ViewVC Help
View File | Revision Log | Show Annotations | Download File
/cvs/gvpe/src/connection.C
Revision: 1.111
Committed: Thu Jan 16 07:53:44 2014 UTC (10 years, 4 months ago) by root
Content type: text/plain
Branch: MAIN
Changes since 1.110: +0 -1 lines
Log Message: 
*** empty log message ***

File Contents

# User Rev Content
1 pcg 1.1 /*
2     connection.C -- manage a single connection
3 root 1.98 Copyright (C) 2003-2008,2010,2011,2013 Marc Lehmann <gvpe@schmorp.de>
4 pcg 1.1
5 pcg 1.42 This file is part of GVPE.
6    
7 pcg 1.69 GVPE is free software; you can redistribute it and/or modify it
8     under the terms of the GNU General Public License as published by the
9     Free Software Foundation; either version 3 of the License, or (at your
10     option) any later version.
11    
12     This program is distributed in the hope that it will be useful, but
13     WITHOUT ANY WARRANTY; without even the implied warranty of
14     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General
15     Public License for more details.
16    
17     You should have received a copy of the GNU General Public License along
18     with this program; if not, see <http://www.gnu.org/licenses/>.
19    
20     Additional permission under GNU GPL version 3 section 7
21    
22     If you modify this Program, or any covered work, by linking or
23     combining it with the OpenSSL project's OpenSSL library (or a modified
24     version of that library), containing parts covered by the terms of the
25     OpenSSL or SSLeay licenses, the licensors of this Program grant you
26     additional permission to convey the resulting work. Corresponding
27     Source for a non-source form of such a combination shall include the
28     source code for the parts of OpenSSL used as well as that of the
29     covered work.
30 pcg 1.1 */
31    
32     #include "config.h"
33    
34     #include <list>
35 pcg 1.70 #include <queue>
36     #include <utility>
37 pcg 1.1
38 root 1.107 #include <openssl/opensslv.h>
39 pcg 1.2 #include <openssl/rand.h>
40     #include <openssl/evp.h>
41     #include <openssl/rsa.h>
42     #include <openssl/err.h>
43    
44 root 1.107 // openssl 0.9.8 compatibility
45     #if OPENSSL_VERSION_NUMBER < 0x10100000
46     #define require101(exp) exp
47     #else
48     #define require101(exp) equire (exp)
49     #endif
50    
51 pcg 1.1 #include "conf.h"
52     #include "slog.h"
53     #include "device.h"
54 pcg 1.2 #include "vpn.h"
55 pcg 1.1 #include "connection.h"
56 root 1.98 #include "hkdf.h"
57 pcg 1.1
58 pcg 1.20 #include "netcompat.h"
59 pcg 1.19
60 root 1.98 #define MAGIC "gvpe\xbd\xc6\xdb\x82" // 8 bytes of magic
61 pcg 1.30
62     #define ULTRA_FAST 1
63     #define HLOG 15
64     #include "lzf/lzf.h"
65     #include "lzf/lzf_c.c"
66     #include "lzf/lzf_d.c"
67 pcg 1.1
68 pcg 1.70 //////////////////////////////////////////////////////////////////////////////
69    
70     static std::queue< std::pair<run_script_cb *, const char *> > rs_queue;
71     static ev::child rs_child_ev;
72    
73 root 1.90 namespace
74 pcg 1.70 {
75 root 1.90 void // c++ requires external linkage here, apparently :(
76     rs_child_cb (ev::child &w, int revents)
77     {
78     w.stop ();
79 pcg 1.70
80 root 1.90 if (rs_queue.empty ())
81     return;
82 pcg 1.70
83 root 1.90 pid_t pid = run_script (*rs_queue.front ().first, false);
84     if (pid)
85     {
86     w.set (pid);
87     w.start ();
88     }
89     else
90     slog (L_WARN, rs_queue.front ().second);
91 pcg 1.70
92 root 1.90 delete rs_queue.front ().first;
93     rs_queue.pop ();
94     }
95     };
96 pcg 1.70
97     // despite the fancy name, this is quite a hack
98     static void
99     run_script_queued (run_script_cb *cb, const char *warnmsg)
100     {
101     rs_queue.push (std::make_pair (cb, warnmsg));
102    
103     if (!rs_child_ev.is_active ())
104     {
105     rs_child_ev.set<rs_child_cb> ();
106     rs_child_ev ();
107     }
108     }
109    
110     //////////////////////////////////////////////////////////////////////////////
111    
112 pcg 1.1 struct crypto_ctx
113     {
114     EVP_CIPHER_CTX cctx;
115     HMAC_CTX hctx;
116    
117 root 1.98 crypto_ctx (const auth_data &auth1, const auth_data &auth2, const ecdh_key &a, const ecdh_key &b, int enc);
118 pcg 1.1 ~crypto_ctx ();
119     };
120    
121 root 1.98 crypto_ctx::crypto_ctx (const auth_data &auth1, const auth_data &auth2, const ecdh_key &a, const ecdh_key &b, int enc)
122 pcg 1.1 {
123 root 1.98 ecdh_key s;
124    
125     curve25519_combine (a, b, s);
126    
127     {
128     u8 mac_key[MAC_KEYSIZE];
129     static const unsigned char mac_info[] = "gvpe mac key";
130    
131 root 1.99 hkdf kdf (auth2.rsa.hkdf_salt, sizeof (auth2.rsa.hkdf_salt), HKDF_XTR_HASH ());
132 root 1.98 kdf.extract (auth1.rsa.mac_key, sizeof (auth1.rsa.mac_key));
133     kdf.extract (s, sizeof (s));
134 root 1.99 kdf.extract_done (HKDF_PRF_HASH ());
135 root 1.98 kdf.expand (mac_key, sizeof (mac_key), mac_info, sizeof (mac_info));
136    
137     HMAC_CTX_init (&hctx);
138 root 1.107 require101 (HMAC_Init_ex (&hctx, mac_key, MAC_KEYSIZE, MAC_DIGEST (), 0));
139 root 1.98 }
140    
141     {
142     u8 cipher_key[CIPHER_KEYSIZE];
143     static const unsigned char cipher_info[] = "gvpe cipher key";
144    
145 root 1.99 hkdf kdf (auth2.rsa.hkdf_salt, sizeof (auth2.rsa.hkdf_salt), HKDF_XTR_HASH ());
146 root 1.98 kdf.extract (auth1.rsa.cipher_key, sizeof (auth1.rsa.cipher_key));
147     kdf.extract (s, sizeof (s));
148 root 1.99 kdf.extract_done (HKDF_PRF_HASH ());
149 root 1.98 kdf.expand (cipher_key, sizeof (cipher_key), cipher_info, sizeof (cipher_info));
150    
151     EVP_CIPHER_CTX_init (&cctx);
152     require (EVP_CipherInit_ex (&cctx, CIPHER (), 0, cipher_key, 0, enc));
153     }
154 pcg 1.1 }
155    
156     crypto_ctx::~crypto_ctx ()
157     {
158 pcg 1.29 require (EVP_CIPHER_CTX_cleanup (&cctx));
159 pcg 1.1 HMAC_CTX_cleanup (&hctx);
160     }
161    
162 root 1.98 static inline void
163     auth_encrypt (RSA *key, const auth_data &auth, auth_encr &encr)
164 pcg 1.1 {
165 root 1.98 if (RSA_public_encrypt (sizeof (auth.rsa),
166     (unsigned char *)&auth.rsa, (unsigned char *)&encr.rsa,
167     key, RSA_PKCS1_OAEP_PADDING) < 0)
168     fatal ("RSA_public_encrypt error");
169 root 1.100
