ViewVC Help
View File | Revision Log | Show Annotations | Download File
/cvs/gvpe/src/connection.C
Revision: 1.20
Committed: Tue Oct 14 15:48:15 2003 UTC (20 years, 7 months ago) by pcg
Content type: text/plain
Branch: MAIN
Changes since 1.19: +1 -16 lines
Log Message: 
*** empty log message ***

File Contents

# Content
1 /*
2 connection.C -- manage a single connection
3
4 This program is free software; you can redistribute it and/or modify
5 it under the terms of the GNU General Public License as published by
6 the Free Software Foundation; either version 2 of the License, or
7 (at your option) any later version.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc. 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
17 */
18
19 #include "config.h"
20
21 extern "C" {
22 # include "lzf/lzf.h"
23 }
24
25 #include <list>
26
27 #include <openssl/rand.h>
28 #include <openssl/evp.h>
29 #include <openssl/rsa.h>
30 #include <openssl/err.h>
31
32 #include "gettext.h"
33
34 #include "conf.h"
35 #include "slog.h"
36 #include "device.h"
37 #include "vpn.h"
38 #include "connection.h"
39
40 #include "netcompat.h"
41
42 #if !HAVE_RAND_PSEUDO_BYTES
43 # define RAND_pseudo_bytes RAND_bytes
44 #endif
45
46 #define MAGIC "vped\xbd\xc6\xdb\x82" // 8 bytes of magic
47
48 struct crypto_ctx
49 {
50 EVP_CIPHER_CTX cctx;
51 HMAC_CTX hctx;
52
53 crypto_ctx (const rsachallenge &challenge, int enc);
54 ~crypto_ctx ();
55 };
56
57 crypto_ctx::crypto_ctx (const rsachallenge &challenge, int enc)
58 {
59 EVP_CIPHER_CTX_init (&cctx);
60 EVP_CipherInit_ex (&cctx, CIPHER, 0, &challenge[CHG_CIPHER_KEY], 0, enc);
61 HMAC_CTX_init (&hctx);
62 HMAC_Init_ex (&hctx, &challenge[CHG_HMAC_KEY], HMAC_KEYLEN, DIGEST, 0);
63 }
64
65 crypto_ctx::~crypto_ctx ()
66 {
67 EVP_CIPHER_CTX_cleanup (&cctx);
68 HMAC_CTX_cleanup (&hctx);
69 }
70
71 static void
72 rsa_hash (const rsaid &id, const rsachallenge &chg, rsaresponse &h)
73 {
74 EVP_MD_CTX ctx;
75
76 EVP_MD_CTX_init (&ctx);
77 EVP_DigestInit (&ctx, RSA_HASH);
78 EVP_DigestUpdate(&ctx, &chg, sizeof chg);
79 EVP_DigestUpdate(&ctx, &id, sizeof id);
80 EVP_DigestFinal (&ctx, (unsigned char *)&h, 0);
81 EVP_MD_CTX_cleanup (&ctx);
82 }
83
84 struct rsa_entry {
85 tstamp expire;
86 rsaid id;
87 rsachallenge chg;
88 };
89
90 struct rsa_cache : list<rsa_entry>
91 {
92 void cleaner_cb (time_watcher &w); time_watcher cleaner;
93
94 bool find (const rsaid &id, rsachallenge &chg)
95 {
96 for (iterator i = begin (); i != end (); ++i)
97 {
98 if (!memcmp (&id, &i->id, sizeof id) && i->expire > NOW)
99 {
100 memcpy (&chg, &i->chg, sizeof chg);
101
102 erase (i);
103 return true;
104 }
105 }
106
107 if (cleaner.at < NOW)
108 cleaner.start (NOW + RSA_TTL);
109
110 return false;
111 }
112
113 void gen (rsaid &id, rsachallenge &chg)
114 {
115 rsa_entry e;
116
117 RAND_bytes ((unsigned char *)&id, sizeof id);
118 RAND_bytes ((unsigned char *)&chg, sizeof chg);
119
120 e.expire = NOW + RSA_TTL;
121 e.id = id;
122 memcpy (&e.chg, &chg, sizeof chg);
123
124 push_back (e);
125
126 if (cleaner.at < NOW)
127 cleaner.start (NOW + RSA_TTL);
128 }
129
130 rsa_cache ()
131 : cleaner (this, &rsa_cache::cleaner_cb)
132 { }
133
134 } rsa_cache;
135
136 void rsa_cache::cleaner_cb (time_watcher &w)
137 {
138 if (empty ())
139 w.at = TSTAMP_CANCEL;
140 else
141 {
142 w.at = NOW + RSA_TTL;
143
144 for (iterator i = begin (); i != end (); )
145 if (i->expire <= NOW)
146 i = erase (i);
147 else
148 ++i;
149 }
150 }
151
152 //////////////////////////////////////////////////////////////////////////////
153
154 void pkt_queue::put (net_packet *p)
155 {
156 if (queue[i])
157 {
158 delete queue[i];
159 j = (j + 1) % QUEUEDEPTH;
160 }
161
162 queue[i] = p;
163
164 i = (i + 1) % QUEUEDEPTH;
165 }
166
167 net_packet *pkt_queue::get ()
168 {
169 net_packet *p = queue[j];
170
171 if (p)
172 {
173 queue[j] = 0;
174 j = (j + 1) % QUEUEDEPTH;
175 }
176
177 return p;
178 }
179
180 pkt_queue::pkt_queue ()
181 {
182 memset (queue, 0, sizeof (queue));
183 i = 0;
184 j = 0;
185 }
186
187 pkt_queue::~pkt_queue ()
188 {
189 for (i = QUEUEDEPTH; --i > 0; )
190 delete queue[i];
191 }
192
193 struct net_rateinfo {
194 u32 host;
195 double pcnt, diff;
196 tstamp last;
197 };
198
199 // only do action once every x seconds per host whole allowing bursts.
