ViewVC Help
View File | Revision Log | Show Annotations | Download File
/cvs/gvpe/src/connection.C
Revision: 1.8
Committed: Sun Apr 6 04:17:36 2003 UTC (21 years, 1 month ago) by pcg
Content type: text/plain
Branch: MAIN
Changes since 1.7: +50 -17 lines
Log Message: 
*** empty log message ***

File Contents

# Content
1 /*
2 connection.C -- manage a single connection
3
4 This program is free software; you can redistribute it and/or modify
5 it under the terms of the GNU General Public License as published by
6 the Free Software Foundation; either version 2 of the License, or
7 (at your option) any later version.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc. 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
17 */
18
19 #include "config.h"
20
21 extern "C" {
22 # include "lzf/lzf.h"
23 }
24
25 #include <list>
26
27 #include <openssl/rand.h>
28 #include <openssl/evp.h>
29 #include <openssl/rsa.h>
30 #include <openssl/err.h>
31
32 #include "gettext.h"
33
34 #include "conf.h"
35 #include "slog.h"
36 #include "device.h"
37 #include "vpn.h"
38 #include "connection.h"
39
40 #if !HAVE_RAND_PSEUDO_BYTES
41 # define RAND_pseudo_bytes RAND_bytes
42 #endif
43
44 #define MAGIC "vped\xbd\xc6\xdb\x82" // 8 bytes of magic
45
46 struct crypto_ctx
47 {
48 EVP_CIPHER_CTX cctx;
49 HMAC_CTX hctx;
50
51 crypto_ctx (const rsachallenge &challenge, int enc);
52 ~crypto_ctx ();
53 };
54
55 crypto_ctx::crypto_ctx (const rsachallenge &challenge, int enc)
56 {
57 EVP_CIPHER_CTX_init (&cctx);
58 EVP_CipherInit_ex (&cctx, CIPHER, 0, &challenge[CHG_CIPHER_KEY], 0, enc);
59 HMAC_CTX_init (&hctx);
60 HMAC_Init_ex (&hctx, &challenge[CHG_HMAC_KEY], HMAC_KEYLEN, DIGEST, 0);
61 }
62
63 crypto_ctx::~crypto_ctx ()
64 {
65 EVP_CIPHER_CTX_cleanup (&cctx);
66 HMAC_CTX_cleanup (&hctx);
67 }
68
69 static void
70 rsa_hash (const rsaid &id, const rsachallenge &chg, rsaresponse &h)
71 {
72 EVP_MD_CTX ctx;
73
74 EVP_MD_CTX_init (&ctx);
75 EVP_DigestInit (&ctx, RSA_HASH);
76 EVP_DigestUpdate(&ctx, &chg, sizeof chg);
77 EVP_DigestUpdate(&ctx, &id, sizeof id);
78 EVP_DigestFinal (&ctx, (unsigned char *)&h, 0);
79 EVP_MD_CTX_cleanup (&ctx);
80 }
81
82 struct rsa_entry {
83 tstamp expire;
84 rsaid id;
85 rsachallenge chg;
86 };
87
88 struct rsa_cache : list<rsa_entry>
89 {
90 void cleaner_cb (time_watcher &w); time_watcher cleaner;
91
92 bool find (const rsaid &id, rsachallenge &chg)
93 {
94 for (iterator i = begin (); i != end (); ++i)
95 {
96 if (!memcmp (&id, &i->id, sizeof id) && i->expire > NOW)
97 {
98 memcpy (&chg, &i->chg, sizeof chg);
99
100 erase (i);
101 return true;
102 }
103 }
104
105 if (cleaner.at < NOW)
106 cleaner.start (NOW + RSA_TTL);
107
108 return false;
109 }
110
111 void gen (rsaid &id, rsachallenge &chg)
112 {
113 rsa_entry e;
114
115 RAND_bytes ((unsigned char *)&id, sizeof id);
116 RAND_bytes ((unsigned char *)&chg, sizeof chg);
117
118 e.expire = NOW + RSA_TTL;
119 e.id = id;
120 memcpy (&e.chg, &chg, sizeof chg);
121
122 push_back (e);
123
124 if (cleaner.at < NOW)
125 cleaner.start (NOW + RSA_TTL);
126 }
127
128 rsa_cache ()
129 : cleaner (this, &rsa_cache::cleaner_cb)
130 { }
131
132 } rsa_cache;
133
134 void rsa_cache::cleaner_cb (time_watcher &w)
135 {
136 if (empty ())
137 w.at = TSTAMP_CANCEL;
138 else
139 {
140 w.at = NOW + RSA_TTL;
141
142 for (iterator i = begin (); i != end (); )
143 if (i->expire <= NOW)
144 i = erase (i);
145 else
146 ++i;
147 }
148 }
149
150 //////////////////////////////////////////////////////////////////////////////
151
152 void pkt_queue::put (tap_packet *p)
153 {
154 if (queue[i])
155 {
156 delete queue[i];
157 j = (j + 1) % QUEUEDEPTH;
158 }
159
160 queue[i] = p;
161
162 i = (i + 1) % QUEUEDEPTH;
163 }
164
165 tap_packet *pkt_queue::get ()
166 {
167 tap_packet *p = queue[j];
168
169 if (p)
170 {
171 queue[j] = 0;
172 j = (j + 1) % QUEUEDEPTH;
173 }
174
175 return p;
176 }
177
178 pkt_queue::pkt_queue ()
179 {
180 memset (queue, 0, sizeof (queue));
181 i = 0;
182 j = 0;
183 }
184
185 pkt_queue::~pkt_queue ()
186 {
187 for (i = QUEUEDEPTH; --i > 0; )
188 delete queue[i];
189 }
190
191 struct net_rateinfo {
192 u32 host;
193 double pcnt, diff;
194 tstamp last;
195 };
196
197 // only do action once every x seconds per host whole allowing bursts.
