ViewVC Help
View File | Revision Log | Show Annotations | Download File
/cvs/gvpe/src/connection.C
Revision: 1.89
Committed: Thu Dec 2 08:15:09 2010 UTC (13 years, 5 months ago) by root
Content type: text/plain
Branch: MAIN
Changes since 1.88: +6 -2 lines
Log Message: 
*** empty log message ***

File Contents

# Content
1 /*
2 connection.C -- manage a single connection
3 Copyright (C) 2003-2008,2010 Marc Lehmann <gvpe@schmorp.de>
4
5 This file is part of GVPE.
6
7 GVPE is free software; you can redistribute it and/or modify it
8 under the terms of the GNU General Public License as published by the
9 Free Software Foundation; either version 3 of the License, or (at your
10 option) any later version.
11
12 This program is distributed in the hope that it will be useful, but
13 WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General
15 Public License for more details.
16
17 You should have received a copy of the GNU General Public License along
18 with this program; if not, see <http://www.gnu.org/licenses/>.
19
20 Additional permission under GNU GPL version 3 section 7
21
22 If you modify this Program, or any covered work, by linking or
23 combining it with the OpenSSL project's OpenSSL library (or a modified
24 version of that library), containing parts covered by the terms of the
25 OpenSSL or SSLeay licenses, the licensors of this Program grant you
26 additional permission to convey the resulting work. Corresponding
27 Source for a non-source form of such a combination shall include the
28 source code for the parts of OpenSSL used as well as that of the
29 covered work.
30 */
31
32 #include "config.h"
33
34 #include <list>
35 #include <queue>
36 #include <utility>
37
38 #include <openssl/rand.h>
39 #include <openssl/evp.h>
40 #include <openssl/rsa.h>
41 #include <openssl/err.h>
42
43 #include "conf.h"
44 #include "slog.h"
45 #include "device.h"
46 #include "vpn.h"
47 #include "connection.h"
48
49 #include "netcompat.h"
50
51 #if !HAVE_RAND_PSEUDO_BYTES
52 # define RAND_pseudo_bytes RAND_bytes
53 #endif
54
55 #define MAGIC_OLD "vped\xbd\xc6\xdb\x82" // 8 bytes of magic (still used in the protocol)
56 #define MAGIC "gvpe\xbd\xc6\xdb\x82" // 8 bytes of magic (understood but not generated)
57
58 #define ULTRA_FAST 1
59 #define HLOG 15
60 #include "lzf/lzf.h"
61 #include "lzf/lzf_c.c"
62 #include "lzf/lzf_d.c"
63
64 //////////////////////////////////////////////////////////////////////////////
65
66 static std::queue< std::pair<run_script_cb *, const char *> > rs_queue;
67 static ev::child rs_child_ev;
68
69 void // c++ requires external linkage here, apparently :(
70 rs_child_cb (ev::child &w, int revents)
71 {
72 w.stop ();
73
74 if (rs_queue.empty ())
75 return;
76
77 pid_t pid = run_script (*rs_queue.front ().first, false);
78 if (pid)
79 {
80 w.set (pid);
81 w.start ();
82 }
83 else
84 slog (L_WARN, rs_queue.front ().second);
85
86 delete rs_queue.front ().first;
87 rs_queue.pop ();
88 }
89
90 // despite the fancy name, this is quite a hack
91 static void
92 run_script_queued (run_script_cb *cb, const char *warnmsg)
93 {
94 rs_queue.push (std::make_pair (cb, warnmsg));
95
96 if (!rs_child_ev.is_active ())
97 {
98 rs_child_ev.set<rs_child_cb> ();
99 rs_child_ev ();
100 }
101 }
102
103 //////////////////////////////////////////////////////////////////////////////
104
105 struct crypto_ctx
106 {
107 EVP_CIPHER_CTX cctx;
108 HMAC_CTX hctx;
109
110 crypto_ctx (const rsachallenge &challenge, int enc);
111 ~crypto_ctx ();
112 };
113
114 crypto_ctx::crypto_ctx (const rsachallenge &challenge, int enc)
115 {
116 EVP_CIPHER_CTX_init (&cctx);
117 require (EVP_CipherInit_ex (&cctx, CIPHER, 0, &challenge[CHG_CIPHER_KEY], 0, enc));
118 HMAC_CTX_init (&hctx);
119 HMAC_Init_ex (&hctx, &challenge[CHG_HMAC_KEY], HMAC_KEYLEN, DIGEST, 0);
120 }
121
122 crypto_ctx::~crypto_ctx ()
123 {
124 require (EVP_CIPHER_CTX_cleanup (&cctx));
125 HMAC_CTX_cleanup (&hctx);
126 }
127
128 static void
129 rsa_hash (const rsaid &id, const rsachallenge &chg, rsaresponse &h)
130 {
131 EVP_MD_CTX ctx;
132
133 EVP_MD_CTX_init (&ctx);
134 require (EVP_DigestInit (&ctx, RSA_HASH));
135 require (EVP_DigestUpdate(&ctx, &chg, sizeof chg));
136 require (EVP_DigestUpdate(&ctx, &id, sizeof id));
137 require (EVP_DigestFinal (&ctx, (unsigned char *)&h, 0));
138 EVP_MD_CTX_cleanup (&ctx);
139 }
140
141 struct rsa_entry
142 {
143 tstamp expire;
144 rsaid id;
145 rsachallenge chg;
146 };
147
148 struct rsa_cache : list<rsa_entry>
149 {
150 inline void cleaner_cb (ev::timer &w, int revents); ev::timer cleaner;
151
152 bool find (const rsaid &id, rsachallenge &chg)
153 {
154 for (iterator i = begin (); i != end (); ++i)
155 {
156 if (!memcmp (&id, &i->id, sizeof id) && i->expire > ev_now ())
157 {
158 memcpy (&chg, &i->chg, sizeof chg);
159
160 erase (i);
161 return true;
162 }
163 }
164
165 if (!cleaner.is_active ())
166 cleaner.again ();
167
168 return false;
169 }
170
171 void gen (rsaid &id, rsachallenge &chg)
172 {
173 rsa_entry e;
174
175 RAND_bytes ((unsigned char *)&id, sizeof id);
176 RAND_bytes ((unsigned char *)&chg, sizeof chg);
177
178 e.expire = ev_now () + RSA_TTL;
179 e.id = id;
180 memcpy (&e.chg, &chg, sizeof chg);
181
182 push_back (e);
183
184 if (!cleaner.is_active ())
185 cleaner.again ();
186 }
187
188 rsa_cache ()
189 {
190 cleaner.set<rsa_cache, &rsa_cache::cleaner_cb> (this);
191 cleaner.set (RSA_TTL, RSA_TTL);
192 }
193
194 } rsa_cache;
195
196 void rsa_cache::cleaner_cb (ev::timer &w, int revents)
197 {
198 if (empty ())
199 w.stop ();
200 else
201 {
202 for (iterator i = begin (); i != end (); )
203 if (i->expire <= ev_now ())
204 i = erase (i);
205 else
206 ++i;
207 }
208 }
209
210 //////////////////////////////////////////////////////////////////////////////
211
212 pkt_queue::pkt_queue (double max_ttl, int max_queue)
213 : max_ttl (max_ttl), max_queue (max_queue)
214 {
215 queue = new pkt [max_queue];
216
217 i = 0;
218 j = 0;
219
220 expire.set<pkt_queue, &pkt_queue::expire_cb> (this);
221 }
222
223 pkt_queue::~pkt_queue ()
224 {
225 while (net_packet *p = get ())
226 delete p;
227
228 delete [] queue;
229 }
230
231 void pkt_queue::expire_cb (ev::timer &w, int revents)
232 {
233 ev_tstamp expire = ev_now () - max_ttl;
234
235 for (;;)
236 {
237 if (empty ())
238 break;
239
240 double diff = queue[j].tstamp - expire;
241
242 if (diff >= 0.)
