ViewVC Help
View File | Revision Log | Show Annotations | Download File
/cvs/gvpe/src/connection.C
(Generate patch)

Comparing gvpe/src/connection.C (file contents):
Revision 1.89 by root, Thu Dec 2 08:15:09 2010 UTC vs.
Revision 1.104 by root, Fri Jul 19 18:18:27 2013 UTC

1/* 1/*
2 connection.C -- manage a single connection 2 connection.C -- manage a single connection
3 Copyright (C) 2003-2008,2010 Marc Lehmann <gvpe@schmorp.de> 3 Copyright (C) 2003-2008,2010,2011,2013 Marc Lehmann <gvpe@schmorp.de>
4 4
5 This file is part of GVPE. 5 This file is part of GVPE.
6 6
7 GVPE is free software; you can redistribute it and/or modify it 7 GVPE is free software; you can redistribute it and/or modify it
8 under the terms of the GNU General Public License as published by the 8 under the terms of the GNU General Public License as published by the
43#include "conf.h" 43#include "conf.h"
44#include "slog.h" 44#include "slog.h"
45#include "device.h" 45#include "device.h"
46#include "vpn.h" 46#include "vpn.h"
47#include "connection.h" 47#include "connection.h"
48#include "hkdf.h"
48 49
49#include "netcompat.h" 50#include "netcompat.h"
50 51
51#if !HAVE_RAND_PSEUDO_BYTES
52# define RAND_pseudo_bytes RAND_bytes
53#endif
54
55#define MAGIC_OLD "vped\xbd\xc6\xdb\x82" // 8 bytes of magic (still used in the protocol)
56#define MAGIC "gvpe\xbd\xc6\xdb\x82" // 8 bytes of magic (understood but not generated) 52#define MAGIC "gvpe\xbd\xc6\xdb\x82" // 8 bytes of magic
53#define MAGIC "HUHN\xbd\xc6\xdb\x82" // 8 bytes of magic//D
57 54
58#define ULTRA_FAST 1 55#define ULTRA_FAST 1
59#define HLOG 15 56#define HLOG 15
60#include "lzf/lzf.h" 57#include "lzf/lzf.h"
61#include "lzf/lzf_c.c" 58#include "lzf/lzf_c.c"
64////////////////////////////////////////////////////////////////////////////// 61//////////////////////////////////////////////////////////////////////////////
65 62
66static std::queue< std::pair<run_script_cb *, const char *> > rs_queue; 63static std::queue< std::pair<run_script_cb *, const char *> > rs_queue;
67static ev::child rs_child_ev; 64static ev::child rs_child_ev;
68 65
66namespace
67{
69void // c++ requires external linkage here, apparently :( 68 void // c++ requires external linkage here, apparently :(
70rs_child_cb (ev::child &w, int revents) 69 rs_child_cb (ev::child &w, int revents)
71{ 70 {
72 w.stop (); 71 w.stop ();
73 72
74 if (rs_queue.empty ()) 73 if (rs_queue.empty ())
75 return; 74 return;
76 75
77 pid_t pid = run_script (*rs_queue.front ().first, false); 76 pid_t pid = run_script (*rs_queue.front ().first, false);
78 if (pid) 77 if (pid)
79 { 78 {
80 w.set (pid); 79 w.set (pid);
81 w.start (); 80 w.start ();
82 } 81 }
83 else 82 else
84 slog (L_WARN, rs_queue.front ().second); 83 slog (L_WARN, rs_queue.front ().second);
85 84
86 delete rs_queue.front ().first; 85 delete rs_queue.front ().first;
87 rs_queue.pop (); 86 rs_queue.pop ();
88} 87 }
88};
89 89
90// despite the fancy name, this is quite a hack 90// despite the fancy name, this is quite a hack
91static void 91static void
92run_script_queued (run_script_cb *cb, const char *warnmsg) 92run_script_queued (run_script_cb *cb, const char *warnmsg)
93{ 93{
105struct crypto_ctx 105struct crypto_ctx
106{ 106{
107 EVP_CIPHER_CTX cctx; 107 EVP_CIPHER_CTX cctx;
108 HMAC_CTX hctx; 108 HMAC_CTX hctx;
109 109
110 crypto_ctx (const rsachallenge &challenge, int enc); 110 crypto_ctx (const auth_data &auth1, const auth_data &auth2, const ecdh_key &a, const ecdh_key &b, int enc);
111 ~crypto_ctx (); 111 ~crypto_ctx ();
112}; 112};
113 113
114crypto_ctx::crypto_ctx (const rsachallenge &challenge, int enc) 114crypto_ctx::crypto_ctx (const auth_data &auth1, const auth_data &auth2, const ecdh_key &a, const ecdh_key &b, int enc)
115{ 115{
116 ecdh_key s;
117
118 curve25519_combine (a, b, s);
119
120 {
121 u8 mac_key[MAC_KEYSIZE];
122 static const unsigned char mac_info[] = "gvpe mac key";
123
124 hkdf kdf (auth2.rsa.hkdf_salt, sizeof (auth2.rsa.hkdf_salt), HKDF_XTR_HASH ());
125 kdf.extract (auth1.rsa.mac_key, sizeof (auth1.rsa.mac_key));
126 kdf.extract (s, sizeof (s));
127 kdf.extract_done (HKDF_PRF_HASH ());
128 kdf.expand (mac_key, sizeof (mac_key), mac_info, sizeof (mac_info));
129
130 HMAC_CTX_init (&hctx);
131 require (HMAC_Init_ex (&hctx, mac_key, MAC_KEYSIZE, MAC_DIGEST (), 0));
132 }
133
134 {
135 u8 cipher_key[CIPHER_KEYSIZE];
136 static const unsigned char cipher_info[] = "gvpe cipher key";
137
138 hkdf kdf (auth2.rsa.hkdf_salt, sizeof (auth2.rsa.hkdf_salt), HKDF_XTR_HASH ());
139 kdf.extract (auth1.rsa.cipher_key, sizeof (auth1.rsa.cipher_key));
140 kdf.extract (s, sizeof (s));
141 kdf.extract_done (HKDF_PRF_HASH ());
142 kdf.expand (cipher_key, sizeof (cipher_key), cipher_info, sizeof (cipher_info));
143
116 EVP_CIPHER_CTX_init (&cctx); 144 EVP_CIPHER_CTX_init (&cctx);
117 require (EVP_CipherInit_ex (&cctx, CIPHER, 0, &challenge[CHG_CIPHER_KEY], 0, enc)); 145 require (EVP_CipherInit_ex (&cctx, CIPHER (), 0, cipher_key, 0, enc));
118 HMAC_CTX_init (&hctx); 146 }
119 HMAC_Init_ex (&hctx, &challenge[CHG_HMAC_KEY], HMAC_KEYLEN, DIGEST, 0);
120} 147}
121 148
122crypto_ctx::~crypto_ctx () 149crypto_ctx::~crypto_ctx ()
123{ 150{
124 require (EVP_CIPHER_CTX_cleanup (&cctx)); 151 require (EVP_CIPHER_CTX_cleanup (&cctx));
125 HMAC_CTX_cleanup (&hctx); 152 HMAC_CTX_cleanup (&hctx);
126} 153}
127 154
155static inline void
