int save_normal(save_ptr *dest, const u8* src, int size, u32 tag)
{
write_u32(*dest,tag);
write_u32(*dest,size);
write_mem_block(*dest,src,size);
return size;
}
int wav_header_encode(FILE *f, uint16_t format, uint16_t channels,
uint32_t srate, uint16_t bps, size_t bytes)
{
int err;
err = chunk_encode(f, "RIFF", 36 + bytes);
if (err)
return err;
if (1 != fwrite("WAVE", 4, 1, f))
return ferror(f);
err = chunk_encode(f, "fmt ", WAVE_FMT_SIZE);
if (err)
return err;
err = write_u16(f, format);
err |= write_u16(f, channels);
err |= write_u32(f, srate);
err |= write_u32(f, srate * channels * bps / 8);
err |= write_u16(f, channels * bps / 8);
err |= write_u16(f, bps);
if (err)
return err;
return chunk_encode(f, "data", bytes);
}
static void write_gcda(char *addr, struct gcov_info* gi)
{
const char* filename = SKIBOOT_ADDR(addr, gi->filename);
int fd;
u32 fn;
struct gcov_fn_info *fn_info;
struct gcov_fn_info **functions;
struct gcov_ctr_info *ctr_info;
u32 ctr;
u32 cv;
printf("Writing %s\n", filename);
fd = open(filename, O_WRONLY|O_CREAT|O_TRUNC, S_IRUSR|S_IWUSR);
write_u32(fd, GCOV_DATA_MAGIC);
write_u32(fd, be32toh(gi->version));
write_u32(fd, be32toh(gi->stamp));
//printf("nfunctions: %d \n", be32toh(gi->n_functions));
for(fn = 0; fn < be32toh(gi->n_functions); fn++) {
functions = (struct gcov_fn_info**)
SKIBOOT_ADDR(addr, gi->functions);
fn_info = (struct gcov_fn_info*)
SKIBOOT_ADDR(addr, functions[fn]);
write_u32(fd, GCOV_TAG_FUNCTION);
write_u32(fd, GCOV_TAG_FUNCTION_LENGTH);
write_u32(fd, be32toh(fn_info->ident));
write_u32(fd, be32toh(fn_info->lineno_checksum));
write_u32(fd, be32toh(fn_info->cfg_checksum));
ctr_info = (struct gcov_ctr_info*)
((char*)fn_info + sizeof(struct gcov_fn_info));
for(ctr = 0; ctr < GCOV_COUNTERS; ctr++) {
if (!counter_active(gi, ctr))
continue;
write_u32(fd, (GCOV_TAG_FOR_COUNTER(ctr)));
write_u32(fd, be32toh(ctr_info->num)*2);
/* printf(" ctr %d gcov_ctr_info->num %u\n",
* ctr, be32toh(ctr_info->num));
*/
for(cv = 0; cv < be32toh(ctr_info->num); cv++) {
gcov_type *ctrv = (gcov_type *)
SKIBOOT_ADDR(addr, ctr_info->values);
//printf("%lx\n", be64toh(ctrv[cv]));
write_u64(fd, be64toh(ctrv[cv]));
}
ctr_info++;
}
}
close(fd);
}
void type_write(type_t t, type_wr_ctx_t ctx)
{
fbuf_t *f = tree_write_file(ctx->tree_ctx);
if (t == NULL) {
write_u16(UINT16_C(0xffff), f); // Null marker
return;
}
if (t->generation == ctx->generation) {
// Already visited this type
write_u16(UINT16_C(0xfffe), f); // Back reference marker
write_u32(t->index, f);
return;
}
t->generation = ctx->generation;
t->index = (ctx->n_types)++;
write_u16(t->kind, f);
// Call type_ident here to generate an arbitrary name if needed
ident_write(type_ident(t), ctx->ident_ctx);
const uint32_t has = has_map[t->kind];
const int nitems = __builtin_popcount(has);
uint32_t mask = 1;
for (int n = 0; n < nitems; mask <<= 1) {