243 {
244 w.start (diff > 0.5 ? diff : 0.5);
245 break;
246 }
247
248 delete get ();
249 }
250 }
251
252 void pkt_queue::put (net_packet *p)
253 {
254 ev_tstamp now = ev_now ();
255
256 // start expiry timer
257 if (empty ())
258 expire.start (max_ttl);
259
260 int ni = i + 1 == max_queue ? 0 : i + 1;
261
262 if (ni == j)
263 delete get ();
264
265 queue[i].pkt = p;
266 queue[i].tstamp = now;
267
268 i = ni;
269 }
270
271 net_packet *pkt_queue::get ()
272 {
273 if (empty ())
274 return 0;
275
276 net_packet *p = queue[j].pkt;
277 queue[j].pkt = 0;
278
279 j = j + 1 == max_queue ? 0 : j + 1;
280
281 return p;
282 }
283
284 struct net_rateinfo
285 {
286 u32 host;
287 double pcnt, diff;
288 tstamp last;
289 };
290
291 // only do action once every x seconds per host whole allowing bursts.
292 // this implementation ("splay list" ;) is inefficient,
293 // but low on resources.
294 struct net_rate_limiter : list<net_rateinfo>
295 {
296 # define NRL_ALPHA (1. - 1. / 600.) // allow bursts
297 # define NRL_CUTOFF 10. // one event every CUTOFF seconds
298 # define NRL_EXPIRE (NRL_CUTOFF * 30.) // expire entries after this time
299 # define NRL_MAXDIF (NRL_CUTOFF * (1. / (1. - NRL_ALPHA))) // maximum diff /count value
300
301 bool can (const sockinfo &si) { return can((u32)si.host); }
302 bool can (u32 host);
303 };
304
305 net_rate_limiter auth_rate_limiter, reset_rate_limiter;
306
307 bool net_rate_limiter::can (u32 host)
308 {
309 iterator i;
310
311 for (i = begin (); i != end (); )
312 if (i->host == host)
313 break;
314 else if (i->last < ev_now () - NRL_EXPIRE)
315 i = erase (i);
316 else
317 i++;
318
319 if (i == end ())
320 {
321 net_rateinfo ri;
322
323 ri.host = host;
324 ri.pcnt = 1.;
325 ri.diff = NRL_MAXDIF;
326 ri.last = ev_now ();
327
328 push_front (ri);
329
330 return true;
331 }
332 else
333 {
334 net_rateinfo ri (*i);
335 erase (i);
336
337 ri.pcnt = ri.pcnt * NRL_ALPHA;
338 ri.diff = ri.diff * NRL_ALPHA + (ev_now () - ri.last);
339
340 ri.last = ev_now ();
341
342 double dif = ri.diff / ri.pcnt;
343
344 bool send = dif > NRL_CUTOFF;
345
346 if (dif > NRL_MAXDIF)
347 {
348 ri.pcnt = 1.;
349 ri.diff = NRL_MAXDIF;
350 }
351 else if (send)
352 ri.pcnt++;
353
354 push_front (ri);
355
356 return send;
357 }
358 }
359
360 /////////////////////////////////////////////////////////////////////////////
361
362 unsigned char hmac_packet::hmac_digest[EVP_MAX_MD_SIZE];
363
364 void hmac_packet::hmac_gen (crypto_ctx *ctx)
365 {
366 unsigned int xlen;
367
368 HMAC_CTX *hctx = &ctx->hctx;
369
370 HMAC_Init_ex (hctx, 0, 0, 0, 0);
371 HMAC_Update (hctx, ((unsigned char *) this) + sizeof (hmac_packet),
372 len - sizeof (hmac_packet));
373 HMAC_Final (hctx, (unsigned char *) &hmac_digest, &xlen);
374 }
375
376 void
377 hmac_packet::hmac_set (crypto_ctx *ctx)
378 {
379 hmac_gen (ctx);
380
381 memcpy (hmac, hmac_digest, HMACLENGTH);
382 }
383
384 bool
385 hmac_packet::hmac_chk (crypto_ctx *ctx)
386 {
387 hmac_gen (ctx);
388
389 return !memcmp (hmac, hmac_digest, HMACLENGTH);
390 }
391
392 void vpn_packet::set_hdr (ptype type_, unsigned int dst)
393 {
394 type = type_;
395
396 int src = THISNODE->id;
397
398 src1 = src;
399 srcdst = ((src >> 8) << 4) | (dst >> 8);
400 dst1 = dst;
401 }
402
403 #define MAXVPNDATA (MAX_MTU - 6 - 6)
