From 8088a82a2a91d29967cef920ba780eecdf72518e Mon Sep 17 00:00:00 2001 From: Matthias Schiffer Date: Sat, 30 Nov 2013 03:19:38 +0100 Subject: Perform string-based lookup of method-related information only once --- src/protocols/ec25519_fhmqvc/ec25519_fhmqvc.c | 16 +++++------ src/protocols/ec25519_fhmqvc/ec25519_fhmqvc.h | 7 +++-- src/protocols/ec25519_fhmqvc/handshake.c | 41 +++++++++++++-------------- src/protocols/ec25519_fhmqvc/state.c | 2 +- 4 files changed, 33 insertions(+), 33 deletions(-) (limited to 'src/protocols') diff --git a/src/protocols/ec25519_fhmqvc/ec25519_fhmqvc.c b/src/protocols/ec25519_fhmqvc/ec25519_fhmqvc.c index 743b0d1..a8de436 100644 --- a/src/protocols/ec25519_fhmqvc/ec25519_fhmqvc.c +++ b/src/protocols/ec25519_fhmqvc/ec25519_fhmqvc.c @@ -41,7 +41,7 @@ static inline bool read_key(uint8_t key[32], const char *hexkey) { static inline void check_session_refresh(fastd_context_t *ctx, fastd_peer_t *peer) { protocol_session_t *session = &peer->protocol_state->session; - if (!session->refreshing && session->method->session_want_refresh(ctx, session->method_state)) { + if (!session->refreshing && session->method->method->session_want_refresh(ctx, session->method_state)) { pr_verbose(ctx, "refreshing session with %P", peer); session->handshakes_cleaned = true; session->refreshing = true; @@ -104,17 +104,17 @@ static void protocol_handle_recv(fastd_context_t *ctx, fastd_peer_t *peer, fastd bool ok = false; if (is_session_valid(ctx, &peer->protocol_state->old_session)) { - if (peer->protocol_state->old_session.method->decrypt(ctx, peer, peer->protocol_state->old_session.method_state, &recv_buffer, buffer)) + if (peer->protocol_state->old_session.method->method->decrypt(ctx, peer, peer->protocol_state->old_session.method_state, &recv_buffer, buffer)) ok = true; } if (!ok) { - if (peer->protocol_state->session.method->decrypt(ctx, peer, peer->protocol_state->session.method_state, &recv_buffer, buffer)) { + if (peer->protocol_state->session.method->method->decrypt(ctx, peer, peer->protocol_state->session.method_state, &recv_buffer, buffer)) { ok = true; if (peer->protocol_state->old_session.method) { pr_debug(ctx, "invalidating old session with %P", peer); - peer->protocol_state->old_session.method->session_free(ctx, peer->protocol_state->old_session.method_state); + peer->protocol_state->old_session.method->method->session_free(ctx, peer->protocol_state->old_session.method_state); peer->protocol_state->old_session = (protocol_session_t){}; } @@ -123,7 +123,7 @@ static void protocol_handle_recv(fastd_context_t *ctx, fastd_peer_t *peer, fastd fastd_peer_unschedule_handshake(ctx, peer); peer->protocol_state->session.handshakes_cleaned = true; - if (peer->protocol_state->session.method->session_is_initiator(ctx, peer->protocol_state->session.method_state)) + if (peer->protocol_state->session.method->method->session_is_initiator(ctx, peer->protocol_state->session.method_state)) fastd_protocol_ec25519_fhmqvc_send_empty(ctx, peer, &peer->protocol_state->session); } @@ -153,7 +153,7 @@ static void session_send(fastd_context_t *ctx, fastd_peer_t *peer, fastd_buffer_ size_t stat_size = buffer.len; fastd_buffer_t send_buffer; - if (!session->method->encrypt(ctx, peer, session->method_state, &send_buffer, buffer)) { + if (!session->method->method->encrypt(ctx, peer, session->method_state, &send_buffer, buffer)) { fastd_buffer_free(buffer); pr_error(ctx, "failed to encrypt packet for %P", peer); return; @@ -171,7 +171,7 @@ static void protocol_send(fastd_context_t *ctx, fastd_peer_t *peer, fastd_buffer check_session_refresh(ctx, peer); - if (peer->protocol_state->session.method->session_is_initiator(ctx, peer->protocol_state->session.method_state) && is_session_valid(ctx, &peer->protocol_state->old_session)) { + if (peer->protocol_state->session.method->method->session_is_initiator(ctx, peer->protocol_state->session.method_state) && is_session_valid(ctx, &peer->protocol_state->old_session)) { pr_debug2(ctx, "sending packet for