ViewVC Help
View File | Revision Log | Show Annotations | Download File
/cvs/gvpe/src/connection.C
Revision: 1.116
Committed: Mon Apr 1 03:10:26 2019 UTC (5 years, 1 month ago) by root
Content type: text/plain
Branch: MAIN
CVS Tags: HEAD
Changes since 1.115: +4 -2 lines
Log Message: 
*** empty log message ***

File Contents

# User Rev Content
1 pcg 1.1 /*
2     connection.C -- manage a single connection
3 root 1.114 Copyright (C) 2003-2008,2010,2011,2013,2016 Marc Lehmann <gvpe@schmorp.de>
4 pcg 1.1
5 pcg 1.42 This file is part of GVPE.
6    
7 pcg 1.69 GVPE is free software; you can redistribute it and/or modify it
8     under the terms of the GNU General Public License as published by the
9     Free Software Foundation; either version 3 of the License, or (at your
10     option) any later version.
11    
12     This program is distributed in the hope that it will be useful, but
13     WITHOUT ANY WARRANTY; without even the implied warranty of
14     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General
15     Public License for more details.
16    
17     You should have received a copy of the GNU General Public License along
18     with this program; if not, see <http://www.gnu.org/licenses/>.
19    
20     Additional permission under GNU GPL version 3 section 7
21    
22     If you modify this Program, or any covered work, by linking or
23     combining it with the OpenSSL project's OpenSSL library (or a modified
24     version of that library), containing parts covered by the terms of the
25     OpenSSL or SSLeay licenses, the licensors of this Program grant you
26     additional permission to convey the resulting work. Corresponding
27     Source for a non-source form of such a combination shall include the
28     source code for the parts of OpenSSL used as well as that of the
29     covered work.
30 pcg 1.1 */
31    
32     #include "config.h"
33    
34     #include <list>
35 pcg 1.70 #include <queue>
36     #include <utility>
37 pcg 1.1
38 root 1.107 #include <openssl/opensslv.h>
39 pcg 1.2 #include <openssl/rand.h>
40     #include <openssl/evp.h>
41     #include <openssl/rsa.h>
42     #include <openssl/err.h>
43    
44 pcg 1.1 #include "conf.h"
45     #include "slog.h"
46 root 1.114 #include "crypto.h"
47 pcg 1.1 #include "device.h"
48 pcg 1.2 #include "vpn.h"
49 pcg 1.1 #include "connection.h"
50 root 1.98 #include "hkdf.h"
51 pcg 1.1
52 pcg 1.20 #include "netcompat.h"
53 pcg 1.19
54 root 1.98 #define MAGIC "gvpe\xbd\xc6\xdb\x82" // 8 bytes of magic
55 pcg 1.30
56 root 1.116 #define LZF_STATE_ARG 1
57 pcg 1.30 #define ULTRA_FAST 1
58     #define HLOG 15
59 root 1.116 #define INIT_HTAB 0
60 pcg 1.30 #include "lzf/lzf_c.c"
61     #include "lzf/lzf_d.c"
62 pcg 1.1
63 pcg 1.70 //////////////////////////////////////////////////////////////////////////////
64    
65     static std::queue< std::pair<run_script_cb *, const char *> > rs_queue;
66     static ev::child rs_child_ev;
67    
68 root 1.90 namespace
69 pcg 1.70 {
70 root 1.90 void // c++ requires external linkage here, apparently :(
71     rs_child_cb (ev::child &w, int revents)
72     {
73     w.stop ();
74 pcg 1.70
75 root 1.90 if (rs_queue.empty ())
76     return;
77 pcg 1.70
78 root 1.90 pid_t pid = run_script (*rs_queue.front ().first, false);
79     if (pid)
80     {
81     w.set (pid);
82     w.start ();
83     }
84     else
85     slog (L_WARN, rs_queue.front ().second);
86 pcg 1.70
87 root 1.90 delete rs_queue.front ().first;
88     rs_queue.pop ();
89     }
90     };
91 pcg 1.70
92     // despite the fancy name, this is quite a hack
93     static void
94     run_script_queued (run_script_cb *cb, const char *warnmsg)
95     {
96     rs_queue.push (std::make_pair (cb, warnmsg));
97    
98     if (!rs_child_ev.is_active ())
99     {
100     rs_child_ev.set<rs_child_cb> ();
101     rs_child_ev ();
102     }
103     }
104    
105     //////////////////////////////////////////////////////////////////////////////
106    
107 pcg 1.1 struct crypto_ctx
108     {
109 root 1.115 cipher cctx;
110 root 1.114 hmac hctx;
111 pcg 1.1
112 root 1.98 crypto_ctx (const auth_data &auth1, const auth_data &auth2, const ecdh_key &a, const ecdh_key &b, int enc);
113 pcg 1.1 ~crypto_ctx ();
114     };
115    
116 root 1.98 crypto_ctx::crypto_ctx (const auth_data &auth1, const auth_data &auth2, const ecdh_key &a, const ecdh_key &b, int enc)
117 pcg 1.1 {
118 root 1.98 ecdh_key s;
119    
120     curve25519_combine (a, b, s);
121    
122     {
123     u8 mac_key[MAC_KEYSIZE];
124     static const unsigned char mac_info[] = "gvpe mac key";
125    
126 root 1.99 hkdf kdf (auth2.rsa.hkdf_salt, sizeof (auth2.rsa.hkdf_salt), HKDF_XTR_HASH ());
127 root 1.98 kdf.extract (auth1.rsa.mac_key, sizeof (auth1.rsa.mac_key));
128     kdf.extract (s, sizeof (s));
129 root 1.99 kdf.extract_done (HKDF_PRF_HASH ());
130 root 1.98 kdf.expand (mac_key, sizeof (mac_key), mac_info, sizeof (mac_info));
131    
132 root 1.114 hctx.init (mac_key, MAC_KEYSIZE, MAC_DIGEST ());
133 root 1.98 }
134    
135     {
136     u8 cipher_key[CIPHER_KEYSIZE];
137     static const unsigned char cipher_info[] = "gvpe cipher key";
138    
139 root 1.99 hkdf kdf (auth2.rsa.hkdf_salt, sizeof (auth2.rsa.hkdf_salt), HKDF_XTR_HASH ());
140 root 1.98 kdf.extract (auth1.rsa.cipher_key, sizeof (auth1.rsa.cipher_key));
141     kdf.extract (s, sizeof (s));
142 root 1.99 kdf.extract_done (HKDF_PRF_HASH ());
143 root 1.98 kdf.expand (cipher_key, sizeof (cipher_key), cipher_info, sizeof (cipher_info));
144    
145 root 1.115 EVP_CIPHER_CTX_init (cctx);
146     require (EVP_CipherInit_ex (cctx, CIPHER (), 0, cipher_key, 0, enc));
147 root 1.98 }
148 pcg 1.1 }
149    
150     crypto_ctx::~crypto_ctx ()
151     {
152 root 1.115 require (EVP_CIPHER_CTX_cleanup (cctx));
153 pcg 1.1 }
154    
155 root 1.98 static inline void
156     auth_encrypt (RSA *key, const auth_data &auth, auth_encr &encr)
157 pcg 1.1 {
158 root 1.98 if (RSA_public_encrypt (sizeof (auth.rsa),
159     (unsigned char *)&auth.rsa, (unsigned char *)&encr.rsa,
160     key, RSA_PKCS1_OAEP_PADDING) < 0)
161     fatal ("RSA_public_encrypt error");
162 root 1.100
163     memcpy (&encr.ecdh, &auth.ecdh, sizeof (encr.ecdh));
164 pcg 1.1 }
165    
166 root 1.98 static inline bool
167     auth_decrypt (RSA *key, const auth_encr &encr, auth_data &auth)
168 pcg 1.63 {
169 root 1.98 u8 rsa_decrypt[RSA_KEYLEN];
170 pcg 1.1
171 root 1.98 if (RSA_private_decrypt (sizeof (encr.rsa),
172     (const unsigned char *)&encr.rsa, (unsigned char *)rsa_decrypt,
173     key, RSA_PKCS1_OAEP_PADDING) != sizeof (auth.rsa))
174     return 0;
175 pcg 1.1
176 root 1.98 memcpy (&auth.rsa, rsa_decrypt, sizeof (auth.rsa));
177 root 1.100 memcpy (&auth.ecdh, &encr.ecdh, sizeof (auth.ecdh));
178 pcg 1.1
179 root 1.98 return 1;
180     }
181 pcg 1.1
182 root 1.98 static void
183 root 1.104 auth_hash (const auth_data &auth, const ecdh_key &b, auth_mac &mac)
184 root 1.98 {