200 // this implementation ("splay list" ;) is inefficient,
201 // but low on resources.
202 struct net_rate_limiter : list<net_rateinfo>
203 {
204 static const double ALPHA = 1. - 1. / 600.; // allow bursts
205 static const double CUTOFF = 10.; // one event every CUTOFF seconds
206 static const double EXPIRE = CUTOFF * 30.; // expire entries after this time
207 static const double MAXDIF = CUTOFF * (1. / (1. - ALPHA)); // maximum diff /count value
208
209 bool can (const sockinfo &si) { return can((u32)si.host); }
210 bool can (u32 host);
211 };
212
213 net_rate_limiter auth_rate_limiter, reset_rate_limiter;
214
215 bool net_rate_limiter::can (u32 host)
216 {
217 iterator i;
218
219 for (i = begin (); i != end (); )
220 if (i->host == host)
221 break;
222 else if (i->last < NOW - EXPIRE)
223 i = erase (i);
224 else
225 i++;
226
227 if (i == end ())
228 {
229 net_rateinfo ri;
230
231 ri.host = host;
232 ri.pcnt = 1.;
233 ri.diff = MAXDIF;
234 ri.last = NOW;
235
236 push_front (ri);
237
238 return true;
239 }
240 else
241 {
242 net_rateinfo ri (*i);
243 erase (i);
244
245 ri.pcnt = ri.pcnt * ALPHA;
246 ri.diff = ri.diff * ALPHA + (NOW - ri.last);
247
248 ri.last = NOW;
249
250 double dif = ri.diff / ri.pcnt;
251
252 bool send = dif > CUTOFF;
253
254 if (dif > MAXDIF)
255 {
256 ri.pcnt = 1.;
257 ri.diff = MAXDIF;
258 }
259 else if (send)
260 ri.pcnt++;
261
262 push_front (ri);
263
264 return send;
265 }
266 }
267
268 /////////////////////////////////////////////////////////////////////////////
269
270 unsigned char hmac_packet::hmac_digest[EVP_MAX_MD_SIZE];
271
272 void hmac_packet::hmac_gen (crypto_ctx *ctx)
273 {
274 unsigned int xlen;
275
276 HMAC_CTX *hctx = &ctx->hctx;
277
278 HMAC_Init_ex (hctx, 0, 0, 0, 0);
279 HMAC_Update (hctx, ((unsigned char *) this) + sizeof (hmac_packet),
280 len - sizeof (hmac_packet));
281 HMAC_Final (hctx, (unsigned char *) &hmac_digest, &xlen);
282 }
283
284 void
285 hmac_packet::hmac_set (crypto_ctx *ctx)
286 {
287 hmac_gen (ctx);
288
289 memcpy (hmac, hmac_digest, HMACLENGTH);
290 }
291
292 bool
293 hmac_packet::hmac_chk (crypto_ctx *ctx)
294 {
295 hmac_gen (ctx);
296
297 return !memcmp (hmac, hmac_digest, HMACLENGTH);
298 }
299
300 void vpn_packet::set_hdr (ptype type_, unsigned int dst)
301 {
302 type = type_;
303
304 int src = THISNODE->id;
305
306 src1 = src;
307 srcdst = ((src >> 8) << 4) | (dst >> 8);
308 dst1 = dst;
309 }
310
311 #define MAXVPNDATA (MAX_MTU - 6 - 6)
312 #define DATAHDR (sizeof (u32) + RAND_SIZE)
313
314 struct vpndata_packet:vpn_packet
315 {
316 u8 data[MAXVPNDATA + DATAHDR]; // seqno
317
318 void setup (connection *conn, int dst, u8 *d, u32 len, u32 seqno);
319 tap_packet *unpack (connection *conn, u32 &seqno);
320 private:
321
322 const u32 data_hdr_size () const
323 {
324 return sizeof (vpndata_packet) - sizeof (net_packet) - MAXVPNDATA - DATAHDR;
