ViewVC Help
View File | Revision Log | Show Annotations | Download File
/cvs/gvpe/src/connection.C
Revision: 1.21
Committed: Thu Oct 16 02:28:36 2003 UTC (20 years, 7 months ago) by pcg
Content type: text/plain
Branch: MAIN
Changes since 1.20: +5 -16 lines
Log Message: 
*** empty log message ***

File Contents

# Content
1 /*
2 connection.C -- manage a single connection
3
4 This program is free software; you can redistribute it and/or modify
5 it under the terms of the GNU General Public License as published by
6 the Free Software Foundation; either version 2 of the License, or
7 (at your option) any later version.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc. 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
17 */
18
19 #include "config.h"
20
21 extern "C" {
22 # include "lzf/lzf.h"
23 }
24
25 #include <list>
26
27 #include <openssl/rand.h>
28 #include <openssl/evp.h>
29 #include <openssl/rsa.h>
30 #include <openssl/err.h>
31
32 #include "gettext.h"
33
34 #include "conf.h"
35 #include "slog.h"
36 #include "device.h"
37 #include "vpn.h"
38 #include "connection.h"
39
40 #include "netcompat.h"
41
42 #if !HAVE_RAND_PSEUDO_BYTES
43 # define RAND_pseudo_bytes RAND_bytes
44 #endif
45
46 #define MAGIC "vped\xbd\xc6\xdb\x82" // 8 bytes of magic
47
48 struct crypto_ctx
49 {
50 EVP_CIPHER_CTX cctx;
51 HMAC_CTX hctx;
52
53 crypto_ctx (const rsachallenge &challenge, int enc);
54 ~crypto_ctx ();
55 };
56
57 crypto_ctx::crypto_ctx (const rsachallenge &challenge, int enc)
58 {
59 EVP_CIPHER_CTX_init (&cctx);
60 EVP_CipherInit_ex (&cctx, CIPHER, 0, &challenge[CHG_CIPHER_KEY], 0, enc);
61 HMAC_CTX_init (&hctx);
62 HMAC_Init_ex (&hctx, &challenge[CHG_HMAC_KEY], HMAC_KEYLEN, DIGEST, 0);
63 }
64
65 crypto_ctx::~crypto_ctx ()
66 {
67 EVP_CIPHER_CTX_cleanup (&cctx);
68 HMAC_CTX_cleanup (&hctx);
69 }
70
71 static void
72 rsa_hash (const rsaid &id, const rsachallenge &chg, rsaresponse &h)
73 {
74 EVP_MD_CTX ctx;
75
76 EVP_MD_CTX_init (&ctx);
77 EVP_DigestInit (&ctx, RSA_HASH);
78 EVP_DigestUpdate(&ctx, &chg, sizeof chg);
79 EVP_DigestUpdate(&ctx, &id, sizeof id);
80 EVP_DigestFinal (&ctx, (unsigned char *)&h, 0);
81 EVP_MD_CTX_cleanup (&ctx);
82 }
83
84 struct rsa_entry {
85 tstamp expire;
86 rsaid id;
87 rsachallenge chg;
88 };
89
90 struct rsa_cache : list<rsa_entry>
91 {
92 void cleaner_cb (time_watcher &w); time_watcher cleaner;
93
94 bool find (const rsaid &id, rsachallenge &chg)
95 {
96 for (iterator i = begin (); i != end (); ++i)
97 {
98 if (!memcmp (&id, &i->id, sizeof id) && i->expire > NOW)
99 {
100 memcpy (&chg, &i->chg, sizeof chg);
101
102 erase (i);
103 return true;
104 }
105 }
106
107 if (cleaner.at < NOW)
108 cleaner.start (NOW + RSA_TTL);
109
110 return false;
111 }
112
113 void gen (rsaid &id, rsachallenge &chg)
114 {
115 rsa_entry e;
116
117 RAND_bytes ((unsigned char *)&id, sizeof id);
118 RAND_bytes ((unsigned char *)&chg, sizeof chg);
119
120 e.expire = NOW + RSA_TTL;
121 e.id = id;
122 memcpy (&e.chg, &chg, sizeof chg);
123
124 push_back (e);
125
126 if (cleaner.at < NOW)
127 cleaner.start (NOW + RSA_TTL);
128 }
129
130 rsa_cache ()
131 : cleaner (this, &rsa_cache::cleaner_cb)
132 { }
133
134 } rsa_cache;
135
136 void rsa_cache::cleaner_cb (time_watcher &w)
137 {
138 if (empty ())
139 w.at = TSTAMP_CANCEL;
140 else
141 {
142 w.at = NOW + RSA_TTL;
143
144 for (iterator i = begin (); i != end (); )
145 if (i->expire <= NOW)
146 i = erase (i);
147 else
148 ++i;
149 }
150 }
151
152 //////////////////////////////////////////////////////////////////////////////
153
154 void pkt_queue::put (net_packet *p)
155 {
156 if (queue[i])
157 {
158 delete queue[i];
159 j = (j + 1) % QUEUEDEPTH;
160 }
161
162 queue[i] = p;
163
164 i = (i + 1) % QUEUEDEPTH;
165 }
166
167 net_packet *pkt_queue::get ()
168 {
169 net_packet *p = queue[j];
170
171 if (p)
172 {
173 queue[j] = 0;
174 j = (j + 1) % QUEUEDEPTH;
175 }
176
177 return p;
178 }
179
180 pkt_queue::pkt_queue ()
181 {
182 memset (queue, 0, sizeof (queue));
183 i = 0;
184 j = 0;
185 }
186
187 pkt_queue::~pkt_queue ()
188 {
189 for (i = QUEUEDEPTH; --i > 0; )
190 delete queue[i];
191 }
192
193 struct net_rateinfo {
194 u32 host;
195 double pcnt, diff;
196 tstamp last;
197 };
198
199 // only do action once every x seconds per host whole allowing bursts.