156auth_encrypt (RSA *key, const auth_data &auth, auth_encr &encr)
157{
158 if (RSA_public_encrypt (sizeof (auth.rsa),
159 (unsigned char *)&auth.rsa, (unsigned char *)&encr.rsa,
160 key, RSA_PKCS1_OAEP_PADDING) < 0)
161 fatal ("RSA_public_encrypt error");
162
163 memcpy (&encr.ecdh, &auth.ecdh, sizeof (encr.ecdh));
164}
165
166static inline bool
167auth_decrypt (RSA *key, const auth_encr &encr, auth_data &auth)
168{
169 u8 rsa_decrypt[RSA_KEYLEN];
170
171 if (RSA_private_decrypt (sizeof (encr.rsa),
172 (const unsigned char *)&encr.rsa, (unsigned char *)rsa_decrypt,
173 key, RSA_PKCS1_OAEP_PADDING) != sizeof (auth.rsa))
174 return 0;
175
176 memcpy (&auth.rsa, rsa_decrypt, sizeof (auth.rsa));
177 memcpy (&auth.ecdh, &encr.ecdh, sizeof (auth.ecdh));
178
179 return 1;
180}
181
128static void 182static void
129rsa_hash (const rsaid &id, const rsachallenge &chg, rsaresponse &h) 183auth_hash (const auth_data &auth, const ecdh_key &b, auth_mac &mac)
130{ 184{
131 EVP_MD_CTX ctx; 185 hkdf kdf (&auth.ecdh, sizeof (auth.ecdh), AUTH_DIGEST ()); // use remote ecdh b as salt
132 186 kdf.extract (&auth.rsa, sizeof (auth.rsa));
133 EVP_MD_CTX_init (&ctx); 187 kdf.extract_done ();
134 require (EVP_DigestInit (&ctx, RSA_HASH)); 188 kdf.expand (mac, sizeof mac, b, sizeof b); // use response ecdh b as info
135 require (EVP_DigestUpdate(&ctx, &chg, sizeof chg));
136 require (EVP_DigestUpdate(&ctx, &id, sizeof id));
137 require (EVP_DigestFinal (&ctx, (unsigned char *)&h, 0));
138 EVP_MD_CTX_cleanup (&ctx);
139} 189}
140 190
141struct rsa_entry 191void
192connection::generate_auth_data ()
142{ 193{
143 tstamp expire; 194 if (auth_expire < ev_now ())
144 rsaid id;
145 rsachallenge chg;
146};
147
148struct rsa_cache : list<rsa_entry>
149{
150 inline void cleaner_cb (ev::timer &w, int revents); ev::timer cleaner;
151
152 bool find (const rsaid &id, rsachallenge &chg)
153 {
154 for (iterator i = begin (); i != end (); ++i)
155 { 195 {
156 if (!memcmp (&id, &i->id, sizeof id) && i->expire > ev_now ()) 196 // request data
157 { 197 rand_fill (snd_auth.rsa);
158 memcpy (&chg, &i->chg, sizeof chg); 198 curve25519_generate (snd_ecdh_a, snd_auth.ecdh);
159 199
160 erase (i); 200 // eventual response data
161 return true; 201 curve25519_generate (rcv_ecdh_a, rcv_ecdh_b);
162 }
163 } 202 }
164 203
165 if (!cleaner.is_active ()) 204 // every use prolongs the expiry
166 cleaner.again ();
167
168 return false;
169 }
170
171 void gen (rsaid &id, rsachallenge &chg)
172 {
173 rsa_entry e;
174
175 RAND_bytes ((unsigned char *)&id, sizeof id);
176 RAND_bytes ((unsigned char *)&chg, sizeof chg);
177
178 e.expire = ev_now () + RSA_TTL; 205 auth_expire = ev_now () + AUTH_TTL;
179 e.id = id;
180 memcpy (&e.chg, &chg, sizeof chg);
181
182 push_back (e);
183
184 if (!cleaner.is_active ())
185 cleaner.again ();
186 }
187
188 rsa_cache ()
189 {
190 cleaner.set<rsa_cache, &rsa_cache::cleaner_cb> (this);
191 cleaner.set (RSA_TTL, RSA_TTL);
192 }
193
194} rsa_cache;
195
196void rsa_cache::cleaner_cb (ev::timer &w, int revents)
197{
198 if (empty ())
199 w.stop ();
200 else
201 {
202 for (iterator i = begin (); i != end (); )
203 if (i->expire <= ev_now ())
204 i = erase (i);
205 else
206 ++i;
207 }
208} 206}
209 207
210////////////////////////////////////////////////////////////////////////////// 208//////////////////////////////////////////////////////////////////////////////
211 209
212pkt_queue::pkt_queue (double max_ttl, int max_queue) 210pkt_queue::pkt_queue (double max_ttl, int max_queue)
226 delete p; 224 delete p;
227 225
228 delete [] queue; 226 delete [] queue;
229} 227}
230 228
229void
231void pkt_queue::expire_cb (ev::timer &w, int revents) 230pkt_queue::expire_cb (ev::timer &w, int revents)
232{ 231{
233 ev_tstamp expire = ev_now () - max_ttl; 232 ev_tstamp expire = ev_now () - max_ttl;
234 233
235 for (;;) 234 for (;;)
236 { 235 {
247 246
248 delete get (); 247 delete get ();
249 } 248 }
250} 249}
251 250
251void
252void pkt_queue::put (net_packet *p) 252pkt_queue::put (net_packet *p)
253{ 253{
254 ev_tstamp now = ev_now (); 254 ev_tstamp now = ev_now ();
255 255
256 // start expiry timer 256 // start expiry timer
257 if (empty ()) 257 if (empty ())
266 queue[i].tstamp = now; 266 queue[i].tstamp = now;
267 267
268 i = ni; 268 i = ni;
269} 269}
270 270
271net_packet *pkt_queue::get () 271net_packet *
272pkt_queue::get ()
272{ 273{
273 if (empty ()) 274 if (empty ())
274 return 0; 275 return 0;
275 276
276 net_packet *p = queue[j].pkt; 277 net_packet *p = queue[j].pkt;
300 301
301 bool can (const sockinfo &si) { return can((u32)si.host); } 302 bool can (const sockinfo &si) { return can((u32)si.host); }
302 bool can (u32 host); 303 bool can (u32 host);
303}; 304};
304 305
305net_rate_limiter auth_rate_limiter, reset_rate_limiter; 306static net_rate_limiter auth_rate_limiter, reset_rate_limiter;
306 307
308bool
307bool net_rate_limiter::can (u32 host) 309net_rate_limiter::can (u32 host)
308{ 310{
309 iterator i; 311 iterator i;
310 312
311 for (i = begin (); i != end (); ) 313 for (i = begin (); i != end (); )
312 if (i->host == host) 314 if (i->host == host)
357 } 359 }
358} 360}
359 361
360///////////////////////////////////////////////////////////////////////////// 362/////////////////////////////////////////////////////////////////////////////
361 363
362unsigned char hmac_packet::hmac_digest[EVP_MAX_MD_SIZE]; 364void
