1 /* site.c - manage communication with a remote network site */
3 /* The 'site' code doesn't know anything about the structure of the
4 packets it's transmitting. In fact, under the new netlink
5 configuration scheme it doesn't need to know anything at all about
6 IP addresses, except how to contact its peer. This means it could
7 potentially be used to tunnel other protocols too (IPv6, IPX, plain
8 old Ethernet frames) if appropriate netlink code can be written
9 (and that ought not to be too hard, eg. using the TUN/TAP device to
10 pretend to be an Ethernet interface). */
12 /* At some point in the future the netlink code will be asked for
13 configuration information to go in the PING/PONG packets at the end
14 of the key exchange. */
21 #include <sys/socket.h>
25 #include "unaligned.h"
28 #define SETUP_BUFFER_LEN 2048
30 #define DEFAULT_KEY_LIFETIME (3600*1000) /* [ms] */
31 #define DEFAULT_KEY_RENEGOTIATE_GAP (5*60*1000) /* [ms] */
32 #define DEFAULT_SETUP_RETRIES 5
33 #define DEFAULT_SETUP_RETRY_INTERVAL (2*1000) /* [ms] */
34 #define DEFAULT_WAIT_TIME (20*1000) /* [ms] */
36 #define DEFAULT_MOBILE_KEY_LIFETIME (2*24*3600*1000) /* [ms] */
37 #define DEFAULT_MOBILE_KEY_RENEGOTIATE_GAP (12*3600*1000) /* [ms] */
38 #define DEFAULT_MOBILE_SETUP_RETRIES 30
39 #define DEFAULT_MOBILE_SETUP_RETRY_INTERVAL (1*1000) /* [ms] */
40 #define DEFAULT_MOBILE_WAIT_TIME (10*1000) /* [ms] */
42 #define DEFAULT_MOBILE_PEER_EXPIRY (2*60) /* [s] */
43 #define DEFAULT_MOBILE_PEERS_MAX 3 /* send at most this many copies (default) */
45 /* Each site can be in one of several possible states. */
48 SITE_STOP - nothing is allowed to happen; tunnel is down;
49 all session keys have been erased
50 -> SITE_RUN upon external instruction
51 SITE_RUN - site up, maybe with valid key
52 -> SITE_RESOLVE upon outgoing packet and no valid key
53 we start name resolution for the other end of the tunnel
54 -> SITE_SENTMSG2 upon valid incoming message 1 and suitable time
55 we send an appropriate message 2
56 SITE_RESOLVE - waiting for name resolution
57 -> SITE_SENTMSG1 upon successful resolution
58 we send an appropriate message 1
59 -> SITE_SENTMSG2 upon valid incoming message 1 (then abort resolution)
60 we abort resolution and
61 -> SITE_WAIT on timeout or resolution failure
63 -> SITE_SENTMSG2 upon valid incoming message 1 from higher priority end
64 -> SITE_SENTMSG3 upon valid incoming message 2
65 -> SITE_WAIT on timeout
67 -> SITE_SENTMSG4 upon valid incoming message 3
68 -> SITE_WAIT on timeout
70 -> SITE_SENTMSG5 upon valid incoming message 4
71 -> SITE_WAIT on timeout
73 -> SITE_RUN upon valid incoming message 5
74 -> SITE_WAIT on timeout
76 -> SITE_RUN upon valid incoming message 6
77 -> SITE_WAIT on timeout
78 SITE_WAIT - failed to establish key; do nothing for a while
79 -> SITE_RUN on timeout
84 #define SITE_RESOLVE 2
85 #define SITE_SENTMSG1 3
86 #define SITE_SENTMSG2 4
87 #define SITE_SENTMSG3 5
88 #define SITE_SENTMSG4 6
89 #define SITE_SENTMSG5 7
92 static cstring_t
state_name(uint32_t state
)
95 case 0: return "STOP";
97 case 2: return "RESOLVE";
98 case 3: return "SENTMSG1";
99 case 4: return "SENTMSG2";
100 case 5: return "SENTMSG3";
101 case 6: return "SENTMSG4";
102 case 7: return "SENTMSG5";
103 case 8: return "WAIT";
104 default: return "*bad state*";
110 #define LOG_UNEXPECTED 0x00000001
111 #define LOG_SETUP_INIT 0x00000002
112 #define LOG_SETUP_TIMEOUT 0x00000004
113 #define LOG_ACTIVATE_KEY 0x00000008
114 #define LOG_TIMEOUT_KEY 0x00000010
115 #define LOG_SEC 0x00000020
116 #define LOG_STATE 0x00000040
117 #define LOG_DROP 0x00000080
118 #define LOG_DUMP 0x00000100
119 #define LOG_ERROR 0x00000400
120 #define LOG_PEER_ADDRS 0x00000800
122 static struct flagstr log_event_table
[]={
123 { "unexpected", LOG_UNEXPECTED
},
124 { "setup-init", LOG_SETUP_INIT
},
125 { "setup-timeout", LOG_SETUP_TIMEOUT
},
126 { "activate-key", LOG_ACTIVATE_KEY
},
127 { "timeout-key", LOG_TIMEOUT_KEY
},
128 { "security", LOG_SEC
},
129 { "state-change", LOG_STATE
},
130 { "packet-drop", LOG_DROP
},
131 { "dump-packets", LOG_DUMP
},
132 { "errors", LOG_ERROR
},
133 { "peer-addrs", LOG_PEER_ADDRS
},
134 { "default", LOG_SETUP_INIT
|LOG_SETUP_TIMEOUT
|
135 LOG_ACTIVATE_KEY
|LOG_TIMEOUT_KEY
|LOG_SEC
|LOG_ERROR
},
136 { "all", 0xffffffff },
141 /***** TRANSPORT PEERS declarations *****/
143 /* Details of "mobile peer" semantics:
145 - We record mobile_peers_max peer address/port numbers ("peers")
146 for key setup, and separately mobile_peers_max for data
147 transfer. If these lists fill up, we retain the newest peers.
148 (For non-mobile peers we only record one of each.)
150 - Outgoing packets are sent to every recorded peer in the
153 - Data transfer peers are straightforward: whenever we successfully
154 process a data packet, we record the peer. Also, whenever we
155 successfully complete a key setup, we merge the key setup
156 peers into the data transfer peers.
158 (For "non-mobile" peers we simply copy the peer used for
159 successful key setup, and don't change the peer otherwise.)
161 - Key setup peers are slightly more complicated.
163 Whenever we receive and successfully process a key exchange
164 packet, we record the peer.
166 Whenever we try to initiate a key setup, we copy the list of data
167 transfer peers and use it for key setup. But we also look to see
168 if the config supplies an address and port number and if so we
169 add that as a key setup peer (possibly evicting one of the data
170 transfer peers we just copied).
172 (For "non-mobile" peers, if we if we have a configured peer
173 address and port, we always use that; otherwise if we have a
174 current data peer address we use that; otherwise we do not
175 attempt to initiate a key setup for lack of a peer address.)