if (has & mask) {
if (ITEM_TYPE_ARRAY & mask) {
type_array_t *a = &(t->items[n].type_array);
write_u16(a->count, f);
for (unsigned i = 0; i < a->count; i++)
type_write(a->items[i], ctx);
}
else if (ITEM_TYPE & mask)
type_write(t->items[n].type, ctx);
else if (ITEM_TREE & mask)
tree_write(t->items[n].tree, ctx->tree_ctx);
else if (ITEM_TREE_ARRAY & mask) {
tree_array_t *a = &(t->items[n].tree_array);
write_u16(a->count, f);
for (unsigned i = 0; i < a->count; i++)
tree_write(a->items[i], ctx->tree_ctx);
}
else if (ITEM_RANGE_ARRAY & mask) {
range_array_t *a = &(t->items[n].range_array);
write_u16(a->count, f);
for (unsigned i = 0; i < a->count; i++) {
write_u8(a->items[i].kind, f);
tree_write(a->items[i].left, ctx->tree_ctx);
tree_write(a->items[i].right, ctx->tree_ctx);
}
}
else
item_without_type(mask);
n++;
}
}
}
static int chunk_encode(FILE *f, const char *id, size_t sz)
{
if (1 != fwrite(id, 4, 1, f))
return ferror(f);
return write_u32(f, (uint32_t)sz);
}
static void do_test_libeprom24x(void)
{
int value;
do {
print_menu();
printf("Enter choice : ");
scanf("%d",&value);
switch(value) {
case 1:
get_prod_info();
break;
case 2:
get_last_error();
break;
case 3:
initialize();
break;
case 4:
finalize();
break;
case 5:
read_u8();
break;
case 6:
read_u16();
break;
case 7:
read_u32();
break;
case 8:
read_to_buffer();
break;
case 9:
write_u8();
break;
case 10:
write_u16();
break;
case 11:
write_u32();
break;
case 12:
write_from_buffer();
break;
case 13:
erase_chip();
break;
case 100: /* Exit */
break;
default:
printf("Illegal choice!\n");
}
} while (value != 100);
return;
}
static int establish_symmetric_cipher(struct openssl_session_auth_context* ctx, const char* client_certificate, int client_certificate_length) {
int ret = 0;
char symmetric_key[MAX_SANE_KEY_LENGTH];
char* encrypted_data = NULL;
int encrypted_length;
get_random_key(symmetric_key, module_context->symmetric_cipher.key_length);
if ( encrypt_data(client_certificate, client_certificate_length, symmetric_key, module_context->symmetric_cipher.key_length, &encrypted_data, &encrypted_length) ) {
printf("Failed to encrypt symmetric key\n");
goto failed;
}
if ( write_u32(ctx, encrypted_length) != 4 ) {
printf("Failed to send encrypted key length\n");
goto failed;
}
if ( openssl_local_write(ctx, encrypted_data, encrypted_length) != encrypted_length ) {
printf("Failed to encrypted symmetric key\n");
goto failed;
}
if ( write_u32(ctx, strlen(module_context->symmetric_cipher.kernel_cipher_name) + 1) != 4 ) {
printf("Failed to send alg name length\n");
goto failed;
}
/* Set encryptor before sending last message to the client so that we are ready to encrypted enc messages when the auth protocol is done */
ctx->fid->conn->encryptor = new_openssl_crypt(module_context->symmetric_cipher.openssl_cipher_name, symmetric_key, module_context->symmetric_cipher.key_length);