185 root 1.106 hkdf kdf (b, sizeof b, AUTH_DIGEST ()); // use response ecdh b as salt
186 root 1.104 kdf.extract (&auth.rsa, sizeof (auth.rsa));
187     kdf.extract_done ();
188 root 1.106 kdf.expand (mac, sizeof mac, auth.ecdh, sizeof (auth.ecdh)); // use challenge ecdh b as info
189 root 1.98 }
190 pcg 1.1
191 root 1.90 void
192 root 1.98 connection::generate_auth_data ()
193 pcg 1.1 {
194 root 1.98 if (auth_expire < ev_now ())
195 pcg 1.1 {
196 root 1.98 // request data
197 root 1.101 rand_fill (snd_auth.rsa);
198 root 1.98 curve25519_generate (snd_ecdh_a, snd_auth.ecdh);
199    
200     // eventual response data
201     curve25519_generate (rcv_ecdh_a, rcv_ecdh_b);
202 pcg 1.1 }
203 root 1.98
204     // every use prolongs the expiry
205     auth_expire = ev_now () + AUTH_TTL;
206 pcg 1.1 }
207    
208     //////////////////////////////////////////////////////////////////////////////
209    
210 pcg 1.67 pkt_queue::pkt_queue (double max_ttl, int max_queue)
211     : max_ttl (max_ttl), max_queue (max_queue)
212 pcg 1.1 {
213 pcg 1.67 queue = new pkt [max_queue];
214    
215     i = 0;
216     j = 0;
217    
218     expire.set<pkt_queue, &pkt_queue::expire_cb> (this);
219     }
220 pcg 1.1
221 pcg 1.67 pkt_queue::~pkt_queue ()
222     {
223     while (net_packet *p = get ())
224     delete p;
225 pcg 1.1
226 pcg 1.67 delete [] queue;
227 pcg 1.1 }
228    
229 root 1.90 void
230     pkt_queue::expire_cb (ev::timer &w, int revents)
231 pcg 1.1 {
232 pcg 1.67 ev_tstamp expire = ev_now () - max_ttl;
233 pcg 1.1
234 pcg 1.67 for (;;)
235 pcg 1.1 {
236 pcg 1.67 if (empty ())
237     break;
238    
239     double diff = queue[j].tstamp - expire;
240    
241     if (diff >= 0.)
242     {
243     w.start (diff > 0.5 ? diff : 0.5);
244     break;
245     }
246    
247     delete get ();
248 pcg 1.1 }
249     }
250    
251 root 1.90 void
252     pkt_queue::put (net_packet *p)
253 pcg 1.1 {
254 pcg 1.67 ev_tstamp now = ev_now ();
255    
256     // start expiry timer
257     if (empty ())
258     expire.start (max_ttl);
259    
260     int ni = i + 1 == max_queue ? 0 : i + 1;
261    
262     if (ni == j)
263     delete get ();
264    
265     queue[i].pkt = p;
266     queue[i].tstamp = now;
267    
268     i = ni;
269 pcg 1.1 }
270    
271 root 1.90 net_packet *
272     pkt_queue::get ()
273 pcg 1.1 {
274 pcg 1.67 if (empty ())
275     return 0;
276    
277     net_packet *p = queue[j].pkt;
278     queue[j].pkt = 0;
279    
280     j = j + 1 == max_queue ? 0 : j + 1;
281    
282     return p;
283 pcg 1.1 }
284    
285 pcg 1.63 struct net_rateinfo
286     {
287 pcg 1.1 u32 host;
288     double pcnt, diff;
289     tstamp last;
290     };
291    
292     // only do action once every x seconds per host whole allowing bursts.
293     // this implementation ("splay list" ;) is inefficient,
294     // but low on resources.
295     struct net_rate_limiter : list<net_rateinfo>
296     {
297 pcg 1.35 # define NRL_ALPHA (1. - 1. / 600.) // allow bursts
298     # define NRL_CUTOFF 10. // one event every CUTOFF seconds
299     # define NRL_EXPIRE (NRL_CUTOFF * 30.) // expire entries after this time
300     # define NRL_MAXDIF (NRL_CUTOFF * (1. / (1. - NRL_ALPHA))) // maximum diff /count value
301 pcg 1.1
302 pcg 1.16 bool can (const sockinfo &si) { return can((u32)si.host); }
303 pcg 1.1 bool can (u32 host);
304     };
305    
306 root 1.90 static net_rate_limiter auth_rate_limiter, reset_rate_limiter;
307 pcg 1.1
308 root 1.90 bool
309     net_rate_limiter::can (u32 host)
310 pcg 1.1 {
311     iterator i;
312    
313     for (i = begin (); i != end (); )
314     if (i->host == host)
315     break;
316 pcg 1.62 else if (i->last < ev_now () - NRL_EXPIRE)
317 pcg 1.1 i = erase (i);
318     else
319     i++;
320    
321     if (i == end ())
322     {
323     net_rateinfo ri;
324    
325     ri.host = host;
326     ri.pcnt = 1.;
327 pcg 1.34 ri.diff = NRL_MAXDIF;
328 pcg 1.62 ri.last = ev_now ();
329 pcg 1.1
330     push_front (ri);
331    
332     return true;
333     }
334     else
335     {
336     net_rateinfo ri (*i);
337     erase (i);
338    
339 pcg 1.34 ri.pcnt = ri.pcnt * NRL_ALPHA;
340 pcg 1.62 ri.diff = ri.diff * NRL_ALPHA + (ev_now () - ri.last);
341 pcg 1.1
342 pcg 1.62 ri.last = ev_now ();
343 pcg 1.1
344 pcg 1.10 double dif = ri.diff / ri.pcnt;
345 pcg 1.1
346 pcg 1.34 bool send = dif > NRL_CUTOFF;
347 pcg 1.10
348 pcg 1.34 if (dif > NRL_MAXDIF)
349 pcg 1.10 {
350     ri.pcnt = 1.;
351 pcg 1.34 ri.diff = NRL_MAXDIF;
352 pcg 1.10 }
353     else if (send)
354 pcg 1.1 ri.pcnt++;
355    
356     push_front (ri);
357    
358     return send;
359     }
360     }
361    
362     /////////////////////////////////////////////////////////////////////////////
363    
364 root 1.90 void
365 root 1.104 hmac_packet::hmac_gen (crypto_ctx *ctx, u8 *hmac_digest)
366 pcg 1.1 {
367 root 1.114 ctx->hctx.init ();
368     ctx->hctx.add (((unsigned char *) this) + sizeof (hmac_packet), len - sizeof (hmac_packet));
369     ctx->hctx.digest (hmac_digest);
370 pcg 1.1 }
371    
372     void
373     hmac_packet::hmac_set (crypto_ctx *ctx)
374     {
375 root 1.104 unsigned char hmac_digest[EVP_MAX_MD_SIZE];
376     hmac_gen (ctx, hmac_digest);
377 pcg 1.1 memcpy (hmac, hmac_digest, HMACLENGTH);
378     }
379    
380     bool
381     hmac_packet::hmac_chk (crypto_ctx *ctx)
382     {
383 root 1.104 unsigned char hmac_digest[EVP_MAX_MD_SIZE];
384     hmac_gen (ctx, hmac_digest);
385 root 1.110 return slow_memeq (hmac, hmac_digest, HMACLENGTH);
386 pcg 1.1 }
387    
388 root 1.90 void
389     vpn_packet::set_hdr (ptype type_, unsigned int dst)
390 pcg 1.1 {
391 pcg 1.6 type = type_;
392 pcg 1.1
393     int src = THISNODE->id;
394    
395     src1 = src;
396     srcdst = ((src >> 8) << 4) | (dst >> 8);
397     dst1 = dst;
398     }
399    
400     #define MAXVPNDATA (MAX_MTU - 6 - 6)
401    
402 pcg 1.28 struct vpndata_packet : vpn_packet
403 root 1.90 {
404 root 1.113 u32 ctr; // seqno
405     u8 data[MAXVPNDATA];
406 root 1.90
407     void setup (connection *conn, int dst, u8 *d, u32 len, u32 seqno);
408     tap_packet *unpack (connection *conn, u32 &seqno);
409 pcg 1.1
410     private:
411 root 1.90 const u32 data_hdr_size () const
412     {
413 root 1.113 // the distance from beginning of packet to data member
414     return data - at (0);
415 root 1.90 }
416     };
417 pcg 1.1
418 root 1.113 // expands packet counter (unlike seqno, in network byte order) to counter mode IV
419     static unsigned char *
420     expand_iv (u32 ctr)
421     {
422     static u32 iv[IV_SIZE (CIPHER) / 4];
423    
424     require (sizeof (iv) == 4 * 4);
425     require (IV_SIZE (CIPHER) % 4 == 0);
426    
427     iv[0] =
428     iv[1] =
429     iv[2] = ctr;
430    
431     // I would reuse ctr here to to avoid potential endianness issues,
432     // but it seems openssl wraps around. While this would be still ok,
433     // and I don't even know if its true, let's play safe and initialise
434     // to 0.
