Allow to set DH parameters
This commit is contained in:
parent
5db61f3982
commit
6b38449875
@ -7,7 +7,7 @@ src_bip_SOURCES = src/conf.y src/lex.l \
|
|||||||
src/line.c src/line.h \
|
src/line.c src/line.h \
|
||||||
src/log.c src/log.h \
|
src/log.c src/log.h \
|
||||||
src/md5.c src/md5.h \
|
src/md5.c src/md5.h \
|
||||||
src/moduli.h \
|
src/path_util.c src/path_util.h \
|
||||||
src/tuple.h \
|
src/tuple.h \
|
||||||
src/util.c src/util.h
|
src/util.c src/util.h
|
||||||
src_bipmkpw_SOURCES = src/bipmkpw.c src/md5.c src/util.c
|
src_bipmkpw_SOURCES = src/bipmkpw.c src/md5.c src/util.c
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
.TH BIP.CONF 5 "10 October 2005"
|
.TH BIP.CONF 5 "04 July 2016"
|
||||||
|
|
||||||
.SH NAME
|
.SH NAME
|
||||||
|
|
||||||
@ -82,6 +82,10 @@ SSL connections.
|
|||||||
\fBclient_side_ciphers\fP
|
\fBclient_side_ciphers\fP
|
||||||
OpenSSL cipher lists used for clients SSL connections.
|
OpenSSL cipher lists used for clients SSL connections.
|
||||||
|
|
||||||
|
.TP
|
||||||
|
\fBclient_side_dh_param\fP DH parameters filename\fP (default: \fB<bipdir>/dh.pem\fP)
|
||||||
|
Used for clients SSL connections, Supply at least 2048-bit parameters.
|
||||||
|
|
||||||
.TP
|
.TP
|
||||||
\fBssl_default_ciphers\fP
|
\fBssl_default_ciphers\fP
|
||||||
OpenSSL cipher lists used for server connections.
|
OpenSSL cipher lists used for server connections.
|
||||||
|
@ -23,6 +23,11 @@ client_side_ssl = false;
|
|||||||
# OpenSSL cipher lists used with SSL client connections.
|
# OpenSSL cipher lists used with SSL client connections.
|
||||||
#client_side_ciphers = "ECDHE-RSA-AES128-GCM-SHA256";
|
#client_side_ciphers = "ECDHE-RSA-AES128-GCM-SHA256";
|
||||||
|
|
||||||
|
# DH parameters bip'll use when serving SSL clients.
|
||||||
|
# Supply at least 2048-bit parameters, for example using openssl:
|
||||||
|
# openssl dhparam -out dh.pem 2048;
|
||||||
|
#client_side_dh_param = "dh.pem";
|
||||||
|
|
||||||
# Default OpenSSL cipher lists used with outgoing connections to IRC servers.
|
# Default OpenSSL cipher lists used with outgoing connections to IRC servers.
|
||||||
#ssl_default_ciphers = "ECDHE-RSA-AES128-GCM-SHA256";
|
#ssl_default_ciphers = "ECDHE-RSA-AES128-GCM-SHA256";
|
||||||
|
|
||||||
|
@ -56,7 +56,7 @@ syn keyword bipKeyword contained nextgroup=bipBoolV client_side_ssl
|
|||||||
\ log log_system
|
\ log log_system
|
||||||
syn keyword bipKeyword contained nextgroup=bipStringV log_root
|
syn keyword bipKeyword contained nextgroup=bipStringV log_root
|
||||||
\ log_format oidentd_file pid_file client_side_ssl_pem client_side_ciphers
|
\ log_format oidentd_file pid_file client_side_ssl_pem client_side_ciphers
|
||||||
\ ssl_default_ciphers
|
\ client_side_dh_param ssl_default_ciphers
|
||||||
syn keyword bipKeyword contained nextgroup=bipNumericV port log_level
|
