Browse code

core, lib, modules: updated include paths for header files

Daniel-Constantin Mierla authored on 07/12/2016 11:07:22
Showing 1 changed files
... ...
@@ -31,11 +31,11 @@ unsigned otn_in_flight_no; /* 2^k == 1<<oth_in_flight_k */
31 31
 
32 32
 #include "ot_nonce.h"
33 33
 #include "nid.h"
34
-#include "../../dprint.h"
35
-#include "../../bit_scan.h"
36
-#include "../../atomic_ops.h"
37
-#include "../../ut.h" /* ROUNDUP...*/
38
-#include "../../mem/shm_mem.h" /* shm_available() */
34
+#include "../../core/dprint.h"
35
+#include "../../core/bit_scan.h"
36
+#include "../../core/atomic_ops.h"
37
+#include "../../core/ut.h" /* ROUNDUP...*/
38
+#include "../../core/mem/shm_mem.h" /* shm_available() */
39 39
 #include <stdlib.h> /* random() */
40 40
 #include <string.h> /* memset() */
41 41
 #include <assert.h>
Browse code

core, lib, modules: restructured source code tree

- new folder src/ to hold the source code for main project applications
- main.c is in src/
- all core files are subfolder are in src/core/
- modules are in src/modules/
- libs are in src/lib/
- application Makefiles are in src/
- application binary is built in src/ (src/kamailio)

