CPPFLAGS += -Wbad-function-cast
CPPFLAGS += -fno-strict-aliasing
CPPFLAGS += -DMAIN_INPUT_FILE_IS_$(*F)
-CPPFLAGS += @SSL_CPPFLAGS@
CPPFLAGS += @arch_cppflags@
CPPFLAGS += -I/usr/local/include
CPPFLAGS += -I$(cmdline_dir)
$(man_dir):
mkdir -p $@
+$(object_dir)/crypt.o: crypt.c | $(object_dir)
+ @[ -z "$(Q)" ] || echo 'CC $<'
+ $(Q) $(CC) -c -o $@ $(CPPFLAGS) $(DEBUG_CPPFLAGS) @openssl_cppflags@ $<
$(object_dir)/spx_common.o: spx_common.c | $(object_dir)
@[ -z "$(Q)" ] || echo 'CC $<'
$(Q) $(CC) -c -o $@ $(CPPFLAGS) $(DEBUG_CPPFLAGS) @ogg_cppflags@ $<
- The git version reported by --version always matches HEAD.
- The autogen script detects the number of processors and
runs a parallel make if possible.
+ - Major cleanup of the crypto API.
------------------------------------------
0.4.6 (2011-03-31) "deterministic entropy"
/** \file afh.c Paraslash's standalone audio format handler tool. */
#include <regex.h>
-#include <dirent.h>
#include <sys/time.h>
#include "para.h"
#include <sys/mman.h> /* mmap */
#include <sys/time.h> /* gettimeofday */
#include <sys/types.h>
-#include <dirent.h>
#include <regex.h>
#include "para.h"
#include <regex.h>
#include <signal.h>
#include <fnmatch.h>
-#include <openssl/rc4.h>
#include <osl.h>
#include "server.cmdline.h"
#include "afh.h"
#include "afs.h"
#include "server.h"
-#include <dirent.h> /* readdir() */
-#include <sys/mman.h>
-#include <sys/time.h>
#include "net.h"
#include "ipc.h"
#include "list.h"
* Result handler for sending data to the para_client process.
*
* \param result The data to be sent.
- * \param private Pointer to rc4 context.
+ * \param private Pointer to the context.
*
- * \return The return value of the underlying call to rc4_send_bin_buffer().
+ * \return The return value of the underlying call to sc_send_bin_buffer().
*
- * \sa \ref callback_result_handler, \ref rc4_send_bin_buffer().
+ * \sa \ref callback_result_handler, \ref sc_send_bin_buffer().
*/
-int rc4_send_result(struct osl_object *result, void *private)
+int sc_send_result(struct osl_object *result, void *private)
{
- struct rc4_context *rc4c = private;
+ struct stream_cipher_context *scc = private;
if (!result->size)
return 1;
- return rc4_send_bin_buffer(rc4c, result->data, result->size);
+ return sc_send_bin_buffer(scc, result->data, result->size);
}
-int com_select(struct rc4_context *rc4c, int argc, char * const * const argv)
+int com_select(struct stream_cipher_context *scc, int argc, char * const * const argv)
{
struct osl_object query;
query.data = argv[1];
query.size = strlen(argv[1]) + 1;
return send_callback_request(com_select_callback, &query,
- &rc4_send_result, rc4c);
+ &sc_send_result, scc);
}
static void init_admissible_files(char *arg)
free(pb.buf);
}
-int com_init(struct rc4_context *rc4c, int argc, char * const * const argv)
+int com_init(struct stream_cipher_context *scc, int argc, char * const * const argv)
{
int i, j, ret;
uint32_t table_mask = (1 << (NUM_AFS_TABLES + 1)) - 1;
}
}
ret = send_callback_request(create_tables_callback, &query,
- rc4_send_result, rc4c);
+ sc_send_result, scc);
if (ret < 0)
- return rc4_send_va_buffer(rc4c, "%s\n", para_strerror(-ret));
+ return sc_send_va_buffer(scc, "%s\n", para_strerror(-ret));
return ret;
}
CHECK_PLAYLISTS = 4
};
-int com_check(struct rc4_context *rc4c, int argc, char * const * const argv)
+int com_check(struct stream_cipher_context *scc, int argc, char * const * const argv)
{
unsigned flags = 0;
int i, ret;
flags = ~0U;
if (flags & CHECK_AFT) {
ret = send_callback_request(aft_check_callback, NULL,
- rc4_send_result, rc4c);
+ sc_send_result, scc);
if (ret < 0)
return ret;
}
if (flags & CHECK_PLAYLISTS) {
ret = send_callback_request(playlist_check_callback,
- NULL, rc4_send_result, rc4c);
+ NULL, sc_send_result, scc);
if (ret < 0)
return ret;
}
if (flags & CHECK_MOODS) {
ret = send_callback_request(mood_check_callback, NULL,
- rc4_send_result, rc4c);
+ sc_send_result, scc);
if (ret < 0)
return ret;
}
HC: Prototypes for the commands of the audio file selector.
CC: Array of commands for the audio file selector.
AT: server_command
-SI: openssl/rc4 osl regex
+SI: osl regex
IN: para error crypt command string afh afs server list user_list
SN: list of afs commands
TM: mood lyr img pl
---
T: add
N: add@member@
-O: int com_add@member@(struct rc4_context *rc4c, int argc, char * const * const argv);
+O: int com_add@member@(struct stream_cipher_context *scc, int argc, char * const * const argv);
P: AFS_READ | AFS_WRITE
D: Read data from stdin and add it as a blob to the @member@ table.
U: add@member@ @member@_name
---
T: cat
N: cat@member@
-O: int com_cat@member@(struct rc4_context *rc4c, int argc, char * const * const argv);
+O: int com_cat@member@(struct stream_cipher_context *scc, int argc, char * const * const argv);
P: AFS_READ
D: Dump the contents of a blob of type @member@ to stdout.
U: cat@member@ @member@_name
---
T: ls
N: ls@member@
-O: int com_ls@member@(struct rc4_context *rc4c, int argc, char * const * const argv);
+O: int com_ls@member@(struct stream_cipher_context *scc, int argc, char * const * const argv);
P: AFS_READ
D: List blobs of type @member@ matching a pattern.
U: ls@member@ [-i] [-l] [-r] [pattern]
---
T: rm
N: rm@member@
-O: int com_rm@member@(struct rc4_context *rc4c, int argc, char * const * const argv);
+O: int com_rm@member@(struct stream_cipher_context *scc, int argc, char * const * const argv);
P: AFS_READ | AFS_WRITE
D: Remove blob(s) of type @member@ from the @member@ table.
U: rm@member@ pattern...
---
T: mv
N: mv@member@
-O: int com_mv@member@(struct rc4_context *rc4c, int argc, char * const * const argv);
+O: int com_mv@member@(struct stream_cipher_context *scc, int argc, char * const * const argv);
P: AFS_READ | AFS_WRITE
D: Rename a blob of type @member@.
U: mv@member@ old_@member@_name new_@member@_name
/** \file afs.h Exported symbols of the audio file selector. */
#include <regex.h>
-#include "hash.h"
/** Audio file selector data stored in the audio file table. */
struct afs_info {
char *path;
/** The score value (if -a was given). */
long score;
- /** The sha1 hash of audio file. */
- HASH_TYPE *hash;
+ /** The hash value of audio file data. */
+ unsigned char *hash;
};
/** Data about the current audio file, passed from afs to server. */
* \sa \ref send_callback_request().
*/
typedef int callback_result_handler(struct osl_object *result, void *private);
-int rc4_send_result(struct osl_object *result, void *private);
+int sc_send_result(struct osl_object *result, void *private);
int pass_buffer_as_shm(char *buf, size_t size, void *fd_ptr);
__noreturn void afs_init(uint32_t cookie, int socket_fd);
/** \file aft.c Audio file table functions. */
#include <regex.h>
-#include <dirent.h> /* readdir() */
-#include <openssl/rc4.h>
#include <sys/mman.h>
#include <fnmatch.h>
#include <sys/shm.h>
*/
static int aft_hash_compare(const struct osl_object *obj1, const struct osl_object *obj2)
{
- return hash_compare((HASH_TYPE *)obj1->data, (HASH_TYPE *)obj2->data);
+ return hash_compare((unsigned char *)obj1->data, (unsigned char *)obj2->data);
}
static struct osl_column_description aft_cols[] = {
*
* \return Standard.
*/
-static int aft_get_row_of_hash(HASH_TYPE *hash, struct osl_row **row)
+static int aft_get_row_of_hash(unsigned char *hash, struct osl_row **row)
{
const struct osl_object obj = {.data = hash, .size = HASH_SIZE};
return osl(osl_get_row(audio_file_table, AFTCOL_HASH, &obj, row));
* \return The return value of the underlying call to
* get_hash_object_of_aft_row().
*/
-static int get_hash_of_row(const struct osl_row *row, HASH_TYPE **hash)
+static int get_hash_of_row(const struct osl_row *row, unsigned char **hash)
{
struct osl_object obj;
int ret = get_hash_object_of_aft_row(row, &obj);
static int make_status_items(struct audio_file_data *afd,
struct afs_info *afsi, char *path, long score,
- HASH_TYPE *hash)
+ unsigned char *hash)
{
struct ls_data d = {
.afhi = afd->afhi,
int open_and_update_audio_file(struct osl_row *aft_row, long score,
struct audio_file_data *afd)
{
- HASH_TYPE *aft_hash, file_hash[HASH_SIZE];
+ unsigned char *aft_hash, file_hash[HASH_SIZE];
struct osl_object afsi_obj;
struct afs_info old_afsi, new_afsi;
int ret = get_hash_of_row(aft_row, &aft_hash);
/*
* TODO: flags -h (sort by hash)
*/
-int com_ls(struct rc4_context *rc4c, int argc, char * const * const argv)
+int com_ls(struct stream_cipher_context *scc, int argc, char * const * const argv)
{
int i, ret;
unsigned flags = 0;
opts.mode = mode;
opts.num_patterns = argc - i;
ret = send_option_arg_callback_request(&query, opts.num_patterns,
- argv + i, com_ls_callback, rc4_send_result, rc4c);
+ argv + i, com_ls_callback, sc_send_result, scc);
return ret;
}
func));
}
-static struct osl_row *find_hash_sister(HASH_TYPE *hash)
+static struct osl_row *find_hash_sister(unsigned char *hash)
{
const struct osl_object obj = {.data = hash, .size = HASH_SIZE};
struct osl_row *row;
* It's OK to call this with afhi == NULL. In this case, the audio format
* handler info won't be stored in the buffer.