177 "Record the peer" means
178 1. expire any peers last seen >120s ("mobile-peer-expiry") ago
179 2. add the peer of the just received packet to the applicable list
180 (possibly evicting older entries)
181 NB that we do not expire peers until an incoming packet arrives.
185 #define MAX_MOBILE_PEERS_MAX 5 /* send at most this many copies, compiled max */
189 struct comm_addr addr
;
193 /* configuration information */
194 /* runtime information */
196 transport_peer peers
[MAX_MOBILE_PEERS_MAX
];
199 static void transport_peers_clear(struct site
*st
, transport_peers
*peers
);
200 static int transport_peers_valid(transport_peers
*peers
);
201 static void transport_peers_copy(struct site
*st
, transport_peers
*dst
,
202 const transport_peers
*src
);
204 static void transport_setup_msgok(struct site
*st
, const struct comm_addr
*a
);
205 static void transport_data_msgok(struct site
*st
, const struct comm_addr
*a
);
206 static bool_t
transport_compute_setupinit_peers(struct site
*st
,
207 const struct comm_addr
*configured_addr
/* 0 if none or not found */);
208 static void transport_record_peer(struct site
*st
, transport_peers
*peers
,
209 const struct comm_addr
*addr
, const char *m
);
211 static void transport_xmit(struct site
*st
, transport_peers
*peers
,
212 struct buffer_if
*buf
, bool_t candebug
);
214 /***** END of transport peers declarations *****/
220 /* configuration information */
223 bool_t peer_mobile
; /* Mobile client support */
224 int32_t transport_peers_max
;
225 string_t tunname
; /* localname<->remotename by default, used in logs */
226 string_t address
; /* DNS name for bootstrapping, optional */
227 int remoteport
; /* Port for bootstrapping, optional */
228 struct netlink_if
*netlink
;
229 struct comm_if
**comms
;
231 struct resolver_if
*resolver
;
233 struct random_if
*random
;
234 struct rsaprivkey_if
*privkey
;
235 struct rsapubkey_if
*pubkey
;
236 struct transform_if
*transform
;
238 struct hash_if
*hash
;
240 uint32_t index
; /* Index of this site */
241 int32_t setup_retries
; /* How many times to send setup packets */
242 int32_t setup_retry_interval
; /* Initial timeout for setup packets */
243 int32_t wait_timeout
; /* How long to wait if setup unsuccessful */
244 int32_t mobile_peer_expiry
; /* How long to remember 2ary addresses */
245 int32_t key_lifetime
; /* How long a key lasts once set up */
246 int32_t key_renegotiate_time
; /* If we see traffic (or a keepalive)
247 after this time, initiate a new
250 uint8_t *setupsig
; /* Expected signature of incoming MSG1 packets */
251 int32_t setupsiglen
; /* Allows us to discard packets quickly if
252 they are not for us */
253 bool_t setup_priority
; /* Do we have precedence if both sites emit
254 message 1 simultaneously? */
257 /* runtime information */
259 uint64_t now
; /* Most recently seen time */
261 /* The currently established session */
262 uint32_t remote_session_id
;
263 struct transform_inst_if
*current_transform
;
264 bool_t current_valid
;
265 uint64_t current_key_timeout
; /* End of life of current key */
266 uint64_t renegotiate_key_time
; /* When we can negotiate a new key */
267 transport_peers peers
; /* Current address(es) of peer for data traffic */
269 /* The current key setup protocol exchange. We can only be
270 involved in one of these at a time. There's a potential for
271 denial of service here (the attacker keeps sending a setup
272 packet; we keep trying to continue the exchange, and have to
273 timeout before we can listen for another setup packet); perhaps
274 we should keep a list of 'bad' sources for setup packets. */
275 uint32_t setup_session_id
;
276 transport_peers setup_peers
;
277 uint8_t localN
[NONCELEN
]; /* Nonces for key exchange */
278 uint8_t remoteN
[NONCELEN
];
279 struct buffer_if buffer
; /* Current outgoing key exchange packet */
280 int32_t retries
; /* Number of retries remaining */
281 uint64_t timeout
; /* Timeout for current state */
283 uint8_t *sharedsecret
;
284 struct transform_inst_if
*new_transform
; /* For key setup/verify */
287 static void slog(struct site
*st
, uint32_t event
, cstring_t msg
, ...)
295 if (event
&st
->log_events
) {
297 case LOG_UNEXPECTED
: class=M_INFO
; break;
298 case LOG_SETUP_INIT
: class=M_INFO
; break;
299 case LOG_SETUP_TIMEOUT
: class=M_NOTICE
; break;
300 case LOG_ACTIVATE_KEY
: class=M_INFO
; break;
301 case LOG_TIMEOUT_KEY
: class=M_INFO
; break;
302 case LOG_SEC
: class=M_SECURITY
; break;
303 case LOG_STATE
: class=M_DEBUG
; break;
304 case LOG_DROP
: class=M_DEBUG
; break;
305 case LOG_DUMP
: class=M_DEBUG
; break;
306 case LOG_ERROR
: class=M_ERR
; break;
307 case LOG_PEER_ADDRS
: class=M_DEBUG
; break;
308 default: class=M_ERR
; break;
311 vsnprintf(buf
,sizeof(buf
),msg
,ap
);
312 st
->log
->log(st
->log
->st
,class,"%s: %s",st
->tunname
,buf
);
317 static void set_link_quality(struct site
*st
);
318 static void delete_key(struct site
*st
, cstring_t reason
, uint32_t loglevel
);
319 static bool_t
initiate_key_setup(struct site
*st
, cstring_t reason
);
320 static void enter_state_run(struct site
*st
);
321 static bool_t
enter_state_resolve(struct site
*st
);
322 static bool_t
enter_new_state(struct site
*st
,uint32_t next
);
323 static void enter_state_wait(struct site
*st
);
325 #define CHECK_AVAIL(b,l) do { if ((b)->size<(l)) return False; } while(0)
326 #define CHECK_EMPTY(b) do { if ((b)->size!=0) return False; } while(0)
327 #define CHECK_TYPE(b,t) do { uint32_t type; \
328 CHECK_AVAIL((b),4); \
329 type=buf_unprepend_uint32((b)); \
330 if (type!=(t)) return False; } while(0)
349 /* Build any of msg1 to msg4. msg5 and msg6 are built from the inside
350 out using a transform of config data supplied by netlink */
351 static bool_t
generate_msg(struct site
*st
, uint32_t type
, cstring_t what
)
357 st
->retries
=st
->setup_retries
;
358 BUF_ALLOC(&st
->buffer
,what
);
359 buffer_init(&st
->buffer
,0);
360 buf_append_uint32(&st
->buffer
,
361 (type
==LABEL_MSG1?
