ViewVC Help
View File | Revision Log | Show Annotations | Download File
/cvs/gvpe/src/connection.C
Revision: 1.107
Committed: Fri Sep 20 11:57:03 2013 UTC (10 years, 8 months ago) by root
Content type: text/plain
Branch: MAIN
Changes since 1.106: +12 -4 lines
Log Message: 
*** empty log message ***

File Contents

# User Rev Content
1 pcg 1.1 /*
2     connection.C -- manage a single connection
3 root 1.98 Copyright (C) 2003-2008,2010,2011,2013 Marc Lehmann <gvpe@schmorp.de>
4 pcg 1.1
5 pcg 1.42 This file is part of GVPE.
6    
7 pcg 1.69 GVPE is free software; you can redistribute it and/or modify it
8     under the terms of the GNU General Public License as published by the
9     Free Software Foundation; either version 3 of the License, or (at your
10     option) any later version.
11    
12     This program is distributed in the hope that it will be useful, but
13     WITHOUT ANY WARRANTY; without even the implied warranty of
14     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General
15     Public License for more details.
16    
17     You should have received a copy of the GNU General Public License along
18     with this program; if not, see <http://www.gnu.org/licenses/>.
19    
20     Additional permission under GNU GPL version 3 section 7
21    
22     If you modify this Program, or any covered work, by linking or
23     combining it with the OpenSSL project's OpenSSL library (or a modified
24     version of that library), containing parts covered by the terms of the
25     OpenSSL or SSLeay licenses, the licensors of this Program grant you
26     additional permission to convey the resulting work. Corresponding
27     Source for a non-source form of such a combination shall include the
28     source code for the parts of OpenSSL used as well as that of the
29     covered work.
30 pcg 1.1 */
31    
32     #include "config.h"
33    
34     #include <list>
35 pcg 1.70 #include <queue>
36     #include <utility>
37 pcg 1.1
38 root 1.107 #include <openssl/opensslv.h>
39 pcg 1.2 #include <openssl/rand.h>
40     #include <openssl/evp.h>
41     #include <openssl/rsa.h>
42     #include <openssl/err.h>
43    
44 root 1.107 // openssl 0.9.8 compatibility
45     #if OPENSSL_VERSION_NUMBER < 0x10100000
46     #define require101(exp) exp
47     #else
48     #define require101(exp) equire (exp)
49     #endif
50    
51 pcg 1.1 #include "conf.h"
52     #include "slog.h"
53     #include "device.h"
54 pcg 1.2 #include "vpn.h"
55 pcg 1.1 #include "connection.h"
56 root 1.98 #include "hkdf.h"
57 pcg 1.1
58 pcg 1.20 #include "netcompat.h"
59 pcg 1.19
60 root 1.98 #define MAGIC "gvpe\xbd\xc6\xdb\x82" // 8 bytes of magic
61 root 1.102 #define MAGIC "HUHN\xbd\xc6\xdb\x82" // 8 bytes of magic//D
62 pcg 1.30
63     #define ULTRA_FAST 1
64     #define HLOG 15
65     #include "lzf/lzf.h"
66     #include "lzf/lzf_c.c"
67     #include "lzf/lzf_d.c"
68 pcg 1.1
69 pcg 1.70 //////////////////////////////////////////////////////////////////////////////
70    
71     static std::queue< std::pair<run_script_cb *, const char *> > rs_queue;
72     static ev::child rs_child_ev;
73    
74 root 1.90 namespace
75 pcg 1.70 {
76 root 1.90 void // c++ requires external linkage here, apparently :(
77     rs_child_cb (ev::child &w, int revents)
78     {
79     w.stop ();
80 pcg 1.70
81 root 1.90 if (rs_queue.empty ())
82     return;
83 pcg 1.70
84 root 1.90 pid_t pid = run_script (*rs_queue.front ().first, false);
85     if (pid)
86     {
87     w.set (pid);
88     w.start ();
89     }
90     else
91     slog (L_WARN, rs_queue.front ().second);
92 pcg 1.70
93 root 1.90 delete rs_queue.front ().first;
94     rs_queue.pop ();
95     }
96     };
97 pcg 1.70
98     // despite the fancy name, this is quite a hack
99     static void
100     run_script_queued (run_script_cb *cb, const char *warnmsg)
101     {
102     rs_queue.push (std::make_pair (cb, warnmsg));
103    
104     if (!rs_child_ev.is_active ())
105     {
106     rs_child_ev.set<rs_child_cb> ();
107     rs_child_ev ();
108     }
109     }
110    
111     //////////////////////////////////////////////////////////////////////////////
112    
113 pcg 1.1 struct crypto_ctx
114     {
115     EVP_CIPHER_CTX cctx;
116     HMAC_CTX hctx;
117    
118 root 1.98 crypto_ctx (const auth_data &auth1, const auth_data &auth2, const ecdh_key &a, const ecdh_key &b, int enc);
119 pcg 1.1 ~crypto_ctx ();
120     };
121    
122 root 1.98 crypto_ctx::crypto_ctx (const auth_data &auth1, const auth_data &auth2, const ecdh_key &a, const ecdh_key &b, int enc)
123 pcg 1.1 {
124 root 1.98 ecdh_key s;
125    
126     curve25519_combine (a, b, s);
127    
128     {
129     u8 mac_key[MAC_KEYSIZE];
130     static const unsigned char mac_info[] = "gvpe mac key";
131    
132 root 1.99 hkdf kdf (auth2.rsa.hkdf_salt, sizeof (auth2.rsa.hkdf_salt), HKDF_XTR_HASH ());
133 root 1.98 kdf.extract (auth1.rsa.mac_key, sizeof (auth1.rsa.mac_key));
134     kdf.extract (s, sizeof (s));
135 root 1.99 kdf.extract_done (HKDF_PRF_HASH ());
136 root 1.98 kdf.expand (mac_key, sizeof (mac_key), mac_info, sizeof (mac_info));
137    
138     HMAC_CTX_init (&hctx);
139 root 1.107 require101 (HMAC_Init_ex (&hctx, mac_key, MAC_KEYSIZE, MAC_DIGEST (), 0));
140 root 1.98 }
141    
142     {
143     u8 cipher_key[CIPHER_KEYSIZE];
144     static const unsigned char cipher_info[] = "gvpe cipher key";
145    
