gvpe/src/util.h

/*
    util.h -- process management and other utility functions
    Copyright (C) 1998-2002 Ivo Timmermans <ivo@o2w.nl>
                  2000-2002 Guus Sliepen <guus@sliepen.eu.org>
                  2003-2008 Marc Lehmann <gvpe@schmorp.de>
 
    This file is part of GVPE.

    GVPE is free software; you can redistribute it and/or modify it
    under the terms of the GNU General Public License as published by the
    Free Software Foundation; either version 3 of the License, or (at your
    option) any later version.
   
    This program is distributed in the hope that it will be useful, but
    WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General
    Public License for more details.
   
    You should have received a copy of the GNU General Public License along
    with this program; if not, see <http://www.gnu.org/licenses/>.
   
    Additional permission under GNU GPL version 3 section 7
   
    If you modify this Program, or any covered work, by linking or
    combining it with the OpenSSL project's OpenSSL library (or a modified
    version of that library), containing parts covered by the terms of the
    OpenSSL or SSLeay licenses, the licensors of this Program grant you
    additional permission to convey the resulting work.  Corresponding
    Source for a non-source form of such a combination shall include the
    source code for the parts of OpenSSL used as well as that of the
    covered work.
*/

#ifndef UTIL_H__
#define UTIL_H__

#include <cstring>

#include <openssl/rsa.h>

#include "gettext.h"

#include "slog.h"
#include "ev_cpp.h"
#include "callback.h"

typedef ev_tstamp tstamp;

/*
 * check for an existing gvpe for this net, and write pid to pidfile
 */
extern int write_pidfile (void);

/*
 * kill older gvpe
 */
extern int kill_other (int signal);

/*
 * Detach from current terminal, write pidfile, kill parent
 */
extern int detach (int do_detach);

/*
 * check wether the given path is an absolute pathname
 */
#define ABSOLUTE_PATH(c) ((c)[0] == '/')

/*****************************************************************************/

typedef u8 mac[6];

extern void id2mac (unsigned int id, void *m);

#define mac2id(p) ((p)[0] & 0x01 ? 0 : ((p)[4] << 8) | (p)[5])

struct sliding_window
{
  u32 v[(WINDOWSIZE + 31) / 32];
  u32 seq;

  void reset (u32 seqno)
    {
      memset (v, -1, sizeof v);
      seq = seqno;
    }

  bool recv_ok (u32 seqno)
    {
      if (seqno <= seq - WINDOWSIZE)
        slog (L_ERR, _("received duplicate or outdated packet (received %08lx, expected %08lx)\n"
                       "possible replay attack, or just massive packet reordering"), seqno, seq + 1);
      else if (seqno > seq + WINDOWSIZE * 4)
        slog (L_ERR, _("received duplicate or out-of-sync packet (received %08lx, expected %08lx)\n"
                       "possible replay attack, or just massive packet loss"), seqno, seq + 1);
      else
        {
          while (seqno > seq)
            {
              seq++;

              u32 s = seq % WINDOWSIZE;
              u32 *cell = v + (s >> 5);
              u32 mask = 1 << (s & 31);

              *cell &= ~mask;
            }

          u32 s = seqno % WINDOWSIZE;
          u32 *cell = v + (s >> 5);
          u32 mask = 1 << (s & 31);

          if (*cell & mask)
            slog (L_ERR, _("received duplicate packet (received %08lx, expected %08lx)\n"
                           "possible replay attack, or just packet duplication"), seqno, seq + 1);
          else
            {
              *cell |= mask;
              return true;
            }
        }

      return false;
    }
};

typedef callback<const char * ()> run_script_cb;

// run a shell script (or actually an external program).
bool run_script (const run_script_cb &cb, bool wait);

#if ENABLE_HTTP_PROXY
u8 *base64_encode (const u8 *data, unsigned int len);
#endif

/*****************************************************************************/

typedef u8 rsaclear[RSA_KEYLEN - RSA_OVERHEAD]; // challenge data;
typedef u8 rsacrypt[RSA_KEYLEN]; // encrypted challenge

static inline void
rsa_encrypt (RSA *key, const rsaclear &chg, rsacrypt &encr)
{
  if (RSA_public_encrypt (sizeof chg,
                          (unsigned char *)&chg, (unsigned char *)&encr,
                          key, RSA_PKCS1_OAEP_PADDING) < 0)
    fatal ("RSA_public_encrypt error");
}

static inline bool
rsa_decrypt (RSA *key, const rsacrypt &encr, rsaclear &chg)
{
  return RSA_private_decrypt (sizeof encr,
                              (unsigned char *)&encr, (unsigned char *)&chg,
                              key, RSA_PKCS1_OAEP_PADDING) > 0;
}