435     iv[3] = 0;
436    
437     return (unsigned char *)iv;
438     }
439    
440 pcg 1.1 void
441     vpndata_packet::setup (connection *conn, int dst, u8 *d, u32 l, u32 seqno)
442     {
443 root 1.115 EVP_CIPHER_CTX *cctx = conn->octx->cctx;
444 pcg 1.1 int outl = 0, outl2;
445     ptype type = PT_DATA_UNCOMPRESSED;
446    
447     #if ENABLE_COMPRESSION
448     u8 cdata[MAX_MTU];
449    
450 pcg 1.86 if (conn->features & FEATURE_COMPRESSION)
451 pcg 1.1 {
452 root 1.116 static LZF_STATE lzf_state;
453     u32 cl = lzf_compress (d, l, cdata + 2, (l - 2) & ~7, lzf_state);
454 pcg 1.1
455 pcg 1.31 if (cl)
456     {
457     type = PT_DATA_COMPRESSED;
458     d = cdata;
459     l = cl + 2;
460    
461     d[0] = cl >> 8;
462     d[1] = cl;
463     }
464 pcg 1.1 }
465     #endif
466    
467 root 1.113 ctr = htonl (seqno);
468 pcg 1.1
469 root 1.113 require (EVP_EncryptInit_ex (cctx, 0, 0, 0, expand_iv (ctr)));
470 pcg 1.1
471 pcg 1.29 require (EVP_EncryptUpdate (cctx,
472 root 1.113 (unsigned char *)data + outl, &outl2,
473     (unsigned char *)d, l));
474 pcg 1.1 outl += outl2;
475    
476 root 1.113 // it seems this is a nop for us, but we do it anyways
477     require (EVP_EncryptFinal_ex (cctx, (unsigned char *)data + outl, &outl2));
478 pcg 1.1 outl += outl2;
479    
480 root 1.113 len = data_hdr_size () + outl;
481 pcg 1.1
482     set_hdr (type, dst);
483    
484     hmac_set (conn->octx);
485     }
486    
487     tap_packet *
488     vpndata_packet::unpack (connection *conn, u32 &seqno)
489     {
490 root 1.115 EVP_CIPHER_CTX *cctx = conn->ictx->cctx;
491 pcg 1.1 int outl = 0, outl2;
492     tap_packet *p = new tap_packet;
493     u8 *d;
494    
495 root 1.113 seqno = ntohl (ctr);
496    
497     require (EVP_DecryptInit_ex (cctx, 0, 0, 0, expand_iv (ctr)));
498 pcg 1.1
499     #if ENABLE_COMPRESSION
500     u8 cdata[MAX_MTU];
501    
502     if (type == PT_DATA_COMPRESSED)
503     d = cdata;
504     else
505     #endif
506 root 1.113 d = &(*p)[6 + 6];
507 root 1.101
508     // this can overwrite the len/dst/src fields
509 pcg 1.29 require (EVP_DecryptUpdate (cctx,
510 pcg 1.1 d, &outl2,
511 pcg 1.29 (unsigned char *)&data, len - data_hdr_size ()));
512 pcg 1.1 outl += outl2;
513    
514 root 1.113 // it seems this is a nop for us, but we do it anyways
515 pcg 1.29 require (EVP_DecryptFinal_ex (cctx, (unsigned char *)d + outl, &outl2));
516 pcg 1.1 outl += outl2;
517    
518     id2mac (dst () ? dst() : THISNODE->id, p->dst);
519     id2mac (src (), p->src);
520    
521     #if ENABLE_COMPRESSION
522     if (type == PT_DATA_COMPRESSED)
523     {
524 root 1.113 u32 cl = (d[0] << 8) | d[1];
525 pcg 1.1
526 root 1.113 p->len = lzf_decompress (d + 2, cl < MAX_MTU - 2 ? cl : 0,
527 pcg 1.1 &(*p)[6 + 6], MAX_MTU)
528     + 6 + 6;
529     }
530     else
531 root 1.113 p->len = outl + (6 + 6);
532 pcg 1.1 #endif
533    
534     return p;
535     }
536    
537     struct ping_packet : vpn_packet
538     {
539     void setup (int dst, ptype type)
540     {
541     set_hdr (type, dst);
542     len = sizeof (*this) - sizeof (net_packet);
543     }
544     };
545    
546     struct config_packet : vpn_packet
547     {
548 root 1.103 u8 serial[SERIAL_SIZE];
549 root 1.98 u8 prot_major, prot_minor, randsize;
550     u8 flags, features, pad6, pad7, pad8;
551     u32 cipher_nid, mac_nid, auth_nid;
552 pcg 1.1
553     void setup (ptype type, int dst);
554 root 1.103 bool chk_config (const conf_node *conf, const sockinfo &rsi) const;
555 pcg 1.32
556     static u8 get_features ()
557     {
558     u8 f = 0;
559     #if ENABLE_COMPRESSION
560     f |= FEATURE_COMPRESSION;
561     #endif
562     #if ENABLE_ROHC
563     f |= FEATURE_ROHC;
564     #endif
565 pcg 1.59 #if ENABLE_BRIDGING
566     f |= FEATURE_BRIDGING;
567     #endif
568 pcg 1.32 return f;
569     }
570 pcg 1.1 };
571    
572 root 1.90 void
573     config_packet::setup (ptype type, int dst)
574 pcg 1.1 {
575     prot_major = PROTOCOL_MAJOR;
576     prot_minor = PROTOCOL_MINOR;
577 pcg 1.48 flags = 0;
578 pcg 1.32 features = get_features ();
579 pcg 1.1
580 root 1.103 strncpy ((char *)serial, conf.serial, sizeof (serial));
581    
582 root 1.98 cipher_nid = htonl (EVP_CIPHER_nid (CIPHER ()));
583     mac_nid = htonl (EVP_MD_type (MAC_DIGEST ()));
584     auth_nid = htonl (EVP_MD_type (AUTH_DIGEST ()));
585 pcg 1.1
586     len = sizeof (*this) - sizeof (net_packet);
587     set_hdr (type, dst);
588     }
589    
590 root 1.90 bool
591 root 1.103 config_packet::chk_config (const conf_node *conf, const sockinfo &rsi) const
592 pcg 1.1 {
593 pcg 1.15 if (prot_major != PROTOCOL_MAJOR)
594 root 1.103 slog (L_WARN, _("%s(%s): major version mismatch (remote %d <=> local %d)"),
595     conf->nodename, (const char *)rsi, prot_major, PROTOCOL_MAJOR);
596 root 1.98 else if (cipher_nid != htonl (EVP_CIPHER_nid (CIPHER ())))
597 root 1.103 slog (L_WARN, _("%s(%s): cipher algo mismatch (remote %x <=> local %x)"),
598     conf->nodename, (const char *)rsi, ntohl (cipher_nid), EVP_CIPHER_nid (CIPHER ()));
599 root 1.98 else if (mac_nid != htonl (EVP_MD_type (MAC_DIGEST ())))
600 root 1.103 slog (L_WARN, _("%s(%s): mac algo mismatch (remote %x <=> local %x)"),
601     conf->nodename, (const char *)rsi, ntohl (mac_nid), EVP_MD_type (MAC_DIGEST ()));
602 root 1.98 else if (auth_nid != htonl (EVP_MD_type (AUTH_DIGEST ())))
603 root 1.103 slog (L_WARN, _("%s(%s): auth algo mismatch (remote %x <=> local %x)"),
604     conf->nodename, (const char *)rsi, ntohl (auth_nid), EVP_MD_type (AUTH_DIGEST ()));
605 pcg 1.15 else
606 root 1.103 {
607     int cmp = memcmp (serial, ::conf.serial, sizeof (serial));
608    
609     if (cmp > 0)
610     slog (L_WARN, _("%s(%s): remote serial newer than local serial - outdated config?"),