syn keyword bipKeyword contained nextgroup=bipNumericV port log_level
|
||||||
\ log_sync_interval
|
\ log_sync_interval
|
||||||
syn keyword bipKeyword contained nextgroup=bipIPV ip
|
syn keyword bipKeyword contained nextgroup=bipIPV ip
|
||||||
|
31
src/bip.c
31
src/bip.c
@ -25,6 +25,7 @@
|
|||||||
#include <fcntl.h>
|
#include <fcntl.h>
|
||||||
#include "irc.h"
|
#include "irc.h"
|
||||||
#include "conf.h"
|
#include "conf.h"
|
||||||
|
#include "path_util.h"
|
||||||
#include "tuple.h"
|
#include "tuple.h"
|
||||||
#include "log.h"
|
#include "log.h"
|
||||||
#include "bip.h"
|
#include "bip.h"
|
||||||
@ -42,6 +43,7 @@ int conf_css;
|
|||||||
#ifdef HAVE_LIBSSL
|
#ifdef HAVE_LIBSSL
|
||||||
char *conf_ssl_certfile;
|
char *conf_ssl_certfile;
|
||||||
char *conf_client_ciphers;
|
char *conf_client_ciphers;
|
||||||
|
char *conf_client_dh_file;
|
||||||
char *conf_server_default_ciphers;
|
char *conf_server_default_ciphers;
|
||||||
#endif
|
#endif
|
||||||
int conf_daemonize;
|
int conf_daemonize;
|
||||||
@ -1019,11 +1021,15 @@ int fireup(bip_t *bip, FILE *conf)
|
|||||||
case LEX_CSS_PEM:
|
case LEX_CSS_PEM:
|
||||||
MOVE_STRING(conf_ssl_certfile, t->pdata);
|
MOVE_STRING(conf_ssl_certfile, t->pdata);
|
||||||
break;
|
break;
|
||||||
|
case LEX_DH_PARAM:
|
||||||
|
MOVE_STRING(conf_client_dh_file, t->pdata);
|
||||||
|
break;
|
||||||
#else
|
#else
|
||||||
case LEX_DEFAULT_CIPHERS:
|
case LEX_DEFAULT_CIPHERS:
|
||||||
case LEX_CSS:
|
case LEX_CSS:
|
||||||
case LEX_CSS_CIPHERS:
|
case LEX_CSS_CIPHERS:
|
||||||
case LEX_CSS_PEM:
|
case LEX_CSS_PEM:
|
||||||
|
case LEX_DH_PARAM:
|
||||||
mylog(LOG_WARN, "Found SSL option whereas bip is "
|
mylog(LOG_WARN, "Found SSL option whereas bip is "
|
||||||
"not built with SSL support.");
|
"not built with SSL support.");
|
||||||
break;
|
break;
|
||||||
@ -1223,6 +1229,7 @@ int main(int argc, char **argv)
|
|||||||
conf_ssl_certfile = NULL;
|
conf_ssl_certfile = NULL;
|
||||||
conf_client_ciphers = NULL;
|
conf_client_ciphers = NULL;
|
||||||
conf_server_default_ciphers = NULL;
|
conf_server_default_ciphers = NULL;
|
||||||
|
conf_client_dh_file = NULL;
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
while ((ch = getopt(argc, argv, "hvnf:s:")) != -1) {
|
while ((ch = getopt(argc, argv, "hvnf:s:")) != -1) {
|
||||||
@ -1309,24 +1316,14 @@ int main(int argc, char **argv)
|
|||||||
|
|
||||||
#ifdef HAVE_LIBSSL
|
#ifdef HAVE_LIBSSL
|
||||||
if (conf_css) {
|
if (conf_css) {
|
||||||
int e, fd;
|
int e;
|
||||||
struct stat fs;
|
struct stat fs;
|
||||||
|
|
||||||
if (!conf_ssl_certfile) {
|
if (!conf_ssl_certfile) {
|
||||||
char *ap = "/bip.pem";
|
conf_ssl_certfile = default_path(conf_biphome, "bip.pem",
|
||||||
conf_ssl_certfile = bip_malloc(strlen(conf_biphome) +
|
"SSL certificate");
|
||||||
strlen(ap) + 1);
|
|
||||||
strcpy(conf_ssl_certfile, conf_biphome);
|
|
||||||