170     memcpy (&encr.ecdh, &auth.ecdh, sizeof (encr.ecdh));
171 pcg 1.1 }
172    
173 root 1.98 static inline bool
174     auth_decrypt (RSA *key, const auth_encr &encr, auth_data &auth)
175 pcg 1.63 {
176 root 1.98 u8 rsa_decrypt[RSA_KEYLEN];
177 pcg 1.1
178 root 1.98 if (RSA_private_decrypt (sizeof (encr.rsa),
179     (const unsigned char *)&encr.rsa, (unsigned char *)rsa_decrypt,
180     key, RSA_PKCS1_OAEP_PADDING) != sizeof (auth.rsa))
181     return 0;
182 pcg 1.1
183 root 1.98 memcpy (&auth.rsa, rsa_decrypt, sizeof (auth.rsa));
184 root 1.100 memcpy (&auth.ecdh, &encr.ecdh, sizeof (auth.ecdh));
185 pcg 1.1
186 root 1.98 return 1;
187     }
188 pcg 1.1
189 root 1.98 static void
190 root 1.104 auth_hash (const auth_data &auth, const ecdh_key &b, auth_mac &mac)
191 root 1.98 {
192 root 1.106 hkdf kdf (b, sizeof b, AUTH_DIGEST ()); // use response ecdh b as salt
193 root 1.104 kdf.extract (&auth.rsa, sizeof (auth.rsa));
194     kdf.extract_done ();
195 root 1.106 kdf.expand (mac, sizeof mac, auth.ecdh, sizeof (auth.ecdh)); // use challenge ecdh b as info
196 root 1.98 }
197 pcg 1.1
198 root 1.90 void
199 root 1.98 connection::generate_auth_data ()
200 pcg 1.1 {
201 root 1.98 if (auth_expire < ev_now ())
202 pcg 1.1 {
203 root 1.98 // request data
204 root 1.101 rand_fill (snd_auth.rsa);
205 root 1.98 curve25519_generate (snd_ecdh_a, snd_auth.ecdh);
206    
207     // eventual response data
208     curve25519_generate (rcv_ecdh_a, rcv_ecdh_b);
209 pcg 1.1 }
210 root 1.98
211     // every use prolongs the expiry
212     auth_expire = ev_now () + AUTH_TTL;
213 pcg 1.1 }
214    
215     //////////////////////////////////////////////////////////////////////////////
216    
217 pcg 1.67 pkt_queue::pkt_queue (double max_ttl, int max_queue)
218     : max_ttl (max_ttl), max_queue (max_queue)
219 pcg 1.1 {
220 pcg 1.67 queue = new pkt [max_queue];
221    
222     i = 0;
223     j = 0;
224    
225     expire.set<pkt_queue, &pkt_queue::expire_cb> (this);
226     }
227 pcg 1.1
228 pcg 1.67 pkt_queue::~pkt_queue ()
229     {
230     while (net_packet *p = get ())
231     delete p;
232 pcg 1.1
233 pcg 1.67 delete [] queue;
234 pcg 1.1 }
235    
236 root 1.90 void
237     pkt_queue::expire_cb (ev::timer &w, int revents)
238 pcg 1.1 {
239 pcg 1.67 ev_tstamp expire = ev_now () - max_ttl;
240 pcg 1.1
241 pcg 1.67 for (;;)
242 pcg 1.1 {
243 pcg 1.67 if (empty ())
244     break;
245    
246     double diff = queue[j].tstamp - expire;
247    
248     if (diff >= 0.)
249     {
250     w.start (diff > 0.5 ? diff : 0.5);
251     break;
252     }
253    
254     delete get ();
255 pcg 1.1 }
256     }
257    
258 root 1.90 void
259     pkt_queue::put (net_packet *p)
260 pcg 1.1 {
261 pcg 1.67 ev_tstamp now = ev_now ();
262    
263     // start expiry timer
264     if (empty ())
265     expire.start (max_ttl);
266    
267     int ni = i + 1 == max_queue ? 0 : i + 1;
268    
269     if (ni == j)
270     delete get ();
271    
272     queue[i].pkt = p;
273     queue[i].tstamp = now;
274    
275     i = ni;
276 pcg 1.1 }
277    
278 root 1.90 net_packet *
279     pkt_queue::get ()
280 pcg 1.1 {
281 pcg 1.67 if (empty ())
282     return 0;
283    
284     net_packet *p = queue[j].pkt;
285     queue[j].pkt = 0;
286    
287     j = j + 1 == max_queue ? 0 : j + 1;
288    
289     return p;
290 pcg 1.1 }
291    
292 pcg 1.63 struct net_rateinfo
293     {
294 pcg 1.1 u32 host;
295     double pcnt, diff;
296     tstamp last;
297     };
298    
299     // only do action once every x seconds per host whole allowing bursts.
300     // this implementation ("splay list" ;) is inefficient,
301     // but low on resources.
302     struct net_rate_limiter : list<net_rateinfo>
303     {
304 pcg 1.35 # define NRL_ALPHA (1. - 1. / 600.) // allow bursts
305     # define NRL_CUTOFF 10. // one event every CUTOFF seconds
306     # define NRL_EXPIRE (NRL_CUTOFF * 30.) // expire entries after this time
307     # define NRL_MAXDIF (NRL_CUTOFF * (1. / (1. - NRL_ALPHA))) // maximum diff /count value
308 pcg 1.1
309 pcg 1.16 bool can (const sockinfo &si) { return can((u32)si.host); }
310 pcg 1.1 bool can (u32 host);
311     };
312    
313 root 1.90 static net_rate_limiter auth_rate_limiter, reset_rate_limiter;
314 pcg 1.1
315 root 1.90 bool
316     net_rate_limiter::can (u32 host)
317 pcg 1.1 {
318     iterator i;
319    
320     for (i = begin (); i != end (); )
321     if (i->host == host)
322     break;
323 pcg 1.62 else if (i->last < ev_now () - NRL_EXPIRE)
324 pcg 1.1 i = erase (i);
325     else
326     i++;
327    
328     if (i == end ())
329     {
330     net_rateinfo ri;
331    
332     ri.host = host;
333     ri.pcnt = 1.;
334 pcg 1.34 ri.diff = NRL_MAXDIF;
335 pcg 1.62 ri.last = ev_now ();
336 pcg 1.1
337     push_front (ri);
338    
339     return true;
340     }
341     else
342     {
343     net_rateinfo ri (*i);
344     erase (i);
345    
346 pcg 1.34 ri.pcnt = ri.pcnt * NRL_ALPHA;
347 pcg 1.62 ri.diff = ri.diff * NRL_ALPHA + (ev_now () - ri.last);
348 pcg 1.1
349 pcg 1.62 ri.last = ev_now ();
350 pcg 1.1
351 pcg 1.10 double dif = ri.diff / ri.pcnt;
352 pcg 1.1
353 pcg 1.34 bool send = dif > NRL_CUTOFF;
354 pcg 1.10
355 pcg 1.34 if (dif > NRL_MAXDIF)
356 pcg 1.10 {
357     ri.pcnt = 1.;
358 pcg 1.34 ri.diff = NRL_MAXDIF;
359 pcg 1.10 }
360     else if (send)
361 pcg 1.1 ri.pcnt++;
362    
363     push_front (ri);
364    
365     return send;
366     }
367     }
368    
369     /////////////////////////////////////////////////////////////////////////////
370    
371 root 1.90 void
372 root 1.104 hmac_packet::hmac_gen (crypto_ctx *ctx, u8 *hmac_digest)
373 pcg 1.1 {
374     HMAC_CTX *hctx = &ctx->hctx;
375    
376 root 1.107 require101 (HMAC_Init_ex (hctx, 0, 0, 0, 0));
377     require101 (HMAC_Update (hctx, ((unsigned char *) this) + sizeof (hmac_packet), len - sizeof (hmac_packet)));
378     require101 (HMAC_Final (hctx, hmac_digest, 0));
379 pcg 1.1 }
380    
381     void
382     hmac_packet::hmac_set (crypto_ctx *ctx)
383     {
384 root 1.104 unsigned char hmac_digest[EVP_MAX_MD_SIZE];
385     hmac_gen (ctx, hmac_digest);
386 pcg 1.1 memcpy (hmac, hmac_digest, HMACLENGTH);
387     }
388    
389     bool
390     hmac_packet::hmac_chk (crypto_ctx *ctx)
391     {
392 root 1.104 unsigned char hmac_digest[EVP_MAX_MD_SIZE];
393     hmac_gen (ctx, hmac_digest);
