[PATCH] crypto: drop secauth and make crypto none work again

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



From: "Fabio M. Di Nitto" <fdinitto@xxxxxxxxxx>

keep totem.secauth config key for compatibility

if the key is NOT set, crypto will default to aes256/sha1
if the key is set to "off", crypto is disabled.
this reflects pretty much old behavior

keywords totem.crypto_cipher and totem.crypto_hash can
override secauth individually.

it is not yet possible to enable encryption without hashing
(totemcrypt will fail) but it is planned in the next patchset.

this one will restore basic operations for developers.

Signed-off-by: Fabio M. Di Nitto <fdinitto@xxxxxxxxxx>
---
 exec/totemconfig.c             |    9 +---
 exec/totemcrypto.c             |  106 +++++++++++++++++++++++++---------------
 exec/totemudp.c                |   90 +++++++++++++++-------------------
 exec/totemudpu.c               |   90 +++++++++++++++-------------------
 include/corosync/totem/totem.h |    2 -
 5 files changed, 148 insertions(+), 149 deletions(-)

diff --git a/exec/totemconfig.c b/exec/totemconfig.c
index 931bd7a..1138963 100644
--- a/exec/totemconfig.c
+++ b/exec/totemconfig.c
@@ -129,11 +129,9 @@ static void totem_get_crypto(struct totem_config *totem_config)
 
 	tmp_hash = "sha1";
 	tmp_cipher = "aes256";
-	totem_config->secauth = 1;
 
 	if (icmap_get_string("totem.secauth", &str) == CS_OK) {
 		if (strcmp (str, "off") == 0) {
-			totem_config->secauth = 0;
 			tmp_hash = "none";
 			tmp_cipher = "none";
 		}
@@ -160,10 +158,6 @@ static void totem_get_crypto(struct totem_config *totem_config)
 		free(str);
 	}
 
-	if (strcmp(tmp_hash, "none") == 0 && strcmp(tmp_cipher, "none") == 0) {
-		totem_config->secauth = 0;
-	}
-
 	free(totem_config->crypto_cipher_type);
 	free(totem_config->crypto_hash_type);
 
@@ -1019,7 +1013,8 @@ int totem_config_keyread (
 	memset (totem_config->private_key, 0, 128);
 	totem_config->private_key_len = 128;
 
-	if (totem_config->secauth == 0) {
+	if (strcmp(totem_config->crypto_cipher_type, "none") == 0 &&
+	    strcmp(totem_config->crypto_hash_type, "none") == 0) {
 		return (0);
 	}
 
diff --git a/exec/totemcrypto.c b/exec/totemcrypto.c
index 8c0ec91..b2141a8 100644
--- a/exec/totemcrypto.c
+++ b/exec/totemcrypto.c
@@ -145,39 +145,27 @@ do {												\
 
 static void init_nss_crypto(struct crypto_instance *instance)
 {
-	PK11SlotInfo*      aes_slot = NULL;
-	PK11SlotInfo*      sha1_slot = NULL;
+	PK11SlotInfo*      crypt_slot = NULL;
+	PK11SlotInfo*      hash_slot = NULL;
 	SECItem            key_item;
-	SECStatus          rv;
+
+	if ((!cipher_to_nss[instance->crypto_cipher_type]) &&
+	    (!hash_to_nss[instance->crypto_hash_type])) {
+		log_printf(instance->log_level_notice,
+			"Initializing transmit/receive security: NONE");
+		return;
+	}
 
 	log_printf(instance->log_level_notice,
 		"Initializing transmit/receive security: NSS AES256CBC/SHA1HMAC (mode %u).", 0);
-	rv = NSS_NoDB_Init(".");
-	if (rv != SECSuccess)
-	{
-		log_printf(instance->log_level_security, "NSS initialization failed (err %d)",
-			PR_GetError());
-		goto out;
-	}
 