if ( openssl_local_write(ctx, module_context->symmetric_cipher.kernel_cipher_name, strlen(module_context->symmetric_cipher.kernel_cipher_name) + 1) < 0) {
printf("Failed to send symmetric cipher name\n");
goto failed;
}
goto done;
failed:
ret = -1;
done:
free(encrypted_data);
return ret;
}
static void group_write_netdb(tree_t top, group_nets_ctx_t *ctx)
{
char *name = xasprintf("_%s.netdb", istr(tree_ident(top)));
fbuf_t *f = lib_fbuf_open(lib_work(), name, FBUF_OUT);
if (f == NULL)
fatal("failed to create net database file %s", name);
free(name);
for (group_t *it = ctx->groups; it != NULL; it = it->next) {
write_u32(it->gid, f);
write_u32(it->first, f);
write_u32(it->length, f);
}
write_u32(GROUPID_INVALID, f);
fbuf_close(f);
}
u32 xbinary_writer::write(u32 b)
{
if (_can_write(len_, cursor_, sizeof(b)))
{
write_u32(buffer_ + cursor_, b);
cursor_ += sizeof(b);
return sizeof(b);
}
return 0;
}
int blob_encode_t::output(int n,char ** &s_arr,int & len)
{
len=round_up_div(current_len,n);
write_u32(input_buf,counter);
for(int i=0;i<n;i++)
{
output_buf[i]=input_buf+len*i;
}
s_arr=output_buf;
return 0;
}
void output_write(const char *filename)
{
unsigned int i;
struct lump *lump;
unsigned int pos = 12;
FILE *out;
// calculate wad directory offsets
for (i = numlumps, lump = dir; i; i--, lump++)
{
lump->offset = pos;
pos += lump->size;
}
out = fopen(filename, "wb");
if (!out)
die("Cannot open %s\n", filename);
// write wad header
fwrite("PWAD", 4, 1, out);
write_u32(out, numlumps);
write_u32(out, pos);
// write lumps
for (i = numlumps, lump = dir; i; i--, lump++)
fwrite(lump->data, lump->size, 1, out);
// write wad directory
for (i = numlumps, lump = dir; i; i--, lump++)
{
write_u32(out, lump->offset);
write_u32(out, lump->size);
write_ch8(out, lump->name);
}
fclose(out);
}
static void write_u32_func(void** state) {
char buf[27];
char comp_buf[27];
uint32_t value = 0;
uint32_t idx = 0;
for(uint32_t i = 0; i < CHAR_SIZE; i += 4) {
value = (('a' + i) << 24) | (('b' + i) << 16) | (('c' + i) << 8) | ('d' + i);
sprintf(comp_buf + i, "%c%c%c%c%c", 'a' + i, 'b' + i, 'c' + i, 'd' + i, '\0');
write_u32(buf, value, &idx);
buf[idx] = '\0';
assert_string_equal(buf, comp_buf);
}
}
static int execute_openssl_auth_protocol(struct openssl_session_auth_context* ctx) {
u32 client_certificate_length, server_certificate_length, private_key_length;
char* client_certificate = NULL;
char* server_certificate = NULL;
char* private_key = NULL;
int auth_result = 0;
node_security_mode required_security_mode;
int auth_mode = 2;
uid_t user;
struct in_addr remote_addr;
int ret;
ctx->status = AS_INPROGRESS;
if ( ctx->fid->user == NULL ) {
ctx->status = AS_REJECTED;
pthread_cond_broadcast(&ctx->cond);
return 0;
}
user = ctx->fid->user->uid;
convert_addr(ctx->fid->conn->address, &remote_addr);
required_security_mode = get_security_mode(user, remote_addr);
