ViewVC Help
View File | Revision Log | Show Annotations | Download File
/cvs/gvpe/src/connection.C
Revision: 1.19
Committed: Tue Oct 14 03:22:09 2003 UTC (20 years, 7 months ago) by pcg
Content type: text/plain
Branch: MAIN
Changes since 1.18: +17 -0 lines
Log Message: 
*** empty log message ***

File Contents

# Content
1 /*
2 connection.C -- manage a single connection
3
4 This program is free software; you can redistribute it and/or modify
5 it under the terms of the GNU General Public License as published by
6 the Free Software Foundation; either version 2 of the License, or
7 (at your option) any later version.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc. 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
17 */
18
19 #include "config.h"
20
21 extern "C" {
22 # include "lzf/lzf.h"
23 }
24
25 #include <list>
26
27 #include <openssl/rand.h>
28 #include <openssl/evp.h>
29 #include <openssl/rsa.h>
30 #include <openssl/err.h>
31
32 #include "gettext.h"
33
34 #include "conf.h"
35 #include "slog.h"
36 #include "device.h"
37 #include "vpn.h"
38 #include "connection.h"
39
40 #include <sys/socket.h>
41 #ifdef HAVE_NETINET_IN_H
42 # include <netinet/in.h>
43 #endif
44 #include <arpa/inet.h>
45 #include <net/if.h>
46 #ifdef HAVE_NETINET_IN_SYSTM_H
47 # include <netinet/in_systm.h>
48 #endif
49 #ifdef HAVE_NETINET_IP_H
50 # include <netinet/ip.h>
51 #endif
52
53 #ifndef IPTOS_TOS_MASK
54 # define IPTOS_TOS_MASK (IPTOS_LOWDELAY | IPTOS_THROUGHPUT | IPTOS_RELIABILITY | IPTOS_MINCOST)
55 #endif
56
57 #if !HAVE_RAND_PSEUDO_BYTES
58 # define RAND_pseudo_bytes RAND_bytes
59 #endif
60
61 #define MAGIC "vped\xbd\xc6\xdb\x82" // 8 bytes of magic
62
63 struct crypto_ctx
64 {
65 EVP_CIPHER_CTX cctx;
66 HMAC_CTX hctx;
67
68 crypto_ctx (const rsachallenge &challenge, int enc);
69 ~crypto_ctx ();
70 };
71
72 crypto_ctx::crypto_ctx (const rsachallenge &challenge, int enc)
73 {
74 EVP_CIPHER_CTX_init (&cctx);
75 EVP_CipherInit_ex (&cctx, CIPHER, 0, &challenge[CHG_CIPHER_KEY], 0, enc);
76 HMAC_CTX_init (&hctx);
77 HMAC_Init_ex (&hctx, &challenge[CHG_HMAC_KEY], HMAC_KEYLEN, DIGEST, 0);
78 }
79
80 crypto_ctx::~crypto_ctx ()
81 {
82 EVP_CIPHER_CTX_cleanup (&cctx);
83 HMAC_CTX_cleanup (&hctx);
84 }
85
86 static void
87 rsa_hash (const rsaid &id, const rsachallenge &chg, rsaresponse &h)
88 {
89 EVP_MD_CTX ctx;
90
91 EVP_MD_CTX_init (&ctx);
92 EVP_DigestInit (&ctx, RSA_HASH);
93 EVP_DigestUpdate(&ctx, &chg, sizeof chg);
94 EVP_DigestUpdate(&ctx, &id, sizeof id);
95 EVP_DigestFinal (&ctx, (unsigned char *)&h, 0);
96 EVP_MD_CTX_cleanup (&ctx);
97 }
98
99 struct rsa_entry {
100 tstamp expire;
101 rsaid id;
102 rsachallenge chg;
103 };
104
105 struct rsa_cache : list<rsa_entry>
106 {
107 void cleaner_cb (time_watcher &w); time_watcher cleaner;
108
109 bool find (const rsaid &id, rsachallenge &chg)
110 {
111 for (iterator i = begin (); i != end (); ++i)
112 {
113 if (!memcmp (&id, &i->id, sizeof id) && i->expire > NOW)
114 {
115 memcpy (&chg, &i->chg, sizeof chg);
116
117 erase (i);
118 return true;
119 }
120 }
121
122 if (cleaner.at < NOW)
123 cleaner.start (NOW + RSA_TTL);
124
125 return false;
126 }
127
128 void gen (rsaid &id, rsachallenge &chg)
129 {
130 rsa_entry e;
131
132 RAND_bytes ((unsigned char *)&id, sizeof id);
133 RAND_bytes ((unsigned char *)&chg, sizeof chg);
134
135 e.expire = NOW + RSA_TTL;
136 e.id = id;
137 memcpy (&e.chg, &chg, sizeof chg);
138
139 push_back (e);
140
141 if (cleaner.at < NOW)