*/
-static void save_add_callback_buffer(HASH_TYPE *hash, const char *path,
+static void save_add_callback_buffer(unsigned char *hash, const char *path,
struct afh_info *afhi, uint32_t flags,
uint8_t audio_format_num, struct osl_object *obj)
{
struct osl_row *pb, *aft_row;
struct osl_row *hs;
struct osl_object objs[NUM_AFT_COLUMNS];
- HASH_TYPE *hash;
+ unsigned char *hash;
char asc[2 * HASH_SIZE + 1];
int ret;
char afsi_buf[AFSI_SIZE];
.max_size_handler = pass_buffer_as_shm, .private_data = &fd};
uint16_t afhi_offset, chunks_offset;
- hash = (HASH_TYPE *)buf + CAB_HASH_OFFSET;
+ hash = (unsigned char *)buf + CAB_HASH_OFFSET;
hash_to_asc(hash, asc);;
objs[AFTCOL_HASH].data = buf + CAB_HASH_OFFSET;
objs[AFTCOL_HASH].size = HASH_SIZE;
objs[AFTCOL_CHUNKS].size = query->size - chunks_offset;
if (pb && !hs) { /* update pb's hash */
char old_asc[2 * HASH_SIZE + 1];
- HASH_TYPE *old_hash;
+ unsigned char *old_hash;
ret = get_hash_of_row(pb, &old_hash);
if (ret < 0)
goto out;
/** Used by com_add(). */
struct private_add_data {
- /** The socket file descriptor, including rc4 keys. */
- struct rc4_context *rc4c;
+ /** The socket file descriptor, including stream cipher keys. */
+ struct stream_cipher_context *scc;
/** The given add flags. */
uint32_t flags;
};
static void hash_sister_callback(int fd, const struct osl_object *query)
{
- HASH_TYPE *hash = query->data;
+ unsigned char *hash = query->data;
struct osl_row *hash_sister;
hash_sister = find_hash_sister(hash);
struct afh_info afhi, *afhi_ptr = NULL;
struct osl_row *pb = NULL, *hs = NULL; /* path brother/hash sister */
struct osl_object map, obj = {.data = NULL}, query;
- HASH_TYPE hash[HASH_SIZE];
+ unsigned char hash[HASH_SIZE];
ret = guess_audio_format(path);
if (ret < 0 && !(pad->flags & ADD_FLAG_ALL))
ret = 1;
if (pb && (pad->flags & ADD_FLAG_LAZY)) { /* lazy is really cheap */
if (pad->flags & ADD_FLAG_VERBOSE)
- send_ret = rc4_send_va_buffer(pad->rc4c,
+ send_ret = sc_send_va_buffer(pad->scc,
"lazy-ignore: %s\n", path);
goto out_free;
}
ret = 1;
if (pb && hs && hs == pb && !(pad->flags & ADD_FLAG_FORCE)) {
if (pad->flags & ADD_FLAG_VERBOSE)
- send_ret = rc4_send_va_buffer(pad->rc4c,
+ send_ret = sc_send_va_buffer(pad->scc,
"%s exists, not forcing update\n", path);
goto out_unmap;
}
munmap(map.data, map.size);
close(fd);
if (pad->flags & ADD_FLAG_VERBOSE) {
- send_ret = rc4_send_va_buffer(pad->rc4c, "adding %s\n", path);
+ send_ret = sc_send_va_buffer(pad->scc, "adding %s\n", path);
if (send_ret < 0)
goto out_free;
}
save_add_callback_buffer(hash, path, afhi_ptr, pad->flags, format_num, &obj);
/* Ask afs to consider this entry for adding. */
- ret = send_callback_request(com_add_callback, &obj, rc4_send_result, pad->rc4c);
+ ret = send_callback_request(com_add_callback, &obj, sc_send_result, pad->scc);
goto out_free;
out_unmap:
munmap(map.data, map.size);
out_free:
if (ret < 0 && send_ret >= 0)
- send_ret = rc4_send_va_buffer(pad->rc4c,
+ send_ret = sc_send_va_buffer(pad->scc,
"failed to add %s (%s)\n", path, para_strerror(-ret));
free(obj.data);
if (afhi_ptr) {
return send_ret;
}
-int com_add(struct rc4_context *rc4c, int argc, char * const * const argv)
+int com_add(struct stream_cipher_context *scc, int argc, char * const * const argv)
{
int i, ret;
- struct private_add_data pad = {.rc4c = rc4c, .flags = 0};
+ struct private_add_data pad = {.scc = scc, .flags = 0};
struct stat statbuf;
for (i = 1; i < argc; i++) {
char *path;
ret = verify_path(argv[i], &path);
if (ret < 0) {
- ret = rc4_send_va_buffer(rc4c, "%s: %s\n", argv[i],
+ ret = sc_send_va_buffer(scc, "%s: %s\n", argv[i],
para_strerror(-ret));
if (ret < 0)
return ret;
}
ret = stat(path, &statbuf);
if (ret < 0) {
- ret = rc4_send_va_buffer(rc4c, "failed to stat %s (%s)\n", path,
+ ret = sc_send_va_buffer(scc, "failed to stat %s (%s)\n", path,
strerror(errno));
free(path);
if (ret < 0)
else
ret = add_one_audio_file(path, &pad);
if (ret < 0) {
- rc4_send_va_buffer(rc4c, "%s: %s\n", path, para_strerror(-ret));
+ sc_send_va_buffer(scc, "%s: %s\n", path, para_strerror(-ret));
free(path);
return ret;
}
free(tad.pb.buf);
}
-int com_touch(struct rc4_context *rc4c, int argc, char * const * const argv)
+int com_touch(struct stream_cipher_context *scc, int argc, char * const * const argv)
{
struct com_touch_options cto = {
.num_played = -1,
if (i >= argc)
return -E_AFT_SYNTAX;
ret = send_option_arg_callback_request(&query, argc - i,
- argv + i, com_touch_callback, rc4_send_result, rc4c);
+ argv + i, com_touch_callback, sc_send_result, scc);
if (ret < 0)
- rc4_send_va_buffer(rc4c, "%s\n", para_strerror(-ret));
+ sc_send_va_buffer(scc, "%s\n", para_strerror(-ret));
return ret;
}
}
/* TODO options: -r (recursive) */
-int com_rm(struct rc4_context *rc4c, int argc, char * const * const argv)
+int com_rm(struct stream_cipher_context *scc, int argc, char * const * const argv)
{
uint32_t flags = 0;
struct osl_object query = {.data = &flags, .size = sizeof(flags)};
if (i >= argc)
return -E_AFT_SYNTAX;
ret = send_option_arg_callback_request(&query, argc - i, argv + i,
- com_rm_callback, rc4_send_result, rc4c);
+ com_rm_callback, sc_send_result, scc);
if (ret < 0)
- rc4_send_va_buffer(rc4c, "%s\n", para_strerror(-ret));
+ sc_send_va_buffer(scc, "%s\n", para_strerror(-ret));
return ret;
}
free(cad.pb.buf);
}
-int com_cpsi(struct rc4_context *rc4c, int argc, char * const * const argv)
+int com_cpsi(struct stream_cipher_context *scc, int argc, char * const * const argv)
{
unsigned flags = 0;
int i, ret;
if (!(flags & ~CPSI_FLAG_VERBOSE)) /* no copy flags given */
flags = ~(unsigned)CPSI_FLAG_VERBOSE | flags;
ret = send_option_arg_callback_request(&options, argc - i, argv + i,
- com_cpsi_callback, rc4_send_result, rc4c);
+ com_cpsi_callback, sc_send_result, scc);
if (ret < 0)
- rc4_send_va_buffer(rc4c, "%s\n", para_strerror(-ret));
+ sc_send_va_buffer(scc, "%s\n", para_strerror(-ret));
return ret;
}
}
/**
- * Get the current afs status items from the afs process and send it using RC4.
+ * Get the current afs status items from the afs process and send it.
*
- * \param rc4c The rc4 context for data encryption.
+ * \param scc The stream cipher context for data encryption.
* \param parser_friendly Whether parser-friendly output format should be used.
*
* As the contents of the afs status items change in time and the command
* is used to pass the status items from the afs process to the command handler
* via a shared memory area and a pipe.
