| … | |
… | |
| 28 | #include <openssl/rand.h> |
28 | #include <openssl/rand.h> |
| 29 | #include <openssl/evp.h> |
29 | #include <openssl/evp.h> |
| 30 | #include <openssl/rsa.h> |
30 | #include <openssl/rsa.h> |
| 31 | #include <openssl/err.h> |
31 | #include <openssl/err.h> |
| 32 | |
32 | |
| 33 | #include "gettext.h" |
|
|
| 34 | |
|
|
| 35 | #include "conf.h" |
33 | #include "conf.h" |
| 36 | #include "slog.h" |
34 | #include "slog.h" |
| 37 | #include "device.h" |
35 | #include "device.h" |
| 38 | #include "vpn.h" |
36 | #include "vpn.h" |
| 39 | #include "connection.h" |
37 | #include "connection.h" |
| … | |
… | |
| 97 | struct rsa_cache : list<rsa_entry> |
95 | struct rsa_cache : list<rsa_entry> |
| 98 | { |
96 | { |
| 99 | void cleaner_cb (time_watcher &w); time_watcher cleaner; |
97 | void cleaner_cb (time_watcher &w); time_watcher cleaner; |
| 100 | |
98 | |
| 101 | bool find (const rsaid &id, rsachallenge &chg) |
99 | bool find (const rsaid &id, rsachallenge &chg) |
| 102 | { |
100 | { |
| 103 | for (iterator i = begin (); i != end (); ++i) |
101 | for (iterator i = begin (); i != end (); ++i) |
| 104 | { |
102 | { |
| 105 | if (!memcmp (&id, &i->id, sizeof id) && i->expire > NOW) |
103 | if (!memcmp (&id, &i->id, sizeof id) && i->expire > NOW) |
| 106 | { |
104 | { |
| 107 | memcpy (&chg, &i->chg, sizeof chg); |
105 | memcpy (&chg, &i->chg, sizeof chg); |
| 108 | |
106 | |
| 109 | erase (i); |
107 | erase (i); |
| 110 | return true; |
108 | return true; |
| 111 | } |
109 | } |
| 112 | } |
110 | } |
| 113 | |
111 | |
| 114 | if (cleaner.at < NOW) |
112 | if (cleaner.at < NOW) |
| 115 | cleaner.start (NOW + RSA_TTL); |
113 | cleaner.start (NOW + RSA_TTL); |
| 116 | |
114 | |
| 117 | return false; |
115 | return false; |
| 118 | } |
116 | } |
| 119 | |
117 | |
| 120 | void gen (rsaid &id, rsachallenge &chg) |
118 | void gen (rsaid &id, rsachallenge &chg) |
| 121 | { |
119 | { |
| 122 | rsa_entry e; |
120 | rsa_entry e; |
| 123 | |
121 | |
| 124 | RAND_bytes ((unsigned char *)&id, sizeof id); |
122 | RAND_bytes ((unsigned char *)&id, sizeof id); |
| 125 | RAND_bytes ((unsigned char *)&chg, sizeof chg); |
123 | RAND_bytes ((unsigned char *)&chg, sizeof chg); |
| 126 | |
124 | |
| 127 | e.expire = NOW + RSA_TTL; |
125 | e.expire = NOW + RSA_TTL; |
| 128 | e.id = id; |
126 | e.id = id; |
| 129 | memcpy (&e.chg, &chg, sizeof chg); |
127 | memcpy (&e.chg, &chg, sizeof chg); |
| 130 | |
128 | |
| 131 | push_back (e); |
129 | push_back (e); |
| 132 | |
130 | |
| 133 | if (cleaner.at < NOW) |
131 | if (cleaner.at < NOW) |
| 134 | cleaner.start (NOW + RSA_TTL); |
132 | cleaner.start (NOW + RSA_TTL); |
| 135 | } |
133 | } |
| 136 | |
134 | |
| 137 | rsa_cache () |
135 | rsa_cache () |
| 138 | : cleaner (this, &rsa_cache::cleaner_cb) |
136 | : cleaner (this, &rsa_cache::cleaner_cb) |
| 139 | { } |
137 | { } |
| 140 | |
138 | |
| 141 | } rsa_cache; |
139 | } rsa_cache; |
| 142 | |
140 | |
| 143 | void rsa_cache::cleaner_cb (time_watcher &w) |
141 | void rsa_cache::cleaner_cb (time_watcher &w) |
| 144 | { |
142 | { |
