gvpe/src/util.h

/*
    util.h -- process management and other utility functions
    Copyright (C) 1998-2002 Ivo Timmermans <ivo@o2w.nl>
                  2000-2002 Guus Sliepen <guus@sliepen.eu.org>
                  2003-2008 Marc Lehmann <gvpe@schmorp.de>
 
    This file is part of GVPE.

    GVPE is free software; you can redistribute it and/or modify it
    under the terms of the GNU General Public License as published by the
    Free Software Foundation; either version 3 of the License, or (at your
    option) any later version.
   
    This program is distributed in the hope that it will be useful, but
    WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General
    Public License for more details.
   
    You should have received a copy of the GNU General Public License along
    with this program; if not, see <http://www.gnu.org/licenses/>.
   
    Additional permission under GNU GPL version 3 section 7
   
    If you modify this Program, or any covered work, by linking or
    combining it with the OpenSSL project's OpenSSL library (or a modified
    version of that library), containing parts covered by the terms of the
    OpenSSL or SSLeay licenses, the licensors of this Program grant you
    additional permission to convey the resulting work.  Corresponding
    Source for a non-source form of such a combination shall include the
    source code for the parts of OpenSSL used as well as that of the
    covered work.
*/

#ifndef UTIL_H__
#define UTIL_H__

#include <cstring>
#include <sys/types.h>

#include <openssl/rsa.h>

#include "gettext.h"

#include "slog.h"
#include "ev_cpp.h"
#include "callback.h"

typedef ev_tstamp tstamp;

/*
 * check for an existing gvpe for this net, and write pid to pidfile
 */
extern int write_pidfile (void);

/*
 * kill older gvpe
 */
extern int kill_other (int signal);

/*
 * Detach from current terminal, write pidfile, kill parent
 */
extern int detach (int do_detach);

/*
 * check wether the given path is an absolute pathname
 */
#define ABSOLUTE_PATH(c) ((c)[0] == '/')

/*****************************************************************************/

typedef u8 mac[6];

extern void id2mac (unsigned int id, void *m);

#define mac2id(p) ((p)[0] & 0x01 ? 0 : ((p)[4] << 8) | (p)[5])

struct sliding_window
{
  u32 v[(WINDOWSIZE + 31) / 32];
  u32 seq;

  void reset (u32 seqno)
    {
      memset (v, -1, sizeof v);
      seq = seqno;
    }

  bool recv_ok (u32 seqno)
    {
      if (seqno <= seq - WINDOWSIZE)
        slog (L_ERR, _("received duplicate or outdated packet (received %08lx, expected %08lx)\n"
                       "possible replay attack, or just massive packet reordering"), seqno, seq + 1);
      else if (seqno > seq + WINDOWSIZE * 4)
        slog (L_ERR, _("received duplicate or out-of-sync packet (received %08lx, expected %08lx)\n"
                       "possible replay attack, or just massive packet loss"), seqno, seq + 1);
      else
        {
          while (seqno > seq)
            {
              seq++;

              u32 s = seq % WINDOWSIZE;
              u32 *cell = v + (s >> 5);
              u32 mask = 1 << (s & 31);

              *cell &= ~mask;
            }

          u32 s = seqno % WINDOWSIZE;
          u32 *cell = v + (s >> 5);
          u32 mask = 1 << (s & 31);

          if (*cell & mask)
            slog (L_ERR, _("received duplicate packet (received %08lx, expected %08lx)\n"
                           "possible replay attack, or just packet duplication"), seqno, seq + 1);
          else
            {
              *cell |= mask;
              return true;
            }
        }

      return false;
    }
};

typedef callback<const char * ()> run_script_cb;

// run a shell script (or actually an external program).
pid_t run_script (const run_script_cb &cb, bool wait);

#if ENABLE_HTTP_PROXY
u8 *base64_encode (const u8 *data, unsigned int len);
#endif

/*****************************************************************************/

typedef u8 rsaclear[RSA_KEYLEN - RSA_OVERHEAD]; // challenge data;
typedef u8 rsacrypt[RSA_KEYLEN]; // encrypted challenge

static inline void
rsa_encrypt (RSA *key, const rsaclear &chg, rsacrypt &encr)
{
  if (RSA_public_encrypt (sizeof chg,
                          (unsigned char *)&chg, (unsigned char *)&encr,
                          key, RSA_PKCS1_OAEP_PADDING) < 0)
    fatal ("RSA_public_encrypt error");
}

static inline bool
rsa_decrypt (RSA *key, const rsacrypt &encr, rsaclear &chg)
{
  return RSA_private_decrypt (sizeof encr,
                              (unsigned char *)&encr, (unsigned char *)&chg,
                              key, RSA_PKCS1_OAEP_PADDING) > 0;
}