*/
-int send_afs_status(struct rc4_context *rc4c, int parser_friendly)
+int send_afs_status(struct stream_cipher_context *scc, int parser_friendly)
{
struct osl_object query = {.data = &parser_friendly,
.size = sizeof(parser_friendly)};
- return send_callback_request(afs_stat_callback, &query, rc4_send_result, rc4c);
+ return send_callback_request(afs_stat_callback, &query, sc_send_result, scc);
}
/* TODO: optionally fix problems by removing offending rows */
#include <regex.h>
#include <sys/types.h>
-#include <dirent.h>
#include <alsa/asoundlib.h>
#include <sys/time.h>
#include <stdbool.h>
/** \file attribute.c Attribute handling functions. */
#include <regex.h>
-#include <openssl/rc4.h>
#include <osl.h>
#include "para.h"
free(laad.pb.buf);
}
-int com_lsatt(struct rc4_context *rc4c, int argc, char * const * const argv)
+int com_lsatt(struct stream_cipher_context *scc, int argc, char * const * const argv)
{
unsigned flags = 0;
struct osl_object options = {.data = &flags, .size = sizeof(flags)};
}
}
ret = send_option_arg_callback_request(&options, argc - i, argv + i,
- com_lsatt_callback, rc4_send_result, rc4c);
+ com_lsatt_callback, sc_send_result, scc);
if (!ret) {
if (argc > 1)
- ret = rc4_send_va_buffer(rc4c, "no matches\n");
+ ret = sc_send_va_buffer(scc, "no matches\n");
} else if (ret < 0)
- rc4_send_va_buffer(rc4c, "%s\n", para_strerror(-ret));
+ sc_send_va_buffer(scc, "%s\n", para_strerror(-ret));
return ret;
}
PARA_NOTICE_LOG("%s\n", para_strerror(-ret));
}
-int com_setatt(__a_unused struct rc4_context *rc4c, int argc, char * const * const argv)
+int com_setatt(__a_unused struct stream_cipher_context *scc, int argc, char * const * const argv)
{
if (argc < 3)
return -E_ATTR_SYNTAX;
free(pb.buf);
}
-int com_addatt(struct rc4_context *rc4c, int argc, char * const * const argv)
+int com_addatt(struct stream_cipher_context *scc, int argc, char * const * const argv)
{
int ret;
if (argc < 2)
return -E_ATTR_SYNTAX;
ret = send_standard_callback_request(argc - 1, argv + 1, com_addatt_callback,
- rc4_send_result, rc4c);
+ sc_send_result, scc);
if (ret < 0)
- rc4_send_va_buffer(rc4c, "%s\n", para_strerror(-ret));
+ sc_send_va_buffer(scc, "%s\n", para_strerror(-ret));
return ret;
}
free(pb.buf);
}
-int com_mvatt(struct rc4_context *rc4c, int argc, char * const * const argv)
+int com_mvatt(struct stream_cipher_context *scc, int argc, char * const * const argv)
{
int ret;
if (argc != 3)
return -E_ATTR_SYNTAX;
ret = send_standard_callback_request(argc - 1, argv + 1, com_mvatt_callback,
- rc4_send_result, rc4c);
+ sc_send_result, scc);
if (ret < 0)
- rc4_send_va_buffer(rc4c, "%s\n", para_strerror(-ret));
+ sc_send_va_buffer(scc, "%s\n", para_strerror(-ret));
return ret;
}
free(raad.pb.buf);
}
-int com_rmatt(struct rc4_context *rc4c, int argc, char * const * const argv)
+int com_rmatt(struct stream_cipher_context *scc, int argc, char * const * const argv)
{
int ret;
if (argc < 2)
return -E_ATTR_SYNTAX;
ret = send_standard_callback_request(argc - 1, argv + 1, com_rmatt_callback,
- rc4_send_result, rc4c);
+ sc_send_result, scc);
if (ret < 0)
- rc4_send_va_buffer(rc4c, "%s\n", para_strerror(-ret));
+ sc_send_va_buffer(scc, "%s\n", para_strerror(-ret));
return ret;
}
#include <regex.h>
#include <sys/types.h>
-#include <dirent.h>
#include "audioc.cmdline.h"
#include "para.h"
/** \file audiod.c the paraslash's audio daemon */
#include <regex.h>
#include <sys/types.h>
-#include <dirent.h>
#include <signal.h>
-#include <openssl/rc4.h>
#include <stdbool.h>
#include "para.h"
#include <regex.h>
#include <sys/types.h>
-#include <dirent.h>
#include <stdbool.h>
#include "para.h"
#include <regex.h>
#include <fnmatch.h>
-#include <openssl/rc4.h>
#include <osl.h>
#include "para.h"
free(lbad.pb.buf);
}
-static int com_lsblob(callback_function *f, struct rc4_context *rc4c, int argc, char * const * const argv)
+static int com_lsblob(callback_function *f, struct stream_cipher_context *scc, int argc, char * const * const argv)
{
uint32_t flags = 0;
struct osl_object options = {.data = &flags, .size = sizeof(flags)};
// if (argc > i)
// return -E_BLOB_SYNTAX;
return send_option_arg_callback_request(&options, argc - i,
- argv + i, f, rc4_send_result, rc4c);
+ argv + i, f, sc_send_result, scc);
}
static int cat_blob(struct osl_table *table, struct osl_row *row,
for_each_matching_row(&pmd);
}
-static int com_catblob(callback_function *f, struct rc4_context *rc4c, int argc,
+static int com_catblob(callback_function *f, struct stream_cipher_context *scc, int argc,
char * const * const argv)
{
if (argc < 2)
return -E_BLOB_SYNTAX;
return send_standard_callback_request(argc - 1, argv + 1, f,
- rc4_send_result, rc4c);
+ sc_send_result, scc);
}
/** Used for removing rows from a blob table. */
free(rmbd.pb.buf);
}
-static int com_rmblob(callback_function *f, struct rc4_context *rc4c, int argc,
+static int com_rmblob(callback_function *f, struct stream_cipher_context *scc, int argc,
char * const * const argv)
{
if (argc < 2)
return -E_MOOD_SYNTAX;
return send_option_arg_callback_request(NULL, argc - 1, argv + 1, f,
- rc4_send_result, rc4c);
+ sc_send_result, scc);
}
static void com_addblob_callback(struct osl_table *table, __a_unused int fd,
* write input from fd to dynamically allocated buffer,
* but maximal max_size byte.
*/
-static int fd2buf(struct rc4_context *rc4c, unsigned max_size, struct osl_object *obj)
+static int fd2buf(struct stream_cipher_context *scc, unsigned max_size, struct osl_object *obj)
{
const size_t chunk_size = 1024;
size_t size = 2048, received = 0;
char *buf = para_malloc(size);
for (;;) {
- ret = rc4_recv_bin_buffer(rc4c, buf + received, chunk_size);
+ ret = sc_recv_bin_buffer(scc, buf + received, chunk_size);
if (ret <= 0)
break;
received += ret;
/*
* Read data from a file descriptor, and send it to the afs process.
*
- * \param rc4c crypt context containing the file descriptor to read data from.
+ * \param scc crypt context containing the file descriptor to read data from.
* \param arg_obj Pointer to the arguments to \a f.
* \param f The callback function.
* \param max_len Don't read more than that many bytes from stdin.
* This function is used by commands that wish to let para_server store
* arbitrary data specified by the user (for instance the add_blob family of
* commands). First, at most \a max_len bytes are read and decrypted from the
- * file descriptor given by \a rc4c. The result is concatenated with the buffer
+ * file descriptor given by \a scc. The result is concatenated with the buffer
* given by \a arg_obj, and the combined buffer is made available to the afs
* process via the callback method. See \ref send_callback_request for details.
*
* \return Negative on errors, the return value of the underlying call to
* send_callback_request() otherwise.
*/
-static int stdin_command(struct rc4_context *rc4c, struct osl_object *arg_obj,
+static int stdin_command(struct stream_cipher_context *scc, struct osl_object *arg_obj,
callback_function *f, unsigned max_len,
callback_result_handler *result_handler,
void *private_result_data)
struct osl_object query, stdin_obj;
int ret;
- ret = rc4_send_buffer(rc4c, AWAITING_DATA_MSG);
+ ret = sc_send_buffer(scc, AWAITING_DATA_MSG);
if (ret < 0)
return ret;
- ret = fd2buf(rc4c, max_len, &stdin_obj);
+ ret = fd2buf(scc, max_len, &stdin_obj);
if (ret < 0)
return ret;
query.size = arg_obj->size + stdin_obj.size;
return ret;
}
-static int com_addblob(callback_function *f, struct rc4_context *rc4c, int argc,
+static int com_addblob(callback_function *f, struct stream_cipher_context *scc, int argc,
char * const * const argv)
{
struct osl_object arg_obj;
return -E_BLOB_SYNTAX;
arg_obj.size = strlen(argv[1]) + 1;
arg_obj.data = (char *)argv[1];
- return stdin_command(rc4c, &arg_obj, f, 10 * 1024 * 1024, NULL, NULL);
+ return stdin_command(scc, &arg_obj, f, 10 * 1024 * 1024, NULL, NULL);
}
/* FIXME: Print output to client, not to log file */
PARA_NOTICE_LOG("%s\n", para_strerror(-ret));
}
-static int com_mvblob(callback_function *f, __a_unused struct rc4_context *rc4c,
+static int com_mvblob(callback_function *f, __a_unused struct stream_cipher_context *scc,
int argc, char * const * const argv)
{
if (argc != 3)
{ \
return com_ ## cmd_name ## blob_callback(table_name ## _table, fd, query); \
} \
- int com_ ## cmd_name ## cmd_prefix(struct rc4_context *rc4c, int argc, char * const * const argv) \
+ int com_ ## cmd_name ## cmd_prefix(struct stream_cipher_context *scc, int argc, char * const * const argv) \
{ \
- return com_ ## cmd_name ## blob(com_ ## cmd_name ## cmd_prefix ## _callback, rc4c, argc, argv); \
+ return com_ ## cmd_name ## blob(com_ ## cmd_name ## cmd_prefix ## _callback, scc, argc, argv); \
}
static int blob_get_name_by_id(struct osl_table *table, uint32_t id,
/** \file client.c the client program used to connect to para_server */
#include <regex.h>
-#include <openssl/rc4.h>
#include <stdbool.h>
#include "para.h"
/** \file client.h Common client functions and exported symbols from client_common.c. */
-#include <openssl/rc4.h>
-
/** The different states of a connection from the view of the client. */
enum {
/** TCP connection is established. */
struct client_task {
/** The state of the connection. */
int status;
- /** The file descriptor and the rc4 keys. */
- struct rc4_context rc4c;
+ /** The file descriptor and the session keys. */
+ struct stream_cipher_context scc;
/** The configuration (including the command). */
struct client_args_info conf;
/** The config file for client options. */
#include <regex.h>
#include <sys/types.h>
-#include <dirent.h>
-#include <openssl/rc4.h>
#include "para.h"
#include "error.h"
#include "sched.h"
#include "client.cmdline.h"
#include "crypt.h"
-#include "rc4.h"
#include "net.h"
#include "fd.h"
#include "string.h"
#include "client.cmdline.h"
#include "client.h"
-#include "hash.h"
#include "buffer_tree.h"
#include "version.h"
{
if (!ct)
return;
- if (ct->rc4c.fd >= 0)
- close(ct->rc4c.fd);
+ if (ct->scc.fd >= 0)
+ close(ct->scc.fd);
+ sc_free(ct->scc.recv);
+ sc_free(ct->scc.send);
free(ct->user);
free(ct->config_file);
free(ct->key_file);
struct client_task *ct = container_of(t, struct client_task, task);
struct btr_node *btrn = ct->btrn;
- if (ct->rc4c.fd < 0)
+ if (ct->scc.fd < 0)
return;
switch (ct->status) {
case CL_CONNECTED:
case CL_SENT_AUTH:
case CL_SENT_CH_RESPONSE:
case CL_SENT_COMMAND:
- para_fd_set(ct->rc4c.fd, &s->rfds, &s->max_fileno);
+ para_fd_set(ct->scc.fd, &s->rfds, &s->max_fileno);
return;
case CL_RECEIVED_WELCOME:
case CL_RECEIVED_PROCEED:
- para_fd_set(ct->rc4c.fd, &s->wfds, &s->max_fileno);
+ para_fd_set(ct->scc.fd, &s->wfds, &s->max_fileno);
return;
case CL_RECEIVING:
if (ret < 0)
sched_min_delay(s);
else
- para_fd_set(ct->rc4c.fd, &s->rfds,
+ para_fd_set(ct->scc.fd, &s->rfds,
&s->max_fileno);
}
return;
if (ret < 0)
sched_min_delay(s);
else
- para_fd_set(ct->rc4c.fd, &s->wfds,
+ para_fd_set(ct->scc.fd, &s->wfds,
&s->max_fileno);
}
return;
int ret;
if (ct->status < CL_SENT_CH_RESPONSE)
- return read_nonblock(ct->rc4c.fd, buf, sz, rfds, n);
+ return read_nonblock(ct->scc.fd, buf, sz, rfds, n);
*n = 0;
- ret = rc4_recv_buffer(&ct->rc4c, buf, sz);
+ ret = sc_recv_buffer(&ct->scc, buf, sz);
/*
- * rc4_recv_buffer is used with blocking fds elsewhere, so it
+ * sc_recv_buffer is used with blocking fds elsewhere, so it
* does not use the nonblock-API. Therefore we need to
* check for EOF and EAGAIN.
