[Olsr-cvs] olsrd-current/lib/secure/src olsrd_secure.c, 1.20, 1.21 olsrd_secure.h, 1.6, 1.7 secure_messages.h, 1.1, 1.2

Bernd Petrovitsch (spam-protected)
Wed Jan 31 13:36:52 CET 2007


Update of /cvsroot/olsrd/olsrd-current/lib/secure/src
In directory sc8-pr-cvs3.sourceforge.net:/tmp/cvs-serv15855/lib/secure/src

Modified Files:
	olsrd_secure.c olsrd_secure.h secure_messages.h 
Log Message:
* applied patches from the most recent FreiFunkFirmware (and fixed compile errors) according
  to http://www.olsr.org/pipermail/olsr-dev/2006-December/254036.html:
  - olsrd-libsmake.patch
  - olsrd-dyngwplain.patch
  - olsrd-txtinfo.patch
  - olsrd-quagga.patch
  - olsrd-quagga-routehandler.patch
  - olsrd-optimize.patch
  - olsrd-bmf-fixes.patch
  - olsrd-fixes-sven-ola.patch
  - olsrd-fixes-jhay-bsd.patch
  - olsrd-fixes-backport.patch
  - olsrd-fixes-routedel.patch
  - olsrd-cpu-overload.patch
  - olsrd-secure_key_path.patch
  - olsrd-hna_ip_fix.patch
  Not applied:
  - olsrd-nameservice+services.patch: This patch produced too many rejects to fix easily.
  - olsrd-fixes-eric.patch: This was not found on the webserver.
  - olsrd-bmf.patch: We had already a "bmf" plug-in in there.
* made the checksum type in the olsrd_secure plug-in "olsr_u8_t" (instead
   of a wild "char *" and "unsigned char *" mix) everywhere. It killed
   lots of warnings.
* localized the checksum_cache array in olsrd_secure.c.


Index: secure_messages.h
===================================================================
RCS file: /cvsroot/olsrd/olsrd-current/lib/secure/src/secure_messages.h,v
retrieving revision 1.1
retrieving revision 1.2
diff -C2 -d -r1.1 -r1.2
*** secure_messages.h	29 May 2005 12:47:44 -0000	1.1
--- secure_messages.h	31 Jan 2007 12:36:50 -0000	1.2
***************
*** 129,133 ****
    olsr_u32_t    challenge;
  
!   char          signature[SIGSIZE];
  
  };
--- 129,133 ----
    olsr_u32_t    challenge;
  
!   olsr_u8_t     signature[SIGSIZE];
  
  };
***************
*** 149,156 ****
    time_t        timestamp;
  
!   char          res_sig[SIGSIZE];
! 
!   char          signature[SIGSIZE];
  
  };
  
--- 149,155 ----
    time_t        timestamp;
  
!   olsr_u8_t     res_sig[SIGSIZE];
  
+   olsr_u8_t     signature[SIGSIZE];
  };
  
***************
*** 169,175 ****
    time_t        timestamp;
  
!   char          res_sig[SIGSIZE];
  
!   char          signature[SIGSIZE];
  };
  
--- 168,174 ----
    time_t        timestamp;
  
!   olsr_u8_t     res_sig[SIGSIZE];
  
!   olsr_u8_t     signature[SIGSIZE];
  };
  

Index: olsrd_secure.h
===================================================================
RCS file: /cvsroot/olsrd/olsrd-current/lib/secure/src/olsrd_secure.h,v
retrieving revision 1.6
retrieving revision 1.7
diff -C2 -d -r1.6 -r1.7
*** olsrd_secure.h	19 Nov 2005 08:30:45 -0000	1.6
--- olsrd_secure.h	31 Jan 2007 12:36:49 -0000	1.7
***************
*** 47,51 ****
  
  
! #define KEYFILE "/root/.olsr/olsrd_secure_key"
  
  /* Schemes */
--- 47,51 ----
  
  
! #define KEYFILE "/etc/olsrd.d/olsrd_secure_key"
  
  /* Schemes */
***************
*** 92,97 ****
  struct stamp timestamps[HASHSIZE];
  
