gvpe/src/protocol.h

/*
    protocol.h -- header for protocol.C
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation; either version 2 of the License, or
    (at your option) any later version.
 
    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.
 
    You should have received a copy of the GNU General Public License
    along with this program; if not, write to the Free Software
    Foundation, Inc. 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
*/

#ifndef VPE_PROTOCOL_H__
#define VPE_PROTOCOL_H__

#include <netinet/in.h>
#include <netinet/ip.h> // for tos etc.

#include <openssl/evp.h>
#include <openssl/rsa.h>

#include "conf.h"
#include "iom.h"
#include "util.h"
#include "sockinfo.h"
#include "device.h"

/* Protocol version. Different major versions are incompatible,
 * different minor versions probably are compatible ;)
 */

#define PROTOCOL_MAJOR 0
#define PROTOCOL_MINOR 0

struct vpn;
struct vpn_packet;

struct rsaid {
  u8 id[RSA_IDLEN]; // the challenge id
};

typedef u8 rsachallenge[RSA_KEYLEN - RSA_OVERHEAD]; // challenge data;
typedef u8 rsaencrdata[RSA_KEYLEN]; // encrypted challenge
typedef u8 rsaresponse[RSA_RESLEN]; // the encrypted ripemd160 hash

struct crypto_ctx;

// a very simple fifo pkt-queue
class pkt_queue
  {
    tap_packet *queue[QUEUEDEPTH];
    int i, j;

  public:

    void put (tap_packet *p);
    tap_packet *get ();

    pkt_queue ();
    ~pkt_queue ();
  };

struct connection
  {
    conf_node *conf;
    struct vpn *vpn;

    sockinfo si; // the current(!) destination ip to send packets to
    int retry_cnt;

    tstamp last_activity;       // time of last packet received

    u32 oseqno;
    sliding_window iseqno;

    u8 prot_send, prot_recv;

    pkt_queue queue;

    crypto_ctx *octx, *ictx;

    enum conf_node::connectmode connectmode;
    u8 prot_minor; // minor number of other side

    void reset_dstaddr ();

    void shutdown ();
    void reset_connection ();
    void establish_connection_cb (tstamp &ts); time_watcher establish_connection;
    void rekey_cb (tstamp &ts); time_watcher rekey; // next rekying (actually current reset + reestablishing)
    void keepalive_cb (tstamp &ts); time_watcher keepalive; // next keepalive probe

    void send_auth_request (const sockinfo &si, bool initiate);
    void send_auth_response (const sockinfo &si, const rsaid &id, const rsachallenge &chg);
    void send_reset (const sockinfo &dsi);
    void send_ping (const sockinfo &dsi, u8 pong = 0);
    void send_data_packet (tap_packet *pkt, bool broadcast = false);
    void inject_data_packet (tap_packet *pkt, bool broadcast = false);
    void connect_request (int id);

    void send_vpn_packet (vpn_packet *pkt, const sockinfo &si, int tos = IPTOS_RELIABILITY);
    void recv_vpn_packet (vpn_packet *pkt, const sockinfo &rsi);

    void script_node ();
    const char *script_node_up (int);
    const char *script_node_down (int);

    void dump_status ();

    connection(struct vpn *vpn_);
    ~connection ();
  };

struct vpn
  {
    int udpv4_fd;
    int ipv4_fd;

    int events;

    enum {
      EVENT_RECONNECT = 1,
      EVENT_SHUTDOWN  = 2,
    };

    void event_cb (tstamp &ts); time_watcher event;

    tap_device *tap;

    typedef vector<connection *> conns_vector;
    conns_vector conns;

    connection *find_router ();

    void reconnect_all ();
    void shutdown_all ();
    void connect_request (int id);

    void tap_ev (short revents); io_watcher tap_ev_watcher;
    void ipv4_ev (short revents); io_watcher ipv4_ev_watcher;
    void udpv4_ev (short revents); io_watcher udpv4_ev_watcher;

    void recv_vpn_packet (vpn_packet *pkt, const sockinfo &rsi);

    void send_udpv4_packet (vpn_packet *pkt, const sockinfo &si, int tos = IPTOS_RELIABILITY);
    void send_ipv4_packet (vpn_packet *pkt, const sockinfo &si, int tos = IPTOS_RELIABILITY);

    vpn ();
    ~vpn ();

    int setup ();

    void dump_status ();

    const char *script_if_up (int);
  };

