X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ian/git?p=userv-utils.git;a=blobdiff_plain;f=ipif%2Fforwarder.c;h=0112d90b79243a0f4542610cf40c50fd984a5f06;hp=015afbde7b082d23c1e5235195a051f740b9778f;hb=0f4b558c78aae6fda9f52287e1b53483e9435903;hpb=09966b4959fa31ea3f6746b6b6583907744484e1

diff --git a/ipif/forwarder.c b/ipif/forwarder.c
index 015afbd..0112d90 100644
--- a/ipif/forwarder.c
+++ b/ipif/forwarder.c
@@ -7,8 +7,8 @@
  *                      <encdec-keys-fd>
  *                      <mtu> <keepalive> <timeout>
  *                      <public-remote-addr> [<public-remote-port>]
- *                      <mech1> [<mech1-params> ...]
- *                      <mech2> [<mech2-params> ...]
+ *                      !<mech1> [<mech1-params> ...]
+ *                      !<mech2> [<mech2-params> ...]
  *                      ''
  *
  * Remote addr may '' to mean wait to receive a packet and reply to
@@ -17,7 +17,7 @@
  *
  * <optchars> is zero or more of
  *    w   means generate and write encdec keys, rather than reading them
- *    D   means do crypto debug (use with care!)
+ *    K   means do crypto debug (use with care!)
  *
  * Every must be numeric.  There is very little argument checking.
  *
@@ -49,6 +49,7 @@
 #define MAXMECHS 10
 
 static size_t buffer_size;
+static struct utsname uname_result;
 
 static const char *opt_chars;
 static int public_local_fd, private_in_fd, private_out_fd;
@@ -70,27 +71,38 @@ static time_t nextsendka;
 
 static void cdebug(int mechno /*or -1*/, const char *msg) {
   if (!crypto_debug) return;
-  printf("%s: CRYPTO: %-20s encrypt setup\n",
+  printf("%s: CRYPTO: %-20s %s\n",
 	 programid,
-	 mechno >= 0 ? mechs[i]->name : "",
+	 mechno >= 0 ? mechs[mechno]->name : "",
 	 msg);
 }
 
-static void cdebughex(int mechno /*or -1*/, const char *msg,
-		      size_t skipbefore, const void *ptr, size_t sz, size_t skipafter) {
+static void cdebughex(int mechno /*or -1*/, const char *msg, const void *ptr,
+		      size_t sz, size_t skipbefore,
+		      int spc_offset, int dot_offset) {
   const unsigned char *p;
+  size_t i;
+  unsigned j= dot_offset;
   
   if (!crypto_debug) return;
-  printf("%s: CRYPTO: %-20s %s",
-	 programid,
-	 mechno >= 0 ? mechs[i]->name : "",
+  printf("%-8.8s: CRYPTO: %-20s %-10s",
+	 uname_result.nodename,
+	 mechno >= 0 ? mechs[mechno]->name : "",
 	 msg);
-  for (i=0; i<skipbefore) fputs(" ..",stdout);
-  for (i=0, p=ptr; i<sz; i++, p++) fprintf(" %02x",*p);
-  for (i=0; i<skipafter) fputs(" ..",stdout);
+
+  for (i=0; i<spc_offset; i++, j++) fputs(j&3 ? "  " : "   ",stdout);
+  for (i=0; i<skipbefore; i++, j++) fputs(j&3 ? ".." : " ..",stdout);
+  for (i=0, p=ptr; i<sz; i++, j++, p++) printf(j&3 ? "%02x" : " %02x",*p);
+
   fputc('\n',stdout);
 }
 
+static void cdebugbuf(int mechno /*or -1*/, const char *msg,
+		      const struct buffer *buf, int spc_offset, int dot_offset) {
+  cdebughex(mechno, msg, buf->start, buf->size, buf->start - buf->base,
+	    spc_offset, dot_offset);
+}
+
 void get_random(void *ptr, size_t sz) {
   static FILE *randfile;
 
@@ -103,10 +115,10 @@ void get_random(void *ptr, size_t sz) {
   }
 
   r= fread(ptr,1,sz,randfile);
-  if (r == sz) return;
-  (ferror(randfile) ? sysfail : fail)("cannot read random number generator");
+  if (r != sz)
+    (ferror(randfile) ? sysfail : fail)("cannot read random number generator");
 