142 cleaner.start (NOW + RSA_TTL);
143 }
144
145 rsa_cache ()
146 : cleaner (this, &rsa_cache::cleaner_cb)
147 { }
148
149 } rsa_cache;
150
151 void rsa_cache::cleaner_cb (time_watcher &w)
152 {
153 if (empty ())
154 w.at = TSTAMP_CANCEL;
155 else
156 {
157 w.at = NOW + RSA_TTL;
158
159 for (iterator i = begin (); i != end (); )
160 if (i->expire <= NOW)
161 i = erase (i);
162 else
163 ++i;
164 }
165 }
166
167 //////////////////////////////////////////////////////////////////////////////
168
169 void pkt_queue::put (net_packet *p)
170 {
171 if (queue[i])
172 {
173 delete queue[i];
174 j = (j + 1) % QUEUEDEPTH;
175 }
176
177 queue[i] = p;
178
179 i = (i + 1) % QUEUEDEPTH;
180 }
181
182 net_packet *pkt_queue::get ()
183 {
184 net_packet *p = queue[j];
185
186 if (p)
187 {
188 queue[j] = 0;
189 j = (j + 1) % QUEUEDEPTH;
190 }
191
192 return p;
193 }
194
195 pkt_queue::pkt_queue ()
196 {
197 memset (queue, 0, sizeof (queue));
198 i = 0;
199 j = 0;
200 }
201
202 pkt_queue::~pkt_queue ()
203 {
204 for (i = QUEUEDEPTH; --i > 0; )
205 delete queue[i];
206 }
207
208 struct net_rateinfo {
209 u32 host;
210 double pcnt, diff;
211 tstamp last;
212 };
213
214 // only do action once every x seconds per host whole allowing bursts.
215 // this implementation ("splay list" ;) is inefficient,
216 // but low on resources.
217 struct net_rate_limiter : list<net_rateinfo>
218 {
219 static const double ALPHA = 1. - 1. / 600.; // allow bursts
220 static const double CUTOFF = 10.; // one event every CUTOFF seconds
221 static const double EXPIRE = CUTOFF * 30.; // expire entries after this time
222 static const double MAXDIF = CUTOFF * (1. / (1. - ALPHA)); // maximum diff /count value
223
224 bool can (const sockinfo &si) { return can((u32)si.host); }
225 bool can (u32 host);
226 };
227
228 net_rate_limiter auth_rate_limiter, reset_rate_limiter;
229
230 bool net_rate_limiter::can (u32 host)
231 {
232 iterator i;
233
234 for (i = begin (); i != end (); )
235 if (i->host == host)
236 break;
237 else if (i->last < NOW - EXPIRE)
238 i = erase (i);
239 else
240 i++;
241
242 if (i == end ())
243 {
244 net_rateinfo ri;
245
246 ri.host = host;
247 ri.pcnt = 1.;
248 ri.diff = MAXDIF;
249 ri.last = NOW;
250
251 push_front (ri);
252
253 return true;
254 }
255 else
256 {
257 net_rateinfo ri (*i);
258 erase (i);
259
260 ri.pcnt = ri.pcnt * ALPHA;
261 ri.diff = ri.diff * ALPHA + (NOW - ri.last);
262
263 ri.last = NOW;
264
265 double dif = ri.diff / ri.pcnt;
266
267 bool send = dif > CUTOFF;
268
269 if (dif > MAXDIF)
270 {
271 ri.pcnt = 1.;
272 ri.diff = MAXDIF;
273 }
274 else if (send)
275 ri.pcnt++;
276
277 push_front (ri);
278
279 return send;
280 }
281 }
282
283 /////////////////////////////////////////////////////////////////////////////
284
285 unsigned char hmac_packet::hmac_digest[EVP_MAX_MD_SIZE];
286
287 void hmac_packet::hmac_gen (crypto_ctx *ctx)
288 {
289 unsigned int xlen;
290
291 HMAC_CTX *hctx = &ctx->hctx;
292
293 HMAC_Init_ex (hctx, 0, 0, 0, 0);
294 HMAC_Update (hctx, ((unsigned char *) this) + sizeof (hmac_packet),
295 len - sizeof (hmac_packet));
296 HMAC_Final (hctx, (unsigned char *) &hmac_digest, &xlen);
297 }
298
299 void
300 hmac_packet::hmac_set (crypto_ctx *ctx)
301 {
302 hmac_gen (ctx);
303
304 memcpy (hmac, hmac_digest, HMACLENGTH);
305 }
306
307 bool
308 hmac_packet::hmac_chk (crypto_ctx *ctx)
309 {
310 hmac_gen (ctx);
311
312 return !memcmp (hmac, hmac_digest, HMACLENGTH);
313 }