strcat(conf_ssl_certfile, ap);
|
|
||||||
mylog(LOG_INFO, "Using default SSL certificate file: "
|
|
||||||
"%s", conf_ssl_certfile);
|
|
||||||
}
|
}
|
||||||
|
assert_path_exists(conf_ssl_certfile);
|
||||||
if ((fd = open(conf_ssl_certfile, O_RDONLY)) == -1)
|
|
||||||
fatal("Unable to open PEM file %s for reading",
|
|
||||||
conf_ssl_certfile);
|
|
||||||
else
|
|
||||||
close(fd);
|
|
||||||
|
|
||||||
e = stat(conf_ssl_certfile, &fs);
|
e = stat(conf_ssl_certfile, &fs);
|
||||||
if (e)
|
if (e)
|
||||||
@ -1336,6 +1333,12 @@ int main(int argc, char **argv)
|
|||||||
mylog(LOG_ERROR, "PEM file %s should not be world "
|
mylog(LOG_ERROR, "PEM file %s should not be world "
|
||||||
"readable / writable. Please fix the modes.",
|
"readable / writable. Please fix the modes.",
|
||||||
conf_ssl_certfile);
|
conf_ssl_certfile);
|
||||||
|
|
||||||
|
if (!conf_client_dh_file) {
|
||||||
|
conf_client_dh_file = default_path(conf_biphome, "dh.pem",
|
||||||
|
"DH parameters");
|
||||||
|
}
|
||||||
|
assert_path_exists(conf_client_dh_file);
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
@ -68,7 +68,7 @@ struct tuple *tuple_l_new(int type, void *p)
|
|||||||
|
|
||||||
%}
|
%}
|
||||||
|
|
||||||
%token LEX_IP LEX_EQ LEX_PORT LEX_CSS LEX_SEMICOLON LEX_CONNECTION LEX_NETWORK LEX_LBRA LEX_RBRA LEX_USER LEX_NAME LEX_NICK LEX_SERVER LEX_PASSWORD LEX_SRCIP LEX_HOST LEX_VHOST LEX_SOURCE_PORT LEX_NONE LEX_COMMENT LEX_BUNCH LEX_REALNAME LEX_SSL LEX_SSL_CHECK_MODE LEX_SSL_CHECK_STORE LEX_SSL_CLIENT_CERTFILE LEX_CIPHERS LEX_CSS_CIPHERS LEX_DEFAULT_CIPHERS LEX_CHANNEL LEX_KEY LEX_LOG_ROOT LEX_LOG_FORMAT LEX_LOG_LEVEL LEX_BACKLOG_LINES LEX_BACKLOG_NO_TIMESTAMP LEX_BACKLOG LEX_LOG LEX_LOG_SYSTEM LEX_LOG_SYNC_INTERVAL LEX_FOLLOW_NICK LEX_ON_CONNECT_SEND LEX_AWAY_NICK LEX_PID_FILE LEX_OIDENTD_FILE LEX_IGN_FIRST_NICK LEX_ALWAYS_BACKLOG LEX_BLRESET_ON_TALK LEX_BLRESET_CONNECTION LEX_DEFAULT_USER LEX_DEFAULT_NICK LEX_DEFAULT_REALNAME LEX_NO_CLIENT_AWAY_MSG LEX_BL_MSG_ONLY LEX_ADMIN LEX_BIP_USE_NOTICE LEX_CSS_PEM LEX_AUTOJOIN_ON_KICK LEX_IGNORE_CAPAB LEX_RECONN_TIMER
|
%token LEX_IP LEX_EQ LEX_PORT LEX_CSS LEX_SEMICOLON LEX_CONNECTION LEX_NETWORK LEX_LBRA LEX_RBRA LEX_USER LEX_NAME LEX_NICK LEX_SERVER LEX_PASSWORD LEX_SRCIP LEX_HOST LEX_VHOST LEX_SOURCE_PORT LEX_NONE LEX_COMMENT LEX_BUNCH LEX_REALNAME LEX_SSL LEX_SSL_CHECK_MODE LEX_SSL_CHECK_STORE LEX_SSL_CLIENT_CERTFILE LEX_CIPHERS LEX_CSS_CIPHERS LEX_DEFAULT_CIPHERS LEX_DH_PARAM LEX_CHANNEL LEX_KEY LEX_LOG_ROOT LEX_LOG_FORMAT LEX_LOG_LEVEL LEX_BACKLOG_LINES LEX_BACKLOG_NO_TIMESTAMP LEX_BACKLOG LEX_LOG LEX_LOG_SYSTEM LEX_LOG_SYNC_INTERVAL LEX_FOLLOW_NICK LEX_ON_CONNECT_SEND LEX_AWAY_NICK LEX_PID_FILE LEX_OIDENTD_FILE LEX_IGN_FIRST_NICK LEX_ALWAYS_BACKLOG LEX_BLRESET_ON_TALK LEX_BLRESET_CONNECTION LEX_DEFAULT_USER LEX_DEFAULT_NICK LEX_DEFAULT_REALNAME LEX_NO_CLIENT_AWAY_MSG LEX_BL_MSG_ONLY LEX_ADMIN LEX_BIP_USE_NOTICE LEX_CSS_PEM LEX_AUTOJOIN_ON_KICK LEX_IGNORE_CAPAB LEX_RECONN_TIMER