146 root 1.99 hkdf kdf (auth2.rsa.hkdf_salt, sizeof (auth2.rsa.hkdf_salt), HKDF_XTR_HASH ());
147 root 1.98 kdf.extract (auth1.rsa.cipher_key, sizeof (auth1.rsa.cipher_key));
148     kdf.extract (s, sizeof (s));
149 root 1.99 kdf.extract_done (HKDF_PRF_HASH ());
150 root 1.98 kdf.expand (cipher_key, sizeof (cipher_key), cipher_info, sizeof (cipher_info));
151    
152     EVP_CIPHER_CTX_init (&cctx);
153     require (EVP_CipherInit_ex (&cctx, CIPHER (), 0, cipher_key, 0, enc));
154     }
155 pcg 1.1 }
156    
157     crypto_ctx::~crypto_ctx ()
158     {
159 pcg 1.29 require (EVP_CIPHER_CTX_cleanup (&cctx));
160 pcg 1.1 HMAC_CTX_cleanup (&hctx);
161     }
162    
163 root 1.98 static inline void
164     auth_encrypt (RSA *key, const auth_data &auth, auth_encr &encr)
165 pcg 1.1 {
166 root 1.98 if (RSA_public_encrypt (sizeof (auth.rsa),
167     (unsigned char *)&auth.rsa, (unsigned char *)&encr.rsa,
168     key, RSA_PKCS1_OAEP_PADDING) < 0)
169     fatal ("RSA_public_encrypt error");
170 root 1.100
171     memcpy (&encr.ecdh, &auth.ecdh, sizeof (encr.ecdh));
172 pcg 1.1 }
173    
174 root 1.98 static inline bool
175     auth_decrypt (RSA *key, const auth_encr &encr, auth_data &auth)
176 pcg 1.63 {
177 root 1.98 u8 rsa_decrypt[RSA_KEYLEN];
178 pcg 1.1
179 root 1.98 if (RSA_private_decrypt (sizeof (encr.rsa),
180     (const unsigned char *)&encr.rsa, (unsigned char *)rsa_decrypt,
181     key, RSA_PKCS1_OAEP_PADDING) != sizeof (auth.rsa))
182     return 0;
183 pcg 1.1
184 root 1.98 memcpy (&auth.rsa, rsa_decrypt, sizeof (auth.rsa));
185 root 1.100 memcpy (&auth.ecdh, &encr.ecdh, sizeof (auth.ecdh));
186 pcg 1.1
187 root 1.98 return 1;
188     }
189 pcg 1.1
190 root 1.98 static void
191 root 1.104 auth_hash (const auth_data &auth, const ecdh_key &b, auth_mac &mac)
192 root 1.98 {
193 root 1.106 hkdf kdf (b, sizeof b, AUTH_DIGEST ()); // use response ecdh b as salt
194 root 1.104 kdf.extract (&auth.rsa, sizeof (auth.rsa));
195     kdf.extract_done ();
196 root 1.106 kdf.expand (mac, sizeof mac, auth.ecdh, sizeof (auth.ecdh)); // use challenge ecdh b as info
197 root 1.98 }
198 pcg 1.1
199 root 1.90 void
200 root 1.98 connection::generate_auth_data ()
201 pcg 1.1 {
202 root 1.98 if (auth_expire < ev_now ())
203 pcg 1.1 {
204 root 1.98 // request data
205 root 1.101 rand_fill (snd_auth.rsa);
206 root 1.98 curve25519_generate (snd_ecdh_a, snd_auth.ecdh);
207    
208     // eventual response data
209     curve25519_generate (rcv_ecdh_a, rcv_ecdh_b);
210 pcg 1.1 }
211 root 1.98
212     // every use prolongs the expiry
213     auth_expire = ev_now () + AUTH_TTL;
214 pcg 1.1 }
215    
216     //////////////////////////////////////////////////////////////////////////////
217    
218 pcg 1.67 pkt_queue::pkt_queue (double max_ttl, int max_queue)
219     : max_ttl (max_ttl), max_queue (max_queue)
220 pcg 1.1 {
221 pcg 1.67 queue = new pkt [max_queue];
222    
223     i = 0;
224     j = 0;
225    
226     expire.set<pkt_queue, &pkt_queue::expire_cb> (this);
227     }
228 pcg 1.1
229 pcg 1.67 pkt_queue::~pkt_queue ()
230     {
231     while (net_packet *p = get ())
232     delete p;
233 pcg 1.1
234 pcg 1.67 delete [] queue;
235 pcg 1.1 }
236    
237 root 1.90 void
238     pkt_queue::expire_cb (ev::timer &w, int revents)
239 pcg 1.1 {
240 pcg 1.67 ev_tstamp expire = ev_now () - max_ttl;
241 pcg 1.1
242 pcg 1.67 for (;;)
243 pcg 1.1 {
244 pcg 1.67 if (empty ())
245     break;
246    
247     double diff = queue[j].tstamp - expire;
248    
249     if (diff >= 0.)
250     {
251     w.start (diff > 0.5 ? diff : 0.5);
252     break;
253     }
254    
255     delete get ();
256 pcg 1.1 }
257     }
258    
259 root 1.90 void
260     pkt_queue::put (net_packet *p)
261 pcg 1.1 {
262 pcg 1.67 ev_tstamp now = ev_now ();
263    
264     // start expiry timer
265     if (empty ())
266     expire.start (max_ttl);
267    
268     int ni = i + 1 == max_queue ? 0 : i + 1;
269    
270     if (ni == j)
271     delete get ();
272    
273     queue[i].pkt = p;
274     queue[i].tstamp = now;
275    
276     i = ni;
277 pcg 1.1 }
278    
279 root 1.90 net_packet *
280     pkt_queue::get ()
281 pcg 1.1 {
282 pcg 1.67 if (empty ())
283     return 0;
284    
285     net_packet *p = queue[j].pkt;
286     queue[j].pkt = 0;
287    
288     j = j + 1 == max_queue ? 0 : j + 1;
289    
290     return p;
291 pcg 1.1 }
292    
293 pcg 1.63 struct net_rateinfo
294     {
295 pcg 1.1 u32 host;
296     double pcnt, diff;
297     tstamp last;
298     };
299    
300     // only do action once every x seconds per host whole allowing bursts.
301     // this implementation ("splay list" ;) is inefficient,
302     // but low on resources.
303     struct net_rate_limiter : list<net_rateinfo>
304     {
305 pcg 1.35 # define NRL_ALPHA (1. - 1. / 600.) // allow bursts
306     # define NRL_CUTOFF 10. // one event every CUTOFF seconds
307     # define NRL_EXPIRE (NRL_CUTOFF * 30.) // expire entries after this time
308     # define NRL_MAXDIF (NRL_CUTOFF * (1. / (1. - NRL_ALPHA))) // maximum diff /count value
309 pcg 1.1
310 pcg 1.16 bool can (const sockinfo &si) { return can((u32)si.host); }
311 pcg 1.1 bool can (u32 host);
312     };
313    
314 root 1.90 static net_rate_limiter auth_rate_limiter, reset_rate_limiter;
315 pcg 1.1
316 root 1.90 bool
317     net_rate_limiter::can (u32 host)
318 pcg 1.1 {
319     iterator i;
320    
