ViewVC Help
View File | Revision Log | Show Annotations | Download File
/cvs/gvpe/src/connection.h
Revision: 1.30
Committed: Thu Aug 7 16:34:21 2008 UTC (15 years, 9 months ago) by pcg
Content type: text/plain
Branch: MAIN
Changes since 1.29: +15 -2 lines
Log Message: 
*** empty log message ***

File Contents

# Content
1 /*
2 connection.h -- header for connection.C
3 Copyright (C) 2003-2005 Marc Lehmann <gvpe@schmorp.de>
4
5 This file is part of GVPE.
6
7 GVPE is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 2 of the License, or
10 (at your option) any later version.
11
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
16
17 You should have received a copy of the GNU General Public License
18 along with gvpe; if not, write to the Free Software
19 Foundation, Inc. 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
20 */
21
22 #ifndef GVPE_CONNECTION_H__
23 #define GVPE_CONNECTION_H__
24
25 #include <openssl/hmac.h>
26
27 #include "global.h"
28 #include "conf.h"
29 #include "sockinfo.h"
30 #include "util.h"
31 #include "device.h"
32
33 struct vpn;
34
35 // called after HUP etc. to (re-)initialize global data structures
36 void connection_init ();
37
38 struct rsaid
39 {
40 u8 id[RSA_IDLEN]; // the challenge id
41 };
42
43 typedef rsaclear rsachallenge; // challenge data;
44 typedef rsacrypt rsaencrdata; // encrypted challenge
45 typedef u8 rsaresponse[RSA_RESLEN]; // the encrypted ripemd160 hash
46
47 ////////////////////////////////////////////////////////////////////////////////////////
48
49 struct crypto_ctx;
50
51 struct hmac_packet : net_packet
52 {
53 u8 hmac[HMACLENGTH]; // each and every packet has a hmac field, but that is not (yet) checked everywhere
54
55 void hmac_set (crypto_ctx * ctx);
56 bool hmac_chk (crypto_ctx * ctx);
57
58 private:
59 static unsigned char hmac_digest[EVP_MAX_MD_SIZE];
60
61 void hmac_gen (crypto_ctx * ctx);
62 };
63
64 struct vpn_packet : hmac_packet
65 {
66 enum ptype
67 {
68 PT_RESET = 0,
69 PT_DATA_UNCOMPRESSED,
70 PT_DATA_COMPRESSED,
71 PT_PING, PT_PONG, // wasting namespace space? ;)
72 PT_AUTH_REQ, // authentification request
73 PT_AUTH_RES, // authentification response
74 PT_CONNECT_REQ, // want other node to contact me
75 PT_CONNECT_INFO, // request connection to some node
76 PT_DATA_BRIDGED, // uncompressed packet with foreign mac pot. larger than path mtu
77 PT_MAX
78 };
79
80 u8 type;
81 u8 srcdst, src1, dst1;
82
83 void set_hdr (ptype type_, unsigned int dst);
84
85 unsigned int src () const
86 {
87 return src1 | ((srcdst >> 4) << 8);
88 }
89
90 unsigned int dst () const
91 {
92 return dst1 | ((srcdst & 0xf) << 8);
93 }
94
95 ptype typ () const
96 {
97 return (ptype) type;
98 }
99 };
100
101 ////////////////////////////////////////////////////////////////////////////////////////
102
103 // a very simple fifo pkt-queue
104 class pkt_queue
105 {
106 int i, j;
107 int max_queue;
108 double max_ttl;
109
110 struct pkt {
111 ev_tstamp tstamp;
112 net_packet *pkt;
113 } *queue;
114
115 void expire_cb (ev::timer &w, int revents); ev::timer expire;
116
117 public:
118
119 void put (net_packet *p);
120 net_packet *get ();
121
122 bool empty ()
123 {
124 return i == j;
125 }
126
127 pkt_queue (double max_ttl, int max_queue);
128 ~pkt_queue ();
129 };
130
131 enum
132 {
133 FEATURE_COMPRESSION = 0x01,
134 FEATURE_ROHC = 0x02,
135 FEATURE_BRIDGING = 0x04,
136 };
137
138 struct connection
139 {
140 conf_node *conf;
141 struct vpn *vpn;
142
143 sockinfo si; // the current(!) destination ip to send packets to
144 int retry_cnt;
145
146 tstamp last_activity; // time of last packet received
147
148 u32 oseqno;
149 sliding_window iseqno;
150
151 u8 protocol;
152 u8 features;
153
154 pkt_queue data_queue, vpn_queue;
155
156 crypto_ctx *octx, *ictx;
157
158 #if ENABLE_DNS
159 struct dns_connection *dns;
160
161 void dnsv4_reset_connection ();
162 #endif
163
164 enum conf_node::connectmode connectmode;
165 u8 prot_minor; // minor number of other side
166
167 void reset_si ();
168 const sockinfo &forward_si (const sockinfo &si) const;
169
170 void shutdown ();
171 void connection_established ();
172 void reset_connection ();
173
174 void establish_connection_cb (ev::timer &w, int revents); ev::timer establish_connection;
175 void rekey_cb (ev::timer &w, int revents); ev::timer rekey; // next rekying (actually current reset + reestablishing)
176 void keepalive_cb (ev::timer &w, int revents); ev::timer keepalive; // next keepalive probe
177
178 void send_connect_request (int id);
179 void send_auth_request (const sockinfo &si, bool initiate);
180 void send_auth_response (const sockinfo &si, const rsaid &id, const rsachallenge &chg);
181 void send_connect_info (int rid, const sockinfo &rsi, u8 rprotocols);
182 void send_reset (const sockinfo &dsi);
183 void send_ping (const sockinfo &dsi, u8 pong = 0);
184 void send_data_packet (tap_packet *pkt);
185
186 void inject_data_packet (tap_packet *pkt, bool broadcast = false);
187 void inject_vpn_packet (vpn_packet *pkt, int tos = 0); // for forwarding
188
189 void recv_vpn_packet (vpn_packet *pkt, const sockinfo &rsi);
190 void send_vpn_packet (vpn_packet *pkt, const sockinfo &si, int tos = 0);
191
192 void script_init_env (const char *ext);
193 void script_init_connect_env ();
194 const char *script_node_up ();
195 const char *script_node_down ();
196
197 void dump_status ();
198
199 connection (struct vpn *vpn, conf_node *conf);
200 ~connection ();
201 };
202
203 #endif
204