611     conf->nodename, (const char *)rsi);
612     else if (cmp == 0)
613     return true;
614     }
615 pcg 1.15
616     return false;
617 pcg 1.1 }
618    
619 root 1.98 struct auth_req_packet : config_packet // UNPROTECTED
620 pcg 1.1 {
621     char magic[8];
622     u8 initiate; // false if this is just an automatic reply
623 pcg 1.28 u8 protocols; // supported protocols (will be patched on forward)
624 pcg 1.1 u8 pad2, pad3;
625 root 1.98 auth_encr encr;
626 pcg 1.1
627     auth_req_packet (int dst, bool initiate_, u8 protocols_)
628     {
629     config_packet::setup (PT_AUTH_REQ, dst);
630 root 1.98 memcpy (magic, MAGIC, 8);
631 pcg 1.1 initiate = !!initiate_;
632     protocols = protocols_;
633    
634     len = sizeof (*this) - sizeof (net_packet);
635     }
636     };
637    
638 root 1.103 struct auth_res_packet : vpn_packet // UNPROTECTED
639 pcg 1.1 {
640 root 1.98 auth_response response;
641 pcg 1.1
642     auth_res_packet (int dst)
643     {
644 root 1.103 set_hdr (PT_AUTH_RES, dst);
645 pcg 1.1
646     len = sizeof (*this) - sizeof (net_packet);
647     }
648     };
649    
650     struct connect_req_packet : vpn_packet
651     {
652     u8 id, protocols;
653     u8 pad1, pad2;
654    
655     connect_req_packet (int dst, int id_, u8 protocols_)
656     : id(id_)
657     , protocols(protocols_)
658     {
659     set_hdr (PT_CONNECT_REQ, dst);
660     len = sizeof (*this) - sizeof (net_packet);
661     }
662     };
663    
664     struct connect_info_packet : vpn_packet
665     {
666     u8 id, protocols;
667     u8 pad1, pad2;
668     sockinfo si;
669    
670     connect_info_packet (int dst, int id_, const sockinfo &si_, u8 protocols_)
671     : id(id_)
672     , protocols(protocols_)
673     , si(si_)
674     {
675     set_hdr (PT_CONNECT_INFO, dst);
676    
677     len = sizeof (*this) - sizeof (net_packet);
678     }
679     };
680    
681     /////////////////////////////////////////////////////////////////////////////
682    
683     void
684 root 1.98 connection::connection_established (const sockinfo &rsi)
685 pcg 1.10 {
686 root 1.98 if (!have_snd_auth || !have_rcv_auth)
687     return;
688    
689     si = rsi;
690     protocol = rsi.prot;
691    
692     slog (L_INFO, _("%s(%s): connection established (%s), protocol version %d.%d."),
693     conf->nodename, (const char *)rsi,
694 root 1.108 vpn->can_direct (THISNODE, conf) ? "direct" : "forwarded",
695 root 1.98 PROTOCOL_MAJOR, prot_minor);
696    
697     if (::conf.script_node_up)
698     {
699     run_script_cb *cb = new run_script_cb;
700     cb->set<connection, &connection::script_node_up> (this);
701     run_script_queued (cb, _("node-up command execution failed, continuing."));
702     }
703    
704     delete ictx; ictx = new crypto_ctx (rcv_auth, snd_auth, rcv_ecdh_a, rcv_auth.ecdh, 0);
705     iseqno.reset (ntohl (rcv_auth.rsa.seqno) & 0x7fffffff);
706    
707     delete octx; octx = new crypto_ctx (snd_auth, rcv_auth, snd_ecdh_a, snd_ecdh_b , 1);
708     oseqno = ntohl (snd_auth.rsa.seqno) & 0x7fffffff;
709 pcg 1.61
710 root 1.102 // make sure rekeying timeouts are slightly asymmetric
711     ev::tstamp rekey_interval = ::conf.rekey + (conf->id > THISNODE->id ? 10 : 0);
712     rekey.start (rekey_interval, rekey_interval);
713    
714 root 1.108 hmac_error = 0.;
715    
716 root 1.102 keepalive.start (::conf.keepalive);
717    
718     // send queued packets
719 root 1.108 while (tap_packet *p = (tap_packet *)data_queue.get ())
720 pcg 1.10 {
721 root 1.108 if (p->len) send_data_packet (p);
722     delete p;
723     }
724 root 1.97
725 root 1.108 while (vpn_packet *p = (vpn_packet *)vpn_queue.get ())
726     {
727     if (p->len) send_vpn_packet (p, si, IPTOS_RELIABILITY);
728     delete p;
729 root 1.102 }
730 pcg 1.73
731 root 1.102 vpn->connection_established (this);
732 pcg 1.10 }
733    
734     void
735 pcg 1.8 connection::reset_si ()
736 pcg 1.1 {
737 pcg 1.73 if (vpn->can_direct (THISNODE, conf))
738     protocol = best_protocol (THISNODE->protocols & conf->connectable_protocols ());
739     else
740 pcg 1.59 {
741 pcg 1.73 slog (L_TRACE, _("%s: direct connection denied by config."), conf->nodename);
742 pcg 1.59 protocol = 0;
743     }
744 pcg 1.6
745     si.set (conf, protocol);
746 pcg 1.1 }
747    
748 pcg 1.8 // ensure sockinfo is valid, forward if necessary
749     const sockinfo &
750     connection::forward_si (const sockinfo &si) const
751     {
752     if (!si.valid ())
753     {
754 pcg 1.73 connection *r = vpn->find_router_for (this);
755 pcg 1.8
756     if (r)
757     {
758 pcg 1.73 slog (L_DEBUG, _("%s: no common protocol, trying to route through %s."),
759     conf->nodename, r->conf->nodename);
760 pcg 1.8 return r->si;
761     }
762     else
763 pcg 1.73 slog (L_DEBUG, _("%s: node unreachable, no common protocol or no router available."),
764 pcg 1.8 conf->nodename);
765     }
766    
767     return si;
768     }
769    
770 pcg 1.1 void
771 pcg 1.10 connection::send_vpn_packet (vpn_packet *pkt, const sockinfo &si, int tos)
772     {
773 pcg 1.46 if (!vpn->send_vpn_packet (pkt, si, tos))
774 root 1.108 reset_connection ("packet send error");
775 pcg 1.10 }
776    
777     void
778 pcg 1.1 connection::send_ping (const sockinfo &si, u8 pong)
779     {
780     ping_packet *pkt = new ping_packet;
781    
782     pkt->setup (conf->id, pong ? ping_packet::PT_PONG : ping_packet::PT_PING);
783 pcg 1.73
784 pcg 1.79 slog (L_TRACE, "%s << %s [%s]", conf->nodename, pong ? "PT_PONG" : "PT_PING", (const char *)si);
785 pcg 1.10 send_vpn_packet (pkt, si, IPTOS_LOWDELAY);
786 pcg 1.1
787     delete pkt;
788     }
789    
790     void
791     connection::send_reset (const sockinfo &si)
792     {
793     if (reset_rate_limiter.can (si) && connectmode != conf_node::C_DISABLED)
