Make crypo a per fd feature

The current code checked if the global pointers crypt_function_recv and
crypt_function_send are non-NULL. In this case it used the given crypt
functions unconditionally for each fd. This makes it messy to enable
crypto only for some fds.

This patch removes these global pointers in favour of an array of
crypt function pointers. Users may use this function to activate
crypto for each fd separately.

diff --git a/audioc.c b/audioc.c
index 0b0d2fb7006e6b9c60a9c0526c3d3d0259028463..8d8ad35f1e8c2080816d9da7ccf9e6a5a0363205 100644 (file)
--- a/audioc.c
+++ b/audioc.c
@@ -46,10 +46,6 @@ void para_log(int ll, const char* fmt,...)
        va_end(argp);
 }
 
-/* audioc does not use encryption */
-void (*crypt_function_recv)(unsigned long len, const unsigned char *indata, unsigned char *outdata) = NULL;
-void (*crypt_function_send)(unsigned long len, const unsigned char *indata, unsigned char *outdata) = NULL;
-
 static char *concat_args(const int argc, char * const *argv)
 {
        int i; char *buf = NULL;

diff --git a/client.c b/client.c
index b77a2f68299ec4f47dc6c90e6b1d95ed4dde017b..0380d5678b3aae84d34bdb62838c3f9cd475cf82 100644 (file)
--- a/client.c
+++ b/client.c
@@ -131,10 +131,6 @@ static void rc4_recv(unsigned long len, const unsigned char *indata,
        RC4(&pcd->rc4_recv_key, len, indata, outdata);
 }
 
-void (*crypt_function_recv)(unsigned long len, const unsigned char *indata, unsigned char *outdata);
-void (*crypt_function_send)(unsigned long len, const unsigned char *indata, unsigned char *outdata);
-
-
 static void append_str(char **data, const char* append)
 {
        if (*data) {
@@ -197,8 +193,6 @@ int main(int argc, char *argv[])
        /* concat args */
        for (i = 0; i < pcd->conf.inputs_num; i++)
                append_str(&command, pcd->conf.inputs[i]);
-       crypt_function_recv = NULL;
-       crypt_function_send = NULL;
        /* get the host info */
        PARA_NOTICE_LOG("getting host info of %s\n",
                pcd->conf.hostname_arg);
@@ -269,10 +263,9 @@ int main(int argc, char *argv[])
                        goto out;
                RC4_set_key(&pcd->rc4_send_key, RC4_KEY_LEN, rc4_buf);
                RC4_set_key(&pcd->rc4_recv_key, RC4_KEY_LEN, rc4_buf + RC4_KEY_LEN);
-               PARA_INFO_LOG("rc4 encrytion activated: %x:%x:%x:%x\n",
+               PARA_INFO_LOG("rc4 encryption activated: %x:%x:%x:%x\n",
                        rc4_buf[0], rc4_buf[1], rc4_buf[2], rc4_buf[3]);
-               crypt_function_recv = rc4_recv;
-               crypt_function_send = rc4_send;
+               enable_crypt(pcd->fd, rc4_recv, rc4_send);
        }
        /* send command */
        PARA_INFO_LOG("--> %s\n", command);

diff --git a/command.c b/command.c
index 531c776a3249e6d555c6570746c1e6036e125f7d..00f8dc31cdd8f0be3fbebfd9a9bf0e25650844f0 100644 (file)
--- a/command.c
+++ b/command.c
@@ -32,10 +32,6 @@
 #include "daemon.h"
 #include "string.h"
 
-void (*crypt_function_recv)(unsigned long len, const unsigned char *indata,
-       unsigned char *outdata) = NULL;
-void (*crypt_function_send)(unsigned long len, const unsigned char *indata,
-       unsigned char *outdata) = NULL;
 static RC4_KEY rc4_recv_key;
 static RC4_KEY rc4_send_key;
 static unsigned char rc4_buf[2 * RC4_KEY_LEN];
@@ -1171,11 +1167,8 @@ int handle_connect(int fd, struct sockaddr_in *addr)
        ret = send_bin_buffer(fd, buf, numbytes);
        if (ret < 0)
                goto err_out;
-       if (use_rc4) {
-               crypt_function_recv = rc4_recv;
-               crypt_function_send = rc4_send;
-               PARA_INFO_LOG("%s", "rc4 encryption activated\n");
-       }
+       if (use_rc4)
+               enable_crypt(fd, rc4_recv, rc4_send);
        /* read command */
        while ((numbytes = recv_buffer(fd, buf, sizeof(buf))) > 0) {
 //             PARA_INFO_LOG("recvd: %s (%d)\n", buf, numbytes);

diff --git a/net.c b/net.c
index 582fa04dad3c3f61c98fd975d551424123759da8..74b8e1f7eddbc6c76bbf0e717bb05df5311b3bb5 100644 (file)
--- a/net.c
+++ b/net.c
@@ -23,8 +23,26 @@
 #include "string.h"
 #include "error.h"
 