314
315 void vpn_packet::set_hdr (ptype type_, unsigned int dst)
316 {
317 type = type_;
318
319 int src = THISNODE->id;
320
321 src1 = src;
322 srcdst = ((src >> 8) << 4) | (dst >> 8);
323 dst1 = dst;
324 }
325
326 #define MAXVPNDATA (MAX_MTU - 6 - 6)
327 #define DATAHDR (sizeof (u32) + RAND_SIZE)
328
329 struct vpndata_packet:vpn_packet
330 {
331 u8 data[MAXVPNDATA + DATAHDR]; // seqno
332
333 void setup (connection *conn, int dst, u8 *d, u32 len, u32 seqno);
334 tap_packet *unpack (connection *conn, u32 &seqno);
335 private:
336
337 const u32 data_hdr_size () const
338 {
339 return sizeof (vpndata_packet) - sizeof (net_packet) - MAXVPNDATA - DATAHDR;
340 }
341 };
342
343 void
344 vpndata_packet::setup (connection *conn, int dst, u8 *d, u32 l, u32 seqno)
345 {
346 EVP_CIPHER_CTX *cctx = &conn->octx->cctx;
347 int outl = 0, outl2;
348 ptype type = PT_DATA_UNCOMPRESSED;
349
350 #if ENABLE_COMPRESSION
351 u8 cdata[MAX_MTU];
352 u32 cl;
353
354 cl = lzf_compress (d, l, cdata + 2, (l - 2) & ~7);
355 if (cl)
356 {
357 type = PT_DATA_COMPRESSED;
358 d = cdata;
359 l = cl + 2;
360
361 d[0] = cl >> 8;
362 d[1] = cl;
363 }
364 #endif
365
366 EVP_EncryptInit_ex (cctx, 0, 0, 0, 0);
367
368 struct {
369 #if RAND_SIZE
370 u8 rnd[RAND_SIZE];
371 #endif
372 u32 seqno;
373 } datahdr;
374
375 datahdr.seqno = ntohl (seqno);
376 #if RAND_SIZE
377 RAND_pseudo_bytes ((unsigned char *) datahdr.rnd, RAND_SIZE);
378 #endif
379
380 EVP_EncryptUpdate (cctx,
381 (unsigned char *) data + outl, &outl2,
382 (unsigned char *) &datahdr, DATAHDR);
383 outl += outl2;
384
385 EVP_EncryptUpdate (cctx,
386 (unsigned char *) data + outl, &outl2,
387 (unsigned char *) d, l);
388 outl += outl2;
389
390 EVP_EncryptFinal_ex (cctx, (unsigned char *) data + outl, &outl2);
391 outl += outl2;
392
393 len = outl + data_hdr_size ();
394
395 set_hdr (type, dst);
396
397 hmac_set (conn->octx);
398 }
399
400 tap_packet *
401 vpndata_packet::unpack (connection *conn, u32 &seqno)
402 {
403 EVP_CIPHER_CTX *cctx = &conn->ictx->cctx;
404 int outl = 0, outl2;
405 tap_packet *p = new tap_packet;
406 u8 *d;
407 u32 l = len - data_hdr_size ();
408
409 EVP_DecryptInit_ex (cctx, 0, 0, 0, 0);
410
411 #if ENABLE_COMPRESSION
412 u8 cdata[MAX_MTU];
413
414 if (type == PT_DATA_COMPRESSED)
415 d = cdata;
416 else
417 #endif
418 d = &(*p)[6 + 6 - DATAHDR];
419
420 /* this overwrites part of the src mac, but we fix that later */
421 EVP_DecryptUpdate (cctx,
422 d, &outl2,
423 (unsigned char *)&data, len - data_hdr_size ());
424 outl += outl2;
425
426 EVP_DecryptFinal_ex (cctx, (unsigned char *)d + outl, &outl2);
427 outl += outl2;
428
429 seqno = ntohl (*(u32 *)(d + RAND_SIZE));
430
431 id2mac (dst () ? dst() : THISNODE->id, p->dst);
432 id2mac (src (), p->src);
433
434 #if ENABLE_COMPRESSION
435 if (type == PT_DATA_COMPRESSED)
436 {
437 u32 cl = (d[DATAHDR] << 8) | d[DATAHDR + 1];
438
439 p->len = lzf_decompress (d + DATAHDR + 2, cl < MAX_MTU ? cl : 0,
440 &(*p)[6 + 6], MAX_MTU)
441 + 6 + 6;
442 }
443 else
444 p->len = outl + (6 + 6 - DATAHDR);
445 #endif
446
447 return p;
448 }
449
450 struct ping_packet : vpn_packet
451 {
452 void setup (int dst, ptype type)
453 {
454 set_hdr (type, dst);
455 len = sizeof (*this) - sizeof (net_packet);
456 }
457 };
458
459 struct config_packet : vpn_packet
460 {
461 // actually, hmaclen cannot be checked because the hmac
462 // field comes before this data, so peers with other
463 // hmacs simply will not work.
