Build radsecproxy-hash.

[libradsec.git] / fticks.c

diff --git a/fticks.c b/fticks.c
index 89081ff..f8b4c20 100644 (file)
--- a/fticks.c
+++ b/fticks.c
@@ -2,54 +2,10 @@
  * See LICENSE for information about licensing.
  */
 
-#include <stdio.h>             /* For sprintf().  */
-#include <string.h>
-#include <nettle/sha.h>
-#include <nettle/hmac.h>
-
-#include <regex.h>
-#include <pthread.h>
-#include <sys/time.h>
-#include "list.h"
 #include "radsecproxy.h"
 #include "debug.h"
-
 #include "fticks.h"
-
-static void
-_format_hash(const uint8_t *hash, size_t out_len, uint8_t *out)
-{
-    int ir, iw;
-
-    for (ir = 0, iw = 0; iw <= out_len - 3; ir++, iw += 2)
-       sprintf((char *) out + iw, "%02x", hash[ir % SHA256_DIGEST_SIZE]);
-}
-
-static void
-_hash(const uint8_t *in,
-      const uint8_t *key,
-      size_t out_len,
-      uint8_t *out)
-{
-    if (key == NULL) {
-       struct sha256_ctx ctx;
-       uint8_t hash[SHA256_DIGEST_SIZE];
-
-       sha256_init(&ctx);
-       sha256_update(&ctx, strlen((char *) in), in);
-       sha256_digest(&ctx, sizeof(hash), hash);
-       _format_hash(hash, out_len, out);
-    }
-    else {
-       struct hmac_sha256_ctx ctx;
-       uint8_t hash[SHA256_DIGEST_SIZE];
-
-       hmac_sha256_set_key(&ctx, strlen((char *) key), key);
-       hmac_sha256_update(&ctx, strlen((char *) in), in);
-       hmac_sha256_digest(&ctx, sizeof(hash), hash);
-       _format_hash(hash, out_len, out);
-    }
-}
+#include "fticks_hashmac.h"
 
 int
 fticks_configure(struct options *options,
@@ -63,7 +19,6 @@ fticks_configure(struct options *options,
 
     if (reporting == NULL)
        goto out;
-
     if (strcasecmp(reporting, "None") == 0)
        options->fticks_reporting = RSP_FTICKS_REPORTING_NONE;
     else if (strcasecmp(reporting, "Basic") == 0)
@@ -77,6 +32,8 @@ fticks_configure(struct options *options,
        goto out;
     }
 
+    if (mac == NULL)
+       goto out;
     if (strcasecmp(mac, "Static") == 0)
        options->fticks_mac = RSP_FTICKS_MAC_STATIC;
     else if (strcasecmp(mac, "Original") == 0)
@@ -120,30 +77,6 @@ out:
     return r;
 }
 
-/** Hash the Ethernet MAC address in \a IN, keying a HMAC with \a KEY
-    unless \a KEY is NULL.  If \a KEY is null \a IN is hashed with an
-    ordinary cryptographic hash function such as SHA-2.
-
-    \a IN and \a KEY are NULL terminated strings.
-
-    \a IN is supposed to be an Ethernet MAC address and is sanitised
-    by lowercasing it, removing all but [0-9a-f] and truncating it at
-    the first ';' found.  The truncation is done because RADIUS
-    supposedly has a praxis of tacking on SSID to the MAC address in
-    Calling-Station-Id.  */
-void
-fticks_hashmac(const uint8_t *in,
-              const uint8_t *key,
-              size_t out_len,
-              uint8_t *out)
-{
-    /* TODO: lowercase */
-    /* TODO: s/[!0-9a-f]//1 */
-    /* TODO: truncate after first ';', if any */
-
-    _hash(in, key, out_len, out);
-}
-
 void
 fticks_log(const struct options *options,
           const struct client *client,