200 // this implementation ("splay list" ;) is inefficient,
201 // but low on resources.
202 struct net_rate_limiter : list<net_rateinfo>
203 {
204 static const double ALPHA = 1. - 1. / 600.; // allow bursts
205 static const double CUTOFF = 10.; // one event every CUTOFF seconds
206 static const double EXPIRE = CUTOFF * 30.; // expire entries after this time
207 static const double MAXDIF = CUTOFF * (1. / (1. - ALPHA)); // maximum diff /count value
208
209 bool can (const sockinfo &si) { return can((u32)si.host); }
210 bool can (u32 host);
211 };
212
213 net_rate_limiter auth_rate_limiter, reset_rate_limiter;
214
215 bool net_rate_limiter::can (u32 host)
216 {
217 iterator i;
218
219 for (i = begin (); i != end (); )
220 if (i->host == host)
221 break;
222 else if (i->last < NOW - EXPIRE)
223 i = erase (i);
224 else
225 i++;
226
227 if (i == end ())
228 {
229 net_rateinfo ri;
230
231 ri.host = host;
232 ri.pcnt = 1.;
233 ri.diff = MAXDIF;
234 ri.last = NOW;
235
236 push_front (ri);
237
238 return true;
239 }
240 else
241 {
242 net_rateinfo ri (*i);
243 erase (i);
244
245 ri.pcnt = ri.pcnt * ALPHA;
246 ri.diff = ri.diff * ALPHA + (NOW - ri.last);
247
248 ri.last = NOW;
249
250 double dif = ri.diff / ri.pcnt;
251
252 bool send = dif > CUTOFF;
253
254 if (dif > MAXDIF)
255 {
256 ri.pcnt = 1.;
257 ri.diff = MAXDIF;
258 }
259 else if (send)
260 ri.pcnt++;
261
262 push_front (ri);
263
264 return send;
265 }
266 }
267
268 /////////////////////////////////////////////////////////////////////////////
269
270 unsigned char hmac_packet::hmac_digest[EVP_MAX_MD_SIZE];
271
272 void hmac_packet::hmac_gen (crypto_ctx *ctx)
273 {
274 unsigned int xlen;
275
276 HMAC_CTX *hctx = &ctx->hctx;
277
278 HMAC_Init_ex (hctx, 0, 0, 0, 0);
279 HMAC_Update (hctx, ((unsigned char *) this) + sizeof (hmac_packet),
280 len - sizeof (hmac_packet));
281 HMAC_Final (hctx, (unsigned char *) &hmac_digest, &xlen);
282 }
283
284 void
285 hmac_packet::hmac_set (crypto_ctx *ctx)
286 {
287 hmac_gen (ctx);
288
289 memcpy (hmac, hmac_digest, HMACLENGTH);
290 }
291
292 bool
293 hmac_packet::hmac_chk (crypto_ctx *ctx)
294 {
295 hmac_gen (ctx);
296
297 return !memcmp (hmac, hmac_digest, HMACLENGTH);
298 }
299
300 void vpn_packet::set_hdr (ptype type_, unsigned int dst)
301 {
302 type = type_;
303
304 int src = THISNODE->id;
305
306 src1 = src;
307 srcdst = ((src >> 8) << 4) | (dst >> 8);
308 dst1 = dst;
309 }
310
311 #define MAXVPNDATA (MAX_MTU - 6 - 6)
312 #define DATAHDR (sizeof (u32) + RAND_SIZE)
313
314 struct vpndata_packet:vpn_packet
315 {
316 u8 data[MAXVPNDATA + DATAHDR]; // seqno
317
318 void setup (connection *conn, int dst, u8 *d, u32 len, u32 seqno);
319 tap_packet *unpack (connection *conn, u32 &seqno);
320 private:
321
322 const u32 data_hdr_size () const
323 {
324 return sizeof (vpndata_packet) - sizeof (net_packet) - MAXVPNDATA - DATAHDR;