Daniel-Constantin Mierla authored on 07/12/2016 11:03:51
Showing 1 changed files
1 1
new file mode 100644
... ...
@@ -0,0 +1,234 @@
1
+/*
2
+ * Digest Authentication Module
3
+ *
4
+ * one-time nonce support
5
+ *
6
+ * Copyright (C) 2008 iptelorg GmbH
7
+ *
8
+ * This file is part of Kamailio, a free SIP server.
9
+ *
10
+ * Kamailio is free software; you can redistribute it and/or modify
11
+ * it under the terms of the GNU General Public License as published by
12
+ * the Free Software Foundation; either version 2 of the License, or
13
+ * (at your option) any later version
14
+ *
15
+ * Kamailio is distributed in the hope that it will be useful,
16
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
17
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
18
+ * GNU General Public License for more details.
19
+ *
20
+ * You should have received a copy of the GNU General Public License
21
+ * along with this program; if not, write to the Free Software
22
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
23
+ *
24
+ */
25
+
26
+int otn_enabled=0;
27
+unsigned otn_in_flight_k;  /* max in-flight nonces order (k in 2^k) */
28
+unsigned otn_in_flight_no; /* 2^k == 1<<oth_in_flight_k */
29
+
30
+#ifdef USE_OT_NONCE
31
+
32
+#include "ot_nonce.h"
33
+#include "nid.h"
34
+#include "../../dprint.h"
35
+#include "../../bit_scan.h"
36
+#include "../../atomic_ops.h"
37
+#include "../../ut.h" /* ROUNDUP...*/
38
+#include "../../mem/shm_mem.h" /* shm_available() */
39
+#include <stdlib.h> /* random() */
40
+#include <string.h> /* memset() */
41
+#include <assert.h>
42
+
43
+static otn_cell_t * otn_array=0;
44
+
45
+
46
+unsigned otn_partition_size; /* partition==otn_in_flight_no/nid_pool_no*/
47
+unsigned otn_partition_k;    /* k such that 2^k==otn_partition_size */
48
+unsigned otn_partition_mask; /* mask for computing the real idx. inside
49
+								* one partition */
50
+
51
+
52
+/* returns -1 on error, 0 on success */
53
+int init_ot_nonce()
54
+{
55
+	unsigned long size;
56
+	unsigned long max_mem;
57
+	unsigned orig_array_size;
58
+
59
+
60
+	if (nid_crt==0){
61
+		BUG("auth: init_ot_nonce: nonce index must be "
62
+				"initialized first (see init_nonce_id())\n");
63
+		return -1;
64
+	}
65
+	orig_array_size=otn_in_flight_no;
66
+	if (otn_in_flight_k==0){
67
+		if (otn_in_flight_no==0){
68
+			otn_in_flight_no=DEFAULT_OTN_IN_FLIGHT;
69
+		}
70
+		otn_in_flight_k=bit_scan_reverse32(otn_in_flight_no);
71
+	}
72
+	size=1UL<<otn_in_flight_k; /* ROUNDDOWN to 2^otn_in_flight_k */
73
+	if (size < MIN_OTN_IN_FLIGHT){
74
+		LM_WARN("one-time-nonce maximum in-flight nonces is very low (%d),"
75
+				" consider increasing otn_in_flight_no to at least %d\n",
76
+				orig_array_size, MIN_OTN_IN_FLIGHT);
77
+	}
78
+	if (size > MAX_OTN_IN_FLIGHT){
79
+		LM_WARN("one-time-nonce maximum in-flight nonces is too high (%d),"
80
+				" consider decreasing otn_in_flight_no to at least %d\n",
81
+				orig_array_size, MAX_OTN_IN_FLIGHT);
82
+	}
83
+	if (size!=otn_in_flight_no){
84
+		if (orig_array_size!=0)
85
+			LM_INFO("otn_in_flight_no rounded down to %ld\n", size);
86
+		else
87
+			LM_INFO("otn_in_flight_no set to %ld\n", size);
88
+	}
89
+	max_mem=shm_available();
90
+	if (size/8 >= max_mem){
91
+		LM_ERR("otn_in_flight_no (%ld) is too big for the configured "
92
+				"amount of shared memory (%ld bytes)\n", size, max_mem);
93
+		return -1;
94
+	}else if (size/8 >= max_mem/2){
95
+		LM_WARN("the currently configured otn_in_flight_no (%ld)  "
96
+				"would use more then 50%% of the available shared"
97
+				" memory(%ld bytes)\n", size, max_mem);
98
+	}
99
+	otn_in_flight_no=size;
100
+
101
+	if (nid_pool_no>=otn_in_flight_no/(8*sizeof(otn_cell_t))){
102
+		LM_ERR("nid_pool_no (%d) too high for the configured "
103
+				"otn_in_flight_no (%d)\n", nid_pool_no, otn_in_flight_no);
104
+		return -1;
105
+	}
106
+	otn_partition_size=otn_in_flight_no >> nid_pool_k;
107
+	otn_partition_k=otn_in_flight_k-nid_pool_k;
108
+	otn_partition_mask=(1<<otn_partition_k)-1;
109
+	assert(otn_partition_size == otn_in_flight_no/nid_pool_no);
110
+	assert(1<<(otn_partition_k+nid_pool_k) == otn_in_flight_no);
111
+
112
+	if ((nid_t)otn_partition_size >= ((nid_t)(-1)/NID_INC)){
113
+		LM_ERR("otn_in_flight_no too big, try decreasing it or increasing"
114
+				"the number of pools/partitions, such that "
