ViewVC Help

View File | Revision Log | Show Annotations | Download File

/cvs/gvpe/src/connection.C

Comparing gvpe/src/connection.C (file contents):
Revision 1.1 by pcg, Wed Apr 2 03:06:22 2003 UTC vs.
Revision 1.67 by pcg, Thu Aug 7 16:34:21 2008 UTC

1	/*	1	/*
2	connection.C -- manage a single connection	2	connection.C -- manage a single connection
		3	Copyright (C) 2003-2005 Marc Lehmann <gvpe@schmorp.de>
3		4
		5	This file is part of GVPE.
		6
4	This program is free software; you can redistribute it and/or modify	7	GVPE is free software; you can redistribute it and/or modify
5	it under the terms of the GNU General Public License as published by	8	it under the terms of the GNU General Public License as published by
6	the Free Software Foundation; either version 2 of the License, or	9	the Free Software Foundation; either version 2 of the License, or
7	(at your option) any later version.	10	(at your option) any later version.
8		11
9	This program is distributed in the hope that it will be useful,	12	This program is distributed in the hope that it will be useful,
10	but WITHOUT ANY WARRANTY; without even the implied warranty of	13	but WITHOUT ANY WARRANTY; without even the implied warranty of
11	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the	14	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12	GNU General Public License for more details.	15	GNU General Public License for more details.
13		16
14	You should have received a copy of the GNU General Public License	17	You should have received a copy of the GNU General Public License
15	along with this program; if not, write to the Free Software	18	along with gvpe; if not, write to the Free Software
16	Foundation, Inc. 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA	19	Foundation, Inc. 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17	*/	20	*/
18		21
19	#include "config.h"	22	#include "config.h"
20		23
21	extern "C" {
22	# include "lzf/lzf.h"
23	}
24
25	#include <list>	24	#include <list>
26		25
27	#include "gettext.h"	26	#include <openssl/rand.h>
		27	#include <openssl/evp.h>
		28	#include <openssl/rsa.h>
		29	#include <openssl/err.h>
28		30
29	#include "conf.h"	31	#include "conf.h"
30	#include "slog.h"	32	#include "slog.h"
31	#include "device.h"	33	#include "device.h"
32	#include "protocol.h"	34	#include "vpn.h"
33	#include "connection.h"	35	#include "connection.h"
		36
		37	#include "netcompat.h"
34		38
35	#if !HAVE_RAND_PSEUDO_BYTES	39	#if !HAVE_RAND_PSEUDO_BYTES
36	# define RAND_pseudo_bytes RAND_bytes	40	# define RAND_pseudo_bytes RAND_bytes
37	#endif	41	#endif
38		42
39	#define MAGIC "vped\xbd\xc6\xdb\x82" // 8 bytes of magic	43	#define MAGIC "vped\xbd\xc6\xdb\x82" // 8 bytes of magic
40		44
		45	#define ULTRA_FAST 1
		46	#define HLOG 15
		47	#include "lzf/lzf.h"
		48	#include "lzf/lzf_c.c"
		49	#include "lzf/lzf_d.c"
		50
41	struct crypto_ctx	51	struct crypto_ctx
42	{	52	{
43	EVP_CIPHER_CTX cctx;	53	EVP_CIPHER_CTX cctx;
44	HMAC_CTX hctx;	54	HMAC_CTX hctx;
45		55
…		…
48	};	58	};
49		59
50	crypto_ctx::crypto_ctx (const rsachallenge &challenge, int enc)	60	crypto_ctx::crypto_ctx (const rsachallenge &challenge, int enc)
51	{	61	{
52	EVP_CIPHER_CTX_init (&cctx);	62	EVP_CIPHER_CTX_init (&cctx);
53	EVP_CipherInit_ex (&cctx, CIPHER, 0, &challenge[CHG_CIPHER_KEY], 0, enc);	63	require (EVP_CipherInit_ex (&cctx, CIPHER, 0, &challenge[CHG_CIPHER_KEY], 0, enc));
54	HMAC_CTX_init (&hctx);	64	HMAC_CTX_init (&hctx);
55	HMAC_Init_ex (&hctx, &challenge[CHG_HMAC_KEY], HMAC_KEYLEN, DIGEST, 0);	65	HMAC_Init_ex (&hctx, &challenge[CHG_HMAC_KEY], HMAC_KEYLEN, DIGEST, 0);
56	}	66	}
57		67
58	crypto_ctx::~crypto_ctx ()	68	crypto_ctx::~crypto_ctx ()
59	{	69	{
60	EVP_CIPHER_CTX_cleanup (&cctx);	70	require (EVP_CIPHER_CTX_cleanup (&cctx));
61	HMAC_CTX_cleanup (&hctx);	71	HMAC_CTX_cleanup (&hctx);
62	}	72	}
63		73
64	static void	74	static void
65	rsa_hash (const rsaid &id, const rsachallenge &chg, rsaresponse &h)	75	rsa_hash (const rsaid &id, const rsachallenge &chg, rsaresponse &h)
66	{	76	{
67	EVP_MD_CTX ctx;	77	EVP_MD_CTX ctx;
68		78
69	EVP_MD_CTX_init (&ctx);	79	EVP_MD_CTX_init (&ctx);
70	EVP_DigestInit (&ctx, RSA_HASH);	80	require (EVP_DigestInit (&ctx, RSA_HASH));
71	EVP_DigestUpdate(&ctx, &chg, sizeof chg);	81	require (EVP_DigestUpdate(&ctx, &chg, sizeof chg));
72	EVP_DigestUpdate(&ctx, &id, sizeof id);	82	require (EVP_DigestUpdate(&ctx, &id, sizeof id));
73	EVP_DigestFinal (&ctx, (unsigned char *)&h, 0);	83	require (EVP_DigestFinal (&ctx, (unsigned char *)&h, 0));
74	EVP_MD_CTX_cleanup (&ctx);	84	EVP_MD_CTX_cleanup (&ctx);
75	}	85	}
76		86
77	struct rsa_entry {	87	struct rsa_entry
		88	{
78	tstamp expire;	89	tstamp expire;
79	rsaid id;	90	rsaid id;
80	rsachallenge chg;	91	rsachallenge chg;
81	};	92	};
82		93
83	struct rsa_cache : list<rsa_entry>	94	struct rsa_cache : list<rsa_entry>
84	{	95	{
85	void cleaner_cb (tstamp &ts); time_watcher cleaner;	96	inline void cleaner_cb (ev::timer &w, int revents); ev::timer cleaner;
86		97
87	bool find (const rsaid &id, rsachallenge &chg)	98	bool find (const rsaid &id, rsachallenge &chg)
88	{	99	{
89	for (iterator i = begin (); i != end (); ++i)	100	for (iterator i = begin (); i != end (); ++i)
90	{	101	{
91	if (!memcmp (&id, &i->id, sizeof id) && i->expire > NOW)	102	if (!memcmp (&id, &i->id, sizeof id) && i->expire > ev_now ())
92	{	103	{
93	memcpy (&chg, &i->chg, sizeof chg);	104	memcpy (&chg, &i->chg, sizeof chg);
94		105
95	erase (i);	106	erase (i);
96	return true;	107	return true;
97	}	108	}
98	}	109	}
99		110
100	if (cleaner.at < NOW)	111	if (!cleaner.is_active ())
101	cleaner.start (NOW + RSA_TTL);	112	cleaner.again ();
102		113
103	return false;	114	return false;
104	}	115	}
105		116
106	void gen (rsaid &id, rsachallenge &chg)	117	void gen (rsaid &id, rsachallenge &chg)
107	{	118	{
108	rsa_entry e;	119	rsa_entry e;
109		120
110	RAND_bytes ((unsigned char *)&id, sizeof id);	121	RAND_bytes ((unsigned char *)&id, sizeof id);
111	RAND_bytes ((unsigned char *)&chg, sizeof chg);	122	RAND_bytes ((unsigned char *)&chg, sizeof chg);
112		123
113	e.expire = NOW + RSA_TTL;	124	e.expire = ev_now () + RSA_TTL;
114	e.id = id;	125	e.id = id;
115	memcpy (&e.chg, &chg, sizeof chg);	126	memcpy (&e.chg, &chg, sizeof chg);
116		127
117	push_back (e);	128	push_back (e);
118		129
119	if (cleaner.at < NOW)	130	if (!cleaner.is_active ())
120	cleaner.start (NOW + RSA_TTL);	131	cleaner.again ();
121	}	132	}
122		133
123	rsa_cache ()	134	rsa_cache ()
124	: cleaner (this, &rsa_cache::cleaner_cb)	135	{
125	{ }	136	cleaner.set<rsa_cache, &rsa_cache::cleaner_cb> (this);
		137	cleaner.set (RSA_TTL, RSA_TTL);
		138	}
126		139
127	} rsa_cache;	140	} rsa_cache;
128		141
129	void rsa_cache::cleaner_cb (tstamp &ts)	142	void rsa_cache::cleaner_cb (ev::timer &w, int revents)
130	{	143	{
131	if (empty ())	144	if (empty ())
132	ts = TSTAMP_CANCEL;	145	w.stop ();
133	else	146	else
134	{	147	{
