ViewVC Help
View File | Revision Log | Show Annotations | Download File
/cvs/gvpe/src/util.h
(Generate patch)

Comparing gvpe/src/util.h (file contents):
Revision 1.2 by pcg, Mon Mar 17 15:20:18 2003 UTC vs.
Revision 1.16 by pcg, Wed Mar 23 20:22:59 2005 UTC

1/* 1/*
2 util.h -- process management and other utility functions 2 util.h -- process management and other utility functions
3 Copyright (C) 1998-2002 Ivo Timmermans <ivo@o2w.nl> 3 Copyright (C) 1998-2002 Ivo Timmermans <ivo@o2w.nl>
4 2000-2002 Guus Sliepen <guus@sliepen.eu.org> 4 2000-2002 Guus Sliepen <guus@sliepen.eu.org>
5 2003 Marc Lehmannn <pcg@goof.com> 5 2003 Marc Lehmann <gvpe@schmorp.de>
6 6
7 This file is part of GVPE.
8
7 This program is free software; you can redistribute it and/or modify 9 GVPE is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by 10 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 2 of the License, or 11 the Free Software Foundation; either version 2 of the License, or
10 (at your option) any later version. 12 (at your option) any later version.
11 13
12 This program is distributed in the hope that it will be useful, 14 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of 15 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details. 17 GNU General Public License for more details.
16 18
17 You should have received a copy of the GNU General Public License 19 You should have received a copy of the GNU General Public License
18 along with this program; if not, write to the Free Software 20 along with gvpe; if not, write to the Free Software
19 Foundation, Inc. 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 21 Foundation, Inc. 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20*/ 22*/
21 23
22#ifndef UTIL_H__ 24#ifndef UTIL_H__
23#define UTIL_H__ 25#define UTIL_H__
24 26
25#include <sys/socket.h> 27#include <openssl/rsa.h>
26#include <netinet/in.h>
27 28
28#include <map> 29#include "gettext.h"
29 30
31#include "slog.h"
30#include "device.h" 32#include "iom.h"
31
32#define SOCKADDR sockaddr_in // this is lame, I know
33 33
34/* 34/*
35 * check for an existing vped for this net, and write pid to pidfile 35 * check for an existing gvpe for this net, and write pid to pidfile
36 */ 36 */
37extern int write_pidfile (void); 37extern int write_pidfile (void);
38 38
39/* 39/*
40 * kill older vped 40 * kill older gvpe
41 */ 41 */
42extern int kill_other (int signal); 42extern int kill_other (int signal);
43 43
44/* 44/*
45 * Detach from current terminal, write pidfile, kill parent 45 * Detach from current terminal, write pidfile, kill parent
46 */ 46 */
47extern int detach (int do_detach); 47extern int detach (int do_detach);
48 48
49/* 49/*
50 * Set all files and paths according to netname
51 */
52extern void make_names (void);
53
54/*
55 * check wether the given path is an absolute pathname 50 * check wether the given path is an absolute pathname
56 */ 51 */
57#define ABSOLUTE_PATH(c) ((c)[0] == '/') 52#define ABSOLUTE_PATH(c) ((c)[0] == '/')
58 53
59static inline void 54/*****************************************************************************/
60id2mac (unsigned int id, void *m)
61{
62 mac &p = *(mac *)m;
63 55
64 p[0] = 0xfe; 56typedef u8 mac[6];
65 p[1] = 0xfd;
66 p[2] = 0x80;
67 p[3] = 0x00;
68 p[4] = id >> 8;
69 p[5] = id;
70}
71 57
72#define mac2id(p) (p[0] & 0x01 ? 0 : (p[4] << 8) | p[5]) 58extern void id2mac (unsigned int id, void *m);
73 59
74// a very simple fifo pkt-queue 60#define mac2id(p) ((p)[0] & 0x01 ? 0 : ((p)[4] << 8) | (p)[5])
75class pkt_queue
76 {
77 tap_packet *queue[QUEUEDEPTH];
78 int i, j;
79
