chiark
/
gitweb
/
~ian
/
secnet.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
test: udp-preload: Proof of concept wrapping
[secnet.git]
/
site.c
diff --git
a/site.c
b/site.c
index bdc948a06dac5c896fb4fba3a1490ff140249a24..eb146e1baabd1c3e031c86b4960f2d7fd27d35b8 100644
(file)
--- a/
site.c
+++ b/
site.c
@@
-396,15
+396,23
@@
static uint32_t event_log_priority(struct site *st, uint32_t event)
}
}
}
}
+static uint32_t slog_start(struct site *st, uint32_t event)
+{
+ uint32_t class=event_log_priority(st, event);
+ if (class) {
+ slilog_part(st->log,class,"%s: ",st->tunname);
+ }
+ return class;
+}
+
static void vslog(struct site *st, uint32_t event, cstring_t msg, va_list ap)
FORMAT(printf,3,0);
static void vslog(struct site *st, uint32_t event, cstring_t msg, va_list ap)
{
uint32_t class;
static void vslog(struct site *st, uint32_t event, cstring_t msg, va_list ap)
FORMAT(printf,3,0);
static void vslog(struct site *st, uint32_t event, cstring_t msg, va_list ap)
{
uint32_t class;
- class=
event_log_priority(st,
event);
+ class=
slog_start(st,
event);
if (class) {
if (class) {
- slilog_part(st->log,class,"%s: ",st->tunname);
vslilog_part(st->log,class,msg,ap);
slilog_part(st->log,class,"\n");
}
vslilog_part(st->log,class,msg,ap);
slilog_part(st->log,class,"\n");
}
@@
-615,7
+623,9
@@
static void append_string_xinfo_done(struct buffer_if *buf,
/* Build any of msg1 to msg4. msg5 and msg6 are built from the inside
out using a transform of config data supplied by netlink */
/* Build any of msg1 to msg4. msg5 and msg6 are built from the inside
out using a transform of config data supplied by netlink */
-static bool_t generate_msg(struct site *st, uint32_t type, cstring_t what)
+static bool_t generate_msg(struct site *st, uint32_t type, cstring_t what,
+ const struct msg *prompt
+ /* may be 0 for MSG1 */)
{
string_t dhpub;
unsigned minor;
{
string_t dhpub;
unsigned minor;
@@
-796,10
+806,16
@@
static bool_t check_msg(struct site *st, uint32_t type, struct msg *m,
return False;
}
return False;
}
-static bool_t
generate_msg1
(struct site *st)
+static bool_t
kex_init
(struct site *st)
{
st->random->generate(st->random->st,NONCELEN,st->localN);
{
st->random->generate(st->random->st,NONCELEN,st->localN);
- return generate_msg(st,LABEL_MSG1,"site:MSG1");
+ return True;
+}
+
+static bool_t generate_msg1(struct site *st, const struct msg *prompt_maybe_0)
+{
+ return
+ generate_msg(st,LABEL_MSG1,"site:MSG1",prompt_maybe_0);
}
static bool_t process_msg1(struct site *st, struct buffer_if *msg1,
}
static bool_t process_msg1(struct site *st, struct buffer_if *msg1,
@@
-816,10
+832,11
@@
static bool_t process_msg1(struct site *st, struct buffer_if *msg1,
return True;
}
return True;
}
-static bool_t generate_msg2(struct site *st)
+static bool_t generate_msg2(struct site *st,
+ const struct msg *prompt_may_be_null)
{
{
- st->random->generate(st->random->st,NONCELEN,st->localN);
-
return generate_msg(st,LABEL_MSG2,"site:MSG2"
);
+ return
+
generate_msg(st,LABEL_MSG2,"site:MSG2",prompt_may_be_null
);
}
static bool_t process_msg2(struct site *st, struct buffer_if *msg2,
}
static bool_t process_msg2(struct site *st, struct buffer_if *msg2,
@@
-869,7
+886,7
@@
kind##_found: \
return True;
}
return True;
}
-static bool_t generate_msg3(struct site *st)
+static bool_t generate_msg3(struct site *st
, const struct msg *prompt
)
{
/* Now we have our nonce and their nonce. Think of a secret key,
and create message number 3. */
{
/* Now we have our nonce and their nonce. Think of a secret key,
