#include <stdlib.h>
#include <stdarg.h>
#include <stdio.h>
+#include <string.h>
+#include <assert.h>
#include <sys/poll.h>
#include <sys/types.h>
#include <sys/time.h>
#include <netinet/in.h>
-/*
- * Macros added by SGT for endianness-independence
- */
-#define GET_32BIT_MSB_FIRST(cp) \
- (((unsigned long)(unsigned char)(cp)[0] << 24) | \
- ((unsigned long)(unsigned char)(cp)[1] << 16) | \
- ((unsigned long)(unsigned char)(cp)[2] << 8) | \
- ((unsigned long)(unsigned char)(cp)[3]))
-
-#define PUT_32BIT_MSB_FIRST(cp, value) ( \
- (cp)[0] = (char)((value) >> 24), \
- (cp)[1] = (char)((value) >> 16), \
- (cp)[2] = (char)((value) >> 8), \
- (cp)[3] = (char)(value) )
-
typedef char *string_t;
typedef const char *cstring_t;
typedef enum {False,True} bool_t;
/***** END of utility functions *****/
+/***** START of max_start_pad handling *****/
+
+extern int32_t site_max_start_pad, transform_max_start_pad,
+ comm_max_start_pad;
+
+void update_max_start_pad(int32_t *our_module_global, int32_t our_instance);
+int32_t calculate_max_start_pad(void);
+
+/***** END of max_start_pad handling *****/
+
/***** SCHEDULING support */
/* If nfds_io is insufficient for your needs, set it to the required
extern init_module udp_module;
extern init_module util_module;
extern init_module site_module;
-extern init_module transform_module;
+extern init_module transform_eax_module;
+extern init_module transform_cbcmac_module;
extern init_module netlink_module;
extern init_module rsa_module;
extern init_module dh_module;
/* Returned string is in a static buffer. */
struct comm_if {
void *st;
- int32_t min_start_pad;
- int32_t min_end_pad;
comm_request_notify_fn *request_notify;
comm_release_notify_fn *release_notify;
comm_sendmsg_fn *sendmsg;
va_list args);
struct log_if {
void *st;
- log_msg_fn *log;
- log_vmsg_fn *vlog;
+ log_msg_fn *logfn; /* Do not call these directly - you don't get */
+ log_vmsg_fn *vlogfn; /* printf format checking. Use [v]slilog instead */
};
/* (convenience functions, defined in util.c) */
extern void slilog(struct log_if *lf, int class, const char *message, ...)
/* TRANSFORM interface */
/* A reversable transformation. Transforms buffer in-place; may add
- data to start or end. Maximum amount of data to be added specified
- in max_start_pad and max_end_pad. (Reverse transformations decrease
+ data to start or end. (Reverse transformations decrease
length, of course.) Transformations may be key-dependent, in which
case key material is passed in at initialisation time. They may
also depend on internal factors (eg. time) and keep internal
state. A struct transform_if only represents a particular type of
transformation; instances of the transformation (eg. with
- particular key material) have a different C type. */
+ particular key material) have a different C type. The same
+ secret key will be used in opposite directions between a pair of
+ secnets; one of these pairs will get direction==False, the other True. */
typedef struct transform_inst_if *transform_createinstance_fn(void *st);
-typedef bool_t transform_setkey_fn(void *st, uint8_t *key, int32_t keylen);
+typedef bool_t transform_setkey_fn(void *st, uint8_t *key, int32_t keylen,
+ bool_t direction);
typedef bool_t transform_valid_fn(void *st); /* 0: no key; 1: ok */
typedef void transform_delkey_fn(void *st);
typedef void transform_destroyinstance_fn(void *st);
struct transform_if {
void *st;
- int32_t max_start_pad; /* these three are all <<< INT_MAX */
- int32_t max_end_pad;
- int32_t keylen;
+ int capab_transformnum;
+ int32_t keylen; /* <<< INT_MAX */
transform_createinstance_fn *create;
};
#define MAXIMUM_LINK_QUALITY 3
typedef void netlink_link_quality_fn(void *st, uint32_t quality);
typedef void netlink_register_fn(void *st, netlink_deliver_fn *deliver,
- void *dst, int32_t max_start_pad,
- int32_t max_end_pad);
+ void *dst, uint32_t *localmtu_r /* NULL ok */);
typedef void netlink_output_config_fn(void *st, struct buffer_if *buf);
typedef bool_t netlink_check_config_fn(void *st, struct buffer_if *buf);
typedef void netlink_set_mtu_fn(void *st, int32_t new_mtu);
struct dh_if {
void *st;
int32_t len; /* Approximate size of modulus in bytes */
+ int32_t ceil_len; /* Number of bytes just sufficient to contain modulus */
dh_makepublic_fn *makepublic;
dh_makeshared_fn *makeshared;
};
#define M_FATAL 0x100
/* The fatal() family of functions require messages that do not end in '\n' */
-extern NORETURN(fatal(const char *message, ...));
-extern NORETURN(fatal_perror(const char *message, ...));
-extern NORETURN(fatal_status(int status, const char *message, ...));
-extern NORETURN(fatal_perror_status(int status, const char *message, ...));
+extern NORETURN(fatal(const char *message, ...)) FORMAT(printf,1,2);
+extern NORETURN(fatal_perror(const char *message, ...)) FORMAT(printf,1,2);
+extern NORETURN(fatal_status(int status, const char *message, ...))
+ FORMAT(printf,2,3);
+extern NORETURN(fatal_perror_status(int status, const char *message, ...))
+ FORMAT(printf,2,3);
/* The cfgfatal() family of functions require messages that end in '\n' */
extern NORETURN(cfgfatal(struct cloc loc, cstring_t facility,
- const char *message, ...));
+ const char *message, ...)) FORMAT(printf,3,4);
extern void cfgfile_postreadcheck(struct cloc loc, FILE *f);
extern NORETURN(vcfgfatal_maybefile(FILE *maybe_f, struct cloc loc,
cstring_t facility, const char *message,
- va_list));
+ va_list))
+ FORMAT(printf,4,0);
extern NORETURN(cfgfatal_maybefile(FILE *maybe_f, struct cloc loc,
cstring_t facility,
- const char *message, ...));
+ const char *message, ...))
+ FORMAT(printf,4,5);
extern void Message(uint32_t class, const char *message, ...)
FORMAT(printf,2,3);