| 1 | /* |
1 | /* |
| 2 | util.h -- process management and other utility functions |
2 | util.h -- process management and other utility functions |
| 3 | Copyright (C) 1998-2002 Ivo Timmermans <ivo@o2w.nl> |
3 | Copyright (C) 1998-2002 Ivo Timmermans <ivo@o2w.nl> |
| 4 | 2000-2002 Guus Sliepen <guus@sliepen.eu.org> |
4 | 2000-2002 Guus Sliepen <guus@sliepen.eu.org> |
| 5 | 2003 Marc Lehmannn <pcg@goof.com> |
5 | 2003-2008 Marc Lehmann <gvpe@schmorp.de> |
| 6 | |
6 | |
|
|
7 | This file is part of GVPE. |
|
|
8 | |
| 7 | This program is free software; you can redistribute it and/or modify |
9 | GVPE is free software; you can redistribute it and/or modify it |
| 8 | it under the terms of the GNU General Public License as published by |
10 | under the terms of the GNU General Public License as published by the |
| 9 | the Free Software Foundation; either version 2 of the License, or |
11 | Free Software Foundation; either version 3 of the License, or (at your |
| 10 | (at your option) any later version. |
12 | option) any later version. |
| 11 | |
13 | |
| 12 | This program is distributed in the hope that it will be useful, |
14 | This program is distributed in the hope that it will be useful, but |
| 13 | but WITHOUT ANY WARRANTY; without even the implied warranty of |
15 | WITHOUT ANY WARRANTY; without even the implied warranty of |
| 14 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
16 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General |
| 15 | GNU General Public License for more details. |
17 | Public License for more details. |
| 16 | |
18 | |
| 17 | You should have received a copy of the GNU General Public License |
19 | You should have received a copy of the GNU General Public License along |
| 18 | along with this program; if not, write to the Free Software |
20 | with this program; if not, see <http://www.gnu.org/licenses/>. |
| 19 | Foundation, Inc. 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA |
21 | |
|
|
22 | Additional permission under GNU GPL version 3 section 7 |
|
|
23 | |
|
|
24 | If you modify this Program, or any covered work, by linking or |
|
|
25 | combining it with the OpenSSL project's OpenSSL library (or a modified |
|
|
26 | version of that library), containing parts covered by the terms of the |
|
|
27 | OpenSSL or SSLeay licenses, the licensors of this Program grant you |
|
|
28 | additional permission to convey the resulting work. Corresponding |
|
|
29 | Source for a non-source form of such a combination shall include the |
|
|
30 | source code for the parts of OpenSSL used as well as that of the |
|
|
31 | covered work. |
| 20 | */ |
32 | */ |
| 21 | |
33 | |
| 22 | #ifndef UTIL_H__ |
34 | #ifndef UTIL_H__ |
| 23 | #define UTIL_H__ |
35 | #define UTIL_H__ |
| 24 | |
36 | |
|
|
37 | #include <cstring> |
| 25 | #include <sys/socket.h> |
38 | #include <sys/types.h> |
| 26 | #include <netinet/in.h> |
|
|
| 27 | |
39 | |
| 28 | #include <map> |
40 | #include <openssl/rsa.h> |
| 29 | |
41 | |
| 30 | #include "device.h" |
42 | #include "gettext.h" |
| 31 | |
43 | |
| 32 | #define SOCKADDR sockaddr_in // this is lame, I know |
44 | #include "slog.h" |
|
|
45 | #include "ev_cpp.h" |
|
|
46 | #include "callback.h" |
|
|
47 | |
|
|
48 | typedef ev_tstamp tstamp; |
| 33 | |
49 | |
| 34 | /* |
50 | /* |
| 35 | * check for an existing vped for this net, and write pid to pidfile |
