#include #include #include #include #include #include "rnd.h" #include "die.h" #include "str.h" #include "crypto.h" #include "curve.h" #include "ioops.h" #include "config.h" #include "keypair.h" void generate_keypair(void) { struct passwd *pw = getpwuid(getuid()); unsigned char publickey[crypto_box_pub_key_size]; unsigned char secretkey[crypto_box_sec_key_size]; char file[128]; xmemset(publickey, 0, sizeof(publickey)); xmemset(secretkey, 0, sizeof(secretkey)); curve25519_selftest(); printf("Reading from %s (this may take a while) ...\n", HIG_ENTROPY_SOURCE); gen_key_bytes(secretkey, sizeof(secretkey)); crypto_scalarmult_curve25519_base(publickey, secretkey); slprintf(file, sizeof(file), "%s/%s", pw->pw_dir, FILE_PUBKEY); write_blob_or_die(file, publickey, sizeof(publickey)); printf("Public key written to %s!\n", file); slprintf(file, sizeof(file), "%s/%s", pw->pw_dir, FILE_PRIVKEY); write_blob_or_die(file, secretkey, sizeof(secretkey)); printf("Secret key written to %s!\n", file); xmemset(publickey, 0, sizeof(publickey)); xmemset(secretkey, 0, sizeof(secretkey)); } void verify_keypair(void) { int result; struct passwd *pw = getpwuid(getuid()); unsigned char publickey[crypto_box_pub_key_size]; unsigned char publicres[crypto_box_pub_key_size]; unsigned char secretkey[crypto_box_sec_key_size]; char file[128]; curve25519_selftest(); xmemset(publickey, 0, sizeof(publickey)); xmemset(publicres, 0, sizeof(publicres)); xmemset(secretkey, 0, sizeof(secretkey)); slprintf(file, sizeof(file), "%s/%s", pw->pw_dir, FILE_PUBKEY); read_blob_or_die(file, publickey, sizeof(publickey)); slprintf(file, sizeof(file), "%s/%s", pw->pw_dir, FILE_PRIVKEY); read_blob_or_die(file, secretkey, sizeof(secretkey)); crypto_scalarmult_curve25519_base(publicres, secretkey); result = crypto_verify_32(publicres, publickey); xmemset(publickey, 0, sizeof(publickey)); xmemset(publicres, 0, sizeof(publicres)); xmemset(secretkey, 0, sizeof(secretkey)); if (result) panic("Keypair is corrupt! You need to regenerate!\n"); }
path: root/net/ipv6/exthdrs.c
diff options
context:
space:
mode:
authorDavid Ahern <dsa@cumulusnetworks.com>2016-12-29 15:29:03 -0800
committerDavid S. Miller <davem@davemloft.net>2016-12-29 22:27:23 -0500
commitf5a0aab84b74de68523599817569c057c7ac1622 (patch)
tree321a7119a443d99853b4d3e747db583ad3a39912 /net/ipv6/exthdrs.c
parent2344ef3c86a7fe41f97bf66c7936001b6132860b (diff)
net: ipv4: dst for local input routes should use l3mdev if relevant
IPv4 output routes already use l3mdev device instead of loopback for dst's if it is applicable. Change local input routes to do the same. This fixes icmp responses for unreachable UDP ports which are directed to the wrong table after commit 9d1a6c4ea43e4 because local_input routes use the loopback device. Moving from ingress device to loopback loses the L3 domain causing responses based on the dst to get to lost. Fixes: 9d1a6c4ea43e4 ("net: icmp_route_lookup should use rt dev to determine L3 domain") Signed-off-by: David Ahern <dsa@cumulusnetworks.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/ipv6/exthdrs.c')