135	ts = NOW + RSA_TTL;
136
137	for (iterator i = begin (); i != end (); )	148	for (iterator i = begin (); i != end (); )
138	if (i->expire <= NOW)	149	if (i->expire <= ev_now ())
139	i = erase (i);	150	i = erase (i);
140	else	151	else
141	++i;	152	++i;
142	}	153	}
143	}	154	}
144		155
145	//////////////////////////////////////////////////////////////////////////////	156	//////////////////////////////////////////////////////////////////////////////
146		157
147	void pkt_queue::put (tap_packet *p)	158	pkt_queue::pkt_queue (double max_ttl, int max_queue)
		159	: max_ttl (max_ttl), max_queue (max_queue)
148	{	160	{
149	if (queue[i])	161	queue = new pkt [max_queue];
150	{
151	delete queue[i];
152	j = (j + 1) % QUEUEDEPTH;
153	}
154		162
155	queue[i] = p;
156
157	i = (i + 1) % QUEUEDEPTH;
158	}
159
160	tap_packet *pkt_queue::get ()
161	{
162	tap_packet *p = queue[j];
163
164	if (p)
165	{
166	queue[j] = 0;
167	j = (j + 1) % QUEUEDEPTH;
168	}
169
170	return p;
171	}
172
173	pkt_queue::pkt_queue ()
174	{
175	memset (queue, 0, sizeof (queue));
176	i = 0;	163	i = 0;
177	j = 0;	164	j = 0;
		165
		166	expire.set<pkt_queue, &pkt_queue::expire_cb> (this);
178	}	167	}
179		168
180	pkt_queue::~pkt_queue ()	169	pkt_queue::~pkt_queue ()
181	{	170	{
182	for (i = QUEUEDEPTH; --i > 0; )	171	while (net_packet *p = get ())
		172	delete p;
		173
183	delete queue[i];	174	delete [] queue;
184	}	175	}
185		176
		177	void pkt_queue::expire_cb (ev::timer &w, int revents)
		178	{
		179	ev_tstamp expire = ev_now () - max_ttl;
		180
		181	for (;;)
		182	{
		183	if (empty ())
		184	break;
		185
		186	double diff = queue[j].tstamp - expire;
		187
		188	if (diff >= 0.)
		189	{
		190	w.start (diff > 0.5 ? diff : 0.5);
		191	break;
		192	}
		193
		194	delete get ();
		195	}
		196	}
		197
		198	void pkt_queue::put (net_packet *p)
		199	{
		200	ev_tstamp now = ev_now ();
		201
		202	// start expiry timer
		203	if (empty ())
		204	expire.start (max_ttl);
		205
		206	int ni = i + 1 == max_queue ? 0 : i + 1;
		207
		208	if (ni == j)
		209	delete get ();
		210
		211	queue[i].pkt = p;
		212	queue[i].tstamp = now;
		213
		214	i = ni;
		215	}
		216
		217	net_packet *pkt_queue::get ()
		218	{
		219	if (empty ())
		220	return 0;
		221
		222	net_packet *p = queue[j].pkt;
		223	queue[j].pkt = 0;
		224
		225	j = j + 1 == max_queue ? 0 : j + 1;
		226
		227	return p;
		228	}
		229
186	struct net_rateinfo {	230	struct net_rateinfo
		231	{
187	u32 host;	232	u32 host;
188	double pcnt, diff;	233	double pcnt, diff;
189	tstamp last;	234	tstamp last;
190	};	235	};
191		236
192	// only do action once every x seconds per host whole allowing bursts.	237	// only do action once every x seconds per host whole allowing bursts.
193	// this implementation ("splay list" ;) is inefficient,	238	// this implementation ("splay list" ;) is inefficient,
194	// but low on resources.	239	// but low on resources.
195	struct net_rate_limiter : list<net_rateinfo>	240	struct net_rate_limiter : list<net_rateinfo>
196	{	241	{
197	static const double ALPHA = 1. - 1. / 90.; // allow bursts	242	# define NRL_ALPHA (1. - 1. / 600.) // allow bursts
198	static const double CUTOFF = 20.; // one event every CUTOFF seconds	243	# define NRL_CUTOFF 10. // one event every CUTOFF seconds
199	static const double EXPIRE = CUTOFF * 30.; // expire entries after this time	244	# define NRL_EXPIRE (NRL_CUTOFF * 30.) // expire entries after this time
		245	# define NRL_MAXDIF (NRL_CUTOFF * (1. / (1. - NRL_ALPHA))) // maximum diff /count value
200		246
201	bool can (const sockinfo &si) { return can((u32)si.host); }	247	bool can (const sockinfo &si) { return can((u32)si.host); }
202	bool can (u32 host);	248	bool can (u32 host);
203	};	249	};
204		250
205	net_rate_limiter auth_rate_limiter, reset_rate_limiter;	251	net_rate_limiter auth_rate_limiter, reset_rate_limiter;
206		252
…		…
209	iterator i;	255	iterator i;
210		256
211	for (i = begin (); i != end (); )	257	for (i = begin (); i != end (); )
212	if (i->host == host)	258	if (i->host == host)
213	break;	259	break;
214	else if (i->last < NOW - EXPIRE)	260	else if (i->last < ev_now () - NRL_EXPIRE)
215	i = erase (i);	261	i = erase (i);
216	else	262	else
217	i++;	263	i++;
218		264
219	if (i == end ())	265	if (i == end ())
220	{	266	{
221	net_rateinfo ri;	267	net_rateinfo ri;
222		268
223	ri.host = host;	269	ri.host = host;
224	ri.pcnt = 1.;	270	ri.pcnt = 1.;
225	ri.diff = CUTOFF * (1. / (1. - ALPHA));	271	ri.diff = NRL_MAXDIF;
226	ri.last = NOW;	272	ri.last = ev_now ();
227		273
228	push_front (ri);	274	push_front (ri);
229		275
230	return true;	276	return true;
231	}	277	}
232	else	278	else
233	{	279	{
234	net_rateinfo ri (*i);	280	net_rateinfo ri (*i);
235	erase (i);	281	erase (i);
236		282
237	ri.pcnt = ri.pcnt * ALPHA;	283	ri.pcnt = ri.pcnt * NRL_ALPHA;
238	ri.diff = ri.diff * ALPHA + (NOW - ri.last);	284	ri.diff = ri.diff * NRL_ALPHA + (ev_now () - ri.last);
239		285
240	ri.last = NOW;	286	ri.last = ev_now ();
241		287
		288	double dif = ri.diff / ri.pcnt;
		289
242	bool send = ri.diff / ri.pcnt > CUTOFF;	290	bool send = dif > NRL_CUTOFF;
243		291
		292	if (dif > NRL_MAXDIF)
		293	{
		294	ri.pcnt = 1.;
		295	ri.diff = NRL_MAXDIF;
		296	}
244	if (send)	297	else if (send)
245	ri.pcnt++;	298	ri.pcnt++;
246		299
247	push_front (ri);	300	push_front (ri);
248		301
249	return send;	302	return send;
…		…
280	hmac_gen (ctx);	333	hmac_gen (ctx);
281		334
282	return !memcmp (hmac, hmac_digest, HMACLENGTH);	335	return !memcmp (hmac, hmac_digest, HMACLENGTH);
283	}	336	}
284		337
285	void vpn_packet::set_hdr (ptype type, unsigned int dst)	338	void vpn_packet::set_hdr (ptype type_, unsigned int dst)
286	{	339	{
287	this->type = type;	340	type = type_;
288		341
289	int src = THISNODE->id;	342	int src = THISNODE->id;
290		343
291	src1 = src;	344	src1 = src;
292	srcdst = ((src >> 8) << 4) | (dst >> 8);	345	srcdst = ((src >> 8) << 4) | (dst >> 8);
…		…
294	}	347	}
295		348
296	#define MAXVPNDATA (MAX_MTU - 6 - 6)	349	#define MAXVPNDATA (MAX_MTU - 6 - 6)
297	#define DATAHDR (sizeof (u32) + RAND_SIZE)	350	#define DATAHDR (sizeof (u32) + RAND_SIZE)
298		351
299	struct vpndata_packet:vpn_packet	352	struct vpndata_packet : vpn_packet
300	{	353	{
301	u8 data[MAXVPNDATA + DATAHDR]; // seqno	354	u8 data[MAXVPNDATA + DATAHDR]; // seqno
302		355
303	void setup (connection *conn, int dst, u8 *d, u32 len, u32 seqno);	356	void setup (connection *conn, int dst, u8 *d, u32 len, u32 seqno);
304	tap_packet *unpack (connection *conn, u32 &seqno);	357	tap_packet *unpack (connection *conn, u32 &seqno);
…		…
317	int outl = 0, outl2;	370	int outl = 0, outl2;
318	ptype type = PT_DATA_UNCOMPRESSED;	371	ptype type = PT_DATA_UNCOMPRESSED;
319		372
320	#if ENABLE_COMPRESSION	373	#if ENABLE_COMPRESSION
321	u8 cdata[MAX_MTU];	374	u8 cdata[MAX_MTU];
322	u32 cl;
323		375
		376	if (conn->features & ENABLE_COMPRESSION)
		377	{