80 public:
81
82 void put (tap_packet *p);
83 tap_packet *get ();
84
85 pkt_queue ();
86 ~pkt_queue ();
87 };
88
89struct sockinfo
90 {
91 u32 host;
92 u16 port;
93
94 void set (const SOCKADDR *sa)
95 {
96 host = sa->sin_addr.s_addr;
97 port = sa->sin_port;
98 }
99
100 sockinfo()
101 {
102 host = port = 0;
103 }
104
105 sockinfo(const SOCKADDR &sa)
106 {
107 set (&sa);
108 }
109
110 sockinfo(const SOCKADDR *sa)
111 {
112 set (sa);
113 }
114
115 SOCKADDR *sa()
116 {
117 static SOCKADDR sa;
118
119 sa.sin_family = AF_INET;
120 sa.sin_port = port;
121 sa.sin_addr.s_addr = host;
122
123 return &sa;
124 }
125
126 operator const char *();
127 };
128
129inline bool
130operator == (const sockinfo &a, const sockinfo &b)
131{
132 return a.host == b.host && a.port == b.port;
133}
134
135inline bool
136operator < (const sockinfo &a, const sockinfo &b)
137{
138 return a.host < b.host
139 || (a.host == b.host && a.port < b.port);
140}
141
142// only do action once every x seconds per host.
143// currently this is quite a slow implementation,
144// but suffices for normal operation.
145struct u32_rate_limiter : private map<u32, time_t>
146 {
147 int every;
148
149 bool can (u32 host);
150
151 u32_rate_limiter (time_t every = 1)
152 {
153 this->every = every;
154 }
155 };
156
157struct net_rate_limiter : u32_rate_limiter
158 {
159 bool can (SOCKADDR *sa) { return u32_rate_limiter::can((u32)sa->sin_addr.s_addr); }
160 bool can (sockinfo &si) { return u32_rate_limiter::can((u32)si.host); }
161
162 net_rate_limiter (time_t every) : u32_rate_limiter (every) {}
163 };
164 61
165struct sliding_window { 62struct sliding_window {
166 u32 v[(WINDOWSIZE + 31) / 32]; 63 u32 v[(WINDOWSIZE + 31) / 32];
167 u32 seq; 64 u32 seq;
168 65
195 92
196 u32 s = seqno % WINDOWSIZE; 93 u32 s = seqno % WINDOWSIZE;
197 u32 *cell = v + (s >> 5); 94 u32 *cell = v + (s >> 5);
198 u32 mask = 1 << (s & 31); 95 u32 mask = 1 << (s & 31);
199 96
200 //printf ("received seqno %08lx, seq %08lx, mask %08lx is %08lx\n", seqno, seq, mask, ismask);
201 if (*cell & mask) 97 if (*cell & mask)
202 { 98 {
203 slog (L_ERR, _("received duplicate packet (received %08lx, expected %08lx)\n" 99 slog (L_ERR, _("received duplicate packet (received %08lx, expected %08lx)\n"
204 "possible replay attack, or just packet duplication"), seqno, seq + 1);//D 100 "possible replay attack, or just packet duplication"), seqno, seq + 1);//D
205 return false; 101 return false;
211 } 107 }
212 } 108 }
213 } 109 }
214}; 110};
215 111
112typedef callback0<const char *> run_script_cb;
113
114// run a shell script (or actually an external program).
115void run_script (const run_script_cb &cb, bool wait);
116
117#if ENABLE_HTTP_PROXY
118u8 *base64_encode (const u8 *data, unsigned int len);
216#endif 119#endif
217 120
121/*****************************************************************************/
122
123typedef u8 rsaclear[RSA_KEYLEN - RSA_OVERHEAD]; // challenge data;
124typedef u8 rsacrypt[RSA_KEYLEN]; // encrypted challenge
125
126static inline void
127rsa_encrypt (RSA *key, const rsaclear &chg, rsacrypt &encr)
128{
129 if (RSA_public_encrypt (sizeof chg,
130 (unsigned char *)&chg, (unsigned char *)&encr,
131 key, RSA_PKCS1_OAEP_PADDING) < 0)
132 fatal ("RSA_public_encrypt error");
133}
134
135static inline bool
136rsa_decrypt (RSA *key, const rsacrypt &encr, rsaclear &chg)
137{
138 return RSA_private_decrypt (sizeof encr,
139 (unsigned char *)&encr, (unsigned char *)&chg,
140 key, RSA_PKCS1_OAEP_PADDING) > 0;
141}
142
143#endif
144

Diff Legend

Removed lines
+ Added lines
< Changed lines
> Changed lines