152 Commits

Author SHA1 Message Date
Jeremy Lakeman
83b6ecb453 Roll an in memory identity when the keyring is empty 2016-08-02 11:01:32 +09:30
Jeremy Lakeman
df6688c496 Add signing key to restful keyring API 2016-07-25 16:54:11 +09:30
Jeremy Lakeman
d028818c0b Detect combined identities & transmit them more efficiently 2016-07-25 15:50:43 +09:30
Jeremy Lakeman
bdc1db0090 Refactor remote identity locking to save memory 2016-07-05 11:30:10 +09:30
Jeremy Lakeman
848f01e7d3 Only log debug statements if a keyring identity cannot be opened 2016-05-31 13:51:54 +09:30
Jeremy Lakeman
16a14269af Encrypt payloads without needing a sender
- reworked keyring identity handling to reduce memory searching
2016-05-31 12:50:32 +09:30
Jeremy Lakeman
5feb67512c Generate encryption key from signing key for new identities 2016-05-09 10:51:52 +09:30
Jeremy Lakeman
bd47a8eb60 Use libsodium for retrieving random bytes 2016-05-09 10:32:04 +09:30
Jeremy Lakeman
e15e332072 Swap from included nacl to host libsodium 2016-05-09 10:32:04 +09:30
Jeremy Lakeman
231ab257e4 Define internal port bindings with section linking tricks 2016-03-07 15:50:34 +10:30
Jeremy Lakeman
d0da910b19 Avoid undefined behaviour as highlighted by clang 2016-01-27 16:27:47 +10:30
Jeremy Lakeman
953950a8ad Only log debug messages for keyring slots that fail validation 2016-01-12 15:05:41 +10:30
Andrew Bettison
90e02141d1 Reimplement WHY() macro without comma operator
GCC 4.9 and later warn about unused values produced by the comma
operator.  Since the -Wno-unused-value option was removed from the
non-Android Makefile.in, it will not compile the WHY() macro and its
variants, with the -Wall option.

This commit removes the comma operator from the WHY() macro and its
variants, and replaces it with a new inline wrapper function.

This commit also removes the WHYNULL() macro and fixes the three places
it was used.
2015-10-26 15:58:52 +10:30
Jeremy Lakeman
0c275e67ef Clean up compilation warnings 2015-10-19 13:45:57 +10:30
Jeremy Lakeman
2fdd23e864 Do not add name and number to seeded keyring entry 2015-09-28 12:04:13 +09:30
Jeremy Lakeman
79e8a94792 Add route_link.h 2015-09-28 11:58:48 +09:30
Andrew Bettison
b7ba297e31 Add TODO comments to randomise keyring slot allocation 2015-08-24 22:41:53 +09:30
Andrew Bettison
166a03c7c6 Remove useless safety checks 2015-08-24 22:41:53 +09:30
Andrew Bettison
7d9a5faa4e Move if(config.debug.xxx) tests into DEBUGF()
Original DEBUG() and DEBUGF() macros renamed to _DEBUG() and _DEBUGF()
New DEBUG() and DEBUGF() macros, first argument is flagname
New DEBUGF2(foo, bar, ...) macro does if(config.debug.foo||config.debug.bar) test
Replace almost all config.debug.xxx references to IF_DEBUG(xxx)
2015-07-13 16:00:05 +09:30
Andrew Bettison
d0317470c1 Fix test failure: create keyring
Was not overwriting keyring file.  Also refactored keyring structs to
replace off_t with size_t.
2015-02-23 13:24:05 +10:30
Jeremy Lakeman
6ab2cc5bb6 Only support one keyring pin per open file 2014-10-31 15:30:07 +10:30
Jeremy Lakeman
851144ea0a Refactor keyring identity iteration 2014-10-31 15:19:59 +10:30
Jeremy Lakeman
a37db8e958 Move most console commands to other files 2014-08-25 16:03:30 +09:30
Andrew Bettison
d436705e64 Fix conflict on UNUSED() macro from OpenJDK 7
The OpenJDK 7 recently introduced the UNUSED() macro in their jni_md.h
header file, which is included from <jni.h>.  This causes a
compile-error if "constants.h", which defines our own UNUSED() macro, is
included as well as <jni.h>.

The OpenJDK UNUSED() macro is unsuitable for our own use, because it
prefixes the unused identifier with "UNUSED_" whereas we depend on the
parameter name remaining unchanged.

I have reported this as a Request for Enhancement with Oracle Java,
asking them to remove the UNUSED() macro, since it is not used by any
JNI or Java extension header files.  Review ID: JI-9013689.

In the meantime, constants.h now undefines UNUSED before defining it, so
including <jni.h> before "constants.h" will avoid a compile error.
2014-07-23 11:55:55 +09:30
Andrew Bettison
bb677e50fd Refactor keyring open/seed out of server()
Now the keyring is opened and seeded before the server daemon process is
forked, and any keyring error prevents the server from starting

No longer necessary to pass a (cli_parsed*) argument to server()
2014-04-07 16:22:31 +09:30
Andrew Bettison
53c1b1c04c Filesystem Heirarchy Standard (FHS) paths
If no instance directory specified, then use paths like
/etc/serval/serval.conf
/var/cache/serval
/var/log/serval
/var/run/serval
etc. for files, instead of all in a single directory.

