[secnet] / transform-common.h


#ifndef TRANSFORM_COMMON_H
#define TRANSFORM_COMMON_H

#include "magic.h"

#define KEYED_CHECK do{				\
	if (!ti->keyed) {			\
	    *errmsg="transform unkeyed";	\
	    return 1;				\
	}					\
    }while(0)

#define RECVBITMAP_SIZE 32
typedef uint32_t recvbitmap_type;

#define SEQNUM_CHECK(seqnum, p) do{				\
	uint32_t skew=seqnum-ti->lastrecvseq;			\
	if (skew<0x8fffffff) {					\
	    /* Ok */						\
	    ti->lastrecvseq=seqnum;				\
	    if (skew < RECVBITMAP_SIZE)				\
                ti->recvbitmap <<= skew;			\
            else						\
                ti->recvbitmap=0;				\
            skew=0;						\
	} else if ((0-skew)<(p)->max_seq_skew) {		\
	    /* Ok */						\
	} else {						\
	    /* Too much skew */					\
	    *errmsg="seqnum: too much skew";			\
	    return 2;						\
	}							\
	if ((p)->dedupe) {					\
	    recvbitmap_type recvbit=(uint32_t)1 << skew;	\
	    if (ti->recvbitmap & recvbit) {			\
		*errmsg="seqnum: duplicate";			\
		return 2;					\
	    }							\
	    ti->recvbitmap |= recvbit;				\
	}							\
    }while(0)

#define SEQNUM_KEYED_FIELDS						\
    uint32_t sendseq;							\
    uint32_t lastrecvseq;						\
    recvbitmap_type recvbitmap; /* 1<<0 is lastrecvseq (i.e., most recent) */ \
    bool_t keyed

#define SEQNUM_KEYED_INIT(initlastrecvseq,initsendseq)	\
    (ti->lastrecvseq=(initlastrecvseq),			\
     ti->sendseq=(initsendseq),				\
     ti->recvbitmap=0,					\
     ti->keyed=True)

#define TRANSFORM_VALID				\
    static bool_t transform_valid(void *sst)	\
    {						\
	struct transform_inst *ti=sst;		\
						\
	return ti->keyed;			\
    }

#define TRANSFORM_DESTROY				\
    static void transform_destroy(void *sst)		\
    {							\
	struct transform_inst *st=sst;			\
							\
	FILLZERO(*st); /* Destroy key material */	\
	free(st);					\
    }

#define SET_CAPAB_TRANSFORMNUM(def) do{					\
        st->ops.capab_transformnum=dict_read_number(dict, "capab-num",	\
                                     False, "transform", loc, (def));	\
        if (st->ops.capab_transformnum > CAPAB_TRANSFORMNUM_MAX)	\
	    cfgfatal(loc,"transform","capab-num out of range 0..%d\n",	\
		     CAPAB_TRANSFORMNUM_MAX);				\
    }while(0)

#define TRANSFORM_CREATE_CORE				\
	struct transform_inst *ti;			\
	NEW(ti);					\
	/* mlock XXX */					\
	ti->ops.st=ti;					\
	ti->ops.setkey=transform_setkey;		\
	ti->ops.valid=transform_valid;			\
	ti->ops.delkey=transform_delkey;		\
	ti->ops.forwards=transform_forward;		\
	ti->ops.reverse=transform_reverse;		\
	ti->ops.destroy=transform_destroy;		\
	ti->keyed=False;

#define SEQNUM_PARAMS_FIELDS			\
    uint32_t max_seq_skew;			\
    bool_t dedupe;

#define SEQNUM_PARAMS_INIT(dict,p,desc,loc)				\
    (p)->max_seq_skew=dict_read_number((dict), "max-sequence-skew",	\
					False, (desc), (loc), 10);	\
    bool_t can_dedupe=(p)->max_seq_skew < RECVBITMAP_SIZE;		\
    (p)->dedupe=dict_read_bool((dict), "dedupe",			\
			       False,(desc),(loc), can_dedupe);		\
    if ((p)->dedupe && !can_dedupe)					\
	cfgfatal(loc,"transform",					\
                 "cannot dedupe with max-sequence-skew>=32");		\
    else (void)0

