ViewVC Help

View File | Revision Log | Show Annotations | Download File

/cvs/gvpe/src/connection.C

Comparing gvpe/src/connection.C (file contents):
Revision 1.1 by pcg, Wed Apr 2 03:06:22 2003 UTC vs.
Revision 1.77 by pcg, Mon Aug 11 16:37:47 2008 UTC

1	/*	1	/*
2	connection.C -- manage a single connection	2	connection.C -- manage a single connection
		3	Copyright (C) 2003-2008 Marc Lehmann <gvpe@schmorp.de>
3		4
		5	This file is part of GVPE.
		6
4	This program is free software; you can redistribute it and/or modify	7	GVPE is free software; you can redistribute it and/or modify it
5	it under the terms of the GNU General Public License as published by	8	under the terms of the GNU General Public License as published by the
6	the Free Software Foundation; either version 2 of the License, or	9	Free Software Foundation; either version 3 of the License, or (at your
7	(at your option) any later version.	10	option) any later version.
8		11
9	This program is distributed in the hope that it will be useful,	12	This program is distributed in the hope that it will be useful, but
10	but WITHOUT ANY WARRANTY; without even the implied warranty of	13	WITHOUT ANY WARRANTY; without even the implied warranty of
11	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the	14	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General
12	GNU General Public License for more details.	15	Public License for more details.
13		16
14	You should have received a copy of the GNU General Public License	17	You should have received a copy of the GNU General Public License along
15	along with this program; if not, write to the Free Software	18	with this program; if not, see <http://www.gnu.org/licenses/>.
16	Foundation, Inc. 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA	19
		20	Additional permission under GNU GPL version 3 section 7
		21
		22	If you modify this Program, or any covered work, by linking or
		23	combining it with the OpenSSL project's OpenSSL library (or a modified
		24	version of that library), containing parts covered by the terms of the
		25	OpenSSL or SSLeay licenses, the licensors of this Program grant you
		26	additional permission to convey the resulting work. Corresponding
		27	Source for a non-source form of such a combination shall include the
		28	source code for the parts of OpenSSL used as well as that of the
		29	covered work.
17	*/	30	*/
18		31
19	#include "config.h"	32	#include "config.h"
20		33
21	extern "C" {
22	# include "lzf/lzf.h"
23	}
24
25	#include <list>	34	#include <list>
		35	#include <queue>
		36	#include <utility>
26		37
27	#include "gettext.h"	38	#include <openssl/rand.h>
		39	#include <openssl/evp.h>
		40	#include <openssl/rsa.h>
		41	#include <openssl/err.h>
28		42
29	#include "conf.h"	43	#include "conf.h"
30	#include "slog.h"	44	#include "slog.h"
31	#include "device.h"	45	#include "device.h"
32	#include "protocol.h"	46	#include "vpn.h"
33	#include "connection.h"	47	#include "connection.h"
		48
		49	#include "netcompat.h"
34		50
35	#if !HAVE_RAND_PSEUDO_BYTES	51	#if !HAVE_RAND_PSEUDO_BYTES
36	# define RAND_pseudo_bytes RAND_bytes	52	# define RAND_pseudo_bytes RAND_bytes
37	#endif	53	#endif
38		54
39	#define MAGIC "vped\xbd\xc6\xdb\x82" // 8 bytes of magic	55	#define MAGIC "vped\xbd\xc6\xdb\x82" // 8 bytes of magic
40		56
		57	#define ULTRA_FAST 1
		58	#define HLOG 15
		59	#include "lzf/lzf.h"
		60	#include "lzf/lzf_c.c"
		61	#include "lzf/lzf_d.c"
		62
		63	//////////////////////////////////////////////////////////////////////////////
		64
		65	static std::queue< std::pair<run_script_cb *, const char *> > rs_queue;
		66	static ev::child rs_child_ev;
		67
		68	void // c++ requires external linkage here, apparently :(
		69	rs_child_cb (ev::child &w, int revents)
		70	{
		71	w.stop ();
		72
		73	if (rs_queue.empty ())
		74	return;
		75
		76	pid_t pid = run_script (*rs_queue.front ().first, false);
		77	if (pid)
		78	{
		79	w.set (pid);
		80	w.start ();
		81	}
		82	else
		83	slog (L_WARN, rs_queue.front ().second);
		84
		85	delete rs_queue.front ().first;
		86	rs_queue.pop ();
		87	}
		88
		89	// despite the fancy name, this is quite a hack
		90	static void
		91	run_script_queued (run_script_cb *cb, const char *warnmsg)
		92	{
		93	rs_queue.push (std::make_pair (cb, warnmsg));
		94
		95	if (!rs_child_ev.is_active ())
		96	{
		97	rs_child_ev.set<rs_child_cb> ();
		98	rs_child_ev ();
		99	}
		100	}
		101
		102	//////////////////////////////////////////////////////////////////////////////
		103
41	struct crypto_ctx	104	struct crypto_ctx
42	{	105	{
43	EVP_CIPHER_CTX cctx;	106	EVP_CIPHER_CTX cctx;
44	HMAC_CTX hctx;	107	HMAC_CTX hctx;
45		108
…		…
48	};	111	};
49		112
50	crypto_ctx::crypto_ctx (const rsachallenge &challenge, int enc)	113	crypto_ctx::crypto_ctx (const rsachallenge &challenge, int enc)
51	{	114	{
52	EVP_CIPHER_CTX_init (&cctx);	115	EVP_CIPHER_CTX_init (&cctx);
53	EVP_CipherInit_ex (&cctx, CIPHER, 0, &challenge[CHG_CIPHER_KEY], 0, enc);	116	require (EVP_CipherInit_ex (&cctx, CIPHER, 0, &challenge[CHG_CIPHER_KEY], 0, enc));
54	HMAC_CTX_init (&hctx);	117	HMAC_CTX_init (&hctx);
55	HMAC_Init_ex (&hctx, &challenge[CHG_HMAC_KEY], HMAC_KEYLEN, DIGEST, 0);	118	HMAC_Init_ex (&hctx, &challenge[CHG_HMAC_KEY], HMAC_KEYLEN, DIGEST, 0);
56	}	119	}
57		120
58	crypto_ctx::~crypto_ctx ()	121	crypto_ctx::~crypto_ctx ()
59	{	122	{
60	EVP_CIPHER_CTX_cleanup (&cctx);	123	require (EVP_CIPHER_CTX_cleanup (&cctx));
61	HMAC_CTX_cleanup (&hctx);	124	HMAC_CTX_cleanup (&hctx);
62	}	125	}
63		126
64	static void	127	static void
65	rsa_hash (const rsaid &id, const rsachallenge &chg, rsaresponse &h)	128	rsa_hash (const rsaid &id, const rsachallenge &chg, rsaresponse &h)
66	{	129	{
67	EVP_MD_CTX ctx;	130	EVP_MD_CTX ctx;
68		131
69	EVP_MD_CTX_init (&ctx);	132	EVP_MD_CTX_init (&ctx);
70	EVP_DigestInit (&ctx, RSA_HASH);	133	require (EVP_DigestInit (&ctx, RSA_HASH));
71	EVP_DigestUpdate(&ctx, &chg, sizeof chg);	134	require (EVP_DigestUpdate(&ctx, &chg, sizeof chg));
72	EVP_DigestUpdate(&ctx, &id, sizeof id);	135	require (EVP_DigestUpdate(&ctx, &id, sizeof id));
73	EVP_DigestFinal (&ctx, (unsigned char *)&h, 0);	136	require (EVP_DigestFinal (&ctx, (unsigned char *)&h, 0));
74	EVP_MD_CTX_cleanup (&ctx);	137	EVP_MD_CTX_cleanup (&ctx);
75	}	138	}
76		139
77	struct rsa_entry {	140	struct rsa_entry
		141	{
