ViewVC Help
View File | Revision Log | Show Annotations | Download File
/cvs/gvpe/src/connection.h
(Generate patch)

Comparing gvpe/src/connection.h (file contents):
Revision 1.1 by pcg, Wed Apr 2 03:06:22 2003 UTC vs.
Revision 1.15 by pcg, Tue Mar 1 06:27:20 2005 UTC

1/* 1/*
2 connection.h -- header for connection.C 2 connection.h -- header for connection.C
3 Copyright (C) 2003-2004 Marc Lehmann <pcg@goof.com>
3 4
4 This program is free software; you can redistribute it and/or modify 5 This program is free software; you can redistribute it and/or modify
5 it under the terms of the GNU General Public License as published by 6 it under the terms of the GNU General Public License as published by
6 the Free Software Foundation; either version 2 of the License, or 7 the Free Software Foundation; either version 2 of the License, or
7 (at your option) any later version. 8 (at your option) any later version.
17*/ 18*/
18 19
19#ifndef VPE_CONNECTION_H__ 20#ifndef VPE_CONNECTION_H__
20#define VPE_CONNECTION_H__ 21#define VPE_CONNECTION_H__
21 22
22#include <netinet/ip.h> // for tos etc.
23
24#include <openssl/rand.h>
25#include <openssl/hmac.h> 23#include <openssl/hmac.h>
26#include <openssl/evp.h>
27#include <openssl/rsa.h>
28#include <openssl/err.h>
29 24
30#include "global.h" 25#include "global.h"
31#include "conf.h" 26#include "conf.h"
32#include "sockinfo.h" 27#include "sockinfo.h"
33#include "util.h" 28#include "util.h"
40 35
41struct rsaid { 36struct rsaid {
42 u8 id[RSA_IDLEN]; // the challenge id 37 u8 id[RSA_IDLEN]; // the challenge id
43}; 38};
44 39
45typedef u8 rsachallenge[RSA_KEYLEN - RSA_OVERHEAD]; // challenge data; 40typedef rsaclear rsachallenge; // challenge data;
46typedef u8 rsaencrdata[RSA_KEYLEN]; // encrypted challenge 41typedef rsacrypt rsaencrdata; // encrypted challenge
47typedef u8 rsaresponse[RSA_RESLEN]; // the encrypted ripemd160 hash 42typedef u8 rsaresponse[RSA_RESLEN]; // the encrypted ripemd160 hash
48 43
49//////////////////////////////////////////////////////////////////////////////////////// 44////////////////////////////////////////////////////////////////////////////////////////
50 45
51struct crypto_ctx; 46struct crypto_ctx;
52 47
53struct hmac_packet:net_packet 48struct hmac_packet : net_packet
54{ 49{
55 u8 hmac[HMACLENGTH]; // each and every packet has a hmac field, but that is not (yet) checked everywhere 50 u8 hmac[HMACLENGTH]; // each and every packet has a hmac field, but that is not (yet) checked everywhere
56 51
57 void hmac_set (crypto_ctx * ctx); 52 void hmac_set (crypto_ctx * ctx);
58 bool hmac_chk (crypto_ctx * ctx); 53 bool hmac_chk (crypto_ctx * ctx);
79 }; 74 };
80 75
81 u8 type; 76 u8 type;
82 u8 srcdst, src1, dst1; 77 u8 srcdst, src1, dst1;
83 78
84 void set_hdr (ptype type, unsigned int dst); 79 void set_hdr (ptype type_, unsigned int dst);
85 80
86 unsigned int src () const 81 unsigned int src () const
87 { 82 {
88 return src1 | ((srcdst >> 4) << 8); 83 return src1 | ((srcdst >> 4) << 8);
89 } 84 }
102//////////////////////////////////////////////////////////////////////////////////////// 97////////////////////////////////////////////////////////////////////////////////////////
103 98
104// a very simple fifo pkt-queue 99// a very simple fifo pkt-queue
105class pkt_queue 100class pkt_queue
106 { 101 {
107 tap_packet *queue[QUEUEDEPTH]; 102 net_packet *queue[QUEUEDEPTH];
108 int i, j; 103 int i, j;
109 104
110 public: 105 public:
111 106
112 void put (tap_packet *p); 107 void put (net_packet *p);
113 tap_packet *get (); 108 net_packet *get ();
114 109
115 pkt_queue (); 110 pkt_queue ();
116 ~pkt_queue (); 111 ~pkt_queue ();
112 };
113