325 }
326 };
327
328 void
329 vpndata_packet::setup (connection *conn, int dst, u8 *d, u32 l, u32 seqno)
330 {
331 EVP_CIPHER_CTX *cctx = &conn->octx->cctx;
332 int outl = 0, outl2;
333 ptype type = PT_DATA_UNCOMPRESSED;
334
335 #if ENABLE_COMPRESSION
336 u8 cdata[MAX_MTU];
337 u32 cl;
338
339 cl = lzf_compress (d, l, cdata + 2, (l - 2) & ~7);
340 if (cl)
341 {
342 type = PT_DATA_COMPRESSED;
343 d = cdata;
344 l = cl + 2;
345
346 d[0] = cl >> 8;
347 d[1] = cl;
348 }
349 #endif
350
351 EVP_EncryptInit_ex (cctx, 0, 0, 0, 0);
352
353 struct {
354 #if RAND_SIZE
355 u8 rnd[RAND_SIZE];
356 #endif
357 u32 seqno;
358 } datahdr;
359
360 datahdr.seqno = ntohl (seqno);
361 #if RAND_SIZE
362 RAND_pseudo_bytes ((unsigned char *) datahdr.rnd, RAND_SIZE);
363 #endif
364
365 EVP_EncryptUpdate (cctx,
366 (unsigned char *) data + outl, &outl2,
367 (unsigned char *) &datahdr, DATAHDR);
368 outl += outl2;
369
370 EVP_EncryptUpdate (cctx,
371 (unsigned char *) data + outl, &outl2,
372 (unsigned char *) d, l);
373 outl += outl2;
374
375 EVP_EncryptFinal_ex (cctx, (unsigned char *) data + outl, &outl2);
376 outl += outl2;
377
378 len = outl + data_hdr_size ();
379
380 set_hdr (type, dst);
381
382 hmac_set (conn->octx);
383 }
384
385 tap_packet *
386 vpndata_packet::unpack (connection *conn, u32 &seqno)
387 {
388 EVP_CIPHER_CTX *cctx = &conn->ictx->cctx;
389 int outl = 0, outl2;
390 tap_packet *p = new tap_packet;
391 u8 *d;
392 u32 l = len - data_hdr_size ();
393
394 EVP_DecryptInit_ex (cctx, 0, 0, 0, 0);
395
396 #if ENABLE_COMPRESSION
397 u8 cdata[MAX_MTU];
398
399 if (type == PT_DATA_COMPRESSED)
400 d = cdata;
401 else
402 #endif
403 d = &(*p)[6 + 6 - DATAHDR];
404
405 /* this overwrites part of the src mac, but we fix that later */
406 EVP_DecryptUpdate (cctx,
407 d, &outl2,
408 (unsigned char *)&data, len - data_hdr_size ());
409 outl += outl2;
410
411 EVP_DecryptFinal_ex (cctx, (unsigned char *)d + outl, &outl2);
412 outl += outl2;
413
414 seqno = ntohl (*(u32 *)(d + RAND_SIZE));
415
416 id2mac (dst () ? dst() : THISNODE->id, p->dst);
417 id2mac (src (), p->src);
418
419 #if ENABLE_COMPRESSION
420 if (type == PT_DATA_COMPRESSED)
421 {
422 u32 cl = (d[DATAHDR] << 8) | d[DATAHDR + 1];
423
424 p->len = lzf_decompress (d + DATAHDR + 2, cl < MAX_MTU ? cl : 0,
425 &(*p)[6 + 6], MAX_MTU)
426 + 6 + 6;
427 }
428 else
429 p->len = outl + (6 + 6 - DATAHDR);
430 #endif
431
432 return p;
433 }
434
435 struct ping_packet : vpn_packet
436 {
437 void setup (int dst, ptype type)
438 {
439 set_hdr (type, dst);
440 len = sizeof (*this) - sizeof (net_packet);
441 }
442 };
443
444 struct config_packet : vpn_packet
445 {
446 // actually, hmaclen cannot be checked because the hmac
447 // field comes before this data, so peers with other
448 // hmacs simply will not work.