363
364void hmac_packet::hmac_gen (crypto_ctx *ctx) 365hmac_packet::hmac_gen (crypto_ctx *ctx, u8 *hmac_digest)
365{ 366{
366 unsigned int xlen;
367
368 HMAC_CTX *hctx = &ctx->hctx; 367 HMAC_CTX *hctx = &ctx->hctx;
369 368
370 HMAC_Init_ex (hctx, 0, 0, 0, 0); 369 require (HMAC_Init_ex (hctx, 0, 0, 0, 0));
371 HMAC_Update (hctx, ((unsigned char *) this) + sizeof (hmac_packet), 370 require (HMAC_Update (hctx, ((unsigned char *) this) + sizeof (hmac_packet), len - sizeof (hmac_packet)));
372 len - sizeof (hmac_packet)); 371 require (HMAC_Final (hctx, hmac_digest, 0));
373 HMAC_Final (hctx, (unsigned char *) &hmac_digest, &xlen);
374} 372}
375 373
376void 374void
377hmac_packet::hmac_set (crypto_ctx *ctx) 375hmac_packet::hmac_set (crypto_ctx *ctx)
378{ 376{
379 hmac_gen (ctx); 377 unsigned char hmac_digest[EVP_MAX_MD_SIZE];
380 378 hmac_gen (ctx, hmac_digest);
381 memcpy (hmac, hmac_digest, HMACLENGTH); 379 memcpy (hmac, hmac_digest, HMACLENGTH);
382} 380}
383 381
384bool 382bool
385hmac_packet::hmac_chk (crypto_ctx *ctx) 383hmac_packet::hmac_chk (crypto_ctx *ctx)
386{ 384{
387 hmac_gen (ctx); 385 unsigned char hmac_digest[EVP_MAX_MD_SIZE];
388 386 hmac_gen (ctx, hmac_digest);
389 return !memcmp (hmac, hmac_digest, HMACLENGTH); 387 return !memcmp (hmac, hmac_digest, HMACLENGTH);
390} 388}
391 389
390void
392void vpn_packet::set_hdr (ptype type_, unsigned int dst) 391vpn_packet::set_hdr (ptype type_, unsigned int dst)
393{ 392{
394 type = type_; 393 type = type_;
395 394
396 int src = THISNODE->id; 395 int src = THISNODE->id;
397 396
402 401
403#define MAXVPNDATA (MAX_MTU - 6 - 6) 402#define MAXVPNDATA (MAX_MTU - 6 - 6)
404#define DATAHDR (sizeof (u32) + RAND_SIZE) 403#define DATAHDR (sizeof (u32) + RAND_SIZE)
405 404
406struct vpndata_packet : vpn_packet 405struct vpndata_packet : vpn_packet
406{
407 u8 data[MAXVPNDATA + DATAHDR]; // seqno
408
409 void setup (connection *conn, int dst, u8 *d, u32 len, u32 seqno);
410 tap_packet *unpack (connection *conn, u32 &seqno);
411
412private:
413 const u32 data_hdr_size () const
407 { 414 {
408 u8 data[MAXVPNDATA + DATAHDR]; // seqno
409
410 void setup (connection *conn, int dst, u8 *d, u32 len, u32 seqno);
411 tap_packet *unpack (connection *conn, u32 &seqno);
412private:
413
414 const u32 data_hdr_size () const
415 {
416 return sizeof (vpndata_packet) - sizeof (net_packet) - MAXVPNDATA - DATAHDR; 415 return sizeof (vpndata_packet) - sizeof (net_packet) - MAXVPNDATA - DATAHDR;
417 }
418 }; 416 }
417};
419 418
420void 419void
421vpndata_packet::setup (connection *conn, int dst, u8 *d, u32 l, u32 seqno) 420vpndata_packet::setup (connection *conn, int dst, u8 *d, u32 l, u32 seqno)
422{ 421{
423 EVP_CIPHER_CTX *cctx = &conn->octx->cctx; 422 EVP_CIPHER_CTX *cctx = &conn->octx->cctx;
441 d[1] = cl; 440 d[1] = cl;
442 } 441 }
443 } 442 }
444#endif 443#endif
445 444
446 require (EVP_EncryptInit_ex (cctx, 0, 0, 0, 0)); 445 require (EVP_CipherInit_ex (cctx, 0, 0, 0, 0, 1));
447 446
448 struct { 447 struct {
449#if RAND_SIZE 448#if RAND_SIZE
450 u8 rnd[RAND_SIZE]; 449 u8 rnd[RAND_SIZE];
451#endif 450#endif
452 u32 seqno; 451 u32 seqno;
453 } datahdr; 452 } datahdr;
454 453
455 datahdr.seqno = ntohl (seqno); 454 datahdr.seqno = ntohl (seqno);
456#if RAND_SIZE 455#if RAND_SIZE
457 RAND_pseudo_bytes ((unsigned char *) datahdr.rnd, RAND_SIZE); 456 // NB: a constant (per session) random prefix
457 // is likely enough, but we don't take any chances.
458 conn->oiv.get (datahdr.rnd, RAND_SIZE);
458#endif 459#endif
459 460
460 require (EVP_EncryptUpdate (cctx, 461 require (EVP_EncryptUpdate (cctx,
461 (unsigned char *) data + outl, &outl2, 462 (unsigned char *) data + outl, &outl2,
462 (unsigned char *) &datahdr, DATAHDR)); 463 (unsigned char *) &datahdr, DATAHDR));
484 int outl = 0, outl2; 485 int outl = 0, outl2;
485 tap_packet *p = new tap_packet; 486 tap_packet *p = new tap_packet;
486 u8 *d; 487 u8 *d;
487 u32 l = len - data_hdr_size (); 488 u32 l = len - data_hdr_size ();
488 489
489 require (EVP_DecryptInit_ex (cctx, 0, 0, 0, 0)); 490 require (EVP_CipherInit_ex (cctx, 0, 0, 0, 0, 0));
490 491
491#if ENABLE_COMPRESSION 492#if ENABLE_COMPRESSION
492 u8 cdata[MAX_MTU]; 493 u8 cdata[MAX_MTU];
493 494
494 if (type == PT_DATA_COMPRESSED) 495 if (type == PT_DATA_COMPRESSED)
495 d = cdata; 496 d = cdata;
496 else 497 else
497#endif 498#endif
498 d = &(*p)[6 + 6 - DATAHDR]; 499 d = &(*p)[6 + 6] - DATAHDR;
499 500
500 /* this overwrites part of the src mac, but we fix that later */ 501 // we play do evil games with the struct layout atm.
502 // pending better solutions, we at least do some verification.
503 // this is fine, as we left ISO territory long ago.
504 require (DATAHDR <= 16);
505 require ((u8 *)(&p->len + 1) == &(*p)[0]);
506
507 // this can overwrite the len/dst/src fields
501 require (EVP_DecryptUpdate (cctx, 508 require (EVP_DecryptUpdate (cctx,
502 d, &outl2, 509 d, &outl2,
503 (unsigned char *)&data, len - data_hdr_size ())); 510 (unsigned char *)&data, len - data_hdr_size ()));
504 outl += outl2; 511 outl += outl2;
505 512
536 } 543 }
537}; 544};
538 545
539struct config_packet : vpn_packet 546struct config_packet : vpn_packet
540{ 547{
541 // actually, hmaclen cannot be checked because the hmac 548 u8 serial[SERIAL_SIZE];
542 // field comes before this data, so peers with other
543 // hmacs simply will not work.
