X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=secnet.h;h=fd4b48f70cbeed0fd78d9ccafa7f201c8668292d;hb=147b444d6faa9a621e33d653b7a72c29724203c3;hp=84e732d88fd2c952d5cbf5ddd9069b79246f67a1;hpb=1b8af2f7f86131a5364f2270865895ea597c591e;p=secnet.git diff --git a/secnet.h b/secnet.h index 84e732d..fd4b48f 100644 --- a/secnet.h +++ b/secnet.h @@ -45,6 +45,8 @@ #include +#include "osdep.h" + #define MAX_PEER_ADDRS 5 /* send at most this many copies; honour at most that many addresses */ @@ -196,7 +198,7 @@ extern item_t *list_elem(list_t *l, int32_t index); extern list_t *new_closure(closure_t *cl); extern void add_closure(dict_t *dict, cstring_t name, apply_fn apply); extern void *find_cl_if(dict_t *dict, cstring_t name, uint32_t type, - bool_t fail_if_invalid, cstring_t desc, + bool_t required, cstring_t desc, struct cloc loc); extern item_t *dict_find_item(dict_t *dict, cstring_t key, bool_t required, cstring_t desc, struct cloc loc); @@ -375,6 +377,7 @@ typedef void init_module(dict_t *dict); extern void init_builtin_modules(dict_t *dict); +extern init_module pubkeys_init; extern init_module resolver_module; extern init_module random_module; extern init_module udp_module; @@ -402,22 +405,28 @@ struct sigscheme_info; typedef bool_t sigscheme_loadpub(const struct sigscheme_info *algo, struct buffer_if *pubkeydata, struct sigpubkey_if **sigpub_r, - struct log_if *log); + closure_t **closure_r, + struct log_if *log, struct cloc loc); /* pubkeydata is (supposedly) for this algorithm. * loadpub should log an error if it fails. - * pubkeydata may be modified (but not freed) */ + * pubkeydata may be modified (but not freed). + * both *sigpub_r and *closure_r must always be written and must + * refer to the same object, so on successful return + * (*closure_r)->type==CL_SIGPUBKEY + * and (*closure_r)->interface==*sigpub_r */ typedef bool_t sigscheme_loadpriv(const struct sigscheme_info *algo, struct buffer_if *privkeydata, struct sigprivkey_if **sigpriv_r, - struct log_if *log); - /* privkeydata may contain data for any algorithm, not necessarily - * this one! If it is not for this algorithm, return False and do - * not log anything (other than at M_DEBUG). If it *is* for this - * algorithm but is wrong, log at M_ERROR. - * On entry privkeydata->base==start. loadpriv may modify base and - * size, but not anything else. So it may use unprepend and - * unappend. */ + closure_t **closure_r, + struct log_if *log, struct cloc loc); + /* Ideally, check whether privkeydata contains data for any algorithm. + * That avoids security problems if a key file is misidentified (which + * might happen if the file is simply renamed). + * If there is an error (including that the key data is not for this + * algorithm, return False and log an error at M_ERROR. + * On entry privkeydata->base==start. loadpriv may modify + * privkeydata, including the contents. */ struct sigscheme_info { const char *name; @@ -429,6 +438,11 @@ struct sigscheme_info { extern const struct sigscheme_info rsa1_sigscheme; extern const struct sigscheme_info sigschemes[]; /* sentinel has name==0 */ +const struct sigscheme_info *sigscheme_lookup(const char *name); + +extern sigscheme_loadpriv rsa1_loadpriv; +extern sigscheme_loadpub rsa1_loadpub; + /***** END of signature schemes *****/ /***** CLOSURE TYPES and interface definitions *****/ @@ -492,7 +506,6 @@ struct random_if { /* SIGPUBKEY interface */ -typedef void sig_sethash_fn(void *st, struct hash_if *hash); typedef void sig_dispose_fn(void *st); typedef bool_t sig_unpick_fn(void *sst, struct buffer_if *msg, @@ -501,7 +514,6 @@ typedef bool_t sig_checksig_fn(void *st, uint8_t *data, int32_t datalen, const struct alg_msg_data *sig); struct sigpubkey_if { void *st; - sig_sethash_fn *sethash; /* must be called before use, if non-0 */ sig_unpick_fn *unpick; sig_checksig_fn *check; const struct hash_if *hash; @@ -516,7 +528,6 @@ typedef bool_t sig_makesig_fn(void *st, uint8_t *data, int32_t datalen, struct buffer_if *msg); struct sigprivkey_if { void *st; - sig_sethash_fn *sethash; /* must be called before use, if non-0 */ sig_makesig_fn *sign; const struct hash_if *hash; sig_dispose_fn *dispose; @@ -527,8 +538,7 @@ struct sigprivkey_if { typedef struct sigprivkey_if *privcache_lookup_fn(void *st, const struct sigkeyid *id, struct log_if*); - /* Return is valid only until you return from the current event! - * You do not need to call ->sethash. */ + /* Return is valid only until you return from the current event! */ struct privcache_if { void *st; @@ -627,15 +637,33 @@ FORMAT(printf,3,4); extern void vslilog_part(struct log_if *lf, int class, const char *message, va_list) FORMAT(printf,3,0); +void cfgfile_log__vmsg(void *sst, int class, const char *message, va_list); +struct cfgfile_log { + struct log_if log; + /* private fields */ + struct cloc loc; + const char *facility; +}; +static inline void cfgfile_log_init(struct cfgfile_log *cfl, + struct cloc loc, const char *facility) +{ + cfl->log.st=cfl; + cfl->log.vlogfn=cfgfile_log__vmsg; + cfl->loc=loc; + cfl->facility=facility; +} + +void log_early_init(void); + /* SITE interface */ /* Pretty much a placeholder; allows starting and stopping of processing, key expiry, etc. */ -typedef void site_control_fn(void *st, bool_t run); +typedef void site_startup_fn(void *st); typedef uint32_t site_status_fn(void *st); struct site_if { void *st; - site_control_fn *control; + site_startup_fn *startup; site_status_fn *status; }; @@ -754,6 +782,8 @@ struct hash_if { hash_final_fn *final; }; +extern struct hash_if *const sha1_hash_if; /* for where this is hardcoded */ + /* BUFFER interface */ struct buffer_if { @@ -805,7 +835,7 @@ extern NORETURN(cfgfatal(struct cloc loc, cstring_t facility, extern void cfgfile_postreadcheck(struct cloc loc, FILE *f); extern NORETURN(vcfgfatal_maybefile(FILE *maybe_f, struct cloc loc, cstring_t facility, const char *message, - va_list)) + va_list, const char *suffix)) FORMAT(printf,4,0); extern NORETURN(cfgfatal_maybefile(FILE *maybe_f, struct cloc loc, cstring_t facility,