449 u8 prot_major, prot_minor, randsize, hmaclen;
450 u8 flags, challengelen, pad2, pad3;
451 u32 cipher_nid, digest_nid, hmac_nid;
452
453 const u8 curflags () const
454 {
455 return 0x80
456 | (ENABLE_COMPRESSION ? 0x01 : 0x00);
457 }
458
459 void setup (ptype type, int dst);
460 bool chk_config () const;
461 };
462
463 void config_packet::setup (ptype type, int dst)
464 {
465 prot_major = PROTOCOL_MAJOR;
466 prot_minor = PROTOCOL_MINOR;
467 randsize = RAND_SIZE;
468 hmaclen = HMACLENGTH;
469 flags = curflags ();
470 challengelen = sizeof (rsachallenge);
471
472 cipher_nid = htonl (EVP_CIPHER_nid (CIPHER));
473 digest_nid = htonl (EVP_MD_type (RSA_HASH));
474 hmac_nid = htonl (EVP_MD_type (DIGEST));
475
476 len = sizeof (*this) - sizeof (net_packet);
477 set_hdr (type, dst);
478 }
479
480 bool config_packet::chk_config () const
481 {
482 if (prot_major != PROTOCOL_MAJOR)
483 slog (L_WARN, _("major version mismatch (%d <=> %d)"), prot_major, PROTOCOL_MAJOR);
484 else if (randsize != RAND_SIZE)
485 slog (L_WARN, _("rand size mismatch (%d <=> %d)"), randsize, RAND_SIZE);
486 else if (hmaclen != HMACLENGTH)
487 slog (L_WARN, _("hmac length mismatch (%d <=> %d)"), hmaclen, HMACLENGTH);
488 else if (flags != curflags ())
489 slog (L_WARN, _("flag mismatch (%x <=> %x)"), flags, curflags ());
490 else if (challengelen != sizeof (rsachallenge))
491 slog (L_WARN, _("challenge length mismatch (%d <=> %d)"), challengelen, sizeof (rsachallenge));
492 else if (cipher_nid != htonl (EVP_CIPHER_nid (CIPHER)))
493 slog (L_WARN, _("cipher mismatch (%x <=> %x)"), ntohl (cipher_nid), EVP_CIPHER_nid (CIPHER));
494 else if (digest_nid != htonl (EVP_MD_type (RSA_HASH)))
495 slog (L_WARN, _("digest mismatch (%x <=> %x)"), ntohl (digest_nid), EVP_MD_type (RSA_HASH));
496 else if (hmac_nid != htonl (EVP_MD_type (DIGEST)))
497 slog (L_WARN, _("hmac mismatch (%x <=> %x)"), ntohl (hmac_nid), EVP_MD_type (DIGEST));
498 else
499 return true;
500
501 return false;
502 }
503
504 struct auth_req_packet : config_packet
505 {
506 char magic[8];
507 u8 initiate; // false if this is just an automatic reply
508 u8 protocols; // supported protocols (will get patches on forward)
509 u8 pad2, pad3;
510 rsaid id;
511 rsaencrdata encr;
512
513 auth_req_packet (int dst, bool initiate_, u8 protocols_)
514 {
515 config_packet::setup (PT_AUTH_REQ, dst);
516 strncpy (magic, MAGIC, 8);
517 initiate = !!initiate_;
518 protocols = protocols_;
519
520 len = sizeof (*this) - sizeof (net_packet);
521 }
522 };
523
524 struct auth_res_packet : config_packet
525 {
526 rsaid id;
527 u8 pad1, pad2, pad3;
528 u8 response_len; // encrypted length
529 rsaresponse response;
530
531 auth_res_packet (int dst)
532 {
533 config_packet::setup (PT_AUTH_RES, dst);
534
535 len = sizeof (*this) - sizeof (net_packet);
536 }
537 };
538
539 struct connect_req_packet : vpn_packet
540 {
541 u8 id, protocols;
542 u8 pad1, pad2;
543
544 connect_req_packet (int dst, int id_, u8 protocols_)
545 : id(id_)
546 , protocols(protocols_)
547 {
548 set_hdr (PT_CONNECT_REQ, dst);
549 len = sizeof (*this) - sizeof (net_packet);
550 }
551 };
552
553 struct connect_info_packet : vpn_packet
554 {
555 u8 id, protocols;
556 u8 pad1, pad2;
557 sockinfo si;
558
559 connect_info_packet (int dst, int id_, const sockinfo &si_, u8 protocols_)
560 : id(id_)
561 , protocols(protocols_)
562 , si(si_)
563 {
564 set_hdr (PT_CONNECT_INFO, dst);
565
566 len = sizeof (*this) - sizeof (net_packet);
567 }
568 };
569
570 /////////////////////////////////////////////////////////////////////////////
571
572 void
573 connection::connection_established ()
574 {
575 if (ictx && octx)
576 {
577 connectmode = conf->connectmode;
578
579 rekey.start (NOW + ::conf.rekey);
580 keepalive.start (NOW + ::conf.keepalive);
581
582 // send queued packets
583 if (ictx && octx)
584 {
585 while (tap_packet *p = (tap_packet *)data_queue.get ())
586 {
587 send_data_packet (p);
588 delete p;
589 }
590
591 while (vpn_packet *p = (vpn_packet *)vpn_queue.get ())
592 {
593 send_vpn_packet (p, si, IPTOS_RELIABILITY);
594 delete p;
595 }
596 }
597 }
598 else
599 {
600 retry_cnt = 0;
601 establish_connection.start (NOW + 5);
602 keepalive.reset ();
603 rekey.reset ();
604 }
605 }
606
607 void
608 connection::reset_si ()
609 {
610 protocol = best_protocol (THISNODE->protocols & conf->protocols);
611
612 // mask out protocols we cannot establish
613 if (!conf->udp_port) protocol &= ~PROT_UDPv4;
614 if (!conf->tcp_port) protocol &= ~PROT_TCPv4;
615