794     {
795     config_packet *pkt = new config_packet;
796    
797     pkt->setup (vpn_packet::PT_RESET, conf->id);
798 pcg 1.10 send_vpn_packet (pkt, si, IPTOS_MINCOST);
799 pcg 1.1
800     delete pkt;
801     }
802     }
803    
804     void
805     connection::send_auth_request (const sockinfo &si, bool initiate)
806     {
807     auth_req_packet *pkt = new auth_req_packet (conf->id, initiate, THISNODE->protocols);
808    
809 root 1.98 generate_auth_data ();
810     auth_encrypt (conf->rsa_key, snd_auth, pkt->encr);
811 pcg 1.1
812 pcg 1.81 slog (L_TRACE, "%s << PT_AUTH_REQ [%s]", conf->nodename, (const char *)si);
813 pcg 1.10 send_vpn_packet (pkt, si, IPTOS_RELIABILITY | IPTOS_LOWDELAY); // rsa is very very costly
814 pcg 1.1
815 pcg 1.6 delete pkt;
816 pcg 1.1 }
817    
818     void
819 root 1.98 connection::send_auth_response (const sockinfo &si)
820 pcg 1.1 {
821     auth_res_packet *pkt = new auth_res_packet (conf->id);
822    
823 root 1.104 memcpy (pkt->response.ecdh, rcv_ecdh_b, sizeof rcv_ecdh_b);
824     auth_hash (rcv_auth, rcv_ecdh_b, pkt->response.mac);
825 pcg 1.1
826 pcg 1.80 slog (L_TRACE, "%s << PT_AUTH_RES [%s]", conf->nodename, (const char *)si);
827 pcg 1.10 send_vpn_packet (pkt, si, IPTOS_RELIABILITY); // rsa is very very costly
828 pcg 1.1
829     delete pkt;
830     }
831    
832     void
833     connection::send_connect_info (int rid, const sockinfo &rsi, u8 rprotocols)
834     {
835 root 1.93 slog (L_TRACE, "%s << PT_CONNECT_INFO(%s,%s,p%02x)", conf->nodename,
836     vpn->conns[rid - 1]->conf->nodename, (const char *)rsi,
837     conf->protocols);
838 pcg 1.1
839     connect_info_packet *r = new connect_info_packet (conf->id, rid, rsi, rprotocols);
840    
841     r->hmac_set (octx);
842 pcg 1.10 send_vpn_packet (r, si);
843 pcg 1.1
844     delete r;
845     }
846    
847 pcg 1.66 inline void
848 pcg 1.60 connection::establish_connection_cb (ev::timer &w, int revents)
849 pcg 1.1 {
850 root 1.92 if (!(ictx && octx)
851 pcg 1.25 && conf != THISNODE
852     && connectmode != conf_node::C_NEVER
853     && connectmode != conf_node::C_DISABLED
854 pcg 1.60 && !w.is_active ())
855 pcg 1.1 {
856 pcg 1.67 // a bit hacky, if ondemand, and packets are no longer queued, then reset the connection
857     // and stop trying. should probably be handled by a per-connection expire handler.
858     if (connectmode == conf_node::C_ONDEMAND && vpn_queue.empty () && data_queue.empty ())
859     {
860 root 1.108 reset_connection ("no demand");
861 pcg 1.67 return;
862     }
863    
864 pcg 1.68 last_establish_attempt = ev_now ();
865    
866 pcg 1.60 ev::tstamp retry_int = ev::tstamp (retry_cnt & 3
867     ? (retry_cnt & 3) + 1
868     : 1 << (retry_cnt >> 2));
869 pcg 1.1
870 pcg 1.47 reset_si ();
871 pcg 1.1
872 root 1.109 bool slow = (si.prot & PROT_SLOW) || (conf->low_power || THISNODE->low_power);
873 pcg 1.8
874 pcg 1.73 if (si.prot && !si.host && vpn->can_direct (THISNODE, conf))
875 pcg 1.60 {
876     /*TODO*/ /* start the timer so we don't recurse endlessly */
877     w.start (1);
878 pcg 1.74 vpn->send_connect_request (this);
879 pcg 1.60 }
880 pcg 1.8 else
881 pcg 1.1 {
882 pcg 1.73 if (si.valid ())
883     slog (L_DEBUG, _("%s: sending direct connection request to %s."),
884     conf->nodename, (const char *)si);
885 pcg 1.61
886 pcg 1.8 const sockinfo &dsi = forward_si (si);
887 pcg 1.6
888 pcg 1.47 slow = slow || (dsi.prot & PROT_SLOW);
889    
890 pcg 1.8 if (dsi.valid () && auth_rate_limiter.can (dsi))
891     {
892 root 1.109 // use ping after the first few retries
893     // TODO: on rekeys, the other node might not interpret ping correctly,
894     // TODO: as it will still have a valid connection
895     if (retry_cnt < 4 && (!conf->low_power || THISNODE->low_power))
896 pcg 1.8 send_auth_request (dsi, true);
897     else
898     send_ping (dsi, 0);
899     }
900 pcg 1.1 }
901 pcg 1.47
902 root 1.109 retry_int *= slow ? 4. : 0.9;
903 pcg 1.47
904     if (retry_int < conf->max_retry)
905     retry_cnt++;
906     else
907     retry_int = conf->max_retry;
908    
909 pcg 1.60 w.start (retry_int);
910 pcg 1.1 }
911     }
912    
913     void
914 root 1.108 connection::reset_connection (const char *reason)
915 pcg 1.1 {
916     if (ictx && octx)
917     {
918 root 1.108 slog (L_INFO, _("%s(%s): connection lost (%s)"),
919     conf->nodename, (const char *)si, reason);
920 pcg 1.1
921     if (::conf.script_node_down)
922 pcg 1.64 {
923 pcg 1.70 run_script_cb *cb = new run_script_cb;
924     cb->set<connection, &connection::script_node_down> (this);
925     run_script_queued (cb, _("node-down command execution failed, continuing."));
926 pcg 1.64 }
927 pcg 1.1 }
928    
929     delete ictx; ictx = 0;
930     delete octx; octx = 0;
931    
932 pcg 1.38 si.host = 0;
933 pcg 1.1
934 root 1.98 have_snd_auth = false;
935     have_rcv_auth = false;
936     auth_expire = 0.;
937    
938 pcg 1.73 last_activity = 0.;
939     //last_si_change = 0.;
940 pcg 1.1 retry_cnt = 0;
941    
942 pcg 1.25 rekey.stop ();
943     keepalive.stop ();
944     establish_connection.stop ();
945 pcg 1.1 }
946    
947     void
948     connection::shutdown ()
949     {
950     if (ictx && octx)
951     send_reset (si);
952    
953 root 1.108 reset_connection ("shutdown");
954 pcg 1.1 }
955    
956 pcg 1.73 // poor-man's rekeying
957 pcg 1.66 inline void
958 pcg 1.60 connection::rekey_cb (ev::timer &w, int revents)
959 pcg 1.1 {
960 root 1.108 reset_connection ("rekeying");
961 pcg 1.1 establish_connection ();
962     }
963    
964     void
965 pcg 1.21 connection::send_data_packet (tap_packet *pkt)
966 pcg 1.1 {
967     vpndata_packet *p = new vpndata_packet;
968     int tos = 0;
969    
970 pcg 1.12 // I am not hilarious about peeking into packets, but so be it.
