1 | /* |
1 | /* |
2 | util.h -- process management and other utility functions |
2 | util.h -- process management and other utility functions |
3 | Copyright (C) 1998-2002 Ivo Timmermans <ivo@o2w.nl> |
3 | Copyright (C) 1998-2002 Ivo Timmermans <ivo@o2w.nl> |
4 | 2000-2002 Guus Sliepen <guus@sliepen.eu.org> |
4 | 2000-2002 Guus Sliepen <guus@sliepen.eu.org> |
5 | 2003 Marc Lehmann <pcg@goof.com> |
5 | 2003 Marc Lehmann <gvpe@schmorp.de> |
6 | |
6 | |
|
|
7 | This file is part of GVPE. |
|
|
8 | |
7 | This program is free software; you can redistribute it and/or modify |
9 | GVPE is free software; you can redistribute it and/or modify |
8 | it under the terms of the GNU General Public License as published by |
10 | it under the terms of the GNU General Public License as published by |
9 | the Free Software Foundation; either version 2 of the License, or |
11 | the Free Software Foundation; either version 2 of the License, or |
10 | (at your option) any later version. |
12 | (at your option) any later version. |
11 | |
13 | |
12 | This program is distributed in the hope that it will be useful, |
14 | This program is distributed in the hope that it will be useful, |
13 | but WITHOUT ANY WARRANTY; without even the implied warranty of |
15 | but WITHOUT ANY WARRANTY; without even the implied warranty of |
14 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
16 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
15 | GNU General Public License for more details. |
17 | GNU General Public License for more details. |
16 | |
18 | |
17 | You should have received a copy of the GNU General Public License |
19 | You should have received a copy of the GNU General Public License |
18 | along with this program; if not, write to the Free Software |
20 | along with gvpe; if not, write to the Free Software |
19 | Foundation, Inc. 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA |
21 | Foundation, Inc. 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA |
20 | */ |
22 | */ |
21 | |
23 | |
22 | #ifndef UTIL_H__ |
24 | #ifndef UTIL_H__ |
23 | #define UTIL_H__ |
25 | #define UTIL_H__ |
|
|
26 | |
|
|
27 | #include <openssl/rsa.h> |
24 | |
28 | |
25 | #include "gettext.h" |
29 | #include "gettext.h" |
26 | |
30 | |
27 | #include "slog.h" |
31 | #include "slog.h" |
28 | #include "iom.h" |
32 | #include "iom.h" |
29 | |
33 | |
30 | /* |
34 | /* |
31 | * check for an existing vped for this net, and write pid to pidfile |
35 | * check for an existing gvpe for this net, and write pid to pidfile |
32 | */ |
36 | */ |
33 | extern int write_pidfile (void); |
37 | extern int write_pidfile (void); |
34 | |
38 | |
35 | /* |
39 | /* |
36 | * kill older vped |
40 | * kill older gvpe |
37 | */ |
41 | */ |
38 | extern int kill_other (int signal); |
42 | extern int kill_other (int signal); |
39 | |
43 | |
40 | /* |
44 | /* |
41 | * Detach from current terminal, write pidfile, kill parent |
45 | * Detach from current terminal, write pidfile, kill parent |
42 | */ |
46 | */ |
43 | extern int detach (int do_detach); |
47 | extern int detach (int do_detach); |
44 | |
48 | |
45 | /* |
49 | /* |
46 | * Set all files and paths according to netname |
|
|
47 | */ |
|
|
48 | extern void make_names (void); |
|
|
49 | |
|
|
50 | /* |
|
|
51 | * check wether the given path is an absolute pathname |
50 | * check wether the given path is an absolute pathname |
52 | */ |
51 | */ |
53 | #define ABSOLUTE_PATH(c) ((c)[0] == '/') |
52 | #define ABSOLUTE_PATH(c) ((c)[0] == '/') |
|
|
53 | |
|
|
54 | /*****************************************************************************/ |
54 | |
55 | |
55 | typedef u8 mac[6]; |
56 | typedef u8 mac[6]; |
56 | |
57 | |
57 | extern void id2mac (unsigned int id, void *m); |