Log all directory creation as INFO messages.

Interpretation of log.file.directory_path has changed slightly.

Updated servald configuration tech doc.
2014-03-26 15:35:43 +10:30
Jeremy Lakeman
2480fb4a08 Migrate keyring sas commands 2014-02-19 16:37:45 +10:30
Jeremy Lakeman
487df0408d Refactor mdp packet processing to avoid using struct overlay_mdp_frame 2014-02-19 16:34:11 +10:30
Jeremy Lakeman
5f2c6e364a Refactor interface addresses to use new socket_address struct 2014-01-09 15:01:38 +10:30
Andrew Bettison
72040517e1 New enum rhizome_payload_status
Refactor a lot of Rhizome bundle storage code to use the new "enum
rhizome_payload_status" instead of mysterious int values to represent
the outcome of the operation.
2013-12-30 16:30:35 +10:30
Andrew Bettison
476a538ef7 Fix -Wsign-compare warnings in keyring: unsigned cn,in,kp 2013-12-10 16:34:35 +10:30
Andrew Bettison
5d741361ea Fix -Wsign-compare warnings: make loop counters unsigned 2013-12-10 16:21:23 +10:30
Andrew Bettison
30b2059608 Fix -Wunused-parameter warnings
New UNUSED(param) macro suppresses the warning for a specific parameter

In some cases, removed the unused parameters.  In others, used the
parameter in a DEBUGF() or assert() statement to document the intent.
2013-12-09 18:22:18 +10:30
Andrew Bettison
85448d5612 Fix bugs in keyring revealed by -Wunused-parameter 2013-12-09 18:19:58 +10:30
Andrew Bettison
9b64bb87e0 Uniform copyright notices
Added some missing copyright/license block comments
2013-12-04 17:15:36 +10:30
Andrew Bettison
42ab9aec4c Merge branch 'development' into 'naf4'
Remove two redundant calls to rhizome_retrieve_manifest() in meshms.c,
revealed by an assert() in the stricter manifest parsing code

Fix header files included by socket.h
2013-12-02 17:17:47 +10:30
Jeremy Lakeman
99d5d9fa1f Refactor dataformats into separate header 2013-11-27 13:11:42 +10:30
Jeremy Lakeman
0d5d878521 Refactor socket name and address length handling 2013-11-27 13:08:37 +10:30
Andrew Bettison
7564d529a1 Add missing copyright/license comment blocks
Update a few existing copyright notices to reflect recent work
2013-11-21 16:05:18 +10:30
Jeremy Lakeman
0b404b0260 Implement id list command 2013-11-13 12:00:46 +10:30
Jeremy Lakeman
ff1f1ff093 Allow tag primitives to be used outside of keyring entries 2013-11-13 12:00:05 +10:30
Jeremy Lakeman
9680b24f23 Add support for adding and updating tags in the keyring 2013-11-13 11:59:21 +10:30
Jeremy Lakeman
e5e95f00f8 Pass key length into unpack function 2013-11-13 11:59:18 +10:30
Jeremy Lakeman
8c03f18e5e Refactor keyring searching 2013-11-13 11:59:13 +10:30
Jeremy Lakeman
4434b1b65d Create keyring.h and move definitions there 2013-11-13 11:55:12 +10:30
Andrew Bettison
e00c945fd1 Merge branch 'naf4' into 'development'
Big refactor of Rhizome author and bundle secret handling.
2013-11-07 00:42:42 +10:30
Andrew Bettison
45442d3eb4 Rewrite bundle author authentication
Replaced 'int has_author' manifest element with new 'enum authorship'
element to record the result of author authentication, to avoid
repeating expensive crypto operations.

Separated the handling of bundle secret arguments from author lookup and
authentication.  The new rhizome_apply_bundle_secret(m,bsk) is now
called at the top level to set the manifest secret key (if it
validates), and thereafter there is no need to pass the 'bsk' argument
to any other functions, as they can simply check the 'haveSecret' field
of the manifest.

Removed rhizome_extract_privatekey() which combined author lookup and
bundle secret validation, and replaced it with functions that only deal
with the author: rhizome_lookup_author() and rhizome_authenticate_author().

Renamed other functions to make their purpose and effect clearer.

Formalised the semantics of only storing AUTHENTICATED author SIDs in
the 'author' column of the MANIFESTS table, which necessitated a change
to a 'rhizomeops' test case: when adding a file using a BK-less
manifest, the author column is set to null, so the Rhizome list output
does not show the bundle as ".fromhere" and does not give an author for
that bundle.
2013-11-06 23:58:17 +10:30
Dan Staples
f1d817463e fixed keyring-related memory leaks 2013-11-06 14:30:35 +10:30
Andrew Bettison
05d4215752 Add 'strlen' argument to strn_fromprint() 2013-10-25 00:19:58 +10:30
Jeremy Lakeman
b8ec568711 Send 3-way request to stop routing an identity 2013-10-14 14:40:19 +10:30