0:st
->setup_session_id
));
362 buf_append_uint32(&st
->buffer
,st
->index
);
363 buf_append_uint32(&st
->buffer
,type
);
364 buf_append_string(&st
->buffer
,st
->localname
);
365 buf_append_string(&st
->buffer
,st
->remotename
);
366 memcpy(buf_append(&st
->buffer
,NONCELEN
),st
->localN
,NONCELEN
);
367 if (type
==LABEL_MSG1
) return True
;
368 memcpy(buf_append(&st
->buffer
,NONCELEN
),st
->remoteN
,NONCELEN
);
369 if (type
==LABEL_MSG2
) return True
;
371 if (hacky_par_mid_failnow()) return False
;
373 dhpub
=st
->dh
->makepublic(st
->dh
->st
,st
->dhsecret
,st
->dh
->len
);
374 buf_append_string(&st
->buffer
,dhpub
);
376 hash
=safe_malloc(st
->hash
->len
, "generate_msg");
377 hst
=st
->hash
->init();
378 st
->hash
->update(hst
,st
->buffer
.start
,st
->buffer
.size
);
379 st
->hash
->final(hst
,hash
);
380 sig
=st
->privkey
->sign(st
->privkey
->st
,hash
,st
->hash
->len
);
381 buf_append_string(&st
->buffer
,sig
);
387 static bool_t
unpick_msg(struct site
*st
, uint32_t type
,
388 struct buffer_if
*msg
, struct msg
*m
)
390 m
->hashstart
=msg
->start
;
392 m
->dest
=buf_unprepend_uint32(msg
);
394 m
->source
=buf_unprepend_uint32(msg
);
395 CHECK_TYPE(msg
,type
);
397 m
->remlen
=buf_unprepend_uint16(msg
);
398 CHECK_AVAIL(msg
,m
->remlen
);
399 m
->remote
=buf_unprepend(msg
,m
->remlen
);
401 m
->loclen
=buf_unprepend_uint16(msg
);
402 CHECK_AVAIL(msg
,m
->loclen
);
403 m
->local
=buf_unprepend(msg
,m
->loclen
);
404 CHECK_AVAIL(msg
,NONCELEN
);
405 m
->nR
=buf_unprepend(msg
,NONCELEN
);
406 if (type
==LABEL_MSG1
) {
410 CHECK_AVAIL(msg
,NONCELEN
);
411 m
->nL
=buf_unprepend(msg
,NONCELEN
);
412 if (type
==LABEL_MSG2
) {
417 m
->pklen
=buf_unprepend_uint16(msg
);
418 CHECK_AVAIL(msg
,m
->pklen
);
419 m
->pk
=buf_unprepend(msg
,m
->pklen
);
420 m
->hashlen
=msg
->start
-m
->hashstart
;
422 m
->siglen
=buf_unprepend_uint16(msg
);
423 CHECK_AVAIL(msg
,m
->siglen
);
424 m
->sig
=buf_unprepend(msg
,m
->siglen
);
429 static bool_t
check_msg(struct site
*st
, uint32_t type
, struct msg
*m
,
432 if (type
==LABEL_MSG1
) return True
;
434 /* Check that the site names and our nonce have been sent
435 back correctly, and then store our peer's nonce. */
436 if (memcmp(m
->remote
,st
->remotename
,strlen(st
->remotename
)!=0)) {
437 *error
="wrong remote site name";
440 if (memcmp(m
->local
,st
->localname
,strlen(st
->localname
)!=0)) {
441 *error
="wrong local site name";
444 if (memcmp(m
->nL
,st
->localN
,NONCELEN
)!=0) {
445 *error
="wrong locally-generated nonce";
448 if (type
==LABEL_MSG2
) return True
;
449 if (memcmp(m
->nR
,st
->remoteN
,NONCELEN
)!=0) {
450 *error
="wrong remotely-generated nonce";
453 if (type
==LABEL_MSG3
) return True
;
454 if (type
==LABEL_MSG4
) return True
;
455 *error
="unknown message type";
459 static bool_t
generate_msg1(struct site
*st
)
461 st
->random
->generate(st
->random
->st
,NONCELEN
,st
->localN
);
462 return generate_msg(st
,LABEL_MSG1
,"site:MSG1");
465 static bool_t
process_msg1(struct site
*st
, struct buffer_if
*msg1
,
466 const struct comm_addr
*src
)
470 /* We've already determined we're in an appropriate state to
471 process an incoming MSG1, and that the MSG1 has correct values
474 if (!unpick_msg(st
,LABEL_MSG1
,msg1
,&m
)) return False
;
476 transport_record_peer(st
,&st
->setup_peers
,src
,"msg1");
477 st
->setup_session_id
=m
.source
;
478 memcpy(st
->remoteN
,m
.nR
,NONCELEN
);
482 static bool_t
generate_msg2(struct site
*st
)
484 st
->random
->generate(st
->random
->st
,NONCELEN
,st
->localN
);
485 return generate_msg(st
,LABEL_MSG2
,"site:MSG2");
488 static bool_t
process_msg2(struct site
*st
, struct buffer_if
*msg2
,
489 const struct comm_addr
*src
)
494 if (!unpick_msg(st
,LABEL_MSG2
,msg2
,&m
)) return False
;
495 if (!check_msg(st
,LABEL_MSG2
,&m
,&err
)) {
496 slog(st
,LOG_SEC
,"msg2: %s",err
);
499 st
->setup_session_id
=m
.source
;
500 memcpy(st
->remoteN
,m
.nR
,NONCELEN
);
504 static bool_t
generate_msg3(struct site
*st
)
506 /* Now we have our nonce and their nonce. Think of a secret key,
507 and create message number 3. */
508 st
->random
->generate(st
->random
->st
,st
->dh
->len
,st
->dhsecret
);
509 return generate_msg(st
,LABEL_MSG3
,"site:MSG3");
512 static bool_t
process_msg3(struct site
*st
, struct buffer_if
*msg3
,
513 const struct comm_addr
*src
)
520 if (!unpick_msg(st
,LABEL_MSG3
,msg3
,&m
)) return False
;
521 if (!check_msg(st
,LABEL_MSG3
,&m
,&err
)) {
522 slog(st
,LOG_SEC
,"msg3: %s",err
);
526 /* Check signature and store g^x mod m */
527 hash
=safe_malloc(st
->hash
->len
, "process_msg3");
528 hst
=st
->hash
->init();
529 st
->hash
->update(hst
,m
.hashstart
,m
.hashlen
);
530 st
->hash
->final(hst
,hash
);
531 /* Terminate signature with a '0' - cheating, but should be ok */
533 if (!st
->pubkey
->check(st
->pubkey
->st
,hash
,st
->hash
->len
,m
.sig
)) {
534 slog(st
,LOG_SEC
,"msg3 signature failed check!");
540 /* Terminate their DH public key with a '0' */
542 /* Invent our DH secret key */
543 st
->random
->generate(st
->random
->st
,st
->dh
->len
,st
->dhsecret
);
545 /* Generate the shared key */
546 st
->dh
->makeshared(st
->dh
->st
,st
->dhsecret
,st
->dh
->len
,m
.pk
,
547 st
->sharedsecret
,st
->transform
->keylen
);
549 /* Set up the transform */
550 st
->new_transform
->setkey(st
->new_transform
->st
,st
->sharedsecret
,
551 st
->transform
->keylen
);
556 static bool_t
generate_msg4(struct site
*st
)
558 /* We have both nonces, their public key and our private key. Generate
559 our public key, sign it and send it to them. */
560 return generate_msg(st
,LABEL_MSG4
,"site:MSG4");
563 static bool_t
process_msg4(struct site
*st
, struct buffer_if
*msg4
,
564 const struct comm_addr
*src
)
571 if (!unpick_msg(st
,LABEL_MSG4
,msg4
,&m
)) return False
;
572 if (!check_msg(st
,LABEL_MSG4
,&m
,&err
)) {
573 slog(st
,LOG_SEC
,"msg4: %s",err
);
577 /* Check signature and store g^x mod m */
578 hash
=safe_malloc(st
->hash
->len
, "process_msg4");
579 hst
=st
->hash
->init();
580 st
->hash
->update(hst
,m
.hashstart
,m
.hashlen
);
581 st
->hash
->final(hst
,hash
);
582 /* Terminate signature with a '0' - cheating, but should be ok */
584 if (!st
->pubkey
->check(st
->pubkey
->st
,hash
,st
->hash
->len
,m
.sig
)) {
585 slog(st
,LOG_SEC
,"msg4 signature failed check!");
591 /* Terminate their DH public key with a '0' */
593 /* Generate the shared key */
594 st
->dh
->makeshared(st
->dh
->st
,st
->dhsecret
,st
->dh
->len
,m
.pk
,
595 st
->sharedsecret
,st
->transform
->keylen
);