198 // this implementation ("splay list" ;) is inefficient,
199 // but low on resources.
200 struct net_rate_limiter : list<net_rateinfo>
201 {
202 static const double ALPHA = 1. - 1. / 90.; // allow bursts
203 static const double CUTOFF = 20.; // one event every CUTOFF seconds
204 static const double EXPIRE = CUTOFF * 30.; // expire entries after this time
205
206 bool can (const sockinfo &si) { return can((u32)si.host); }
207 bool can (u32 host);
208 };
209
210 net_rate_limiter auth_rate_limiter, reset_rate_limiter;
211
212 bool net_rate_limiter::can (u32 host)
213 {
214 iterator i;
215
216 for (i = begin (); i != end (); )
217 if (i->host == host)
218 break;
219 else if (i->last < NOW - EXPIRE)
220 i = erase (i);
221 else
222 i++;
223
224 if (i == end ())
225 {
226 net_rateinfo ri;
227
228 ri.host = host;
229 ri.pcnt = 1.;
230 ri.diff = CUTOFF * (1. / (1. - ALPHA));
231 ri.last = NOW;
232
233 push_front (ri);
234
235 return true;
236 }
237 else
238 {
239 net_rateinfo ri (*i);
240 erase (i);
241
242 ri.pcnt = ri.pcnt * ALPHA;
243 ri.diff = ri.diff * ALPHA + (NOW - ri.last);
244
245 ri.last = NOW;
246
247 bool send = ri.diff / ri.pcnt > CUTOFF;
248
249 if (send)
250 ri.pcnt++;
251
252 push_front (ri);
253
254 return send;
255 }
256 }
257
258 /////////////////////////////////////////////////////////////////////////////
259
260 unsigned char hmac_packet::hmac_digest[EVP_MAX_MD_SIZE];
261
262 void hmac_packet::hmac_gen (crypto_ctx *ctx)
263 {
264 unsigned int xlen;
265
266 HMAC_CTX *hctx = &ctx->hctx;
267
268 HMAC_Init_ex (hctx, 0, 0, 0, 0);
269 HMAC_Update (hctx, ((unsigned char *) this) + sizeof (hmac_packet),
270 len - sizeof (hmac_packet));
271 HMAC_Final (hctx, (unsigned char *) &hmac_digest, &xlen);
272 }
273
274 void
275 hmac_packet::hmac_set (crypto_ctx *ctx)
276 {
277 hmac_gen (ctx);
278
279 memcpy (hmac, hmac_digest, HMACLENGTH);
280 }
281
282 bool
283 hmac_packet::hmac_chk (crypto_ctx *ctx)
284 {
285 hmac_gen (ctx);
286
287 return !memcmp (hmac, hmac_digest, HMACLENGTH);
288 }
289
290 void vpn_packet::set_hdr (ptype type_, unsigned int dst)
291 {
292 type = type_;
293
294 int src = THISNODE->id;
295
296 src1 = src;
297 srcdst = ((src >> 8) << 4) | (dst >> 8);
298 dst1 = dst;
299 }
300
301 #define MAXVPNDATA (MAX_MTU - 6 - 6)
302 #define DATAHDR (sizeof (u32) + RAND_SIZE)
303
304 struct vpndata_packet:vpn_packet
305 {
306 u8 data[MAXVPNDATA + DATAHDR]; // seqno
307
308 void setup (connection *conn, int dst, u8 *d, u32 len, u32 seqno);
309 tap_packet *unpack (connection *conn, u32 &seqno);
310 private:
311
312 const u32 data_hdr_size () const
313 {
314 return sizeof (vpndata_packet) - sizeof (net_packet) - MAXVPNDATA - DATAHDR;
315 }
316 };
317
318 void
