~mdw / tripe / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
server/servutil.c: Add utilities for simple leaky-bucket rate limiting.
[tripe] / server / servutil.c
CommitLineData
410c8acf 1/* -*-c-*-
2 *
410c8acf 3 * Various handy server-only utilities
4 *
5 * (c) 2001 Straylight/Edgeware
6 */
7
e04c2d50 8/*----- Licensing notice --------------------------------------------------*
410c8acf 9 *
10 * This file is part of Trivial IP Encryption (TrIPE).
11 *
11ad66c2
MW		 12 * TrIPE is free software: you can redistribute it and/or modify it under
13 * the terms of the GNU General Public License as published by the Free
14 * Software Foundation; either version 3 of the License, or (at your
15 * option) any later version.
e04c2d50 16 *
11ad66c2
MW		 17 * TrIPE is distributed in the hope that it will be useful, but WITHOUT
18 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
19 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
20 * for more details.
e04c2d50 21 *
410c8acf 22 * You should have received a copy of the GNU General Public License
11ad66c2 23 * along with TrIPE. If not, see <https://www.gnu.org/licenses/>.
410c8acf 24 */
25
410c8acf 26/*----- Header files ------------------------------------------------------*/
27
28#include "tripe.h"
29
df9dfccf 30/*----- Global variables --------------------------------------------------*/
31
a4b808b0 32octet buf_i[PKBUFSZ], buf_o[PKBUFSZ], buf_t[PKBUFSZ], buf_u[PKBUFSZ];
df9dfccf 33
82ba25cf 34/*----- Sequence numbers --------------------------------------------------*/
52b86648 35
37941236 36/* --- @seq_reset@ --- *
37 *
38 * Arguments: @seqwin *s@ = sequence-checking window
39 *
40 * Returns: ---
41 *
42 * Use: Resets a sequence number window.
43 */
44
45void seq_reset(seqwin *s) { s->seq = 0; s->win = 0; }
46
47/* --- @seq_check@ --- *
48 *
49 * Arguments: @seqwin *s@ = sequence-checking window
50 * @uint32 q@ = sequence number to check
f43df819 51 * @const char *service@ = service to report message from
37941236 52 *
f43df819 53 * Returns: Zero on success, nonzero if the sequence number was bad.
37941236 54 *
55 * Use: Checks a sequence number against the window, updating things
56 * as necessary.
57 */
58
f43df819 59int seq_check(seqwin *s, uint32 q, const char *service)
37941236 60{
61 uint32 qbit;
62 uint32 n;
63
f43df819
MW		 64 if (q < s->seq) {
65 a_warn(service, "replay", "old-sequence", A_END);
66 return (-1);
67 }
37941236 68 if (q >= s->seq + SEQ_WINSZ) {
69 n = q - (s->seq + SEQ_WINSZ - 1);
70 if (n < SEQ_WINSZ)
71 s->win >>= n;
72 else
73 s->win = 0;
74 s->seq += n;
75 }
76 qbit = 1 << (q - s->seq);
f43df819
MW		 77 if (s->win & qbit) {
78 a_warn(service, "replay", "duplicated-sequence", A_END);
79 return (-1);
80 }
37941236 81 s->win |= qbit;
82 return (0);
83}
84
e9fcf28e
MW		 85/*----- Rate limiting -----------------------------------------------------*/
86
87/* --- @ratelim_init@ --- *
88 *
89 * Arguments: @ratelim *r@ = rate-limiting state to fill in
90 * @unsigned persec@ = credit to accumulate per second
91 * @unsigned max@ = maximum credit to retain
92 *
93 * Returns: ---
94 *
95 * Use: Initialize a rate-limiting state.
96 */
97
98void ratelim_init(ratelim *r, unsigned persec, unsigned max)
99{
100 r->n = r->max = max;
101 r->persec = persec;
102 gettimeofday(&r->when, 0);
103}
104
105/* --- @ratelim_withdraw@ --- *
106 *
107 * Arguments: @ratelim *r@ = rate-limiting state
108 * @unsigned n@ = credit to withdraw
109 *
110 * Returns: Zero if successful; @-1@ if there is unsufficient credit
111 *
112 * Use: Updates the state with any accumulated credit. Then, if
113 * there there are more than @n@ credits available, withdraw @n@
114 * and return successfully; otherwise, report failure.
115 */
116
117int ratelim_withdraw(ratelim *r, unsigned n)
118{
119 struct timeval now, delta;
120 unsigned long d;
121
122 gettimeofday(&now, 0);
123 TV_SUB(&delta, &now, &r->when);
124 d = (unsigned long)r->persec*delta.tv_sec +
125 (unsigned long)r->persec*delta.tv_usec/MILLION;
126 if (d < r->max - r->n) r->n += d;
127 else r->n = r->max;
128 r->when = now;
129
130 if (n > r->n) return (-1);
131 else { r->n -= n; return (0); }
132}
133
82ba25cf
MW		 134/*----- Random odds and sods ----------------------------------------------*/
135
136/* --- @timestr@ --- *
137 *
138 * Arguments: @time_t t@ = a time to convert
139 *
140 * Returns: A pointer to a textual representation of the time.
141 *
142 * Use: Converts a time to a textual representation. Corrupts
143 * @buf_u@.
144 */
145
146const char *timestr(time_t t)
147{
148 struct tm *tm;
149 if (!t)
150 return ("NEVER");
151 tm = localtime(&t);
152 strftime((char *)buf_u, sizeof(buf_u), "%Y-%m-%dT%H:%M:%S", tm);
153 return ((const char *)buf_u);
154}
155
156/* --- @mystrieq@ --- *
157 *
158 * Arguments: @const char *x, *y@ = two strings
159 *
160 * Returns: True if @x@ and @y are equal, up to case.
161 */
162
163int mystrieq(const char *x, const char *y)
164{
165 for (;;) {
166 if (!*x && !*y) return (1);
167 if (tolower((unsigned char)*x) != tolower((unsigned char)*y))
168 return (0);
169 x++; y++;
170 }
171}
172
cb2c2bfc
MW		 173/* --- @addrsz@ --- *
174 *
175 * Arguments: @const addr *a@ = a network address
176 *
177 * Returns: The size of the address, for passing into the sockets API.
178 */
179
180socklen_t addrsz(const addr *a)
181{
182 switch (a->sa.sa_family) {
183 case AF_INET: return (sizeof(a->sin));
184 default: abort();
185 }
186}
187
410c8acf 188/*----- That's all, folks -------------------------------------------------*/
Trivial IP Encryption: a simple VPN