616 si.set (conf, protocol);
617 }
618
619 // ensure sockinfo is valid, forward if necessary
620 const sockinfo &
621 connection::forward_si (const sockinfo &si) const
622 {
623 if (!si.valid ())
624 {
625 connection *r = vpn->find_router ();
626
627 if (r)
628 {
629 slog (L_DEBUG, _("%s: no common protocol, trying indirectly through %s"),
630 conf->nodename, r->conf->nodename);
631 return r->si;
632 }
633 else
634 slog (L_DEBUG, _("%s: node unreachable, no common protocol"),
635 conf->nodename);
636 }
637
638 return si;
639 }
640
641 void
642 connection::send_vpn_packet (vpn_packet *pkt, const sockinfo &si, int tos)
643 {
644 if (!vpn->send_vpn_packet (pkt, si, tos))
645 reset_connection ();
646 }
647
648 void
649 connection::send_ping (const sockinfo &si, u8 pong)
650 {
651 ping_packet *pkt = new ping_packet;
652
653 pkt->setup (conf->id, pong ? ping_packet::PT_PONG : ping_packet::PT_PING);
654 send_vpn_packet (pkt, si, IPTOS_LOWDELAY);
655
656 delete pkt;
657 }
658
659 void
660 connection::send_reset (const sockinfo &si)
661 {
662 if (reset_rate_limiter.can (si) && connectmode != conf_node::C_DISABLED)
663 {
664 config_packet *pkt = new config_packet;
665
666 pkt->setup (vpn_packet::PT_RESET, conf->id);
667 send_vpn_packet (pkt, si, IPTOS_MINCOST);
668
669 delete pkt;
670 }
671 }
672
673 void
674 connection::send_auth_request (const sockinfo &si, bool initiate)
675 {
676 auth_req_packet *pkt = new auth_req_packet (conf->id, initiate, THISNODE->protocols);
677
678 rsachallenge chg;
679
680 rsa_cache.gen (pkt->id, chg);
681
682 if (0 > RSA_public_encrypt (sizeof chg,
683 (unsigned char *)&chg, (unsigned char *)&pkt->encr,
684 conf->rsa_key, RSA_PKCS1_OAEP_PADDING))
685 fatal ("RSA_public_encrypt error");
686
687 slog (L_TRACE, ">>%d PT_AUTH_REQ [%s]", conf->id, (const char *)si);
688
689 send_vpn_packet (pkt, si, IPTOS_RELIABILITY | IPTOS_LOWDELAY); // rsa is very very costly
690
691 delete pkt;
692 }
693
694 void
695 connection::send_auth_response (const sockinfo &si, const rsaid &id, const rsachallenge &chg)
696 {
697 auth_res_packet *pkt = new auth_res_packet (conf->id);
698
699 pkt->id = id;
700
701 rsa_hash (id, chg, pkt->response);
702
703 pkt->hmac_set (octx);
704
705 slog (L_TRACE, ">>%d PT_AUTH_RES [%s]", conf->id, (const char *)si);
706
707 send_vpn_packet (pkt, si, IPTOS_RELIABILITY); // rsa is very very costly
708
709 delete pkt;
710 }
711
712 void
713 connection::send_connect_info (int rid, const sockinfo &rsi, u8 rprotocols)
714 {
715 slog (L_TRACE, ">>%d PT_CONNECT_INFO(%d,%s)\n",
716 conf->id, rid, (const char *)rsi);
717
718 connect_info_packet *r = new connect_info_packet (conf->id, rid, rsi, rprotocols);
719
720 r->hmac_set (octx);
721 send_vpn_packet (r, si);
722
723 delete r;
724 }
725
726 void
727 connection::establish_connection_cb (time_watcher &w)
728 {
729 if (ictx || conf == THISNODE
730 || connectmode == conf_node::C_NEVER
731 || connectmode == conf_node::C_DISABLED)
732 w.at = TSTAMP_CANCEL;
733 else if (w.at <= NOW)
734 {
735 double retry_int = double (retry_cnt & 3 ? (retry_cnt & 3) : 1 << (retry_cnt >> 2)) * 0.6;
736
737 if (retry_int < 3600 * 8)
738 retry_cnt++;
739
740 w.at = NOW + retry_int;
741
742 reset_si ();
743
744 if (si.prot && !si.host)
745 vpn->send_connect_request (conf->id);
746 else
747 {
748 const sockinfo &dsi = forward_si (si);
749
750 if (dsi.valid () && auth_rate_limiter.can (dsi))
751 {
752 if (retry_cnt < 4)
753 send_auth_request (dsi, true);
754 else
755 send_ping (dsi, 0);
756 }
757 }
758 }
759 }
760
761 void
762 connection::reset_connection ()
763 {
764 if (ictx && octx)
765 {
766 slog (L_INFO, _("%s(%s): connection lost"),
767 conf->nodename, (const char *)si);
768
769 if (::conf.script_node_down)
770 run_script (run_script_cb (this, &connection::script_node_down), false);
771 }
772
773 delete ictx; ictx = 0;
774 delete octx; octx = 0;
775
776 si.host= 0;
777
778 last_activity = 0;
779 retry_cnt = 0;
780
781 rekey.reset ();
782 keepalive.reset ();
783 establish_connection.reset ();
784 }
785
786 void
787 connection::shutdown ()
788 {
789 if (ictx && octx)
790 send_reset (si);
791
792 reset_connection ();
793 }
794
795 void
796 connection::rekey_cb (time_watcher &w)
797 {
798 w.at = TSTAMP_CANCEL;
799
800 reset_connection ();
801 establish_connection ();
802 }
803
804 void
805 connection::send_data_packet (tap_packet *pkt)
806 {
807 vpndata_packet *p = new vpndata_packet;
808 int tos = 0;
809
810 // I am not hilarious about peeking into packets, but so be it.