*/
char buf[CLIENT_BUFSIZE];
t->error = 0;
- if (ct->rc4c.fd < 0)
+ if (ct->scc.fd < 0)
return;
switch (ct->status) {
case CL_CONNECTED: /* receive welcome message */
case CL_RECEIVED_WELCOME: /* send auth command */
sprintf(buf, AUTH_REQUEST_MSG "%s", ct->user);
PARA_INFO_LOG("--> %s\n", buf);
- if (!FD_ISSET(ct->rc4c.fd, &s->wfds))
+ if (!FD_ISSET(ct->scc.fd, &s->wfds))
return;
- ret = send_buffer(ct->rc4c.fd, buf);
+ ret = send_buffer(ct->scc.fd, buf);
if (ret < 0)
goto out;
ct->status = CL_SENT_AUTH;
return;
case CL_SENT_AUTH:
/*
- * Receive challenge and rc4 keys, decrypt the challenge and
+ * Receive challenge and session keys, decrypt the challenge and
* send back the hash of the decrypted challenge.
*/
{
- /* decrypted challenge/rc4 buffer */
+ /* decrypted challenge/session key buffer */
unsigned char crypt_buf[1024];
/* the SHA1 of the decrypted challenge */
- unsigned char challenge_sha1[HASH_SIZE];
+ unsigned char challenge_hash[HASH_SIZE];
ret = client_recv_buffer(ct, &s->rfds, buf, sizeof(buf), &n);
if (ret < 0 || n == 0)
goto out;
PARA_INFO_LOG("<-- [challenge] (%zu bytes)\n", n);
- ret = para_decrypt_buffer(ct->key_file, crypt_buf,
+ ret = priv_decrypt(ct->key_file, crypt_buf,
(unsigned char *)buf, n);
if (ret < 0)
goto out;
- sha1_hash((char *)crypt_buf, CHALLENGE_SIZE, challenge_sha1);
- RC4_set_key(&ct->rc4c.send_key, RC4_KEY_LEN,
- crypt_buf + CHALLENGE_SIZE);
- RC4_set_key(&ct->rc4c.recv_key, RC4_KEY_LEN,
- crypt_buf + CHALLENGE_SIZE + RC4_KEY_LEN);
- hash_to_asc(challenge_sha1, buf);
+ hash_function((char *)crypt_buf, CHALLENGE_SIZE, challenge_hash);
+ ct->scc.send = sc_new(crypt_buf + CHALLENGE_SIZE, SESSION_KEY_LEN);
+ ct->scc.recv = sc_new(crypt_buf + CHALLENGE_SIZE + SESSION_KEY_LEN,
+ SESSION_KEY_LEN);
+ hash_to_asc(challenge_hash, buf);
PARA_INFO_LOG("--> %s\n", buf);
- ret = send_bin_buffer(ct->rc4c.fd, (char *)challenge_sha1,
+ ret = send_bin_buffer(ct->scc.fd, (char *)challenge_hash,
HASH_SIZE);
if (ret < 0)
goto out;
{
int i;
char *command = NULL;
- if (!FD_ISSET(ct->rc4c.fd, &s->wfds))
+ if (!FD_ISSET(ct->scc.fd, &s->wfds))
return;
for (i = 0; i < ct->conf.inputs_num; i++) {
char *tmp = command;
}
command = para_strcat(command, EOC_MSG "\n");
PARA_DEBUG_LOG("--> %s\n", command);
- ret = rc4_send_buffer(&ct->rc4c, command);
+ ret = sc_send_buffer(&ct->scc, command);
free(command);
if (ret < 0)
goto out;
goto out;
if (ret == 0)
return;
- if (!FD_ISSET(ct->rc4c.fd, &s->wfds))
+ if (!FD_ISSET(ct->scc.fd, &s->wfds))
return;
sz = btr_next_buffer(btrn, &buf2);
- ret = rc4_send_bin_buffer(&ct->rc4c, buf2, sz);
+ ret = sc_send_bin_buffer(&ct->scc, buf2, sz);
if (ret < 0)
goto out;
btr_consume(btrn, sz);
* The FD_ISSET() is not strictly necessary, but is allows us
* to skip the malloc below if there is nothing to read anyway.
*/
- if (!FD_ISSET(ct->rc4c.fd, &s->rfds))
+ if (!FD_ISSET(ct->scc.fd, &s->rfds))
return;
buf2 = para_malloc(CLIENT_BUFSIZE);
ret = client_recv_buffer(ct, &s->rfds, buf2, CLIENT_BUFSIZE, &n);
{
int ret;
- ct->rc4c.fd = -1;
+ ct->scc.fd = -1;
ret = para_connect_simple(IPPROTO_TCP, ct->conf.hostname_arg,
ct->conf.server_port_arg);
if (ret < 0)
return ret;
- ct->rc4c.fd = ret;
+ ct->scc.fd = ret;
ct->status = CL_CONNECTED;
- ret = mark_fd_nonblocking(ct->rc4c.fd);
+ ret = mark_fd_nonblocking(ct->scc.fd);
if (ret < 0)
goto err_out;
ct->task.pre_select = client_pre_select;
register_task(&ct->task);
return 1;
err_out:
- close(ct->rc4c.fd);
- ct->rc4c.fd = -1;
+ close(ct->scc.fd);
+ ct->scc.fd = -1;
return ret;
}
ct->btrn = btr_new_node(&(struct btr_node_description)
EMBRACE(.name = "client", .parent = parent, .child = child));
*ct_ptr = ct;
- ct->rc4c.fd = -1;
+ ct->scc.fd = -1;
ret = -E_CLIENT_SYNTAX;
if (client_cmdline_parser(argc, argv, &ct->conf))
goto out;
#include <signal.h>
#include <sys/time.h>
#include <sys/types.h>
-#include <dirent.h>
-#include <openssl/rc4.h>
#include <osl.h>
#include <stdbool.h>
#include "list.h"
#include "send.h"
#include "vss.h"
-#include "rc4.h"
#include "net.h"
#include "daemon.h"
#include "fd.h"
extern int mmd_mutex;
extern struct misc_meta_data *mmd;
extern struct sender senders[];
-int send_afs_status(struct rc4_context *rc4c, int parser_friendly);
+int send_afs_status(struct stream_cipher_context *scc, int parser_friendly);
const char *status_item_list[] = {STATUS_ITEM_ARRAY};
return 1;
}
-int com_sender(struct rc4_context *rc4c, int argc, char * const * argv)
+int com_sender(struct stream_cipher_context *scc, int argc, char * const * argv)
{
int i, ret;
char *msg = NULL;
free(msg);
msg = tmp;
}
- ret = rc4_send_buffer(rc4c, msg);
+ ret = sc_send_buffer(scc, msg);
free(msg);
return ret;
}
if (scd.sender_num < 0)
return ret;
msg = senders[scd.sender_num].help();
- ret = rc4_send_buffer(rc4c, msg);
+ ret = sc_send_buffer(scc, msg);
free(msg);
return ret;
}
}
/* server info */
-int com_si(struct rc4_context *rc4c, int argc, __a_unused char * const * argv)
+int com_si(struct stream_cipher_context *scc, int argc, __a_unused char * const * argv)
{
int i, ret;
char *ut;
free(info);
}
ut = uptime_str();
- ret = rc4_send_va_buffer(rc4c, "version: " GIT_VERSION "\n"
+ ret = sc_send_va_buffer(scc, "version: " GIT_VERSION "\n"
"up: %s\nplayed: %u\n"
"server_pid: %d\n"
"afs_pid: %d\n"
}
/* version */
-int com_version(struct rc4_context *rc4c, int argc, __a_unused char * const * argv)
+int com_version(struct stream_cipher_context *scc, int argc, __a_unused char * const * argv)
{
if (argc != 1)
return -E_COMMAND_SYNTAX;
- return rc4_send_buffer(rc4c, VERSION_TEXT("server")
+ return sc_send_buffer(scc, VERSION_TEXT("server")
"built: " BUILD_DATE "\n"
UNAME_RS ", " CC_VERSION "\n"
);
#undef EMPTY_STATUS_ITEMS
/* stat */
-int com_stat(struct rc4_context *rc4c, int argc, char * const * argv)
+int com_stat(struct stream_cipher_context *scc, int argc, char * const * argv)
{
int i, ret;
struct misc_meta_data tmp, *nmmd = &tmp;
for (;;) {
mmd_dup(nmmd);
s = get_status(nmmd, parser_friendly);
- ret = rc4_send_buffer(rc4c, s);
+ ret = sc_send_buffer(scc, s);
free(s);
if (ret < 0)
goto out;
static char *esi;
if (!esi)
esi = empty_status_items(parser_friendly);
- ret = rc4_send_buffer(rc4c, esi);
+ ret = sc_send_buffer(scc, esi);
if (ret < 0)
goto out;
} else
- send_afs_status(rc4c, parser_friendly);
+ send_afs_status(scc, parser_friendly);
ret = 1;
if (num > 0 && !--num)
goto out;
return ret;
}
-static int send_list_of_commands(struct rc4_context *rc4c, struct server_command *cmd,
+static int send_list_of_commands(struct stream_cipher_context *scc, struct server_command *cmd,
const char *handler)
{
int ret, i;
for (i = 1; cmd->name; cmd++, i++) {
char *perms = cmd_perms_itohuman(cmd->perms);
- ret = rc4_send_va_buffer(rc4c, "%s\t%s\t%s\t%s\n", cmd->name,
+ ret = sc_send_va_buffer(scc, "%s\t%s\t%s\t%s\n", cmd->name,
handler,
perms,
cmd->description);
}
/* help */
-int com_help(struct rc4_context *rc4c, int argc, char * const * argv)
+int com_help(struct stream_cipher_context *scc, int argc, char * const * argv)
{
struct server_command *cmd;
char *perms, *handler;