325 }
326 };
327
328 void
329 vpndata_packet::setup (connection *conn, int dst, u8 *d, u32 l, u32 seqno)
330 {
331 EVP_CIPHER_CTX *cctx = &conn->octx->cctx;
332 int outl = 0, outl2;
333 ptype type = PT_DATA_UNCOMPRESSED;
334
335 #if ENABLE_COMPRESSION
336 u8 cdata[MAX_MTU];
337 u32 cl;
338
339 cl = lzf_compress (d, l, cdata + 2, (l - 2) & ~7);
340 if (cl)
341 {
342 type = PT_DATA_COMPRESSED;
343 d = cdata;
344 l = cl + 2;
345
346 d[0] = cl >> 8;
347 d[1] = cl;
348 }
349 #endif
350
351 EVP_EncryptInit_ex (cctx, 0, 0, 0, 0);
352
353 struct {
354 #if RAND_SIZE
355 u8 rnd[RAND_SIZE];
356 #endif
357 u32 seqno;
358 } datahdr;
359
360 datahdr.seqno = ntohl (seqno);
361 #if RAND_SIZE
362 RAND_pseudo_bytes ((unsigned char *) datahdr.rnd, RAND_SIZE);
363 #endif
364
365 EVP_EncryptUpdate (cctx,
366 (unsigned char *) data + outl, &outl2,
367 (unsigned char *) &datahdr, DATAHDR);
368 outl += outl2;
369
370 EVP_EncryptUpdate (cctx,
371 (unsigned char *) data + outl, &outl2,
372 (unsigned char *) d, l);
373 outl += outl2;
374
375 EVP_EncryptFinal_ex (cctx, (unsigned char *) data + outl, &outl2);
376 outl += outl2;
377
378 len = outl + data_hdr_size ();
379
380 set_hdr (type, dst);
381
382 hmac_set (conn->octx);
383 }
384
385 tap_packet *
386 vpndata_packet::unpack (connection *conn, u32 &seqno)
387 {
388 EVP_CIPHER_CTX *cctx = &conn->ictx->cctx;
389 int outl = 0, outl2;
390 tap_packet *p = new tap_packet;
391 u8 *d;
392 u32 l = len - data_hdr_size ();
393
394 EVP_DecryptInit_ex (cctx, 0, 0, 0, 0);
395
396 #if ENABLE_COMPRESSION
397 u8 cdata[MAX_MTU];
398
399 if (type == PT_DATA_COMPRESSED)
400 d = cdata;
401 else
402 #endif
403 d = &(*p)[6 + 6 - DATAHDR];
404
405 /* this overwrites part of the src mac, but we fix that later */
406 EVP_DecryptUpdate (cctx,
407 d, &outl2,
408 (unsigned char *)&data, len - data_hdr_size ());
409 outl += outl2;
410
411 EVP_DecryptFinal_ex (cctx, (unsigned char *)d + outl, &outl2);
412 outl += outl2;
413
414 seqno = ntohl (*(u32 *)(d + RAND_SIZE));
415
416 id2mac (dst () ? dst() : THISNODE->id, p->dst);
417 id2mac (src (), p->src);
418
419 #if ENABLE_COMPRESSION
420 if (type == PT_DATA_COMPRESSED)
421 {
422 u32 cl = (d[DATAHDR] << 8) | d[DATAHDR + 1];
423
424 p->len = lzf_decompress (d + DATAHDR + 2, cl < MAX_MTU ? cl : 0,
425 &(*p)[6 + 6], MAX_MTU)
426 + 6 + 6;
427 }
428 else
429 p->len = outl + (6 + 6 - DATAHDR);
430 #endif
431
432 return p;
433 }
434
435 struct ping_packet : vpn_packet
436 {
437 void setup (int dst, ptype type)
438 {
439 set_hdr (type, dst);
440 len = sizeof (*this) - sizeof (net_packet);
441 }
442 };
443
444 struct config_packet : vpn_packet
445 {
446 // actually, hmaclen cannot be checked because the hmac
447 // field comes before this data, so peers with other
448 // hmacs simply will not work.
