Andrew Bettison
08c02e0e20
More progress towards keyring load command
2013-09-03 17:31:10 +09:30
Andrew Bettison
425aa1005c
Start work on "keyring load" command
2013-09-02 17:33:52 +09:30
Andrew Bettison
aa20fd1a9b
Improve keyring environment variables
...
Rename to SERVALD_...
Interpret SERVALD_KEYRING_PATH relative to instance dir unless absolute.
Explicitly unset them in setup_servald() test defs function
2013-08-30 11:20:19 +09:30
Andrew Bettison
3b1ae5cbb0
Env vars SERVAL_KEYRING_PATH and SERVAL_KEYRING_READONLY
...
To support release signing operations without having to copy the release
keyring from its USB stick (into an instance directory), and reducing
the risk of corrupting the release keyring file while using it in-place.
2013-08-30 11:20:19 +09:30
Jeremy Lakeman
81afc42d8b
Major refactor to packet queuing and delivery in preparation for unicast link tracking.
...
Unicast tests broken
2013-08-09 09:37:08 +09:30
Jeremy Lakeman
3855ff35c4
Clean up string formatting for 64bit compilation
2013-07-15 09:59:24 +09:30
Andrew Bettison
e5bcc07193
Change comment to reduce confusion
2013-06-06 16:03:35 +09:30
Andrew Bettison
1f10f05302
Add "keyring dump" command
2013-04-30 17:29:06 +09:30
Andrew Bettison
e6438d74d3
Improve keyring pack code
2013-04-29 16:00:58 +09:30
Andrew Bettison
6fd49099cb
Rewrite keyring pack/unpack for extensibility
...
Use new rotbuf primitives to handle rotated buffers
2013-04-29 14:31:50 +09:30
Andrew Bettison
91a0b2520f
Forward-compatible keyring format
2013-04-23 18:13:01 +09:30
Andrew Bettison
b7185a294f
Fix keyring SEGV bug
...
Sometimes, when adding a PIN to a keyring (eg, when opening a keyring
file), a SEGV would be caused while trying to validate the MAC for an
entry which apparently had zero keypair entries.
Changed some keyring struct 'int' fields to 'unsigned int', to ensure
that comparison logic behaves as expected.
Refactored some keyring code for more clarity and code maintenance
safety.
Added TODO comment about keyring file format non-back-compatibility.
2013-03-07 14:27:33 +10:30
Andrew Bettison
1d5b57443b
Some keyring refactoring and improvements
2013-03-06 15:28:57 +10:30
Andrew Bettison
91f11dc72a
Improve more keyring error messages
2013-03-06 14:57:23 +10:30
Andrew Bettison
287701f128
Improve keyring error messages
2013-03-06 14:43:52 +10:30
Andrew Bettison
03f38d2031
Improve keyring debugging
2013-03-06 14:15:27 +10:30
Andrew Bettison
705f414a4d
Fix SEGV bug in keyring_enter_pin()
...
The public and private key length fields were stored as 'int' not
'unsigned', so arithmetic for checking buffer overrun was not correct.
2013-03-06 14:02:33 +10:30
Jeremy Lakeman
2c687e9b35
Ensure a randomly generated phone number is valid, Fixes #55
2013-02-28 16:39:00 +10:30
gardners
2252fdcaa7
created tool for automatically finding IN()s without matching
...
OUT()s or where return() is used instead of RETURN().
Added OUT() to end of all functions using IN() that lacked it to
make it easier to statically analyse this invariant.
Fixed several return instead of RETURNs detected through use of
this tool. #49
2013-02-20 16:18:56 +10:30
Andrew Bettison
c42260f5f9
Replace "add did" command with improved "keyring add did"
...
Output is same format as "keyring add" command
Fixed minor bug in rolling a random DID -- last byte was not random
Some code improvements, including better support for sid_t
2013-02-14 16:06:01 +10:30
Andrew Bettison
e86a129d49
Refactor: rename some cli.h structs
...
Now all symbols defined in cli.h start with or contain "cli_"
2013-02-13 17:43:24 +10:30
Andrew Bettison
f66a894a63
Improve keyring PIN handling
...
Replace explicit [<pin,pin...>] command-line arguments with --entry-pin=<pin>
options. Update test scripts accordlingly.
Add --keyring-pin=<pin> option (with one test case).
