X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=secnet.h;h=5c351afb44a6e04d3e78308a67627e4e383268a0;hb=686e21aa2afbd14c3e59962f02a31c4dcd62e5d8;hp=84e732d88fd2c952d5cbf5ddd9069b79246f67a1;hpb=bd7f386bb44f2f8e2c6d77ea176026e88176412e;p=secnet.git diff --git a/secnet.h b/secnet.h index 84e732d..5c351af 100644 --- a/secnet.h +++ b/secnet.h @@ -45,6 +45,8 @@ #include +#include "osdep.h" + #define MAX_PEER_ADDRS 5 /* send at most this many copies; honour at most that many addresses */ @@ -375,6 +377,7 @@ typedef void init_module(dict_t *dict); extern void init_builtin_modules(dict_t *dict); +extern init_module pubkeys_init; extern init_module resolver_module; extern init_module random_module; extern init_module udp_module; @@ -402,22 +405,28 @@ struct sigscheme_info; typedef bool_t sigscheme_loadpub(const struct sigscheme_info *algo, struct buffer_if *pubkeydata, struct sigpubkey_if **sigpub_r, - struct log_if *log); + closure_t **closure_r, + struct log_if *log, struct cloc loc); /* pubkeydata is (supposedly) for this algorithm. * loadpub should log an error if it fails. - * pubkeydata may be modified (but not freed) */ + * pubkeydata may be modified (but not freed). + * both *sigpub_r and *closure_r must always be written and must + * refer to the same object, so on successful return + * (*closure_r)->type==CL_SIGPUBKEY + * and (*closure_r)->interface==*sigpub_r */ typedef bool_t sigscheme_loadpriv(const struct sigscheme_info *algo, struct buffer_if *privkeydata, struct sigprivkey_if **sigpriv_r, - struct log_if *log); - /* privkeydata may contain data for any algorithm, not necessarily - * this one! If it is not for this algorithm, return False and do - * not log anything (other than at M_DEBUG). If it *is* for this - * algorithm but is wrong, log at M_ERROR. - * On entry privkeydata->base==start. loadpriv may modify base and - * size, but not anything else. So it may use unprepend and - * unappend. */ + closure_t **closure_r, + struct log_if *log, struct cloc loc); + /* Ideally, check whether privkeydata contains data for any algorithm. + * That avoids security problems if a key file is misidentified (which + * might happen if the file is simply renamed). + * If there is an error (including that the key data is not for this + * algorithm, return False and log an error at M_ERROR. + * On entry privkeydata->base==start. loadpriv may modify + * privkeydata, including the contents. */ struct sigscheme_info { const char *name; @@ -429,6 +438,11 @@ struct sigscheme_info { extern const struct sigscheme_info rsa1_sigscheme; extern const struct sigscheme_info sigschemes[]; /* sentinel has name==0 */ +const struct sigscheme_info *sigscheme_lookup(const char *name); + +extern sigscheme_loadpriv rsa1_loadpriv; +extern sigscheme_loadpub rsa1_loadpub; + /***** END of signature schemes *****/ /***** CLOSURE TYPES and interface definitions *****/ @@ -627,6 +641,24 @@ FORMAT(printf,3,4); extern void vslilog_part(struct log_if *lf, int class, const char *message, va_list) FORMAT(printf,3,0); +void cfgfile_log__vmsg(void *sst, int class, const char *message, va_list); +struct cfgfile_log { + struct log_if log; + /* private fields */ + struct cloc loc; + const char *facility; +}; +static inline void cfgfile_log_init(struct cfgfile_log *cfl, + struct cloc loc, const char *facility) +{ + cfl->log.st=cfl; + cfl->log.vlogfn=cfgfile_log__vmsg; + cfl->loc=loc; + cfl->facility=facility; +} + +void log_early_init(void); + /* SITE interface */ /* Pretty much a placeholder; allows starting and stopping of processing, @@ -805,7 +837,7 @@ extern NORETURN(cfgfatal(struct cloc loc, cstring_t facility, extern void cfgfile_postreadcheck(struct cloc loc, FILE *f); extern NORETURN(vcfgfatal_maybefile(FILE *maybe_f, struct cloc loc, cstring_t facility, const char *message, - va_list)) + va_list, const char *suffix)) FORMAT(printf,4,0); extern NORETURN(cfgfatal_maybefile(FILE *maybe_f, struct cloc loc, cstring_t facility,