONFIG_STATUS <<\EOF - +echo timestamp >stamp-h exit 0 EOF chmod +x $CONFIG_STATUS diff --git a/configure.in b/configure.in index 9bb9248..8cffe5e 100644 --- a/configure.in +++ b/configure.in @@ -23,4 +23,4 @@ AC_CHECK_LIB(adns,adns_init) AC_CHECK_LIB(getopt,getopt_long) AC_CHECK_LIB(gnugetopt,getopt_long) -AC_OUTPUT(Makefile) +AC_OUTPUT(Makefile,echo timestamp >stamp-h) diff --git a/md5.c b/md5.c index ab00d26..12217d7 100644 --- a/md5.c +++ b/md5.c @@ -20,12 +20,8 @@ * Still in the public domain. */ -#include /* for memcpy() */ -#include /* for stupid systems */ -#include /* for ntohl() */ - #include "secnet.h" -#include "config.h" +#include /* for memcpy() */ #include "md5.h" #ifdef WORDS_BIGENDIAN diff --git a/modules.c b/modules.c index 0ddf017..8b90606 100644 --- a/modules.c +++ b/modules.c @@ -1,4 +1,3 @@ -#include "config.h" #include "secnet.h" extern init_module resolver_module; diff --git a/netlink.c b/netlink.c index 9f4626a..3fbc3cf 100644 --- a/netlink.c +++ b/netlink.c @@ -18,14 +18,12 @@ packet to the kernel we check that the tunnel it came over could reasonably have produced it. */ +#include "secnet.h" #include #include #include #include #include - -#include "config.h" -#include "secnet.h" #include "util.h" #ifdef HAVE_LINUX_IF_H diff --git a/random.c b/random.c index 1fd19ec..c481527 100644 --- a/random.c +++ b/random.c @@ -1,15 +1,13 @@ /* $Log$ */ +#include "secnet.h" #include #include #include -#include #include #include -#include "secnet.h" - struct rgen_data { closure_t cl; struct random_if ops; diff --git a/secnet.c b/secnet.c index b1599e1..e70fbe1 100644 --- a/secnet.c +++ b/secnet.c @@ -6,21 +6,16 @@ extern char version[]; +#include "secnet.h" #include #include #include -#include #include -#include +#include #include -#include -#include -#include #include -#include #include -#include "secnet.h" #include "util.h" #include "conffile.h" diff --git a/secnet.h b/secnet.h index 9274059..35e06d1 100644 --- a/secnet.h +++ b/secnet.h @@ -8,9 +8,10 @@ #include #include #include +#include +#include #include - typedef char *string_t; typedef enum {False,True} bool_t; diff --git a/site.c b/site.c index 4ca53cd..5b8227e 100644 --- a/site.c +++ b/site.c @@ -1,9 +1,11 @@ /* site.c - manage communication with a remote network site */ +#include "secnet.h" #include -#include +/* MBM asserts the next one is needed for compilation under BSD. */ +#include -#include "secnet.h" +#include #include "util.h" #include "unaligned.h" @@ -61,6 +63,7 @@ #define SITE_SENTMSG5 7 #define SITE_WAIT 8 +#if 0 static string_t state_name(uint32_t state) { switch (state) { @@ -76,6 +79,7 @@ static string_t state_name(uint32_t state) default: return "*bad state*"; } } +#endif /* 0 */ #define LABEL_MSG0 0x00020200 #define LABEL_MSG1 0x01010101 @@ -1128,11 +1132,10 @@ static list_t *site_apply(closure_t *self, struct cloc loc, dict_t *context, /* XXX fix this bit for unaligned access */ st->setupsiglen=strlen(st->remotename)+strlen(st->localname)+8; st->setupsig=safe_malloc(st->setupsiglen,"site_apply"); - *(uint32_t *)&(st->setupsig[0])=LABEL_MSG1; - *(uint16_t *)&(st->setupsig[4])=htons(strlen(st->remotename)); + put_uint32(st->setupsig+0,LABEL_MSG1); + put_uint16(st->setupsig+4,strlen(st->remotename)); memcpy(&st->setupsig[6],st->remotename,strlen(st->remotename)); - *(uint16_t *)&(st->setupsig[6+strlen(st->remotename)])= - htons(strlen(st->localname)); + put_uint16(st->setupsig+(6+strlen(st->remotename)),strlen(st->localname)); memcpy(&st->setupsig[8+strlen(st->remotename)],st->localname, strlen(st->localname)); st->setup_priority=(strcmp(st->localname,st->remotename)>0); diff --git a/stamp-h.in b/stamp-h.in new file mode 100644 index 0000000..9788f70 --- /dev/null +++ b/stamp-h.in @@ -0,0 +1 @@ +timestamp diff --git a/transform.c b/transform.c index 174beda..a870449 100644 --- a/transform.c +++ b/transform.c @@ -162,9 +162,18 @@ static uint32_t transform_forward(void *sst, struct buffer_if *buf, /* CBC: each block is XORed with the previous encrypted block (or the IV) before being encrypted. */ p=iv; +#ifdef WORDS_BIGENDIAN + /* This counters the byteswap() in the first half of the loop, which in + turn counters the byteswap() in the second half of the loop. Ick. */ + iv[0]=byteswap(iv[0]); + iv[1]=byteswap(iv[1]); + iv[2]=byteswap(iv[2]); + iv[3]=byteswap(iv[3]); +#endif for (n=(uint32_t *)buf->start; n<(uint32_t *)(buf->start+buf->size); n+=4) { #ifdef WORDS_BIGENDIAN + /* Think of this as byteswap(p[x])^byteswap(n[x]) */ n[0]=byteswap(p[0]^n[0]); n[1]=byteswap(p[1]^n[1]); n[2]=byteswap(p[2]^n[2]); @@ -176,12 +185,17 @@ static uint32_t transform_forward(void *sst, struct buffer_if *buf, n[3]=p[3]^n[3]; #endif serpent_encrypt(&ti->cryptkey,n,n); +#ifdef WORDS_BIGENDIAN + n[0]=byteswap(n[0]); + n[1]=byteswap(n[1]); + n[2]=byteswap(n[2]); + n[3]=byteswap(n[3]); +#endif p=n; } buf_prepend_uint32(buf,ti->cryptiv); ti->cryptiv++; - return 0; } @@ -205,13 +219,23 @@ static uint32_t transform_reverse(void *sst, struct buffer_if *buf, return 1; } + /* CBC */ memset(iv,0,16); iv[0]=buf_unprepend_uint32(buf); + /* Assert bufsize is multiple of blocksize */ + if (buf->size&0xf) { + *errmsg="msg not multiple of cipher blocksize"; + } serpent_encrypt(&ti->cryptkey,iv,iv); - /* XXX assert bufsize is multiple of blocksize */ for (n=(uint32_t *)buf->start; n<(uint32_t *)(buf->start+buf->size); n+=4) { +#ifdef WORDS_BIGENDIAN + n[0]=byteswap(n[0]); + n[1]=byteswap(n[1]); + n[2]=byteswap(n[2]); + n[3]=byteswap(n[3]); +#endif pct[0]=n[0]; pct[1]=n[1]; pct[2]=n[2]; pct[3]=n[3]; serpent_decrypt(&ti->cryptkey,n,n); #ifdef WORDS_BIGENDIAN diff --git a/udp.c b/udp.c index 177ce1c..f055962 100644 --- a/udp.c +++ b/udp.c @@ -12,16 +12,13 @@ * Packets are offered to registered receivers in turn. Once one * accepts it, it isn't offered to any more. */ +#include "secnet.h" #include #include #include #include #include -#include #include -#include - -#include "secnet.h" #include "util.h" static beforepoll_fn udp_beforepoll; diff --git a/util.c b/util.c index c652537..053e81e 100644 --- a/util.c +++ b/util.c @@ -8,19 +8,15 @@ * */ -#include "config.h" +#include "secnet.h" #include -#include #include #include -#include #include #include #include -#include #include #include "util.h" -#include "secnet.h" #include "unaligned.h" #define MIN_BUFFER_SIZE 64 diff --git a/util.h b/util.h index a43cb08..bb298f6 100644 --- a/util.h +++ b/util.h @@ -7,10 +7,7 @@ #ifndef util_h #define util_h -#include -#include #include "secnet.h" -#include "config.h" #include extern uint32_t message_level; -- 2.30.2