464 u8 prot_major, prot_minor, randsize, hmaclen;
465 u8 flags, challengelen, pad2, pad3;
466 u32 cipher_nid, digest_nid, hmac_nid;
467
468 const u8 curflags () const
469 {
470 return 0x80
471 | (ENABLE_COMPRESSION ? 0x01 : 0x00);
472 }
473
474 void setup (ptype type, int dst);
475 bool chk_config () const;
476 };
477
478 void config_packet::setup (ptype type, int dst)
479 {
480 prot_major = PROTOCOL_MAJOR;
481 prot_minor = PROTOCOL_MINOR;
482 randsize = RAND_SIZE;
483 hmaclen = HMACLENGTH;
484 flags = curflags ();
485 challengelen = sizeof (rsachallenge);
486
487 cipher_nid = htonl (EVP_CIPHER_nid (CIPHER));
488 digest_nid = htonl (EVP_MD_type (RSA_HASH));
489 hmac_nid = htonl (EVP_MD_type (DIGEST));
490
491 len = sizeof (*this) - sizeof (net_packet);
492 set_hdr (type, dst);
493 }
494
495 bool config_packet::chk_config () const
496 {
497 if (prot_major != PROTOCOL_MAJOR)
498 slog (L_WARN, _("major version mismatch (%d <=> %d)"), prot_major, PROTOCOL_MAJOR);
499 else if (randsize != RAND_SIZE)
500 slog (L_WARN, _("rand size mismatch (%d <=> %d)"), randsize, RAND_SIZE);
501 else if (hmaclen != HMACLENGTH)
502 slog (L_WARN, _("hmac length mismatch (%d <=> %d)"), hmaclen, HMACLENGTH);
503 else if (flags != curflags ())
504 slog (L_WARN, _("flag mismatch (%x <=> %x)"), flags, curflags ());
505 else if (challengelen != sizeof (rsachallenge))
506 slog (L_WARN, _("challenge length mismatch (%d <=> %d)"), challengelen, sizeof (rsachallenge));
507 else if (cipher_nid != htonl (EVP_CIPHER_nid (CIPHER)))
508 slog (L_WARN, _("cipher mismatch (%x <=> %x)"), ntohl (cipher_nid), EVP_CIPHER_nid (CIPHER));
509 else if (digest_nid != htonl (EVP_MD_type (RSA_HASH)))
510 slog (L_WARN, _("digest mismatch (%x <=> %x)"), ntohl (digest_nid), EVP_MD_type (RSA_HASH));
511 else if (hmac_nid != htonl (EVP_MD_type (DIGEST)))
512 slog (L_WARN, _("hmac mismatch (%x <=> %x)"), ntohl (hmac_nid), EVP_MD_type (DIGEST));
513 else
514 return true;
515
516 return false;
517 }
518
519 struct auth_req_packet : config_packet
520 {
521 char magic[8];
522 u8 initiate; // false if this is just an automatic reply
523 u8 protocols; // supported protocols (will get patches on forward)
524 u8 pad2, pad3;
525 rsaid id;
526 rsaencrdata encr;
527
528 auth_req_packet (int dst, bool initiate_, u8 protocols_)
529 {
530 config_packet::setup (PT_AUTH_REQ, dst);
531 strncpy (magic, MAGIC, 8);
532 initiate = !!initiate_;
533 protocols = protocols_;
534
535 len = sizeof (*this) - sizeof (net_packet);
536 }
537 };
538
539 struct auth_res_packet : config_packet
540 {
541 rsaid id;
542 u8 pad1, pad2, pad3;
543 u8 response_len; // encrypted length
544 rsaresponse response;
545
546 auth_res_packet (int dst)
547 {
548 config_packet::setup (PT_AUTH_RES, dst);
549
550 len = sizeof (*this) - sizeof (net_packet);
551 }
552 };
553
554 struct connect_req_packet : vpn_packet
555 {
556 u8 id, protocols;
557 u8 pad1, pad2;
558
559 connect_req_packet (int dst, int id_, u8 protocols_)
560 : id(id_)
561 , protocols(protocols_)
562 {
563 set_hdr (PT_CONNECT_REQ, dst);
564 len = sizeof (*this) - sizeof (net_packet);
565 }
566 };
567
568 struct connect_info_packet : vpn_packet
569 {
570 u8 id, protocols;
571 u8 pad1, pad2;
572 sockinfo si;
573
574 connect_info_packet (int dst, int id_, const sockinfo &si_, u8 protocols_)
575 : id(id_)
576 , protocols(protocols_)
577 , si(si_)
578 {
579 set_hdr (PT_CONNECT_INFO, dst);
580
581 len = sizeof (*this) - sizeof (net_packet);
582 }
583 };
584
585 /////////////////////////////////////////////////////////////////////////////
586
587 void
588 connection::connection_established ()
589 {
590 if (ictx && octx)
591 {
592 connectmode = conf->connectmode;
593
594 rekey.start (NOW + ::conf.rekey);
595 keepalive.start (NOW + ::conf.keepalive);
596
597 // send queued packets
598 if (ictx && octx)
599 {
600 while (tap_packet *p = (tap_packet *)data_queue.get ())
601 {
602 send_data_packet (p);
603 delete p;
604 }
605
606 while (vpn_packet *p = (vpn_packet *)vpn_queue.get ())
607 {
608 send_vpn_packet (p, si, IPTOS_RELIABILITY);
609 delete p;
610 }
611 }
612 }
613 else
614 {
615 retry_cnt = 0;
616 establish_connection.start (NOW + 5);
617 keepalive.reset ();
618 rekey.reset ();
619 }
620 }
621
622 void
623 connection::reset_si ()
624 {
625 protocol = best_protocol (THISNODE->protocols & conf->protocols);
626
627 // mask out protocols we cannot establish
628 if (!conf->udp_port) protocol &= ~PROT_UDPv4;
629 if (!conf->tcp_port) protocol &= ~PROT_TCPv4;
630