old session to %P", peer); session_send(ctx, peer, buffer, &peer->protocol_state->old_session); } @@ -181,7 +181,7 @@ static void protocol_send(fastd_context_t *ctx, fastd_peer_t *peer, fastd_buffer } void fastd_protocol_ec25519_fhmqvc_send_empty(fastd_context_t *ctx, fastd_peer_t *peer, protocol_session_t *session) { - session_send(ctx, peer, fastd_buffer_alloc(ctx, 0, alignto(session->method->min_encrypt_head_space, 8), session->method->min_encrypt_tail_space), session); + session_send(ctx, peer, fastd_buffer_alloc(ctx, 0, alignto(session->method->method->min_encrypt_head_space, 8), session->method->method->min_encrypt_tail_space), session); } const fastd_protocol_t fastd_protocol_ec25519_fhmqvc = { diff --git a/src/protocols/ec25519_fhmqvc/ec25519_fhmqvc.h b/src/protocols/ec25519_fhmqvc/ec25519_fhmqvc.h index 608276f..638117d 100644 --- a/src/protocols/ec25519_fhmqvc/ec25519_fhmqvc.h +++ b/src/protocols/ec25519_fhmqvc/ec25519_fhmqvc.h @@ -28,6 +28,7 @@ #define _FASTD_PROTOCOL_EC25519_FHMQVC_H_ #include "../../fastd.h" +#include "../../method.h" #include "../../peer.h" #include "../../sha256.h" @@ -59,7 +60,7 @@ typedef struct protocol_session { bool handshakes_cleaned; bool refreshing; - const fastd_method_t *method; + const fastd_method_info_t *method; fastd_method_session_state_t *method_state; } protocol_session_t; @@ -87,7 +88,7 @@ void fastd_protocol_ec25519_fhmqvc_reset_peer_state(fastd_context_t *ctx, fastd_ void fastd_protocol_ec25519_fhmqvc_free_peer_state(fastd_context_t *ctx, fastd_peer_t *peer); void fastd_protocol_ec25519_fhmqvc_handshake_init(fastd_context_t *ctx, const fastd_socket_t *sock, const fastd_peer_address_t *local_addr, const fastd_peer_address_t *remote_addr, fastd_peer_t *peer); -void fastd_protocol_ec25519_fhmqvc_handshake_handle(fastd_context_t *ctx, fastd_socket_t *sock, const fastd_peer_address_t *local_addr, const fastd_peer_address_t *remote_addr, fastd_peer_t *peer, const fastd_handshake_t *handshake, const char *method); +void fastd_protocol_ec25519_fhmqvc_handshake_handle(fastd_context_t *ctx, fastd_socket_t *sock, const fastd_peer_address_t *local_addr, const fastd_peer_address_t *remote_addr, fastd_peer_t *peer, const fastd_handshake_t *handshake, const fastd_method_info_t *method); void fastd_protocol_ec25519_fhmqvc_send_empty(fastd_context_t *ctx, fastd_peer_t *peer, protocol_session_t *session); @@ -105,7 +106,7 @@ static inline void hexdump(char out[65], const unsigned char d[32]) { static inline bool is_session_valid(fastd_context_t *ctx, const protocol_session_t *session) { - return (session->method && session->method->session_is_valid(ctx, session->method_state)); + return (session->method && session->method->method->session_is_valid(ctx, session->method_state)); } #endif /* _FASTD_PROTOCOL_EC25519_FHMQVC_H_ */ diff --git a/src/protocols/ec25519_fhmqvc/handshake.c b/src/protocols/ec25519_fhmqvc/handshake.c index c359fb1..0225513 100644 --- a/src/protocols/ec25519_fhmqvc/handshake.c +++ b/src/protocols/ec25519_fhmqvc/handshake.c @@ -68,46 +68,46 @@ static void derive_key(fastd_sha256_t *out, size_t blocks, const uint32_t *salt, fastd_hkdf_sha256_expand(out, blocks, &prk, info, sizeof(info)); } -static inline void supersede_session(fastd_context_t *ctx, fastd_peer_t *peer, const fastd_method_t *method) { +static inline void supersede_session(fastd_context_t *ctx, fastd_peer_t *peer, const fastd_method_info_t *method) { if (is_session_valid(ctx, &peer->protocol_state->session) && !is_session_valid(ctx, &peer->protocol_state->old_session)) { if (peer->protocol_state->old_session.method) - peer->protocol_state->old_session.method->session_free(ctx, peer->protocol_state->old_session.method_state); + peer->protocol_state->old_session.method->method->session_free(ctx, peer->protocol_state->old_session.method_state); peer->protocol_state->old_session = peer->protocol_state->session; } else { if (peer->protocol_state->session.method) - peer->protocol_state->session.method->session_free(ctx, peer->protocol_state->session.method_state); + peer->protocol_state->session.method->method->session_free(ctx, peer->protocol_state->session.method_state); } if (peer->protocol_state->old_session.method) { if (peer->protocol_state->old_session.method != method) { pr_debug(ctx, "method of %P has changed, terminating old session", peer); - peer->protocol_state->old_session.method->session_free(ctx, peer->protocol_state->old_session.method_state); + peer->protocol_state->old_session.method->method->session_free(ctx, peer->protocol_state->old_session.method_state); peer->protocol_state->old_session = (protocol_session_t){}; } else { - peer->protocol_state->old_session.method->session_superseded(ctx, peer->protocol_state->old_session.method_state); + peer->protocol_state->old_session.method->method->session_superseded(ctx, peer->protocol_state->old_session.method_state); } } } -static inline bool new_session(fastd_context_t *ctx, fastd_peer_t *peer, const char *method_name, const fastd_method_t *method, bool initiator, +static inline bool new_session(fastd_context_t *ctx, fastd_peer_t *peer, const fastd_method_info_t *method, bool initiator, const aligned_int256_t *A, const aligned_int256_t *B, const aligned_int256_t *X, const aligned_int256_t *Y, const aligned_int256_t *sigma, const uint32_t *salt, uint64_t serial) { supersede_session(ctx, peer, method); if (salt) { - size_t blocks = block_count(method->key_length(ctx, method_name), sizeof(fastd_sha256_t)); + size_t blocks = block_count(method->method->key_length(ctx, method->ctx), sizeof(fastd_sha256_t)); fastd_sha256_t secret[blocks]; - derive_key(secret, blocks, salt, method_name, A, B, X, Y, sigma); + derive_key(secret, blocks, salt, method->name, A, B, X, Y, sigma); - peer->protocol_state->session.method_state = method->session_init(ctx, method_name, (const uint8_t*)secret, initiator); + peer->protocol_state->session.method_state = method->method->session_init(ctx, method->ctx, (const uint8_t*)secret, initiator); } else { fastd_sha256_t hash; fastd_sha256_blocks(&hash, X->u32, Y->u32, A->u32, B->u32, sigma->u32, NULL); - peer->protocol_state->session.method_state = method->session_init_compat(ctx, method_name, hash.b, HASHBYTES, initiator); + peer->protocol_state->session.method_state = method->method->session_init_compat(ctx, method->ctx, hash.b, HASHBYTES, initiator); } if (!peer->protocol_state->session.method_state) @@ -122,7 +122,7 @@ static inline bool new_session(fastd_context_t *ctx, fastd_peer_t *peer, const c return true; } -static bool establish(fastd_context_t *ctx, fastd_peer_t *peer, const char *method_name, fastd_socket_t *sock, +static bool establish(fastd_context_t *ctx, fastd_peer_t *peer, const fastd_method_info_t *method, fastd_socket_t *sock, const fastd_peer_address_t *local_addr, const fastd_peer_address_t *remote_addr, bool initiator, const aligned_int256_t *A, const aligned_int256_t *B, const aligned_int256_t *X, const aligned_int256_t *Y, const aligned_int256_t *sigma, const uint32_t *salt, uint64_t serial) { @@ -131,9 +131,8 @@ static bool establish(fastd_context_t *ctx, fastd_peer_t *peer, const char *meth return false; } - const fastd_method_t *method = fastd_method_get_by_name(method_name); - if (!salt && !method->session_init_compat) { - pr_warn(ctx, "can't establish session with %P[%I] (method without compat support)", peer, remote_addr); + if (!salt && !method->method->session_init_compat) { + pr_warn(ctx, "can't establish compat session with %P[%I] (method without compat support)", peer, remote_addr); return false; } @@ -145,8 +144,8 @@ static bool establish(fastd_context_t *ctx, fastd_peer_t *peer, const char *meth return false; } - if (!new_session(ctx, peer, method_name, method, initiator, A, B, X, Y, sigma, salt, serial)) { - pr_error(ctx, "failed to initialize method session for %P (method `%s'%s)", peer, method_name, salt ? "" : " (compat mode)"); + if (!new_session(ctx, peer, method, initiator, A, B, X, Y, sigma, salt, serial)) { + pr_error(ctx, "failed