321     for (i = begin (); i != end (); )
322     if (i->host == host)
323     break;
324 pcg 1.62 else if (i->last < ev_now () - NRL_EXPIRE)
325 pcg 1.1 i = erase (i);
326     else
327     i++;
328    
329     if (i == end ())
330     {
331     net_rateinfo ri;
332    
333     ri.host = host;
334     ri.pcnt = 1.;
335 pcg 1.34 ri.diff = NRL_MAXDIF;
336 pcg 1.62 ri.last = ev_now ();
337 pcg 1.1
338     push_front (ri);
339    
340     return true;
341     }
342     else
343     {
344     net_rateinfo ri (*i);
345     erase (i);
346    
347 pcg 1.34 ri.pcnt = ri.pcnt * NRL_ALPHA;
348 pcg 1.62 ri.diff = ri.diff * NRL_ALPHA + (ev_now () - ri.last);
349 pcg 1.1
350 pcg 1.62 ri.last = ev_now ();
351 pcg 1.1
352 pcg 1.10 double dif = ri.diff / ri.pcnt;
353 pcg 1.1
354 pcg 1.34 bool send = dif > NRL_CUTOFF;
355 pcg 1.10
356 pcg 1.34 if (dif > NRL_MAXDIF)
357 pcg 1.10 {
358     ri.pcnt = 1.;
359 pcg 1.34 ri.diff = NRL_MAXDIF;
360 pcg 1.10 }
361     else if (send)
362 pcg 1.1 ri.pcnt++;
363    
364     push_front (ri);
365    
366     return send;
367     }
368     }
369    
370     /////////////////////////////////////////////////////////////////////////////
371    
372 root 1.90 void
373 root 1.104 hmac_packet::hmac_gen (crypto_ctx *ctx, u8 *hmac_digest)
374 pcg 1.1 {
375     HMAC_CTX *hctx = &ctx->hctx;
376    
377 root 1.107 require101 (HMAC_Init_ex (hctx, 0, 0, 0, 0));
378     require101 (HMAC_Update (hctx, ((unsigned char *) this) + sizeof (hmac_packet), len - sizeof (hmac_packet)));
379     require101 (HMAC_Final (hctx, hmac_digest, 0));
380 pcg 1.1 }
381    
382     void
383     hmac_packet::hmac_set (crypto_ctx *ctx)
384     {
385 root 1.104 unsigned char hmac_digest[EVP_MAX_MD_SIZE];
386     hmac_gen (ctx, hmac_digest);
387 pcg 1.1 memcpy (hmac, hmac_digest, HMACLENGTH);
388     }
389    
390     bool
391     hmac_packet::hmac_chk (crypto_ctx *ctx)
392     {
393 root 1.104 unsigned char hmac_digest[EVP_MAX_MD_SIZE];
394     hmac_gen (ctx, hmac_digest);
395 pcg 1.1 return !memcmp (hmac, hmac_digest, HMACLENGTH);
396     }
397    
398 root 1.90 void
399     vpn_packet::set_hdr (ptype type_, unsigned int dst)
400 pcg 1.1 {
401 pcg 1.6 type = type_;
402 pcg 1.1
403     int src = THISNODE->id;
404    
405     src1 = src;
406     srcdst = ((src >> 8) << 4) | (dst >> 8);
407     dst1 = dst;
408     }
409    
410     #define MAXVPNDATA (MAX_MTU - 6 - 6)
411     #define DATAHDR (sizeof (u32) + RAND_SIZE)
412    
413 pcg 1.28 struct vpndata_packet : vpn_packet
414 root 1.90 {
415     u8 data[MAXVPNDATA + DATAHDR]; // seqno
416    
417     void setup (connection *conn, int dst, u8 *d, u32 len, u32 seqno);
418     tap_packet *unpack (connection *conn, u32 &seqno);
419 pcg 1.1
420     private:
421 root 1.90 const u32 data_hdr_size () const
422     {
423     return sizeof (vpndata_packet) - sizeof (net_packet) - MAXVPNDATA - DATAHDR;
424     }
425     };
426 pcg 1.1
427     void
428     vpndata_packet::setup (connection *conn, int dst, u8 *d, u32 l, u32 seqno)
429     {
430     EVP_CIPHER_CTX *cctx = &conn->octx->cctx;
431     int outl = 0, outl2;
432     ptype type = PT_DATA_UNCOMPRESSED;
433    
434     #if ENABLE_COMPRESSION
435     u8 cdata[MAX_MTU];
436    
437 pcg 1.86 if (conn->features & FEATURE_COMPRESSION)
438 pcg 1.1 {
439 pcg 1.31 u32 cl = lzf_compress (d, l, cdata + 2, (l - 2) & ~7);
440 pcg 1.1
441 pcg 1.31 if (cl)
442     {
443     type = PT_DATA_COMPRESSED;
444     d = cdata;
445     l = cl + 2;
446    
447     d[0] = cl >> 8;
448     d[1] = cl;
449     }
450 pcg 1.1 }
451     #endif
452    
453 root 1.98 require (EVP_CipherInit_ex (cctx, 0, 0, 0, 0, 1));
454 pcg 1.1
455     struct {
456     #if RAND_SIZE
457     u8 rnd[RAND_SIZE];
458     #endif
459     u32 seqno;
460     } datahdr;
461    
462     datahdr.seqno = ntohl (seqno);
463     #if RAND_SIZE
464 root 1.102 // NB: a constant (per session) random prefix
465     // is likely enough, but we don't take any chances.
466     conn->oiv.get (datahdr.rnd, RAND_SIZE);
467 pcg 1.1 #endif
468    
469 pcg 1.29 require (EVP_EncryptUpdate (cctx,
470 pcg 1.1 (unsigned char *) data + outl, &outl2,
471 pcg 1.29 (unsigned char *) &datahdr, DATAHDR));
472 pcg 1.1 outl += outl2;
473    
474 pcg 1.29 require (EVP_EncryptUpdate (cctx,
475 pcg 1.1 (unsigned char *) data + outl, &outl2,
476 pcg 1.29 (unsigned char *) d, l));
477 pcg 1.1 outl += outl2;
478    
479 pcg 1.29 require (EVP_EncryptFinal_ex (cctx, (unsigned char *) data + outl, &outl2));
480 pcg 1.1 outl += outl2;
481    
482     len = outl + data_hdr_size ();
483    
484     set_hdr (type, dst);
485    
486     hmac_set (conn->octx);
487     }
488    
489     tap_packet *
490     vpndata_packet::unpack (connection *conn, u32 &seqno)
491     {
492     EVP_CIPHER_CTX *cctx = &conn->ictx->cctx;
493     int outl = 0, outl2;
494     tap_packet *p = new tap_packet;
495     u8 *d;
496     u32 l = len - data_hdr_size ();
497    
498 root 1.98 require (EVP_CipherInit_ex (cctx, 0, 0, 0, 0, 0));
499 pcg 1.1
500     #if ENABLE_COMPRESSION
501     u8 cdata[MAX_MTU];
502    
503     if (type == PT_DATA_COMPRESSED)
504     d = cdata;
505     else
506     #endif
507 root 1.101 d = &(*p)[6 + 6] - DATAHDR;
508 pcg 1.1
509 root 1.101 // we play do evil games with the struct layout atm.
510     // pending better solutions, we at least do some verification.
511     // this is fine, as we left ISO territory long ago.
