diff options
Diffstat (limited to 'usr.sbin/sasyncd')
| -rw-r--r-- | usr.sbin/sasyncd/conf.y | 71 | ||||
| -rw-r--r-- | usr.sbin/sasyncd/log.c | 4 | ||||
| -rw-r--r-- | usr.sbin/sasyncd/net.c | 17 | ||||
| -rw-r--r-- | usr.sbin/sasyncd/sasyncd.h | 3 |
4 files changed, 74 insertions, 21 deletions
diff --git a/usr.sbin/sasyncd/conf.y b/usr.sbin/sasyncd/conf.y index d32a5043865..03495ad70dd 100644 --- a/usr.sbin/sasyncd/conf.y +++ b/usr.sbin/sasyncd/conf.y @@ -1,4 +1,4 @@ -/* $OpenBSD: conf.y,v 1.12 2006/12/24 05:01:08 msf Exp $ */ +/* $OpenBSD: conf.y,v 1.13 2007/01/08 15:31:01 markus Exp $ */ /* * Copyright (c) 2005 Håkan Olsson. All rights reserved. @@ -50,17 +50,23 @@ char *confbuf, *confptr; int yyparse(void); int yylex(void); void yyerror(const char *); +unsigned char x2i(unsigned char *); %} %union { char *string; int val; + struct { + unsigned char *data; + int len; + } hex; } %token MODE INTERFACE INTERVAL LISTEN ON PORT PEER SHAREDKEY %token Y_SLAVE Y_MASTER INET INET6 FLUSHMODE STARTUP NEVER SYNC %token GROUP SKIPSLAVE %token <string> STRING +%token <hex> HEX %token <val> VALUE %type <val> af port mode flushmode @@ -102,6 +108,23 @@ flushmode : STARTUP { $$ = FM_STARTUP; } | SYNC { $$ = FM_SYNC; } ; +key : STRING + { + if (cfgstate.sharedkey) + free(cfgstate.sharedkey); + cfgstate.sharedkey = $1; + cfgstate.sharedkey_len = strlen($1) * 8; + log_msg(2, "config: shared ascii key"); + } + | HEX + { + if (cfgstate.sharedkey) + free(cfgstate.sharedkey); + cfgstate.sharedkey = $1.data; + cfgstate.sharedkey_len = $1.len * 8; + log_msg(2, "config: %d byte shared hex key", $1.len); + } + setting : INTERFACE STRING { if (cfgstate.carp_ifname) @@ -175,11 +198,16 @@ setting : INTERFACE STRING $5 != SASYNCD_DEFAULT_PORT ? pstr : ""); } | MODE modes - | SHAREDKEY STRING + | SHAREDKEY key { - if (cfgstate.sharedkey) - free(cfgstate.sharedkey); - cfgstate.sharedkey = $2; + int bits; + + bits = cfgstate.sharedkey_len; + if (bits != 128 && bits != 192 && bits != 256) { + log_err("config: bad shared key length %d, " + "should be 128, 192 or 256 bits\n", bits); + YYERROR; + } log_msg(2, "config: shared key set"); } ; @@ -233,7 +261,7 @@ int yylex(void) { char *p; - int v; + int v, i, len; /* Locate next token */ if (!confptr) @@ -247,6 +275,25 @@ yylex(void) confptr = p; } + /* Hex token? */ + p = confptr; + if (!strncmp(p, "0x", 2)) { + for (p = confptr + 2; *p; p++) + if (!isxdigit(*p)) + goto is_string; + p = confptr + 2; + len = strlen(p) / 2; + if ((yylval.hex.data = calloc(len, sizeof(unsigned char))) + == NULL) { + log_err("yylex: calloc()"); + exit(1); + } + for (i = 0; i < len; i++) + yylval.hex.data[i] = x2i(p + 2 * i); + yylval.hex.len = len; + return HEX; + } + /* Numerical token? */ if (isdigit(*confptr)) { for (p = confptr; *p; p++) @@ -342,6 +389,18 @@ conf_parse_file(char *cfgfile) return 1; } +unsigned char +x2i(unsigned char *s) +{ + char ss[3]; + + ss[0] = s[0]; + ss[1] = s[1]; + ss[2] = 0; + + return ((unsigned char)strtoul(ss, NULL, 16)); +} + void yyerror(const char *s) { diff --git a/usr.sbin/sasyncd/log.c b/usr.sbin/sasyncd/log.c index 70003eb89b9..6af7c5fe553 100644 --- a/usr.sbin/sasyncd/log.c +++ b/usr.sbin/sasyncd/log.c @@ -1,4 +1,4 @@ -/* $OpenBSD: log.c,v 1.4 2005/05/26 19:19:51 ho Exp $ */ +/* $OpenBSD: log.c,v 1.5 2007/01/08 15:31:01 markus Exp $ */ /* * Copyright (c) 2005 Håkan Olsson. All rights reserved. @@ -46,7 +46,7 @@ void log_init(char *pname) { tzset(); - openlog(pname, LOG_CONS, LOG_DAEMON); + openlog(pname, LOG_CONS | LOG_PID, LOG_DAEMON); } static void diff --git a/usr.sbin/sasyncd/net.c b/usr.sbin/sasyncd/net.c index 416e0f0b5e8..b70c8c4e845 100644 --- a/usr.sbin/sasyncd/net.c +++ b/usr.sbin/sasyncd/net.c @@ -1,4 +1,4 @@ -/* $OpenBSD: net.c,v 1.14 2006/06/02 20:31:48 moritz Exp $ */ +/* $OpenBSD: net.c,v 1.15 2007/01/08 15:31:01 markus Exp $ */ /* * Copyright (c) 2005 Håkan Olsson. All rights reserved. @@ -273,18 +273,11 @@ int net_init(void) { struct syncpeer *p; - int r; - /* The shared key needs to be 128, 192 or 256 bits */ - r = strlen(cfgstate.sharedkey) << 3; - if (r != 128 && r != 192 && r != 256) { - fprintf(stderr, "Bad shared key length (%d bits), " - "should be 128, 192 or 256\n", r); - return -1; - } - - if (AES_set_encrypt_key(cfgstate.sharedkey, r, &aes_key[0]) || - AES_set_decrypt_key(cfgstate.sharedkey, r, &aes_key[1])) { + if (AES_set_encrypt_key(cfgstate.sharedkey, cfgstate.sharedkey_len, + &aes_key[0]) || + AES_set_decrypt_key(cfgstate.sharedkey, cfgstate.sharedkey_len, + &aes_key[1])) { fprintf(stderr, "Bad AES shared key\n"); return -1; } diff --git a/usr.sbin/sasyncd/sasyncd.h b/usr.sbin/sasyncd/sasyncd.h index 566a0ef5a5e..92939f3a6c5 100644 --- a/usr.sbin/sasyncd/sasyncd.h +++ b/usr.sbin/sasyncd/sasyncd.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sasyncd.h,v 1.13 2006/12/25 08:17:17 deraadt Exp $ */ +/* $OpenBSD: sasyncd.h,v 1.14 2007/01/08 15:31:01 markus Exp $ */ /* * Copyright (c) 2005 Håkan Olsson. All rights reserved. @@ -50,6 +50,7 @@ struct cfgstate { int carp_ifindex; char *sharedkey; + int sharedkey_len; int pfkey_socket; |