… | |
… | |
28 | #include <openssl/rand.h> |
28 | #include <openssl/rand.h> |
29 | #include <openssl/evp.h> |
29 | #include <openssl/evp.h> |
30 | #include <openssl/rsa.h> |
30 | #include <openssl/rsa.h> |
31 | #include <openssl/err.h> |
31 | #include <openssl/err.h> |
32 | |
32 | |
33 | #include "gettext.h" |
|
|
34 | |
|
|
35 | #include "conf.h" |
33 | #include "conf.h" |
36 | #include "slog.h" |
34 | #include "slog.h" |
37 | #include "device.h" |
35 | #include "device.h" |
38 | #include "vpn.h" |
36 | #include "vpn.h" |
39 | #include "connection.h" |
37 | #include "connection.h" |
… | |
… | |
97 | struct rsa_cache : list<rsa_entry> |
95 | struct rsa_cache : list<rsa_entry> |
98 | { |
96 | { |
99 | void cleaner_cb (time_watcher &w); time_watcher cleaner; |
97 | void cleaner_cb (time_watcher &w); time_watcher cleaner; |
100 | |
98 | |
101 | bool find (const rsaid &id, rsachallenge &chg) |
99 | bool find (const rsaid &id, rsachallenge &chg) |
102 | { |
100 | { |
103 | for (iterator i = begin (); i != end (); ++i) |
101 | for (iterator i = begin (); i != end (); ++i) |
104 | { |
102 | { |
105 | if (!memcmp (&id, &i->id, sizeof id) && i->expire > NOW) |
103 | if (!memcmp (&id, &i->id, sizeof id) && i->expire > NOW) |
106 | { |
104 | { |
107 | memcpy (&chg, &i->chg, sizeof chg); |
105 | memcpy (&chg, &i->chg, sizeof chg); |
108 | |
106 | |
109 | erase (i); |
107 | erase (i); |
110 | return true; |
108 | return true; |
111 | } |
109 | } |
112 | } |
110 | } |
113 | |
111 | |
114 | if (cleaner.at < NOW) |
112 | if (cleaner.at < NOW) |
115 | cleaner.start (NOW + RSA_TTL); |
113 | cleaner.start (NOW + RSA_TTL); |
116 | |
114 | |
117 | return false; |
115 | return false; |
118 | } |
116 | } |
119 | |
117 | |
120 | void gen (rsaid &id, rsachallenge &chg) |
118 | void gen (rsaid &id, rsachallenge &chg) |
121 | { |
119 | { |
122 | rsa_entry e; |
120 | rsa_entry e; |
123 | |
121 | |
124 | RAND_bytes ((unsigned char *)&id, sizeof id); |
122 | RAND_bytes ((unsigned char *)&id, sizeof id); |
125 | RAND_bytes ((unsigned char *)&chg, sizeof chg); |
123 | RAND_bytes ((unsigned char *)&chg, sizeof chg); |
126 | |
124 | |
127 | e.expire = NOW + RSA_TTL; |
125 | e.expire = NOW + RSA_TTL; |
128 | e.id = id; |
126 | e.id = id; |
129 | memcpy (&e.chg, &chg, sizeof chg); |
127 | memcpy (&e.chg, &chg, sizeof chg); |
130 | |
128 | |
131 | push_back (e); |
129 | push_back (e); |
132 | |
130 | |
133 | if (cleaner.at < NOW) |
131 | if (cleaner.at < NOW) |
134 | cleaner.start (NOW + RSA_TTL); |
132 | cleaner.start (NOW + RSA_TTL); |
135 | } |
133 | } |
136 | |
134 | |
137 | rsa_cache () |
135 | rsa_cache () |
138 | : cleaner (this, &rsa_cache::cleaner_cb) |
136 | : cleaner (this, &rsa_cache::cleaner_cb) |
139 | { } |
137 | { } |
140 | |
138 | |
141 | } rsa_cache; |
139 | } rsa_cache; |
142 | |
140 | |
143 | void rsa_cache::cleaner_cb (time_watcher &w) |
141 | void rsa_cache::cleaner_cb (time_watcher &w) |
144 | { |
142 | { |