if ( required_security_mode == REJECT ) {
ctx->status = AS_REJECTED;
pthread_cond_broadcast(&ctx->cond);
return 0;
}
if ( required_security_mode == OPEN || required_security_mode == ENCRYPTED ) /* TODO: only encryption with no auth is not supported yet */
auth_mode= 0;
else if ( required_security_mode == AUTHENTICATED )
auth_mode = 1;
else if ( required_security_mode == SECURED )
auth_mode = 2;
if ( write_u32(ctx, auth_mode) != 4 ) {
printf("Failed to send required mode to the client\n");
ctx->status = AS_REJECTED;
pthread_cond_broadcast(&ctx->cond);
return 0;
}
if ( !auth_mode ) { /* Authentication is not required => we are done */
ctx->status = AS_ACCEPTED;
pthread_cond_broadcast(&ctx->cond);
printf("Auth is not required for uid %d from host %s\n", user, ctx->fid->conn->address);
return 1;
}
ret = exchange_certificates(ctx, &client_certificate, &client_certificate_length, &server_certificate, &server_certificate_length, &remote_addr);
if ( ret )
goto failed;
if ( load_private_key(module_context->path_to_privatekey, module_context->privatekey_password, &private_key, &private_key_length) ) {
printf("Failed to load private key\n");
goto failed;
}
ret = verify_private_key_ownership(ctx, private_key, private_key_length, client_certificate, client_certificate_length);
if ( ret )
goto failed;
if ( auth_mode == 2 ) { // If encryption is required
ret = establish_symmetric_cipher(ctx, client_certificate, client_certificate_length);
if ( ret )
goto failed;
}
ctx->status = AS_ACCEPTED;
failed:
free(private_key);
free(server_certificate);
free(client_certificate);
if ( ctx->status == AS_INPROGRESS )
ctx->status = AS_REJECTED;
pthread_cond_broadcast(&ctx->cond);
return auth_result;
}
int fec_encode_manager_t::input(char *s,int len/*,int &is_first_packet*/)
{
if(counter==0&&dynamic_update_fec)
{
fec_data_num=g_fec_data_num;
fec_redundant_num=g_fec_redundant_num;
fec_mtu=g_fec_mtu;
fec_queue_len=g_fec_queue_len;
fec_timeout=g_fec_timeout;
fec_mode=g_fec_mode;
}
int about_to_fec=0;
int delayed_append=0;
//int counter_back=counter;
assert(fec_mode==0||fec_mode==1);
if(fec_mode==0&& s!=0 &&counter==0)
{
int out_len=blob_encode.get_shard_len(fec_data_num,len);
if(out_len>fec_mtu)
{
mylog(log_warn,"message too long ori_len=%d out_len=%d fec_mtu=%d,ignored\n",len,out_len,fec_mtu);
return -1;
}
}
if(fec_mode==1&&s!=0&&len>fec_mtu)
{
mylog(log_warn,"mode==1,message len=%d,len>fec_mtu,fec_mtu=%d,packet may not be delivered\n",len,fec_mtu);
//return -1;
}
if(s==0&&counter==0)
{
mylog(log_warn,"unexpected s==0&&counter==0\n");
return -1;
}
if(s==0) about_to_fec=1;//now
if(fec_mode==0&& blob_encode.get_shard_len(fec_data_num,len)>fec_mtu) {about_to_fec=1; delayed_append=1;}//fec then add packet
if(fec_mode==0) assert(counter<fec_queue_len);//counter will never equal fec_pending_num,if that happens fec should already been done.
