diff options
| author | Matthias Schiffer <mschiffer@universe-factory.net> | 2013-11-30 04:58:05 +0100 |
|---|---|---|
| committer | Matthias Schiffer <mschiffer@universe-factory.net> | 2013-11-30 04:58:05 +0100 |
| commit | 5f7258ade2dd8bad076d17d3a85fb04d9bf71bda (patch) | |
| tree | 6dead8b1a3f5df9ae1a903d2deaedcb189f4d0d8 | |
| parent | f7e72b3584b54d43401fb02aa7ea677dc3bf0564 (diff) | |
| download | fastd-5f7258ade2dd8bad076d17d3a85fb04d9bf71bda.tar fastd-5f7258ade2dd8bad076d17d3a85fb04d9bf71bda.zip | |
Make crypto implementation configurable (and update a few error messages)
| -rw-r--r-- | src/config.c | 21 | ||||
| -rw-r--r-- | src/config.h | 10 | ||||
| -rw-r--r-- | src/config.y | 10 | ||||
| -rw-r--r-- | src/crypto.h | 8 | ||||
| -rw-r--r-- | src/crypto/cipher/ciphers.c.in | 1 | ||||
| -rw-r--r-- | src/crypto/mac/macs.c.in | 1 |
6 files changed, 36 insertions, 15 deletions
diff --git a/src/config.c b/src/config.c index bfdfd2e..6b91383 100644 --- a/src/config.c +++ b/src/config.c @@ -26,6 +26,7 @@ #include "fastd.h" #include "config.h" +#include "crypto.h" #include "lex.h" #include "method.h" #include "peer.h" @@ -83,7 +84,7 @@ void fastd_config_protocol(fastd_context_t *ctx UNUSED, fastd_config_t *conf, co if (!strcmp(name, "ec25519-fhmqvc")) conf->protocol = &fastd_protocol_ec25519_fhmqvc; else - exit_error(ctx, "protocol `%s' not supported", name); + exit_error(ctx, "config error: protocol `%s' not supported", name); } void fastd_config_method(fastd_context_t *ctx, fastd_config_t *conf, const char *name) { @@ -99,10 +100,20 @@ void fastd_config_method(fastd_context_t *ctx, fastd_config_t *conf, const char *method = fastd_string_stack_dup(name); } +void fastd_config_cipher(fastd_context_t *ctx, fastd_config_t *conf, const char *name, const char *impl) { + if (!fastd_cipher_config(conf->ciphers, name, impl)) + exit_error(ctx, "config error: implementation `%s' is not supported for cipher `%s' (or cipher `%s' is not supported)", impl, name, name); +} + +void fastd_config_mac(fastd_context_t *ctx, fastd_config_t *conf, const char *name, const char *impl) { + if (!fastd_mac_config(conf->macs, name, impl)) + exit_error(ctx, "config error: implementation `%s' is not supported for MAC `%s' (or MAC `%s' is not supported)", impl, name, name); +} + void fastd_config_bind_address(fastd_context_t *ctx UNUSED, fastd_config_t *conf, const fastd_peer_address_t *address, const char *bindtodev, bool default_v4, bool default_v6) { #ifndef USE_BINDTODEVICE if (bindtodev) - exit_error(ctx, "device bind configuration not supported on this system"); + exit_error(ctx, "config error: device bind configuration not supported on this system"); #endif #ifndef USE_MULTIAF_BIND @@ -421,7 +432,7 @@ static void configure_user(fastd_context_t *ctx, fastd_config_t *conf) { exit_errno(ctx, "getpwnam_r"); if (!pwdr) - exit_error(ctx, "Unable to find user `%s'.", conf->user); + exit_error(ctx, "config error: unable to find user `%s'.", conf->user); conf->uid = pwdr->pw_uid; conf->gid = pwdr->pw_gid; @@ -442,7 +453,7 @@ static void configure_user(fastd_context_t *ctx, fastd_config_t *conf) { exit_errno(ctx, "getgrnam_r"); if (!grpr) - exit_error(ctx, "Unable to find group `%s'.", conf->group); + exit_error(ctx, "config error: unable to find group `%s'.", conf->group); conf->gid = grpr->gr_gid; } @@ -496,7 +507,7 @@ static void configure_methods(fastd_context_t *ctx, fastd_config_t *conf) { for (i = 0, method_name = conf->method_list; method_name; i++, method_name = method_name->next) { conf->methods[i].name = method_name->str; if (!fastd_method_create_by_name(method_name->str, &conf->methods[i].provider, &conf->methods[i].method)) - exit_error(ctx, "method `%s' not supported", method_name->str); + exit_error(ctx, "config error: method `%s' not