if (argc < 2) {
/* no argument given, print list of commands */
- if ((ret = send_list_of_commands(rc4c, server_cmds, "server")) < 0)
+ if ((ret = send_list_of_commands(scc, server_cmds, "server")) < 0)
return ret;
- return send_list_of_commands(rc4c, afs_cmds, "afs");
+ return send_list_of_commands(scc, afs_cmds, "afs");
}
/* argument given for help */
cmd = get_cmd_ptr(argv[1], &handler);
if (!cmd)
return -E_BAD_CMD;
perms = cmd_perms_itohuman(cmd->perms);
- ret = rc4_send_va_buffer(rc4c,
+ ret = sc_send_va_buffer(scc,
"%s - %s\n\n"
"handler: %s\n"
"permissions: %s\n"
}
/* hup */
-int com_hup(__a_unused struct rc4_context *rc4c, int argc, __a_unused char * const * argv)
+int com_hup(__a_unused struct stream_cipher_context *scc, int argc, __a_unused char * const * argv)
{
if (argc != 1)
return -E_COMMAND_SYNTAX;
}
/* term */
-int com_term(__a_unused struct rc4_context *rc4c, int argc, __a_unused char * const * argv)
+int com_term(__a_unused struct stream_cipher_context *scc, int argc, __a_unused char * const * argv)
{
if (argc != 1)
return -E_COMMAND_SYNTAX;
return 1;
}
-int com_play(__a_unused struct rc4_context *rc4c, int argc, __a_unused char * const * argv)
+int com_play(__a_unused struct stream_cipher_context *scc, int argc, __a_unused char * const * argv)
{
if (argc != 1)
return -E_COMMAND_SYNTAX;
}
/* stop */
-int com_stop(__a_unused struct rc4_context *rc4c, int argc, __a_unused char * const * argv)
+int com_stop(__a_unused struct stream_cipher_context *scc, int argc, __a_unused char * const * argv)
{
if (argc != 1)
return -E_COMMAND_SYNTAX;
}
/* pause */
-int com_pause(__a_unused struct rc4_context *rc4c, int argc, __a_unused char * const * argv)
+int com_pause(__a_unused struct stream_cipher_context *scc, int argc, __a_unused char * const * argv)
{
if (argc != 1)
return -E_COMMAND_SYNTAX;
}
/* next */
-int com_next(__a_unused struct rc4_context *rc4c, int argc, __a_unused char * const * argv)
+int com_next(__a_unused struct stream_cipher_context *scc, int argc, __a_unused char * const * argv)
{
if (argc != 1)
return -E_COMMAND_SYNTAX;
}
/* nomore */
-int com_nomore(__a_unused struct rc4_context *rc4c, int argc, __a_unused char * const * argv)
+int com_nomore(__a_unused struct stream_cipher_context *scc, int argc, __a_unused char * const * argv)
{
if (argc != 1)
return -E_COMMAND_SYNTAX;
}
/* ff */
-int com_ff(__a_unused struct rc4_context *rc4c, int argc, char * const * argv)
+int com_ff(__a_unused struct stream_cipher_context *scc, int argc, char * const * argv)
{
long promille;
int ret, backwards = 0;
}
/* jmp */
-int com_jmp(__a_unused struct rc4_context *rc4c, int argc, char * const * argv)
+int com_jmp(__a_unused struct stream_cipher_context *scc, int argc, char * const * argv)
{
long unsigned int i;
int ret;
return get_cmd_ptr(buf, NULL);
}
-static int read_command(struct rc4_context *rc4c, char **result)
+static int read_command(struct stream_cipher_context *scc, char **result)
{
int ret;
char buf[4096];
size_t numbytes;
char *p;
- ret = rc4_recv_buffer(rc4c, buf, sizeof(buf));
+ ret = sc_recv_buffer(scc, buf, sizeof(buf));
if (ret < 0)
goto out;
if (!ret)
* calls this function.
*
* An RSA-based challenge/response is used to authenticate
- * the peer. It that authentication succeeds, a random RC4
+ * the peer. It that authentication succeeds, a random
* session key is generated and sent back to the peer,
* encrypted with its RSA public key. From this point on,
* all transfers are crypted with this session key.
* which terminates the function if the connection was not
* authenticated when the timeout expires.
*
- * \sa alarm(2), rc4(3), crypt.c, crypt.h
+ * \sa alarm(2), crypt.c, crypt.h
*/
__noreturn void handle_connect(int fd, const char *peername)
{
int ret, argc;
char buf[4096];
- unsigned char rand_buf[CHALLENGE_SIZE + 2 * RC4_KEY_LEN];
- unsigned char challenge_sha1[HASH_SIZE];
+ unsigned char rand_buf[CHALLENGE_SIZE + 2 * SESSION_KEY_LEN];
+ unsigned char challenge_hash[HASH_SIZE];
struct user *u;
struct server_command *cmd = NULL;
char **argv = NULL;
char *p, *command = NULL;
size_t numbytes;
- struct rc4_context rc4c = {.fd = fd};
+ struct stream_cipher_context scc = {.fd = fd};
reset_signals();
/* we need a blocking fd here as recv() might return EAGAIN otherwise. */
u = lookup_user(p);
if (u) {
get_random_bytes_or_die(rand_buf, sizeof(rand_buf));
- ret = para_encrypt_buffer(u->rsa, rand_buf, sizeof(rand_buf),
+ ret = pub_encrypt(u->pubkey, rand_buf, sizeof(rand_buf),
(unsigned char *)buf);
if (ret < 0)
goto net_err;
if (!u)
goto net_err;
/*
- * The correct response is the sha1 of the first CHALLENGE_SIZE bytes
+ * The correct response is the hash of the first CHALLENGE_SIZE bytes
* of the random data.
*/
ret = -E_BAD_AUTH;
if (numbytes != HASH_SIZE)
goto net_err;
- sha1_hash((char *)rand_buf, CHALLENGE_SIZE, challenge_sha1);
- if (memcmp(challenge_sha1, buf, HASH_SIZE))
+ hash_function((char *)rand_buf, CHALLENGE_SIZE, challenge_hash);
+ if (memcmp(challenge_hash, buf, HASH_SIZE))
goto net_err;
/* auth successful */
alarm(0);
PARA_INFO_LOG("good auth for %s\n", u->name);
- /* init rc4 keys with the second part of the random buffer */
- RC4_set_key(&rc4c.recv_key, RC4_KEY_LEN, rand_buf + CHALLENGE_SIZE);
- RC4_set_key(&rc4c.send_key, RC4_KEY_LEN, rand_buf + CHALLENGE_SIZE
- + RC4_KEY_LEN);
- ret = rc4_send_buffer(&rc4c, PROCEED_MSG);
+ /* init stream cipher keys with the second part of the random buffer */
+ scc.recv = sc_new(rand_buf + CHALLENGE_SIZE, SESSION_KEY_LEN);
+ scc.send = sc_new(rand_buf + CHALLENGE_SIZE + SESSION_KEY_LEN, SESSION_KEY_LEN);
+ ret = sc_send_buffer(&scc, PROCEED_MSG);
if (ret < 0)
goto net_err;
- ret = read_command(&rc4c, &command);
+ ret = read_command(&scc, &command);
if (ret == -E_COMMAND_SYNTAX)
goto err_out;
if (ret < 0)
argc = ret;
PARA_NOTICE_LOG("calling com_%s() for %s@%s\n", cmd->name, u->name,
peername);
- ret = cmd->handler(&rc4c, argc, argv);
+ ret = cmd->handler(&scc, argc, argv);
free_argv(argv);
mutex_lock(mmd_mutex);
mmd->num_commands++;
if (ret >= 0)
goto out;
err_out:
- rc4_send_va_buffer(&rc4c, "%s\n", para_strerror(-ret));
+ sc_send_va_buffer(&scc, "%s\n", para_strerror(-ret));
net_err:
PARA_NOTICE_LOG("%s\n", para_strerror(-ret));
out:
free(command);
+ sc_free(scc.recv);
+ sc_free(scc.send);
mutex_lock(mmd_mutex);
if (cmd && (cmd->perms & AFS_WRITE) && ret >= 0)
mmd->events++;
/** The name of the command. */
const char *name;
/** Pointer to the function that handles the command. */
- int (*handler)(struct rc4_context *, int, char * const * const);
+ int (*handler)(struct stream_cipher_context *, int, char * const * const);
/** The privileges a user must have to execute this command. */
unsigned int perms;
/** One-line description of the command. */
echo '/**'
echo " * $desc_txt"
echo ' *'
- if [[ "$system_includes" =~ openssl/rc4.h ]]; then
- echo ' * \param rc4c The rc4 crypt context.'
- else
- echo ' * \param fd The file descriptor to send output to.'
- fi
- echo ' * \param argc The number of arguments.'
- echo ' * \param argv The argument vector.'