319 vpndata_packet::setup (connection *conn, int dst, u8 *d, u32 l, u32 seqno)
320 {
321 EVP_CIPHER_CTX *cctx = &conn->octx->cctx;
322 int outl = 0, outl2;
323 ptype type = PT_DATA_UNCOMPRESSED;
324
325 #if ENABLE_COMPRESSION
326 u8 cdata[MAX_MTU];
327 u32 cl;
328
329 cl = lzf_compress (d, l, cdata + 2, (l - 2) & ~7);
330 if (cl)
331 {
332 type = PT_DATA_COMPRESSED;
333 d = cdata;
334 l = cl + 2;
335
336 d[0] = cl >> 8;
337 d[1] = cl;
338 }
339 #endif
340
341 EVP_EncryptInit_ex (cctx, 0, 0, 0, 0);
342
343 struct {
344 #if RAND_SIZE
345 u8 rnd[RAND_SIZE];
346 #endif
347 u32 seqno;
348 } datahdr;
349
350 datahdr.seqno = ntohl (seqno);
351 #if RAND_SIZE
352 RAND_pseudo_bytes ((unsigned char *) datahdr.rnd, RAND_SIZE);
353 #endif
354
355 EVP_EncryptUpdate (cctx,
356 (unsigned char *) data + outl, &outl2,
357 (unsigned char *) &datahdr, DATAHDR);
358 outl += outl2;
359
360 EVP_EncryptUpdate (cctx,
361 (unsigned char *) data + outl, &outl2,
362 (unsigned char *) d, l);
363 outl += outl2;
364
365 EVP_EncryptFinal_ex (cctx, (unsigned char *) data + outl, &outl2);
366 outl += outl2;
367
368 len = outl + data_hdr_size ();
369
370 set_hdr (type, dst);
371
372 hmac_set (conn->octx);
373 }
374
375 tap_packet *
376 vpndata_packet::unpack (connection *conn, u32 &seqno)
377 {
378 EVP_CIPHER_CTX *cctx = &conn->ictx->cctx;
379 int outl = 0, outl2;
380 tap_packet *p = new tap_packet;
381 u8 *d;
382 u32 l = len - data_hdr_size ();
383
384 EVP_DecryptInit_ex (cctx, 0, 0, 0, 0);
385
386 #if ENABLE_COMPRESSION
387 u8 cdata[MAX_MTU];
388
389 if (type == PT_DATA_COMPRESSED)
390 d = cdata;
391 else
392 #endif
393 d = &(*p)[6 + 6 - DATAHDR];
394
395 /* this overwrites part of the src mac, but we fix that later */
396 EVP_DecryptUpdate (cctx,
397 d, &outl2,
398 (unsigned char *)&data, len - data_hdr_size ());
399 outl += outl2;
400
401 EVP_DecryptFinal_ex (cctx, (unsigned char *)d + outl, &outl2);
402 outl += outl2;
403
404 seqno = ntohl (*(u32 *)(d + RAND_SIZE));
405
406 id2mac (dst () ? dst() : THISNODE->id, p->dst);
407 id2mac (src (), p->src);
408
409 #if ENABLE_COMPRESSION
410 if (type == PT_DATA_COMPRESSED)
411 {
412 u32 cl = (d[DATAHDR] << 8) | d[DATAHDR + 1];
413
414 p->len = lzf_decompress (d + DATAHDR + 2, cl < MAX_MTU ? cl : 0,
415 &(*p)[6 + 6], MAX_MTU)
416 + 6 + 6;
417 }
418 else
419 p->len = outl + (6 + 6 - DATAHDR);
420 #endif
421
422 return p;
423 }
424
425 struct ping_packet : vpn_packet
426 {
427 void setup (int dst, ptype type)
428 {
429 set_hdr (type, dst);
430 len = sizeof (*this) - sizeof (net_packet);
431 }
432 };
433
434 struct config_packet : vpn_packet
435 {
436 // actually, hmaclen cannot be checked because the hmac
437 // field comes before this data, so peers with other
438 // hmacs simply will not work.
