[ViewVC] Diff of: cvs/gvpe/src/protocol.C

Comparing gvpe/src/protocol.C (file contents):
Revision 1.14 by pcg, Sat Mar 22 22:39:11 2003 UTC vs.
Revision 1.17 by pcg, Wed Mar 26 01:58:46 2003 UTC

…		…
58		58
59	static time_t next_timecheck;	59	static time_t next_timecheck;
60		60
61	#define MAGIC "vped\xbd\xc6\xdb\x82" // 8 bytes of magic	61	#define MAGIC "vped\xbd\xc6\xdb\x82" // 8 bytes of magic
62		62
63	static const rsachallenge &	63	struct crypto_ctx
64	challenge_bytes ()
65	{
66	static rsachallenge challenge;
67	static double challenge_ttl; // time this challenge needs to be recreated
68
69	if (NOW > challenge_ttl)
70	{	64	{
71	RAND_bytes ((unsigned char *)&challenge, sizeof (challenge));	65	EVP_CIPHER_CTX cctx;
72	challenge_ttl = NOW + CHALLENGE_TTL;	66	HMAC_CTX hctx;
73	}
74		67
75	return challenge;	68	crypto_ctx (const rsachallenge &challenge, int enc);
76	}	69	~crypto_ctx ();
		70	};
77		71
78	// caching of rsa operations really helps slow computers	72	crypto_ctx::crypto_ctx (const rsachallenge &challenge, int enc)
		73	{
		74	EVP_CIPHER_CTX_init (&cctx);
		75	EVP_CipherInit_ex (&cctx, CIPHER, 0, &challenge[CHG_CIPHER_KEY], 0, enc);
		76	HMAC_CTX_init (&hctx);
		77	HMAC_Init_ex (&hctx, &challenge[CHG_HMAC_KEY], HMAC_KEYLEN, DIGEST, 0);
		78	}
		79
		80	crypto_ctx::~crypto_ctx ()
		81	{
		82	EVP_CIPHER_CTX_cleanup (&cctx);
		83	HMAC_CTX_cleanup (&hctx);
		84	}
		85
		86	static void
		87	rsa_hash (const rsachallenge &chg, rsaresponse &h)
		88	{
		89	EVP_MD_CTX ctx;
		90
		91	EVP_MD_CTX_init (&ctx);
		92	EVP_DigestInit (&ctx, RSA_HASH);
		93	EVP_DigestUpdate(&ctx, &chg, sizeof chg);
		94	EVP_DigestFinal (&ctx, (unsigned char *)&h, 0);
		95	EVP_MD_CTX_cleanup (&ctx);
		96	}
		97
79	struct rsa_entry {	98	struct rsa_entry {
80	tstamp expire;	99	tstamp expire;
		100	rsaid id;
81	rsachallenge chg;	101	rsachallenge chg;
82	RSA *key; // which key
83	rsaencrdata encr;
84
85	rsa_entry ()
86	{
87	expire = NOW + CHALLENGE_TTL;
88	}
89	};	102	};
90		103
91	struct rsa_cache : list<rsa_entry>	104	struct rsa_cache : list<rsa_entry>
92	{	105	{
93	void cleaner_cb (tstamp &ts); time_watcher cleaner;	106	void cleaner_cb (tstamp &ts); time_watcher cleaner;
94		107
95	const rsaencrdata public_encrypt (RSA key, const rsachallenge &chg)	108	bool find (const rsaid &id, rsachallenge &chg)
96	{	109	{
97	for (iterator i = begin (); i != end (); ++i)	110	for (iterator i = begin (); i != end (); ++i)
98	{	111	{
99	if (i->key == key && !memcmp (&chg, &i->chg, sizeof chg))	112	if (!memcmp (&id, &i->id, sizeof id) && i->expire > NOW)
100	return &i->encr;	113	{
		114	memcpy (&chg, &i->chg, sizeof chg);
		115
		116	erase (i);
		117	return true;
		118	}
101	}	119	}
102		120
103	if (cleaner.at < NOW)	121	if (cleaner.at < NOW)
104	cleaner.start (NOW + CHALLENGE_TTL);	122	cleaner.start (NOW + RSA_TTL);
105		123
106	resize (size () + 1);	124	return false;
107	rsa_entry e = &(rbegin ());	125	}
108		126
109	e->key = key;	127	void gen (rsaid &id, rsachallenge &chg)
		128	{
		129	rsa_entry e;
		130
		131	RAND_bytes ((unsigned char *)&id, sizeof id);
		132	RAND_bytes ((unsigned char *)&chg, sizeof chg);
		133
		134	e.expire = NOW + RSA_TTL;
		135	e.id = id;
110	memcpy (&e->chg, &chg, sizeof chg);	136	memcpy (&e.chg, &chg, sizeof chg);
111		137
112	if (0 > RSA_public_encrypt (sizeof chg,	138	push_back (e);
113	(unsigned char )&chg, (unsigned char )&e->encr,
114	key, RSA_PKCS1_OAEP_PADDING))
115	fatal ("RSA_public_encrypt error");
116
117	return &e->encr;
118	}
119
120	const rsachallenge private_decrypt (RSA key, const rsaencrdata &encr)
121	{
122	for (iterator i = begin (); i != end (); ++i)
123	if (i->key == key && !memcmp (&encr, &i->encr, sizeof encr))
124	return &i->chg;
125		139
126	if (cleaner.at < NOW)	140	if (cleaner.at < NOW)
127	cleaner.start (NOW + CHALLENGE_TTL);	141	cleaner.start (NOW + RSA_TTL);
