summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMatthias Schiffer <mschiffer@universe-factory.net>2014-08-18 22:30:30 +0200
committerMatthias Schiffer <mschiffer@universe-factory.net>2014-08-18 22:30:30 +0200
commit50d9aa23342f8a9bc6a87ace12578054eeff36fd (patch)
treed0f2dab9535a25435e33169828e2231f96b0f2c7
parentcb3c88e020dbfd028f7d8b79b9bf97bcb0b34ea5 (diff)
downloadfastd-50d9aa23342f8a9bc6a87ace12578054eeff36fd.tar
fastd-50d9aa23342f8a9bc6a87ace12578054eeff36fd.zip
Dynamically create peer configs for dynamic peers
This avoids duplicating the protocol_config field.
-rw-r--r--src/peer.c5
-rw-r--r--src/peer.h3
-rw-r--r--src/protocols/ec25519_fhmqvc/handshake.c30
-rw-r--r--src/protocols/ec25519_fhmqvc/util.c8
4 files changed, 23 insertions, 23 deletions
diff --git a/src/peer.c b/src/peer.c
index ac711f0..f621010 100644
--- a/src/peer.c
+++ b/src/peer.c
@@ -424,7 +424,7 @@ static void delete_peer(fastd_peer_t *peer) {
conf.protocol->free_peer_state(peer);
if (fastd_peer_is_dynamic(peer))
- free(peer->protocol_config);
+ fastd_peer_config_free(peer->config);
for (i = 0; i < VECTOR_LEN(peer->remotes); i++)
free(VECTOR_INDEX(peer->remotes, i).addresses);
@@ -718,7 +718,6 @@ fastd_peer_t* fastd_peer_add(fastd_peer_config_t *peer_conf) {
if (peer_conf) {
peer->config = peer_conf;
- peer->protocol_config = peer_conf->protocol_config;
VECTOR_ALLOC(peer->remotes, 0);
@@ -742,6 +741,8 @@ fastd_peer_t* fastd_peer_add(fastd_peer_config_t *peer_conf) {
if (!fastd_shell_command_isset(&conf.on_verify))
exit_bug("tried to add dynamic peer without on-verify command");
+ peer->config = fastd_peer_config_new(conf.peer_group);
+
peer->dynamic = true;
peer->verify_timeout = ctx.now;
diff --git a/src/peer.h b/src/peer.h
index c73f2ea..4229296 100644
--- a/src/peer.h
+++ b/src/peer.h
@@ -47,7 +47,7 @@ typedef enum fastd_peer_state {
struct fastd_peer {
uint64_t id; /**< A unique ID assigned to each peer */
- const fastd_peer_config_t *config; /**< The peer's fastd_peer_config_t */
+ fastd_peer_config_t *config; /**< The peer's fastd_peer_config_t */
/** The socket used by the peer. This can either be a common bound socket or a
dynamic, unbound socket that is used exclusively by this peer */
@@ -80,7 +80,6 @@ struct fastd_peer {
struct timespec verify_valid_timeout; /**< Specifies how long a peer stays valid after a successful on-verify run */
#endif
- fastd_protocol_peer_config_t *protocol_config; /**< Protocol-specific peer configuration for config-less (on-verify) peers */
fastd_protocol_peer_state_t *protocol_state; /**< Protocol-specific peer state */
};
diff --git a/src/protocols/ec25519_fhmqvc/handshake.c b/src/protocols/ec25519_fhmqvc/handshake.c
index fb4fd1e..498a6fd 100644
--- a/src/protocols/ec25519_fhmqvc/handshake.c
+++ b/src/protocols/ec25519_fhmqvc/handshake.c
@@ -277,7 +277,7 @@ static bool update_shared_handshake_key(const fastd_peer_t *peer, const handshak
bool compat = !conf.secure_handshakes;
if (!make_shared_handshake_key(&handshake_key->key.secret, false,
- &peer->protocol_config->public_key,
+ &peer->config->protocol_config->public_key,
&conf.protocol_config->key.public,
peer_handshake_key,
&handshake_key->key.public,
@@ -315,7 +315,7 @@ static void respond_handshake(const fastd_socket_t *sock, const fastd_peer_addre
fastd_buffer_t buffer = fastd_handshake_new_reply(2, method, true, 4*(4+PUBLICKEYBYTES) + 2*(4+HASHBYTES));
fastd_handshake_add(&buffer, RECORD_SENDER_KEY, PUBLICKEYBYTES, &conf.protocol_config->key.public);
- fastd_handshake_add(&buffer, RECORD_RECIPIENT_KEY, PUBLICKEYBYTES, &peer->protocol_config->public_key);
