From d088c3395a28bce3e1530db5aeacbcf59ab16619 Mon Sep 17 00:00:00 2001 From: Sander Vrijders Date: Wed, 12 Jul 2017 15:18:15 +0200 Subject: ipcpd, lib, irmd: Hardcode shim hash algorithms This will hardcode the shim hash algorithms as they don't have an enrollment phase. Fixes #44 --- include/ouroboros/ipcp.h | 7 +++- src/ipcpd/ipcp.c | 6 ++- src/ipcpd/local/main.c | 2 +- src/ipcpd/shim-eth-llc/main.c | 2 - src/ipcpd/shim-udp/main.c | 2 - src/irmd/main.c | 18 ++++++++- src/lib/irm.c | 2 +- src/tools/irm/irm_ipcp_bootstrap.c | 81 ++++++++++++++++++++------------------ 8 files changed, 69 insertions(+), 51 deletions(-) diff --git a/include/ouroboros/ipcp.h b/include/ouroboros/ipcp.h index 8979c6d1..1b775a63 100644 --- a/include/ouroboros/ipcp.h +++ b/include/ouroboros/ipcp.h @@ -39,7 +39,7 @@ enum ipcp_type { IPCP_NORMAL }; -/* IPCP policies */ +/* Normal IPCP policies */ enum pol_addr_auth { FLAT_RANDOM = 0 }; @@ -52,6 +52,7 @@ enum pol_routing { LINK_STATE = 0 }; +/* Hash algorithms */ enum hash_algo { HASH_CRC32 = 0, HASH_MD5, @@ -63,17 +64,19 @@ enum hash_algo { #define DIF_NAME_SIZE 256 +/* Info reported back to the IRMd about the DIF on enrollment */ struct dif_info { char dif_name[DIF_NAME_SIZE]; enum hash_algo dir_hash_algo; }; +/* Structure to configure the first IPCP */ struct ipcp_config { struct dif_info dif_info; enum ipcp_type type; - /* DT syntax */ + /* Normal */ uint8_t addr_size; uint8_t fd_size; bool has_ttl; diff --git a/src/ipcpd/ipcp.c b/src/ipcpd/ipcp.c index e86487af..4aec7567 100644 --- a/src/ipcpd/ipcp.c +++ b/src/ipcpd/ipcp.c @@ -212,8 +212,6 @@ static void * ipcp_main_loop(void * o) conf_msg = msg->conf; conf.type = conf_msg->ipcp_type; - conf.dif_info.dir_hash_algo = - conf_msg->dif_info->dir_hash_algo; strcpy(conf.dif_info.dif_name, conf_msg->dif_info->dif_name); if (conf.dif_info.dif_name == NULL) { @@ -229,6 +227,8 @@ static void * ipcp_main_loop(void * o) conf.dt_gam_type = conf_msg->dt_gam_type; conf.rm_gam_type = conf_msg->rm_gam_type; conf.routing_type = conf_msg->routing_type; + conf.dif_info.dir_hash_algo = + conf_msg->dif_info->dir_hash_algo; } if (conf_msg->ipcp_type == IPCP_SHIM_UDP) { @@ -239,6 +239,8 @@ static void * ipcp_main_loop(void * o) if (conf_msg->ipcp_type == IPCP_SHIM_ETH_LLC) conf.if_name = conf_msg->if_name; + ipcpi.dir_hash_algo = conf_msg->dif_info->dir_hash_algo; + ret_msg.result = ipcpi.ops->ipcp_bootstrap(&conf); break; case IPCP_MSG_CODE__IPCP_ENROLL: diff --git a/src/ipcpd/local/main.c b/src/ipcpd/local/main.c index 758e57ae..ddb5e4ec 100644 --- a/src/ipcpd/local/main.c +++ b/src/ipcpd/local/main.c @@ -119,7 +119,7 @@ static int ipcp_local_bootstrap(const struct ipcp_config * conf) assert(conf); assert(conf->type == THIS_TYPE); - ipcpi.dir_hash_algo = conf->dif_info.dir_hash_algo; + (void) conf; ipcp_set_state(IPCP_OPERATIONAL); diff --git a/src/ipcpd/shim-eth-llc/main.c b/src/ipcpd/shim-eth-llc/main.c index 99d46a1d..28ab897b 100644 --- a/src/ipcpd/shim-eth-llc/main.c +++ b/src/ipcpd/shim-eth-llc/main.c @@ -758,8 +758,6 @@ static int eth_llc_ipcp_bootstrap(const struct ipcp_config * conf) assert(conf); assert(conf->type == THIS_TYPE); - ipcpi.dir_hash_algo = conf->dif_info.dir_hash_algo; - if (conf->if_name == NULL) { log_err("Interface name is NULL."); return -1; diff --git a/src/ipcpd/shim-udp/main.c b/src/ipcpd/shim-udp/main.c index 4ef3015a..ab199ffd 100644 --- a/src/ipcpd/shim-udp/main.c +++ b/src/ipcpd/shim-udp/main.c @@ -535,8 +535,6 @@ static int ipcp_udp_bootstrap(const struct ipcp_config * conf) assert(conf); assert(conf->type == THIS_TYPE); - ipcpi.dir_hash_algo = conf->dif_info.dir_hash_algo; - if (inet_ntop(AF_INET, &conf->ip_addr, ipstr, diff --git a/src/irmd/main.c b/src/irmd/main.c index db6f33de..63ae6b13 100644 --- a/src/irmd/main.c +++ b/src/irmd/main.c @@ -58,6 +58,10 @@ #define SHM_SAN_HOLDOFF 1000 /* ms */ #define IPCP_HASH_LEN(e) hash_len(e->dir_hash_algo) +#define SHIM_ETH_LLC_HASH_ALGO HASH_SHA3_256 +#define SHIM_UDP_HASH_ALGO HASH_MD5 +#define LOCAL_HASH_ALGO HASH_SHA3_256 + struct ipcp_entry { struct list_head next; @@ -417,6 +421,18 @@ static int bootstrap_ipcp(pid_t api, return -1; } + if (entry->type == IPCP_LOCAL) + entry->dir_hash_algo = conf->dif_info->dir_hash_algo + = LOCAL_HASH_ALGO; + else if (entry->type == IPCP_SHIM_ETH_LLC) + entry->dir_hash_algo = conf->dif_info->dir_hash_algo + = SHIM_ETH_LLC_HASH_ALGO; + else if (entry->type == IPCP_SHIM_UDP) + entry->dir_hash_algo = conf->dif_info->dir_hash_algo + = SHIM_UDP_HASH_ALGO; + else + entry->dir_hash_algo = conf->dif_info->dir_hash_algo; + if (ipcp_bootstrap(entry->api, conf)) { pthread_rwlock_unlock(&irmd.reg_lock); log_err("Could not bootstrap IPCP."); @@ -430,8 +446,6 @@ static int bootstrap_ipcp(pid_t api, return -ENOMEM; } - entry->dir_hash_algo = conf->dif_info->dir_hash_algo; - pthread_rwlock_unlock(&irmd.reg_lock); log_info("Bootstrapped IPCP %d in DIF %s.", diff --git a/src/lib/irm.c b/src/lib/irm.c index 9ee9e9e0..828bdfe6 100644 --- a/src/lib/irm.c +++ b/src/lib/irm.c @@ -108,7 +108,6 @@ int irm_bootstrap_ipcp(pid_t api, msg.conf = &config; dif_info.dif_name = (char *) conf->dif_info.dif_name; - dif_info.dir_hash_algo = conf->dif_info.dir_hash_algo; config.ipcp_type = conf->type; @@ -128,6 +127,7 @@ int irm_bootstrap_ipcp(pid_t api, config.rm_gam_type = conf->rm_gam_type; config.has_routing_type = true; config.routing_type = conf->routing_type; + dif_info.dir_hash_algo = conf->dif_info.dir_hash_algo; break; case IPCP_SHIM_UDP: config.has_ip_addr = true; diff --git a/src/tools/irm/irm_ipcp_bootstrap.c b/src/tools/irm/irm_ipcp_bootstrap.c index 6457a983..6277dee4 100644 --- a/src/tools/irm/irm_ipcp_bootstrap.c +++ b/src/tools/irm/irm_ipcp_bootstrap.c @@ -46,8 +46,6 @@ #define SHA3_384 "SHA3_384" #define SHA3_512 "SHA3_512" -#define DEFAULT_HASH_ALGO HASH_SHA3_256 -#define DEFAULT_HASH_STR SHA3_256 #define DEFAULT_ADDR_SIZE 4 #define DEFAULT_FD_SIZE 2 #define DEFAULT_DDNS 0 @@ -55,6 +53,7 @@ #define DEFAULT_DT_GAM COMPLETE #define DEFAULT_RM_GAM COMPLETE #define DEFAULT_ROUTING LINK_STATE +#define DEFAULT_HASH_ALGO HASH_SHA3_256 #define ADDR_AUTH_FLAT "flat" #define DT_GAM_COMPLETE "complete" #define RM_GAM_COMPLETE "complete" @@ -67,36 +66,35 @@ static void usage(void) " name \n" " dif \n" " type [TYPE]\n" - " [hash [ALGORITHM] (default: %s)]\n" "where TYPE = {" NORMAL " " LOCAL " " - SHIM_UDP " " SHIM_ETH_LLC"},\n" - " ALGORITHM = { " CRC32 " " MD5 " " - SHA3_224 " " SHA3_256 " " SHA3_384 " " SHA3_512 "}.\n\n" + SHIM_UDP " " SHIM_ETH_LLC"},\n\n" "if TYPE == " NORMAL "\n" " [addr
(default: %d)]\n" " [fd (default: %d)]\n" - " [ttl ]\n" + " [ttl (add time to live value in the PCI)]\n" " [addr_auth
(default: %s)]\n" " [dt_gam " " (default: %s)]\n" " [rm_gam " " (default: %s)]\n" " [routing (default: %s)]\n" + " [hash [ALGORITHM] (default: %s)]\n" + "where ALGORITHM = {" CRC32 " " MD5 " " + SHA3_224 " " SHA3_256 " " SHA3_384 " " SHA3_512 "}\n" "if TYPE == " SHIM_UDP "\n" " ip \n" " [dns " - " (default = none: %d)]\n" + " (default: none)]\n" "if TYPE == " SHIM_ETH_LLC "\n" " if_name \n", - DEFAULT_HASH_STR, DEFAULT_ADDR_SIZE, DEFAULT_FD_SIZE, + DEFAULT_ADDR_SIZE, DEFAULT_FD_SIZE, ADDR_AUTH_FLAT, DT_GAM_COMPLETE, RM_GAM_COMPLETE, - ROUTING_LINK_STATE, DEFAULT_DDNS); + ROUTING_LINK_STATE, SHA3_256); } int do_bootstrap_ipcp(int argc, char ** argv) { char * name = NULL; - char * hash = DEFAULT_HASH_STR; pid_t api; struct ipcp_config conf; uint8_t addr_size = DEFAULT_ADDR_SIZE; @@ -106,6 +104,7 @@ int do_bootstrap_ipcp(int argc, char ** argv) enum pol_gam dt_gam_type = DEFAULT_DT_GAM; enum pol_gam rm_gam_type = DEFAULT_RM_GAM; enum pol_routing routing_type = DEFAULT_ROUTING; + enum hash_algo hash_algo = DEFAULT_HASH_ALGO; uint32_t ip_addr = 0; uint32_t dns_addr = DEFAULT_DDNS; char * ipcp_type = NULL; @@ -123,17 +122,26 @@ int do_bootstrap_ipcp(int argc, char ** argv) } else if (matches(*argv, "name") == 0) { name = *(argv + 1); } else if (matches(*argv, "hash") == 0) { - hash = *(argv + 1); + if (strcmp(*(argv + 1), CRC32) == 0) + hash_algo = HASH_CRC32; + else if (strcmp(*(argv + 1), MD5) == 0) + hash_algo = HASH_MD5; + else if (strcmp(*(argv + 1), SHA3_224) == 0) + hash_algo = HASH_SHA3_224; + else if (strcmp(*(argv + 1), SHA3_256) == 0) + hash_algo = HASH_SHA3_256; + else