hide-eid/pass-1/util.c

212 lines
5.2 KiB
C

#include "util.h"
#include <unistd.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <errno.h>
#include <sys/socket.h>
#include <linux/if.h>
#include <linux/if_tun.h>
#include <sys/ioctl.h>
#include <arpa/inet.h>
#include <netinet/ip.h>
#ifndef IFF_MULTI_QUEUE
#define IFF_MULTI_QUEUE 0x0100
#endif
void* xmalloc( size_t bytes )
{
void* result = malloc( bytes );
if ( bytes > 0 && result == NULL ) {
warn( "Couldn't allocate %zu bytes, exiting!", bytes );
exit(2);
}
memset( result, 0, bytes );
return result;
}
int tun_has_multiqueue( int tun_fd )
{
int features;
if ( ioctl( tun_fd, TUNGETFEATURES, &features ) < 0) {
warn("Kernel doesn't support TUNGETFEATURES, assuming no multiqueue");
features = 0;
}
return features & IFF_MULTI_QUEUE;
}
int create_tun( const char *name, int multi )
{
int fd, err;
struct ifreq ifr;
if ( ( fd = open( "/dev/net/tun", O_RDWR ) ) < 0 ) {
warn( "Error %s (%i) opening tun to create %s", strerror(errno), errno, name );
return -1;
}
memset( &ifr, 0, sizeof( struct ifreq ) );
ifr.ifr_flags = IFF_TUN | IFF_NO_PI;
if ( multi ) {
if ( !tun_has_multiqueue( fd ) ) {
warn( "multiqueue requested but kernel doesn't support it" );
close( fd );
return -1;
}
debug( "Creating multi-queue device" );
ifr.ifr_flags |= IFF_MULTI_QUEUE;
}
strncpy( ifr.ifr_name, name, IFNAMSIZ );
while ( (err = ioctl( fd, TUNSETIFF, (void*) &ifr ) ) < 0 ) {
if ( errno != EBUSY ) {
warn( "Error creating tun device %s: %s (%i)", name, strerror(errno), errno );
close( fd );
return -1;
}
}
return fd;
}
int link_set_up( char *link_name, int state )
{
int fd = socket( PF_INET, SOCK_DGRAM, IPPROTO_IP );
struct ifreq ifr;
memset( &ifr, 0, sizeof( struct ifreq ) );
strncpy( ifr.ifr_name, link_name, IFNAMSIZ );
if ( ioctl( fd, SIOCGIFFLAGS, (void*)&ifr ) < 0 ) {
warn( "Failed to read interface flags for %s: %s", link_name, strerror(errno) );
return 0;
}
if ( state ) {
ifr.ifr_flags |= IFF_UP;
} else {
ifr.ifr_flags = ( ifr.ifr_flags & ~IFF_UP );
}
if ( ioctl( fd, SIOCSIFFLAGS, (void*)&ifr ) < 0 ) {
warn( "Failed to set link state for interface %s to %i: %s", link_name, state, strerror(errno) );
return 0;
}
return 1;
}
int session_setup( struct session *session, char *config_file, char *ifname, int multi )
{
memset( session, 0, sizeof( struct session ) );
session->rlocs = rlocs_new( config_file );
if ( session->rlocs == NULL ) {
warn( "Failed to get config from %s", config_file );
return 0;
}
rlocs_debug_output( session->rlocs );
session->fd = create_tun( ifname, multi );
if ( session->fd == -1 ) {
warn( "Error opening %s for listening", ifname );
rlocs_free( session->rlocs );
return 0;
}
link_set_up( ifname, 1 );
return 1;
}
int session_upgrade_rlocs( struct session *session, int argc, char** args )
{
int i, num_rlocs = argc / 2;
if ( argc%2 != 0 ) {
warn( "Odd number of arguments. Format: [<rlc> <filename>]n" );
return 0;
}
for ( i = 0 ; i < num_rlocs ; i++ ) {
char *rloc_str = args[i*2];
char *filename = args[(i*2)+1];
struct rloc *rloc;
if ( strchr( rloc_str, ':' ) == NULL ) { /* IPv4 */
struct in_addr ip;
if ( inet_pton( AF_INET, rloc_str, &ip ) != 1 ) {
warn( "Couldn't parse %s as an IPv4 address", rloc_str );
return 0;
}
rloc = rloc_find_by_address( session->rlocs, &ip, NULL );
} else { /* IPv6 */
struct in6_addr ip6;
if ( inet_pton( AF_INET6, rloc_str, &ip6 ) != 1 ) {
warn( "Couldn't parse %s as an IPv6 address", rloc_str );
return 0;
}
rloc = rloc_find_by_address( session->rlocs, NULL, &ip6 );
}
if (rloc == NULL ) {
warn( "Couldn't find rloc for %s", rloc_str );
return 0;
}
if ( !rlocs_add_private_key( session->rlocs, rloc, filename ) ) {
warn( "Couldn't upgrade rloc %s with %s", rloc_str, filename );
return 0;
}
info( "Upgraded RLOC %s with private key %s", rloc_str, filename );
}
return 1;
}
void session_teardown( struct session *session )
{
rlocs_free( session->rlocs );
if ( session->fd >= 0 ) {
close( session->fd );
}
}
// TODO: we can speed this one up, if necessary, by re-using the context.
// TODO: some error-checking
int sha256sum( unsigned char *src, size_t src_len, unsigned char dst[SHA256_DIGEST_LENGTH] )
{
unsigned int size = SHA256_DIGEST_LENGTH;
EVP_MD_CTX *ctx = EVP_MD_CTX_create();
EVP_DigestInit_ex( ctx, EVP_sha256(), NULL );
EVP_DigestUpdate( ctx, src, src_len );
EVP_DigestFinal_ex( ctx, &dst[0], &size );
EVP_MD_CTX_destroy( ctx );
return size == SHA256_DIGEST_LENGTH;
}