128
129	resize (size () + 1);
130	rsa_entry e = &(rbegin ());
131
132	e->key = key;
133	memcpy (&e->encr, &encr, sizeof encr);
134
135	if (0 > RSA_private_decrypt (sizeof encr,
136	(unsigned char )&encr, (unsigned char )&e->chg,
137	key, RSA_PKCS1_OAEP_PADDING))
138	{
139	pop_back ();
140	return 0;
141	}
142
143	return &e->chg;
144	}	142	}
145		143
146	rsa_cache ()	144	rsa_cache ()
147	: cleaner (this, &rsa_cache::cleaner_cb)	145	: cleaner (this, &rsa_cache::cleaner_cb)
148	{ }	146	{ }
…		…
153	{	151	{
154	if (empty ())	152	if (empty ())
155	ts = TSTAMP_CANCEL;	153	ts = TSTAMP_CANCEL;
156	else	154	else
157	{	155	{
158	ts = NOW + 3;	156	ts = NOW + RSA_TTL;
		157
159	for (iterator i = begin (); i != end (); )	158	for (iterator i = begin (); i != end (); )
160	{
161	if (i->expire >= NOW)	159	if (i->expire <= NOW)
162	i = erase (i);	160	i = erase (i);
163	else	161	else
164	++i;	162	++i;
165	}
166	}	163	}
167	}	164	}
168		165
169	// run a script. yes, it's a template function. yes, c++	166	typedef callback<const char *, int> run_script_cb;
170	// is not a functional language. yes, this suxx.	167
171	template<class owner>	168	// run a shell script (or actually an external program).
172	static void	169	static void
173	run_script (owner obj, const char (owner::*setup)(), bool wait)	170	run_script (const run_script_cb &cb, bool wait)
174	{	171	{
175	int pid;	172	int pid;
176		173
177	if ((pid = fork ()) == 0)	174	if ((pid = fork ()) == 0)
178	{	175	{
179	char *filename;	176	char *filename;
180	asprintf (&filename, "%s/%s", confbase, (obj->*setup) ());	177	asprintf (&filename, "%s/%s", confbase, cb(0));
181	execl (filename, filename, (char *) 0);	178	execl (filename, filename, (char *) 0);
182	exit (255);	179	exit (255);
183	}	180	}
184	else if (pid > 0)	181	else if (pid > 0)
185	{	182	{
…		…
189	/* TODO: check status */	186	/* TODO: check status */
190	}	187	}
191	}	188	}
192	}	189	}
193		190
194	// xor the socket address into the challenge to ensure different challenges
195	// per host. we could rely on the OAEP padding, but this doesn't hurt.
196	void
197	xor_sa (rsachallenge &k, SOCKADDR *sa)
198	{
199	((u32 *) k)[(CHG_CIPHER_KEY + 0) / 4] ^= sa->sin_addr.s_addr;
200	((u16 *) k)[(CHG_CIPHER_KEY + 4) / 2] ^= sa->sin_port;
201	((u32 *) k)[(CHG_HMAC_KEY + 0) / 4] ^= sa->sin_addr.s_addr;
202	((u16 *) k)[(CHG_HMAC_KEY + 4) / 2] ^= sa->sin_port;
203	}
204
205	struct crypto_ctx
206	{
207	EVP_CIPHER_CTX cctx;
208	HMAC_CTX hctx;
209
210	crypto_ctx (const rsachallenge &challenge, int enc);
211	~crypto_ctx ();
212	};
213
214	crypto_ctx::crypto_ctx (const rsachallenge &challenge, int enc)
215	{
216	EVP_CIPHER_CTX_init (&cctx);
217	EVP_CipherInit_ex (&cctx, CIPHER, 0, &challenge[CHG_CIPHER_KEY], 0, enc);
218	HMAC_CTX_init (&hctx);
219	HMAC_Init_ex (&hctx, &challenge[CHG_HMAC_KEY], HMAC_KEYLEN, DIGEST, 0);
220	}
221
222	crypto_ctx::~crypto_ctx ()
223	{
224	EVP_CIPHER_CTX_cleanup (&cctx);
225	HMAC_CTX_cleanup (&hctx);
226	}
227
228	//////////////////////////////////////////////////////////////////////////////	191	//////////////////////////////////////////////////////////////////////////////
229		192
230	void pkt_queue::put (tap_packet *p)	193	void pkt_queue::put (tap_packet *p)
231	{	194	{
232	if (queue[i])	195	if (queue[i])
…		…
264	{	227	{
265	for (i = QUEUEDEPTH; --i > 0; )	228	for (i = QUEUEDEPTH; --i > 0; )
266	delete queue[i];	229	delete queue[i];
267	}	230	}
268		231
		232	struct net_rateinfo {
		233	u32 host;
		234	double pcnt, diff;
		235	tstamp last;
		236	};
		237
269	// only do action once every x seconds per host.	238	// only do action once every x seconds per host whole allowing bursts.
270	// currently this is quite a slow implementation,	239	// this implementation ("splay list" ;) is inefficient,
271	// but suffices for normal operation.	240	// but low on resources.
