--- gvpe/src/util.h 2003/10/16 14:12:00 1.10 +++ gvpe/src/util.h 2007/12/01 23:35:31 1.21 @@ -2,9 +2,11 @@ util.h -- process management and other utility functions Copyright (C) 1998-2002 Ivo Timmermans 2000-2002 Guus Sliepen - 2003 Marc Lehmann + 2003 Marc Lehmann - This program is free software; you can redistribute it and/or modify + This file is part of GVPE. + + GVPE is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. @@ -15,25 +17,30 @@ GNU General Public License for more details. You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc. 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + along with gvpe; if not, write to the Free Software + Foundation, Inc. 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA */ #ifndef UTIL_H__ #define UTIL_H__ +#include + #include "gettext.h" #include "slog.h" -#include "iom.h" +#include "ev_cpp.h" +#include "callback.h" + +typedef ev_tstamp tstamp; /* - * check for an existing vped for this net, and write pid to pidfile + * check for an existing gvpe for this net, and write pid to pidfile */ extern int write_pidfile (void); /* - * kill older vped + * kill older gvpe */ extern int kill_other (int signal); @@ -43,15 +50,12 @@ extern int detach (int do_detach); /* - * Set all files and paths according to netname - */ -extern void make_names (void); - -/* * check wether the given path is an absolute pathname */ #define ABSOLUTE_PATH(c) ((c)[0] == '/') +/*****************************************************************************/ + typedef u8 mac[6]; extern void id2mac (unsigned int id, void *m); @@ -72,10 +76,10 @@ { if (seqno <= seq - WINDOWSIZE) slog (L_ERR, _("received duplicate or outdated packet (received %08lx, expected %08lx)\n" - "possible replay attack, or just massive packet reordering"), seqno, seq + 1);//D - else if (seqno > seq + WINDOWSIZE) + "possible replay attack, or just massive packet reordering"), seqno, seq + 1); + else if (seqno > seq + WINDOWSIZE * 4) slog (L_ERR, _("received duplicate or out-of-sync packet (received %08lx, expected %08lx)\n" - "possible replay attack, or just massive packet loss"), seqno, seq + 1);//D + "possible replay attack, or just massive packet loss"), seqno, seq + 1); else { while (seqno > seq) @@ -94,28 +98,49 @@ u32 mask = 1 << (s & 31); if (*cell & mask) - { - slog (L_ERR, _("received duplicate packet (received %08lx, expected %08lx)\n" - "possible replay attack, or just packet duplication"), seqno, seq + 1);//D - return false; - } + slog (L_ERR, _("received duplicate packet (received %08lx, expected %08lx)\n" + "possible replay attack, or just packet duplication"), seqno, seq + 1); else { *cell |= mask; return true; } } + + return false; } }; typedef callback0 run_script_cb; // run a shell script (or actually an external program). -void run_script (const run_script_cb &cb, bool wait); +bool run_script (const run_script_cb &cb, bool wait); #if ENABLE_HTTP_PROXY u8 *base64_encode (const u8 *data, unsigned int len); #endif +/*****************************************************************************/ + +typedef u8 rsaclear[RSA_KEYLEN - RSA_OVERHEAD]; // challenge data; +typedef u8 rsacrypt[RSA_KEYLEN]; // encrypted challenge + +static inline void +rsa_encrypt (RSA *key, const rsaclear &chg, rsacrypt &encr) +{ + if (RSA_public_encrypt (sizeof chg, + (unsigned char *)&chg, (unsigned char *)&encr, + key, RSA_PKCS1_OAEP_PADDING) < 0) + fatal ("RSA_public_encrypt error"); +} + +static inline bool +rsa_decrypt (RSA *key, const rsacrypt &encr, rsaclear &chg) +{ + return RSA_private_decrypt (sizeof encr, + (unsigned char *)&encr, (unsigned char *)&chg, + key, RSA_PKCS1_OAEP_PADDING) > 0; +} + #endif