78	tstamp expire;	142	tstamp expire;
79	rsaid id;	143	rsaid id;
80	rsachallenge chg;	144	rsachallenge chg;
81	};	145	};
82		146
83	struct rsa_cache : list<rsa_entry>	147	struct rsa_cache : list<rsa_entry>
84	{	148	{
85	void cleaner_cb (tstamp &ts); time_watcher cleaner;	149	inline void cleaner_cb (ev::timer &w, int revents); ev::timer cleaner;
86		150
87	bool find (const rsaid &id, rsachallenge &chg)	151	bool find (const rsaid &id, rsachallenge &chg)
88	{	152	{
89	for (iterator i = begin (); i != end (); ++i)	153	for (iterator i = begin (); i != end (); ++i)
90	{	154	{
91	if (!memcmp (&id, &i->id, sizeof id) && i->expire > NOW)	155	if (!memcmp (&id, &i->id, sizeof id) && i->expire > ev_now ())
92	{	156	{
93	memcpy (&chg, &i->chg, sizeof chg);	157	memcpy (&chg, &i->chg, sizeof chg);
94		158
95	erase (i);	159	erase (i);
96	return true;	160	return true;
97	}	161	}
98	}	162	}
99		163
100	if (cleaner.at < NOW)	164	if (!cleaner.is_active ())
101	cleaner.start (NOW + RSA_TTL);	165	cleaner.again ();
102		166
103	return false;	167	return false;
104	}	168	}
105		169
106	void gen (rsaid &id, rsachallenge &chg)	170	void gen (rsaid &id, rsachallenge &chg)
107	{	171	{
108	rsa_entry e;	172	rsa_entry e;
109		173
110	RAND_bytes ((unsigned char *)&id, sizeof id);	174	RAND_bytes ((unsigned char *)&id, sizeof id);
111	RAND_bytes ((unsigned char *)&chg, sizeof chg);	175	RAND_bytes ((unsigned char *)&chg, sizeof chg);
112		176
113	e.expire = NOW + RSA_TTL;	177	e.expire = ev_now () + RSA_TTL;
114	e.id = id;	178	e.id = id;
115	memcpy (&e.chg, &chg, sizeof chg);	179	memcpy (&e.chg, &chg, sizeof chg);
116		180
117	push_back (e);	181	push_back (e);
118		182
119	if (cleaner.at < NOW)	183	if (!cleaner.is_active ())
120	cleaner.start (NOW + RSA_TTL);	184	cleaner.again ();
121	}	185	}
122		186
123	rsa_cache ()	187	rsa_cache ()
124	: cleaner (this, &rsa_cache::cleaner_cb)	188	{
125	{ }	189	cleaner.set<rsa_cache, &rsa_cache::cleaner_cb> (this);
		190	cleaner.set (RSA_TTL, RSA_TTL);
		191	}
126		192
127	} rsa_cache;	193	} rsa_cache;
128		194
129	void rsa_cache::cleaner_cb (tstamp &ts)	195	void rsa_cache::cleaner_cb (ev::timer &w, int revents)
130	{	196	{
131	if (empty ())	197	if (empty ())
132	ts = TSTAMP_CANCEL;	198	w.stop ();
133	else	199	else
134	{	200	{
135	ts = NOW + RSA_TTL;
136
137	for (iterator i = begin (); i != end (); )	201	for (iterator i = begin (); i != end (); )
138	if (i->expire <= NOW)	202	if (i->expire <= ev_now ())
139	i = erase (i);	203	i = erase (i);
140	else	204	else
141	++i;	205	++i;
142	}	206	}
143	}	207	}
144		208
145	//////////////////////////////////////////////////////////////////////////////	209	//////////////////////////////////////////////////////////////////////////////
146		210
147	void pkt_queue::put (tap_packet *p)	211	pkt_queue::pkt_queue (double max_ttl, int max_queue)
		212	: max_ttl (max_ttl), max_queue (max_queue)
148	{	213	{
149	if (queue[i])	214	queue = new pkt [max_queue];
150	{
151	delete queue[i];
152	j = (j + 1) % QUEUEDEPTH;
153	}
154		215
155	queue[i] = p;
156
157	i = (i + 1) % QUEUEDEPTH;
158	}
159
160	tap_packet *pkt_queue::get ()
161	{
162	tap_packet *p = queue[j];
163
164	if (p)
165	{
166	queue[j] = 0;
167	j = (j + 1) % QUEUEDEPTH;
168	}
169
170	return p;
171	}
172
173	pkt_queue::pkt_queue ()
174	{
175	memset (queue, 0, sizeof (queue));
176	i = 0;	216	i = 0;
177	j = 0;	217	j = 0;
		218
		219	expire.set<pkt_queue, &pkt_queue::expire_cb> (this);
178	}	220	}
179		221
180	pkt_queue::~pkt_queue ()	222	pkt_queue::~pkt_queue ()
181	{	223	{
182	for (i = QUEUEDEPTH; --i > 0; )	224	while (net_packet *p = get ())
		225	delete p;
		226
183	delete queue[i];	227	delete [] queue;
184	}	228	}
185		229
		230	void pkt_queue::expire_cb (ev::timer &w, int revents)
		231	{
		232	ev_tstamp expire = ev_now () - max_ttl;
		233
		234	for (;;)
		235	{
		236	if (empty ())
		237	break;
		238
		239	double diff = queue[j].tstamp - expire;
		240
		241	if (diff >= 0.)
		242	{
		243	w.start (diff > 0.5 ? diff : 0.5);
		244	break;
		245	}
		246
		247	delete get ();
		248	}
		249	}
		250
		251	void pkt_queue::put (net_packet *p)
		252	{
		253	ev_tstamp now = ev_now ();
		254
		255	// start expiry timer
		256	if (empty ())
		257	expire.start (max_ttl);
		258
		259	int ni = i + 1 == max_queue ? 0 : i + 1;
		260
		261	if (ni == j)
		262	delete get ();
		263
		264	queue[i].pkt = p;
		265	queue[i].tstamp = now;
		266
		267	i = ni;
		268	}
		269
		270	net_packet *pkt_queue::get ()
		271	{
		272	if (empty ())
		273	return 0;
		274
		275	net_packet *p = queue[j].pkt;
		276	queue[j].pkt = 0;
		277
		278	j = j + 1 == max_queue ? 0 : j + 1;
		279
		280	return p;
		281	}
		282
186	struct net_rateinfo {	283	struct net_rateinfo
		284	{
187	u32 host;	285	u32 host;
188	double pcnt, diff;	286	double pcnt, diff;
189	tstamp last;	287	tstamp last;
190	};	288	};
191		289
192	// only do action once every x seconds per host whole allowing bursts.	290	// only do action once every x seconds per host whole allowing bursts.
193	// this implementation ("splay list" ;) is inefficient,	291	// this implementation ("splay list" ;) is inefficient,
194	// but low on resources.	292	// but low on resources.
195	struct net_rate_limiter : list<net_rateinfo>	293	struct net_rate_limiter : list<net_rateinfo>
196	{	294	{
197	static const double ALPHA = 1. - 1. / 90.; // allow bursts	295	# define NRL_ALPHA (1. - 1. / 600.) // allow bursts
198	static const double CUTOFF = 20.; // one event every CUTOFF seconds	296	# define NRL_CUTOFF 10. // one event every CUTOFF seconds
199	static const double EXPIRE = CUTOFF * 30.; // expire entries after this time	297	# define NRL_EXPIRE (NRL_CUTOFF * 30.) // expire entries after this time
		298	# define NRL_MAXDIF (NRL_CUTOFF * (1. / (1. - NRL_ALPHA))) // maximum diff /count value
200		299
201	bool can (const sockinfo &si) { return can((u32)si.host); }	300	bool can (const sockinfo &si) { return can((u32)si.host); }
202	bool can (u32 host);	301	bool can (u32 host);
203	};	302	};
204		303
205	net_rate_limiter auth_rate_limiter, reset_rate_limiter;	304	net_rate_limiter auth_rate_limiter, reset_rate_limiter;
206		305
…		…
209	iterator i;	308	iterator i;
210		309
211	for (i = begin (); i != end (); )	310	for (i = begin (); i != end (); )
212	if (i->host == host)	311	if (i->host == host)
213	break;	312	break;
