ViewVC Help
View File | Revision Log | Show Annotations | Download File
/cvs/gvpe/src/connection.C
Revision: 1.97
Committed: Tue Dec 4 13:23:17 2012 UTC (11 years, 5 months ago) by root
Content type: text/plain
Branch: MAIN
CVS Tags: rel-2_25
Changes since 1.96: +9 -6 lines
Log Message: 
*** empty log message ***

File Contents

# Content
1 /*
2 connection.C -- manage a single connection
3 Copyright (C) 2003-2008,2010,2011 Marc Lehmann <gvpe@schmorp.de>
4
5 This file is part of GVPE.
6
7 GVPE is free software; you can redistribute it and/or modify it
8 under the terms of the GNU General Public License as published by the
9 Free Software Foundation; either version 3 of the License, or (at your
10 option) any later version.
11
12 This program is distributed in the hope that it will be useful, but
13 WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General
15 Public License for more details.
16
17 You should have received a copy of the GNU General Public License along
18 with this program; if not, see <http://www.gnu.org/licenses/>.
19
20 Additional permission under GNU GPL version 3 section 7
21
22 If you modify this Program, or any covered work, by linking or
23 combining it with the OpenSSL project's OpenSSL library (or a modified
24 version of that library), containing parts covered by the terms of the
25 OpenSSL or SSLeay licenses, the licensors of this Program grant you
26 additional permission to convey the resulting work. Corresponding
27 Source for a non-source form of such a combination shall include the
28 source code for the parts of OpenSSL used as well as that of the
29 covered work.
30 */
31
32 #include "config.h"
33
34 #include <list>
35 #include <queue>
36 #include <utility>
37
38 #include <openssl/rand.h>
39 #include <openssl/evp.h>
40 #include <openssl/rsa.h>
41 #include <openssl/err.h>
42
43 #include "conf.h"
44 #include "slog.h"
45 #include "device.h"
46 #include "vpn.h"
47 #include "connection.h"
48
49 #include "netcompat.h"
50
51 #if !HAVE_RAND_PSEUDO_BYTES
52 # define RAND_pseudo_bytes RAND_bytes
53 #endif
54
55 #define MAGIC_OLD "vped\xbd\xc6\xdb\x82" // 8 bytes of magic (still used in the protocol)
56 #define MAGIC "gvpe\xbd\xc6\xdb\x82" // 8 bytes of magic (understood but not generated)
57
58 #define ULTRA_FAST 1
59 #define HLOG 15
60 #include "lzf/lzf.h"
61 #include "lzf/lzf_c.c"
62 #include "lzf/lzf_d.c"
63
64 //////////////////////////////////////////////////////////////////////////////
65
66 static std::queue< std::pair<run_script_cb *, const char *> > rs_queue;
67 static ev::child rs_child_ev;
68
69 namespace
70 {
71 void // c++ requires external linkage here, apparently :(
72 rs_child_cb (ev::child &w, int revents)
73 {
74 w.stop ();
75
76 if (rs_queue.empty ())
77 return;
78
79 pid_t pid = run_script (*rs_queue.front ().first, false);
80 if (pid)
81 {
82 w.set (pid);
83 w.start ();
84 }
85 else
86 slog (L_WARN, rs_queue.front ().second);
87
88 delete rs_queue.front ().first;
89 rs_queue.pop ();
90 }
91 };
92
93 // despite the fancy name, this is quite a hack
94 static void
95 run_script_queued (run_script_cb *cb, const char *warnmsg)
96 {
97 rs_queue.push (std::make_pair (cb, warnmsg));
98
99 if (!rs_child_ev.is_active ())
100 {
101 rs_child_ev.set<rs_child_cb> ();
102 rs_child_ev ();
103 }
104 }
105
106 //////////////////////////////////////////////////////////////////////////////
107
108 struct crypto_ctx
109 {
110 EVP_CIPHER_CTX cctx;
111 HMAC_CTX hctx;
112
113 crypto_ctx (const rsachallenge &challenge, int enc);
114 ~crypto_ctx ();
115 };
116
117 crypto_ctx::crypto_ctx (const rsachallenge &challenge, int enc)
118 {
119 EVP_CIPHER_CTX_init (&cctx);
120 require (EVP_CipherInit_ex (&cctx, CIPHER, 0, &challenge[CHG_CIPHER_KEY], 0, enc));
121 HMAC_CTX_init (&hctx);
122 HMAC_Init_ex (&hctx, &challenge[CHG_HMAC_KEY], HMAC_KEYLEN, DIGEST, 0);
123 }
124
125 crypto_ctx::~crypto_ctx ()
126 {
127 require (EVP_CIPHER_CTX_cleanup (&cctx));
128 HMAC_CTX_cleanup (&hctx);
129 }
130
131 static void
132 rsa_hash (const rsaid &id, const rsachallenge &chg, rsaresponse &h)
133 {
134 EVP_MD_CTX ctx;
135
136 EVP_MD_CTX_init (&ctx);
137 require (EVP_DigestInit (&ctx, RSA_HASH));
138 require (EVP_DigestUpdate (&ctx, &chg, sizeof chg));
139 require (EVP_DigestUpdate (&ctx, &id, sizeof id));
140 require (EVP_DigestFinal (&ctx, (unsigned char *)&h, 0));
141 EVP_MD_CTX_cleanup (&ctx);
142 }
143
144 struct rsa_entry
145 {
146 tstamp expire;
147 rsaid id;
148 rsachallenge chg;
149 };
150
151 struct rsa_cache : list<rsa_entry>
152 {
153 inline void cleaner_cb (ev::timer &w, int revents); ev::timer cleaner;
154
155 bool find (const rsaid &id, rsachallenge &chg)
156 {
157 for (iterator i = begin (); i != end (); ++i)
158 {
159 if (!memcmp (&id, &i->id, sizeof id) && i->expire > ev_now ())
160 {
161 memcpy (&chg, &i->chg, sizeof chg);
162
163 erase (i);
164 return true;
165 }
166 }
167
168 if (!cleaner.is_active ())
169 cleaner.again ();
170
171 return false;
172 }
173
174 void gen (rsaid &id, rsachallenge &chg)
175 {
176 rsa_entry e;
177
178 RAND_bytes ((unsigned char *)&id, sizeof id);
179 RAND_bytes ((unsigned char *)&chg, sizeof chg);
180
181 e.expire = ev_now () + RSA_TTL;
182 e.id = id;
183 memcpy (&e.chg, &chg, sizeof chg);
184
185 push_back (e);
186
187 if (!cleaner.is_active ())
188 cleaner.again ();
189 }
190
191 rsa_cache ()
192 {
193 cleaner.set<rsa_cache, &rsa_cache::cleaner_cb> (this);
194 cleaner.set (RSA_TTL, RSA_TTL);
195 }
196
197 } rsa_cache;
198
199 void
200 rsa_cache::cleaner_cb (ev::timer &w, int revents)
201 {
202 if (empty ())
203 w.stop ();
204 else
205 {
206 for (iterator i = begin (); i != end (); )
207 if (i->expire <= ev_now ())
208 i = erase (i);
209 else
210 ++i;
211 }
212 }
213
214 //////////////////////////////////////////////////////////////////////////////
215
216 pkt_queue::pkt_queue (double max_ttl, int max_queue)
217 : max_ttl (max_ttl), max_queue (max_queue)
218 {
219 queue = new pkt [max_queue];
220
221 i = 0;
222 j = 0;
223
224 expire.set<pkt_queue, &pkt_queue::expire_cb> (this);
225 }
226
227 pkt_queue::~pkt_queue ()
228 {
229 while (net_packet *p = get ())
230 delete p;
231
232 delete [] queue;
233 }
234
235 void
236 pkt_queue::expire_cb (ev::timer &w, int revents)
237 {
238 ev_tstamp expire = ev_now () - max_ttl;
239
240 for (;;)
241 {
242 if (empty ())
243 break;
244
245 double diff = queue[j].tstamp - expire;
246
247 if (diff >= 0.)
