clean up some hardcoded values and export them via header correctly

Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>

diff --git a/kronosnetd/Makefile.am b/kronosnetd/Makefile.am
index 1130cf85204310cbf2f6f71add0ad361ebf1862a..ca549c8e0e81edeb2e1f3f644e899f428702a189 100644 (file)
--- a/kronosnetd/Makefile.am
+++ b/kronosnetd/Makefile.am
@@ -37,6 +37,8 @@ kronosnetd_LDADD      = \
 
 knet_keygen_SOURCES    = keygen.c
 
+knet_keygen_CPPFLAGS   = -I$(top_srcdir)/libknet
+
 install-exec-local:
        $(INSTALL) -d -m 0700 $(DESTDIR)/$(DEFAULT_CONFIG_DIR)
        $(INSTALL) -d $(DESTDIR)/$(DEFAULT_CONFIG_DIR)/cryptokeys.d

diff --git a/kronosnetd/keygen.c b/kronosnetd/keygen.c
index 5a9d443630685435ad2f3f7f1be8515abab1d0fb..55a99865d725f302aba3b9615679ab5567d64215 100644 (file)
--- a/kronosnetd/keygen.c
+++ b/kronosnetd/keygen.c
@@ -9,8 +9,10 @@
 #include <sys/stat.h>
 #include <fcntl.h>
 
+#include <libknet.h>
+
 static char *output_file = NULL;
-static ssize_t keylen = 4096;
+static ssize_t keylen = KNET_MAX_KEY_LEN;
 
 static void print_usage(void)
 {
@@ -44,8 +46,9 @@ static int read_arguments(int argc, char **argv)
 
                case 's':
                        keylen = atoi(optarg);
-                       if ((keylen < 1024) || (keylen > 4096)) {
-                               fprintf(stderr, "Error: Key size should be a value between 1024 and 4096 (default) included\n");
+                       if ((keylen < KNET_MIN_KEY_LEN) || (keylen > KNET_MAX_KEY_LEN)) {
+                               fprintf(stderr, "Error: Key size should be a value between %u and %u (default) included\n",
+                                       KNET_MIN_KEY_LEN, KNET_MAX_KEY_LEN);
                                return -1;
                        }
                        break;

diff --git a/kronosnetd/vty_cli_cmds.c b/kronosnetd/vty_cli_cmds.c
index 8a33f23a2b7af5e4545d9a71a3cbc563ed8f5c59..59b72779edf7f362b5d7a4567f9108367c5e6f49 100644 (file)
--- a/kronosnetd/vty_cli_cmds.c
+++ b/kronosnetd/vty_cli_cmds.c
@@ -1259,7 +1259,7 @@ tap_found:
            (strncmp("none", knet_iface->hash_method, 4))) {
                int fd = -1;
                char keyfile[PATH_MAX];
-               unsigned char private_key[4096];
+               unsigned char private_key[KNET_MAX_KEY_LEN];
                struct stat sb;
 
                memset(keyfile, 0, PATH_MAX);
@@ -1284,10 +1284,11 @@ tap_found:
                }
 
                knet_handle_cfg.private_key_len = (unsigned int)sb.st_size;
-               if ((knet_handle_cfg.private_key_len < 1024) ||
-                   (knet_handle_cfg.private_key_len > 4096)) {
-                       knet_vty_write(vty, "Error: Key %s is %u long. Must be 1024 <= key_len <= 4096%s",
-                                      keyfile, knet_handle_cfg.private_key_len, telnet_newline);
+               if ((knet_handle_cfg.private_key_len < KNET_MIN_KEY_LEN) ||
+                   (knet_handle_cfg.private_key_len > KNET_MAX_KEY_LEN)) {
+                       knet_vty_write(vty, "Error: Key %s is %u long. Must be %u <= key_len <= %u%s",
+                                      keyfile, knet_handle_cfg.private_key_len,
+                                      KNET_MIN_KEY_LEN, KNET_MAX_KEY_LEN, telnet_newline);
                        goto key_error;
                }
 

diff --git a/libknet/libknet.h b/libknet/libknet.h
index 98ae57707a767b21f16bad139245d36896588bde..214d53ace61ba03b8fc519b363b6b69c65f18bc5 100644 (file)
--- a/libknet/libknet.h
+++ b/libknet/libknet.h
@@ -79,6 +79,9 @@ struct knet_frame {
 #define KNET_FRAME_PONG 0x82
 #define KNET_FRAME_PMSK 0x80 /* ping/pong packet mask */
 
+#define KNET_MIN_KEY_LEN 1024
+#define KNET_MAX_KEY_LEN 4096
+
 struct knet_handle_cfg {
        int             fd;
        uint16_t        node_id;

diff --git a/libknet/nsscrypto.c b/libknet/nsscrypto.c
index 40095ec892f71ed60445ef9ef9af00c5aef69a09..dc28b0aa6487e14b74e56b10f0114444ce3f5df4 100644 (file)
--- a/libknet/nsscrypto.c
+++ b/libknet/nsscrypto.c
@@ -546,7 +546,8 @@ int crypto_init(
        if ((knet_h->crypto_instance->crypto_cipher_type > 0) ||
            (knet_h->crypto_instance->crypto_hash_type > 0)) {
                if ((!knet_h->crypto_instance->private_key) ||
-                   (knet_h->crypto_instance->private_key_len < 1024)) {
+                   (knet_h->crypto_instance->private_key_len < KNET_MIN_KEY_LEN) ||
+                   (knet_h->crypto_instance->private_key_len > KNET_MAX_KEY_LEN)) {
                        goto out_err;
                }
        }

diff --git a/tests/ping_test.c b/tests/ping_test.c
index 8aee8b882bb234897ca39577615c8bf2eaa2e130..34b5fad516dcdf3219d614db2fb90d2345532d14 100644 (file)
--- a/tests/ping_test.c
+++ b/tests/ping_test.c
@@ -10,7 +10,7 @@
 
 #include "libknet.h"
 
-static unsigned char crypto_key[4096];
+static unsigned char crypto_key[KNET_MAX_KEY_LEN];
 static int knet_sock[2];
 static knet_handle_t knet_h;
 static struct knet_handle_cfg knet_handle_cfg;