544 u8 prot_major, prot_minor, randsize, hmaclen; 549 u8 prot_major, prot_minor, randsize;
545 u8 flags, challengelen, features, pad3; 550 u8 flags, features, pad6, pad7, pad8;
546 u32 cipher_nid, digest_nid, hmac_nid; 551 u32 cipher_nid, mac_nid, auth_nid;
547 552
548 void setup (ptype type, int dst); 553 void setup (ptype type, int dst);
549 bool chk_config () const; 554 bool chk_config (const conf_node *conf, const sockinfo &rsi) const;
550 555
551 static u8 get_features () 556 static u8 get_features ()
552 { 557 {
553 u8 f = 0; 558 u8 f = 0;
554#if ENABLE_COMPRESSION 559#if ENABLE_COMPRESSION
562#endif 567#endif
563 return f; 568 return f;
564 } 569 }
565}; 570};
566 571
572void
567void config_packet::setup (ptype type, int dst) 573config_packet::setup (ptype type, int dst)
568{ 574{
569 prot_major = PROTOCOL_MAJOR; 575 prot_major = PROTOCOL_MAJOR;
570 prot_minor = PROTOCOL_MINOR; 576 prot_minor = PROTOCOL_MINOR;
571 randsize = RAND_SIZE; 577 randsize = RAND_SIZE;
572 hmaclen = HMACLENGTH;
573 flags = 0; 578 flags = 0;
574 challengelen = sizeof (rsachallenge);
575 features = get_features (); 579 features = get_features ();
576 580
581 strncpy ((char *)serial, conf.serial, sizeof (serial));
582
577 cipher_nid = htonl (EVP_CIPHER_nid (CIPHER)); 583 cipher_nid = htonl (EVP_CIPHER_nid (CIPHER ()));
578 digest_nid = htonl (EVP_MD_type (RSA_HASH));
579 hmac_nid = htonl (EVP_MD_type (DIGEST)); 584 mac_nid = htonl (EVP_MD_type (MAC_DIGEST ()));
585 auth_nid = htonl (EVP_MD_type (AUTH_DIGEST ()));
580 586
581 len = sizeof (*this) - sizeof (net_packet); 587 len = sizeof (*this) - sizeof (net_packet);
582 set_hdr (type, dst); 588 set_hdr (type, dst);
583} 589}
584 590
585bool config_packet::chk_config () const 591bool
592config_packet::chk_config (const conf_node *conf, const sockinfo &rsi) const
586{ 593{
587 if (prot_major != PROTOCOL_MAJOR) 594 if (prot_major != PROTOCOL_MAJOR)
588 slog (L_WARN, _("major version mismatch (remote %d <=> local %d)"), prot_major, PROTOCOL_MAJOR); 595 slog (L_WARN, _("%s(%s): major version mismatch (remote %d <=> local %d)"),
596 conf->nodename, (const char *)rsi, prot_major, PROTOCOL_MAJOR);
589 else if (randsize != RAND_SIZE) 597 else if (randsize != RAND_SIZE)
590 slog (L_WARN, _("rand size mismatch (remote %d <=> local %d)"), randsize, RAND_SIZE); 598 slog (L_WARN, _("%s(%s): rand size mismatch (remote %d <=> local %d)"),
591 else if (hmaclen != HMACLENGTH) 599 conf->nodename, (const char *)rsi, randsize, RAND_SIZE);
592 slog (L_WARN, _("hmac length mismatch (remote %d <=> local %d)"), hmaclen, HMACLENGTH);
593 else if (challengelen != sizeof (rsachallenge))
594 slog (L_WARN, _("challenge length mismatch (remote %d <=> local %d)"), challengelen, sizeof (rsachallenge));
595 else if (cipher_nid != htonl (EVP_CIPHER_nid (CIPHER))) 600 else if (cipher_nid != htonl (EVP_CIPHER_nid (CIPHER ())))
596 slog (L_WARN, _("cipher mismatch (remote %x <=> local %x)"), ntohl (cipher_nid), EVP_CIPHER_nid (CIPHER)); 601 slog (L_WARN, _("%s(%s): cipher algo mismatch (remote %x <=> local %x)"),
597 else if (digest_nid != htonl (EVP_MD_type (RSA_HASH))) 602 conf->nodename, (const char *)rsi, ntohl (cipher_nid), EVP_CIPHER_nid (CIPHER ()));
598 slog (L_WARN, _("digest mismatch (remote %x <=> local %x)"), ntohl (digest_nid), EVP_MD_type (RSA_HASH));
599 else if (hmac_nid != htonl (EVP_MD_type (DIGEST))) 603 else if (mac_nid != htonl (EVP_MD_type (MAC_DIGEST ())))
600 slog (L_WARN, _("hmac mismatch (remote %x <=> local %x)"), ntohl (hmac_nid), EVP_MD_type (DIGEST)); 604 slog (L_WARN, _("%s(%s): mac algo mismatch (remote %x <=> local %x)"),
605 conf->nodename, (const char *)rsi, ntohl (mac_nid), EVP_MD_type (MAC_DIGEST ()));
606 else if (auth_nid != htonl (EVP_MD_type (AUTH_DIGEST ())))
607 slog (L_WARN, _("%s(%s): auth algo mismatch (remote %x <=> local %x)"),
608 conf->nodename, (const char *)rsi, ntohl (auth_nid), EVP_MD_type (AUTH_DIGEST ()));
601 else 609 else
610 {
611 int cmp = memcmp (serial, ::conf.serial, sizeof (serial));
612
613 if (cmp > 0)
614 slog (L_WARN, _("%s(%s): remote serial newer than local serial - outdated config?"),
615 conf->nodename, (const char *)rsi);
616 else if (cmp == 0)
602 return true; 617 return true;
618 }
603 619
604 return false; 620 return false;
605} 621}
606 622
607struct auth_req_packet : config_packet 623struct auth_req_packet : config_packet // UNPROTECTED
608{ 624{
609 char magic[8]; 625 char magic[8];
610 u8 initiate; // false if this is just an automatic reply 626 u8 initiate; // false if this is just an automatic reply
611 u8 protocols; // supported protocols (will be patched on forward) 627 u8 protocols; // supported protocols (will be patched on forward)
612 u8 pad2, pad3; 628 u8 pad2, pad3;
613 rsaid id; 629 auth_encr encr;
614 rsaencrdata encr;
615 630
616 auth_req_packet (int dst, bool initiate_, u8 protocols_) 631 auth_req_packet (int dst, bool initiate_, u8 protocols_)
617 { 632 {
618 config_packet::setup (PT_AUTH_REQ, dst); 633 config_packet::setup (PT_AUTH_REQ, dst);
619 strncpy (magic, MAGIC_OLD, 8); 634 memcpy (magic, MAGIC, 8);
620 initiate = !!initiate_; 635 initiate = !!initiate_;
621 protocols = protocols_; 636 protocols = protocols_;
622 637
623 len = sizeof (*this) - sizeof (net_packet); 638 len = sizeof (*this) - sizeof (net_packet);
624 } 639 }
625}; 640};
626 641
627struct auth_res_packet : config_packet 642struct auth_res_packet : vpn_packet // UNPROTECTED
628{ 643{
629 rsaid id;