394 root 1.110 return slow_memeq (hmac, hmac_digest, HMACLENGTH);
395 pcg 1.1 }
396    
397 root 1.90 void
398     vpn_packet::set_hdr (ptype type_, unsigned int dst)
399 pcg 1.1 {
400 pcg 1.6 type = type_;
401 pcg 1.1
402     int src = THISNODE->id;
403    
404     src1 = src;
405     srcdst = ((src >> 8) << 4) | (dst >> 8);
406     dst1 = dst;
407     }
408    
409     #define MAXVPNDATA (MAX_MTU - 6 - 6)
410     #define DATAHDR (sizeof (u32) + RAND_SIZE)
411    
412 pcg 1.28 struct vpndata_packet : vpn_packet
413 root 1.90 {
414     u8 data[MAXVPNDATA + DATAHDR]; // seqno
415    
416     void setup (connection *conn, int dst, u8 *d, u32 len, u32 seqno);
417     tap_packet *unpack (connection *conn, u32 &seqno);
418 pcg 1.1
419     private:
420 root 1.90 const u32 data_hdr_size () const
421     {
422     return sizeof (vpndata_packet) - sizeof (net_packet) - MAXVPNDATA - DATAHDR;
423     }
424     };
425 pcg 1.1
426     void
427     vpndata_packet::setup (connection *conn, int dst, u8 *d, u32 l, u32 seqno)
428     {
429     EVP_CIPHER_CTX *cctx = &conn->octx->cctx;
430     int outl = 0, outl2;
431     ptype type = PT_DATA_UNCOMPRESSED;
432    
433     #if ENABLE_COMPRESSION
434     u8 cdata[MAX_MTU];
435    
436 pcg 1.86 if (conn->features & FEATURE_COMPRESSION)
437 pcg 1.1 {
438 pcg 1.31 u32 cl = lzf_compress (d, l, cdata + 2, (l - 2) & ~7);
439 pcg 1.1
440 pcg 1.31 if (cl)
441     {
442     type = PT_DATA_COMPRESSED;
443     d = cdata;
444     l = cl + 2;
445    
446     d[0] = cl >> 8;
447     d[1] = cl;
448     }
449 pcg 1.1 }
450     #endif
451    
452 root 1.98 require (EVP_CipherInit_ex (cctx, 0, 0, 0, 0, 1));
453 pcg 1.1
454     struct {
455     #if RAND_SIZE
456     u8 rnd[RAND_SIZE];
457     #endif
458     u32 seqno;
459     } datahdr;
460    
461     datahdr.seqno = ntohl (seqno);
462     #if RAND_SIZE
463 root 1.102 // NB: a constant (per session) random prefix
464     // is likely enough, but we don't take any chances.
465     conn->oiv.get (datahdr.rnd, RAND_SIZE);
466 pcg 1.1 #endif
467    
468 pcg 1.29 require (EVP_EncryptUpdate (cctx,
469 pcg 1.1 (unsigned char *) data + outl, &outl2,
470 pcg 1.29 (unsigned char *) &datahdr, DATAHDR));
471 pcg 1.1 outl += outl2;
472    
473 pcg 1.29 require (EVP_EncryptUpdate (cctx,
474 pcg 1.1 (unsigned char *) data + outl, &outl2,
475 pcg 1.29 (unsigned char *) d, l));
476 pcg 1.1 outl += outl2;
477    
478 pcg 1.29 require (EVP_EncryptFinal_ex (cctx, (unsigned char *) data + outl, &outl2));
479 pcg 1.1 outl += outl2;
480    
481     len = outl + data_hdr_size ();
482    
483     set_hdr (type, dst);
484    
485     hmac_set (conn->octx);
486     }
487    
488     tap_packet *
489     vpndata_packet::unpack (connection *conn, u32 &seqno)
490     {
491     EVP_CIPHER_CTX *cctx = &conn->ictx->cctx;
492     int outl = 0, outl2;
493     tap_packet *p = new tap_packet;
494     u8 *d;
495     u32 l = len - data_hdr_size ();
496    
497 root 1.98 require (EVP_CipherInit_ex (cctx, 0, 0, 0, 0, 0));
498 pcg 1.1
499     #if ENABLE_COMPRESSION
500     u8 cdata[MAX_MTU];
501    
502     if (type == PT_DATA_COMPRESSED)
503     d = cdata;
504     else
505     #endif
506 root 1.101 d = &(*p)[6 + 6] - DATAHDR;
507 pcg 1.1
508 root 1.101 // we play do evil games with the struct layout atm.
509     // pending better solutions, we at least do some verification.
510     // this is fine, as we left ISO territory long ago.
511     require (DATAHDR <= 16);
512     require ((u8 *)(&p->len + 1) == &(*p)[0]);
513    
514     // this can overwrite the len/dst/src fields
515 pcg 1.29 require (EVP_DecryptUpdate (cctx,
516 pcg 1.1 d, &outl2,
517 pcg 1.29 (unsigned char *)&data, len - data_hdr_size ()));
518 pcg 1.1 outl += outl2;
519    
520 pcg 1.29 require (EVP_DecryptFinal_ex (cctx, (unsigned char *)d + outl, &outl2));
521 pcg 1.1 outl += outl2;
522    
523     seqno = ntohl (*(u32 *)(d + RAND_SIZE));
524    
525     id2mac (dst () ? dst() : THISNODE->id, p->dst);
526     id2mac (src (), p->src);
527    
528     #if ENABLE_COMPRESSION
529     if (type == PT_DATA_COMPRESSED)
530     {
531     u32 cl = (d[DATAHDR] << 8) | d[DATAHDR + 1];
532    
533     p->len = lzf_decompress (d + DATAHDR + 2, cl < MAX_MTU ? cl : 0,
534     &(*p)[6 + 6], MAX_MTU)
535     + 6 + 6;
536     }
537     else
538     p->len = outl + (6 + 6 - DATAHDR);
539     #endif
540    
541     return p;
542     }
543    
544     struct ping_packet : vpn_packet
545     {
546     void setup (int dst, ptype type)
547     {
548     set_hdr (type, dst);
549     len = sizeof (*this) - sizeof (net_packet);
550     }
551     };
552    
553     struct config_packet : vpn_packet
554     {
555 root 1.103 u8 serial[SERIAL_SIZE];
556 root 1.98 u8 prot_major, prot_minor, randsize;
557     u8 flags, features, pad6, pad7, pad8;
558     u32 cipher_nid, mac_nid, auth_nid;
559 pcg 1.1
560     void setup (ptype type, int dst);
561 root 1.103 bool chk_config (const conf_node *conf, const sockinfo &rsi) const;
562 pcg 1.32
563     static u8 get_features ()
564     {
565     u8 f = 0;
566     #if ENABLE_COMPRESSION
567     f |= FEATURE_COMPRESSION;
568     #endif
569     #if ENABLE_ROHC
570     f |= FEATURE_ROHC;
571     #endif
572 pcg 1.59 #if ENABLE_BRIDGING
573     f |= FEATURE_BRIDGING;
574     #endif
575 pcg 1.32 return f;
576     }
577 pcg 1.1 };
578    
579 root 1.90 void
580     config_packet::setup (ptype type, int dst)
581 pcg 1.1 {
582     prot_major = PROTOCOL_MAJOR;
583     prot_minor = PROTOCOL_MINOR;
584     randsize = RAND_SIZE;
585 pcg 1.48 flags = 0;
586 pcg 1.32 features = get_features ();
587 pcg 1.1
588 root 1.103 strncpy ((char *)serial, conf.serial, sizeof (serial));
589    
590 root 1.98 cipher_nid = htonl (EVP_CIPHER_nid (CIPHER ()));
591     mac_nid = htonl (EVP_MD_type (MAC_DIGEST ()));
592     auth_nid = htonl (EVP_MD_type (AUTH_DIGEST ()));
593 pcg 1.1
594     len = sizeof (*this) - sizeof (net_packet);
595     set_hdr (type, dst);
596     }
597    
598 root 1.90 bool
599 root 1.103 config_packet::chk_config (const conf_node *conf, const sockinfo &rsi) const
600 pcg 1.1 {
601 pcg 1.15 if (prot_major != PROTOCOL_MAJOR)
602 root 1.103 slog (L_WARN, _("%s(%s): major version mismatch (remote %d <=> local %d)"),
603     conf->nodename, (const char *)rsi, prot_major, PROTOCOL_MAJOR);
604 pcg 1.15 else if (randsize != RAND_SIZE)
