ViewVC Help
View File | Revision Log | Show Annotations | Download File
/cvs/gvpe/src/connection.h
Revision: 1.35
Committed: Tue Feb 8 23:13:48 2011 UTC (13 years, 3 months ago) by root
Content type: text/plain
Branch: MAIN
Changes since 1.34: +1 -1 lines
Log Message: 
whitespace cleanup

File Contents

# User Rev Content
1 pcg 1.1 /*
2     connection.h -- header for connection.C
3 pcg 1.32 Copyright (C) 2003-2008 Marc Lehmann <gvpe@schmorp.de>
4 pcg 1.1
5 pcg 1.18 This file is part of GVPE.
6    
7 pcg 1.32 GVPE is free software; you can redistribute it and/or modify it
8     under the terms of the GNU General Public License as published by the
9     Free Software Foundation; either version 3 of the License, or (at your
10     option) any later version.
11    
12     This program is distributed in the hope that it will be useful, but
13     WITHOUT ANY WARRANTY; without even the implied warranty of
14     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General
15     Public License for more details.
16    
17     You should have received a copy of the GNU General Public License along
18     with this program; if not, see <http://www.gnu.org/licenses/>.
19    
20     Additional permission under GNU GPL version 3 section 7
21    
22     If you modify this Program, or any covered work, by linking or
23     combining it with the OpenSSL project's OpenSSL library (or a modified
24     version of that library), containing parts covered by the terms of the
25     OpenSSL or SSLeay licenses, the licensors of this Program grant you
26     additional permission to convey the resulting work. Corresponding
27     Source for a non-source form of such a combination shall include the
28     source code for the parts of OpenSSL used as well as that of the
29     covered work.
30 pcg 1.1 */
31    
32 pcg 1.22 #ifndef GVPE_CONNECTION_H__
33     #define GVPE_CONNECTION_H__
34 pcg 1.1
35     #include <openssl/hmac.h>
36    
37     #include "global.h"
38     #include "conf.h"
39     #include "sockinfo.h"
40     #include "util.h"
41     #include "device.h"
42    
43     struct vpn;
44    
45     // called after HUP etc. to (re-)initialize global data structures
46     void connection_init ();
47    
48 pcg 1.29 struct rsaid
49     {
50 pcg 1.1 u8 id[RSA_IDLEN]; // the challenge id
51     };
52    
53 pcg 1.11 typedef rsaclear rsachallenge; // challenge data;
54     typedef rsacrypt rsaencrdata; // encrypted challenge
55 pcg 1.1 typedef u8 rsaresponse[RSA_RESLEN]; // the encrypted ripemd160 hash
56    
57     ////////////////////////////////////////////////////////////////////////////////////////
58    
59     struct crypto_ctx;
60    
61 pcg 1.13 struct hmac_packet : net_packet
62 pcg 1.1 {
63     u8 hmac[HMACLENGTH]; // each and every packet has a hmac field, but that is not (yet) checked everywhere
64    
65     void hmac_set (crypto_ctx * ctx);
66     bool hmac_chk (crypto_ctx * ctx);
67    
68     private:
69     static unsigned char hmac_digest[EVP_MAX_MD_SIZE];
70    
71     void hmac_gen (crypto_ctx * ctx);
72     };
73    
74     struct vpn_packet : hmac_packet
75 pcg 1.29 {
76     enum ptype
77 pcg 1.1 {
78 pcg 1.29 PT_RESET = 0,
79     PT_DATA_UNCOMPRESSED,
80     PT_DATA_COMPRESSED,
81     PT_PING, PT_PONG, // wasting namespace space? ;)
82     PT_AUTH_REQ, // authentification request
83     PT_AUTH_RES, // authentification response
84     PT_CONNECT_REQ, // want other node to contact me
85     PT_CONNECT_INFO, // request connection to some node
86 pcg 1.31 PT_DATA_BRIDGED, // uncompressed packet with foreign mac pot. larger than path mtu (NYI)
87 pcg 1.29 PT_MAX
88 pcg 1.1 };
89    
90 pcg 1.29 u8 type;
91     u8 srcdst, src1, dst1;
92    
93     void set_hdr (ptype type_, unsigned int dst);
94    
95     unsigned int src () const
96     {
97     return src1 | ((srcdst >> 4) << 8);
98     }