- char checksum_cache[512 + KEYLENGTH];
- 
  /* Input interface */
  struct interface *olsr_in_if;
--- 92,95 ----
***************
*** 137,141 ****
  
  int
! add_signature(char *, int*);
  
  int
--- 135,139 ----
  
  int
! add_signature(olsr_u8_t *, int*);
  
  int

Index: olsrd_secure.c
===================================================================
RCS file: /cvsroot/olsrd/olsrd-current/lib/secure/src/olsrd_secure.c,v
retrieving revision 1.20
retrieving revision 1.21
diff -C2 -d -r1.20 -r1.21
*** olsrd_secure.c	6 Nov 2006 23:46:47 -0000	1.20
--- olsrd_secure.c	31 Jan 2007 12:36:49 -0000	1.21
***************
*** 72,82 ****
  
  static void
! MD5_checksum(char *data, olsr_u16_t data_len, char *hashbuf)
  {
    MD5_CTX context;
  
    MD5Init(&context);
!   MD5Update(&context, (unsigned char *)data, data_len);
!   MD5Final((unsigned char *)hashbuf, &context);
  }
  
--- 72,82 ----
  
  static void
! MD5_checksum(const olsr_u8_t *data, const olsr_u16_t data_len, olsr_u8_t *hashbuf)
  {
    MD5_CTX context;
  
    MD5Init(&context);
!   MD5Update(&context, data, data_len);
!   MD5Final(hashbuf, &context);
  }
  
***************
*** 396,400 ****
   */
  int
! add_signature(char *pck, int *size)
  {
    struct s_olsrmsg *msg;
--- 396,400 ----
   */
  int
! add_signature(olsr_u8_t *pck, int *size)
  {
    struct s_olsrmsg *msg;
***************
*** 432,435 ****
--- 432,437 ----
    *size = *size + sizeof(struct s_olsrmsg);
    
+   {
+   olsr_u8_t checksum_cache[512 + KEYLENGTH];
    /* Create packet + key cache */
    /* First the OLSR packet + signature message - digest */
***************
*** 440,444 ****
    /* Create the hash */
    CHECKSUM(checksum_cache, (*size - SIGNATURE_SIZE) + KEYLENGTH, &pck[*size - SIGNATURE_SIZE]);
!  
  
  #ifdef DEBUG
--- 442,446 ----
    /* Create the hash */
    CHECKSUM(checksum_cache, (*size - SIGNATURE_SIZE) + KEYLENGTH, &pck[*size - SIGNATURE_SIZE]);
!   } 
  
  #ifdef DEBUG
***************
*** 471,475 ****
  {
    int packetsize;
!   char sha1_hash[SIGNATURE_SIZE];
    struct s_olsrmsg *sig;
    time_t rec_time;
--- 473,477 ----
  {
    int packetsize;
!   olsr_u8_t sha1_hash[SIGNATURE_SIZE];
    struct s_olsrmsg *sig;
    time_t rec_time;
***************
*** 541,545 ****
  
   one_checksum_SHA:
! 
    /* Create packet + key cache */
    /* First the OLSR packet + signature message - digest */
--- 543,549 ----
  
   one_checksum_SHA:
!  
!  {
!   olsr_u8_t checksum_cache[512 + KEYLENGTH];
    /* Create packet + key cache */
    /* First the OLSR packet + signature message - digest */
***************
*** 548,555 ****
    memcpy(&checksum_cache[*size - SIGNATURE_SIZE], aes_key, KEYLENGTH);
  
- 
    /* generate SHA-1 */
    CHECKSUM(checksum_cache, *size - SIGNATURE_SIZE + KEYLENGTH, sha1_hash);
! 
  