605 root 1.103 slog (L_WARN, _("%s(%s): rand size mismatch (remote %d <=> local %d)"),
606     conf->nodename, (const char *)rsi, randsize, RAND_SIZE);
607 root 1.98 else if (cipher_nid != htonl (EVP_CIPHER_nid (CIPHER ())))
608 root 1.103 slog (L_WARN, _("%s(%s): cipher algo mismatch (remote %x <=> local %x)"),
609     conf->nodename, (const char *)rsi, ntohl (cipher_nid), EVP_CIPHER_nid (CIPHER ()));
610 root 1.98 else if (mac_nid != htonl (EVP_MD_type (MAC_DIGEST ())))
611 root 1.103 slog (L_WARN, _("%s(%s): mac algo mismatch (remote %x <=> local %x)"),
612     conf->nodename, (const char *)rsi, ntohl (mac_nid), EVP_MD_type (MAC_DIGEST ()));
613 root 1.98 else if (auth_nid != htonl (EVP_MD_type (AUTH_DIGEST ())))
614 root 1.103 slog (L_WARN, _("%s(%s): auth algo mismatch (remote %x <=> local %x)"),
615     conf->nodename, (const char *)rsi, ntohl (auth_nid), EVP_MD_type (AUTH_DIGEST ()));
616 pcg 1.15 else
617 root 1.103 {
618     int cmp = memcmp (serial, ::conf.serial, sizeof (serial));
619    
620     if (cmp > 0)
621     slog (L_WARN, _("%s(%s): remote serial newer than local serial - outdated config?"),
622     conf->nodename, (const char *)rsi);
623     else if (cmp == 0)
624     return true;
625     }
626 pcg 1.15
627     return false;
628 pcg 1.1 }
629    
630 root 1.98 struct auth_req_packet : config_packet // UNPROTECTED
631 pcg 1.1 {
632     char magic[8];
633     u8 initiate; // false if this is just an automatic reply
634 pcg 1.28 u8 protocols; // supported protocols (will be patched on forward)
635 pcg 1.1 u8 pad2, pad3;
636 root 1.98 auth_encr encr;
637 pcg 1.1
638     auth_req_packet (int dst, bool initiate_, u8 protocols_)
639     {
640     config_packet::setup (PT_AUTH_REQ, dst);
641 root 1.98 memcpy (magic, MAGIC, 8);
642 pcg 1.1 initiate = !!initiate_;
643     protocols = protocols_;
644    
645     len = sizeof (*this) - sizeof (net_packet);
646     }
647     };
648    
649 root 1.103 struct auth_res_packet : vpn_packet // UNPROTECTED
650 pcg 1.1 {
651 root 1.98 auth_response response;
652 pcg 1.1
653     auth_res_packet (int dst)
654     {
655 root 1.103 set_hdr (PT_AUTH_RES, dst);
656 pcg 1.1
657     len = sizeof (*this) - sizeof (net_packet);
658     }
659     };
660    
661     struct connect_req_packet : vpn_packet
662     {
663     u8 id, protocols;
664     u8 pad1, pad2;
665    
666     connect_req_packet (int dst, int id_, u8 protocols_)
667     : id(id_)
668     , protocols(protocols_)
669     {
670     set_hdr (PT_CONNECT_REQ, dst);
671     len = sizeof (*this) - sizeof (net_packet);
672     }
673     };
674    
675     struct connect_info_packet : vpn_packet
676     {
677     u8 id, protocols;
678     u8 pad1, pad2;
679     sockinfo si;
680    
681     connect_info_packet (int dst, int id_, const sockinfo &si_, u8 protocols_)
682     : id(id_)
683     , protocols(protocols_)
684     , si(si_)
685     {
686     set_hdr (PT_CONNECT_INFO, dst);
687    
688     len = sizeof (*this) - sizeof (net_packet);
689     }
690     };
691    
692     /////////////////////////////////////////////////////////////////////////////
693    
694     void
695 root 1.98 connection::connection_established (const sockinfo &rsi)
696 pcg 1.10 {
697 root 1.98 if (!have_snd_auth || !have_rcv_auth)
698     return;
699    
700     si = rsi;
701     protocol = rsi.prot;
702    
703     slog (L_INFO, _("%s(%s): connection established (%s), protocol version %d.%d."),
704     conf->nodename, (const char *)rsi,
705 root 1.108 vpn->can_direct (THISNODE, conf) ? "direct" : "forwarded",
706 root 1.98 PROTOCOL_MAJOR, prot_minor);
707    
708     if (::conf.script_node_up)
709     {
710     run_script_cb *cb = new run_script_cb;
711     cb->set<connection, &connection::script_node_up> (this);
712     run_script_queued (cb, _("node-up command execution failed, continuing."));
713     }
714    
715     delete ictx; ictx = new crypto_ctx (rcv_auth, snd_auth, rcv_ecdh_a, rcv_auth.ecdh, 0);
716     iseqno.reset (ntohl (rcv_auth.rsa.seqno) & 0x7fffffff);
717    
718     delete octx; octx = new crypto_ctx (snd_auth, rcv_auth, snd_ecdh_a, snd_ecdh_b , 1);
719     oseqno = ntohl (snd_auth.rsa.seqno) & 0x7fffffff;
720 pcg 1.61
721 root 1.102 oiv.reset ();
722    
723     // make sure rekeying timeouts are slightly asymmetric
724     ev::tstamp rekey_interval = ::conf.rekey + (conf->id > THISNODE->id ? 10 : 0);
725     rekey.start (rekey_interval, rekey_interval);
726    
727 root 1.108 hmac_error = 0.;
728    
729 root 1.102 keepalive.start (::conf.keepalive);
730    
731     // send queued packets
732 root 1.108 while (tap_packet *p = (tap_packet *)data_queue.get ())
733 pcg 1.10 {
734 root 1.108 if (p->len) send_data_packet (p);
735     delete p;
736     }
737 root 1.97
738 root 1.108 while (vpn_packet *p = (vpn_packet *)vpn_queue.get ())
739     {
740     if (p->len) send_vpn_packet (p, si, IPTOS_RELIABILITY);
741     delete p;
742 root 1.102 }
743 pcg 1.73
744 root 1.102 vpn->connection_established (this);
745 pcg 1.10 }
746    
747     void
748 pcg 1.8 connection::reset_si ()
749 pcg 1.1 {
750 pcg 1.73 if (vpn->can_direct (THISNODE, conf))
751     protocol = best_protocol (THISNODE->protocols & conf->connectable_protocols ());
752     else
753 pcg 1.59 {
754 pcg 1.73 slog (L_TRACE, _("%s: direct connection denied by config."), conf->nodename);
755 pcg 1.59 protocol = 0;
756     }
757 pcg 1.6
758     si.set (conf, protocol);
759 pcg 1.1 }
760    
761 pcg 1.8 // ensure sockinfo is valid, forward if necessary
762     const sockinfo &
763     connection::forward_si (const sockinfo &si) const
764     {
765     if (!si.valid ())
766     {
767 pcg 1.73 connection *r = vpn->find_router_for (this);
768 pcg 1.8
769     if (r)
770     {
771 pcg 1.73 slog (L_DEBUG, _("%s: no common protocol, trying to route through %s."),
772     conf->nodename, r->conf->nodename);
773 pcg 1.8 return r->si;
774     }
775     else
776 pcg 1.73 slog (L_DEBUG, _("%s: node unreachable, no common protocol or no router available."),
777 pcg 1.8 conf->nodename);
778     }
779    
780     return si;
781     }
782    
783 pcg 1.1 void
784 pcg 1.10 connection::send_vpn_packet (vpn_packet *pkt, const sockinfo &si, int tos)
785     {
786 pcg 1.46 if (!vpn->send_vpn_packet (pkt, si, tos))
787 root 1.108 reset_connection ("packet send error");
788 pcg 1.10 }
789    
790     void
