ViewVC Help
View File | Revision Log | Show Annotations | Download File
/cvs/gvpe/src/connection.C
Revision: 1.4
Committed: Wed Apr 2 21:02:25 2003 UTC (21 years, 1 month ago) by pcg
Content type: text/plain
Branch: MAIN
Changes since 1.3: +13 -13 lines
Log Message: 
§§

File Contents

# User Rev Content
1 pcg 1.1 /*
2     connection.C -- manage a single connection
3    
4     This program is free software; you can redistribute it and/or modify
5     it under the terms of the GNU General Public License as published by
6     the Free Software Foundation; either version 2 of the License, or
7     (at your option) any later version.
8    
9     This program is distributed in the hope that it will be useful,
10     but WITHOUT ANY WARRANTY; without even the implied warranty of
11     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12     GNU General Public License for more details.
13    
14     You should have received a copy of the GNU General Public License
15     along with this program; if not, write to the Free Software
16     Foundation, Inc. 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
17     */
18    
19     #include "config.h"
20    
21     extern "C" {
22     # include "lzf/lzf.h"
23     }
24    
25     #include <list>
26    
27 pcg 1.2 #include <openssl/rand.h>
28     #include <openssl/evp.h>
29     #include <openssl/rsa.h>
30     #include <openssl/err.h>
31    
32 pcg 1.1 #include "gettext.h"
33    
34     #include "conf.h"
35     #include "slog.h"
36     #include "device.h"
37 pcg 1.2 #include "vpn.h"
38 pcg 1.1 #include "connection.h"
39    
40     #if !HAVE_RAND_PSEUDO_BYTES
41     # define RAND_pseudo_bytes RAND_bytes
42     #endif
43    
44     #define MAGIC "vped\xbd\xc6\xdb\x82" // 8 bytes of magic
45    
46     struct crypto_ctx
47     {
48     EVP_CIPHER_CTX cctx;
49     HMAC_CTX hctx;
50    
51     crypto_ctx (const rsachallenge &challenge, int enc);
52     ~crypto_ctx ();
53     };
54    
55     crypto_ctx::crypto_ctx (const rsachallenge &challenge, int enc)
56     {
57     EVP_CIPHER_CTX_init (&cctx);
58     EVP_CipherInit_ex (&cctx, CIPHER, 0, &challenge[CHG_CIPHER_KEY], 0, enc);
59     HMAC_CTX_init (&hctx);
60     HMAC_Init_ex (&hctx, &challenge[CHG_HMAC_KEY], HMAC_KEYLEN, DIGEST, 0);
61     }
62    
63     crypto_ctx::~crypto_ctx ()
64     {
65     EVP_CIPHER_CTX_cleanup (&cctx);
66     HMAC_CTX_cleanup (&hctx);
67     }
68    
69     static void
70     rsa_hash (const rsaid &id, const rsachallenge &chg, rsaresponse &h)
71     {
72     EVP_MD_CTX ctx;
73    
74     EVP_MD_CTX_init (&ctx);
75     EVP_DigestInit (&ctx, RSA_HASH);
76     EVP_DigestUpdate(&ctx, &chg, sizeof chg);
77     EVP_DigestUpdate(&ctx, &id, sizeof id);
78     EVP_DigestFinal (&ctx, (unsigned char *)&h, 0);
79     EVP_MD_CTX_cleanup (&ctx);
80     }
81    
82     struct rsa_entry {
83     tstamp expire;
84     rsaid id;
85     rsachallenge chg;
86     };
87    
88     struct rsa_cache : list<rsa_entry>
89     {
90 pcg 1.4 void cleaner_cb (time_watcher &w); time_watcher cleaner;
91 pcg 1.1
92     bool find (const rsaid &id, rsachallenge &chg)
93     {
94     for (iterator i = begin (); i != end (); ++i)
95     {
96     if (!memcmp (&id, &i->id, sizeof id) && i->expire > NOW)
97     {
98     memcpy (&chg, &i->chg, sizeof chg);
99    
100     erase (i);
101     return true;
102     }
103     }
104    
105     if (cleaner.at < NOW)
106     cleaner.start (NOW + RSA_TTL);
107    
108     return false;
109     }
110    
111     void gen (rsaid &id, rsachallenge &chg)
112     {
113     rsa_entry e;
114    
115     RAND_bytes ((unsigned char *)&id, sizeof id);
116     RAND_bytes ((unsigned char *)&chg, sizeof chg);
117    
118     e.expire = NOW + RSA_TTL;
119     e.id = id;
120     memcpy (&e.chg, &chg, sizeof chg);
121    
122     push_back (e);
123    
124     if (cleaner.at < NOW)
125     cleaner.start (NOW + RSA_TTL);
126     }
127    
128     rsa_cache ()
