3 * - output and logging support
4 * - program lifetime support
5 * - IP address and subnet munging routines
6 * - MPI convenience functions
10 * Copyright (C) 1995--2001 Stephen Early <steve@greenend.org.uk>
12 * It is part of secnet, which is
13 * Copyright (C) 1995--2001 Stephen Early <steve@greenend.org.uk>
14 * Copyright (C) 1998 Ross Anderson, Eli Biham, Lars Knudsen
16 * This program is free software; you can redistribute it and/or modify
17 * it under the terms of the GNU General Public License as published by
18 * the Free Software Foundation; either version 2, or (at your option)
21 * This program is distributed in the hope that it will be useful,
22 * but WITHOUT ANY WARRANTY; without even the implied warranty of
23 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
24 * GNU General Public License for more details.
26 * You should have received a copy of the GNU General Public License
27 * along with this program; if not, write to the Free Software Foundation,
28 * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
41 #include "unaligned.h"
45 #define MIN_BUFFER_SIZE 64
46 #define DEFAULT_BUFFER_SIZE 4096
47 #define MAX_BUFFER_SIZE 131072
49 static const char *hexdigits="0123456789abcdef";
51 uint32_t current_phase=0;
56 struct phase_hook *next;
59 static struct phase_hook *hooks[NR_PHASES]={NULL,};
61 char *safe_strdup(const char *s, const char *message)
66 fatal_perror("%s",message);
71 void *safe_malloc(size_t size, const char *message)
78 fatal_perror("%s",message);
82 void *safe_realloc_ary(void *p, size_t size, size_t count,
83 const char *message) {
84 if (count >= INT_MAX/size) {
85 fatal("array allocation overflow: %s", message);
87 assert(size && count);
88 p = realloc(p, size*count);
90 fatal_perror("%s", message);
94 void *safe_malloc_ary(size_t size, size_t count, const char *message) {
97 return safe_realloc_ary(0,size,count,message);
100 /* Convert a buffer into its MP_INT representation */
101 void read_mpbin(MP_INT *a, uint8_t *bin, int binsize)
106 buff=safe_malloc(binsize*2 + 1,"read_mpbin");
108 for (i=0; i<binsize; i++) {
109 buff[i*2]=hexdigits[(bin[i] & 0xf0) >> 4];
110 buff[i*2+1]=hexdigits[(bin[i] & 0xf)];
114 mpz_set_str(a, buff, 16);
118 /* Convert a MP_INT into a hex string */
119 char *write_mpstring(MP_INT *a)
123 buff=safe_malloc(mpz_sizeinbase(a,16)+2,"write_mpstring");
124 mpz_get_str(buff, 16, a);
128 static uint8_t hexval(uint8_t c)
157 /* Convert a MP_INT into a buffer; return length; truncate if necessary */
158 int32_t write_mpbin(MP_INT *a, uint8_t *buffer, int32_t buflen)
163 if (buflen==0) return 0;
164 hb=write_mpstring(a);
169 /* The number starts with a half-byte */
170 buffer[i++]=hexval(hb[j++]);
172 for (; hb[j] && i<buflen; i++) {
173 buffer[i]=(hexval(hb[j])<<4)|hexval(hb[j+1]);
180 void setcloexec(int fd) {
181 int r=fcntl(fd, F_GETFD);
182 if (r<0) fatal_perror("fcntl(,F_GETFD) failed");
183 r=fcntl(fd, F_SETFD, r|FD_CLOEXEC);
184 if (r<0) fatal_perror("fcntl(,F_SETFD,|FD_CLOEXEC) failed");
187 void pipe_cloexec(int fd[2]) {
189 if (r) fatal_perror("pipe");
194 static const char *phases[NR_PHASES]={
200 "PHASE_GETRESOURCES",
206 void enter_phase(uint32_t new_phase)
208 struct phase_hook *i;
210 if (hooks[new_phase])
211 Message(M_DEBUG_PHASE,"Running hooks for %s...\n", phases[new_phase]);
212 current_phase=new_phase;
214 for (i=hooks[new_phase]; i; i=i->next)
215 i->fn(i->state, new_phase);
216 Message(M_DEBUG_PHASE,"Now in %s\n",phases[new_phase]);
219 bool_t add_hook(uint32_t phase, hook_fn *fn, void *state)
221 struct phase_hook *h;
223 h=safe_malloc(sizeof(*h),"add_hook");
226 h->next=hooks[phase];
231 bool_t remove_hook(uint32_t phase, hook_fn *fn, void *state)
233 fatal("remove_hook: not implemented");
238 void vslilog(struct log_if *lf, int priority, const char *message, va_list ap)
240 lf->vlogfn(lf->st,priority,message,ap);
243 void slilog(struct log_if *lf, int priority, const char *message, ...)
