/**
* gnutls_session_ticket_key_generate:
* @key: is a pointer to a #gnutls_datum_t which will contain a newly
* created key.
*
* Generate a random key to encrypt security parameters within
* SessionTicket.
*
* Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, or an
* error code.
*
* Since: 2.10.0
**/
int gnutls_session_ticket_key_generate(gnutls_datum_t * key)
{
if (_gnutls_fips_mode_enabled()) {
int ret;
/* in FIPS140-2 mode gnutls_key_generate imposes
* some limits on allowed key size, thus it is not
* used. These limits do not affect this function as
* it does not generate a "key" but rather key material
* that includes nonces and other stuff. */
key->data = gnutls_malloc(TICKET_MASTER_KEY_SIZE);
if (key->data == NULL)
return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
key->size = TICKET_MASTER_KEY_SIZE;
ret = gnutls_rnd(GNUTLS_RND_RANDOM, key->data, key->size);
if (ret < 0) {
gnutls_free(key->data);
return ret;
}
return 0;
} else {
return gnutls_key_generate(key, TICKET_MASTER_KEY_SIZE);
}
}
void udp_server(const char* name, int port, int mtu)
{
int sock, ret;
struct sockaddr_in cli_addr;
socklen_t cli_addr_size;
char buffer[MAX_BUFFER];
priv_data_st priv;
gnutls_session_t session;
gnutls_datum_t cookie_key;
gnutls_dtls_prestate_st prestate;
unsigned char sequence[8];
ret = gnutls_key_generate(&cookie_key, GNUTLS_COOKIE_KEY_SIZE);
if (ret < 0)
{
fprintf(stderr, "Cannot generate key\n");
exit(1);
}
ret = listen_socket (name, port, SOCK_DGRAM);
if (ret < 0)
{
fprintf(stderr, "Cannot listen\n");
exit (1);
}
for (;;)
{
printf("Waiting for connection...\n");
sock = wait_for_connection();
if (sock < 0)
continue;
cli_addr_size = sizeof(cli_addr);
ret = recvfrom(sock, buffer, sizeof(buffer), MSG_PEEK, (struct sockaddr*)&cli_addr, &cli_addr_size);
if (ret > 0)
{
memset(&prestate, 0, sizeof(prestate));
ret = gnutls_dtls_cookie_verify(&cookie_key, &cli_addr, sizeof(cli_addr), buffer, ret, &prestate);
if (ret < 0) /* cookie not valid */
{
priv_data_st s;
memset(&s,0,sizeof(s));
s.fd = sock;
s.cli_addr = (void*)&cli_addr;
s.cli_addr_size = sizeof(cli_addr);
printf("Sending hello verify request to %s\n", human_addr ((struct sockaddr *)
&cli_addr, sizeof(cli_addr), buffer, sizeof(buffer)));
gnutls_dtls_cookie_send(&cookie_key, &cli_addr, sizeof(cli_addr), &prestate, (gnutls_transport_ptr_t)&s, push_func);
/* discard peeked data*/
recvfrom(sock, buffer, sizeof(buffer), 0, (struct sockaddr*)&cli_addr, &cli_addr_size);
continue;
}
printf ("Accepted connection from %s\n",
human_addr ((struct sockaddr *)
&cli_addr, sizeof(cli_addr), buffer,
sizeof (buffer)));
}
else
continue;
session = initialize_session(1);
gnutls_dtls_prestate_set(session, &prestate);
if (mtu) gnutls_dtls_set_mtu(session, mtu);
priv.session = session;
priv.fd = sock;
priv.cli_addr = (struct sockaddr *)&cli_addr;
priv.cli_addr_size = sizeof(cli_addr);
gnutls_transport_set_ptr (session, &priv);
gnutls_transport_set_push_function (session, push_func);
gnutls_transport_set_pull_function (session, pull_func);
gnutls_transport_set_pull_timeout_function (session, pull_timeout_func);
do
{
ret = gnutls_handshake(session);
}
while(ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED);
if (ret < 0)
{
fprintf(stderr, "Error in handshake(): %s\n", gnutls_strerror(ret));
gnutls_deinit(session);
continue;
}
for(;;)
{
do {
ret = gnutls_record_recv_seq(session, buffer, MAX_BUFFER, sequence);
} while(ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED);
if (ret == GNUTLS_E_REHANDSHAKE)
{
fprintf (stderr, "*** Received hello message\n");
