ViewVC Help
View File | Revision Log | Show Annotations | Download File
/cvs/gvpe/src/connection.C
(Generate patch)

Comparing gvpe/src/connection.C (file contents):
Revision 1.75 by pcg, Sun Aug 10 15:04:55 2008 UTC vs.
Revision 1.102 by root, Thu Jul 18 13:35:16 2013 UTC

1/* 1/*
2 connection.C -- manage a single connection 2 connection.C -- manage a single connection
3 Copyright (C) 2003-2008 Marc Lehmann <gvpe@schmorp.de> 3 Copyright (C) 2003-2008,2010,2011,2013 Marc Lehmann <gvpe@schmorp.de>
4 4
5 This file is part of GVPE. 5 This file is part of GVPE.
6 6
7 GVPE is free software; you can redistribute it and/or modify it 7 GVPE is free software; you can redistribute it and/or modify it
8 under the terms of the GNU General Public License as published by the 8 under the terms of the GNU General Public License as published by the
43#include "conf.h" 43#include "conf.h"
44#include "slog.h" 44#include "slog.h"
45#include "device.h" 45#include "device.h"
46#include "vpn.h" 46#include "vpn.h"
47#include "connection.h" 47#include "connection.h"
48#include "hkdf.h"
48 49
49#include "netcompat.h" 50#include "netcompat.h"
50 51
51#if !HAVE_RAND_PSEUDO_BYTES
52# define RAND_pseudo_bytes RAND_bytes
53#endif
54
55#define MAGIC "vped\xbd\xc6\xdb\x82" // 8 bytes of magic 52#define MAGIC "gvpe\xbd\xc6\xdb\x82" // 8 bytes of magic
53#define MAGIC "HUHN\xbd\xc6\xdb\x82" // 8 bytes of magic//D
56 54
57#define ULTRA_FAST 1 55#define ULTRA_FAST 1
58#define HLOG 15 56#define HLOG 15
59#include "lzf/lzf.h" 57#include "lzf/lzf.h"
60#include "lzf/lzf_c.c" 58#include "lzf/lzf_c.c"
63////////////////////////////////////////////////////////////////////////////// 61//////////////////////////////////////////////////////////////////////////////
64 62
65static std::queue< std::pair<run_script_cb *, const char *> > rs_queue; 63static std::queue< std::pair<run_script_cb *, const char *> > rs_queue;
66static ev::child rs_child_ev; 64static ev::child rs_child_ev;
67 65
66namespace
67{
68void // c++ requires external linkage here, apparently :( 68 void // c++ requires external linkage here, apparently :(
69rs_child_cb (ev::child &w, int revents) 69 rs_child_cb (ev::child &w, int revents)
70{ 70 {
71 w.stop (); 71 w.stop ();
72 72
73 if (rs_queue.empty ()) 73 if (rs_queue.empty ())
74 return; 74 return;
75 75
76 pid_t pid = run_script (*rs_queue.front ().first, false); 76 pid_t pid = run_script (*rs_queue.front ().first, false);
77 if (pid) 77 if (pid)
78 { 78 {
79 w.set (pid); 79 w.set (pid);
80 w.start (); 80 w.start ();
81 } 81 }
82 else 82 else
83 slog (L_WARN, rs_queue.front ().second); 83 slog (L_WARN, rs_queue.front ().second);
84 84
85 delete rs_queue.front ().first; 85 delete rs_queue.front ().first;
86 rs_queue.pop (); 86 rs_queue.pop ();
87} 87 }
88};
88 89
89// despite the fancy name, this is quite a hack 90// despite the fancy name, this is quite a hack
90static void 91static void
91run_script_queued (run_script_cb *cb, const char *warnmsg) 92run_script_queued (run_script_cb *cb, const char *warnmsg)
92{ 93{
104struct crypto_ctx 105struct crypto_ctx
105{ 106{
106 EVP_CIPHER_CTX cctx; 107 EVP_CIPHER_CTX cctx;
107 HMAC_CTX hctx; 108 HMAC_CTX hctx;
108 109
109 crypto_ctx (const rsachallenge &challenge, int enc); 110 crypto_ctx (const auth_data &auth1, const auth_data &auth2, const ecdh_key &a, const ecdh_key &b, int enc);
110 ~crypto_ctx (); 111 ~crypto_ctx ();
111}; 112};
112 113
113crypto_ctx::crypto_ctx (const rsachallenge &challenge, int enc) 114crypto_ctx::crypto_ctx (const auth_data &auth1, const auth_data &auth2, const ecdh_key &a, const ecdh_key &b, int enc)
114{ 115{
116 ecdh_key s;
117
118 curve25519_combine (a, b, s);
119
120 {
121 u8 mac_key[MAC_KEYSIZE];
122 static const unsigned char mac_info[] = "gvpe mac key";
123
124 hkdf kdf (auth2.rsa.hkdf_salt, sizeof (auth2.rsa.hkdf_salt), HKDF_XTR_HASH ());
125 kdf.extract (auth1.rsa.mac_key, sizeof (auth1.rsa.mac_key));
126 kdf.extract (s, sizeof (s));
127 kdf.extract_done (HKDF_PRF_HASH ());
128 kdf.expand (mac_key, sizeof (mac_key), mac_info, sizeof (mac_info));
129
130 HMAC_CTX_init (&hctx);
131 require (HMAC_Init_ex (&hctx, mac_key, MAC_KEYSIZE, MAC_DIGEST (), 0));
132 }
133
134 {
135 u8 cipher_key[CIPHER_KEYSIZE];
136 static const unsigned char cipher_info[] = "gvpe cipher key";
137
138 hkdf kdf (auth2.rsa.hkdf_salt, sizeof (auth2.rsa.hkdf_salt), HKDF_XTR_HASH ());
139 kdf.extract (auth1.rsa.cipher_key, sizeof (auth1.rsa.cipher_key));
140 kdf.extract (s, sizeof (s));
141 kdf.extract_done (HKDF_PRF_HASH ());
142 kdf.expand (cipher_key, sizeof (cipher_key), cipher_info, sizeof (cipher_info));
143
115 EVP_CIPHER_CTX_init (&cctx); 144 EVP_CIPHER_CTX_init (&cctx);
116 require (EVP_CipherInit_ex (&cctx, CIPHER, 0, &challenge[CHG_CIPHER_KEY], 0, enc)); 145 require (EVP_CipherInit_ex (&cctx, CIPHER (), 0, cipher_key, 0, enc));
117 HMAC_CTX_init (&hctx); 146 }
118 HMAC_Init_ex (&hctx, &challenge[CHG_HMAC_KEY], HMAC_KEYLEN, DIGEST, 0);
119} 147}
120 148
121crypto_ctx::~crypto_ctx () 149crypto_ctx::~crypto_ctx ()
122{ 150{
123 require (EVP_CIPHER_CTX_cleanup (&cctx)); 151 require (EVP_CIPHER_CTX_cleanup (&cctx));
124 HMAC_CTX_cleanup (&hctx); 152 HMAC_CTX_cleanup (&hctx);
125} 153}
126 154
155static inline void
156auth_encrypt (RSA *key, const auth_data &auth, auth_encr &encr)
157{
158 if (RSA_public_encrypt (sizeof (auth.rsa),
159 (unsigned char *)&auth.rsa, (unsigned char *)&encr.rsa,
