diff options
Diffstat (limited to 'src/lib/pol')
-rw-r--r-- | src/lib/pol/cacep_anonymous_auth.c | 205 | ||||
-rw-r--r-- | src/lib/pol/cacep_anonymous_auth.h | 33 | ||||
-rw-r--r-- | src/lib/pol/cacep_anonymous_auth.proto | 30 | ||||
-rw-r--r-- | src/lib/pol/cacep_proto.c | 52 | ||||
-rw-r--r-- | src/lib/pol/cacep_proto.h | 36 | ||||
-rw-r--r-- | src/lib/pol/cacep_proto.proto | 38 | ||||
-rw-r--r-- | src/lib/pol/cacep_simple_auth.c | 183 | ||||
-rw-r--r-- | src/lib/pol/cacep_simple_auth.h | 33 | ||||
-rw-r--r-- | src/lib/pol/cacep_simple_auth.proto | 32 |
9 files changed, 642 insertions, 0 deletions
diff --git a/src/lib/pol/cacep_anonymous_auth.c b/src/lib/pol/cacep_anonymous_auth.c new file mode 100644 index 00000000..1fcc730a --- /dev/null +++ b/src/lib/pol/cacep_anonymous_auth.c @@ -0,0 +1,205 @@ +/* + * Ouroboros - Copyright (C) 2016 - 2017 + * + * Anonymous policy for CACEP + * + * Dimitri Staessens <[email protected]> + * Sander Vrijders <[email protected]> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public License + * version 2.1 as published by the Free Software Foundation. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + * 02110-1301 USA + */ + +#include <ouroboros/config.h> +#include <ouroboros/cacep.h> +#include <ouroboros/time_utils.h> +#include <ouroboros/dev.h> +#include <ouroboros/errno.h> + +#include "cacep_proto.h" +#include "cacep_anonymous_auth.h" + +#include <stdlib.h> +#include <math.h> +#include <string.h> +#include <stdio.h> + +#include "cacep_anonymous_auth.pb-c.h" +typedef CacepAnonymousAuthMsg cacep_anonymous_auth_msg_t; +typedef CacepProtoMsg cacep_proto_msg_t; + +#define BUF_SIZE 2048 +#define NAME_LEN 8 + +/* this policy generates a hex string */ +static struct cacep_info * anonymous_info(void) +{ + struct cacep_info * info; + struct timespec t; + + info = malloc(sizeof(*info)); + if (info == NULL) + return NULL; + + cacep_info_init(info); + + info->name = malloc(NAME_LEN + 1); + if (info->name == NULL) { + free(info); + return NULL; + } + + clock_gettime(CLOCK_REALTIME, &t); + srand(t.tv_nsec); + + sprintf(info->name, "%8x", + (uint32_t)((rand() % RAND_MAX) & 0xFFFFFFFF)); + + info->addr = 0; + + return info; +} + +static struct cacep_info * read_msg(int fd) +{ + struct cacep_info * tmp; + uint8_t buf[BUF_SIZE]; + cacep_anonymous_auth_msg_t * msg; + ssize_t len; + + len = flow_read(fd, buf, BUF_SIZE); + if (len < 0) + return NULL; + + msg = cacep_anonymous_auth_msg__unpack(NULL, len, buf); + if (msg == NULL) + return NULL; + + tmp = anonymous_info(); + if (tmp == NULL) { + cacep_anonymous_auth_msg__free_unpacked(msg, NULL); + return NULL; + } + + tmp->proto.protocol = strdup(msg->proto->protocol); + if (tmp->proto.protocol == NULL) { + free(tmp); + cacep_anonymous_auth_msg__free_unpacked(msg, NULL); + return NULL; + } + + tmp->proto.pref_version = msg->proto->pref_version; + tmp->proto.pref_syntax = code_to_syntax(msg->proto->pref_syntax); + if (tmp->proto.pref_syntax < 0) { + free(tmp->proto.protocol); + free(tmp); + cacep_anonymous_auth_msg__free_unpacked(msg, NULL); + return NULL; + } + + cacep_anonymous_auth_msg__free_unpacked(msg, NULL); + + return tmp; +} + +static int send_msg(int fd, + const struct cacep_info * info) +{ + cacep_anonymous_auth_msg_t msg = CACEP_ANONYMOUS_AUTH_MSG__INIT; + cacep_proto_msg_t cmsg = CACEP_PROTO_MSG__INIT; + int ret = 0; + uint8_t * data = NULL; + size_t len = 0; + + cmsg.protocol = info->proto.protocol; + cmsg.pref_version = info->proto.pref_version; + cmsg.pref_syntax = syntax_to_code(info->proto.pref_syntax); + if (cmsg.pref_syntax < 0) + return -1; + + msg.proto = &cmsg; + + len = cacep_anonymous_auth_msg__get_packed_size(&msg); + if (len == 0) + return -1; + + data = malloc(len); + if (data == NULL) + return -ENOMEM; + + cacep_anonymous_auth_msg__pack(&msg, data); + + if (flow_write(fd, data, len) < 0) + ret = -1; + + free(data); + + return ret; +} + +struct cacep_info * cacep_anonymous_auth(int fd, + const struct cacep_info * info) +{ + struct cacep_info * tmp; + + assert(info); + + if (send_msg(fd, info)) + return NULL; + + tmp = read_msg(fd); + if (tmp == NULL) + return NULL; + + if (strcmp(info->proto.protocol, tmp->proto.protocol) || + info->proto.pref_version != tmp->proto.pref_version || + info->proto.pref_syntax != tmp->proto.pref_syntax) { + cacep_info_fini(tmp); + free(tmp); + return NULL; + } + + tmp->data = NULL; + + return tmp; +} + + +struct cacep_info * cacep_anonymous_auth_wait(int fd, + const struct cacep_info * info) +{ + struct cacep_info * tmp; + + assert(info); + + tmp = read_msg(fd); + if (tmp == NULL) + return NULL; + + if (send_msg(fd, info)) { + cacep_info_fini(tmp); + free(tmp); + return NULL; + } + + if (strcmp(info->proto.protocol, tmp->proto.protocol) || + info->proto.pref_version != tmp->proto.pref_version || + info->proto.pref_syntax != tmp->proto.pref_syntax) { + cacep_info_fini(tmp); + free(tmp); + return NULL; + } + + return tmp; +} diff --git a/src/lib/pol/cacep_anonymous_auth.h b/src/lib/pol/cacep_anonymous_auth.h new file mode 100644 index 00000000..d0229b05 --- /dev/null +++ b/src/lib/pol/cacep_anonymous_auth.h @@ -0,0 +1,33 @@ +/* + * Ouroboros - Copyright (C) 2016 - 2017 + * + * Anonymous policy for CACEP + * + * Dimitri Staessens <[email protected]> + * Sander Vrijders <[email protected]> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public License + * version 2.1 as published by the Free Software Foundation. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + * 02110-1301 USA + */ + +#ifndef OUROBOROS_LIB_CACEP_ANONYMOUS_AUTH_H +#define OUROBOROS_LIB_CACEP_ANONYMOUS_AUTH_H + +struct cacep_info * cacep_anonymous_auth(int fd, + const struct cacep_info * info); + +struct cacep_info * cacep_anonymous_auth_wait(int fd, + const struct cacep_info * info); + +#endif /* OUROBOROS_LIB_CACEP_ANONYMOUS_AUTH_H */ diff --git a/src/lib/pol/cacep_anonymous_auth.proto b/src/lib/pol/cacep_anonymous_auth.proto new file mode 100644 index 00000000..79734e28 --- /dev/null +++ b/src/lib/pol/cacep_anonymous_auth.proto @@ -0,0 +1,30 @@ +/* + * Ouroboros - Copyright (C) 2016 - 2017 + * + * Message for no authentication CACEP policy + * + * Dimitri Staessens <[email protected]> + * Sander Vrijders <[email protected]> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public License + * version 2.1 as published by the Free Software Foundation. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + * 02110-1301 USA + */ + +syntax = "proto2"; + +import "cacep_proto.proto"; + +message cacep_anonymous_auth_msg { + required cacep_proto_msg proto = 1; +}
\ No newline at end of file diff --git a/src/lib/pol/cacep_proto.c b/src/lib/pol/cacep_proto.c new file mode 100644 index 00000000..9990a05a --- /dev/null +++ b/src/lib/pol/cacep_proto.c @@ -0,0 +1,52 @@ +/* + * Ouroboros - Copyright (C) 2016 - 2017 + * + * CACEP - Read/Write Protocol info + * + * Sander Vrijders <[email protected]> + * Dimitri Staessens <[email protected]> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public License + * version 2.1 as published by the Free Software Foundation. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + * 02110-1301 USA + */ + +#include "cacep_proto.h" + +enum proto_concrete_syntax code_to_syntax(int code) +{ + switch(code) { + case PROTO_CONCRETE_SYNTAX_CODE__GPB: + return PROTO_GPB; + case PROTO_CONCRETE_SYNTAX_CODE__ASN_1: + return PROTO_ASN_1; + case PROTO_CONCRETE_SYNTAX_CODE__FIXED: + return PROTO_FIXED; + default: + return -1; + } +} + +int syntax_to_code(enum proto_concrete_syntax stx) +{ + switch(stx) { + case PROTO_GPB: + return PROTO_CONCRETE_SYNTAX_CODE__GPB; + case PROTO_ASN_1: + return PROTO_CONCRETE_SYNTAX_CODE__ASN_1; + case PROTO_FIXED: + return PROTO_CONCRETE_SYNTAX_CODE__FIXED; + default: + return -1; + } +} diff --git a/src/lib/pol/cacep_proto.h b/src/lib/pol/cacep_proto.h new file mode 100644 index 00000000..bfb1b247 --- /dev/null +++ b/src/lib/pol/cacep_proto.h @@ -0,0 +1,36 @@ +/* + * Ouroboros - Copyright (C) 2016 - 2017 + * + * CACEP - Convert syntax to msg code and back + * + * Sander Vrijders <[email protected]> + * Dimitri Staessens <[email protected]> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public License + * version 2.1 as published by the Free Software Foundation. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + * 02110-1301 USA + */ + +#ifndef OUROBOROS_LIB_CACEP_CDAP_H +#define OUROBOROS_LIB_CACEP_CDAP_H + +#include <ouroboros/cacep.h> +#include <ouroboros/irm_config.h> + +#include "cacep_proto.pb-c.h" + +enum proto_concrete_syntax code_to_syntax(int code); + +int syntax_to_code(enum proto_concrete_syntax stx); + +#endif /* OUROBOROS_LIB_CACEP_CDAP_H */ diff --git a/src/lib/pol/cacep_proto.proto b/src/lib/pol/cacep_proto.proto new file mode 100644 index 00000000..f313bfc1 --- /dev/null +++ b/src/lib/pol/cacep_proto.proto @@ -0,0 +1,38 @@ +/* + * Ouroboros - Copyright (C) 2016 - 2017 + * + * Message for setting Protocol information in CACEP + * + * Dimitri Staessens <[email protected]> + * Sander Vrijders <[email protected]> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public License + * version 2.1 as published by the Free Software Foundation. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + * 02110-1301 USA + */ + +syntax = "proto2"; + +enum proto_concrete_syntax_code { + GPB = 1; + ASN_1 = 2; + FIXED = 3; +} + +message cacep_proto_msg { + required string protocol = 1; + required int32 pref_version = 2; + repeated int32 supp_version = 3; + required proto_concrete_syntax_code pref_syntax = 4; + repeated proto_concrete_syntax_code supp_syntax = 5; +} diff --git a/src/lib/pol/cacep_simple_auth.c b/src/lib/pol/cacep_simple_auth.c new file mode 100644 index 00000000..65c510a2 --- /dev/null +++ b/src/lib/pol/cacep_simple_auth.c @@ -0,0 +1,183 @@ +/* + * Ouroboros - Copyright (C) 2016 - 2017 + * + * Simple authentication policy for CACEP + * + * Dimitri Staessens <[email protected]> + * Sander Vrijders <[email protected]> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public License + * version 2.1 as published by the Free Software Foundation. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + * 02110-1301 USA + */ + +#include <ouroboros/config.h> +#include <ouroboros/cacep.h> +#include <ouroboros/dev.h> +#include <ouroboros/errno.h> + +#include "cacep_proto.h" +#include "cacep_simple_auth.h" + +#include <stdlib.h> +#include <string.h> + +#include "cacep_simple_auth.pb-c.h" +typedef CacepSimpleAuthMsg cacep_simple_auth_msg_t; +typedef CacepProtoMsg cacep_proto_msg_t; + +#define BUF_SIZE 2048 + +static struct cacep_info * read_msg(int fd) +{ + struct cacep_info * tmp; + uint8_t buf[BUF_SIZE]; + cacep_simple_auth_msg_t * msg; + ssize_t len; + + len = flow_read(fd, buf, BUF_SIZE); + if (len < 0) + return NULL; + + msg = cacep_simple_auth_msg__unpack(NULL, len, buf); + if (msg == NULL) + return NULL; + + tmp = malloc(sizeof(*tmp)); + if (tmp == NULL) { + cacep_simple_auth_msg__free_unpacked(msg, NULL); + return NULL; + } + + cacep_info_init(tmp); + + tmp->addr = msg->addr; + tmp->name = strdup(msg->name); + if (tmp->name == NULL) { + free(tmp); + cacep_simple_auth_msg__free_unpacked(msg, NULL); + return NULL; + } + + tmp->proto.protocol = strdup(msg->proto->protocol); + if (tmp->proto.protocol == NULL) { + free(tmp->name); + free(tmp); + cacep_simple_auth_msg__free_unpacked(msg, NULL); + return NULL; + } + + tmp->proto.pref_version = msg->proto->pref_version; + tmp->proto.pref_syntax = code_to_syntax(msg->proto->pref_syntax); + if (tmp->proto.pref_syntax < 0) { + cacep_info_fini(tmp); + free(tmp); + cacep_simple_auth_msg__free_unpacked(msg, NULL); + return NULL; + } + + cacep_simple_auth_msg__free_unpacked(msg, NULL); + + return tmp; +} + +static int send_msg(int fd, + const struct cacep_info * info) +{ + cacep_simple_auth_msg_t msg = CACEP_SIMPLE_AUTH_MSG__INIT; + cacep_proto_msg_t cmsg = CACEP_PROTO_MSG__INIT; + int ret = 0; + uint8_t * data = NULL; + size_t len = 0; + + cmsg.protocol = info->proto.protocol; + cmsg.pref_version = info->proto.pref_version; + cmsg.pref_syntax = syntax_to_code(info->proto.pref_syntax); + if (cmsg.pref_syntax < 0) + return -1; + + msg.proto = &cmsg; + msg.name = info->name; + msg.addr = info->addr; + + len = cacep_simple_auth_msg__get_packed_size(&msg); + if (len == 0) + return -1; + + data = malloc(len); + if (data == NULL) + return -ENOMEM; + + cacep_simple_auth_msg__pack(&msg, data); + + if (flow_write(fd, data, len) < 0) + ret = -1; + + free(data); + + return ret; +} + +struct cacep_info * cacep_simple_auth_auth(int fd, + const struct cacep_info * info) +{ + struct cacep_info * tmp; + + assert(info); + + if (send_msg(fd, info)) + return NULL; + + tmp = read_msg(fd); + if (tmp == NULL) + return NULL; + + if (strcmp(info->proto.protocol, tmp->proto.protocol) || + info->proto.pref_version != tmp->proto.pref_version || + info->proto.pref_syntax != tmp->proto.pref_syntax) { + cacep_info_fini(tmp); + free(tmp); + return NULL; + } + + return tmp; +} + + +struct cacep_info * cacep_simple_auth_auth_wait(int fd, + const struct cacep_info * info) +{ + struct cacep_info * tmp; + + assert(info); + + tmp = read_msg(fd); + if (tmp == NULL) + return NULL; + + if (send_msg(fd, info)) { + cacep_info_fini(tmp); + free(tmp); + return NULL; + } + + if (strcmp(info->proto.protocol, tmp->proto.protocol) || + info->proto.pref_version != tmp->proto.pref_version || + info->proto.pref_syntax != tmp->proto.pref_syntax) { + cacep_info_fini(tmp); + free(tmp); + return NULL; + } + + return tmp; +} diff --git a/src/lib/pol/cacep_simple_auth.h b/src/lib/pol/cacep_simple_auth.h new file mode 100644 index 00000000..bbdbe9b9 --- /dev/null +++ b/src/lib/pol/cacep_simple_auth.h @@ -0,0 +1,33 @@ +/* + * Ouroboros - Copyright (C) 2016 - 2017 + * + * Simple authentication policy for CACEP + * + * Dimitri Staessens <[email protected]> + * Sander Vrijders <[email protected]> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public License + * version 2.1 as published by the Free Software Foundation. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + * 02110-1301 USA + */ + +#ifndef OUROBOROS_LIB_CACEP_SIMPLE_AUTH_H +#define OUROBOROS_LIB_CACEP_SIMPLE_AUTH_H + +struct cacep_info * cacep_simple_auth_auth(int fd, + const struct cacep_info * info); + +struct cacep_info * cacep_simple_auth_auth_wait(int fd, + const struct cacep_info * info); + +#endif /* OUROBOROS_LIB_CACEP_SIMPLE_AUTH_H */ diff --git a/src/lib/pol/cacep_simple_auth.proto b/src/lib/pol/cacep_simple_auth.proto new file mode 100644 index 00000000..1a1e7ea8 --- /dev/null +++ b/src/lib/pol/cacep_simple_auth.proto @@ -0,0 +1,32 @@ +/* + * Ouroboros - Copyright (C) 2016 - 2017 + * + * Message for no authentication CACEP policy + * + * Dimitri Staessens <[email protected]> + * Sander Vrijders <[email protected]> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public License + * version 2.1 as published by the Free Software Foundation. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + * 02110-1301 USA + */ + +syntax = "proto2"; + +import "cacep_proto.proto"; + +message cacep_simple_auth_msg { + required cacep_proto_msg proto = 1; + required string name = 2; + required uint64 addr = 3; +} |