  #ifdef DEBUG
--- 552,558 ----
    memcpy(&checksum_cache[*size - SIGNATURE_SIZE], aes_key, KEYLENGTH);
  
    /* generate SHA-1 */
    CHECKSUM(checksum_cache, *size - SIGNATURE_SIZE + KEYLENGTH, sha1_hash);
!  }
  
  #ifdef DEBUG
***************
*** 684,687 ****
--- 687,692 ----
    olsr_printf(3, "[ENC]Size: %d\n", sizeof(struct challengemsg));
  
+   {
+   olsr_u8_t checksum_cache[512 + KEYLENGTH];
    /* Create packet + key cache */
    /* First the OLSR packet + signature message - digest */
***************
*** 694,698 ****
  	   (sizeof(struct challengemsg) - SIGNATURE_SIZE) + KEYLENGTH, 
  	   cmsg.signature);
! 
    olsr_printf(3, "[ENC]Sending timestamp request to %s challenge 0x%x\n", 
  	      olsr_ip_to_string(new_host),
--- 699,703 ----
  	   (sizeof(struct challengemsg) - SIGNATURE_SIZE) + KEYLENGTH, 
  	   cmsg.signature);
!   }
    olsr_printf(3, "[ENC]Sending timestamp request to %s challenge 0x%x\n", 
  	      olsr_ip_to_string(new_host),
***************
*** 734,738 ****
  {
    struct c_respmsg *msg;
!   char sha1_hash[SIGNATURE_SIZE];
    struct stamp *entry;
  
--- 739,743 ----
  {
    struct c_respmsg *msg;
!   olsr_u8_t sha1_hash[SIGNATURE_SIZE];
    struct stamp *entry;
  
***************
*** 752,755 ****
--- 757,762 ----
    /* Check signature */
  
+   {
+   olsr_u8_t checksum_cache[512 + KEYLENGTH];
    /* Create packet + key cache */
    /* First the OLSR packet + signature message - digest */
***************
*** 762,765 ****
--- 769,773 ----
  	   (sizeof(struct c_respmsg) - SIGNATURE_SIZE) + KEYLENGTH, 
  	   sha1_hash);
+   }
    
    if(memcmp(sha1_hash, &msg->signature, SIGNATURE_SIZE) != 0)
***************
*** 783,786 ****
--- 791,796 ----
    olsr_printf(3, "[ENC]Entry-challenge 0x%x\n", entry->challenge);
  
+   {
+   olsr_u8_t checksum_cache[512 + KEYLENGTH];
    /* First the challenge received */
    memcpy(checksum_cache, &entry->challenge, 4);
***************
*** 792,796 ****
  	   sizeof(olsr_u32_t) + olsr_cnf->ipsize, 
  	   sha1_hash);
! 
  
    if(memcmp(msg->res_sig, sha1_hash, SIGNATURE_SIZE) != 0)
--- 802,806 ----
  	   sizeof(olsr_u32_t) + olsr_cnf->ipsize, 
  	   sha1_hash);
!   }
  
    if(memcmp(msg->res_sig, sha1_hash, SIGNATURE_SIZE) != 0)
***************
*** 831,835 ****
  {
    struct r_respmsg *msg;
!   char sha1_hash[SIGNATURE_SIZE];
    struct stamp *entry;
  
--- 841,845 ----
  {
    struct r_respmsg *msg;
!   olsr_u8_t sha1_hash[SIGNATURE_SIZE];
    struct stamp *entry;
  
***************
*** 847,850 ****
--- 857,862 ----
    /* Check signature */
  
+   {
+   olsr_u8_t checksum_cache[512 + KEYLENGTH];
    /* Create packet + key cache */
    /* First the OLSR packet + signature message - digest */
***************
*** 857,860 ****
--- 869,873 ----
  	   (sizeof(struct r_respmsg) - SIGNATURE_SIZE) + KEYLENGTH, 
  	   sha1_hash);
+   }
    
    if(memcmp(sha1_hash, &msg->signature, SIGNATURE_SIZE) != 0)
***************
*** 878,881 ****
--- 891,896 ----
    olsr_printf(3, "[ENC]Entry-challenge 0x%x\n", entry->challenge);
  
+   {
+   olsr_u8_t checksum_cache[512 + KEYLENGTH];
    /* First the challenge received */
    memcpy(checksum_cache, &entry->challenge, 4);
***************
*** 887,891 ****
  	   sizeof(olsr_u32_t) + olsr_cnf->ipsize, 
  	   sha1_hash);
! 
  