129     : cleaner (this, &rsa_cache::cleaner_cb)
130     { }
131    
132     } rsa_cache;
133    
134 pcg 1.4 void rsa_cache::cleaner_cb (time_watcher &w)
135 pcg 1.1 {
136     if (empty ())
137 pcg 1.4 w.at = TSTAMP_CANCEL;
138 pcg 1.1 else
139     {
140 pcg 1.4 w.at = NOW + RSA_TTL;
141 pcg 1.1
142     for (iterator i = begin (); i != end (); )
143     if (i->expire <= NOW)
144     i = erase (i);
145     else
146     ++i;
147     }
148     }
149    
150     //////////////////////////////////////////////////////////////////////////////
151    
152     void pkt_queue::put (tap_packet *p)
153     {
154     if (queue[i])
155     {
156     delete queue[i];
157     j = (j + 1) % QUEUEDEPTH;
158     }
159    
160     queue[i] = p;
161    
162     i = (i + 1) % QUEUEDEPTH;
163     }
164    
165     tap_packet *pkt_queue::get ()
166     {
167     tap_packet *p = queue[j];
168    
169     if (p)
170     {
171     queue[j] = 0;
172     j = (j + 1) % QUEUEDEPTH;
173     }
174    
175     return p;
176     }
177    
178     pkt_queue::pkt_queue ()
179     {
180     memset (queue, 0, sizeof (queue));
181     i = 0;
182     j = 0;
183     }
184    
185     pkt_queue::~pkt_queue ()
186     {
187     for (i = QUEUEDEPTH; --i > 0; )
188     delete queue[i];
189     }
190    
191     struct net_rateinfo {
192     u32 host;
193     double pcnt, diff;
194     tstamp last;
195     };
196    
197     // only do action once every x seconds per host whole allowing bursts.
198     // this implementation ("splay list" ;) is inefficient,
199     // but low on resources.
200     struct net_rate_limiter : list<net_rateinfo>
201     {
202     static const double ALPHA = 1. - 1. / 90.; // allow bursts
203     static const double CUTOFF = 20.; // one event every CUTOFF seconds
204     static const double EXPIRE = CUTOFF * 30.; // expire entries after this time
205    
206     bool can (const sockinfo &si) { return can((u32)si.host); }
207     bool can (u32 host);
208     };
209    
210     net_rate_limiter auth_rate_limiter, reset_rate_limiter;
211    
212     bool net_rate_limiter::can (u32 host)
213     {
214     iterator i;
215    
216     for (i = begin (); i != end (); )
217     if (i->host == host)
218     break;
219     else if (i->last < NOW - EXPIRE)
220     i = erase (i);
221     else
222     i++;
223    
224     if (i == end ())
225     {
226     net_rateinfo ri;
227    
228     ri.host = host;
229     ri.pcnt = 1.;
230     ri.diff = CUTOFF * (1. / (1. - ALPHA));
231     ri.last = NOW;
232    
233     push_front (ri);
234    
235     return true;
236     }
237     else
238     {
239     net_rateinfo ri (*i);
240     erase (i);
241    
242     ri.pcnt = ri.pcnt * ALPHA;
243     ri.diff = ri.diff * ALPHA + (NOW - ri.last);
244    
245     ri.last = NOW;
246    
247     bool send = ri.diff / ri.pcnt > CUTOFF;
248    
249     if (send)
250     ri.pcnt++;
251    
252     push_front (ri);
253    
254     return send;
255     }
256     }
257    
258     /////////////////////////////////////////////////////////////////////////////
259    
260     unsigned char hmac_packet::hmac_digest[EVP_MAX_MD_SIZE];
261    
262     void hmac_packet::hmac_gen (crypto_ctx *ctx)
263     {
264     unsigned int xlen;
265    
266     HMAC_CTX *hctx = &ctx->hctx;
267    
268     HMAC_Init_ex (hctx, 0, 0, 0, 0);
269     HMAC_Update (hctx, ((unsigned char *) this) + sizeof (hmac_packet),
270     len - sizeof (hmac_packet));
271     HMAC_Final (hctx, (unsigned char *) &hmac_digest, &xlen);
272     }
273    
274     void
275     hmac_packet::hmac_set (crypto_ctx *ctx)
276     {
277     hmac_gen (ctx);
278    
279     memcpy (hmac, hmac_digest, HMACLENGTH);
280     }
281    
282     bool
283     hmac_packet::hmac_chk (crypto_ctx *ctx)
284     {
285     hmac_gen (ctx);
286    
287     return !memcmp (hmac, hmac_digest, HMACLENGTH);
288     }
289    
290     void vpn_packet::set_hdr (ptype type, unsigned int dst)
291     {
292     this->type = type;
