ViewVC Help
View File | Revision Log | Show Annotations | Download File
/cvs/gvpe/src/connection.h
(Generate patch)

Comparing gvpe/src/connection.h (file contents):
Revision 1.9 by pcg, Thu Oct 16 02:28:36 2003 UTC vs.
Revision 1.30 by pcg, Thu Aug 7 16:34:21 2008 UTC

1/* 1/*
2 connection.h -- header for connection.C 2 connection.h -- header for connection.C
3 Copyright (C) 2003-2005 Marc Lehmann <gvpe@schmorp.de>
3 4
5 This file is part of GVPE.
6
4 This program is free software; you can redistribute it and/or modify 7 GVPE is free software; you can redistribute it and/or modify
5 it under the terms of the GNU General Public License as published by 8 it under the terms of the GNU General Public License as published by
6 the Free Software Foundation; either version 2 of the License, or 9 the Free Software Foundation; either version 2 of the License, or
7 (at your option) any later version. 10 (at your option) any later version.
8 11
9 This program is distributed in the hope that it will be useful, 12 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of 13 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details. 15 GNU General Public License for more details.
13 16
14 You should have received a copy of the GNU General Public License 17 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software 18 along with gvpe; if not, write to the Free Software
16 Foundation, Inc. 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 19 Foundation, Inc. 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17*/ 20*/
18 21
19#ifndef VPE_CONNECTION_H__ 22#ifndef GVPE_CONNECTION_H__
20#define VPE_CONNECTION_H__ 23#define GVPE_CONNECTION_H__
21 24
22#include <openssl/hmac.h> 25#include <openssl/hmac.h>
23 26
24#include "global.h" 27#include "global.h"
25#include "conf.h" 28#include "conf.h"
30struct vpn; 33struct vpn;
31 34
32// called after HUP etc. to (re-)initialize global data structures 35// called after HUP etc. to (re-)initialize global data structures
33void connection_init (); 36void connection_init ();
34 37
35struct rsaid { 38struct rsaid
39{
36 u8 id[RSA_IDLEN]; // the challenge id 40 u8 id[RSA_IDLEN]; // the challenge id
37}; 41};
38 42
39typedef u8 rsachallenge[RSA_KEYLEN - RSA_OVERHEAD]; // challenge data; 43typedef rsaclear rsachallenge; // challenge data;
40typedef u8 rsaencrdata[RSA_KEYLEN]; // encrypted challenge 44typedef rsacrypt rsaencrdata; // encrypted challenge
41typedef u8 rsaresponse[RSA_RESLEN]; // the encrypted ripemd160 hash 45typedef u8 rsaresponse[RSA_RESLEN]; // the encrypted ripemd160 hash
42 46
43//////////////////////////////////////////////////////////////////////////////////////// 47////////////////////////////////////////////////////////////////////////////////////////
44 48
45struct crypto_ctx; 49struct crypto_ctx;
46 50
47struct hmac_packet:net_packet 51struct hmac_packet : net_packet
48{ 52{
49 u8 hmac[HMACLENGTH]; // each and every packet has a hmac field, but that is not (yet) checked everywhere 53 u8 hmac[HMACLENGTH]; // each and every packet has a hmac field, but that is not (yet) checked everywhere
50 54
51 void hmac_set (crypto_ctx * ctx); 55 void hmac_set (crypto_ctx * ctx);
52 bool hmac_chk (crypto_ctx * ctx); 56 bool hmac_chk (crypto_ctx * ctx);
56 60
57 void hmac_gen (crypto_ctx * ctx); 61 void hmac_gen (crypto_ctx * ctx);
58}; 62};
59 63
60struct vpn_packet : hmac_packet 64struct vpn_packet : hmac_packet
61 { 65{
62 enum ptype 66 enum ptype
63 { 67 {
64 PT_RESET = 0, 68 PT_RESET = 0,
65 PT_DATA_UNCOMPRESSED, 69 PT_DATA_UNCOMPRESSED,
66 PT_DATA_COMPRESSED, 70 PT_DATA_COMPRESSED,
67 PT_PING, PT_PONG, // wasting namespace space? ;) 71 PT_PING, PT_PONG, // wasting namespace space? ;)
68 PT_AUTH_REQ, // authentification request 72 PT_AUTH_REQ, // authentification request
69 PT_AUTH_RES, // authentification response 73 PT_AUTH_RES, // authentification response
70 PT_CONNECT_REQ, // want other host to contact me 74 PT_CONNECT_REQ, // want other node to contact me
71 PT_CONNECT_INFO, // request connection to some node 75 PT_CONNECT_INFO, // request connection to some node
76 PT_DATA_BRIDGED, // uncompressed packet with foreign mac pot. larger than path mtu
72 PT_MAX 77 PT_MAX
73 };
74
75 u8 type;
76 u8 srcdst, src1, dst1;
77
78 void set_hdr (ptype type_, unsigned int dst);
79
80 unsigned int src () const
81 {
82 return src1 | ((srcdst >> 4) << 8);
83 }
84
85 unsigned int dst () const
86 {
87 return dst1 | ((srcdst & 0xf) << 8);
88 }
89
90 ptype typ () const
91 {
92 return (ptype) type;
93 }
94 }; 78 };
79
80 u8 type;
81 u8 srcdst, src1, dst1;
82
83 void set_hdr (ptype type_, unsigned int dst);
84
85 unsigned int src () const
86 {
87 return src1 | ((srcdst >> 4) << 8);
88 }
89
90 unsigned int dst () const
91 {
92 return dst1 | ((srcdst & 0xf) << 8);
93 }
94
95 ptype typ () const
96 {
97 return (ptype) type;
98 }
99};
95 100