    if(memcmp(msg->res_sig, sha1_hash, SIGNATURE_SIZE) != 0)
--- 902,906 ----
  	   sizeof(olsr_u32_t) + olsr_cnf->ipsize, 
  	   sha1_hash);
!   }
  
    if(memcmp(msg->res_sig, sha1_hash, SIGNATURE_SIZE) != 0)
***************
*** 921,925 ****
  {
    struct challengemsg *msg;
!   char sha1_hash[SIGNATURE_SIZE];
    struct stamp *entry;
    olsr_u32_t hash;
--- 936,940 ----
  {
    struct challengemsg *msg;
!   olsr_u8_t sha1_hash[SIGNATURE_SIZE];
    struct stamp *entry;
    olsr_u32_t hash;
***************
*** 969,972 ****
--- 984,989 ----
    /* Check signature */
  
+   {
+   olsr_u8_t checksum_cache[512 + KEYLENGTH];
    /* Create packet + key cache */
    /* First the OLSR packet + signature message - digest */
***************
*** 979,983 ****
  	   (sizeof(struct challengemsg) - SIGNATURE_SIZE) + KEYLENGTH, 
  	   sha1_hash);
!   
    if(memcmp(sha1_hash, &msg->signature, SIGNATURE_SIZE) != 0)
      {
--- 996,1000 ----
  	   (sizeof(struct challengemsg) - SIGNATURE_SIZE) + KEYLENGTH, 
  	   sha1_hash);
!   }  
    if(memcmp(sha1_hash, &msg->signature, SIGNATURE_SIZE) != 0)
      {
***************
*** 1048,1051 ****
--- 1065,1070 ----
    /* Create digest of received challenge + IP */
  
+   {
+   olsr_u8_t checksum_cache[512 + KEYLENGTH];
    /* Create packet + key cache */
    /* First the challenge received */
***************
*** 1058,1065 ****
  	   sizeof(olsr_u32_t) + olsr_cnf->ipsize, 
  	   crmsg.res_sig);
! 
  
    /* Now create the digest of the message and the key */
  
    /* Create packet + key cache */
    /* First the OLSR packet + signature message - digest */
--- 1077,1086 ----
  	   sizeof(olsr_u32_t) + olsr_cnf->ipsize, 
  	   crmsg.res_sig);
!   }
  
    /* Now create the digest of the message and the key */
  
+   {
+   olsr_u8_t checksum_cache[512 + KEYLENGTH];
    /* Create packet + key cache */
    /* First the OLSR packet + signature message - digest */
***************
*** 1072,1075 ****
--- 1093,1097 ----
  	   (sizeof(struct c_respmsg) - SIGNATURE_SIZE) + KEYLENGTH, 
  	   crmsg.signature);
+   }
  
    olsr_printf(3, "[ENC]Sending challenge response to %s challenge 0x%x\n", 
***************
*** 1121,1124 ****
--- 1143,1148 ----
    /* Create digest of received challenge + IP */
  
+   {
+   olsr_u8_t checksum_cache[512 + KEYLENGTH];
    /* Create packet + key cache */
    /* First the challenge received */
***************
*** 1131,1138 ****
  	   sizeof(olsr_u32_t) + olsr_cnf->ipsize, 
  	   rrmsg.res_sig);
! 
  
    /* Now create the digest of the message and the key */
  
    /* Create packet + key cache */
    /* First the OLSR packet + signature message - digest */
--- 1155,1164 ----
  	   sizeof(olsr_u32_t) + olsr_cnf->ipsize, 
  	   rrmsg.res_sig);
!   }
  
    /* Now create the digest of the message and the key */
  
+   {
+   olsr_u8_t checksum_cache[512 + KEYLENGTH];
    /* Create packet + key cache */
    /* First the OLSR packet + signature message - digest */
***************
*** 1145,1148 ****
--- 1171,1175 ----
  	   (sizeof(struct r_respmsg) - SIGNATURE_SIZE) + KEYLENGTH, 
  	   rrmsg.signature);
+   }
  
    olsr_printf(3, "[ENC]Sending response response to %s\n", 





More information about the Olsr-cvs mailing list