293    
294     int src = THISNODE->id;
295    
296     src1 = src;
297     srcdst = ((src >> 8) << 4) | (dst >> 8);
298     dst1 = dst;
299     }
300    
301     #define MAXVPNDATA (MAX_MTU - 6 - 6)
302     #define DATAHDR (sizeof (u32) + RAND_SIZE)
303    
304     struct vpndata_packet:vpn_packet
305     {
306     u8 data[MAXVPNDATA + DATAHDR]; // seqno
307    
308     void setup (connection *conn, int dst, u8 *d, u32 len, u32 seqno);
309     tap_packet *unpack (connection *conn, u32 &seqno);
310     private:
311    
312     const u32 data_hdr_size () const
313     {
314     return sizeof (vpndata_packet) - sizeof (net_packet) - MAXVPNDATA - DATAHDR;
315     }
316     };
317    
318     void
319     vpndata_packet::setup (connection *conn, int dst, u8 *d, u32 l, u32 seqno)
320     {
321     EVP_CIPHER_CTX *cctx = &conn->octx->cctx;
322     int outl = 0, outl2;
323     ptype type = PT_DATA_UNCOMPRESSED;
324    
325     #if ENABLE_COMPRESSION
326     u8 cdata[MAX_MTU];
327     u32 cl;
328    
329     cl = lzf_compress (d, l, cdata + 2, (l - 2) & ~7);
330     if (cl)
331     {
332     type = PT_DATA_COMPRESSED;
333     d = cdata;
334     l = cl + 2;
335    
336     d[0] = cl >> 8;
337     d[1] = cl;
338     }
339     #endif
340    
341     EVP_EncryptInit_ex (cctx, 0, 0, 0, 0);
342    
343     struct {
344     #if RAND_SIZE
345     u8 rnd[RAND_SIZE];
346     #endif
347     u32 seqno;
348     } datahdr;
349    
350     datahdr.seqno = ntohl (seqno);
351     #if RAND_SIZE
352     RAND_pseudo_bytes ((unsigned char *) datahdr.rnd, RAND_SIZE);
353     #endif
354    
355     EVP_EncryptUpdate (cctx,
356     (unsigned char *) data + outl, &outl2,
357     (unsigned char *) &datahdr, DATAHDR);
358     outl += outl2;
359    
360     EVP_EncryptUpdate (cctx,
361     (unsigned char *) data + outl, &outl2,
362     (unsigned char *) d, l);
363     outl += outl2;
364    
365     EVP_EncryptFinal_ex (cctx, (unsigned char *) data + outl, &outl2);
366     outl += outl2;
367    
368     len = outl + data_hdr_size ();
369    
370     set_hdr (type, dst);
371    
372     hmac_set (conn->octx);
373     }
374    
375     tap_packet *
376     vpndata_packet::unpack (connection *conn, u32 &seqno)
377     {
378     EVP_CIPHER_CTX *cctx = &conn->ictx->cctx;
379     int outl = 0, outl2;
380     tap_packet *p = new tap_packet;
381     u8 *d;
382     u32 l = len - data_hdr_size ();
383    
384     EVP_DecryptInit_ex (cctx, 0, 0, 0, 0);
385    
386     #if ENABLE_COMPRESSION
387     u8 cdata[MAX_MTU];
388    
389     if (type == PT_DATA_COMPRESSED)
390     d = cdata;
391     else
392     #endif
393     d = &(*p)[6 + 6 - DATAHDR];
394    
395     /* this overwrites part of the src mac, but we fix that later */
396     EVP_DecryptUpdate (cctx,
397     d, &outl2,
398     (unsigned char *)&data, len - data_hdr_size ());
399     outl += outl2;
400    
401     EVP_DecryptFinal_ex (cctx, (unsigned char *)d + outl, &outl2);
402     outl += outl2;
403    
404     seqno = ntohl (*(u32 *)(d + RAND_SIZE));
405    
406     id2mac (dst () ? dst() : THISNODE->id, p->dst);
407     id2mac (src (), p->src);
408    
409     #if ENABLE_COMPRESSION
410     if (type == PT_DATA_COMPRESSED)
411     {
412     u32 cl = (d[DATAHDR] << 8) | d[DATAHDR + 1];
413    
414     p->len = lzf_decompress (d + DATAHDR + 2, cl < MAX_MTU ? cl : 0,
415     &(*p)[6 + 6], MAX_MTU)
416     + 6 + 6;
417     }
418     else
419     p->len = outl + (6 + 6 - DATAHDR);
420     #endif
421    
422     return p;
423     }
424    
425     struct ping_packet : vpn_packet
426     {
427     void setup (int dst, ptype type)
428     {
429     set_hdr (type, dst);
430     len = sizeof (*this) - sizeof (net_packet);
431     }
432     };
433    
434     struct config_packet : vpn_packet
435     {
436     // actually, hmaclen cannot be checked because the hmac
437     // field comes before this data, so peers with other
438     // hmacs simply will not work.
