static void onPingResponse(enum SwitchPinger_Result result,
uint64_t label,
String* data,
uint32_t millisecondsLag,
uint32_t version,
void* onResponseContext)
{
if (SwitchPinger_Result_OK != result) {
return;
}
struct IFCPeer* ep = Identity_cast((struct IFCPeer*) onResponseContext);
struct Context* ic = ifcontrollerForPeer(ep);
struct Address addr;
Bits_memset(&addr, 0, sizeof(struct Address));
Bits_memcpyConst(addr.key, CryptoAuth_getHerPublicKey(ep->cryptoAuthIf), 32);
addr.path = ep->switchLabel;
Log_debug(ic->logger, "got switch pong from node with version [%d]", version);
RouterModule_addNode(ic->routerModule, &addr, version);
#ifdef Log_DEBUG
// This will be false if it times out.
//Assert_true(label == ep->switchLabel);
uint8_t path[20];
AddrTools_printPath(path, label);
uint8_t sl[20];
AddrTools_printPath(sl, ep->switchLabel);
Log_debug(ic->logger, "Received [%s] from lazy endpoint [%s] [%s]",
SwitchPinger_resultString(result)->bytes, path, sl);
#endif
}
static void udpConnectTo(String* connectToAddress,
Dict* config,
struct UDPInterface* udpContext,
struct Context* ctx)
{
String* password = Dict_getString(config, BSTR("password"));
int64_t* authType = Dict_getInt(config, BSTR("authType"));
String* publicKey = Dict_getString(config, BSTR("publicKey"));
int64_t* trust = Dict_getInt(config, BSTR("trust"));
#define FAIL_IF_NULL(cannotBeNull, fieldName) \
if (!cannotBeNull) { \
fprintf(stderr, \
"interfaces.UDPInterface['%s']." fieldName " is not set, " \
"this field is mandatory.\n", \
connectToAddress->bytes); \
exit(-1); \
}
FAIL_IF_NULL(password, "password")
FAIL_IF_NULL(authType, "authType")
FAIL_IF_NULL(publicKey, "publicKey")
FAIL_IF_NULL(trust, "trust")
#undef FAIL_IF_NULL
#define CHECK_RANGE(number, min, max) \
if (number < min || number > max) { \
fprintf(stderr, \
"interfaces.UDPInterface['%s'].number must be between min and max\n", \
connectToAddress->bytes); \
exit(-1); \
}
CHECK_RANGE(*authType, 1, 255)
CHECK_RANGE(*trust, 0, INT64_MAX)
#undef CHECK_RANGE
uint8_t pkBytes[32];
if (publicKey->len < 52 || Base32_decode(pkBytes, 32, (uint8_t*)publicKey->bytes, 52) != 32) {
fprintf(stderr,
"interfaces.UDPInterface['%s'].publicKey could not be parsed.\n",
connectToAddress->bytes);
exit(-1);
}
uint8_t addressBytes[16];
AddressCalc_addressForPublicKey(addressBytes, pkBytes);
if (addressBytes[0] != 0xFC) {
fprintf(stderr,
"interfaces.UDPInterface['%s'].publicKey\n( %s )\nis not in FC00/8 range, "
"it was probably mistranscribed.\n",
connectToAddress->bytes,
publicKey->bytes);
exit(-1);
}
struct Interface* udp =
UDPInterface_addEndpoint(udpContext, connectToAddress->bytes, ctx->eHandler);
struct Interface* authedUdp = CryptoAuth_wrapInterface(udp, pkBytes, false, true, ctx->ca);
CryptoAuth_setAuth(password, *authType, authedUdp);
uint64_t switchAddr_be;
SwitchCore_addInterface(authedUdp, *trust, &switchAddr_be, ctx->switchCore);
struct Address addr;
memset(&addr, 0, sizeof(struct Address));
memcpy(addr.key, pkBytes, 32);
addr.networkAddress_be = switchAddr_be;
RouterModule_addNode(&addr, ctx->routerModule);
}
static inline int incomingFromRouter(struct Message* message,
struct Ducttape_MessageHeader* dtHeader,
struct SessionManager_Session* session,
struct Ducttape_pvt* context)
{
uint8_t* pubKey = CryptoAuth_getHerPublicKey(&session->iface);
if (!validEncryptedIP6(message)) {
// Not valid cjdns IPv6, we'll try it as an IPv4 or ICANN-IPv6 packet
// and check if we have an agreement with the node who sent it.