248 {
249 w.start (diff > 0.5 ? diff : 0.5);
250 break;
251 }
252
253 delete get ();
254 }
255 }
256
257 void
258 pkt_queue::put (net_packet *p)
259 {
260 ev_tstamp now = ev_now ();
261
262 // start expiry timer
263 if (empty ())
264 expire.start (max_ttl);
265
266 int ni = i + 1 == max_queue ? 0 : i + 1;
267
268 if (ni == j)
269 delete get ();
270
271 queue[i].pkt = p;
272 queue[i].tstamp = now;
273
274 i = ni;
275 }
276
277 net_packet *
278 pkt_queue::get ()
279 {
280 if (empty ())
281 return 0;
282
283 net_packet *p = queue[j].pkt;
284 queue[j].pkt = 0;
285
286 j = j + 1 == max_queue ? 0 : j + 1;
287
288 return p;
289 }
290
291 struct net_rateinfo
292 {
293 u32 host;
294 double pcnt, diff;
295 tstamp last;
296 };
297
298 // only do action once every x seconds per host whole allowing bursts.
299 // this implementation ("splay list" ;) is inefficient,
300 // but low on resources.
301 struct net_rate_limiter : list<net_rateinfo>
302 {
303 # define NRL_ALPHA (1. - 1. / 600.) // allow bursts
304 # define NRL_CUTOFF 10. // one event every CUTOFF seconds
305 # define NRL_EXPIRE (NRL_CUTOFF * 30.) // expire entries after this time
306 # define NRL_MAXDIF (NRL_CUTOFF * (1. / (1. - NRL_ALPHA))) // maximum diff /count value
307
308 bool can (const sockinfo &si) { return can((u32)si.host); }
309 bool can (u32 host);
310 };
311
312 static net_rate_limiter auth_rate_limiter, reset_rate_limiter;
313
314 bool
315 net_rate_limiter::can (u32 host)
316 {
317 iterator i;
318
319 for (i = begin (); i != end (); )
320 if (i->host == host)
321 break;
322 else if (i->last < ev_now () - NRL_EXPIRE)
323 i = erase (i);
324 else
325 i++;
326
327 if (i == end ())
328 {
329 net_rateinfo ri;
330
331 ri.host = host;
332 ri.pcnt = 1.;
333 ri.diff = NRL_MAXDIF;
334 ri.last = ev_now ();
335
336 push_front (ri);
337
338 return true;
339 }
340 else
341 {
342 net_rateinfo ri (*i);
343 erase (i);
344
345 ri.pcnt = ri.pcnt * NRL_ALPHA;
346 ri.diff = ri.diff * NRL_ALPHA + (ev_now () - ri.last);
347
348 ri.last = ev_now ();
349
350 double dif = ri.diff / ri.pcnt;
351
352 bool send = dif > NRL_CUTOFF;
353
354 if (dif > NRL_MAXDIF)
355 {
356 ri.pcnt = 1.;
357 ri.diff = NRL_MAXDIF;
358 }
359 else if (send)
360 ri.pcnt++;
361
362 push_front (ri);
363
364 return send;
365 }
366 }
367
368 /////////////////////////////////////////////////////////////////////////////
369
370 unsigned char hmac_packet::hmac_digest[EVP_MAX_MD_SIZE];
371
372 void
373 hmac_packet::hmac_gen (crypto_ctx *ctx)
374 {
375 unsigned int xlen;
376
377 HMAC_CTX *hctx = &ctx->hctx;
378
379 HMAC_Init_ex (hctx, 0, 0, 0, 0);
380 HMAC_Update (hctx, ((unsigned char *) this) + sizeof (hmac_packet),
381 len - sizeof (hmac_packet));
382 HMAC_Final (hctx, (unsigned char *) &hmac_digest, &xlen);
383 }
384
385 void
386 hmac_packet::hmac_set (crypto_ctx *ctx)
387 {
388 hmac_gen (ctx);
389
390 memcpy (hmac, hmac_digest, HMACLENGTH);
391 }
392
393 bool
394 hmac_packet::hmac_chk (crypto_ctx *ctx)
395 {
396 hmac_gen (ctx);
397
398 return !memcmp (hmac, hmac_digest, HMACLENGTH);
399 }
400
401 void
402 vpn_packet::set_hdr (ptype type_, unsigned int dst)
403 {
404 type = type_;
405
406 int src = THISNODE->id;
407
408 src1 = src;
409 srcdst = ((src >> 8) << 4) | (dst >> 8);
410 dst1 = dst;
411 }
412
413 #define MAXVPNDATA (MAX_MTU - 6 - 6)
