[Olsr-cvs] olsrd-current/lib/secure/src olsrd_secure.c, 1.20, 1.21 olsrd_secure.h, 1.6, 1.7 secure_messages.h, 1.1, 1.2
Bernd Petrovitsch
(spam-protected)
Wed Jan 31 13:36:52 CET 2007
Update of /cvsroot/olsrd/olsrd-current/lib/secure/src
In directory sc8-pr-cvs3.sourceforge.net:/tmp/cvs-serv15855/lib/secure/src
Modified Files:
olsrd_secure.c olsrd_secure.h secure_messages.h
Log Message:
* applied patches from the most recent FreiFunkFirmware (and fixed compile errors) according
to http://www.olsr.org/pipermail/olsr-dev/2006-December/254036.html:
- olsrd-libsmake.patch
- olsrd-dyngwplain.patch
- olsrd-txtinfo.patch
- olsrd-quagga.patch
- olsrd-quagga-routehandler.patch
- olsrd-optimize.patch
- olsrd-bmf-fixes.patch
- olsrd-fixes-sven-ola.patch
- olsrd-fixes-jhay-bsd.patch
- olsrd-fixes-backport.patch
- olsrd-fixes-routedel.patch
- olsrd-cpu-overload.patch
- olsrd-secure_key_path.patch
- olsrd-hna_ip_fix.patch
Not applied:
- olsrd-nameservice+services.patch: This patch produced too many rejects to fix easily.
- olsrd-fixes-eric.patch: This was not found on the webserver.
- olsrd-bmf.patch: We had already a "bmf" plug-in in there.
* made the checksum type in the olsrd_secure plug-in "olsr_u8_t" (instead
of a wild "char *" and "unsigned char *" mix) everywhere. It killed
lots of warnings.
* localized the checksum_cache array in olsrd_secure.c.
Index: secure_messages.h
===================================================================
RCS file: /cvsroot/olsrd/olsrd-current/lib/secure/src/secure_messages.h,v
retrieving revision 1.1
retrieving revision 1.2
diff -C2 -d -r1.1 -r1.2
*** secure_messages.h 29 May 2005 12:47:44 -0000 1.1
--- secure_messages.h 31 Jan 2007 12:36:50 -0000 1.2
***************
*** 129,133 ****
olsr_u32_t challenge;
! char signature[SIGSIZE];
};
--- 129,133 ----
olsr_u32_t challenge;
! olsr_u8_t signature[SIGSIZE];
};
***************
*** 149,156 ****
time_t timestamp;
! char res_sig[SIGSIZE];
!
! char signature[SIGSIZE];
};
--- 149,155 ----
time_t timestamp;
! olsr_u8_t res_sig[SIGSIZE];
+ olsr_u8_t signature[SIGSIZE];
};
***************
*** 169,175 ****
time_t timestamp;
! char res_sig[SIGSIZE];
! char signature[SIGSIZE];
};
--- 168,174 ----
time_t timestamp;
! olsr_u8_t res_sig[SIGSIZE];
! olsr_u8_t signature[SIGSIZE];
};
Index: olsrd_secure.h
===================================================================
RCS file: /cvsroot/olsrd/olsrd-current/lib/secure/src/olsrd_secure.h,v
retrieving revision 1.6
retrieving revision 1.7
diff -C2 -d -r1.6 -r1.7
*** olsrd_secure.h 19 Nov 2005 08:30:45 -0000 1.6
--- olsrd_secure.h 31 Jan 2007 12:36:49 -0000 1.7
***************
*** 47,51 ****
! #define KEYFILE "/root/.olsr/olsrd_secure_key"
/* Schemes */
--- 47,51 ----
! #define KEYFILE "/etc/olsrd.d/olsrd_secure_key"
/* Schemes */
***************
*** 92,97 ****
struct stamp timestamps[HASHSIZE];
- char checksum_cache[512 + KEYLENGTH];
-
/* Input interface */
struct interface *olsr_in_if;
--- 92,95 ----
***************
*** 137,141 ****
int
! add_signature(char *, int*);
int
--- 135,139 ----
int
! add_signature(olsr_u8_t *, int*);
int
Index: olsrd_secure.c
===================================================================
RCS file: /cvsroot/olsrd/olsrd-current/lib/secure/src/olsrd_secure.c,v
retrieving revision 1.20
retrieving revision 1.21
diff -C2 -d -r1.20 -r1.21
*** olsrd_secure.c 6 Nov 2006 23:46:47 -0000 1.20
--- olsrd_secure.c 31 Jan 2007 12:36:49 -0000 1.21
***************
*** 72,82 ****
static void
! MD5_checksum(char *data, olsr_u16_t data_len, char *hashbuf)
{
MD5_CTX context;
MD5Init(&context);
! MD5Update(&context, (unsigned char *)data, data_len);
! MD5Final((unsigned char *)hashbuf, &context);
}
--- 72,82 ----
static void
! MD5_checksum(const olsr_u8_t *data, const olsr_u16_t data_len, olsr_u8_t *hashbuf)
{
MD5_CTX context;
MD5Init(&context);
! MD5Update(&context, data, data_len);
! MD5Final(hashbuf, &context);
}
***************
*** 396,400 ****
*/
int
! add_signature(char *pck, int *size)
{
struct s_olsrmsg *msg;
--- 396,400 ----
*/
int
! add_signature(olsr_u8_t *pck, int *size)
{
struct s_olsrmsg *msg;
***************
*** 432,435 ****
--- 432,437 ----
*size = *size + sizeof(struct s_olsrmsg);
+ {
+ olsr_u8_t checksum_cache[512 + KEYLENGTH];
/* Create packet + key cache */
/* First the OLSR packet + signature message - digest */
***************
*** 440,444 ****
/* Create the hash */
CHECKSUM(checksum_cache, (*size - SIGNATURE_SIZE) + KEYLENGTH, &pck[*size - SIGNATURE_SIZE]);
!