791 pcg 1.1 connection::send_ping (const sockinfo &si, u8 pong)
792     {
793     ping_packet *pkt = new ping_packet;
794    
795     pkt->setup (conf->id, pong ? ping_packet::PT_PONG : ping_packet::PT_PING);
796 pcg 1.73
797 pcg 1.79 slog (L_TRACE, "%s << %s [%s]", conf->nodename, pong ? "PT_PONG" : "PT_PING", (const char *)si);
798 pcg 1.10 send_vpn_packet (pkt, si, IPTOS_LOWDELAY);
799 pcg 1.1
800     delete pkt;
801     }
802    
803     void
804     connection::send_reset (const sockinfo &si)
805     {
806     if (reset_rate_limiter.can (si) && connectmode != conf_node::C_DISABLED)
807     {
808     config_packet *pkt = new config_packet;
809    
810     pkt->setup (vpn_packet::PT_RESET, conf->id);
811 pcg 1.10 send_vpn_packet (pkt, si, IPTOS_MINCOST);
812 pcg 1.1
813     delete pkt;
814     }
815     }
816    
817     void
818     connection::send_auth_request (const sockinfo &si, bool initiate)
819     {
820     auth_req_packet *pkt = new auth_req_packet (conf->id, initiate, THISNODE->protocols);
821    
822 root 1.98 generate_auth_data ();
823     auth_encrypt (conf->rsa_key, snd_auth, pkt->encr);
824 pcg 1.1
825 pcg 1.81 slog (L_TRACE, "%s << PT_AUTH_REQ [%s]", conf->nodename, (const char *)si);
826 pcg 1.10 send_vpn_packet (pkt, si, IPTOS_RELIABILITY | IPTOS_LOWDELAY); // rsa is very very costly
827 pcg 1.1
828 pcg 1.6 delete pkt;
829 pcg 1.1 }
830    
831     void
832 root 1.98 connection::send_auth_response (const sockinfo &si)
833 pcg 1.1 {
834     auth_res_packet *pkt = new auth_res_packet (conf->id);
835    
836 root 1.104 memcpy (pkt->response.ecdh, rcv_ecdh_b, sizeof rcv_ecdh_b);
837     auth_hash (rcv_auth, rcv_ecdh_b, pkt->response.mac);
838 pcg 1.1
839 pcg 1.80 slog (L_TRACE, "%s << PT_AUTH_RES [%s]", conf->nodename, (const char *)si);
840 pcg 1.10 send_vpn_packet (pkt, si, IPTOS_RELIABILITY); // rsa is very very costly
841 pcg 1.1
842     delete pkt;
843     }
844    
845     void
846     connection::send_connect_info (int rid, const sockinfo &rsi, u8 rprotocols)
847     {
848 root 1.93 slog (L_TRACE, "%s << PT_CONNECT_INFO(%s,%s,p%02x)", conf->nodename,
849     vpn->conns[rid - 1]->conf->nodename, (const char *)rsi,
850     conf->protocols);
851 pcg 1.1
852     connect_info_packet *r = new connect_info_packet (conf->id, rid, rsi, rprotocols);
853    
854     r->hmac_set (octx);
855 pcg 1.10 send_vpn_packet (r, si);
856 pcg 1.1
857     delete r;
858     }
859    
860 pcg 1.66 inline void
861 pcg 1.60 connection::establish_connection_cb (ev::timer &w, int revents)
862 pcg 1.1 {
863 root 1.92 if (!(ictx && octx)
864 pcg 1.25 && conf != THISNODE
865     && connectmode != conf_node::C_NEVER
866     && connectmode != conf_node::C_DISABLED
867 pcg 1.60 && !w.is_active ())
868 pcg 1.1 {
869 pcg 1.67 // a bit hacky, if ondemand, and packets are no longer queued, then reset the connection
870     // and stop trying. should probably be handled by a per-connection expire handler.
871     if (connectmode == conf_node::C_ONDEMAND && vpn_queue.empty () && data_queue.empty ())
872     {
873 root 1.108 reset_connection ("no demand");
874 pcg 1.67 return;
875     }
876    
877 pcg 1.68 last_establish_attempt = ev_now ();
878    
879 pcg 1.60 ev::tstamp retry_int = ev::tstamp (retry_cnt & 3
880     ? (retry_cnt & 3) + 1
881     : 1 << (retry_cnt >> 2));
882 pcg 1.1
883 pcg 1.47 reset_si ();
884 pcg 1.1
885 root 1.109 bool slow = (si.prot & PROT_SLOW) || (conf->low_power || THISNODE->low_power);
886 pcg 1.8
887 pcg 1.73 if (si.prot && !si.host && vpn->can_direct (THISNODE, conf))
888 pcg 1.60 {
889     /*TODO*/ /* start the timer so we don't recurse endlessly */
890     w.start (1);
891 pcg 1.74 vpn->send_connect_request (this);
892 pcg 1.60 }
893 pcg 1.8 else
894 pcg 1.1 {
895 pcg 1.73 if (si.valid ())
896     slog (L_DEBUG, _("%s: sending direct connection request to %s."),
897     conf->nodename, (const char *)si);
898 pcg 1.61
899 pcg 1.8 const sockinfo &dsi = forward_si (si);
900 pcg 1.6
901 pcg 1.47 slow = slow || (dsi.prot & PROT_SLOW);
902    
903 pcg 1.8 if (dsi.valid () && auth_rate_limiter.can (dsi))
904     {
905 root 1.109 // use ping after the first few retries
906     // TODO: on rekeys, the other node might not interpret ping correctly,
907     // TODO: as it will still have a valid connection
908     if (retry_cnt < 4 && (!conf->low_power || THISNODE->low_power))
909 pcg 1.8 send_auth_request (dsi, true);
910     else
911     send_ping (dsi, 0);
912     }
913 pcg 1.1 }
914 pcg 1.47
915 root 1.109 retry_int *= slow ? 4. : 0.9;
916 pcg 1.47
917     if (retry_int < conf->max_retry)
918     retry_cnt++;
919     else
920     retry_int = conf->max_retry;
921    
922 pcg 1.60 w.start (retry_int);
923 pcg 1.1 }
924     }
925    
926     void
927 root 1.108 connection::reset_connection (const char *reason)
928 pcg 1.1 {
929     if (ictx && octx)
930     {
931 root 1.108 slog (L_INFO, _("%s(%s): connection lost (%s)"),
932     conf->nodename, (const char *)si, reason);
933 pcg 1.1
934     if (::conf.script_node_down)
935 pcg 1.64 {
936 pcg 1.70 run_script_cb *cb = new run_script_cb;
937     cb->set<connection, &connection::script_node_down> (this);
938     run_script_queued (cb, _("node-down command execution failed, continuing."));
939 pcg 1.64 }
940 pcg 1.1 }
941    
942     delete ictx; ictx = 0;
943     delete octx; octx = 0;
944    
945 pcg 1.38 si.host = 0;
946 pcg 1.1
947 root 1.98 have_snd_auth = false;
948     have_rcv_auth = false;
949     auth_expire = 0.;
950    
951 pcg 1.73 last_activity = 0.;
952     //last_si_change = 0.;
953 pcg 1.1 retry_cnt = 0;
954    
955 pcg 1.25 rekey.stop ();
956     keepalive.stop ();
957     establish_connection.stop ();
958 pcg 1.1 }
959    
960     void
961     connection::shutdown ()
962     {
963     if (ictx && octx)
964     send_reset (si);
965    
966 root 1.108 reset_connection ("shutdown");
967 pcg 1.1 }
968    
969 pcg 1.73 // poor-man's rekeying
970 pcg 1.66 inline void
971 pcg 1.60 connection::rekey_cb (ev::timer &w, int revents)
972 pcg 1.1 {
973 root 1.108 reset_connection ("rekeying");
974 pcg 1.1 establish_connection ();
975     }
976    
977     void
978 pcg 1.21 connection::send_data_packet (tap_packet *pkt)
979 pcg 1.1 {
980     vpndata_packet *p = new vpndata_packet;
981     int tos = 0;
982    
983 pcg 1.12 // I am not hilarious about peeking into packets, but so be it.