272	struct u32_rate_limiter : private map<u32, tstamp>	241	struct net_rate_limiter : private list<net_rateinfo>
273	{	242	{
274	tstamp every;	243	static const double ALPHA = 1. - 1. / 90.; // allow bursts
		244	static const double CUTOFF = 20.; // one event every CUTOFF seconds
		245	static const double EXPIRE = CUTOFF * 30.; // expire entries after this time
275		246
276	bool can (u32 host);	247	bool can (u32 host);
277
278	u32_rate_limiter (tstamp every = 1)
279	{
280	this->every = every;
281	}
282	};
283
284	struct net_rate_limiter : u32_rate_limiter
285	{
286	bool can (SOCKADDR *sa) { return u32_rate_limiter::can((u32)sa->sin_addr.s_addr); }	248	bool can (SOCKADDR *sa) { return can((u32)sa->sin_addr.s_addr); }
287	bool can (sockinfo &si) { return u32_rate_limiter::can((u32)si.host); }	249	bool can (sockinfo &si) { return can((u32)si.host); }
		250	};
288		251
289	net_rate_limiter (tstamp every) : u32_rate_limiter (every) {}	252	net_rate_limiter auth_rate_limiter, reset_rate_limiter;
290	};
291		253
292	bool u32_rate_limiter::can (u32 host)	254	bool net_rate_limiter::can (u32 host)
293	{	255	{
294	iterator i;	256	iterator i;
295		257
296	for (i = begin (); i != end (); )	258	for (i = begin (); i != end (); )
297	if (i->second <= NOW)	259	if (i->host == host)
298	{	260	break;
		261	else if (i->last < NOW - EXPIRE)
299	erase (i);	262	i = erase (i);
300	i = begin ();
301	}
302	else	263	else
303	++i;	264	i++;
304		265
305	i = find (host);
306
307	if (i != end ())	266	if (i == end ())
308	return false;	267	{
		268	net_rateinfo ri;
309		269
310	insert (value_type (host, NOW + every));	270	ri.host = host;
		271	ri.pcnt = 1.;
		272	ri.diff = CUTOFF * (1. / (1. - ALPHA));
		273	ri.last = NOW;
311		274
		275	push_front (ri);
		276
312	return true;	277	return true;
		278	}
		279	else
		280	{
		281	net_rateinfo ri (*i);
		282	erase (i);
		283
		284	ri.pcnt = ri.pcnt * ALPHA;
		285	ri.diff = ri.diff * ALPHA + (NOW - ri.last);
		286
		287	ri.last = NOW;
		288
		289	bool send = ri.diff / ri.pcnt > CUTOFF;
		290
		291	if (send)
		292	ri.pcnt++;
		293
		294	//printf ("RATE %d %f,%f = %f > %f\n", !!send, ri.pcnt, ri.diff, ri.diff / ri.pcnt, CUTOFF);
		295
		296	push_front (ri);
		297
		298	return send;
		299	}
313	}	300	}
314		301
315	/////////////////////////////////////////////////////////////////////////////	302	/////////////////////////////////////////////////////////////////////////////
316		303
317	static void next_wakeup (time_t next)	304	static void next_wakeup (time_t next)
…		…
364	{	351	{
365	PT_RESET = 0,	352	PT_RESET = 0,
366	PT_DATA_UNCOMPRESSED,	353	PT_DATA_UNCOMPRESSED,
367	PT_DATA_COMPRESSED,	354	PT_DATA_COMPRESSED,
368	PT_PING, PT_PONG, // wasting namespace space? ;)	355	PT_PING, PT_PONG, // wasting namespace space? ;)
369	PT_AUTH, // authentification	356	PT_AUTH_REQ, // authentification request
		357	PT_AUTH_RES, // authentification response
370	PT_CONNECT_REQ, // want other host to contact me	358	PT_CONNECT_REQ, // want other host to contact me
371	PT_CONNECT_INFO, // request connection to some node	359	PT_CONNECT_INFO, // request connection to some node
372	PT_REKEY, // rekeying (not yet implemented)
373	PT_MAX	360	PT_MAX
374	};	361	};
375		362
376	u8 type;	363	u8 type;
377	u8 srcdst, src1, dst1;	364	u8 srcdst, src1, dst1;
…		…
525		512
526	return p;	513	return p;
527	}	514	}
528		515
529	struct ping_packet : vpn_packet	516	struct ping_packet : vpn_packet
		517	{
		518	void setup (int dst, ptype type)
530	{	519	{
531	void setup (int dst, ptype type)
532	{
533	set_hdr (type, dst);	520	set_hdr (type, dst);
534	len = sizeof (*this) - sizeof (net_packet);	521	len = sizeof (*this) - sizeof (net_packet);
535	}
536	};	522	}
		523	};
537		524
538	struct config_packet : vpn_packet	525	struct config_packet : vpn_packet
		526	{
		527	// actually, hmaclen cannot be checked because the hmac
		528	// field comes before this data, so peers with other
		529	// hmacs simply will not work.
		530	u8 prot_major, prot_minor, randsize, hmaclen;
		531	u8 flags, challengelen, pad2, pad3;
		532	u32 cipher_nid, digest_nid, hmac_nid;
		533
		534	const u8 curflags () const
539	{	535	{
540	// actually, hmaclen cannot be checked because the hmac
541	// field comes before this data, so peers with other
542	// hmacs simply will not work.