214	else if (i->last < NOW - EXPIRE)	313	else if (i->last < ev_now () - NRL_EXPIRE)
215	i = erase (i);	314	i = erase (i);
216	else	315	else
217	i++;	316	i++;
218		317
219	if (i == end ())	318	if (i == end ())
220	{	319	{
221	net_rateinfo ri;	320	net_rateinfo ri;
222		321
223	ri.host = host;	322	ri.host = host;
224	ri.pcnt = 1.;	323	ri.pcnt = 1.;
225	ri.diff = CUTOFF * (1. / (1. - ALPHA));	324	ri.diff = NRL_MAXDIF;
226	ri.last = NOW;	325	ri.last = ev_now ();
227		326
228	push_front (ri);	327	push_front (ri);
229		328
230	return true;	329	return true;
231	}	330	}
232	else	331	else
233	{	332	{
234	net_rateinfo ri (*i);	333	net_rateinfo ri (*i);
235	erase (i);	334	erase (i);
236		335
237	ri.pcnt = ri.pcnt * ALPHA;	336	ri.pcnt = ri.pcnt * NRL_ALPHA;
238	ri.diff = ri.diff * ALPHA + (NOW - ri.last);	337	ri.diff = ri.diff * NRL_ALPHA + (ev_now () - ri.last);
239		338
240	ri.last = NOW;	339	ri.last = ev_now ();
241		340
		341	double dif = ri.diff / ri.pcnt;
		342
242	bool send = ri.diff / ri.pcnt > CUTOFF;	343	bool send = dif > NRL_CUTOFF;
243		344
		345	if (dif > NRL_MAXDIF)
		346	{
		347	ri.pcnt = 1.;
		348	ri.diff = NRL_MAXDIF;
		349	}
244	if (send)	350	else if (send)
245	ri.pcnt++;	351	ri.pcnt++;
246		352
247	push_front (ri);	353	push_front (ri);
248		354
249	return send;	355	return send;
…		…
280	hmac_gen (ctx);	386	hmac_gen (ctx);
281		387
282	return !memcmp (hmac, hmac_digest, HMACLENGTH);	388	return !memcmp (hmac, hmac_digest, HMACLENGTH);
283	}	389	}
284		390
285	void vpn_packet::set_hdr (ptype type, unsigned int dst)	391	void vpn_packet::set_hdr (ptype type_, unsigned int dst)
286	{	392	{
287	this->type = type;	393	type = type_;
288		394
289	int src = THISNODE->id;	395	int src = THISNODE->id;
290		396
291	src1 = src;	397	src1 = src;
292	srcdst = ((src >> 8) << 4) | (dst >> 8);	398	srcdst = ((src >> 8) << 4) | (dst >> 8);
…		…
294	}	400	}
295		401
296	#define MAXVPNDATA (MAX_MTU - 6 - 6)	402	#define MAXVPNDATA (MAX_MTU - 6 - 6)
297	#define DATAHDR (sizeof (u32) + RAND_SIZE)	403	#define DATAHDR (sizeof (u32) + RAND_SIZE)
298		404
299	struct vpndata_packet:vpn_packet	405	struct vpndata_packet : vpn_packet
300	{	406	{
301	u8 data[MAXVPNDATA + DATAHDR]; // seqno	407	u8 data[MAXVPNDATA + DATAHDR]; // seqno
302		408
303	void setup (connection *conn, int dst, u8 *d, u32 len, u32 seqno);	409	void setup (connection *conn, int dst, u8 *d, u32 len, u32 seqno);
304	tap_packet *unpack (connection *conn, u32 &seqno);	410	tap_packet *unpack (connection *conn, u32 &seqno);
…		…
317	int outl = 0, outl2;	423	int outl = 0, outl2;
318	ptype type = PT_DATA_UNCOMPRESSED;	424	ptype type = PT_DATA_UNCOMPRESSED;
319		425
320	#if ENABLE_COMPRESSION	426	#if ENABLE_COMPRESSION
321	u8 cdata[MAX_MTU];	427	u8 cdata[MAX_MTU];
322	u32 cl;
323		428
		429	if (conn->features & ENABLE_COMPRESSION)
		430	{
324	cl = lzf_compress (d, l, cdata + 2, (l - 2) & ~7);	431	u32 cl = lzf_compress (d, l, cdata + 2, (l - 2) & ~7);
		432
325	if (cl)	433	if (cl)
326	{	434	{
327	type = PT_DATA_COMPRESSED;	435	type = PT_DATA_COMPRESSED;
328	d = cdata;	436	d = cdata;
329	l = cl + 2;	437	l = cl + 2;
330		438
331	d[0] = cl >> 8;	439	d[0] = cl >> 8;
332	d[1] = cl;	440	d[1] = cl;
		441	}
333	}	442	}
334	#endif	443	#endif
335		444
336	EVP_EncryptInit_ex (cctx, 0, 0, 0, 0);	445	require (EVP_EncryptInit_ex (cctx, 0, 0, 0, 0));
337		446
338	struct {	447	struct {
339	#if RAND_SIZE	448	#if RAND_SIZE
340	u8 rnd[RAND_SIZE];	449	u8 rnd[RAND_SIZE];
341	#endif	450	#endif
…		…
345	datahdr.seqno = ntohl (seqno);	454	datahdr.seqno = ntohl (seqno);
346	#if RAND_SIZE	455	#if RAND_SIZE
347	RAND_pseudo_bytes ((unsigned char *) datahdr.rnd, RAND_SIZE);	456	RAND_pseudo_bytes ((unsigned char *) datahdr.rnd, RAND_SIZE);
348	#endif	457	#endif
349		458
350	EVP_EncryptUpdate (cctx,	459	require (EVP_EncryptUpdate (cctx,
351	(unsigned char *) data + outl, &outl2,	460	(unsigned char *) data + outl, &outl2,
352	(unsigned char *) &datahdr, DATAHDR);	461	(unsigned char *) &datahdr, DATAHDR));
353	outl += outl2;	462	outl += outl2;
354		463
355	EVP_EncryptUpdate (cctx,	464	require (EVP_EncryptUpdate (cctx,
356	(unsigned char *) data + outl, &outl2,	465	(unsigned char *) data + outl, &outl2,
357	(unsigned char *) d, l);	466	(unsigned char *) d, l));
358	outl += outl2;	467	outl += outl2;
359		468
360	EVP_EncryptFinal_ex (cctx, (unsigned char *) data + outl, &outl2);	469	require (EVP_EncryptFinal_ex (cctx, (unsigned char *) data + outl, &outl2));
361	outl += outl2;	470	outl += outl2;
362		471
363	len = outl + data_hdr_size ();	472	len = outl + data_hdr_size ();
364		473
365	set_hdr (type, dst);	474	set_hdr (type, dst);
…		…
374	int outl = 0, outl2;	483	int outl = 0, outl2;
375	tap_packet *p = new tap_packet;	484	tap_packet *p = new tap_packet;
376	u8 *d;	485	u8 *d;
377	u32 l = len - data_hdr_size ();	486	u32 l = len - data_hdr_size ();
378		487
379	EVP_DecryptInit_ex (cctx, 0, 0, 0, 0);	488	require (EVP_DecryptInit_ex (cctx, 0, 0, 0, 0));
380		489
381	#if ENABLE_COMPRESSION	490	#if ENABLE_COMPRESSION
382	u8 cdata[MAX_MTU];	491	u8 cdata[MAX_MTU];
383		492
384	if (type == PT_DATA_COMPRESSED)	493	if (type == PT_DATA_COMPRESSED)
…		…
386	else	495	else
387	#endif	496	#endif
388	d = &(*p)[6 + 6 - DATAHDR];	497	d = &(*p)[6 + 6 - DATAHDR];
389		498
390	/* this overwrites part of the src mac, but we fix that later */	499	/* this overwrites part of the src mac, but we fix that later */
391	EVP_DecryptUpdate (cctx,	500	require (EVP_DecryptUpdate (cctx,
392	d, &outl2,	501	d, &outl2,
393	(unsigned char *)&data, len - data_hdr_size ());	502	(unsigned char *)&data, len - data_hdr_size ()));
394	outl += outl2;	503	outl += outl2;
395		504
396	EVP_DecryptFinal_ex (cctx, (unsigned char *)d + outl, &outl2);	505	require (EVP_DecryptFinal_ex (cctx, (unsigned char *)d + outl, &outl2));
397	outl += outl2;	506	outl += outl2;
398		507
399	seqno = ntohl (*(u32 *)(d + RAND_SIZE));	508	seqno = ntohl (*(u32 *)(d + RAND_SIZE));
400		509
401	id2mac (dst () ? dst() : THISNODE->id, p->dst);	510	id2mac (dst () ? dst() : THISNODE->id, p->dst);
…		…
430	{	539	{
431	// actually, hmaclen cannot be checked because the hmac	540	// actually, hmaclen cannot be checked because the hmac
432	// field comes before this data, so peers with other	541	// field comes before this data, so peers with other
433	// hmacs simply will not work.	542	// hmacs simply will not work.