404 #define DATAHDR (sizeof (u32) + RAND_SIZE)
405
406 struct vpndata_packet : vpn_packet
407 {
408 u8 data[MAXVPNDATA + DATAHDR]; // seqno
409
410 void setup (connection *conn, int dst, u8 *d, u32 len, u32 seqno);
411 tap_packet *unpack (connection *conn, u32 &seqno);
412 private:
413
414 const u32 data_hdr_size () const
415 {
416 return sizeof (vpndata_packet) - sizeof (net_packet) - MAXVPNDATA - DATAHDR;
417 }
418 };
419
420 void
421 vpndata_packet::setup (connection *conn, int dst, u8 *d, u32 l, u32 seqno)
422 {
423 EVP_CIPHER_CTX *cctx = &conn->octx->cctx;
424 int outl = 0, outl2;
425 ptype type = PT_DATA_UNCOMPRESSED;
426
427 #if ENABLE_COMPRESSION
428 u8 cdata[MAX_MTU];
429
430 if (conn->features & FEATURE_COMPRESSION)
431 {
432 u32 cl = lzf_compress (d, l, cdata + 2, (l - 2) & ~7);
433
434 if (cl)
435 {
436 type = PT_DATA_COMPRESSED;
437 d = cdata;
438 l = cl + 2;
439
440 d[0] = cl >> 8;
441 d[1] = cl;
442 }
443 }
444 #endif
445
446 require (EVP_EncryptInit_ex (cctx, 0, 0, 0, 0));
447
448 struct {
449 #if RAND_SIZE
450 u8 rnd[RAND_SIZE];
451 #endif
452 u32 seqno;
453 } datahdr;
454
455 datahdr.seqno = ntohl (seqno);
456 #if RAND_SIZE
457 RAND_pseudo_bytes ((unsigned char *) datahdr.rnd, RAND_SIZE);
458 #endif
459
460 require (EVP_EncryptUpdate (cctx,
461 (unsigned char *) data + outl, &outl2,
462 (unsigned char *) &datahdr, DATAHDR));
463 outl += outl2;
464
465 require (EVP_EncryptUpdate (cctx,
466 (unsigned char *) data + outl, &outl2,
467 (unsigned char *) d, l));
468 outl += outl2;
469
470 require (EVP_EncryptFinal_ex (cctx, (unsigned char *) data + outl, &outl2));
471 outl += outl2;
472
473 len = outl + data_hdr_size ();
474
475 set_hdr (type, dst);
476
477 hmac_set (conn->octx);
478 }
479
480 tap_packet *
481 vpndata_packet::unpack (connection *conn, u32 &seqno)
482 {
483 EVP_CIPHER_CTX *cctx = &conn->ictx->cctx;
484 int outl = 0, outl2;
485 tap_packet *p = new tap_packet;
486 u8 *d;
487 u32 l = len - data_hdr_size ();
488
489 require (EVP_DecryptInit_ex (cctx, 0, 0, 0, 0));
490
491 #if ENABLE_COMPRESSION
492 u8 cdata[MAX_MTU];
493
494 if (type == PT_DATA_COMPRESSED)
495 d = cdata;
496 else
497 #endif
498 d = &(*p)[6 + 6 - DATAHDR];
499
500 /* this overwrites part of the src mac, but we fix that later */
501 require (EVP_DecryptUpdate (cctx,
502 d, &outl2,
503 (unsigned char *)&data, len - data_hdr_size ()));
504 outl += outl2;
505
506 require (EVP_DecryptFinal_ex (cctx, (unsigned char *)d + outl, &outl2));
507 outl += outl2;
508
509 seqno = ntohl (*(u32 *)(d + RAND_SIZE));
510
511 id2mac (dst () ? dst() : THISNODE->id, p->dst);
512 id2mac (src (), p->src);
513
514 #if ENABLE_COMPRESSION
515 if (type == PT_DATA_COMPRESSED)
516 {
517 u32 cl = (d[DATAHDR] << 8) | d[DATAHDR + 1];
518
519 p->len = lzf_decompress (d + DATAHDR + 2, cl < MAX_MTU ? cl : 0,
520 &(*p)[6 + 6], MAX_MTU)
521 + 6 + 6;
522 }
523 else
524 p->len = outl + (6 + 6 - DATAHDR);
525 #endif
526
527 return p;
528 }
529
530 struct ping_packet : vpn_packet
531 {
532 void setup (int dst, ptype type)
533 {
534 set_hdr (type, dst);
535 len = sizeof (*this) - sizeof (net_packet);
536 }
537 };
538
539 struct config_packet : vpn_packet
540 {
541 // actually, hmaclen cannot be checked because the hmac
542 // field comes before this data, so peers with other
543 // hmacs simply will not work.