543	u8 prot_major, prot_minor, randsize, hmaclen;
544	u8 flags, challengelen, pad2, pad3;
545	u32 cipher_nid;
546	u32 digest_nid;
547
548	const u8 curflags () const
549	{
550	return 0x80	536	return 0x80
551	\| (ENABLE_COMPRESSION ? 0x01 : 0x00);	537	\| (ENABLE_COMPRESSION ? 0x01 : 0x00);
552	}	538	}
553		539
554	void setup (ptype type, int dst)	540	void setup (ptype type, int dst)
555	{
556	prot_major = PROTOCOL_MAJOR;
557	prot_minor = PROTOCOL_MINOR;
558	randsize = RAND_SIZE;
559	hmaclen = HMACLENGTH;
560	flags = curflags ();
561	challengelen = sizeof (rsachallenge);
562
563	cipher_nid = htonl (EVP_CIPHER_nid (CIPHER));
564	digest_nid = htonl (EVP_MD_type (DIGEST));
565
566	len = sizeof (*this) - sizeof (net_packet);
567	set_hdr (type, dst);
568	}
569
570	bool chk_config ()
571	{
572	return prot_major == PROTOCOL_MAJOR
573	&& randsize == RAND_SIZE
574	&& hmaclen == HMACLENGTH
575	&& flags == curflags ()
576	&& challengelen == sizeof (rsachallenge)
577	&& cipher_nid == htonl (EVP_CIPHER_nid (CIPHER))
578	&& digest_nid == htonl (EVP_MD_type (DIGEST));
579	}
580	};
581
582	struct auth_packet : config_packet
583	{	541	{
584	char magic[8];	542	prot_major = PROTOCOL_MAJOR;
585	u8 subtype;	543	prot_minor = PROTOCOL_MINOR;
586	u8 pad1, pad2;	544	randsize = RAND_SIZE;
587	rsaencrdata challenge;	545	hmaclen = HMACLENGTH;
		546	flags = curflags ();
		547	challengelen = sizeof (rsachallenge);
588		548
589	auth_packet (int dst, auth_subtype stype)	549	cipher_nid = htonl (EVP_CIPHER_nid (CIPHER));
590	{	550	digest_nid = htonl (EVP_MD_type (RSA_HASH));
591	config_packet::setup (PT_AUTH, dst);	551	hmac_nid = htonl (EVP_MD_type (DIGEST));
592	subtype = stype;	552
593	len = sizeof (*this) - sizeof (net_packet);	553	len = sizeof (*this) - sizeof (net_packet);
		554	set_hdr (type, dst);
		555	}
		556
		557	bool chk_config ()
		558	{
		559	return prot_major == PROTOCOL_MAJOR
		560	&& randsize == RAND_SIZE
		561	&& hmaclen == HMACLENGTH
		562	&& flags == curflags ()
		563	&& challengelen == sizeof (rsachallenge)
		564	&& cipher_nid == htonl (EVP_CIPHER_nid (CIPHER))
		565	&& digest_nid == htonl (EVP_MD_type (RSA_HASH))
		566	&& hmac_nid == htonl (EVP_MD_type (DIGEST));
		567	}
		568	};
		569
		570	struct auth_req_packet : config_packet
		571	{
		572	char magic[8];
		573	u8 initiate; // false if this is just an automatic reply
		574	u8 pad1, pad2, pad3;
		575	rsaid id;
		576	rsaencrdata encr;
		577
		578	auth_req_packet (int dst, bool initiate_)
		579	{
		580	config_packet::setup (PT_AUTH_REQ, dst);
		581	initiate = !!initiate_;
594	strncpy (magic, MAGIC, 8);	582	strncpy (magic, MAGIC, 8);
595	}	583	len = sizeof (*this) - sizeof (net_packet);
596	};	584	}
		585	};
		586
		587	struct auth_res_packet : config_packet
		588	{
		589	rsaid id;
		590	rsaresponse response;
		591
		592	auth_res_packet (int dst)
		593	{
		594	config_packet::setup (PT_AUTH_RES, dst);
		595	len = sizeof (*this) - sizeof (net_packet);
		596	}
		597	};
597		598
598	struct connect_req_packet : vpn_packet	599	struct connect_req_packet : vpn_packet
		600	{
		601	u8 id;
		602	u8 pad1, pad2, pad3;
		603
		604	connect_req_packet (int dst, int id_)
599	{	605	{
600	u8 id;	606	id = id_;
601	u8 pad1, pad2, pad3;
602
603	connect_req_packet (int dst, int id)
604	{
605	this->id = id;
606	set_hdr (PT_CONNECT_REQ, dst);	607	set_hdr (PT_CONNECT_REQ, dst);
607	len = sizeof (*this) - sizeof (net_packet);	608	len = sizeof (*this) - sizeof (net_packet);
608	}
609	};	609	}
		610	};
610		611
611	struct connect_info_packet : vpn_packet	612	struct connect_info_packet : vpn_packet
		613	{
		614	u8 id;
		615	u8 pad1, pad2, pad3;
		616	sockinfo si;
		617
		618	connect_info_packet (int dst, int id_, sockinfo &si_)
612	{	619	{
613	u8 id;	620	id = id_;
614	u8 pad1, pad2, pad3;	621	si = si_;
615	sockinfo si;
616
617	connect_info_packet (int dst, int id, sockinfo &si)
618	{
619	this->id = id;
620	this->si = si;
621	set_hdr (PT_CONNECT_INFO, dst);	622	set_hdr (PT_CONNECT_INFO, dst);
622	len = sizeof (*this) - sizeof (net_packet);	623	len = sizeof (*this) - sizeof (net_packet);
