#include "error.h"
-/** holds information about one encrypted connection */
+/** Information about one encrypted connection. */
struct crypt_data {
- /** function used to decrypt received data */
+ /** Function used to decrypt received data. */
crypt_function *recv;
- /** function used to encrypt data to be sent */
+ /** Function used to encrypt data to be sent. */
crypt_function *send;
- /** context-dependent data, passed to \a recv() and \a send() */
+ /**
+ * Context-dependent data (crypt keys), passed verbatim to the above
+ * crypt functions.
+ */
void *private_data;
};
-/** array holding per fd crypt data per */
+/** Array holding per fd crypt data. */
static struct crypt_data *crypt_data_array;
-/** current size of the crypt data array */
+/** Current size of the crypt data array. */
static unsigned cda_size = 0;
-
/**
* activate encryption for one file descriptor
*
cf = crypt_data_array[fd].send;
if (cf) {
void *private = crypt_data_array[fd].private_data;
- unsigned char *outbuf = para_malloc(len);
+ /* RC4 may write more than len to the output buffer */
+ unsigned char *outbuf = para_malloc(ROUND_UP(len, 8));
(*cf)(len, (unsigned char *)buf, outbuf, private);
ret = sendall(fd, (char *)outbuf, &len);
free(outbuf);
}
/**
- * prepare, create, and bind and socket for local communication
+ * Prepare, create, and bind a socket for local communication.
*
- * \param name the socket pathname
- * \param unix_addr pointer to the \p AF_UNIX socket structure
- * \param mode the desired mode of the socket
+ * \param name The socket pathname.
+ * \param unix_addr Pointer to the \p AF_UNIX socket structure.
+ * \param mode The desired mode of the socket.
*
* This functions creates a local socket for sequenced, reliable,
* two-way, connection-based byte streams.
* \sa bind(2)
* \sa chmod(2)
*/
-int create_pf_socket(const char *name, struct sockaddr_un *unix_addr,
+int create_local_socket(const char *name, struct sockaddr_un *unix_addr,
mode_t mode)
{
int fd, ret;
- fd = socket(PF_UNIX, SOCK_STREAM, 0);
- if (fd < 0)
- return -E_SOCKET;
-// unlink(name);
ret = init_unix_addr(unix_addr, name);
if (ret < 0)
return ret;
+ fd = socket(PF_UNIX, SOCK_STREAM, 0);
+ if (fd < 0)
+ return -E_SOCKET;
+ ret = -E_BIND;
if (bind(fd, (struct sockaddr *) unix_addr, UNIX_PATH_MAX) < 0)
- return -E_BIND;
+ goto err;
+ ret = -E_CHMOD;
if (chmod(name, mode) < 0)
- return -E_CHMOD;
+ goto err;
return fd;
+err:
+ close(fd);
+ return ret;
}
#ifndef HAVE_UCRED