544 u8 prot_major, prot_minor, randsize, hmaclen;
545 u8 flags, challengelen, features, pad3;
546 u32 cipher_nid, digest_nid, hmac_nid;
547
548 void setup (ptype type, int dst);
549 bool chk_config () const;
550
551 static u8 get_features ()
552 {
553 u8 f = 0;
554 #if ENABLE_COMPRESSION
555 f |= FEATURE_COMPRESSION;
556 #endif
557 #if ENABLE_ROHC
558 f |= FEATURE_ROHC;
559 #endif
560 #if ENABLE_BRIDGING
561 f |= FEATURE_BRIDGING;
562 #endif
563 return f;
564 }
565 };
566
567 void config_packet::setup (ptype type, int dst)
568 {
569 prot_major = PROTOCOL_MAJOR;
570 prot_minor = PROTOCOL_MINOR;
571 randsize = RAND_SIZE;
572 hmaclen = HMACLENGTH;
573 flags = 0;
574 challengelen = sizeof (rsachallenge);
575 features = get_features ();
576
577 cipher_nid = htonl (EVP_CIPHER_nid (CIPHER));
578 digest_nid = htonl (EVP_MD_type (RSA_HASH));
579 hmac_nid = htonl (EVP_MD_type (DIGEST));
580
581 len = sizeof (*this) - sizeof (net_packet);
582 set_hdr (type, dst);
583 }
584
585 bool config_packet::chk_config () const
586 {
587 if (prot_major != PROTOCOL_MAJOR)
588 slog (L_WARN, _("major version mismatch (remote %d <=> local %d)"), prot_major, PROTOCOL_MAJOR);
589 else if (randsize != RAND_SIZE)
590 slog (L_WARN, _("rand size mismatch (remote %d <=> local %d)"), randsize, RAND_SIZE);
591 else if (hmaclen != HMACLENGTH)
592 slog (L_WARN, _("hmac length mismatch (remote %d <=> local %d)"), hmaclen, HMACLENGTH);
593 else if (challengelen != sizeof (rsachallenge))
594 slog (L_WARN, _("challenge length mismatch (remote %d <=> local %d)"), challengelen, sizeof (rsachallenge));
595 else if (cipher_nid != htonl (EVP_CIPHER_nid (CIPHER)))
596 slog (L_WARN, _("cipher mismatch (remote %x <=> local %x)"), ntohl (cipher_nid), EVP_CIPHER_nid (CIPHER));
597 else if (digest_nid != htonl (EVP_MD_type (RSA_HASH)))
598 slog (L_WARN, _("digest mismatch (remote %x <=> local %x)"), ntohl (digest_nid), EVP_MD_type (RSA_HASH));
599 else if (hmac_nid != htonl (EVP_MD_type (DIGEST)))
600 slog (L_WARN, _("hmac mismatch (remote %x <=> local %x)"), ntohl (hmac_nid), EVP_MD_type (DIGEST));
601 else
602 return true;
603
604 return false;
605 }
606
607 struct auth_req_packet : config_packet
608 {
609 char magic[8];
610 u8 initiate; // false if this is just an automatic reply
611 u8 protocols; // supported protocols (will be patched on forward)
612 u8 pad2, pad3;
613 rsaid id;
614 rsaencrdata encr;
615
616 auth_req_packet (int dst, bool initiate_, u8 protocols_)
617 {
618 config_packet::setup (PT_AUTH_REQ, dst);
619 strncpy (magic, MAGIC_OLD, 8);
620 initiate = !!initiate_;
621 protocols = protocols_;
622
623 len = sizeof (*this) - sizeof (net_packet);
624 }
625 };
626
627 struct auth_res_packet : config_packet
628 {
629 rsaid id;
630 u8 pad1, pad2, pad3;
631 u8 response_len; // encrypted length
632 rsaresponse response;
633
634 auth_res_packet (int dst)
635 {
636 config_packet::setup (PT_AUTH_RES, dst);
637
638 len = sizeof (*this) - sizeof (net_packet);
639 }
640 };
641
642 struct connect_req_packet : vpn_packet
643 {
644 u8 id, protocols;
645 u8 pad1, pad2;
646
647 connect_req_packet (int dst, int id_, u8 protocols_)
648 : id(id_)
649 , protocols(protocols_)
650 {
651 set_hdr (PT_CONNECT_REQ, dst);
652 len = sizeof (*this) - sizeof (net_packet);
653 }
654 };
655
656 struct connect_info_packet : vpn_packet
657 {
658 u8 id, protocols;
659 u8 pad1, pad2;
660 sockinfo si;
661
662 connect_info_packet (int dst, int id_, const sockinfo &si_, u8 protocols_)
663 : id(id_)
664 , protocols(protocols_)
665 , si(si_)
666 {
667 set_hdr (PT_CONNECT_INFO, dst);
668
669 len = sizeof (*this) - sizeof (net_packet);
670 }
671 };
672
673 /////////////////////////////////////////////////////////////////////////////
674
675 void
676 connection::connection_established ()
677 {
678 slog (L_NOISE, _("%s: possible connection establish (ictx %d, octx %d)"), conf->nodename, !!ictx, !!octx);
679
680 if (ictx && octx)
681 {
682 // make sure rekeying timeouts are slightly asymmetric
683 ev::tstamp rekey_interval = ::conf.rekey + (conf->id > THISNODE->id ? 10 : 0);
684 rekey.start (rekey_interval, rekey_interval);
685 keepalive.start (::conf.keepalive);
686
687 // send queued packets
688 if (ictx && octx)
689 {
690 while (tap_packet *p = (tap_packet *)data_queue.get ())
691 {
692 if (p->len) send_data_packet (p);
693 delete p;
694 }
695
696 while (vpn_packet *p = (vpn_packet *)vpn_queue.get ())
697 {
698 if (p->len) send_vpn_packet (p, si, IPTOS_RELIABILITY);
699 delete p;
700 }
701 }
702
703 vpn->connection_established (this);
704 }
705 else
706 {
707 retry_cnt = 0;
708 establish_connection.start (5);
709 keepalive.stop ();
710 rekey.stop ();
711 }
712 }
713
714 void
715 connection::reset_si ()
716 {
717 if (vpn->can_direct (THISNODE, conf))
718 protocol = best_protocol (THISNODE->protocols & conf->connectable_protocols ());
719 else
720 {
721 slog (L_TRACE, _("%s: direct connection denied by config."), conf->nodename);
722 protocol = 0;
723 }
724
725 si.set (conf, protocol);
726
727 is_direct = si.valid ();
728 }
729
730 // ensure sockinfo is valid, forward if necessary
731 const sockinfo &
732 connection::forward_si (const sockinfo &si) const
733 {
734 if (!si.valid ())
735 {
736 connection *r = vpn->find_router_for (this);
737
738 if (r)
739 {
