1 |
/* |
2 |
protocol.h -- header for protocol.C |
3 |
|
4 |
This program is free software; you can redistribute it and/or modify |
5 |
it under the terms of the GNU General Public License as published by |
6 |
the Free Software Foundation; either version 2 of the License, or |
7 |
(at your option) any later version. |
8 |
|
9 |
This program is distributed in the hope that it will be useful, |
10 |
but WITHOUT ANY WARRANTY; without even the implied warranty of |
11 |
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
12 |
GNU General Public License for more details. |
13 |
|
14 |
You should have received a copy of the GNU General Public License |
15 |
along with this program; if not, write to the Free Software |
16 |
Foundation, Inc. 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA |
17 |
*/ |
18 |
|
19 |
#ifndef VPE_PROTOCOL_H__ |
20 |
#define VPE_PROTOCOL_H__ |
21 |
|
22 |
#include <netinet/in.h> |
23 |
|
24 |
#include <openssl/evp.h> |
25 |
#include <openssl/rsa.h> |
26 |
|
27 |
#include "conf.h" |
28 |
#include "util.h" |
29 |
#include "device.h" |
30 |
|
31 |
/* Protocol version. Different versions are incompatible, |
32 |
incompatible version have different protocols. |
33 |
*/ |
34 |
|
35 |
#define PROTOCOL_MAJOR 2 |
36 |
#define PROTOCOL_MINOR 0 |
37 |
|
38 |
struct vpn; |
39 |
struct vpn_packet; |
40 |
|
41 |
typedef u8 rsachallenge[RSA_KEYLEN - RSA_OVERHEAD]; // challenge data |
42 |
typedef u8 rsaencrdata[RSA_KEYLEN]; // encrypted challenge |
43 |
|
44 |
struct crypto_ctx; |
45 |
|
46 |
enum auth_subtype { AUTH_INIT, AUTH_INITREPLY, AUTH_REPLY }; |
47 |
|
48 |
struct connection |
49 |
{ |
50 |
conf_node *conf; |
51 |
struct vpn *vpn; |
52 |
|
53 |
SOCKADDR sa; |
54 |
int retry_cnt; |
55 |
|
56 |
time_t next_retry; // next connection retry |
57 |
time_t next_rekey; // next rekying (actually current reset + reestablishing) |
58 |
time_t last_activity; // time of last packet received |
59 |
|
60 |
u32 oseqno; |
61 |
u32 iseqno; |
62 |
u32 ismask; // bitmask with set bits for each received seqno (input seen mask) |
63 |
|
64 |
pkt_queue queue; |
65 |
|
66 |
crypto_ctx *octx, *ictx; |
67 |
|
68 |
void reset_dstaddr (); |
69 |
|
70 |
void shutdown (); |
71 |
void reset_connection (); |
72 |
void establish_connection (); |
73 |
void rekey (); |
74 |
|
75 |
void send_auth (auth_subtype subtype, SOCKADDR *sa, rsachallenge *k = 0); |
76 |
void send_reset (SOCKADDR *dsa); |
77 |
void send_ping (SOCKADDR *dss, u8 pong = 0); |
78 |
void send_data_packet (tap_packet *pkt, bool broadcast = false); |
79 |
void inject_data_packet (tap_packet *pkt, bool broadcast = false); |
80 |
void connect_request (int id); |
81 |
|
82 |
void recv_vpn_packet (vpn_packet *pkt, SOCKADDR *rsa); |
83 |
|
84 |
void timer (); |
85 |
|
86 |
connection(struct vpn *vpn_) |
87 |
: vpn(vpn_) |
88 |
{ |
89 |
octx = ictx = 0; |
90 |
retry_cnt = 0; |
91 |
reset_connection (); |
92 |
} |
93 |
|
94 |
~connection () |
95 |
{ |
96 |
shutdown (); |
97 |
} |
98 |
|
99 |
void script_node (); |
100 |
const char *script_node_up (); |
101 |
const char *script_node_down (); |
102 |
}; |
103 |
|
104 |
struct vpn |
105 |
{ |
106 |
int socket_fd; |
107 |
int events; |
108 |
|
109 |
tap_device *tap; |
110 |
|
111 |
enum { |
112 |
EVENT_RECONNECT = 1, |
113 |
EVENT_SHUTDOWN = 2, |
114 |
}; |
115 |
|
116 |
typedef vector<connection *> conns_vector; |
117 |
conns_vector conns; |
118 |
|
119 |
connection *find_router (); |
120 |
|
121 |
void send_vpn_packet (vpn_packet *pkt, SOCKADDR *sa); |
122 |
void reconnect_all (); |
123 |
void shutdown_all (); |
124 |
void connect_request (int id); |
125 |
|
126 |
vpn (); |
127 |
~vpn (); |
128 |
|
129 |
int setup (); |
130 |
void main_loop (); |
131 |
|
132 |
const char *script_if_up (); |
133 |
}; |
134 |
|
135 |
#endif |
136 |
|