+ fastd_handshake_add(&buffer, RECORD_RECIPIENT_KEY, PUBLICKEYBYTES, &peer->config->protocol_config->public_key);
fastd_handshake_add(&buffer, RECORD_SENDER_HANDSHAKE_KEY, PUBLICKEYBYTES, &handshake_key->key.public);
fastd_handshake_add(&buffer, RECORD_RECIPIENT_HANDSHAKE_KEY, PUBLICKEYBYTES, peer_handshake_key);
@@ -344,7 +344,7 @@ static void finish_handshake(fastd_socket_t *sock, const fastd_peer_address_t *l
fastd_sha256_t shared_handshake_key, shared_handshake_key_compat;
if (!make_shared_handshake_key(&handshake_key->key.secret, true,
&conf.protocol_config->key.public,
- &peer->protocol_config->public_key,
+ &peer->config->protocol_config->public_key,
&handshake_key->key.public,
peer_handshake_key,
&sigma,
@@ -361,7 +361,7 @@ static void finish_handshake(fastd_socket_t *sock, const fastd_peer_address_t *l
valid = fastd_hmacsha256_verify(mac, shared_handshake_key.w, handshake->tlv_data, handshake->tlv_len);
}
else {
- valid = fastd_hmacsha256_blocks_verify(handshake->records[RECORD_T].data, shared_handshake_key_compat.w, peer->protocol_config->public_key.u32, peer_handshake_key->u32, NULL);
+ valid = fastd_hmacsha256_blocks_verify(handshake->records[RECORD_T].data, shared_handshake_key_compat.w, peer->config->protocol_config->public_key.u32, peer_handshake_key->u32, NULL);
}
if (!valid) {
@@ -370,13 +370,13 @@ static void finish_handshake(fastd_socket_t *sock, const fastd_peer_address_t *l
}
if (!establish(peer, method, sock, local_addr, remote_addr, true, &handshake_key->key.public, peer_handshake_key, &conf.protocol_config->key.public,
- &peer->protocol_config->public_key, &sigma, compat ? NULL : shared_handshake_key.w, handshake_key->serial))
+ &peer->config->protocol_config->public_key, &sigma, compat ? NULL : shared_handshake_key.w, handshake_key->serial))
return;
fastd_buffer_t buffer = fastd_handshake_new_reply(3, method, false, 4*(4+PUBLICKEYBYTES) + 2*(4+HASHBYTES));
fastd_handshake_add(&buffer, RECORD_SENDER_KEY, PUBLICKEYBYTES, &conf.protocol_config->key.public);
- fastd_handshake_add(&buffer, RECORD_RECIPIENT_KEY, PUBLICKEYBYTES, &peer->protocol_config->public_key);
+ fastd_handshake_add(&buffer, RECORD_RECIPIENT_KEY, PUBLICKEYBYTES, &peer->config->protocol_config->public_key);
fastd_handshake_add(&buffer, RECORD_SENDER_HANDSHAKE_KEY, PUBLICKEYBYTES, &handshake_key->key.public);
fastd_handshake_add(&buffer, RECORD_RECIPIENT_HANDSHAKE_KEY, PUBLICKEYBYTES, peer_handshake_key);
@@ -415,7 +415,7 @@ static void handle_finish_handshake(fastd_socket_t *sock, const fastd_peer_addre
valid = fastd_hmacsha256_verify(mac, peer->protocol_state->shared_handshake_key.w, handshake->tlv_data, handshake->tlv_len);
}
else {
- valid = fastd_hmacsha256_blocks_verify(handshake->records[RECORD_T].data, peer->protocol_state->shared_handshake_key_compat.w, peer->protocol_config->public_key.u32, peer_handshake_key->u32, NULL);
+ valid = fastd_hmacsha256_blocks_verify(handshake->records[RECORD_T].data, peer->protocol_state->shared_handshake_key_compat.w, peer->config->protocol_config->public_key.u32, peer_handshake_key->u32, NULL);
}
if (!valid) {
@@ -423,7 +423,7 @@ static void handle_finish_handshake(fastd_socket_t *sock, const fastd_peer_addre
return;
}
- establish(peer, method, sock, local_addr, remote_addr, false, peer_handshake_key, &handshake_key->key.public, &peer->protocol_config->public_key,
+ establish(peer, method, sock, local_addr, remote_addr, false, peer_handshake_key, &handshake_key->key.public, &peer->config->protocol_config->public_key,
&conf.protocol_config->key.public, &peer->protocol_state->sigma, compat ? NULL : peer->protocol_state->shared_handshake_key.w, handshake_key->serial);