740 slog (L_DEBUG, _("%s: no common protocol, trying to route through %s."),
741 conf->nodename, r->conf->nodename);
742 return r->si;
743 }
744 else
745 slog (L_DEBUG, _("%s: node unreachable, no common protocol or no router available."),
746 conf->nodename);
747 }
748
749 return si;
750 }
751
752 void
753 connection::send_vpn_packet (vpn_packet *pkt, const sockinfo &si, int tos)
754 {
755 if (!vpn->send_vpn_packet (pkt, si, tos))
756 reset_connection ();
757 }
758
759 void
760 connection::send_ping (const sockinfo &si, u8 pong)
761 {
762 ping_packet *pkt = new ping_packet;
763
764 pkt->setup (conf->id, pong ? ping_packet::PT_PONG : ping_packet::PT_PING);
765
766 slog (L_TRACE, "%s << %s [%s]", conf->nodename, pong ? "PT_PONG" : "PT_PING", (const char *)si);
767
768 send_vpn_packet (pkt, si, IPTOS_LOWDELAY);
769
770 delete pkt;
771 }
772
773 void
774 connection::send_reset (const sockinfo &si)
775 {
776 if (reset_rate_limiter.can (si) && connectmode != conf_node::C_DISABLED)
777 {
778 config_packet *pkt = new config_packet;
779
780 pkt->setup (vpn_packet::PT_RESET, conf->id);
781 send_vpn_packet (pkt, si, IPTOS_MINCOST);
782
783 delete pkt;
784 }
785 }
786
787 void
788 connection::send_auth_request (const sockinfo &si, bool initiate)
789 {
790 auth_req_packet *pkt = new auth_req_packet (conf->id, initiate, THISNODE->protocols);
791
792 rsachallenge chg;
793 rsa_cache.gen (pkt->id, chg);
794 rsa_encrypt (conf->rsa_key, chg, pkt->encr);
795
796 slog (L_TRACE, "%s << PT_AUTH_REQ [%s]", conf->nodename, (const char *)si);
797
798 send_vpn_packet (pkt, si, IPTOS_RELIABILITY | IPTOS_LOWDELAY); // rsa is very very costly
799
800 delete pkt;
801 }
802
803 void
804 connection::send_auth_response (const sockinfo &si, const rsaid &id, const rsachallenge &chg)
805 {
806 auth_res_packet *pkt = new auth_res_packet (conf->id);
807
808 pkt->id = id;
809
810 rsa_hash (id, chg, pkt->response);
811
812 pkt->hmac_set (octx);
813
814 slog (L_TRACE, "%s << PT_AUTH_RES [%s]", conf->nodename, (const char *)si);
815
816 send_vpn_packet (pkt, si, IPTOS_RELIABILITY); // rsa is very very costly
817
818 delete pkt;
819 }
820
821 void
822 connection::send_connect_info (int rid, const sockinfo &rsi, u8 rprotocols)
823 {
824 slog (L_TRACE, "%s << PT_CONNECT_INFO(%s,%s)", conf->nodename,
825 vpn->conns[rid - 1]->conf->nodename, (const char *)rsi);
826
827 connect_info_packet *r = new connect_info_packet (conf->id, rid, rsi, rprotocols);
828
829 r->hmac_set (octx);
830 send_vpn_packet (r, si);
831
832 delete r;
833 }
834
835 inline void
836 connection::establish_connection_cb (ev::timer &w, int revents)
837 {
838 if (!ictx
839 && conf != THISNODE
840 && connectmode != conf_node::C_NEVER
841 && connectmode != conf_node::C_DISABLED
842 && !w.is_active ())
843 {
844 // a bit hacky, if ondemand, and packets are no longer queued, then reset the connection
845 // and stop trying. should probably be handled by a per-connection expire handler.
846 if (connectmode == conf_node::C_ONDEMAND && vpn_queue.empty () && data_queue.empty ())
847 {
848 reset_connection ();
849 return;
850 }
851
852 last_establish_attempt = ev_now ();
853
854 ev::tstamp retry_int = ev::tstamp (retry_cnt & 3
855 ? (retry_cnt & 3) + 1
856 : 1 << (retry_cnt >> 2));
857
858 reset_si ();
859
860 bool slow = si.prot & PROT_SLOW;
861
862 if (si.prot && !si.host && vpn->can_direct (THISNODE, conf))
863 {
864 /*TODO*/ /* start the timer so we don't recurse endlessly */
865 w.start (1);
866 vpn->send_connect_request (this);
867 }
868 else
869 {
870 if (si.valid ())
871 slog (L_DEBUG, _("%s: sending direct connection request to %s."),
872 conf->nodename, (const char *)si);
873
874 const sockinfo &dsi = forward_si (si);
875
876 slow = slow || (dsi.prot & PROT_SLOW);
877
878 if (dsi.valid () && auth_rate_limiter.can (dsi))
879 {
880 if (retry_cnt < 4)
881 send_auth_request (dsi, true);
882 else
883 send_ping (dsi, 0);
884 }
885 }
886
887 retry_int *= slow ? 8. : 0.9;
888
889 if (retry_int < conf->max_retry)
890 retry_cnt++;
891 else
892 retry_int = conf->max_retry;
893
894 w.start (retry_int);
895 }
896 }
897
898 void
899 connection::reset_connection ()
900 {
901 if (ictx && octx)
902 {
903 slog (L_INFO, _("%s(%s): connection lost"),
904 conf->nodename, (const char *)si);
905
906 if (::conf.script_node_down)
907 {
908 run_script_cb *cb = new run_script_cb;
909 cb->set<connection, &connection::script_node_down> (this);
910 run_script_queued (cb, _("node-down command execution failed, continuing."));
911 }
912 }
913
914 delete ictx; ictx = 0;
915 delete octx; octx = 0;
916 #if ENABLE_DNS
917 dnsv4_reset_connection ();
918 #endif
919
920 si.host = 0;
921
922 last_activity = 0.;
923 //last_si_change = 0.;
924 retry_cnt = 0;
925
926 rekey.stop ();
927 keepalive.stop ();
928 establish_connection.stop ();
929 }
930
931 void
932 connection::shutdown ()
933 {
934 if (ictx && octx)
935 send_reset (si);
936
937 reset_connection ();
938 }
939
940 // poor-man's rekeying
941 inline void
942 connection::rekey_cb (ev::timer &w, int revents)
943 {
944 reset_connection ();
945 establish_connection ();
946 }
947
948 void
949 connection::send_data_packet (tap_packet *pkt)
950 {
951 vpndata_packet *p = new vpndata_packet;
952 int tos = 0;
953
954 // I am not hilarious about peeking into packets, but so be it.