324	cl = lzf_compress (d, l, cdata + 2, (l - 2) & ~7);	378	u32 cl = lzf_compress (d, l, cdata + 2, (l - 2) & ~7);
		379
325	if (cl)	380	if (cl)
326	{	381	{
327	type = PT_DATA_COMPRESSED;	382	type = PT_DATA_COMPRESSED;
328	d = cdata;	383	d = cdata;
329	l = cl + 2;	384	l = cl + 2;
330		385
331	d[0] = cl >> 8;	386	d[0] = cl >> 8;
332	d[1] = cl;	387	d[1] = cl;
		388	}
333	}	389	}
334	#endif	390	#endif
335		391
336	EVP_EncryptInit_ex (cctx, 0, 0, 0, 0);	392	require (EVP_EncryptInit_ex (cctx, 0, 0, 0, 0));
337		393
338	struct {	394	struct {
339	#if RAND_SIZE	395	#if RAND_SIZE
340	u8 rnd[RAND_SIZE];	396	u8 rnd[RAND_SIZE];
341	#endif	397	#endif
…		…
345	datahdr.seqno = ntohl (seqno);	401	datahdr.seqno = ntohl (seqno);
346	#if RAND_SIZE	402	#if RAND_SIZE
347	RAND_pseudo_bytes ((unsigned char *) datahdr.rnd, RAND_SIZE);	403	RAND_pseudo_bytes ((unsigned char *) datahdr.rnd, RAND_SIZE);
348	#endif	404	#endif
349		405
350	EVP_EncryptUpdate (cctx,	406	require (EVP_EncryptUpdate (cctx,
351	(unsigned char *) data + outl, &outl2,	407	(unsigned char *) data + outl, &outl2,
352	(unsigned char *) &datahdr, DATAHDR);	408	(unsigned char *) &datahdr, DATAHDR));
353	outl += outl2;	409	outl += outl2;
354		410
355	EVP_EncryptUpdate (cctx,	411	require (EVP_EncryptUpdate (cctx,
356	(unsigned char *) data + outl, &outl2,	412	(unsigned char *) data + outl, &outl2,
357	(unsigned char *) d, l);	413	(unsigned char *) d, l));
358	outl += outl2;	414	outl += outl2;
359		415
360	EVP_EncryptFinal_ex (cctx, (unsigned char *) data + outl, &outl2);	416	require (EVP_EncryptFinal_ex (cctx, (unsigned char *) data + outl, &outl2));
361	outl += outl2;	417	outl += outl2;
362		418
363	len = outl + data_hdr_size ();	419	len = outl + data_hdr_size ();
364		420
365	set_hdr (type, dst);	421	set_hdr (type, dst);
…		…
374	int outl = 0, outl2;	430	int outl = 0, outl2;
375	tap_packet *p = new tap_packet;	431	tap_packet *p = new tap_packet;
376	u8 *d;	432	u8 *d;
377	u32 l = len - data_hdr_size ();	433	u32 l = len - data_hdr_size ();
378		434
379	EVP_DecryptInit_ex (cctx, 0, 0, 0, 0);	435	require (EVP_DecryptInit_ex (cctx, 0, 0, 0, 0));
380		436
381	#if ENABLE_COMPRESSION	437	#if ENABLE_COMPRESSION
382	u8 cdata[MAX_MTU];	438	u8 cdata[MAX_MTU];
383		439
384	if (type == PT_DATA_COMPRESSED)	440	if (type == PT_DATA_COMPRESSED)
…		…
386	else	442	else
387	#endif	443	#endif
388	d = &(*p)[6 + 6 - DATAHDR];	444	d = &(*p)[6 + 6 - DATAHDR];
389		445
390	/* this overwrites part of the src mac, but we fix that later */	446	/* this overwrites part of the src mac, but we fix that later */
391	EVP_DecryptUpdate (cctx,	447	require (EVP_DecryptUpdate (cctx,
392	d, &outl2,	448	d, &outl2,
393	(unsigned char *)&data, len - data_hdr_size ());	449	(unsigned char *)&data, len - data_hdr_size ()));
394	outl += outl2;	450	outl += outl2;
395		451
396	EVP_DecryptFinal_ex (cctx, (unsigned char *)d + outl, &outl2);	452	require (EVP_DecryptFinal_ex (cctx, (unsigned char *)d + outl, &outl2));
397	outl += outl2;	453	outl += outl2;
398		454
399	seqno = ntohl (*(u32 *)(d + RAND_SIZE));	455	seqno = ntohl (*(u32 *)(d + RAND_SIZE));
400		456
401	id2mac (dst () ? dst() : THISNODE->id, p->dst);	457	id2mac (dst () ? dst() : THISNODE->id, p->dst);
…		…
430	{	486	{
431	// actually, hmaclen cannot be checked because the hmac	487	// actually, hmaclen cannot be checked because the hmac
432	// field comes before this data, so peers with other	488	// field comes before this data, so peers with other
433	// hmacs simply will not work.	489	// hmacs simply will not work.
434	u8 prot_major, prot_minor, randsize, hmaclen;	490	u8 prot_major, prot_minor, randsize, hmaclen;
435	u8 flags, challengelen, pad2, pad3;	491	u8 flags, challengelen, features, pad3;
436	u32 cipher_nid, digest_nid, hmac_nid;	492	u32 cipher_nid, digest_nid, hmac_nid;
437
438	const u8 curflags () const
439	{
440	return 0x80
441	| (ENABLE_COMPRESSION ? 0x01 : 0x00);
442	}
443		493
444	void setup (ptype type, int dst);	494	void setup (ptype type, int dst);
445	bool chk_config () const;	495	bool chk_config () const;
		496
		497	static u8 get_features ()
		498	{
		499	u8 f = 0;
		500	#if ENABLE_COMPRESSION
		501	f |= FEATURE_COMPRESSION;
		502	#endif
		503	#if ENABLE_ROHC
		504	f |= FEATURE_ROHC;
		505	#endif
		506	#if ENABLE_BRIDGING
		507	f |= FEATURE_BRIDGING;
		508	#endif
		509	return f;
		510	}
446	};	511	};
447		512
448	void config_packet::setup (ptype type, int dst)	513	void config_packet::setup (ptype type, int dst)
449	{	514	{
450	prot_major = PROTOCOL_MAJOR;	515	prot_major = PROTOCOL_MAJOR;
451	prot_minor = PROTOCOL_MINOR;	516	prot_minor = PROTOCOL_MINOR;
452	randsize = RAND_SIZE;	517	randsize = RAND_SIZE;
453	hmaclen = HMACLENGTH;	518	hmaclen = HMACLENGTH;
454	flags = curflags ();	519	flags = 0;
455	challengelen = sizeof (rsachallenge);	520	challengelen = sizeof (rsachallenge);
		521	features = get_features ();
456		522
457	cipher_nid = htonl (EVP_CIPHER_nid (CIPHER));	523	cipher_nid = htonl (EVP_CIPHER_nid (CIPHER));
458	digest_nid = htonl (EVP_MD_type (RSA_HASH));	524	digest_nid = htonl (EVP_MD_type (RSA_HASH));
459	hmac_nid = htonl (EVP_MD_type (DIGEST));	525	hmac_nid = htonl (EVP_MD_type (DIGEST));
460		526
…		…
462	set_hdr (type, dst);	528	set_hdr (type, dst);
463	}	529	}
464		530
465	bool config_packet::chk_config () const	531	bool config_packet::chk_config () const
466	{	532	{
467	return prot_major == PROTOCOL_MAJOR	533	if (prot_major != PROTOCOL_MAJOR)
468	&& randsize == RAND_SIZE	534	slog (L_WARN, _("major version mismatch (remote %d <=> local %d)"), prot_major, PROTOCOL_MAJOR);
469	&& hmaclen == HMACLENGTH	535	else if (randsize != RAND_SIZE)
470	&& flags == curflags ()	536	slog (L_WARN, _("rand size mismatch (remote %d <=> local %d)"), randsize, RAND_SIZE);
		537	else if (hmaclen != HMACLENGTH)
		538	slog (L_WARN, _("hmac length mismatch (remote %d <=> local %d)"), hmaclen, HMACLENGTH);
471	&& challengelen == sizeof (rsachallenge)	539	else if (challengelen != sizeof (rsachallenge))
		540	slog (L_WARN, _("challenge length mismatch (remote %d <=> local %d)"), challengelen, sizeof (rsachallenge));
472	&& cipher_nid == htonl (EVP_CIPHER_nid (CIPHER))	541	else if (cipher_nid != htonl (EVP_CIPHER_nid (CIPHER)))
		542	slog (L_WARN, _("cipher mismatch (remote %x <=> local %x)"), ntohl (cipher_nid), EVP_CIPHER_nid (CIPHER));
473	&& digest_nid == htonl (EVP_MD_type (RSA_HASH))	543	else if (digest_nid != htonl (EVP_MD_type (RSA_HASH)))
		544	slog (L_WARN, _("digest mismatch (remote %x <=> local %x)"), ntohl (digest_nid), EVP_MD_type (RSA_HASH));
474	&& hmac_nid == htonl (EVP_MD_type (DIGEST));	545	else if (hmac_nid != htonl (EVP_MD_type (DIGEST)))
		546	slog (L_WARN, _("hmac mismatch (remote %x <=> local %x)"), ntohl (hmac_nid), EVP_MD_type (DIGEST));
		547	else
		548	return true;
		549
		550	return false;
475	}	551	}
476		552
477	struct auth_req_packet : config_packet	553	struct auth_req_packet : config_packet
478	{	554	{
