--- gvpe/src/util.h	2003/03/01 15:53:03	1.1
+++ gvpe/src/util.h	2011/03/08 17:34:26	1.30
@@ -2,42 +2,58 @@
     util.h -- process management and other utility functions
     Copyright (C) 1998-2002 Ivo Timmermans <ivo@o2w.nl>
                   2000-2002 Guus Sliepen <guus@sliepen.eu.org>
-                  2003      Marc Lehmannn <pcg@goof.com>
+                  2003-2011 Marc Lehmann <gvpe@schmorp.de>
  
-    This program is free software; you can redistribute it and/or modify
-    it under the terms of the GNU General Public License as published by
-    the Free Software Foundation; either version 2 of the License, or
-    (at your option) any later version.
- 
-    This program is distributed in the hope that it will be useful,
-    but WITHOUT ANY WARRANTY; without even the implied warranty of
-    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-    GNU General Public License for more details.
- 
-    You should have received a copy of the GNU General Public License
-    along with this program; if not, write to the Free Software
-    Foundation, Inc. 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+    This file is part of GVPE.
+
+    GVPE is free software; you can redistribute it and/or modify it
+    under the terms of the GNU General Public License as published by the
+    Free Software Foundation; either version 3 of the License, or (at your
+    option) any later version.
+   
+    This program is distributed in the hope that it will be useful, but
+    WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General
+    Public License for more details.
+   
+    You should have received a copy of the GNU General Public License along
+    with this program; if not, see <http://www.gnu.org/licenses/>.
+   
+    Additional permission under GNU GPL version 3 section 7
+   
+    If you modify this Program, or any covered work, by linking or
+    combining it with the OpenSSL project's OpenSSL library (or a modified
+    version of that library), containing parts covered by the terms of the
+    OpenSSL or SSLeay licenses, the licensors of this Program grant you
+    additional permission to convey the resulting work.  Corresponding
+    Source for a non-source form of such a combination shall include the
+    source code for the parts of OpenSSL used as well as that of the
+    covered work.
 */
 
 #ifndef UTIL_H__
 #define UTIL_H__
 
-#include <sys/socket.h>
-#include <netinet/in.h>
+#include <cstring>
+#include <sys/types.h>
 
-#include <map>
+#include <openssl/rsa.h>
 
-#include "device.h"
+#include "gettext.h"
 
-#define SOCKADDR	sockaddr_in	// this is lame, I know
+#include "slog.h"
+#include "ev_cpp.h"
+#include "callback.h"
+
+typedef ev_tstamp tstamp;
 
 /*
- * check for an existing vped for this net, and write pid to pidfile
+ * check for an existing gvpe for this net, and write pid to pidfile
  */
 extern int write_pidfile (void);
 
 /*
- * kill older vped
+ * kill older gvpe
  */
 extern int kill_other (int signal);
 
@@ -47,120 +63,100 @@
 extern int detach (int do_detach);
 
 /*
- * Set all files and paths according to netname
- */
-extern void make_names (void);
-
-/*
  * check wether the given path is an absolute pathname
  */
 #define ABSOLUTE_PATH(c) ((c)[0] == '/')
 
-static inline void
-id2mac (unsigned int id, void *m)
-{
-  mac &p = *(mac *)m;
-
-  p[0] = 0xfe;
-  p[1] = 0xfd;
-  p[2] = 0x80;
-  p[3] = 0x00;
-  p[4] = id >> 8;
-  p[5] = id;
-}
-
-#define mac2id(p) (p[0] & 0x01 ? 0 : (p[4] << 8) | p[5])
+/*****************************************************************************/
 
-// a very simple fifo pkt-queue
-class pkt_queue
-  {
-    tap_packet *queue[QUEUEDEPTH];
-    int i, j;
+typedef u8 mac[6];
 
-  public:
+extern void id2mac (unsigned int id, void *m);
 
-    void put (tap_packet *p);
-    tap_packet *get ();
+#define mac2id(p) ((p)[0] & 0x01 ? 0 : ((p)[4] << 8) | (p)[5])
 
-    pkt_queue ();
-    ~pkt_queue ();
-  };
-
-struct sockinfo
-  {
-    u32 host;
-    u16 port;
+struct sliding_window
+{
+  u32 v[(WINDOWSIZE + 31) / 32];
+  u32 seq;
 