811 if (conf->inherit_tos && pkt->is_ipv4 ())
812 tos = (*pkt)[15] & IPTOS_TOS_MASK;
813
814 p->setup (this, conf->id, &((*pkt)[6 + 6]), pkt->len - 6 - 6, ++oseqno); // skip 2 macs
815 send_vpn_packet (p, si, tos);
816
817 delete p;
818
819 if (oseqno > MAX_SEQNO)
820 rekey ();
821 }
822
823 void
824 connection::inject_data_packet (tap_packet *pkt, bool broadcast/*TODO DDD*/)
825 {
826 if (ictx && octx)
827 send_data_packet (pkt);
828 else
829 {
830 if (!broadcast)//DDDD
831 data_queue.put (new tap_packet (*pkt));
832
833 establish_connection ();
834 }
835 }
836
837 void connection::inject_vpn_packet (vpn_packet *pkt, int tos)
838 {
839 if (ictx && octx)
840 send_vpn_packet (pkt, si, tos);
841 else
842 {
843 vpn_queue.put (new vpn_packet (*pkt));
844
845 establish_connection ();
846 }
847 }
848
849 void
850 connection::recv_vpn_packet (vpn_packet *pkt, const sockinfo &rsi)
851 {
852 last_activity = NOW;
853
854 slog (L_NOISE, "<<%d received packet type %d from %d to %d",
855 conf->id, pkt->typ (), pkt->src (), pkt->dst ());
856
857 switch (pkt->typ ())
858 {
859 case vpn_packet::PT_PING:
860 // we send pings instead of auth packets after some retries,
861 // so reset the retry counter and establish a connection
862 // when we receive a ping.
863 if (!ictx)
864 {
865 if (auth_rate_limiter.can (rsi))
866 send_auth_request (rsi, true);
867 }
868 else
869 send_ping (rsi, 1); // pong
870
871 break;
872
873 case vpn_packet::PT_PONG:
874 break;
875
876 case vpn_packet::PT_RESET:
877 {
878 reset_connection ();
879
880 config_packet *p = (config_packet *) pkt;
881
882 if (!p->chk_config ())
883 {
884 slog (L_WARN, _("%s(%s): protocol mismatch, disabling node"),
885 conf->nodename, (const char *)rsi);
886 connectmode = conf_node::C_DISABLED;
887 }
888 else if (connectmode == conf_node::C_ALWAYS)
889 establish_connection ();
890 }
891 break;
892
893 case vpn_packet::PT_AUTH_REQ:
894 if (auth_rate_limiter.can (rsi))
895 {
896 auth_req_packet *p = (auth_req_packet *) pkt;
897
898 slog (L_TRACE, "<<%d PT_AUTH_REQ(%d)", conf->id, p->initiate);
899
900 if (p->chk_config () && !strncmp (p->magic, MAGIC, 8))
901 {
902 if (p->prot_minor != PROTOCOL_MINOR)
903 slog (L_INFO, _("%s(%s): protocol minor version mismatch: ours is %d, %s's is %d."),
904 conf->nodename, (const char *)rsi,
905 PROTOCOL_MINOR, conf->nodename, p->prot_minor);
906
907 if (p->initiate)
908 send_auth_request (rsi, false);
909
910 rsachallenge k;
911
912 if (0 > RSA_private_decrypt (sizeof (p->encr),
913 (unsigned char *)&p->encr, (unsigned char *)&k,
914 ::conf.rsa_key, RSA_PKCS1_OAEP_PADDING))
915 slog (L_ERR, _("%s(%s): challenge illegal or corrupted (%s). mismatched key or config file?"),
916 conf->nodename, (const char *)rsi, ERR_error_string (ERR_get_error (), 0));
917 else
918 {
919 delete octx;
920
921 octx = new crypto_ctx (k, 1);
922 oseqno = ntohl (*(u32 *)&k[CHG_SEQNO]) & 0x7fffffff;
923
924 conf->protocols = p->protocols;
925
926 send_auth_response (rsi, p->id, k);
927
928 connection_established ();
929
930 break;
931 }
932 }
933 else
934 slog (L_WARN, _("%s(%s): protocol mismatch"),
935 conf->nodename, (const char *)rsi);
936
937 send_reset (rsi);
938 }
939
940 break;
941
942 case vpn_packet::PT_AUTH_RES:
943 {
944 auth_res_packet *p = (auth_res_packet *) pkt;
945
946 slog (L_TRACE, "<<%d PT_AUTH_RES", conf->id);
947