449 u8 prot_major, prot_minor, randsize, hmaclen;
450 u8 flags, challengelen, pad2, pad3;
451 u32 cipher_nid, digest_nid, hmac_nid;
452
453 const u8 curflags () const
454 {
455 return 0x80
456 | (ENABLE_COMPRESSION ? 0x01 : 0x00);
457 }
458
459 void setup (ptype type, int dst);
460 bool chk_config () const;
461 };
462
463 void config_packet::setup (ptype type, int dst)
464 {
465 prot_major = PROTOCOL_MAJOR;
466 prot_minor = PROTOCOL_MINOR;
467 randsize = RAND_SIZE;
468 hmaclen = HMACLENGTH;
469 flags = curflags ();
470 challengelen = sizeof (rsachallenge);
471
472 cipher_nid = htonl (EVP_CIPHER_nid (CIPHER));
473 digest_nid = htonl (EVP_MD_type (RSA_HASH));
474 hmac_nid = htonl (EVP_MD_type (DIGEST));
475
476 len = sizeof (*this) - sizeof (net_packet);
477 set_hdr (type, dst);
478 }
479
480 bool config_packet::chk_config () const
481 {
482 if (prot_major != PROTOCOL_MAJOR)
483 slog (L_WARN, _("major version mismatch (%d <=> %d)"), prot_major, PROTOCOL_MAJOR);
484 else if (randsize != RAND_SIZE)
485 slog (L_WARN, _("rand size mismatch (%d <=> %d)"), randsize, RAND_SIZE);
486 else if (hmaclen != HMACLENGTH)
487 slog (L_WARN, _("hmac length mismatch (%d <=> %d)"), hmaclen, HMACLENGTH);
488 else if (flags != curflags ())
489 slog (L_WARN, _("flag mismatch (%x <=> %x)"), flags, curflags ());
490 else if (challengelen != sizeof (rsachallenge))
491 slog (L_WARN, _("challenge length mismatch (%d <=> %d)"), challengelen, sizeof (rsachallenge));
492 else if (cipher_nid != htonl (EVP_CIPHER_nid (CIPHER)))
493 slog (L_WARN, _("cipher mismatch (%x <=> %x)"), ntohl (cipher_nid), EVP_CIPHER_nid (CIPHER));
494 else if (digest_nid != htonl (EVP_MD_type (RSA_HASH)))
495 slog (L_WARN, _("digest mismatch (%x <=> %x)"), ntohl (digest_nid), EVP_MD_type (RSA_HASH));
496 else if (hmac_nid != htonl (EVP_MD_type (DIGEST)))
497 slog (L_WARN, _("hmac mismatch (%x <=> %x)"), ntohl (hmac_nid), EVP_MD_type (DIGEST));
498 else
499 return true;
500
501 return false;
502 }
503
504 struct auth_req_packet : config_packet
505 {
506 char magic[8];
507 u8 initiate; // false if this is just an automatic reply
508 u8 protocols; // supported protocols (will get patches on forward)
509 u8 pad2, pad3;
510 rsaid id;
511 rsaencrdata encr;
512
513 auth_req_packet (int dst, bool initiate_, u8 protocols_)
514 {
515 config_packet::setup (PT_AUTH_REQ, dst);
516 strncpy (magic, MAGIC, 8);
517 initiate = !!initiate_;
518 protocols = protocols_;
519
520 len = sizeof (*this) - sizeof (net_packet);
521 }
522 };
523
524 struct auth_res_packet : config_packet
525 {
526 rsaid id;
527 u8 pad1, pad2, pad3;
528 u8 response_len; // encrypted length
529 rsaresponse response;
530
531 auth_res_packet (int dst)
532 {
533 config_packet::setup (PT_AUTH_RES, dst);
534
535 len = sizeof (*this) - sizeof (net_packet);
536 }
537 };
538
539 struct connect_req_packet : vpn_packet
540 {
541 u8 id, protocols;
542 u8 pad1, pad2;
543
544 connect_req_packet (int dst, int id_, u8 protocols_)
545 : id(id_)
546 , protocols(protocols_)
547 {
548 set_hdr (PT_CONNECT_REQ, dst);
549 len = sizeof (*this) - sizeof (net_packet);
550 }
551 };
552
553 struct connect_info_packet : vpn_packet
554 {
555 u8 id, protocols;
556 u8 pad1, pad2;
557 sockinfo si;
558
559 connect_info_packet (int dst, int id_, const sockinfo &si_, u8 protocols_)
560 : id(id_)
561 , protocols(protocols_)
562 , si(si_)
563 {
564 set_hdr (PT_CONNECT_INFO, dst);
565
566 len = sizeof (*this) - sizeof (net_packet);
567 }
568 };
569
570 /////////////////////////////////////////////////////////////////////////////
571
572 void
573 connection::connection_established ()
574 {
575 if (ictx && octx)
576 {
577 connectmode = conf->connectmode;
578
579 rekey.start (NOW + ::conf.rekey);
580 keepalive.start (NOW + ::conf.keepalive);
581
582 // send queued packets
583 if (ictx && octx)
584 {
585 while (tap_packet *p = (tap_packet *)data_queue.get ())
586 {
587 send_data_packet (p);
588 delete p;
589 }
590
591 while (vpn_packet *p = (vpn_packet *)vpn_queue.get ())
592 {
593 send_vpn_packet (p, si, IPTOS_RELIABILITY);
594 delete p;
595 }
596 }
597 }
598 else
599 {
600 retry_cnt = 0;
601 establish_connection.start (NOW + 5);
602 keepalive.reset ();
603 rekey.reset ();
604 }
605 }
606
607 void
608 connection::reset_si ()
609 {
610 protocol = best_protocol (THISNODE->protocols & conf->protocols);
611
612 // mask out protocols we cannot establish
613 if (!conf->udp_port) protocol &= ~PROT_UDPv4;
614 if (!conf->tcp_port) protocol &= ~PROT_TCPv4;
615
