void net_p2p(const char *listen_addr,
const char *dest_addr,
const char *port,
uint8_t protocol,
uint8_t security_level,
uint8_t conn_type,
passport_t *passport,
void (*on_connect)(netc_t *),
void (*on_secure)(netc_t *),
void (*on_disconnect)(netc_t *),
void (*on_input)(netc_t *),
void *ext_ptr)
{
pthread_t thread_p2p;
struct p2p_args *p2p_args;
netc_t *netc = NULL;
if (protocol != NET_PROTO_UDT) {
jlog(L_ERROR, "the only protocol that support p2p is UDT");
return;
}
netc = net_connection_new(security_level);
if (netc == NULL) {
jlog(L_ERROR, "unable to initialize connection");
return;
}
netc->on_connect = on_connect;
netc->on_secure = on_secure;
netc->on_disconnect = on_disconnect;
netc->on_input = on_input;
netc->conn_type = conn_type;
netc->protocol = protocol;
netc->security_level = security_level;
netc->ext_ptr = ext_ptr;
if (security_level > NET_UNSECURE)
krypt_add_passport(netc->kconn, passport);
p2p_args = (struct p2p_args *)calloc(1, sizeof(struct p2p_args));
p2p_args->listen_addr = strdup(listen_addr);
p2p_args->dest_addr = strdup(dest_addr);
p2p_args->port[0] = strdup(port);
p2p_args->port[1] = strdup("443");
p2p_args->port[2] = strdup("80");
p2p_args->on_connect = net_p2p_on_connect;
p2p_args->on_disconnect = net_on_disconnect;
p2p_args->on_input = net_on_input;
p2p_args->ext_ptr = netc;
pthread_create(&thread_p2p, NULL, udtbus_rendezvous, (void *)p2p_args);
pthread_detach(thread_p2p);
return;
}
netc_t *net_server(const char *listen_addr,
const char *port,
uint8_t protocol,
uint8_t security_level,
passport_t *passport,
void (*on_connect)(netc_t *),
void (*on_disconnect)(netc_t *),
void (*on_input)(netc_t *),
void (*on_secure)(netc_t *))
{
netc_t *netc = NULL;
netc = net_connection_new(security_level);
if (netc == NULL) {
jlog(L_NOTICE, "server initialization failed");
return NULL;
}
netc->on_secure = on_secure;
netc->on_connect = on_connect;
netc->on_disconnect = on_disconnect;
netc->on_input = on_input;
netc->conn_type = NET_SERVER;
netc->protocol = protocol;
netc->security_level = security_level;
netc->conn_type = NET_SERVER;
if (security_level > NET_UNSECURE)
krypt_add_passport(netc->kconn, passport);
switch (protocol) {
#ifdef __linux__
case NET_PROTO_TCP:
netc->peer = tcpbus_server(listen_addr, port,
net_on_connect, net_on_disconnect,
net_on_input, netc);
break;
#endif
case NET_PROTO_UDT:
netc->peer = udtbus_server(listen_addr, port,
net_on_connect, net_on_disconnect,
net_on_input, netc);
break;
default:
jlog(L_NOTICE, "unknown protocol specified");
net_connection_free(netc);
return NULL;
}
if (netc->peer == NULL) {
jlog(L_NOTICE, "server initialization failed");
net_connection_free(netc);
return NULL;
}
return netc;
}
/* Authentication Request from the node */
int
authRequest(struct session *session, DNDSMessage_t *req_msg)
{
char *certName = NULL;
size_t length = 0;
struct session *old_session = NULL;
if (session->state != SESSION_STATE_NOT_AUTHED) {
jlog(L_WARNING, "authRequest duplicate");
return -1;
}
DNDSMessage_t *msg = NULL;
DNDSMessage_new(&msg);
DNDSMessage_set_channel(msg, 0);
DNDSMessage_set_pdu(msg, pdu_PR_dnm);
DNMessage_set_seqNumber(msg, 1);
DNMessage_set_ackNumber(msg, 0);
DNMessage_set_operation(msg, dnop_PR_authResponse);
AuthRequest_get_certName(req_msg, &certName, &length);
jlog(L_DEBUG, "URI:%s", certName);
session->node_info = cn2node_info(certName);
if (session->node_info == NULL) {
jlog(L_WARNING, "cn2node_info failed");
DNDSMessage_del(msg);
return -1;
}
// jlog(L_DEBUG, "type: %s", session->node_info->type);
jlog(L_DEBUG, "uuid: %s", session->node_info->uuid);
jlog(L_DEBUG, "network_uuid: %s", session->node_info->network_uuid);
jlog(L_DEBUG, "network_id: %s", session->node_info->network_id);
