gvpe/src/util.h

/*
    util.h -- process management and other utility functions
    Copyright (C) 1998-2002 Ivo Timmermans <ivo@o2w.nl>
                  2000-2002 Guus Sliepen <guus@sliepen.eu.org>
                  2003      Marc Lehmann <gvpe@schmorp.de>
 
    This file is part of GVPE.

    GVPE is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation; either version 2 of the License, or
    (at your option) any later version.
 
    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.
 
    You should have received a copy of the GNU General Public License
    along with gvpe; if not, write to the Free Software
    Foundation, Inc. 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
*/

#ifndef UTIL_H__
#define UTIL_H__

#include <cstring>

#include <openssl/rsa.h>

#include "gettext.h"

#include "slog.h"
#include "ev_cpp.h"
#include "callback.h"

typedef ev_tstamp tstamp;

/*
 * check for an existing gvpe for this net, and write pid to pidfile
 */
extern int write_pidfile (void);

/*
 * kill older gvpe
 */
extern int kill_other (int signal);

/*
 * Detach from current terminal, write pidfile, kill parent
 */
extern int detach (int do_detach);

/*
 * check wether the given path is an absolute pathname
 */
#define ABSOLUTE_PATH(c) ((c)[0] == '/')

/*****************************************************************************/

typedef u8 mac[6];

extern void id2mac (unsigned int id, void *m);

#define mac2id(p) ((p)[0] & 0x01 ? 0 : ((p)[4] << 8) | (p)[5])

struct sliding_window
{
  u32 v[(WINDOWSIZE + 31) / 32];
  u32 seq;

  void reset (u32 seqno)
    {
      memset (v, -1, sizeof v);
      seq = seqno;
    }

  bool recv_ok (u32 seqno)
    {
      if (seqno <= seq - WINDOWSIZE)
        slog (L_ERR, _("received duplicate or outdated packet (received %08lx, expected %08lx)\n"
                       "possible replay attack, or just massive packet reordering"), seqno, seq + 1);
      else if (seqno > seq + WINDOWSIZE * 4)
        slog (L_ERR, _("received duplicate or out-of-sync packet (received %08lx, expected %08lx)\n"
                       "possible replay attack, or just massive packet loss"), seqno, seq + 1);
      else
        {
          while (seqno > seq)
            {
              seq++;

              u32 s = seq % WINDOWSIZE;
              u32 *cell = v + (s >> 5);
              u32 mask = 1 << (s & 31);

              *cell &= ~mask;
            }

          u32 s = seqno % WINDOWSIZE;
          u32 *cell = v + (s >> 5);
          u32 mask = 1 << (s & 31);

          if (*cell & mask)
            slog (L_ERR, _("received duplicate packet (received %08lx, expected %08lx)\n"
                           "possible replay attack, or just packet duplication"), seqno, seq + 1);
          else
            {
              *cell |= mask;
              return true;
            }
        }

      return false;
    }
};

typedef callback<const char * ()> run_script_cb;

// run a shell script (or actually an external program).
bool run_script (const run_script_cb &cb, bool wait);

#if ENABLE_HTTP_PROXY
u8 *base64_encode (const u8 *data, unsigned int len);
#endif

/*****************************************************************************/

typedef u8 rsaclear[RSA_KEYLEN - RSA_OVERHEAD]; // challenge data;
typedef u8 rsacrypt[RSA_KEYLEN]; // encrypted challenge

static inline void
rsa_encrypt (RSA *key, const rsaclear &chg, rsacrypt &encr)
{
  if (RSA_public_encrypt (sizeof chg,
                          (unsigned char *)&chg, (unsigned char *)&encr,
                          key, RSA_PKCS1_OAEP_PADDING) < 0)
    fatal ("RSA_public_encrypt error");
}

static inline bool
rsa_decrypt (RSA *key, const rsacrypt &encr, rsaclear &chg)
{
  return RSA_private_decrypt (sizeof encr,
                              (unsigned char *)&encr, (unsigned char *)&chg,
                              key, RSA_PKCS1_OAEP_PADDING) > 0;
}

