ADMIN: dyncookie: implement a simple dynamic cookie calculator
This utility can be useful to figure what cookie value a server will
have based on the secret, its IP and its port.
diff --git a/.gitignore b/.gitignore
index cd92620..ec9dd62 100644
--- a/.gitignore
+++ b/.gitignore
@@ -40,6 +40,7 @@
*.bak
# And reject some specific files
/admin/halog/halog
+/admin/dyncookie/dyncookie
/admin/iprange/ip6range
/admin/iprange/iprange
/admin/systemd/haproxy.service
diff --git a/Makefile b/Makefile
index d598e60..e88ab30 100644
--- a/Makefile
+++ b/Makefile
@@ -937,6 +937,9 @@
admin/halog/halog: admin/halog/halog.o admin/halog/fgets2.o src/ebtree.o src/eb32tree.o src/eb64tree.o src/ebmbtree.o src/ebsttree.o src/ebistree.o src/ebimtree.o
$(cmd_LD) $(LDFLAGS) -o $@ $^ $(LDOPTS)
+admin/dyncookie/dyncookie: admin/dyncookie/dyncookie.o
+ $(cmd_LD) $(LDFLAGS) -o $@ $^ $(LDOPTS)
+
dev/flags/flags: dev/flags/flags.o
$(cmd_LD) $(LDFLAGS) -o $@ $^ $(LDOPTS)
@@ -1012,6 +1015,7 @@
$(Q)rm -f addons/wurfl/*.[oas] addons/wurfl/dummy/*.[oas]
$(Q)rm -f admin/*/*.[oas] admin/*/*/*.[oas]
$(Q)rm -f admin/iprange/iprange admin/iprange/ip6range admin/halog/halog
+ $(Q)rm -f admin/dyncookie/dyncookie
$(Q)rm -f dev/*/*.[oas]
$(Q)rm -f dev/flags/flags dev/poll/poll dev/tcploop/tcploop
$(Q)rm -f dev/hpack/decode dev/hpack/gen-enc dev/hpack/gen-rht
diff --git a/admin/dyncookie/dyncookie.c b/admin/dyncookie/dyncookie.c
new file mode 100644
index 0000000..0c778eb
--- /dev/null
+++ b/admin/dyncookie/dyncookie.c
@@ -0,0 +1,55 @@
+/*
+ * Dynamic server cookie calculator
+ *
+ * Copyright 2021 Willy Tarreau <w@1wt.eu>
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version
+ * 2 of the License, or (at your option) any later version.
+ *
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <stdarg.h>
+#include <arpa/inet.h>
+#include <import/xxhash.h>
+
+__attribute__((noreturn)) void die(int code, const char *format, ...)
+{
+ va_list args;
+
+ va_start(args, format);
+ vfprintf(stderr, format, args);
+ va_end(args);
+ exit(code);
+}
+
+int main(int argc, char **argv)
+{
+ size_t key_len;
+ int addr_len;
+ char *buf;
+ int port;
+
+ if (argc < 4)
+ die(1, "Usage: %s <key> <ip> <port>\n", argv[0]);
+
+ key_len = strlen(argv[1]);
+ buf = realloc(strdup(argv[1]), key_len + 16 + 4);
+ if (!buf)
+ die(2, "Not enough memory\n");
+
+ if (inet_pton(AF_INET, argv[2], buf + key_len) > 0)
+ addr_len = 4;
+ else if (inet_pton(AF_INET6, argv[2], buf + key_len) > 0)
+ addr_len = 16;
+ else
+ die(3, "Cannot parse address <%s> as IPv4/IPv6\n", argv[2]);
+
+ port = htonl(atoi(argv[3]));
+ memcpy(buf + key_len + addr_len, &port, 4);
+ printf("%016llx\n", (long long)XXH64(buf, key_len + addr_len + 4, 0));
+ return 0;
+}