Message_shift(message, IpTunnel_PacketInfoHeader_SIZE);
struct IpTunnel_PacketInfoHeader* header =
(struct IpTunnel_PacketInfoHeader*) message->bytes;
uint8_t* addr = session->ip6;
Bits_memcpyConst(header->nodeIp6Addr, addr, 16);
Bits_memcpyConst(header->nodeKey, pubKey, 32);
struct Interface* ipTun = &context->ipTunnel->nodeInterface;
return ipTun->sendMessage(message, ipTun);
}
struct Address srcAddr = {
.path = Endian_bigEndianToHost64(dtHeader->switchHeader->label_be)
};
Bits_memcpyConst(srcAddr.key, pubKey, 32);
//Log_debug(context->logger, "Got message from router.\n");
int ret = core(message, dtHeader, session, context);
struct Node* n = RouterModule_getNode(srcAddr.path, context->routerModule);
if (!n) {
Address_getPrefix(&srcAddr);
RouterModule_addNode(context->routerModule, &srcAddr, session->version);
} else {
n->reach += 1;
RouterModule_updateReach(n, context->routerModule);
}
return ret;
}
static uint8_t incomingFromCryptoAuth(struct Message* message, struct Interface* iface)
{
struct Ducttape_pvt* context = Identity_cast((struct Ducttape_pvt*) iface->receiverContext);
struct Ducttape_MessageHeader* dtHeader = getDtHeader(message, false);
enum Ducttape_SessionLayer layer = dtHeader->layer;
dtHeader->layer = Ducttape_SessionLayer_INVALID;
struct SessionManager_Session* session =
SessionManager_sessionForHandle(dtHeader->receiveHandle, context->sm);
if (!session) {
// This should never happen but there's no strong preventitive.
Log_info(context->logger, "SESSION DISAPPEARED!");
return 0;
}
// If the packet came from a new session, put the send handle in the session.
if (CryptoAuth_getState(iface) < CryptoAuth_ESTABLISHED) {
// If this is true then the incoming message is definitely a handshake.
if (message->length < 4) {
debugHandles0(context->logger, session, "runt");
return Error_INVALID;
}
if (layer == Ducttape_SessionLayer_OUTER) {
#ifdef Version_2_COMPAT
if (dtHeader->currentSessionVersion >= 3) {
session->version = dtHeader->currentSessionVersion;
#endif
Message_pop(message, &session->sendHandle_be, 4);
#ifdef Version_2_COMPAT
} else {
session->sendHandle_be = dtHeader->currentSessionSendHandle_be;
}
#endif
} else {
// inner layer, always grab the handle
Message_pop(message, &session->sendHandle_be, 4);
debugHandles0(context->logger, session, "New session, incoming layer3");
}
}
switch (layer) {
case Ducttape_SessionLayer_OUTER:
return incomingFromRouter(message, dtHeader, session, context);
case Ducttape_SessionLayer_INNER:
return incomingForMe(message, dtHeader, session, context,
CryptoAuth_getHerPublicKey(iface));
default:
Assert_always(false);
}
// never reached.
return 0;
}
static uint8_t outgoingFromCryptoAuth(struct Message* message, struct Interface* iface)
{
struct Ducttape_pvt* context = Identity_cast((struct Ducttape_pvt*) iface->senderContext);
struct Ducttape_MessageHeader* dtHeader = getDtHeader(message, false);
struct SessionManager_Session* session =
SessionManager_sessionForHandle(dtHeader->receiveHandle, context->sm);
enum Ducttape_SessionLayer layer = dtHeader->layer;
dtHeader->layer = Ducttape_SessionLayer_INVALID;
if (!session) {
// This should never happen but there's no strong preventitive.
Log_info(context->logger, "SESSION DISAPPEARED!");
return 0;
}
if (layer == Ducttape_SessionLayer_OUTER) {
return sendToSwitch(message, dtHeader, session, context);
} else if (layer == Ducttape_SessionLayer_INNER) {
Log_debug(context->logger, "Sending layer3 message");
return outgoingFromMe(message, dtHeader, session, context);
} else {
Assert_true(0);
}
}
/**
* Handle an incoming control message from a switch.
*
* @param context the ducttape context.