160 key, RSA_PKCS1_OAEP_PADDING) < 0)
161 fatal ("RSA_public_encrypt error");
162
163 memcpy (&encr.ecdh, &auth.ecdh, sizeof (encr.ecdh));
164}
165
166static inline bool
167auth_decrypt (RSA *key, const auth_encr &encr, auth_data &auth)
168{
169 u8 rsa_decrypt[RSA_KEYLEN];
170
171 if (RSA_private_decrypt (sizeof (encr.rsa),
172 (const unsigned char *)&encr.rsa, (unsigned char *)rsa_decrypt,
173 key, RSA_PKCS1_OAEP_PADDING) != sizeof (auth.rsa))
174 return 0;
175
176 memcpy (&auth.rsa, rsa_decrypt, sizeof (auth.rsa));
177 memcpy (&auth.ecdh, &encr.ecdh, sizeof (auth.ecdh));
178
179 return 1;
180}
181
127static void 182static void
128rsa_hash (const rsaid &id, const rsachallenge &chg, rsaresponse &h) 183auth_hash (const auth_data &auth, auth_mac &mac)
129{ 184{
130 EVP_MD_CTX ctx; 185 HMAC_CTX ctx;
131 186
132 EVP_MD_CTX_init (&ctx); 187 HMAC_CTX_init (&ctx);
133 require (EVP_DigestInit (&ctx, RSA_HASH)); 188 require (HMAC_Init_ex (&ctx, auth.rsa.auth_key, sizeof (auth.rsa.auth_key), AUTH_DIGEST (), 0));
134 require (EVP_DigestUpdate(&ctx, &chg, sizeof chg)); 189 require (HMAC_Update (&ctx, (const unsigned char *)&auth, sizeof auth));
135 require (EVP_DigestUpdate(&ctx, &id, sizeof id));
136 require (EVP_DigestFinal (&ctx, (unsigned char *)&h, 0)); 190 require (HMAC_Final (&ctx, (unsigned char *)&mac, 0));
137 EVP_MD_CTX_cleanup (&ctx); 191 HMAC_CTX_cleanup (&ctx);
138} 192}
139 193
140struct rsa_entry 194void
195connection::generate_auth_data ()
141{ 196{
142 tstamp expire; 197 if (auth_expire < ev_now ())
143 rsaid id;
144 rsachallenge chg;
145};
146
147struct rsa_cache : list<rsa_entry>
148{
149 inline void cleaner_cb (ev::timer &w, int revents); ev::timer cleaner;
150
151 bool find (const rsaid &id, rsachallenge &chg)
152 {
153 for (iterator i = begin (); i != end (); ++i)
154 { 198 {
155 if (!memcmp (&id, &i->id, sizeof id) && i->expire > ev_now ()) 199 // request data
156 { 200 rand_fill (snd_auth.rsa);
157 memcpy (&chg, &i->chg, sizeof chg); 201 curve25519_generate (snd_ecdh_a, snd_auth.ecdh);
202 auth_hash (snd_auth, snd_auth_mac);
158 203
159 erase (i); 204 // eventual response data
160 return true; 205 curve25519_generate (rcv_ecdh_a, rcv_ecdh_b);
161 }
162 } 206 }
163 207
164 if (!cleaner.is_active ()) 208 // every use prolongs the expiry
165 cleaner.again ();
166
167 return false;
168 }
169
170 void gen (rsaid &id, rsachallenge &chg)
171 {
172 rsa_entry e;
173
174 RAND_bytes ((unsigned char *)&id, sizeof id);
175 RAND_bytes ((unsigned char *)&chg, sizeof chg);
176
177 e.expire = ev_now () + RSA_TTL; 209 auth_expire = ev_now () + AUTH_TTL;
178 e.id = id;
179 memcpy (&e.chg, &chg, sizeof chg);
180
181 push_back (e);
182
183 if (!cleaner.is_active ())
184 cleaner.again ();
185 }
186
187 rsa_cache ()
188 {
189 cleaner.set<rsa_cache, &rsa_cache::cleaner_cb> (this);
190 cleaner.set (RSA_TTL, RSA_TTL);
191 }
192
193} rsa_cache;
194
195void rsa_cache::cleaner_cb (ev::timer &w, int revents)
196{
197 if (empty ())
198 w.stop ();
199 else
200 {
201 for (iterator i = begin (); i != end (); )
202 if (i->expire <= ev_now ())
203 i = erase (i);
204 else
205 ++i;
206 }
207} 210}
208 211
209////////////////////////////////////////////////////////////////////////////// 212//////////////////////////////////////////////////////////////////////////////
210 213
211pkt_queue::pkt_queue (double max_ttl, int max_queue) 214pkt_queue::pkt_queue (double max_ttl, int max_queue)
225 delete p; 228 delete p;
226 229
227 delete [] queue; 230 delete [] queue;
228} 231}
229 232
233void
230void pkt_queue::expire_cb (ev::timer &w, int revents) 234pkt_queue::expire_cb (ev::timer &w, int revents)
231{ 235{
232 ev_tstamp expire = ev_now () - max_ttl; 236 ev_tstamp expire = ev_now () - max_ttl;
233 237
234 for (;;) 238 for (;;)
235 { 239 {
246 250
247 delete get (); 251 delete get ();
248 } 252 }
249} 253}
250 254
255void
251void pkt_queue::put (net_packet *p) 256pkt_queue::put (net_packet *p)
252{ 257{
253 ev_tstamp now = ev_now (); 258 ev_tstamp now = ev_now ();
254 259
255 // start expiry timer 260 // start expiry timer
256 if (empty ()) 261 if (empty ())
265 queue[i].tstamp = now; 270 queue[i].tstamp = now;
266 271
267 i = ni; 272 i = ni;
268} 273}
269 274
270net_packet *pkt_queue::get () 275net_packet *
276pkt_queue::get ()
271{ 277{
272 if (empty ()) 278 if (empty ())
273 return 0; 279 return 0;
274 280
275 net_packet *p = queue[j].pkt; 281 net_packet *p = queue[j].pkt;
299 305
300 bool can (const sockinfo &si) { return can((u32)si.host); } 306 bool can (const sockinfo &si) { return can((u32)si.host); }
301 bool can (u32 host); 307 bool can (u32 host);
302}; 308};
303 309
304net_rate_limiter auth_rate_limiter, reset_rate_limiter; 310static net_rate_limiter auth_rate_limiter, reset_rate_limiter;
305 311
312bool
306bool net_rate_limiter::can (u32 host) 313net_rate_limiter::can (u32 host)
307{ 314{
308 iterator i; 315 iterator i;
309 316
310 for (i = begin (); i != end (); ) 317 for (i = begin (); i != end (); )
311 if (i->host == host) 318 if (i->host == host)
358 365
359///////////////////////////////////////////////////////////////////////////// 366/////////////////////////////////////////////////////////////////////////////
360 367
361unsigned char hmac_packet::hmac_digest[EVP_MAX_MD_SIZE]; 368unsigned char hmac_packet::hmac_digest[EVP_MAX_MD_SIZE];
362 369
370void