439 u8 prot_major, prot_minor, randsize, hmaclen;
440 u8 flags, challengelen, pad2, pad3;
441 u32 cipher_nid, digest_nid, hmac_nid;
442
443 const u8 curflags () const
444 {
445 return 0x80
446 | (ENABLE_COMPRESSION ? 0x01 : 0x00);
447 }
448
449 void setup (ptype type, int dst);
450 bool chk_config () const;
451 };
452
453 void config_packet::setup (ptype type, int dst)
454 {
455 prot_major = PROTOCOL_MAJOR;
456 prot_minor = PROTOCOL_MINOR;
457 randsize = RAND_SIZE;
458 hmaclen = HMACLENGTH;
459 flags = curflags ();
460 challengelen = sizeof (rsachallenge);
461
462 cipher_nid = htonl (EVP_CIPHER_nid (CIPHER));
463 digest_nid = htonl (EVP_MD_type (RSA_HASH));
464 hmac_nid = htonl (EVP_MD_type (DIGEST));
465
466 len = sizeof (*this) - sizeof (net_packet);
467 set_hdr (type, dst);
468 }
469
470 bool config_packet::chk_config () const
471 {
472 return prot_major == PROTOCOL_MAJOR
473 && randsize == RAND_SIZE
474 && hmaclen == HMACLENGTH
475 && flags == curflags ()
476 && challengelen == sizeof (rsachallenge)
477 && cipher_nid == htonl (EVP_CIPHER_nid (CIPHER))
478 && digest_nid == htonl (EVP_MD_type (RSA_HASH))
479 && hmac_nid == htonl (EVP_MD_type (DIGEST));
480 }
481
482 struct auth_req_packet : config_packet
483 {
484 char magic[8];
485 u8 initiate; // false if this is just an automatic reply
486 u8 protocols; // supported protocols (will get patches on forward)
487 u8 pad2, pad3;
488 rsaid id;
489 rsaencrdata encr;
490
491 auth_req_packet (int dst, bool initiate_, u8 protocols_)
492 {
493 config_packet::setup (PT_AUTH_REQ, dst);
494 strncpy (magic, MAGIC, 8);
495 initiate = !!initiate_;
496 protocols = protocols_;
497
498 len = sizeof (*this) - sizeof (net_packet);
499 }
500 };
501
502 struct auth_res_packet : config_packet
503 {
504 rsaid id;
505 u8 pad1, pad2, pad3;
506 u8 response_len; // encrypted length
507 rsaresponse response;
508
509 auth_res_packet (int dst)
510 {
511 config_packet::setup (PT_AUTH_RES, dst);
512
513 len = sizeof (*this) - sizeof (net_packet);
514 }
515 };
516
517 struct connect_req_packet : vpn_packet
518 {
519 u8 id, protocols;
520 u8 pad1, pad2;
521
522 connect_req_packet (int dst, int id_, u8 protocols_)
523 : id(id_)
524 , protocols(protocols_)
525 {
526 set_hdr (PT_CONNECT_REQ, dst);
527 len = sizeof (*this) - sizeof (net_packet);
528 }
529 };
530
531 struct connect_info_packet : vpn_packet
532 {
533 u8 id, protocols;
534 u8 pad1, pad2;
535 sockinfo si;
536
537 connect_info_packet (int dst, int id_, const sockinfo &si_, u8 protocols_)
538 : id(id_)
539 , protocols(protocols_)
540 , si(si_)
541 {
542 set_hdr (PT_CONNECT_INFO, dst);
543
544 len = sizeof (*this) - sizeof (net_packet);
545 }
546 };
547
548 /////////////////////////////////////////////////////////////////////////////
549
550 void
551 connection::reset_si ()
552 {
553 protocol = best_protocol (THISNODE->protocols & conf->protocols);
554
555 // mask out protocols we cannot establish
556 if (!conf->udp_port) protocol &= ~PROT_UDPv4;
557 if (!conf->tcp_port) protocol &= ~PROT_TCPv4;
558
559 si.set (conf, protocol);
560 }
561
562 // ensure sockinfo is valid, forward if necessary
563 const sockinfo &
564 connection::forward_si (const sockinfo &si) const
565 {
566 if (!si.valid ())
567 {
568 connection *r = vpn->find_router ();
569
570 if (r)
571 {
572 slog (L_DEBUG, _("%s: no common protocol, trying indirectly through %s"),
573 conf->nodename, r->conf->nodename);
574 return r->si;
575 }
576 else