414 #define DATAHDR (sizeof (u32) + RAND_SIZE)
415
416 struct vpndata_packet : vpn_packet
417 {
418 u8 data[MAXVPNDATA + DATAHDR]; // seqno
419
420 void setup (connection *conn, int dst, u8 *d, u32 len, u32 seqno);
421 tap_packet *unpack (connection *conn, u32 &seqno);
422
423 private:
424 const u32 data_hdr_size () const
425 {
426 return sizeof (vpndata_packet) - sizeof (net_packet) - MAXVPNDATA - DATAHDR;
427 }
428 };
429
430 void
431 vpndata_packet::setup (connection *conn, int dst, u8 *d, u32 l, u32 seqno)
432 {
433 EVP_CIPHER_CTX *cctx = &conn->octx->cctx;
434 int outl = 0, outl2;
435 ptype type = PT_DATA_UNCOMPRESSED;
436
437 #if ENABLE_COMPRESSION
438 u8 cdata[MAX_MTU];
439
440 if (conn->features & FEATURE_COMPRESSION)
441 {
442 u32 cl = lzf_compress (d, l, cdata + 2, (l - 2) & ~7);
443
444 if (cl)
445 {
446 type = PT_DATA_COMPRESSED;
447 d = cdata;
448 l = cl + 2;
449
450 d[0] = cl >> 8;
451 d[1] = cl;
452 }
453 }
454 #endif
455
456 require (EVP_EncryptInit_ex (cctx, 0, 0, 0, 0));
457
458 struct {
459 #if RAND_SIZE
460 u8 rnd[RAND_SIZE];
461 #endif
462 u32 seqno;
463 } datahdr;
464
465 datahdr.seqno = ntohl (seqno);
466 #if RAND_SIZE
467 RAND_pseudo_bytes ((unsigned char *) datahdr.rnd, RAND_SIZE);
468 #endif
469
470 require (EVP_EncryptUpdate (cctx,
471 (unsigned char *) data + outl, &outl2,
472 (unsigned char *) &datahdr, DATAHDR));
473 outl += outl2;
474
475 require (EVP_EncryptUpdate (cctx,
476 (unsigned char *) data + outl, &outl2,
477 (unsigned char *) d, l));
478 outl += outl2;
479
480 require (EVP_EncryptFinal_ex (cctx, (unsigned char *) data + outl, &outl2));
481 outl += outl2;
482
483 len = outl + data_hdr_size ();
484
485 set_hdr (type, dst);
486
487 hmac_set (conn->octx);
488 }
489
490 tap_packet *
491 vpndata_packet::unpack (connection *conn, u32 &seqno)
492 {
493 EVP_CIPHER_CTX *cctx = &conn->ictx->cctx;
494 int outl = 0, outl2;
495 tap_packet *p = new tap_packet;
496 u8 *d;
497 u32 l = len - data_hdr_size ();
498
499 require (EVP_DecryptInit_ex (cctx, 0, 0, 0, 0));
500
501 #if ENABLE_COMPRESSION
502 u8 cdata[MAX_MTU];
503
504 if (type == PT_DATA_COMPRESSED)
505 d = cdata;
506 else
507 #endif
508 d = &(*p)[6 + 6 - DATAHDR];
509
510 /* this overwrites part of the src mac, but we fix that later */
511 require (EVP_DecryptUpdate (cctx,
512 d, &outl2,
513 (unsigned char *)&data, len - data_hdr_size ()));
514 outl += outl2;
515
516 require (EVP_DecryptFinal_ex (cctx, (unsigned char *)d + outl, &outl2));
517 outl += outl2;
518
519 seqno = ntohl (*(u32 *)(d + RAND_SIZE));
520
521 id2mac (dst () ? dst() : THISNODE->id, p->dst);
522 id2mac (src (), p->src);
523
524 #if ENABLE_COMPRESSION
525 if (type == PT_DATA_COMPRESSED)
526 {
527 u32 cl = (d[DATAHDR] << 8) | d[DATAHDR + 1];
528
529 p->len = lzf_decompress (d + DATAHDR + 2, cl < MAX_MTU ? cl : 0,
530 &(*p)[6 + 6], MAX_MTU)
531 + 6 + 6;
532 }
533 else
534 p->len = outl + (6 + 6 - DATAHDR);
535 #endif
536
537 return p;
538 }
539
540 struct ping_packet : vpn_packet
541 {
542 void setup (int dst, ptype type)
543 {
544 set_hdr (type, dst);
545 len = sizeof (*this) - sizeof (net_packet);
546 }
547 };
548
549 struct config_packet : vpn_packet
550 {
551 // actually, hmaclen cannot be checked because the hmac
552 // field comes before this data, so peers with other
553 // hmacs simply will not work.