955 if (conf->inherit_tos && pkt->is_ipv4 ())
956 tos = (*pkt)[15] & IPTOS_TOS_MASK;
957
958 p->setup (this, conf->id, &((*pkt)[6 + 6]), pkt->len - 6 - 6, ++oseqno); // skip 2 macs
959 send_vpn_packet (p, si, tos);
960
961 delete p;
962
963 if (oseqno > MAX_SEQNO)
964 rekey ();
965 }
966
967 void
968 connection::post_inject_queue ()
969 {
970 // force a connection every now and when when packets are sent (max 1/s)
971 if (ev_now () - last_establish_attempt >= 0.95) // arbitrary
972 establish_connection.stop ();
973
974 establish_connection ();
975 }
976
977 void
978 connection::inject_data_packet (tap_packet *pkt)
979 {
980 if (ictx && octx)
981 send_data_packet (pkt);
982 else
983 {
984 data_queue.put (new tap_packet (*pkt));
985 post_inject_queue ();
986 }
987 }
988
989 void connection::inject_vpn_packet (vpn_packet *pkt, int tos)
990 {
991 if (ictx && octx)
992 send_vpn_packet (pkt, si, tos);
993 else
994 {
995 vpn_queue.put ((vpn_packet *)new data_packet (*(data_packet *)pkt));
996 post_inject_queue ();
997 }
998 }
999
1000 void
1001 connection::recv_vpn_packet (vpn_packet *pkt, const sockinfo &rsi)
1002 {
1003 last_activity = ev_now ();
1004
1005 slog (L_NOISE, "%s >> received packet type %d from %d to %d.",
1006 conf->nodename, pkt->typ (), pkt->src (), pkt->dst ());
1007
1008 if (connectmode == conf_node::C_DISABLED)
1009 return;
1010
1011 switch (pkt->typ ())
1012 {
1013 case vpn_packet::PT_PING:
1014 slog (L_TRACE, "%s >> PT_PING", conf->nodename);
1015
1016 // we send pings instead of auth packets after some retries,
1017 // so reset the retry counter and establish a connection
1018 // when we receive a ping.
1019 if (!ictx)
1020 {
1021 if (auth_rate_limiter.can (rsi))
1022 send_auth_request (rsi, true);
1023 }
1024 else
1025 // we would love to change the socket address here, but ping's aren't
1026 // authenticated, so we best ignore it.
1027 send_ping (rsi, 1); // pong
1028
1029 break;
1030
1031 case vpn_packet::PT_PONG:
1032 slog (L_TRACE, "%s >> PT_PONG", conf->nodename);
1033
1034 // a PONG might mean that the other side doesn't really know
1035 // about our desire for communication.
1036 establish_connection ();
1037 break;
1038
1039 case vpn_packet::PT_RESET:
1040 {
1041 reset_connection ();
1042
1043 config_packet *p = (config_packet *) pkt;
1044
1045 if (!p->chk_config ())
1046 {
1047 slog (L_WARN, _("%s(%s): protocol mismatch, disabling node."),
1048 conf->nodename, (const char *)rsi);
1049 connectmode = conf_node::C_DISABLED;
1050 }
1051 else if (connectmode == conf_node::C_ALWAYS)
1052 establish_connection ();
1053 }
1054 break;
1055
1056 case vpn_packet::PT_AUTH_REQ:
1057 if (auth_rate_limiter.can (rsi))
1058 {
1059 auth_req_packet *p = (auth_req_packet *) pkt;
1060
1061 slog (L_TRACE, "%s >> PT_AUTH_REQ(%s)", conf->nodename, p->initiate ? "initiate" : "reply");
1062
1063 if (p->chk_config ()
1064 && (!strncmp (p->magic, MAGIC_OLD, 8) || !strncmp (p->magic, MAGIC, 8)))
1065 {
1066 if (p->prot_minor != PROTOCOL_MINOR)
1067 slog (L_INFO, _("%s(%s): protocol minor version mismatch: ours is %d, %s's is %d."),
1068 conf->nodename, (const char *)rsi,
1069 PROTOCOL_MINOR, conf->nodename, p->prot_minor);
1070
1071 if (p->initiate)
1072 send_auth_request (rsi, false);
1073
1074 rsachallenge k;
1075
1076 if (!rsa_decrypt (::conf.rsa_key, p->encr, k))
1077 {
1078 slog (L_ERR, _("%s(%s): challenge illegal or corrupted (%s). mismatched key or config file?"),
1079 conf->nodename, (const char *)rsi, ERR_error_string (ERR_get_error (), 0));
1080 break;
1081 }
1082 else
1083 {
1084 delete octx;
1085
1086 octx = new crypto_ctx (k, 1);
1087 oseqno = ntohl (*(u32 *)&k[CHG_SEQNO]) & 0x7fffffff;
1088
1089 conf->protocols = p->protocols;
1090 features = p->features & config_packet::get_features ();
1091
1092 send_auth_response (rsi, p->id, k);
1093
1094 connection_established ();
1095
1096 break;
1097 }
1098 }
1099 else
1100 slog (L_WARN, _("%s(%s): protocol mismatch."),
1101 conf->nodename, (const char *)rsi);
1102
1103 send_reset (rsi);
1104 }
1105
1106 break;
1107
1108 case vpn_packet::PT_AUTH_RES:
1109 {
1110 auth_res_packet *p = (auth_res_packet *)pkt;
1111
1112 slog (L_TRACE, "%s >> PT_AUTH_RES", conf->nodename);
1113
1114 if (p->chk_config ())
1115 {
1116 if (p->prot_minor != PROTOCOL_MINOR)
1117 slog (L_INFO, _("%s(%s): protocol minor version mismatch: ours is %d, %s's is %d."),
1118 conf->nodename, (const char *)rsi,
1119 PROTOCOL_MINOR, conf->nodename, p->prot_minor);
1120
1121 rsachallenge chg;
1122
1123 if (!rsa_cache.find (p->id, chg))
1124 {
1125 slog (L_ERR, _("%s(%s): unrequested auth response, ignoring."),
1126 conf->nodename, (const char *)rsi);
1127 break;
1128 }
1129 else
1130 {
1131 crypto_ctx *cctx = new crypto_ctx (chg, 0);
1132
1133 if (!p->hmac_chk (cctx))
1134 {
