Add tcpdump and libpcap.

- Update the file builder generator to handle generator specific cflags and includes. The tcpdump and libpcap have localised headers and need specific headers paths to see them. There are also module specific flags and these need to be passed to the lex and yacc generators. - Add the tcpdump support.
author: Chris Johns <chrisj@rtems.org> 2015-06-15 17:42:23 +1000
committer: Chris Johns <chrisj@rtems.org> 2015-06-15 17:42:23 +1000
commit: 8440506ee8945ad57f5e20e9962084d67808eb22 (patch)
tree: 38f567b1c56846b88f5f0828bd244b05519998ba /freebsd/contrib/tcpdump/signature.c
parent: Update LibBSD doco. (diff)
download: rtems-libbsd-8440506ee8945ad57f5e20e9962084d67808eb22.tar.bz2
1 files changed, 161 insertions, 0 deletions
diff --git a/freebsd/contrib/tcpdump/signature.c b/freebsd/contrib/tcpdump/signature.c
new file mode 100644
index 00000000..373b33a0
--- /dev/null
+++ b/freebsd/contrib/tcpdump/signature.c
@@ -0,0 +1,161 @@
+#include <machine/rtems-bsd-user-space.h>
+
+/* 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that: (1) source code
+ * distributions retain the above copyright notice and this paragraph
+ * in its entirety, and (2) distributions including binary code include
+ * the above copyright notice and this paragraph in its entirety in
+ * the documentation or other materials provided with the distribution.
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND
+ * WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, WITHOUT
+ * LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE.
+ *
+ * Functions for signature and digest verification.
+ * 
+ * Original code by Hannes Gredler (hannes@juniper.net)
+ */
+
+#ifndef lint
+static const char rcsid[] _U_ =
+    "@(#) $Header: /tcpdump/master/tcpdump/signature.c,v 1.2 2008-09-22 20:22:10 guy Exp $ (LBL)";
+#endif
+
+#ifdef HAVE_CONFIG_H
+#include "config.h"
+#endif
+
+#include <tcpdump-stdinc.h>
+
+#include <string.h>
+
+#include "interface.h"
+#include "signature.h"
+
+#ifdef HAVE_LIBCRYPTO
+#include <openssl/md5.h>
+#endif
+
+const struct tok signature_check_values[] = {
+    { SIGNATURE_VALID, "valid"},
+    { SIGNATURE_INVALID, "invalid"},
+    { CANT_CHECK_SIGNATURE, "unchecked"},
+    { 0, NULL }
+};
+
+
+#ifdef HAVE_LIBCRYPTO
+/*
+ * Compute a HMAC MD5 sum.
+ * Taken from rfc2104, Appendix.
+ */
+static void
+signature_compute_hmac_md5(const u_int8_t *text, int text_len, unsigned char *key,
+                           unsigned int key_len, u_int8_t *digest)
+{
+    MD5_CTX context;
+    unsigned char k_ipad[65];    /* inner padding - key XORd with ipad */
+    unsigned char k_opad[65];    /* outer padding - key XORd with opad */
+    unsigned char tk[16];
+    int i;
+
+    /* if key is longer than 64 bytes reset it to key=MD5(key) */
+    if (key_len > 64) {
+
+        MD5_CTX tctx;
+
+        MD5_Init(&tctx);
+        MD5_Update(&tctx, key, key_len);
+        MD5_Final(tk, &tctx);
+
+        key = tk;
+        key_len = 16;
+    }
+
+    /*
+     * the HMAC_MD5 transform looks like:
+     *
+     * MD5(K XOR opad, MD5(K XOR ipad, text))
+     *
+     * where K is an n byte key
+     * ipad is the byte 0x36 repeated 64 times
+     * opad is the byte 0x5c repeated 64 times
+     * and text is the data being protected
+     */
+
+    /* start out by storing key in pads */
+    memset(k_ipad, 0, sizeof k_ipad);
+    memset(k_opad, 0, sizeof k_opad);
+    memcpy(k_ipad, key, key_len);
+    memcpy(k_opad, key, key_len);
+
+    /* XOR key with ipad and opad values */
+    for (i=0; i<64; i++) {
+        k_ipad[i] ^= 0x36;
+        k_opad[i] ^= 0x5c;
+    }
+
+    /*
+     * perform inner MD5
+     */
+    MD5_Init(&context);                   /* init context for 1st pass */
+    MD5_Update(&context, k_ipad, 64);     /* start with inner pad */
+    MD5_Update(&context, text, text_len); /* then text of datagram */
+    MD5_Final(digest, &context);          /* finish up 1st pass */
+
+    /*
+     * perform outer MD5
+     */
+    MD5_Init(&context);                   /* init context for 2nd pass */
+    MD5_Update(&context, k_opad, 64);     /* start with outer pad */
+    MD5_Update(&context, digest, 16);     /* then results of 1st hash */
+    MD5_Final(digest, &context);          /* finish up 2nd pass */
+}
+#endif
+
+#ifdef HAVE_LIBCRYPTO
+/*
+ * Verify a cryptographic signature of the packet.
+ * Currently only MD5 is supported.
+ */
+int
+signature_verify (const u_char *pptr, u_int plen, u_char *sig_ptr)
+{
+    u_int8_t rcvsig[16];
+    u_int8_t sig[16];
+    unsigned int i;
+
+    /*
+     * Save the signature before clearing it.
+     */
+    memcpy(rcvsig, sig_ptr, sizeof(rcvsig));
+    memset(sig_ptr, 0, sizeof(rcvsig));
+
+    if (!sigsecret) {
+        return (CANT_CHECK_SIGNATURE);
+    }
+
+    signature_compute_hmac_md5(pptr, plen, (unsigned char *)sigsecret,
+                               strlen(sigsecret), sig);
+
+    if (memcmp(rcvsig, sig, sizeof(sig)) == 0) {
+        return (SIGNATURE_VALID);
+
+    } else {
+
+        for (i = 0; i < sizeof(sig); ++i) {
+            (void)printf("%02x", sig[i]);
+        }
+
+        return (SIGNATURE_INVALID);
+    }
+}
+#endif
+
+/*
+ * Local Variables:
+ * c-style: whitesmith
+ * c-basic-offset: 4
+ * End:
+ */
author	Chris Johns <chrisj@rtems.org>	2015-06-15 17:42:23 +1000
committer	Chris Johns <chrisj@rtems.org>	2015-06-15 17:42:23 +1000
commit	8440506ee8945ad57f5e20e9962084d67808eb22 (patch)
tree	38f567b1c56846b88f5f0828bd244b05519998ba /freebsd/contrib/tcpdump/signature.c
parent	Update LibBSD doco. (diff)
download	rtems-libbsd-8440506ee8945ad57f5e20e9962084d67808eb22.tar.bz2