ref: 9bec8b1ae32dc666388f767d9770b1eac1186f0a
parent: cd0889fa95710264a8e6de18988559c31e089bba
author: cinap_lenrek <[email protected]>
date: Sat Feb 20 20:44:25 EST 2016
import devssl from 9front
--- a/kern/devssl.c
+++ b/kern/devssl.c
@@ -7,7 +7,7 @@
#include "fns.h"
#include "error.h"
-#include "libsec.h"
+#include <libsec.h>
#define NOSPOOKS 1
@@ -72,15 +72,15 @@
enum
{
Maxdmsg= 1<<16,
- Maxdstate= 128, /* must be a power of 2 */
+ Maxdstate= 512, /* max. open ssl conn's; must be a power of 2 */
};
-Lock dslock;
-int dshiwat;
-char *dsname[Maxdstate];
-Dstate *dstate[Maxdstate];
-char *encalgs;
-char *hashalgs;
+static Lock dslock;
+static int dshiwat;
+static char *dsname[Maxdstate];
+static Dstate *dstate[Maxdstate];
+static char *encalgs;
+static char *hashalgs;
enum{
Qtopdir = 1, /* top level directory */
@@ -113,17 +113,13 @@
static long sslput(Dstate *s, Block * volatile b);
char *sslnames[] = {
- /* unused */ 0,
- /* topdir */ 0,
- /* protodir */ 0,
- "clone",
- /* convdir */ 0,
- "data",
- "ctl",
- "secretin",
- "secretout",
- "encalgs",
- "hashalgs",
+[Qclonus] "clone",
+[Qdata] "data",
+[Qctl] "ctl",
+[Qsecretin] "secretin",
+[Qsecretout] "secretout",
+[Qencalgs] "encalgs",
+[Qhashalgs] "hashalgs",
};
static int
@@ -237,7 +233,6 @@
devdir(c, c->qid, sslnames[TYPE(c->qid)], 0, nm, 0660, dp);
return 1;
}
- return -1;
}
static Chan*
@@ -358,7 +353,7 @@
if(!emptystr(dir->uid))
kstrdup(&s->user, dir->uid);
- if(dir->mode != ~0)
+ if(dir->mode != ~0UL)
s->perm = dir->mode;
free(dir);
@@ -766,9 +761,8 @@
int offset;
if(waserror()){
-iprint("error: %s\n", up->errstr);
if(b != nil)
- free(b);
+ freeb(b);
nexterror();
}
@@ -900,7 +894,7 @@
key[6] &= 0x0f;
}
- w->state = malloc(sizeof(DESstate));
+ w->state = smalloc(sizeof(DESstate));
if(w->slen >= 16)
setupDESstate(w->state, key, w->secret+8);
else if(w->slen >= 8)
@@ -936,7 +930,7 @@
if(w->slen > 5)
w->slen = 5;
- w->state = malloc(sizeof(RC4state));
+ w->state = smalloc(sizeof(RC4state));
setupRC4state(w->state, w->secret, w->slen);
}
@@ -955,7 +949,7 @@
if(w->slen > 16)
w->slen = 16;
- w->state = malloc(sizeof(RC4state));
+ w->state = smalloc(sizeof(RC4state));
setupRC4state(w->state, w->secret, w->slen);
}
@@ -1004,6 +998,7 @@
};
#ifdef NOSPOOKS
+static
Encalg encrypttab[] =
{
{ "descbc", 8, DESCBC, initDESkey, }, /* DEPRECATED -- use des_56_cbc */
@@ -1019,6 +1014,7 @@
{ 0 }
};
#else
+static
Encalg encrypttab[] =
{
{ "des_40_cbc", 8, DESCBC, initDESkey_40, },
@@ -1048,14 +1044,31 @@
return -1;
}
+enum {
+ Cfd,
+ Calg,
+ Csin,
+ Csout,
+};
+
+static
+Cmdtab sslcmds[] = {
+ {Cfd, "fd", 2 },
+ {Calg, "alg", 0 },
+ {Csin, "secretin", 2 },
+ {Csout, "secretout", 2 },
+};
+
static long
sslwrite(Chan *c, void *a, long n, vlong o)
{
Dstate * volatile s;
Block * volatile b;
- int m, t;
- char *p, *np, *e, buf[128];