631 si.set (conf, protocol);
632 }
633
634 // ensure sockinfo is valid, forward if necessary
635 const sockinfo &
636 connection::forward_si (const sockinfo &si) const
637 {
638 if (!si.valid ())
639 {
640 connection *r = vpn->find_router ();
641
642 if (r)
643 {
644 slog (L_DEBUG, _("%s: no common protocol, trying indirectly through %s"),
645 conf->nodename, r->conf->nodename);
646 return r->si;
647 }
648 else
649 slog (L_DEBUG, _("%s: node unreachable, no common protocol"),
650 conf->nodename);
651 }
652
653 return si;
654 }
655
656 void
657 connection::send_vpn_packet (vpn_packet *pkt, const sockinfo &si, int tos)
658 {
659 if (!vpn->send_vpn_packet (pkt, si, tos))
660 reset_connection ();
661 }
662
663 void
664 connection::send_ping (const sockinfo &si, u8 pong)
665 {
666 ping_packet *pkt = new ping_packet;
667
668 pkt->setup (conf->id, pong ? ping_packet::PT_PONG : ping_packet::PT_PING);
669 send_vpn_packet (pkt, si, IPTOS_LOWDELAY);
670
671 delete pkt;
672 }
673
674 void
675 connection::send_reset (const sockinfo &si)
676 {
677 if (reset_rate_limiter.can (si) && connectmode != conf_node::C_DISABLED)
678 {
679 config_packet *pkt = new config_packet;
680
681 pkt->setup (vpn_packet::PT_RESET, conf->id);
682 send_vpn_packet (pkt, si, IPTOS_MINCOST);
683
684 delete pkt;
685 }
686 }
687
688 void
689 connection::send_auth_request (const sockinfo &si, bool initiate)
690 {
691 auth_req_packet *pkt = new auth_req_packet (conf->id, initiate, THISNODE->protocols);
692
693 rsachallenge chg;
694
695 rsa_cache.gen (pkt->id, chg);
696
697 if (0 > RSA_public_encrypt (sizeof chg,
698 (unsigned char *)&chg, (unsigned char *)&pkt->encr,
699 conf->rsa_key, RSA_PKCS1_OAEP_PADDING))
700 fatal ("RSA_public_encrypt error");
701
702 slog (L_TRACE, ">>%d PT_AUTH_REQ [%s]", conf->id, (const char *)si);
703
704 send_vpn_packet (pkt, si, IPTOS_RELIABILITY | IPTOS_LOWDELAY); // rsa is very very costly
705
706 delete pkt;
707 }
708
709 void
710 connection::send_auth_response (const sockinfo &si, const rsaid &id, const rsachallenge &chg)
711 {
712 auth_res_packet *pkt = new auth_res_packet (conf->id);
713
714 pkt->id = id;
715
716 rsa_hash (id, chg, pkt->response);
717
718 pkt->hmac_set (octx);
719
720 slog (L_TRACE, ">>%d PT_AUTH_RES [%s]", conf->id, (const char *)si);
721
722 send_vpn_packet (pkt, si, IPTOS_RELIABILITY); // rsa is very very costly
723
724 delete pkt;
725 }
726
727 void
728 connection::send_connect_info (int rid, const sockinfo &rsi, u8 rprotocols)
729 {
730 slog (L_TRACE, ">>%d PT_CONNECT_INFO(%d,%s)\n",
731 conf->id, rid, (const char *)rsi);
732
733 connect_info_packet *r = new connect_info_packet (conf->id, rid, rsi, rprotocols);
734
735 r->hmac_set (octx);
736 send_vpn_packet (r, si);
737
738 delete r;
739 }
740
741 void
742 connection::establish_connection_cb (time_watcher &w)
743 {
744 if (ictx || conf == THISNODE
745 || connectmode == conf_node::C_NEVER
746 || connectmode == conf_node::C_DISABLED)
747 w.at = TSTAMP_CANCEL;
748 else if (w.at <= NOW)
749 {
750 double retry_int = double (retry_cnt & 3 ? (retry_cnt & 3) : 1 << (retry_cnt >> 2)) * 0.6;
751
752 if (retry_int < 3600 * 8)
753 retry_cnt++;
754
755 w.at = NOW + retry_int;
756
757 reset_si ();
758
759 if (si.prot && !si.host)
760 vpn->send_connect_request (conf->id);
761 else
762 {
763 const sockinfo &dsi = forward_si (si);
764
765 if (dsi.valid () && auth_rate_limiter.can (dsi))
766 {
767 if (retry_cnt < 4)
768 send_auth_request (dsi, true);
769 else
770 send_ping (dsi, 0);
771 }
772 }
773 }
774 }
775
776 void
777 connection::reset_connection ()
778 {
779 if (ictx && octx)
780 {
781 slog (L_INFO, _("%s(%s): connection lost"),
782 conf->nodename, (const char *)si);
783
784 if (::conf.script_node_down)
785 run_script (run_script_cb (this, &connection::script_node_down), false);
786 }
787
788 delete ictx; ictx = 0;
789 delete octx; octx = 0;
790
791 si.host= 0;
792
793 last_activity = 0;
794 retry_cnt = 0;
795
796 rekey.reset ();
797 keepalive.reset ();
798 establish_connection.reset ();
799 }
800
801 void
802 connection::shutdown ()
803 {
804 if (ictx && octx)
805 send_reset (si);
806
807 reset_connection ();
808 }
809
810 void
811 connection::rekey_cb (time_watcher &w)
812 {
813 w.at = TSTAMP_CANCEL;
814
815 reset_connection ();
816 establish_connection ();
817 }
818
819 void
820 connection::send_data_packet (tap_packet *pkt, bool broadcast)
821 {
822 vpndata_packet *p = new vpndata_packet;
823 int tos = 0;
824
825 // I am not hilarious about peeking into packets, but so be it.