-	/*
-	 * TODO: use instance info!
-	 */
-	aes_slot = PK11_GetBestSlot(cipher_to_nss[instance->crypto_cipher_type], NULL);
-	if (aes_slot == NULL)
+	if (NSS_NoDB_Init(".") != SECSuccess)
 	{
-		log_printf(instance->log_level_security, "Unable to find security slot (err %d)",
+		log_printf(instance->log_level_security, "NSS initialization failed (err %d)",
 			PR_GetError());
 		goto out;
 	}
 
-	sha1_slot = PK11_GetBestSlot(hash_to_nss[instance->crypto_hash_type], NULL);
-	if (sha1_slot == NULL)
-	{
-		log_printf(instance->log_level_security, "Unable to find security slot (err %d)",
-			PR_GetError());
-		goto out;
-	}
 	/*
 	 * Make the private key into a SymKey that we can use
 	 */
@@ -185,26 +173,46 @@ static void init_nss_crypto(struct crypto_instance *instance)
 	key_item.data = instance->private_key;
 	key_item.len = cipher_key_len[instance->crypto_cipher_type];
 
-	instance->nss_sym_key = PK11_ImportSymKey(aes_slot,
-		cipher_to_nss[instance->crypto_cipher_type],
-		PK11_OriginUnwrap, CKA_ENCRYPT|CKA_DECRYPT,
-		&key_item, NULL);
-	if (instance->nss_sym_key == NULL)
-	{
-		log_printf(instance->log_level_security, "Failure to import key into NSS (err %d)",
-			PR_GetError());
-		goto out;
+	if (cipher_to_nss[instance->crypto_cipher_type]) {
+		crypt_slot = PK11_GetBestSlot(cipher_to_nss[instance->crypto_cipher_type], NULL);
+		if (crypt_slot == NULL)
+		{
+			log_printf(instance->log_level_security, "Unable to find security slot (err %d)",
+				PR_GetError());
+			goto out;
+		}
+		instance->nss_sym_key = PK11_ImportSymKey(crypt_slot,
+			cipher_to_nss[instance->crypto_cipher_type],
+			PK11_OriginUnwrap, CKA_ENCRYPT|CKA_DECRYPT,
+			&key_item, NULL);
+		if (instance->nss_sym_key == NULL)
+		{
+			log_printf(instance->log_level_security, "Failure to import key into NSS (err %d)",
+				PR_GetError());
+			goto out;
+		}
 	}
 
-	instance->nss_sym_key_sign = PK11_ImportSymKey(sha1_slot,
-		hash_to_nss[instance->crypto_hash_type],
-		PK11_OriginUnwrap, CKA_SIGN,
-		&key_item, NULL);
-	if (instance->nss_sym_key_sign == NULL) {
-		log_printf(instance->log_level_security, "Failure to import key into NSS (err %d)",
-			PR_GetError());
-		goto out;
+	if (hash_to_nss[instance->crypto_hash_type]) {
+		hash_slot = PK11_GetBestSlot(hash_to_nss[instance->crypto_hash_type], NULL);
+		if (hash_slot == NULL)
+		{
+			log_printf(instance->log_level_security, "Unable to find security slot (err %d)",
+				PR_GetError());
+			goto out;
+		}
+
+		instance->nss_sym_key_sign = PK11_ImportSymKey(hash_slot,
+			hash_to_nss[instance->crypto_hash_type],
+			PK11_OriginUnwrap, CKA_SIGN,
+			&key_item, NULL);
+		if (instance->nss_sym_key_sign == NULL) {
+			log_printf(instance->log_level_security, "Failure to import key into NSS (err %d)",
+				PR_GetError());
+			goto out;
+		}
 	}
+
 out:
 	return;
 }
@@ -447,6 +455,16 @@ int crypto_encrypt_and_sign (
 	unsigned char *buf_out,
 	size_t *buf_out_len)
 {
+	/*
+	 * if crypto is totally disabled, let's skip complex parsing
+	 */
+	if ((!cipher_to_nss[instance->crypto_cipher_type]) &&
+	    (!hash_to_nss[instance->crypto_hash_type])) {
+		memcpy(buf_out, buf_in, buf_in_len);
+		*buf_out_len = buf_in_len;
+		return 0;
+	}
+
 	return (encrypt_and_sign_nss(instance, buf_in, buf_in_len, buf_out, buf_out_len));
 }
 