99    
100     unsigned int dst () const
101     {
102     return dst1 | ((srcdst & 0xf) << 8);
103     }
104    
105     ptype typ () const
106     {
107     return (ptype) type;
108     }
109     };
110    
111 pcg 1.1 ////////////////////////////////////////////////////////////////////////////////////////
112    
113     // a very simple fifo pkt-queue
114     class pkt_queue
115 pcg 1.29 {
116     int i, j;
117 pcg 1.30 int max_queue;
118     double max_ttl;
119    
120     struct pkt {
121     ev_tstamp tstamp;
122     net_packet *pkt;
123     } *queue;
124    
125     void expire_cb (ev::timer &w, int revents); ev::timer expire;
126 pcg 1.1
127 pcg 1.29 public:
128 pcg 1.1
129 pcg 1.29 void put (net_packet *p);
130     net_packet *get ();
131 pcg 1.1
132 pcg 1.30 bool empty ()
133     {
134     return i == j;
135     }
136    
137     pkt_queue (double max_ttl, int max_queue);
138 pcg 1.29 ~pkt_queue ();
139     };
140 pcg 1.1
141 pcg 1.14 enum
142 pcg 1.29 {
143     FEATURE_COMPRESSION = 0x01,
144     FEATURE_ROHC = 0x02,
145     FEATURE_BRIDGING = 0x04,
146     };
147 pcg 1.14
148 pcg 1.1 struct connection
149 pcg 1.29 {
150     conf_node *conf;
151     struct vpn *vpn;
152 pcg 1.1
153 pcg 1.29 sockinfo si; // the current(!) destination ip to send packets to
154     int retry_cnt;
155 pcg 1.1
156 pcg 1.29 tstamp last_activity; // time of last packet received
157 root 1.35 tstamp last_establish_attempt;
158 pcg 1.33 //tstamp last_si_change; // time we last changed the socket address
159 pcg 1.1
160 pcg 1.29 u32 oseqno;
161     sliding_window iseqno;
162 pcg 1.1
163 pcg 1.29 u8 protocol;
164     u8 features;
165 pcg 1.33 bool is_direct; // current connection (si) is direct?
166 pcg 1.1
167 pcg 1.29 pkt_queue data_queue, vpn_queue;
168 pcg 1.1
169 pcg 1.29 crypto_ctx *octx, *ictx;
170 pcg 1.1
171 pcg 1.15 #if ENABLE_DNS
172 pcg 1.29 struct dns_connection *dns;
173 pcg 1.16
174 pcg 1.29 void dnsv4_reset_connection ();
175 pcg 1.15 #endif
176    
177 pcg 1.29 enum conf_node::connectmode connectmode;
178     u8 prot_minor; // minor number of other side
179 pcg 1.1
180 pcg 1.29 void reset_si ();
181     const sockinfo &forward_si (const sockinfo &si) const;
182 pcg 1.1
183 pcg 1.29 void shutdown ();
184     void connection_established ();
185     void reset_connection ();
186    
187     void establish_connection_cb (ev::timer &w, int revents); ev::timer establish_connection;
188     void rekey_cb (ev::timer &w, int revents); ev::timer rekey; // next rekying (actually current reset + reestablishing)
189     void keepalive_cb (ev::timer &w, int revents); ev::timer keepalive; // next keepalive probe
190    
191     void send_connect_request (int id);
192     void send_auth_request (const sockinfo &si, bool initiate);
193     void send_auth_response (const sockinfo &si, const rsaid &id, const rsachallenge &chg);
194     void send_connect_info (int rid, const sockinfo &rsi, u8 rprotocols);
195     void send_reset (const sockinfo &dsi);
196     void send_ping (const sockinfo &dsi, u8 pong = 0);
197     void send_data_packet (tap_packet *pkt);
198    
199 pcg 1.31 void post_inject_queue ();
200     void inject_data_packet (tap_packet *pkt);
201 pcg 1.29 void inject_vpn_packet (vpn_packet *pkt, int tos = 0); // for forwarding
202    
203     void recv_vpn_packet (vpn_packet *pkt, const sockinfo &rsi);
204     void send_vpn_packet (vpn_packet *pkt, const sockinfo &si, int tos = 0);
205    
206     void script_init_env (const char *ext);
207     void script_init_connect_env ();
208     const char *script_node_up ();
209 pcg 1.34 const char *script_node_change ();
210 pcg 1.29 const char *script_node_down ();
211 pcg 1.1
212 pcg 1.29 void dump_status ();
213 pcg 1.1
214 pcg 1.29 connection (struct vpn *vpn, conf_node *conf);
215     ~connection ();
216     };
217 pcg 1.1
218     #endif
219