826 if (conf->inherit_tos
827 && (*pkt)[12] == 0x08 && (*pkt)[13] == 0x00 // IP
828 && ((*pkt)[14] & 0xf0) == 0x40) // IPv4
829 tos = (*pkt)[15] & IPTOS_TOS_MASK;
830
831 p->setup (this, broadcast ? 0 : conf->id, &((*pkt)[6 + 6]), pkt->len - 6 - 6, ++oseqno); // skip 2 macs
832 send_vpn_packet (p, si, tos);
833
834 delete p;
835
836 if (oseqno > MAX_SEQNO)
837 rekey ();
838 }
839
840 void
841 connection::inject_data_packet (tap_packet *pkt, bool broadcast)
842 {
843 if (ictx && octx)
844 send_data_packet (pkt, broadcast);
845 else
846 {
847 if (!broadcast)//DDDD
848 data_queue.put (new tap_packet (*pkt));
849
850 establish_connection ();
851 }
852 }
853
854 void connection::inject_vpn_packet (vpn_packet *pkt, int tos)
855 {
856 if (ictx && octx)
857 send_vpn_packet (pkt, si, tos);
858 else
859 {
860 vpn_queue.put (new vpn_packet (*pkt));
861
862 establish_connection ();
863 }
864 }
865
866 void
867 connection::recv_vpn_packet (vpn_packet *pkt, const sockinfo &rsi)
868 {
869 last_activity = NOW;
870
871 slog (L_NOISE, "<<%d received packet type %d from %d to %d",
872 conf->id, pkt->typ (), pkt->src (), pkt->dst ());
873
874 switch (pkt->typ ())
875 {
876 case vpn_packet::PT_PING:
877 // we send pings instead of auth packets after some retries,
878 // so reset the retry counter and establish a connection
879 // when we receive a ping.
880 if (!ictx)
881 {
882 if (auth_rate_limiter.can (rsi))
883 send_auth_request (rsi, true);
884 }
885 else
886 send_ping (rsi, 1); // pong
887
888 break;
889
890 case vpn_packet::PT_PONG:
891 break;
892
893 case vpn_packet::PT_RESET:
894 {
895 reset_connection ();
896
897 config_packet *p = (config_packet *) pkt;
898
899 if (!p->chk_config ())
900 {
901 slog (L_WARN, _("%s(%s): protocol mismatch, disabling node"),
902 conf->nodename, (const char *)rsi);
903 connectmode = conf_node::C_DISABLED;
904 }
905 else if (connectmode == conf_node::C_ALWAYS)
906 establish_connection ();
907 }
908 break;
909
910 case vpn_packet::PT_AUTH_REQ:
911 if (auth_rate_limiter.can (rsi))
912 {
913 auth_req_packet *p = (auth_req_packet *) pkt;
914
915 slog (L_TRACE, "<<%d PT_AUTH_REQ(%d)", conf->id, p->initiate);
916
917 if (p->chk_config () && !strncmp (p->magic, MAGIC, 8))
918 {
919 if (p->prot_minor != PROTOCOL_MINOR)
920 slog (L_INFO, _("%s(%s): protocol minor version mismatch: ours is %d, %s's is %d."),
921 conf->nodename, (const char *)rsi,
922 PROTOCOL_MINOR, conf->nodename, p->prot_minor);
923
924 if (p->initiate)
925 send_auth_request (rsi, false);
926
927 rsachallenge k;
928
929 if (0 > RSA_private_decrypt (sizeof (p->encr),
930 (unsigned char *)&p->encr, (unsigned char *)&k,
931 ::conf.rsa_key, RSA_PKCS1_OAEP_PADDING))
932 slog (L_ERR, _("%s(%s): challenge illegal or corrupted (%s). mismatched key or config file?"),
933 conf->nodename, (const char *)rsi, ERR_error_string (ERR_get_error (), 0));
934 else
935 {
936 delete octx;
937
938 octx = new crypto_ctx (k, 1);
939 oseqno = ntohl (*(u32 *)&k[CHG_SEQNO]) & 0x7fffffff;
940
941 conf->protocols = p->protocols;
942
943 send_auth_response (rsi, p->id, k);
944
945 connection_established ();
946
947 break;
948 }
949 }
950 else
951 slog (L_WARN, _("%s(%s): protocol mismatch"),
952 conf->nodename, (const char *)rsi);
953
954 send_reset (rsi);
955 }
956
957 break;
958
959 case vpn_packet::PT_AUTH_RES:
960 {
961 auth_res_packet *p = (auth_res_packet *) pkt;
962
963 slog (L_TRACE, "<<%d PT_AUTH_RES", conf->id);
964
965 if (p->chk_config ())
966 {