clear_shared_handshake_key(peer);
@@ -439,7 +439,7 @@ static fastd_peer_t* find_sender_key(const fastd_peer_address_t *address, const
for (i = 0; i < VECTOR_LEN(ctx.peers); i++) {
fastd_peer_t *peer = VECTOR_INDEX(ctx.peers, i);
- if (memcmp(&peer->protocol_config->public_key, key, PUBLICKEYBYTES) == 0) {
+ if (memcmp(&peer->config->protocol_config->public_key, key, PUBLICKEYBYTES) == 0) {
if (!fastd_peer_matches_address(peer, address)) {
errno = EPERM;
return NULL;
@@ -469,7 +469,7 @@ static fastd_peer_t* match_sender_key(const fastd_socket_t *sock, const fastd_pe
exit_bug("packet without correct peer set on dynamic socket");
if (peer) {
- if (memcmp(&peer->protocol_config->public_key, key, PUBLICKEYBYTES) == 0)
+ if (memcmp(&peer->config->protocol_config->public_key, key, PUBLICKEYBYTES) == 0)
return peer;
if (fastd_peer_owns_address(peer, address)) {
@@ -524,7 +524,7 @@ void fastd_protocol_ec25519_fhmqvc_handshake_init(fastd_socket_t *sock, const fa
fastd_handshake_add(&buffer, RECORD_SENDER_KEY, PUBLICKEYBYTES, &conf.protocol_config->key.public);
if (peer) {
- fastd_handshake_add(&buffer, RECORD_RECIPIENT_KEY, PUBLICKEYBYTES, &peer->protocol_config->public_key);
+ fastd_handshake_add(&buffer, RECORD_RECIPIENT_KEY, PUBLICKEYBYTES, &peer->config->protocol_config->public_key);
pr_verbose("sending handshake to %P[%I]...", peer, remote_addr);
}
@@ -542,9 +542,9 @@ void fastd_protocol_ec25519_fhmqvc_handshake_init(fastd_socket_t *sock, const fa
/** Checks if a dynamic peer (added after an on-verify command) can stay after new peers have been configured */
bool fastd_protocol_ec25519_fhmqvc_peer_check_dynamic(fastd_peer_t *peer) {
- if (key_count(peer->protocol_config->public_key.u8)) {
+ if (key_count(peer->config->protocol_config->public_key.u8)) {
char buf[65];
- hexdump(buf, peer->protocol_config->public_key.u8);
+ hexdump(buf, peer->config->protocol_config->public_key.u8);
pr_info("key %s is configured now, deleting dynamic peer.", buf);
return false;
}
@@ -580,8 +580,8 @@ static fastd_peer_t * add_dynamic(fastd_socket_t *sock, const fastd_peer_address
fastd_peer_t *peer = fastd_peer_add(NULL);
- peer->protocol_config = fastd_new(fastd_protocol_peer_config_t);
- memcpy(&peer->protocol_config->public_key, key, PUBLICKEYBYTES);
+ peer->config->protocol_config = fastd_new(fastd_protocol_peer_config_t);
+ memcpy(&peer->config->protocol_config->public_key, key, PUBLICKEYBYTES);
/* Ugly hack */
peer->protocol_state->last_serial--;
diff --git a/src/protocols/ec25519_fhmqvc/util.c b/src/protocols/ec25519_fhmqvc/util.c
index 2aea52d..c716916 100644
--- a/src/protocols/ec25519_fhmqvc/util.c
+++ b/src/protocols/ec25519_fhmqvc/util.c
@@ -80,8 +80,8 @@ void fastd_protocol_ec25519_fhmqvc_set_shell_env(fastd_shell_env_t *env, const f
hexdump(buf, conf.protocol_config->key.public.u8);
fastd_shell_env_set(env, "LOCAL_KEY", buf);
- if (peer && peer->protocol_config) {
- hexdump(buf, peer->protocol_config->public_key.u8);
+ if (peer && peer->config->protocol_config) {
+ hexdump(buf, peer->config->protocol_config->public_key.u8);
fastd_shell_env_set(env, "PEER_KEY", buf);
}
else {
@@ -97,10 +97,10 @@ void fastd_protocol_ec25519_fhmqvc_set_shell_env(fastd_shell_env_t *env, const f
public key.
*/
bool fastd_protocol_ec25519_fhmqvc_describe_peer(const fastd_peer_t *peer, char *buf, size_t len) {
- if (peer && peer->protocol_config) {
+ if (peer && peer->config->protocol_config) {
char dumpbuf[65];
- hexdump(dumpbuf, peer->protocol_config->public_key.u8);
+ hexdump(dumpbuf, peer->config->protocol_config->public_key.u8);
snprintf(buf, len, "%.16s", dumpbuf);
return true;
}