479	char magic[8];	555	char magic[8];
480	u8 initiate; // false if this is just an automatic reply	556	u8 initiate; // false if this is just an automatic reply
481	u8 protocols; // supported protocols (will get patches on forward)	557	u8 protocols; // supported protocols (will be patched on forward)
482	u8 pad2, pad3;	558	u8 pad2, pad3;
483	rsaid id;	559	rsaid id;
484	rsaencrdata encr;	560	rsaencrdata encr;
485		561
486	auth_req_packet (int dst, bool initiate_, u8 protocols_)	562	auth_req_packet (int dst, bool initiate_, u8 protocols_)
…		…
541	};	617	};
542		618
543	/////////////////////////////////////////////////////////////////////////////	619	/////////////////////////////////////////////////////////////////////////////
544		620
545	void	621	void
		622	connection::connection_established ()
		623	{
		624	slog (L_TRACE, _("%s: possible connection establish (ictx %d, octx %d)"), conf->nodename, !!ictx, !!octx);
		625
		626	if (ictx && octx)
		627	{
		628	// make sure rekeying timeouts are slightly asymmetric
		629	ev::tstamp rekey_interval = ::conf.rekey + (conf->id > THISNODE->id ? 10 : 0);
		630	rekey.start (rekey_interval, rekey_interval);
		631	keepalive.start (::conf.keepalive);
		632
		633	// send queued packets
		634	if (ictx && octx)
		635	{
		636	while (tap_packet *p = (tap_packet *)data_queue.get ())
		637	{
		638	if (p->len) send_data_packet (p);
		639	delete p;
		640	}
		641
		642	while (vpn_packet *p = (vpn_packet *)vpn_queue.get ())
		643	{
		644	if (p->len) send_vpn_packet (p, si, IPTOS_RELIABILITY);
		645	delete p;
		646	}
		647	}
		648	}
		649	else
		650	{
		651	retry_cnt = 0;
		652	establish_connection.start (5);
		653	keepalive.stop ();
		654	rekey.stop ();
		655	}
		656	}
		657
		658	void
546	connection::reset_dstaddr ()	659	connection::reset_si ()
547	{	660	{
		661	protocol = best_protocol (THISNODE->protocols & conf->protocols);
		662
		663	// mask out protocols we cannot establish
		664	if (!conf->udp_port) protocol &= ~PROT_UDPv4;
		665	if (!conf->tcp_port) protocol &= ~PROT_TCPv4;
		666	if (!conf->dns_port) protocol &= ~PROT_DNSv4;
		667
		668	if (protocol
		669	&& (!conf->can_direct (THISNODE)
		670	|| !THISNODE->can_direct (conf)))
		671	{
		672	slog (L_DEBUG, _("%s: direct connection denied"), conf->nodename);
		673	protocol = 0;
		674	}
		675
548	si.set (conf);	676	si.set (conf, protocol);
		677	}
		678
		679	// ensure sockinfo is valid, forward if necessary
		680	const sockinfo &
		681	connection::forward_si (const sockinfo &si) const
		682	{
		683	if (!si.valid ())
		684	{
		685	connection *r = vpn->find_router ();
		686
		687	if (r)
		688	{
		689	slog (L_DEBUG, _("%s: no common protocol, trying indirectly through %s (%s)"),
		690	conf->nodename, r->conf->nodename, (const char *)r->si);
		691	return r->si;
		692	}
		693	else
		694	slog (L_DEBUG, _("%s: node unreachable, no common protocol"),
		695	conf->nodename);
		696	}
		697
		698	return si;
		699	}
		700
		701	void
		702	connection::send_vpn_packet (vpn_packet *pkt, const sockinfo &si, int tos)
		703	{
		704	if (!vpn->send_vpn_packet (pkt, si, tos))
		705	reset_connection ();
549	}	706	}
550		707
551	void	708	void
552	connection::send_ping (const sockinfo &si, u8 pong)	709	connection::send_ping (const sockinfo &si, u8 pong)
553	{	710	{
…		…
576	void	733	void
577	connection::send_auth_request (const sockinfo &si, bool initiate)	734	connection::send_auth_request (const sockinfo &si, bool initiate)
578	{	735	{
579	auth_req_packet *pkt = new auth_req_packet (conf->id, initiate, THISNODE->protocols);	736	auth_req_packet *pkt = new auth_req_packet (conf->id, initiate, THISNODE->protocols);
580		737
581	protocol = best_protocol (THISNODE->protocols & conf->protocols);
582
583	rsachallenge chg;	738	rsachallenge chg;
584
585	rsa_cache.gen (pkt->id, chg);	739	rsa_cache.gen (pkt->id, chg);
586		740	rsa_encrypt (conf->rsa_key, chg, pkt->encr);
587	if (0 > RSA_public_encrypt (sizeof chg,
588	(unsigned char *)&chg, (unsigned char *)&pkt->encr,
589	conf->rsa_key, RSA_PKCS1_OAEP_PADDING))
590	fatal ("RSA_public_encrypt error");
591		741
592	slog (L_TRACE, ">>%d PT_AUTH_REQ [%s]", conf->id, (const char *)si);	742	slog (L_TRACE, ">>%d PT_AUTH_REQ [%s]", conf->id, (const char *)si);
593		743
		744	send_vpn_packet (pkt, si, IPTOS_RELIABILITY | IPTOS_LOWDELAY); // rsa is very very costly
		745
		746	delete pkt;
		747	}
		748
		749	void
		750	connection::send_auth_response (const sockinfo &si, const rsaid &id, const rsachallenge &chg)
		751	{
		752	auth_res_packet *pkt = new auth_res_packet (conf->id);
		753
		754	pkt->id = id;
		755
		756	rsa_hash (id, chg, pkt->response);
		757
		758	pkt->hmac_set (octx);
		759
		760	slog (L_TRACE, ">>%d PT_AUTH_RES [%s]", conf->id, (const char *)si);
		761
594	send_vpn_packet (pkt, si, IPTOS_RELIABILITY); // rsa is very very costly	762	send_vpn_packet (pkt, si, IPTOS_RELIABILITY); // rsa is very very costly
595		763
596	delete pkt;	764	delete pkt;
597	}	765	}
598		766
599	void	767	void
600	connection::send_auth_response (const sockinfo &si, const rsaid &id, const rsachallenge &chg)
601	{
602	auth_res_packet *pkt = new auth_res_packet (conf->id);
603
604	pkt->id = id;
605
606	rsa_hash (id, chg, pkt->response);
607
608	pkt->hmac_set (octx);
609
610	slog (L_TRACE, ">>%d PT_AUTH_RES [%s]", conf->id, (const char *)si);
611
612	send_vpn_packet (pkt, si, IPTOS_RELIABILITY); // rsa is very very costly
613
614	delete pkt;
615	}
616
617	void
618	connection::send_connect_info (int rid, const sockinfo &rsi, u8 rprotocols)	768	connection::send_connect_info (int rid, const sockinfo &rsi, u8 rprotocols)
619	{	769	{
620	slog (L_TRACE, ">>%d PT_CONNECT_INFO(%d,%s)\n",	770	slog (L_TRACE, ">>%d PT_CONNECT_INFO(%d,%s)",
621	conf->id, rid, (const char *)rsi);	771	conf->id, rid, (const char *)rsi);
622		772
623	connect_info_packet *r = new connect_info_packet (conf->id, rid, rsi, rprotocols);	773	connect_info_packet *r = new connect_info_packet (conf->id, rid, rsi, rprotocols);
624		774
625	r->hmac_set (octx);	775	r->hmac_set (octx);
626	send_vpn_packet (r, si);	776	send_vpn_packet (r, si);
627		777
628	delete r;	778	delete r;
629	}	779	}
630		780
631	void	781	inline void
632	connection::establish_connection_cb (tstamp &ts)	782	connection::establish_connection_cb (ev::timer &w, int revents)
633	{	783	{
634	if (ictx || conf == THISNODE	784	if (!ictx
		785	&& conf != THISNODE
635	|| connectmode == conf_node::C_NEVER	786	&& connectmode != conf_node::C_NEVER
636	|| connectmode == conf_node::C_DISABLED)	787	&& connectmode != conf_node::C_DISABLED
637	ts = TSTAMP_CANCEL;	788	&& !w.is_active ())
638	else if (ts <= NOW)
639	{	789	{
640	double retry_int = double (retry_cnt & 3 ? (retry_cnt & 3) : 1 << (retry_cnt >> 2)) * 0.6;	790	// a bit hacky, if ondemand, and packets are no longer queued, then reset the connection
641		791	// and stop trying. should probably be handled by a per-connection expire handler.