363void hmac_packet::hmac_gen (crypto_ctx *ctx) 371hmac_packet::hmac_gen (crypto_ctx *ctx)
364{ 372{
365 unsigned int xlen; 373 unsigned int xlen;
366 374
367 HMAC_CTX *hctx = &ctx->hctx; 375 HMAC_CTX *hctx = &ctx->hctx;
368 376
369 HMAC_Init_ex (hctx, 0, 0, 0, 0); 377 require (HMAC_Init_ex (hctx, 0, 0, 0, 0));
370 HMAC_Update (hctx, ((unsigned char *) this) + sizeof (hmac_packet), 378 require (HMAC_Update (hctx, ((unsigned char *) this) + sizeof (hmac_packet),
371 len - sizeof (hmac_packet)); 379 len - sizeof (hmac_packet)));
372 HMAC_Final (hctx, (unsigned char *) &hmac_digest, &xlen); 380 require (HMAC_Final (hctx, (unsigned char *) &hmac_digest, &xlen));
373} 381}
374 382
375void 383void
376hmac_packet::hmac_set (crypto_ctx *ctx) 384hmac_packet::hmac_set (crypto_ctx *ctx)
377{ 385{
386 hmac_gen (ctx); 394 hmac_gen (ctx);
387 395
388 return !memcmp (hmac, hmac_digest, HMACLENGTH); 396 return !memcmp (hmac, hmac_digest, HMACLENGTH);
389} 397}
390 398
399void
391void vpn_packet::set_hdr (ptype type_, unsigned int dst) 400vpn_packet::set_hdr (ptype type_, unsigned int dst)
392{ 401{
393 type = type_; 402 type = type_;
394 403
395 int src = THISNODE->id; 404 int src = THISNODE->id;
396 405
401 410
402#define MAXVPNDATA (MAX_MTU - 6 - 6) 411#define MAXVPNDATA (MAX_MTU - 6 - 6)
403#define DATAHDR (sizeof (u32) + RAND_SIZE) 412#define DATAHDR (sizeof (u32) + RAND_SIZE)
404 413
405struct vpndata_packet : vpn_packet 414struct vpndata_packet : vpn_packet
415{
416 u8 data[MAXVPNDATA + DATAHDR]; // seqno
417
418 void setup (connection *conn, int dst, u8 *d, u32 len, u32 seqno);
419 tap_packet *unpack (connection *conn, u32 &seqno);
420
421private:
422 const u32 data_hdr_size () const
406 { 423 {
407 u8 data[MAXVPNDATA + DATAHDR]; // seqno
408
409 void setup (connection *conn, int dst, u8 *d, u32 len, u32 seqno);
410 tap_packet *unpack (connection *conn, u32 &seqno);
411private:
412
413 const u32 data_hdr_size () const
414 {
415 return sizeof (vpndata_packet) - sizeof (net_packet) - MAXVPNDATA - DATAHDR; 424 return sizeof (vpndata_packet) - sizeof (net_packet) - MAXVPNDATA - DATAHDR;
416 }
417 }; 425 }
426};
418 427
419void 428void
420vpndata_packet::setup (connection *conn, int dst, u8 *d, u32 l, u32 seqno) 429vpndata_packet::setup (connection *conn, int dst, u8 *d, u32 l, u32 seqno)
421{ 430{
422 EVP_CIPHER_CTX *cctx = &conn->octx->cctx; 431 EVP_CIPHER_CTX *cctx = &conn->octx->cctx;
424 ptype type = PT_DATA_UNCOMPRESSED; 433 ptype type = PT_DATA_UNCOMPRESSED;
425 434
426#if ENABLE_COMPRESSION 435#if ENABLE_COMPRESSION
427 u8 cdata[MAX_MTU]; 436 u8 cdata[MAX_MTU];
428 437
429 if (conn->features & ENABLE_COMPRESSION) 438 if (conn->features & FEATURE_COMPRESSION)
430 { 439 {
431 u32 cl = lzf_compress (d, l, cdata + 2, (l - 2) & ~7); 440 u32 cl = lzf_compress (d, l, cdata + 2, (l - 2) & ~7);
432 441
433 if (cl) 442 if (cl)
434 { 443 {
440 d[1] = cl; 449 d[1] = cl;
441 } 450 }
442 } 451 }
443#endif 452#endif
444 453
445 require (EVP_EncryptInit_ex (cctx, 0, 0, 0, 0)); 454 require (EVP_CipherInit_ex (cctx, 0, 0, 0, 0, 1));
446 455
447 struct { 456 struct {
448#if RAND_SIZE 457#if RAND_SIZE
449 u8 rnd[RAND_SIZE]; 458 u8 rnd[RAND_SIZE];
450#endif 459#endif
451 u32 seqno; 460 u32 seqno;
452 } datahdr; 461 } datahdr;
453 462
454 datahdr.seqno = ntohl (seqno); 463 datahdr.seqno = ntohl (seqno);
455#if RAND_SIZE 464#if RAND_SIZE
456 RAND_pseudo_bytes ((unsigned char *) datahdr.rnd, RAND_SIZE); 465 // NB: a constant (per session) random prefix
466 // is likely enough, but we don't take any chances.
467 conn->oiv.get (datahdr.rnd, RAND_SIZE);
457#endif 468#endif
458 469
459 require (EVP_EncryptUpdate (cctx, 470 require (EVP_EncryptUpdate (cctx,
460 (unsigned char *) data + outl, &outl2, 471 (unsigned char *) data + outl, &outl2,
461 (unsigned char *) &datahdr, DATAHDR)); 472 (unsigned char *) &datahdr, DATAHDR));
483 int outl = 0, outl2; 494 int outl = 0, outl2;
484 tap_packet *p = new tap_packet; 495 tap_packet *p = new tap_packet;
485 u8 *d; 496 u8 *d;
486 u32 l = len - data_hdr_size (); 497 u32 l = len - data_hdr_size ();
487 498
488 require (EVP_DecryptInit_ex (cctx, 0, 0, 0, 0)); 499 require (EVP_CipherInit_ex (cctx, 0, 0, 0, 0, 0));
489 500
490#if ENABLE_COMPRESSION 501#if ENABLE_COMPRESSION
491 u8 cdata[MAX_MTU]; 502 u8 cdata[MAX_MTU];
492 503
493 if (type == PT_DATA_COMPRESSED) 504 if (type == PT_DATA_COMPRESSED)
494 d = cdata; 505 d = cdata;
495 else 506 else
496#endif 507#endif
497 d = &(*p)[6 + 6 - DATAHDR]; 508 d = &(*p)[6 + 6] - DATAHDR;
498 509
499 /* this overwrites part of the src mac, but we fix that later */ 510 // we play do evil games with the struct layout atm.
511 // pending better solutions, we at least do some verification.
512 // this is fine, as we left ISO territory long ago.
513 require (DATAHDR <= 16);
514 require ((u8 *)(&p->len + 1) == &(*p)[0]);
515
516 // this can overwrite the len/dst/src fields
500 require (EVP_DecryptUpdate (cctx, 517 require (EVP_DecryptUpdate (cctx,
501 d, &outl2, 518 d, &outl2,
502 (unsigned char *)&data, len - data_hdr_size ())); 519 (unsigned char *)&data, len - data_hdr_size ()));
503 outl += outl2; 520 outl += outl2;
504 521
535 } 552 }
536}; 553};
537 554
538struct config_packet : vpn_packet 555struct config_packet : vpn_packet
539{ 556{
540 // actually, hmaclen cannot be checked because the hmac
541 // field comes before this data, so peers with other
542 // hmacs simply will not work.