if (strcmp(*(argv + 1), SHA3_384) == 0) + hash_algo = HASH_SHA3_384; + else if (strcmp(*(argv + 1), SHA3_512) == 0) + hash_algo = HASH_SHA3_512; + else + goto unknown_param; } else if (matches(*argv, "ip") == 0) { - if (inet_pton (AF_INET, *(argv + 1), &ip_addr) != 1) { - usage(); - return -1; - } + if (inet_pton (AF_INET, *(argv + 1), &ip_addr) != 1) + goto unknown_param; } else if (matches(*argv, "dns") == 0) { - if (inet_pton(AF_INET, *(argv + 1), &dns_addr) != 1) { - usage(); - return -1; - } + if (inet_pton(AF_INET, *(argv + 1), &dns_addr) != 1) + goto unknown_param; } else if (matches(*argv, "if_name") == 0) { if_name = *(argv + 1); } else if (matches(*argv, "addr") == 0) { @@ -147,18 +155,25 @@ int do_bootstrap_ipcp(int argc, char ** argv) } else if (matches(*argv, "addr_auth") == 0) { if (strcmp(ADDR_AUTH_FLAT, *(argv + 1)) == 0) addr_auth_type = FLAT_RANDOM; + else + goto unknown_param; } else if (matches(*argv, "dt_gam") == 0) { if (strcmp(DT_GAM_COMPLETE, *(argv + 1)) == 0) dt_gam_type = COMPLETE; + else + goto unknown_param; } else if (matches(*argv, "rm_gam") == 0) { if (strcmp(RM_GAM_COMPLETE, *(argv + 1)) == 0) rm_gam_type = COMPLETE; + else + goto unknown_param; } else if (matches(*argv, "routing") == 0) { if (strcmp(ROUTING_LINK_STATE, *(argv + 1)) == 0) routing_type = LINK_STATE; + else + goto unknown_param; } else { - printf("\"%s\" is unknown, try \"irm " - "ipcp bootstrap\".\n", *argv); + printf("Unknown option: \"%s\".\n", *argv); return -1; } @@ -173,23 +188,6 @@ int do_bootstrap_ipcp(int argc, char ** argv) strcpy(conf.dif_info.dif_name, dif_name); - if (strcmp(hash, CRC32) == 0) { - conf.dif_info.dir_hash_algo = HASH_CRC32; - } else if (strcmp(hash, MD5) == 0) { - conf.dif_info.dir_hash_algo = HASH_MD5; - } else if (strcmp(hash, SHA3_224) == 0) { - conf.dif_info.dir_hash_algo = HASH_SHA3_224; - } else if (strcmp(hash, SHA3_256) == 0) { - conf.dif_info.dir_hash_algo = HASH_SHA3_256; - } else if (strcmp(hash, SHA3_384) == 0) { - conf.dif_info.dir_hash_algo = HASH_SHA3_384; - } else if (strcmp(hash, SHA3_512) == 0) { - conf.dif_info.dir_hash_algo = HASH_SHA3_512; - } else { - usage(); - return -1; - } - if (strcmp(ipcp_type, NORMAL) == 0) { conf.type = IPCP_NORMAL; conf.addr_size = addr_size; @@ -199,6 +197,7 @@ int do_bootstrap_ipcp(int argc, char ** argv) conf.dt_gam_type = dt_gam_type; conf.rm_gam_type = rm_gam_type; conf.routing_type = routing_type; + conf.dif_info.dir_hash_algo = hash_algo; } else if (strcmp(ipcp_type, SHIM_UDP) == 0) { conf.type = IPCP_SHIM_UDP; if (ip_addr == 0) { @@ -239,4 +238,8 @@ int do_bootstrap_ipcp(int argc, char ** argv) free(apis); return 0; + + unknown_param: + printf("Unknown parameter for %s: \"%s\".\n", *argv, *(argv + 1)); + return -1; } -- cgit v1.2.3