|
||||||
|
|
||||||
%union {
|
%union {
|
||||||
int number;
|
int number;
|
||||||
@ -101,6 +101,7 @@ command:
|
|||||||
| LEX_CSS_PEM LEX_EQ LEX_STRING { $$ = tuple_s_new(LEX_CSS_PEM, $3); }
|
| LEX_CSS_PEM LEX_EQ LEX_STRING { $$ = tuple_s_new(LEX_CSS_PEM, $3); }
|
||||||
| LEX_CSS_CIPHERS LEX_EQ LEX_STRING { $$ = tuple_s_new(LEX_CSS_CIPHERS, $3); }
|
| LEX_CSS_CIPHERS LEX_EQ LEX_STRING { $$ = tuple_s_new(LEX_CSS_CIPHERS, $3); }
|
||||||
| LEX_DEFAULT_CIPHERS LEX_EQ LEX_STRING { $$ = tuple_s_new(LEX_DEFAULT_CIPHERS, $3); }
|
| LEX_DEFAULT_CIPHERS LEX_EQ LEX_STRING { $$ = tuple_s_new(LEX_DEFAULT_CIPHERS, $3); }
|
||||||
|
| LEX_DH_PARAM LEX_EQ LEX_STRING { $$ = tuple_s_new(LEX_DH_PARAM, $3); }
|
||||||
| LEX_LOG LEX_EQ LEX_BOOL { $$ = tuple_i_new(LEX_LOG, $3); }
|
| LEX_LOG LEX_EQ LEX_BOOL { $$ = tuple_i_new(LEX_LOG, $3); }
|
||||||
| LEX_LOG_SYSTEM LEX_EQ LEX_BOOL { $$ = tuple_i_new(LEX_LOG_SYSTEM, $3); }
|
| LEX_LOG_SYSTEM LEX_EQ LEX_BOOL { $$ = tuple_i_new(LEX_LOG_SYSTEM, $3); }
|
||||||
| LEX_LOG_SYNC_INTERVAL LEX_EQ LEX_INT { $$ = tuple_i_new(
|
| LEX_LOG_SYNC_INTERVAL LEX_EQ LEX_INT { $$ = tuple_i_new(
|
||||||
|
105
src/connection.c
105
src/connection.c
@ -25,6 +25,7 @@ extern FILE *conf_global_log_file;
|
|||||||
static BIO *errbio = NULL;
|
static BIO *errbio = NULL;
|
||||||
extern char *conf_ssl_certfile;
|
extern char *conf_ssl_certfile;
|
||||||
extern char *conf_client_ciphers;
|
extern char *conf_client_ciphers;
|
||||||
|
extern char *conf_client_dh_file;
|
||||||
static int SSLize(connection_t *cn, int *nc);
|
static int SSLize(connection_t *cn, int *nc);
|
||||||
static SSL_CTX *SSL_init_context(char *ciphers);
|
static SSL_CTX *SSL_init_context(char *ciphers);
|
||||||
/* SSH like trust management */
|
/* SSH like trust management */
|
||||||
@ -1126,81 +1127,39 @@ static connection_t *connection_init(int anti_flood, int ssl, int timeout,
|
|||||||
}
|
}
|
||||||
|
|
||||||
#ifdef HAVE_LIBSSL
|
#ifdef HAVE_LIBSSL
|
||||||
|
static int ctx_set_dh(SSL_CTX *ctx)
|
||||||
#include "moduli.h"
|
|
||||||
|
|
||||||
/* from postfix tls impl */
|
|
||||||
static DH *dh_512(void)
|
|
||||||
{
|
{
|
||||||
DH *dh;
|
/* Return ephemeral DH parameters. */
|
||||||
BIGNUM *p;
|
DH *dh = NULL;
|
||||||
BIGNUM *g;
|
FILE *f;
|
||||||
static DH *dh_512;
|
int ret;
|
||||||
|
|
||||||
if (dh_512 == NULL) {
|
/* Should not fail: already checked in main function */
|
||||||
if ((dh = DH_new()) == NULL) {
|
if ((f = fopen(conf_client_dh_file, "r")) == NULL) {
|
||||||
mylog(LOG_WARN, "SSL: cannot create DH parameter set");
|
mylog(LOG_ERROR, "Unable to open DH parameters (%s): %s",
|
||||||
return (0);
|
conf_client_dh_file, strerror(errno));
|
||||||
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
p = BN_bin2bn(dh512_p, sizeof(dh512_p), (BIGNUM *) 0);