#endif

Revision:	1.10
Committed:	Fri Mar 28 04:05:10 2003 UTC (21 years, 2 months ago) by pcg
Content type:	text/plain
Branch:	MAIN
Changes since 1.9:	+25 -10 lines
Log Message:	* empty log message *
#	User	Rev	Content
1	pcg	1.1	/*
2			protocol.h -- header for protocol.C
3
4			This program is free software; you can redistribute it and/or modify
5			it under the terms of the GNU General Public License as published by
6			the Free Software Foundation; either version 2 of the License, or
7			(at your option) any later version.
8
9			This program is distributed in the hope that it will be useful,
10			but WITHOUT ANY WARRANTY; without even the implied warranty of
11			MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12			GNU General Public License for more details.
13
14			You should have received a copy of the GNU General Public License
15			along with this program; if not, write to the Free Software
16			Foundation, Inc. 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
17			*/
18
19			#ifndef VPE_PROTOCOL_H__
20			#define VPE_PROTOCOL_H__
21
22			#include <netinet/in.h>
23	pcg	1.3	#include <netinet/ip.h> // for tos etc.
24	pcg	1.1
25			#include <openssl/evp.h>
26			#include <openssl/rsa.h>
27
28			#include "conf.h"
29	pcg	1.5	#include "iom.h"
30	pcg	1.1	#include "util.h"
31	pcg	1.10	#include "sockinfo.h"
32	pcg	1.1	#include "device.h"
33
34	pcg	1.9	/* Protocol version. Different major versions are incompatible,
35			* different minor versions probably are compatible ;)
36	pcg	1.1	*/
37
38	pcg	1.9	#define PROTOCOL_MAJOR 0
39	pcg	1.1	#define PROTOCOL_MINOR 0
40
41			struct vpn;
42			struct vpn_packet;
43
44	pcg	1.8	struct rsaid {
45			u8 id[RSA_IDLEN]; // the challenge id
46			};
47
48			typedef u8 rsachallenge[RSA_KEYLEN - RSA_OVERHEAD]; // challenge data;
49	pcg	1.1	typedef u8 rsaencrdata[RSA_KEYLEN]; // encrypted challenge
50	pcg	1.9	typedef u8 rsaresponse[RSA_RESLEN]; // the encrypted ripemd160 hash
51	pcg	1.1
52			struct crypto_ctx;
53
54	pcg	1.5	// a very simple fifo pkt-queue
55			class pkt_queue
56			{
57			tap_packet *queue[QUEUEDEPTH];
58			int i, j;
59
60			public:
61
62			void put (tap_packet *p);
63			tap_packet *get ();
64
65			pkt_queue ();
66			~pkt_queue ();
67			};
68
69	pcg	1.1	struct connection
70			{
71			conf_node *conf;
72			struct vpn *vpn;
73
74	pcg	1.10	sockinfo si; // the current(!) destination ip to send packets to
75	pcg	1.1	int retry_cnt;
76
77	pcg	1.5	tstamp last_activity; // time of last packet received
78	pcg	1.1
79			u32 oseqno;
80	pcg	1.4	sliding_window iseqno;
81	pcg	1.1
82	pcg	1.10	u8 prot_send, prot_recv;
83
84	pcg	1.1	pkt_queue queue;
85
86			crypto_ctx octx, ictx;
87
88	pcg	1.2	enum conf_node::connectmode connectmode;
89	pcg	1.9	u8 prot_minor; // minor number of other side
90	pcg	1.2
91	pcg	1.1	void reset_dstaddr ();
92
93			void shutdown ();
94			void reset_connection ();
95	pcg	1.5	void establish_connection_cb (tstamp &ts); time_watcher establish_connection;
96			void rekey_cb (tstamp &ts); time_watcher rekey; // next rekying (actually current reset + reestablishing)
97			void keepalive_cb (tstamp &ts); time_watcher keepalive; // next keepalive probe
98	pcg	1.1
99	pcg	1.10	void send_auth_request (const sockinfo &si, bool initiate);
100			void send_auth_response (const sockinfo &si, const rsaid &id, const rsachallenge &chg);
101			void send_reset (const sockinfo &dsi);
102			void send_ping (const sockinfo &dsi, u8 pong = 0);
103	pcg	1.1	void send_data_packet (tap_packet *pkt, bool broadcast = false);
104			void inject_data_packet (tap_packet *pkt, bool broadcast = false);
105			void connect_request (int id);
106
107	pcg	1.10	void send_vpn_packet (vpn_packet *pkt, const sockinfo &si, int tos = IPTOS_RELIABILITY);
108			void recv_vpn_packet (vpn_packet *pkt, const sockinfo &rsi);
109	pcg	1.1
110			void script_node ();
111	pcg	1.8	const char *script_node_up (int);
112			const char *script_node_down (int);
113	pcg	1.5
114	pcg	1.10	void dump_status ();
115
116	pcg	1.5	connection(struct vpn *vpn_);
117			~connection ();
118	pcg	1.1	};
119
120			struct vpn
121			{
122	pcg	1.10	int udpv4_fd;
123			int ipv4_fd;
124
125	pcg	1.1	int events;
126
127			enum {
128			EVENT_RECONNECT = 1,
129			EVENT_SHUTDOWN = 2,
130			};
131
132	pcg	1.5	void event_cb (tstamp &ts); time_watcher event;
133
134			tap_device *tap;
135
136	pcg	1.1	typedef vector<connection *> conns_vector;
137			conns_vector conns;
138
139			connection *find_router ();
140
141			void reconnect_all ();
142			void shutdown_all ();
143			void connect_request (int id);
144
145	pcg	1.10	void tap_ev (short revents); io_watcher tap_ev_watcher;
146			void ipv4_ev (short revents); io_watcher ipv4_ev_watcher;
147			void udpv4_ev (short revents); io_watcher udpv4_ev_watcher;
148
149			void recv_vpn_packet (vpn_packet *pkt, const sockinfo &rsi);
150
151			void send_udpv4_packet (vpn_packet *pkt, const sockinfo &si, int tos = IPTOS_RELIABILITY);
152			void send_ipv4_packet (vpn_packet *pkt, const sockinfo &si, int tos = IPTOS_RELIABILITY);
153	pcg	1.5
154	pcg	1.1	vpn ();
155			~vpn ();
156
157			int setup ();
158	pcg	1.10
159			void dump_status ();
160	pcg	1.1
161	pcg	1.8	const char *script_if_up (int);
162	pcg	1.1	};
163
164			#endif
165