630 u8 pad1, pad2, pad3;
631 u8 response_len; // encrypted length
632 rsaresponse response; 644 auth_response response;
633 645
634 auth_res_packet (int dst) 646 auth_res_packet (int dst)
635 { 647 {
636 config_packet::setup (PT_AUTH_RES, dst); 648 set_hdr (PT_AUTH_RES, dst);
637 649
638 len = sizeof (*this) - sizeof (net_packet); 650 len = sizeof (*this) - sizeof (net_packet);
639 } 651 }
640}; 652};
641 653
671}; 683};
672 684
673///////////////////////////////////////////////////////////////////////////// 685/////////////////////////////////////////////////////////////////////////////
674 686
675void 687void
676connection::connection_established () 688connection::connection_established (const sockinfo &rsi)
677{ 689{
678 slog (L_NOISE, _("%s: possible connection establish (ictx %d, octx %d)"), conf->nodename, !!ictx, !!octx); 690 if (!have_snd_auth || !have_rcv_auth)
691 return;
679 692
693 si = rsi;
694 protocol = rsi.prot;
695
696 slog (L_INFO, _("%s(%s): connection established (%s), protocol version %d.%d."),
697 conf->nodename, (const char *)rsi,
698 is_direct ? "direct" : "forwarded",
699 PROTOCOL_MAJOR, prot_minor);
700
701 if (::conf.script_node_up)
702 {
703 run_script_cb *cb = new run_script_cb;
704 cb->set<connection, &connection::script_node_up> (this);
705 run_script_queued (cb, _("node-up command execution failed, continuing."));
706 }
707
708 delete ictx; ictx = new crypto_ctx (rcv_auth, snd_auth, rcv_ecdh_a, rcv_auth.ecdh, 0);
709 iseqno.reset (ntohl (rcv_auth.rsa.seqno) & 0x7fffffff);
710
711 delete octx; octx = new crypto_ctx (snd_auth, rcv_auth, snd_ecdh_a, snd_ecdh_b , 1);
712 oseqno = ntohl (snd_auth.rsa.seqno) & 0x7fffffff;
713
714 oiv.reset ();
715
716 // make sure rekeying timeouts are slightly asymmetric
717 ev::tstamp rekey_interval = ::conf.rekey + (conf->id > THISNODE->id ? 10 : 0);
718 rekey.start (rekey_interval, rekey_interval);
719
720 keepalive.start (::conf.keepalive);
721
722 // send queued packets
680 if (ictx && octx) 723 if (ictx && octx)
681 { 724 {
682 // make sure rekeying timeouts are slightly asymmetric 725 while (tap_packet *p = (tap_packet *)data_queue.get ())
683 ev::tstamp rekey_interval = ::conf.rekey + (conf->id > THISNODE->id ? 10 : 0);
684 rekey.start (rekey_interval, rekey_interval);
685 keepalive.start (::conf.keepalive);
686
687 // send queued packets
688 if (ictx && octx)
689 { 726 {
690 while (tap_packet *p = (tap_packet *)data_queue.get ())
691 {
692 if (p->len) send_data_packet (p); 727 if (p->len) send_data_packet (p);
693 delete p; 728 delete p;
694 }
695
696 while (vpn_packet *p = (vpn_packet *)vpn_queue.get ())
697 {
698 if (p->len) send_vpn_packet (p, si, IPTOS_RELIABILITY);
699 delete p;
700 }
701 } 729 }
702 730
731 while (vpn_packet *p = (vpn_packet *)vpn_queue.get ())
732 {
733 if (p->len) send_vpn_packet (p, si, IPTOS_RELIABILITY);
734 delete p;
735 }
736 }
737
703 vpn->connection_established (this); 738 vpn->connection_established (this);
704 }
705 else
706 {
707 retry_cnt = 0;
708 establish_connection.start (5);
709 keepalive.stop ();
710 rekey.stop ();
711 }
712} 739}
713 740
714void 741void
715connection::reset_si () 742connection::reset_si ()
716{ 743{
762 ping_packet *pkt = new ping_packet; 789 ping_packet *pkt = new ping_packet;
763 790
764 pkt->setup (conf->id, pong ? ping_packet::PT_PONG : ping_packet::PT_PING); 791 pkt->setup (conf->id, pong ? ping_packet::PT_PONG : ping_packet::PT_PING);
765 792
766 slog (L_TRACE, "%s << %s [%s]", conf->nodename, pong ? "PT_PONG" : "PT_PING", (const char *)si); 793 slog (L_TRACE, "%s << %s [%s]", conf->nodename, pong ? "PT_PONG" : "PT_PING", (const char *)si);
767
768 send_vpn_packet (pkt, si, IPTOS_LOWDELAY); 794 send_vpn_packet (pkt, si, IPTOS_LOWDELAY);
769 795
770 delete pkt; 796 delete pkt;
771} 797}
772 798
787void 813void
788connection::send_auth_request (const sockinfo &si, bool initiate) 814connection::send_auth_request (const sockinfo &si, bool initiate)
789{ 815{
790 auth_req_packet *pkt = new auth_req_packet (conf->id, initiate, THISNODE->protocols); 816 auth_req_packet *pkt = new auth_req_packet (conf->id, initiate, THISNODE->protocols);
791 817
792 rsachallenge chg; 818 generate_auth_data ();
793 rsa_cache.gen (pkt->id, chg);
794 rsa_encrypt (conf->rsa_key, chg, pkt->encr); 819 auth_encrypt (conf->rsa_key, snd_auth, pkt->encr);
795 820
796 slog (L_TRACE, "%s << PT_AUTH_REQ [%s]", conf->nodename, (const char *)si); 821 slog (L_TRACE, "%s << PT_AUTH_REQ [%s]", conf->nodename, (const char *)si);
797
798 send_vpn_packet (pkt, si, IPTOS_RELIABILITY | IPTOS_LOWDELAY); // rsa is very very costly 822 send_vpn_packet (pkt, si, IPTOS_RELIABILITY | IPTOS_LOWDELAY); // rsa is very very costly
799 823
800 delete pkt; 824 delete pkt;
801} 825}
802 826
803void 827void
804connection::send_auth_response (const sockinfo &si, const rsaid &id, const rsachallenge &chg) 828connection::send_auth_response (const sockinfo &si)
805{ 829{
806 auth_res_packet *pkt = new auth_res_packet (conf->id); 830 auth_res_packet *pkt = new auth_res_packet (conf->id);
807 831
808 pkt->id = id; 832 memcpy (pkt->response.ecdh, rcv_ecdh_b, sizeof rcv_ecdh_b);
809 833 auth_hash (rcv_auth, rcv_ecdh_b, pkt->response.mac);
810 rsa_hash (id, chg, pkt->response);
811
812 pkt->hmac_set (octx);
813 834
814 slog (L_TRACE, "%s << PT_AUTH_RES [%s]", conf->nodename, (const char *)si); 835 slog (L_TRACE, "%s << PT_AUTH_RES [%s]", conf->nodename, (const char *)si);
815