984 pcg 1.21 if (conf->inherit_tos && pkt->is_ipv4 ())
985 pcg 1.1 tos = (*pkt)[15] & IPTOS_TOS_MASK;
986    
987 pcg 1.21 p->setup (this, conf->id, &((*pkt)[6 + 6]), pkt->len - 6 - 6, ++oseqno); // skip 2 macs
988 pcg 1.10 send_vpn_packet (p, si, tos);
989 pcg 1.1
990     delete p;
991    
992     if (oseqno > MAX_SEQNO)
993     rekey ();
994     }
995    
996     void
997 pcg 1.68 connection::post_inject_queue ()
998     {
999     // force a connection every now and when when packets are sent (max 1/s)
1000 root 1.109 if (ev_now () - last_establish_attempt >= (conf->low_power || THISNODE->low_power ? 2.95 : 0.95)) // arbitrary
1001 pcg 1.68 establish_connection.stop ();
1002    
1003     establish_connection ();
1004     }
1005    
1006     void
1007     connection::inject_data_packet (tap_packet *pkt)
1008 pcg 1.1 {
1009     if (ictx && octx)
1010 pcg 1.21 send_data_packet (pkt);
1011 pcg 1.1 else
1012     {
1013 pcg 1.68 data_queue.put (new tap_packet (*pkt));
1014     post_inject_queue ();
1015 pcg 1.1 }
1016     }
1017    
1018 root 1.90 void
1019     connection::inject_vpn_packet (vpn_packet *pkt, int tos)
1020 pcg 1.8 {
1021     if (ictx && octx)
1022 pcg 1.10 send_vpn_packet (pkt, si, tos);
1023 pcg 1.8 else
1024 pcg 1.12 {
1025 pcg 1.28 vpn_queue.put ((vpn_packet *)new data_packet (*(data_packet *)pkt));
1026 pcg 1.68 post_inject_queue ();
1027 pcg 1.12 }
1028 pcg 1.8 }
1029    
1030 pcg 1.1 void
1031     connection::recv_vpn_packet (vpn_packet *pkt, const sockinfo &rsi)
1032     {
1033 pcg 1.62 last_activity = ev_now ();
1034 pcg 1.1
1035 root 1.91 slog (L_NOISE, "%s >> received packet type %d from %d to %d.",
1036 pcg 1.79 conf->nodename, pkt->typ (), pkt->src (), pkt->dst ());
1037 pcg 1.1
1038 pcg 1.61 if (connectmode == conf_node::C_DISABLED)
1039     return;
1040    
1041 pcg 1.1 switch (pkt->typ ())
1042     {
1043 pcg 1.3 case vpn_packet::PT_PING:
1044 pcg 1.79 slog (L_TRACE, "%s >> PT_PING", conf->nodename);
1045    
1046 pcg 1.3 // we send pings instead of auth packets after some retries,
1047     // so reset the retry counter and establish a connection
1048     // when we receive a ping.
1049 root 1.89 if (!ictx)
1050 pcg 1.3 {
1051     if (auth_rate_limiter.can (rsi))
1052     send_auth_request (rsi, true);
1053     }
1054     else
1055 root 1.89 // we would love to change the socket address here, but ping's aren't
1056 pcg 1.73 // authenticated, so we best ignore it.
1057 pcg 1.3 send_ping (rsi, 1); // pong
1058    
1059     break;
1060    
1061     case vpn_packet::PT_PONG:
1062 pcg 1.79 slog (L_TRACE, "%s >> PT_PONG", conf->nodename);
1063 root 1.89
1064     // a PONG might mean that the other side doesn't really know
1065     // about our desire for communication.
1066     establish_connection ();
1067 pcg 1.3 break;
1068    
1069     case vpn_packet::PT_RESET:
1070 root 1.108 slog (L_TRACE, "%s >> PT_RESET", conf->nodename);
1071    
1072     if (ictx && octx)
1073     {
1074     reset_connection ("remote reset");
1075    
1076     config_packet *p = (config_packet *) pkt;
1077 pcg 1.3
1078 root 1.108 if (p->chk_config (conf, rsi) && connectmode == conf_node::C_ALWAYS)
1079     establish_connection ();
1080     }
1081 pcg 1.3
1082     break;
1083    
1084     case vpn_packet::PT_AUTH_REQ:
1085     if (auth_rate_limiter.can (rsi))
1086     {
1087 root 1.93 auth_req_packet *p = (auth_req_packet *)pkt;
1088 pcg 1.3
1089 root 1.93 slog (L_TRACE, "%s >> PT_AUTH_REQ(%s,p%02x,f%02x)",
1090     conf->nodename, p->initiate ? "initiate" : "reply",
1091     p->protocols, p->features);
1092 pcg 1.1
1093 root 1.103 if (memcmp (p->magic, MAGIC, 8))
1094     {
1095     slog (L_WARN, _("%s(%s): protocol magic mismatch - stray packet?"),
1096     conf->nodename, (const char *)rsi);
1097     }
1098     else if (p->chk_config (conf, rsi))
1099 pcg 1.3 {
1100     if (p->prot_minor != PROTOCOL_MINOR)
1101     slog (L_INFO, _("%s(%s): protocol minor version mismatch: ours is %d, %s's is %d."),
1102     conf->nodename, (const char *)rsi,
1103     PROTOCOL_MINOR, conf->nodename, p->prot_minor);
1104    
1105     if (p->initiate)
1106 root 1.108 {
1107     send_auth_request (rsi, false);
1108    
1109     if (ictx && octx)
1110     reset_connection ("reconnect");
1111     }
1112 pcg 1.3
1113 root 1.98 auth_data auth;
1114 pcg 1.3
1115 root 1.98 if (!auth_decrypt (::conf.rsa_key, p->encr, auth))
1116 pcg 1.23 {
1117     slog (L_ERR, _("%s(%s): challenge illegal or corrupted (%s). mismatched key or config file?"),
1118     conf->nodename, (const char *)rsi, ERR_error_string (ERR_get_error (), 0));
1119     }
1120 pcg 1.3 else
1121     {
1122 root 1.110 bool chg = !have_rcv_auth || !slow_memeq (&rcv_auth, &auth, sizeof auth);
1123 pcg 1.1
1124 root 1.98 rcv_auth = auth;
1125     have_rcv_auth = true;
1126 pcg 1.1
1127 root 1.98 send_auth_response (rsi);
1128 pcg 1.10
1129 root 1.98 if (chg)
1130     {
1131     conf->protocols = p->protocols;
1132     features = p->features & config_packet::get_features ();
1133 pcg 1.3
1134 root 1.98 connection_established (rsi);
1135     }
1136     }
1137 pcg 1.10
1138 root 1.98 break;
1139 pcg 1.3 }
1140    
1141     send_reset (rsi);
1142 pcg 1.1 }
1143    
1144 pcg 1.3 break;
1145    
1146     case vpn_packet::PT_AUTH_RES:
1147 pcg 1.1 {
1148 pcg 1.79 auth_res_packet *p = (auth_res_packet *)pkt;
1149 pcg 1.1
1150 pcg 1.81 slog (L_TRACE, "%s >> PT_AUTH_RES", conf->nodename);
1151 pcg 1.1
1152 root 1.104 auth_mac local_mac;
1153     auth_hash (snd_auth, p->response.ecdh, local_mac);
1154    
1155 root 1.110 if (!slow_memeq (&p->response.mac, local_mac, sizeof local_mac))
1156 pcg 1.1 {