642	if (retry_int < 3600 * 8)	792	if (connectmode == conf_node::C_ONDEMAND && vpn_queue.empty () && data_queue.empty ())
643	retry_cnt++;
644
645	ts = NOW + retry_int;
646
647	if (conf->hostname)
648	{	793	{
649	reset_dstaddr ();	794	reset_connection ();
650	if (si.host && auth_rate_limiter.can (si))	795	return;
651	{
652	if (retry_cnt < 4)
653	send_auth_request (si, true);
654	else
655	send_ping (si, 0);
656	}	796	}
		797
		798	ev::tstamp retry_int = ev::tstamp (retry_cnt & 3
		799	? (retry_cnt & 3) + 1
		800	: 1 << (retry_cnt >> 2));
		801
		802	reset_si ();
		803
		804	bool slow = si.prot & PROT_SLOW;
		805
		806	if (si.prot && !si.host)
		807	{
		808	slog (L_TRACE, _("%s: connection request (indirect)"), conf->nodename);
		809	/*TODO*/ /* start the timer so we don't recurse endlessly */
		810	w.start (1);
		811	vpn->send_connect_request (conf->id);
657	}	812	}
658	else	813	else
659	vpn->connect_request (conf->id);	814	{
		815	slog (L_TRACE, _("%s: connection request (direct)"), conf->nodename, !!ictx, !!octx);
		816
		817	const sockinfo &dsi = forward_si (si);
		818
		819	slow = slow || (dsi.prot & PROT_SLOW);
		820
		821	if (dsi.valid () && auth_rate_limiter.can (dsi))
		822	{
		823	if (retry_cnt < 4)
		824	send_auth_request (dsi, true);
		825	else
		826	send_ping (dsi, 0);
		827	}
		828	}
		829
		830	retry_int *= slow ? 8. : 0.7;
		831
		832	if (retry_int < conf->max_retry)
		833	retry_cnt++;
		834	else
		835	retry_int = conf->max_retry;
		836
		837	w.start (retry_int);
660	}	838	}
661	}	839	}
662		840
663	void	841	void
664	connection::reset_connection ()	842	connection::reset_connection ()
…		…
667	{	845	{
668	slog (L_INFO, _("%s(%s): connection lost"),	846	slog (L_INFO, _("%s(%s): connection lost"),
669	conf->nodename, (const char *)si);	847	conf->nodename, (const char *)si);
670		848
671	if (::conf.script_node_down)	849	if (::conf.script_node_down)
672	run_script (run_script_cb (this, &connection::script_node_down), false);	850	{
		851	run_script_cb cb;
		852	cb.set<connection, &connection::script_node_down> (this);
		853	if (!run_script (cb, false))
		854	slog (L_WARN, _("node-down command execution failed, continuing."));
		855	}
673	}	856	}
674		857
675	delete ictx; ictx = 0;	858	delete ictx; ictx = 0;
676	delete octx; octx = 0;	859	delete octx; octx = 0;
		860	#if ENABLE_DNS
		861	dnsv4_reset_connection ();
		862	#endif
677		863
678	si.host= 0;	864	si.host = 0;
679		865
680	last_activity = 0;	866	last_activity = 0;
681	retry_cnt = 0;	867	retry_cnt = 0;
682		868
683	rekey.reset ();	869	rekey.stop ();
684	keepalive.reset ();	870	keepalive.stop ();
685	establish_connection.reset ();	871	establish_connection.stop ();
686	}	872	}
687		873
688	void	874	void
689	connection::shutdown ()	875	connection::shutdown ()
690	{	876	{
…		…
692	send_reset (si);	878	send_reset (si);
693		879
694	reset_connection ();	880	reset_connection ();
695	}	881	}
696		882
697	void	883	inline void
698	connection::rekey_cb (tstamp &ts)	884	connection::rekey_cb (ev::timer &w, int revents)
699	{	885	{
700	ts = TSTAMP_CANCEL;
701
702	reset_connection ();	886	reset_connection ();
703	establish_connection ();	887	establish_connection ();
704	}	888	}
705		889
706	void	890	void
707	connection::send_data_packet (tap_packet *pkt, bool broadcast)	891	connection::send_data_packet (tap_packet *pkt)
708	{	892	{
709	vpndata_packet *p = new vpndata_packet;	893	vpndata_packet *p = new vpndata_packet;
710	int tos = 0;	894	int tos = 0;
711		895
712	if (conf->inherit_tos	896	// I am not hilarious about peeking into packets, but so be it.
713	&& (*pkt)[12] == 0x08 && (*pkt)[13] == 0x00 // IP	897	if (conf->inherit_tos && pkt->is_ipv4 ())
714	&& ((*pkt)[14] & 0xf0) == 0x40) // IPv4
715	tos = (*pkt)[15] & IPTOS_TOS_MASK;	898	tos = (*pkt)[15] & IPTOS_TOS_MASK;
716		899
717	p->setup (this, broadcast ? 0 : conf->id, &((*pkt)[6 + 6]), pkt->len - 6 - 6, ++oseqno); // skip 2 macs	900	p->setup (this, conf->id, &((*pkt)[6 + 6]), pkt->len - 6 - 6, ++oseqno); // skip 2 macs
718	send_vpn_packet (p, si, tos);	901	send_vpn_packet (p, si, tos);
719		902
720	delete p;	903	delete p;
721		904
722	if (oseqno > MAX_SEQNO)	905	if (oseqno > MAX_SEQNO)
723	rekey ();	906	rekey ();
724	}	907	}
725		908
726	void	909	void
727	connection::inject_data_packet (tap_packet *pkt, bool broadcast)	910	connection::inject_data_packet (tap_packet *pkt, bool broadcast/*TODO DDD*/)
728	{	911	{
729	if (ictx && octx)	912	if (ictx && octx)
730	send_data_packet (pkt, broadcast);	913	send_data_packet (pkt);
731	else	914	else
732	{	915	{
733	if (!broadcast)//DDDD	916	if (!broadcast)
734	queue.put (new tap_packet (*pkt));	917	data_queue.put (new tap_packet (*pkt));
735		918
736	establish_connection ();	919	establish_connection ();
737	}	920	}
738	}	921	}
739		922
		923	void connection::inject_vpn_packet (vpn_packet *pkt, int tos)
		924	{
		925	if (ictx && octx)
		926	send_vpn_packet (pkt, si, tos);
		927	else
		928	{
		929	vpn_queue.put ((vpn_packet *)new data_packet (*(data_packet *)pkt));
		930
		931	establish_connection ();
		932	}
		933	}
		934
740	void	935	void
741	connection::recv_vpn_packet (vpn_packet *pkt, const sockinfo &rsi)	936	connection::recv_vpn_packet (vpn_packet *pkt, const sockinfo &rsi)
742	{	937	{
743	last_activity = NOW;	938	last_activity = ev_now ();
744		939
745	slog (L_NOISE, "<<%d received packet type %d from %d to %d",	940	slog (L_NOISE, "<<%d received packet type %d from %d to %d",
746	conf->id, pkt->typ (), pkt->src (), pkt->dst ());	941	conf->id, pkt->typ (), pkt->src (), pkt->dst ());
747		942
		943	if (connectmode == conf_node::C_DISABLED)
		944	return;
		945
748	switch (pkt->typ ())	946	switch (pkt->typ ())
749	{	947	{
750	case vpn_packet::PT_PING:	948	case vpn_packet::PT_PING:
751	// we send pings instead of auth packets after some retries,	949	// we send pings instead of auth packets after some retries,
752	// so reset the retry counter and establish a connection	950	// so reset the retry counter and establish a connection
753	// when we receive a ping.	951	// when we receive a ping.