#ifdef DEBUG
--- 442,446 ----
/* Create the hash */
CHECKSUM(checksum_cache, (*size - SIGNATURE_SIZE) + KEYLENGTH, &pck[*size - SIGNATURE_SIZE]);
! }
#ifdef DEBUG
***************
*** 471,475 ****
{
int packetsize;
! char sha1_hash[SIGNATURE_SIZE];
struct s_olsrmsg *sig;
time_t rec_time;
--- 473,477 ----
{
int packetsize;
! olsr_u8_t sha1_hash[SIGNATURE_SIZE];
struct s_olsrmsg *sig;
time_t rec_time;
***************
*** 541,545 ****
one_checksum_SHA:
!
/* Create packet + key cache */
/* First the OLSR packet + signature message - digest */
--- 543,549 ----
one_checksum_SHA:
!
! {
! olsr_u8_t checksum_cache[512 + KEYLENGTH];
/* Create packet + key cache */
/* First the OLSR packet + signature message - digest */
***************
*** 548,555 ****
memcpy(&checksum_cache[*size - SIGNATURE_SIZE], aes_key, KEYLENGTH);
-
/* generate SHA-1 */
CHECKSUM(checksum_cache, *size - SIGNATURE_SIZE + KEYLENGTH, sha1_hash);
!
#ifdef DEBUG
--- 552,558 ----
memcpy(&checksum_cache[*size - SIGNATURE_SIZE], aes_key, KEYLENGTH);
/* generate SHA-1 */
CHECKSUM(checksum_cache, *size - SIGNATURE_SIZE + KEYLENGTH, sha1_hash);
! }
#ifdef DEBUG
***************
*** 684,687 ****
--- 687,692 ----
olsr_printf(3, "[ENC]Size: %d\n", sizeof(struct challengemsg));
+ {
+ olsr_u8_t checksum_cache[512 + KEYLENGTH];
/* Create packet + key cache */
/* First the OLSR packet + signature message - digest */
***************
*** 694,698 ****
(sizeof(struct challengemsg) - SIGNATURE_SIZE) + KEYLENGTH,
cmsg.signature);
!
olsr_printf(3, "[ENC]Sending timestamp request to %s challenge 0x%x\n",
olsr_ip_to_string(new_host),
--- 699,703 ----
(sizeof(struct challengemsg) - SIGNATURE_SIZE) + KEYLENGTH,
cmsg.signature);
! }
olsr_printf(3, "[ENC]Sending timestamp request to %s challenge 0x%x\n",
olsr_ip_to_string(new_host),
***************
*** 734,738 ****
{
struct c_respmsg *msg;
! char sha1_hash[SIGNATURE_SIZE];
struct stamp *entry;
--- 739,743 ----
{
struct c_respmsg *msg;
! olsr_u8_t sha1_hash[SIGNATURE_SIZE];
struct stamp *entry;
***************
*** 752,755 ****
--- 757,762 ----
/* Check signature */
+ {
+ olsr_u8_t checksum_cache[512 + KEYLENGTH];
/* Create packet + key cache */
/* First the OLSR packet + signature message - digest */
***************
*** 762,765 ****
--- 769,773 ----
(sizeof(struct c_respmsg) - SIGNATURE_SIZE) + KEYLENGTH,
sha1_hash);
+ }
if(memcmp(sha1_hash, &msg->signature, SIGNATURE_SIZE) != 0)
***************
*** 783,786 ****
--- 791,796 ----
olsr_printf(3, "[ENC]Entry-challenge 0x%x\n", entry->challenge);
+ {
+ olsr_u8_t checksum_cache[512 + KEYLENGTH];
/* First the challenge received */
memcpy(checksum_cache, &entry->challenge, 4);
***************
*** 792,796 ****
sizeof(olsr_u32_t) + olsr_cnf->ipsize,
sha1_hash);
!
