gvpe/src/util.h

/*
    util.h -- process management and other utility functions
    Copyright (C) 1998-2002 Ivo Timmermans <ivo@o2w.nl>
                  2000-2002 Guus Sliepen <guus@sliepen.eu.org>
                  2003-2008 Marc Lehmann <gvpe@schmorp.de>
 
    This file is part of GVPE.

    GVPE is free software; you can redistribute it and/or modify it
    under the terms of the GNU General Public License as published by the
    Free Software Foundation; either version 3 of the License, or (at your
    option) any later version.
   
    This program is distributed in the hope that it will be useful, but
    WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General
    Public License for more details.
   
    You should have received a copy of the GNU General Public License along
    with this program; if not, see <http://www.gnu.org/licenses/>.
   
    Additional permission under GNU GPL version 3 section 7
   
    If you modify this Program, or any covered work, by linking or
    combining it with the OpenSSL project's OpenSSL library (or a modified
    version of that library), containing parts covered by the terms of the
    OpenSSL or SSLeay licenses, the licensors of this Program grant you
    additional permission to convey the resulting work.  Corresponding
    Source for a non-source form of such a combination shall include the
    source code for the parts of OpenSSL used as well as that of the
    covered work.
*/

#ifndef UTIL_H__
#define UTIL_H__

#include <cstring>

#include <openssl/rsa.h>

#include "gettext.h"

#include "slog.h"
#include "ev_cpp.h"
#include "callback.h"

typedef ev_tstamp tstamp;

/*
 * check for an existing gvpe for this net, and write pid to pidfile
 */
extern int write_pidfile (void);

/*
 * kill older gvpe
 */
extern int kill_other (int signal);

/*
 * Detach from current terminal, write pidfile, kill parent
 */
extern int detach (int do_detach);

/*
 * check wether the given path is an absolute pathname
 */
#define ABSOLUTE_PATH(c) ((c)[0] == '/')

/*****************************************************************************/

typedef u8 mac[6];

extern void id2mac (unsigned int id, void *m);

#define mac2id(p) ((p)[0] & 0x01 ? 0 : ((p)[4] << 8) | (p)[5])

struct sliding_window
{
  u32 v[(WINDOWSIZE + 31) / 32];
  u32 seq;

  void reset (u32 seqno)
    {
      memset (v, -1, sizeof v);
      seq = seqno;
    }

  bool recv_ok (u32 seqno)
    {
      if (seqno <= seq - WINDOWSIZE)
        slog (L_ERR, _("received duplicate or outdated packet (received %08lx, expected %08lx)\n"
                       "possible replay attack, or just massive packet reordering"), seqno, seq + 1);
      else if (seqno > seq + WINDOWSIZE * 4)
        slog (L_ERR, _("received duplicate or out-of-sync packet (received %08lx, expected %08lx)\n"
                       "possible replay attack, or just massive packet loss"), seqno, seq + 1);
      else
        {
          while (seqno > seq)
            {
              seq++;

              u32 s = seq % WINDOWSIZE;
              u32 *cell = v + (s >> 5);
              u32 mask = 1 << (s & 31);

              *cell &= ~mask;
            }

          u32 s = seqno % WINDOWSIZE;
          u32 *cell = v + (s >> 5);
          u32 mask = 1 << (s & 31);

          if (*cell & mask)
            slog (L_ERR, _("received duplicate packet (received %08lx, expected %08lx)\n"
                           "possible replay attack, or just packet duplication"), seqno, seq + 1);
          else
            {
              *cell |= mask;
              return true;
            }
        }

      return false;
    }
};

typedef callback<const char * ()> run_script_cb;

// run a shell script (or actually an external program).
bool run_script (const run_script_cb &cb, bool wait);

#if ENABLE_HTTP_PROXY
u8 *base64_encode (const u8 *data, unsigned int len);
#endif

/*****************************************************************************/

typedef u8 rsaclear[RSA_KEYLEN - RSA_OVERHEAD]; // challenge data;
typedef u8 rsacrypt[RSA_KEYLEN]; // encrypted challenge

static inline void
rsa_encrypt (RSA *key, const rsaclear &chg, rsacrypt &encr)
{
  if (RSA_public_encrypt (sizeof chg,
                          (unsigned char *)&chg, (unsigned char *)&encr,
                          key, RSA_PKCS1_OAEP_PADDING) < 0)
    fatal ("RSA_public_encrypt error");
}

static inline bool
rsa_decrypt (RSA *key, const rsacrypt &encr, rsaclear &chg)
{
  return RSA_private_decrypt (sizeof encr,
                              (unsigned char *)&encr, (unsigned char *)&chg,
                              key, RSA_PKCS1_OAEP_PADDING) > 0;
}