|
dh = PEM_read_DHparams(f, NULL, NULL, NULL);
|
||||||
g = BN_bin2bn(dh512_g, sizeof(dh512_g), (BIGNUM *) 0);
|
fclose(f);
|
||||||
|
|
||||||
if ((p == NULL) || (g == NULL)) {
|
if (dh == NULL) {
|
||||||
mylog(LOG_WARN, "SSL: cannot load compiled-in DH "
|
mylog(LOG_ERROR, "Could not parse DH parameters from: %s",
|
||||||
"parameters");
|
conf_client_dh_file);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
ret = SSL_CTX_set_tmp_dh(ctx, dh);
|
||||||
DH_free(dh);
|
DH_free(dh);
|
||||||
return (0);
|
|
||||||
} else {
|
if (ret != 1) {
|
||||||
DH_set0_pqg(dh, p, NULL, g);
|
mylog(LOG_ERROR, "Unable to set DH parameters: %s",
|
||||||
dh_512 = dh;
|
ERR_error_string(ERR_get_error(), NULL));
|
||||||
}
|
return 0;
|
||||||
}
|
|
||||||
return dh_512;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/* tls_get_dh_1024 - get 1024-bit DH parameters, compiled-in or from file */
|
return 1;
|
||||||
static DH *dh_1024(void)
|
|
||||||
{
|
|
||||||
DH *dh;
|
|
||||||
BIGNUM *p;
|
|
||||||
BIGNUM *g;
|
|
||||||
static DH *dh_1024;
|
|
||||||
|
|
||||||
if (dh_1024 == NULL) {
|
|
||||||
if ((dh = DH_new()) == NULL) {
|
|
||||||
mylog(LOG_WARN, "SSL: cannot create DH parameter set");
|
|
||||||
return (0);
|
|
||||||
}
|
|
||||||
|
|
||||||
p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), (BIGNUM *) 0);
|
|
||||||
g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), (BIGNUM *) 0);
|
|
||||||
|
|
||||||
if ((p == NULL) || (g == NULL)) {
|
|
||||||
mylog(LOG_WARN, "SSL: cannot load compiled-in DH "
|
|
||||||
"parameters");
|
|
||||||
DH_free(dh);
|
|
||||||
return (0);
|
|
||||||
} else {
|
|
||||||
DH_set0_pqg(dh, p, NULL, g);
|
|
||||||
dh_1024 = dh;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return (dh_1024);
|
|
||||||
}
|
|
||||||
|
|
||||||
/* ripped from postfix's tls_dh.c */
|
|
||||||
static DH *tmp_dh_cb(UNUSED(SSL *ssl_unused), int export, int keylength)
|
|
||||||
{
|
|
||||||
DH *ret;
|
|
||||||
|
|
||||||
if (export && keylength == 512) {
|
|
||||||
mylog(LOG_WARN, "SSL: using 512 bits diffie hellman moduli");
|
|
||||||
ret = dh_512();
|
|
||||||
} else {
|
|
||||||
ret = dh_1024();
|
|
||||||
}
|
|
||||||
return ret;
|
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
@ -1247,6 +1206,14 @@ connection_t *accept_new(connection_t *cn)
|
|||||||
connection_free(conn);
|
connection_free(conn);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (!ctx_set_dh(sslctx)) {
|
||||||
|
mylog(LOG_ERROR, "SSL Unable to load DH "
|
||||||
|
"parameters");
|
||||||
|
connection_free(conn);
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
|
|
||||||
if (!SSL_CTX_use_certificate_chain_file(sslctx,
|
if (!SSL_CTX_use_certificate_chain_file(sslctx,
|
||||||
conf_ssl_certfile))
|
conf_ssl_certfile))
|
||||||
mylog(LOG_WARN, "SSL: Unable to load "
|
mylog(LOG_WARN, "SSL: Unable to load "