-extern void (*crypt_function_recv)(unsigned long len, const unsigned char *indata, unsigned char *outdata);
-extern void (*crypt_function_send)(unsigned long len, const unsigned char *indata, unsigned char *outdata);
+static crypt_function **crypt_functions;
+static unsigned max_crypt_fd;
+
+void enable_crypt(int fd, crypt_function *recv, crypt_function *send)
+{
+       if (max_crypt_fd < fd) {
+               crypt_functions = para_realloc(crypt_functions,
+                       2 * (fd + 1) * sizeof(crypt_function*));
+               max_crypt_fd = fd;
+       }
+       crypt_functions[2 * fd] = recv;
+       crypt_functions[2 * fd + 1] = send;
+       PARA_INFO_LOG("rc4 encryption activated for fd %d\n", fd);
+}
+
+void disable_crypt(int fd)
+{
+       crypt_functions[2 * fd] = NULL;
+       crypt_functions[2 * fd + 1] = NULL;
+}
 
 
 /**
@@ -95,12 +113,16 @@ static int sendall(int fd, const char *buf, size_t *len)
 int send_bin_buffer(int fd, const char *buf, size_t len)
 {
        int ret;
+       crypt_function *cf = NULL;
+
+       if (fd <= max_crypt_fd)
+               cf = crypt_functions[2 * fd + 1];
 
        if (!len)
                PARA_CRIT_LOG("%s", "len == 0\n");
-       if (crypt_function_send) {
+       if (cf) {
                unsigned char *outbuf = para_malloc(len);
-               crypt_function_send(len, (unsigned char *)buf, outbuf);
+               (*cf)(len, (unsigned char *)buf, outbuf);
                ret = sendall(fd, (char *)outbuf, &len);
                free(outbuf);
        } else
@@ -159,12 +181,15 @@ __printf_2_3 int send_va_buffer(int fd, const char *fmt, ...)
 __must_check int recv_bin_buffer(int fd, char *buf, ssize_t size)
 {
        int n;
+       crypt_function *cf = NULL;
 
-       if (crypt_function_recv) {
+       if (fd <= max_crypt_fd)
+               cf = crypt_functions[2 * fd];
+       if (cf) {
                unsigned char *tmp = para_malloc(size);
                n = recv(fd, tmp, size, 0);
                if (n > 0)
-                       crypt_function_recv(n, tmp, (unsigned char *)buf);
+                       (*cf)(n, tmp, (unsigned char *)buf);
                free(tmp);
        } else
                n = recv(fd, buf, size, 0);

diff --git a/net.h b/net.h
index 9f6af7528b146886092da4fe3bcffb9ce23b0d3d..172e4ae6c21308dbdc0860938794a0078f385bec 100644 (file)
--- a/net.h
+++ b/net.h
@@ -28,6 +28,9 @@
 #define UNIX_PATH_MAX 108
 #endif
 
+typedef void crypt_function(unsigned long len,
+       const unsigned char *indata, unsigned char *outdata);
+
 #include <netdb.h> /* hostent */
 int get_host_info(char *host, struct hostent **ret);
 int get_socket(void);
@@ -45,4 +48,6 @@ int recv_cred_buffer(int, char *, size_t);
 ssize_t send_cred_buffer(int, char*);
 int recv_pattern(int fd, const char *pattern, size_t bufsize);
 int init_tcp_socket(int port);
+void enable_crypt(int fd, crypt_function *recv, crypt_function *send);
+void disable_crypt(int fd);
 

diff --git a/recv_common.c b/recv_common.c
index e39719da37dde6ab5524fc5d81880f0e4edb326b..0393d7641abbae85e9645e260417551d4e7fea8b 100644 (file)
--- a/recv_common.c
+++ b/recv_common.c
@@ -25,9 +25,6 @@
 #include "recv.h"
 #include "string.h"
 
-void (*crypt_function_recv)(unsigned long len, const unsigned char *indata, unsigned char *outdata) = NULL;
-void (*crypt_function_send)(unsigned long len, const unsigned char *indata, unsigned char *outdata) = NULL;
-
 DEFINE_RECEIVER_ARRAY;
 static void *parse_receiver_args(int receiver_num, char *options)
 {