summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2003-06-21 19:29:32 +0000
committerNick Mathewson <nickm@torproject.org>2003-06-21 19:29:32 +0000
commit04b871486cd4912f909f2959c0a22e1bff8591c8 (patch)
tree2d3db3d7f16a9b9d2bcf2f64f39af77eaab7b808
parent03544caca7c7eb592e2d53f821bf148ed4afbd08 (diff)
downloadtor-04b871486cd4912f909f2959c0a22e1bff8591c8.tar.gz
tor-04b871486cd4912f909f2959c0a22e1bff8591c8.zip
Reorder connection_or and make unexported functions static. Partially convert to symbolic constants -- Roger, was this what you had in mind?
svn:r342
-rw-r--r--src/or/connection_or.c145
-rw-r--r--src/or/or.h12
2 files changed, 91 insertions, 66 deletions
diff --git a/src/or/connection_or.c b/src/or/connection_or.c
index 158425f2ac..56ba821fbe 100644
--- a/src/or/connection_or.c
+++ b/src/or/connection_or.c
@@ -3,8 +3,21 @@
/* $Id$ */
#include "or.h"
+
extern or_options_t options; /* command-line and config-file options */
+static int or_handshake_op_send_keys(connection_t *conn);
+static int or_handshake_op_finished_sending_keys(connection_t *conn);
+
+static int or_handshake_client_process_auth(connection_t *conn);
+static int or_handshake_client_send_auth(connection_t *conn);
+
+static int or_handshake_server_process_auth(connection_t *conn);
+static int or_handshake_server_process_nonce(connection_t *conn);
+
+static void connection_or_set_open(connection_t *conn);
+static void conn_or_init_crypto(connection_t *conn);
+
/*
*
* these two functions are the main ways 'in' to connection_or
@@ -97,28 +110,6 @@ int connection_or_finished_flushing(connection_t *conn) {
/*********************/
-void connection_or_set_open(connection_t *conn) {
- conn->state = OR_CONN_STATE_OPEN;
- directory_set_dirty();
- connection_init_timeval(conn);
- connection_watch_events(conn, POLLIN);
-}
-
-void conn_or_init_crypto(connection_t *conn) {
- //int x;
- unsigned char iv[16];
-
- assert(conn);
-
- memset((void *)iv, 0, 16);
- crypto_cipher_set_iv(conn->f_crypto, iv);
- crypto_cipher_set_iv(conn->b_crypto, iv);
-
- crypto_cipher_encrypt_init_cipher(conn->f_crypto);
- crypto_cipher_decrypt_init_cipher(conn->b_crypto);
- /* always encrypt with f, always decrypt with b */
-}
-
connection_t *connection_or_connect(routerinfo_t *router) {
connection_t *conn;
struct sockaddr_in router_addr;
@@ -206,9 +197,30 @@ connection_t *connection_or_connect(routerinfo_t *router) {
return NULL;
}
-int or_handshake_op_send_keys(connection_t *conn) {
- unsigned char message[38]; /* flag(16bits), bandwidth(32bits), forward key(128bits), backward key(128bits) */
- unsigned char cipher[128];
+/* ********************************** */
+
+int connection_or_create_listener(struct sockaddr_in *bindaddr) {
+ log(LOG_DEBUG,"connection_create_or_listener starting");
+ return connection_create_listener(bindaddr, CONN_TYPE_OR_LISTENER);
+}
+
+int connection_or_handle_listener_read(connection_t *conn) {
+ log(LOG_NOTICE,"OR: Received a connection request from a router. Attempting to authenticate.");
+ return connection_handle_listener_read(conn, CONN_TYPE_OR, OR_CONN_STATE_SERVER_AUTH_WAIT);
+}
+
+/* ***************** */
+/* Helper functions to implement handshaking */
+
+#define FLAGS_LEN 2
+#define BANDWIDTH_LEN 4
+#define KEY_LEN 16
+#define PKEY_LEN 128
+
+static int
+or_handshake_op_send_keys(connection_t *conn) {
+ unsigned char message[FLAGS_LEN + BANDWIDTH_LEN + KEY_LEN + KEY_LEN];
+ unsigned char cipher[PKEY_LEN];
int retval;
assert(conn && conn->type == CONN_TYPE_OR);