* @param message the control message, this should be alligned on the beginning of the content,
* that is to say, after the end of the switch header.
* @param switchHeader the header.
* @param switchIf the interface which leads to the switch.
*/
static uint8_t handleControlMessage(struct Ducttape_pvt* context,
struct Message* message,
struct Headers_SwitchHeader* switchHeader,
struct Interface* switchIf)
{
uint8_t labelStr[20];
uint64_t label = Endian_bigEndianToHost64(switchHeader->label_be);
AddrTools_printPath(labelStr, label);
if (message->length < Control_HEADER_SIZE) {
Log_info(context->logger, "dropped runt ctrl packet from [%s]", labelStr);
return Error_NONE;
}
struct Control* ctrl = (struct Control*) message->bytes;
if (Checksum_engine(message->bytes, message->length)) {
Log_info(context->logger, "ctrl packet from [%s] with invalid checksum.", labelStr);
return Error_NONE;
}
bool pong = false;
if (ctrl->type_be == Control_ERROR_be) {
if (message->length < Control_Error_MIN_SIZE) {
Log_info(context->logger, "dropped runt error packet from [%s]", labelStr);
return Error_NONE;
}
uint64_t path = Endian_bigEndianToHost64(switchHeader->label_be);
RouterModule_brokenPath(path, context->routerModule);
uint8_t causeType = Headers_getMessageType(&ctrl->content.error.cause);
if (causeType == Headers_SwitchHeader_TYPE_CONTROL) {
if (message->length < Control_Error_MIN_SIZE + Control_HEADER_SIZE) {
Log_info(context->logger,
"error packet from [%s] containing runt cause packet",
labelStr);
return Error_NONE;
}
struct Control* causeCtrl = (struct Control*) &(&ctrl->content.error.cause)[1];
if (causeCtrl->type_be != Control_PING_be) {
Log_info(context->logger,
"error packet from [%s] caused by [%s] packet ([%u])",
labelStr,
Control_typeString(causeCtrl->type_be),
Endian_bigEndianToHost16(causeCtrl->type_be));
} else {
if (LabelSplicer_isOneHop(label)
&& ctrl->content.error.errorType_be
== Endian_hostToBigEndian32(Error_UNDELIVERABLE))
{
// this is our own InterfaceController complaining
// because the node isn't responding to pings.
return Error_NONE;
}
Log_debug(context->logger,
"error packet from [%s] in response to ping, err [%u], length: [%u].",
labelStr,
Endian_bigEndianToHost32(ctrl->content.error.errorType_be),
message->length);
// errors resulting from pings are forwarded back to the pinger.
pong = true;
}
} else if (causeType != Headers_SwitchHeader_TYPE_DATA) {
Log_info(context->logger,
"error packet from [%s] containing cause of unknown type [%u]",
labelStr, causeType);
} else {
Log_info(context->logger,
"error packet from [%s], error type [%u]",
labelStr,
Endian_bigEndianToHost32(ctrl->content.error.errorType_be));
}
} else if (ctrl->type_be == Control_PONG_be) {
pong = true;
} else if (ctrl->type_be == Control_PING_be) {
Message_shift(message, -Control_HEADER_SIZE);
if (message->length < Control_Ping_MIN_SIZE) {
Log_info(context->logger, "dropped runt ping");
return Error_INVALID;
}
struct Control_Ping* ping = (struct Control_Ping*) message->bytes;
ping->magic = Control_Pong_MAGIC;
ping->version_be = Endian_hostToBigEndian32(Version_CURRENT_PROTOCOL);
Message_shift(message, Control_HEADER_SIZE);
ctrl->type_be = Control_PONG_be;
ctrl->checksum_be = 0;
ctrl->checksum_be = Checksum_engine(message->bytes, message->length);
Message_shift(message, Headers_SwitchHeader_SIZE);
Log_info(context->logger, "got switch ping from [%s]", labelStr);
switchIf->receiveMessage(message, switchIf);
} else {
Log_info(context->logger,
"control packet of unknown type from [%s], type [%d]",
labelStr, Endian_bigEndianToHost16(ctrl->type_be));
}
if (pong && context->pub.switchPingerIf.receiveMessage) {
// Shift back over the header
Message_shift(message, Headers_SwitchHeader_SIZE);
context->pub.switchPingerIf.receiveMessage(
message, &context->pub.switchPingerIf);
}
return Error_NONE;
}
