/* -*-c-*-
*
- * $Id$
- *
* Main header file for TrIPE
*
* (c) 2001 Straylight/Edgeware
*/
-/*----- Licensing notice --------------------------------------------------*
+/*----- Licensing notice --------------------------------------------------*
*
* This file is part of Trivial IP Encryption (TrIPE).
*
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
- *
+ *
* TrIPE is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
- *
+ *
* You should have received a copy of the GNU General Public License
* along with TrIPE; if not, write to the Free Software Foundation,
* Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#include <mLib/arena.h>
#include <mLib/base64.h>
#include <mLib/bres.h>
+#include <mLib/daemonize.h>
#include <mLib/dstr.h>
#include <mLib/env.h>
#include <mLib/fdflags.h>
#include <mLib/fwatch.h>
+#include <mLib/macros.h>
#include <mLib/mdwopt.h>
#include <mLib/quis.h>
#include <mLib/report.h>
#include <mLib/sub.h>
#include <mLib/trace.h>
#include <mLib/tv.h>
+#include <mLib/versioncmp.h>
#include <catacomb/buf.h>
unsigned long sz_exp; /* Data limit for the keyset */
T( unsigned seq; ) /* Sequence number for tracing */
unsigned f; /* Various useful flags */
- gcipher *cin, *cout; /* Keyset ciphers for encryption */
+ gcipher *cin, *cout; /* Keyset ciphers for encryption */
size_t tagsz; /* Length to truncate MAC tags */
- gmac *min, *mout; /* Keyset MACs for integrity */
+ gmac *min, *mout; /* Keyset MACs for integrity */
uint32 oseq; /* Outbound sequence number */
seqwin iseq; /* Inbound sequence number */
} keyset;
#define KXF_TIMER 1u /* Waiting for a timer to go off */
#define KXF_DEAD 2u /* The key-exchanger isn't up */
#define KXF_PUBKEY 4u /* Key exchanger has a public key */
+#define KXF_CORK 8u /* Don't send anything yet */
enum {
KXS_DEAD, /* Uninitialized state (magical) */
typedef struct tunnel_ops {
const char *name; /* Name of this tunnel driver */
void (*init)(void); /* Initializes the system */
- tunnel *(*create)(struct peer */*p*/); /* Initializes a new tunnel */
- const char *(*ifname)(tunnel */*t*/); /* Returns tunnel's interface name */
+ tunnel *(*create)(struct peer */*p*/, char **/*ifn*/);
+ /* Initializes a new tunnel */
+ void (*setifname)(tunnel */*t*/, const char */*ifn*/);
+ /* Notifies ifname change */
void (*inject)(tunnel */*t*/, buf */*b*/); /* Sends packet through if */
void (*destroy)(tunnel */*t*/); /* Destroys a tunnel */
} tunnel_ops;
unsigned long t_ka; /* Keep alive interval */
addr sa; /* Socket address to speak to */
size_t sasz; /* Socket address size */
+ unsigned kxf; /* Key exchange flags to set */
} peerspec;
typedef struct peer {
admin_bgop bg; /* Background operation header */
ping ping; /* Ping pending response */
struct timeval pingtime; /* Time last ping was sent */
-} admin_pingop;
+} admin_pingop;
+
+typedef struct admin_service {
+ sym_base _b; /* Hash table base structure */
+ char *version; /* The provided version */
+ struct admin *prov; /* Which client provides me */
+ struct admin_service *next, *prev; /* Client's list of services */
+} admin_service;
+
+typedef struct admin_svcop {
+ admin_bgop bg; /* Background operation header */
+ struct admin *prov; /* Client servicing this job */
+ unsigned short index; /* This job's index */
+ struct admin_svcop *next, *prev; /* Links for provider's jobs */
+} admin_svcop;
+
+typedef struct admin_jobentry {
+ unsigned short seq; /* Zero if unused */
+ union {
+ admin_svcop *op; /* Operation, if slot in use, ... */
+ uint32 next; /* ... or index of next free slot */
+ } u;
+} admin_jobentry;
+
+typedef struct admin_jobtable {
+ uint32 n, sz; /* Used slots and table size */
+ admin_svcop *active; /* List of active jobs */
+ uint32 free; /* Index of first free slot */
+ admin_jobentry *v; /* And the big array of entries */
+} admin_jobtable;
typedef struct admin {
struct admin *next, *prev; /* Links to next and previous */
oqueue out; /* Output buffer list */
oqueue delay; /* Delayed output buffer list */
admin_bgop *bg; /* Backgrounded operations */
+ admin_service *svcs; /* Which services I provide */
+ admin_jobtable j; /* Table of outstanding jobs */
selbuf b; /* Line buffer for commands */
sel_file w; /* Selector for write buffering */
} admin;
* Arguments: @keyexch *kx@ = pointer to key exchange context
* @peer *p@ = pointer to peer context
* @keyset **ks@ = pointer to keyset list
+ * @unsigned f@ = various useful flags
*
* Returns: Zero if OK, nonzero if it failed.
*
* exchange.
*/
-extern int kx_init(keyexch */*kx*/, peer */*p*/, keyset **/*ks*/);
+extern int kx_init(keyexch */*kx*/, peer */*p*/,
+ keyset **/*ks*/, unsigned /*f*/);
/*----- Keysets and symmetric cryptography --------------------------------*/
extern int seq_check(seqwin */*s*/, uint32 /*q*/, const char */*service*/);
-/* --- @versioncmp@ --- *
- *
- * Arguments: @const char *va, *vb@ = two version strings
- *
- * Returns: Less than, equal to, or greater than zero, according to
- * whether @va@ is less than, equal to, or greater than @vb@.
- *
- * Use: Compares version number strings.
- *
- * The algorithm is an extension of the Debian version
- * comparison algorithm. A version number consists of three
- * components:
- *
- * [EPOCH :] MAIN [- SUB]
- *
- * The MAIN part may contain colons or hyphens if there is an
- * EPOCH or SUB, respectively. Version strings are compared
- * componentwise: first epochs, then main parts, and finally
- * subparts.
- *
- * The component comparison is done as follows. First, the
- * initial subsequence of nondigit characters is extracted from
- * each string, and these are compared lexicographically, using
- * ASCII ordering, except that letters precede non-letters. If
- * both are the same, an initial sequence of digits is extracted
- * from the remaining parts of the version strings, and these
- * are compared numerically (an empty sequence being considered
- * to have the value zero). This process is repeated until we
- * have a winner or until both strings are exhausted.
- */
-
-extern int versioncmp(const char */*va*/, const char */*vb*/);
-
/*----- That's all, folks -------------------------------------------------*/
#ifdef __cplusplus