247 va_start(ap,message);
248 vslilog(lf,priority,message,ap);
254 struct buffer_if ops;
257 void buffer_assert_free(struct buffer_if *buffer, cstring_t file,
261 fprintf(stderr,"secnet: BUF_ASSERT_FREE, %s line %d, owned by %s",
262 file,line,buffer->owner);
263 assert(!"buffer_assert_free failure");
267 void buffer_assert_used(struct buffer_if *buffer, cstring_t file,
271 fprintf(stderr,"secnet: BUF_ASSERT_USED, %s line %d, last owned by %s",
272 file,line,buffer->owner);
273 assert(!"buffer_assert_used failure");
277 void buffer_init(struct buffer_if *buffer, int32_t max_start_pad)
279 assert(max_start_pad<=buffer->alloclen);
280 buffer->start=buffer->base+max_start_pad;
284 void *buf_append(struct buffer_if *buf, int32_t amount) {
286 assert(amount <= buf_remaining_space(buf));
287 p=buf->start + buf->size;
292 void *buf_prepend(struct buffer_if *buf, int32_t amount) {
293 assert(amount <= buf->start - buf->base);
295 return buf->start-=amount;
298 void *buf_unappend(struct buffer_if *buf, int32_t amount) {
299 if (buf->size < amount) return 0;
300 return buf->start+(buf->size-=amount);
303 void *buf_unprepend(struct buffer_if *buf, int32_t amount) {
305 if (buf->size < amount) return 0;
312 /* Append a two-byte length and the string to the buffer. Length is in
313 network byte order. */
314 void buf_append_string(struct buffer_if *buf, cstring_t s)
319 /* fixme: if string is longer than 65535, result is a corrupted packet */
320 buf_append_uint16(buf,len);
321 BUF_ADD_BYTES(append,buf,s,len);
324 void buffer_new(struct buffer_if *buf, int32_t len)
334 buf->base=safe_malloc(len,"buffer_new");
337 void buffer_readonly_view(struct buffer_if *buf, const void *data, int32_t len)
340 buf->owner="READONLY";
344 buf->size=buf->alloclen=len;
345 buf->base=buf->start=(uint8_t*)data;
348 void buffer_readonly_clone(struct buffer_if *out, const struct buffer_if *in)
350 buffer_readonly_view(out,in->start,in->size);
353 void buffer_copy(struct buffer_if *dst, const struct buffer_if *src)
355 if (dst->alloclen < src->alloclen) {
356 dst->base=realloc(dst->base,src->alloclen);
357 if (!dst->base) fatal_perror("buffer_copy");
358 dst->alloclen = src->alloclen;
360 dst->start = dst->base + (src->start - src->base);
361 dst->size = src->size;
362 memcpy(dst->start, src->start, dst->size);
365 static list_t *buffer_apply(closure_t *self, struct cloc loc, dict_t *context,
371 bool_t lockdown=False;
372 uint32_t len=DEFAULT_BUFFER_SIZE;
374 st=safe_malloc(sizeof(*st),"buffer_apply");
375 st->cl.description="buffer";
376 st->cl.type=CL_BUFFER;
378 st->cl.interface=&st->ops;
380 /* First argument, if present, is buffer length */
381 item=list_elem(args,0);
383 if (item->type!=t_number) {
384 cfgfatal(st->ops.loc,"buffer","first parameter must be a "
385 "number (buffer size)\n");
387 len=item->data.number;
388 if (len<MIN_BUFFER_SIZE) {
389 cfgfatal(st->ops.loc,"buffer","ludicrously small buffer size\n");
391 if (len>MAX_BUFFER_SIZE) {
392 cfgfatal(st->ops.loc,"buffer","ludicrously large buffer size\n");
395 /* Second argument, if present, is a dictionary */
396 item=list_elem(args,1);
398 if (item->type!=t_dict) {
399 cfgfatal(st->ops.loc,"buffer","second parameter must be a "
402 dict=item->data.dict;
403 lockdown=dict_read_bool(dict,"lockdown",False,"buffer",st->ops.loc,
407 buffer_new(&st->ops,len);
409 /* XXX mlock the buffer if possible */
412 return new_closure(&st->cl);
415 void send_nak(const struct comm_addr *dest, uint32_t our_index,
416 uint32_t their_index, uint32_t msgtype,
417 struct buffer_if *buf, const char *logwhy)
419 buffer_init(buf,calculate_max_start_pad());
420 buf_append_uint32(buf,their_index);