434	u8 prot_major, prot_minor, randsize, hmaclen;	543	u8 prot_major, prot_minor, randsize, hmaclen;
435	u8 flags, challengelen, pad2, pad3;	544	u8 flags, challengelen, features, pad3;
436	u32 cipher_nid, digest_nid, hmac_nid;	545	u32 cipher_nid, digest_nid, hmac_nid;
437
438	const u8 curflags () const
439	{
440	return 0x80
441	| (ENABLE_COMPRESSION ? 0x01 : 0x00);
442	}
443		546
444	void setup (ptype type, int dst);	547	void setup (ptype type, int dst);
445	bool chk_config () const;	548	bool chk_config () const;
		549
		550	static u8 get_features ()
		551	{
		552	u8 f = 0;
		553	#if ENABLE_COMPRESSION
		554	f |= FEATURE_COMPRESSION;
		555	#endif
		556	#if ENABLE_ROHC
		557	f |= FEATURE_ROHC;
		558	#endif
		559	#if ENABLE_BRIDGING
		560	f |= FEATURE_BRIDGING;
		561	#endif
		562	return f;
		563	}
446	};	564	};
447		565
448	void config_packet::setup (ptype type, int dst)	566	void config_packet::setup (ptype type, int dst)
449	{	567	{
450	prot_major = PROTOCOL_MAJOR;	568	prot_major = PROTOCOL_MAJOR;
451	prot_minor = PROTOCOL_MINOR;	569	prot_minor = PROTOCOL_MINOR;
452	randsize = RAND_SIZE;	570	randsize = RAND_SIZE;
453	hmaclen = HMACLENGTH;	571	hmaclen = HMACLENGTH;
454	flags = curflags ();	572	flags = 0;
455	challengelen = sizeof (rsachallenge);	573	challengelen = sizeof (rsachallenge);
		574	features = get_features ();
456		575
457	cipher_nid = htonl (EVP_CIPHER_nid (CIPHER));	576	cipher_nid = htonl (EVP_CIPHER_nid (CIPHER));
458	digest_nid = htonl (EVP_MD_type (RSA_HASH));	577	digest_nid = htonl (EVP_MD_type (RSA_HASH));
459	hmac_nid = htonl (EVP_MD_type (DIGEST));	578	hmac_nid = htonl (EVP_MD_type (DIGEST));
460		579
…		…
462	set_hdr (type, dst);	581	set_hdr (type, dst);
463	}	582	}
464		583
465	bool config_packet::chk_config () const	584	bool config_packet::chk_config () const
466	{	585	{
467	return prot_major == PROTOCOL_MAJOR	586	if (prot_major != PROTOCOL_MAJOR)
468	&& randsize == RAND_SIZE	587	slog (L_WARN, _("major version mismatch (remote %d <=> local %d)"), prot_major, PROTOCOL_MAJOR);
469	&& hmaclen == HMACLENGTH	588	else if (randsize != RAND_SIZE)
470	&& flags == curflags ()	589	slog (L_WARN, _("rand size mismatch (remote %d <=> local %d)"), randsize, RAND_SIZE);
		590	else if (hmaclen != HMACLENGTH)
		591	slog (L_WARN, _("hmac length mismatch (remote %d <=> local %d)"), hmaclen, HMACLENGTH);
471	&& challengelen == sizeof (rsachallenge)	592	else if (challengelen != sizeof (rsachallenge))
		593	slog (L_WARN, _("challenge length mismatch (remote %d <=> local %d)"), challengelen, sizeof (rsachallenge));
472	&& cipher_nid == htonl (EVP_CIPHER_nid (CIPHER))	594	else if (cipher_nid != htonl (EVP_CIPHER_nid (CIPHER)))
		595	slog (L_WARN, _("cipher mismatch (remote %x <=> local %x)"), ntohl (cipher_nid), EVP_CIPHER_nid (CIPHER));
473	&& digest_nid == htonl (EVP_MD_type (RSA_HASH))	596	else if (digest_nid != htonl (EVP_MD_type (RSA_HASH)))
		597	slog (L_WARN, _("digest mismatch (remote %x <=> local %x)"), ntohl (digest_nid), EVP_MD_type (RSA_HASH));
474	&& hmac_nid == htonl (EVP_MD_type (DIGEST));	598	else if (hmac_nid != htonl (EVP_MD_type (DIGEST)))
		599	slog (L_WARN, _("hmac mismatch (remote %x <=> local %x)"), ntohl (hmac_nid), EVP_MD_type (DIGEST));
		600	else
		601	return true;
		602
		603	return false;
475	}	604	}
476		605
477	struct auth_req_packet : config_packet	606	struct auth_req_packet : config_packet
478	{	607	{
479	char magic[8];	608	char magic[8];
480	u8 initiate; // false if this is just an automatic reply	609	u8 initiate; // false if this is just an automatic reply
481	u8 protocols; // supported protocols (will get patches on forward)	610	u8 protocols; // supported protocols (will be patched on forward)
482	u8 pad2, pad3;	611	u8 pad2, pad3;
483	rsaid id;	612	rsaid id;
484	rsaencrdata encr;	613	rsaencrdata encr;
485		614
486	auth_req_packet (int dst, bool initiate_, u8 protocols_)	615	auth_req_packet (int dst, bool initiate_, u8 protocols_)
…		…
541	};	670	};
542		671
543	/////////////////////////////////////////////////////////////////////////////	672	/////////////////////////////////////////////////////////////////////////////
544		673
545	void	674	void
		675	connection::connection_established ()
		676	{
		677	slog (L_TRACE, _("%s: possible connection establish (ictx %d, octx %d)"), conf->nodename, !!ictx, !!octx);
		678
		679	if (ictx && octx)
		680	{
		681	// make sure rekeying timeouts are slightly asymmetric
		682	ev::tstamp rekey_interval = ::conf.rekey + (conf->id > THISNODE->id ? 10 : 0);
		683	rekey.start (rekey_interval, rekey_interval);
		684	keepalive.start (::conf.keepalive);
		685
		686	// send queued packets
		687	if (ictx && octx)
		688	{
		689	while (tap_packet *p = (tap_packet *)data_queue.get ())
		690	{
		691	if (p->len) send_data_packet (p);
		692	delete p;
		693	}
		694
		695	while (vpn_packet *p = (vpn_packet *)vpn_queue.get ())
		696	{
		697	if (p->len) send_vpn_packet (p, si, IPTOS_RELIABILITY);
		698	delete p;
		699	}
		700	}
		701
		702	vpn->connection_established (this);
		703	}
		704	else
		705	{
		706	retry_cnt = 0;
		707	establish_connection.start (5);
		708	keepalive.stop ();
		709	rekey.stop ();
		710	}
		711	}
		712
		713	void
546	connection::reset_dstaddr ()	714	connection::reset_si ()
547	{	715	{
		716	if (vpn->can_direct (THISNODE, conf))
		717	protocol = best_protocol (THISNODE->protocols & conf->connectable_protocols ());
		718	else
		719	{
		720	slog (L_TRACE, _("%s: direct connection denied by config."), conf->nodename);
		721	protocol = 0;
		722	}
		723
548	si.set (conf);	724	si.set (conf, protocol);
		725
		726	is_direct = si.valid ();
		727	}
		728
		729	// ensure sockinfo is valid, forward if necessary
		730	const sockinfo &
		731	connection::forward_si (const sockinfo &si) const
		732	{
		733	if (!si.valid ())
		734	{
		735	connection *r = vpn->find_router_for (this);
		736
		737	if (r)
		738	{
		739	slog (L_DEBUG, _("%s: no common protocol, trying to route through %s."),
		740	conf->nodename, r->conf->nodename);
		741	return r->si;
		742	}
		743	else
		744	slog (L_DEBUG, _("%s: node unreachable, no common protocol or no router available."),
		745	conf->nodename);
		746	}
		747
		748	return si;
		749	}
		750
		751	void
		752	connection::send_vpn_packet (vpn_packet *pkt, const sockinfo &si, int tos)
		753	{
		754	if (!vpn->send_vpn_packet (pkt, si, tos))
		755	reset_connection ();
549	}	756	}
550		757
551	void	758	void
552	connection::send_ping (const sockinfo &si, u8 pong)	759	connection::send_ping (const sockinfo &si, u8 pong)
553	{	760	{
554	ping_packet *pkt = new ping_packet;	761	ping_packet *pkt = new ping_packet;
555		762
556	pkt->setup (conf->id, pong ? ping_packet::PT_PONG : ping_packet::PT_PING);	763	pkt->setup (conf->id, pong ? ping_packet::PT_PONG : ping_packet::PT_PING);
		764
		765	slog (L_TRACE, ">>%d %s [%s]", conf->id, pong ? "PT_PONG" : "PT_PING", (const char *)si);
		766
557	send_vpn_packet (pkt, si, IPTOS_LOWDELAY);	767	send_vpn_packet (pkt, si, IPTOS_LOWDELAY);
558		768
559	delete pkt;	769	delete pkt;
560	}	770	}
561		771
…		…
576	void	786	void
577	connection::send_auth_request (const sockinfo &si, bool initiate)	787	connection::send_auth_request (const sockinfo &si, bool initiate)
578	{	788	{
579	auth_req_packet *pkt = new auth_req_packet (conf->id, initiate, THISNODE->protocols);	789	auth_req_packet *pkt = new auth_req_packet (conf->id, initiate, THISNODE->protocols);
580		790
581	protocol = best_protocol (THISNODE->protocols & conf->protocols);
582
583	rsachallenge chg;	791	rsachallenge chg;
584
585	rsa_cache.gen (pkt->id, chg);	792	rsa_cache.gen (pkt->id, chg);
586		793	rsa_encrypt (conf->rsa_key, chg, pkt->encr);
587	if (0 > RSA_public_encrypt (sizeof chg,
588	(unsigned char *)&chg, (unsigned char *)&pkt->encr,
589	conf->rsa_key, RSA_PKCS1_OAEP_PADDING))
590	fatal ("RSA_public_encrypt error");
591		794
592	slog (L_TRACE, ">>%d PT_AUTH_REQ [%s]", conf->id, (const char *)si);	795	slog (L_TRACE, ">>%d PT_AUTH_REQ [%s]", conf->id, (const char *)si);
593		796
		797	send_vpn_packet (pkt, si, IPTOS_RELIABILITY | IPTOS_LOWDELAY); // rsa is very very costly
		798
		799	delete pkt;
		800	}
		801
		802	void
		803	connection::send_auth_response (const sockinfo &si, const rsaid &id, const rsachallenge &chg)
		804	{
		805	auth_res_packet *pkt = new auth_res_packet (conf->id);
		806
		807	pkt->id = id;
		808
		809	rsa_hash (id, chg, pkt->response);
		810
		811	pkt->hmac_set (octx);
		812
		813	slog (L_TRACE, ">>%d PT_AUTH_RES [%s]", conf->id, (const char *)si);
		814
594	send_vpn_packet (pkt, si, IPTOS_RELIABILITY); // rsa is very very costly	815	send_vpn_packet (pkt, si, IPTOS_RELIABILITY); // rsa is very very costly
595		816
596	delete pkt;	817	delete pkt;
597	}	818	}
598		819
599	void	820	void
600	connection::send_auth_response (const sockinfo &si, const rsaid &id, const rsachallenge &chg)
601	{
602	auth_res_packet *pkt = new auth_res_packet (conf->id);
603
604	pkt->id = id;
605
606	rsa_hash (id, chg, pkt->response);
607
608	pkt->hmac_set (octx);
609
610	slog (L_TRACE, ">>%d PT_AUTH_RES [%s]", conf->id, (const char *)si);
611
612	send_vpn_packet (pkt, si, IPTOS_RELIABILITY); // rsa is very very costly
613
614	delete pkt;
615	}
616
617	void
618	connection::send_connect_info (int rid, const sockinfo &rsi, u8 rprotocols)	821	connection::send_connect_info (int rid, const sockinfo &rsi, u8 rprotocols)
619	{	822	{
620	slog (L_TRACE, ">>%d PT_CONNECT_INFO(%d,%s)\n",	823	slog (L_TRACE, ">>%d PT_CONNECT_INFO(%d,%s)",
621	conf->id, rid, (const char *)rsi);	824	conf->id, rid, (const char *)rsi);
622		825
623	connect_info_packet *r = new connect_info_packet (conf->id, rid, rsi, rprotocols);	826	connect_info_packet *r = new connect_info_packet (conf->id, rid, rsi, rprotocols);
624		827
625	r->hmac_set (octx);	828	r->hmac_set (octx);
626	send_vpn_packet (r, si);	829	send_vpn_packet (r, si);
627		830
628	delete r;	831	delete r;
629	}	832	}
630		833
631	void	834	inline void
632	connection::establish_connection_cb (tstamp &ts)	835	connection::establish_connection_cb (ev::timer &w, int revents)
633	{	836	{
634	if (ictx || conf == THISNODE	837	if (!ictx
		838	&& conf != THISNODE
635	|| connectmode == conf_node::C_NEVER	839	&& connectmode != conf_node::C_NEVER
636	|| connectmode == conf_node::C_DISABLED)	840	&& connectmode != conf_node::C_DISABLED
637	ts = TSTAMP_CANCEL;	841	&& !w.is_active ())
638	else if (ts <= NOW)
639	{	842	{
640	double retry_int = double (retry_cnt & 3 ? (retry_cnt & 3) : 1 << (retry_cnt >> 2)) * 0.6;	843	// a bit hacky, if ondemand, and packets are no longer queued, then reset the connection
641		844	// and stop trying. should probably be handled by a per-connection expire handler.