@@ -454,6 +472,14 @@ int crypto_authenticate_and_decrypt (struct crypto_instance *instance,
 	unsigned char *buf,
 	int *buf_len)
 {
+	/*
+	 * if crypto is totally disabled, there is no work for us
+	 */
+	if ((!cipher_to_nss[instance->crypto_cipher_type]) &&
+	    (!hash_to_nss[instance->crypto_hash_type])) {
+		return 0;
+	}
+
 	return (authenticate_and_decrypt_nss(instance, buf, buf_len));
 }
 
diff --git a/exec/totemudp.c b/exec/totemudp.c
index 21a6122..0ccc55b 100644
--- a/exec/totemudp.c
+++ b/exec/totemudp.c
@@ -259,26 +259,24 @@ static inline void ucast_sendmsg (
 	struct iovec iovec;
 	int addrlen;
 
-	if (instance->totem_config->secauth == 1) {
+	/*
+	 * Encrypt and digest the message
+	 */
+	if (crypto_encrypt_and_sign (
+		instance->crypto_inst,
+		(const unsigned char *)msg,
+		msg_len,
+		buf_out,
+		&buf_out_len) != 0) {
 		/*
-		 * Encrypt and digest the message
+		 * TODO: how to handle error here
 		 */
-		if (crypto_encrypt_and_sign (
-			instance->crypto_inst,
-			(const unsigned char *)msg,
-			msg_len,
-			buf_out,
-			&buf_out_len) != 0) {
-			log_printf(LOGSYS_LEVEL_CRIT, "Unable to crypt? now what?");
-		}
-
-		iovec.iov_base = (void *)buf_out;
-		iovec.iov_len = buf_out_len;
-	} else {
-		iovec.iov_base = (void *)msg;
-		iovec.iov_len = msg_len;
+		log_printf(LOGSYS_LEVEL_CRIT, "Unable to crypt? now what?");
 	}
 
+	iovec.iov_base = (void *)buf_out;
+	iovec.iov_len = buf_out_len;
+
 	/*
 	 * Build unicast message
 	 */
@@ -323,26 +321,24 @@ static inline void mcast_sendmsg (
 	struct sockaddr_storage sockaddr;
 	int addrlen;
 
-	if (instance->totem_config->secauth == 1) {
+	/*
+	 * Encrypt and digest the message
+	 */
+	if (crypto_encrypt_and_sign (
+		instance->crypto_inst,
+		(const unsigned char *)msg,
+		msg_len,
+		buf_out,
+		&buf_out_len) != 0) {
 		/*
-		 * Encrypt and digest the message
+		 * TODO: how to handle error here
 		 */
-		if (crypto_encrypt_and_sign (
-			instance->crypto_inst,
-			(const unsigned char *)msg,
-			msg_len,
-			buf_out,
-			&buf_out_len) != 0) {
-			log_printf(LOGSYS_LEVEL_CRIT, "unable to crypt? now what?");
-		}
-
-		iovec.iov_base = (void *)&buf_out;
-		iovec.iov_len = buf_out_len;
-	} else {
-		iovec.iov_base = (void *)msg;
-		iovec.iov_len = msg_len;
+		log_printf(LOGSYS_LEVEL_CRIT, "unable to crypt? now what?");
 	}
 
+	iovec.iov_base = (void *)&buf_out;
+	iovec.iov_len = buf_out_len;
+
 	/*
 	 * Build multicast message
 	 */
@@ -443,18 +439,16 @@ static int net_deliver_fn (
 		instance->stats_recv += bytes_received;
 	}
 