512     require (DATAHDR <= 16);
513     require ((u8 *)(&p->len + 1) == &(*p)[0]);
514    
515     // this can overwrite the len/dst/src fields
516 pcg 1.29 require (EVP_DecryptUpdate (cctx,
517 pcg 1.1 d, &outl2,
518 pcg 1.29 (unsigned char *)&data, len - data_hdr_size ()));
519 pcg 1.1 outl += outl2;
520    
521 pcg 1.29 require (EVP_DecryptFinal_ex (cctx, (unsigned char *)d + outl, &outl2));
522 pcg 1.1 outl += outl2;
523    
524     seqno = ntohl (*(u32 *)(d + RAND_SIZE));
525    
526     id2mac (dst () ? dst() : THISNODE->id, p->dst);
527     id2mac (src (), p->src);
528    
529     #if ENABLE_COMPRESSION
530     if (type == PT_DATA_COMPRESSED)
531     {
532     u32 cl = (d[DATAHDR] << 8) | d[DATAHDR + 1];
533    
534     p->len = lzf_decompress (d + DATAHDR + 2, cl < MAX_MTU ? cl : 0,
535     &(*p)[6 + 6], MAX_MTU)
536     + 6 + 6;
537     }
538     else
539     p->len = outl + (6 + 6 - DATAHDR);
540     #endif
541    
542     return p;
543     }
544    
545     struct ping_packet : vpn_packet
546     {
547     void setup (int dst, ptype type)
548     {
549     set_hdr (type, dst);
550     len = sizeof (*this) - sizeof (net_packet);
551     }
552     };
553    
554     struct config_packet : vpn_packet
555     {
556 root 1.103 u8 serial[SERIAL_SIZE];
557 root 1.98 u8 prot_major, prot_minor, randsize;
558     u8 flags, features, pad6, pad7, pad8;
559     u32 cipher_nid, mac_nid, auth_nid;
560 pcg 1.1
561     void setup (ptype type, int dst);
562 root 1.103 bool chk_config (const conf_node *conf, const sockinfo &rsi) const;
563 pcg 1.32
564     static u8 get_features ()
565     {
566     u8 f = 0;
567     #if ENABLE_COMPRESSION
568     f |= FEATURE_COMPRESSION;
569     #endif
570     #if ENABLE_ROHC
571     f |= FEATURE_ROHC;
572     #endif
573 pcg 1.59 #if ENABLE_BRIDGING
574     f |= FEATURE_BRIDGING;
575     #endif
576 pcg 1.32 return f;
577     }
578 pcg 1.1 };
579    
580 root 1.90 void
581     config_packet::setup (ptype type, int dst)
582 pcg 1.1 {
583     prot_major = PROTOCOL_MAJOR;
584     prot_minor = PROTOCOL_MINOR;
585     randsize = RAND_SIZE;
586 pcg 1.48 flags = 0;
587 pcg 1.32 features = get_features ();
588 pcg 1.1
589 root 1.103 strncpy ((char *)serial, conf.serial, sizeof (serial));
590    
591 root 1.98 cipher_nid = htonl (EVP_CIPHER_nid (CIPHER ()));
592     mac_nid = htonl (EVP_MD_type (MAC_DIGEST ()));
593     auth_nid = htonl (EVP_MD_type (AUTH_DIGEST ()));
594 pcg 1.1
595     len = sizeof (*this) - sizeof (net_packet);
596     set_hdr (type, dst);
597     }
598    
599 root 1.90 bool
600 root 1.103 config_packet::chk_config (const conf_node *conf, const sockinfo &rsi) const
601 pcg 1.1 {
602 pcg 1.15 if (prot_major != PROTOCOL_MAJOR)
603 root 1.103 slog (L_WARN, _("%s(%s): major version mismatch (remote %d <=> local %d)"),
604     conf->nodename, (const char *)rsi, prot_major, PROTOCOL_MAJOR);
605 pcg 1.15 else if (randsize != RAND_SIZE)
606 root 1.103 slog (L_WARN, _("%s(%s): rand size mismatch (remote %d <=> local %d)"),
607     conf->nodename, (const char *)rsi, randsize, RAND_SIZE);
608 root 1.98 else if (cipher_nid != htonl (EVP_CIPHER_nid (CIPHER ())))
609 root 1.103 slog (L_WARN, _("%s(%s): cipher algo mismatch (remote %x <=> local %x)"),
610     conf->nodename, (const char *)rsi, ntohl (cipher_nid), EVP_CIPHER_nid (CIPHER ()));
611 root 1.98 else if (mac_nid != htonl (EVP_MD_type (MAC_DIGEST ())))
612 root 1.103 slog (L_WARN, _("%s(%s): mac algo mismatch (remote %x <=> local %x)"),
613     conf->nodename, (const char *)rsi, ntohl (mac_nid), EVP_MD_type (MAC_DIGEST ()));
614 root 1.98 else if (auth_nid != htonl (EVP_MD_type (AUTH_DIGEST ())))
615 root 1.103 slog (L_WARN, _("%s(%s): auth algo mismatch (remote %x <=> local %x)"),
616     conf->nodename, (const char *)rsi, ntohl (auth_nid), EVP_MD_type (AUTH_DIGEST ()));
617 pcg 1.15 else
618 root 1.103 {
619     int cmp = memcmp (serial, ::conf.serial, sizeof (serial));
620    
621     if (cmp > 0)
622     slog (L_WARN, _("%s(%s): remote serial newer than local serial - outdated config?"),
623     conf->nodename, (const char *)rsi);
624     else if (cmp == 0)
625     return true;
626     }
627 pcg 1.15
628     return false;
629 pcg 1.1 }
630    
631 root 1.98 struct auth_req_packet : config_packet // UNPROTECTED
632 pcg 1.1 {
633     char magic[8];
634     u8 initiate; // false if this is just an automatic reply
635 pcg 1.28 u8 protocols; // supported protocols (will be patched on forward)
636 pcg 1.1 u8 pad2, pad3;
637 root 1.98 auth_encr encr;
638 pcg 1.1
639     auth_req_packet (int dst, bool initiate_, u8 protocols_)
640     {
641     config_packet::setup (PT_AUTH_REQ, dst);
642 root 1.98 memcpy (magic, MAGIC, 8);
643 pcg 1.1 initiate = !!initiate_;
644     protocols = protocols_;
645    
646     len = sizeof (*this) - sizeof (net_packet);
647     }
648     };
649    
650 root 1.103 struct auth_res_packet : vpn_packet // UNPROTECTED
651 pcg 1.1 {
652 root 1.98 auth_response response;
653 pcg 1.1
654     auth_res_packet (int dst)
655     {
656 root 1.103 set_hdr (PT_AUTH_RES, dst);
657 pcg 1.1
658     len = sizeof (*this) - sizeof (net_packet);
659     }
660     };
661    
662     struct connect_req_packet : vpn_packet
663     {
664     u8 id, protocols;
665     u8 pad1, pad2;
666    
667     connect_req_packet (int dst, int id_, u8 protocols_)
668     : id(id_)
669     , protocols(protocols_)
670     {
671     set_hdr (PT_CONNECT_REQ, dst);
672     len = sizeof (*this) - sizeof (net_packet);
673     }
674     };
675    
676     struct connect_info_packet : vpn_packet
677     {
678     u8 id, protocols;
679     u8 pad1, pad2;
680     sockinfo si;
681    
682     connect_info_packet (int dst, int id_, const sockinfo &si_, u8 protocols_)
683     : id(id_)
684     , protocols(protocols_)
685     , si(si_)
686     {
687     set_hdr (PT_CONNECT_INFO, dst);
688    
689     len = sizeof (*this) - sizeof (net_packet);
690     }
691     };
692    
693     /////////////////////////////////////////////////////////////////////////////
694    
695     void
696 root 1.98 connection::connection_established (const sockinfo &rsi)