jlog(L_DEBUG, "v: %d", session->node_info->v);
if (session->node_info->v == 1) {
session->vnetwork = vnetwork_lookup_id(session->node_info->network_id);
if (session->vnetwork != NULL) {
strncpy(session->node_info->network_uuid, session->vnetwork->uuid, 36);
session->node_info->network_uuid[36] = '\0';
}
} else
session->vnetwork = vnetwork_lookup(session->node_info->network_uuid);
if (session->vnetwork == NULL) {
AuthResponse_set_result(msg, DNDSResult_noRight);
net_send_msg(session->netc, msg);
DNDSMessage_del(msg);
return -1;
}
/* check if the node's uuid is known
if (ctable_find(session->context->atable, session->node_info->uuid) == NULL) {
AuthResponse_set_result(msg, DNDSResult_noRight);
net_send_msg(session->netc, msg);
DNDSMessage_del(msg);
jlog(L_ERROR, "authentication failed, invalid certificate");
return -1;
}
*/
/* check if the node is already connected */
old_session = ctable_find(session->vnetwork->ctable, session->node_info->uuid);
// if (old_session == NULL) {
ctable_insert(session->vnetwork->ctable, session->node_info->uuid, session);
/*
} else {
// that node is already connected, if the new session is from the same IP
// disconnect the old session, and let this one connect
if (old_session->ip == NULL) {
net_disconnect(old_session->netc);
ctable_insert(session->vnetwork->ctable, session->node_info->uuid, session);
} else if (strcmp(old_session->ip, session->ip) == 0) {
net_disconnect(old_session->netc);
ctable_insert(session->vnetwork->ctable, session->node_info->uuid, session);
}
}
*/
session->cert_name = strdup(certName);
if (session->netc->security_level == NET_UNSECURE) {
AuthResponse_set_result(msg, DNDSResult_success);
net_send_msg(session->netc, msg);
session->state = SESSION_STATE_AUTHED;
session->netc->on_secure(session->netc);
} else {
AuthResponse_set_result(msg, DNDSResult_secureStepUp);
net_send_msg(session->netc, msg);
krypt_add_passport(session->netc->kconn, session->vnetwork->passport);
session->state = SESSION_STATE_WAIT_STEPUP;
net_step_up(session->netc);
}
DNDSMessage_del(msg);
return 0;
}
netc_t *net_client(const char *listen_addr,
const char *port,
uint8_t protocol,
uint8_t security_level,
passport_t *passport,
void (*on_disconnect)(netc_t *),
void (*on_input)(netc_t *),
void (*on_secure)(netc_t *))
{
int ret = 0;
netc_t *netc = NULL;
netc = net_connection_new(security_level);
if (netc == NULL) {
return NULL;
}
netc->protocol = protocol;
netc->on_secure = on_secure;
netc->on_disconnect = on_disconnect;
netc->on_input = on_input;
netc->conn_type = NET_CLIENT;
netc->security_level = security_level;
if (security_level > NET_UNSECURE)
krypt_add_passport(netc->kconn, passport);
switch (protocol) {
#ifdef __linux__
case NET_PROTO_TCP:
netc->peer = tcpbus_client(listen_addr, port,
net_on_disconnect, net_on_input);
break;
#endif
case NET_PROTO_UDT:
netc->peer = udtbus_client(listen_addr, port,
net_on_disconnect, net_on_input);
break;
default:
jlog(L_NOTICE, "net> unknown protocol specified");
net_connection_free(netc);
return NULL;
}
if (netc->peer == NULL) {
jlog(L_NOTICE, "Unable to connect to %s:%s", listen_addr, port);
net_connection_free(netc);
return NULL;
}
netc->peer->ext_ptr = netc;
if (security_level > NET_UNSECURE) {
// FIXME net and krypt should share constants
int krypt_security_level;
if (netc->security_level == NET_SECURE_ADH)
krypt_security_level = KRYPT_ADH;
else
krypt_security_level = KRYPT_RSA;
ret = krypt_secure_connection(netc->kconn, KRYPT_TLS, KRYPT_CLIENT, krypt_security_level);
if (ret < 0) {
jlog(L_NOTICE, "securing client connection failed");
net_connection_free(netc);
return NULL;
}
krypt_do_handshake(netc->kconn, NULL, 0);
net_do_krypt(netc);
}
return netc;
}