543 u8 prot_major, prot_minor, randsize, hmaclen; 557 u8 prot_major, prot_minor, randsize;
544 u8 flags, challengelen, features, pad3; 558 u8 flags, features, pad6, pad7, pad8;
545 u32 cipher_nid, digest_nid, hmac_nid; 559 u32 cipher_nid, mac_nid, auth_nid;
546 560
547 void setup (ptype type, int dst); 561 void setup (ptype type, int dst);
548 bool chk_config () const; 562 bool chk_config () const;
549 563
550 static u8 get_features () 564 static u8 get_features ()
561#endif 575#endif
562 return f; 576 return f;
563 } 577 }
564}; 578};
565 579
580void
566void config_packet::setup (ptype type, int dst) 581config_packet::setup (ptype type, int dst)
567{ 582{
568 prot_major = PROTOCOL_MAJOR; 583 prot_major = PROTOCOL_MAJOR;
569 prot_minor = PROTOCOL_MINOR; 584 prot_minor = PROTOCOL_MINOR;
570 randsize = RAND_SIZE; 585 randsize = RAND_SIZE;
571 hmaclen = HMACLENGTH;
572 flags = 0; 586 flags = 0;
573 challengelen = sizeof (rsachallenge);
574 features = get_features (); 587 features = get_features ();
575 588
576 cipher_nid = htonl (EVP_CIPHER_nid (CIPHER)); 589 cipher_nid = htonl (EVP_CIPHER_nid (CIPHER ()));
577 digest_nid = htonl (EVP_MD_type (RSA_HASH));
578 hmac_nid = htonl (EVP_MD_type (DIGEST)); 590 mac_nid = htonl (EVP_MD_type (MAC_DIGEST ()));
591 auth_nid = htonl (EVP_MD_type (AUTH_DIGEST ()));
579 592
580 len = sizeof (*this) - sizeof (net_packet); 593 len = sizeof (*this) - sizeof (net_packet);
581 set_hdr (type, dst); 594 set_hdr (type, dst);
582} 595}
583 596
597bool
584bool config_packet::chk_config () const 598config_packet::chk_config () const
585{ 599{
586 if (prot_major != PROTOCOL_MAJOR) 600 if (prot_major != PROTOCOL_MAJOR)
587 slog (L_WARN, _("major version mismatch (remote %d <=> local %d)"), prot_major, PROTOCOL_MAJOR); 601 slog (L_WARN, _("major version mismatch (remote %d <=> local %d)"), prot_major, PROTOCOL_MAJOR);
588 else if (randsize != RAND_SIZE) 602 else if (randsize != RAND_SIZE)
589 slog (L_WARN, _("rand size mismatch (remote %d <=> local %d)"), randsize, RAND_SIZE); 603 slog (L_WARN, _("rand size mismatch (remote %d <=> local %d)"), randsize, RAND_SIZE);
590 else if (hmaclen != HMACLENGTH)
591 slog (L_WARN, _("hmac length mismatch (remote %d <=> local %d)"), hmaclen, HMACLENGTH);
592 else if (challengelen != sizeof (rsachallenge))
593 slog (L_WARN, _("challenge length mismatch (remote %d <=> local %d)"), challengelen, sizeof (rsachallenge));
594 else if (cipher_nid != htonl (EVP_CIPHER_nid (CIPHER))) 604 else if (cipher_nid != htonl (EVP_CIPHER_nid (CIPHER ())))
595 slog (L_WARN, _("cipher mismatch (remote %x <=> local %x)"), ntohl (cipher_nid), EVP_CIPHER_nid (CIPHER)); 605 slog (L_WARN, _("cipher algo mismatch (remote %x <=> local %x)"), ntohl (cipher_nid), EVP_CIPHER_nid (CIPHER ()));
596 else if (digest_nid != htonl (EVP_MD_type (RSA_HASH)))
597 slog (L_WARN, _("digest mismatch (remote %x <=> local %x)"), ntohl (digest_nid), EVP_MD_type (RSA_HASH));
598 else if (hmac_nid != htonl (EVP_MD_type (DIGEST))) 606 else if (mac_nid != htonl (EVP_MD_type (MAC_DIGEST ())))
599 slog (L_WARN, _("hmac mismatch (remote %x <=> local %x)"), ntohl (hmac_nid), EVP_MD_type (DIGEST)); 607 slog (L_WARN, _("mac algo mismatch (remote %x <=> local %x)"), ntohl (mac_nid), EVP_MD_type (MAC_DIGEST ()));
608 else if (auth_nid != htonl (EVP_MD_type (AUTH_DIGEST ())))
609 slog (L_WARN, _("auth algo mismatch (remote %x <=> local %x)"), ntohl (auth_nid), EVP_MD_type (AUTH_DIGEST ()));
600 else 610 else
601 return true; 611 return true;
602 612
603 return false; 613 return false;
604} 614}
605 615
606struct auth_req_packet : config_packet 616struct auth_req_packet : config_packet // UNPROTECTED
607{ 617{
608 char magic[8]; 618 char magic[8];
609 u8 initiate; // false if this is just an automatic reply 619 u8 initiate; // false if this is just an automatic reply
610 u8 protocols; // supported protocols (will be patched on forward) 620 u8 protocols; // supported protocols (will be patched on forward)
611 u8 pad2, pad3; 621 u8 pad2, pad3;
612 rsaid id; 622 auth_encr encr;
613 rsaencrdata encr;
614 623
615 auth_req_packet (int dst, bool initiate_, u8 protocols_) 624 auth_req_packet (int dst, bool initiate_, u8 protocols_)
616 { 625 {
617 config_packet::setup (PT_AUTH_REQ, dst); 626 config_packet::setup (PT_AUTH_REQ, dst);
618 strncpy (magic, MAGIC, 8); 627 memcpy (magic, MAGIC, 8);
619 initiate = !!initiate_; 628 initiate = !!initiate_;
620 protocols = protocols_; 629 protocols = protocols_;
621 630
622 len = sizeof (*this) - sizeof (net_packet); 631 len = sizeof (*this) - sizeof (net_packet);
623 } 632 }
624}; 633};
625 634
626struct auth_res_packet : config_packet 635struct auth_res_packet : config_packet // UNPROTECTED
627{ 636{
628 rsaid id;
629 u8 pad1, pad2, pad3;
630 u8 response_len; // encrypted length
631 rsaresponse response; 637 auth_response response;
632 638
633 auth_res_packet (int dst) 639 auth_res_packet (int dst)
634 { 640 {
635 config_packet::setup (PT_AUTH_RES, dst); 641 config_packet::setup (PT_AUTH_RES, dst);
636 642
670}; 676};
671 677
672///////////////////////////////////////////////////////////////////////////// 678/////////////////////////////////////////////////////////////////////////////
673 679
674void 680void
675connection::connection_established () 681connection::connection_established (const sockinfo &rsi)
676{ 682{
677 slog (L_TRACE, _("%s: possible connection establish (ictx %d, octx %d)"), conf->nodename, !!ictx, !!octx); 683 if (!have_snd_auth || !have_rcv_auth)
684 return;
678 685
686 si = rsi;
687 protocol = rsi.prot;
688
689 slog (L_INFO, _("%s(%s): connection established (%s), protocol version %d.%d."),
690 conf->nodename, (const char *)rsi,
691 is_direct ? "direct" : "forwarded",
692 PROTOCOL_MAJOR, prot_minor);
693
694 if (::conf.script_node_up)
695 {
696 run_script_cb *cb = new run_script_cb;
697 cb->set<connection, &connection::script_node_up> (this);
698 run_script_queued (cb, _("node-up command execution failed, continuing."));
699 }
700
701 delete ictx; ictx = new crypto_ctx (rcv_auth, snd_auth, rcv_ecdh_a, rcv_auth.ecdh, 0);
702 iseqno.reset (ntohl (rcv_auth.rsa.seqno) & 0x7fffffff);
703
704 delete octx; octx = new crypto_ctx (snd_auth, rcv_auth, snd_ecdh_a, snd_ecdh_b , 1);
705 oseqno = ntohl (snd_auth.rsa.seqno) & 0x7fffffff;
706
707 oiv.reset ();
708
709 // make sure rekeying timeouts are slightly asymmetric
710 ev::tstamp rekey_interval = ::conf.rekey + (conf->id > THISNODE->id ? 10 : 0);
711 rekey.start (rekey_interval, rekey_interval);
712
713 keepalive.start (::conf.keepalive);
714
715 // send queued packets
679 if (ictx && octx) 716 if (ictx && octx)
680 { 717 {
681 // make sure rekeying timeouts are slightly asymmetric 718 while (tap_packet *p = (tap_packet *)data_queue.get ())