51 | * check for an existing gvpe for this net, and write pid to pidfile |
| 36 | */ |
52 | */ |
| 37 | extern int write_pidfile (void); |
53 | extern int write_pidfile (void); |
| 38 | |
54 | |
| 39 | /* |
55 | /* |
| 40 | * kill older vped |
56 | * kill older gvpe |
| 41 | */ |
57 | */ |
| 42 | extern int kill_other (int signal); |
58 | extern int kill_other (int signal); |
| 43 | |
59 | |
| 44 | /* |
60 | /* |
| 45 | * Detach from current terminal, write pidfile, kill parent |
61 | * Detach from current terminal, write pidfile, kill parent |
| 46 | */ |
62 | */ |
| 47 | extern int detach (int do_detach); |
63 | extern int detach (int do_detach); |
| 48 | |
64 | |
| 49 | /* |
65 | /* |
| 50 | * Set all files and paths according to netname |
|
|
| 51 | */ |
|
|
| 52 | extern void make_names (void); |
|
|
| 53 | |
|
|
| 54 | /* |
|
|
| 55 | * check wether the given path is an absolute pathname |
66 | * check wether the given path is an absolute pathname |
| 56 | */ |
67 | */ |
| 57 | #define ABSOLUTE_PATH(c) ((c)[0] == '/') |
68 | #define ABSOLUTE_PATH(c) ((c)[0] == '/') |
| 58 | |
69 | |
|
|
70 | /*****************************************************************************/ |
|
|
71 | |
|
|
72 | typedef u8 mac[6]; |
|
|
73 | |
|
|
74 | extern void id2mac (unsigned int id, void *m); |
|
|
75 | |
|
|
76 | #define mac2id(p) ((p)[0] & 0x01 ? 0 : ((p)[4] << 8) | (p)[5]) |
|
|
77 | |
|
|
78 | struct sliding_window |
|
|
79 | { |
|
|
80 | u32 v[(WINDOWSIZE + 31) / 32]; |
|
|
81 | u32 seq; |
|
|
82 | |
|
|
83 | void reset (u32 seqno) |
|
|
84 | { |
|
|
85 | memset (v, -1, sizeof v); |
|
|
86 | seq = seqno; |
|
|
87 | } |
|
|
88 | |
|
|
89 | // 0 == ok, 1 == far history, 2 == duplicate in-window, 3 == far future |
|
|
90 | int seqno_classify (u32 seqno) |
|
|
91 | { |
|
|
92 | if (seqno <= seq - WINDOWSIZE) |
|
|
93 | return 1; |
|
|
94 | else if (seqno > seq + WINDOWSIZE * 16) |
|
|
95 | return 3; |
|
|
96 | else |
|
|
97 | { |
|
|
98 | while (seqno > seq) |
|
|
99 | { |
|
|
100 | seq++; |
|
|
101 | |
|
|
102 | u32 s = seq % WINDOWSIZE; |
|
|
103 | u32 *cell = v + (s >> 5); |
|
|
104 | u32 mask = 1 << (s & 31); |
|
|
105 | |
|
|
106 | *cell &= ~mask; |
|
|
107 | } |
|
|
108 | |
|
|
109 | u32 s = seqno % WINDOWSIZE; |
|
|
110 | u32 *cell = v + (s >> 5); |
|
|
111 | u32 mask = 1 << (s & 31); |
|
|
112 | |
|
|
113 | if (*cell & mask) |
|
|
114 | return 2; |
|
|
115 | else |
|
|
116 | { |
|
|
117 | *cell |= mask; |
|
|
118 | return 0; |
|
|
119 | } |
|
|
120 | } |
|
|
121 | } |
|
|
122 | }; |
|
|
123 | |
|
|
124 | typedef callback<const char * ()> run_script_cb; |
|
|
125 | |
|
|
126 | // run a shell script (or actually an external program). |
|
|
127 | pid_t run_script (const run_script_cb &cb, bool wait); |
|
|
128 | |
|
|
129 | #if ENABLE_HTTP_PROXY |
|
|
130 | u8 *base64_encode (const u8 *data, unsigned int len); |
|
|
131 | #endif |
|
|
132 | |
|
|
133 | /*****************************************************************************/ |
|
|
134 | |
|
|
135 | typedef u8 rsaclear[RSA_KEYLEN - RSA_OVERHEAD]; // challenge data; |
|
|
136 | typedef u8 rsacrypt[RSA_KEYLEN]; // encrypted challenge |
|
|
137 | |
| 59 | static inline void |
138 | static inline void |
| 60 | id2mac (unsigned int id, void *m) |
139 | rsa_encrypt (RSA *key, const rsaclear &chg, rsacrypt &encr) |
| 61 | { |
140 | { |
| 62 | mac &p = *(mac *)m; |