554 u8 prot_major, prot_minor, randsize, hmaclen;
555 u8 flags, challengelen, features, pad3;
556 u32 cipher_nid, digest_nid, hmac_nid;
557
558 void setup (ptype type, int dst);
559 bool chk_config () const;
560
561 static u8 get_features ()
562 {
563 u8 f = 0;
564 #if ENABLE_COMPRESSION
565 f |= FEATURE_COMPRESSION;
566 #endif
567 #if ENABLE_ROHC
568 f |= FEATURE_ROHC;
569 #endif
570 #if ENABLE_BRIDGING
571 f |= FEATURE_BRIDGING;
572 #endif
573 return f;
574 }
575 };
576
577 void
578 config_packet::setup (ptype type, int dst)
579 {
580 prot_major = PROTOCOL_MAJOR;
581 prot_minor = PROTOCOL_MINOR;
582 randsize = RAND_SIZE;
583 hmaclen = HMACLENGTH;
584 flags = 0;
585 challengelen = sizeof (rsachallenge);
586 features = get_features ();
587
588 cipher_nid = htonl (EVP_CIPHER_nid (CIPHER));
589 digest_nid = htonl (EVP_MD_type (RSA_HASH));
590 hmac_nid = htonl (EVP_MD_type (DIGEST));
591
592 len = sizeof (*this) - sizeof (net_packet);
593 set_hdr (type, dst);
594 }
595
596 bool
597 config_packet::chk_config () const
598 {
599 if (prot_major != PROTOCOL_MAJOR)
600 slog (L_WARN, _("major version mismatch (remote %d <=> local %d)"), prot_major, PROTOCOL_MAJOR);
601 else if (randsize != RAND_SIZE)
602 slog (L_WARN, _("rand size mismatch (remote %d <=> local %d)"), randsize, RAND_SIZE);
603 else if (hmaclen != HMACLENGTH)
604 slog (L_WARN, _("hmac length mismatch (remote %d <=> local %d)"), hmaclen, HMACLENGTH);
605 else if (challengelen != sizeof (rsachallenge))
606 slog (L_WARN, _("challenge length mismatch (remote %d <=> local %d)"), challengelen, sizeof (rsachallenge));
607 else if (cipher_nid != htonl (EVP_CIPHER_nid (CIPHER)))
608 slog (L_WARN, _("cipher mismatch (remote %x <=> local %x)"), ntohl (cipher_nid), EVP_CIPHER_nid (CIPHER));
609 else if (digest_nid != htonl (EVP_MD_type (RSA_HASH)))
610 slog (L_WARN, _("digest mismatch (remote %x <=> local %x)"), ntohl (digest_nid), EVP_MD_type (RSA_HASH));
611 else if (hmac_nid != htonl (EVP_MD_type (DIGEST)))
612 slog (L_WARN, _("hmac mismatch (remote %x <=> local %x)"), ntohl (hmac_nid), EVP_MD_type (DIGEST));
613 else
614 return true;
615
616 return false;
617 }
618
619 struct auth_req_packet : config_packet
620 {
621 char magic[8];
622 u8 initiate; // false if this is just an automatic reply
623 u8 protocols; // supported protocols (will be patched on forward)
624 u8 pad2, pad3;
625 rsaid id;
626 rsaencrdata encr;
627
628 auth_req_packet (int dst, bool initiate_, u8 protocols_)
629 {
630 config_packet::setup (PT_AUTH_REQ, dst);
631 strncpy (magic, MAGIC_OLD, 8);
632 initiate = !!initiate_;
633 protocols = protocols_;
634
635 len = sizeof (*this) - sizeof (net_packet);
636 }
637 };
638
639 struct auth_res_packet : config_packet
640 {
641 rsaid id;
642 u8 pad1, pad2, pad3;
643 u8 response_len; // encrypted length
644 rsaresponse response;
645
646 auth_res_packet (int dst)
647 {
648 config_packet::setup (PT_AUTH_RES, dst);
649
650 len = sizeof (*this) - sizeof (net_packet);
651 }
652 };
653
654 struct connect_req_packet : vpn_packet
655 {
656 u8 id, protocols;
657 u8 pad1, pad2;
658
659 connect_req_packet (int dst, int id_, u8 protocols_)
660 : id(id_)
661 , protocols(protocols_)
662 {
663 set_hdr (PT_CONNECT_REQ, dst);
664 len = sizeof (*this) - sizeof (net_packet);
665 }
666 };
667
668 struct connect_info_packet : vpn_packet
669 {
670 u8 id, protocols;
671 u8 pad1, pad2;
672 sockinfo si;
673
674 connect_info_packet (int dst, int id_, const sockinfo &si_, u8 protocols_)
675 : id(id_)
676 , protocols(protocols_)
677 , si(si_)
678 {
679 set_hdr (PT_CONNECT_INFO, dst);
680
681 len = sizeof (*this) - sizeof (net_packet);
682 }
683 };
684
685 /////////////////////////////////////////////////////////////////////////////
686
687 void
688 connection::connection_established ()
689 {
690 slog (L_NOISE, _("%s: possible connection establish (ictx %d, octx %d)"), conf->nodename, !!ictx, !!octx);
691
692 if (ictx && octx)
693 {
694 // make sure rekeying timeouts are slightly asymmetric
695 ev::tstamp rekey_interval = ::conf.rekey + (conf->id > THISNODE->id ? 10 : 0);
696 rekey.start (rekey_interval, rekey_interval);
697
698 keepalive.start (::conf.keepalive);
699
700 // send queued packets
701 if (ictx && octx)
702 {
703 while (tap_packet *p = (tap_packet *)data_queue.get ())
704 {
705 if (p->len) send_data_packet (p);
706 delete p;
707 }
708
709 while (vpn_packet *p = (vpn_packet *)vpn_queue.get ())
710 {
711 if (p->len) send_vpn_packet (p, si, IPTOS_RELIABILITY);
712 delete p;
713 }
714 }
715
716 vpn->connection_established (this);
717 }
718 else
719 {
720 retry_cnt = 0;
721 establish_connection.start (5);
722 keepalive.stop ();
723 rekey.stop ();
724 }
725 }
726
727 void
728 connection::reset_si ()
729 {
730 if (vpn->can_direct (THISNODE, conf))
731 protocol = best_protocol (THISNODE->protocols & conf->connectable_protocols ());
732 else
733 {
734 slog (L_TRACE, _("%s: direct connection denied by config."), conf->nodename);
735 protocol = 0;
736 }
737
738 si.set (conf, protocol);
739
740 is_direct = si.valid ();
741 }
742
743 // ensure sockinfo is valid, forward if necessary
744 const sockinfo &
745 connection::forward_si (const sockinfo &si) const
746 {
747 if (!si.valid ())
748 {
749 connection *r = vpn->find_router_for (this);
750
751 if (r)
752 {