971 pcg 1.21 if (conf->inherit_tos && pkt->is_ipv4 ())
972 pcg 1.1 tos = (*pkt)[15] & IPTOS_TOS_MASK;
973    
974 pcg 1.21 p->setup (this, conf->id, &((*pkt)[6 + 6]), pkt->len - 6 - 6, ++oseqno); // skip 2 macs
975 pcg 1.10 send_vpn_packet (p, si, tos);
976 pcg 1.1
977     delete p;
978    
979     if (oseqno > MAX_SEQNO)
980     rekey ();
981     }
982    
983     void
984 pcg 1.68 connection::post_inject_queue ()
985     {
986     // force a connection every now and when when packets are sent (max 1/s)
987 root 1.109 if (ev_now () - last_establish_attempt >= (conf->low_power || THISNODE->low_power ? 2.95 : 0.95)) // arbitrary
988 pcg 1.68 establish_connection.stop ();
989    
990     establish_connection ();
991     }
992    
993     void
994     connection::inject_data_packet (tap_packet *pkt)
995 pcg 1.1 {
996     if (ictx && octx)
997 pcg 1.21 send_data_packet (pkt);
998 pcg 1.1 else
999     {
1000 pcg 1.68 data_queue.put (new tap_packet (*pkt));
1001     post_inject_queue ();
1002 pcg 1.1 }
1003     }
1004    
1005 root 1.90 void
1006     connection::inject_vpn_packet (vpn_packet *pkt, int tos)
1007 pcg 1.8 {
1008     if (ictx && octx)
1009 pcg 1.10 send_vpn_packet (pkt, si, tos);
1010 pcg 1.8 else
1011 pcg 1.12 {
1012 pcg 1.28 vpn_queue.put ((vpn_packet *)new data_packet (*(data_packet *)pkt));
1013 pcg 1.68 post_inject_queue ();
1014 pcg 1.12 }
1015 pcg 1.8 }
1016    
1017 pcg 1.1 void
1018     connection::recv_vpn_packet (vpn_packet *pkt, const sockinfo &rsi)
1019     {
1020 pcg 1.62 last_activity = ev_now ();
1021 pcg 1.1
1022 root 1.91 slog (L_NOISE, "%s >> received packet type %d from %d to %d.",
1023 pcg 1.79 conf->nodename, pkt->typ (), pkt->src (), pkt->dst ());
1024 pcg 1.1
1025 pcg 1.61 if (connectmode == conf_node::C_DISABLED)
1026     return;
1027    
1028 pcg 1.1 switch (pkt->typ ())
1029     {
1030 pcg 1.3 case vpn_packet::PT_PING:
1031 pcg 1.79 slog (L_TRACE, "%s >> PT_PING", conf->nodename);
1032    
1033 pcg 1.3 // we send pings instead of auth packets after some retries,
1034     // so reset the retry counter and establish a connection
1035     // when we receive a ping.
1036 root 1.89 if (!ictx)
1037 pcg 1.3 {
1038     if (auth_rate_limiter.can (rsi))
1039     send_auth_request (rsi, true);
1040     }
1041     else
1042 root 1.89 // we would love to change the socket address here, but ping's aren't
1043 pcg 1.73 // authenticated, so we best ignore it.
1044 pcg 1.3 send_ping (rsi, 1); // pong
1045    
1046     break;
1047    
1048     case vpn_packet::PT_PONG:
1049 pcg 1.79 slog (L_TRACE, "%s >> PT_PONG", conf->nodename);
1050 root 1.89
1051     // a PONG might mean that the other side doesn't really know
1052     // about our desire for communication.
1053     establish_connection ();
1054 pcg 1.3 break;
1055    
1056     case vpn_packet::PT_RESET:
1057 root 1.108 slog (L_TRACE, "%s >> PT_RESET", conf->nodename);
1058    
1059     if (ictx && octx)
1060     {
1061     reset_connection ("remote reset");
1062    
1063     config_packet *p = (config_packet *) pkt;
1064 pcg 1.3
1065 root 1.108 if (p->chk_config (conf, rsi) && connectmode == conf_node::C_ALWAYS)
1066     establish_connection ();
1067     }
1068 pcg 1.3
1069     break;
1070    
1071     case vpn_packet::PT_AUTH_REQ:
1072     if (auth_rate_limiter.can (rsi))
1073     {
1074 root 1.93 auth_req_packet *p = (auth_req_packet *)pkt;
1075 pcg 1.3
1076 root 1.93 slog (L_TRACE, "%s >> PT_AUTH_REQ(%s,p%02x,f%02x)",
1077     conf->nodename, p->initiate ? "initiate" : "reply",
1078     p->protocols, p->features);
1079 pcg 1.1
1080 root 1.103 if (memcmp (p->magic, MAGIC, 8))
1081     {
1082     slog (L_WARN, _("%s(%s): protocol magic mismatch - stray packet?"),
1083     conf->nodename, (const char *)rsi);
1084     }
1085     else if (p->chk_config (conf, rsi))
1086 pcg 1.3 {
1087     if (p->prot_minor != PROTOCOL_MINOR)
1088     slog (L_INFO, _("%s(%s): protocol minor version mismatch: ours is %d, %s's is %d."),
1089     conf->nodename, (const char *)rsi,
1090     PROTOCOL_MINOR, conf->nodename, p->prot_minor);
1091    
1092     if (p->initiate)
1093 root 1.108 {
1094     send_auth_request (rsi, false);
1095    
1096     if (ictx && octx)
1097     reset_connection ("reconnect");
1098     }
1099 pcg 1.3
1100 root 1.98 auth_data auth;
1101 pcg 1.3
1102 root 1.98 if (!auth_decrypt (::conf.rsa_key, p->encr, auth))
1103 pcg 1.23 {
1104     slog (L_ERR, _("%s(%s): challenge illegal or corrupted (%s). mismatched key or config file?"),
1105     conf->nodename, (const char *)rsi, ERR_error_string (ERR_get_error (), 0));
1106     }
1107 pcg 1.3 else
1108     {
1109 root 1.110 bool chg = !have_rcv_auth || !slow_memeq (&rcv_auth, &auth, sizeof auth);
1110 pcg 1.1
1111 root 1.98 rcv_auth = auth;
1112     have_rcv_auth = true;
1113 pcg 1.1
1114 root 1.98 send_auth_response (rsi);
1115 pcg 1.10
1116 root 1.98 if (chg)
1117     {
1118     conf->protocols = p->protocols;
1119     features = p->features & config_packet::get_features ();
1120 pcg 1.3
1121 root 1.98 connection_established (rsi);
1122     }
1123     }
1124 pcg 1.10
1125 root 1.98 break;
1126 pcg 1.3 }
1127    
1128     send_reset (rsi);
1129 pcg 1.1 }
1130    
1131 pcg 1.3 break;
1132    
1133     case vpn_packet::PT_AUTH_RES:
1134 pcg 1.1 {
1135 pcg 1.79 auth_res_packet *p = (auth_res_packet *)pkt;
1136 pcg 1.1
1137 pcg 1.81 slog (L_TRACE, "%s >> PT_AUTH_RES", conf->nodename);
1138 pcg 1.1
1139 root 1.104 auth_mac local_mac;
1140     auth_hash (snd_auth, p->response.ecdh, local_mac);
1141    
1142 root 1.110 if (!slow_memeq (&p->response.mac, local_mac, sizeof local_mac))
1143 pcg 1.1 {
1144 root 1.103 slog (L_ERR, _("%s(%s): unrequested or outdated auth response, ignoring."),
1145     conf->nodename, (const char *)rsi);
1146     }
1147     else if (!have_snd_auth)
1148     {
1149 root 1.104 memcpy (snd_ecdh_b, p->response.ecdh, sizeof snd_ecdh_b);
1150 root 1.98
1151 root 1.103 have_snd_auth = true;
1152     connection_established (rsi);
1153 pcg 1.1 }
1154     }
1155 pcg 1.3 break;
1156 pcg 1.1
1157 pcg 1.3 case vpn_packet::PT_DATA_COMPRESSED:
1158     #if !ENABLE_COMPRESSION
1159     send_reset (rsi);
1160     break;
1161     #endif
1162 pcg 1.1
1163 pcg 1.3 case vpn_packet::PT_DATA_UNCOMPRESSED:
1164 pcg 1.1
1165 pcg 1.3 if (ictx && octx)
1166 pcg 1.1 {
1167 pcg 1.3 vpndata_packet *p = (vpndata_packet *)pkt;
1168 pcg 1.1
1169 pcg 1.10 if (!p->hmac_chk (ictx))
1170 root 1.108 {
1171     // rekeying often creates temporary hmac auth floods
1172     // we assume they don't take longer than a few seconds normally,
1173     // and suppress messages and resets during that time.