697 pcg 1.10 {
698 root 1.98 if (!have_snd_auth || !have_rcv_auth)
699     return;
700    
701     si = rsi;
702     protocol = rsi.prot;
703    
704     slog (L_INFO, _("%s(%s): connection established (%s), protocol version %d.%d."),
705     conf->nodename, (const char *)rsi,
706     is_direct ? "direct" : "forwarded",
707     PROTOCOL_MAJOR, prot_minor);
708    
709     if (::conf.script_node_up)
710     {
711     run_script_cb *cb = new run_script_cb;
712     cb->set<connection, &connection::script_node_up> (this);
713     run_script_queued (cb, _("node-up command execution failed, continuing."));
714     }
715    
716     delete ictx; ictx = new crypto_ctx (rcv_auth, snd_auth, rcv_ecdh_a, rcv_auth.ecdh, 0);
717     iseqno.reset (ntohl (rcv_auth.rsa.seqno) & 0x7fffffff);
718    
719     delete octx; octx = new crypto_ctx (snd_auth, rcv_auth, snd_ecdh_a, snd_ecdh_b , 1);
720     oseqno = ntohl (snd_auth.rsa.seqno) & 0x7fffffff;
721 pcg 1.61
722 root 1.102 oiv.reset ();
723    
724     // make sure rekeying timeouts are slightly asymmetric
725     ev::tstamp rekey_interval = ::conf.rekey + (conf->id > THISNODE->id ? 10 : 0);
726     rekey.start (rekey_interval, rekey_interval);
727    
728     keepalive.start (::conf.keepalive);
729    
730     // send queued packets
731 pcg 1.10 if (ictx && octx)
732     {
733 root 1.102 while (tap_packet *p = (tap_packet *)data_queue.get ())
734     {
735     if (p->len) send_data_packet (p);
736     delete p;
737     }
738 root 1.97
739 root 1.102 while (vpn_packet *p = (vpn_packet *)vpn_queue.get ())
740 pcg 1.12 {
741 root 1.102 if (p->len) send_vpn_packet (p, si, IPTOS_RELIABILITY);
742     delete p;
743 pcg 1.12 }
744 root 1.102 }
745 pcg 1.73
746 root 1.102 vpn->connection_established (this);
747 pcg 1.10 }
748    
749     void
750 pcg 1.8 connection::reset_si ()
751 pcg 1.1 {
752 pcg 1.73 if (vpn->can_direct (THISNODE, conf))
753     protocol = best_protocol (THISNODE->protocols & conf->connectable_protocols ());
754     else
755 pcg 1.59 {
756 pcg 1.73 slog (L_TRACE, _("%s: direct connection denied by config."), conf->nodename);
757 pcg 1.59 protocol = 0;
758     }
759 pcg 1.6
760     si.set (conf, protocol);
761 pcg 1.73
762     is_direct = si.valid ();
763 pcg 1.1 }
764    
765 pcg 1.8 // ensure sockinfo is valid, forward if necessary
766     const sockinfo &
767     connection::forward_si (const sockinfo &si) const
768     {
769     if (!si.valid ())
770     {
771 pcg 1.73 connection *r = vpn->find_router_for (this);
772 pcg 1.8
773     if (r)
774     {
775 pcg 1.73 slog (L_DEBUG, _("%s: no common protocol, trying to route through %s."),
776     conf->nodename, r->conf->nodename);
777 pcg 1.8 return r->si;
778     }
779     else
780 pcg 1.73 slog (L_DEBUG, _("%s: node unreachable, no common protocol or no router available."),
781 pcg 1.8 conf->nodename);
782     }
783    
784     return si;
785     }
786    
787 pcg 1.1 void
788 pcg 1.10 connection::send_vpn_packet (vpn_packet *pkt, const sockinfo &si, int tos)
789     {
790 pcg 1.46 if (!vpn->send_vpn_packet (pkt, si, tos))
791 pcg 1.10 reset_connection ();
792     }
793    
794     void
795 pcg 1.1 connection::send_ping (const sockinfo &si, u8 pong)
796     {
797     ping_packet *pkt = new ping_packet;
798    
799     pkt->setup (conf->id, pong ? ping_packet::PT_PONG : ping_packet::PT_PING);
800 pcg 1.73
801 pcg 1.79 slog (L_TRACE, "%s << %s [%s]", conf->nodename, pong ? "PT_PONG" : "PT_PING", (const char *)si);
802 pcg 1.10 send_vpn_packet (pkt, si, IPTOS_LOWDELAY);
803 pcg 1.1
804     delete pkt;
805     }
806    
807     void
808     connection::send_reset (const sockinfo &si)
809     {
810     if (reset_rate_limiter.can (si) && connectmode != conf_node::C_DISABLED)
811     {
812     config_packet *pkt = new config_packet;
813    
814     pkt->setup (vpn_packet::PT_RESET, conf->id);
815 pcg 1.10 send_vpn_packet (pkt, si, IPTOS_MINCOST);
816 pcg 1.1
817     delete pkt;
818     }
819     }
820    
821     void
822     connection::send_auth_request (const sockinfo &si, bool initiate)
823     {
824     auth_req_packet *pkt = new auth_req_packet (conf->id, initiate, THISNODE->protocols);
825    
826 root 1.98 generate_auth_data ();
827     auth_encrypt (conf->rsa_key, snd_auth, pkt->encr);
828 pcg 1.1
829 pcg 1.81 slog (L_TRACE, "%s << PT_AUTH_REQ [%s]", conf->nodename, (const char *)si);
830 pcg 1.10 send_vpn_packet (pkt, si, IPTOS_RELIABILITY | IPTOS_LOWDELAY); // rsa is very very costly
831 pcg 1.1
832 pcg 1.6 delete pkt;
833 pcg 1.1 }
834    
835     void
836 root 1.98 connection::send_auth_response (const sockinfo &si)
837 pcg 1.1 {
838     auth_res_packet *pkt = new auth_res_packet (conf->id);
839    
840 root 1.104 memcpy (pkt->response.ecdh, rcv_ecdh_b, sizeof rcv_ecdh_b);
841     auth_hash (rcv_auth, rcv_ecdh_b, pkt->response.mac);
842 pcg 1.1
843 pcg 1.80 slog (L_TRACE, "%s << PT_AUTH_RES [%s]", conf->nodename, (const char *)si);
844 pcg 1.10 send_vpn_packet (pkt, si, IPTOS_RELIABILITY); // rsa is very very costly
845 pcg 1.1
846     delete pkt;
847     }
848    
849     void
850     connection::send_connect_info (int rid, const sockinfo &rsi, u8 rprotocols)
851     {
852 root 1.93 slog (L_TRACE, "%s << PT_CONNECT_INFO(%s,%s,p%02x)", conf->nodename,
853     vpn->conns[rid - 1]->conf->nodename, (const char *)rsi,
854     conf->protocols);
855 pcg 1.1
856     connect_info_packet *r = new connect_info_packet (conf->id, rid, rsi, rprotocols);
857    
858     r->hmac_set (octx);
859 pcg 1.10 send_vpn_packet (r, si);
860 pcg 1.1
861     delete r;
862     }
863    
864 pcg 1.66 inline void
865 pcg 1.60 connection::establish_connection_cb (ev::timer &w, int revents)
866 pcg 1.1 {
867 root 1.92 if (!(ictx && octx)
868 pcg 1.25 && conf != THISNODE
869     && connectmode != conf_node::C_NEVER
870     && connectmode != conf_node::C_DISABLED
871 pcg 1.60 && !w.is_active ())
872 pcg 1.1 {
873 pcg 1.67 // a bit hacky, if ondemand, and packets are no longer queued, then reset the connection
874     // and stop trying. should probably be handled by a per-connection expire handler.