623	}
624	};	624	}
		625	};
625		626
626	/////////////////////////////////////////////////////////////////////////////	627	/////////////////////////////////////////////////////////////////////////////
627		628
628	void	629	void
629	fill_sa (SOCKADDR sa, conf_node conf)	630	fill_sa (SOCKADDR sa, conf_node conf)
…		…
665	}	666	}
666		667
667	void	668	void
668	connection::send_reset (SOCKADDR *dsa)	669	connection::send_reset (SOCKADDR *dsa)
669	{	670	{
670	static net_rate_limiter limiter(1);
671
672	if (limiter.can (dsa) && connectmode != conf_node::C_DISABLED)	671	if (reset_rate_limiter.can (dsa) && connectmode != conf_node::C_DISABLED)
673	{	672	{
674	config_packet *pkt = new config_packet;	673	config_packet *pkt = new config_packet;
675		674
676	pkt->setup (vpn_packet::PT_RESET, conf->id);	675	pkt->setup (vpn_packet::PT_RESET, conf->id);
677	vpn->send_vpn_packet (pkt, dsa, IPTOS_MINCOST);	676	vpn->send_vpn_packet (pkt, dsa, IPTOS_MINCOST);
678		677
679	delete pkt;	678	delete pkt;
680	}	679	}
681	}	680	}
682		681
683	static rsachallenge *
684	gen_challenge (u32 seqrand, SOCKADDR *sa)
685	{
686	static rsachallenge k;
687
688	memcpy (&k, &challenge_bytes (), sizeof (k));
689	(u32 )&k[CHG_SEQNO] ^= seqrand;
690	xor_sa (k, sa);
691
692	return &k;
693	}
694
695	void	682	void
696	connection::send_auth (auth_subtype subtype, SOCKADDR sa, const rsachallenge k)	683	connection::send_auth_request (SOCKADDR *sa, bool initiate)
697	{	684	{
698	static net_rate_limiter limiter(0.2);	685	if (auth_rate_limiter.can (sa))
699
700	if (subtype != AUTH_INIT \|\| limiter.can (sa))
701	{	686	{
702	if (!k)
703	k = gen_challenge (seqrand, sa);
704
705	auth_packet *pkt = new auth_packet (conf->id, subtype);	687	auth_req_packet *pkt = new auth_req_packet (conf->id, initiate);
706		688
707	memcpy (pkt->challenge, rsa_cache.public_encrypt (conf->rsa_key, *k), sizeof (rsaencrdata));	689	rsachallenge chg;
708		690
		691	rsa_cache.gen (pkt->id, chg);
		692
		693	if (0 > RSA_public_encrypt (sizeof chg,
		694	(unsigned char )&chg, (unsigned char )&pkt->encr,
		695	conf->rsa_key, RSA_PKCS1_OAEP_PADDING))
		696	fatal ("RSA_public_encrypt error");
		697
709	slog (L_TRACE, ">>%d PT_AUTH(%d) [%s]", conf->id, subtype, (const char *)sockinfo (sa));	698	slog (L_TRACE, ">>%d PT_AUTH_REQ [%s]", conf->id, (const char *)sockinfo (sa));
710		699
711	vpn->send_vpn_packet (pkt, sa, IPTOS_RELIABILITY);	700	vpn->send_vpn_packet (pkt, sa, IPTOS_RELIABILITY); // rsa is very very costly
		701
		702	delete pkt;
		703	}
		704	}
		705
		706	void
		707	connection::send_auth_response (SOCKADDR *sa, const rsaid &id, const rsachallenge &chg)
		708	{
		709	if (auth_rate_limiter.can (sa))
		710	{
		711	auth_res_packet *pkt = new auth_res_packet (conf->id);
		712
		713	pkt->id = id;
		714	rsa_hash (chg, pkt->response);
		715
		716	slog (L_TRACE, ">>%d PT_AUTH_RES [%s]", conf->id, (const char *)sockinfo (sa));
		717
		718	vpn->send_vpn_packet (pkt, sa, IPTOS_RELIABILITY); // rsa is very very costly
712		719
713	delete pkt;	720	delete pkt;
714	}	721	}
715	}	722	}
716		723
…		…
719	{	726	{
720	if (ictx \|\| conf == THISNODE \|\| connectmode == conf_node::C_NEVER)	727	if (ictx \|\| conf == THISNODE \|\| connectmode == conf_node::C_NEVER)
721	ts = TSTAMP_CANCEL;	728	ts = TSTAMP_CANCEL;
722	else if (ts <= NOW)	729	else if (ts <= NOW)
723	{	730	{
724	double retry_int = double (retry_cnt & 3 ? (retry_cnt & 3) : 1 << (retry_cnt >> 2)) * 0.25;	731	double retry_int = double (retry_cnt & 3 ? (retry_cnt & 3) : 1 << (retry_cnt >> 2)) * 0.6;
725		732
726	if (retry_int < 3600 * 8)	733	if (retry_int < 3600 * 8)
727	retry_cnt++;	734	retry_cnt++;
728
729	if (connectmode == conf_node::C_ONDEMAND
730	&& retry_int > ::conf.keepalive)
731	retry_int = ::conf.keepalive;
732		735
733	ts = NOW + retry_int;	736	ts = NOW + retry_int;
734		737
735	if (conf->hostname)	738	if (conf->hostname)
736	{	739	{
737	reset_dstaddr ();	740	reset_dstaddr ();
738	if (sa.sin_addr.s_addr)	741	if (sa.sin_addr.s_addr)
739	if (retry_cnt < 4)	742	if (retry_cnt < 4)