#endif

Revision:	1.24
Committed:	Tue Dec 4 14:55:59 2007 UTC (16 years, 5 months ago) by pcg
Content type:	text/plain
Branch:	MAIN
Changes since 1.23:	+2 -0 lines
Log Message:	bug workaround/cleanup
#	User	Rev	Content
1	pcg	1.1	/*
2			util.h -- process management and other utility functions
3			Copyright (C) 1998-2002 Ivo Timmermans <ivo@o2w.nl>
4			2000-2002 Guus Sliepen <guus@sliepen.eu.org>
5	pcg	1.13	2003 Marc Lehmann <gvpe@schmorp.de>
6	pcg	1.1
7	pcg	1.13	This file is part of GVPE.
8
9			GVPE is free software; you can redistribute it and/or modify
10	pcg	1.1	it under the terms of the GNU General Public License as published by
11			the Free Software Foundation; either version 2 of the License, or
12			(at your option) any later version.
13
14			This program is distributed in the hope that it will be useful,
15			but WITHOUT ANY WARRANTY; without even the implied warranty of
16			MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17			GNU General Public License for more details.
18
19			You should have received a copy of the GNU General Public License
20	pcg	1.13	along with gvpe; if not, write to the Free Software
21	pcg	1.18	Foundation, Inc. 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
22	pcg	1.1	*/
23
24			#ifndef UTIL_H__
25			#define UTIL_H__
26
27	pcg	1.24	#include <cstring>
28
29	pcg	1.11	#include <openssl/rsa.h>
30
31	pcg	1.15	#include "gettext.h"
32
33	pcg	1.10	#include "slog.h"
34	pcg	1.20	#include "ev_cpp.h"
35			#include "callback.h"
36
37	pcg	1.21	typedef ev_tstamp tstamp;
38	pcg	1.1
39			/*
40	pcg	1.16	* check for an existing gvpe for this net, and write pid to pidfile
41	pcg	1.1	*/
42			extern int write_pidfile (void);
43
44			/*
45	pcg	1.16	* kill older gvpe
46	pcg	1.1	*/
47			extern int kill_other (int signal);
48
49			/*
50			* Detach from current terminal, write pidfile, kill parent
51			*/
52			extern int detach (int do_detach);
53
54			/*
55			* check wether the given path is an absolute pathname
56			*/
57			#define ABSOLUTE_PATH(c) ((c)[0] == '/')
58	pcg	1.10
59	pcg	1.11	/*****************************************************************************/
60
61	pcg	1.10	typedef u8 mac[6];
62	pcg	1.1
63	pcg	1.8	extern void id2mac (unsigned int id, void *m);
64	pcg	1.1
65	pcg	1.8	#define mac2id(p) ((p)[0] & 0x01 ? 0 : ((p)[4] << 8) \| (p)[5])
66	pcg	1.1
67	pcg	1.22	struct sliding_window
68			{
69	pcg	1.2	u32 v[(WINDOWSIZE + 31) / 32];
70			u32 seq;
71
72			void reset (u32 seqno)
73			{
74			memset (v, -1, sizeof v);
75			seq = seqno;
76			}
77
78			bool recv_ok (u32 seqno)
79			{
80			if (seqno <= seq - WINDOWSIZE)
81			slog (L_ERR, _("received duplicate or outdated packet (received %08lx, expected %08lx)\n"
82	pcg	1.19	"possible replay attack, or just massive packet reordering"), seqno, seq + 1);
83			else if (seqno > seq + WINDOWSIZE * 4)
84	pcg	1.2	slog (L_ERR, _("received duplicate or out-of-sync packet (received %08lx, expected %08lx)\n"
85	pcg	1.19	"possible replay attack, or just massive packet loss"), seqno, seq + 1);
86	pcg	1.2	else
87			{
88			while (seqno > seq)
89			{
90			seq++;
91
92			u32 s = seq % WINDOWSIZE;
93			u32 *cell = v + (s >> 5);
94			u32 mask = 1 << (s & 31);
95
96			*cell &= ~mask;
97			}
98
99			u32 s = seqno % WINDOWSIZE;
100			u32 *cell = v + (s >> 5);
101			u32 mask = 1 << (s & 31);
102
103			if (*cell & mask)
104	pcg	1.19	slog (L_ERR, _("received duplicate packet (received %08lx, expected %08lx)\n"
105			"possible replay attack, or just packet duplication"), seqno, seq + 1);
106	pcg	1.2	else
107			{
108			*cell \|= mask;
109			return true;
110			}
111			}
112	pcg	1.19
113			return false;
114	pcg	1.2	}
115			};
116
117	pcg	1.23	typedef callback<const char * ()> run_script_cb;
118	pcg	1.5
119			// run a shell script (or actually an external program).
120	pcg	1.17	bool run_script (const run_script_cb &cb, bool wait);
121	pcg	1.5
122	pcg	1.7	#if ENABLE_HTTP_PROXY
123			u8 base64_encode (const u8 data, unsigned int len);
124			#endif
125	pcg	1.11
126			/*****************************************************************************/
127
128			typedef u8 rsaclear[RSA_KEYLEN - RSA_OVERHEAD]; // challenge data;
129			typedef u8 rsacrypt[RSA_KEYLEN]; // encrypted challenge
130
131			static inline void
132			rsa_encrypt (RSA *key, const rsaclear &chg, rsacrypt &encr)
133			{
134			if (RSA_public_encrypt (sizeof chg,
135			(unsigned char )&chg, (unsigned char )&encr,
136			key, RSA_PKCS1_OAEP_PADDING) < 0)
137			fatal ("RSA_public_encrypt error");
138			}
139
140			static inline bool
141			rsa_decrypt (RSA *key, const rsacrypt &encr, rsaclear &chg)
142			{
143			return RSA_private_decrypt (sizeof encr,
144			(unsigned char )&encr, (unsigned char )&chg,
145			key, RSA_PKCS1_OAEP_PADDING) > 0;
146			}
147	pcg	1.7
148	pcg	1.1	#endif
149