2013-02-13 16:49:52 +10:30
Jeremy Lakeman
82db15db5b
Use any packet as a self-announce
...
Stop sending OF_TYPE_SELFANNOUNCE
Deprecate OF_TYPE_DATA_VOICE
Tweak payload priorities
Don't allow client applications to send high priority payloads
2012-12-16 10:09:29 +10:30
Andrew Bettison
5985df751d
Overhaul debug flags
...
Replace debugflags_t and DEBUG_XXX bit masks with config schema "debug.xxx"
entries.
No more support for "debug.all".
2012-12-11 15:59:46 +10:30
Jeremy Lakeman
54f9d9b0e0
Rely on please explain, don't send too many full sids
2012-11-28 15:44:39 +10:30
Jeremy Lakeman
25e99787df
Dampen logging
2012-11-09 15:56:54 +10:30
Andrew Bettison
4450116472
Refactor string functions, add str_fromprint()
...
Move lots of non-Serval-specific string functions from "serval.h"/dataformats.c
to "str.h"/str.c.
Add str_fromprint() function that reverses the effect of toprint(): interprets
escape sequences in the source string "\n\t\r\0\xHH\\" and replaces them with a
single char in the destination string.
2012-11-07 16:42:45 +10:30
gardners
55c9cff8cd
added code to replace old-format SAS with new crypto_sign implementation
...
type on next use (so that people upgrading automatically get a new valid
SAS instead of continuing to try to use an invalid one -- this is only
a reasonable course of action since we have made no formal releases of
the code). #17
2012-10-18 17:26:49 +10:30
gardners
499c4018bf
Imported ref10/ implementation of crypto_sign from supercop-20120525
...
as recommended a while back by Dan Bernstein as offering the fastest
implementation of the crypto_sign() primitives for ARM.
Indeed this implementation IS faster. See comparison below for a
Rock 500 handset (800MHz(?) ARM6, no NEON):
Original ref/ implementation on an R500 stock rom (non-rooted)::
mean signature generation time = 96.80ms
mean signature verification time = 272.20ms
ref10/ implementations on an R500 stock rom (non-rooted):
mean signature generation time = 4.00ms
mean signature verification time = 13.00ms
Approximately 20x speed up, just like that :)
2012-10-18 17:26:48 +10:30
Jeremy Lakeman
b22e3f1964
Add hop count to mdp ping
...
- Allow mdp client to specify ttl
- Copy ttl into and out of overlay frame
2012-10-10 16:22:31 +10:30
Jeremy Lakeman
4b2b8f1783
Store keyring identity pointer for local identities in subscriber tree
2012-10-10 15:29:36 +10:30
Andrew Bettison
89343c69cd
Merge branch 'rhizomedirect' into 'master'
2012-10-05 17:45:30 +09:30
Jeremy Lakeman
48c9a7067e
keyring_get_nm_bytes doesn't need to know about port numbers
2012-10-05 09:14:24 +09:30
Jeremy Lakeman
b72c01518b
Move SAS key storage into subscriber structure
2012-10-03 13:59:46 +09:30
Andrew Bettison
c1695a67b2
Fix bug in 'keyring list' command
...
Revealed by recent rhizomeprotocol test improvements. Was always printing
empty DID and name fields.
(cherry picked from commit 7452c215e2
)
2012-09-28 12:16:55 +09:30
Jeremy Lakeman
6d31aa52e7
Use the correct public key when a new keyring is created
2012-09-18 13:43:00 +09:30
Jeremy Lakeman
7c73ca7a78
Finish test and implementation of directory service
2012-09-18 12:30:15 +09:30
Jeremy Lakeman
ac4567d48a
Merge remote-tracking branch 'origin/master' into sid_handling
2012-09-17 15:38:05 +09:30
Jeremy Lakeman
456bf3fdca
Tidy up source port checking
2012-09-14 17:04:35 +09:30
Andrew Bettison
7452c215e2
Fix bug in 'keyring list' command
...
Revealed by recent rhizomeprotocol test improvements. Was always printing
empty DID and name fields.
2012-09-14 16:23:32 +09:30
Jeremy Lakeman
6483d9e0ae
Split client mdp functions so they can be built separately
2012-09-14 11:47:48 +09:30
Jeremy Lakeman
2b530bb02a
Trying to send unicast sas request
2012-09-07 13:04:40 +09:30
Jeremy Lakeman
3b55643b08
Send my full sid periodically for any outgoing payload header
2012-09-07 10:01:34 +09:30
Paul Gardner-Stephen
bba6839656
Initial stab at porting to Solaris.