753 slog (L_DEBUG, _("%s: no common protocol, trying to route through %s."),
754 conf->nodename, r->conf->nodename);
755 return r->si;
756 }
757 else
758 slog (L_DEBUG, _("%s: node unreachable, no common protocol or no router available."),
759 conf->nodename);
760 }
761
762 return si;
763 }
764
765 void
766 connection::send_vpn_packet (vpn_packet *pkt, const sockinfo &si, int tos)
767 {
768 if (!vpn->send_vpn_packet (pkt, si, tos))
769 reset_connection ();
770 }
771
772 void
773 connection::send_ping (const sockinfo &si, u8 pong)
774 {
775 ping_packet *pkt = new ping_packet;
776
777 pkt->setup (conf->id, pong ? ping_packet::PT_PONG : ping_packet::PT_PING);
778
779 slog (L_TRACE, "%s << %s [%s]", conf->nodename, pong ? "PT_PONG" : "PT_PING", (const char *)si);
780
781 send_vpn_packet (pkt, si, IPTOS_LOWDELAY);
782
783 delete pkt;
784 }
785
786 void
787 connection::send_reset (const sockinfo &si)
788 {
789 if (reset_rate_limiter.can (si) && connectmode != conf_node::C_DISABLED)
790 {
791 config_packet *pkt = new config_packet;
792
793 pkt->setup (vpn_packet::PT_RESET, conf->id);
794 send_vpn_packet (pkt, si, IPTOS_MINCOST);
795
796 delete pkt;
797 }
798 }
799
800 void
801 connection::send_auth_request (const sockinfo &si, bool initiate)
802 {
803 auth_req_packet *pkt = new auth_req_packet (conf->id, initiate, THISNODE->protocols);
804
805 rsachallenge chg;
806 rsa_cache.gen (pkt->id, chg);
807 rsa_encrypt (conf->rsa_key, chg, pkt->encr);
808
809 slog (L_TRACE, "%s << PT_AUTH_REQ [%s]", conf->nodename, (const char *)si);
810
811 send_vpn_packet (pkt, si, IPTOS_RELIABILITY | IPTOS_LOWDELAY); // rsa is very very costly
812
813 delete pkt;
814 }
815
816 void
817 connection::send_auth_response (const sockinfo &si, const rsaid &id, const rsachallenge &chg)
818 {
819 auth_res_packet *pkt = new auth_res_packet (conf->id);
820
821 pkt->id = id;
822
823 rsa_hash (id, chg, pkt->response);
824
825 pkt->hmac_set (octx);
826
827 slog (L_TRACE, "%s << PT_AUTH_RES [%s]", conf->nodename, (const char *)si);
828
829 send_vpn_packet (pkt, si, IPTOS_RELIABILITY); // rsa is very very costly
830
831 delete pkt;
832 }
833
834 void
835 connection::send_connect_info (int rid, const sockinfo &rsi, u8 rprotocols)
836 {
837 slog (L_TRACE, "%s << PT_CONNECT_INFO(%s,%s,p%02x)", conf->nodename,
838 vpn->conns[rid - 1]->conf->nodename, (const char *)rsi,
839 conf->protocols);
840
841 connect_info_packet *r = new connect_info_packet (conf->id, rid, rsi, rprotocols);
842
843 r->hmac_set (octx);
844 send_vpn_packet (r, si);
845
846 delete r;
847 }
848
849 inline void
850 connection::establish_connection_cb (ev::timer &w, int revents)
851 {
852 if (!(ictx && octx)
853 && conf != THISNODE
854 && connectmode != conf_node::C_NEVER
855 && connectmode != conf_node::C_DISABLED
856 && !w.is_active ())
857 {
858 // a bit hacky, if ondemand, and packets are no longer queued, then reset the connection
859 // and stop trying. should probably be handled by a per-connection expire handler.
860 if (connectmode == conf_node::C_ONDEMAND && vpn_queue.empty () && data_queue.empty ())
861 {
862 reset_connection ();
863 return;
864 }
865
866 last_establish_attempt = ev_now ();
867
868 ev::tstamp retry_int = ev::tstamp (retry_cnt & 3
869 ? (retry_cnt & 3) + 1
870 : 1 << (retry_cnt >> 2));
871
872 reset_si ();
873
874 bool slow = si.prot & PROT_SLOW;
875
876 if (si.prot && !si.host && vpn->can_direct (THISNODE, conf))
877 {
878 /*TODO*/ /* start the timer so we don't recurse endlessly */
879 w.start (1);
880 vpn->send_connect_request (this);
881 }
882 else
883 {
884 if (si.valid ())
885 slog (L_DEBUG, _("%s: sending direct connection request to %s."),
886 conf->nodename, (const char *)si);
887
888 const sockinfo &dsi = forward_si (si);
889
890 slow = slow || (dsi.prot & PROT_SLOW);
891
892 if (dsi.valid () && auth_rate_limiter.can (dsi))
893 {
894 if (retry_cnt < 4)
895 send_auth_request (dsi, true);
896 else
897 send_ping (dsi, 0);
898 }
899 }
900
901 retry_int *= slow ? 8. : 0.9;
902
903 if (retry_int < conf->max_retry)
904 retry_cnt++;
905 else
906 retry_int = conf->max_retry;
907
908 w.start (retry_int);
909 }
910 }
911
912 void
913 connection::reset_connection ()
914 {
915 if (ictx && octx)
916 {
917 slog (L_INFO, _("%s(%s): connection lost"),
918 conf->nodename, (const char *)si);
919
920 if (::conf.script_node_down)
921 {
922 run_script_cb *cb = new run_script_cb;
923 cb->set<connection, &connection::script_node_down> (this);
924 run_script_queued (cb, _("node-down command execution failed, continuing."));
925 }
926 }
927
928 delete ictx; ictx = 0;
929 delete octx; octx = 0;
930
931 si.host = 0;
932
933 last_activity = 0.;
934 //last_si_change = 0.;
935 retry_cnt = 0;
936
937 rekey.stop ();
938 keepalive.stop ();
939 establish_connection.stop ();
940 }
941
942 void
943 connection::shutdown ()
944 {
945 if (ictx && octx)
946 send_reset (si);
947
948 reset_connection ();
949 }
950
951 // poor-man's rekeying
952 inline void
953 connection::rekey_cb (ev::timer &w, int revents)
954 {
955 reset_connection ();
956 establish_connection ();
957 }
958
959 void
960 connection::send_data_packet (tap_packet *pkt)
961 {
962 vpndata_packet *p = new vpndata_packet;
963 int tos = 0;
964
965 // I am not hilarious about peeking into packets, but so be it.