948 if (p->chk_config ())
949 {
950 if (p->prot_minor != PROTOCOL_MINOR)
951 slog (L_INFO, _("%s(%s): protocol minor version mismatch: ours is %d, %s's is %d."),
952 conf->nodename, (const char *)rsi,
953 PROTOCOL_MINOR, conf->nodename, p->prot_minor);
954
955 rsachallenge chg;
956
957 if (!rsa_cache.find (p->id, chg))
958 {
959 slog (L_ERR, _("%s(%s): unrequested auth response ignored"),
960 conf->nodename, (const char *)rsi);
961 break;
962 }
963 else
964 {
965 crypto_ctx *cctx = new crypto_ctx (chg, 0);
966
967 if (!p->hmac_chk (cctx))
968 {
969 slog (L_ERR, _("%s(%s): hmac authentication error on auth response, received invalid packet\n"
970 "could be an attack, or just corruption or an synchronization error"),
971 conf->nodename, (const char *)rsi);
972 break;
973 }
974 else
975 {
976 rsaresponse h;
977
978 rsa_hash (p->id, chg, h);
979
980 if (!memcmp ((u8 *)&h, (u8 *)p->response, sizeof h))
981 {
982 prot_minor = p->prot_minor;
983
984 delete ictx; ictx = cctx;
985
986 iseqno.reset (ntohl (*(u32 *)&chg[CHG_SEQNO]) & 0x7fffffff); // at least 2**31 sequence numbers are valid
987
988 si = rsi;
989 protocol = rsi.prot;
990
991 connection_established ();
992
993 slog (L_INFO, _("%s(%s): connection established, protocol version %d.%d"),
994 conf->nodename, (const char *)rsi,
995 p->prot_major, p->prot_minor);
996
997 if (::conf.script_node_up)
998 run_script (run_script_cb (this, &connection::script_node_up), false);
999
1000 break;
1001 }
1002 else
1003 slog (L_ERR, _("%s(%s): sent and received challenge do not match"),
1004 conf->nodename, (const char *)rsi);
1005 }
1006
1007 delete cctx;
1008 }
1009 }
1010 }
1011
1012 send_reset (rsi);
1013 break;
1014
1015 case vpn_packet::PT_DATA_COMPRESSED:
1016 #if !ENABLE_COMPRESSION
1017 send_reset (rsi);
1018 break;
1019 #endif
1020
1021 case vpn_packet::PT_DATA_UNCOMPRESSED:
1022
1023 if (ictx && octx)
1024 {
1025 vpndata_packet *p = (vpndata_packet *)pkt;
1026
1027 if (!p->hmac_chk (ictx))
1028 slog (L_ERR, _("%s(%s): hmac authentication error, received invalid packet\n"
1029 "could be an attack, or just corruption or an synchronization error"),
1030 conf->nodename, (const char *)rsi);
1031 else
1032 {
1033 u32 seqno;
1034 tap_packet *d = p->unpack (this, seqno);
1035
1036 if (iseqno.recv_ok (seqno))
1037 {
1038 vpn->tap->send (d);
1039
1040 if (si != rsi)
1041 {
1042 // fast re-sync on connection changes, useful especially for tcp/ip
1043 si = rsi;
1044
1045 slog (L_INFO, _("%s(%s): socket address changed to %s"),
1046 conf->nodename, (const char *)si, (const char *)rsi);
1047 }
1048
1049 delete d;
1050
1051 break;
1052 }
1053 }
1054 }
1055
1056 send_reset (rsi);
1057 break;
1058
1059 case vpn_packet::PT_CONNECT_REQ:
1060 if (ictx && octx && rsi == si && pkt->hmac_chk (ictx))
1061 {
1062 connect_req_packet *p = (connect_req_packet *) pkt;
1063
1064 assert (p->id > 0 && p->id <= vpn->conns.size ()); // hmac-auth does not mean we accept anything
1065 connection *c = vpn->conns[p->id - 1];
1066 conf->protocols = p->protocols;
1067
1068 slog (L_TRACE, "<<%d PT_CONNECT_REQ(%d) [%d]\n",
1069 conf->id, p->id, c->ictx && c->octx);
1070
1071 if (c->ictx && c->octx)
1072 {
1073 // send connect_info packets to both sides, in case one is
1074 // behind a nat firewall (or both ;)
1075 c->send_connect_info (conf->id, si, conf->protocols);