682 ev::tstamp rekey_interval = ::conf.rekey + (conf->id > THISNODE->id ? 10 : 0);
683 rekey.start (rekey_interval, rekey_interval);
684 keepalive.start (::conf.keepalive);
685
686 // send queued packets
687 if (ictx && octx)
688 { 719 {
689 while (tap_packet *p = (tap_packet *)data_queue.get ())
690 {
691 if (p->len) send_data_packet (p); 720 if (p->len) send_data_packet (p);
692 delete p; 721 delete p;
693 }
694
695 while (vpn_packet *p = (vpn_packet *)vpn_queue.get ())
696 {
697 if (p->len) send_vpn_packet (p, si, IPTOS_RELIABILITY);
698 delete p;
699 }
700 } 722 }
701 723
724 while (vpn_packet *p = (vpn_packet *)vpn_queue.get ())
725 {
726 if (p->len) send_vpn_packet (p, si, IPTOS_RELIABILITY);
727 delete p;
728 }
729 }
730
702 vpn->connection_established (this); 731 vpn->connection_established (this);
703 }
704 else
705 {
706 retry_cnt = 0;
707 establish_connection.start (5);
708 keepalive.stop ();
709 rekey.stop ();
710 }
711} 732}
712 733
713void 734void
714connection::reset_si () 735connection::reset_si ()
715{ 736{
760{ 781{
761 ping_packet *pkt = new ping_packet; 782 ping_packet *pkt = new ping_packet;
762 783
763 pkt->setup (conf->id, pong ? ping_packet::PT_PONG : ping_packet::PT_PING); 784 pkt->setup (conf->id, pong ? ping_packet::PT_PONG : ping_packet::PT_PING);
764 785
765 slog (L_TRACE, ">>%d %s [%s]", conf->id, pong ? "PT_PONG" : "PT_PING", (const char *)si); 786 slog (L_TRACE, "%s << %s [%s]", conf->nodename, pong ? "PT_PONG" : "PT_PING", (const char *)si);
766
767 send_vpn_packet (pkt, si, IPTOS_LOWDELAY); 787 send_vpn_packet (pkt, si, IPTOS_LOWDELAY);
768 788
769 delete pkt; 789 delete pkt;
770} 790}
771 791
786void 806void
787connection::send_auth_request (const sockinfo &si, bool initiate) 807connection::send_auth_request (const sockinfo &si, bool initiate)
788{ 808{
789 auth_req_packet *pkt = new auth_req_packet (conf->id, initiate, THISNODE->protocols); 809 auth_req_packet *pkt = new auth_req_packet (conf->id, initiate, THISNODE->protocols);
790 810
791 rsachallenge chg; 811 generate_auth_data ();
792 rsa_cache.gen (pkt->id, chg);
793 rsa_encrypt (conf->rsa_key, chg, pkt->encr); 812 auth_encrypt (conf->rsa_key, snd_auth, pkt->encr);
794 813
795 slog (L_TRACE, ">>%d PT_AUTH_REQ [%s]", conf->id, (const char *)si); 814 slog (L_TRACE, "%s << PT_AUTH_REQ [%s]", conf->nodename, (const char *)si);
796
797 send_vpn_packet (pkt, si, IPTOS_RELIABILITY | IPTOS_LOWDELAY); // rsa is very very costly 815 send_vpn_packet (pkt, si, IPTOS_RELIABILITY | IPTOS_LOWDELAY); // rsa is very very costly
798 816
799 delete pkt; 817 delete pkt;
800} 818}
801 819
802void 820void
803connection::send_auth_response (const sockinfo &si, const rsaid &id, const rsachallenge &chg) 821connection::send_auth_response (const sockinfo &si)
804{ 822{
805 auth_res_packet *pkt = new auth_res_packet (conf->id); 823 auth_res_packet *pkt = new auth_res_packet (conf->id);
806 824
807 pkt->id = id; 825 auth_hash (rcv_auth, pkt->response.mac);
826 memcpy (pkt->response.ecdh, rcv_ecdh_b, sizeof (rcv_ecdh_b));
808 827
809 rsa_hash (id, chg, pkt->response);
810
811 pkt->hmac_set (octx);
812
813 slog (L_TRACE, ">>%d PT_AUTH_RES [%s]", conf->id, (const char *)si); 828 slog (L_TRACE, "%s << PT_AUTH_RES [%s]", conf->nodename, (const char *)si);
814
815 send_vpn_packet (pkt, si, IPTOS_RELIABILITY); // rsa is very very costly 829 send_vpn_packet (pkt, si, IPTOS_RELIABILITY); // rsa is very very costly
816 830
817 delete pkt; 831 delete pkt;
818} 832}
819 833
820void 834void
821connection::send_connect_info (int rid, const sockinfo &rsi, u8 rprotocols) 835connection::send_connect_info (int rid, const sockinfo &rsi, u8 rprotocols)
822{ 836{
823 slog (L_TRACE, ">>%d PT_CONNECT_INFO(%d,%s)", 837 slog (L_TRACE, "%s << PT_CONNECT_INFO(%s,%s,p%02x)", conf->nodename,
824 conf->id, rid, (const char *)rsi); 838 vpn->conns[rid - 1]->conf->nodename, (const char *)rsi,
839 conf->protocols);
825 840
826 connect_info_packet *r = new connect_info_packet (conf->id, rid, rsi, rprotocols); 841 connect_info_packet *r = new connect_info_packet (conf->id, rid, rsi, rprotocols);
827 842
828 r->hmac_set (octx); 843 r->hmac_set (octx);
829 send_vpn_packet (r, si); 844 send_vpn_packet (r, si);
832} 847}
833 848
834inline void 849inline void
835connection::establish_connection_cb (ev::timer &w, int revents) 850connection::establish_connection_cb (ev::timer &w, int revents)
836{ 851{
837 if (!ictx 852 if (!(ictx && octx)
838 && conf != THISNODE 853 && conf != THISNODE
839 && connectmode != conf_node::C_NEVER 854 && connectmode != conf_node::C_NEVER
840 && connectmode != conf_node::C_DISABLED 855 && connectmode != conf_node::C_DISABLED
841 && !w.is_active ()) 856 && !w.is_active ())
842 { 857 {
910 } 925 }
911 } 926 }
912 927
913 delete ictx; ictx = 0; 928 delete ictx; ictx = 0;
914 delete octx; octx = 0; 929 delete octx; octx = 0;
915#if ENABLE_DNS
916 dnsv4_reset_connection ();
917#endif
918 930
919 si.host = 0; 931 si.host = 0;
932
933 have_snd_auth = false;
934 have_rcv_auth = false;
935 auth_expire = 0.;
920 936
921 last_activity = 0.; 937 last_activity = 0.;
922 //last_si_change = 0.; 938 //last_si_change = 0.;
923 retry_cnt = 0; 939 retry_cnt = 0;
924 940
983 data_queue.put (new tap_packet (*pkt)); 999 data_queue.put (new tap_packet (*pkt));
984 post_inject_queue (); 1000 post_inject_queue ();
985 } 1001 }
986} 1002}
987 1003
1004void
988void connection::inject_vpn_packet (vpn_packet *pkt, int tos) 1005connection::inject_vpn_packet (vpn_packet *pkt, int tos)
989{ 1006{
990 if (ictx && octx) 1007 if (ictx && octx)
991 send_vpn_packet (pkt, si, tos); 1008 send_vpn_packet (pkt, si, tos);
992 else 1009 else
993 { 1010 {
999void 1016void
1000connection::recv_vpn_packet (vpn_packet *pkt, const sockinfo &rsi) 1017connection::recv_vpn_packet (vpn_packet *pkt, const sockinfo &rsi)
1001{ 1018{
1002 last_activity = ev_now (); 1019 last_activity = ev_now ();
1003 1020
1004 slog (L_NOISE, "<<%d received packet type %d from %d to %d.", 1021 slog (L_NOISE, "%s >> received packet type %d from %d to %d.",
1005 conf->id, pkt->typ (), pkt->src (), pkt->dst ()); 1022 conf->nodename, pkt->typ (), pkt->src (), pkt->dst ());
1006 1023
1007 if (connectmode == conf_node::C_DISABLED) 1024 if (connectmode == conf_node::C_DISABLED)
1008 return; 1025 return;
1009 1026
1010 switch (pkt->typ ()) 1027 switch (pkt->typ ())
1011 { 1028 {
1012 case vpn_packet::PT_PING: 1029 case vpn_packet::PT_PING:
1030 slog (L_TRACE, "%s >> PT_PING", conf->nodename);
1031
1013 // we send pings instead of auth packets after some retries, 1032 // we send pings instead of auth packets after some retries,
1014 // so reset the retry counter and establish a connection 1033 // so reset the retry counter and establish a connection
1015 // when we receive a ping. 1034 // when we receive a ping.