596 /* Set up the transform */
597 st
->new_transform
->setkey(st
->new_transform
->st
,st
->sharedsecret
,
598 st
->transform
->keylen
);
609 static bool_t
unpick_msg0(struct site
*st
, struct buffer_if
*msg0
,
613 m
->dest
=buf_unprepend_uint32(msg0
);
615 m
->source
=buf_unprepend_uint32(msg0
);
617 m
->type
=buf_unprepend_uint32(msg0
);
619 /* Leaves transformed part of buffer untouched */
622 static bool_t
generate_msg5(struct site
*st
)
624 cstring_t transform_err
;
626 BUF_ALLOC(&st
->buffer
,"site:MSG5");
627 /* We are going to add four words to the message */
628 buffer_init(&st
->buffer
,st
->transform
->max_start_pad
+(4*4));
629 /* Give the netlink code an opportunity to put its own stuff in the
630 message (configuration information, etc.) */
631 buf_prepend_uint32(&st
->buffer
,LABEL_MSG5
);
632 st
->new_transform
->forwards(st
->new_transform
->st
,&st
->buffer
,
634 buf_prepend_uint32(&st
->buffer
,LABEL_MSG5
);
635 buf_prepend_uint32(&st
->buffer
,st
->index
);
636 buf_prepend_uint32(&st
->buffer
,st
->setup_session_id
);
638 st
->retries
=st
->setup_retries
;
642 static bool_t
process_msg5(struct site
*st
, struct buffer_if
*msg5
,
643 const struct comm_addr
*src
)
646 cstring_t transform_err
;
648 if (!unpick_msg0(st
,msg5
,&m
)) return False
;
650 if (st
->new_transform
->reverse(st
->new_transform
->st
,
651 msg5
,&transform_err
)) {
652 /* There's a problem */
653 slog(st
,LOG_SEC
,"process_msg5: transform: %s",transform_err
);
656 /* Buffer should now contain untransformed PING packet data */
658 if (buf_unprepend_uint32(msg5
)!=LABEL_MSG5
) {
659 slog(st
,LOG_SEC
,"MSG5/PING packet contained wrong label");
662 /* Older versions of secnet used to write some config data here
663 * which we ignore. So we don't CHECK_EMPTY */
667 static bool_t
generate_msg6(struct site
*st
)
669 cstring_t transform_err
;
671 BUF_ALLOC(&st
->buffer
,"site:MSG6");
672 /* We are going to add four words to the message */
673 buffer_init(&st
->buffer
,st
->transform
->max_start_pad
+(4*4));
674 /* Give the netlink code an opportunity to put its own stuff in the
675 message (configuration information, etc.) */
676 buf_prepend_uint32(&st
->buffer
,LABEL_MSG6
);
677 st
->new_transform
->forwards(st
->new_transform
->st
,&st
->buffer
,
679 buf_prepend_uint32(&st
->buffer
,LABEL_MSG6
);
680 buf_prepend_uint32(&st
->buffer
,st
->index
);
681 buf_prepend_uint32(&st
->buffer
,st
->setup_session_id
);
683 st
->retries
=1; /* Peer will retransmit MSG5 if this packet gets lost */
687 static bool_t
process_msg6(struct site
*st
, struct buffer_if
*msg6
,
688 const struct comm_addr
*src
)
691 cstring_t transform_err
;
693 if (!unpick_msg0(st
,msg6
,&m
)) return False
;
695 if (st
->new_transform
->reverse(st
->new_transform
->st
,
696 msg6
,&transform_err
)) {
697 /* There's a problem */
698 slog(st
,LOG_SEC
,"process_msg6: transform: %s",transform_err
);
701 /* Buffer should now contain untransformed PING packet data */
703 if (buf_unprepend_uint32(msg6
)!=LABEL_MSG6
) {
704 slog(st
,LOG_SEC
,"MSG6/PONG packet contained invalid data");
707 /* Older versions of secnet used to write some config data here
708 * which we ignore. So we don't CHECK_EMPTY */
712 static bool_t
decrypt_msg0(struct site
*st
, struct buffer_if
*msg0
)
714 cstring_t transform_err
;
718 if (!unpick_msg0(st
,msg0
,&m
)) return False
;
720 problem
= st
->current_transform
->reverse(st
->current_transform
->st
,
721 msg0
,&transform_err
);
722 if (!problem
) return True
;
724 slog(st
,LOG_SEC
,"transform: %s",transform_err
);
725 initiate_key_setup(st
,"incoming message would not decrypt");
729 static bool_t
process_msg0(struct site
*st
, struct buffer_if
*msg0
,
730 const struct comm_addr
*src
)
734 if (!decrypt_msg0(st
,msg0
))
738 type
=buf_unprepend_uint32(msg0
);
741 /* We must forget about the current session. */
742 delete_key(st
,"request from peer",LOG_SEC
);
745 /* Deliver to netlink layer */
746 st
->netlink
->deliver(st
->netlink
->st
,msg0
);
747 transport_data_msgok(st
,src
);
748 /* See whether we should start negotiating a new key */
749 if (st
->now
> st
->renegotiate_key_time
)
750 initiate_key_setup(st
,"incoming packet in renegotiation window");
753 slog(st
,LOG_SEC
,"incoming encrypted message of type %08x "
760 static void dump_packet(struct site
*st
, struct buffer_if
*buf
,
761 const struct comm_addr
*addr
, bool_t incoming
)
763 uint32_t dest
=ntohl(*(uint32_t *)buf
->start
);
764 uint32_t source
=ntohl(*(uint32_t *)(buf
->start
+4));
765 uint32_t msgtype
=ntohl(*(uint32_t *)(buf
->start
+8));
767 if (st
->log_events
& LOG_DUMP
)
768 slilog(st
->log
,M_DEBUG
,"%s: %s: %08x<-%08x: %08x:",
769 st
->tunname
,incoming?
"incoming":"outgoing",
770 dest
,source
,msgtype
);
773 static uint32_t site_status(void *st
)
778 static bool_t
send_msg(struct site
*st
)
781 transport_xmit(st
, &st
->setup_peers
, &st
->buffer
, True
);
782 st
->timeout
=st
->now
+st
->setup_retry_interval
;
786 slog(st
,LOG_SETUP_TIMEOUT
,"timed out sending key setup packet "
787 "(in state %s)",state_name(st
->state
));
788 enter_state_wait(st
);
793 static void site_resolve_callback(void *sst
, struct in_addr
*address
)
796 struct comm_addr ca_buf
, *ca_use
;
798 if (st
->state
!=SITE_RESOLVE
) {
799 slog(st
,LOG_UNEXPECTED
,"site_resolve_callback called unexpectedly");
804 ca_buf
.comm
=st
->comms
[0];
805 ca_buf
.sin
.sin_family
=AF_INET
;
806 ca_buf
.sin
.sin_port
=htons(st
->remoteport
);
807 ca_buf
.sin
.sin_addr
=*address
;
810 slog(st
,LOG_ERROR
,"resolution of %s failed",st
->address
);
813 if (transport_compute_setupinit_peers(st
,ca_use
)) {
814 enter_new_state(st
,SITE_SENTMSG1
);
816 /* Can't figure out who to try to to talk to */
817 slog(st
,LOG_SETUP_INIT
,"key exchange failed: cannot find peer address");
822 static bool_t
initiate_key_setup(struct site
*st
, cstring_t reason
)
824 if (st
->state
!=SITE_RUN
) return False
;
825 slog(st
,LOG_SETUP_INIT
,"initiating key exchange (%s)",reason
);
827 slog(st
,LOG_SETUP_INIT
,"resolving peer address");
828 return enter_state_resolve(st
);
829 } else if (transport_compute_setupinit_peers(st
,0)) {
830 return enter_new_state(st
,SITE_SENTMSG1
);
832 slog(st
,LOG_SETUP_INIT
,"key exchange failed: no address for peer");
836 static void activate_new_key(struct site
*st
)
838 struct transform_inst_if
*t
;
840 /* We have two transform instances, which we swap between active
842 t
=st
->current_transform
;
843 st
->current_transform
=st
->new_transform
;
848 st
->current_valid
=True