- echo ' * '
echo " * Usage: $usage_txt"
echo ' * '
echo "$help_txt" | sed -e 's/^/ * /g'
all_errlist_objs="server mp3_afh afh_common vss command net string signal time
daemon stat crypt http_send close_on_fork ipc acl afh fade amp_filter
dccp_send fd user_list chunk_queue afs aft mood score attribute blob ringbuffer
-playlist sha1 sched audiod grab_client filter_common wav_filter compress_filter
+playlist sched audiod grab_client filter_common wav_filter compress_filter
http_recv dccp_recv recv_common write_common file_write audiod_command
client_common recv stdout filter stdin audioc write client exec send_common ggo
udp_recv udp_send color fec fecdec_filter prebuffer_filter mm
audiod_errlist_objs="audiod signal string daemon stat net
time grab_client filter_common wav_filter compress_filter amp_filter http_recv dccp_recv
recv_common fd sched write_common file_write audiod_command crypt fecdec_filter
- client_common ggo udp_recv color fec prebuffer_filter sha1 audiod_command_list
+ client_common ggo udp_recv color fec prebuffer_filter audiod_command_list
bitstream imdct wma_common wmadec_filter buffer_tree"
audiod_ldflags="-lm"
audiod_audio_formats="wma"
server_errlist_objs="server afh_common mp3_afh vss command net string signal
time daemon crypt http_send close_on_fork mm
ipc dccp_send fd user_list chunk_queue afs aft mood score attribute
- blob playlist sha1 sched acl send_common udp_send color fec
+ blob playlist sched acl send_common udp_send color fec
server_command_list afs_command_list wma_afh wma_common"
server_ldflags=""
server_audio_formats="mp3 wma"
client_cmdline_objs="add_cmdline(client)"
client_errlist_objs="client net string crypt fd sched stdin stdout time
- client_common sha1 buffer_tree"
+ client_common buffer_tree"
client_ldflags=""
gui_cmdline_objs="add_cmdline(gui)"
CPPFLAGS="$OLD_CPPFLAGS"
LDFLAGS="$OLD_LDFLAGS"
LIBS="$OLD_LIBS"
-########################################################################### ssl
-dnl @synopsis CHECK_SSL
-dnl
-dnl based on the follwing macro from the autoconf archive
-dnl
-dnl @category InstalledPackages
-dnl @author Mark Ethan Trostler <trostler@juniper.net>
-dnl @version 2003-01-28
-dnl @license AllPermissive
-
-AC_DEFUN([CHECK_SSL],
-[
- for ssldir in $1 /usr/local/ssl /usr/lib/ssl /usr/ssl /usr/pkg /usr/local /usr; do
- AC_MSG_CHECKING(for openssl in $ssldir)
- if test -f "$ssldir/include/openssl/ssl.h"; then
- found_ssl="yes"
- AC_MSG_RESULT(yes)
- SSL_CFLAGS="-I$ssldir/include"
- SSL_CPPFLAGS="-I$ssldir/include"
- break
- fi
- AC_MSG_RESULT(no)
- done
- if test x_$found_ssl != x_yes; then
- AC_MSG_ERROR(Cannot find ssl libraries)
- else
- SSL_LIBS="-lssl -lcrypto";
- SSL_LDFLAGS="-L$ssldir/lib";
+###################################################################### openssl
+OLD_CPPFLAGS="$CPPFLAGS"
+OLD_LD_FLAGS="$LDFLAGS"
+OLD_LIBS="$LIBS"
+have_openssl="yes"
+AC_ARG_WITH(openssl_headers, [AC_HELP_STRING(--with-openssl-headers=dir,
+ [look for openssl headers also in dir])])
+if test -n "$with_openssl_headers"; then
+ openssl_cppflags="-I$with_openssl_headers"
+ CPPFLAGS="$CPPFLAGS $openssl_cppflags"
+fi
+AC_ARG_WITH(openssl_libs, [AC_HELP_STRING(--with-openssl-libs=dir,
+ [look for openssl libraries also in dir])])
+if test -n "$with_openssl_libs"; then
+ openssl_libs="-L$with_openssl_libs"
+ LDFLAGS="$LDFLAGS $openssl_libs"
+fi
+AC_CHECK_HEADER(openssl/ssl.h, [], [have_openssl="no"])
+AC_CHECK_LIB([crypto], [RAND_bytes], [], [have_openssl="no"])
+if test "$have_openssl" = "no" -a -z "$with_openssl_headers$with_openssl_libs"; then
+ # try harder: openssl is sometimes installed in /usr/local/ssl
+ openssl_cppflags="-I/usr/local/ssl/include"
+ CPPFLAGS="$CPPFLAGS $openssl_cppflags"
+ openssl_libs="-L/usr/local/ssl/lib"
+ LDFLAGS="$LDFLAGS $openssl_libs"
+ # clear cache
+ unset ac_cv_header_openssl_ssl_h 2> /dev/null
+ unset ac_cv_lib_crypto_RAND_bytes 2> /dev/null
+ AC_CHECK_HEADER(openssl/ssl.h, [have_openssl="yes"], [])
+ if test "$have_openssl" = "yes"; then
+ AC_CHECK_LIB([crypto], [RAND_bytes], [], [have_openssl="no"])
fi
- AC_SUBST(SSL_CPPFLAGS)
-])dnl
-
-AC_ARG_ENABLE(ssldir, [AS_HELP_STRING(--enable-ssldir=path,
- [Search for openssl also in path.])])
-if test "$enable_ssldir" = "yes"; then enable_ssldir=""; fi
-CHECK_SSL($enable_ssldir)
-server_ldflags="$server_ldflags $SSL_LDFLAGS $SSL_LIBS"
-client_ldflags="$client_ldflags $SSL_LDFLAGS $SSL_LIBS"
-audiod_ldflags="$audiod_ldflags $SSL_LDFLAGS $SSL_LIBS"
-
+fi
+if test "$have_openssl" = "yes"; then
+ AC_DEFINE(HAVE_OPENSSL, 1, [define to 1 to turn on openssl support])
+ AC_SUBST(openssl_cppflags)
+ openssl_libs="$openssl_libs -lssl -lcrypto"
+ server_ldflags="$server_ldflags $openssl_libs"
+ client_ldflags="$client_ldflags $openssl_libs"
+ audiod_ldflags="$audiod_ldflags $openssl_libs"
+else
+ AC_MSG_ERROR([openssl libraries not found])
+fi
+CPPFLAGS="$OLD_CPPFLAGS"
+LDFLAGS="$OLD_LDFLAGS"
+LIBS="$OLD_LIBS"
########################################################################### libsocket
AC_CHECK_LIB([c], [socket],
[socket_lib=],
* Licensed under the GPL v2. For licencing details see COPYING.
*/
-/** \file crypt.c openssl-based RSA encryption/decryption routines */
+/** \file crypt.c Openssl-based encryption/decryption routines. */
#include <regex.h>
-#include <dirent.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <openssl/rand.h>
#include <openssl/err.h>
#include <openssl/rc4.h>
+#include <openssl/pem.h>
+#include <openssl/sha.h>
#include "para.h"
#include "error.h"
#include "string.h"
#include "crypt.h"
#include "fd.h"
+
+struct asymmetric_key {
+ RSA *rsa;
+};
+
/**
* Fill a buffer with random content.
*
}
/**
- * read an RSA key from a file
+ * Read an asymmetric key from a file.
*
- * \param key_file the file containing the key
- * \param rsa RSA structure is returned here
- * \param private if non-zero, read the private key, otherwise the public key
+ * \param key_file The file containing the key.
+ * \param private if non-zero, read the private key, otherwise the public key.
+ * \param result The key structure is returned here.
*
- * \return The size of the RSA key on success, negative on errors.
+ * \return The size of the key on success, negative on errors.
*
* \sa openssl(1), rsa(1).
*/
-int get_rsa_key(char *key_file, RSA **rsa, int private)
+int get_asymmetric_key(const char *key_file, int private,
+ struct asymmetric_key **result)
{
- EVP_PKEY *key = load_key(key_file, private);
+ struct asymmetric_key *key;
+ RSA *rsa;
+ EVP_PKEY *pkey = load_key(key_file, private);
- if (!key)
+ if (!pkey)
return (private == LOAD_PRIVATE_KEY)? -E_PRIVATE_KEY
: -E_PUBLIC_KEY;
- *rsa = EVP_PKEY_get1_RSA(key);
- EVP_PKEY_free(key);
- if (!*rsa)
+ rsa = EVP_PKEY_get1_RSA(pkey);
+ EVP_PKEY_free(pkey);
+ if (!rsa)
return -E_RSA;
- return RSA_size(*rsa);
+ key = para_malloc(sizeof(*key));
+ key->rsa = rsa;
+ *result = key;
+ return RSA_size(rsa);
}
/**
- * free an RSA structure
+ * Deallocate an asymmetric key structure.
*
- * \param rsa pointer to the RSA struct to free
+ * \param key Pointer to the key structure to free.
*
- * This must be called for any key obtained by get_rsa_key().
+ * This must be called for any key obtained by get_asymmetric_key().
*/
-void rsa_free(RSA *rsa)
+void free_asymmetric_key(struct asymmetric_key *key)
{
- if (rsa)
- RSA_free(rsa);
+ if (!key)
+ return;
+ RSA_free(key->rsa);
+ free(key);
}
/**
- * decrypt a buffer using an RSA key
+ * Decrypt a buffer using a private key.
*
- * \param key_file full path of the rsa key
- * \param outbuf the output buffer
- * \param inbuf the encrypted input buffer
- * \param rsa_inlen the length of \a inbuf
+ * \param key_file Full path of the key.
+ * \param outbuf The output buffer.
+ * \param inbuf The encrypted input buffer.
+ * \param inlen The length of \a inbuf in bytes.
*
* The \a outbuf must be large enough to hold at least \a rsa_inlen bytes.
*
*
* \sa RSA_private_decrypt(3)
**/
-int para_decrypt_buffer(char *key_file, unsigned char *outbuf, unsigned char *inbuf,
- unsigned rsa_inlen)
+int priv_decrypt(const char *key_file, unsigned char *outbuf,
+ unsigned char *inbuf, int inlen)
{
- RSA *rsa;
- int ret, inlen = rsa_inlen;
+ struct asymmetric_key *priv;
+ int ret;
if (inlen < 0)
return -E_RSA;
- ret = get_rsa_key(key_file, &rsa, LOAD_PRIVATE_KEY);
+ ret = get_asymmetric_key(key_file, LOAD_PRIVATE_KEY, &priv);
if (ret < 0)
return ret;
/*
* factor to protect against this kind of attack.
*/
ret = -E_BLINDING;
- if (RSA_blinding_on(rsa, NULL) == 0)
+ if (RSA_blinding_on(priv->rsa, NULL) == 0)
goto out;
- ret = RSA_private_decrypt(inlen, inbuf, outbuf, rsa, RSA_PKCS1_OAEP_PADDING);
- RSA_blinding_off(rsa);
+ ret = RSA_private_decrypt(inlen, inbuf, outbuf, priv->rsa,
+ RSA_PKCS1_OAEP_PADDING);
+ RSA_blinding_off(priv->rsa);
if (ret <= 0)
ret = -E_DECRYPT;
out:
- rsa_free(rsa);
+ free_asymmetric_key(priv);
return ret;
}
/**
- * encrypt a buffer using an RSA key
+ * Encrypt a buffer using an RSA key
*
- * \param rsa: public rsa key
- * \param inbuf the input buffer
- * \param len the length of \a inbuf
- * \param outbuf the output buffer
+ * \param pub: The public key.
+ * \param inbuf The input buffer.
+ * \param len The length of \a inbuf.
+ * \param outbuf The output buffer.
*
- * \return The size of the encrypted data on success, negative on errors
+ * \return The size of the encrypted data on success, negative on errors.
*
* \sa RSA_public_encrypt(3)
*/
-int para_encrypt_buffer(RSA *rsa, unsigned char *inbuf,
+int pub_encrypt(struct asymmetric_key *pub, unsigned char *inbuf,
unsigned len, unsigned char *outbuf)
{
int ret, flen = len; /* RSA_public_encrypt expects a signed int */
if (flen < 0)
return -E_ENCRYPT;
- ret = RSA_public_encrypt(flen, inbuf, outbuf, rsa, RSA_PKCS1_OAEP_PADDING);
+ ret = RSA_public_encrypt(flen, inbuf, outbuf, pub->rsa,
+ RSA_PKCS1_OAEP_PADDING);
return ret < 0? -E_ENCRYPT : ret;
}
+struct stream_cipher {
+ RC4_KEY key;
+};
+
+/**
+ * Allocate and initialize a stream cipher structure.
+ *
+ * \param data The key.
+ * \param len The size of the key.
+ *
+ * \return A new stream cipher structure.
+ */
+struct stream_cipher *sc_new(const unsigned char *data, int len)
+{
+ struct stream_cipher *sc = para_malloc(sizeof(*sc));
+ RC4_set_key(&sc->key, len, data);
+ return sc;
+}
+
+/**
+ * Deallocate a stream cipher structure.