#endif /*TRANSFORM_COMMON_H*/
Commit	Line	Data
92a7d254 IJ	1
	2	#ifndef TRANSFORM_COMMON_H
	3	#define TRANSFORM_COMMON_H
	4
5b5f297f IJ	5	#include "magic.h"
5b5f297f IJ	6
92a7d254 IJ	7	#define KEYED_CHECK do{ \
	8	if (!ti->keyed) { \
	9	*errmsg="transform unkeyed"; \
	10	return 1; \
	11	} \
	12	}while(0)
	13
83692003 IJ	14	#define RECVBITMAP_SIZE 32
	15	typedef uint32_t recvbitmap_type;
	16
	17	#define SEQNUM_CHECK(seqnum, p) do{ \
	18	uint32_t skew=seqnum-ti->lastrecvseq; \
	19	if (skew<0x8fffffff) { \
	20	/* Ok */ \
	21	ti->lastrecvseq=seqnum; \
	22	if (skew < RECVBITMAP_SIZE) \
	23	ti->recvbitmap <<= skew; \
	24	else \
	25	ti->recvbitmap=0; \
	26	skew=0; \
	27	} else if ((0-skew)<(p)->max_seq_skew) { \
	28	/* Ok */ \
	29	} else { \
	30	/* Too much skew */ \
	31	*errmsg="seqnum: too much skew"; \
	32	return 2; \
	33	} \
	34	if ((p)->dedupe) { \
	35	recvbitmap_type recvbit=(uint32_t)1 << skew; \
	36	if (ti->recvbitmap & recvbit) { \
	37	*errmsg="seqnum: duplicate"; \
	38	return 2; \
	39	} \
	40	ti->recvbitmap \|= recvbit; \
	41	} \
92a7d254 IJ	42	}while(0)
92a7d254 IJ	43
35d30aa3 IJ	44	#define SEQNUM_KEYED_FIELDS \
	45	uint32_t sendseq; \
	46	uint32_t lastrecvseq; \
83692003	47	recvbitmap_type recvbitmap; /* 1<<0 is lastrecvseq (i.e., most recent) */ \
35d30aa3 IJ	48	bool_t keyed
	49
	50	#define SEQNUM_KEYED_INIT(initlastrecvseq,initsendseq) \
	51	(ti->lastrecvseq=(initlastrecvseq), \
	52	ti->sendseq=(initsendseq), \
83692003	53	ti->recvbitmap=0, \
35d30aa3 IJ	54	ti->keyed=True)
35d30aa3 IJ	55
92a7d254 IJ	56	#define TRANSFORM_VALID \
	57	static bool_t transform_valid(void *sst) \
	58	{ \
	59	struct transform_inst *ti=sst; \
	60	\
	61	return ti->keyed; \
	62	}
	63
	64	#define TRANSFORM_DESTROY \
	65	static void transform_destroy(void *sst) \
	66	{ \
	67	struct transform_inst *st=sst; \
	68	\
	69	FILLZERO(st); / Destroy key material */ \
	70	free(st); \
	71	}
	72
5b5f297f IJ	73	#define SET_CAPAB_TRANSFORMNUM(def) do{ \
5b5f297f IJ	74	st->ops.capab_transformnum=dict_read_number(dict, "capab-num", \
35d30aa3	75	False, "transform", loc, (def)); \
5b5f297f IJ	76	if (st->ops.capab_transformnum > CAPAB_TRANSFORMNUM_MAX) \
	77	cfgfatal(loc,"transform","capab-num out of range 0..%d\n", \
	78	CAPAB_TRANSFORMNUM_MAX); \
	79	}while(0)
	80
92a7d254 IJ	81	#define TRANSFORM_CREATE_CORE \
92a7d254 IJ	82	struct transform_inst *ti; \
952f601f	83	NEW(ti); \
92a7d254 IJ	84	/* mlock XXX */ \
	85	ti->ops.st=ti; \
	86	ti->ops.setkey=transform_setkey; \
	87	ti->ops.valid=transform_valid; \
	88	ti->ops.delkey=transform_delkey; \
	89	ti->ops.forwards=transform_forward; \
	90	ti->ops.reverse=transform_reverse; \
	91	ti->ops.destroy=transform_destroy; \
	92	ti->keyed=False;
	93
35d30aa3	94	#define SEQNUM_PARAMS_FIELDS \
83692003 IJ	95	uint32_t max_seq_skew; \
83692003 IJ	96	bool_t dedupe;
35d30aa3 IJ	97
	98	#define SEQNUM_PARAMS_INIT(dict,p,desc,loc) \
	99	(p)->max_seq_skew=dict_read_number((dict), "max-sequence-skew", \
83692003 IJ	100	False, (desc), (loc), 10); \
	101	bool_t can_dedupe=(p)->max_seq_skew < RECVBITMAP_SIZE; \
	102	(p)->dedupe=dict_read_bool((dict), "dedupe", \
	103	False,(desc),(loc), can_dedupe); \
	104	if ((p)->dedupe && !can_dedupe) \
	105	cfgfatal(loc,"transform", \
	106	"cannot dedupe with max-sequence-skew>=32"); \
	107	else (void)0
35d30aa3	108
92a7d254	109	#endif /TRANSFORM_COMMON_H/