From a1b982bf4c052360cd854b9e4c97592893692701 Mon Sep 17 00:00:00 2001 From: Sander Vrijders Date: Sun, 3 Dec 2017 21:30:31 +0100 Subject: ipcpd: Make hash algorithm configurable This makes the hashing algorithm configurable once more for the local and the shim-eth-llc, since their scope is so small that it is up to the network administrator to select a correct algorithm for the whole network. Signed-off-by: Sander Vrijders Signed-off-by: Dimitri Staessens --- src/ipcpd/ipcp.c | 48 ++++++++++++++++++-------------------- src/tools/irm/irm_ipcp_bootstrap.c | 14 ++++++++--- 2 files changed, 34 insertions(+), 28 deletions(-) diff --git a/src/ipcpd/ipcp.c b/src/ipcpd/ipcp.c index 42064817..84c42b98 100644 --- a/src/ipcpd/ipcp.c +++ b/src/ipcpd/ipcp.c @@ -243,23 +243,37 @@ static void * mainloop(void * o) conf.addr_auth_type = conf_msg->addr_auth_type; conf.routing_type = conf_msg->routing_type; conf.pff_type = conf_msg->pff_type; + } + + if (conf_msg->ipcp_type == IPCP_SHIM_ETH_LLC) + conf.if_name = conf_msg->if_name; + + if (conf_msg->ipcp_type == IPCP_SHIM_UDP) { + conf.ip_addr = conf_msg->ip_addr; + conf.dns_addr = conf_msg->dns_addr; + + conf.dif_info.dir_hash_algo = HASH_MD5; + dif_info.dir_hash_algo = HASH_MD5; + } + /* Only shim-udp needs a fixed hash algorithm */ + if (conf_msg->ipcp_type != IPCP_SHIM_UDP) { switch(conf_msg->dif_info->dir_hash_algo) { case DIR_HASH_SHA3_224: - conf.dif_info.dir_hash_algo - = HASH_SHA3_224; + conf.dif_info.dir_hash_algo = + HASH_SHA3_224; break; case DIR_HASH_SHA3_256: - conf.dif_info.dir_hash_algo - = HASH_SHA3_256; + conf.dif_info.dir_hash_algo = + HASH_SHA3_256; break; case DIR_HASH_SHA3_384: - conf.dif_info.dir_hash_algo - = HASH_SHA3_384; + conf.dif_info.dir_hash_algo = + HASH_SHA3_384; break; case DIR_HASH_SHA3_512: - conf.dif_info.dir_hash_algo - = HASH_SHA3_512; + conf.dif_info.dir_hash_algo = + HASH_SHA3_512; break; default: assert(false); @@ -269,23 +283,7 @@ static void * mainloop(void * o) conf.dif_info.dir_hash_algo; } - if (conf_msg->ipcp_type == IPCP_SHIM_UDP) { - conf.ip_addr = conf_msg->ip_addr; - conf.dns_addr = conf_msg->dns_addr; - dif_info.dir_hash_algo = HASH_MD5; - ipcpi.dir_hash_algo = HASH_MD5; - } - - if (conf_msg->ipcp_type == IPCP_SHIM_ETH_LLC) { - conf.if_name = conf_msg->if_name; - dif_info.dir_hash_algo = HASH_SHA3_256; - ipcpi.dir_hash_algo = HASH_SHA3_256; - } - - if (conf_msg->ipcp_type == IPCP_LOCAL) { - dif_info.dir_hash_algo = HASH_SHA3_256; - ipcpi.dir_hash_algo = HASH_SHA3_256; - } + ipcpi.dir_hash_algo = conf.dif_info.dir_hash_algo; ret_msg.result = ipcpi.ops->ipcp_bootstrap(&conf); if (ret_msg.result == 0) { diff --git a/src/tools/irm/irm_ipcp_bootstrap.c b/src/tools/irm/irm_ipcp_bootstrap.c index acd3779e..728d3d11 100644 --- a/src/tools/irm/irm_ipcp_bootstrap.c +++ b/src/tools/irm/irm_ipcp_bootstrap.c @@ -102,9 +102,16 @@ static void usage(void) " [dns " " (default: none)]\n\n" "if TYPE == " SHIM_ETH_LLC "\n" - " if_name \n", + " if_name \n" + " [hash [ALGORITHM] (default: %s)]\n" + "where ALGORITHM = {" SHA3_224 " " SHA3_256 " " + SHA3_384 " " SHA3_512 "}\n\n" + "if TYPE == " LOCAL "\n" + " [hash [ALGORITHM] (default: %s)]\n" + "where ALGORITHM = {" SHA3_224 " " SHA3_256 " " + SHA3_384 " " SHA3_512 "}\n\n", DEFAULT_ADDR_SIZE, DEFAULT_FD_SIZE, FLAT_RANDOM_ADDR_AUTH, - LINK_STATE_ROUTING, SIMPLE_PFF, SHA3_256); + LINK_STATE_ROUTING, SIMPLE_PFF, SHA3_256, SHA3_256, SHA3_256); } int do_bootstrap_ipcp(int argc, @@ -203,6 +210,8 @@ int do_bootstrap_ipcp(int argc, } strcpy(conf.dif_info.dif_name, dif_name); + if (strcmp(ipcp_type, SHIM_UDP) != 0) + conf.dif_info.dir_hash_algo = hash_algo; if (strcmp(ipcp_type, NORMAL) == 0) { conf.type = IPCP_NORMAL; @@ -212,7 +221,6 @@ int do_bootstrap_ipcp(int argc, conf.addr_auth_type = addr_auth_type; conf.routing_type = routing_type; conf.pff_type = pff_type; - conf.dif_info.dir_hash_algo = hash_algo; } else if (strcmp(ipcp_type, SHIM_UDP) == 0) { conf.type = IPCP_SHIM_UDP; if (ip_addr == 0) { -- cgit v1.2.3