+ *
+ * \param sc A stream cipher previously obtained by sc_new().
+ */
+void sc_free(struct stream_cipher *sc)
+{
+ free(sc);
+}
+
+/**
+ * The RC4() implementation of openssl apparently reads and writes data in
+ * blocks of 8 bytes. So we have to make sure our buffer sizes are a multiple
+ * of this.
+ */
#define RC4_ALIGN 8
/**
* Encrypt and send a buffer.
*
- * \param rc4c The rc4 crypt context.
+ * \param scc The context.
* \param buf The buffer to send.
* \param len The size of \a buf in bytes.
*
*
* \sa \ref write_all(), RC4(3).
*/
-int rc4_send_bin_buffer(struct rc4_context *rc4c, const char *buf, size_t len)
+int sc_send_bin_buffer(struct stream_cipher_context *scc, const char *buf,
+ size_t len)
{
int ret;
unsigned char *tmp;
assert(len);
tmp = para_malloc(l2);
- RC4(&rc4c->send_key, l1, (const unsigned char *)buf, tmp);
+ RC4(&scc->send->key, l1, (const unsigned char *)buf, tmp);
if (len > l1) {
memcpy(remainder, buf + l1, len - l1);
- RC4(&rc4c->send_key, len - l1, remainder, tmp + l1);
+ RC4(&scc->send->key, len - l1, remainder, tmp + l1);
}
- ret = write_all(rc4c->fd, (char *)tmp, &len);
+ ret = write_all(scc->fd, (char *)tmp, &len);
free(tmp);
return ret;
}
/**
* Encrypt and send a \p NULL-terminated buffer.
*
- * \param rc4c The rc4 crypt context.
+ * \param scc The context.
* \param buf The buffer to send.
*
- * \return The return value of the underyling call to rc4_send_bin_buffer().
+ * \return The return value of the underyling call to sc_send_bin_buffer().
*/
-int rc4_send_buffer(struct rc4_context *rc4c, const char *buf)
+int sc_send_buffer(struct stream_cipher_context *scc, const char *buf)
{
- return rc4_send_bin_buffer(rc4c, buf, strlen(buf));
+ return sc_send_bin_buffer(scc, buf, strlen(buf));
}
/**
* Format, encrypt and send a buffer.
*
- * \param rc4c The rc4 crypt context.
+ * \param scc The context.
* \param fmt A format string.
*
- * \return The return value of the underyling call to rc4_send_buffer().
+ * \return The return value of the underyling call to sc_send_buffer().
*/
-__printf_2_3 int rc4_send_va_buffer(struct rc4_context *rc4c, const char *fmt, ...)
+__printf_2_3 int sc_send_va_buffer(struct stream_cipher_context *scc,
+ const char *fmt, ...)
{
char *msg;
int ret;
PARA_VSPRINTF(fmt, msg);
- ret = rc4_send_buffer(rc4c, msg);
+ ret = sc_send_buffer(scc, msg);
free(msg);
return ret;
}
/**
* Receive a buffer and decrypt it.
*
- * \param rc4c The rc4 crypt context.
+ * \param scc The context.
* \param buf The buffer to write the decrypted data to.
* \param size The size of \a buf.
*
*
* \sa recv(2), RC4(3).
*/
-int rc4_recv_bin_buffer(struct rc4_context *rc4c, char *buf, size_t size)
+int sc_recv_bin_buffer(struct stream_cipher_context *scc, char *buf,
+ size_t size)
{
unsigned char *tmp = para_malloc(size);
- ssize_t ret = recv(rc4c->fd, tmp, size, 0);
+ ssize_t ret = recv(scc->fd, tmp, size, 0);
if (ret > 0)
- RC4(&rc4c->recv_key, ret, tmp, (unsigned char *)buf);
+ RC4(&scc->recv->key, ret, tmp, (unsigned char *)buf);
else if (ret < 0)
ret = -ERRNO_TO_PARA_ERROR(errno);
free(tmp);
/**
* Receive a buffer, decrypt it and write terminating NULL byte.
*
- * \param rc4c The rc4 crypt context.
+ * \param scc The context.
* \param buf The buffer to write the decrypted data to.
* \param size The size of \a buf.
*
- * Read at most \a size - 1 bytes from file descriptor given by \a rc4c,
- * decrypt the received data and write a NULL byte at the end of the decrypted
- * data.
+ * Read at most \a size - 1 bytes from file descriptor given by \a scc, decrypt
+ * the received data and write a NULL byte at the end of the decrypted data.
*
* \return The return value of the underlying call to \ref
- * rc4_recv_bin_buffer().
+ * sc_recv_bin_buffer().
*/
-int rc4_recv_buffer(struct rc4_context *rc4c, char *buf, size_t size)
+int sc_recv_buffer(struct stream_cipher_context *scc, char *buf, size_t size)
{
int n;
assert(size);
- n = rc4_recv_bin_buffer(rc4c, buf, size - 1);
+ n = sc_recv_bin_buffer(scc, buf, size - 1);
if (n >= 0)
buf[n] = '\0';
else
*buf = '\0';
return n;
}
+
+/**
+ * Compute the hash of the given input data.
+ *
+ * \param data Pointer to the data to compute the hash value from.
+ * \param len The length of \a data in bytes.
+ * \param hash Result pointer.
+ *
+ * \a hash must point to an area at least \p HASH_SIZE bytes large.
+ *
+ * \sa sha(3), openssl(1).
+ * */
+void hash_function(const char *data, unsigned long len, unsigned char *hash)
+{
+ SHA_CTX c;
+ SHA1_Init(&c);
+ SHA1_Update(&c, data, len);
+ SHA1_Final(hash, &c);
+}
* Licensed under the GPL v2. For licencing details see COPYING.
*/
-/** \file crypt.h prototypes for the RSA crypt functions */
+/** \file crypt.h Prototypes for paraslash crypto functions. */
-#include <openssl/pem.h>
-int para_encrypt_buffer(RSA* rsa, unsigned char *inbuf, unsigned len,
- unsigned char *outbuf);
-int para_decrypt_buffer(char *key_file, unsigned char *outbuf, unsigned char *inbuf,
- unsigned rsa_inlen);
-int get_rsa_key(char *key_file, RSA **rsa, int private);
+/** Opaque structure for public and private keys. */
+struct asymmetric_key;
+
+int pub_encrypt(struct asymmetric_key *pub, unsigned char *inbuf,
+ unsigned len, unsigned char *outbuf);
+int priv_decrypt(const char *key_file, unsigned char *outbuf,
+ unsigned char *inbuf, int inlen);
+int get_asymmetric_key(const char *key_file, int private,
+ struct asymmetric_key **result);
+void free_asymmetric_key(struct asymmetric_key *key);
-void rsa_free(RSA *rsa);
void get_random_bytes_or_die(unsigned char *buf, int num);
void init_random_seed_or_die(void);
+/** Opaque structure for stream cipher crypto. */
+struct stream_cipher;
+
+/** Number of bytes of the session key. */
+#define SESSION_KEY_LEN 32
+
/**
* Used on the server-side for client-server communication encryption.
*
- * The traffic between (the forked child of) para_server and the remote
- * client process is crypted by a RC4 session key. This structure contains
- * the RC4 keys and the file descriptor for which these keys should be used.
+ * The traffic between (the forked child of) para_server and the remote client
+ * process is crypted by a symmetric session key. This structure contains the
+ * keys for the stream cipher and the file descriptor for which these keys
+ * should be used.
*/
-struct rc4_context {
+struct stream_cipher_context {
/** The socket file descriptor. */
int fd;
- /** Key used for sending data. */
- RC4_KEY recv_key;
/** Key used for receiving data. */
- RC4_KEY send_key;
+ struct stream_cipher *recv;
+ /** Key used for sending data. */
+ struct stream_cipher *send;
};
-int rc4_send_bin_buffer(struct rc4_context *rc4c, const char *buf, size_t len);
-int rc4_send_buffer(struct rc4_context *rc4c, const char *buf);
-__printf_2_3 int rc4_send_va_buffer(struct rc4_context *rc4c, const char *fmt, ...);
-int rc4_recv_bin_buffer(struct rc4_context *rcc, char *buf, size_t size);
-int rc4_recv_buffer(struct rc4_context *rcc, char *buf, size_t size);
+
+struct stream_cipher *sc_new(const unsigned char *data, int len);
+void sc_free(struct stream_cipher *sc);
+
+int sc_send_bin_buffer(struct stream_cipher_context *scc, const char *buf,
+ size_t len);
+int sc_send_buffer(struct stream_cipher_context *scc, const char *buf);
+__printf_2_3 int sc_send_va_buffer(struct stream_cipher_context *scc,
+ const char *fmt, ...);
+int sc_recv_bin_buffer(struct stream_cipher_context *scc, char *buf,
+ size_t size);
+int sc_recv_buffer(struct stream_cipher_context *scc, char *buf, size_t size);
/** \cond used to distinguish between loading of private/public key */
#define LOAD_PUBLIC_KEY 0
#define LOAD_PRIVATE_KEY 1
#define CHALLENGE_SIZE 64
/** \endcond **/
+
+/** Size of the hash value in bytes. */
+#define HASH_SIZE 20
+
+void hash_function(const char *data, unsigned long len, unsigned char *hash);
+
+/**
+ * Compare two hashes.
+ *
+ * \param h1 Pointer to the first hash value.
+ * \param h2 Pointer to the second hash value.
+ *
+ * \return 1, -1, or zero, depending on whether \a h1 is greater than,
+ * less than or equal to h2, respectively.
+ */
+_static_inline_ int hash_compare(unsigned char *h1, unsigned char *h2)
+{
+ int i;
+
+ for (i = 0; i < HASH_SIZE; i++) {
+ if (h1[i] < h2[i])
+ return -1;
+ if (h1[i] > h2[i])
+ return 1;
+ }
+ return 0;
+}
+
+/**
+ * Convert a hash value to ascii format.
+ *
+ * \param hash the hash value.
+ * \param asc Result pointer.
+ *
+ * \a asc must point to an area of at least 2 * \p HASH_SIZE + 1 bytes which
+ * will be filled by the function with the ascii representation of the hash
+ * value given by \a hash, and a terminating \p NULL byte.