754	if (!ictx)	952	if (!ictx)
		953	{
		954	if (auth_rate_limiter.can (rsi))
		955	send_auth_request (rsi, true);
		956	}
		957	else
		958	send_ping (rsi, 1); // pong
		959
		960	break;
		961
		962	case vpn_packet::PT_PONG:
		963	break;
		964
		965	case vpn_packet::PT_RESET:
755	{	966	{
756	if (auth_rate_limiter.can (rsi))	967	reset_connection ();
757	send_auth_request (rsi, true);	968
		969	config_packet *p = (config_packet *) pkt;
		970
		971	if (!p->chk_config ())
		972	{
		973	slog (L_WARN, _("%s(%s): protocol mismatch, disabling node"),
		974	conf->nodename, (const char *)rsi);
		975	connectmode = conf_node::C_DISABLED;
		976	}
		977	else if (connectmode == conf_node::C_ALWAYS)
		978	establish_connection ();
758	}	979	}
759	else
760	send_ping (rsi, 1); // pong
761
762	break;	980	break;
763		981
764	case vpn_packet::PT_PONG:
765	break;
766
767	case vpn_packet::PT_RESET:	982	case vpn_packet::PT_AUTH_REQ:
768	{	983	if (auth_rate_limiter.can (rsi))
769	reset_connection ();
770
771	config_packet *p = (config_packet *) pkt;
772
773	if (!p->chk_config ())
774	{	984	{
		985	auth_req_packet *p = (auth_req_packet *) pkt;
		986
		987	slog (L_TRACE, "<<%d PT_AUTH_REQ(%d)", conf->id, p->initiate);
		988
		989	if (p->chk_config () && !strncmp (p->magic, MAGIC, 8))
		990	{
		991	if (p->prot_minor != PROTOCOL_MINOR)
		992	slog (L_INFO, _("%s(%s): protocol minor version mismatch: ours is %d, %s's is %d."),
		993	conf->nodename, (const char *)rsi,
		994	PROTOCOL_MINOR, conf->nodename, p->prot_minor);
		995
		996	if (p->initiate)
		997	send_auth_request (rsi, false);
		998
		999	rsachallenge k;
		1000
		1001	if (!rsa_decrypt (::conf.rsa_key, p->encr, k))
		1002	{
		1003	slog (L_ERR, _("%s(%s): challenge illegal or corrupted (%s). mismatched key or config file?"),
		1004	conf->nodename, (const char *)rsi, ERR_error_string (ERR_get_error (), 0));
		1005	break;
		1006	}
		1007	else
		1008	{
		1009	delete octx;
		1010
		1011	octx = new crypto_ctx (k, 1);
		1012	oseqno = ntohl (*(u32 *)&k[CHG_SEQNO]) & 0x7fffffff;
		1013
		1014	conf->protocols = p->protocols;
		1015	features = p->features & config_packet::get_features ();
		1016
		1017	send_auth_response (rsi, p->id, k);
		1018
		1019	connection_established ();
		1020
		1021	break;
		1022	}
		1023	}
		1024	else
775	slog (L_WARN, _("%s(%s): protocol mismatch, disabling node"),	1025	slog (L_WARN, _("%s(%s): protocol mismatch"),
776	conf->nodename, (const char *)rsi);	1026	conf->nodename, (const char *)rsi);
777	connectmode = conf_node::C_DISABLED;	1027
		1028	send_reset (rsi);
778	}	1029	}
779	else if (connectmode == conf_node::C_ALWAYS)	1030
780	establish_connection ();
781	}
782	break;	1031	break;
783		1032
784	case vpn_packet::PT_AUTH_REQ:	1033	case vpn_packet::PT_AUTH_RES:
785	if (auth_rate_limiter.can (rsi))
786	{	1034	{
787	auth_req_packet *p = (auth_req_packet *) pkt;	1035	auth_res_packet *p = (auth_res_packet *) pkt;
788		1036
789	slog (L_TRACE, "<<%d PT_AUTH_REQ(%d)", conf->id, p->initiate);	1037	slog (L_TRACE, "<<%d PT_AUTH_RES", conf->id);
790		1038
791	if (p->chk_config () && !strncmp (p->magic, MAGIC, 8))	1039	if (p->chk_config ())
792	{	1040	{
793	if (p->prot_minor != PROTOCOL_MINOR)	1041	if (p->prot_minor != PROTOCOL_MINOR)
794	slog (L_INFO, _("%s(%s): protocol minor version mismatch: ours is %d, %s's is %d."),	1042	slog (L_INFO, _("%s(%s): protocol minor version mismatch: ours is %d, %s's is %d."),
795	conf->nodename, (const char *)rsi,	1043	conf->nodename, (const char *)rsi,
796	PROTOCOL_MINOR, conf->nodename, p->prot_minor);	1044	PROTOCOL_MINOR, conf->nodename, p->prot_minor);
797		1045
798	if (p->initiate)
799	send_auth_request (rsi, false);
800
801	rsachallenge k;	1046	rsachallenge chg;
802		1047
803	if (0 > RSA_private_decrypt (sizeof (p->encr),	1048	if (!rsa_cache.find (p->id, chg))
804	(unsigned char *)&p->encr, (unsigned char *)&k,	1049	{
805	::conf.rsa_key, RSA_PKCS1_OAEP_PADDING))	1050	slog (L_ERR, _("%s(%s): unrequested auth response ignored"),
806	slog (L_ERR, _("%s(%s): challenge illegal or corrupted"),
807	conf->nodename, (const char *)rsi);	1051	conf->nodename, (const char *)rsi);
		1052	break;
		1053	}
808	else	1054	else
809	{	1055	{
810	retry_cnt = 0;	1056	crypto_ctx *cctx = new crypto_ctx (chg, 0);
811	establish_connection.set (NOW + 8); //? ;)	1057
812	keepalive.reset ();	1058	if (!p->hmac_chk (cctx))
		1059	{
		1060	slog (L_ERR, _("%s(%s): hmac authentication error on auth response, received invalid packet\n"
		1061	"could be an attack, or just corruption or a synchronization error"),
		1062	conf->nodename, (const char *)rsi);
		1063	break;
		1064	}
813	rekey.reset ();	1065	else
		1066	{
		1067	rsaresponse h;
814		1068
		1069	rsa_hash (p->id, chg, h);
		1070
		1071	if (!memcmp ((u8 *)&h, (u8 *)p->response, sizeof h))
		1072	{
		1073	prot_minor = p->prot_minor;
		1074
		1075	delete ictx; ictx = cctx;
		1076
		1077	iseqno.reset (ntohl (*(u32 *)&chg[CHG_SEQNO]) & 0x7fffffff); // at least 2**31 sequence numbers are valid
		1078
		1079	si = rsi;
		1080	protocol = rsi.prot;
		1081
		1082	connection_established ();
		1083
		1084	slog (L_INFO, _("%s(%s): connection established, protocol version %d.%d"),
		1085	conf->nodename, (const char *)rsi,
		1086	p->prot_major, p->prot_minor);
		1087
		1088	if (::conf.script_node_up)
		1089	{
		1090	run_script_cb cb;
		1091	cb.set<connection, &connection::script_node_up> (this);
		1092	if (!run_script (cb, false))
		1093	slog (L_WARN, _("node-up command execution failed, continuing."));
		1094	}
		1095
		1096	break;
		1097	}
		1098	else
		1099	slog (L_ERR, _("%s(%s): sent and received challenge do not match"),
		1100	conf->nodename, (const char *)rsi);
		1101	}
		1102
815	delete ictx;	1103	delete cctx;
816	ictx = 0;
817
818	delete octx;
819
820	octx = new crypto_ctx (k, 1);
821	oseqno = ntohl (*(u32 *)&k[CHG_SEQNO]) & 0x7fffffff;
822
823	conf->protocols = p->protocols;
824	send_auth_response (rsi, p->id, k);
825
826	break;
827	}	1104	}
828	}	1105	}
829
830	send_reset (rsi);
831	}	1106	}
832		1107
		1108	send_reset (rsi);
833	break;	1109	break;
834		1110
835	case vpn_packet::PT_AUTH_RES:	1111	case vpn_packet::PT_DATA_COMPRESSED:
836	{	1112	#if !ENABLE_COMPRESSION
837	auth_res_packet *p = (auth_res_packet *) pkt;	1113	send_reset (rsi);
		1114	break;
		1115	#endif
838		1116
839	slog (L_TRACE, "<<%d PT_AUTH_RES", conf->id);	1117	case vpn_packet::PT_DATA_UNCOMPRESSED:
840		1118
841	if (p->chk_config ())	1119	if (ictx && octx)
842	{	1120	{