642	if (retry_int < 3600 * 8)	845	if (connectmode == conf_node::C_ONDEMAND && vpn_queue.empty () && data_queue.empty ())
643	retry_cnt++;
644
645	ts = NOW + retry_int;
646
647	if (conf->hostname)
648	{	846	{
649	reset_dstaddr ();	847	reset_connection ();
650	if (si.host && auth_rate_limiter.can (si))	848	return;
651	{
652	if (retry_cnt < 4)
653	send_auth_request (si, true);
654	else
655	send_ping (si, 0);
656	}	849	}
		850
		851	last_establish_attempt = ev_now ();
		852
		853	ev::tstamp retry_int = ev::tstamp (retry_cnt & 3
		854	? (retry_cnt & 3) + 1
		855	: 1 << (retry_cnt >> 2));
		856
		857	reset_si ();
		858
		859	bool slow = si.prot & PROT_SLOW;
		860
		861	if (si.prot && !si.host && vpn->can_direct (THISNODE, conf))
		862	{
		863	/*TODO*/ /* start the timer so we don't recurse endlessly */
		864	w.start (1);
		865	vpn->send_connect_request (this);
657	}	866	}
658	else	867	else
659	vpn->connect_request (conf->id);	868	{
		869	if (si.valid ())
		870	slog (L_DEBUG, _("%s: sending direct connection request to %s."),
		871	conf->nodename, (const char *)si);
		872
		873	const sockinfo &dsi = forward_si (si);
		874
		875	slow = slow || (dsi.prot & PROT_SLOW);
		876
		877	if (dsi.valid () && auth_rate_limiter.can (dsi))
		878	{
		879	if (retry_cnt < 4)
		880	send_auth_request (dsi, true);
		881	else
		882	send_ping (dsi, 0);
		883	}
		884	}
		885
		886	retry_int *= slow ? 8. : 0.9;
		887
		888	if (retry_int < conf->max_retry)
		889	retry_cnt++;
		890	else
		891	retry_int = conf->max_retry;
		892
		893	w.start (retry_int);
660	}	894	}
661	}	895	}
662		896
663	void	897	void
664	connection::reset_connection ()	898	connection::reset_connection ()
…		…
667	{	901	{
668	slog (L_INFO, _("%s(%s): connection lost"),	902	slog (L_INFO, _("%s(%s): connection lost"),
669	conf->nodename, (const char *)si);	903	conf->nodename, (const char *)si);
670		904
671	if (::conf.script_node_down)	905	if (::conf.script_node_down)
672	run_script (run_script_cb (this, &connection::script_node_down), false);	906	{
		907	run_script_cb *cb = new run_script_cb;
		908	cb->set<connection, &connection::script_node_down> (this);
		909	run_script_queued (cb, _("node-down command execution failed, continuing."));
		910	}
673	}	911	}
674		912
675	delete ictx; ictx = 0;	913	delete ictx; ictx = 0;
676	delete octx; octx = 0;	914	delete octx; octx = 0;
		915	#if ENABLE_DNS
		916	dnsv4_reset_connection ();
		917	#endif
677		918
678	si.host= 0;	919	si.host = 0;
679		920
680	last_activity = 0;	921	last_activity = 0.;
		922	//last_si_change = 0.;
681	retry_cnt = 0;	923	retry_cnt = 0;
682		924
683	rekey.reset ();	925	rekey.stop ();
684	keepalive.reset ();	926	keepalive.stop ();
685	establish_connection.reset ();	927	establish_connection.stop ();
686	}	928	}
687		929
688	void	930	void
689	connection::shutdown ()	931	connection::shutdown ()
690	{	932	{
…		…
692	send_reset (si);	934	send_reset (si);
693		935
694	reset_connection ();	936	reset_connection ();
695	}	937	}
696		938
697	void	939	// poor-man's rekeying
698	connection::rekey_cb (tstamp &ts)	940	inline void
		941	connection::rekey_cb (ev::timer &w, int revents)
699	{	942	{
700	ts = TSTAMP_CANCEL;
701
702	reset_connection ();	943	reset_connection ();
703	establish_connection ();	944	establish_connection ();
704	}	945	}
705		946
706	void	947	void
707	connection::send_data_packet (tap_packet *pkt, bool broadcast)	948	connection::send_data_packet (tap_packet *pkt)
708	{	949	{
709	vpndata_packet *p = new vpndata_packet;	950	vpndata_packet *p = new vpndata_packet;
710	int tos = 0;	951	int tos = 0;
711		952
712	if (conf->inherit_tos	953	// I am not hilarious about peeking into packets, but so be it.
713	&& (*pkt)[12] == 0x08 && (*pkt)[13] == 0x00 // IP	954	if (conf->inherit_tos && pkt->is_ipv4 ())
714	&& ((*pkt)[14] & 0xf0) == 0x40) // IPv4
715	tos = (*pkt)[15] & IPTOS_TOS_MASK;	955	tos = (*pkt)[15] & IPTOS_TOS_MASK;
716		956
717	p->setup (this, broadcast ? 0 : conf->id, &((*pkt)[6 + 6]), pkt->len - 6 - 6, ++oseqno); // skip 2 macs	957	p->setup (this, conf->id, &((*pkt)[6 + 6]), pkt->len - 6 - 6, ++oseqno); // skip 2 macs
718	send_vpn_packet (p, si, tos);	958	send_vpn_packet (p, si, tos);
719		959
720	delete p;	960	delete p;
721		961
722	if (oseqno > MAX_SEQNO)	962	if (oseqno > MAX_SEQNO)
723	rekey ();	963	rekey ();
724	}	964	}
725		965
726	void	966	void
		967	connection::post_inject_queue ()
		968	{
		969	// force a connection every now and when when packets are sent (max 1/s)
		970	if (ev_now () - last_establish_attempt >= 0.95) // arbitrary
		971	establish_connection.stop ();
		972
		973	establish_connection ();
		974	}
		975
		976	void
727	connection::inject_data_packet (tap_packet *pkt, bool broadcast)	977	connection::inject_data_packet (tap_packet *pkt)
728	{	978	{
729	if (ictx && octx)	979	if (ictx && octx)
730	send_data_packet (pkt, broadcast);	980	send_data_packet (pkt);
731	else	981	else
732	{	982	{
733	if (!broadcast)//DDDD
734	queue.put (new tap_packet (*pkt));	983	data_queue.put (new tap_packet (*pkt));
		984	post_inject_queue ();
		985	}
		986	}
735		987
736	establish_connection ();	988	void connection::inject_vpn_packet (vpn_packet *pkt, int tos)
		989	{
		990	if (ictx && octx)
		991	send_vpn_packet (pkt, si, tos);
		992	else
		993	{
		994	vpn_queue.put ((vpn_packet *)new data_packet (*(data_packet *)pkt));
		995	post_inject_queue ();
737	}	996	}
738	}	997	}
739		998
740	void	999	void
741	connection::recv_vpn_packet (vpn_packet *pkt, const sockinfo &rsi)	1000	connection::recv_vpn_packet (vpn_packet *pkt, const sockinfo &rsi)
742	{	1001	{
743	last_activity = NOW;	1002	last_activity = ev_now ();
744		1003
745	slog (L_NOISE, "<<%d received packet type %d from %d to %d",	1004	slog (L_NOISE, "<<%d received packet type %d from %d to %d.",
746	conf->id, pkt->typ (), pkt->src (), pkt->dst ());	1005	conf->id, pkt->typ (), pkt->src (), pkt->dst ());
747		1006
		1007	if (connectmode == conf_node::C_DISABLED)
		1008	return;
		1009
748	switch (pkt->typ ())	1010	switch (pkt->typ ())
749	{	1011	{
750	case vpn_packet::PT_PING:	1012	case vpn_packet::PT_PING:
751	// we send pings instead of auth packets after some retries,	1013	// we send pings instead of auth packets after some retries,
752	// so reset the retry counter and establish a connection	1014	// so reset the retry counter and establish a connection
753	// when we receive a ping.	1015	// when we receive a ping.