if(fec_mode==1) assert(counter<fec_data_num);
if(s!=0&&!delayed_append)
{
append(s,len);
}
if(fec_mode==0&& counter==fec_queue_len) about_to_fec=1;
if(fec_mode==1&& counter==fec_data_num) about_to_fec=1;
if(about_to_fec)
{
char ** blob_output=0;
int fec_len=-1;
mylog(log_trace,"counter=%d\n",counter);
if(counter==0)
{
mylog(log_warn,"unexpected counter==0 here\n");
return -1;
}
int actual_data_num;
int actual_redundant_num;
if(fec_mode==0)
{
actual_data_num=fec_data_num;
actual_redundant_num=fec_redundant_num;
if(short_packet_optimize)
{
u32_t best_len=(blob_encode.get_shard_len(fec_data_num,0)+header_overhead)*(fec_data_num+fec_redundant_num);
int best_data_num=fec_data_num;
for(int i=1;i<actual_data_num;i++)
{
u32_t shard_len=blob_encode.get_shard_len(i,0);
if(shard_len>(u32_t)fec_mtu) continue;
u32_t new_len=(shard_len+header_overhead)*(i+fec_redundant_num);
if(new_len<best_len)
{
best_len=new_len;
best_data_num=i;
}
}
actual_data_num=best_data_num;
actual_redundant_num=fec_redundant_num;
mylog(log_trace,"actual_data_num=%d actual_redundant_num=%d\n",best_data_num,fec_redundant_num);
}
assert(blob_encode.output(actual_data_num,blob_output,fec_len)==0);
}
else
{
actual_data_num=counter;
actual_redundant_num=fec_redundant_num;
for(int i=0;i<counter;i++)
{
assert(input_len[i]>=0);
if(input_len[i]>fec_len) fec_len=input_len[i];
}
}
mylog(log_trace,"%d %d %d\n",actual_data_num,actual_redundant_num,fec_len);
char *tmp_output_buf[max_fec_packet_num+5]={0};
for(int i=0;i<actual_data_num+actual_redundant_num;i++)
{
int tmp_idx=0;
write_u32(input_buf[i] + tmp_idx, seq);
tmp_idx += sizeof(u32_t);
input_buf[i][tmp_idx++] = (unsigned char) fec_mode;
if (fec_mode == 1 && i < actual_data_num)
{
input_buf[i][tmp_idx++] = (unsigned char) 0;
input_buf[i][tmp_idx++] = (unsigned char) 0;
} else
{
input_buf[i][tmp_idx++] = (unsigned char) actual_data_num;
input_buf[i][tmp_idx++] = (unsigned char) actual_redundant_num;
}
input_buf[i][tmp_idx++] = (unsigned char) i;
tmp_output_buf[i]=input_buf[i]+tmp_idx; //////caution ,trick here.
if(fec_mode==0)
{
output_len[i]=tmp_idx+fec_len;
if(i<actual_data_num)
{
memcpy(input_buf[i]+tmp_idx,blob_output[i],fec_len);
}
}
else
{
if(i<actual_data_num)
{
output_len[i]=tmp_idx+input_len[i];
memset(tmp_output_buf[i]+input_len[i],0,fec_len-input_len[i]);
}
else
output_len[i]=tmp_idx+fec_len;
}
output_buf[i]=input_buf[i];//output_buf points to same block of memory with different offset
}
if(0)
{
printf("seq=%u,fec_len=%d,%d %d,before fec\n",seq,fec_len,actual_data_num,actual_redundant_num);
for(int i=0;i<actual_data_num;i++)
{
printf("{");
for(int j=0;j<8+fec_len;j++)
{
log_bare(log_warn,"0x%02x,",(u32_t)(unsigned char)input_buf[i][j]);
}
printf("},\n");
//log_bare(log_warn,"")
}
}
//output_len=blob_len+sizeof(u32_t)+4*sizeof(char);/////remember to change this 4,if modified the protocol
rs_encode2(actual_data_num,actual_data_num+actual_redundant_num,tmp_output_buf,fec_len);
if(0)
{
printf("seq=%u,fec_len=%d,%d %d,after fec\n",seq,fec_len,actual_data_num,actual_redundant_num);
for(int i=0;i<actual_data_num+actual_redundant_num;i++)
{
printf("{");
for(int j=0;j<8+fec_len;j++)
{
log_bare(log_warn,"0x%02x,",(u32_t)(unsigned char)output_buf[i][j]);
}
printf("},\n");
//log_bare(log_warn,"")
}
}
//mylog(log_trace,"!!! s= %d\n");
assert(ready_for_output==0);
ready_for_output=1;