875     if (connectmode == conf_node::C_ONDEMAND && vpn_queue.empty () && data_queue.empty ())
876     {
877     reset_connection ();
878     return;
879     }
880    
881 pcg 1.68 last_establish_attempt = ev_now ();
882    
883 pcg 1.60 ev::tstamp retry_int = ev::tstamp (retry_cnt & 3
884     ? (retry_cnt & 3) + 1
885     : 1 << (retry_cnt >> 2));
886 pcg 1.1
887 pcg 1.47 reset_si ();
888 pcg 1.1
889 pcg 1.47 bool slow = si.prot & PROT_SLOW;
890 pcg 1.8
891 pcg 1.73 if (si.prot && !si.host && vpn->can_direct (THISNODE, conf))
892 pcg 1.60 {
893     /*TODO*/ /* start the timer so we don't recurse endlessly */
894     w.start (1);
895 pcg 1.74 vpn->send_connect_request (this);
896 pcg 1.60 }
897 pcg 1.8 else
898 pcg 1.1 {
899 pcg 1.73 if (si.valid ())
900     slog (L_DEBUG, _("%s: sending direct connection request to %s."),
901     conf->nodename, (const char *)si);
902 pcg 1.61
903 pcg 1.8 const sockinfo &dsi = forward_si (si);
904 pcg 1.6
905 pcg 1.47 slow = slow || (dsi.prot & PROT_SLOW);
906    
907 pcg 1.8 if (dsi.valid () && auth_rate_limiter.can (dsi))
908     {
909     if (retry_cnt < 4)
910     send_auth_request (dsi, true);
911     else
912     send_ping (dsi, 0);
913     }
914 pcg 1.1 }
915 pcg 1.47
916 pcg 1.68 retry_int *= slow ? 8. : 0.9;
917 pcg 1.47
918     if (retry_int < conf->max_retry)
919     retry_cnt++;
920     else
921     retry_int = conf->max_retry;
922    
923 pcg 1.60 w.start (retry_int);
924 pcg 1.1 }
925     }
926    
927     void
928     connection::reset_connection ()
929     {
930     if (ictx && octx)
931     {
932     slog (L_INFO, _("%s(%s): connection lost"),
933     conf->nodename, (const char *)si);
934    
935     if (::conf.script_node_down)
936 pcg 1.64 {
937 pcg 1.70 run_script_cb *cb = new run_script_cb;
938     cb->set<connection, &connection::script_node_down> (this);
939     run_script_queued (cb, _("node-down command execution failed, continuing."));
940 pcg 1.64 }
941 pcg 1.1 }
942    
943     delete ictx; ictx = 0;
944     delete octx; octx = 0;
945    
946 pcg 1.38 si.host = 0;
947 pcg 1.1
948 root 1.98 have_snd_auth = false;
949     have_rcv_auth = false;
950     auth_expire = 0.;
951    
952 pcg 1.73 last_activity = 0.;
953     //last_si_change = 0.;
954 pcg 1.1 retry_cnt = 0;
955    
956 pcg 1.25 rekey.stop ();
957     keepalive.stop ();
958     establish_connection.stop ();
959 pcg 1.1 }
960    
961     void
962     connection::shutdown ()
963     {
964     if (ictx && octx)
965     send_reset (si);
966    
967     reset_connection ();
968     }
969    
970 pcg 1.73 // poor-man's rekeying
971 pcg 1.66 inline void
972 pcg 1.60 connection::rekey_cb (ev::timer &w, int revents)
973 pcg 1.1 {
974     reset_connection ();
975     establish_connection ();
976     }
977    
978     void
979 pcg 1.21 connection::send_data_packet (tap_packet *pkt)
980 pcg 1.1 {
981     vpndata_packet *p = new vpndata_packet;
982     int tos = 0;
983    
984 pcg 1.12 // I am not hilarious about peeking into packets, but so be it.
985 pcg 1.21 if (conf->inherit_tos && pkt->is_ipv4 ())
986 pcg 1.1 tos = (*pkt)[15] & IPTOS_TOS_MASK;
987    
988 pcg 1.21 p->setup (this, conf->id, &((*pkt)[6 + 6]), pkt->len - 6 - 6, ++oseqno); // skip 2 macs
989 pcg 1.10 send_vpn_packet (p, si, tos);
990 pcg 1.1
991     delete p;
992    
993     if (oseqno > MAX_SEQNO)
994     rekey ();
995     }
996    
997     void
998 pcg 1.68 connection::post_inject_queue ()
999     {
1000     // force a connection every now and when when packets are sent (max 1/s)
1001     if (ev_now () - last_establish_attempt >= 0.95) // arbitrary
1002     establish_connection.stop ();
1003    
1004     establish_connection ();
1005     }
1006    
1007     void
1008     connection::inject_data_packet (tap_packet *pkt)
1009 pcg 1.1 {
1010     if (ictx && octx)
1011 pcg 1.21 send_data_packet (pkt);
1012 pcg 1.1 else
1013     {
1014 pcg 1.68 data_queue.put (new tap_packet (*pkt));
1015     post_inject_queue ();
1016 pcg 1.1 }
1017     }
1018    
1019 root 1.90 void
1020     connection::inject_vpn_packet (vpn_packet *pkt, int tos)
1021 pcg 1.8 {
1022     if (ictx && octx)
1023 pcg 1.10 send_vpn_packet (pkt, si, tos);
1024 pcg 1.8 else
1025 pcg 1.12 {
1026 pcg 1.28 vpn_queue.put ((vpn_packet *)new data_packet (*(data_packet *)pkt));
1027 pcg 1.68 post_inject_queue ();
1028 pcg 1.12 }
1029 pcg 1.8 }
1030    
1031 pcg 1.1 void
1032     connection::recv_vpn_packet (vpn_packet *pkt, const sockinfo &rsi)
1033     {
1034 pcg 1.62 last_activity = ev_now ();
1035 pcg 1.1
1036 root 1.91 slog (L_NOISE, "%s >> received packet type %d from %d to %d.",
1037 pcg 1.79 conf->nodename, pkt->typ (), pkt->src (), pkt->dst ());
1038 pcg 1.1
1039 pcg 1.61 if (connectmode == conf_node::C_DISABLED)
1040     return;
1041    
1042 pcg 1.1 switch (pkt->typ ())
1043     {
1044 pcg 1.3 case vpn_packet::PT_PING:
1045 pcg 1.79 slog (L_TRACE, "%s >> PT_PING", conf->nodename);
1046    
1047 pcg 1.3 // we send pings instead of auth packets after some retries,
1048     // so reset the retry counter and establish a connection
1049     // when we receive a ping.
1050 root 1.89 if (!ictx)
1051 pcg 1.3 {
1052     if (auth_rate_limiter.can (rsi))
1053     send_auth_request (rsi, true);
1054     }
1055     else
1056 root 1.89 // we would love to change the socket address here, but ping's aren't
1057 pcg 1.73 // authenticated, so we best ignore it.
1058 pcg 1.3 send_ping (rsi, 1); // pong
1059    
1060     break;
1061    
1062     case vpn_packet::PT_PONG:
1063 pcg 1.79 slog (L_TRACE, "%s >> PT_PONG", conf->nodename);
1064 root 1.89
1065     // a PONG might mean that the other side doesn't really know
1066     // about our desire for communication.