616 si.set (conf, protocol);
617 }
618
619 // ensure sockinfo is valid, forward if necessary
620 const sockinfo &
621 connection::forward_si (const sockinfo &si) const
622 {
623 if (!si.valid ())
624 {
625 connection *r = vpn->find_router ();
626
627 if (r)
628 {
629 slog (L_DEBUG, _("%s: no common protocol, trying indirectly through %s"),
630 conf->nodename, r->conf->nodename);
631 return r->si;
632 }
633 else
634 slog (L_DEBUG, _("%s: node unreachable, no common protocol"),
635 conf->nodename);
636 }
637
638 return si;
639 }
640
641 void
642 connection::send_vpn_packet (vpn_packet *pkt, const sockinfo &si, int tos)
643 {
644 if (!vpn->send_vpn_packet (pkt, si, tos))
645 reset_connection ();
646 }
647
648 void
649 connection::send_ping (const sockinfo &si, u8 pong)
650 {
651 ping_packet *pkt = new ping_packet;
652
653 pkt->setup (conf->id, pong ? ping_packet::PT_PONG : ping_packet::PT_PING);
654 send_vpn_packet (pkt, si, IPTOS_LOWDELAY);
655
656 delete pkt;
657 }
658
659 void
660 connection::send_reset (const sockinfo &si)
661 {
662 if (reset_rate_limiter.can (si) && connectmode != conf_node::C_DISABLED)
663 {
664 config_packet *pkt = new config_packet;
665
666 pkt->setup (vpn_packet::PT_RESET, conf->id);
667 send_vpn_packet (pkt, si, IPTOS_MINCOST);
668
669 delete pkt;
670 }
671 }
672
673 void
674 connection::send_auth_request (const sockinfo &si, bool initiate)
675 {
676 auth_req_packet *pkt = new auth_req_packet (conf->id, initiate, THISNODE->protocols);
677
678 rsachallenge chg;
679
680 rsa_cache.gen (pkt->id, chg);
681
682 if (0 > RSA_public_encrypt (sizeof chg,
683 (unsigned char *)&chg, (unsigned char *)&pkt->encr,
684 conf->rsa_key, RSA_PKCS1_OAEP_PADDING))
685 fatal ("RSA_public_encrypt error");
686
687 slog (L_TRACE, ">>%d PT_AUTH_REQ [%s]", conf->id, (const char *)si);
688
689 send_vpn_packet (pkt, si, IPTOS_RELIABILITY | IPTOS_LOWDELAY); // rsa is very very costly
690
691 delete pkt;
692 }
693
694 void
695 connection::send_auth_response (const sockinfo &si, const rsaid &id, const rsachallenge &chg)
696 {
697 auth_res_packet *pkt = new auth_res_packet (conf->id);
698
699 pkt->id = id;
700
701 rsa_hash (id, chg, pkt->response);
702
703 pkt->hmac_set (octx);
704
705 slog (L_TRACE, ">>%d PT_AUTH_RES [%s]", conf->id, (const char *)si);
706
707 send_vpn_packet (pkt, si, IPTOS_RELIABILITY); // rsa is very very costly
708
709 delete pkt;
710 }
711
712 void
713 connection::send_connect_info (int rid, const sockinfo &rsi, u8 rprotocols)
714 {
715 slog (L_TRACE, ">>%d PT_CONNECT_INFO(%d,%s)\n",
716 conf->id, rid, (const char *)rsi);
717
718 connect_info_packet *r = new connect_info_packet (conf->id, rid, rsi, rprotocols);
719
720 r->hmac_set (octx);
721 send_vpn_packet (r, si);
722
723 delete r;
724 }
725
726 void
727 connection::establish_connection_cb (time_watcher &w)
728 {
729 if (ictx || conf == THISNODE
730 || connectmode == conf_node::C_NEVER
731 || connectmode == conf_node::C_DISABLED)
732 w.at = TSTAMP_CANCEL;
733 else if (w.at <= NOW)
734 {
735 double retry_int = double (retry_cnt & 3 ? (retry_cnt & 3) : 1 << (retry_cnt >> 2)) * 0.6;
736
737 if (retry_int < 3600 * 8)
738 retry_cnt++;
739
740 w.at = NOW + retry_int;
741
742 reset_si ();
743
744 if (si.prot && !si.host)
745 vpn->send_connect_request (conf->id);
746 else
747 {
748 const sockinfo &dsi = forward_si (si);
749
750 if (dsi.valid () && auth_rate_limiter.can (dsi))
751 {
752 if (retry_cnt < 4)
753 send_auth_request (dsi, true);
754 else
755 send_ping (dsi, 0);
756 }
757 }
758 }
759 }
760
761 void
762 connection::reset_connection ()
763 {
764 if (ictx && octx)
765 {
766 slog (L_INFO, _("%s(%s): connection lost"),
767 conf->nodename, (const char *)si);
768
769 if (::conf.script_node_down)
770 run_script (run_script_cb (this, &connection::script_node_down), false);
771 }
772
773 delete ictx; ictx = 0;
774 delete octx; octx = 0;
775
776 si.host= 0;
777
778 last_activity = 0;
779 retry_cnt = 0;
780
781 rekey.reset ();
782 keepalive.reset ();
783 establish_connection.reset ();
784 }
785
786 void
787 connection::shutdown ()
788 {
789 if (ictx && octx)
790 send_reset (si);
791
792 reset_connection ();
793 }
794
795 void
796 connection::rekey_cb (time_watcher &w)
797 {
798 w.at = TSTAMP_CANCEL;
799
800 reset_connection ();
801 establish_connection ();
802 }
803
804 void
805 connection::send_data_packet (tap_packet *pkt, bool broadcast)
806 {
807 vpndata_packet *p = new vpndata_packet;
808 int tos = 0;
809
810 // I am not hilarious about peeking into packets, but so be it.