first_packet_time_for_output=first_packet_time;
first_packet_time=0;
seq++;
counter=0;
output_n=actual_data_num+actual_redundant_num;
blob_encode.clear();
itimerspec its;
memset(&its,0,sizeof(its));
timerfd_settime(timer_fd,TFD_TIMER_ABSTIME,&its,0);
if(encode_fast_send&&fec_mode==1)
{
int packet_to_send[max_fec_packet_num+5]={0};
int packet_to_send_counter=0;
//assert(counter!=0);
if(s!=0)
packet_to_send[packet_to_send_counter++]=actual_data_num-1;
for(int i=actual_data_num;i<actual_data_num+actual_redundant_num;i++)
{
packet_to_send[packet_to_send_counter++]=i;
}
output_n=packet_to_send_counter;//re write
for(int i=0;i<packet_to_send_counter;i++)
{
output_buf[i]=output_buf[packet_to_send[i]];
output_len[i]=output_len[packet_to_send[i]];
}
}
}
else
{
if(encode_fast_send&&s!=0&&fec_mode==1)
{
assert(counter>=1);
assert(counter<=255);
int input_buf_idx=counter-1;
assert(ready_for_output==0);
ready_for_output=1;
first_packet_time_for_output=0;
output_n=1;
int tmp_idx=0;
write_u32(input_buf[input_buf_idx]+tmp_idx,seq);
tmp_idx+=sizeof(u32_t);
input_buf[input_buf_idx][tmp_idx++]=(unsigned char)fec_mode;
input_buf[input_buf_idx][tmp_idx++]=(unsigned char)0;
input_buf[input_buf_idx][tmp_idx++]=(unsigned char)0;
input_buf[input_buf_idx][tmp_idx++]=(unsigned char)((u32_t)input_buf_idx);
output_len[0]=input_len[input_buf_idx]+tmp_idx;
output_buf[0]=input_buf[input_buf_idx];
if(0)
{
printf("seq=%u,buf_idx=%d\n",seq,input_buf_idx);
for(int j=0;j<output_len[0];j++)
{
log_bare(log_warn,"0x%02x,",(u32_t)(unsigned char)output_buf[0][j]);
}
printf("\n");
}
}
}
if(s!=0&&delayed_append)
{
assert(fec_mode!=1);
append(s,len);
}
return 0;
}
static int verify_private_key_ownership(struct openssl_session_auth_context* ctx, const char* private_key, int private_key_length, const char* client_certificate, int client_certificate_length) {
char* x_buffer = NULL, *y_buffer = NULL, *concat_buffer = NULL;
int ret, tmp;
char* yx_signature = NULL, *xy_signature = NULL;
int yx_signature_length, xy_signature_length;
x_buffer = malloc(XY_RANDOM_DATA_LENGTH);
y_buffer = malloc(XY_RANDOM_DATA_LENGTH);
concat_buffer = malloc(2*XY_RANDOM_DATA_LENGTH);
if ( !x_buffer || !y_buffer || !concat_buffer )
goto failed;
get_random_key(x_buffer, XY_RANDOM_DATA_LENGTH);
if ( write_u32(ctx, XY_RANDOM_DATA_LENGTH) != 4 ) {
printf("Failed to x buffer size\n");
goto failed;
}
if ( openssl_local_write(ctx, x_buffer, XY_RANDOM_DATA_LENGTH) != XY_RANDOM_DATA_LENGTH ) {
printf("Failed to send x buffer\n");
goto failed;
}
if ( openssl_local_read(ctx, XY_RANDOM_DATA_LENGTH, y_buffer, &tmp) < XY_RANDOM_DATA_LENGTH ) {
printf( "Failed to read y buffer\n");
goto failed;
}
memcpy(concat_buffer,y_buffer, XY_RANDOM_DATA_LENGTH);
memcpy(concat_buffer+XY_RANDOM_DATA_LENGTH,x_buffer, XY_RANDOM_DATA_LENGTH);
yx_signature_length = read_u32(ctx);
if ( yx_signature_length == READ_ERROR ) {
printf("Failed to read yx signature length\n");
goto failed;
}
yx_signature = malloc(yx_signature_length);
if ( !yx_signature )
goto failed;
if ( openssl_local_read(ctx, yx_signature_length, yx_signature, &tmp) < yx_signature_length ) {
printf("Failed to read yx signature\n");
goto failed;
}
ret = verify_signature(client_certificate, client_certificate_length, concat_buffer, 2*XY_RANDOM_DATA_LENGTH, yx_signature, yx_signature_length);
if ( ret ) {
printf("Failed to verify yx signature\n");