439     u8 prot_major, prot_minor, randsize, hmaclen;
440     u8 flags, challengelen, pad2, pad3;
441     u32 cipher_nid, digest_nid, hmac_nid;
442    
443     const u8 curflags () const
444     {
445     return 0x80
446     | (ENABLE_COMPRESSION ? 0x01 : 0x00);
447     }
448    
449     void setup (ptype type, int dst);
450     bool chk_config () const;
451     };
452    
453     void config_packet::setup (ptype type, int dst)
454     {
455     prot_major = PROTOCOL_MAJOR;
456     prot_minor = PROTOCOL_MINOR;
457     randsize = RAND_SIZE;
458     hmaclen = HMACLENGTH;
459     flags = curflags ();
460     challengelen = sizeof (rsachallenge);
461    
462     cipher_nid = htonl (EVP_CIPHER_nid (CIPHER));
463     digest_nid = htonl (EVP_MD_type (RSA_HASH));
464     hmac_nid = htonl (EVP_MD_type (DIGEST));
465    
466     len = sizeof (*this) - sizeof (net_packet);
467     set_hdr (type, dst);
468     }
469    
470     bool config_packet::chk_config () const
471     {
472     return prot_major == PROTOCOL_MAJOR
473     && randsize == RAND_SIZE
474     && hmaclen == HMACLENGTH
475     && flags == curflags ()
476     && challengelen == sizeof (rsachallenge)
477     && cipher_nid == htonl (EVP_CIPHER_nid (CIPHER))
478     && digest_nid == htonl (EVP_MD_type (RSA_HASH))
479     && hmac_nid == htonl (EVP_MD_type (DIGEST));
480     }
481    
482     struct auth_req_packet : config_packet
483     {
484     char magic[8];
485     u8 initiate; // false if this is just an automatic reply
486     u8 protocols; // supported protocols (will get patches on forward)
487     u8 pad2, pad3;
488     rsaid id;
489     rsaencrdata encr;
490    
491     auth_req_packet (int dst, bool initiate_, u8 protocols_)
492     {
493     config_packet::setup (PT_AUTH_REQ, dst);
494     strncpy (magic, MAGIC, 8);
495     initiate = !!initiate_;
496     protocols = protocols_;
497    
498     len = sizeof (*this) - sizeof (net_packet);
499     }
500     };
501    
502     struct auth_res_packet : config_packet
503     {
504     rsaid id;
505     u8 pad1, pad2, pad3;
506     u8 response_len; // encrypted length
507     rsaresponse response;
508    
509     auth_res_packet (int dst)
510     {
511     config_packet::setup (PT_AUTH_RES, dst);
512    
513     len = sizeof (*this) - sizeof (net_packet);
514     }
515     };
516    
517     struct connect_req_packet : vpn_packet
518     {
519     u8 id, protocols;
520     u8 pad1, pad2;
521    
522     connect_req_packet (int dst, int id_, u8 protocols_)
523     : id(id_)
524     , protocols(protocols_)
525     {
526     set_hdr (PT_CONNECT_REQ, dst);
527     len = sizeof (*this) - sizeof (net_packet);
528     }
529     };
530    
531     struct connect_info_packet : vpn_packet
532     {
533     u8 id, protocols;
534     u8 pad1, pad2;
535     sockinfo si;
536    
537     connect_info_packet (int dst, int id_, const sockinfo &si_, u8 protocols_)
538     : id(id_)
539     , protocols(protocols_)
540     , si(si_)
541     {
542     set_hdr (PT_CONNECT_INFO, dst);
543    
544     len = sizeof (*this) - sizeof (net_packet);
545     }
546     };
547    
548     /////////////////////////////////////////////////////////////////////////////
549    
550     void
551     connection::reset_dstaddr ()
552     {
553     si.set (conf);
554     }
555    
556     void
557     connection::send_ping (const sockinfo &si, u8 pong)
558     {
559     ping_packet *pkt = new ping_packet;
560    
561     pkt->setup (conf->id, pong ? ping_packet::PT_PONG : ping_packet::PT_PING);
562     send_vpn_packet (pkt, si, IPTOS_LOWDELAY);
563    
564     delete pkt;
565     }
566    
567     void
568     connection::send_reset (const sockinfo &si)
569     {
570     if (reset_rate_limiter.can (si) && connectmode != conf_node::C_DISABLED)
571     {
572     config_packet *pkt = new config_packet;
573    
574     pkt->setup (vpn_packet::PT_RESET, conf->id);
575     send_vpn_packet (pkt, si, IPTOS_MINCOST);
576    
577     delete pkt;
578     }
579     }
580    
581     void
582     connection::send_auth_request (const sockinfo &si, bool initiate)
583     {
584     auth_req_packet *pkt = new auth_req_packet (conf->id, initiate, THISNODE->protocols);
585    
586     protocol = best_protocol (THISNODE->protocols & conf->protocols);
587    
588 pcg 1.2 // mask out protocols we cannot establish
589     if (!conf->udp_port) protocol &= ~PROT_UDPv4;
590     if (!conf->tcp_port) protocol &= ~PROT_TCPv4;
591    
592     if (protocol)
593     {
594     rsachallenge chg;
595 pcg 1.1
596 pcg 1.2 rsa_cache.gen (pkt->id, chg);
597 pcg 1.1
598 pcg 1.2 if (0 > RSA_public_encrypt (sizeof chg,