811 if (conf->inherit_tos
812 && (*pkt)[12] == 0x08 && (*pkt)[13] == 0x00 // IP
813 && ((*pkt)[14] & 0xf0) == 0x40) // IPv4
814 tos = (*pkt)[15] & IPTOS_TOS_MASK;
815
816 p->setup (this, broadcast ? 0 : conf->id, &((*pkt)[6 + 6]), pkt->len - 6 - 6, ++oseqno); // skip 2 macs
817 send_vpn_packet (p, si, tos);
818
819 delete p;
820
821 if (oseqno > MAX_SEQNO)
822 rekey ();
823 }
824
825 void
826 connection::inject_data_packet (tap_packet *pkt, bool broadcast)
827 {
828 if (ictx && octx)
829 send_data_packet (pkt, broadcast);
830 else
831 {
832 if (!broadcast)//DDDD
833 data_queue.put (new tap_packet (*pkt));
834
835 establish_connection ();
836 }
837 }
838
839 void connection::inject_vpn_packet (vpn_packet *pkt, int tos)
840 {
841 if (ictx && octx)
842 send_vpn_packet (pkt, si, tos);
843 else
844 {
845 vpn_queue.put (new vpn_packet (*pkt));
846
847 establish_connection ();
848 }
849 }
850
851 void
852 connection::recv_vpn_packet (vpn_packet *pkt, const sockinfo &rsi)
853 {
854 last_activity = NOW;
855
856 slog (L_NOISE, "<<%d received packet type %d from %d to %d",
857 conf->id, pkt->typ (), pkt->src (), pkt->dst ());
858
859 switch (pkt->typ ())
860 {
861 case vpn_packet::PT_PING:
862 // we send pings instead of auth packets after some retries,
863 // so reset the retry counter and establish a connection
864 // when we receive a ping.
865 if (!ictx)
866 {
867 if (auth_rate_limiter.can (rsi))
868 send_auth_request (rsi, true);
869 }
870 else
871 send_ping (rsi, 1); // pong
872
873 break;
874
875 case vpn_packet::PT_PONG:
876 break;
877
878 case vpn_packet::PT_RESET:
879 {
880 reset_connection ();
881
882 config_packet *p = (config_packet *) pkt;
883
884 if (!p->chk_config ())
885 {
886 slog (L_WARN, _("%s(%s): protocol mismatch, disabling node"),
887 conf->nodename, (const char *)rsi);
888 connectmode = conf_node::C_DISABLED;
889 }
890 else if (connectmode == conf_node::C_ALWAYS)
891 establish_connection ();
892 }
893 break;
894
895 case vpn_packet::PT_AUTH_REQ:
896 if (auth_rate_limiter.can (rsi))
897 {
898 auth_req_packet *p = (auth_req_packet *) pkt;
899
900 slog (L_TRACE, "<<%d PT_AUTH_REQ(%d)", conf->id, p->initiate);
901
902 if (p->chk_config () && !strncmp (p->magic, MAGIC, 8))
903 {
904 if (p->prot_minor != PROTOCOL_MINOR)
905 slog (L_INFO, _("%s(%s): protocol minor version mismatch: ours is %d, %s's is %d."),
906 conf->nodename, (const char *)rsi,
907 PROTOCOL_MINOR, conf->nodename, p->prot_minor);
908
909 if (p->initiate)
910 send_auth_request (rsi, false);
911
912 rsachallenge k;
913
914 if (0 > RSA_private_decrypt (sizeof (p->encr),
915 (unsigned char *)&p->encr, (unsigned char *)&k,
916 ::conf.rsa_key, RSA_PKCS1_OAEP_PADDING))
917 slog (L_ERR, _("%s(%s): challenge illegal or corrupted (%s). mismatched key or config file?"),
918 conf->nodename, (const char *)rsi, ERR_error_string (ERR_get_error (), 0));
919 else
920 {
921 delete octx;
922
923 octx = new crypto_ctx (k, 1);
924 oseqno = ntohl (*(u32 *)&k[CHG_SEQNO]) & 0x7fffffff;
925
926 conf->protocols = p->protocols;
927
928 send_auth_response (rsi, p->id, k);
929
930 connection_established ();
931
932 break;
933 }
934 }
935 else
936 slog (L_WARN, _("%s(%s): protocol mismatch"),
937 conf->nodename, (const char *)rsi);
938
939 send_reset (rsi);
940 }
941
942 break;
943
944 case vpn_packet::PT_AUTH_RES:
945 {
946 auth_res_packet *p = (auth_res_packet *) pkt;
947
948 slog (L_TRACE, "<<%d PT_AUTH_RES", conf->id);
949
950 if (p->chk_config ())
951 {