114enum
115 {
116 FEATURE_COMPRESSION = 0x01,
117 FEATURE_ROHC = 0x02,
117 }; 118 };
118 119
119struct connection 120struct connection
120 { 121 {
121 conf_node *conf; 122 conf_node *conf;
128 129
129 u32 oseqno; 130 u32 oseqno;
130 sliding_window iseqno; 131 sliding_window iseqno;
131 132
132 u8 protocol; 133 u8 protocol;
134 u8 features;
133 135
134 pkt_queue queue; 136 pkt_queue data_queue, vpn_queue;
135 137
136 crypto_ctx *octx, *ictx; 138 crypto_ctx *octx, *ictx;
139
140#if ENABLE_DNS
141 vector<struct dns_rep *> dns_rcvq;
142 vector<struct dns_req *> dns_sndq;
143
144 void dnsv4_cb (time_watcher &w); time_watcher dnsv4_tw;
145 bool send_dnsv4_packet (vpn_packet *pkt, const sockinfo &si, int tos);
146#endif
137 147
138 enum conf_node::connectmode connectmode; 148 enum conf_node::connectmode connectmode;
139 u8 prot_minor; // minor number of other side 149 u8 prot_minor; // minor number of other side
140 150
141 void reset_dstaddr (); 151 void reset_si ();
152 const sockinfo &forward_si (const sockinfo &si) const;
142 153
143 void shutdown (); 154 void shutdown ();
155 void connection_established ();
144 void reset_connection (); 156 void reset_connection ();
145 void establish_connection_cb (tstamp &ts); time_watcher establish_connection;
146 void rekey_cb (tstamp &ts); time_watcher rekey; // next rekying (actually current reset + reestablishing)
147 void keepalive_cb (tstamp &ts); time_watcher keepalive; // next keepalive probe
148 157
158 void establish_connection_cb (time_watcher &w); time_watcher establish_connection;
159 void rekey_cb (time_watcher &w); time_watcher rekey; // next rekying (actually current reset + reestablishing)
160 void keepalive_cb (time_watcher &w); time_watcher keepalive; // next keepalive probe
161
162 void send_connect_request (int id);
149 void send_auth_request (const sockinfo &si, bool initiate); 163 void send_auth_request (const sockinfo &si, bool initiate);
150 void send_auth_response (const sockinfo &si, const rsaid &id, const rsachallenge &chg); 164 void send_auth_response (const sockinfo &si, const rsaid &id, const rsachallenge &chg);
151 void send_connect_info (int rid, const sockinfo &rsi, u8 rprotocols); 165 void send_connect_info (int rid, const sockinfo &rsi, u8 rprotocols);
152 void send_reset (const sockinfo &dsi); 166 void send_reset (const sockinfo &dsi);
153 void send_ping (const sockinfo &dsi, u8 pong = 0); 167 void send_ping (const sockinfo &dsi, u8 pong = 0);
154 void send_data_packet (tap_packet *pkt, bool broadcast = false); 168 void send_data_packet (tap_packet *pkt);
169
155 void inject_data_packet (tap_packet *pkt, bool broadcast = false); 170 void inject_data_packet (tap_packet *pkt, bool broadcast = false);
156 void connect_request (int id); 171 void inject_vpn_packet (vpn_packet *pkt, int tos = 0); // for forwarding
157 172
158 void send_vpn_packet (vpn_packet *pkt, const sockinfo &si, int tos = IPTOS_RELIABILITY); 173 void send_vpn_packet (vpn_packet *pkt, const sockinfo &si, int tos = 0);
159 void recv_vpn_packet (vpn_packet *pkt, const sockinfo &rsi); 174 void recv_vpn_packet (vpn_packet *pkt, const sockinfo &rsi);
160 175
161 void script_node (); 176 void script_node ();
162 const char *script_node_up (int); 177 const char *script_node_up ();
163 const char *script_node_down (int); 178 const char *script_node_down ();
164 179
165 void dump_status (); 180 void dump_status ();
166 181
167 connection(struct vpn *vpn_); 182 connection (struct vpn *vpn, conf_node *conf);
168 ~connection (); 183 ~connection ();
169 }; 184 };
170 185
171#endif 186#endif
172 187

Diff Legend

Removed lines
+ Added lines
< Changed lines
> Changed lines