1016 if (!ictx) 1035 if (!ictx)
1017 { 1036 {
1018 if (auth_rate_limiter.can (rsi)) 1037 if (auth_rate_limiter.can (rsi))
1019 send_auth_request (rsi, true); 1038 send_auth_request (rsi, true);
1020 } 1039 }
1021 else 1040 else
1022 // we would love to change thre socket address here, but ping's aren't 1041 // we would love to change the socket address here, but ping's aren't
1023 // authenticated, so we best ignore it. 1042 // authenticated, so we best ignore it.
1024 send_ping (rsi, 1); // pong 1043 send_ping (rsi, 1); // pong
1025 1044
1026 break; 1045 break;
1027 1046
1028 case vpn_packet::PT_PONG: 1047 case vpn_packet::PT_PONG:
1048 slog (L_TRACE, "%s >> PT_PONG", conf->nodename);
1049
1050 // a PONG might mean that the other side doesn't really know
1051 // about our desire for communication.
1052 establish_connection ();
1029 break; 1053 break;
1030 1054
1031 case vpn_packet::PT_RESET: 1055 case vpn_packet::PT_RESET:
1032 { 1056 {
1033 reset_connection (); 1057 reset_connection ();
1046 break; 1070 break;
1047 1071
1048 case vpn_packet::PT_AUTH_REQ: 1072 case vpn_packet::PT_AUTH_REQ:
1049 if (auth_rate_limiter.can (rsi)) 1073 if (auth_rate_limiter.can (rsi))
1050 { 1074 {
1051 auth_req_packet *p = (auth_req_packet *) pkt; 1075 auth_req_packet *p = (auth_req_packet *)pkt;
1052 1076
1053 slog (L_TRACE, "<<%d PT_AUTH_REQ(%d)", conf->id, p->initiate); 1077 slog (L_TRACE, "%s >> PT_AUTH_REQ(%s,p%02x,f%02x)",
1078 conf->nodename, p->initiate ? "initiate" : "reply",
1079 p->protocols, p->features);
1054 1080
1055 if (p->chk_config () && !strncmp (p->magic, MAGIC, 8)) 1081 if (p->chk_config () && !memcmp (p->magic, MAGIC, 8))
1056 { 1082 {
1057 if (p->prot_minor != PROTOCOL_MINOR) 1083 if (p->prot_minor != PROTOCOL_MINOR)
1058 slog (L_INFO, _("%s(%s): protocol minor version mismatch: ours is %d, %s's is %d."), 1084 slog (L_INFO, _("%s(%s): protocol minor version mismatch: ours is %d, %s's is %d."),
1059 conf->nodename, (const char *)rsi, 1085 conf->nodename, (const char *)rsi,
1060 PROTOCOL_MINOR, conf->nodename, p->prot_minor); 1086 PROTOCOL_MINOR, conf->nodename, p->prot_minor);
1061 1087
1062 if (p->initiate) 1088 if (p->initiate)
1063 send_auth_request (rsi, false); 1089 send_auth_request (rsi, false);
1064 1090
1065 rsachallenge k; 1091 auth_data auth;
1066 1092
1067 if (!rsa_decrypt (::conf.rsa_key, p->encr, k)) 1093 if (!auth_decrypt (::conf.rsa_key, p->encr, auth))
1068 { 1094 {
1069 slog (L_ERR, _("%s(%s): challenge illegal or corrupted (%s). mismatched key or config file?"), 1095 slog (L_ERR, _("%s(%s): challenge illegal or corrupted (%s). mismatched key or config file?"),
1070 conf->nodename, (const char *)rsi, ERR_error_string (ERR_get_error (), 0)); 1096 conf->nodename, (const char *)rsi, ERR_error_string (ERR_get_error (), 0));
1071 break;
1072 } 1097 }
1073 else 1098 else
1074 { 1099 {
1075 delete octx; 1100 bool chg = !have_rcv_auth || memcmp (&rcv_auth, &auth, sizeof auth);
1076 1101
1077 octx = new crypto_ctx (k, 1); 1102 rcv_auth = auth;
1078 oseqno = ntohl (*(u32 *)&k[CHG_SEQNO]) & 0x7fffffff; 1103 have_rcv_auth = true;
1079 1104
1105 send_auth_response (rsi);
1106
1107 if (chg)
1108 {
1080 conf->protocols = p->protocols; 1109 conf->protocols = p->protocols;
1081 features = p->features & config_packet::get_features (); 1110 features = p->features & config_packet::get_features ();
1082 1111
1083 send_auth_response (rsi, p->id, k);
1084
1085 connection_established (); 1112 connection_established (rsi);
1086
1087 break; 1113 }
1088 } 1114 }
1115
1116 break;
1089 } 1117 }
1090 else 1118 else
1091 slog (L_WARN, _("%s(%s): protocol mismatch."), 1119 slog (L_WARN, _("%s(%s): protocol mismatch."),
1092 conf->nodename, (const char *)rsi); 1120 conf->nodename, (const char *)rsi);
1093 1121
1096 1124
1097 break; 1125 break;
1098 1126
1099 case vpn_packet::PT_AUTH_RES: 1127 case vpn_packet::PT_AUTH_RES:
1100 { 1128 {
1101 auth_res_packet *p = (auth_res_packet *) pkt; 1129 auth_res_packet *p = (auth_res_packet *)pkt;
1102 1130
1103 slog (L_TRACE, "<<%d PT_AUTH_RES", conf->id); 1131 slog (L_TRACE, "%s >> PT_AUTH_RES", conf->nodename);
1104 1132
1105 if (p->chk_config ()) 1133 if (p->chk_config ())
1106 { 1134 {
1107 if (p->prot_minor != PROTOCOL_MINOR) 1135 if (memcmp (&p->response.mac, snd_auth_mac, sizeof (snd_auth_mac)))
1108 slog (L_INFO, _("%s(%s): protocol minor version mismatch: ours is %d, %s's is %d."),
1109 conf->nodename, (const char *)rsi,
1110 PROTOCOL_MINOR, conf->nodename, p->prot_minor);
1111
1112 rsachallenge chg;
1113
1114 if (!rsa_cache.find (p->id, chg))
1115 { 1136 {
1116 slog (L_ERR, _("%s(%s): unrequested auth response, ignoring."), 1137 slog (L_ERR, _("%s(%s): unrequested or outdated auth response, ignoring."),
1117 conf->nodename, (const char *)rsi); 1138 conf->nodename, (const char *)rsi);
1118 break;
1119 } 1139 }
1120 else 1140 else if (!have_snd_auth)
1121 { 1141 {
1122 crypto_ctx *cctx = new crypto_ctx (chg, 0); 1142 if (p->prot_minor != PROTOCOL_MINOR)
1123 1143 slog (L_INFO, _("%s(%s): protocol minor version mismatch: ours is %d, %s's is %d."),
1124 if (!p->hmac_chk (cctx))
1125 {
1126 slog (L_ERR, _("%s(%s): hmac authentication error on auth response, received invalid packet\n"
1127 "could be an attack, or just corruption or a synchronization error."),
1128 conf->nodename, (const char *)rsi); 1144 conf->nodename, (const char *)rsi,
1129 break; 1145 PROTOCOL_MINOR, conf->nodename, p->prot_minor);
1130 }
1131 else
1132 {
1133 rsaresponse h;
1134 1146
1135 rsa_hash (p->id, chg, h);
1136
1137 if (!memcmp ((u8 *)&h, (u8 *)p->response, sizeof h))