599     (unsigned char *)&chg, (unsigned char *)&pkt->encr,
600     conf->rsa_key, RSA_PKCS1_OAEP_PADDING))
601     fatal ("RSA_public_encrypt error");
602 pcg 1.1
603 pcg 1.2 slog (L_TRACE, ">>%d PT_AUTH_REQ [%s]", conf->id, (const char *)si);
604 pcg 1.1
605 pcg 1.2 send_vpn_packet (pkt, si, IPTOS_RELIABILITY); // rsa is very very costly
606 pcg 1.1
607 pcg 1.2 delete pkt;
608     }
609     else
610     ; // silently fail
611 pcg 1.1 }
612    
613     void
614     connection::send_auth_response (const sockinfo &si, const rsaid &id, const rsachallenge &chg)
615     {
616     auth_res_packet *pkt = new auth_res_packet (conf->id);
617    
618     pkt->id = id;
619    
620     rsa_hash (id, chg, pkt->response);
621    
622     pkt->hmac_set (octx);
623    
624     slog (L_TRACE, ">>%d PT_AUTH_RES [%s]", conf->id, (const char *)si);
625    
626     send_vpn_packet (pkt, si, IPTOS_RELIABILITY); // rsa is very very costly
627    
628     delete pkt;
629     }
630    
631     void
632     connection::send_connect_info (int rid, const sockinfo &rsi, u8 rprotocols)
633     {
634     slog (L_TRACE, ">>%d PT_CONNECT_INFO(%d,%s)\n",
635     conf->id, rid, (const char *)rsi);
636    
637     connect_info_packet *r = new connect_info_packet (conf->id, rid, rsi, rprotocols);
638    
639     r->hmac_set (octx);
640     send_vpn_packet (r, si);
641    
642     delete r;
643     }
644    
645     void
646 pcg 1.4 connection::establish_connection_cb (time_watcher &w)
647 pcg 1.1 {
648     if (ictx || conf == THISNODE
649     || connectmode == conf_node::C_NEVER
650     || connectmode == conf_node::C_DISABLED)
651 pcg 1.4 w.at = TSTAMP_CANCEL;
652     else if (w.at <= NOW)
653 pcg 1.1 {
654     double retry_int = double (retry_cnt & 3 ? (retry_cnt & 3) : 1 << (retry_cnt >> 2)) * 0.6;
655    
656     if (retry_int < 3600 * 8)
657     retry_cnt++;
658    
659 pcg 1.4 w.at = NOW + retry_int;
660 pcg 1.1
661     if (conf->hostname)
662     {
663     reset_dstaddr ();
664     if (si.host && auth_rate_limiter.can (si))
665     {
666     if (retry_cnt < 4)
667     send_auth_request (si, true);
668     else
669     send_ping (si, 0);
670     }
671     }
672     else
673     vpn->connect_request (conf->id);
674     }
675     }
676    
677     void
678     connection::reset_connection ()
679     {
680     if (ictx && octx)
681     {
682     slog (L_INFO, _("%s(%s): connection lost"),
683     conf->nodename, (const char *)si);
684    
685     if (::conf.script_node_down)
686     run_script (run_script_cb (this, &connection::script_node_down), false);
687     }
688    
689     delete ictx; ictx = 0;
690     delete octx; octx = 0;
691    
692     si.host= 0;
693    
694     last_activity = 0;
695     retry_cnt = 0;
696    
697     rekey.reset ();
698     keepalive.reset ();
699     establish_connection.reset ();
700     }
701    
702     void
703     connection::shutdown ()
704     {
705     if (ictx && octx)
706     send_reset (si);
707    
708     reset_connection ();
709     }
710    
711     void
712 pcg 1.4 connection::rekey_cb (time_watcher &w)
713 pcg 1.1 {
714 pcg 1.4 w.at = TSTAMP_CANCEL;
715 pcg 1.1
716     reset_connection ();
717     establish_connection ();
718     }
719    
720     void
721     connection::send_data_packet (tap_packet *pkt, bool broadcast)
722     {
723     vpndata_packet *p = new vpndata_packet;
724     int tos = 0;
725    
726     if (conf->inherit_tos
727     && (*pkt)[12] == 0x08 && (*pkt)[13] == 0x00 // IP
728     && ((*pkt)[14] & 0xf0) == 0x40) // IPv4
729     tos = (*pkt)[15] & IPTOS_TOS_MASK;
730    
731     p->setup (this, broadcast ? 0 : conf->id, &((*pkt)[6 + 6]), pkt->len - 6 - 6, ++oseqno); // skip 2 macs
732     send_vpn_packet (p, si, tos);
733    
734     delete p;
735    
736     if (oseqno > MAX_SEQNO)
737     rekey ();
738     }
739    
740     void
741     connection::inject_data_packet (tap_packet *pkt, bool broadcast)
742     {
743     if (ictx && octx)
744     send_data_packet (pkt, broadcast);
745     else
746     {
747     if (!broadcast)//DDDD
748     queue.put (new tap_packet (*pkt));
749    
750     establish_connection ();
751     }
752     }
753    
754     void
755     connection::recv_vpn_packet (vpn_packet *pkt, const sockinfo &rsi)
756     {
757     last_activity = NOW;
758    
759     slog (L_NOISE, "<<%d received packet type %d from %d to %d",
760     conf->id, pkt->typ (), pkt->src (), pkt->dst ());
761    
762     switch (pkt->typ ())
763     {
764 pcg 1.3 case vpn_packet::PT_PING:
765     // we send pings instead of auth packets after some retries,
766     // so reset the retry counter and establish a connection
767     // when we receive a ping.