do
{
ret = gnutls_handshake (session);
}
while (ret == GNUTLS_E_INTERRUPTED ||
ret == GNUTLS_E_AGAIN);
if (ret == 0) continue;
}
if (ret < 0)
{
fprintf(stderr, "Error in recv(): %s\n", gnutls_strerror(ret));
break;
}
if (ret == 0)
{
printf("EOF\n\n");
break;
}
buffer[ret] = 0;
printf("received[%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x]: %s\n", sequence[0], sequence[1], sequence[2],
sequence[3], sequence[4], sequence[5], sequence[6], sequence[7], buffer);
if (check_command(session, buffer) == 0)
{
/* reply back */
ret = gnutls_record_send(session, buffer, ret);
if (ret < 0)
{
fprintf(stderr, "Error in send(): %s\n", gnutls_strerror(ret));
break;
}
}
}
}
gnutls_deinit(session);
}
int
main (void)
{
int listen_sd;
int sock, ret;
struct sockaddr_in sa_serv;
struct sockaddr_in cli_addr;
socklen_t cli_addr_size;
gnutls_session_t session;
char buffer[MAX_BUFFER];
priv_data_st priv;
gnutls_datum_t cookie_key;
gnutls_dtls_prestate_st prestate;
int mtu = 1400;
unsigned char sequence[8];
/* this must be called once in the program
*/
gnutls_global_init ();
gnutls_certificate_allocate_credentials (&x509_cred);
gnutls_certificate_set_x509_trust_file (x509_cred, CAFILE,
GNUTLS_X509_FMT_PEM);
gnutls_certificate_set_x509_crl_file (x509_cred, CRLFILE,
GNUTLS_X509_FMT_PEM);
ret = gnutls_certificate_set_x509_key_file (x509_cred, CERTFILE, KEYFILE,
GNUTLS_X509_FMT_PEM);
if (ret < 0)
{
printf("No certificate or key were found\n");
exit(1);
}
generate_dh_params ();
gnutls_certificate_set_dh_params (x509_cred, dh_params);
gnutls_priority_init (&priority_cache,
"PERFORMANCE:-VERS-TLS-ALL:+VERS-DTLS1.0:%SERVER_PRECEDENCE",
NULL);
gnutls_key_generate (&cookie_key, GNUTLS_COOKIE_KEY_SIZE);
/* Socket operations
*/
listen_sd = socket (AF_INET, SOCK_DGRAM, 0);
memset (&sa_serv, '\0', sizeof (sa_serv));
sa_serv.sin_family = AF_INET;
sa_serv.sin_addr.s_addr = INADDR_ANY;
sa_serv.sin_port = htons (PORT);
{ /* DTLS requires the IP don't fragment (DF) bit to be set */
#if defined(IP_DONTFRAG)
int optval = 1;
setsockopt (listen_sd, IPPROTO_IP, IP_DONTFRAG,
(const void *) &optval, sizeof (optval));
#elif defined(IP_MTU_DISCOVER)
int optval = IP_PMTUDISC_DO;
setsockopt(listen_sd, IPPROTO_IP, IP_MTU_DISCOVER,
(const void*) &optval, sizeof (optval));
#endif
}
bind (listen_sd, (struct sockaddr *) &sa_serv, sizeof (sa_serv));
printf ("UDP server ready. Listening to port '%d'.\n\n", PORT);
for (;;)
{
printf ("Waiting for connection...\n");
sock = wait_for_connection (listen_sd);
if (sock < 0)
continue;
cli_addr_size = sizeof (cli_addr);
ret = recvfrom (sock, buffer, sizeof (buffer), MSG_PEEK,
(struct sockaddr *) &cli_addr, &cli_addr_size);
if (ret > 0)
{
memset (&prestate, 0, sizeof (prestate));
ret = gnutls_dtls_cookie_verify (&cookie_key, &cli_addr,
sizeof (cli_addr), buffer, ret,
&prestate);
if (ret < 0) /* cookie not valid */
{
priv_data_st s;
memset (&s, 0, sizeof (s));
s.fd = sock;
s.cli_addr = (void *) &cli_addr;
s.cli_addr_size = sizeof (cli_addr);
printf ("Sending hello verify request to %s\n",
human_addr ((struct sockaddr *) &cli_addr,
sizeof (cli_addr), buffer,
sizeof (buffer)));
gnutls_dtls_cookie_send (&cookie_key, &cli_addr,
sizeof (cli_addr), &prestate,
(gnutls_transport_ptr_t) & s,
push_func);
/* discard peeked data */
recvfrom (sock, buffer, sizeof (buffer), 0,
(struct sockaddr *) &cli_addr, &cli_addr_size);
usleep (100);
continue;
}
printf ("Accepted connection from %s\n",
human_addr ((struct sockaddr *)
&cli_addr, sizeof (cli_addr), buffer,
sizeof (buffer)));
}
else
continue;
session = initialize_tls_session ();