577 slog (L_DEBUG, _("%s: node unreachable, no common protocol"),
578 conf->nodename);
579 }
580
581 return si;
582 }
583
584 void
585 connection::send_ping (const sockinfo &si, u8 pong)
586 {
587 ping_packet *pkt = new ping_packet;
588
589 pkt->setup (conf->id, pong ? ping_packet::PT_PONG : ping_packet::PT_PING);
590 vpn->send_vpn_packet (pkt, si, IPTOS_LOWDELAY);
591
592 delete pkt;
593 }
594
595 void
596 connection::send_reset (const sockinfo &si)
597 {
598 if (reset_rate_limiter.can (si) && connectmode != conf_node::C_DISABLED)
599 {
600 config_packet *pkt = new config_packet;
601
602 pkt->setup (vpn_packet::PT_RESET, conf->id);
603 vpn->send_vpn_packet (pkt, si, IPTOS_MINCOST);
604
605 delete pkt;
606 }
607 }
608
609 void
610 connection::send_auth_request (const sockinfo &si, bool initiate)
611 {
612 auth_req_packet *pkt = new auth_req_packet (conf->id, initiate, THISNODE->protocols);
613
614 rsachallenge chg;
615
616 rsa_cache.gen (pkt->id, chg);
617
618 if (0 > RSA_public_encrypt (sizeof chg,
619 (unsigned char *)&chg, (unsigned char *)&pkt->encr,
620 conf->rsa_key, RSA_PKCS1_OAEP_PADDING))
621 fatal ("RSA_public_encrypt error");
622
623 slog (L_TRACE, ">>%d PT_AUTH_REQ [%s]", conf->id, (const char *)si);
624
625 vpn->send_vpn_packet (pkt, si, IPTOS_RELIABILITY | IPTOS_LOWDELAY); // rsa is very very costly
626
627
628 delete pkt;
629 }
630
631 void
632 connection::send_auth_response (const sockinfo &si, const rsaid &id, const rsachallenge &chg)
633 {
634 auth_res_packet *pkt = new auth_res_packet (conf->id);
635
636 pkt->id = id;
637
638 rsa_hash (id, chg, pkt->response);
639
640 pkt->hmac_set (octx);
641
642 slog (L_TRACE, ">>%d PT_AUTH_RES [%s]", conf->id, (const char *)si);
643
644 vpn->send_vpn_packet (pkt, si, IPTOS_RELIABILITY); // rsa is very very costly
645
646 delete pkt;
647 }
648
649 void
650 connection::send_connect_info (int rid, const sockinfo &rsi, u8 rprotocols)
651 {
652 slog (L_TRACE, ">>%d PT_CONNECT_INFO(%d,%s)\n",
653 conf->id, rid, (const char *)rsi);
654
655 connect_info_packet *r = new connect_info_packet (conf->id, rid, rsi, rprotocols);
656
657 r->hmac_set (octx);
658 vpn->send_vpn_packet (r, si);
659
660 delete r;
661 }
662
663 void
664 connection::establish_connection_cb (time_watcher &w)
665 {
666 if (ictx || conf == THISNODE
667 || connectmode == conf_node::C_NEVER
668 || connectmode == conf_node::C_DISABLED)
669 w.at = TSTAMP_CANCEL;
670 else if (w.at <= NOW)
671 {
672 double retry_int = double (retry_cnt & 3 ? (retry_cnt & 3) : 1 << (retry_cnt >> 2)) * 0.6;
673
674 if (retry_int < 3600 * 8)
675 retry_cnt++;
676
677 w.at = NOW + retry_int;
678
679 reset_si ();
680
681 if (si.prot && !si.host)
682 vpn->connect_request (conf->id);
683 else
684 {
685 const sockinfo &dsi = forward_si (si);
686
687 if (dsi.valid () && auth_rate_limiter.can (dsi))
688 {
689 if (retry_cnt < 4)
690 send_auth_request (dsi, true);
691 else
692 send_ping (dsi, 0);
693 }
694 }
695 }
696 }
697
698 void
699 connection::reset_connection ()
700 {
701 if (ictx && octx)
702 {
703 slog (L_INFO, _("%s(%s): connection lost"),
704 conf->nodename, (const char *)si);
705
706 if (::conf.script_node_down)
707 run_script (run_script_cb (this, &connection::script_node_down), false);
708 }
709
710 delete ictx; ictx = 0;
711 delete octx; octx = 0;
712
713 si.host= 0;
714
715 last_activity = 0;
716 retry_cnt = 0;
717
718 rekey.reset ();
719 keepalive.reset ();
720 establish_connection.reset ();
721 }
722
723 void