1067     establish_connection ();
1068 pcg 1.3 break;
1069    
1070     case vpn_packet::PT_RESET:
1071 pcg 1.1 {
1072 pcg 1.3 reset_connection ();
1073    
1074     config_packet *p = (config_packet *) pkt;
1075    
1076 root 1.103 if (p->chk_config (conf, rsi) && connectmode == conf_node::C_ALWAYS)
1077 pcg 1.3 establish_connection ();
1078 pcg 1.1 }
1079 pcg 1.3 break;
1080    
1081     case vpn_packet::PT_AUTH_REQ:
1082     if (auth_rate_limiter.can (rsi))
1083     {
1084 root 1.93 auth_req_packet *p = (auth_req_packet *)pkt;
1085 pcg 1.3
1086 root 1.93 slog (L_TRACE, "%s >> PT_AUTH_REQ(%s,p%02x,f%02x)",
1087     conf->nodename, p->initiate ? "initiate" : "reply",
1088     p->protocols, p->features);
1089 pcg 1.1
1090 root 1.103 if (memcmp (p->magic, MAGIC, 8))
1091     {
1092     slog (L_WARN, _("%s(%s): protocol magic mismatch - stray packet?"),
1093     conf->nodename, (const char *)rsi);
1094     }
1095     else if (p->chk_config (conf, rsi))
1096 pcg 1.3 {
1097     if (p->prot_minor != PROTOCOL_MINOR)
1098     slog (L_INFO, _("%s(%s): protocol minor version mismatch: ours is %d, %s's is %d."),
1099     conf->nodename, (const char *)rsi,
1100     PROTOCOL_MINOR, conf->nodename, p->prot_minor);
1101    
1102     if (p->initiate)
1103     send_auth_request (rsi, false);
1104    
1105 root 1.98 auth_data auth;
1106 pcg 1.3
1107 root 1.98 if (!auth_decrypt (::conf.rsa_key, p->encr, auth))
1108 pcg 1.23 {
1109     slog (L_ERR, _("%s(%s): challenge illegal or corrupted (%s). mismatched key or config file?"),
1110     conf->nodename, (const char *)rsi, ERR_error_string (ERR_get_error (), 0));
1111     }
1112 pcg 1.3 else
1113     {
1114 root 1.98 bool chg = !have_rcv_auth || memcmp (&rcv_auth, &auth, sizeof auth);
1115 pcg 1.1
1116 root 1.98 rcv_auth = auth;
1117     have_rcv_auth = true;
1118 pcg 1.1
1119 root 1.98 send_auth_response (rsi);
1120 pcg 1.10
1121 root 1.98 if (chg)
1122     {
1123     conf->protocols = p->protocols;
1124     features = p->features & config_packet::get_features ();
1125 pcg 1.3
1126 root 1.98 connection_established (rsi);
1127     }
1128     }
1129 pcg 1.10
1130 root 1.98 break;
1131 pcg 1.3 }
1132    
1133     send_reset (rsi);
1134 pcg 1.1 }
1135    
1136 pcg 1.3 break;
1137    
1138     case vpn_packet::PT_AUTH_RES:
1139 pcg 1.1 {
1140 pcg 1.79 auth_res_packet *p = (auth_res_packet *)pkt;
1141 pcg 1.1
1142 pcg 1.81 slog (L_TRACE, "%s >> PT_AUTH_RES", conf->nodename);
1143 pcg 1.1
1144 root 1.104 auth_mac local_mac;
1145     auth_hash (snd_auth, p->response.ecdh, local_mac);
1146    
1147     if (memcmp (&p->response.mac, local_mac, sizeof local_mac))
1148 pcg 1.1 {
1149 root 1.103 slog (L_ERR, _("%s(%s): unrequested or outdated auth response, ignoring."),
1150     conf->nodename, (const char *)rsi);
1151     }
1152     else if (!have_snd_auth)
1153     {
1154 root 1.104 memcpy (snd_ecdh_b, p->response.ecdh, sizeof snd_ecdh_b);
1155 root 1.98
1156 root 1.103 have_snd_auth = true;
1157     connection_established (rsi);
1158 pcg 1.1 }
1159     }
1160 pcg 1.3 break;
1161 pcg 1.1
1162 pcg 1.3 case vpn_packet::PT_DATA_COMPRESSED:
1163     #if !ENABLE_COMPRESSION
1164     send_reset (rsi);
1165     break;
1166     #endif
1167 pcg 1.1
1168 pcg 1.3 case vpn_packet::PT_DATA_UNCOMPRESSED:
1169 pcg 1.1
1170 pcg 1.3 if (ictx && octx)
1171 pcg 1.1 {
1172 pcg 1.3 vpndata_packet *p = (vpndata_packet *)pkt;
1173 pcg 1.1
1174 pcg 1.10 if (!p->hmac_chk (ictx))
1175     slog (L_ERR, _("%s(%s): hmac authentication error, received invalid packet\n"
1176 pcg 1.73 "could be an attack, or just corruption or a synchronization error."),
1177 pcg 1.10 conf->nodename, (const char *)rsi);
1178     else
1179 pcg 1.1 {
1180 pcg 1.10 u32 seqno;
1181     tap_packet *d = p->unpack (this, seqno);
1182 pcg 1.73 int seqclass = iseqno.seqno_classify (seqno);
1183 pcg 1.10
1184 pcg 1.73 if (seqclass == 0) // ok
1185 pcg 1.1 {
1186 pcg 1.10 vpn->tap->send (d);
1187 pcg 1.1
1188 pcg 1.10 if (si != rsi)
1189 pcg 1.1 {
1190 pcg 1.56 // fast re-sync on source address changes, useful especially for tcp/ip
1191 pcg 1.73 //if (last_si_change < ev_now () + 5.)
1192     // {
1193 pcg 1.78 slog (L_INFO, _("%s(%s): changing socket address to %s."),
1194     conf->nodename, (const char *)si, (const char *)rsi);
1195    
1196 pcg 1.73 si = rsi;
1197 pcg 1.84
1198     if (::conf.script_node_change)
1199     {
1200     run_script_cb *cb = new run_script_cb;
1201     cb->set<connection, &connection::script_node_change> (this);
1202     run_script_queued (cb, _("node-change command execution failed, continuing."));
1203     }
1204    
1205 pcg 1.73 // }
1206     //else
1207     // slog (L_INFO, _("%s(%s): accepted packet from %s, not (yet) redirecting traffic."),
1208     // conf->nodename, (const char *)si, (const char *)rsi);
1209 pcg 1.10 }
1210 pcg 1.32 }
1211 pcg 1.75 else if (seqclass == 1) // far history
1212     slog (L_ERR, _("received very old packet (received %08lx, expected %08lx). "
1213     "possible replay attack, or just packet duplication/delay, ignoring."), seqno, iseqno.seq + 1);
1214     else if (seqclass == 2) // in-window duplicate, happens often on wireless
1215     slog (L_DEBUG, _("received recent duplicated packet (received %08lx, expected %08lx). "
1216     "possible replay attack, or just packet duplication, ignoring."), seqno, iseqno.seq + 1);
1217     else if (seqclass == 3) // reset
1218 pcg 1.73 {
1219 pcg 1.75 slog (L_ERR, _("received out-of-sync (far future) packet (received %08lx, expected %08lx). "
1220     "probably just massive packet loss, sending reset."), seqno, iseqno.seq + 1);
1221 pcg 1.73 send_reset (rsi);
1222     }
1223 pcg 1.3
1224 pcg 1.32 delete d;
1225     break;
1226 pcg 1.1 }
1227     }
1228    
1229 pcg 1.3 send_reset (rsi);
1230     break;
1231 pcg 1.1
1232 pcg 1.3 case vpn_packet::PT_CONNECT_REQ:
1233     if (ictx && octx && rsi == si && pkt->hmac_chk (ictx))
1234     {
1235 pcg 1.84 connect_req_packet *p = (connect_req_packet *)pkt;
1236 pcg 1.1
1237 pcg 1.57 if (p->id > 0 && p->id <= vpn->conns.size ())
1238     {
1239     connection *c = vpn->conns[p->id - 1];
1240     conf->protocols = p->protocols;
1241 pcg 1.1
1242 root 1.93 slog (L_TRACE, "%s >> PT_CONNECT_REQ(%s,p%02x) [%d]",
1243     conf->nodename, vpn->conns[p->id - 1]->conf->nodename,
1244     p->protocols,
1245     c->ictx && c->octx);
1246 pcg 1.1
1247 pcg 1.57 if (c->ictx && c->octx)
1248     {
1249     // send connect_info packets to both sides, in case one is
1250     // behind a nat firewall (or both ;)
1251     c->send_connect_info (conf->id, si, conf->protocols);
1252     send_connect_info (c->conf->id, c->si, c->conf->protocols);
1253     }
1254     else