|
||||||
@ -1255,10 +1222,6 @@ connection_t *accept_new(connection_t *cn)
|
|||||||
conf_ssl_certfile,
|
conf_ssl_certfile,
|
||||||
SSL_FILETYPE_PEM))
|
SSL_FILETYPE_PEM))
|
||||||
mylog(LOG_WARN, "SSL: Unable to load key file");
|
mylog(LOG_WARN, "SSL: Unable to load key file");
|
||||||
|
|
||||||
/* diffie hellman key generation need us to feed some
|
|
||||||
data that can be static ... */
|
|
||||||
SSL_CTX_set_tmp_dh_callback(sslctx, tmp_dh_cb);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
conn->ssl_h = SSL_new(sslctx);
|
conn->ssl_h = SSL_new(sslctx);
|
||||||
|
@ -112,6 +112,7 @@ list_t *parse_conf(FILE *file, int *err)
|
|||||||
"bip_use_notice" { return LEX_BIP_USE_NOTICE; }
|
"bip_use_notice" { return LEX_BIP_USE_NOTICE; }
|
||||||
"client_side_ssl_pem" { return LEX_CSS_PEM; }
|
"client_side_ssl_pem" { return LEX_CSS_PEM; }
|
||||||
"client_side_ciphers" { return LEX_CSS_CIPHERS; }
|
"client_side_ciphers" { return LEX_CSS_CIPHERS; }
|
||||||
|
"client_side_dh_param" { return LEX_DH_PARAM; }
|
||||||
"ignore_server_capab" { return LEX_IGNORE_CAPAB; }
|
"ignore_server_capab" { return LEX_IGNORE_CAPAB; }
|
||||||
"reconn_timer" { return LEX_RECONN_TIMER; }
|
"reconn_timer" { return LEX_RECONN_TIMER; }
|
||||||
\"[^"]*\" {
|
\"[^"]*\" {
|
||||||
|
38
src/moduli.h
38
src/moduli.h
@ -1,38 +0,0 @@
|
|||||||
/* ripped from postfix tls_dh.c */
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Compiled-in DH parameters. These are used when no parameters are
|
|
||||||
* explicitly loaded from file.
|
|
||||||
*
|
|
||||||
* XXX What is the origin of these parameters?
|
|
||||||
*/
|
|
||||||
static unsigned char dh512_p[] = {
|
|
||||||
0x88, 0x3F, 0x00, 0xAF, 0xFC, 0x0C, 0x8A, 0xB8, 0x35, 0xCD, 0xE5, 0xC2,
|
|
||||||
0x0F, 0x55, 0xDF, 0x06, 0x3F, 0x16, 0x07, 0xBF, 0xCE, 0x13, 0x35, 0xE4,
|
|
||||||
0x1C, 0x1E, 0x03, 0xF3, 0xAB, 0x17, 0xF6, 0x63, 0x50, 0x63, 0x67, 0x3E,
|
|
||||||
0x10, 0xD7, 0x3E, 0xB4, 0xEB, 0x46, 0x8C, 0x40, 0x50, 0xE6, 0x91, 0xA5,
|
|
||||||
0x6E, 0x01, 0x45, 0xDE, 0xC9, 0xB1, 0x1F, 0x64, 0x54, 0xFA, 0xD9, 0xAB,
|
|
||||||
0x4F, 0x70, 0xBA, 0x5B,
|
|
||||||
};
|
|
||||||
static unsigned char dh512_g[] = {
|
|
||||||
0x02,
|
|
||||||
};
|
|
||||||
|
|
||||||
static unsigned char dh1024_p[] = {
|
|
||||||
0xB0, 0xFE, 0xB4, 0xCF, 0xD4, 0x55, 0x07, 0xE7, 0xCC, 0x88, 0x59, 0x0D,
|
|
||||||
0x17, 0x26, 0xC5, 0x0C, 0xA5, 0x4A, 0x92, 0x23, 0x81, 0x78, 0xDA, 0x88,
|
|
||||||
0xAA, 0x4C, 0x13, 0x06, 0xBF, 0x5D, 0x2F, 0x9E, 0xBC, 0x96, 0xB8, 0x51,
|
|
||||||
0x00, 0x9D, 0x0C, 0x0D, 0x75, 0xAD, 0xFD, 0x3B, 0xB1, 0x7E, 0x71, 0x4F,
|
|
||||||
0x3F, 0x91, 0x54, 0x14, 0x44, 0xB8, 0x30, 0x25, 0x1C, 0xEB, 0xDF, 0x72,
|
|
||||||
0x9C, 0x4C, 0xF1, 0x89, 0x0D, 0x68, 0x3F, 0x94, 0x8E, 0xA4, 0xFB, 0x76,
|
|
||||||
0x89, 0x18, 0xB2, 0x91, 0x16, 0x90, 0x01, 0x99, 0x66, 0x8C, 0x53, 0x81,
|
|
||||||