...
It compiles without warning (with CC=gcc) but doesn't link
because NaCL doesn't build yet.
2012-09-05 20:42:50 +09:30
Jeremy Lakeman
e05806f25e
Separate routing calculation from resulting rules, refactor more code to use subscriber structure
2012-08-31 15:11:18 +09:30
Andrew Bettison
eec8fb6e95
Improve SAS resolution debug messages
2012-08-14 14:06:59 +09:30
Andrew Bettison
12d8bc0c12
Use new typedef time_ms_t everywhere
2012-08-09 12:14:32 +09:30
Andrew Bettison
240be25793
Replace overlay_gettime_ms() with gettime_ms()
2012-07-30 17:22:38 +09:30
Andrew Bettison
ce12258f63
Improve logging in keyring.c
...
Use DEBUGF() not WHYF() for debug messages, test DEBUG_KEYRING.
Use WHY_perror() in more places.
2012-07-27 18:18:57 +09:30
Andrew Bettison
a69f637b3a
Replace DEBUG_HLR with DEBUG_KEYRING
...
Convert several fprintf(stderr,...) into DEBUGF() statements
2012-07-27 11:26:19 +09:30
Andrew Bettison
d2898ee22c
Add output fields to 'keyring add' command
2012-07-06 13:17:53 +09:30
Andrew Bettison
72769e162b
Replace overlay_render_sid_prefix() with alloca_tohex()
...
To eliminate timebomb bugs caused by rotor wraparound
2012-07-04 10:30:46 +09:30
Andrew Bettison
2c87039307
Replace overlay_render_sid() with alloca_tohex_sid()
...
To eliminate timebomb bugs caused by rotor wraparound
2012-07-03 17:59:30 +09:30
Jeremy Lakeman
495de9e0ec
Add more profiling instrumentation
2012-07-03 15:50:04 +09:30
gardners
c5d89a043d
clean up debugging.
2012-06-26 09:25:42 +09:30
gardners
97cd8f5255
added code to time various servald functions and report periodic
...
statistics. Handles nested calls to correctly aportion call time
among children.
2012-06-26 09:22:51 +09:30
Andrew Bettison
637ef02f30
Add _selfsigned column to "rhizome list" output
...
Add <pin,pin...> arg1 to "rhizome list" command, so it can open the keyring
Some tests in tests/rhizome fail
2012-06-08 18:25:43 +09:30
Andrew Bettison
7a71a521f8
Pass author SID parameters in binary, not hex
2012-06-08 15:27:15 +09:30
gardners
6f09128d9c
fixed identity creation bug which was allowing first nybl of SID == 0.
2012-05-21 16:41:46 +09:30
Andrew Bettison
41583c1011
Fix bug in "rhizome add file" command
...
Was not opening keyring file properly
2012-05-20 15:25:19 +09:30
Andrew Bettison
8baf861552
Replace WHY() calls with DEBUG() where appropriate
2012-05-20 13:44:33 +09:30
Andrew Bettison
0f65028a0b
Clean up keyring_open_with_pins() error reporting
2012-05-19 10:38:29 +09:30
Andrew Bettison
b15e5cfee7
Improve debugging/logging macros
...
Replace 'WHYRETNULL();' statements with 'return WHYNULL();'
Introduce DEBUG(), DEBUGF(), DEBUG_perror() and D macros
Add logMessage() and vlogMessage() functions
Implement setReason() using vlogMessage()
2012-05-10 12:53:57 +09:30
gardners
b281edec05
filter out invalid SIDs when generating.
2012-05-02 02:32:21 +09:30
gardners
14e4af6392
DNA replies now include name. "set did" now accepts name.
...
Keyring now stores name. "node info resolvedid" now returns name.
2012-05-01 14:38:09 +09:30
gardners
a2880ada1e
closer to dna lookup working via mdp.
...
Bug to be fixed in sending replies.
2012-04-25 20:14:56 +09:30
Andrew Bettison
a73916e85a
Implement JNI command-line interface (untested)
...