1135 slog (L_ERR, _("%s(%s): hmac authentication error on auth response, received invalid packet\n"
1136 "could be an attack, or just corruption or a synchronization error."),
1137 conf->nodename, (const char *)rsi);
1138 break;
1139 }
1140 else
1141 {
1142 rsaresponse h;
1143
1144 rsa_hash (p->id, chg, h);
1145
1146 if (!memcmp ((u8 *)&h, (u8 *)p->response, sizeof h))
1147 {
1148 prot_minor = p->prot_minor;
1149
1150 delete ictx; ictx = cctx;
1151
1152 iseqno.reset (ntohl (*(u32 *)&chg[CHG_SEQNO]) & 0x7fffffff); // at least 2**31 sequence numbers are valid
1153
1154 si = rsi;
1155 protocol = rsi.prot;
1156
1157 slog (L_INFO, _("%s(%s): connection established (%s), protocol version %d.%d."),
1158 conf->nodename, (const char *)rsi,
1159 is_direct ? "direct" : "forwarded",
1160 p->prot_major, p->prot_minor);
1161
1162 connection_established ();
1163
1164 if (::conf.script_node_up)
1165 {
1166 run_script_cb *cb = new run_script_cb;
1167 cb->set<connection, &connection::script_node_up> (this);
1168 run_script_queued (cb, _("node-up command execution failed, continuing."));
1169 }
1170
1171 break;
1172 }
1173 else
1174 slog (L_ERR, _("%s(%s): sent and received challenge do not match."),
1175 conf->nodename, (const char *)rsi);
1176 }
1177
1178 delete cctx;
1179 }
1180 }
1181 }
1182
1183 send_reset (rsi);
1184 break;
1185
1186 case vpn_packet::PT_DATA_COMPRESSED:
1187 #if !ENABLE_COMPRESSION
1188 send_reset (rsi);
1189 break;
1190 #endif
1191
1192 case vpn_packet::PT_DATA_UNCOMPRESSED:
1193
1194 if (ictx && octx)
1195 {
1196 vpndata_packet *p = (vpndata_packet *)pkt;
1197
1198 if (!p->hmac_chk (ictx))
1199 slog (L_ERR, _("%s(%s): hmac authentication error, received invalid packet\n"
1200 "could be an attack, or just corruption or a synchronization error."),
1201 conf->nodename, (const char *)rsi);
1202 else
1203 {
1204 u32 seqno;
1205 tap_packet *d = p->unpack (this, seqno);
1206 int seqclass = iseqno.seqno_classify (seqno);
1207
1208 if (seqclass == 0) // ok
1209 {
1210 vpn->tap->send (d);
1211
1212 if (si != rsi)
1213 {
1214 // fast re-sync on source address changes, useful especially for tcp/ip
1215 //if (last_si_change < ev_now () + 5.)
1216 // {
1217 slog (L_INFO, _("%s(%s): changing socket address to %s."),
1218 conf->nodename, (const char *)si, (const char *)rsi);
1219
1220 si = rsi;
1221
1222 if (::conf.script_node_change)
1223 {
1224 run_script_cb *cb = new run_script_cb;
1225 cb->set<connection, &connection::script_node_change> (this);
1226 run_script_queued (cb, _("node-change command execution failed, continuing."));
1227 }
1228
1229 // }
1230 //else
1231 // slog (L_INFO, _("%s(%s): accepted packet from %s, not (yet) redirecting traffic."),
1232 // conf->nodename, (const char *)si, (const char *)rsi);
1233 }
1234 }
1235 else if (seqclass == 1) // far history
1236 slog (L_ERR, _("received very old packet (received %08lx, expected %08lx). "
1237 "possible replay attack, or just packet duplication/delay, ignoring."), seqno, iseqno.seq + 1);
1238 else if (seqclass == 2) // in-window duplicate, happens often on wireless
1239 slog (L_DEBUG, _("received recent duplicated packet (received %08lx, expected %08lx). "
1240 "possible replay attack, or just packet duplication, ignoring."), seqno, iseqno.seq + 1);
1241 else if (seqclass == 3) // reset
1242 {
1243 slog (L_ERR, _("received out-of-sync (far future) packet (received %08lx, expected %08lx). "
1244 "probably just massive packet loss, sending reset."), seqno, iseqno.seq + 1);
1245 send_reset (rsi);
1246 }
1247
1248 delete d;
1249 break;
1250 }
1251 }
1252
1253 send_reset (rsi);
1254 break;
1255
1256 case vpn_packet::PT_CONNECT_REQ:
1257 if (ictx && octx && rsi == si && pkt->hmac_chk (ictx))
1258 {
1259 connect_req_packet *p = (connect_req_packet *)pkt;
1260
1261 if (p->id > 0 && p->id <= vpn->conns.size ())
1262 {
1263 connection *c = vpn->conns[p->id - 1];
1264 conf->protocols = p->protocols;
1265
1266 slog (L_TRACE, "%s >> PT_CONNECT_REQ(%s) [%d]",
1267 conf->nodename, vpn->conns[p->id - 1]->conf->nodename, c->ictx && c->octx);
1268
1269 if (c->ictx && c->octx)
1270 {
1271 // send connect_info packets to both sides, in case one is
1272 // behind a nat firewall (or both ;)
1273 c->send_connect_info (conf->id, si, conf->protocols);
1274 send_connect_info (c->conf->id, c->si, c->conf->protocols);
1275 }
1276 else
1277 c->establish_connection ();
1278 }
1279 else
1280 slog (L_WARN,
1281 _("received authenticated connection request from unknown node #%d, config file mismatch?"),
1282 p->id);
1283 }
1284
1285 break;
1286
1287 case vpn_packet::PT_CONNECT_INFO:
1288 if (ictx && octx && rsi == si && pkt->hmac_chk (ictx))
1289 {
1290 connect_info_packet *p = (connect_info_packet *)pkt;
1291
1292 if (p->id > 0 && p->id <= vpn->conns.size ())
1293 {
1294 connection *c = vpn->conns[p->id - 1];
1295
