gvpe/src/util.h

/*
    util.h -- process management and other utility functions
    Copyright (C) 1998-2002 Ivo Timmermans <ivo@o2w.nl>
                  2000-2002 Guus Sliepen <guus@sliepen.eu.org>
                  2003      Marc Lehmannn <pcg@goof.com>
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation; either version 2 of the License, or
    (at your option) any later version.
 
    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.
 
    You should have received a copy of the GNU General Public License
    along with this program; if not, write to the Free Software
    Foundation, Inc. 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
*/

#ifndef UTIL_H__
#define UTIL_H__

#include <sys/socket.h>
#include <netinet/in.h>

#include <map>

#include "device.h"

#define SOCKADDR        sockaddr_in     // this is lame, I know

/*
 * check for an existing vped for this net, and write pid to pidfile
 */
extern int write_pidfile (void);

/*
 * kill older vped
 */
extern int kill_other (int signal);

/*
 * Detach from current terminal, write pidfile, kill parent
 */
extern int detach (int do_detach);

/*
 * Set all files and paths according to netname
 */
extern void make_names (void);

/*
 * check wether the given path is an absolute pathname
 */
#define ABSOLUTE_PATH(c) ((c)[0] == '/')

static inline void
id2mac (unsigned int id, void *m)
{
  mac &p = *(mac *)m;

  p[0] = 0xfe;
  p[1] = 0xfd;
  p[2] = 0x80;
  p[3] = 0x00;
  p[4] = id >> 8;
  p[5] = id;
}

#define mac2id(p) (p[0] & 0x01 ? 0 : (p[4] << 8) | p[5])

// a very simple fifo pkt-queue
class pkt_queue
  {
    tap_packet *queue[QUEUEDEPTH];
    int i, j;

  public:

    void put (tap_packet *p);
    tap_packet *get ();

    pkt_queue ();
    ~pkt_queue ();
  };

struct sockinfo
  {
    u32 host;
    u16 port;

    void set (const SOCKADDR *sa)
    {
      host = sa->sin_addr.s_addr;
      port = sa->sin_port;
    }

    sockinfo()
    {
      host = port = 0;
    }

    sockinfo(const SOCKADDR &sa)
    {
      set (&sa);
    }

    sockinfo(const SOCKADDR *sa)
    {
      set (sa);
    }

    SOCKADDR *sa()
    {
      static SOCKADDR sa;

      sa.sin_family = AF_INET;
      sa.sin_port = port;
      sa.sin_addr.s_addr = host;

      return &sa;
    }

    operator const char *();
  };

inline bool
operator == (const sockinfo &a, const sockinfo &b)
{
  return a.host == b.host && a.port == b.port;
}

inline bool
operator < (const sockinfo &a, const sockinfo &b)
{
  return a.host < b.host 
         || (a.host == b.host && a.port < b.port);
}

// only do action once every x seconds per host.
// currently this is quite a slow implementation,
// but suffices for normal operation.
struct u32_rate_limiter : private map<u32, time_t>
 {
   int every;

   bool can (u32 host);

   u32_rate_limiter (time_t every = 1)
   {
     this->every = every;
   }
 };

struct net_rate_limiter : u32_rate_limiter
  {
    bool can (SOCKADDR *sa) { return u32_rate_limiter::can((u32)sa->sin_addr.s_addr); }
    bool can (sockinfo &si) { return u32_rate_limiter::can((u32)si.host); }

    net_rate_limiter (time_t every) : u32_rate_limiter (every) {}
  };

struct sliding_window {
  u32 v[(WINDOWSIZE + 31) / 32];
  u32 seq;

  void reset (u32 seqno)
    {
      memset (v, -1, sizeof v);
      seq = seqno;
    }

  bool recv_ok (u32 seqno)
    {
      if (seqno <= seq - WINDOWSIZE)
        slog (L_ERR, _("received duplicate or outdated packet (received %08lx, expected %08lx)\n"
                       "possible replay attack, or just massive packet reordering"), seqno, seq + 1);//D
      else if (seqno > seq + WINDOWSIZE)
        slog (L_ERR, _("received duplicate or out-of-sync packet (received %08lx, expected %08lx)\n"
                       "possible replay attack, or just massive packet loss"), seqno, seq + 1);//D
      else
        {
          while (seqno > seq)
            {
              seq++;

              u32 s = seq % WINDOWSIZE;
              u32 *cell = v + (s >> 5);
              u32 mask = 1 << (s & 31);

              *cell &= ~mask;
            }

          u32 s = seqno % WINDOWSIZE;
          u32 *cell = v + (s >> 5);
          u32 mask = 1 << (s & 31);

          //printf ("received seqno %08lx, seq %08lx, mask %08lx is %08lx\n", seqno, seq, mask, ismask);
          if (*cell & mask)
            {
              slog (L_ERR, _("received duplicate packet (received %08lx, expected %08lx)\n"
                             "possible replay attack, or just packet duplication"), seqno, seq + 1);//D
              return false;
            }
          else
            {
              *cell |= mask;
              return true;
            }
        }
    }
};