96//////////////////////////////////////////////////////////////////////////////////////// 101////////////////////////////////////////////////////////////////////////////////////////
97 102
98// a very simple fifo pkt-queue 103// a very simple fifo pkt-queue
99class pkt_queue 104class pkt_queue
100 { 105{
101 net_packet *queue[QUEUEDEPTH];
102 int i, j; 106 int i, j;
107 int max_queue;
108 double max_ttl;
103 109
110 struct pkt {
111 ev_tstamp tstamp;
112 net_packet *pkt;
113 } *queue;
114
115 void expire_cb (ev::timer &w, int revents); ev::timer expire;
116
104 public: 117public:
105 118
106 void put (net_packet *p); 119 void put (net_packet *p);
107 net_packet *get (); 120 net_packet *get ();
108 121
109 pkt_queue (); 122 bool empty ()
123 {
124 return i == j;
125 }
126
127 pkt_queue (double max_ttl, int max_queue);
110 ~pkt_queue (); 128 ~pkt_queue ();
111 }; 129};
130
131enum
132{
133 FEATURE_COMPRESSION = 0x01,
134 FEATURE_ROHC = 0x02,
135 FEATURE_BRIDGING = 0x04,
136};
112 137
113struct connection 138struct connection
114 { 139{
115 conf_node *conf; 140 conf_node *conf;
116 struct vpn *vpn; 141 struct vpn *vpn;
117 142
118 sockinfo si; // the current(!) destination ip to send packets to 143 sockinfo si; // the current(!) destination ip to send packets to
119 int retry_cnt; 144 int retry_cnt;
120 145
121 tstamp last_activity; // time of last packet received 146 tstamp last_activity; // time of last packet received
122 147
123 u32 oseqno; 148 u32 oseqno;
124 sliding_window iseqno; 149 sliding_window iseqno;
125 150
126 u8 protocol; 151 u8 protocol;
152 u8 features;
127 153
128 pkt_queue data_queue, vpn_queue; 154 pkt_queue data_queue, vpn_queue;
129 155
130 crypto_ctx *octx, *ictx; 156 crypto_ctx *octx, *ictx;
131 157
132 enum conf_node::connectmode connectmode; 158#if ENABLE_DNS
133 u8 prot_minor; // minor number of other side 159 struct dns_connection *dns;
134 160
135 void reset_si ();
136 const sockinfo &forward_si (const sockinfo &si) const;
137
138 void shutdown ();
139 void connection_established ();
140 void reset_connection (); 161 void dnsv4_reset_connection ();
141
142 void establish_connection_cb (time_watcher &w); time_watcher establish_connection;
143 void rekey_cb (time_watcher &w); time_watcher rekey; // next rekying (actually current reset + reestablishing)
144 void keepalive_cb (time_watcher &w); time_watcher keepalive; // next keepalive probe
145
146 void send_connect_request (int id);
147 void send_auth_request (const sockinfo &si, bool initiate);
148 void send_auth_response (const sockinfo &si, const rsaid &id, const rsachallenge &chg);
149 void send_connect_info (int rid, const sockinfo &rsi, u8 rprotocols);
150 void send_reset (const sockinfo &dsi);
151 void send_ping (const sockinfo &dsi, u8 pong = 0);
152 void send_data_packet (tap_packet *pkt);
153
154 void inject_data_packet (tap_packet *pkt, bool broadcast = false);
155 void inject_vpn_packet (vpn_packet *pkt, int tos = 0); // for forwarding
156
157 void send_vpn_packet (vpn_packet *pkt, const sockinfo &si, int tos = 0);
158 void recv_vpn_packet (vpn_packet *pkt, const sockinfo &rsi);
159
160 void script_node ();
161 const char *script_node_up ();
162 const char *script_node_down ();
163
164 void dump_status ();
165
166 connection(struct vpn *vpn_);
167 ~connection ();
168 };
169
170#endif 162#endif
171 163
164 enum conf_node::connectmode connectmode;
165 u8 prot_minor; // minor number of other side
166
167 void reset_si ();
168 const sockinfo &forward_si (const sockinfo &si) const;
169
170 void shutdown ();
171 void connection_established ();
172 void reset_connection ();
173
174 void establish_connection_cb (ev::timer &w, int revents); ev::timer establish_connection;
175 void rekey_cb (ev::timer &w, int revents); ev::timer rekey; // next rekying (actually current reset + reestablishing)
176 void keepalive_cb (ev::timer &w, int revents); ev::timer keepalive; // next keepalive probe
177
178 void send_connect_request (int id);
179 void send_auth_request (const sockinfo &si, bool initiate);
180 void send_auth_response (const sockinfo &si, const rsaid &id, const rsachallenge &chg);
181 void send_connect_info (int rid, const sockinfo &rsi, u8 rprotocols);
182 void send_reset (const sockinfo &dsi);
183 void send_ping (const sockinfo &dsi, u8 pong = 0);
184 void send_data_packet (tap_packet *pkt);
185
186 void inject_data_packet (tap_packet *pkt, bool broadcast = false);
187 void inject_vpn_packet (vpn_packet *pkt, int tos = 0); // for forwarding
188
189 void recv_vpn_packet (vpn_packet *pkt, const sockinfo &rsi);
190 void send_vpn_packet (vpn_packet *pkt, const sockinfo &si, int tos = 0);
191
192 void script_init_env (const char *ext);
193 void script_init_connect_env ();
194 const char *script_node_up ();
195 const char *script_node_down ();
196
197 void dump_status ();
198
199 connection (struct vpn *vpn, conf_node *conf);
200 ~connection ();
201};
202
203#endif
204

Diff Legend

Removed lines
+ Added lines
< Changed lines
> Changed lines