754	if (!ictx)	1016	if (!ictx)
		1017	{
		1018	if (auth_rate_limiter.can (rsi))
		1019	send_auth_request (rsi, true);
		1020	}
		1021	else
		1022	// we would love to change thre socket address here, but ping's aren't
		1023	// authenticated, so we best ignore it.
		1024	send_ping (rsi, 1); // pong
		1025
		1026	break;
		1027
		1028	case vpn_packet::PT_PONG:
		1029	break;
		1030
		1031	case vpn_packet::PT_RESET:
755	{	1032	{
756	if (auth_rate_limiter.can (rsi))	1033	reset_connection ();
757	send_auth_request (rsi, true);	1034
		1035	config_packet *p = (config_packet *) pkt;
		1036
		1037	if (!p->chk_config ())
		1038	{
		1039	slog (L_WARN, _("%s(%s): protocol mismatch, disabling node."),
		1040	conf->nodename, (const char *)rsi);
		1041	connectmode = conf_node::C_DISABLED;
		1042	}
		1043	else if (connectmode == conf_node::C_ALWAYS)
		1044	establish_connection ();
758	}	1045	}
759	else
760	send_ping (rsi, 1); // pong
761
762	break;	1046	break;
763		1047
764	case vpn_packet::PT_PONG:
765	break;
766
767	case vpn_packet::PT_RESET:	1048	case vpn_packet::PT_AUTH_REQ:
768	{	1049	if (auth_rate_limiter.can (rsi))
769	reset_connection ();
770
771	config_packet *p = (config_packet *) pkt;
772
773	if (!p->chk_config ())
774	{	1050	{
		1051	auth_req_packet *p = (auth_req_packet *) pkt;
		1052
		1053	slog (L_TRACE, "<<%d PT_AUTH_REQ(%d)", conf->id, p->initiate);
		1054
		1055	if (p->chk_config () && !strncmp (p->magic, MAGIC, 8))
		1056	{
		1057	if (p->prot_minor != PROTOCOL_MINOR)
		1058	slog (L_INFO, _("%s(%s): protocol minor version mismatch: ours is %d, %s's is %d."),
		1059	conf->nodename, (const char *)rsi,
		1060	PROTOCOL_MINOR, conf->nodename, p->prot_minor);
		1061
		1062	if (p->initiate)
		1063	send_auth_request (rsi, false);
		1064
		1065	rsachallenge k;
		1066
		1067	if (!rsa_decrypt (::conf.rsa_key, p->encr, k))
		1068	{
		1069	slog (L_ERR, _("%s(%s): challenge illegal or corrupted (%s). mismatched key or config file?"),
		1070	conf->nodename, (const char *)rsi, ERR_error_string (ERR_get_error (), 0));
		1071	break;
		1072	}
		1073	else
		1074	{
		1075	delete octx;
		1076
		1077	octx = new crypto_ctx (k, 1);
		1078	oseqno = ntohl (*(u32 *)&k[CHG_SEQNO]) & 0x7fffffff;
		1079
		1080	conf->protocols = p->protocols;
		1081	features = p->features & config_packet::get_features ();
		1082
		1083	send_auth_response (rsi, p->id, k);
		1084
		1085	connection_established ();
		1086
		1087	break;
		1088	}
		1089	}
		1090	else
775	slog (L_WARN, _("%s(%s): protocol mismatch, disabling node"),	1091	slog (L_WARN, _("%s(%s): protocol mismatch."),
776	conf->nodename, (const char *)rsi);	1092	conf->nodename, (const char *)rsi);
777	connectmode = conf_node::C_DISABLED;	1093
		1094	send_reset (rsi);
778	}	1095	}
779	else if (connectmode == conf_node::C_ALWAYS)	1096
780	establish_connection ();
781	}
782	break;	1097	break;
783		1098
784	case vpn_packet::PT_AUTH_REQ:	1099	case vpn_packet::PT_AUTH_RES:
785	if (auth_rate_limiter.can (rsi))
786	{	1100	{
787	auth_req_packet *p = (auth_req_packet *) pkt;	1101	auth_res_packet *p = (auth_res_packet *) pkt;
788		1102
789	slog (L_TRACE, "<<%d PT_AUTH_REQ(%d)", conf->id, p->initiate);	1103	slog (L_TRACE, "<<%d PT_AUTH_RES", conf->id);
790		1104
791	if (p->chk_config () && !strncmp (p->magic, MAGIC, 8))	1105	if (p->chk_config ())
792	{	1106	{
793	if (p->prot_minor != PROTOCOL_MINOR)	1107	if (p->prot_minor != PROTOCOL_MINOR)
794	slog (L_INFO, _("%s(%s): protocol minor version mismatch: ours is %d, %s's is %d."),	1108	slog (L_INFO, _("%s(%s): protocol minor version mismatch: ours is %d, %s's is %d."),
795	conf->nodename, (const char *)rsi,	1109	conf->nodename, (const char *)rsi,
796	PROTOCOL_MINOR, conf->nodename, p->prot_minor);	1110	PROTOCOL_MINOR, conf->nodename, p->prot_minor);
797		1111
798	if (p->initiate)
799	send_auth_request (rsi, false);
800
801	rsachallenge k;	1112	rsachallenge chg;
802		1113
803	if (0 > RSA_private_decrypt (sizeof (p->encr),	1114	if (!rsa_cache.find (p->id, chg))
804	(unsigned char *)&p->encr, (unsigned char *)&k,	1115	{
805	::conf.rsa_key, RSA_PKCS1_OAEP_PADDING))	1116	slog (L_ERR, _("%s(%s): unrequested auth response, ignoring."),
806	slog (L_ERR, _("%s(%s): challenge illegal or corrupted"),
807	conf->nodename, (const char *)rsi);	1117	conf->nodename, (const char *)rsi);
		1118	break;
		1119	}
808	else	1120	else
809	{	1121	{
810	retry_cnt = 0;	1122	crypto_ctx *cctx = new crypto_ctx (chg, 0);
811	establish_connection.set (NOW + 8); //? ;)	1123
812	keepalive.reset ();	1124	if (!p->hmac_chk (cctx))
		1125	{
		1126	slog (L_ERR, _("%s(%s): hmac authentication error on auth response, received invalid packet\n"
		1127	"could be an attack, or just corruption or a synchronization error."),
		1128	conf->nodename, (const char *)rsi);
		1129	break;
		1130	}
813	rekey.reset ();	1131	else
		1132	{
		1133	rsaresponse h;
814		1134
		1135	rsa_hash (p->id, chg, h);
		1136
		1137	if (!memcmp ((u8 *)&h, (u8 *)p->response, sizeof h))
		1138	{
		1139	prot_minor = p->prot_minor;
		1140
		1141	delete ictx; ictx = cctx;
		1142
		1143	iseqno.reset (ntohl (*(u32 *)&chg[CHG_SEQNO]) & 0x7fffffff); // at least 2**31 sequence numbers are valid
		1144
		1145	si = rsi;
		1146	protocol = rsi.prot;
		1147
		1148	slog (L_INFO, _("%s(%s): connection established (%s), protocol version %d.%d."),
		1149	conf->nodename, (const char *)rsi,
		1150	is_direct ? "direct" : "routed",
		1151	p->prot_major, p->prot_minor);
		1152
		1153	connection_established ();
		1154
		1155	if (::conf.script_node_up)
		1156	{
		1157	run_script_cb *cb = new run_script_cb;
		1158	cb->set<connection, &connection::script_node_up> (this);
		1159	run_script_queued (cb, _("node-up command execution failed, continuing."));
		1160	}
		1161
		1162	break;
		1163	}
		1164	else
		1165	slog (L_ERR, _("%s(%s): sent and received challenge do not match."),
		1166	conf->nodename, (const char *)rsi);
		1167	}
		1168
815	delete ictx;	1169	delete cctx;
816	ictx = 0;
817
818	delete octx;
819
820	octx = new crypto_ctx (k, 1);
821	oseqno = ntohl (*(u32 *)&k[CHG_SEQNO]) & 0x7fffffff;
822
823	conf->protocols = p->protocols;
824	send_auth_response (rsi, p->id, k);
825
826	break;
827	}	1170	}
828	}	1171	}
829
830	send_reset (rsi);
831	}	1172	}
832		1173
		1174	send_reset (rsi);
833	break;	1175	break;
834		1176
835	case vpn_packet::PT_AUTH_RES:	1177	case vpn_packet::PT_DATA_COMPRESSED:
836	{	1178	#if !ENABLE_COMPRESSION
837	auth_res_packet *p = (auth_res_packet *) pkt;	1179	send_reset (rsi);
		1180	break;
		1181	#endif
838		1182
839	slog (L_TRACE, "<<%d PT_AUTH_RES", conf->id);	1183	case vpn_packet::PT_DATA_UNCOMPRESSED:
840		1184
841	if (p->chk_config ())	1185	if (ictx && octx)
842	{	1186	{
843	if (p->prot_minor != PROTOCOL_MINOR)	1187	vpndata_packet *p = (vpndata_packet *)pkt;
844	slog (L_INFO, _("%s(%s): protocol minor version mismatch: ours is %d, %s's is %d."),