-    void set (const SOCKADDR *sa)
+  void reset (u32 seqno)
     {
-      host = sa->sin_addr.s_addr;
-      port = sa->sin_port;
+      memset (v, -1, sizeof v);
+      seq = seqno;
     }
 
-    sockinfo()
+  // 0 == ok, 1 == far history, 2 == duplicate in-window, 3 == far future
+  int seqno_classify (u32 seqno)
     {
-      host = port = 0;
+      if (seqno <= seq - WINDOWSIZE)
+        return 1;
+      else if (seqno > seq + WINDOWSIZE * 16)
+        return 3;
+      else
+        {
+          while (seqno > seq)
+            {
+              seq++;
+
+              u32 s = seq % WINDOWSIZE;
+              u32 *cell = v + (s >> 5);
+              u32 mask = 1 << (s & 31);
+
+              *cell &= ~mask;
+            }
+
+          u32 s = seqno % WINDOWSIZE;
+          u32 *cell = v + (s >> 5);
+          u32 mask = 1 << (s & 31);
+
+          if (*cell & mask)
+            return 2;
+          else
+            {
+              *cell |= mask;
+              return 0;
+            }
+        }
     }
+};
 
-    sockinfo(const SOCKADDR &sa)
-    {
-      set (&sa);
-    }
+typedef callback<const char *()> run_script_cb;
 
-    sockinfo(const SOCKADDR *sa)
-    {
-      set (sa);
-    }
+// run a shell script (or actually an external program).
+pid_t run_script (const run_script_cb &cb, bool wait);
 
-    SOCKADDR *sa()
-    {
-      static SOCKADDR sa;
+#if ENABLE_HTTP_PROXY
+u8 *base64_encode (const u8 *data, unsigned int len);
+#endif
 
-      sa.sin_family = AF_INET;
-      sa.sin_port = port;
-      sa.sin_addr.s_addr = host;
+/*****************************************************************************/
 
-      return &sa;
-    }
+typedef u8 rsaclear[RSA_KEYLEN - RSA_OVERHEAD]; // challenge data;
+typedef u8 rsacrypt[RSA_KEYLEN]; // encrypted challenge
 
-    operator const char *();
-  };
-
-inline bool
-operator == (const sockinfo &a, const sockinfo &b)
+static inline void
+rsa_encrypt (RSA *key, const rsaclear &chg, rsacrypt &encr)
 {
-  return a.host == b.host && a.port == b.port;
+  if (RSA_public_encrypt (sizeof chg,
+                          (unsigned char *)&chg, (unsigned char *)&encr,
+                          key, RSA_PKCS1_OAEP_PADDING) < 0)
+    fatal ("RSA_public_encrypt error");
 }
 
-inline bool
-operator < (const sockinfo &a, const sockinfo &b)
+static inline bool
+rsa_decrypt (RSA *key, const rsacrypt &encr, rsaclear &chg)
 {
-  return a.host < b.host 
-         || (a.host == b.host && a.port < b.port);
+  return RSA_private_decrypt (sizeof encr,
+                              (unsigned char *)&encr, (unsigned char *)&chg,
+                              key, RSA_PKCS1_OAEP_PADDING) > 0;
 }
 
-// only do action once every x seconds per host.
-// currently this is quite a slow implementation,
-// but suffices for normal operation.
-struct u32_rate_limiter : private map<u32, time_t>
- {
-   int every;
-
-   bool can (u32 host);
-
-   u32_rate_limiter (time_t every = 1)
-   {
-     this->every = every;
-   }
- };
-
-struct net_rate_limiter : u32_rate_limiter
-  {
-    bool can (SOCKADDR *sa) { return u32_rate_limiter::can((u32)sa->sin_addr.s_addr); }
-    bool can (sockinfo &si) { return u32_rate_limiter::can((u32)si.host); }
+/*****************************************************************************/
 
-    net_rate_limiter (time_t every) : u32_rate_limiter (every) {}
-  };
+// run work_cb in another thread, call done_cb in main thread when finished
+// only one work_cb will execute at any one time.
+void async (callback<void ()> work_cb, callback<void ()> done_cb);
 
 #endif