952 if (p->prot_minor != PROTOCOL_MINOR)
953 slog (L_INFO, _("%s(%s): protocol minor version mismatch: ours is %d, %s's is %d."),
954 conf->nodename, (const char *)rsi,
955 PROTOCOL_MINOR, conf->nodename, p->prot_minor);
956
957 rsachallenge chg;
958
959 if (!rsa_cache.find (p->id, chg))
960 {
961 slog (L_ERR, _("%s(%s): unrequested auth response ignored"),
962 conf->nodename, (const char *)rsi);
963 break;
964 }
965 else
966 {
967 crypto_ctx *cctx = new crypto_ctx (chg, 0);
968
969 if (!p->hmac_chk (cctx))
970 {
971 slog (L_ERR, _("%s(%s): hmac authentication error on auth response, received invalid packet\n"
972 "could be an attack, or just corruption or an synchronization error"),
973 conf->nodename, (const char *)rsi);
974 break;
975 }
976 else
977 {
978 rsaresponse h;
979
980 rsa_hash (p->id, chg, h);
981
982 if (!memcmp ((u8 *)&h, (u8 *)p->response, sizeof h))
983 {
984 prot_minor = p->prot_minor;
985
986 delete ictx; ictx = cctx;
987
988 iseqno.reset (ntohl (*(u32 *)&chg[CHG_SEQNO]) & 0x7fffffff); // at least 2**31 sequence numbers are valid
989
990 si = rsi;
991 protocol = rsi.prot;
992
993 connection_established ();
994
995 slog (L_INFO, _("%s(%s): connection established, protocol version %d.%d"),
996 conf->nodename, (const char *)rsi,
997 p->prot_major, p->prot_minor);
998
999 if (::conf.script_node_up)
1000 run_script (run_script_cb (this, &connection::script_node_up), false);
1001
1002 break;
1003 }
1004 else
1005 slog (L_ERR, _("%s(%s): sent and received challenge do not match"),
1006 conf->nodename, (const char *)rsi);
1007 }
1008
1009 delete cctx;
1010 }
1011 }
1012 }
1013
1014 send_reset (rsi);
1015 break;
1016
1017 case vpn_packet::PT_DATA_COMPRESSED:
1018 #if !ENABLE_COMPRESSION
1019 send_reset (rsi);
1020 break;
1021 #endif
1022
1023 case vpn_packet::PT_DATA_UNCOMPRESSED:
1024
1025 if (ictx && octx)
1026 {
1027 vpndata_packet *p = (vpndata_packet *)pkt;
1028
1029 if (!p->hmac_chk (ictx))
1030 slog (L_ERR, _("%s(%s): hmac authentication error, received invalid packet\n"
1031 "could be an attack, or just corruption or an synchronization error"),
1032 conf->nodename, (const char *)rsi);
1033 else
1034 {
1035 u32 seqno;
1036 tap_packet *d = p->unpack (this, seqno);
1037
1038 if (iseqno.recv_ok (seqno))
1039 {
1040 vpn->tap->send (d);
1041
1042 if (p->dst () == 0) // re-broadcast
1043 for (vpn::conns_vector::iterator i = vpn->conns.begin (); i != vpn->conns.end (); ++i)
1044 {
1045 connection *c = *i;
1046
1047 if (c->conf != THISNODE && c->conf != conf)
1048 c->inject_data_packet (d);
1049 }
1050
1051 if (si != rsi)
1052 {
1053 // fast re-sync on connection changes, useful especially for tcp/ip
1054 si = rsi;
1055
1056 slog (L_INFO, _("%s(%s): socket address changed to %s"),
1057 conf->nodename, (const char *)si, (const char *)rsi);
1058 }
1059
1060 delete d;
1061
1062 break;
1063 }
1064 }
1065 }
1066
1067 send_reset (rsi);
1068 break;
1069
1070 case vpn_packet::PT_CONNECT_REQ:
1071 if (ictx && octx && rsi == si && pkt->hmac_chk (ictx))
1072 {
1073 connect_req_packet *p = (connect_req_packet *) pkt;
1074
1075 assert (p->id > 0 && p->id <= vpn->conns.size ()); // hmac-auth does not mean we accept anything
1076 connection *c = vpn->conns[p->id - 1];
1077 conf->protocols = p->protocols;
1078
1079 slog (L_TRACE, "<<%d PT_CONNECT_REQ(%d) [%d]\n",
1080 conf->id, p->id, c->ictx && c->octx);
1081
1082 if (c->ictx && c->octx)
1083 {
1084 // send connect_info packets to both sides, in case one is