+ */
+_static_inline_ void hash_to_asc(unsigned char *hash, char *asc)
+{
+ int i;
+ const char hexchar[] = "0123456789abcdef";
+
+ for (i = 0; i < HASH_SIZE; i++) {
+ asc[2 * i] = hexchar[hash[i] >> 4];
+ asc[2 * i + 1] = hexchar[hash[i] & 0xf];
+ }
+ asc[2 * HASH_SIZE] = '\0';
+}
#include <regex.h>
#include <sys/types.h>
-#include <dirent.h>
#include "para.h"
#include "error.h"
struct btr_pool *btrp;
};
-
static void dccp_recv_close(struct receiver_node *rn)
{
rn->private_data = NULL;
}
-
static int dccp_recv_open(struct receiver_node *rn)
{
struct private_dccp_recv_data *pdd;
#include <regex.h>
#include <sys/types.h>
-#include <dirent.h>
#include <osl.h>
#include "para.h"
#define GUI_ERRORS
#define RINGBUFFER_ERRORS
#define SCORE_ERRORS
-#define SHA1_ERRORS
#define RBTREE_ERRORS
#define RECV_ERRORS
#define IPC_ERRORS
/** \file exec.c Helper functions for spawning new processes. */
#include <regex.h>
-#include <dirent.h>
#include "para.h"
#include "close_on_fork.h"
#include <regex.h>
#include <sys/types.h>
-#include <dirent.h>
#include <sys/ioctl.h>
#include <ctype.h>
#include <stdlib.h> /* EXIT_SUCCESS */
#include <regex.h>
#include <stdbool.h>
-#include <dirent.h>
#include "para.h"
#include "error.h"
#include "list.h"
#include <regex.h>
#include <sys/types.h>
-#include <dirent.h>
#include <sys/time.h>
#include <stdbool.h>
#include <regex.h>
#include <sys/types.h>
-#include <dirent.h>
#include <stdbool.h>
#include "para.h"
#include <regex.h>
#include <sys/types.h>
-#include <dirent.h>
#include <stdbool.h>
#include "para.h"
#include <regex.h>
#include <signal.h>
#include <sys/types.h>
-#include <dirent.h>
#include <curses.h>
#include "gui.cmdline.h"
+++ /dev/null
-/*
- * Copyright (C) 2007-2011 Andre Noll <maan@systemlinux.org>
- *
- * Licensed under the GPL v2. For licencing details see COPYING.
- */
-
-/** \file hash.h Inline functions for hash values. */
-
-/** hash arrays are always unsigned char. */
-#define HASH_TYPE unsigned char
-
-#include "sha1.h"
-/** We use openssl's sha1 implementation. */
-#define hash_function sha1_hash
-
-/**
- * Compare two hashes.
- *
- * \param h1 Pointer to the first hash value.
- * \param h2 Pointer to the second hash value.
- *
- * \return 1, -1, or zero, depending on whether \a h1 is greater than,
- * less than or equal to h2, respectively.
- */
-_static_inline_ int hash_compare(HASH_TYPE *h1, HASH_TYPE *h2)
-{
- int i;
-
- for (i = 0; i < HASH_SIZE; i++) {
- if (h1[i] < h2[i])
- return -1;
- if (h1[i] > h2[i])
- return 1;
- }
- return 0;
-}
-
-/**
- * Convert a hash value to ascii format.
- *
- * \param hash the hash value.
- * \param asc Result pointer.
- *
- * \a asc must point to an area of at least 2 * \p HASH_SIZE + 1 bytes which
- * will be filled by the function with the ascii representation of the hash
- * value given by \a hash, and a terminating \p NULL byte.
- */
-_static_inline_ void hash_to_asc(HASH_TYPE *hash, char *asc)
-{
- int i;
- const char hexchar[] = "0123456789abcdef";
-
- for (i = 0; i < HASH_SIZE; i++) {
- asc[2 * i] = hexchar[hash[i] >> 4];
- asc[2 * i + 1] = hexchar[hash[i] & 0xf];
- }
- asc[2 * HASH_SIZE] = '\0';
-}
#include <regex.h>
#include <sys/types.h>
-#include <dirent.h>
#include "para.h"
#include "error.h"
#include <regex.h>
#include <sys/types.h>
-#include <dirent.h>
#include <osl.h>
#include <stdbool.h>
#define AI_ADDRCONFIG 0
#endif
-#include <dirent.h>
#include <regex.h>
-#include <openssl/rc4.h>
#include "para.h"
#include "error.h"
-#include "crypt.h"
#include "net.h"
#include "string.h"
#include "list.h"
#include <regex.h>
#include <sys/ioctl.h>
#include <fcntl.h>
-#include <dirent.h>
#include <sys/soundcard.h>
#include <stdbool.h>
#include <regex.h>
#include <sys/types.h>
-#include <dirent.h>
#include <stdbool.h>
#include "para.h"
+++ /dev/null
-/** \file rc4.h common symbols of command.c and client_common.c */
-
-/** Number of bytes of the rc4 session key. */
-#define RC4_KEY_LEN 32
#include <regex.h>
#include <sys/types.h>
-#include <dirent.h>
#include <stdbool.h>
#include "para.h"
/** \file sched.c Paraslash's scheduling functions. */
#include <regex.h>
-#include <dirent.h> /* readdir() */
#include <assert.h>
#include <sys/time.h>
/** \file send_common.c Functions used by more than one paraslash sender. */
#include <regex.h>
-#include <dirent.h>
#include <osl.h>
#include "para.h"
*
* - Doubly linked lists: \ref list.h,
* - Ring buffer: \ref ringbuffer.c, \ref ringbuffer.h,
- * - Hashing: \ref hash.h, \ref sha1.h, \ref sha1.c,
- * - Crypto: \ref crypt.c.
+ * - Crypto: \ref crypt.c, \ref crypt.h.
* - Forward error correction: \ref fec.c.
*/
#include <signal.h>
-#include <dirent.h>
#include <sys/time.h>
-#include <openssl/rc4.h>
#include <regex.h>
#include <osl.h>
#include <stdbool.h>
HC: prototypes for the server command handlers
CC: array of server commands
AT: server_command
-SI: openssl/rc4 osl regex
+SI: osl regex
IN: para error crypt command string afh afs server list user_list
SN: list of server commands
---
+++ /dev/null
-/*
- * Copyright (C) 2007-2011 Andre Noll <maan@systemlinux.org>
- *
- * Licensed under the GPL v2. For licencing details see COPYING.
- */
-
-/** \file sha1.c Secure Hash Algorithm, provided by openssl. */
-
-#include "para.h"
-#include <openssl/sha.h>
-
-/**
- * Compute the sha1 hash.
- *
- * \param data Pointer to the data to compute the hash value from.
- * \param len The length of \a data in bytes.
- * \param sha1 Result pointer.
- *
- * \a sha1 must point to an area at least 20 bytes large.
- *
- * \sa sha(3), openssl(1).
- * */
-void sha1_hash(const char *data, unsigned long len, unsigned char *sha1)
-{
- SHA_CTX c;
- SHA1_Init(&c);
- SHA1_Update(&c, data, len);
- SHA1_Final(sha1, &c);
-}
+++ /dev/null
-/** \file sha1.h Secure Hash Algorithm prototype */
-
-/** Size of the hash value in bytes. */
-#define HASH_SIZE 20
-void sha1_hash(const char *data, unsigned long len, unsigned char *sha1);
#include <signal.h>
#include <sys/types.h>
-#include <dirent.h>
#include "para.h"
#include "error.h"
/** \file stdin.c Functions that deal with reading from stdin. */
-#include <dirent.h> /* readdir() */
#include <assert.h>
#include <stdbool.h>
#include <regex.h>
/** \file stdout.c Functions that deal with writing to stdout. */
-#include <dirent.h> /* readdir() */
#include <assert.h>
#include <stdbool.h>
/** \file udp_recv.c Paraslash's udp receiver */
#include <regex.h>
-#include <dirent.h>
#include <sys/socket.h>
#include <net/if.h>
#include <regex.h>
#include <sys/time.h>
-#include <dirent.h>
#include <sys/socket.h>
#include <netinet/udp.h>
#include <net/if.h>
#include <regex.h>
#include <sys/types.h>
-#include <dirent.h>
-#include <openssl/rc4.h>
#include "para.h"
#include "error.h"
#include "string.h"
#include "list.h"
#include "user_list.h"
-#include "rc4.h"
static struct list_head user_list;
/* keyword, name, key, perms */
char w[255], n[255], k[255], p[255], tmp[4][255];
struct user *u;
- RSA *rsa;
+ struct asymmetric_key *pubkey;
ret = para_fgets(line, sizeof(line), file_ptr);
if (ret <= 0)
if (strcmp(w, "user"))
continue;
PARA_DEBUG_LOG("found entry for user %s\n", n);
- ret = get_rsa_key(k, &rsa, LOAD_PUBLIC_KEY);
+ ret = get_asymmetric_key(k, LOAD_PUBLIC_KEY, &pubkey);
if (ret < 0) {
PARA_NOTICE_LOG("skipping entry for user %s: %s\n", n,
para_strerror(-ret));
continue;
}
/*
- * In order to encrypt len := CHALLENGE_SIZE + 2 * RC4_KEY_LEN
+ * In order to encrypt len := CHALLENGE_SIZE + 2 * SESSION_KEY_LEN
* bytes using RSA_public_encrypt() with EME-OAEP padding mode,
* RSA_size(rsa) must be greater than len + 41. So ignore keys
* which are too short. For details see RSA_public_encrypt(3).
*/
- if (ret <= CHALLENGE_SIZE + 2 * RC4_KEY_LEN + 41) {
- PARA_WARNING_LOG("rsa key %s too short (%d)\n",
+ if (ret <= CHALLENGE_SIZE + 2 * SESSION_KEY_LEN + 41) {
+ PARA_WARNING_LOG("public key %s too short (%d)\n",
k, ret);
- rsa_free(rsa);
+ free_asymmetric_key(pubkey);
continue;
}
u = para_malloc(sizeof(*u));
u->name = para_strdup(n);
- u->rsa = rsa;
+ u->pubkey = pubkey;
u->perms = 0;
num = sscanf(p, "%200[A-Z_],%200[A-Z_],%200[A-Z_],%200[A-Z_]",
tmp[0], tmp[1], tmp[2], tmp[3]);
list_for_each_entry_safe(u, tmp, &user_list, node) {
list_del(&u->node);
free(u->name);
- rsa_free(u->rsa);
+ free_asymmetric_key(u->pubkey);
free(u);
}
} else
* data needed to authenticate the user
*/
struct user {
- /** the position of this user in the list of users */
+ /** The position of this user in the list of users. */
struct list_head node;
- /** the username */
+ /** The username. */
char *name;
- /** the public RSA key */
- RSA *rsa;
- /** the privileges that this user has */
+ /** The public key. */
+ struct asymmetric_key *pubkey;
+ /** The privileges of this user. */
unsigned int perms;
};
*/
#include <regex.h>
-#include <dirent.h>
#include <osl.h>
#include "para.h"
#include <regex.h>
#include <sys/types.h>
-#include <dirent.h>
#include <stdbool.h>
#include "para.h"