goto failed;
}
memcpy(concat_buffer,x_buffer, XY_RANDOM_DATA_LENGTH);
memcpy(concat_buffer+XY_RANDOM_DATA_LENGTH,y_buffer, XY_RANDOM_DATA_LENGTH);
ret = sign_data(private_key, private_key_length, concat_buffer, 2*XY_RANDOM_DATA_LENGTH, &xy_signature, &xy_signature_length);
if ( ret ) {
printf("Failed to sign xy buffer\n");
goto failed;
}
if ( write_u32(ctx, xy_signature_length) != 4) {
printf("Failed to send xy signature length\n");
goto failed;
}
/* Send server certificate */
if ( openssl_local_write(ctx, xy_signature, xy_signature_length) != xy_signature_length ) {
printf("Failed to send xy signature\n");
goto failed;
}
goto done;
failed:
ret = -1;
done:
free(x_buffer);
free(y_buffer);
free(concat_buffer);
free(xy_signature);
free(yx_signature);
return ret;
};
static int exchange_certificates(struct openssl_session_auth_context* ctx, char** client_certificate, u32* client_certificate_length, char** server_certificate, u32* server_certificate_length, struct in_addr* remote_addr) {
int ret, server_cert_verification_result_code, client_cert_verification_result_code;
char* common_name = NULL;
u32 common_name_length;
/* Load server certificate */
if( load_cert(module_context->path_to_publickey, server_certificate, server_certificate_length) || *server_certificate_length <= 0 ) {
printf("Failed to load public key: %s\n", module_context->path_to_publickey);
goto failed;
}
/* Just check if we are able to verify certificate against our own CA */
if ( verify_cert(*server_certificate, *server_certificate_length, &common_name, &common_name_length) ) {
printf("Failed to verify own certificate against the CA. Cert file: %s\n", module_context->path_to_publickey);
goto failed;
}
/* Send server certificate length */
if ( write_u32(ctx, *server_certificate_length) != 4) {
printf("Failed to send server certificate length\n");
goto failed;
}
/* Send server certificate */
if ( openssl_local_write(ctx, *server_certificate, *server_certificate_length) != *server_certificate_length ) {
printf("Failed to send server certificate\n");
goto failed;
}
/* Reads verification result of server certificate validation by the client */
server_cert_verification_result_code = read_u32(ctx);
if ( server_cert_verification_result_code == READ_ERROR ) {
printf("Failed to read client response on server certificate validation\n");
goto failed;
} else if ( server_cert_verification_result_code == 0 ) {
printf("Client failed to validate server certificate\n");
goto failed;
}
/* Reads client certificate length */
*client_certificate_length = read_u32(ctx);
if ( *client_certificate_length == READ_ERROR ) {
printf("Failed to read client certificate length\n");
goto failed;
}
/* Reads client certificate */
*client_certificate = malloc(*client_certificate_length);
if ( *client_certificate == NULL )
goto failed;
if ( openssl_local_read(ctx, *client_certificate_length, *client_certificate, client_certificate_length) < *client_certificate_length ) {
printf( "Failed to read client certificate\n");
goto failed;
}
/* Verifies client certificate against CA */
ret = verify_cert(*client_certificate, *client_certificate_length, &common_name, &common_name_length);
if ( ret ) {
client_cert_verification_result_code = 0;
printf("Failed to validate client certificate against CA\n");
} else {