141 | if (RSA_public_encrypt (sizeof chg, |
| 63 | |
142 | (unsigned char *)&chg, (unsigned char *)&encr, |
| 64 | p[0] = 0xfe; |
143 | key, RSA_PKCS1_OAEP_PADDING) < 0) |
| 65 | p[1] = 0xfd; |
144 | fatal ("RSA_public_encrypt error"); |
| 66 | p[2] = 0x80; |
|
|
| 67 | p[3] = 0x00; |
|
|
| 68 | p[4] = id >> 8; |
|
|
| 69 | p[5] = id; |
|
|
| 70 | } |
145 | } |
| 71 | |
146 | |
| 72 | #define mac2id(p) (p[0] & 0x01 ? 0 : (p[4] << 8) | p[5]) |
|
|
| 73 | |
|
|
| 74 | // a very simple fifo pkt-queue |
|
|
| 75 | class pkt_queue |
|
|
| 76 | { |
|
|
| 77 | tap_packet *queue[QUEUEDEPTH]; |
|
|
| 78 | int i, j; |
|
|
| 79 | |
|
|
| 80 | public: |
|
|
| 81 | |
|
|
| 82 | void put (tap_packet *p); |
|
|
| 83 | tap_packet *get (); |
|
|
| 84 | |
|
|
| 85 | pkt_queue (); |
|
|
| 86 | ~pkt_queue (); |
|
|
| 87 | }; |
|
|
| 88 | |
|
|
| 89 | struct sockinfo |
|
|
| 90 | { |
|
|
| 91 | u32 host; |
|
|
| 92 | u16 port; |
|
|
| 93 | |
|
|
| 94 | void set (const SOCKADDR *sa) |
|
|
| 95 | { |
|
|
| 96 | host = sa->sin_addr.s_addr; |
|
|
| 97 | port = sa->sin_port; |
|
|
| 98 | } |
|
|
| 99 | |
|
|
| 100 | sockinfo() |
|
|
| 101 | { |
|
|
| 102 | host = port = 0; |
|
|
| 103 | } |
|
|
| 104 | |
|
|
| 105 | sockinfo(const SOCKADDR &sa) |
|
|
| 106 | { |
|
|
| 107 | set (&sa); |
|
|
| 108 | } |
|
|
| 109 | |
|
|
| 110 | sockinfo(const SOCKADDR *sa) |
|
|
| 111 | { |
|
|
| 112 | set (sa); |
|
|
| 113 | } |
|
|
| 114 | |
|
|
| 115 | SOCKADDR *sa() |
|
|
| 116 | { |
|
|
| 117 | static SOCKADDR sa; |
|
|
| 118 | |
|
|
| 119 | sa.sin_family = AF_INET; |
|
|
| 120 | sa.sin_port = port; |
|
|
| 121 | sa.sin_addr.s_addr = host; |
|
|
| 122 | |
|
|
| 123 | return &sa; |
|
|
| 124 | } |
|
|
| 125 | |
|
|
| 126 | operator const char *(); |
|
|
| 127 | }; |
|
|
| 128 | |
|
|
| 129 | inline bool |
147 | static inline bool |
| 130 | operator == (const sockinfo &a, const sockinfo &b) |
148 | rsa_decrypt (RSA *key, const rsacrypt &encr, rsaclear &chg) |
| 131 | { |
149 | { |
| 132 | return a.host == b.host && a.port == b.port; |
150 | return RSA_private_decrypt (sizeof encr, |
|
|
151 | (unsigned char *)&encr, (unsigned char *)&chg, |
|
|
152 | key, RSA_PKCS1_OAEP_PADDING) > 0; |
| 133 | } |
153 | } |
| 134 | |
|
|
| 135 | inline bool |
|
|
| 136 | operator < (const sockinfo &a, const sockinfo &b) |
|
|
| 137 | { |
|
|
| 138 | return a.host < b.host |
|
|
| 139 | || (a.host == b.host && a.port < b.port); |
|
|
| 140 | } |
|
|
| 141 | |
|
|
| 142 | // only do action once every x seconds per host. |
|
|
| 143 | // currently this is quite a slow implementation, |
|
|
| 144 | // but suffices for normal operation. |
|
|
| 145 | struct u32_rate_limiter : private map<u32, time_t> |
|
|
| 146 | { |
|
|
| 147 | int every; |
|
|
| 148 | |
|
|
| 149 | bool can (u32 host); |
|
|
| 150 | |
|
|
| 151 | u32_rate_limiter (time_t every = 1) |
|
|
| 152 | { |
|
|
| 153 | this->every = every; |
|
|
| 154 | } |
|
|
| 155 | }; |
|
|
| 156 | |
|
|
| 157 | struct net_rate_limiter : u32_rate_limiter |
|
|
| 158 | { |
|
|
| 159 | bool can (SOCKADDR *sa) { return u32_rate_limiter::can((u32)sa->sin_addr.s_addr); } |
|
|
| 160 | bool can (sockinfo &si) { return u32_rate_limiter::can((u32)si.host); } |
|
|
| 161 | |
|
|
| 162 | net_rate_limiter (time_t every) : u32_rate_limiter (every) {} |
|
|
| 163 | }; |
|
|
| 164 | |
154 | |
| 165 | #endif |
155 | #endif |
| 166 | |
156 | |