;
849 st
->current_key_timeout
=st
->now
+st
->key_lifetime
;
850 st
->renegotiate_key_time
=st
->now
+st
->key_renegotiate_time
;
851 transport_peers_copy(st
,&st
->peers
,&st
->setup_peers
);
852 st
->remote_session_id
=st
->setup_session_id
;
854 slog(st
,LOG_ACTIVATE_KEY
,"new key activated");
858 static void delete_key(struct site
*st
, cstring_t reason
, uint32_t loglevel
)
860 if (st
->current_valid
) {
861 slog(st
,loglevel
,"session closed (%s)",reason
);
863 st
->current_valid
=False
;
864 st
->current_transform
->delkey(st
->current_transform
->st
);
865 st
->current_key_timeout
=0;
866 set_link_quality(st
);
870 static void state_assert(struct site
*st
, bool_t ok
)
872 if (!ok
) fatal("site:state_assert");
875 static void enter_state_stop(struct site
*st
)
879 delete_key(st
,"entering state STOP",LOG_TIMEOUT_KEY
);
880 st
->new_transform
->delkey(st
->new_transform
->st
);
883 static void set_link_quality(struct site
*st
)
886 if (st
->current_valid
)
887 quality
=LINK_QUALITY_UP
;
888 else if (st
->state
==SITE_WAIT
|| st
->state
==SITE_STOP
)
889 quality
=LINK_QUALITY_DOWN
;
890 else if (st
->address
)
891 quality
=LINK_QUALITY_DOWN_CURRENT_ADDRESS
;
892 else if (transport_peers_valid(&st
->peers
))
893 quality
=LINK_QUALITY_DOWN_STALE_ADDRESS
;
895 quality
=LINK_QUALITY_DOWN
;
897 st
->netlink
->set_quality(st
->netlink
->st
,quality
);
900 static void enter_state_run(struct site
*st
)
902 slog(st
,LOG_STATE
,"entering state RUN");
906 st
->setup_session_id
=0;
907 transport_peers_clear(st
,&st
->setup_peers
);
908 memset(st
->localN
,0,NONCELEN
);
909 memset(st
->remoteN
,0,NONCELEN
);
910 st
->new_transform
->delkey(st
->new_transform
->st
);
911 memset(st
->dhsecret
,0,st
->dh
->len
);
912 memset(st
->sharedsecret
,0,st
->transform
->keylen
);
913 set_link_quality(st
);
916 static bool_t
enter_state_resolve(struct site
*st
)
918 state_assert(st
,st
->state
==SITE_RUN
);
919 slog(st
,LOG_STATE
,"entering state RESOLVE");
920 st
->state
=SITE_RESOLVE
;
921 st
->resolver
->request(st
->resolver
->st
,st
->address
,
922 site_resolve_callback
,st
);
926 static bool_t
enter_new_state(struct site
*st
, uint32_t next
)
928 bool_t (*gen
)(struct site
*st
);
931 slog(st
,LOG_STATE
,"entering state %s",state_name(next
));
934 state_assert(st
,st
->state
==SITE_RUN
|| st
->state
==SITE_RESOLVE
);
938 state_assert(st
,st
->state
==SITE_RUN
|| st
->state
==SITE_RESOLVE
||
939 st
->state
==SITE_SENTMSG1
|| st
->state
==SITE_WAIT
);
943 state_assert(st
,st
->state
==SITE_SENTMSG1
);
944 BUF_FREE(&st
->buffer
);
948 state_assert(st
,st
->state
==SITE_SENTMSG2
);
949 BUF_FREE(&st
->buffer
);
953 state_assert(st
,st
->state
==SITE_SENTMSG3
);
954 BUF_FREE(&st
->buffer
);
958 state_assert(st
,st
->state
==SITE_SENTMSG4
);
959 BUF_FREE(&st
->buffer
);
964 fatal("enter_new_state(%s): invalid new state",state_name(next
));
968 if (hacky_par_start_failnow()) return False
;
970 r
= gen(st
) && send_msg(st
);
973 st
->setup_retries
, st
->setup_retry_interval
,
978 if (next
==SITE_RUN
) {
979 BUF_FREE(&st
->buffer
); /* Never reused */
980 st
->timeout
=0; /* Never retransmit */
981 activate_new_key(st
);
985 slog(st
,LOG_ERROR
,"error entering state %s",state_name(next
));
986 st
->buffer
.free
=False
; /* Unconditionally use the buffer; it may be
987 in either state, and enter_state_wait() will
989 enter_state_wait(st
);
993 /* msg7 tells our peer that we're about to forget our key */
994 static bool_t
send_msg7(struct site
*st
, cstring_t reason
)
996 cstring_t transform_err
;
998 if (st
->current_valid
&& st
->buffer
.free
999 && transport_peers_valid(&st
->peers
)) {
1000 BUF_ALLOC(&st
->buffer
,"site:MSG7");
1001 buffer_init(&st
->buffer
,st
->transform
->max_start_pad
+(4*3));
1002 buf_append_uint32(&st
->buffer
,LABEL_MSG7
);
1003 buf_append_string(&st
->buffer
,reason
);
1004 st
->current_transform
->forwards(st
->current_transform
->st
,
1005 &st
->buffer
, &transform_err
);
1006 buf_prepend_uint32(&st
->buffer
,LABEL_MSG0
);
1007 buf_prepend_uint32(&st
->buffer
,st
->index
);
1008 buf_prepend_uint32(&st
->buffer
,st
->remote_session_id
);
1009 transport_xmit(st
,&st
->peers
,&st
->buffer
,True
);
1010 BUF_FREE(&st
->buffer
);
1016 /* We go into this state if our peer becomes uncommunicative. Similar to
1017 the "stop" state, we forget all session keys for a while, before
1018 re-entering the "run" state. */
1019 static void enter_state_wait(struct site
*st
)
1021 slog(st
,LOG_STATE
,"entering state WAIT");
1022 st
->timeout
=st
->now
+st
->wait_timeout
;
1023 st
->state
=SITE_WAIT
;
1024 set_link_quality(st
);
1025 BUF_FREE(&st
->buffer
); /* will have had an outgoing packet in it */
1026 /* XXX Erase keys etc. */
1029 static inline void site_settimeout(uint64_t timeout
, int *timeout_io
)
1032 int64_t offset
=timeout
-*now
;
1033 if (offset
<0) offset
=0;
1034 if (offset
>INT_MAX
) offset
=INT_MAX
;
1035 if (*timeout_io
<0 || offset
<*timeout_io
)
1040 static int site_beforepoll(void *sst
, struct pollfd
*fds
, int *nfds_io
,
1043 struct site
*st
=sst
;
1045 *nfds_io
=0; /* We don't use any file descriptors */
1048 /* Work out when our next timeout is. The earlier of 'timeout' or
1049 'current_key_timeout'. A stored value of '0' indicates no timeout
1051 site_settimeout(st
->timeout
, timeout_io
);
1052 site_settimeout(st
->current_key_timeout
, timeout_io
);
1054 return 0; /* success */
1057 /* NB site_afterpoll will be called before site_beforepoll is ever called */
1058 static void site_afterpoll(void *sst
, struct pollfd
*fds
, int nfds
)
1060 struct site
*st
=sst
;
1063 if (st
->timeout
&& *now
>st
->timeout
) {
1065 if (st
->state
>=SITE_SENTMSG1
&& st
->state
<=SITE_SENTMSG5
) {
1066 if (!hacky_par_start_failnow())
1068 } else if (st
->state
==SITE_WAIT
) {
1069 enter_state_run(st
);
1071 slog(st
,LOG_ERROR
,"site_afterpoll: unexpected timeout, state=%d",
1075 if (st
->current_key_timeout
&& *now
>st
->current_key_timeout
) {
1076 delete_key(st
,"maximum key life exceeded",LOG_TIMEOUT_KEY
);
1080 /* This function is called by the netlink device to deliver packets
1081 intended for the remote network. The packet is in "raw" wire
1082 format, but is guaranteed to be word-aligned. */
1083 static void site_outgoing(void *sst
, struct buffer_if
*buf
)
1085 struct site
*st
=sst
;
1086 cstring_t transform_err
;
1088 if (st
->state
==SITE_STOP
) {
1093 /* In all other states we consider delivering the packet if we have
1094 a valid key and a valid address to send it to. */