@@ -224,12 +236,14 @@ int or_handshake_op_send_keys(connection_t *conn) {
log(LOG_DEBUG,"or_handshake_op_send_keys() : Generated 3DES keys.");
/* compose the message */
*(uint16_t *)(message) = htons(HANDSHAKE_AS_OP);
- *(uint32_t *)(message+2) = htonl(conn->bandwidth);
- memcpy((void *)(message+6), (void *)conn->f_crypto->key, 16);
- memcpy((void *)(message+22), (void *)conn->b_crypto->key, 16);
+ *(uint32_t *)(message+FLAGS_LEN) = htonl(conn->bandwidth);
+ memcpy((void *)(message+FLAGS_LEN+BANDWIDTH_LEN),
+ (void *)conn->f_crypto->key, 16);
+ memcpy((void *)(message+FLAGS_LEN+BANDWIDTH_LEN+KEY_LEN),
+ (void *)conn->b_crypto->key, 16);
/* encrypt with RSA */
- if(crypto_pk_public_encrypt(conn->pkey, message, 38, cipher, RSA_PKCS1_PADDING) < 0) {
+ if(crypto_pk_public_encrypt(conn->pkey, message, sizeof(message), cipher, RSA_PKCS1_PADDING) < 0) {
log(LOG_ERR,"or_handshake_op_send_keys(): Public key encryption failed.");
return -1;
}
@@ -237,7 +251,7 @@ int or_handshake_op_send_keys(connection_t *conn) {
/* send message */
- if(connection_write_to_buf(cipher, 128, conn) < 0) {
+ if(connection_write_to_buf(cipher, PKEY_LEN, conn) < 0) {
log(LOG_DEBUG,"or_handshake_op_send_keys(): my outbuf is full. Oops.");
return -1;
}
@@ -258,7 +272,8 @@ int or_handshake_op_send_keys(connection_t *conn) {
return or_handshake_op_finished_sending_keys(conn);
}
-int or_handshake_op_finished_sending_keys(connection_t *conn) {
+static int
+or_handshake_op_finished_sending_keys(connection_t *conn) {
/* do crypto initialization, etc */
conn_or_init_crypto(conn);
@@ -268,10 +283,12 @@ int or_handshake_op_finished_sending_keys(connection_t *conn) {
return 0;
}
-int or_handshake_client_send_auth(connection_t *conn) {
+static int
+or_handshake_client_send_auth(connection_t *conn) {
int retval;
- char buf[50];
- char cipher[128];
+ char buf[FLAGS_LEN+ADDR_LEN+PORT_LEN+ADDR_LEN+
+ PORT_LEN+KEY_LEN+KEY_LEN+BANDWIDTH_LEN];
+ char cipher[PKEY_LEN];
struct sockaddr_in me; /* my router identity */
assert(conn);
@@ -289,17 +306,20 @@ int or_handshake_client_send_auth(connection_t *conn) {
/* generate first message */
*(uint16_t*)buf = htons(HANDSHAKE_AS_OR);
- *(uint32_t*)(buf+2) = me.sin_addr.s_addr; /* local address, network order */
- *(uint16_t*)(buf+6) = me.sin_port; /* local port, network order */
- *(uint32_t*)(buf+8) = htonl(conn->addr); /* remote address */
- *(uint16_t*)(buf+12) = htons(conn->port); /* remote port */
- memcpy(buf+14,conn->f_crypto->key,16); /* keys */
- memcpy(buf+30,conn->b_crypto->key,16);
- *(uint32_t *)(buf+46) = htonl(conn->bandwidth); /* max link utilisation */
+ *(uint32_t*)(buf+FLAGS_LEN) = me.sin_addr.s_addr; /* local address, network order */
+ *(uint16_t*)(buf+FLAGS_LEN+ADDR_LEN) = me.sin_port; /* local port, network order */
+ *(uint32_t*)(buf+FLAGS_LEN+ADDR_LEN+PORT_LEN) = htonl(conn->addr); /* remote address */
+ *(uint16_t*)(buf+FLAGS_LEN+ADDR_LEN+PORT_LEN+ADDR_LEN) = htons(conn->port); /* remote port */
+ memcpy(buf+FLAGS_LEN+ADDR_LEN+PORT_LEN+ADDR_LEN+PORT_LEN,
+ conn->f_crypto->key,16); /* keys */
+ memcpy(buf+FLAGS_LEN+ADDR_LEN+PORT_LEN+ADDR_LEN+PORT_LEN+KEY_LEN,
+ conn->b_crypto->key,16);
+ *(uint32_t *)(buf+FLAGS_LEN+ADDR_LEN+PORT_LEN+ADDR_LEN+PORT_LEN+
+ KEY_LEN+KEY_LEN) = htonl(conn->bandwidth); /* max link utilisation */
log(LOG_DEBUG,"or_handshake_client_send_auth() : Generated first authentication message.");
/* encrypt message */
- retval = crypto_pk_public_encrypt(conn->pkey, buf, 50, cipher,RSA_PKCS1_PADDING);