816 send_vpn_packet (pkt, si, IPTOS_RELIABILITY); // rsa is very very costly 836 send_vpn_packet (pkt, si, IPTOS_RELIABILITY); // rsa is very very costly
817 837
818 delete pkt; 838 delete pkt;
819} 839}
820 840
821void 841void
822connection::send_connect_info (int rid, const sockinfo &rsi, u8 rprotocols) 842connection::send_connect_info (int rid, const sockinfo &rsi, u8 rprotocols)
823{ 843{
824 slog (L_TRACE, "%s << PT_CONNECT_INFO(%s,%s)", conf->nodename, 844 slog (L_TRACE, "%s << PT_CONNECT_INFO(%s,%s,p%02x)", conf->nodename,
825 vpn->conns[rid - 1]->conf->nodename, (const char *)rsi); 845 vpn->conns[rid - 1]->conf->nodename, (const char *)rsi,
846 conf->protocols);
826 847
827 connect_info_packet *r = new connect_info_packet (conf->id, rid, rsi, rprotocols); 848 connect_info_packet *r = new connect_info_packet (conf->id, rid, rsi, rprotocols);
828 849
829 r->hmac_set (octx); 850 r->hmac_set (octx);
830 send_vpn_packet (r, si); 851 send_vpn_packet (r, si);
833} 854}
834 855
835inline void 856inline void
836connection::establish_connection_cb (ev::timer &w, int revents) 857connection::establish_connection_cb (ev::timer &w, int revents)
837{ 858{
838 if (!ictx 859 if (!(ictx && octx)
839 && conf != THISNODE 860 && conf != THISNODE
840 && connectmode != conf_node::C_NEVER 861 && connectmode != conf_node::C_NEVER
841 && connectmode != conf_node::C_DISABLED 862 && connectmode != conf_node::C_DISABLED
842 && !w.is_active ()) 863 && !w.is_active ())
843 { 864 {
911 } 932 }
912 } 933 }
913 934
914 delete ictx; ictx = 0; 935 delete ictx; ictx = 0;
915 delete octx; octx = 0; 936 delete octx; octx = 0;
916#if ENABLE_DNS
917 dnsv4_reset_connection ();
918#endif
919 937
920 si.host = 0; 938 si.host = 0;
939
940 have_snd_auth = false;
941 have_rcv_auth = false;
942 auth_expire = 0.;
921 943
922 last_activity = 0.; 944 last_activity = 0.;
923 //last_si_change = 0.; 945 //last_si_change = 0.;
924 retry_cnt = 0; 946 retry_cnt = 0;
925 947
984 data_queue.put (new tap_packet (*pkt)); 1006 data_queue.put (new tap_packet (*pkt));
985 post_inject_queue (); 1007 post_inject_queue ();
986 } 1008 }
987} 1009}
988 1010
1011void
989void connection::inject_vpn_packet (vpn_packet *pkt, int tos) 1012connection::inject_vpn_packet (vpn_packet *pkt, int tos)
990{ 1013{
991 if (ictx && octx) 1014 if (ictx && octx)
992 send_vpn_packet (pkt, si, tos); 1015 send_vpn_packet (pkt, si, tos);
993 else 1016 else
994 { 1017 {
1000void 1023void
1001connection::recv_vpn_packet (vpn_packet *pkt, const sockinfo &rsi) 1024connection::recv_vpn_packet (vpn_packet *pkt, const sockinfo &rsi)
1002{ 1025{
1003 last_activity = ev_now (); 1026 last_activity = ev_now ();
1004 1027
1005 slog (L_NOISE, "%s >> received packet type %d from %d to %d.", 1028 slog (L_NOISE, "%s >> received packet type %d from %d to %d.",
1006 conf->nodename, pkt->typ (), pkt->src (), pkt->dst ()); 1029 conf->nodename, pkt->typ (), pkt->src (), pkt->dst ());
1007 1030
1008 if (connectmode == conf_node::C_DISABLED) 1031 if (connectmode == conf_node::C_DISABLED)
1009 return; 1032 return;
1010 1033
1040 { 1063 {
1041 reset_connection (); 1064 reset_connection ();
1042 1065
1043 config_packet *p = (config_packet *) pkt; 1066 config_packet *p = (config_packet *) pkt;
1044 1067
1045 if (!p->chk_config ()) 1068 if (p->chk_config (conf, rsi) && connectmode == conf_node::C_ALWAYS)
1046 {
1047 slog (L_WARN, _("%s(%s): protocol mismatch, disabling node."),
1048 conf->nodename, (const char *)rsi);
1049 connectmode = conf_node::C_DISABLED;
1050 }
1051 else if (connectmode == conf_node::C_ALWAYS)
1052 establish_connection (); 1069 establish_connection ();
1053 } 1070 }
1054 break; 1071 break;
1055 1072
1056 case vpn_packet::PT_AUTH_REQ: 1073 case vpn_packet::PT_AUTH_REQ:
1057 if (auth_rate_limiter.can (rsi)) 1074 if (auth_rate_limiter.can (rsi))
1058 { 1075 {
1059 auth_req_packet *p = (auth_req_packet *) pkt; 1076 auth_req_packet *p = (auth_req_packet *)pkt;
1060 1077
1061 slog (L_TRACE, "%s >> PT_AUTH_REQ(%s)", conf->nodename, p->initiate ? "initiate" : "reply"); 1078 slog (L_TRACE, "%s >> PT_AUTH_REQ(%s,p%02x,f%02x)",
1079 conf->nodename, p->initiate ? "initiate" : "reply",
1080 p->protocols, p->features);
1062 1081
1082 if (memcmp (p->magic, MAGIC, 8))
1083 {
1084 slog (L_WARN, _("%s(%s): protocol magic mismatch - stray packet?"),
1085 conf->nodename, (const char *)rsi);
1086 }
1063 if (p->chk_config () 1087 else if (p->chk_config (conf, rsi))
1064 && (!strncmp (p->magic, MAGIC_OLD, 8) || !strncmp (p->magic, MAGIC, 8)))
1065 { 1088 {
1066 if (p->prot_minor != PROTOCOL_MINOR) 1089 if (p->prot_minor != PROTOCOL_MINOR)
1067 slog (L_INFO, _("%s(%s): protocol minor version mismatch: ours is %d, %s's is %d."), 1090 slog (L_INFO, _("%s(%s): protocol minor version mismatch: ours is %d, %s's is %d."),
1068 conf->nodename, (const char *)rsi, 1091 conf->nodename, (const char *)rsi,
1069 PROTOCOL_MINOR, conf->nodename, p->prot_minor); 1092 PROTOCOL_MINOR, conf->nodename, p->prot_minor);
1070 1093
1071 if (p->initiate) 1094 if (p->initiate)
1072 send_auth_request (rsi, false); 1095 send_auth_request (rsi, false);
1073 1096
1074 rsachallenge k; 1097 auth_data auth;
1075 1098
1076 if (!rsa_decrypt (::conf.rsa_key, p->encr, k)) 1099 if (!auth_decrypt (::conf.rsa_key, p->encr, auth))
1077 { 1100 {
1078 slog (L_ERR, _("%s(%s): challenge illegal or corrupted (%s). mismatched key or config file?"), 1101 slog (L_ERR, _("%s(%s): challenge illegal or corrupted (%s). mismatched key or config file?"),