966 if (conf->inherit_tos && pkt->is_ipv4 ())
967 tos = (*pkt)[15] & IPTOS_TOS_MASK;
968
969 p->setup (this, conf->id, &((*pkt)[6 + 6]), pkt->len - 6 - 6, ++oseqno); // skip 2 macs
970 send_vpn_packet (p, si, tos);
971
972 delete p;
973
974 if (oseqno > MAX_SEQNO)
975 rekey ();
976 }
977
978 void
979 connection::post_inject_queue ()
980 {
981 // force a connection every now and when when packets are sent (max 1/s)
982 if (ev_now () - last_establish_attempt >= 0.95) // arbitrary
983 establish_connection.stop ();
984
985 establish_connection ();
986 }
987
988 void
989 connection::inject_data_packet (tap_packet *pkt)
990 {
991 if (ictx && octx)
992 send_data_packet (pkt);
993 else
994 {
995 data_queue.put (new tap_packet (*pkt));
996 post_inject_queue ();
997 }
998 }
999
1000 void
1001 connection::inject_vpn_packet (vpn_packet *pkt, int tos)
1002 {
1003 if (ictx && octx)
1004 send_vpn_packet (pkt, si, tos);
1005 else
1006 {
1007 vpn_queue.put ((vpn_packet *)new data_packet (*(data_packet *)pkt));
1008 post_inject_queue ();
1009 }
1010 }
1011
1012 void
1013 connection::recv_vpn_packet (vpn_packet *pkt, const sockinfo &rsi)
1014 {
1015 last_activity = ev_now ();
1016
1017 slog (L_NOISE, "%s >> received packet type %d from %d to %d.",
1018 conf->nodename, pkt->typ (), pkt->src (), pkt->dst ());
1019
1020 if (connectmode == conf_node::C_DISABLED)
1021 return;
1022
1023 switch (pkt->typ ())
1024 {
1025 case vpn_packet::PT_PING:
1026 slog (L_TRACE, "%s >> PT_PING", conf->nodename);
1027
1028 // we send pings instead of auth packets after some retries,
1029 // so reset the retry counter and establish a connection
1030 // when we receive a ping.
1031 if (!ictx)
1032 {
1033 if (auth_rate_limiter.can (rsi))
1034 send_auth_request (rsi, true);
1035 }
1036 else
1037 // we would love to change the socket address here, but ping's aren't
1038 // authenticated, so we best ignore it.
1039 send_ping (rsi, 1); // pong
1040
1041 break;
1042
1043 case vpn_packet::PT_PONG:
1044 slog (L_TRACE, "%s >> PT_PONG", conf->nodename);
1045
1046 // a PONG might mean that the other side doesn't really know
1047 // about our desire for communication.
1048 establish_connection ();
1049 break;
1050
1051 case vpn_packet::PT_RESET:
1052 {
1053 reset_connection ();
1054
1055 config_packet *p = (config_packet *) pkt;
1056
1057 if (!p->chk_config ())
1058 {
1059 slog (L_WARN, _("%s(%s): protocol mismatch, disabling node."),
1060 conf->nodename, (const char *)rsi);
1061 connectmode = conf_node::C_DISABLED;
1062 }
1063 else if (connectmode == conf_node::C_ALWAYS)
1064 establish_connection ();
1065 }
1066 break;
1067
1068 case vpn_packet::PT_AUTH_REQ:
1069 if (auth_rate_limiter.can (rsi))
1070 {
1071 auth_req_packet *p = (auth_req_packet *)pkt;
1072
1073 slog (L_TRACE, "%s >> PT_AUTH_REQ(%s,p%02x,f%02x)",
1074 conf->nodename, p->initiate ? "initiate" : "reply",
1075 p->protocols, p->features);
1076
1077 if (p->chk_config ()
1078 && (!memcmp (p->magic, MAGIC_OLD, 8) || !memcmp (p->magic, MAGIC, 8)))
1079 {
1080 if (p->prot_minor != PROTOCOL_MINOR)
1081 slog (L_INFO, _("%s(%s): protocol minor version mismatch: ours is %d, %s's is %d."),
1082 conf->nodename, (const char *)rsi,
1083 PROTOCOL_MINOR, conf->nodename, p->prot_minor);
1084
1085 if (p->initiate)
1086 send_auth_request (rsi, false);
1087
1088 rsachallenge k;
1089
1090 if (!rsa_decrypt (::conf.rsa_key, p->encr, k))
1091 {
1092 slog (L_ERR, _("%s(%s): challenge illegal or corrupted (%s). mismatched key or config file?"),
1093 conf->nodename, (const char *)rsi, ERR_error_string (ERR_get_error (), 0));
1094 break;
1095 }
1096 else
1097 {
1098 delete octx;
1099
1100 octx = new crypto_ctx (k, 1);
1101 oseqno = ntohl (*(u32 *)&k[CHG_SEQNO]) & 0x7fffffff;
1102
1103 conf->protocols = p->protocols;
1104 features = p->features & config_packet::get_features ();
1105
1106 send_auth_response (rsi, p->id, k);
1107
1108 connection_established ();
1109
1110 break;
1111 }
1112 }
1113 else
1114 slog (L_WARN, _("%s(%s): protocol mismatch."),
1115 conf->nodename, (const char *)rsi);
1116
1117 send_reset (rsi);
1118 }
1119
1120 break;
1121
1122 case vpn_packet::PT_AUTH_RES:
1123 {
1124 auth_res_packet *p = (auth_res_packet *)pkt;
1125
1126 slog (L_TRACE, "%s >> PT_AUTH_RES", conf->nodename);
1127
1128 if (p->chk_config ())
1129 {
1130 if (p->prot_minor != PROTOCOL_MINOR)
1131 slog (L_INFO, _("%s(%s): protocol minor version mismatch: ours is %d, %s's is %d."),
1132 conf->nodename, (const char *)rsi,
1133 PROTOCOL_MINOR, conf->nodename, p->prot_minor);
1134
1135 rsachallenge chg;
1136
1137 if (!rsa_cache.find (p->id, chg))
1138 {
1139 slog (L_ERR, _("%s(%s): unrequested auth response, ignoring."),
1140 conf->nodename, (const char *)rsi);
1141 break;
1142 }
1143 else
1144 {
1145 crypto_ctx *cctx = new crypto_ctx (chg, 0);
1146
1147 if (!p->hmac_chk (cctx))
1148 {