845	conf->nodename, (const char *)rsi,
846	PROTOCOL_MINOR, conf->nodename, p->prot_minor);
847		1188
848	rsachallenge chg;	1189	if (!p->hmac_chk (ictx))
849		1190	slog (L_ERR, _("%s(%s): hmac authentication error, received invalid packet\n"
850	if (!rsa_cache.find (p->id, chg))	1191	"could be an attack, or just corruption or a synchronization error."),
851	slog (L_ERR, _("%s(%s): unrequested auth response"),
852	conf->nodename, (const char *)rsi);	1192	conf->nodename, (const char *)rsi);
853	else	1193	else
854	{	1194	{
855	crypto_ctx *cctx = new crypto_ctx (chg, 0);
856
857	if (!p->hmac_chk (cctx))
858	slog (L_ERR, _("%s(%s): hmac authentication error on auth response, received invalid packet\n"
859	"could be an attack, or just corruption or an synchronization error"),
860	conf->nodename, (const char *)rsi);
861	else	1195	u32 seqno;
		1196	tap_packet *d = p->unpack (this, seqno);
		1197	int seqclass = iseqno.seqno_classify (seqno);
		1198
		1199	if (seqclass == 0) // ok
862	{	1200	{
863	rsaresponse h;	1201	vpn->tap->send (d);
864		1202
865	rsa_hash (p->id, chg, h);	1203	if (si != rsi)
866
867	if (!memcmp ((u8 *)&h, (u8 *)p->response, sizeof h))
868	{	1204	{
869	prot_minor = p->prot_minor;	1205	// fast re-sync on source address changes, useful especially for tcp/ip
870		1206	//if (last_si_change < ev_now () + 5.)
871	delete ictx; ictx = cctx;
872
873	iseqno.reset (ntohl (*(u32 *)&chg[CHG_SEQNO]) & 0x7fffffff); // at least 2**31 sequence numbers are valid
874
875	si = rsi;
876
877	rekey.set (NOW + ::conf.rekey);
878	keepalive.set (NOW + ::conf.keepalive);
879
880	// send queued packets
881	while (tap_packet *p = queue.get ())
882	{	1207	// {
883	send_data_packet (p);
884	delete p;	1208	si = rsi;
		1209
		1210	slog (L_INFO, _("%s(%s): socket address changed."),
		1211	conf->nodename, (const char *)si);
885	}	1212	// }
886		1213	//else
887	connectmode = conf->connectmode;	1214	// slog (L_INFO, _("%s(%s): accepted packet from %s, not (yet) redirecting traffic."),
888
889	slog (L_INFO, _("%s(%s): %s connection established, protocol version %d.%d"),
890	conf->nodename, (const char *)rsi,	1215	// conf->nodename, (const char *)si, (const char *)rsi);
891	strprotocol (protocol),
892	p->prot_major, p->prot_minor);
893
894	if (::conf.script_node_up)
895	run_script (run_script_cb (this, &connection::script_node_up), false);
896
897	break;
898	}	1216	}
899	else
900	slog (L_ERR, _("%s(%s): sent and received challenge do not match"),
901	conf->nodename, (const char *)rsi);
902	}	1217	}
		1218	else if (seqclass == 1) // far history
		1219	slog (L_ERR, _("received very old packet (received %08lx, expected %08lx). "
		1220	"possible replay attack, or just packet duplication/delay, ignoring."), seqno, iseqno.seq + 1);
		1221	else if (seqclass == 2) // in-window duplicate, happens often on wireless
		1222	slog (L_DEBUG, _("received recent duplicated packet (received %08lx, expected %08lx). "
		1223	"possible replay attack, or just packet duplication, ignoring."), seqno, iseqno.seq + 1);
		1224	else if (seqclass == 3) // reset
		1225	{
		1226	slog (L_ERR, _("received out-of-sync (far future) packet (received %08lx, expected %08lx). "
		1227	"probably just massive packet loss, sending reset."), seqno, iseqno.seq + 1);
		1228	send_reset (rsi);
		1229	}
903		1230
904	delete cctx;	1231	delete d;
		1232	break;
905	}	1233	}
906	}	1234	}
907	}
908		1235
909	send_reset (rsi);	1236	send_reset (rsi);
910	break;	1237	break;
911		1238
912	case vpn_packet::PT_DATA_COMPRESSED:
913	#if !ENABLE_COMPRESSION
914	send_reset (rsi);
915	break;
916	#endif
917
918	case vpn_packet::PT_DATA_UNCOMPRESSED:
919
920	if (ictx && octx)
921	{
922	vpndata_packet *p = (vpndata_packet *)pkt;
923
924	if (rsi == si)
925	{
926	if (!p->hmac_chk (ictx))
927	slog (L_ERR, _("%s(%s): hmac authentication error, received invalid packet\n"
928	"could be an attack, or just corruption or an synchronization error"),
929	conf->nodename, (const char *)rsi);
930	else
931	{
932	u32 seqno;
933	tap_packet *d = p->unpack (this, seqno);
934
935	if (iseqno.recv_ok (seqno))
936	{
937	vpn->tap->send (d);
938
939	if (p->dst () == 0) // re-broadcast
940	for (vpn::conns_vector::iterator i = vpn->conns.begin (); i != vpn->conns.end (); ++i)
941	{
942	connection *c = *i;
943
944	if (c->conf != THISNODE && c->conf != conf)
945	c->inject_data_packet (d);
946	}
947
948	delete d;
949
950	break;
951	}
952	}
953	}
954	else
955	slog (L_ERR, _("received data packet from unknown source %s"), (const char *)rsi);
956	}
957
958	send_reset (rsi);
959	break;
960
961	case vpn_packet::PT_CONNECT_REQ:	1239	case vpn_packet::PT_CONNECT_REQ:
962	if (ictx && octx && rsi == si && pkt->hmac_chk (ictx))	1240	if (ictx && octx && rsi == si && pkt->hmac_chk (ictx))
963	{	1241	{
964	connect_req_packet *p = (connect_req_packet *) pkt;	1242	connect_req_packet *p = (connect_req_packet *) pkt;
965		1243
966	assert (p->id > 0 && p->id <= vpn->conns.size ()); // hmac-auth does not mean we accept anything	1244	if (p->id > 0 && p->id <= vpn->conns.size ())
967	conf->protocols = p->protocols;	1245	{
968	connection *c = vpn->conns[p->id - 1];	1246	connection *c = vpn->conns[p->id - 1];
		1247	conf->protocols = p->protocols;
969		1248
970	slog (L_TRACE, "<<%d PT_CONNECT_REQ(%d) [%d]\n",	1249	slog (L_TRACE, "<<%d PT_CONNECT_REQ(%d) [%d]",
971	conf->id, p->id, c->ictx && c->octx);	1250	conf->id, p->id, c->ictx && c->octx);
972		1251
973	if (c->ictx && c->octx)	1252	if (c->ictx && c->octx)
974	{	1253	{
975	// send connect_info packets to both sides, in case one is	1254	// send connect_info packets to both sides, in case one is
976	// behind a nat firewall (or both ;)	1255	// behind a nat firewall (or both ;)
977	c->send_connect_info (conf->id, si, conf->protocols);	1256	c->send_connect_info (conf->id, si, conf->protocols);
978	send_connect_info (c->conf->id, c->si, c->conf->protocols);	1257	send_connect_info (c->conf->id, c->si, c->conf->protocols);
		1258	}
		1259	else
		1260	c->establish_connection ();
979	}	1261	}
		1262	else
		1263	slog (L_WARN,
		1264	_("received authenticated connection request from unknown node #%d, config file mismatch?"),
		1265	p->id);
980	}	1266	}
981		1267
982	break;	1268	break;
983		1269
984	case vpn_packet::PT_CONNECT_INFO:	1270	case vpn_packet::PT_CONNECT_INFO:
985	if (ictx && octx && rsi == si && pkt->hmac_chk (ictx))	1271	if (ictx && octx && rsi == si && pkt->hmac_chk (ictx))
986	{	1272	{
987	connect_info_packet *p = (connect_info_packet *) pkt;	1273	connect_info_packet *p = (connect_info_packet *)pkt;
988		1274
989	assert (p->id > 0 && p->id <= vpn->conns.size ()); // hmac-auth does not mean we accept anything	1275	if (p->id > 0 && p->id <= vpn->conns.size ())
990	conf->protocols = p->protocols;	1276	{
991	connection *c = vpn->conns[p->id - 1];	1277	connection *c = vpn->conns[p->id - 1];
992		1278
		1279	c->conf->protocols = p->protocols;