1079 conf->nodename, (const char *)rsi, ERR_error_string (ERR_get_error (), 0)); 1102 conf->nodename, (const char *)rsi, ERR_error_string (ERR_get_error (), 0));
1080 break;
1081 } 1103 }
1082 else 1104 else
1083 { 1105 {
1084 delete octx; 1106 bool chg = !have_rcv_auth || memcmp (&rcv_auth, &auth, sizeof auth);
1085 1107
1086 octx = new crypto_ctx (k, 1); 1108 rcv_auth = auth;
1087 oseqno = ntohl (*(u32 *)&k[CHG_SEQNO]) & 0x7fffffff; 1109 have_rcv_auth = true;
1088 1110
1111 send_auth_response (rsi);
1112
1113 if (chg)
1114 {
1089 conf->protocols = p->protocols; 1115 conf->protocols = p->protocols;
1090 features = p->features & config_packet::get_features (); 1116 features = p->features & config_packet::get_features ();
1091 1117
1092 send_auth_response (rsi, p->id, k);
1093
1094 connection_established (); 1118 connection_established (rsi);
1095
1096 break; 1119 }
1097 } 1120 }
1121
1122 break;
1098 } 1123 }
1099 else
1100 slog (L_WARN, _("%s(%s): protocol mismatch."),
1101 conf->nodename, (const char *)rsi);
1102 1124
1103 send_reset (rsi); 1125 send_reset (rsi);
1104 } 1126 }
1105 1127
1106 break; 1128 break;
1109 { 1131 {
1110 auth_res_packet *p = (auth_res_packet *)pkt; 1132 auth_res_packet *p = (auth_res_packet *)pkt;
1111 1133
1112 slog (L_TRACE, "%s >> PT_AUTH_RES", conf->nodename); 1134 slog (L_TRACE, "%s >> PT_AUTH_RES", conf->nodename);
1113 1135
1114 if (p->chk_config ()) 1136 auth_mac local_mac;
1137 auth_hash (snd_auth, p->response.ecdh, local_mac);
1138
1139 if (memcmp (&p->response.mac, local_mac, sizeof local_mac))
1115 { 1140 {
1116 if (p->prot_minor != PROTOCOL_MINOR)
1117 slog (L_INFO, _("%s(%s): protocol minor version mismatch: ours is %d, %s's is %d."),
1118 conf->nodename, (const char *)rsi,
1119 PROTOCOL_MINOR, conf->nodename, p->prot_minor);
1120
1121 rsachallenge chg;
1122
1123 if (!rsa_cache.find (p->id, chg))
1124 {
1125 slog (L_ERR, _("%s(%s): unrequested auth response, ignoring."), 1141 slog (L_ERR, _("%s(%s): unrequested or outdated auth response, ignoring."),
1126 conf->nodename, (const char *)rsi); 1142 conf->nodename, (const char *)rsi);
1127 break;
1128 }
1129 else
1130 {
1131 crypto_ctx *cctx = new crypto_ctx (chg, 0);
1132
1133 if (!p->hmac_chk (cctx))
1134 {
1135 slog (L_ERR, _("%s(%s): hmac authentication error on auth response, received invalid packet\n"
1136 "could be an attack, or just corruption or a synchronization error."),
1137 conf->nodename, (const char *)rsi);
1138 break;
1139 }
1140 else
1141 {
1142 rsaresponse h;
1143
1144 rsa_hash (p->id, chg, h);
1145
1146 if (!memcmp ((u8 *)&h, (u8 *)p->response, sizeof h))
1147 {
1148 prot_minor = p->prot_minor;
1149
1150 delete ictx; ictx = cctx;
1151
1152 iseqno.reset (ntohl (*(u32 *)&chg[CHG_SEQNO]) & 0x7fffffff); // at least 2**31 sequence numbers are valid
1153
1154 si = rsi;
1155 protocol = rsi.prot;
1156
1157 slog (L_INFO, _("%s(%s): connection established (%s), protocol version %d.%d."),
1158 conf->nodename, (const char *)rsi,
1159 is_direct ? "direct" : "forwarded",
1160 p->prot_major, p->prot_minor);
1161
1162 connection_established ();
1163
1164 if (::conf.script_node_up)
1165 {
1166 run_script_cb *cb = new run_script_cb;
1167 cb->set<connection, &connection::script_node_up> (this);
1168 run_script_queued (cb, _("node-up command execution failed, continuing."));
1169 }
1170
1171 break;
1172 }
1173 else
1174 slog (L_ERR, _("%s(%s): sent and received challenge do not match."),
1175 conf->nodename, (const char *)rsi);
1176 }
1177
1178 delete cctx;
1179 }
1180 } 1143 }
1144 else if (!have_snd_auth)
1145 {
1146 memcpy (snd_ecdh_b, p->response.ecdh, sizeof snd_ecdh_b);
1147
1148 have_snd_auth = true;
1149 connection_established (rsi);
1150 }
1151
1152 break;
1181 } 1153 }
1182 1154
1183 send_reset (rsi); 1155 send_reset (rsi);
1184 break; 1156 break;
1185 1157
1261 if (p->id > 0 && p->id <= vpn->conns.size ()) 1233 if (p->id > 0 && p->id <= vpn->conns.size ())
1262 { 1234 {
1263 connection *c = vpn->conns[p->id - 1]; 1235 connection *c = vpn->conns[p->id - 1];
1264 conf->protocols = p->protocols; 1236 conf->protocols = p->protocols;
1265 1237
1266 slog (L_TRACE, "%s >> PT_CONNECT_REQ(%s) [%d]", 1238 slog (L_TRACE, "%s >> PT_CONNECT_REQ(%s,p%02x) [%d]",
1267 conf->nodename, vpn->conns[p->id - 1]->conf->nodename, c->ictx && c->octx); 1239 conf->nodename, vpn->conns[p->id - 1]->conf->nodename,
1240 p->protocols,
1241 c->ictx && c->octx);
1268 1242
1269 if (c->ictx && c->octx) 1243 if (c->ictx && c->octx)
1270 { 1244 {
1271 // send connect_info packets to both sides, in case one is 1245 // send connect_info packets to both sides, in case one is
1272 // behind a nat firewall (or both ;) 1246 // behind a nat firewall (or both ;)
1295 1269
1296 c->conf->protocols = p->protocols; 1270 c->conf->protocols = p->protocols;
1297 protocol = best_protocol (c->conf->protocols & THISNODE->protocols & p->si.supported_protocols (c->conf)); 1271 protocol = best_protocol (c->conf->protocols & THISNODE->protocols & p->si.supported_protocols (c->conf));
1298 p->si.upgrade_protocol (protocol, c->conf); 1272 p->si.upgrade_protocol (protocol, c->conf);
1299 1273
1300 slog (L_TRACE, "%s >> PT_CONNECT_INFO(%s,%s) [%d]", 1274 slog (L_TRACE, "%s >> PT_CONNECT_INFO(%s,%s,protocols=%02x,protocol=%02x,upgradable=%02x) [%d]",
1275 conf->nodename,
1301 conf->nodename, vpn->conns[p->id - 1]->conf->nodename, 1276 vpn->conns[p->id - 1]->conf->nodename,
1277 (const char *)p->si,
1278 p->protocols,
1279 protocol,