1076 send_connect_info (c->conf->id, c->si, c->conf->protocols);
1077 }
1078 else
1079 c->establish_connection ();
1080 }
1081
1082 break;
1083
1084 case vpn_packet::PT_CONNECT_INFO:
1085 if (ictx && octx && rsi == si && pkt->hmac_chk (ictx))
1086 {
1087 connect_info_packet *p = (connect_info_packet *) pkt;
1088
1089 assert (p->id > 0 && p->id <= vpn->conns.size ()); // hmac-auth does not mean we accept anything
1090
1091 connection *c = vpn->conns[p->id - 1];
1092
1093 c->conf->protocols = p->protocols;
1094 protocol = best_protocol (c->conf->protocols & THISNODE->protocols & p->si.supported_protocols (c->conf));
1095 p->si.upgrade_protocol (protocol, c->conf);
1096
1097 slog (L_TRACE, "<<%d PT_CONNECT_INFO(%d,%s) (%d)",
1098 conf->id, p->id, (const char *)p->si, !c->ictx && !c->octx);
1099
1100 const sockinfo &dsi = forward_si (p->si);
1101
1102 if (dsi.valid ())
1103 c->send_auth_request (dsi, true);
1104 }
1105
1106 break;
1107
1108 default:
1109 send_reset (rsi);
1110 break;
1111 }
1112 }
1113
1114 void connection::keepalive_cb (time_watcher &w)
1115 {
1116 if (NOW >= last_activity + ::conf.keepalive + 30)
1117 {
1118 reset_connection ();
1119 establish_connection ();
1120 }
1121 else if (NOW < last_activity + ::conf.keepalive)
1122 w.at = last_activity + ::conf.keepalive;
1123 else if (conf->connectmode != conf_node::C_ONDEMAND
1124 || THISNODE->connectmode != conf_node::C_ONDEMAND)
1125 {
1126 send_ping (si);
1127 w.at = NOW + 5;
1128 }
1129 else if (NOW < last_activity + ::conf.keepalive + 10)
1130 // hold ondemand connections implicitly a few seconds longer
1131 // should delete octx, though, or something like that ;)
1132 w.at = last_activity + ::conf.keepalive + 10;
1133 else
1134 reset_connection ();
1135 }
1136
1137 void connection::send_connect_request (int id)
1138 {
1139 connect_req_packet *p = new connect_req_packet (conf->id, id, conf->protocols);
1140
1141 slog (L_TRACE, ">>%d PT_CONNECT_REQ(%d)", conf->id, id);
1142 p->hmac_set (octx);
1143 send_vpn_packet (p, si);
1144
1145 delete p;
1146 }
1147
1148 void connection::script_node ()
1149 {
1150 vpn->script_if_up ();
1151
1152 char *env;
1153 asprintf (&env, "DESTID=%d", conf->id); putenv (env);
1154 asprintf (&env, "DESTNODE=%s", conf->nodename); putenv (env);
1155 asprintf (&env, "DESTIP=%s", si.ntoa ()); putenv (env);
1156 asprintf (&env, "DESTPORT=%d", ntohs (si.port)); putenv (env);
1157 }
1158
1159 const char *connection::script_node_up ()
1160 {
1161 script_node ();
1162
1163 putenv ("STATE=up");
1164
1165 return ::conf.script_node_up ? ::conf.script_node_up : "node-up";
1166 }
1167
1168 const char *connection::script_node_down ()
1169 {
1170 script_node ();
1171
1172 putenv ("STATE=down");
1173
1174 return ::conf.script_node_up ? ::conf.script_node_down : "node-down";
1175 }
1176
1177 connection::connection(struct vpn *vpn_)
1178 : vpn(vpn_)
1179 , rekey (this, &connection::rekey_cb)
1180 , keepalive (this, &connection::keepalive_cb)
1181 , establish_connection (this, &connection::establish_connection_cb)
1182 {
1183 octx = ictx = 0;
1184 retry_cnt = 0;
1185
1186 connectmode = conf_node::C_ALWAYS; // initial setting
1187 reset_connection ();
1188 }
1189
1190 connection::~connection ()
1191 {
1192 shutdown ();
1193 }
1194
1195 void connection_init ()
1196 {
1197 auth_rate_limiter.clear ();
1198 reset_rate_limiter.clear ();
1199 }
1200