From 24aa46946349529bf36d3569796a28917d3e756f Mon Sep 17 00:00:00 2001
From: dimitri staessens <dimitri.staessens@ugent.be>
Date: Wed, 9 Aug 2017 18:55:37 +0200
Subject: build, lib, ipcpd, irmd: Add support for libgcrypt

This adds support for libgcrypt. If at least version 1.7.0 of
libgcrypt is present, it may be used for secure random number
generation and is used for hashing in the irmd/ipcp.

The hash definitions are moved to the internal hash.h header, and
defined independently of the hashes that are defined as part of the
directory policy for the normal IPCP. The translation is moved from
the IRMd to ipcpd/ipcp.h. The bootstrap call from the IRMd expects the
IPCP to return the correct hash algorithm with a dif_info struct,
which is in line with the behavior of the enroll call.

This also improves how some platform checks in the build system are
handled.
---
 src/irmd/ipcp.c | 20 +++++++++++++++++---
 src/irmd/ipcp.h |  3 ++-
 src/irmd/main.c | 29 ++++++++---------------------
 3 files changed, 27 insertions(+), 25 deletions(-)

(limited to 'src/irmd')

diff --git a/src/irmd/ipcp.c b/src/irmd/ipcp.c
index bf71bc3d..528e90a2 100644
--- a/src/irmd/ipcp.c
+++ b/src/irmd/ipcp.c
@@ -206,8 +206,9 @@ int ipcp_destroy(pid_t api)
         return 0;
 }
 
-int ipcp_bootstrap(pid_t              api,
-                   ipcp_config_msg_t * conf)
+int ipcp_bootstrap(pid_t               api,
+                   ipcp_config_msg_t * conf,
+                   struct dif_info   * info)
 {
         ipcp_msg_t   msg      = IPCP_MSG__INIT;
         ipcp_msg_t * recv_msg = NULL;
@@ -228,6 +229,20 @@ int ipcp_bootstrap(pid_t              api,
                 return -EIPCP;
         }
 
+        ret = recv_msg->result;
+        if (ret != 0) {
+                ipcp_msg__free_unpacked(recv_msg, NULL);
+                return ret;
+        }
+
+        if (recv_msg->dif_info == NULL) {
+                ipcp_msg__free_unpacked(recv_msg, NULL);
+                return -EIPCP;
+        }
+
+        info->dir_hash_algo = recv_msg->dif_info->dir_hash_algo;
+        strcpy(info->dif_name, recv_msg->dif_info->dif_name);
+
         ret = recv_msg->result;
         ipcp_msg__free_unpacked(recv_msg, NULL);
 
@@ -269,7 +284,6 @@ int ipcp_enroll(pid_t             api,
         }
 
         info->dir_hash_algo = recv_msg->dif_info->dir_hash_algo;
-
         strcpy(info->dif_name, recv_msg->dif_info->dif_name);
 
         ipcp_msg__free_unpacked(recv_msg, NULL);
diff --git a/src/irmd/ipcp.h b/src/irmd/ipcp.h
index fde0428c..15ebb0ae 100644
--- a/src/irmd/ipcp.h
+++ b/src/irmd/ipcp.h
@@ -39,7 +39,8 @@ int   ipcp_enroll(pid_t             api,
                   struct dif_info * info);
 
 int   ipcp_bootstrap(pid_t               api,
-                     ipcp_config_msg_t * conf);
+                     ipcp_config_msg_t * conf,
+                     struct dif_info *   info);
 
 int   ipcp_reg(pid_t           api,
                const uint8_t * hash,
diff --git a/src/irmd/main.c b/src/irmd/main.c
index 3f83ab2c..de4a07ab 100644
--- a/src/irmd/main.c
+++ b/src/irmd/main.c
@@ -59,10 +59,6 @@
 #define SHM_SAN_HOLDOFF 1000 /* ms */
 #define IPCP_HASH_LEN(e) hash_len(e->dir_hash_algo)
 
-#define SHIM_ETH_LLC_HASH_ALGO HASH_SHA3_256
-#define SHIM_UDP_HASH_ALGO     HASH_MD5
-#define LOCAL_HASH_ALGO        HASH_SHA3_256
-
 struct ipcp_entry {
         struct list_head next;
 
@@ -410,6 +406,7 @@ static int bootstrap_ipcp(pid_t               api,
                           ipcp_config_msg_t * conf)
 {
         struct ipcp_entry * entry = NULL;
+        struct dif_info     info;
 
         pthread_rwlock_wrlock(&irmd.reg_lock);
 
@@ -426,31 +423,21 @@ static int bootstrap_ipcp(pid_t               api,
                 return -1;
         }
 
-        if (entry->type == IPCP_LOCAL)
-                entry->dir_hash_algo = conf->dif_info->dir_hash_algo
-                        = LOCAL_HASH_ALGO;
-        else if (entry->type == IPCP_SHIM_ETH_LLC)
-                entry->dir_hash_algo = conf->dif_info->dir_hash_algo
-                        = SHIM_ETH_LLC_HASH_ALGO;
-        else if (entry->type == IPCP_SHIM_UDP)
-                entry->dir_hash_algo = conf->dif_info->dir_hash_algo
-                        = SHIM_UDP_HASH_ALGO;
-        else
-                entry->dir_hash_algo = conf->dif_info->dir_hash_algo;
-
-        if (ipcp_bootstrap(entry->api, conf)) {
+        if (ipcp_bootstrap(entry->api, conf, &info)) {
                 pthread_rwlock_unlock(&irmd.reg_lock);
                 log_err("Could not bootstrap IPCP.");
                 return -1;
         }
 
-        entry->dif_name = strdup(conf->dif_info->dif_name);
+        entry->dif_name = strdup(info.dif_name);
         if (entry->dif_name == NULL) {
                 pthread_rwlock_unlock(&irmd.reg_lock);
                 log_warn("Failed to set name of DIF.");
                 return -ENOMEM;
         }
 
+        entry->dir_hash_algo = info.dir_hash_algo;
+
         pthread_rwlock_unlock(&irmd.reg_lock);
 
         log_info("Bootstrapped IPCP %d in DIF %s.",
@@ -463,7 +450,7 @@ static int enroll_ipcp(pid_t  api,
                        char * dst_name)
 {
         struct ipcp_entry * entry = NULL;
-        struct dif_info info;
+        struct dif_info     info;
 
         pthread_rwlock_wrlock(&irmd.reg_lock);
 
@@ -813,8 +800,8 @@ static int name_reg(const char *  name,
 
                         if (ipcp_reg(e->api, hash, IPCP_HASH_LEN(e))) {
                                 log_err("Could not register " HASH_FMT
-                                        " in DIF %s.",
-                                        HASH_VAL(hash), e->dif_name);
+                                        " in DIF %s (IPCP %d).",
+                                        HASH_VAL(hash), e->dif_name, e->api);
                         } else {
                                 if (registry_add_name_to_dif(&irmd.registry,
                                                              name,
-- 
cgit v1.2.3