1174     //TODO: should be done per source address
1175     if (!hmac_error)
1176     {
1177     hmac_error = ev_now () + 3;
1178     break;
1179     }
1180     else if (hmac_error >= ev_now ())
1181     break; // silently suppress
1182     else
1183     {
1184     slog (L_ERR, _("%s(%s): hmac authentication error, received invalid packet\n"
1185     "could be an attack, or just corruption or a synchronization error."),
1186     conf->nodename, (const char *)rsi);
1187     // reset
1188     }
1189     }
1190 pcg 1.10 else
1191 pcg 1.1 {
1192 pcg 1.10 u32 seqno;
1193     tap_packet *d = p->unpack (this, seqno);
1194 pcg 1.73 int seqclass = iseqno.seqno_classify (seqno);
1195 pcg 1.10
1196 root 1.108 hmac_error = 0;
1197    
1198 pcg 1.73 if (seqclass == 0) // ok
1199 pcg 1.1 {
1200 pcg 1.10 vpn->tap->send (d);
1201 pcg 1.1
1202 pcg 1.10 if (si != rsi)
1203 pcg 1.1 {
1204 pcg 1.56 // fast re-sync on source address changes, useful especially for tcp/ip
1205 pcg 1.73 //if (last_si_change < ev_now () + 5.)
1206     // {
1207 pcg 1.78 slog (L_INFO, _("%s(%s): changing socket address to %s."),
1208     conf->nodename, (const char *)si, (const char *)rsi);
1209    
1210 pcg 1.73 si = rsi;
1211 pcg 1.84
1212     if (::conf.script_node_change)
1213     {
1214     run_script_cb *cb = new run_script_cb;
1215     cb->set<connection, &connection::script_node_change> (this);
1216     run_script_queued (cb, _("node-change command execution failed, continuing."));
1217     }
1218    
1219 pcg 1.73 // }
1220     //else
1221     // slog (L_INFO, _("%s(%s): accepted packet from %s, not (yet) redirecting traffic."),
1222     // conf->nodename, (const char *)si, (const char *)rsi);
1223 pcg 1.10 }
1224 pcg 1.32 }
1225 pcg 1.75 else if (seqclass == 1) // far history
1226     slog (L_ERR, _("received very old packet (received %08lx, expected %08lx). "
1227     "possible replay attack, or just packet duplication/delay, ignoring."), seqno, iseqno.seq + 1);
1228     else if (seqclass == 2) // in-window duplicate, happens often on wireless
1229     slog (L_DEBUG, _("received recent duplicated packet (received %08lx, expected %08lx). "
1230     "possible replay attack, or just packet duplication, ignoring."), seqno, iseqno.seq + 1);
1231     else if (seqclass == 3) // reset
1232 pcg 1.73 {
1233 pcg 1.75 slog (L_ERR, _("received out-of-sync (far future) packet (received %08lx, expected %08lx). "
1234     "probably just massive packet loss, sending reset."), seqno, iseqno.seq + 1);
1235 pcg 1.73 send_reset (rsi);
1236     }
1237 pcg 1.3
1238 pcg 1.32 delete d;
1239     break;
1240 pcg 1.1 }
1241     }
1242    
1243 pcg 1.3 send_reset (rsi);
1244     break;
1245 pcg 1.1
1246 pcg 1.3 case vpn_packet::PT_CONNECT_REQ:
1247     if (ictx && octx && rsi == si && pkt->hmac_chk (ictx))
1248     {
1249 pcg 1.84 connect_req_packet *p = (connect_req_packet *)pkt;
1250 pcg 1.1
1251 pcg 1.57 if (p->id > 0 && p->id <= vpn->conns.size ())
1252     {
1253     connection *c = vpn->conns[p->id - 1];
1254     conf->protocols = p->protocols;
1255 pcg 1.1
1256 root 1.93 slog (L_TRACE, "%s >> PT_CONNECT_REQ(%s,p%02x) [%d]",
1257     conf->nodename, vpn->conns[p->id - 1]->conf->nodename,
1258     p->protocols,
1259     c->ictx && c->octx);
1260 pcg 1.1
1261 pcg 1.57 if (c->ictx && c->octx)
1262     {
1263     // send connect_info packets to both sides, in case one is
1264     // behind a nat firewall (or both ;)
1265     c->send_connect_info (conf->id, si, conf->protocols);
1266     send_connect_info (c->conf->id, c->si, c->conf->protocols);
1267     }
1268     else
1269     c->establish_connection ();
1270 pcg 1.3 }
1271 pcg 1.11 else
1272 pcg 1.57 slog (L_WARN,
1273     _("received authenticated connection request from unknown node #%d, config file mismatch?"),
1274     p->id);
1275 pcg 1.3 }
1276 pcg 1.1
1277 pcg 1.3 break;
1278 pcg 1.1
1279 pcg 1.3 case vpn_packet::PT_CONNECT_INFO:
1280     if (ictx && octx && rsi == si && pkt->hmac_chk (ictx))
1281     {
1282 pcg 1.39 connect_info_packet *p = (connect_info_packet *)pkt;
1283 pcg 1.1
1284 pcg 1.57 if (p->id > 0 && p->id <= vpn->conns.size ())
1285 pcg 1.39 {
1286     connection *c = vpn->conns[p->id - 1];
1287 pcg 1.7
1288 pcg 1.39 c->conf->protocols = p->protocols;
1289     protocol = best_protocol (c->conf->protocols & THISNODE->protocols & p->si.supported_protocols (c->conf));
1290     p->si.upgrade_protocol (protocol, c->conf);
1291 pcg 1.1
1292 root 1.96 slog (L_TRACE, "%s >> PT_CONNECT_INFO(%s,%s,protocols=%02x,protocol=%02x,upgradable=%02x) [%d]",
1293 root 1.93 conf->nodename,
1294     vpn->conns[p->id - 1]->conf->nodename,
1295     (const char *)p->si,
1296     p->protocols,
1297 root 1.96 protocol,
1298     p->si.supported_protocols (c->conf),
1299 root 1.93 !c->ictx && !c->octx);
1300 pcg 1.7
1301 pcg 1.39 const sockinfo &dsi = forward_si (p->si);
1302 pcg 1.1
1303 pcg 1.39 if (dsi.valid ())
1304     c->send_auth_request (dsi, true);
1305 root 1.96 else
1306     slog (L_INFO, "connect info for %s received (%s), but still unable to contact.",
1307     vpn->conns[p->id - 1]->conf->nodename,
1308     (const char *)p->si);
1309 pcg 1.39 }
1310 pcg 1.57 else
1311     slog (L_WARN,