		1280	protocol = best_protocol (c->conf->protocols & THISNODE->protocols & p->si.supported_protocols (c->conf));
		1281	p->si.upgrade_protocol (protocol, c->conf);
		1282
993	slog (L_TRACE, "<<%d PT_CONNECT_INFO(%d,%s) (%d)",	1283	slog (L_TRACE, "<<%d PT_CONNECT_INFO(%d,%s) (%d)",
994	conf->id, p->id, (const char *)p->si, !c->ictx && !c->octx);	1284	conf->id, p->id, (const char *)p->si, !c->ictx && !c->octx);
995		1285
		1286	const sockinfo &dsi = forward_si (p->si);
		1287
		1288	if (dsi.valid ())
996	c->send_auth_request (p->si, true);	1289	c->send_auth_request (dsi, true);
		1290	}
		1291	else
		1292	slog (L_WARN,
		1293	_("received authenticated connection request from unknown node #%d, config file mismatch?"),
		1294	p->id);
997	}	1295	}
998		1296
999	break;	1297	break;
1000		1298
1001	default:	1299	default:
1002	send_reset (rsi);	1300	send_reset (rsi);
1003	break;	1301	break;
1004
1005	}	1302	}
1006	}	1303	}
1007		1304
1008	void connection::keepalive_cb (tstamp &ts)	1305	inline void
		1306	connection::keepalive_cb (ev::timer &w, int revents)
1009	{	1307	{
1010	if (NOW >= last_activity + ::conf.keepalive + 30)	1308	if (ev_now () >= last_activity + ::conf.keepalive + 30)
1011	{	1309	{
1012	reset_connection ();	1310	reset_connection ();
1013	establish_connection ();	1311	establish_connection ();
1014	}	1312	}
1015	else if (NOW < last_activity + ::conf.keepalive)	1313	else if (ev_now () < last_activity + ::conf.keepalive)
1016	ts = last_activity + ::conf.keepalive;	1314	w.start (last_activity + ::conf.keepalive - ev::now ());
1017	else if (conf->connectmode != conf_node::C_ONDEMAND	1315	else if (conf->connectmode != conf_node::C_ONDEMAND
1018	|| THISNODE->connectmode != conf_node::C_ONDEMAND)	1316	|| THISNODE->connectmode != conf_node::C_ONDEMAND)
1019	{	1317	{
1020	send_ping (si);	1318	send_ping (si);
1021	ts = NOW + 5;	1319	w.start (5);
1022	}	1320	}
		1321	else if (ev_now () < last_activity + ::conf.keepalive + 10)
		1322	// hold ondemand connections implicitly a few seconds longer
		1323	// should delete octx, though, or something like that ;)
		1324	w.start (last_activity + ::conf.keepalive + 10 - ev::now ());
1023	else	1325	else
1024	reset_connection ();	1326	reset_connection ();
1025	}	1327	}
1026		1328
1027	void connection::connect_request (int id)	1329	void connection::send_connect_request (int id)
1028	{	1330	{
1029	connect_req_packet *p = new connect_req_packet (conf->id, id, conf->protocols);	1331	connect_req_packet *p = new connect_req_packet (conf->id, id, conf->protocols);
1030		1332
1031	slog (L_TRACE, ">>%d PT_CONNECT_REQ(%d)", conf->id, id);	1333	slog (L_TRACE, ">>%d PT_CONNECT_REQ(%d)", conf->id, id);
1032	p->hmac_set (octx);	1334	p->hmac_set (octx);
1033	send_vpn_packet (p, si);	1335	send_vpn_packet (p, si);
1034		1336
1035	delete p;	1337	delete p;
1036	}	1338	}
1037		1339
		1340	void connection::script_init_env (const char *ext)
		1341	{
		1342	char *env;
		1343	asprintf (&env, "IFUPDATA%s=%s", ext, conf->if_up_data); putenv (env);
		1344	asprintf (&env, "NODENAME%s=%s", ext, conf->nodename); putenv (env);
		1345	asprintf (&env, "MAC%s=%02x:%02x:%02x:%02x:%02x:%02x", ext,
		1346	0xfe, 0xfd, 0x80, 0x00, conf->id >> 8,
		1347	conf->id & 0xff); putenv (env);
		1348	}
		1349
1038	void connection::script_node ()	1350	void connection::script_init_connect_env ()
1039	{	1351	{
1040	vpn->script_if_up (0);	1352	vpn->script_init_env ();
1041		1353
1042	char *env;	1354	char *env;
1043	asprintf (&env, "DESTID=%d", conf->id); putenv (env);	1355	asprintf (&env, "DESTID=%d", conf->id); putenv (env);
1044	asprintf (&env, "DESTNODE=%s", conf->nodename); putenv (env);	1356	asprintf (&env, "DESTNODE=%s", conf->nodename); putenv (env);
1045	asprintf (&env, "DESTIP=%s", si.ntoa ()); putenv (env);	1357	asprintf (&env, "DESTIP=%s", si.ntoa ()); putenv (env);
1046	asprintf (&env, "DESTPORT=%d", ntohs (si.port)); putenv (env);	1358	asprintf (&env, "DESTPORT=%d", ntohs (si.port)); putenv (env);
1047	}	1359	}
1048		1360
		1361	inline const char *
1049	const char *connection::script_node_up (int)	1362	connection::script_node_up ()
1050	{	1363	{
1051	script_node ();	1364	script_init_connect_env ();
1052		1365
1053	putenv ("STATE=up");	1366	putenv ((char *)"STATE=up");
1054		1367
		1368	char *filename;
		1369	asprintf (&filename,
		1370	"%s/%s",
		1371	confbase,
1055	return ::conf.script_node_up ? ::conf.script_node_up : "node-up";	1372	::conf.script_node_up ? ::conf.script_node_up : "node-up");
1056	}
1057		1373
		1374	return filename;
		1375	}
		1376
		1377	inline const char *
1058	const char *connection::script_node_down (int)	1378	connection::script_node_down ()
1059	{	1379	{
1060	script_node ();	1380	script_init_connect_env ();
1061		1381
1062	putenv ("STATE=down");	1382	putenv ((char *)"STATE=down");
1063		1383
1064	return ::conf.script_node_up ? ::conf.script_node_down : "node-down";	1384	char *filename;
1065	}	1385	asprintf (&filename,
		1386	"%s/%s",
		1387	confbase,
		1388	::conf.script_node_down ? ::conf.script_node_down : "node-down");
1066		1389
1067	// send a vpn packet out to other hosts	1390	return filename;
1068	void
1069	connection::send_vpn_packet (vpn_packet *pkt, const sockinfo &si, int tos)
1070	{
1071	if (protocol & PROT_IPv4)
1072	vpn->send_ipv4_packet (pkt, si, tos);
1073	else
1074	vpn->send_udpv4_packet (pkt, si, tos);
1075	}	1391	}
1076		1392
1077	connection::connection(struct vpn *vpn_)	1393	connection::connection (struct vpn *vpn, conf_node *conf)
1078	: vpn(vpn_)	1394	: vpn(vpn), conf(conf),
1079	, rekey (this, &connection::rekey_cb)	1395	#if ENABLE_DNS
1080	, keepalive (this, &connection::keepalive_cb)	1396	dns (0),
		1397	#endif
		1398	data_queue(conf->max_ttl, conf->max_queue + 1),
		1399	vpn_queue(conf->max_ttl, conf->max_queue + 1)
		1400	{
		1401	rekey .set<connection, &connection::rekey_cb > (this);
		1402	keepalive .set<connection, &connection::keepalive_cb > (this);
1081	, establish_connection (this, &connection::establish_connection_cb)	1403	establish_connection.set<connection, &connection::establish_connection_cb> (this);
1082	{	1404
		1405	last_establish_attempt = 0.;
1083	octx = ictx = 0;	1406	octx = ictx = 0;
1084	retry_cnt = 0;
1085		1407
1086	connectmode = conf_node::C_ALWAYS; // initial setting	1408	if (!conf->protocols) // make sure some protocol is enabled
		1409	conf->protocols = PROT_UDPv4;
		1410
		1411	connectmode = conf->connectmode;
		1412
		1413	// queue a dummy packet to force an initial connection attempt
		1414	if (connectmode != conf_node::C_ALWAYS && connectmode != conf_node::C_DISABLED)
		1415	vpn_queue.put (new net_packet);
		1416
1087	reset_connection ();	1417	reset_connection ();
1088	}	1418	}
1089		1419
1090	connection::~connection ()	1420	connection::~connection ()
1091	{	1421	{

Diff Legend

–	Removed lines
+	Added lines
<	Changed lines
>	Changed lines