#endif

Revision:	1.2
Committed:	Mon Mar 17 15:20:18 2003 UTC (21 years, 2 months ago) by pcg
Content type:	text/plain
Branch:	MAIN
Changes since 1.1:	+51 -0 lines
Log Message:	* empty log message *
#	Content
1	/*
2	util.h -- process management and other utility functions
3	Copyright (C) 1998-2002 Ivo Timmermans <ivo@o2w.nl>
4	2000-2002 Guus Sliepen <guus@sliepen.eu.org>
5	2003 Marc Lehmannn <pcg@goof.com>
6
7	This program is free software; you can redistribute it and/or modify
8	it under the terms of the GNU General Public License as published by
9	the Free Software Foundation; either version 2 of the License, or
10	(at your option) any later version.
11
12	This program is distributed in the hope that it will be useful,
13	but WITHOUT ANY WARRANTY; without even the implied warranty of
14	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15	GNU General Public License for more details.
16
17	You should have received a copy of the GNU General Public License
18	along with this program; if not, write to the Free Software
19	Foundation, Inc. 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20	*/
21
22	#ifndef UTIL_H__
23	#define UTIL_H__
24
25	#include <sys/socket.h>
26	#include <netinet/in.h>
27
28	#include <map>
29
30	#include "device.h"
31
32	#define SOCKADDR sockaddr_in // this is lame, I know
33
34	/*
35	* check for an existing vped for this net, and write pid to pidfile
36	*/
37	extern int write_pidfile (void);
38
39	/*
40	* kill older vped
41	*/
42	extern int kill_other (int signal);
43
44	/*
45	* Detach from current terminal, write pidfile, kill parent
46	*/
47	extern int detach (int do_detach);
48
49	/*
50	* Set all files and paths according to netname
51	*/
52	extern void make_names (void);
53
54	/*
55	* check wether the given path is an absolute pathname
56	*/
57	#define ABSOLUTE_PATH(c) ((c)[0] == '/')
58
59	static inline void
60	id2mac (unsigned int id, void *m)
61	{
62	mac &p = (mac )m;
63
64	p[0] = 0xfe;
65	p[1] = 0xfd;
66	p[2] = 0x80;
67	p[3] = 0x00;
68	p[4] = id >> 8;
69	p[5] = id;
70	}
71
72	#define mac2id(p) (p[0] & 0x01 ? 0 : (p[4] << 8) \| p[5])
73
74	// a very simple fifo pkt-queue
75	class pkt_queue
76	{
77	tap_packet *queue[QUEUEDEPTH];
78	int i, j;
79
80	public:
81
82	void put (tap_packet *p);
83	tap_packet *get ();
84
85	pkt_queue ();
86	~pkt_queue ();
87	};
88
89	struct sockinfo
90	{
91	u32 host;
92	u16 port;
93
94	void set (const SOCKADDR *sa)
95	{
96	host = sa->sin_addr.s_addr;
97	port = sa->sin_port;
98	}
99
100	sockinfo()
101	{
102	host = port = 0;
103	}
104
105	sockinfo(const SOCKADDR &sa)
106	{
107	set (&sa);
108	}
109
110	sockinfo(const SOCKADDR *sa)
111	{
112	set (sa);
113	}
114
115	SOCKADDR *sa()
116	{
117	static SOCKADDR sa;
118
119	sa.sin_family = AF_INET;
120	sa.sin_port = port;
121	sa.sin_addr.s_addr = host;
122
123	return &sa;
124	}
125
126	operator const char *();
127	};
128
129	inline bool
130	operator == (const sockinfo &a, const sockinfo &b)
131	{
132	return a.host == b.host && a.port == b.port;
133	}
134
135	inline bool
136	operator < (const sockinfo &a, const sockinfo &b)
137	{
138	return a.host < b.host
139	\|\| (a.host == b.host && a.port < b.port);
140	}
141
142	// only do action once every x seconds per host.
143	// currently this is quite a slow implementation,
144	// but suffices for normal operation.
145	struct u32_rate_limiter : private map<u32, time_t>
146	{
147	int every;
148
149	bool can (u32 host);
150
151	u32_rate_limiter (time_t every = 1)
152	{
153	this->every = every;
154	}
155	};
156
157	struct net_rate_limiter : u32_rate_limiter
158	{
159	bool can (SOCKADDR *sa) { return u32_rate_limiter::can((u32)sa->sin_addr.s_addr); }
160	bool can (sockinfo &si) { return u32_rate_limiter::can((u32)si.host); }
161
162	net_rate_limiter (time_t every) : u32_rate_limiter (every) {}
163	};
164
165	struct sliding_window {
166	u32 v[(WINDOWSIZE + 31) / 32];
167	u32 seq;
168
169	void reset (u32 seqno)
170	{
171	memset (v, -1, sizeof v);
172	seq = seqno;
173	}
174
175	bool recv_ok (u32 seqno)
176	{
177	if (seqno <= seq - WINDOWSIZE)
178	slog (L_ERR, _("received duplicate or outdated packet (received %08lx, expected %08lx)\n"
179	"possible replay attack, or just massive packet reordering"), seqno, seq + 1);//D
180	else if (seqno > seq + WINDOWSIZE)
181	slog (L_ERR, _("received duplicate or out-of-sync packet (received %08lx, expected %08lx)\n"
182	"possible replay attack, or just massive packet loss"), seqno, seq + 1);//D
183	else
184	{
185	while (seqno > seq)
186	{
187	seq++;
188
189	u32 s = seq % WINDOWSIZE;
190	u32 *cell = v + (s >> 5);
191	u32 mask = 1 << (s & 31);
192
193	*cell &= ~mask;
194	}
195
196	u32 s = seqno % WINDOWSIZE;
197	u32 *cell = v + (s >> 5);
198	u32 mask = 1 << (s & 31);
199
200	//printf ("received seqno %08lx, seq %08lx, mask %08lx is %08lx\n", seqno, seq, mask, ismask);
201	if (*cell & mask)
202	{
203	slog (L_ERR, _("received duplicate packet (received %08lx, expected %08lx)\n"
204	"possible replay attack, or just packet duplication"), seqno, seq + 1);//D
205	return false;
206	}
207	else
208	{
209	*cell \|= mask;
210	return true;
211	}
212	}
213	}
214	};
215
216	#endif
217