From 06ee3370998f965b469d1c2859e3e34159c71e20 Mon Sep 17 00:00:00 2001 From: Dimitri Staessens Date: Sat, 17 Feb 2024 10:19:46 +0100 Subject: irmd: Revise IRMd internals This is a full revision of the IRMd internal implementation. The registry is now a proper subcomponent managing its own internal lock (a single mutex). Some tests are added for the registry and its data structures. Some macros for tests are added in . Flow allocation is now more symmetric between the client side (alloc) and server size (accept). Each will create a flow in pending state (ALLOC_PENDING/ACCEPT_PENDING) that is potentially fulfilled by an IPCP using respond_alloc and respond_accept primitives. Deallocation is split in flow_dealloc (application side) and ipcp_flow_dealloc (IPCP side) to get the flow in DEALLOC_PENDING and DEALLOCATED state. Cleanup of failed flow allocation is now properly handled instead of relying on the sanitizer thread. The new sanitizer only needs to monitor crashed processes. On shutdown, the IRMd will now detect hanging processes and SIGKILL them and clean up their fuse mountpoints if needed. A lot of other things have been cleaned up and shuffled around a bit. Signed-off-by: Dimitri Staessens Signed-off-by: Sander Vrijders --- src/lib/crypt.c | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) (limited to 'src/lib/crypt.c') diff --git a/src/lib/crypt.c b/src/lib/crypt.c index f3b7076d..ad679501 100644 --- a/src/lib/crypt.c +++ b/src/lib/crypt.c @@ -182,15 +182,14 @@ static void openssl_ecdh_pkp_destroy(void * pkp) } static int openssl_ecdh_derive(void * pkp, - uint8_t * pk, - size_t len, + buffer_t pk, uint8_t * s) { uint8_t * pos; EVP_PKEY * pub; - pos = pk; /* d2i_PUBKEY increments the pointer, don't use key ptr! */ - pub = d2i_PUBKEY(NULL, (const uint8_t **) &pos, (long) len); + pos = pk.data; /* d2i_PUBKEY increments the pointer, don't use key ptr! */ + pub = d2i_PUBKEY(NULL, (const uint8_t **) &pos, (long) pk.len); if (pub == NULL) return -ECRYPT; @@ -390,16 +389,14 @@ void crypt_dh_pkp_destroy(void * pkp) } int crypt_dh_derive(void * pkp, - uint8_t * pk, - size_t len, + buffer_t pk, uint8_t * s) { #ifdef HAVE_OPENSSL - return openssl_ecdh_derive(pkp, pk, len, s); + return openssl_ecdh_derive(pkp, pk, s); #else (void) pkp; (void) pk; - (void) len; memset(s, 0, SYMMKEYSZ); -- cgit v1.2.3