/* Certificate is signed by the trusted CA, now we have to check whether the remote node ip matches certificate ip */
char remote_ip[100];
inet_ntop(AF_INET, remote_addr, remote_ip, 100);
//printf("Remote addr: %s\n",remote_ip);
if ( strcmp(remote_ip, common_name) != 0 ) {
client_cert_verification_result_code = 0;
printf("Client certificate is signed by CA, but is issued for a different client. Current client is %s, but the certificate is for %s\n", remote_ip, common_name);
} else {
client_cert_verification_result_code = 1;
}
}
if ( client_cert_verification_result_code == 1) {
ret = 0;
} else {
ret = -1;
}
/* Send client certificate verification result */
if ( write_u32(ctx, client_cert_verification_result_code) != 4 ) {
printf("Failed to send server certificate length\n");
goto failed;
}
goto done;
failed:
ret = -1;
done:
free(common_name);
return ret;
};
// init new thread and append at the beginning of the queue
int createThread(void (*startFun)(void* args, int len), void *args, int len, int prio, int newProcess)
{
if(thread.free_elems)
{
q_elem *newfree = thread.free_elems;
thread.free_elems = thread.free_elems->next;
thread.free_elems->prev = 0;
newfree->next = thread.head;
// if we're not adding the idle thread and prio is
// less than zero throw error
if(thread.thread_count>0 && prio<=0)
{
return -2;
}
else
{
newfree->priority = prio;
}
appendElem(newfree, &thread.head);
// we're going to copy args to begining of thread stack
int argbuffer[32]; // if it is a new thread we need to copy data into kernel
// space so we can copy it to the new thread
if(newProcess)
{
len = len>32?32:len; // no buffer overflow ;)
int i;
for(i=0;i<len;i++)
{
argbuffer[i] = ((int *) args)[i];
}
args=argbuffer;
unsigned int newpid;
for(newpid=0;threadsPerPidCount[newpid] && newpid<MAX_PIDS;newpid++);
if(newpid==MAX_PIDS)
return -1;
int newMemAdr = nextFreeBlock();
if(newMemAdr==-1)
return -1;
newMemAdr+=0xA;
mmap(newpid, 0xA, newMemAdr, mmu_readwrite); // data segment - just one per process
newfree->tcb.pid = newpid;
set_ttbr0(get_mmu(newpid)); // load new table
tlbiall(); // flush tlb
}
else
{
newfree->tcb.pid = thread.current->tcb.pid;
}
threadsPerPidCount[newfree->tcb.pid]++;
int newMemAdr = nextFreeBlock();
if(newMemAdr==-1)
return -1;
newMemAdr+=0xA;
mmap(newfree->tcb.pid, 0xB+newfree->id, newMemAdr, mmu_readwrite); // stack one for each thread
newfree->tcb.regs[0] = 0xBffffc + (newfree->id<<20) - (len<<2);
newfree->tcb.regs[1] = len;
// SP = USR BASE + Thread Count Offset 64k - args (copied to stack)
newfree->tcb.regs[13] = newfree->tcb.regs[0]; // sp
newfree->tcb.regs[14] = (int) &exitThread; // lr
//printf("set LR to: %x\r\n", thread.head->tcb.regs[14]);
newfree->tcb.regs[15] = (int) startFun; // pc
// init cpsr, user mode enable IRQs, no thumb no FIQ
newfree->tcb.cpsr = 0b1010000;
// copy args to stack
int i;
int curAddr = newfree->tcb.regs[13];
for(i=0;i<len;i++)
{
int arg = ((int *) args)[i];
write_u32(curAddr,arg);
curAddr+=4;
}
thread.thread_count++;
thread.threads_ready++;
if(newProcess && thread.current)
{
set_ttbr0(get_mmu(thread.current->tcb.pid)); // load current table
tlbiall(); // flush tlb
}
// if there was currently just the idle Thread read
// and we got a new one -> force reschedule!
if(thread.threads_ready==2)
{
// setTimer(0);
#if DEBUG
kprintf("create force \r\n");
#endif
force_reschedule=1;
}
return 1;
}
else
return -1;
}