#endif

Revision:	1.26
Committed:	Thu Aug 7 19:07:03 2008 UTC (15 years, 9 months ago) by pcg
Content type:	text/plain
Branch:	MAIN
Changes since 1.25:	+2 -1 lines
Log Message:	* empty log message *
#	User	Rev	Content
1	pcg	1.1	/*
2			util.h -- process management and other utility functions
3			Copyright (C) 1998-2002 Ivo Timmermans <ivo@o2w.nl>
4			2000-2002 Guus Sliepen <guus@sliepen.eu.org>
5	pcg	1.25	2003-2008 Marc Lehmann <gvpe@schmorp.de>
6	pcg	1.1
7	pcg	1.13	This file is part of GVPE.
8
9	pcg	1.25	GVPE is free software; you can redistribute it and/or modify it
10			under the terms of the GNU General Public License as published by the
11			Free Software Foundation; either version 3 of the License, or (at your
12			option) any later version.
13
14			This program is distributed in the hope that it will be useful, but
15			WITHOUT ANY WARRANTY; without even the implied warranty of
16			MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General
17			Public License for more details.
18
19			You should have received a copy of the GNU General Public License along
20			with this program; if not, see <http://www.gnu.org/licenses/>.
21
22			Additional permission under GNU GPL version 3 section 7
23
24			If you modify this Program, or any covered work, by linking or
25			combining it with the OpenSSL project's OpenSSL library (or a modified
26			version of that library), containing parts covered by the terms of the
27			OpenSSL or SSLeay licenses, the licensors of this Program grant you
28			additional permission to convey the resulting work. Corresponding
29			Source for a non-source form of such a combination shall include the
30			source code for the parts of OpenSSL used as well as that of the
31			covered work.
32	pcg	1.1	*/
33
34			#ifndef UTIL_H__
35			#define UTIL_H__
36
37	pcg	1.24	#include <cstring>
38	pcg	1.26	#include <sys/types.h>
39	pcg	1.24
40	pcg	1.11	#include <openssl/rsa.h>
41
42	pcg	1.15	#include "gettext.h"
43
44	pcg	1.10	#include "slog.h"
45	pcg	1.20	#include "ev_cpp.h"
46			#include "callback.h"
47
48	pcg	1.21	typedef ev_tstamp tstamp;
49	pcg	1.1
50			/*
51	pcg	1.16	* check for an existing gvpe for this net, and write pid to pidfile
52	pcg	1.1	*/
53			extern int write_pidfile (void);
54
55			/*
56	pcg	1.16	* kill older gvpe
57	pcg	1.1	*/
58			extern int kill_other (int signal);
59
60			/*
61			* Detach from current terminal, write pidfile, kill parent
62			*/
63			extern int detach (int do_detach);
64
65			/*
66			* check wether the given path is an absolute pathname
67			*/
68			#define ABSOLUTE_PATH(c) ((c)[0] == '/')
69	pcg	1.10
70	pcg	1.11	/*****************************************************************************/
71
72	pcg	1.10	typedef u8 mac[6];
73	pcg	1.1
74	pcg	1.8	extern void id2mac (unsigned int id, void *m);
75	pcg	1.1
76	pcg	1.8	#define mac2id(p) ((p)[0] & 0x01 ? 0 : ((p)[4] << 8) \| (p)[5])
77	pcg	1.1
78	pcg	1.22	struct sliding_window
79			{
80	pcg	1.2	u32 v[(WINDOWSIZE + 31) / 32];
81			u32 seq;
82
83			void reset (u32 seqno)
84			{
85			memset (v, -1, sizeof v);
86			seq = seqno;
87			}
88
89			bool recv_ok (u32 seqno)
90			{
91			if (seqno <= seq - WINDOWSIZE)
92			slog (L_ERR, _("received duplicate or outdated packet (received %08lx, expected %08lx)\n"
93	pcg	1.19	"possible replay attack, or just massive packet reordering"), seqno, seq + 1);
94			else if (seqno > seq + WINDOWSIZE * 4)
95	pcg	1.2	slog (L_ERR, _("received duplicate or out-of-sync packet (received %08lx, expected %08lx)\n"
96	pcg	1.19	"possible replay attack, or just massive packet loss"), seqno, seq + 1);
97	pcg	1.2	else
98			{
99			while (seqno > seq)
100			{
101			seq++;
102
103			u32 s = seq % WINDOWSIZE;
104			u32 *cell = v + (s >> 5);
105			u32 mask = 1 << (s & 31);
106
107			*cell &= ~mask;
108			}
109
110			u32 s = seqno % WINDOWSIZE;
111			u32 *cell = v + (s >> 5);
112			u32 mask = 1 << (s & 31);
113
114			if (*cell & mask)
115	pcg	1.19	slog (L_ERR, _("received duplicate packet (received %08lx, expected %08lx)\n"
116			"possible replay attack, or just packet duplication"), seqno, seq + 1);
117	pcg	1.2	else
118			{
119			*cell \|= mask;
120			return true;
121			}
122			}
123	pcg	1.19
124			return false;
125	pcg	1.2	}
126			};
127
128	pcg	1.23	typedef callback<const char * ()> run_script_cb;
129	pcg	1.5
130			// run a shell script (or actually an external program).
131	pcg	1.26	pid_t run_script (const run_script_cb &cb, bool wait);
132	pcg	1.5
133	pcg	1.7	#if ENABLE_HTTP_PROXY
134			u8 base64_encode (const u8 data, unsigned int len);
135			#endif
136	pcg	1.11
137			/*****************************************************************************/
138
139			typedef u8 rsaclear[RSA_KEYLEN - RSA_OVERHEAD]; // challenge data;
140			typedef u8 rsacrypt[RSA_KEYLEN]; // encrypted challenge
141
142			static inline void
143			rsa_encrypt (RSA *key, const rsaclear &chg, rsacrypt &encr)
144			{
145			if (RSA_public_encrypt (sizeof chg,
146			(unsigned char )&chg, (unsigned char )&encr,
147			key, RSA_PKCS1_OAEP_PADDING) < 0)
148			fatal ("RSA_public_encrypt error");
149			}
150
151			static inline bool
152			rsa_decrypt (RSA *key, const rsacrypt &encr, rsaclear &chg)
153			{
154			return RSA_private_decrypt (sizeof encr,
155			(unsigned char )&encr, (unsigned char )&chg,
156			key, RSA_PKCS1_OAEP_PADDING) > 0;
157			}
158	pcg	1.7
159	pcg	1.1	#endif
160