1149 slog (L_ERR, _("%s(%s): hmac authentication error on auth response, received invalid packet\n"
1150 "could be an attack, or just corruption or a synchronization error."),
1151 conf->nodename, (const char *)rsi);
1152 break;
1153 }
1154 else
1155 {
1156 rsaresponse h;
1157
1158 rsa_hash (p->id, chg, h);
1159
1160 if (!memcmp ((u8 *)&h, (u8 *)p->response, sizeof h))
1161 {
1162 prot_minor = p->prot_minor;
1163
1164 delete ictx; ictx = cctx;
1165
1166 iseqno.reset (ntohl (*(u32 *)&chg[CHG_SEQNO]) & 0x7fffffff); // at least 2**31 sequence numbers are valid
1167
1168 si = rsi;
1169 protocol = rsi.prot;
1170
1171 slog (L_INFO, _("%s(%s): connection established (%s), protocol version %d.%d."),
1172 conf->nodename, (const char *)rsi,
1173 is_direct ? "direct" : "forwarded",
1174 p->prot_major, p->prot_minor);
1175
1176 connection_established ();
1177
1178 if (::conf.script_node_up)
1179 {
1180 run_script_cb *cb = new run_script_cb;
1181 cb->set<connection, &connection::script_node_up> (this);
1182 run_script_queued (cb, _("node-up command execution failed, continuing."));
1183 }
1184
1185 break;
1186 }
1187 else
1188 slog (L_ERR, _("%s(%s): sent and received challenge do not match."),
1189 conf->nodename, (const char *)rsi);
1190 }
1191
1192 delete cctx;
1193 }
1194 }
1195 }
1196
1197 send_reset (rsi);
1198 break;
1199
1200 case vpn_packet::PT_DATA_COMPRESSED:
1201 #if !ENABLE_COMPRESSION
1202 send_reset (rsi);
1203 break;
1204 #endif
1205
1206 case vpn_packet::PT_DATA_UNCOMPRESSED:
1207
1208 if (ictx && octx)
1209 {
1210 vpndata_packet *p = (vpndata_packet *)pkt;
1211
1212 if (!p->hmac_chk (ictx))
1213 slog (L_ERR, _("%s(%s): hmac authentication error, received invalid packet\n"
1214 "could be an attack, or just corruption or a synchronization error."),
1215 conf->nodename, (const char *)rsi);
1216 else
1217 {
1218 u32 seqno;
1219 tap_packet *d = p->unpack (this, seqno);
1220 int seqclass = iseqno.seqno_classify (seqno);
1221
1222 if (seqclass == 0) // ok
1223 {
1224 vpn->tap->send (d);
1225
1226 if (si != rsi)
1227 {
1228 // fast re-sync on source address changes, useful especially for tcp/ip
1229 //if (last_si_change < ev_now () + 5.)
1230 // {
1231 slog (L_INFO, _("%s(%s): changing socket address to %s."),
1232 conf->nodename, (const char *)si, (const char *)rsi);
1233
1234 si = rsi;
1235
1236 if (::conf.script_node_change)
1237 {
1238 run_script_cb *cb = new run_script_cb;
1239 cb->set<connection, &connection::script_node_change> (this);
1240 run_script_queued (cb, _("node-change command execution failed, continuing."));
1241 }
1242
1243 // }
1244 //else
1245 // slog (L_INFO, _("%s(%s): accepted packet from %s, not (yet) redirecting traffic."),
1246 // conf->nodename, (const char *)si, (const char *)rsi);
1247 }
1248 }
1249 else if (seqclass == 1) // far history
1250 slog (L_ERR, _("received very old packet (received %08lx, expected %08lx). "
1251 "possible replay attack, or just packet duplication/delay, ignoring."), seqno, iseqno.seq + 1);
1252 else if (seqclass == 2) // in-window duplicate, happens often on wireless
1253 slog (L_DEBUG, _("received recent duplicated packet (received %08lx, expected %08lx). "
1254 "possible replay attack, or just packet duplication, ignoring."), seqno, iseqno.seq + 1);
1255 else if (seqclass == 3) // reset
1256 {
1257 slog (L_ERR, _("received out-of-sync (far future) packet (received %08lx, expected %08lx). "
1258 "probably just massive packet loss, sending reset."), seqno, iseqno.seq + 1);
1259 send_reset (rsi);
1260 }
1261
1262 delete d;
1263 break;
1264 }
1265 }
1266
1267 send_reset (rsi);
1268 break;
1269
1270 case vpn_packet::PT_CONNECT_REQ:
1271 if (ictx && octx && rsi == si && pkt->hmac_chk (ictx))
1272 {
1273 connect_req_packet *p = (connect_req_packet *)pkt;
1274
1275 if (p->id > 0 && p->id <= vpn->conns.size ())
1276 {
1277 connection *c = vpn->conns[p->id - 1];
1278 conf->protocols = p->protocols;
1279
1280 slog (L_TRACE, "%s >> PT_CONNECT_REQ(%s,p%02x) [%d]",
1281 conf->nodename, vpn->conns[p->id - 1]->conf->nodename,
1282 p->protocols,
1283 c->ictx && c->octx);
1284
1285 if (c->ictx && c->octx)
1286 {
1287 // send connect_info packets to both sides, in case one is
1288 // behind a nat firewall (or both ;)
1289 c->send_connect_info (conf->id, si, conf->protocols);
1290 send_connect_info (c->conf->id, c->si, c->conf->protocols);
1291 }
1292 else
1293 c->establish_connection ();
1294 }
1295 else
1296 slog (L_WARN,
1297 _("received authenticated connection request from unknown node #%d, config file mismatch?"),
1298 p->id);
1299 }
1300
1301 break;
1302
1303 case vpn_packet::PT_CONNECT_INFO:
1304 if (ictx && octx && rsi == si && pkt->hmac_chk (ictx))
1305 {
1306 connect_info_packet *p = (connect_info_packet *)pkt;
1307
1308 if (p->id > 0 && p->id <= vpn->conns.size ())
1309 {
1310 connection *c = vpn->conns[p->id - 1];
1311
1312 c->conf->protocols = p->protocols;