724 connection::shutdown ()
725 {
726 if (ictx && octx)
727 send_reset (si);
728
729 reset_connection ();
730 }
731
732 void
733 connection::rekey_cb (time_watcher &w)
734 {
735 w.at = TSTAMP_CANCEL;
736
737 reset_connection ();
738 establish_connection ();
739 }
740
741 void
742 connection::send_data_packet (tap_packet *pkt, bool broadcast)
743 {
744 vpndata_packet *p = new vpndata_packet;
745 int tos = 0;
746
747 if (conf->inherit_tos
748 && (*pkt)[12] == 0x08 && (*pkt)[13] == 0x00 // IP
749 && ((*pkt)[14] & 0xf0) == 0x40) // IPv4
750 tos = (*pkt)[15] & IPTOS_TOS_MASK;
751
752 p->setup (this, broadcast ? 0 : conf->id, &((*pkt)[6 + 6]), pkt->len - 6 - 6, ++oseqno); // skip 2 macs
753 vpn->send_vpn_packet (p, si, tos);
754
755 delete p;
756
757 if (oseqno > MAX_SEQNO)
758 rekey ();
759 }
760
761 void
762 connection::inject_data_packet (tap_packet *pkt, bool broadcast)
763 {
764 if (ictx && octx)
765 send_data_packet (pkt, broadcast);
766 else
767 {
768 if (!broadcast)//DDDD
769 queue.put (new tap_packet (*pkt));
770
771 establish_connection ();
772 }
773 }
774
775 void connection::inject_vpn_packet (vpn_packet *pkt, int tos)
776 {
777 if (ictx && octx)
778 vpn->send_vpn_packet (pkt, si, tos);
779 else
780 establish_connection ();
781 }
782
783 void
784 connection::recv_vpn_packet (vpn_packet *pkt, const sockinfo &rsi)
785 {
786 last_activity = NOW;
787
788 slog (L_NOISE, "<<%d received packet type %d from %d to %d",
789 conf->id, pkt->typ (), pkt->src (), pkt->dst ());
790
791 switch (pkt->typ ())
792 {
793 case vpn_packet::PT_PING:
794 // we send pings instead of auth packets after some retries,
795 // so reset the retry counter and establish a connection
796 // when we receive a ping.
797 if (!ictx)
798 {
799 if (auth_rate_limiter.can (rsi))
800 send_auth_request (rsi, true);
801 }
802 else
803 send_ping (rsi, 1); // pong
804
805 break;
806
807 case vpn_packet::PT_PONG:
808 break;
809
810 case vpn_packet::PT_RESET:
811 {
812 reset_connection ();
813
814 config_packet *p = (config_packet *) pkt;
815
816 if (!p->chk_config ())
817 {
818 slog (L_WARN, _("%s(%s): protocol mismatch, disabling node"),
819 conf->nodename, (const char *)rsi);
820 connectmode = conf_node::C_DISABLED;
821 }
822 else if (connectmode == conf_node::C_ALWAYS)
823 establish_connection ();
824 }
825 break;
826
827 case vpn_packet::PT_AUTH_REQ:
828 if (auth_rate_limiter.can (rsi))
829 {
830 auth_req_packet *p = (auth_req_packet *) pkt;
831
832 slog (L_TRACE, "<<%d PT_AUTH_REQ(%d)", conf->id, p->initiate);
833
834 if (p->chk_config () && !strncmp (p->magic, MAGIC, 8))
835 {
836 if (p->prot_minor != PROTOCOL_MINOR)
837 slog (L_INFO, _("%s(%s): protocol minor version mismatch: ours is %d, %s's is %d."),
838 conf->nodename, (const char *)rsi,
839 PROTOCOL_MINOR, conf->nodename, p->prot_minor);
840
841 if (p->initiate)
842 send_auth_request (rsi, false);
843
844 rsachallenge k;
845
846 if (0 > RSA_private_decrypt (sizeof (p->encr),
847 (unsigned char *)&p->encr, (unsigned char *)&k,
848 ::conf.rsa_key, RSA_PKCS1_OAEP_PADDING))
849 slog (L_ERR, _("%s(%s): challenge illegal or corrupted"),
850 conf->nodename, (const char *)rsi);
851 else
852 {
853 retry_cnt = 0;
854 establish_connection.start (NOW + 8); //? ;)
855 keepalive.reset ();
856 rekey.reset ();
857
858 delete ictx;
859 ictx = 0;
860
861 delete octx;
862
863 octx = new crypto_ctx (k, 1);
864 oseqno = ntohl (*(u32 *)&k[CHG_SEQNO]) & 0x7fffffff;
865
866 conf->protocols = p->protocols;