1138 {
1139 prot_minor = p->prot_minor; 1147 prot_minor = p->prot_minor;
1148 memcpy (snd_ecdh_b, p->response.ecdh, sizeof (snd_ecdh_b));
1140 1149
1141 delete ictx; ictx = cctx; 1150 have_snd_auth = true;
1142
1143 iseqno.reset (ntohl (*(u32 *)&chg[CHG_SEQNO]) & 0x7fffffff); // at least 2**31 sequence numbers are valid
1144
1145 si = rsi;
1146 protocol = rsi.prot;
1147
1148 slog (L_INFO, _("%s(%s): connection established, protocol version %d.%d."),
1149 conf->nodename, (const char *)rsi,
1150 p->prot_major, p->prot_minor);
1151
1152 connection_established (); 1151 connection_established (rsi);
1153
1154 if (::conf.script_node_up)
1155 {
1156 run_script_cb *cb = new run_script_cb;
1157 cb->set<connection, &connection::script_node_up> (this);
1158 run_script_queued (cb, _("node-up command execution failed, continuing."));
1159 }
1160
1161 break;
1162 }
1163 else
1164 slog (L_ERR, _("%s(%s): sent and received challenge do not match."),
1165 conf->nodename, (const char *)rsi);
1166 }
1167
1168 delete cctx;
1169 } 1152 }
1153
1154 break;
1170 } 1155 }
1171 } 1156 }
1172 1157
1173 send_reset (rsi); 1158 send_reset (rsi);
1174 break; 1159 break;
1202 if (si != rsi) 1187 if (si != rsi)
1203 { 1188 {
1204 // fast re-sync on source address changes, useful especially for tcp/ip 1189 // fast re-sync on source address changes, useful especially for tcp/ip
1205 //if (last_si_change < ev_now () + 5.) 1190 //if (last_si_change < ev_now () + 5.)
1206 // { 1191 // {
1192 slog (L_INFO, _("%s(%s): changing socket address to %s."),
1193 conf->nodename, (const char *)si, (const char *)rsi);
1194
1207 si = rsi; 1195 si = rsi;
1208 1196
1209 slog (L_INFO, _("%s(%s): socket address changed to %s."), 1197 if (::conf.script_node_change)
1210 conf->nodename, (const char *)si, (const char *)rsi); 1198 {
1199 run_script_cb *cb = new run_script_cb;
1200 cb->set<connection, &connection::script_node_change> (this);
1201 run_script_queued (cb, _("node-change command execution failed, continuing."));
1202 }
1203
1211 // } 1204 // }
1212 //else 1205 //else
1213 // slog (L_INFO, _("%s(%s): accepted packet from %s, not (yet) redirecting traffic."), 1206 // slog (L_INFO, _("%s(%s): accepted packet from %s, not (yet) redirecting traffic."),
1214 // conf->nodename, (const char *)si, (const char *)rsi); 1207 // conf->nodename, (const char *)si, (const char *)rsi);
1215 } 1208 }
1236 break; 1229 break;
1237 1230
1238 case vpn_packet::PT_CONNECT_REQ: 1231 case vpn_packet::PT_CONNECT_REQ:
1239 if (ictx && octx && rsi == si && pkt->hmac_chk (ictx)) 1232 if (ictx && octx && rsi == si && pkt->hmac_chk (ictx))
1240 { 1233 {
1241 connect_req_packet *p = (connect_req_packet *) pkt; 1234 connect_req_packet *p = (connect_req_packet *)pkt;
1242 1235
1243 if (p->id > 0 && p->id <= vpn->conns.size ()) 1236 if (p->id > 0 && p->id <= vpn->conns.size ())
1244 { 1237 {
1245 connection *c = vpn->conns[p->id - 1]; 1238 connection *c = vpn->conns[p->id - 1];
1246 conf->protocols = p->protocols; 1239 conf->protocols = p->protocols;
1247 1240
1248 slog (L_TRACE, "<<%d PT_CONNECT_REQ(%d) [%d]", 1241 slog (L_TRACE, "%s >> PT_CONNECT_REQ(%s,p%02x) [%d]",
1242 conf->nodename, vpn->conns[p->id - 1]->conf->nodename,
1243 p->protocols,
1249 conf->id, p->id, c->ictx && c->octx); 1244 c->ictx && c->octx);
1250 1245
1251 if (c->ictx && c->octx) 1246 if (c->ictx && c->octx)
1252 { 1247 {
1253 // send connect_info packets to both sides, in case one is 1248 // send connect_info packets to both sides, in case one is
1254 // behind a nat firewall (or both ;) 1249 // behind a nat firewall (or both ;)
1277 1272
1278 c->conf->protocols = p->protocols; 1273 c->conf->protocols = p->protocols;
1279 protocol = best_protocol (c->conf->protocols & THISNODE->protocols & p->si.supported_protocols (c->conf)); 1274 protocol = best_protocol (c->conf->protocols & THISNODE->protocols & p->si.supported_protocols (c->conf));
1280 p->si.upgrade_protocol (protocol, c->conf); 1275 p->si.upgrade_protocol (protocol, c->conf);
1281 1276
1282 slog (L_TRACE, "<<%d PT_CONNECT_INFO(%d,%s) (%d)", 1277 slog (L_TRACE, "%s >> PT_CONNECT_INFO(%s,%s,protocols=%02x,protocol=%02x,upgradable=%02x) [%d]",
1283 conf->id, p->id, (const char *)p->si, !c->ictx && !c->octx); 1278 conf->nodename,
1279 vpn->conns[p->id - 1]->conf->nodename,
1280 (const char *)p->si,
1281 p->protocols,
1282 protocol,
1283 p->si.supported_protocols (c->conf),
1284 !c->ictx && !c->octx);
1284 1285
1285 const sockinfo &dsi = forward_si (p->si); 1286 const sockinfo &dsi = forward_si (p->si);
1286 1287
1287 if (dsi.valid ()) 1288 if (dsi.valid ())
1288 c->send_auth_request (dsi, true); 1289 c->send_auth_request (dsi, true);
1290 else
1291 slog (L_INFO, "connect info for %s received (%s), but still unable to contact.",
1292 vpn->conns[p->id - 1]->conf->nodename,
1293 (const char *)p->si);
1289 } 1294 }
1290 else 1295 else
1291 slog (L_WARN, 1296 slog (L_WARN,
1292 _("received authenticated connection request from unknown node #%d, config file mismatch?"), 1297 _("received authenticated connection request from unknown node #%d, config file mismatch?"),
1293 p->id); 1298 p->id);
1302} 1307}
1303 1308
1304inline void 1309inline void
1305connection::keepalive_cb (ev::timer &w, int revents) 1310connection::keepalive_cb (ev::timer &w, int revents)
1306{ 1311{
1307 if (ev_now () >= last_activity + ::conf.keepalive + 30) 1312 ev_tstamp when = last_activity + ::conf.keepalive - ev::now ();
1313
1314 if (when >= 0)
1315 w.start (when);
1316 else if (when < -15)
1308 { 1317 {