- argv is (const char *const *) everywhere, to avoid having to strdup() all the
Java arg strings
- changed (char*) to (const char*) in lots of places to fix cascading compiler
warnings as a result of argv constness
- fixed a bug in "config get" command when used without 'variable' arg
2012-04-23 17:18:15 +09:30
gardners
ead3e8cb95
cleaned out some debug info.
2012-04-22 06:29:10 +09:30
gardners
5c52c8e274
trying to find memory corruption bug, probably queue handling
...
related.
2012-04-20 17:14:04 +09:30
Andrew Bettison
0d6e77e221
Use memcmp() instead of deprecated bcmp()
2012-04-17 10:33:01 +09:30
gardners
e639d3d255
fixed bugs and completed implementation of storing SID:SAS mappings.
...
Now to finish implementing verification process.
2012-04-16 06:36:46 +09:30
gardners
e7e8b2d630
fixed bug in RFS size patching.
...
A lot of debug output tweaks to track the problem down.
2012-04-16 06:06:43 +09:30
gardners
caab3078e5
substantial work towards public key signing of MDP frames and
...
the associated SID:SAS mapping cache and request packets.
2012-04-15 03:17:36 +09:30
gardners
9531b5006d
Fixed a bug in nm_bytes cache.
2012-04-14 02:51:09 +09:30
gardners
fabec139f2
Added nm_bytes cache code for fast authcryption.
2012-04-14 02:31:44 +09:30
gardners
ca24513599
Work towards actually authcrypting MDP payloads.
...
Not complete.
2012-04-14 02:14:41 +09:30
gardners
099e7ab118
Fixed searching for DIDs with wildcard with keyring.
...
General improvements to handling identities from keyrings.
Fixed placing of DONE flag for each identity that a query
produces results as.
Various other fixes.
2012-04-13 10:23:59 +09:30
gardners
3e920c8dfa
simple server mode now correctly opens and populates keyring
...
with any identities with blank pins.
2012-04-13 09:35:22 +09:30
gardners
5ac83f9ca1
Replaced use of HLR with keyring for phone number lookups and
...
other functions. Not yet tested.
2012-04-13 09:25:03 +09:30
gardners
7b8d78533d
Added commandline interface to set a did.
...
Re-enabled payload rotation in keyring PKRs.
Getting and setting dids now works.
keyring list displays SID:DID pairs.
2012-04-12 23:16:25 +09:30
gardners
aed1a4ceef
Removed some debugging output.
2012-04-12 17:20:23 +09:30
gardners
e0a385f200
Added functions for setting/changing DIDs and also for finding
...
identities that have a given DID (no wildcard matching just yet).
2012-04-12 17:18:28 +09:30
gardners
4ceefb26de
Added new keytypes for keyring for Rhizome Secret and for storing
...
DIDs (which are probably not normally secret, but keeping with
with an identity is a good thing, anyway).
2012-04-12 17:01:25 +09:30
gardners
635dd3867e
Keyring stuff now works :)
2012-04-12 15:52:41 +09:30
gardners
e89673ee89
Added command line access for simple keyring functions for testing.
...
Creating keyring files works.
Writing PKR blocks seems more or less working, but we can't (yet)
read them back.
2012-04-12 14:00:51 +09:30
gardners
fd7e65b9d8
Remaining pieces required to create and manipulate key rings is
...
now in place.
2012-04-12 12:53:37 +09:30
gardners
f24d06517a
Writing of identities and keys now much closer to happening.
2012-04-12 12:32:01 +09:30
gardners
8efb6fd497
Work towards being able to create a new identity.
...
Still need to pack, crypt and store the resulting identity.
2012-04-12 07:52:50 +09:30
gardners
60e394eedd
PKR verification code in place but untested.
2012-04-12 07:52:50 +09:30
gardners
9b51192144
More work on keyring management. Decrypting (but not verification)
...
of PKRs is now more or less there.
2012-04-12 07:52:50 +09:30
gardners
f10e9c15ca
Work towards keyring encryption/decryption.
2012-04-11 06:51:41 +09:30
gardners
1b5801b622
Move randombytes() from jni.c to keyring.c so that it is available
...
for the dna standalone binary.
Added code to initialise an empty keyring file with zeroed bitmap
and salt.
2012-04-10 13:49:18 +09:30
gardners
2b260402b5
Added keyring.c and begun work on routines to manipulate keyrings.
2012-04-10 12:56:32 +09:30