768     if (!ictx)
769     {
770     if (auth_rate_limiter.can (rsi))
771     send_auth_request (rsi, true);
772     }
773     else
774     send_ping (rsi, 1); // pong
775    
776     break;
777    
778     case vpn_packet::PT_PONG:
779     break;
780    
781     case vpn_packet::PT_RESET:
782 pcg 1.1 {
783 pcg 1.3 reset_connection ();
784    
785     config_packet *p = (config_packet *) pkt;
786    
787     if (!p->chk_config ())
788     {
789     slog (L_WARN, _("%s(%s): protocol mismatch, disabling node"),
790     conf->nodename, (const char *)rsi);
791     connectmode = conf_node::C_DISABLED;
792     }
793     else if (connectmode == conf_node::C_ALWAYS)
794     establish_connection ();
795 pcg 1.1 }
796 pcg 1.3 break;
797    
798     case vpn_packet::PT_AUTH_REQ:
799     if (auth_rate_limiter.can (rsi))
800     {
801     auth_req_packet *p = (auth_req_packet *) pkt;
802    
803     slog (L_TRACE, "<<%d PT_AUTH_REQ(%d)", conf->id, p->initiate);
804 pcg 1.1
805 pcg 1.3 if (p->chk_config () && !strncmp (p->magic, MAGIC, 8))
806     {
807     if (p->prot_minor != PROTOCOL_MINOR)
808     slog (L_INFO, _("%s(%s): protocol minor version mismatch: ours is %d, %s's is %d."),
809     conf->nodename, (const char *)rsi,
810     PROTOCOL_MINOR, conf->nodename, p->prot_minor);
811    
812     if (p->initiate)
813     send_auth_request (rsi, false);
814    
815     rsachallenge k;
816    
817     if (0 > RSA_private_decrypt (sizeof (p->encr),
818     (unsigned char *)&p->encr, (unsigned char *)&k,
819     ::conf.rsa_key, RSA_PKCS1_OAEP_PADDING))
820     slog (L_ERR, _("%s(%s): challenge illegal or corrupted"),
821     conf->nodename, (const char *)rsi);
822     else
823     {
824     retry_cnt = 0;
825     establish_connection.set (NOW + 8); //? ;)
826     keepalive.reset ();
827     rekey.reset ();
828 pcg 1.1
829 pcg 1.3 delete ictx;
830     ictx = 0;
831 pcg 1.1
832 pcg 1.3 delete octx;
833 pcg 1.1
834 pcg 1.3 octx = new crypto_ctx (k, 1);
835     oseqno = ntohl (*(u32 *)&k[CHG_SEQNO]) & 0x7fffffff;
836 pcg 1.1
837 pcg 1.3 conf->protocols = p->protocols;
838     send_auth_response (rsi, p->id, k);
839    
840     break;
841     }
842     }
843    
844     send_reset (rsi);
845 pcg 1.1 }
846    
847 pcg 1.3 break;
848    
849     case vpn_packet::PT_AUTH_RES:
850 pcg 1.1 {
851 pcg 1.3 auth_res_packet *p = (auth_res_packet *) pkt;
852 pcg 1.1
853 pcg 1.3 slog (L_TRACE, "<<%d PT_AUTH_RES", conf->id);
854 pcg 1.1
855 pcg 1.3 if (p->chk_config ())
856 pcg 1.1 {
857     if (p->prot_minor != PROTOCOL_MINOR)
858     slog (L_INFO, _("%s(%s): protocol minor version mismatch: ours is %d, %s's is %d."),
859     conf->nodename, (const char *)rsi,
860     PROTOCOL_MINOR, conf->nodename, p->prot_minor);
861    
862 pcg 1.3 rsachallenge chg;
863 pcg 1.1
864 pcg 1.3 if (!rsa_cache.find (p->id, chg))
865     slog (L_ERR, _("%s(%s): unrequested auth response"),
866 pcg 1.1 conf->nodename, (const char *)rsi);
867     else
868     {
869 pcg 1.3 crypto_ctx *cctx = new crypto_ctx (chg, 0);
870    
871     if (!p->hmac_chk (cctx))
872     slog (L_ERR, _("%s(%s): hmac authentication error on auth response, received invalid packet\n"
873     "could be an attack, or just corruption or an synchronization error"),
874     conf->nodename, (const char *)rsi);
875     else
876     {
877     rsaresponse h;
878    
879     rsa_hash (p->id, chg, h);
880    
881     if (!memcmp ((u8 *)&h, (u8 *)p->response, sizeof h))
882     {
883     prot_minor = p->prot_minor;
884    
885     delete ictx; ictx = cctx;
886    
