1 | /* |
1 | /* |
2 | util.h -- process management and other utility functions |
2 | util.h -- process management and other utility functions |
3 | Copyright (C) 1998-2002 Ivo Timmermans <ivo@o2w.nl> |
3 | Copyright (C) 1998-2002 Ivo Timmermans <ivo@o2w.nl> |
4 | 2000-2002 Guus Sliepen <guus@sliepen.eu.org> |
4 | 2000-2002 Guus Sliepen <guus@sliepen.eu.org> |
5 | 2003 Marc Lehmannn <pcg@goof.com> |
5 | 2003-2008 Marc Lehmann <gvpe@schmorp.de> |
6 | |
6 | |
|
|
7 | This file is part of GVPE. |
|
|
8 | |
7 | This program is free software; you can redistribute it and/or modify |
9 | GVPE is free software; you can redistribute it and/or modify it |
8 | it under the terms of the GNU General Public License as published by |
10 | under the terms of the GNU General Public License as published by the |
9 | the Free Software Foundation; either version 2 of the License, or |
11 | Free Software Foundation; either version 3 of the License, or (at your |
10 | (at your option) any later version. |
12 | option) any later version. |
11 | |
13 | |
12 | This program is distributed in the hope that it will be useful, |
14 | This program is distributed in the hope that it will be useful, but |
13 | but WITHOUT ANY WARRANTY; without even the implied warranty of |
15 | WITHOUT ANY WARRANTY; without even the implied warranty of |
14 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
16 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General |
15 | GNU General Public License for more details. |
17 | Public License for more details. |
16 | |
18 | |
17 | You should have received a copy of the GNU General Public License |
19 | You should have received a copy of the GNU General Public License along |
18 | along with this program; if not, write to the Free Software |
20 | with this program; if not, see <http://www.gnu.org/licenses/>. |
19 | Foundation, Inc. 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA |
21 | |
|
|
22 | Additional permission under GNU GPL version 3 section 7 |
|
|
23 | |
|
|
24 | If you modify this Program, or any covered work, by linking or |
|
|
25 | combining it with the OpenSSL project's OpenSSL library (or a modified |
|
|
26 | version of that library), containing parts covered by the terms of the |
|
|
27 | OpenSSL or SSLeay licenses, the licensors of this Program grant you |
|
|
28 | additional permission to convey the resulting work. Corresponding |
|
|
29 | Source for a non-source form of such a combination shall include the |
|
|
30 | source code for the parts of OpenSSL used as well as that of the |
|
|
31 | covered work. |
20 | */ |
32 | */ |
21 | |
33 | |
22 | #ifndef UTIL_H__ |
34 | #ifndef UTIL_H__ |
23 | #define UTIL_H__ |
35 | #define UTIL_H__ |
24 | |
36 | |
|
|
37 | #include <cstring> |
|
|
38 | |
|
|
39 | #include <openssl/rsa.h> |
|
|
40 | |
|
|
41 | #include "gettext.h" |
|
|
42 | |
25 | #include "iom.h" |
43 | #include "slog.h" |
26 | #include "device.h" |
44 | #include "ev_cpp.h" |
|
|
45 | #include "callback.h" |
|
|
46 | |
|
|
47 | typedef ev_tstamp tstamp; |
27 | |
48 | |
28 | /* |
49 | /* |
29 | * check for an existing vped for this net, and write pid to pidfile |
50 | * check for an existing gvpe for this net, and write pid to pidfile |
30 | */ |
51 | */ |
31 | extern int write_pidfile (void); |
52 | extern int write_pidfile (void); |
32 | |
53 | |
33 | /* |
54 | /* |
34 | * kill older vped |
55 | * kill older gvpe |
35 | */ |
56 | */ |
36 | extern int kill_other (int signal); |
57 | extern int kill_other (int signal); |
37 | |
58 | |
38 | /* |
59 | /* |
39 | * Detach from current terminal, write pidfile, kill parent |
60 | * Detach from current terminal, write pidfile, kill parent |
40 | */ |
61 | */ |
41 | extern int detach (int do_detach); |
62 | extern int detach (int do_detach); |
42 | |
63 | |
43 | /* |
64 | /* |
44 | * Set all files and paths according to netname |
|
|
45 | */ |
|
|
46 | extern void make_names (void); |
|
|
47 | |
|
|
48 | /* |
|
|
49 | * check wether the given path is an absolute pathname |
65 | * check wether the given path is an absolute pathname |
50 | */ |
66 | */ |
51 | #define ABSOLUTE_PATH(c) ((c)[0] == '/') |
67 | #define ABSOLUTE_PATH(c) ((c)[0] == '/') |
52 | |
68 | |
53 | static inline void |