967 if (p->prot_minor != PROTOCOL_MINOR)
968 slog (L_INFO, _("%s(%s): protocol minor version mismatch: ours is %d, %s's is %d."),
969 conf->nodename, (const char *)rsi,
970 PROTOCOL_MINOR, conf->nodename, p->prot_minor);
971
972 rsachallenge chg;
973
974 if (!rsa_cache.find (p->id, chg))
975 {
976 slog (L_ERR, _("%s(%s): unrequested auth response ignored"),
977 conf->nodename, (const char *)rsi);
978 break;
979 }
980 else
981 {
982 crypto_ctx *cctx = new crypto_ctx (chg, 0);
983
984 if (!p->hmac_chk (cctx))
985 {
986 slog (L_ERR, _("%s(%s): hmac authentication error on auth response, received invalid packet\n"
987 "could be an attack, or just corruption or an synchronization error"),
988 conf->nodename, (const char *)rsi);
989 break;
990 }
991 else
992 {
993 rsaresponse h;
994
995 rsa_hash (p->id, chg, h);
996
997 if (!memcmp ((u8 *)&h, (u8 *)p->response, sizeof h))
998 {
999 prot_minor = p->prot_minor;
1000
1001 delete ictx; ictx = cctx;
1002
1003 iseqno.reset (ntohl (*(u32 *)&chg[CHG_SEQNO]) & 0x7fffffff); // at least 2**31 sequence numbers are valid
1004
1005 si = rsi;
1006 protocol = rsi.prot;
1007
1008 connection_established ();
1009
1010 slog (L_INFO, _("%s(%s): connection established, protocol version %d.%d"),
1011 conf->nodename, (const char *)rsi,
1012 p->prot_major, p->prot_minor);
1013
1014 if (::conf.script_node_up)
1015 run_script (run_script_cb (this, &connection::script_node_up), false);
1016
1017 break;
1018 }
1019 else
1020 slog (L_ERR, _("%s(%s): sent and received challenge do not match"),
1021 conf->nodename, (const char *)rsi);
1022 }
1023
1024 delete cctx;
1025 }
1026 }
1027 }
1028
1029 send_reset (rsi);
1030 break;
1031
1032 case vpn_packet::PT_DATA_COMPRESSED:
1033 #if !ENABLE_COMPRESSION
1034 send_reset (rsi);
1035 break;
1036 #endif
1037
1038 case vpn_packet::PT_DATA_UNCOMPRESSED:
1039
1040 if (ictx && octx)
1041 {
1042 vpndata_packet *p = (vpndata_packet *)pkt;
1043
1044 if (!p->hmac_chk (ictx))
1045 slog (L_ERR, _("%s(%s): hmac authentication error, received invalid packet\n"
1046 "could be an attack, or just corruption or an synchronization error"),
1047 conf->nodename, (const char *)rsi);
1048 else
1049 {
1050 u32 seqno;
1051 tap_packet *d = p->unpack (this, seqno);
1052
1053 if (iseqno.recv_ok (seqno))
1054 {
1055 vpn->tap->send (d);
1056
1057 if (p->dst () == 0) // re-broadcast
1058 for (vpn::conns_vector::iterator i = vpn->conns.begin (); i != vpn->conns.end (); ++i)
1059 {
1060 connection *c = *i;
1061
1062 if (c->conf != THISNODE && c->conf != conf)
1063 c->inject_data_packet (d);
1064 }
1065
1066 if (si != rsi)
1067 {
1068 // fast re-sync on connection changes, useful especially for tcp/ip
1069 si = rsi;
1070
1071 slog (L_INFO, _("%s(%s): socket address changed to %s"),
1072 conf->nodename, (const char *)si, (const char *)rsi);
1073 }
1074
1075 delete d;
1076
1077 break;
1078 }
1079 }
1080 }
1081
1082 send_reset (rsi);
1083 break;
1084
1085 case vpn_packet::PT_CONNECT_REQ:
1086 if (ictx && octx && rsi == si && pkt->hmac_chk (ictx))
1087 {
1088 connect_req_packet *p = (connect_req_packet *) pkt;
1089
1090 assert (p->id > 0 && p->id <= vpn->conns.size ()); // hmac-auth does not mean we accept anything
1091 connection *c = vpn->conns[p->id - 1];
1092 conf->protocols = p->protocols;
1093
1094 slog (L_TRACE, "<<%d PT_CONNECT_REQ(%d) [%d]\n",
1095 conf->id, p->id, c->ictx && c->octx);
1096
1097 if (c->ictx && c->octx)
1098 {
1099 // send connect_info packets to both sides, in case one is