0x4E, 0x27, 0x3D, 0x99, 0xE7, 0x5A, 0x7A, 0xAF, 0xD5, 0xEC, 0xE2, 0x7E,
|
|
||||||
0xFA, 0xED, 0x01, 0x18, 0xC2, 0x78, 0x25, 0x59, 0x06, 0x5C, 0x39, 0xF6,
|
|
||||||
0xCD, 0x49, 0x54, 0xAF, 0xC1, 0xB1, 0xEA, 0x4A, 0xF9, 0x53, 0xD0, 0xDF,
|
|
||||||
0x6D, 0xAF, 0xD4, 0x93, 0xE7, 0xBA, 0xAE, 0x9B,
|
|
||||||
};
|
|
||||||
|
|
||||||
static unsigned char dh1024_g[] = {
|
|
||||||
0x02,
|
|
||||||
};
|
|
||||||
|
|
37
src/path_util.c
Normal file
37
src/path_util.c
Normal file
@ -0,0 +1,37 @@
|
|||||||
|
/*
|
||||||
|
* This file is part of the bip project
|
||||||
|
* Copyright (C) 2016 Pierre-Louis Bonicoli
|
||||||
|
*
|
||||||
|
* This program is free software; you can redistribute it and/or modify
|
||||||
|
* it under the terms of the GNU General Public License as published by
|
||||||
|
* the Free Software Foundation; either version 2 of the License, or
|
||||||
|
* (at your option) any later version.
|
||||||
|
* See the file "COPYING" for the exact licensing terms.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include "path_util.h"
|
||||||
|
#include "util.h"
|
||||||
|
|
||||||
|
#include <stdio.h>
|
||||||
|
#include <string.h>
|
||||||
|
|
||||||
|
char *default_path(const char *biphome, const char *filename, const char *desc)
|
||||||
|
{
|
||||||
|
char *conf_file;
|
||||||
|
// '/' and NULL
|
||||||
|
conf_file = bip_malloc(strlen(biphome) + strlen(filename) + 2);
|
||||||
|
strcpy(conf_file, biphome);
|
||||||
|
conf_file[strlen(biphome)] = '/';
|
||||||
|
strcat(conf_file, filename);
|
||||||
|
mylog(LOG_INFO, "Using default %s: %s", desc, conf_file);
|
||||||
|
return conf_file;
|
||||||
|
}
|
||||||
|
|
||||||
|
void assert_path_exists(char *path)
|
||||||
|
{
|
||||||
|
FILE* f;
|
||||||
|
if ((f = fopen(path, "r")) == NULL)
|
||||||
|
fatal("Unable to open file %s for reading", path);
|
||||||
|
else
|
||||||
|
fclose(f);
|
||||||
|
}
|
19
src/path_util.h
Normal file
19
src/path_util.h
Normal file
@ -0,0 +1,19 @@
|
|||||||
|
/*
|
||||||
|
* This file is part of the bip project
|
||||||
|
* Copyright (C) 2016 Pierre-Louis Bonicoli
|
||||||
|
*
|
||||||
|
* This program is free software; you can redistribute it and/or modify
|
||||||
|
* it under the terms of the GNU General Public License as published by
|
||||||
|
* the Free Software Foundation; either version 2 of the License, or
|
||||||
|
* (at your option) any later version.
|
||||||
|
* See the file "COPYING" for the exact licensing terms.
|
||||||
|
*/
|
||||||
|
#ifndef PATH_UTIL_H
|
||||||
|
#define PATH_UTIL_H
|
||||||
|
|
||||||
|
/* return path of filename located in bip home directory */
|
||||||
|
char *default_path(const char *biphome, const char *filename, const char *desc);
|
||||||
|
/* exit program if path doesn't exist */
|
||||||
|
void assert_path_exists(char *path);
|
||||||
|
|
||||||
|
#endif
|
Loading…
Reference in New Issue
Block a user