-	if (instance->totem_config->secauth == 1) {
-		/*
-		 * Authenticate and if authenticated, decrypt datagram
-		 */
-		res = crypto_authenticate_and_decrypt (instance->crypto_inst, iovec->iov_base, &bytes_received);
-		if (res == -1) {
-			log_printf (instance->totemudp_log_level_security, "Received message has invalid digest... ignoring.");
-			log_printf (instance->totemudp_log_level_security,
-				"Invalid packet data");
-			iovec->iov_len = FRAME_SIZE_MAX;
-			return 0;
-		}
+	/*
+	 * Authenticate and if authenticated, decrypt datagram
+	 */
+	res = crypto_authenticate_and_decrypt (instance->crypto_inst, iovec->iov_base, &bytes_received);
+	if (res == -1) {
+		log_printf (instance->totemudp_log_level_security, "Received message has invalid digest... ignoring.");
+		log_printf (instance->totemudp_log_level_security,
+			"Invalid packet data");
+		iovec->iov_len = FRAME_SIZE_MAX;
+		return 0;
 	}
 	iovec->iov_len = bytes_received;
 
@@ -1179,12 +1173,8 @@ extern int totemudp_iface_check (void *udp_context)
 extern void totemudp_net_mtu_adjust (void *udp_context, struct totem_config *totem_config)
 {
 #define UDPIP_HEADER_SIZE (20 + 8) /* 20 bytes for ip 8 bytes for udp */
-	if (totem_config->secauth == 1) {
-		totem_config->net_mtu -= crypto_sec_header_size(totem_config->crypto_hash_type) +
-			UDPIP_HEADER_SIZE;
-	} else {
-		totem_config->net_mtu -= UDPIP_HEADER_SIZE;
-	}
+	totem_config->net_mtu -= crypto_sec_header_size(totem_config->crypto_hash_type) +
+		UDPIP_HEADER_SIZE;
 }
 
 const char *totemudp_iface_print (void *udp_context)  {
diff --git a/exec/totemudpu.c b/exec/totemudpu.c
index be4ca50..7d1d31c 100644
--- a/exec/totemudpu.c
+++ b/exec/totemudpu.c
@@ -247,26 +247,24 @@ static inline void ucast_sendmsg (
 	struct iovec iovec;
 	int addrlen;
 
-	if (instance->totem_config->secauth == 1) {
+	/*
+	 * Encrypt and digest the message
+	 */
+	if (crypto_encrypt_and_sign (
+		instance->crypto_inst,
+		(const unsigned char *)msg,
+		msg_len,
+		buf_out,
+		&buf_out_len) != 0) {
 		/*
-		 * Encrypt and digest the message
+		 * TODO: how to handle error here
 		 */
-		if (crypto_encrypt_and_sign (
-			instance->crypto_inst,
-			(const unsigned char *)msg,
-			msg_len,
-			buf_out,
-			&buf_out_len) != 0) {
-			log_printf(LOGSYS_LEVEL_CRIT, "unable to crypt? now what?");
-		}
-
-		iovec.iov_base = (void *)buf_out;
-		iovec.iov_len = buf_out_len;
-	} else {
-		iovec.iov_base = (void *)msg;
-		iovec.iov_len = msg_len;
+		log_printf(LOGSYS_LEVEL_CRIT, "unable to crypt? now what?");
 	}
 
+	iovec.iov_base = (void *)buf_out;
+	iovec.iov_len = buf_out_len;
+
 	/*
 	 * Build unicast message
 	 */
@@ -312,26 +310,24 @@ static inline void mcast_sendmsg (
         struct list_head *list;
 	struct totemudpu_member *member;
 