1296 c->conf->protocols = p->protocols;
1297 protocol = best_protocol (c->conf->protocols & THISNODE->protocols & p->si.supported_protocols (c->conf));
1298 p->si.upgrade_protocol (protocol, c->conf);
1299
1300 slog (L_TRACE, "%s >> PT_CONNECT_INFO(%s,%s) [%d]",
1301 conf->nodename, vpn->conns[p->id - 1]->conf->nodename,
1302 (const char *)p->si, !c->ictx && !c->octx);
1303
1304 const sockinfo &dsi = forward_si (p->si);
1305
1306 if (dsi.valid ())
1307 c->send_auth_request (dsi, true);
1308 }
1309 else
1310 slog (L_WARN,
1311 _("received authenticated connection request from unknown node #%d, config file mismatch?"),
1312 p->id);
1313 }
1314
1315 break;
1316
1317 default:
1318 send_reset (rsi);
1319 break;
1320 }
1321 }
1322
1323 inline void
1324 connection::keepalive_cb (ev::timer &w, int revents)
1325 {
1326 if (ev_now () >= last_activity + ::conf.keepalive + 15)
1327 {
1328 reset_connection ();
1329 establish_connection ();
1330 }
1331 else if (ev_now () < last_activity + ::conf.keepalive)
1332 w.start (last_activity + ::conf.keepalive - ev::now ());
1333 else if (conf->connectmode != conf_node::C_ONDEMAND
1334 || THISNODE->connectmode != conf_node::C_ONDEMAND)
1335 {
1336 send_ping (si);
1337 w.start (3);
1338 }
1339 else if (ev_now () < last_activity + ::conf.keepalive + 10)
1340 // hold ondemand connections implicitly a few seconds longer
1341 // should delete octx, though, or something like that ;)
1342 w.start (last_activity + ::conf.keepalive + 10 - ev::now ());
1343 else
1344 reset_connection ();
1345 }
1346
1347 void connection::send_connect_request (int id)
1348 {
1349 connect_req_packet *p = new connect_req_packet (conf->id, id, conf->protocols);
1350
1351 slog (L_TRACE, "%s << PT_CONNECT_REQ(%s)",
1352 conf->nodename, vpn->conns[id - 1]->conf->nodename);
1353 p->hmac_set (octx);
1354 send_vpn_packet (p, si);
1355
1356 delete p;
1357 }
1358
1359 void connection::script_init_env (const char *ext)
1360 {
1361 char *env;
1362 asprintf (&env, "IFUPDATA%s=%s", ext, conf->if_up_data); putenv (env);
1363 asprintf (&env, "NODENAME%s=%s", ext, conf->nodename); putenv (env);
1364 asprintf (&env, "MAC%s=%02x:%02x:%02x:%02x:%02x:%02x", ext,
1365 0xfe, 0xfd, 0x80, 0x00, conf->id >> 8,
1366 conf->id & 0xff); putenv (env);
1367 }
1368
1369 void connection::script_init_connect_env ()
1370 {
1371 vpn->script_init_env ();
1372
1373 char *env;
1374 asprintf (&env, "DESTID=%d", conf->id); putenv (env);
1375 asprintf (&env, "DESTSI=%s", (const char *)si); putenv (env);
1376 asprintf (&env, "DESTNODE=%s", conf->nodename); putenv (env);
1377 asprintf (&env, "DESTIP=%s", si.ntoa ()); putenv (env);
1378 asprintf (&env, "DESTPORT=%d", ntohs (si.port)); putenv (env);
1379 }
1380
1381 inline const char *
1382 connection::script_node_up ()
1383 {
1384 script_init_connect_env ();
1385
1386 putenv ((char *)"STATE=up");
1387
1388 char *filename;
1389 asprintf (&filename,
1390 "%s/%s",
1391 confbase,
1392 ::conf.script_node_up ? ::conf.script_node_up : "node-up");
1393
1394 return filename;
1395 }
1396
1397 inline const char *
1398 connection::script_node_change ()
1399 {
1400 script_init_connect_env ();
1401
1402 putenv ((char *)"STATE=change");
1403
1404 char *filename;
1405 asprintf (&filename,
1406 "%s/%s",
1407 confbase,
1408 ::conf.script_node_change ? ::conf.script_node_change : "node-change");
1409
1410 return filename;
1411 }
1412
1413 inline const char *
1414 connection::script_node_down ()
1415 {
1416 script_init_connect_env ();
1417
1418 putenv ((char *)"STATE=down");
1419
1420 char *filename;
1421 asprintf (&filename,
1422 "%s/%s",
1423 confbase,
1424 ::conf.script_node_down ? ::conf.script_node_down : "node-down");
1425
1426 return filename;
1427 }
1428
1429 connection::connection (struct vpn *vpn, conf_node *conf)
1430 : vpn(vpn), conf(conf),
1431 #if ENABLE_DNS
1432 dns (0),
1433 #endif
1434 data_queue(conf->max_ttl, conf->max_queue + 1),
1435 vpn_queue(conf->max_ttl, conf->max_queue + 1)
1436 {
1437 rekey .set<connection, &connection::rekey_cb > (this);
1438 keepalive .set<connection, &connection::keepalive_cb > (this);
1439 establish_connection.set<connection, &connection::establish_connection_cb> (this);
1440
1441 last_establish_attempt = 0.;
1442 octx = ictx = 0;
1443
1444 if (!conf->protocols) // make sure some protocol is enabled
1445 conf->protocols = PROT_UDPv4;
1446
1447 connectmode = conf->connectmode;
1448
1449 // queue a dummy packet to force an initial connection attempt
1450 if (connectmode != conf_node::C_ALWAYS && connectmode != conf_node::C_DISABLED)
1451 vpn_queue.put (new net_packet);
1452
1453 reset_connection ();
1454 }
1455
1456 connection::~connection ()
1457 {
1458 shutdown ();
1459 }
1460
1461 void connection_init ()
1462 {
1463 auth_rate_limiter.clear ();
1464 reset_rate_limiter.clear ();
1465 }
1466