1085 // behind a nat firewall (or both ;)
1086 c->send_connect_info (conf->id, si, conf->protocols);
1087 send_connect_info (c->conf->id, c->si, c->conf->protocols);
1088 }
1089 else
1090 c->establish_connection ();
1091 }
1092
1093 break;
1094
1095 case vpn_packet::PT_CONNECT_INFO:
1096 if (ictx && octx && rsi == si && pkt->hmac_chk (ictx))
1097 {
1098 connect_info_packet *p = (connect_info_packet *) pkt;
1099
1100 assert (p->id > 0 && p->id <= vpn->conns.size ()); // hmac-auth does not mean we accept anything
1101
1102 connection *c = vpn->conns[p->id - 1];
1103
1104 c->conf->protocols = p->protocols;
1105 protocol = best_protocol (c->conf->protocols & THISNODE->protocols & p->si.supported_protocols (c->conf));
1106 p->si.upgrade_protocol (protocol, c->conf);
1107
1108 slog (L_TRACE, "<<%d PT_CONNECT_INFO(%d,%s) (%d)",
1109 conf->id, p->id, (const char *)p->si, !c->ictx && !c->octx);
1110
1111 const sockinfo &dsi = forward_si (p->si);
1112
1113 if (dsi.valid ())
1114 c->send_auth_request (dsi, true);
1115 }
1116
1117 break;
1118
1119 default:
1120 send_reset (rsi);
1121 break;
1122 }
1123 }
1124
1125 void connection::keepalive_cb (time_watcher &w)
1126 {
1127 if (NOW >= last_activity + ::conf.keepalive + 30)
1128 {
1129 reset_connection ();
1130 establish_connection ();
1131 }
1132 else if (NOW < last_activity + ::conf.keepalive)
1133 w.at = last_activity + ::conf.keepalive;
1134 else if (conf->connectmode != conf_node::C_ONDEMAND
1135 || THISNODE->connectmode != conf_node::C_ONDEMAND)
1136 {
1137 send_ping (si);
1138 w.at = NOW + 5;
1139 }
1140 else if (NOW < last_activity + ::conf.keepalive + 10)
1141 // hold ondemand connections implicitly a few seconds longer
1142 // should delete octx, though, or something like that ;)
1143 w.at = last_activity + ::conf.keepalive + 10;
1144 else
1145 reset_connection ();
1146 }
1147
1148 void connection::send_connect_request (int id)
1149 {
1150 connect_req_packet *p = new connect_req_packet (conf->id, id, conf->protocols);
1151
1152 slog (L_TRACE, ">>%d PT_CONNECT_REQ(%d)", conf->id, id);
1153 p->hmac_set (octx);
1154 send_vpn_packet (p, si);
1155
1156 delete p;
1157 }
1158
1159 void connection::script_node ()
1160 {
1161 vpn->script_if_up ();
1162
1163 char *env;
1164 asprintf (&env, "DESTID=%d", conf->id); putenv (env);
1165 asprintf (&env, "DESTNODE=%s", conf->nodename); putenv (env);
1166 asprintf (&env, "DESTIP=%s", si.ntoa ()); putenv (env);
1167 asprintf (&env, "DESTPORT=%d", ntohs (si.port)); putenv (env);
1168 }
1169
1170 const char *connection::script_node_up ()
1171 {
1172 script_node ();
1173
1174 putenv ("STATE=up");
1175
1176 return ::conf.script_node_up ? ::conf.script_node_up : "node-up";
1177 }
1178
1179 const char *connection::script_node_down ()
1180 {
1181 script_node ();
1182
1183 putenv ("STATE=down");
1184
1185 return ::conf.script_node_up ? ::conf.script_node_down : "node-down";
1186 }
1187
1188 connection::connection(struct vpn *vpn_)
1189 : vpn(vpn_)
1190 , rekey (this, &connection::rekey_cb)
1191 , keepalive (this, &connection::keepalive_cb)
1192 , establish_connection (this, &connection::establish_connection_cb)
1193 {
1194 octx = ictx = 0;
1195 retry_cnt = 0;
1196
1197 connectmode = conf_node::C_ALWAYS; // initial setting
1198 reset_connection ();
1199 }
1200
1201 connection::~connection ()
1202 {
1203 shutdown ();
1204 }
1205
1206 void connection_init ()
1207 {
1208 auth_rate_limiter.clear ();
1209 reset_rate_limiter.clear ();
1210 }
1211