supported", method_name->str); } configure_method_parameters(conf); diff --git a/src/config.h b/src/config.h index 2b43968..d12e5ef 100644 --- a/src/config.h +++ b/src/config.h @@ -32,6 +32,8 @@ void fastd_config_protocol(fastd_context_t *ctx, fastd_config_t *conf, const char *name); void fastd_config_method(fastd_context_t *ctx, fastd_config_t *conf, const char *name); +void fastd_config_cipher(fastd_context_t *ctx, fastd_config_t *conf, const char *name, const char *impl); +void fastd_config_mac(fastd_context_t *ctx, fastd_config_t *conf, const char *name, const char *impl); void fastd_config_add_log_file(fastd_context_t *ctx, fastd_config_t *conf, const char *name, fastd_loglevel_t level); void fastd_config_bind_address(fastd_context_t *ctx, fastd_config_t *conf, const fastd_peer_address_t *address, const char *bindtodev, bool default_v4, bool default_v6); void fastd_config_peer_group_push(fastd_context_t *ctx, fastd_config_t *conf, const char *name); @@ -44,12 +46,4 @@ void fastd_config_handle_options(fastd_context_t *ctx, fastd_config_t *conf, int void fastd_add_peer_dir(fastd_context_t *ctx, fastd_config_t *conf, const char *dir); bool fastd_read_config(fastd_context_t *ctx, fastd_config_t *conf, const char *filename, bool peer_config, int depth); -const fastd_cipher_t** fastd_cipher_config_alloc(void); -void fastd_cipher_config_free(const fastd_cipher_t **cipher_conf); -bool fastd_cipher_config(const fastd_cipher_t **cipher_conf, const char *name, const char *impl); - -const fastd_mac_t** fastd_mac_config_alloc(void); -void fastd_mac_config_free(const fastd_mac_t **mac_conf); -bool fastd_mac_config(const fastd_mac_t **mac_conf, const char *name, const char *impl); - #endif /* _FASTD_CONFIG_H_ */ diff --git a/src/config.y b/src/config.y index 30701c0..94d8320 100644 --- a/src/config.y +++ b/src/config.y @@ -169,6 +169,8 @@ statement: peer_group_statement | TOK_GROUP group ';' | TOK_DROP TOK_CAPABILITIES drop_capabilities ';' | TOK_SECURE TOK_HANDSHAKES secure_handshakes ';' + | TOK_CIPHER cipher ';' + | TOK_MAC mac ';' | TOK_LOG log ';' | TOK_HIDE hide ';' | TOK_INTERFACE interface ';' @@ -226,6 +228,14 @@ secure_handshakes: } ; +cipher: TOK_STRING TOK_USE TOK_STRING { + fastd_config_cipher(ctx, conf, $1->str, $3->str); + } + +mac: TOK_STRING TOK_USE TOK_STRING { + fastd_config_mac(ctx, conf, $1->str, $3->str); + } + log: TOK_LEVEL log_level { conf->log_stderr_level = $2; } diff --git a/src/crypto.h b/src/crypto.h index 1f26058..c52fd42 100644 --- a/src/crypto.h +++ b/src/crypto.h @@ -57,9 +57,17 @@ struct fastd_mac { }; +const fastd_cipher_t** fastd_cipher_config_alloc(void); +void fastd_cipher_config_free(const fastd_cipher_t **cipher_conf); +bool fastd_cipher_config(const fastd_cipher_t **cipher_conf, const char *name, const char *impl); + const fastd_cipher_info_t* fastd_cipher_info_get_by_name(const char *name); const fastd_cipher_t* fastd_cipher_get(fastd_context_t *ctx, const fastd_cipher_info_t *info); +const fastd_mac_t** fastd_mac_config_alloc(void); +void fastd_mac_config_free(const fastd_mac_t **mac_conf); +bool fastd_mac_config(const fastd_mac_t **mac_conf, const char *name, const char *impl); + const fastd_mac_info_t* fastd_mac_info_get_by_name(const char *name); const fastd_mac_t* fastd_mac_get(fastd_context_t *ctx, const fastd_mac_info_t *info); diff --git a/src/crypto/cipher/ciphers.c.in b/src/crypto/cipher/ciphers.c.in index cdc9911..19893f6 100644 --- a/src/crypto/cipher/ciphers.c.in +++ b/src/crypto/cipher/ciphers.c.in @@ -24,7 +24,6 @@ */ -#include <src/config.h> #include <src/crypto.h> diff --git a/src/crypto/mac/macs.c.in b/src/crypto/mac/macs.c.in index ee64362..57f327a 100644 --- a/src/crypto/mac/macs.c.in +++ b/src/crypto/mac/macs.c.in @@ -24,7 +24,6 @@ */ -#include <src/config.h> #include <src/crypto.h> |