1313 protocol = best_protocol (c->conf->protocols & THISNODE->protocols & p->si.supported_protocols (c->conf));
1314 p->si.upgrade_protocol (protocol, c->conf);
1315
1316 slog (L_TRACE, "%s >> PT_CONNECT_INFO(%s,%s,protocols=%02x,protocol=%02x,upgradable=%02x) [%d]",
1317 conf->nodename,
1318 vpn->conns[p->id - 1]->conf->nodename,
1319 (const char *)p->si,
1320 p->protocols,
1321 protocol,
1322 p->si.supported_protocols (c->conf),
1323 !c->ictx && !c->octx);
1324
1325 const sockinfo &dsi = forward_si (p->si);
1326
1327 if (dsi.valid ())
1328 c->send_auth_request (dsi, true);
1329 else
1330 slog (L_INFO, "connect info for %s received (%s), but still unable to contact.",
1331 vpn->conns[p->id - 1]->conf->nodename,
1332 (const char *)p->si);
1333 }
1334 else
1335 slog (L_WARN,
1336 _("received authenticated connection request from unknown node #%d, config file mismatch?"),
1337 p->id);
1338 }
1339
1340 break;
1341
1342 default:
1343 send_reset (rsi);
1344 break;
1345 }
1346 }
1347
1348 inline void
1349 connection::keepalive_cb (ev::timer &w, int revents)
1350 {
1351 ev_tstamp when = last_activity + ::conf.keepalive - ev::now ();
1352
1353 if (when >= 0)
1354 w.start (when);
1355 else if (when < -15)
1356 {
1357 reset_connection ();
1358 establish_connection ();
1359 }
1360 else if (conf->connectmode != conf_node::C_ONDEMAND
1361 || THISNODE->connectmode != conf_node::C_ONDEMAND)
1362 {
1363 w.start (3);
1364 send_ping (si);
1365 }
1366 else if (when >= -10)
1367 // hold ondemand connections implicitly a few seconds longer
1368 // should delete octx, though, or something like that ;)
1369 w.start (when + 10);
1370 else
1371 reset_connection ();
1372 }
1373
1374 void
1375 connection::send_connect_request (int id)
1376 {
1377 connect_req_packet *p = new connect_req_packet (conf->id, id, THISNODE->protocols);
1378
1379 slog (L_TRACE, "%s << PT_CONNECT_REQ(%s,p%02x)",
1380 conf->nodename, vpn->conns[id - 1]->conf->nodename,
1381 THISNODE->protocols);
1382 p->hmac_set (octx);
1383 send_vpn_packet (p, si);
1384
1385 delete p;
1386 }
1387
1388 void
1389 connection::script_init_env (const char *ext)
1390 {
1391 char *env;
1392 asprintf (&env, "IFUPDATA%s=%s", ext, conf->if_up_data); putenv (env);
1393 asprintf (&env, "NODENAME%s=%s", ext, conf->nodename); putenv (env);
1394 asprintf (&env, "MAC%s=%02x:%02x:%02x:%02x:%02x:%02x", ext,
1395 0xfe, 0xfd, 0x80, 0x00, conf->id >> 8,
1396 conf->id & 0xff); putenv (env);
1397 }
1398
1399 void
1400 connection::script_init_connect_env ()
1401 {
1402 vpn->script_init_env ();
1403
1404 char *env;
1405 asprintf (&env, "DESTID=%d", conf->id); putenv (env);
1406 asprintf (&env, "DESTSI=%s", (const char *)si); putenv (env);
1407 asprintf (&env, "DESTNODE=%s", conf->nodename); putenv (env);
1408 asprintf (&env, "DESTIP=%s", si.ntoa ()); putenv (env);
1409 asprintf (&env, "DESTPORT=%d", ntohs (si.port)); putenv (env);
1410 }
1411
1412 inline const char *
1413 connection::script_node_up ()
1414 {
1415 script_init_connect_env ();
1416
1417 putenv ((char *)"STATE=up");
1418
1419 char *filename;
1420 asprintf (&filename,
1421 "%s/%s",
1422 confbase,
1423 ::conf.script_node_up ? ::conf.script_node_up : "node-up");
1424
1425 return filename;
1426 }
1427
1428 inline const char *
1429 connection::script_node_change ()
1430 {
1431 script_init_connect_env ();
1432
1433 putenv ((char *)"STATE=change");
1434
1435 char *filename;
1436 asprintf (&filename,
1437 "%s/%s",
1438 confbase,
1439 ::conf.script_node_change ? ::conf.script_node_change : "node-change");
1440
1441 return filename;
1442 }
1443
1444 inline const char *
1445 connection::script_node_down ()
1446 {
1447 script_init_connect_env ();
1448
1449 putenv ((char *)"STATE=down");
1450
1451 char *filename;
1452 asprintf (&filename,
1453 "%s/%s",
1454 confbase,
1455 ::conf.script_node_down ? ::conf.script_node_down : "node-down");
1456
1457 return filename;
1458 }
1459
1460 connection::connection (struct vpn *vpn, conf_node *conf)
1461 : vpn(vpn), conf(conf),
1462 #if ENABLE_DNS
1463 dns (0),
1464 #endif
1465 data_queue(conf->max_ttl, conf->max_queue + 1),
1466 vpn_queue(conf->max_ttl, conf->max_queue + 1)
1467 {
1468 rekey .set<connection, &connection::rekey_cb > (this);
1469 keepalive .set<connection, &connection::keepalive_cb > (this);
1470 establish_connection.set<connection, &connection::establish_connection_cb> (this);
1471
1472 last_establish_attempt = 0.;
1473 octx = ictx = 0;
1474
1475 connectmode = conf->connectmode;
1476
1477 // queue a dummy packet to force an initial connection attempt
1478 if (connectmode != conf_node::C_ALWAYS && connectmode != conf_node::C_DISABLED)
1479 vpn_queue.put (new net_packet);
1480
1481 reset_connection ();
1482 }
1483
1484 connection::~connection ()
1485 {
1486 shutdown ();
1487 }
1488
1489 void
1490 connection_init ()
1491 {
1492 auth_rate_limiter.clear ();
1493 reset_rate_limiter.clear ();
1494 }
1495