--- gvpe/src/util.h 2003/10/16 14:12:00 1.10 +++ gvpe/src/util.h 2008/08/07 17:54:27 1.25 @@ -2,38 +2,57 @@ util.h -- process management and other utility functions Copyright (C) 1998-2002 Ivo Timmermans 2000-2002 Guus Sliepen - 2003 Marc Lehmann + 2003-2008 Marc Lehmann - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc. 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + This file is part of GVPE. + + GVPE is free software; you can redistribute it and/or modify it + under the terms of the GNU General Public License as published by the + Free Software Foundation; either version 3 of the License, or (at your + option) any later version. + + This program is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General + Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, see . + + Additional permission under GNU GPL version 3 section 7 + + If you modify this Program, or any covered work, by linking or + combining it with the OpenSSL project's OpenSSL library (or a modified + version of that library), containing parts covered by the terms of the + OpenSSL or SSLeay licenses, the licensors of this Program grant you + additional permission to convey the resulting work. Corresponding + Source for a non-source form of such a combination shall include the + source code for the parts of OpenSSL used as well as that of the + covered work. */ #ifndef UTIL_H__ #define UTIL_H__ +#include + +#include + #include "gettext.h" #include "slog.h" -#include "iom.h" +#include "ev_cpp.h" +#include "callback.h" + +typedef ev_tstamp tstamp; /* - * check for an existing vped for this net, and write pid to pidfile + * check for an existing gvpe for this net, and write pid to pidfile */ extern int write_pidfile (void); /* - * kill older vped + * kill older gvpe */ extern int kill_other (int signal); @@ -43,22 +62,20 @@ extern int detach (int do_detach); /* - * Set all files and paths according to netname - */ -extern void make_names (void); - -/* * check wether the given path is an absolute pathname */ #define ABSOLUTE_PATH(c) ((c)[0] == '/') +/*****************************************************************************/ + typedef u8 mac[6]; extern void id2mac (unsigned int id, void *m); #define mac2id(p) ((p)[0] & 0x01 ? 0 : ((p)[4] << 8) | (p)[5]) -struct sliding_window { +struct sliding_window +{ u32 v[(WINDOWSIZE + 31) / 32]; u32 seq; @@ -72,10 +89,10 @@ { if (seqno <= seq - WINDOWSIZE) slog (L_ERR, _("received duplicate or outdated packet (received %08lx, expected %08lx)\n" - "possible replay attack, or just massive packet reordering"), seqno, seq + 1);//D - else if (seqno > seq + WINDOWSIZE) + "possible replay attack, or just massive packet reordering"), seqno, seq + 1); + else if (seqno > seq + WINDOWSIZE * 4) slog (L_ERR, _("received duplicate or out-of-sync packet (received %08lx, expected %08lx)\n" - "possible replay attack, or just massive packet loss"), seqno, seq + 1);//D + "possible replay attack, or just massive packet loss"), seqno, seq + 1); else { while (seqno > seq) @@ -94,28 +111,49 @@ u32 mask = 1 << (s & 31); if (*cell & mask) - { - slog (L_ERR, _("received duplicate packet (received %08lx, expected %08lx)\n" - "possible replay attack, or just packet duplication"), seqno, seq + 1);//D - return false; - } + slog (L_ERR, _("received duplicate packet (received %08lx, expected %08lx)\n" + "possible replay attack, or just packet duplication"), seqno, seq + 1); else { *cell |= mask; return true; } } + + return false; } }; -typedef callback0 run_script_cb; +typedef callback run_script_cb; // run a shell script (or actually an external program). -void run_script (const run_script_cb &cb, bool wait); +bool run_script (const run_script_cb &cb, bool wait); #if ENABLE_HTTP_PROXY u8 *base64_encode (const u8 *data, unsigned int len); #endif +/*****************************************************************************/ + +typedef u8 rsaclear[RSA_KEYLEN - RSA_OVERHEAD]; // challenge data; +typedef u8 rsacrypt[RSA_KEYLEN]; // encrypted challenge + +static inline void +rsa_encrypt (RSA *key, const rsaclear &chg, rsacrypt &encr) +{ + if (RSA_public_encrypt (sizeof chg, + (unsigned char *)&chg, (unsigned char *)&encr, + key, RSA_PKCS1_OAEP_PADDING) < 0) + fatal ("RSA_public_encrypt error"); +} + +static inline bool +rsa_decrypt (RSA *key, const rsacrypt &encr, rsaclear &chg) +{ + return RSA_private_decrypt (sizeof encr, + (unsigned char *)&encr, (unsigned char *)&chg, + key, RSA_PKCS1_OAEP_PADDING) > 0; +} + #endif