diff options
author | dimitri staessens <[email protected]> | 2017-08-09 18:55:37 +0200 |
---|---|---|
committer | dimitri staessens <[email protected]> | 2017-08-09 20:48:27 +0200 |
commit | 24aa46946349529bf36d3569796a28917d3e756f (patch) | |
tree | 58ef8a40142323771eecbd8ce6c2eaea409bc138 /src/irmd | |
parent | c1d7ff1e1bd44e1a38af8a1b498c68f3378fa342 (diff) | |
download | ouroboros-24aa46946349529bf36d3569796a28917d3e756f.tar.gz ouroboros-24aa46946349529bf36d3569796a28917d3e756f.zip |
build, lib, ipcpd, irmd: Add support for libgcrypt
This adds support for libgcrypt. If at least version 1.7.0 of
libgcrypt is present, it may be used for secure random number
generation and is used for hashing in the irmd/ipcp.
The hash definitions are moved to the internal hash.h header, and
defined independently of the hashes that are defined as part of the
directory policy for the normal IPCP. The translation is moved from
the IRMd to ipcpd/ipcp.h. The bootstrap call from the IRMd expects the
IPCP to return the correct hash algorithm with a dif_info struct,
which is in line with the behavior of the enroll call.
This also improves how some platform checks in the build system are
handled.
Diffstat (limited to 'src/irmd')
-rw-r--r-- | src/irmd/ipcp.c | 20 | ||||
-rw-r--r-- | src/irmd/ipcp.h | 3 | ||||
-rw-r--r-- | src/irmd/main.c | 29 |
3 files changed, 27 insertions, 25 deletions
diff --git a/src/irmd/ipcp.c b/src/irmd/ipcp.c index bf71bc3d..528e90a2 100644 --- a/src/irmd/ipcp.c +++ b/src/irmd/ipcp.c @@ -206,8 +206,9 @@ int ipcp_destroy(pid_t api) return 0; } -int ipcp_bootstrap(pid_t api, - ipcp_config_msg_t * conf) +int ipcp_bootstrap(pid_t api, + ipcp_config_msg_t * conf, + struct dif_info * info) { ipcp_msg_t msg = IPCP_MSG__INIT; ipcp_msg_t * recv_msg = NULL; @@ -229,6 +230,20 @@ int ipcp_bootstrap(pid_t api, } ret = recv_msg->result; + if (ret != 0) { + ipcp_msg__free_unpacked(recv_msg, NULL); + return ret; + } + + if (recv_msg->dif_info == NULL) { + ipcp_msg__free_unpacked(recv_msg, NULL); + return -EIPCP; + } + + info->dir_hash_algo = recv_msg->dif_info->dir_hash_algo; + strcpy(info->dif_name, recv_msg->dif_info->dif_name); + + ret = recv_msg->result; ipcp_msg__free_unpacked(recv_msg, NULL); return ret; @@ -269,7 +284,6 @@ int ipcp_enroll(pid_t api, } info->dir_hash_algo = recv_msg->dif_info->dir_hash_algo; - strcpy(info->dif_name, recv_msg->dif_info->dif_name); ipcp_msg__free_unpacked(recv_msg, NULL); diff --git a/src/irmd/ipcp.h b/src/irmd/ipcp.h index fde0428c..15ebb0ae 100644 --- a/src/irmd/ipcp.h +++ b/src/irmd/ipcp.h @@ -39,7 +39,8 @@ int ipcp_enroll(pid_t api, struct dif_info * info); int ipcp_bootstrap(pid_t api, - ipcp_config_msg_t * conf); + ipcp_config_msg_t * conf, + struct dif_info * info); int ipcp_reg(pid_t api, const uint8_t * hash, diff --git a/src/irmd/main.c b/src/irmd/main.c index 3f83ab2c..de4a07ab 100644 --- a/src/irmd/main.c +++ b/src/irmd/main.c @@ -59,10 +59,6 @@ #define SHM_SAN_HOLDOFF 1000 /* ms */ #define IPCP_HASH_LEN(e) hash_len(e->dir_hash_algo) -#define SHIM_ETH_LLC_HASH_ALGO HASH_SHA3_256 -#define SHIM_UDP_HASH_ALGO HASH_MD5 -#define LOCAL_HASH_ALGO HASH_SHA3_256 - struct ipcp_entry { struct list_head next; @@ -410,6 +406,7 @@ static int bootstrap_ipcp(pid_t api, ipcp_config_msg_t * conf) { struct ipcp_entry * entry = NULL; + struct dif_info info; pthread_rwlock_wrlock(&irmd.reg_lock); @@ -426,31 +423,21 @@ static int bootstrap_ipcp(pid_t api, return -1; } - if (entry->type == IPCP_LOCAL) - entry->dir_hash_algo = conf->dif_info->dir_hash_algo - = LOCAL_HASH_ALGO; - else if (entry->type == IPCP_SHIM_ETH_LLC) - entry->dir_hash_algo = conf->dif_info->dir_hash_algo - = SHIM_ETH_LLC_HASH_ALGO; - else if (entry->type == IPCP_SHIM_UDP) - entry->dir_hash_algo = conf->dif_info->dir_hash_algo - = SHIM_UDP_HASH_ALGO; - else - entry->dir_hash_algo = conf->dif_info->dir_hash_algo; - - if (ipcp_bootstrap(entry->api, conf)) { + if (ipcp_bootstrap(entry->api, conf, &info)) { pthread_rwlock_unlock(&irmd.reg_lock); log_err("Could not bootstrap IPCP."); return -1; } - entry->dif_name = strdup(conf->dif_info->dif_name); + entry->dif_name = strdup(info.dif_name); if (entry->dif_name == NULL) { pthread_rwlock_unlock(&irmd.reg_lock); log_warn("Failed to set name of DIF."); return -ENOMEM; } + entry->dir_hash_algo = info.dir_hash_algo; + pthread_rwlock_unlock(&irmd.reg_lock); log_info("Bootstrapped IPCP %d in DIF %s.", @@ -463,7 +450,7 @@ static int enroll_ipcp(pid_t api, char * dst_name) { struct ipcp_entry * entry = NULL; - struct dif_info info; + struct dif_info info; pthread_rwlock_wrlock(&irmd.reg_lock); @@ -813,8 +800,8 @@ static int name_reg(const char * name, if (ipcp_reg(e->api, hash, IPCP_HASH_LEN(e))) { log_err("Could not register " HASH_FMT - " in DIF %s.", - HASH_VAL(hash), e->dif_name); + " in DIF %s (IPCP %d).", + HASH_VAL(hash), e->dif_name, e->api); } else { if (registry_add_name_to_dif(&irmd.registry, name, |