+ retval = crypto_pk_public_encrypt(conn->pkey, buf, sizeof(buf), cipher,RSA_PKCS1_PADDING);
if (retval == -1) /* error */
{
log(LOG_ERR,"Public-key encryption failed during authentication to %s:%u.",conn->address,conn->port);
@@ -310,7 +330,7 @@ int or_handshake_client_send_auth(connection_t *conn) {
/* send message */
- if(connection_write_to_buf(cipher, 128, conn) < 0) {
+ if(connection_write_to_buf(cipher, PKEY_LEN, conn) < 0) {
log(LOG_DEBUG,"or_handshake_client_send_auth(): my outbuf is full. Oops.");
return -1;
}
@@ -334,7 +354,8 @@ int or_handshake_client_send_auth(connection_t *conn) {
}
-int or_handshake_client_process_auth(connection_t *conn) {
+static int
+or_handshake_client_process_auth(connection_t *conn) {
char buf[128]; /* only 56 of this is expected to be used */
char cipher[128];
uint32_t bandwidth;
@@ -438,7 +459,8 @@ int or_handshake_client_process_auth(connection_t *conn) {
*
*/
-int or_handshake_server_process_auth(connection_t *conn) {
+static int
+or_handshake_server_process_auth(connection_t *conn) {
int retval;
char buf[128]; /* 50 of this is expected to be used for OR, 38 for OP */
@@ -592,7 +614,8 @@ int or_handshake_server_process_auth(connection_t *conn) {
return -1;
}
-int or_handshake_server_process_nonce(connection_t *conn) {
+static int
+or_handshake_server_process_nonce(connection_t *conn) {
char buf[128];
char cipher[128];
@@ -648,20 +671,34 @@ int or_handshake_server_process_nonce(connection_t *conn) {
}
+/*********************/
-/* ********************************** */
+static void
+connection_or_set_open(connection_t *conn) {
+ conn->state = OR_CONN_STATE_OPEN;
+ directory_set_dirty();
+ connection_init_timeval(conn);
+ connection_watch_events(conn, POLLIN);
+}
+
+static void
+conn_or_init_crypto(connection_t *conn) {
+ //int x;
+ unsigned char iv[16];
+ assert(conn);
-int connection_or_create_listener(struct sockaddr_in *bindaddr) {
- log(LOG_DEBUG,"connection_create_or_listener starting");
- return connection_create_listener(bindaddr, CONN_TYPE_OR_LISTENER);
-}
+ memset((void *)iv, 0, 16);
+ crypto_cipher_set_iv(conn->f_crypto, iv);
+ crypto_cipher_set_iv(conn->b_crypto, iv);
-int connection_or_handle_listener_read(connection_t *conn) {
- log(LOG_NOTICE,"OR: Received a connection request from a router. Attempting to authenticate.");
- return connection_handle_listener_read(conn, CONN_TYPE_OR, OR_CONN_STATE_SERVER_AUTH_WAIT);
+ crypto_cipher_encrypt_init_cipher(conn->f_crypto);
+ crypto_cipher_decrypt_init_cipher(conn->b_crypto);
+ /* always encrypt with f, always decrypt with b */
}
+
+
/*
Local Variables:
mode:c
diff --git a/src/or/or.h b/src/or/or.h
index 2a0f716201..44f4fafc62 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -615,18 +615,6 @@ int connection_op_handle_listener_read(connection_t *conn);
int connection_or_process_inbuf(connection_t *conn);
int connection_or_finished_flushing(connection_t *conn);
-void connection_or_set_open(connection_t *conn);
-void conn_or_init_crypto(connection_t *conn);
-
-int or_handshake_op_send_keys(connection_t *conn);
-int or_handshake_op_finished_sending_keys(connection_t *conn);
-
-int or_handshake_client_process_auth(connection_t *conn);
-int or_handshake_client_send_auth(connection_t *conn);
-
-int or_handshake_server_process_auth(connection_t *conn);
-int or_handshake_server_process_nonce(connection_t *conn);
-
connection_t *connection_or_connect(routerinfo_t *router);
int connection_or_create_listener(struct sockaddr_in *bindaddr);