1255     c->establish_connection ();
1256 pcg 1.3 }
1257 pcg 1.11 else
1258 pcg 1.57 slog (L_WARN,
1259     _("received authenticated connection request from unknown node #%d, config file mismatch?"),
1260     p->id);
1261 pcg 1.3 }
1262 pcg 1.1
1263 pcg 1.3 break;
1264 pcg 1.1
1265 pcg 1.3 case vpn_packet::PT_CONNECT_INFO:
1266     if (ictx && octx && rsi == si && pkt->hmac_chk (ictx))
1267     {
1268 pcg 1.39 connect_info_packet *p = (connect_info_packet *)pkt;
1269 pcg 1.1
1270 pcg 1.57 if (p->id > 0 && p->id <= vpn->conns.size ())
1271 pcg 1.39 {
1272     connection *c = vpn->conns[p->id - 1];
1273 pcg 1.7
1274 pcg 1.39 c->conf->protocols = p->protocols;
1275     protocol = best_protocol (c->conf->protocols & THISNODE->protocols & p->si.supported_protocols (c->conf));
1276     p->si.upgrade_protocol (protocol, c->conf);
1277 pcg 1.1
1278 root 1.96 slog (L_TRACE, "%s >> PT_CONNECT_INFO(%s,%s,protocols=%02x,protocol=%02x,upgradable=%02x) [%d]",
1279 root 1.93 conf->nodename,
1280     vpn->conns[p->id - 1]->conf->nodename,
1281     (const char *)p->si,
1282     p->protocols,
1283 root 1.96 protocol,
1284     p->si.supported_protocols (c->conf),
1285 root 1.93 !c->ictx && !c->octx);
1286 pcg 1.7
1287 pcg 1.39 const sockinfo &dsi = forward_si (p->si);
1288 pcg 1.1
1289 pcg 1.39 if (dsi.valid ())
1290     c->send_auth_request (dsi, true);
1291 root 1.96 else
1292     slog (L_INFO, "connect info for %s received (%s), but still unable to contact.",
1293     vpn->conns[p->id - 1]->conf->nodename,
1294     (const char *)p->si);
1295 pcg 1.39 }
1296 pcg 1.57 else
1297     slog (L_WARN,
1298     _("received authenticated connection request from unknown node #%d, config file mismatch?"),
1299     p->id);
1300 pcg 1.3 }
1301 pcg 1.1
1302 pcg 1.3 break;
1303 pcg 1.1
1304 pcg 1.3 default:
1305     send_reset (rsi);
1306     break;
1307 pcg 1.1 }
1308     }
1309    
1310 pcg 1.66 inline void
1311     connection::keepalive_cb (ev::timer &w, int revents)
1312 pcg 1.1 {
1313 root 1.97 ev_tstamp when = last_activity + ::conf.keepalive - ev::now ();
1314    
1315     if (when >= 0)
1316     w.start (when);
1317     else if (when < -15)
1318 pcg 1.1 {
1319     reset_connection ();
1320     establish_connection ();
1321     }
1322     else if (conf->connectmode != conf_node::C_ONDEMAND
1323     || THISNODE->connectmode != conf_node::C_ONDEMAND)
1324     {
1325 root 1.97 w.start (3);
1326 pcg 1.1 send_ping (si);
1327     }
1328 root 1.97 else if (when >= -10)
1329 pcg 1.12 // hold ondemand connections implicitly a few seconds longer
1330     // should delete octx, though, or something like that ;)
1331 root 1.97 w.start (when + 10);
1332 pcg 1.1 else
1333     reset_connection ();
1334     }
1335    
1336 root 1.90 void
1337     connection::send_connect_request (int id)
1338 pcg 1.1 {
1339 root 1.93 connect_req_packet *p = new connect_req_packet (conf->id, id, THISNODE->protocols);
1340 pcg 1.1
1341 root 1.93 slog (L_TRACE, "%s << PT_CONNECT_REQ(%s,p%02x)",
1342     conf->nodename, vpn->conns[id - 1]->conf->nodename,
1343     THISNODE->protocols);
1344 pcg 1.1 p->hmac_set (octx);
1345 pcg 1.10 send_vpn_packet (p, si);
1346 pcg 1.1
1347     delete p;
1348     }
1349    
1350 root 1.90 void
1351     connection::script_init_env (const char *ext)
1352 pcg 1.53 {
1353     char *env;
1354     asprintf (&env, "IFUPDATA%s=%s", ext, conf->if_up_data); putenv (env);
1355 pcg 1.84 asprintf (&env, "NODENAME%s=%s", ext, conf->nodename); putenv (env);
1356 pcg 1.53 asprintf (&env, "MAC%s=%02x:%02x:%02x:%02x:%02x:%02x", ext,
1357     0xfe, 0xfd, 0x80, 0x00, conf->id >> 8,
1358 pcg 1.84 conf->id & 0xff); putenv (env);
1359 pcg 1.53 }
1360    
1361 root 1.90 void
1362     connection::script_init_connect_env ()
1363 pcg 1.1 {
1364 pcg 1.52 vpn->script_init_env ();
1365 pcg 1.1
1366     char *env;
1367 pcg 1.84 asprintf (&env, "DESTID=%d", conf->id); putenv (env);
1368     asprintf (&env, "DESTSI=%s", (const char *)si); putenv (env);
1369     asprintf (&env, "DESTNODE=%s", conf->nodename); putenv (env);
1370     asprintf (&env, "DESTIP=%s", si.ntoa ()); putenv (env);
1371     asprintf (&env, "DESTPORT=%d", ntohs (si.port)); putenv (env);
1372 pcg 1.1 }
1373    
1374 pcg 1.66 inline const char *
1375     connection::script_node_up ()
1376 pcg 1.1 {
1377 pcg 1.53 script_init_connect_env ();
1378 pcg 1.1
1379 pcg 1.60 putenv ((char *)"STATE=up");
1380 pcg 1.1
1381 pcg 1.52 char *filename;
1382     asprintf (&filename,
1383     "%s/%s",
1384     confbase,
1385     ::conf.script_node_up ? ::conf.script_node_up : "node-up");
1386 pcg 1.54
1387     return filename;
1388 pcg 1.1 }
1389    
1390 pcg 1.66 inline const char *
1391 pcg 1.84 connection::script_node_change ()
1392     {
1393     script_init_connect_env ();
1394    
1395     putenv ((char *)"STATE=change");
1396    
1397     char *filename;
1398     asprintf (&filename,
1399     "%s/%s",
1400     confbase,
1401     ::conf.script_node_change ? ::conf.script_node_change : "node-change");
1402    
1403     return filename;
1404     }
1405    
1406     inline const char *
1407 pcg 1.66 connection::script_node_down ()
1408 pcg 1.1 {
1409 pcg 1.53 script_init_connect_env ();
1410 pcg 1.1
1411 pcg 1.60 putenv ((char *)"STATE=down");
1412 pcg 1.1
1413 pcg 1.52 char *filename;
1414     asprintf (&filename,
1415     "%s/%s",
1416     confbase,
1417     ::conf.script_node_down ? ::conf.script_node_down : "node-down");
1418 pcg 1.54
1419     return filename;
1420 pcg 1.1 }
1421    
1422 pcg 1.40 connection::connection (struct vpn *vpn, conf_node *conf)
1423 pcg 1.67 : vpn(vpn), conf(conf),
1424 pcg 1.40 #if ENABLE_DNS
1425 pcg 1.67 dns (0),
1426 pcg 1.40 #endif
1427 pcg 1.72 data_queue(conf->max_ttl, conf->max_queue + 1),
1428     vpn_queue(conf->max_ttl, conf->max_queue + 1)
1429 pcg 1.1 {
1430 pcg 1.65 rekey .set<connection, &connection::rekey_cb > (this);
1431     keepalive .set<connection, &connection::keepalive_cb > (this);
1432     establish_connection.set<connection, &connection::establish_connection_cb> (this);
1433    
1434 pcg 1.68 last_establish_attempt = 0.;
1435 pcg 1.1 octx = ictx = 0;
1436    
1437 pcg 1.67 connectmode = conf->connectmode;
1438    
1439     // queue a dummy packet to force an initial connection attempt
1440     if (connectmode != conf_node::C_ALWAYS && connectmode != conf_node::C_DISABLED)
1441 pcg 1.68 vpn_queue.put (new net_packet);
1442 pcg 1.67
1443 pcg 1.1 reset_connection ();
1444     }
1445    
1446     connection::~connection ()
1447     {
1448     shutdown ();
1449     }
1450    
1451 root 1.90 void
1452     connection_init ()
1453 pcg 1.1 {
1454     auth_rate_limiter.clear ();
1455     reset_rate_limiter.clear ();
1456     }
1457