+ int m, t, i;
+ char *p, *e;
uchar *x;
+ Cmdbuf *cb;
+ Cmdtab *ct;
USED(o);
s = dstate[CONV(c->qid)];
@@ -1073,9 +1086,8 @@
nexterror();
}
qlock(&s->out.q);
+
p = a;
-if(0) iprint("write %d %.2ux %.2ux %.2ux %.2ux %.2ux %.2ux %.2ux %.2ux\n",
- n, p[0], p[1], p[2], p[3], p[4], p[5], p[6], p[7]);
e = p + n;
do {
m = e - p;
@@ -1095,9 +1107,7 @@
p += m;
} while(p < e);
- p = a;
-if(0) iprint("wrote %d %.2ux %.2ux %.2ux %.2ux %.2ux %.2ux %.2ux %.2ux\n",
- n, p[0], p[1], p[2], p[3], p[4], p[5], p[6], p[7]);
+
poperror();
qunlock(&s->out.q);
return n;
@@ -1125,20 +1135,16 @@
break;
}
- if(n >= sizeof(buf))
- error("arg too long");
- strncpy(buf, a, n);
- buf[n] = 0;
- p = strchr(buf, '\n');
- if(p)
- *p = 0;
- p = strchr(buf, ' ');
- if(p)
- *p++ = 0;
+ cb = parsecmd(a, n);
+ if(waserror()){
+ free(cb);
+ nexterror();
+ }
+ ct = lookupcmd(cb, sslcmds, nelem(sslcmds));
+ switch(ct->index){
+ case Cfd:
+ s->c = buftochan(cb->f[1]);
- if(strcmp(buf, "fd") == 0){
- s->c = buftochan(p);
-
/* default is clear (msg delimiters only) */
s->state = Sclear;
s->blocklen = 1;
@@ -1146,7 +1152,11 @@
s->maxpad = s->max = (1<<15) - s->diglen - 1;
s->in.mid = 0;
s->out.mid = 0;
- } else if(strcmp(buf, "alg") == 0 && p != 0){
+ break;
+ case Calg:
+ if(cb->nf < 2)
+ cmderror(cb, "no algorithms");
+
s->blocklen = 1;
s->diglen = 0;
@@ -1155,9 +1165,8 @@
s->state = Sclear;
s->maxpad = s->max = (1<<15) - s->diglen - 1;
- if(strcmp(p, "clear") == 0){
- goto out;
- }
+ if(strcmp(cb->f[1], "clear") == 0)
+ break;
if(s->in.secret && s->out.secret == 0)
setsecret(&s->out, s->in.secret, s->in.slen);
@@ -1170,18 +1179,11 @@
s->encryptalg = Noencryption;
s->blocklen = 1;
- for(;;){
- np = strchr(p, ' ');
- if(np)
- *np++ = 0;
-
+ for(i=1; i<cb->nf; i++){
+ p = cb->f[i];
if(parsehashalg(p, s) < 0)
if(parseencryptalg(p, s) < 0)
error("bad algorithm");
-
- if(np == 0)
- break;
- p = np;
}
if(s->hf == 0 && s->encryptalg == Noencryption)
@@ -1194,20 +1196,34 @@
s->maxpad -= s->maxpad % s->blocklen;
} else
s->maxpad = s->max = (1<<15) - s->diglen - 1;
- } else if(strcmp(buf, "secretin") == 0 && p != 0) {
+ break;
+ case Csin:
+ p = cb->f[1];
m = (strlen(p)*3)/2;
x = smalloc(m);
t = dec64(x, m, p, strlen(p));
+ if(t <= 0){
+ free(x);
+ error(Ebadarg);
+ }
setsecret(&s->in, x, t);
free(x);
- } else if(strcmp(buf, "secretout") == 0 && p != 0) {
+ break;
+ case Csout:
+ p = cb->f[1];
m = (strlen(p)*3)/2 + 1;
x = smalloc(m);
t = dec64(x, m, p, strlen(p));
+ if(t <= 0){
+ free(x);
+ error(Ebadarg);
+ }
setsecret(&s->out, x, t);
free(x);
- } else
- error(Ebadarg);
+ break;
+ }
+ poperror();
+ free(cb);
out:
qunlock(&s->in.ctlq);
@@ -1426,7 +1442,7 @@
*p = n;
(*s->hf)(msgid, 4, digest, &ss);
- if(memcmp(digest, bin->rp, s->diglen) != 0)
+ if(tsmemcmp(digest, bin->rp, s->diglen) != 0)
error("bad digest");
}