1095 if (st
->current_valid
&& transport_peers_valid(&st
->peers
)) {
1096 /* Transform it and send it */
1098 buf_prepend_uint32(buf
,LABEL_MSG9
);
1099 st
->current_transform
->forwards(st
->current_transform
->st
,
1100 buf
, &transform_err
);
1101 buf_prepend_uint32(buf
,LABEL_MSG0
);
1102 buf_prepend_uint32(buf
,st
->index
);
1103 buf_prepend_uint32(buf
,st
->remote_session_id
);
1104 transport_xmit(st
,&st
->peers
,buf
,False
);
1110 slog(st
,LOG_DROP
,"discarding outgoing packet of size %d",buf
->size
);
1112 initiate_key_setup(st
,"outgoing packet");
1115 /* This function is called by the communication device to deliver
1116 packets from our peers. */
1117 static bool_t
site_incoming(void *sst
, struct buffer_if
*buf
,
1118 const struct comm_addr
*source
)
1120 struct site
*st
=sst
;
1122 if (buf
->size
< 12) return False
;
1124 uint32_t dest
=ntohl(*(uint32_t *)buf
->start
);
1127 /* It could be for any site - it should have LABEL_MSG1 and
1128 might have our name and our peer's name in it */
1129 if (buf
->size
<(st
->setupsiglen
+8+NONCELEN
)) return False
;
1130 if (memcmp(buf
->start
+8,st
->setupsig
,st
->setupsiglen
)==0) {
1131 /* It's addressed to us. Decide what to do about it. */
1132 dump_packet(st
,buf
,source
,True
);
1133 if (st
->state
==SITE_RUN
|| st
->state
==SITE_RESOLVE
||
1134 st
->state
==SITE_WAIT
) {
1135 /* We should definitely process it */
1136 if (process_msg1(st
,buf
,source
)) {
1137 slog(st
,LOG_SETUP_INIT
,"key setup initiated by peer");
1138 enter_new_state(st
,SITE_SENTMSG2
);
1140 slog(st
,LOG_ERROR
,"failed to process incoming msg1");
1144 } else if (st
->state
==SITE_SENTMSG1
) {
1145 /* We've just sent a message 1! They may have crossed on
1146 the wire. If we have priority then we ignore the
1147 incoming one, otherwise we process it as usual. */
1148 if (st
->setup_priority
) {
1150 slog(st
,LOG_DUMP
,"crossed msg1s; we are higher "
1151 "priority => ignore incoming msg1");
1154 slog(st
,LOG_DUMP
,"crossed msg1s; we are lower "
1155 "priority => use incoming msg1");
1156 if (process_msg1(st
,buf
,source
)) {
1157 BUF_FREE(&st
->buffer
); /* Free our old message 1 */
1158 enter_new_state(st
,SITE_SENTMSG2
);
1160 slog(st
,LOG_ERROR
,"failed to process an incoming "
1161 "crossed msg1 (we have low priority)");
1167 /* The message 1 was received at an unexpected stage of the
1168 key setup. XXX POLICY - what do we do? */
1169 slog(st
,LOG_UNEXPECTED
,"unexpected incoming message 1");
1173 return False
; /* Not for us. */
1175 if (dest
==st
->index
) {
1176 /* Explicitly addressed to us */
1177 uint32_t msgtype
=ntohl(get_uint32(buf
->start
+8));
1178 if (msgtype
!=LABEL_MSG0
) dump_packet(st
,buf
,source
,True
);
1181 /* If the source is our current peer then initiate a key setup,
1182 because our peer's forgotten the key */
1183 if (get_uint32(buf
->start
+4)==st
->remote_session_id
) {
1184 initiate_key_setup(st
,"received a NAK");
1186 slog(st
,LOG_SEC
,"bad incoming NAK");
1190 process_msg0(st
,buf
,source
);
1193 /* Setup packet: should not have been explicitly addressed
1195 slog(st
,LOG_SEC
,"incoming explicitly addressed msg1");
1198 /* Setup packet: expected only in state SENTMSG1 */
1199 if (st
->state
!=SITE_SENTMSG1
) {
1200 slog(st
,LOG_UNEXPECTED
,"unexpected MSG2");
1201 } else if (process_msg2(st
,buf
,source
)) {
1202 transport_setup_msgok(st
,source
);
1203 enter_new_state(st
,SITE_SENTMSG3
);
1205 slog(st
,LOG_SEC
,"invalid MSG2");
1209 /* Setup packet: expected only in state SENTMSG2 */
1210 if (st
->state
!=SITE_SENTMSG2
) {
1211 slog(st
,LOG_UNEXPECTED
,"unexpected MSG3");
1212 } else if (process_msg3(st
,buf
,source
)) {
1213 transport_setup_msgok(st
,source
);
1214 enter_new_state(st
,SITE_SENTMSG4
);
1216 slog(st
,LOG_SEC
,"invalid MSG3");
1220 /* Setup packet: expected only in state SENTMSG3 */
1221 if (st
->state
!=SITE_SENTMSG3
) {
1222 slog(st
,LOG_UNEXPECTED
,"unexpected MSG4");
1223 } else if (process_msg4(st
,buf
,source
)) {
1224 transport_setup_msgok(st
,source
);
1225 enter_new_state(st
,SITE_SENTMSG5
);
1227 slog(st
,LOG_SEC
,"invalid MSG4");
1231 /* Setup packet: expected only in state SENTMSG4 */
1232 /* (may turn up in state RUN if our return MSG6 was lost
1233 and the new key has already been activated. In that
1234 case we should treat it as an ordinary PING packet. We
1235 can't pass it to process_msg5() because the
1236 new_transform will now be unkeyed. XXX) */
1237 if (st
->state
!=SITE_SENTMSG4
) {
1238 slog(st
,LOG_UNEXPECTED
,"unexpected MSG5");
1239 } else if (process_msg5(st
,buf
,source
)) {
1240 transport_setup_msgok(st
,source
);
1241 enter_new_state(st
,SITE_RUN
);
1243 slog(st
,LOG_SEC
,"invalid MSG5");
1247 /* Setup packet: expected only in state SENTMSG5 */
1248 if (st
->state
!=SITE_SENTMSG5
) {
1249 slog(st
,LOG_UNEXPECTED
,"unexpected MSG6");
1250 } else if (process_msg6(st
,buf
,source
)) {
1251 BUF_FREE(&st
->buffer
); /* Free message 5 */
1252 transport_setup_msgok(st
,source
);
1253 activate_new_key(st
);
1255 slog(st
,LOG_SEC
,"invalid MSG6");
1259 slog(st
,LOG_SEC
,"received message of unknown type 0x%08x",
1270 static void site_control(void *vst
, bool_t run
)
1272 struct site
*st
=vst
;
1273 if (run
) enter_state_run(st
);
1274 else enter_state_stop(st
);
1277 static void site_phase_hook(void *sst
, uint32_t newphase
)
1279 struct site
*st
=sst
;
1281 /* The program is shutting down; tell our peer */
1282 send_msg7(st
,"shutting down");
1285 static list_t
*site_apply(closure_t
*self
, struct cloc loc
, dict_t
*context
,
1288 static uint32_t index_sequence
;
1294 st
=safe_malloc(sizeof(*st
),"site_apply");
1296 st
->cl
.description
="site";
1297 st
->cl
.type
=CL_SITE
;
1299 st
->cl
.interface
=&st
->ops
;
1301 st
->ops
.control
=site_control
;
1302 st
->ops
.status
=site_status
;
1304 /* First parameter must be a dict */
1305 item
=list_elem(args
,0);
1306 if (!item
|| item
->type
!=t_dict
)
1307 cfgfatal(loc
,"site","parameter must be a dictionary\n");
1309 dict
=item
->data
.dict
;
1310 st
->localname
=dict_read_string(dict
, "local-name", True
, "site", loc
);
1311 st
->remotename
=dict_read_string(dict
, "name", True
, "site", loc
);
1313 st
->peer_mobile
=dict_read_bool(dict
,"mobile",False
,"site",loc
,False
);
1314 bool_t local_mobile
=
1315 dict_read_bool(dict
,"local-mobile",False
,"site",loc
,False
);
1317 /* Sanity check (which also allows the 'sites' file to include
1318 site() closures for all sites including our own): refuse to