867 send_auth_response (rsi, p->id, k);
868
869 break;
870 }
871 }
872
873 send_reset (rsi);
874 }
875
876 break;
877
878 case vpn_packet::PT_AUTH_RES:
879 {
880 auth_res_packet *p = (auth_res_packet *) pkt;
881
882 slog (L_TRACE, "<<%d PT_AUTH_RES", conf->id);
883
884 if (p->chk_config ())
885 {
886 if (p->prot_minor != PROTOCOL_MINOR)
887 slog (L_INFO, _("%s(%s): protocol minor version mismatch: ours is %d, %s's is %d."),
888 conf->nodename, (const char *)rsi,
889 PROTOCOL_MINOR, conf->nodename, p->prot_minor);
890
891 rsachallenge chg;
892
893 if (!rsa_cache.find (p->id, chg))
894 slog (L_ERR, _("%s(%s): unrequested auth response"),
895 conf->nodename, (const char *)rsi);
896 else
897 {
898 crypto_ctx *cctx = new crypto_ctx (chg, 0);
899
900 if (!p->hmac_chk (cctx))
901 slog (L_ERR, _("%s(%s): hmac authentication error on auth response, received invalid packet\n"
902 "could be an attack, or just corruption or an synchronization error"),
903 conf->nodename, (const char *)rsi);
904 else
905 {
906 rsaresponse h;
907
908 rsa_hash (p->id, chg, h);
909
910 if (!memcmp ((u8 *)&h, (u8 *)p->response, sizeof h))
911 {
912 prot_minor = p->prot_minor;
913
914 delete ictx; ictx = cctx;
915
916 iseqno.reset (ntohl (*(u32 *)&chg[CHG_SEQNO]) & 0x7fffffff); // at least 2**31 sequence numbers are valid
917
918 si = rsi;
919 protocol = rsi.prot;
920
921 rekey.start (NOW + ::conf.rekey);
922 keepalive.start (NOW + ::conf.keepalive);
923
924 // send queued packets
925 while (tap_packet *p = queue.get ())
926 {
927 send_data_packet (p);
928 delete p;
929 }
930
931 connectmode = conf->connectmode;
932
933 slog (L_INFO, _("%s(%s): connection established, protocol version %d.%d"),
934 conf->nodename, (const char *)rsi,
935 p->prot_major, p->prot_minor);
936
937 if (::conf.script_node_up)
938 run_script (run_script_cb (this, &connection::script_node_up), false);
939
940 break;
941 }
942 else
943 slog (L_ERR, _("%s(%s): sent and received challenge do not match"),
944 conf->nodename, (const char *)rsi);
945 }
946
947 delete cctx;
948 }
949 }
950 }
951
952 send_reset (rsi);
953 break;
954
955 case vpn_packet::PT_DATA_COMPRESSED:
956 #if !ENABLE_COMPRESSION
957 send_reset (rsi);
958 break;
959 #endif
960
961 case vpn_packet::PT_DATA_UNCOMPRESSED:
962
963 if (ictx && octx)
964 {
965 vpndata_packet *p = (vpndata_packet *)pkt;
966
967 if (rsi == si)
968 {
969 if (!p->hmac_chk (ictx))
970 slog (L_ERR, _("%s(%s): hmac authentication error, received invalid packet\n"
971 "could be an attack, or just corruption or an synchronization error"),
972 conf->nodename, (const char *)rsi);
973 else
974 {
975 u32 seqno;
976 tap_packet *d = p->unpack (this, seqno);
977
978 if (iseqno.recv_ok (seqno))
979 {
980 vpn->tap->send (d);
981
982 if (p->dst () == 0) // re-broadcast
983 for (vpn::conns_vector::iterator i = vpn->conns.begin (); i != vpn->conns.end (); ++i)
984 {
985 connection *c = *i;
986
987 if (c->conf != THISNODE && c->conf != conf)
988 c->inject_data_packet (d);
989 }
990
991 delete d;
992
993 break;
994 }
995 }
996 }
997 else
998 slog (L_ERR, _("received data packet from unknown source %s"), (const char *)rsi);
999 }
1000
1001 send_reset (rsi);
1002 break;
1003
1004 case vpn_packet::PT_CONNECT_REQ:
1005 if (ictx && octx && rsi == si && pkt->hmac_chk (ictx))
1006 {
1007 connect_req_packet *p = (connect_req_packet *) pkt;
1008
1009 assert (p->id > 0 && p->id <= vpn->conns.size ()); // hmac-auth does not mean we accept anything