887     iseqno.reset (ntohl (*(u32 *)&chg[CHG_SEQNO]) & 0x7fffffff); // at least 2**31 sequence numbers are valid
888    
889     si = rsi;
890    
891     rekey.set (NOW + ::conf.rekey);
892     keepalive.set (NOW + ::conf.keepalive);
893    
894     // send queued packets
895     while (tap_packet *p = queue.get ())
896     {
897     send_data_packet (p);
898     delete p;
899     }
900 pcg 1.1
901 pcg 1.3 connectmode = conf->connectmode;
902 pcg 1.1
903 pcg 1.3 slog (L_INFO, _("%s(%s): %s connection established, protocol version %d.%d"),
904     conf->nodename, (const char *)rsi,
905     strprotocol (protocol),
906     p->prot_major, p->prot_minor);
907 pcg 1.1
908 pcg 1.3 if (::conf.script_node_up)
909     run_script (run_script_cb (this, &connection::script_node_up), false);
910 pcg 1.1
911 pcg 1.3 break;
912     }
913     else
914     slog (L_ERR, _("%s(%s): sent and received challenge do not match"),
915     conf->nodename, (const char *)rsi);
916     }
917 pcg 1.1
918 pcg 1.3 delete cctx;
919 pcg 1.1 }
920     }
921     }
922    
923 pcg 1.3 send_reset (rsi);
924     break;
925 pcg 1.1
926 pcg 1.3 case vpn_packet::PT_DATA_COMPRESSED:
927     #if !ENABLE_COMPRESSION
928     send_reset (rsi);
929     break;
930     #endif
931 pcg 1.1
932 pcg 1.3 case vpn_packet::PT_DATA_UNCOMPRESSED:
933 pcg 1.1
934 pcg 1.3 if (ictx && octx)
935 pcg 1.1 {
936 pcg 1.3 vpndata_packet *p = (vpndata_packet *)pkt;
937 pcg 1.1
938 pcg 1.3 if (rsi == si)
939 pcg 1.1 {
940 pcg 1.3 if (!p->hmac_chk (ictx))
941     slog (L_ERR, _("%s(%s): hmac authentication error, received invalid packet\n"
942 pcg 1.1 "could be an attack, or just corruption or an synchronization error"),
943     conf->nodename, (const char *)rsi);
944     else
945     {
946 pcg 1.3 u32 seqno;
947     tap_packet *d = p->unpack (this, seqno);
948 pcg 1.1
949 pcg 1.3 if (iseqno.recv_ok (seqno))
950 pcg 1.1 {
951 pcg 1.3 vpn->tap->send (d);
952 pcg 1.1
953 pcg 1.3 if (p->dst () == 0) // re-broadcast
954     for (vpn::conns_vector::iterator i = vpn->conns.begin (); i != vpn->conns.end (); ++i)
955     {
956     connection *c = *i;
957    
958     if (c->conf != THISNODE && c->conf != conf)
959     c->inject_data_packet (d);
960     }
961 pcg 1.1
962 pcg 1.3 delete d;
963 pcg 1.1
964     break;
965     }
966     }
967     }
968 pcg 1.3 else
969     slog (L_ERR, _("received data packet from unknown source %s"), (const char *)rsi);
970 pcg 1.1 }
971    
972 pcg 1.3 send_reset (rsi);
973     break;
974 pcg 1.1
975 pcg 1.3 case vpn_packet::PT_CONNECT_REQ:
976     if (ictx && octx && rsi == si && pkt->hmac_chk (ictx))
977     {
978     connect_req_packet *p = (connect_req_packet *) pkt;
979 pcg 1.1
980 pcg 1.3 assert (p->id > 0 && p->id <= vpn->conns.size ()); // hmac-auth does not mean we accept anything
981     conf->protocols = p->protocols;
982     connection *c = vpn->conns[p->id - 1];
983 pcg 1.1
984 pcg 1.3 slog (L_TRACE, "<<%d PT_CONNECT_REQ(%d) [%d]\n",
985     conf->id, p->id, c->ictx && c->octx);
986 pcg 1.1
987 pcg 1.3 if (c->ictx && c->octx)
988     {
989     // send connect_info packets to both sides, in case one is
990     // behind a nat firewall (or both ;)
991     c->send_connect_info (conf->id, si, conf->protocols);
992     send_connect_info (c->conf->id, c->si, c->conf->protocols);
993     }
994     }
995 pcg 1.1
996 pcg 1.3 break;
997 pcg 1.1
998 pcg 1.3 case vpn_packet::PT_CONNECT_INFO:
999     if (ictx && octx && rsi == si && pkt->hmac_chk (ictx))
1000     {
1001     connect_info_packet *p = (connect_info_packet *) pkt;
1002 pcg 1.1