-  cdebughex(-1, "get_random", ptr, sz, 0,0);
+  cdebughex(-1, "get_random", ptr, sz, 0,0,0);
 }
 
 void random_key(void *ptr, size_t sz) {
@@ -128,12 +140,9 @@ static void setnonblock(int fd, int nonblock) {
   if (r==-1) sysfail("fcntl F_SETFL");
 }
 
-static const struct mechanism *getarg_mech(void) {
-  const char *name;
+static const struct mechanism *find_mech(const char *name) {
   const struct mechanism *mech, *const *mechlist;
 
-  name= getarg_string();
-
   for (mechlist= mechanismlists;
        *mechlist;
        mechlist++)
@@ -173,12 +182,14 @@ static void inbound(void) {
 
   assert(r <= buf_in.size);
   buf_in.size= r;
+  cdebugbuf(-1, "decode", &buf_in, 3,0);
   for (i=n_mechs-1; i>=0; i--) {
     emsg= mechs[i]->decode(md_in[i],&buf_in);
     if (emsg) {
       fprintf(stderr, "%s: bad packet: %s: %s\n", programid, mechs[i]->name, emsg);
       return;
     }
+    cdebugbuf(i, "decode", &buf_in, 3,0);
   }
 
   alarm(timeout);
@@ -232,7 +243,11 @@ static void sendpacket(const unsigned char *message, size_t size) {
 
   nextsendka= now() + keepalive;
 
-  for (i=0; i<n_mechs; i++) mechs[i]->encode(md_out[i],&buf_out);
+  cdebugbuf(-1, "encode", &buf_out, 4,0);
+  for (i=0; i<n_mechs; i++) {
+    mechs[i]->encode(md_out[i],&buf_out);
+    cdebugbuf(i, "encode", &buf_out, 4,0);
+  }
   assert(public_remote_specd);
   
   setnonblock(public_local_fd,1);
@@ -280,8 +295,9 @@ static void outbound(void) {
 
 int main(int argc, const char *const *const argv_in) {
   const char *arg;
+  const char *const *argv_save;
+  const char *const *argv_done;
   struct pollfd pollfds[2];
-  struct utsname uname_result;
   int i, polltimeout, r;
   time_t tnow;
 
@@ -291,8 +307,8 @@ int main(int argc, const char *const *const argv_in) {
   sprintf(programid, PROGRAM ": %.*s", SYS_NMLN, uname_result.nodename);
 
   opt_chars= getarg_string();
-  encdec_keys_write= !!strchr(opt_chars,"w");
-  crypto_debug= !!strchr(opt_chars,"D");
+  encdec_keys_write= !!strchr(opt_chars,'w');
+  crypto_debug= !!strchr(opt_chars,'K');
 
   public_local_fd= getarg_ulong();
   private_in_fd= getarg_ulong();
@@ -317,17 +333,26 @@ int main(int argc, const char *const *const argv_in) {
   }
 
   maxprefix= 0;
-  for (i=0; i<n_mechs; i++) {
-    mechs[i]= getarg_mech();
-  }
-  for (i=0; i<n_mechs; i++) {
-    cdebug(i,"encrypt setup");
+  i= 0;
+  while ((arg= *++argv)) {
+    arg_assert(*arg++ == '!');
+    arg_assert(i <= MAXMECHS);
+    mechs[i]= find_mech(arg);
+    cdebug(i,"encsetup");
+
+    argv_save= argv;
     mechs[i]->encsetup(&md_in[i], &maxprefix, &maxsuffix);
-  }
-  for (i=0; i<n_mechs; i++) {
-    cdebug(i,"decrypt setup");
+
+    argv_done= argv;
+    argv= argv_save;
+    cdebug(i,"decsetup");
     mechs[i]->decsetup(&md_out[i]);
+
+    assert(argv == argv_done);
+    
+    i++;
   }
+  n_mechs= i;
 
   if (maxprefix<1) maxprefix= 1;
   if (maxsuffix<1) maxsuffix= 1;