1280 p->si.supported_protocols (c->conf),
1302 (const char *)p->si, !c->ictx && !c->octx); 1281 !c->ictx && !c->octx);
1303 1282
1304 const sockinfo &dsi = forward_si (p->si); 1283 const sockinfo &dsi = forward_si (p->si);
1305 1284
1306 if (dsi.valid ()) 1285 if (dsi.valid ())
1307 c->send_auth_request (dsi, true); 1286 c->send_auth_request (dsi, true);
1287 else
1288 slog (L_INFO, "connect info for %s received (%s), but still unable to contact.",
1289 vpn->conns[p->id - 1]->conf->nodename,
1290 (const char *)p->si);
1308 } 1291 }
1309 else 1292 else
1310 slog (L_WARN, 1293 slog (L_WARN,
1311 _("received authenticated connection request from unknown node #%d, config file mismatch?"), 1294 _("received authenticated connection request from unknown node #%d, config file mismatch?"),
1312 p->id); 1295 p->id);
1321} 1304}
1322 1305
1323inline void 1306inline void
1324connection::keepalive_cb (ev::timer &w, int revents) 1307connection::keepalive_cb (ev::timer &w, int revents)
1325{ 1308{
1326 if (ev_now () >= last_activity + ::conf.keepalive + 15) 1309 ev_tstamp when = last_activity + ::conf.keepalive - ev::now ();
1310
1311 if (when >= 0)
1312 w.start (when);
1313 else if (when < -15)
1327 { 1314 {
1328 reset_connection (); 1315 reset_connection ();
1329 establish_connection (); 1316 establish_connection ();
1330 } 1317 }
1331 else if (ev_now () < last_activity + ::conf.keepalive)
1332 w.start (last_activity + ::conf.keepalive - ev::now ());
1333 else if (conf->connectmode != conf_node::C_ONDEMAND 1318 else if (conf->connectmode != conf_node::C_ONDEMAND
1334 || THISNODE->connectmode != conf_node::C_ONDEMAND) 1319 || THISNODE->connectmode != conf_node::C_ONDEMAND)
1335 { 1320 {
1321 w.start (3);
1336 send_ping (si); 1322 send_ping (si);
1337 w.start (3);
1338 } 1323 }
1339 else if (ev_now () < last_activity + ::conf.keepalive + 10) 1324 else if (when >= -10)
1340 // hold ondemand connections implicitly a few seconds longer 1325 // hold ondemand connections implicitly a few seconds longer
1341 // should delete octx, though, or something like that ;) 1326 // should delete octx, though, or something like that ;)
1342 w.start (last_activity + ::conf.keepalive + 10 - ev::now ()); 1327 w.start (when + 10);
1343 else 1328 else
1344 reset_connection (); 1329 reset_connection ();
1345} 1330}
1346 1331
1332void
1347void connection::send_connect_request (int id) 1333connection::send_connect_request (int id)
1348{ 1334{
1349 connect_req_packet *p = new connect_req_packet (conf->id, id, conf->protocols); 1335 connect_req_packet *p = new connect_req_packet (conf->id, id, THISNODE->protocols);
1350 1336
1351 slog (L_TRACE, "%s << PT_CONNECT_REQ(%s)", 1337 slog (L_TRACE, "%s << PT_CONNECT_REQ(%s,p%02x)",
1352 conf->nodename, vpn->conns[id - 1]->conf->nodename); 1338 conf->nodename, vpn->conns[id - 1]->conf->nodename,
1339 THISNODE->protocols);
1353 p->hmac_set (octx); 1340 p->hmac_set (octx);
1354 send_vpn_packet (p, si); 1341 send_vpn_packet (p, si);
1355 1342
1356 delete p; 1343 delete p;
1357} 1344}
1358 1345
1346void
1359void connection::script_init_env (const char *ext) 1347connection::script_init_env (const char *ext)
1360{ 1348{
1361 char *env; 1349 char *env;
1362 asprintf (&env, "IFUPDATA%s=%s", ext, conf->if_up_data); putenv (env); 1350 asprintf (&env, "IFUPDATA%s=%s", ext, conf->if_up_data); putenv (env);
1363 asprintf (&env, "NODENAME%s=%s", ext, conf->nodename); putenv (env); 1351 asprintf (&env, "NODENAME%s=%s", ext, conf->nodename); putenv (env);
1364 asprintf (&env, "MAC%s=%02x:%02x:%02x:%02x:%02x:%02x", ext, 1352 asprintf (&env, "MAC%s=%02x:%02x:%02x:%02x:%02x:%02x", ext,
1365 0xfe, 0xfd, 0x80, 0x00, conf->id >> 8, 1353 0xfe, 0xfd, 0x80, 0x00, conf->id >> 8,
1366 conf->id & 0xff); putenv (env); 1354 conf->id & 0xff); putenv (env);
1367} 1355}
1368 1356
1357void
1369void connection::script_init_connect_env () 1358connection::script_init_connect_env ()
1370{ 1359{
1371 vpn->script_init_env (); 1360 vpn->script_init_env ();
1372 1361
1373 char *env; 1362 char *env;
1374 asprintf (&env, "DESTID=%d", conf->id); putenv (env); 1363 asprintf (&env, "DESTID=%d", conf->id); putenv (env);
1439 establish_connection.set<connection, &connection::establish_connection_cb> (this); 1428 establish_connection.set<connection, &connection::establish_connection_cb> (this);
1440 1429
1441 last_establish_attempt = 0.; 1430 last_establish_attempt = 0.;
1442 octx = ictx = 0; 1431 octx = ictx = 0;
1443 1432
1444 if (!conf->protocols) // make sure some protocol is enabled
1445 conf->protocols = PROT_UDPv4;
1446
1447 connectmode = conf->connectmode; 1433 connectmode = conf->connectmode;
1448 1434
1449 // queue a dummy packet to force an initial connection attempt 1435 // queue a dummy packet to force an initial connection attempt
1450 if (connectmode != conf_node::C_ALWAYS && connectmode != conf_node::C_DISABLED) 1436 if (connectmode != conf_node::C_ALWAYS && connectmode != conf_node::C_DISABLED)
1451 vpn_queue.put (new net_packet); 1437 vpn_queue.put (new net_packet);
1456connection::~connection () 1442connection::~connection ()
1457{ 1443{
1458 shutdown (); 1444 shutdown ();
1459} 1445}
1460 1446
1447void
1461void connection_init () 1448connection_init ()
1462{ 1449{
1463 auth_rate_limiter.clear (); 1450 auth_rate_limiter.clear ();
1464 reset_rate_limiter.clear (); 1451 reset_rate_limiter.clear ();
1465} 1452}
1466 1453

Diff Legend

Removed lines
+ Added lines
< Changed lines
> Changed lines