#endif

Revision:	1.25
Committed:	Thu Aug 7 17:54:27 2008 UTC (15 years, 9 months ago) by pcg
Content type:	text/plain
Branch:	MAIN
Changes since 1.24:	+24 -14 lines
Log Message:	update to gplv3, finally
#	Content
1	/*
2	util.h -- process management and other utility functions
3	Copyright (C) 1998-2002 Ivo Timmermans <ivo@o2w.nl>
4	2000-2002 Guus Sliepen <guus@sliepen.eu.org>
5	2003-2008 Marc Lehmann <gvpe@schmorp.de>
6
7	This file is part of GVPE.
8
9	GVPE is free software; you can redistribute it and/or modify it
10	under the terms of the GNU General Public License as published by the
11	Free Software Foundation; either version 3 of the License, or (at your
12	option) any later version.
13
14	This program is distributed in the hope that it will be useful, but
15	WITHOUT ANY WARRANTY; without even the implied warranty of
16	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General
17	Public License for more details.
18
19	You should have received a copy of the GNU General Public License along
20	with this program; if not, see <http://www.gnu.org/licenses/>.
21
22	Additional permission under GNU GPL version 3 section 7
23
24	If you modify this Program, or any covered work, by linking or
25	combining it with the OpenSSL project's OpenSSL library (or a modified
26	version of that library), containing parts covered by the terms of the
27	OpenSSL or SSLeay licenses, the licensors of this Program grant you
28	additional permission to convey the resulting work. Corresponding
29	Source for a non-source form of such a combination shall include the
30	source code for the parts of OpenSSL used as well as that of the
31	covered work.
32	*/
33
34	#ifndef UTIL_H__
35	#define UTIL_H__
36
37	#include <cstring>
38
39	#include <openssl/rsa.h>
40
41	#include "gettext.h"
42
43	#include "slog.h"
44	#include "ev_cpp.h"
45	#include "callback.h"
46
47	typedef ev_tstamp tstamp;
48
49	/*
50	* check for an existing gvpe for this net, and write pid to pidfile
51	*/
52	extern int write_pidfile (void);
53
54	/*
55	* kill older gvpe
56	*/
57	extern int kill_other (int signal);
58
59	/*
60	* Detach from current terminal, write pidfile, kill parent
61	*/
62	extern int detach (int do_detach);
63
64	/*
65	* check wether the given path is an absolute pathname
66	*/
67	#define ABSOLUTE_PATH(c) ((c)[0] == '/')
68
69	/*****************************************************************************/
70
71	typedef u8 mac[6];
72
73	extern void id2mac (unsigned int id, void *m);
74
75	#define mac2id(p) ((p)[0] & 0x01 ? 0 : ((p)[4] << 8) \| (p)[5])
76
77	struct sliding_window
78	{
79	u32 v[(WINDOWSIZE + 31) / 32];
80	u32 seq;
81
82	void reset (u32 seqno)
83	{
84	memset (v, -1, sizeof v);
85	seq = seqno;
86	}
87
88	bool recv_ok (u32 seqno)
89	{
90	if (seqno <= seq - WINDOWSIZE)
91	slog (L_ERR, _("received duplicate or outdated packet (received %08lx, expected %08lx)\n"
92	"possible replay attack, or just massive packet reordering"), seqno, seq + 1);
93	else if (seqno > seq + WINDOWSIZE * 4)
94	slog (L_ERR, _("received duplicate or out-of-sync packet (received %08lx, expected %08lx)\n"
95	"possible replay attack, or just massive packet loss"), seqno, seq + 1);
96	else
97	{
98	while (seqno > seq)
99	{
100	seq++;
101
102	u32 s = seq % WINDOWSIZE;
103	u32 *cell = v + (s >> 5);
104	u32 mask = 1 << (s & 31);
105
106	*cell &= ~mask;
107	}
108
109	u32 s = seqno % WINDOWSIZE;
110	u32 *cell = v + (s >> 5);
111	u32 mask = 1 << (s & 31);
112
113	if (*cell & mask)
114	slog (L_ERR, _("received duplicate packet (received %08lx, expected %08lx)\n"
115	"possible replay attack, or just packet duplication"), seqno, seq + 1);
116	else
117	{
118	*cell \|= mask;
119	return true;
120	}
121	}
122
123	return false;
124	}
125	};
126
127	typedef callback<const char * ()> run_script_cb;
128
129	// run a shell script (or actually an external program).
130	bool run_script (const run_script_cb &cb, bool wait);
131
132	#if ENABLE_HTTP_PROXY
133	u8 base64_encode (const u8 data, unsigned int len);
134	#endif
135
136	/*****************************************************************************/
137
138	typedef u8 rsaclear[RSA_KEYLEN - RSA_OVERHEAD]; // challenge data;
139	typedef u8 rsacrypt[RSA_KEYLEN]; // encrypted challenge
140
141	static inline void
142	rsa_encrypt (RSA *key, const rsaclear &chg, rsacrypt &encr)
143	{
144	if (RSA_public_encrypt (sizeof chg,
145	(unsigned char )&chg, (unsigned char )&encr,
146	key, RSA_PKCS1_OAEP_PADDING) < 0)
147	fatal ("RSA_public_encrypt error");
148	}
149
150	static inline bool
151	rsa_decrypt (RSA *key, const rsacrypt &encr, rsaclear &chg)
152	{
153	return RSA_private_decrypt (sizeof encr,
154	(unsigned char )&encr, (unsigned char )&chg,
155	key, RSA_PKCS1_OAEP_PADDING) > 0;
156	}
157
158	#endif
159