1100 // behind a nat firewall (or both ;)
1101 c->send_connect_info (conf->id, si, conf->protocols);
1102 send_connect_info (c->conf->id, c->si, c->conf->protocols);
1103 }
1104 else
1105 c->establish_connection ();
1106 }
1107
1108 break;
1109
1110 case vpn_packet::PT_CONNECT_INFO:
1111 if (ictx && octx && rsi == si && pkt->hmac_chk (ictx))
1112 {
1113 connect_info_packet *p = (connect_info_packet *) pkt;
1114
1115 assert (p->id > 0 && p->id <= vpn->conns.size ()); // hmac-auth does not mean we accept anything
1116
1117 connection *c = vpn->conns[p->id - 1];
1118
1119 c->conf->protocols = p->protocols;
1120 protocol = best_protocol (c->conf->protocols & THISNODE->protocols & p->si.supported_protocols (c->conf));
1121 p->si.upgrade_protocol (protocol, c->conf);
1122
1123 slog (L_TRACE, "<<%d PT_CONNECT_INFO(%d,%s) (%d)",
1124 conf->id, p->id, (const char *)p->si, !c->ictx && !c->octx);
1125
1126 const sockinfo &dsi = forward_si (p->si);
1127
1128 if (dsi.valid ())
1129 c->send_auth_request (dsi, true);
1130 }
1131
1132 break;
1133
1134 default:
1135 send_reset (rsi);
1136 break;
1137 }
1138 }
1139
1140 void connection::keepalive_cb (time_watcher &w)
1141 {
1142 if (NOW >= last_activity + ::conf.keepalive + 30)
1143 {
1144 reset_connection ();
1145 establish_connection ();
1146 }
1147 else if (NOW < last_activity + ::conf.keepalive)
1148 w.at = last_activity + ::conf.keepalive;
1149 else if (conf->connectmode != conf_node::C_ONDEMAND
1150 || THISNODE->connectmode != conf_node::C_ONDEMAND)
1151 {
1152 send_ping (si);
1153 w.at = NOW + 5;
1154 }
1155 else if (NOW < last_activity + ::conf.keepalive + 10)
1156 // hold ondemand connections implicitly a few seconds longer
1157 // should delete octx, though, or something like that ;)
1158 w.at = last_activity + ::conf.keepalive + 10;
1159 else
1160 reset_connection ();
1161 }
1162
1163 void connection::send_connect_request (int id)
1164 {
1165 connect_req_packet *p = new connect_req_packet (conf->id, id, conf->protocols);
1166
1167 slog (L_TRACE, ">>%d PT_CONNECT_REQ(%d)", conf->id, id);
1168 p->hmac_set (octx);
1169 send_vpn_packet (p, si);
1170
1171 delete p;
1172 }
1173
1174 void connection::script_node ()
1175 {
1176 vpn->script_if_up ();
1177
1178 char *env;
1179 asprintf (&env, "DESTID=%d", conf->id); putenv (env);
1180 asprintf (&env, "DESTNODE=%s", conf->nodename); putenv (env);
1181 asprintf (&env, "DESTIP=%s", si.ntoa ()); putenv (env);
1182 asprintf (&env, "DESTPORT=%d", ntohs (si.port)); putenv (env);
1183 }
1184
1185 const char *connection::script_node_up ()
1186 {
1187 script_node ();
1188
1189 putenv ("STATE=up");
1190
1191 return ::conf.script_node_up ? ::conf.script_node_up : "node-up";
1192 }
1193
1194 const char *connection::script_node_down ()
1195 {
1196 script_node ();
1197
1198 putenv ("STATE=down");
1199
1200 return ::conf.script_node_up ? ::conf.script_node_down : "node-down";
1201 }
1202
1203 connection::connection(struct vpn *vpn_)
1204 : vpn(vpn_)
1205 , rekey (this, &connection::rekey_cb)
1206 , keepalive (this, &connection::keepalive_cb)
1207 , establish_connection (this, &connection::establish_connection_cb)
1208 {
1209 octx = ictx = 0;
1210 retry_cnt = 0;
1211
1212 connectmode = conf_node::C_ALWAYS; // initial setting
1213 reset_connection ();
1214 }
1215
1216 connection::~connection ()
1217 {
1218 shutdown ();
1219 }
1220
1221 void connection_init ()
1222 {
1223 auth_rate_limiter.clear ();
1224 reset_rate_limiter.clear ();
1225 }
1226