[Openvpn-devel,v3] generate_auth_token: simplify code

Message ID 20240910170005.5586-1-gert@greenie.muc.de
State Accepted
Headers show
Series [Openvpn-devel,v3] generate_auth_token: simplify code | expand

Commit Message

Gert Doering Sept. 10, 2024, 5 p.m. UTC
From: Frank Lichtenheld <frank@lichtenheld.com>

The previous code went through some hoops
to avoid compiler warnings. But there is
a much easier way by just telling it
exactly what you want to do.

Also fix typo in variable name while I'm
here.

Change-Id: Icc86334b26ba1fcc20f4cd03644018d1d16796e3
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Arne Schwabe <arne-openvpn@rfc2549.org>
---

This change was reviewed on Gerrit and approved by at least one
developer. I request to merge it to master.

Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/310
This mail reflects revision 3 of this Change.

Acked-by according to Gerrit (reflected above):
Arne Schwabe <arne-openvpn@rfc2549.org>

Comments

Gert Doering Sept. 11, 2024, 12:07 p.m. UTC | #1
Has an ACK from the owner of the code :-) - plus full test with the
server instance that does auth-tokens (including expiry + regen) and
a bit of stare-at-the-code.

Your patch has been applied to the master branch.

commit 3c77d328911bab5169d6981fbef34e8398c5b7b7
Author: Frank Lichtenheld
Date:   Tue Sep 10 19:00:05 2024 +0200

     generate_auth_token: simplify code

     Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
     Acked-by: Arne Schwabe <arne-openvpn@rfc2549.org>
     Message-Id: <20240910170005.5586-1-gert@greenie.muc.de>
     URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg29178.html
     Signed-off-by: Gert Doering <gert@greenie.muc.de>


--
kind regards,

Gert Doering

Patch

diff --git a/src/openvpn/auth_token.c b/src/openvpn/auth_token.c
index c4b59b9..192c7c2 100644
--- a/src/openvpn/auth_token.c
+++ b/src/openvpn/auth_token.c
@@ -182,24 +182,18 @@ 
         char *initial_token_copy = string_alloc(multi->auth_token_initial, &gc);
 
         char *old_sessid = initial_token_copy + strlen(SESSION_ID_PREFIX);
-        char *old_tsamp_initial = old_sessid + AUTH_TOKEN_SESSION_ID_LEN*8/6;
+        char *old_tstamp_initial = old_sessid + AUTH_TOKEN_SESSION_ID_LEN*8/6;
 
         /*
          * We null terminate the old token just after the session ID to let
          * our base64 decode function only decode the session ID
          */
-        old_tsamp_initial[12] = '\0';
-        ASSERT(openvpn_base64_decode(old_tsamp_initial, old_tstamp_decode, 9) == 9);
+        old_tstamp_initial[12] = '\0';
+        ASSERT(openvpn_base64_decode(old_tstamp_initial, old_tstamp_decode, 9) == 9);
 
-        /*
-         * Avoid old gcc (4.8.x) complaining about strict aliasing
-         * by using a temporary variable instead of doing it in one
-         * line
-         */
-        uint64_t *tstamp_ptr = (uint64_t *) old_tstamp_decode;
-        initial_timestamp = *tstamp_ptr;
+        memcpy(&initial_timestamp, &old_tstamp_decode, sizeof(initial_timestamp));
 
-        old_tsamp_initial[0] = '\0';
+        old_tstamp_initial[0] = '\0';
         ASSERT(openvpn_base64_decode(old_sessid, sessid, AUTH_TOKEN_SESSION_ID_LEN) == AUTH_TOKEN_SESSION_ID_LEN);
     }
     else if (!rand_bytes(sessid, AUTH_TOKEN_SESSION_ID_LEN))