1312     _("received authenticated connection request from unknown node #%d, config file mismatch?"),
1313     p->id);
1314 pcg 1.3 }
1315 pcg 1.1
1316 pcg 1.3 break;
1317 pcg 1.1
1318 pcg 1.3 default:
1319     send_reset (rsi);
1320     break;
1321 pcg 1.1 }
1322     }
1323    
1324 pcg 1.66 inline void
1325     connection::keepalive_cb (ev::timer &w, int revents)
1326 pcg 1.1 {
1327 root 1.97 ev_tstamp when = last_activity + ::conf.keepalive - ev::now ();
1328    
1329     if (when >= 0)
1330     w.start (when);
1331     else if (when < -15)
1332 pcg 1.1 {
1333 root 1.108 reset_connection ("keepalive overdue");
1334 pcg 1.1 establish_connection ();
1335     }
1336     else if (conf->connectmode != conf_node::C_ONDEMAND
1337     || THISNODE->connectmode != conf_node::C_ONDEMAND)
1338     {
1339 root 1.97 w.start (3);
1340 pcg 1.1 send_ping (si);
1341     }
1342 root 1.97 else if (when >= -10)
1343 pcg 1.12 // hold ondemand connections implicitly a few seconds longer
1344     // should delete octx, though, or something like that ;)
1345 root 1.97 w.start (when + 10);
1346 pcg 1.1 else
1347 root 1.108 reset_connection ("keepalive timeout");
1348 pcg 1.1 }
1349    
1350 root 1.90 void
1351     connection::send_connect_request (int id)
1352 pcg 1.1 {
1353 root 1.93 connect_req_packet *p = new connect_req_packet (conf->id, id, THISNODE->protocols);
1354 pcg 1.1
1355 root 1.93 slog (L_TRACE, "%s << PT_CONNECT_REQ(%s,p%02x)",
1356     conf->nodename, vpn->conns[id - 1]->conf->nodename,
1357     THISNODE->protocols);
1358 pcg 1.1 p->hmac_set (octx);
1359 pcg 1.10 send_vpn_packet (p, si);
1360 pcg 1.1
1361     delete p;
1362     }
1363    
1364 root 1.90 void
1365     connection::script_init_env (const char *ext)
1366 pcg 1.53 {
1367     char *env;
1368     asprintf (&env, "IFUPDATA%s=%s", ext, conf->if_up_data); putenv (env);
1369 pcg 1.84 asprintf (&env, "NODENAME%s=%s", ext, conf->nodename); putenv (env);
1370 pcg 1.53 asprintf (&env, "MAC%s=%02x:%02x:%02x:%02x:%02x:%02x", ext,
1371     0xfe, 0xfd, 0x80, 0x00, conf->id >> 8,
1372 pcg 1.84 conf->id & 0xff); putenv (env);
1373 pcg 1.53 }
1374    
1375 root 1.90 void
1376     connection::script_init_connect_env ()
1377 pcg 1.1 {
1378 pcg 1.52 vpn->script_init_env ();
1379 pcg 1.1
1380     char *env;
1381 pcg 1.84 asprintf (&env, "DESTID=%d", conf->id); putenv (env);
1382     asprintf (&env, "DESTSI=%s", (const char *)si); putenv (env);
1383     asprintf (&env, "DESTNODE=%s", conf->nodename); putenv (env);
1384     asprintf (&env, "DESTIP=%s", si.ntoa ()); putenv (env);
1385     asprintf (&env, "DESTPORT=%d", ntohs (si.port)); putenv (env);
1386 pcg 1.1 }
1387    
1388 pcg 1.66 inline const char *
1389     connection::script_node_up ()
1390 pcg 1.1 {
1391 pcg 1.53 script_init_connect_env ();
1392 pcg 1.1
1393 pcg 1.60 putenv ((char *)"STATE=up");
1394 pcg 1.1
1395 pcg 1.52 char *filename;
1396     asprintf (&filename,
1397     "%s/%s",
1398     confbase,
1399     ::conf.script_node_up ? ::conf.script_node_up : "node-up");
1400 pcg 1.54
1401     return filename;
1402 pcg 1.1 }
1403    
1404 pcg 1.66 inline const char *
1405 pcg 1.84 connection::script_node_change ()
1406     {
1407     script_init_connect_env ();
1408    
1409     putenv ((char *)"STATE=change");
1410    
1411     char *filename;
1412     asprintf (&filename,
1413     "%s/%s",
1414     confbase,
1415     ::conf.script_node_change ? ::conf.script_node_change : "node-change");
1416    
1417     return filename;
1418     }
1419    
1420     inline const char *
1421 pcg 1.66 connection::script_node_down ()
1422 pcg 1.1 {
1423 pcg 1.53 script_init_connect_env ();
1424 pcg 1.1
1425 pcg 1.60 putenv ((char *)"STATE=down");
1426 pcg 1.1
1427 pcg 1.52 char *filename;
1428     asprintf (&filename,
1429     "%s/%s",
1430     confbase,
1431     ::conf.script_node_down ? ::conf.script_node_down : "node-down");
1432 pcg 1.54
1433     return filename;
1434 pcg 1.1 }
1435    
1436 pcg 1.40 connection::connection (struct vpn *vpn, conf_node *conf)
1437 pcg 1.67 : vpn(vpn), conf(conf),
1438 pcg 1.40 #if ENABLE_DNS
1439 pcg 1.67 dns (0),
1440 pcg 1.40 #endif
1441 pcg 1.72 data_queue(conf->max_ttl, conf->max_queue + 1),
1442     vpn_queue(conf->max_ttl, conf->max_queue + 1)
1443 pcg 1.1 {
1444 pcg 1.65 rekey .set<connection, &connection::rekey_cb > (this);
1445     keepalive .set<connection, &connection::keepalive_cb > (this);
1446     establish_connection.set<connection, &connection::establish_connection_cb> (this);
1447    
1448 pcg 1.68 last_establish_attempt = 0.;
1449 pcg 1.1 octx = ictx = 0;
1450    
1451 pcg 1.67 connectmode = conf->connectmode;
1452    
1453     // queue a dummy packet to force an initial connection attempt
1454     if (connectmode != conf_node::C_ALWAYS && connectmode != conf_node::C_DISABLED)
1455 pcg 1.68 vpn_queue.put (new net_packet);
1456 pcg 1.67
1457 root 1.108 reset_connection ("startup");
1458 pcg 1.1 }
1459    
1460     connection::~connection ()
1461     {
1462     shutdown ();
1463     }
1464    
1465 root 1.90 void
1466     connection_init ()
1467 pcg 1.1 {
1468     auth_rate_limiter.clear ();
1469     reset_rate_limiter.clear ();
1470     }
1471