#endif

Revision:	1.25
Committed:	Thu Aug 7 17:54:27 2008 UTC (15 years, 9 months ago) by pcg
Content type:	text/plain
Branch:	MAIN
Changes since 1.24:	+24 -14 lines
Log Message:	update to gplv3, finally
#	User	Rev	Content
1	pcg	1.1	/*
2			util.h -- process management and other utility functions
3			Copyright (C) 1998-2002 Ivo Timmermans <ivo@o2w.nl>
4			2000-2002 Guus Sliepen <guus@sliepen.eu.org>
5	pcg	1.25	2003-2008 Marc Lehmann <gvpe@schmorp.de>
6	pcg	1.1
7	pcg	1.13	This file is part of GVPE.
8
9	pcg	1.25	GVPE is free software; you can redistribute it and/or modify it
10			under the terms of the GNU General Public License as published by the
11			Free Software Foundation; either version 3 of the License, or (at your
12			option) any later version.
13
14			This program is distributed in the hope that it will be useful, but
15			WITHOUT ANY WARRANTY; without even the implied warranty of
16			MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General
17			Public License for more details.
18
19			You should have received a copy of the GNU General Public License along
20			with this program; if not, see <http://www.gnu.org/licenses/>.
21
22			Additional permission under GNU GPL version 3 section 7
23
24			If you modify this Program, or any covered work, by linking or
25			combining it with the OpenSSL project's OpenSSL library (or a modified
26			version of that library), containing parts covered by the terms of the
27			OpenSSL or SSLeay licenses, the licensors of this Program grant you
28			additional permission to convey the resulting work. Corresponding
29			Source for a non-source form of such a combination shall include the
30			source code for the parts of OpenSSL used as well as that of the
31			covered work.
32	pcg	1.1	*/
33
34			#ifndef UTIL_H__
35			#define UTIL_H__
36
37	pcg	1.24	#include <cstring>
38
39	pcg	1.11	#include <openssl/rsa.h>
40
41	pcg	1.15	#include "gettext.h"
42
43	pcg	1.10	#include "slog.h"
44	pcg	1.20	#include "ev_cpp.h"
45			#include "callback.h"
46
47	pcg	1.21	typedef ev_tstamp tstamp;
48	pcg	1.1
49			/*
50	pcg	1.16	* check for an existing gvpe for this net, and write pid to pidfile
51	pcg	1.1	*/
52			extern int write_pidfile (void);
53
54			/*
55	pcg	1.16	* kill older gvpe
56	pcg	1.1	*/
57			extern int kill_other (int signal);
58
59			/*
60			* Detach from current terminal, write pidfile, kill parent
61			*/
62			extern int detach (int do_detach);
63
64			/*
65			* check wether the given path is an absolute pathname
66			*/
67			#define ABSOLUTE_PATH(c) ((c)[0] == '/')
68	pcg	1.10
69	pcg	1.11	/*****************************************************************************/
70
71	pcg	1.10	typedef u8 mac[6];
72	pcg	1.1
73	pcg	1.8	extern void id2mac (unsigned int id, void *m);
74	pcg	1.1
75	pcg	1.8	#define mac2id(p) ((p)[0] & 0x01 ? 0 : ((p)[4] << 8) \| (p)[5])
76	pcg	1.1
77	pcg	1.22	struct sliding_window
78			{
79	pcg	1.2	u32 v[(WINDOWSIZE + 31) / 32];
80			u32 seq;
81
82			void reset (u32 seqno)
83			{
84			memset (v, -1, sizeof v);
85			seq = seqno;
86			}
87
88			bool recv_ok (u32 seqno)
89			{
90			if (seqno <= seq - WINDOWSIZE)
91			slog (L_ERR, _("received duplicate or outdated packet (received %08lx, expected %08lx)\n"
92	pcg	1.19	"possible replay attack, or just massive packet reordering"), seqno, seq + 1);
93			else if (seqno > seq + WINDOWSIZE * 4)
94	pcg	1.2	slog (L_ERR, _("received duplicate or out-of-sync packet (received %08lx, expected %08lx)\n"
95	pcg	1.19	"possible replay attack, or just massive packet loss"), seqno, seq + 1);
96	pcg	1.2	else
97			{
98			while (seqno > seq)
99			{
100			seq++;
101
102			u32 s = seq % WINDOWSIZE;
103			u32 *cell = v + (s >> 5);
104			u32 mask = 1 << (s & 31);
105
106			*cell &= ~mask;
107			}
108
109			u32 s = seqno % WINDOWSIZE;
110			u32 *cell = v + (s >> 5);
111			u32 mask = 1 << (s & 31);
112
113			if (*cell & mask)
114	pcg	1.19	slog (L_ERR, _("received duplicate packet (received %08lx, expected %08lx)\n"
115			"possible replay attack, or just packet duplication"), seqno, seq + 1);
116	pcg	1.2	else
117			{
118			*cell \|= mask;
119			return true;
120			}
121			}
122	pcg	1.19
123			return false;
124	pcg	1.2	}
125			};
126
127	pcg	1.23	typedef callback<const char * ()> run_script_cb;
128	pcg	1.5
129			// run a shell script (or actually an external program).
130	pcg	1.17	bool run_script (const run_script_cb &cb, bool wait);
131	pcg	1.5
132	pcg	1.7	#if ENABLE_HTTP_PROXY
133			u8 base64_encode (const u8 data, unsigned int len);
134			#endif
135	pcg	1.11
136			/*****************************************************************************/
137
138			typedef u8 rsaclear[RSA_KEYLEN - RSA_OVERHEAD]; // challenge data;
139			typedef u8 rsacrypt[RSA_KEYLEN]; // encrypted challenge
140
141			static inline void
142			rsa_encrypt (RSA *key, const rsaclear &chg, rsacrypt &encr)
143			{
144			if (RSA_public_encrypt (sizeof chg,
145			(unsigned char )&chg, (unsigned char )&encr,
146			key, RSA_PKCS1_OAEP_PADDING) < 0)
147			fatal ("RSA_public_encrypt error");
148			}
149
150			static inline bool
151			rsa_decrypt (RSA *key, const rsacrypt &encr, rsaclear &chg)
152			{
153			return RSA_private_decrypt (sizeof encr,
154			(unsigned char )&encr, (unsigned char )&chg,
155			key, RSA_PKCS1_OAEP_PADDING) > 0;
156			}
157	pcg	1.7
158	pcg	1.1	#endif
159