if(memcmp(msg->res_sig, sha1_hash, SIGNATURE_SIZE) != 0)
--- 802,806 ----
sizeof(olsr_u32_t) + olsr_cnf->ipsize,
sha1_hash);
! }
if(memcmp(msg->res_sig, sha1_hash, SIGNATURE_SIZE) != 0)
***************
*** 831,835 ****
{
struct r_respmsg *msg;
! char sha1_hash[SIGNATURE_SIZE];
struct stamp *entry;
--- 841,845 ----
{
struct r_respmsg *msg;
! olsr_u8_t sha1_hash[SIGNATURE_SIZE];
struct stamp *entry;
***************
*** 847,850 ****
--- 857,862 ----
/* Check signature */
+ {
+ olsr_u8_t checksum_cache[512 + KEYLENGTH];
/* Create packet + key cache */
/* First the OLSR packet + signature message - digest */
***************
*** 857,860 ****
--- 869,873 ----
(sizeof(struct r_respmsg) - SIGNATURE_SIZE) + KEYLENGTH,
sha1_hash);
+ }
if(memcmp(sha1_hash, &msg->signature, SIGNATURE_SIZE) != 0)
***************
*** 878,881 ****
--- 891,896 ----
olsr_printf(3, "[ENC]Entry-challenge 0x%x\n", entry->challenge);
+ {
+ olsr_u8_t checksum_cache[512 + KEYLENGTH];
/* First the challenge received */
memcpy(checksum_cache, &entry->challenge, 4);
***************
*** 887,891 ****
sizeof(olsr_u32_t) + olsr_cnf->ipsize,
sha1_hash);
!
if(memcmp(msg->res_sig, sha1_hash, SIGNATURE_SIZE) != 0)
--- 902,906 ----
sizeof(olsr_u32_t) + olsr_cnf->ipsize,
sha1_hash);
! }
if(memcmp(msg->res_sig, sha1_hash, SIGNATURE_SIZE) != 0)
***************
*** 921,925 ****
{
struct challengemsg *msg;
! char sha1_hash[SIGNATURE_SIZE];
struct stamp *entry;
olsr_u32_t hash;
--- 936,940 ----
{
struct challengemsg *msg;
! olsr_u8_t sha1_hash[SIGNATURE_SIZE];
struct stamp *entry;
olsr_u32_t hash;
***************
*** 969,972 ****
--- 984,989 ----
/* Check signature */
+ {
+ olsr_u8_t checksum_cache[512 + KEYLENGTH];
/* Create packet + key cache */
/* First the OLSR packet + signature message - digest */
***************
*** 979,983 ****
(sizeof(struct challengemsg) - SIGNATURE_SIZE) + KEYLENGTH,
sha1_hash);
!
if(memcmp(sha1_hash, &msg->signature, SIGNATURE_SIZE) != 0)
{
--- 996,1000 ----
(sizeof(struct challengemsg) - SIGNATURE_SIZE) + KEYLENGTH,
sha1_hash);
! }
if(memcmp(sha1_hash, &msg->signature, SIGNATURE_SIZE) != 0)
{
***************
*** 1048,1051 ****
--- 1065,1070 ----
/* Create digest of received challenge + IP */
+ {
+ olsr_u8_t checksum_cache[512 + KEYLENGTH];
/* Create packet + key cache */
/* First the challenge received */
***************
*** 1058,1065 ****
sizeof(olsr_u32_t) + olsr_cnf->ipsize,
crmsg.res_sig);
!
/* Now create the digest of the message and the key */
/* Create packet + key cache */
/* First the OLSR packet + signature message - digest */
--- 1077,1086 ----
sizeof(olsr_u32_t) + olsr_cnf->ipsize,
crmsg.res_sig);
! }
/* Now create the digest of the message and the key */
+ {
+ olsr_u8_t checksum_cache[512 + KEYLENGTH];
/* Create packet + key cache */
/* First the OLSR packet + signature message - digest */
***************
*** 1072,1075 ****
--- 1093,1097 ----
(sizeof(struct c_respmsg) - SIGNATURE_SIZE) + KEYLENGTH,
crmsg.signature);
+ }
olsr_printf(3, "[ENC]Sending challenge response to %s challenge 0x%x\n",
***************
*** 1121,1124 ****
--- 1143,1148 ----
/* Create digest of received challenge + IP */
+ {
+ olsr_u8_t checksum_cache[512 + KEYLENGTH];
/* Create packet + key cache */
/* First the challenge received */
***************
*** 1131,1138 ****
sizeof(olsr_u32_t) + olsr_cnf->ipsize,
rrmsg.res_sig);
!
/* Now create the digest of the message and the key */
/* Create packet + key cache */
/* First the OLSR packet + signature message - digest */
--- 1155,1164 ----
sizeof(olsr_u32_t) + olsr_cnf->ipsize,
rrmsg.res_sig);
! }
/* Now create the digest of the message and the key */
+ {
+ olsr_u8_t checksum_cache[512 + KEYLENGTH];
/* Create packet + key cache */
/* First the OLSR packet + signature message - digest */
***************
*** 1145,1148 ****
--- 1171,1175 ----
(sizeof(struct r_respmsg) - SIGNATURE_SIZE) + KEYLENGTH,
rrmsg.signature);
+ }
olsr_printf(3, "[ENC]Sending response response to %s\n",
More information about the Olsr-cvs
mailing list