1003 pcg 1.3 assert (p->id > 0 && p->id <= vpn->conns.size ()); // hmac-auth does not mean we accept anything
1004     conf->protocols = p->protocols;
1005     connection *c = vpn->conns[p->id - 1];
1006 pcg 1.1
1007 pcg 1.3 slog (L_TRACE, "<<%d PT_CONNECT_INFO(%d,%s) (%d)",
1008     conf->id, p->id, (const char *)p->si, !c->ictx && !c->octx);
1009 pcg 1.1
1010 pcg 1.3 c->send_auth_request (p->si, true);
1011     }
1012 pcg 1.1
1013 pcg 1.3 break;
1014 pcg 1.1
1015 pcg 1.3 default:
1016     send_reset (rsi);
1017     break;
1018 pcg 1.1 }
1019     }
1020    
1021 pcg 1.4 void connection::keepalive_cb (time_watcher &w)
1022 pcg 1.1 {
1023     if (NOW >= last_activity + ::conf.keepalive + 30)
1024     {
1025     reset_connection ();
1026     establish_connection ();
1027     }
1028     else if (NOW < last_activity + ::conf.keepalive)
1029 pcg 1.4 w.at = last_activity + ::conf.keepalive;
1030 pcg 1.1 else if (conf->connectmode != conf_node::C_ONDEMAND
1031     || THISNODE->connectmode != conf_node::C_ONDEMAND)
1032     {
1033     send_ping (si);
1034 pcg 1.4 w.at = NOW + 5;
1035 pcg 1.1 }
1036     else
1037     reset_connection ();
1038     }
1039    
1040     void connection::connect_request (int id)
1041     {
1042     connect_req_packet *p = new connect_req_packet (conf->id, id, conf->protocols);
1043    
1044     slog (L_TRACE, ">>%d PT_CONNECT_REQ(%d)", conf->id, id);
1045     p->hmac_set (octx);
1046     send_vpn_packet (p, si);
1047    
1048     delete p;
1049     }
1050    
1051     void connection::script_node ()
1052     {
1053 pcg 1.3 vpn->script_if_up ();
1054 pcg 1.1
1055     char *env;
1056     asprintf (&env, "DESTID=%d", conf->id); putenv (env);
1057     asprintf (&env, "DESTNODE=%s", conf->nodename); putenv (env);
1058     asprintf (&env, "DESTIP=%s", si.ntoa ()); putenv (env);
1059     asprintf (&env, "DESTPORT=%d", ntohs (si.port)); putenv (env);
1060     }
1061    
1062 pcg 1.3 const char *connection::script_node_up ()
1063 pcg 1.1 {
1064     script_node ();
1065    
1066     putenv ("STATE=up");
1067    
1068     return ::conf.script_node_up ? ::conf.script_node_up : "node-up";
1069     }
1070    
1071 pcg 1.3 const char *connection::script_node_down ()
1072 pcg 1.1 {
1073     script_node ();
1074    
1075     putenv ("STATE=down");
1076    
1077     return ::conf.script_node_up ? ::conf.script_node_down : "node-down";
1078     }
1079    
1080     // send a vpn packet out to other hosts
1081     void
1082     connection::send_vpn_packet (vpn_packet *pkt, const sockinfo &si, int tos)
1083     {
1084 pcg 1.3 switch (protocol)
1085     {
1086     case PROT_IPv4:
1087     vpn->send_ipv4_packet (pkt, si, tos);
1088     break;
1089    
1090     case PROT_UDPv4:
1091     vpn->send_udpv4_packet (pkt, si, tos);
1092     break;
1093    
1094     case PROT_TCPv4:
1095     vpn->send_tcpv4_packet (pkt, si, tos);
1096     break;
1097     }
1098 pcg 1.1 }
1099    
1100     connection::connection(struct vpn *vpn_)
1101     : vpn(vpn_)
1102     , rekey (this, &connection::rekey_cb)
1103     , keepalive (this, &connection::keepalive_cb)
1104     , establish_connection (this, &connection::establish_connection_cb)
1105     {
1106     octx = ictx = 0;
1107     retry_cnt = 0;
1108    
1109     connectmode = conf_node::C_ALWAYS; // initial setting
1110     reset_connection ();
1111     }
1112    
1113     connection::~connection ()
1114     {
1115     shutdown ();
1116     }
1117    
1118     void connection_init ()
1119     {
1120     auth_rate_limiter.clear ();
1121     reset_rate_limiter.clear ();
1122     }
1123