#include <bsd/sys/queue.h>
+#include "osdep.h"
+
#define MAX_PEER_ADDRS 5
/* send at most this many copies; honour at most that many addresses */
struct comm_if;
struct comm_addr;
struct priomsg;
+struct log_if;
+struct buffer_if;
+struct sigpubkey_if;
+struct sigprivkey_if;
typedef char *string_t;
typedef const char *cstring_t;
extern void init_builtin_modules(dict_t *dict);
+extern init_module pubkeys_init;
extern init_module resolver_module;
extern init_module random_module;
extern init_module udp_module;
extern init_module tun_module;
extern init_module sha1_module;
extern init_module log_module;
+extern init_module privcache_module;
/***** END of module support *****/
+/***** SIGNATURE SCHEMES *****/
+
+struct sigscheme_info;
+
+typedef bool_t sigscheme_loadpub(const struct sigscheme_info *algo,
+ struct buffer_if *pubkeydata,
+ struct sigpubkey_if **sigpub_r,
+ closure_t **closure_r,
+ struct log_if *log, struct cloc loc);
+ /* pubkeydata is (supposedly) for this algorithm.
+ * loadpub should log an error if it fails.
+ * pubkeydata may be modified (but not freed).
+ * both *sigpub_r and *closure_r must always be written and must
+ * refer to the same object, so on successful return
+ * (*closure_r)->type==CL_SIGPUBKEY
+ * and (*closure_r)->interface==*sigpub_r */
+
+typedef bool_t sigscheme_loadpriv(const struct sigscheme_info *algo,
+ struct buffer_if *privkeydata,
+ struct sigprivkey_if **sigpriv_r,
+ struct log_if *log, struct cloc loc);
+ /* Ideally, check whether privkeydata contains data for any algorithm.
+ * That avoids security problems if a key file is misidentified (which
+ * might happen if the file is simply renamed).
+ * If there is an error (including that the key data is not for this
+ * algorithm, return False and log an error at M_ERROR.
+ * On entry privkeydata->base==start. loadpriv may modify
+ * privkeydata, including the contents. */
+
+struct sigscheme_info {
+ const char *name;
+ const uint8_t algid;
+ sigscheme_loadpub *loadpub;
+ sigscheme_loadpriv *loadpriv;
+};
+
+extern const struct sigscheme_info rsa1_sigscheme;
+extern const struct sigscheme_info sigschemes[]; /* sentinel has name==0 */
+
+const struct sigscheme_info *sigscheme_lookup(const char *name);
+
+extern sigscheme_loadpriv rsa1_loadpriv;
+extern sigscheme_loadpub rsa1_loadpub;
+
+/***** END of signature schemes *****/
+
/***** CLOSURE TYPES and interface definitions *****/
#define CL_PURE 0
#define CL_HASH 12
#define CL_BUFFER 13
#define CL_NETLINK 14
+#define CL_PRIVCACHE 15
struct buffer_if;
sig_dispose_fn *dispose;
};
+/* PRIVCACHE interface */
+
+typedef struct sigprivkey_if *privcache_lookup_fn(void *st,
+ const struct sigkeyid *id,
+ struct log_if*);
+ /* Return is valid only until you return from the current event!
+ * You do not need to call ->sethash. */
+
+struct privcache_if {
+ void *st;
+ privcache_lookup_fn *lookup;
+};
+
/* COMM interface */
struct comm_addr {
extern void vslilog_part(struct log_if *lf, int class, const char *message,
va_list) FORMAT(printf,3,0);
+void cfgfile_log__vmsg(void *sst, int class, const char *message, va_list);
+struct cfgfile_log {
+ struct log_if log;
+ /* private fields */
+ struct cloc loc;
+ const char *facility;
+};
+static inline void cfgfile_log_init(struct cfgfile_log *cfl,
+ struct cloc loc, const char *facility)
+{
+ cfl->log.st=cfl;
+ cfl->log.vlogfn=cfgfile_log__vmsg;
+ cfl->loc=loc;
+ cfl->facility=facility;
+}
+
/* SITE interface */
/* Pretty much a placeholder; allows starting and stopping of processing,
extern void cfgfile_postreadcheck(struct cloc loc, FILE *f);
extern NORETURN(vcfgfatal_maybefile(FILE *maybe_f, struct cloc loc,
cstring_t facility, const char *message,
- va_list))
+ va_list, const char *suffix))
FORMAT(printf,4,0);
extern NORETURN(cfgfatal_maybefile(FILE *maybe_f, struct cloc loc,
cstring_t facility,