-	if (instance->totem_config->secauth == 1) {
+	/*
+	 * Encrypt and digest the message
+	 */
+	if (crypto_encrypt_and_sign (
+		instance->crypto_inst,
+		(const unsigned char *)msg,
+		msg_len,
+		buf_out,
+		&buf_out_len) != 0) {
 		/*
-		 * Encrypt and digest the message
+		 * TODO: how to handle error here
 		 */
-		if(crypto_encrypt_and_sign (
-			instance->crypto_inst,
-			(const unsigned char *)msg,
-			msg_len,
-			buf_out,
-			&buf_out_len) != 0) {
-			log_printf(LOGSYS_LEVEL_CRIT, "Unable to crypt? now what?");
-		}
-
-		iovec.iov_base = (void *)buf_out;
-		iovec.iov_len = buf_out_len;
-	} else {
-		iovec.iov_base = (void *)msg;
-		iovec.iov_len = msg_len;
+		log_printf(LOGSYS_LEVEL_CRIT, "Unable to crypt? now what?");
 	}
 
+	iovec.iov_base = (void *)buf_out;
+	iovec.iov_len = buf_out_len;
+
 	/*
 	 * Build multicast message
 	 */
@@ -422,19 +418,17 @@ static int net_deliver_fn (
 		instance->stats_recv += bytes_received;
 	}
 
-	if (instance->totem_config->secauth == 1) {
-		/*
-		 * Authenticate and if authenticated, decrypt datagram
-		 */
+	/*
+	 * Authenticate and if authenticated, decrypt datagram
+	 */
 
-		res = crypto_authenticate_and_decrypt (instance->crypto_inst, iovec->iov_base, &bytes_received);
-		if (res == -1) {
-			log_printf (instance->totemudpu_log_level_security, "Received message has invalid digest... ignoring.");
-			log_printf (instance->totemudpu_log_level_security,
-				"Invalid packet data");
-			iovec->iov_len = FRAME_SIZE_MAX;
-			return 0;
-		}
+	res = crypto_authenticate_and_decrypt (instance->crypto_inst, iovec->iov_base, &bytes_received);
+	if (res == -1) {
+		log_printf (instance->totemudpu_log_level_security, "Received message has invalid digest... ignoring.");
+		log_printf (instance->totemudpu_log_level_security,
+			"Invalid packet data");
+		iovec->iov_len = FRAME_SIZE_MAX;
+		return 0;
 	}
 	iovec->iov_len = bytes_received;
 
@@ -884,12 +878,8 @@ extern int totemudpu_iface_check (void *udpu_context)
 extern void totemudpu_net_mtu_adjust (void *udpu_context, struct totem_config *totem_config)
 {
 #define UDPIP_HEADER_SIZE (20 + 8) /* 20 bytes for ip 8 bytes for udp */
-	if (totem_config->secauth == 1) {
-		totem_config->net_mtu -= crypto_sec_header_size(totem_config->crypto_hash_type) +
-			UDPIP_HEADER_SIZE;
-	} else {
-		totem_config->net_mtu -= UDPIP_HEADER_SIZE;
-	}
+	totem_config->net_mtu -= crypto_sec_header_size(totem_config->crypto_hash_type) +
+		UDPIP_HEADER_SIZE;
 }
 
 const char *totemudpu_iface_print (void *udpu_context)  {
diff --git a/include/corosync/totem/totem.h b/include/corosync/totem/totem.h
index eba3850..08a459e 100644
--- a/include/corosync/totem/totem.h
+++ b/include/corosync/totem/totem.h
@@ -151,8 +151,6 @@ struct totem_config {
 
 	struct totem_logging_configuration totem_logging_configuration;
 
-	unsigned int secauth;
-
 	unsigned int net_mtu;
 
 	unsigned int threads;
-- 
1.7.7.6

_______________________________________________
discuss mailing list
discuss@xxxxxxxxxxxx
http://lists.corosync.org/mailman/listinfo/discuss


[Index of Archives]     [Linux Clusters]     [Corosync Project]     [Linux USB Devel]     [Linux Audio Users]     [Photo]     [Yosemite News]    [Yosemite Photos]    [Linux Kernel]     [Linux SCSI]     [X.Org]

  Powered by Linux