115
+				"otn_in_flight_no/nid_pool_no < %d\n",
116
+				(unsigned int)((nid_t)(-1)/NID_INC));
117
+		return -1;
118
+	}
119
+	if (otn_partition_size  < MIN_OTN_PARTITION){
120
+		LM_WARN("one-time-nonces in-flight nonces very low,"
121
+				" consider either decreasing nid_pool_no (%d) or "
122
+				" increasing otn_array_size (%d) such that "
123
+				"otn_array_size/nid_pool_no >= %d\n",
124
+				nid_pool_no, orig_array_size, MIN_OTN_PARTITION);
125
+	}
126
+
127
+	/*  array size should be multiple of sizeof(otn_cell_t) since we
128
+	 *  access it as an otn_cell_t array */
129
+	otn_array=shm_malloc(ROUND2TYPE((otn_in_flight_no+7)/8, otn_cell_t));
130
+	if (otn_array==0){
131
+		LM_ERR("init_ot_nonce: memory allocation failure, consider"
132
+				" either decreasing otn_in_flight_no of increasing the"
133
+				" the shared memory amount\n");
134
+		goto error;
135
+	}
136
+	/* init the otn_array with 1 for each bit, to avoid replay attacks after
137
+	 * ser restarts ) */
138
+	memset(otn_array, 0xff, ROUND2TYPE((otn_in_flight_no+7)/8, otn_cell_t));
139
+	return 0;
140
+error:
141
+	destroy_ot_nonce();
142
+	return -1;
143
+}
144
+
145
+
146
+
147
+void destroy_ot_nonce()
148
+{
149
+	if (otn_array){
150
+		shm_free(otn_array);
151
+		otn_array=0;
152
+	}
153
+}
154
+
155
+/* given the nonce id i and pool/partition p, produces a bit index in the
156
+ * array  partition corresponding to p.
157
+ * WARNING: the result is the _bit_ index and not the array cell index
158
+ */
159
+#define get_otn_array_bit_idx(i,p) \
160
+	(((i) & otn_partition_mask)+((p)<<otn_partition_k))
161
+
162
+/* get the real array cell corresponding to a certain bit index */
163
+#define get_otn_array_cell_idx(pos) \
164
+	((pos)/(sizeof(otn_cell_t)*8))
165
+
166
+/* get the bit position inside an otn_array cell
167
+ * (pos can be obtained from a nonce id with get_otn_array_bit_idx(i, p),
168
+ *  see above) */
169
+#define get_otn_cell_bit(pos) \
170
+	((pos)%(sizeof(otn_cell_t)*8))
171
+
172
+/* returns true if the crt_idx > idx with at least  otn_partition_size
173
+ * WARNING: NID_INC * otn_partition_size must fit inside an nidx_t*/
174
+#define  otn_id_check_overflow(id,  pool) \
175
+	((nid_t)(nid_get((pool))-(id)) >= \
176
+		((nid_t)NID_INC*otn_partition_size))
177
+
178
+/* re-init the stored nc for nonce id in pool p */
179
+nid_t otn_new(nid_t id, unsigned char p)
180
+{
181
+	unsigned int i;
182
+	unsigned  n, b;
183
+
184
+	n=get_otn_array_bit_idx(id, p); /* n-th bit */
185
+	i=get_otn_array_cell_idx(n);    /* aray index i, corresponding to n */
186
+	b=get_otn_cell_bit(n);          /* bit pos corresponding to n */
187
+	/* new_value = old_value with the corresponding bit zeroed */
188
+#ifdef OTN_CELL_T_LONG
189
+	atomic_and_long((long*)&otn_array[i],  ~((otn_cell_t)1<<b));
190
+#else
191
+	atomic_and_int((int*)&otn_array[i],  ~((otn_cell_t)1<<b));
192
+#endif /* OTN_CELL_T_LONG */
193
+	return id;
194
+}
195
+
196
+
197
+
198
+/* check if nonce w/ index i is expected/valid and if so marked it "seen"
199
+ * returns: 0 - ok, < 0 some error:
200
+ * OTN_INV_POOL      (pool number is invalid/corrupted)
201
+ * OTN_ID_OVERFLOW   (crt_id has overflowed with partition size since the
202
+ *                    id was generated)
203
+ * OTN_REPLAY        (nonce id seen before => replay )
204
+ */
205
+enum otn_check_ret otn_check_id(nid_t id, unsigned pool)
206
+{
207
+	unsigned int i;
208
+	unsigned n, b;
209
+	otn_cell_t v, b_mask;
210
+
211
+	if (unlikely(pool>=nid_pool_no))
212
+		return OTN_INV_POOL;
213
+	if (unlikely(otn_id_check_overflow(id, pool)))
214
+		return OTN_ID_OVERFLOW;
215
+	n=get_otn_array_bit_idx(id, pool); /* n-th bit */
216
+	i=get_otn_array_cell_idx(n);    /* aray index i, corresponding to n */
217
+	b=get_otn_cell_bit(n);          /* bit pos corresponding to n */
218
+	b_mask= (otn_cell_t)1<<b;
219
+
220
+#ifdef OTN_CELL_T_LONG
221
+	v=atomic_get_long(&oth_array[i]);
222
+	if (unlikely(v & b_mask))
223
+		return OTN_REPLAY;
224
+	atomic_or_long((long*)&otn_array[i],  b_mask);
225
+#else
226
+	v=atomic_get_int(&otn_array[i]);
227
+	if (unlikely(v & b_mask))
228
+		return OTN_REPLAY;
229
+	atomic_or_int((int*)&otn_array[i],  b_mask);
230
+#endif /* OTN_CELL_T_LONG */
231
+	return 0;
232
+}
233
+
234
+#endif /* USE_OT_NONCE */