740	send_auth (AUTH_INIT, &sa);	743	send_auth_request (&sa, true);
741	else	744	else if (auth_rate_limiter.can (&sa))
742	send_ping (&sa, 0);	745	send_ping (&sa, 0);
743	}	746	}
744	else	747	else
745	vpn->connect_request (conf->id);	748	vpn->connect_request (conf->id);
746	}	749	}
…		…
752	if (ictx && octx)	755	if (ictx && octx)
753	{	756	{
754	slog (L_INFO, _("connection to %d (%s) lost"), conf->id, conf->nodename);	757	slog (L_INFO, _("connection to %d (%s) lost"), conf->id, conf->nodename);
755		758
756	if (::conf.script_node_down)	759	if (::conf.script_node_down)
757	run_script (this, &connection::script_node_down, false);	760	run_script (run_script_cb (this, &connection::script_node_down), false);
758	}	761	}
759		762
760	delete ictx; ictx = 0;	763	delete ictx; ictx = 0;
761	delete octx; octx = 0;	764	delete octx; octx = 0;
762
763	RAND_bytes ((unsigned char *)&seqrand, sizeof (u32));
764		765
765	sa.sin_port = 0;	766	sa.sin_port = 0;
766	sa.sin_addr.s_addr = 0;	767	sa.sin_addr.s_addr = 0;
767		768
768	last_activity = 0;	769	last_activity = 0;
…		…
833	conf->id, pkt->typ (), pkt->src (), pkt->dst ());	834	conf->id, pkt->typ (), pkt->src (), pkt->dst ());
834		835
835	switch (pkt->typ ())	836	switch (pkt->typ ())
836	{	837	{
837	case vpn_packet::PT_PING:	838	case vpn_packet::PT_PING:
838	send_ping (ssa, 1); // pong
839	break;
840
841	case vpn_packet::PT_PONG:
842	// we send pings instead of auth packets after some retries,	839	// we send pings instead of auth packets after some retries,
843	// so reset the retry counter and establish a conenction	840	// so reset the retry counter and establish a conenction
844	// when we receive a pong.	841	// when we receive a pong.
845	if (!ictx && !octx)	842	if (!ictx && !octx)
846	{	843	{
847	retry_cnt = 0;	844	retry_cnt = 0;
848	establish_connection.at = 0;	845	establish_connection.at = 0;
849	establish_connection ();	846	establish_connection ();
850	}	847	}
		848	else
		849	send_ping (ssa, 1); // pong
851		850
		851	break;
		852
		853	case vpn_packet::PT_PONG:
852	break;	854	break;
853		855
854	case vpn_packet::PT_RESET:	856	case vpn_packet::PT_RESET:
855	{	857	{
856	reset_connection ();	858	reset_connection ();
857		859
858	config_packet p = (config_packet ) pkt;	860	config_packet p = (config_packet ) pkt;
		861
859	if (!p->chk_config ())	862	if (!p->chk_config ())
860	{	863	{
861	slog (L_WARN, _("protocol mismatch, disabling node '%s'"), conf->nodename);	864	slog (L_WARN, _("protocol mismatch, disabling node '%s'"), conf->nodename);
862	connectmode = conf_node::C_DISABLED;	865	connectmode = conf_node::C_DISABLED;
863	}	866	}
864	else if (connectmode == conf_node::C_ALWAYS)	867	else if (connectmode == conf_node::C_ALWAYS)
865	establish_connection ();	868	establish_connection ();
866	}	869	}
867	break;	870	break;
868		871
869	case vpn_packet::PT_AUTH:	872	case vpn_packet::PT_AUTH_REQ:
870	{	873	{
871	auth_packet p = (auth_packet ) pkt;	874	auth_req_packet p = (auth_req_packet ) pkt;
872		875
873	slog (L_TRACE, "<<%d PT_AUTH(%d)", conf->id, p->subtype);	876	slog (L_TRACE, "<<%d PT_AUTH_REQ(%d)", conf->id, p->initiate);
874		877
875	if (p->chk_config ()
876	&& !strncmp (p->magic, MAGIC, 8))	878	if (p->chk_config () && !strncmp (p->magic, MAGIC, 8))
877	{	879	{
878	if (p->prot_minor != PROTOCOL_MINOR)	880	if (p->prot_minor != PROTOCOL_MINOR)
879	slog (L_INFO, _("protocol minor version mismatch: ours is %d, %s's is %d."),	881	slog (L_INFO, _("protocol minor version mismatch: ours is %d, %s's is %d."),
880	PROTOCOL_MINOR, conf->nodename, p->prot_minor);	882	PROTOCOL_MINOR, conf->nodename, p->prot_minor);
881		883
882	if (p->subtype == AUTH_INIT)	884	if (p->initiate)
883	send_auth (AUTH_INITREPLY, ssa);	885	send_auth_request (ssa, false);
884		886
885	const rsachallenge *k = rsa_cache.private_decrypt (::conf.rsa_key, p->challenge);	887	rsachallenge k;
886		888
887	if (!k)	889	if (0 > RSA_private_decrypt (sizeof (p->encr),
		890	(unsigned char )&p->encr, (unsigned char )&k,
		891	::conf.rsa_key, RSA_PKCS1_OAEP_PADDING))
		892	slog (L_ERR, _("challenge from %s (%s) illegal or corrupted"),