58 | extern void id2mac (unsigned int id, void *m); |
58 | |
59 | |
… | |
… | |
70 | |
71 | |
71 | bool recv_ok (u32 seqno) |
72 | bool recv_ok (u32 seqno) |
72 | { |
73 | { |
73 | if (seqno <= seq - WINDOWSIZE) |
74 | if (seqno <= seq - WINDOWSIZE) |
74 | slog (L_ERR, _("received duplicate or outdated packet (received %08lx, expected %08lx)\n" |
75 | slog (L_ERR, _("received duplicate or outdated packet (received %08lx, expected %08lx)\n" |
75 | "possible replay attack, or just massive packet reordering"), seqno, seq + 1);//D |
76 | "possible replay attack, or just massive packet reordering"), seqno, seq + 1); |
76 | else if (seqno > seq + WINDOWSIZE) |
77 | else if (seqno > seq + WINDOWSIZE * 4) |
77 | slog (L_ERR, _("received duplicate or out-of-sync packet (received %08lx, expected %08lx)\n" |
78 | slog (L_ERR, _("received duplicate or out-of-sync packet (received %08lx, expected %08lx)\n" |
78 | "possible replay attack, or just massive packet loss"), seqno, seq + 1);//D |
79 | "possible replay attack, or just massive packet loss"), seqno, seq + 1); |
79 | else |
80 | else |
80 | { |
81 | { |
81 | while (seqno > seq) |
82 | while (seqno > seq) |
82 | { |
83 | { |
83 | seq++; |
84 | seq++; |
… | |
… | |
92 | u32 s = seqno % WINDOWSIZE; |
93 | u32 s = seqno % WINDOWSIZE; |
93 | u32 *cell = v + (s >> 5); |
94 | u32 *cell = v + (s >> 5); |
94 | u32 mask = 1 << (s & 31); |
95 | u32 mask = 1 << (s & 31); |
95 | |
96 | |
96 | if (*cell & mask) |
97 | if (*cell & mask) |
97 | { |
|
|
98 | slog (L_ERR, _("received duplicate packet (received %08lx, expected %08lx)\n" |
98 | slog (L_ERR, _("received duplicate packet (received %08lx, expected %08lx)\n" |
99 | "possible replay attack, or just packet duplication"), seqno, seq + 1);//D |
99 | "possible replay attack, or just packet duplication"), seqno, seq + 1); |
100 | return false; |
|
|
101 | } |
|
|
102 | else |
100 | else |
103 | { |
101 | { |
104 | *cell |= mask; |
102 | *cell |= mask; |
105 | return true; |
103 | return true; |
106 | } |
104 | } |
107 | } |
105 | } |
|
|
106 | |
|
|
107 | return false; |
108 | } |
108 | } |
109 | }; |
109 | }; |
110 | |
110 | |
111 | typedef callback0<const char *> run_script_cb; |
111 | typedef callback0<const char *> run_script_cb; |
112 | |
112 | |
113 | // run a shell script (or actually an external program). |
113 | // run a shell script (or actually an external program). |
114 | void run_script (const run_script_cb &cb, bool wait); |
114 | bool run_script (const run_script_cb &cb, bool wait); |
115 | |
115 | |
116 | #if ENABLE_HTTP_PROXY |
116 | #if ENABLE_HTTP_PROXY |
117 | u8 *base64_encode (const u8 *data, unsigned int len); |
117 | u8 *base64_encode (const u8 *data, unsigned int len); |
118 | #endif |
118 | #endif |
119 | |
119 | |
|
|
120 | /*****************************************************************************/ |
|
|
121 | |
|
|
122 | typedef u8 rsaclear[RSA_KEYLEN - RSA_OVERHEAD]; // challenge data; |
|
|
123 | typedef u8 rsacrypt[RSA_KEYLEN]; // encrypted challenge |
|
|
124 | |
|
|
125 | static inline void |
|
|
126 | rsa_encrypt (RSA *key, const rsaclear &chg, rsacrypt &encr) |
|
|
127 | { |
|
|
128 | if (RSA_public_encrypt (sizeof chg, |
|
|
129 | (unsigned char *)&chg, (unsigned char *)&encr, |
|
|
130 | key, RSA_PKCS1_OAEP_PADDING) < 0) |
|
|
131 | fatal ("RSA_public_encrypt error"); |
|
|
132 | } |
|
|
133 | |
|
|
134 | static inline bool |
|
|
135 | rsa_decrypt (RSA *key, const rsacrypt &encr, rsaclear &chg) |
|
|
136 | { |
|
|
137 | return RSA_private_decrypt (sizeof encr, |
|
|
138 | (unsigned char *)&encr, (unsigned char *)&chg, |
|
|
139 | key, RSA_PKCS1_OAEP_PADDING) > 0; |
|
|
140 | } |
|
|
141 | |
120 | #endif |
142 | #endif |
121 | |
143 | |