69 | /*****************************************************************************/ |
|
|
70 | |
|
|
71 | typedef u8 mac[6]; |
|
|
72 | |
54 | id2mac (unsigned int id, void *m) |
73 | extern void id2mac (unsigned int id, void *m); |
|
|
74 | |
|
|
75 | #define mac2id(p) ((p)[0] & 0x01 ? 0 : ((p)[4] << 8) | (p)[5]) |
|
|
76 | |
|
|
77 | struct sliding_window |
55 | { |
78 | { |
56 | mac &p = *(mac *)m; |
|
|
57 | |
|
|
58 | p[0] = 0xfe; |
|
|
59 | p[1] = 0xfd; |
|
|
60 | p[2] = 0x80; |
|
|
61 | p[3] = 0x00; |
|
|
62 | p[4] = id >> 8; |
|
|
63 | p[5] = id; |
|
|
64 | } |
|
|
65 | |
|
|
66 | #define mac2id(p) (p[0] & 0x01 ? 0 : (p[4] << 8) | p[5]) |
|
|
67 | |
|
|
68 | struct sliding_window { |
|
|
69 | u32 v[(WINDOWSIZE + 31) / 32]; |
79 | u32 v[(WINDOWSIZE + 31) / 32]; |
70 | u32 seq; |
80 | u32 seq; |
71 | |
81 | |
72 | void reset (u32 seqno) |
82 | void reset (u32 seqno) |
73 | { |
83 | { |
… | |
… | |
77 | |
87 | |
78 | bool recv_ok (u32 seqno) |
88 | bool recv_ok (u32 seqno) |
79 | { |
89 | { |
80 | if (seqno <= seq - WINDOWSIZE) |
90 | if (seqno <= seq - WINDOWSIZE) |
81 | slog (L_ERR, _("received duplicate or outdated packet (received %08lx, expected %08lx)\n" |
91 | slog (L_ERR, _("received duplicate or outdated packet (received %08lx, expected %08lx)\n" |
82 | "possible replay attack, or just massive packet reordering"), seqno, seq + 1);//D |
92 | "possible replay attack, or just massive packet reordering"), seqno, seq + 1); |
83 | else if (seqno > seq + WINDOWSIZE) |
93 | else if (seqno > seq + WINDOWSIZE * 4) |
84 | slog (L_ERR, _("received duplicate or out-of-sync packet (received %08lx, expected %08lx)\n" |
94 | slog (L_ERR, _("received duplicate or out-of-sync packet (received %08lx, expected %08lx)\n" |
85 | "possible replay attack, or just massive packet loss"), seqno, seq + 1);//D |
95 | "possible replay attack, or just massive packet loss"), seqno, seq + 1); |
86 | else |
96 | else |
87 | { |
97 | { |
88 | while (seqno > seq) |
98 | while (seqno > seq) |
89 | { |
99 | { |
90 | seq++; |
100 | seq++; |
… | |
… | |
99 | u32 s = seqno % WINDOWSIZE; |
109 | u32 s = seqno % WINDOWSIZE; |
100 | u32 *cell = v + (s >> 5); |
110 | u32 *cell = v + (s >> 5); |
101 | u32 mask = 1 << (s & 31); |
111 | u32 mask = 1 << (s & 31); |
102 | |
112 | |
103 | if (*cell & mask) |
113 | if (*cell & mask) |
104 | { |
|
|
105 | slog (L_ERR, _("received duplicate packet (received %08lx, expected %08lx)\n" |
114 | slog (L_ERR, _("received duplicate packet (received %08lx, expected %08lx)\n" |
106 | "possible replay attack, or just packet duplication"), seqno, seq + 1);//D |
115 | "possible replay attack, or just packet duplication"), seqno, seq + 1); |
107 | return false; |
|
|
108 | } |
|
|
109 | else |
116 | else |
110 | { |
117 | { |
111 | *cell |= mask; |
118 | *cell |= mask; |
112 | return true; |
119 | return true; |
113 | } |
120 | } |
114 | } |
121 | } |
|
|
122 | |
|
|
123 | return false; |
115 | } |
124 | } |
116 | }; |
125 | }; |
117 | |
126 | |
|
|
127 | typedef callback<const char * ()> run_script_cb; |
|
|
128 | |
|
|
129 | // run a shell script (or actually an external program). |
|
|
130 | bool run_script (const run_script_cb &cb, bool wait); |
|
|
131 | |
|
|
132 | #if ENABLE_HTTP_PROXY |
|
|
133 | u8 *base64_encode (const u8 *data, unsigned int len); |
118 | #endif |
134 | #endif |
119 | |
135 | |
|
|
136 | /*****************************************************************************/ |
|
|
137 | |
|
|
138 | typedef u8 rsaclear[RSA_KEYLEN - RSA_OVERHEAD]; // challenge data; |
|
|
139 | typedef u8 rsacrypt[RSA_KEYLEN]; // encrypted challenge |
|
|
140 | |
|
|
141 | static inline void |
|
|
142 | rsa_encrypt (RSA *key, const rsaclear &chg, rsacrypt &encr) |
|
|
143 | { |
|
|
144 | if (RSA_public_encrypt (sizeof chg, |
|
|
145 | (unsigned char *)&chg, (unsigned char *)&encr, |
|
|
146 | key, RSA_PKCS1_OAEP_PADDING) < 0) |
|
|
147 | fatal ("RSA_public_encrypt error"); |
|
|
148 | } |
|
|
149 | |
|
|
150 | static inline bool |
|
|
151 | rsa_decrypt (RSA *key, const rsacrypt &encr, rsaclear &chg) |
|
|
152 | { |
|
|
153 | return RSA_private_decrypt (sizeof encr, |
|
|
154 | (unsigned char *)&encr, (unsigned char *)&chg, |
|
|
155 | key, RSA_PKCS1_OAEP_PADDING) > 0; |
|
|
156 | } |
|
|
157 | |
|
|
158 | #endif |
|
|
159 | |