		893	conf->nodename, (const char *)sockinfo (ssa));
		894	else
888	{	895	{
889	slog (L_ERR, _("challenge from %s (%s) illegal or corrupted"),	896	retry_cnt = 0;
890	conf->nodename, (const char *)sockinfo (ssa));	897	establish_connection.set (NOW + 8); //? ;)
		898	keepalive.reset ();
		899	rekey.reset ();
		900
		901	delete ictx;
		902	ictx = 0;
		903
		904	delete octx;
		905
		906	octx = new crypto_ctx (k, 1);
		907	oseqno = ntohl ((u32 )&k[CHG_SEQNO]) & 0x7fffffff;
		908
		909	send_auth_response (ssa, p->id, k);
		910
891	break;	911	break;
892	}	912	}
		913	}
893		914
894	retry_cnt = 0;
895	establish_connection.set (NOW + 8); //? ;)
896	keepalive.reset ();
897	rekey.reset ();
898		915
899	switch (p->subtype)	916	}
		917
		918	send_reset (ssa);
		919	break;
		920
		921	case vpn_packet::PT_AUTH_RES:
		922	{
		923	auth_res_packet p = (auth_res_packet ) pkt;
		924
		925	slog (L_TRACE, "<<%d PT_AUTH_RES", conf->id);
		926
		927	if (p->chk_config ())
		928	{
		929	if (p->prot_minor != PROTOCOL_MINOR)
		930	slog (L_INFO, _("protocol minor version mismatch: ours is %d, %s's is %d."),
		931	PROTOCOL_MINOR, conf->nodename, p->prot_minor);
		932
		933	rsachallenge chg;
		934
		935	if (!rsa_cache.find (p->id, chg))
		936	slog (L_ERR, _("unrequested auth response from %s (%s)"),
		937	conf->nodename, (const char *)sockinfo (ssa));
		938	else
900	{	939	{
901	case AUTH_INIT:	940	rsaresponse h;
902	case AUTH_INITREPLY:
903	delete ictx;
904	ictx = 0;
905		941
906	delete octx;	942	rsa_hash (chg, h);
907		943
908	octx = new crypto_ctx (*k, 1);	944	if (!memcmp ((u8 )&h, (u8 )p->response, sizeof h))
909	oseqno = ntohl ((u32 )&k[CHG_SEQNO]) & 0x7fffffff;
910
911	send_auth (AUTH_REPLY, ssa, k);
912	break;
913
914	case AUTH_REPLY:
915
916	if (!memcmp ((u8 )gen_challenge (seqrand, ssa), (u8 )k, sizeof (rsachallenge)))
917	{	945	{
918	delete ictx;	946	delete ictx;
919		947
920	ictx = new crypto_ctx (*k, 0);	948	ictx = new crypto_ctx (chg, 0);
921	iseqno.reset (ntohl ((u32 )&k[CHG_SEQNO]) & 0x7fffffff); // at least 2**31 sequence numbers are valid	949	iseqno.reset (ntohl ((u32 )&chg[CHG_SEQNO]) & 0x7fffffff); // at least 2**31 sequence numbers are valid
922		950
923	sa = *ssa;	951	sa = *ssa;
924		952
925	rekey.set (NOW + ::conf.rekey);	953	rekey.set (NOW + ::conf.rekey);
926	keepalive.set (NOW + ::conf.keepalive);	954	keepalive.set (NOW + ::conf.keepalive);
…		…
936		964
937	slog (L_INFO, _("connection to %d (%s %s) established"),	965	slog (L_INFO, _("connection to %d (%s %s) established"),
938	conf->id, conf->nodename, (const char *)sockinfo (ssa));	966	conf->id, conf->nodename, (const char *)sockinfo (ssa));
939		967
940	if (::conf.script_node_up)	968	if (::conf.script_node_up)
941	run_script (this, &connection::script_node_up, false);	969	run_script (run_script_cb (this, &connection::script_node_up), false);
		970
		971	break;
942	}	972	}
943	else	973	else
944	slog (L_ERR, _("sent and received challenge do not match with (%s %s))"),	974	slog (L_ERR, _("sent and received challenge do not match with (%s %s))"),
945	conf->nodename, (const char *)sockinfo (ssa));	975	conf->nodename, (const char *)sockinfo (ssa));
946
947	break;
948	default:
949	slog (L_ERR, _("authentification illegal subtype error (%s %s)"),
950	conf->nodename, (const char *)sockinfo (ssa));
951	break;
952	}	976	}
953	}	977	}
954	else
955	send_reset (ssa);
956
957	break;
958	}	978	}
		979
		980	send_reset (ssa);
		981	break;
959		982
960	case vpn_packet::PT_DATA_COMPRESSED:	983	case vpn_packet::PT_DATA_COMPRESSED:
961	#if !ENABLE_COMPRESSION	984	#if !ENABLE_COMPRESSION
962	send_reset (ssa);	985	send_reset (ssa);
963	break;	986	break;
964	#endif	987	#endif
		988
965	case vpn_packet::PT_DATA_UNCOMPRESSED:	989	case vpn_packet::PT_DATA_UNCOMPRESSED:
966		990
967	if (ictx && octx)	991	if (ictx && octx)
968	{	992	{
969	vpndata_packet p = (vpndata_packet )pkt;	993	vpndata_packet p = (vpndata_packet )pkt;
…		…
1062	connection *c = vpn->conns[p->id - 1];	1086	connection *c = vpn->conns[p->id - 1];
1063		1087