1309 reset_connection (); 1318 reset_connection ();
1310 establish_connection (); 1319 establish_connection ();
1311 } 1320 }
1312 else if (ev_now () < last_activity + ::conf.keepalive)
1313 w.start (last_activity + ::conf.keepalive - ev::now ());
1314 else if (conf->connectmode != conf_node::C_ONDEMAND 1321 else if (conf->connectmode != conf_node::C_ONDEMAND
1315 || THISNODE->connectmode != conf_node::C_ONDEMAND) 1322 || THISNODE->connectmode != conf_node::C_ONDEMAND)
1316 { 1323 {
1324 w.start (3);
1317 send_ping (si); 1325 send_ping (si);
1318 w.start (5);
1319 } 1326 }
1320 else if (ev_now () < last_activity + ::conf.keepalive + 10) 1327 else if (when >= -10)
1321 // hold ondemand connections implicitly a few seconds longer 1328 // hold ondemand connections implicitly a few seconds longer
1322 // should delete octx, though, or something like that ;) 1329 // should delete octx, though, or something like that ;)
1323 w.start (last_activity + ::conf.keepalive + 10 - ev::now ()); 1330 w.start (when + 10);
1324 else 1331 else
1325 reset_connection (); 1332 reset_connection ();
1326} 1333}
1327 1334
1335void
1328void connection::send_connect_request (int id) 1336connection::send_connect_request (int id)
1329{ 1337{
1330 connect_req_packet *p = new connect_req_packet (conf->id, id, conf->protocols); 1338 connect_req_packet *p = new connect_req_packet (conf->id, id, THISNODE->protocols);
1331 1339
1332 slog (L_TRACE, ">>%d PT_CONNECT_REQ(%d)", conf->id, id); 1340 slog (L_TRACE, "%s << PT_CONNECT_REQ(%s,p%02x)",
1341 conf->nodename, vpn->conns[id - 1]->conf->nodename,
1342 THISNODE->protocols);
1333 p->hmac_set (octx); 1343 p->hmac_set (octx);
1334 send_vpn_packet (p, si); 1344 send_vpn_packet (p, si);
1335 1345
1336 delete p; 1346 delete p;
1337} 1347}
1338 1348
1349void
1339void connection::script_init_env (const char *ext) 1350connection::script_init_env (const char *ext)
1340{ 1351{
1341 char *env; 1352 char *env;
1342 asprintf (&env, "IFUPDATA%s=%s", ext, conf->if_up_data); putenv (env); 1353 asprintf (&env, "IFUPDATA%s=%s", ext, conf->if_up_data); putenv (env);
1343 asprintf (&env, "NODENAME%s=%s", ext, conf->nodename); putenv (env); 1354 asprintf (&env, "NODENAME%s=%s", ext, conf->nodename); putenv (env);
1344 asprintf (&env, "MAC%s=%02x:%02x:%02x:%02x:%02x:%02x", ext, 1355 asprintf (&env, "MAC%s=%02x:%02x:%02x:%02x:%02x:%02x", ext,
1345 0xfe, 0xfd, 0x80, 0x00, conf->id >> 8, 1356 0xfe, 0xfd, 0x80, 0x00, conf->id >> 8,
1346 conf->id & 0xff); putenv (env); 1357 conf->id & 0xff); putenv (env);
1347} 1358}
1348 1359
1360void
1349void connection::script_init_connect_env () 1361connection::script_init_connect_env ()
1350{ 1362{
1351 vpn->script_init_env (); 1363 vpn->script_init_env ();
1352 1364
1353 char *env; 1365 char *env;
1354 asprintf (&env, "DESTID=%d", conf->id); putenv (env); 1366 asprintf (&env, "DESTID=%d", conf->id); putenv (env);
1367 asprintf (&env, "DESTSI=%s", (const char *)si); putenv (env);
1355 asprintf (&env, "DESTNODE=%s", conf->nodename); putenv (env); 1368 asprintf (&env, "DESTNODE=%s", conf->nodename); putenv (env);
1356 asprintf (&env, "DESTIP=%s", si.ntoa ()); putenv (env); 1369 asprintf (&env, "DESTIP=%s", si.ntoa ()); putenv (env);
1357 asprintf (&env, "DESTPORT=%d", ntohs (si.port)); putenv (env); 1370 asprintf (&env, "DESTPORT=%d", ntohs (si.port)); putenv (env);
1358} 1371}
1359 1372
1360inline const char * 1373inline const char *
1361connection::script_node_up () 1374connection::script_node_up ()
1362{ 1375{
1367 char *filename; 1380 char *filename;
1368 asprintf (&filename, 1381 asprintf (&filename,
1369 "%s/%s", 1382 "%s/%s",
1370 confbase, 1383 confbase,
1371 ::conf.script_node_up ? ::conf.script_node_up : "node-up"); 1384 ::conf.script_node_up ? ::conf.script_node_up : "node-up");
1385
1386 return filename;
1387}
1388
1389inline const char *
1390connection::script_node_change ()
1391{
1392 script_init_connect_env ();
1393
1394 putenv ((char *)"STATE=change");
1395
1396 char *filename;
1397 asprintf (&filename,
1398 "%s/%s",
1399 confbase,
1400 ::conf.script_node_change ? ::conf.script_node_change : "node-change");
1372 1401
1373 return filename; 1402 return filename;
1374} 1403}
1375 1404
1376inline const char * 1405inline const char *
1402 establish_connection.set<connection, &connection::establish_connection_cb> (this); 1431 establish_connection.set<connection, &connection::establish_connection_cb> (this);
1403 1432
1404 last_establish_attempt = 0.; 1433 last_establish_attempt = 0.;
1405 octx = ictx = 0; 1434 octx = ictx = 0;
1406 1435
1407 if (!conf->protocols) // make sure some protocol is enabled
1408 conf->protocols = PROT_UDPv4;
1409
1410 connectmode = conf->connectmode; 1436 connectmode = conf->connectmode;
1411 1437
1412 // queue a dummy packet to force an initial connection attempt 1438 // queue a dummy packet to force an initial connection attempt
1413 if (connectmode != conf_node::C_ALWAYS && connectmode != conf_node::C_DISABLED) 1439 if (connectmode != conf_node::C_ALWAYS && connectmode != conf_node::C_DISABLED)
1414 vpn_queue.put (new net_packet); 1440 vpn_queue.put (new net_packet);
1419connection::~connection () 1445connection::~connection ()
1420{ 1446{
1421 shutdown (); 1447 shutdown ();
1422} 1448}
1423 1449
1450void
1424void connection_init () 1451connection_init ()
1425{ 1452{
1426 auth_rate_limiter.clear (); 1453 auth_rate_limiter.clear ();
1427 reset_rate_limiter.clear (); 1454 reset_rate_limiter.clear ();
1428} 1455}
1429 1456

Diff Legend

Removed lines
+ Added lines
< Changed lines
> Changed lines