to initialize method session for %P (method `%s'%s)", peer, method->name, salt ? "" : " (compat mode)"); fastd_peer_reset(ctx, peer); return false; } @@ -154,7 +153,7 @@ static bool establish(fastd_context_t *ctx, fastd_peer_t *peer, const char *meth fastd_peer_seen(ctx, peer); fastd_peer_set_established(ctx, peer); - pr_verbose(ctx, "new session with %P established using method `%s'%s.", peer, method_name, salt ? "" : " (compat mode)"); + pr_verbose(ctx, "new session with %P established using method `%s'%s.", peer, method->name, salt ? "" : " (compat mode)"); if (initiator) fastd_peer_schedule_handshake_default(ctx, peer); @@ -271,7 +270,7 @@ static void clear_shared_handshake_key(fastd_context_t *ctx UNUSED, const fastd_ } static void respond_handshake(fastd_context_t *ctx, const fastd_socket_t *sock, const fastd_peer_address_t *local_addr, const fastd_peer_address_t *remote_addr, fastd_peer_t *peer, - const handshake_key_t *handshake_key, const aligned_int256_t *peer_handshake_key, const fastd_handshake_t *handshake, const char *method) { + const handshake_key_t *handshake_key, const aligned_int256_t *peer_handshake_key, const fastd_handshake_t *handshake, const fastd_method_info_t *method) { pr_debug(ctx, "responding handshake with %P[%I]...", peer, remote_addr); if (!update_shared_handshake_key(ctx, peer, handshake_key, peer_handshake_key)) @@ -299,7 +298,7 @@ static void respond_handshake(fastd_context_t *ctx, const fastd_socket_t *sock, } static void finish_handshake(fastd_context_t *ctx, fastd_socket_t *sock, const fastd_peer_address_t *local_addr, const fastd_peer_address_t *remote_addr, fastd_peer_t *peer, const handshake_key_t *handshake_key, const aligned_int256_t *peer_handshake_key, - const fastd_handshake_t *handshake, const char *method) { + const fastd_handshake_t *handshake, const fastd_method_info_t *method) { pr_debug(ctx, "finishing handshake with %P[%I]...", peer, remote_addr); bool compat = !secure_handshake(handshake); @@ -361,7 +360,7 @@ static void finish_handshake(fastd_context_t *ctx, fastd_socket_t *sock, const f static void handle_finish_handshake(fastd_context_t *ctx, fastd_socket_t *sock, const fastd_peer_address_t *local_addr, const fastd_peer_address_t *remote_addr, fastd_peer_t *peer, const handshake_key_t *handshake_key, const aligned_int256_t *peer_handshake_key, - const fastd_handshake_t *handshake, const char *method) { + const fastd_handshake_t *handshake, const fastd_method_info_t *method) { pr_debug(ctx, "handling handshake finish with %P[%I]...", peer, remote_addr); bool compat = !secure_handshake(handshake); @@ -538,7 +537,7 @@ void fastd_protocol_ec25519_fhmqvc_handshake_init(fastd_context_t *ctx, const fa fastd_send_handshake(ctx, sock, local_addr, remote_addr, peer, buffer); } -void fastd_protocol_ec25519_fhmqvc_handshake_handle(fastd_context_t *ctx, fastd_socket_t *sock, const fastd_peer_address_t *local_addr, const fastd_peer_address_t *remote_addr, fastd_peer_t *peer, const fastd_handshake_t *handshake, const char *method) { +void fastd_protocol_ec25519_fhmqvc_handshake_handle(fastd_context_t *ctx, fastd_socket_t *sock, const fastd_peer_address_t *local_addr, const fastd_peer_address_t *remote_addr, fastd_peer_t *peer, const fastd_handshake_t *handshake, const fastd_method_info_t *method) { bool temporary_added = false; fastd_protocol_ec25519_fhmqvc_maintenance(ctx); diff --git a/src/protocols/ec25519_fhmqvc/state.c b/src/protocols/ec25519_fhmqvc/state.c index 727763a..f27fcc6 100644 --- a/src/protocols/ec25519_fhmqvc/state.c +++ b/src/protocols/ec25519_fhmqvc/state.c @@ -77,7 +77,7 @@ void fastd_protocol_ec25519_fhmqvc_init_peer_state(fastd_context_t *ctx, fastd_p static void reset_session(fastd_context_t *ctx, protocol_session_t *session) { if (session->method) - session->method->session_free(ctx, session->method_state); + session->method->method->session_free(ctx, session->method_state); secure_memzero(session, sizeof(protocol_session_t)); } -- cgit v1.2.3