1064	slog (L_TRACE, "<<%d PT_CONNECT_INFO(%d,%s) (%d)",	1088	slog (L_TRACE, "<<%d PT_CONNECT_INFO(%d,%s) (%d)",
1065	conf->id, p->id, (const char *)p->si, !c->ictx && !c->octx);	1089	conf->id, p->id, (const char *)p->si, !c->ictx && !c->octx);
1066		1090
1067	c->send_auth (AUTH_INIT, p->si.sa ());	1091	c->send_auth_request (p->si.sa (), true);
1068	}	1092	}
		1093
1069	break;	1094	break;
1070		1095
1071	default:	1096	default:
1072	send_reset (ssa);	1097	send_reset (ssa);
1073	break;	1098	break;
		1099
1074	}	1100	}
1075	}	1101	}
1076		1102
1077	void connection::keepalive_cb (tstamp &ts)	1103	void connection::keepalive_cb (tstamp &ts)
1078	{	1104	{
…		…
1105	delete p;	1131	delete p;
1106	}	1132	}
1107		1133
1108	void connection::script_node ()	1134	void connection::script_node ()
1109	{	1135	{
1110	vpn->script_if_up ();	1136	vpn->script_if_up (0);
1111		1137
1112	char *env;	1138	char *env;
1113	asprintf (&env, "DESTID=%d", conf->id);	1139	asprintf (&env, "DESTID=%d", conf->id);
1114	putenv (env);	1140	putenv (env);
1115	asprintf (&env, "DESTNODE=%s", conf->nodename);	1141	asprintf (&env, "DESTNODE=%s", conf->nodename);
…		…
1118	putenv (env);	1144	putenv (env);
1119	asprintf (&env, "DESTPORT=%d", ntohs (sa.sin_port));	1145	asprintf (&env, "DESTPORT=%d", ntohs (sa.sin_port));
1120	putenv (env);	1146	putenv (env);
1121	}	1147	}
1122		1148
1123	const char *connection::script_node_up ()	1149	const char *connection::script_node_up (int)
1124	{	1150	{
1125	script_node ();	1151	script_node ();
1126		1152
1127	putenv ("STATE=up");	1153	putenv ("STATE=up");
1128		1154
1129	return ::conf.script_node_up ? ::conf.script_node_up : "node-up";	1155	return ::conf.script_node_up ? ::conf.script_node_up : "node-up";
1130	}	1156	}
1131		1157
1132	const char *connection::script_node_down ()	1158	const char *connection::script_node_down (int)
1133	{	1159	{
1134	script_node ();	1160	script_node ();
1135		1161
1136	putenv ("STATE=down");	1162	putenv ("STATE=down");
1137		1163
…		…
1156	shutdown ();	1182	shutdown ();
1157	}	1183	}
1158		1184
1159	/////////////////////////////////////////////////////////////////////////////	1185	/////////////////////////////////////////////////////////////////////////////
1160		1186
1161	const char *vpn::script_if_up ()	1187	const char *vpn::script_if_up (int)
1162	{	1188	{
1163	// the tunnel device mtu should be the physical mtu - overhead	1189	// the tunnel device mtu should be the physical mtu - overhead
1164	// the tricky part is rounding to the cipher key blocksize	1190	// the tricky part is rounding to the cipher key blocksize
1165	int mtu = conf.mtu - ETH_OVERHEAD - VPE_OVERHEAD - UDP_OVERHEAD;	1191	int mtu = conf.mtu - ETH_OVERHEAD - VPE_OVERHEAD - MAX_OVERHEAD;
1166	mtu += ETH_OVERHEAD - 6 - 6; // now we have the data portion	1192	mtu += ETH_OVERHEAD - 6 - 6; // now we have the data portion
1167	mtu -= mtu % EVP_CIPHER_block_size (CIPHER); // round	1193	mtu -= mtu % EVP_CIPHER_block_size (CIPHER); // round
1168	mtu -= ETH_OVERHEAD - 6 - 6; // and get interface mtu again	1194	mtu -= ETH_OVERHEAD - 6 - 6; // and get interface mtu again
1169		1195
1170	char *env;	1196	char *env;
…		…
1224	{	1250	{
1225	slog (L_ERR, _("cannot create network interface '%s'"), conf.ifname);	1251	slog (L_ERR, _("cannot create network interface '%s'"), conf.ifname);
1226	exit (1);	1252	exit (1);
1227	}	1253	}
1228		1254
1229	run_script (this, &vpn::script_if_up, true);	1255	run_script (run_script_cb (this, &vpn::script_if_up), true);
1230		1256
1231	vpn_ev_watcher.start (tap->fd, POLLIN);	1257	vpn_ev_watcher.start (tap->fd, POLLIN);
1232		1258
1233	reconnect_all ();	1259	reconnect_all ();
1234		1260

Diff Legend

-–
+Removed lines
-+
+Added lines
-<
+Changed lines
->
+Changed lines

Comparing gvpe/src/protocol.C (file contents): Revision 1.14 by pcg, Sat Mar 22 22:39:11 2003 UTC vs. Revision 1.17 by pcg, Wed Mar 26 01:58:46 2003 UTC

Diff Legend

Comparing gvpe/src/protocol.C (file contents):
Revision 1.14 by pcg, Sat Mar 22 22:39:11 2003 UTC vs.
Revision 1.17 by pcg, Wed Mar 26 01:58:46 2003 UTC