1010 connection *c = vpn->conns[p->id - 1];
1011 conf->protocols = p->protocols;
1012
1013 slog (L_TRACE, "<<%d PT_CONNECT_REQ(%d) [%d]\n",
1014 conf->id, p->id, c->ictx && c->octx);
1015
1016 if (c->ictx && c->octx)
1017 {
1018 // send connect_info packets to both sides, in case one is
1019 // behind a nat firewall (or both ;)
1020 c->send_connect_info (conf->id, si, conf->protocols);
1021 send_connect_info (c->conf->id, c->si, c->conf->protocols);
1022 }
1023 }
1024
1025 break;
1026
1027 case vpn_packet::PT_CONNECT_INFO:
1028 if (ictx && octx && rsi == si && pkt->hmac_chk (ictx))
1029 {
1030 connect_info_packet *p = (connect_info_packet *) pkt;
1031
1032 assert (p->id > 0 && p->id <= vpn->conns.size ()); // hmac-auth does not mean we accept anything
1033
1034 connection *c = vpn->conns[p->id - 1];
1035
1036 c->conf->protocols = p->protocols;
1037 protocol = best_protocol (c->conf->protocols & THISNODE->protocols & p->si.supported_protocols (c->conf));
1038 p->si.upgrade_protocol (protocol, c->conf);
1039
1040 slog (L_TRACE, "<<%d PT_CONNECT_INFO(%d,%s) (%d)",
1041 conf->id, p->id, (const char *)p->si, !c->ictx && !c->octx);
1042
1043 const sockinfo &dsi = forward_si (p->si);
1044
1045 if (dsi.valid ())
1046 c->send_auth_request (dsi, true);
1047 }
1048
1049 break;
1050
1051 default:
1052 send_reset (rsi);
1053 break;
1054 }
1055 }
1056
1057 void connection::keepalive_cb (time_watcher &w)
1058 {
1059 if (NOW >= last_activity + ::conf.keepalive + 30)
1060 {
1061 reset_connection ();
1062 establish_connection ();
1063 }
1064 else if (NOW < last_activity + ::conf.keepalive)
1065 w.at = last_activity + ::conf.keepalive;
1066 else if (conf->connectmode != conf_node::C_ONDEMAND
1067 || THISNODE->connectmode != conf_node::C_ONDEMAND)
1068 {
1069 send_ping (si);
1070 w.at = NOW + 5;
1071 }
1072 else
1073 reset_connection ();
1074 }
1075
1076 void connection::connect_request (int id)
1077 {
1078 connect_req_packet *p = new connect_req_packet (conf->id, id, conf->protocols);
1079
1080 slog (L_TRACE, ">>%d PT_CONNECT_REQ(%d)", conf->id, id);
1081 p->hmac_set (octx);
1082 vpn->send_vpn_packet (p, si);
1083
1084 delete p;
1085 }
1086
1087 void connection::script_node ()
1088 {
1089 vpn->script_if_up ();
1090
1091 char *env;
1092 asprintf (&env, "DESTID=%d", conf->id); putenv (env);
1093 asprintf (&env, "DESTNODE=%s", conf->nodename); putenv (env);
1094 asprintf (&env, "DESTIP=%s", si.ntoa ()); putenv (env);
1095 asprintf (&env, "DESTPORT=%d", ntohs (si.port)); putenv (env);
1096 }
1097
1098 const char *connection::script_node_up ()
1099 {
1100 script_node ();
1101
1102 putenv ("STATE=up");
1103
1104 return ::conf.script_node_up ? ::conf.script_node_up : "node-up";
1105 }
1106
1107 const char *connection::script_node_down ()
1108 {
1109 script_node ();
1110
1111 putenv ("STATE=down");
1112
1113 return ::conf.script_node_up ? ::conf.script_node_down : "node-down";
1114 }
1115
1116 connection::connection(struct vpn *vpn_)
1117 : vpn(vpn_)
1118 , rekey (this, &connection::rekey_cb)
1119 , keepalive (this, &connection::keepalive_cb)
1120 , establish_connection (this, &connection::establish_connection_cb)
1121 {
1122 octx = ictx = 0;
1123 retry_cnt = 0;
1124
1125 connectmode = conf_node::C_ALWAYS; // initial setting
1126 reset_connection ();
1127 }
1128
1129 connection::~connection ()
1130 {
1131 shutdown ();
1132 }
1133
1134 void connection_init ()
1135 {
1136 auth_rate_limiter.clear ();
1137 reset_rate_limiter.clear ();
1138 }
1139