and create message number 3. */
@@
-878,7
+895,7
@@
static bool_t generate_msg3(struct site *st)
(st->remote_capabilities & CAPAB_TRANSFORM_MASK)
? LABEL_MSG3BIS
: LABEL_MSG3,
(st->remote_capabilities & CAPAB_TRANSFORM_MASK)
? LABEL_MSG3BIS
: LABEL_MSG3,
- "site:MSG3");
+ "site:MSG3"
,prompt
);
}
static bool_t process_msg3_msg4(struct site *st, struct msg *m)
}
static bool_t process_msg3_msg4(struct site *st, struct msg *m)
@@
-964,11
+981,11
@@
kind##_found: \
return True;
}
return True;
}
-static bool_t generate_msg4(struct site *st)
+static bool_t generate_msg4(struct site *st
, const struct msg *prompt
)
{
/* We have both nonces, their public key and our private key. Generate
our public key, sign it and send it to them. */
{
/* We have both nonces, their public key and our private key. Generate
our public key, sign it and send it to them. */
- return generate_msg(st,LABEL_MSG4,"site:MSG4");
+ return generate_msg(st,LABEL_MSG4,"site:MSG4"
,prompt
);
}
static bool_t process_msg4(struct site *st, struct buffer_if *msg4,
}
static bool_t process_msg4(struct site *st, struct buffer_if *msg4,
@@
-1014,7
+1031,7
@@
static bool_t unpick_msg0(struct site *st, struct buffer_if *msg0,
/* Leaves transformed part of buffer untouched */
}
/* Leaves transformed part of buffer untouched */
}
-static bool_t generate_msg5(struct site *st)
+static bool_t generate_msg5(struct site *st
, const struct msg *prompt
)
{
cstring_t transform_err;
{
cstring_t transform_err;
@@
-1080,7
+1097,7
@@
static void create_msg6(struct site *st, struct transform_inst_if *transform,
buf_prepend_uint32(&st->buffer,session_id);
}
buf_prepend_uint32(&st->buffer,session_id);
}
-static bool_t generate_msg6(struct site *st)
+static bool_t generate_msg6(struct site *st
, const struct msg *prompt
)
{
if (!is_transform_valid(st->new_transform))
return False;
{
if (!is_transform_valid(st->new_transform))
return False;
@@
-1575,19
+1592,21
@@
static bool_t enter_new_state(struct site *st, uint32_t next,
const struct msg *prompt
/* may be 0 for SENTMSG1 */)
{
const struct msg *prompt
/* may be 0 for SENTMSG1 */)
{
- bool_t (*gen)(struct site *st, struct msg *prompt);
+ bool_t (*gen)(struct site *st,
const
struct msg *prompt);
int r;
slog(st,LOG_STATE,"entering state %s",state_name(next));
switch(next) {
case SITE_SENTMSG1:
state_assert(st,st->state==SITE_RUN || st->state==SITE_RESOLVE);
int r;
slog(st,LOG_STATE,"entering state %s",state_name(next));
switch(next) {
case SITE_SENTMSG1:
state_assert(st,st->state==SITE_RUN || st->state==SITE_RESOLVE);
+ if (!kex_init(st)) return False;
gen=generate_msg1;
st->msg1_crossed_logged = False;
break;
case SITE_SENTMSG2:
state_assert(st,st->state==SITE_RUN || st->state==SITE_RESOLVE ||
st->state==SITE_SENTMSG1 || st->state==SITE_WAIT);
gen=generate_msg1;
st->msg1_crossed_logged = False;
break;
case SITE_SENTMSG2:
state_assert(st,st->state==SITE_RUN || st->state==SITE_RESOLVE ||
st->state==SITE_SENTMSG1 || st->state==SITE_WAIT);
+ if (!kex_init(st)) return False;
gen=generate_msg2;
break;
case SITE_SENTMSG3:
gen=generate_msg2;
break;
case SITE_SENTMSG3:
@@
-1618,7
+1637,7
@@
static bool_t enter_new_state(struct site *st, uint32_t next,
if (hacky_par_start_failnow()) return False;
if (hacky_par_start_failnow()) return False;
- r= gen(st) && send_msg(st);
+ r= gen(st
,prompt
) && send_msg(st);
hacky_par_end(&r,
st->setup_retries, st->setup_retry_interval,
hacky_par_end(&r,
st->setup_retries, st->setup_retry_interval,