843	if (p->prot_minor != PROTOCOL_MINOR)	1121	vpndata_packet *p = (vpndata_packet *)pkt;
844	slog (L_INFO, _("%s(%s): protocol minor version mismatch: ours is %d, %s's is %d."),
845	conf->nodename, (const char *)rsi,
846	PROTOCOL_MINOR, conf->nodename, p->prot_minor);
847		1122
848	rsachallenge chg;	1123	if (!p->hmac_chk (ictx))
849		1124	slog (L_ERR, _("%s(%s): hmac authentication error, received invalid packet\n"
850	if (!rsa_cache.find (p->id, chg))	1125	"could be an attack, or just corruption or a synchronization error"),
851	slog (L_ERR, _("%s(%s): unrequested auth response"),
852	conf->nodename, (const char *)rsi);	1126	conf->nodename, (const char *)rsi);
853	else	1127	else
854	{	1128	{
855	crypto_ctx *cctx = new crypto_ctx (chg, 0);
856
857	if (!p->hmac_chk (cctx))
858	slog (L_ERR, _("%s(%s): hmac authentication error on auth response, received invalid packet\n"
859	"could be an attack, or just corruption or an synchronization error"),
860	conf->nodename, (const char *)rsi);
861	else	1129	u32 seqno;
		1130	tap_packet *d = p->unpack (this, seqno);
		1131
		1132	if (iseqno.recv_ok (seqno))
862	{	1133	{
863	rsaresponse h;	1134	vpn->tap->send (d);
864		1135
865	rsa_hash (p->id, chg, h);	1136	if (si != rsi)
866
867	if (!memcmp ((u8 *)&h, (u8 *)p->response, sizeof h))
868	{	1137	{
869	prot_minor = p->prot_minor;	1138	// fast re-sync on source address changes, useful especially for tcp/ip
870
871	delete ictx; ictx = cctx;
872
873	iseqno.reset (ntohl (*(u32 *)&chg[CHG_SEQNO]) & 0x7fffffff); // at least 2**31 sequence numbers are valid
874
875	si = rsi;	1139	si = rsi;
876		1140
877	rekey.set (NOW + ::conf.rekey);	1141	slog (L_INFO, _("%s(%s): socket address changed to %s"),
878	keepalive.set (NOW + ::conf.keepalive);
879
880	// send queued packets
881	while (tap_packet *p = queue.get ())
882	{
883	send_data_packet (p);
884	delete p;
885	}
886
887	connectmode = conf->connectmode;
888
889	slog (L_INFO, _("%s(%s): %s connection established, protocol version %d.%d"),
890	conf->nodename, (const char *)rsi,	1142	conf->nodename, (const char *)si, (const char *)rsi);
891	strprotocol (protocol),
892	p->prot_major, p->prot_minor);
893
894	if (::conf.script_node_up)
895	run_script (run_script_cb (this, &connection::script_node_up), false);
896
897	break;
898	}	1143	}
899	else
900	slog (L_ERR, _("%s(%s): sent and received challenge do not match"),
901	conf->nodename, (const char *)rsi);
902	}	1144	}
903		1145
904	delete cctx;	1146	delete d;
		1147	break;
905	}	1148	}
906	}	1149	}
907	}
908		1150
909	send_reset (rsi);	1151	send_reset (rsi);
910	break;	1152	break;
911		1153
912	case vpn_packet::PT_DATA_COMPRESSED:
913	#if !ENABLE_COMPRESSION
914	send_reset (rsi);
915	break;
916	#endif
917
918	case vpn_packet::PT_DATA_UNCOMPRESSED:
919
920	if (ictx && octx)
921	{
922	vpndata_packet *p = (vpndata_packet *)pkt;
923
924	if (rsi == si)
925	{
926	if (!p->hmac_chk (ictx))
927	slog (L_ERR, _("%s(%s): hmac authentication error, received invalid packet\n"
928	"could be an attack, or just corruption or an synchronization error"),
929	conf->nodename, (const char *)rsi);
930	else
931	{
932	u32 seqno;
933	tap_packet *d = p->unpack (this, seqno);
934
935	if (iseqno.recv_ok (seqno))
936	{
937	vpn->tap->send (d);
938
939	if (p->dst () == 0) // re-broadcast
940	for (vpn::conns_vector::iterator i = vpn->conns.begin (); i != vpn->conns.end (); ++i)
941	{
942	connection *c = *i;
943
944	if (c->conf != THISNODE && c->conf != conf)
945	c->inject_data_packet (d);
946	}
947
948	delete d;
949
950	break;
951	}
952	}
953	}
954	else
955	slog (L_ERR, _("received data packet from unknown source %s"), (const char *)rsi);
956	}
957
958	send_reset (rsi);
959	break;
960
961	case vpn_packet::PT_CONNECT_REQ:	1154	case vpn_packet::PT_CONNECT_REQ:
962	if (ictx && octx && rsi == si && pkt->hmac_chk (ictx))	1155	if (ictx && octx && rsi == si && pkt->hmac_chk (ictx))
963	{	1156	{
964	connect_req_packet *p = (connect_req_packet *) pkt;	1157	connect_req_packet *p = (connect_req_packet *) pkt;
965		1158
966	assert (p->id > 0 && p->id <= vpn->conns.size ()); // hmac-auth does not mean we accept anything	1159	if (p->id > 0 && p->id <= vpn->conns.size ())
967	conf->protocols = p->protocols;	1160	{
968	connection *c = vpn->conns[p->id - 1];	1161	connection *c = vpn->conns[p->id - 1];
		1162	conf->protocols = p->protocols;
969		1163
970	slog (L_TRACE, "<<%d PT_CONNECT_REQ(%d) [%d]\n",	1164	slog (L_TRACE, "<<%d PT_CONNECT_REQ(%d) [%d]",
971	conf->id, p->id, c->ictx && c->octx);	1165	conf->id, p->id, c->ictx && c->octx);
972		1166
973	if (c->ictx && c->octx)	1167	if (c->ictx && c->octx)
974	{	1168	{
975	// send connect_info packets to both sides, in case one is	1169	// send connect_info packets to both sides, in case one is
976	// behind a nat firewall (or both ;)	1170	// behind a nat firewall (or both ;)
977	c->send_connect_info (conf->id, si, conf->protocols);	1171	c->send_connect_info (conf->id, si, conf->protocols);
978	send_connect_info (c->conf->id, c->si, c->conf->protocols);	1172	send_connect_info (c->conf->id, c->si, c->conf->protocols);
		1173	}
		1174	else
		1175	c->establish_connection ();
979	}	1176	}
		1177	else
		1178	slog (L_WARN,
		1179	_("received authenticated connection request from unknown node #%d, config file mismatch?"),
		1180	p->id);
980	}	1181	}
981		1182
982	break;	1183	break;
983		1184
984	case vpn_packet::PT_CONNECT_INFO:	1185	case vpn_packet::PT_CONNECT_INFO:
985	if (ictx && octx && rsi == si && pkt->hmac_chk (ictx))	1186	if (ictx && octx && rsi == si && pkt->hmac_chk (ictx))
986	{	1187	{
987	connect_info_packet *p = (connect_info_packet *) pkt;	1188	connect_info_packet *p = (connect_info_packet *)pkt;
988		1189
989	assert (p->id > 0 && p->id <= vpn->conns.size ()); // hmac-auth does not mean we accept anything	1190	if (p->id > 0 && p->id <= vpn->conns.size ())
990	conf->protocols = p->protocols;	1191	{
991	connection *c = vpn->conns[p->id - 1];	1192	connection *c = vpn->conns[p->id - 1];
992		1193
		1194	c->conf->protocols = p->protocols;
		1195	protocol = best_protocol (c->conf->protocols & THISNODE->protocols & p->si.supported_protocols (c->conf));
		1196	p->si.upgrade_protocol (protocol, c->conf);
		1197
993	slog (L_TRACE, "<<%d PT_CONNECT_INFO(%d,%s) (%d)",	1198	slog (L_TRACE, "<<%d PT_CONNECT_INFO(%d,%s) (%d)",
994	conf->id, p->id, (const char *)p->si, !c->ictx && !c->octx);	1199	conf->id, p->id, (const char *)p->si, !c->ictx && !c->octx);
995		1200