1319 talk to ourselves */
1320 if (strcmp(st
->localname
,st
->remotename
)==0) {
1321 Message(M_DEBUG
,"site %s: local-name==name -> ignoring this site\n",
1323 if (st
->peer_mobile
!= local_mobile
)
1324 cfgfatal(loc
,"site","site %s's peer-mobile=%d"
1325 " but our local-mobile=%d\n",
1326 st
->localname
, st
->peer_mobile
, local_mobile
);
1330 if (st
->peer_mobile
&& local_mobile
) {
1331 Message(M_WARNING
,"site %s: site is mobile but so are we"
1332 " -> ignoring this site\n", st
->remotename
);
1337 assert(index_sequence
< 0xffffffffUL
);
1338 st
->index
= ++index_sequence
;
1339 st
->netlink
=find_cl_if(dict
,"link",CL_NETLINK
,True
,"site",loc
);
1341 list_t
*comms_cfg
=dict_lookup(dict
,"comm");
1342 if (!comms_cfg
) cfgfatal(loc
,"site","closure list \"comm\" not found\n");
1343 st
->ncomms
=list_length(comms_cfg
);
1344 st
->comms
=safe_malloc_ary(sizeof(*st
->comms
),st
->ncomms
,"comms");
1346 for (i
=0; i
<st
->ncomms
; i
++) {
1347 item_t
*item
=list_elem(comms_cfg
,i
);
1348 if (item
->type
!=t_closure
)
1349 cfgfatal(loc
,"site","comm is not a closure\n");
1350 closure_t
*cl
=item
->data
.closure
;
1351 if (cl
->type
!=CL_COMM
) cfgfatal(loc
,"site","comm closure wrong type\n");
1352 st
->comms
[i
]=cl
->interface
;
1355 st
->resolver
=find_cl_if(dict
,"resolver",CL_RESOLVER
,True
,"site",loc
);
1356 st
->log
=find_cl_if(dict
,"log",CL_LOG
,True
,"site",loc
);
1357 st
->random
=find_cl_if(dict
,"random",CL_RANDOMSRC
,True
,"site",loc
);
1359 st
->privkey
=find_cl_if(dict
,"local-key",CL_RSAPRIVKEY
,True
,"site",loc
);
1360 st
->address
=dict_read_string(dict
, "address", False
, "site", loc
);
1362 st
->remoteport
=dict_read_number(dict
,"port",True
,"site",loc
,0);
1363 else st
->remoteport
=0;
1364 st
->pubkey
=find_cl_if(dict
,"key",CL_RSAPUBKEY
,True
,"site",loc
);
1367 find_cl_if(dict
,"transform",CL_TRANSFORM
,True
,"site",loc
);
1369 st
->dh
=find_cl_if(dict
,"dh",CL_DH
,True
,"site",loc
);
1370 st
->hash
=find_cl_if(dict
,"hash",CL_HASH
,True
,"site",loc
);
1372 #define DEFAULT(D) (st->peer_mobile || local_mobile \
1373 ? DEFAULT_MOBILE_##D : DEFAULT_##D)
1374 #define CFG_NUMBER(k,D) dict_read_number(dict,(k),False,"site",loc,DEFAULT(D));
1376 st
->key_lifetime
= CFG_NUMBER("key-lifetime", KEY_LIFETIME
);
1377 st
->setup_retries
= CFG_NUMBER("setup-retries", SETUP_RETRIES
);
1378 st
->setup_retry_interval
= CFG_NUMBER("setup-timeout", SETUP_RETRY_INTERVAL
);
1379 st
->wait_timeout
= CFG_NUMBER("wait-time", WAIT_TIME
);
1381 st
->mobile_peer_expiry
= dict_read_number(
1382 dict
,"mobile-peer-expiry",False
,"site",loc
,DEFAULT_MOBILE_PEER_EXPIRY
);
1384 st
->transport_peers_max
= !st
->peer_mobile ?
1 : dict_read_number(
1385 dict
,"mobile-peers-max",False
,"site",loc
,DEFAULT_MOBILE_PEERS_MAX
);
1386 if (st
->transport_peers_max
<1 ||
1387 st
->transport_peers_max
>=MAX_MOBILE_PEERS_MAX
) {
1388 cfgfatal(loc
,"site","mobile-peers-max must be in range 1.."
1389 STRING(MAX_MOBILE_PEERS_MAX
) "\n");
1392 if (st
->key_lifetime
< DEFAULT(KEY_RENEGOTIATE_GAP
)*2)
1393 st
->key_renegotiate_time
=st
->key_lifetime
/2;
1395 st
->key_renegotiate_time
=st
->key_lifetime
-DEFAULT(KEY_RENEGOTIATE_GAP
);
1396 st
->key_renegotiate_time
=dict_read_number(
1397 dict
,"renegotiate-time",False
,"site",loc
,st
->key_renegotiate_time
);
1398 if (st
->key_renegotiate_time
> st
->key_lifetime
) {
1399 cfgfatal(loc
,"site",
1400 "renegotiate-time must be less than key-lifetime\n");
1403 st
->log_events
=string_list_to_word(dict_lookup(dict
,"log-events"),
1404 log_event_table
,"site");
1406 st
->tunname
=safe_malloc(strlen(st
->localname
)+strlen(st
->remotename
)+5,
1408 sprintf(st
->tunname
,"%s<->%s",st
->localname
,st
->remotename
);
1410 /* The information we expect to see in incoming messages of type 1 */
1411 /* fixme: lots of unchecked overflows here, but the results are only
1412 corrupted packets rather than undefined behaviour */
1413 st
->setupsiglen
=strlen(st
->remotename
)+strlen(st
->localname
)+8;
1414 st
->setupsig
=safe_malloc(st
->setupsiglen
,"site_apply");
1415 put_uint32(st
->setupsig
+0,LABEL_MSG1
);
1416 put_uint16(st
->setupsig
+4,strlen(st
->remotename
));
1417 memcpy(&st
->setupsig
[6],st
->remotename
,strlen(st
->remotename
));
1418 put_uint16(st
->setupsig
+(6+strlen(st
->remotename
)),strlen(st
->localname
));
1419 memcpy(&st
->setupsig
[8+strlen(st
->remotename
)],st
->localname
,
1420 strlen(st
->localname
));
1421 st
->setup_priority
=(strcmp(st
->localname
,st
->remotename
)>0);
1423 buffer_new(&st
->buffer
,SETUP_BUFFER_LEN
);
1425 /* We are interested in poll(), but only for timeouts. We don't have
1426 any fds of our own. */
1427 register_for_poll(st
, site_beforepoll
, site_afterpoll
, 0, "site");
1430 st
->current_valid
=False
;
1431 st
->current_key_timeout
=0;
1432 transport_peers_clear(st
,&st
->peers
);
1433 transport_peers_clear(st
,&st
->setup_peers
);
1434 /* XXX mlock these */
1435 st
->dhsecret
=safe_malloc(st
->dh
->len
,"site:dhsecret");
1436 st
->sharedsecret
=safe_malloc(st
->transform
->keylen
,"site:sharedsecret");
1438 /* We need to compute some properties of our comms */
1439 #define COMPUTE_WORST(pad) \
1440 int worst_##pad=0; \
1441 for (i=0; i<st->ncomms; i++) { \
1442 int thispad=st->comms[i]->pad; \
1443 if (thispad > worst_##pad) \
1444 worst_##pad=thispad; \
1446 COMPUTE_WORST(min_start_pad
)
1447 COMPUTE_WORST(min_end_pad
)
1449 /* We need to register the remote networks with the netlink device */
1450 st
->netlink
->reg(st
->netlink
->st
, site_outgoing
, st
,
1451 st
->transform
->max_start_pad
+(4*4)+
1452 worst_min_start_pad
,
1453 st
->transform
->max_end_pad
+worst_min_end_pad
);
1455 for (i
=0; i
<st
->ncomms
; i
++)
1456 st
->comms
[i
]->request_notify(st
->comms
[i
]->st
, st
, site_incoming
);
1458 st
->current_transform
=st
->transform
->create(st
->transform
->st
);
1459 st
->new_transform
=st
->transform
->create(st
->transform
->st
);
1461 enter_state_stop(st
);
1463 add_hook(PHASE_SHUTDOWN
,site_phase_hook
,st
);
1465 return new_closure(&st
->cl
);
1468 void site_module(dict_t
*dict
)
1470 add_closure(dict
,"site",site_apply
);
1474 /***** TRANSPORT PEERS definitions *****/
1476 static void transport_peers_debug(struct site
*st
, transport_peers
*dst
,
1477 const char *didwhat
,
1478 int nargs
, const struct comm_addr
*args
,
1483 if (!(st
->log_events
& LOG_PEER_ADDRS
))
1484 return; /* an optimisation */
1486 slog(st
, LOG_PEER_ADDRS
, "peers (%s) %s nargs=%d => npeers=%d",
1487 (dst
==&st
->peers ?