1157 root 1.103 slog (L_ERR, _("%s(%s): unrequested or outdated auth response, ignoring."),
1158     conf->nodename, (const char *)rsi);
1159     }
1160     else if (!have_snd_auth)
1161     {
1162 root 1.104 memcpy (snd_ecdh_b, p->response.ecdh, sizeof snd_ecdh_b);
1163 root 1.98
1164 root 1.103 have_snd_auth = true;
1165     connection_established (rsi);
1166 pcg 1.1 }
1167     }
1168 pcg 1.3 break;
1169 pcg 1.1
1170 pcg 1.3 case vpn_packet::PT_DATA_COMPRESSED:
1171     #if !ENABLE_COMPRESSION
1172     send_reset (rsi);
1173     break;
1174     #endif
1175 pcg 1.1
1176 pcg 1.3 case vpn_packet::PT_DATA_UNCOMPRESSED:
1177 pcg 1.1
1178 pcg 1.3 if (ictx && octx)
1179 pcg 1.1 {
1180 pcg 1.3 vpndata_packet *p = (vpndata_packet *)pkt;
1181 pcg 1.1
1182 pcg 1.10 if (!p->hmac_chk (ictx))
1183 root 1.108 {
1184     // rekeying often creates temporary hmac auth floods
1185     // we assume they don't take longer than a few seconds normally,
1186     // and suppress messages and resets during that time.
1187     //TODO: should be done per source address
1188     if (!hmac_error)
1189     {
1190     hmac_error = ev_now () + 3;
1191     break;
1192     }
1193     else if (hmac_error >= ev_now ())
1194     break; // silently suppress
1195     else
1196     {
1197     slog (L_ERR, _("%s(%s): hmac authentication error, received invalid packet\n"
1198     "could be an attack, or just corruption or a synchronization error."),
1199     conf->nodename, (const char *)rsi);
1200     // reset
1201     }
1202     }
1203 pcg 1.10 else
1204 pcg 1.1 {
1205 pcg 1.10 u32 seqno;
1206     tap_packet *d = p->unpack (this, seqno);
1207 pcg 1.73 int seqclass = iseqno.seqno_classify (seqno);
1208 pcg 1.10
1209 root 1.108 hmac_error = 0;
1210    
1211 pcg 1.73 if (seqclass == 0) // ok
1212 pcg 1.1 {
1213 pcg 1.10 vpn->tap->send (d);
1214 pcg 1.1
1215 pcg 1.10 if (si != rsi)
1216 pcg 1.1 {
1217 pcg 1.56 // fast re-sync on source address changes, useful especially for tcp/ip
1218 pcg 1.73 //if (last_si_change < ev_now () + 5.)
1219     // {
1220 pcg 1.78 slog (L_INFO, _("%s(%s): changing socket address to %s."),
1221     conf->nodename, (const char *)si, (const char *)rsi);
1222    
1223 pcg 1.73 si = rsi;
1224 pcg 1.84
1225     if (::conf.script_node_change)
1226     {
1227     run_script_cb *cb = new run_script_cb;
1228     cb->set<connection, &connection::script_node_change> (this);
1229     run_script_queued (cb, _("node-change command execution failed, continuing."));
1230     }
1231    
1232 pcg 1.73 // }
1233     //else
1234     // slog (L_INFO, _("%s(%s): accepted packet from %s, not (yet) redirecting traffic."),
1235     // conf->nodename, (const char *)si, (const char *)rsi);
1236 pcg 1.10 }
1237 pcg 1.32 }
1238 pcg 1.75 else if (seqclass == 1) // far history
1239     slog (L_ERR, _("received very old packet (received %08lx, expected %08lx). "
1240     "possible replay attack, or just packet duplication/delay, ignoring."), seqno, iseqno.seq + 1);
1241     else if (seqclass == 2) // in-window duplicate, happens often on wireless
1242     slog (L_DEBUG, _("received recent duplicated packet (received %08lx, expected %08lx). "
1243     "possible replay attack, or just packet duplication, ignoring."), seqno, iseqno.seq + 1);
1244     else if (seqclass == 3) // reset
1245 pcg 1.73 {
1246 pcg 1.75 slog (L_ERR, _("received out-of-sync (far future) packet (received %08lx, expected %08lx). "
1247     "probably just massive packet loss, sending reset."), seqno, iseqno.seq + 1);
1248 pcg 1.73 send_reset (rsi);
1249     }
1250 pcg 1.3
1251 pcg 1.32 delete d;
1252     break;
1253 pcg 1.1 }
1254     }
1255    
1256 pcg 1.3 send_reset (rsi);
1257     break;
1258 pcg 1.1
1259 pcg 1.3 case vpn_packet::PT_CONNECT_REQ:
1260     if (ictx && octx && rsi == si && pkt->hmac_chk (ictx))
1261     {
1262 pcg 1.84 connect_req_packet *p = (connect_req_packet *)pkt;
1263 pcg 1.1
1264 pcg 1.57 if (p->id > 0 && p->id <= vpn->conns.size ())
1265     {
1266     connection *c = vpn->conns[p->id - 1];
1267     conf->protocols = p->protocols;
1268 pcg 1.1
1269 root 1.93 slog (L_TRACE, "%s >> PT_CONNECT_REQ(%s,p%02x) [%d]",
1270     conf->nodename, vpn->conns[p->id - 1]->conf->nodename,
1271     p->protocols,
1272     c->ictx && c->octx);
1273 pcg 1.1
1274 pcg 1.57 if (c->ictx && c->octx)
1275     {
1276     // send connect_info packets to both sides, in case one is
1277     // behind a nat firewall (or both ;)
1278     c->send_connect_info (conf->id, si, conf->protocols);
1279     send_connect_info (c->conf->id, c->si, c->conf->protocols);
1280     }
1281     else
1282     c->establish_connection ();
1283 pcg 1.3 }
1284 pcg 1.11 else
1285 pcg 1.57 slog (L_WARN,
1286     _("received authenticated connection request from unknown node #%d, config file mismatch?"),
1287     p->id);
1288 pcg 1.3 }
1289 pcg 1.1
1290 pcg 1.3 break;
1291 pcg 1.1
1292 pcg 1.3 case vpn_packet::PT_CONNECT_INFO:
1293     if (ictx && octx && rsi == si && pkt->hmac_chk (ictx))
1294     {
1295 pcg 1.39 connect_info_packet *p = (connect_info_packet *)pkt;
1296 pcg 1.1
1297 pcg 1.57 if (p->id > 0 && p->id <= vpn->conns.size ())
1298 pcg 1.39 {
1299     connection *c = vpn->conns[p->id - 1];
1300 pcg 1.7
1301 pcg 1.39 c->conf->protocols = p->protocols;
1302     protocol = best_protocol (c->conf->protocols & THISNODE->protocols & p->si.supported_protocols (c->conf));
1303     p->si.upgrade_protocol (protocol, c->conf);
1304 pcg 1.1
1305 root 1.96 slog (L_TRACE, "%s >> PT_CONNECT_INFO(%s,%s,protocols=%02x,protocol=%02x,upgradable=%02x) [%d]",
1306 root 1.93 conf->nodename,
1307     vpn->conns[p->id - 1]->conf->nodename,
1308     (const char *)p->si,
1309     p->protocols,
1310 root 1.96 protocol,