		1201	const sockinfo &dsi = forward_si (p->si);
		1202
		1203	if (dsi.valid ())
996	c->send_auth_request (p->si, true);	1204	c->send_auth_request (dsi, true);
		1205	}
		1206	else
		1207	slog (L_WARN,
		1208	_("received authenticated connection request from unknown node #%d, config file mismatch?"),
		1209	p->id);
997	}	1210	}
998		1211
999	break;	1212	break;
1000		1213
1001	default:	1214	default:
1002	send_reset (rsi);	1215	send_reset (rsi);
1003	break;	1216	break;
1004
1005	}	1217	}
1006	}	1218	}
1007		1219
1008	void connection::keepalive_cb (tstamp &ts)	1220	inline void
		1221	connection::keepalive_cb (ev::timer &w, int revents)
1009	{	1222	{
1010	if (NOW >= last_activity + ::conf.keepalive + 30)	1223	if (ev_now () >= last_activity + ::conf.keepalive + 30)
1011	{	1224	{
1012	reset_connection ();	1225	reset_connection ();
1013	establish_connection ();	1226	establish_connection ();
1014	}	1227	}
1015	else if (NOW < last_activity + ::conf.keepalive)	1228	else if (ev_now () < last_activity + ::conf.keepalive)
1016	ts = last_activity + ::conf.keepalive;	1229	w.start (last_activity + ::conf.keepalive - ev::now ());
1017	else if (conf->connectmode != conf_node::C_ONDEMAND	1230	else if (conf->connectmode != conf_node::C_ONDEMAND
1018	|| THISNODE->connectmode != conf_node::C_ONDEMAND)	1231	|| THISNODE->connectmode != conf_node::C_ONDEMAND)
1019	{	1232	{
1020	send_ping (si);	1233	send_ping (si);
1021	ts = NOW + 5;	1234	w.start (5);
1022	}	1235	}
		1236	else if (ev_now () < last_activity + ::conf.keepalive + 10)
		1237	// hold ondemand connections implicitly a few seconds longer
		1238	// should delete octx, though, or something like that ;)
		1239	w.start (last_activity + ::conf.keepalive + 10 - ev::now ());
1023	else	1240	else
1024	reset_connection ();	1241	reset_connection ();
1025	}	1242	}
1026		1243
1027	void connection::connect_request (int id)	1244	void connection::send_connect_request (int id)
1028	{	1245	{
1029	connect_req_packet *p = new connect_req_packet (conf->id, id, conf->protocols);	1246	connect_req_packet *p = new connect_req_packet (conf->id, id, conf->protocols);
1030		1247
1031	slog (L_TRACE, ">>%d PT_CONNECT_REQ(%d)", conf->id, id);	1248	slog (L_TRACE, ">>%d PT_CONNECT_REQ(%d)", conf->id, id);
1032	p->hmac_set (octx);	1249	p->hmac_set (octx);
1033	send_vpn_packet (p, si);	1250	send_vpn_packet (p, si);
1034		1251
1035	delete p;	1252	delete p;
1036	}	1253	}
1037		1254
		1255	void connection::script_init_env (const char *ext)
		1256	{
		1257	char *env;
		1258	asprintf (&env, "IFUPDATA%s=%s", ext, conf->if_up_data); putenv (env);
		1259	asprintf (&env, "NODENAME%s=%s", ext, conf->nodename); putenv (env);
		1260	asprintf (&env, "MAC%s=%02x:%02x:%02x:%02x:%02x:%02x", ext,
		1261	0xfe, 0xfd, 0x80, 0x00, conf->id >> 8,
		1262	conf->id & 0xff); putenv (env);
		1263	}
		1264
1038	void connection::script_node ()	1265	void connection::script_init_connect_env ()
1039	{	1266	{
1040	vpn->script_if_up (0);	1267	vpn->script_init_env ();
1041		1268
1042	char *env;	1269	char *env;
1043	asprintf (&env, "DESTID=%d", conf->id); putenv (env);	1270	asprintf (&env, "DESTID=%d", conf->id); putenv (env);
1044	asprintf (&env, "DESTNODE=%s", conf->nodename); putenv (env);	1271	asprintf (&env, "DESTNODE=%s", conf->nodename); putenv (env);
1045	asprintf (&env, "DESTIP=%s", si.ntoa ()); putenv (env);	1272	asprintf (&env, "DESTIP=%s", si.ntoa ()); putenv (env);
1046	asprintf (&env, "DESTPORT=%d", ntohs (si.port)); putenv (env);	1273	asprintf (&env, "DESTPORT=%d", ntohs (si.port)); putenv (env);
1047	}	1274	}
1048		1275
		1276	inline const char *
1049	const char *connection::script_node_up (int)	1277	connection::script_node_up ()
1050	{	1278	{
1051	script_node ();	1279	script_init_connect_env ();
1052		1280
1053	putenv ("STATE=up");	1281	putenv ((char *)"STATE=up");
1054		1282
		1283	char *filename;
		1284	asprintf (&filename,
		1285	"%s/%s",
		1286	confbase,
1055	return ::conf.script_node_up ? ::conf.script_node_up : "node-up";	1287	::conf.script_node_up ? ::conf.script_node_up : "node-up");
1056	}
1057		1288
		1289	return filename;
		1290	}
		1291
		1292	inline const char *
1058	const char *connection::script_node_down (int)	1293	connection::script_node_down ()
1059	{	1294	{
1060	script_node ();	1295	script_init_connect_env ();
1061		1296
1062	putenv ("STATE=down");	1297	putenv ((char *)"STATE=down");
1063		1298
1064	return ::conf.script_node_up ? ::conf.script_node_down : "node-down";	1299	char *filename;
1065	}	1300	asprintf (&filename,
		1301	"%s/%s",
		1302	confbase,
		1303	::conf.script_node_down ? ::conf.script_node_down : "node-down");
1066		1304
1067	// send a vpn packet out to other hosts	1305	return filename;
1068	void
1069	connection::send_vpn_packet (vpn_packet *pkt, const sockinfo &si, int tos)
1070	{
1071	if (protocol & PROT_IPv4)
1072	vpn->send_ipv4_packet (pkt, si, tos);
1073	else
1074	vpn->send_udpv4_packet (pkt, si, tos);
1075	}	1306	}
1076		1307
1077	connection::connection(struct vpn *vpn_)	1308	connection::connection (struct vpn *vpn, conf_node *conf)
1078	: vpn(vpn_)	1309	: vpn(vpn), conf(conf),
1079	, rekey (this, &connection::rekey_cb)	1310	#if ENABLE_DNS
1080	, keepalive (this, &connection::keepalive_cb)	1311	dns (0),
		1312	#endif
		1313	data_queue(conf->max_ttl, conf->max_queue),
		1314	vpn_queue(conf->max_ttl, conf->max_queue)
		1315	{
		1316	rekey .set<connection, &connection::rekey_cb > (this);
		1317	keepalive .set<connection, &connection::keepalive_cb > (this);
1081	, establish_connection (this, &connection::establish_connection_cb)	1318	establish_connection.set<connection, &connection::establish_connection_cb> (this);
1082	{	1319
1083	octx = ictx = 0;	1320	octx = ictx = 0;
1084	retry_cnt = 0;	1321	retry_cnt = 0;
1085		1322
1086	connectmode = conf_node::C_ALWAYS; // initial setting	1323	if (!conf->protocols) // make sure some protocol is enabled
		1324	conf->protocols = PROT_UDPv4;
		1325
		1326	connectmode = conf->connectmode;
		1327
		1328	// queue a dummy packet to force an initial connection attempt
		1329	if (connectmode != conf_node::C_ALWAYS && connectmode != conf_node::C_DISABLED)
		1330	{
		1331	net_packet *p = new net_packet;
		1332	p->len = 0;
		1333	vpn_queue.put (p);
		1334	}
		1335
1087	reset_connection ();	1336	reset_connection ();
1088	}	1337	}
1089		1338
1090	connection::~connection ()	1339	connection::~connection ()
1091	{	1340	{

Diff Legend

–	Removed lines
+	Added lines
<	Changed lines
>	Changed lines