| … | |
… | |
| 16 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
16 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| 17 | GNU General Public License for more details. |
17 | GNU General Public License for more details. |
| 18 | |
18 | |
| 19 | You should have received a copy of the GNU General Public License |
19 | You should have received a copy of the GNU General Public License |
| 20 | along with gvpe; if not, write to the Free Software |
20 | along with gvpe; if not, write to the Free Software |
| 21 | Foundation, Inc. 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA |
21 | Foundation, Inc. 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA |
| 22 | */ |
22 | */ |
| 23 | |
23 | |
| 24 | #ifndef UTIL_H__ |
24 | #ifndef UTIL_H__ |
| 25 | #define UTIL_H__ |
25 | #define UTIL_H__ |
| 26 | |
26 | |
|
|
27 | #include <cstring> |
|
|
28 | |
| 27 | #include <openssl/rsa.h> |
29 | #include <openssl/rsa.h> |
| 28 | |
30 | |
|
|
31 | #include "gettext.h" |
|
|
32 | |
| 29 | #include "slog.h" |
33 | #include "slog.h" |
| 30 | #include "iom.h" |
34 | #include "ev_cpp.h" |
|
|
35 | #include "callback.h" |
|
|
36 | |
|
|
37 | typedef ev_tstamp tstamp; |
| 31 | |
38 | |
| 32 | /* |
39 | /* |
| 33 | * check for an existing vped for this net, and write pid to pidfile |
40 | * check for an existing gvpe for this net, and write pid to pidfile |
| 34 | */ |
41 | */ |
| 35 | extern int write_pidfile (void); |
42 | extern int write_pidfile (void); |
| 36 | |
43 | |
| 37 | /* |
44 | /* |
| 38 | * kill older vped |
45 | * kill older gvpe |
| 39 | */ |
46 | */ |
| 40 | extern int kill_other (int signal); |
47 | extern int kill_other (int signal); |
| 41 | |
48 | |
| 42 | /* |
49 | /* |
| 43 | * Detach from current terminal, write pidfile, kill parent |
50 | * Detach from current terminal, write pidfile, kill parent |
| … | |
… | |
| 55 | |
62 | |
| 56 | extern void id2mac (unsigned int id, void *m); |
63 | extern void id2mac (unsigned int id, void *m); |
| 57 | |
64 | |
| 58 | #define mac2id(p) ((p)[0] & 0x01 ? 0 : ((p)[4] << 8) | (p)[5]) |
65 | #define mac2id(p) ((p)[0] & 0x01 ? 0 : ((p)[4] << 8) | (p)[5]) |
| 59 | |
66 | |
| 60 | struct sliding_window { |
67 | struct sliding_window |
|
|
68 | { |
| 61 | u32 v[(WINDOWSIZE + 31) / 32]; |
69 | u32 v[(WINDOWSIZE + 31) / 32]; |
| 62 | u32 seq; |
70 | u32 seq; |
| 63 | |
71 | |
| 64 | void reset (u32 seqno) |
72 | void reset (u32 seqno) |
| 65 | { |
73 | { |
| … | |
… | |
| 69 | |
77 | |
| 70 | bool recv_ok (u32 seqno) |
78 | bool recv_ok (u32 seqno) |
| 71 | { |
79 | { |
| 72 | if (seqno <= seq - WINDOWSIZE) |
80 | if (seqno <= seq - WINDOWSIZE) |
| 73 | slog (L_ERR, _("received duplicate or outdated packet (received %08lx, expected %08lx)\n" |
81 | slog (L_ERR, _("received duplicate or outdated packet (received %08lx, expected %08lx)\n" |
| 74 | "possible replay attack, or just massive packet reordering"), seqno, seq + 1);//D |
82 | "possible replay attack, or just massive packet reordering"), seqno, seq + 1); |
| 75 | else if (seqno > seq + WINDOWSIZE) |
83 | else if (seqno > seq + WINDOWSIZE * 4) |
| 76 | slog (L_ERR, _("received duplicate or out-of-sync packet (received %08lx, expected %08lx)\n" |
84 | slog (L_ERR, _("received duplicate or out-of-sync packet (received %08lx, expected %08lx)\n" |
| 77 | "possible replay attack, or just massive packet loss"), seqno, seq + 1);//D |
85 | "possible replay attack, or just massive packet loss"), seqno, seq + 1); |
| 78 | else |
86 | else |
| 79 | { |
87 | { |
| 80 | while (seqno > seq) |
88 | while (seqno > seq) |
| 81 | { |
89 | { |
| 82 | seq++; |
90 | seq++; |
| … | |
… | |
| 91 | u32 s = seqno % WINDOWSIZE; |
99 | u32 s = seqno % WINDOWSIZE; |
| 92 | u32 *cell = v + (s >> 5); |
100 | u32 *cell = v + (s >> 5); |
| 93 | u32 mask = 1 << (s & 31); |
101 | u32 mask = 1 << (s & 31); |
| 94 | |
102 | |
| 95 | if (*cell & mask) |
103 | if (*cell & mask) |
| 96 | { |
|
|
| 97 | slog (L_ERR, _("received duplicate packet (received %08lx, expected %08lx)\n" |
104 | slog (L_ERR, _("received duplicate packet (received %08lx, expected %08lx)\n" |
| 98 | "possible replay attack, or just packet duplication"), seqno, seq + 1);//D |
105 | "possible replay attack, or just packet duplication"), seqno, seq + 1); |
| 99 | return false; |
|
|
| 100 | } |
|
|
| 101 | else |
106 | else |
| 102 | { |
107 | { |
| 103 | *cell |= mask; |
108 | *cell |= mask; |
| 104 | return true; |
109 | return true; |
| 105 | } |
110 | } |
| 106 | } |
111 | } |
|
|
112 | |
|
|
113 | return false; |
| 107 | } |
114 | } |
| 108 | }; |
115 | }; |
| 109 | |
116 | |
| 110 | typedef callback0<const char *> run_script_cb; |
117 | typedef callback<const char * ()> run_script_cb; |
| 111 | |
118 | |
| 112 | // run a shell script (or actually an external program). |
119 | // run a shell script (or actually an external program). |
| 113 | void run_script (const run_script_cb &cb, bool wait); |
120 | bool run_script (const run_script_cb &cb, bool wait); |
| 114 | |
121 | |
| 115 | #if ENABLE_HTTP_PROXY |
122 | #if ENABLE_HTTP_PROXY |
| 116 | u8 *base64_encode (const u8 *data, unsigned int len); |
123 | u8 *base64_encode (const u8 *data, unsigned int len); |
| 117 | #endif |
124 | #endif |
| 118 | |
125 | |