1311     p->si.supported_protocols (c->conf),
1312 root 1.93 !c->ictx && !c->octx);
1313 pcg 1.7
1314 pcg 1.39 const sockinfo &dsi = forward_si (p->si);
1315 pcg 1.1
1316 pcg 1.39 if (dsi.valid ())
1317     c->send_auth_request (dsi, true);
1318 root 1.96 else
1319     slog (L_INFO, "connect info for %s received (%s), but still unable to contact.",
1320     vpn->conns[p->id - 1]->conf->nodename,
1321     (const char *)p->si);
1322 pcg 1.39 }
1323 pcg 1.57 else
1324     slog (L_WARN,
1325     _("received authenticated connection request from unknown node #%d, config file mismatch?"),
1326     p->id);
1327 pcg 1.3 }
1328 pcg 1.1
1329 pcg 1.3 break;
1330 pcg 1.1
1331 pcg 1.3 default:
1332     send_reset (rsi);
1333     break;
1334 pcg 1.1 }
1335     }
1336    
1337 pcg 1.66 inline void
1338     connection::keepalive_cb (ev::timer &w, int revents)
1339 pcg 1.1 {
1340 root 1.97 ev_tstamp when = last_activity + ::conf.keepalive - ev::now ();
1341    
1342     if (when >= 0)
1343     w.start (when);
1344     else if (when < -15)
1345 pcg 1.1 {
1346 root 1.108 reset_connection ("keepalive overdue");
1347 pcg 1.1 establish_connection ();
1348     }
1349     else if (conf->connectmode != conf_node::C_ONDEMAND
1350     || THISNODE->connectmode != conf_node::C_ONDEMAND)
1351     {
1352 root 1.97 w.start (3);
1353 pcg 1.1 send_ping (si);
1354     }
1355 root 1.97 else if (when >= -10)
1356 pcg 1.12 // hold ondemand connections implicitly a few seconds longer
1357     // should delete octx, though, or something like that ;)
1358 root 1.97 w.start (when + 10);
1359 pcg 1.1 else
1360 root 1.108 reset_connection ("keepalive timeout");
1361 pcg 1.1 }
1362    
1363 root 1.90 void
1364     connection::send_connect_request (int id)
1365 pcg 1.1 {
1366 root 1.93 connect_req_packet *p = new connect_req_packet (conf->id, id, THISNODE->protocols);
1367 pcg 1.1
1368 root 1.93 slog (L_TRACE, "%s << PT_CONNECT_REQ(%s,p%02x)",
1369     conf->nodename, vpn->conns[id - 1]->conf->nodename,
1370     THISNODE->protocols);
1371 pcg 1.1 p->hmac_set (octx);
1372 pcg 1.10 send_vpn_packet (p, si);
1373 pcg 1.1
1374     delete p;
1375     }
1376    
1377 root 1.90 void
1378     connection::script_init_env (const char *ext)
1379 pcg 1.53 {
1380     char *env;
1381     asprintf (&env, "IFUPDATA%s=%s", ext, conf->if_up_data); putenv (env);
1382 pcg 1.84 asprintf (&env, "NODENAME%s=%s", ext, conf->nodename); putenv (env);
1383 pcg 1.53 asprintf (&env, "MAC%s=%02x:%02x:%02x:%02x:%02x:%02x", ext,
1384     0xfe, 0xfd, 0x80, 0x00, conf->id >> 8,
1385 pcg 1.84 conf->id & 0xff); putenv (env);
1386 pcg 1.53 }
1387    
1388 root 1.90 void
1389     connection::script_init_connect_env ()
1390 pcg 1.1 {
1391 pcg 1.52 vpn->script_init_env ();
1392 pcg 1.1
1393     char *env;
1394 pcg 1.84 asprintf (&env, "DESTID=%d", conf->id); putenv (env);
1395     asprintf (&env, "DESTSI=%s", (const char *)si); putenv (env);
1396     asprintf (&env, "DESTNODE=%s", conf->nodename); putenv (env);
1397     asprintf (&env, "DESTIP=%s", si.ntoa ()); putenv (env);
1398     asprintf (&env, "DESTPORT=%d", ntohs (si.port)); putenv (env);
1399 pcg 1.1 }
1400    
1401 pcg 1.66 inline const char *
1402     connection::script_node_up ()
1403 pcg 1.1 {
1404 pcg 1.53 script_init_connect_env ();
1405 pcg 1.1
1406 pcg 1.60 putenv ((char *)"STATE=up");
1407 pcg 1.1
1408 pcg 1.52 char *filename;
1409     asprintf (&filename,
1410     "%s/%s",
1411     confbase,
1412     ::conf.script_node_up ? ::conf.script_node_up : "node-up");
1413 pcg 1.54
1414     return filename;
1415 pcg 1.1 }
1416    
1417 pcg 1.66 inline const char *
1418 pcg 1.84 connection::script_node_change ()
1419     {
1420     script_init_connect_env ();
1421    
1422     putenv ((char *)"STATE=change");
1423    
1424     char *filename;
1425     asprintf (&filename,
1426     "%s/%s",
1427     confbase,
1428     ::conf.script_node_change ? ::conf.script_node_change : "node-change");
1429    
1430     return filename;
1431     }
1432    
1433     inline const char *
1434 pcg 1.66 connection::script_node_down ()
1435 pcg 1.1 {
1436 pcg 1.53 script_init_connect_env ();
1437 pcg 1.1
1438 pcg 1.60 putenv ((char *)"STATE=down");
1439 pcg 1.1
1440 pcg 1.52 char *filename;
1441     asprintf (&filename,
1442     "%s/%s",
1443     confbase,
1444     ::conf.script_node_down ? ::conf.script_node_down : "node-down");
1445 pcg 1.54
1446     return filename;
1447 pcg 1.1 }
1448    
1449 pcg 1.40 connection::connection (struct vpn *vpn, conf_node *conf)
1450 pcg 1.67 : vpn(vpn), conf(conf),
1451 pcg 1.40 #if ENABLE_DNS
1452 pcg 1.67 dns (0),
1453 pcg 1.40 #endif
1454 pcg 1.72 data_queue(conf->max_ttl, conf->max_queue + 1),
1455     vpn_queue(conf->max_ttl, conf->max_queue + 1)
1456 pcg 1.1 {
1457 pcg 1.65 rekey .set<connection, &connection::rekey_cb > (this);
1458     keepalive .set<connection, &connection::keepalive_cb > (this);
1459     establish_connection.set<connection, &connection::establish_connection_cb> (this);
1460    
1461 pcg 1.68 last_establish_attempt = 0.;
1462 pcg 1.1 octx = ictx = 0;
1463    
1464 pcg 1.67 connectmode = conf->connectmode;
1465    
1466     // queue a dummy packet to force an initial connection attempt
1467     if (connectmode != conf_node::C_ALWAYS && connectmode != conf_node::C_DISABLED)
1468 pcg 1.68 vpn_queue.put (new net_packet);
1469 pcg 1.67
1470 root 1.108 reset_connection ("startup");
1471 pcg 1.1 }
1472    
1473     connection::~connection ()
1474     {
1475     shutdown ();
1476     }
1477    
1478 root 1.90 void
1479     connection_init ()
1480 pcg 1.1 {
1481     auth_rate_limiter.clear ();
1482     reset_rate_limiter.clear ();
1483     }
1484