"data" :
1488 dst
==&st
->setup_peers ?
"setup" : "UNKNOWN"),
1489 didwhat
, nargs
, dst
->npeers
);
1491 for (i
=0, argp
=(void*)args
;
1493 i
++, (argp
+=stride?stride
:sizeof(*args
))) {
1494 const struct comm_addr
*ca
=(void*)argp
;
1495 slog(st
, LOG_PEER_ADDRS
, " args: addrs[%d]=%s",
1496 i
, ca
->comm
->addr_to_string(ca
->comm
->st
,ca
));
1498 for (i
=0; i
<dst
->npeers
; i
++) {
1499 struct timeval diff
;
1500 timersub(tv_now
,&dst
->peers
[i
].last
,&diff
);
1501 const struct comm_addr
*ca
=&dst
->peers
[i
].addr
;
1502 slog(st
, LOG_PEER_ADDRS
, " peers: addrs[%d]=%s T-%ld.%06ld",
1503 i
, ca
->comm
->addr_to_string(ca
->comm
->st
,ca
),
1504 (unsigned long)diff
.tv_sec
, (unsigned long)diff
.tv_usec
);
1508 static int transport_peer_compar(const void *av
, const void *bv
) {
1509 const transport_peer
*a
=av
;
1510 const transport_peer
*b
=bv
;
1511 /* put most recent first in the array */
1512 if (timercmp(&a
->last
, &b
->last
, <)) return +1;
1513 if (timercmp(&a
->last
, &b
->last
, >)) return -11;
1517 static void transport_peers_expire(struct site
*st
, transport_peers
*peers
) {
1518 /* peers must be sorted first */
1519 int previous_peers
=peers
->npeers
;
1520 struct timeval oldest
;
1521 oldest
.tv_sec
= tv_now
->tv_sec
- st
->mobile_peer_expiry
;
1522 oldest
.tv_usec
= tv_now
->tv_usec
;
1523 while (peers
->npeers
>1 &&
1524 timercmp(&peers
->peers
[peers
->npeers
-1].last
, &oldest
, <))
1526 if (peers
->npeers
!= previous_peers
)
1527 transport_peers_debug(st
,peers
,"expire", 0,0,0);
1530 static void transport_record_peer(struct site
*st
, transport_peers
*peers
,
1531 const struct comm_addr
*addr
, const char *m
) {
1532 int slot
, changed
=0;
1534 for (slot
=0; slot
<peers
->npeers
; slot
++)
1535 if (!memcmp(&peers
->peers
[slot
].addr
, addr
, sizeof(*addr
)))
1539 if (peers
->npeers
==st
->transport_peers_max
)
1540 slot
=st
->transport_peers_max
;
1542 slot
=peers
->npeers
++;
1545 peers
->peers
[slot
].addr
=*addr
;
1546 peers
->peers
[slot
].last
=*tv_now
;
1548 if (peers
->npeers
>1)
1549 qsort(peers
->peers
, peers
->npeers
,
1550 sizeof(*peers
->peers
), transport_peer_compar
);
1552 if (changed
|| peers
->npeers
!=1)
1553 transport_peers_debug(st
,peers
,m
, 1,addr
,0);
1554 transport_peers_expire(st
, peers
);
1557 static bool_t
transport_compute_setupinit_peers(struct site
*st
,
1558 const struct comm_addr
*configured_addr
/* 0 if none or not found */) {
1560 if (!configured_addr
&& !transport_peers_valid(&st
->peers
))
1563 slog(st
,LOG_SETUP_INIT
,
1564 (!configured_addr ?
"using only %d old peer address(es)"
1565 : "using configured address, and/or perhaps %d old peer address(es)"),
1568 /* Non-mobile peers havve st->peers.npeers==0 or ==1, since they
1569 * have transport_peers_max==1. The effect is that this code
1570 * always uses the configured address if supplied, or otherwise
1571 * the existing data peer if one exists; this is as desired. */
1573 transport_peers_copy(st
,&st
->setup_peers
,&st
->peers
);
1575 if (configured_addr
)
1576 transport_record_peer(st
,&st
->setup_peers
,configured_addr
,"setupinit");
1578 assert(transport_peers_valid(&st
->setup_peers
));
1582 static void transport_setup_msgok(struct site
*st
, const struct comm_addr
*a
) {
1583 if (st
->peer_mobile
)
1584 transport_record_peer(st
,&st
->setup_peers
,a
,"setupmsg");
1586 static void transport_data_msgok(struct site
*st
, const struct comm_addr
*a
) {
1587 if (st
->peer_mobile
)
1588 transport_record_peer(st
,&st
->peers
,a
,"datamsg");
1591 static int transport_peers_valid(transport_peers
*peers
) {
1592 return peers
->npeers
;
1594 static void transport_peers_clear(struct site
*st
, transport_peers
*peers
) {
1596 transport_peers_debug(st
,peers
,"clear",0,0,0);
1598 static void transport_peers_copy(struct site
*st
, transport_peers
*dst
,
1599 const transport_peers
*src
) {
1600 dst
->npeers
=src
->npeers
;
1601 memcpy(dst
->peers
, src
->peers
, sizeof(*dst
->peers
) * dst
->npeers
);
1602 transport_peers_debug(st
,dst
,"copy",
1603 src
->npeers
, &src
->peers
->addr
, sizeof(*src
->peers
));
1606 void transport_xmit(struct site
*st
, transport_peers
*peers
,
1607 struct buffer_if
*buf
, bool_t candebug
) {
1609 transport_peers_expire(st
, peers
);
1610 for (slot
=0; slot
<peers
->npeers
; slot
++) {
1611 transport_peer
*peer
=&peers
->peers
[slot
];
1613 dump_packet(st
, buf
, &peer
->addr
, False
);
1614 peer
->addr
.comm
->sendmsg(peer
->addr
.comm
->st
, buf
, &peer
->addr
);
1618 /***** END of transport peers declarations *****/