421 buf_append_uint32(buf,our_index);
422 buf_append_uint32(buf,LABEL_NAK);
424 Message(M_INFO,"%s: %08"PRIx32"<-%08"PRIx32": %08"PRIx32":"
425 " %s; sending NAK\n",
426 comm_addr_to_string(dest),
427 our_index, their_index, msgtype, logwhy);
428 dest->comm->sendmsg(dest->comm->st, buf, dest);
431 int consttime_memeq(const void *s1in, const void *s2in, size_t n)
433 const uint8_t *s1=s1in, *s2=s2in;
434 register volatile uint8_t accumulator=0;
437 accumulator |= (*s1++ ^ *s2++);
439 accumulator |= accumulator >> 4; /* constant-time */
440 accumulator |= accumulator >> 2; /* boolean canonicalisation */
441 accumulator |= accumulator >> 1;
447 void util_module(dict_t *dict)
449 add_closure(dict,"sysbuffer",buffer_apply);
452 void update_max_start_pad(int32_t *our_module_global, int32_t our_instance)
454 if (*our_module_global < our_instance)
455 *our_module_global=our_instance;
458 int32_t transform_max_start_pad, comm_max_start_pad;
460 int32_t calculate_max_start_pad(void)
464 transform_max_start_pad +
468 void vslilog_part(struct log_if *lf, int priority, const char *message, va_list ap)
475 assert(bp < LOG_MESSAGE_BUFLEN);
476 vsnprintf(buff+bp,LOG_MESSAGE_BUFLEN-bp,message,ap);
477 buff[LOG_MESSAGE_BUFLEN-1] = '\n';
478 buff[LOG_MESSAGE_BUFLEN] = '\0';
479 /* Each line is sent separately */
480 while ((nlp=strchr(buff,'\n'))) {
482 slilog(lf,priority,"%s",buff);
483 memmove(buff,nlp+1,strlen(nlp+1)+1);
487 extern void slilog_part(struct log_if *lf, int priority, const char *message, ...)
490 va_start(ap,message);
491 vslilog_part(lf,priority,message,ap);
495 void string_item_to_iaddr(const item_t *item, uint16_t port, union iaddr *ia,
500 ia->sin.sin_family=AF_INET;
501 ia->sin.sin_addr.s_addr=string_item_to_ipaddr(item,desc);
503 #else /* CONFIG_IPV6 => we have adns_text2addr */
505 if (item->type!=t_string)
506 cfgfatal(item->loc,desc,"expecting a string IP (v4 or v6) address\n");
507 socklen_t salen=sizeof(*ia);
508 int r=adns_text2addr(item->data.string, port,
509 adns_qf_addrlit_ipv4_quadonly,
512 if (r) cfgfatal(item->loc,desc,"invalid IP (v4 or v6) address: %s\n",
515 #endif /* CONFIG_IPV6 */
518 #define IADDR_NBUFS_SHIFT 3
519 #define IADDR_NBUFS (1 << IADDR_NBUFS_SHIFT)
521 const char *iaddr_to_string(const union iaddr *ia)
530 static char bufs[IADDR_NBUFS][100];
532 assert(ia->sa.sa_family == AF_INET);
534 snprintf(bufs[b], sizeof(bufs[b]), "[%s]:%d",
535 inet_ntoa(ia->sin.sin_addr),
536 ntohs(ia->sin.sin_port));
538 #else /* CONFIG_IPV6 => we have adns_addr2text */
540 static char bufs[IADDR_NBUFS][1+ADNS_ADDR2TEXT_BUFLEN+20];
544 char *addrbuf = bufs[b];
546 int addrbuflen = ADNS_ADDR2TEXT_BUFLEN;
548 int r = adns_addr2text(&ia->sa, 0, addrbuf, &addrbuflen, &port);
550 const char fmt[]= "scoped IPv6 addr, error: %.*s";
551 sprintf(addrbuf, fmt,
552 ADNS_ADDR2TEXT_BUFLEN - sizeof(fmt) /* underestimate */,
556 char *portbuf = addrbuf;
557 int addrl = strlen(addrbuf);
560 snprintf(portbuf, sizeof(bufs[b])-addrl, "]:%d", port);
562 #endif /* CONFIG_IPV6 */
567 bool_t iaddr_equal(const union iaddr *ia, const union iaddr *ib)
569 if (ia->sa.sa_family != ib->sa.sa_family)
571 switch (ia->sa.sa_family) {
573 return ia->sin.sin_addr.s_addr == ib->sin.sin_addr.s_addr
574 && ia->sin.sin_port == ib->sin.sin_port;
577 return !memcmp(&ia->sin6.sin6_addr, &ib->sin6.sin6_addr, 16)
578 && ia->sin6.sin6_scope_id == ib->sin6.sin6_scope_id
579 && ia->sin6.sin6_port == ib->sin6.sin6_port
580 /* we ignore the flowinfo field */;
581 #endif /* CONFIG_IPV6 */
587 int iaddr_socklen(const union iaddr *ia)
589 switch (ia->sa.sa_family) {
590 case AF_INET: return sizeof(ia->sin);
592 case AF_INET6: return sizeof(ia->sin6);
593 #endif /* CONFIG_IPV6 */