gnutls_dtls_prestate_set (session, &prestate);
gnutls_dtls_set_mtu (session, mtu);
priv.session = session;
priv.fd = sock;
priv.cli_addr = (struct sockaddr *) &cli_addr;
priv.cli_addr_size = sizeof (cli_addr);
gnutls_transport_set_ptr (session, &priv);
gnutls_transport_set_push_function (session, push_func);
gnutls_transport_set_pull_function (session, pull_func);
gnutls_transport_set_pull_timeout_function (session, pull_timeout_func);
do
{
ret = gnutls_handshake (session);
}
while (ret < 0 && gnutls_error_is_fatal (ret) == 0);
if (ret < 0)
{
fprintf (stderr, "Error in handshake(): %s\n",
gnutls_strerror (ret));
gnutls_deinit (session);
continue;
}
printf ("- Handshake was completed\n");
for (;;)
{
do
{
ret = gnutls_record_recv_seq (session, buffer, MAX_BUFFER,
sequence);
}
while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED);
if (ret < 0)
{
fprintf (stderr, "Error in recv(): %s\n",
gnutls_strerror (ret));
break;
}
if (ret == 0)
{
printf ("EOF\n\n");
break;
}
buffer[ret] = 0;
printf ("received[%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x]: %s\n",
sequence[0], sequence[1], sequence[2], sequence[3],
sequence[4], sequence[5], sequence[6], sequence[7], buffer);
/* reply back */
ret = gnutls_record_send (session, buffer, ret);
if (ret < 0)
{
fprintf (stderr, "Error in send(): %s\n",
gnutls_strerror (ret));
break;
}
}
gnutls_bye (session, GNUTLS_SHUT_WR);
gnutls_deinit (session);
}
close (listen_sd);
gnutls_certificate_free_credentials (x509_cred);
gnutls_priority_deinit (priority_cache);
gnutls_global_deinit ();
return 0;
}
static void server(int fd)
{
int ret, csend = 0;
gnutls_anon_server_credentials_t anoncred;
char buffer[MAX_BUF + 1];
gnutls_datum_t cookie_key;
gnutls_dtls_prestate_st prestate;
gnutls_session_t session;
/* this must be called once in the program
*/
global_init();
if (debug) {
gnutls_global_set_log_function(server_log_func);
gnutls_global_set_log_level(4711);
}
ret = gnutls_key_generate(&cookie_key, GNUTLS_COOKIE_KEY_SIZE);
if (ret < 0) {
fail("Cannot generate key: %s\n", gnutls_strerror(ret));
terminate();
}
gnutls_anon_allocate_server_credentials(&anoncred);
gnutls_init(&session, GNUTLS_SERVER | GNUTLS_DATAGRAM);
gnutls_handshake_set_timeout(session, 20 * 1000);
gnutls_dtls_set_mtu(session, 1500);
/* avoid calling all the priority functions, since the defaults
* are adequate.
*/
gnutls_priority_set_direct(session,
"NONE:+VERS-DTLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL",
NULL);
gnutls_credentials_set(session, GNUTLS_CRD_ANON, anoncred);
gnutls_transport_set_int(session, fd);
gnutls_transport_set_push_function(session, push);
for (;;) {
ret = recv(fd, buffer, sizeof(buffer), MSG_PEEK);
if (ret < 0) {
fail("Cannot receive data\n");
terminate();
}
memset(&prestate, 0, sizeof(prestate));
ret =
gnutls_dtls_cookie_verify(&cookie_key, CLI_ADDR,
CLI_ADDR_LEN, buffer, ret,
&prestate);
if (ret < 0) { /* cookie not valid */
if (debug)
success("Sending hello verify request\n");
ret =
gnutls_dtls_cookie_send(&cookie_key, CLI_ADDR,
CLI_ADDR_LEN,
&prestate,
(gnutls_transport_ptr_t)
(long) fd, push);
if (ret < 0) {
fail("Cannot send data\n");
terminate();
}
/* discard peeked data */
recv(fd, buffer, sizeof(buffer), 0);
csend++;
if (csend > 2) {
fail("too many cookies sent\n");
terminate();
}
continue;
}
/* success */
break;
}
gnutls_dtls_prestate_set(session, &prestate);
do {
ret = gnutls_handshake(session);
}
while (ret < 0 && gnutls_error_is_fatal(ret) == 0);
if (ret < 0) {
close(fd);
gnutls_deinit(session);
fail("server: Handshake has failed (%s)\n\n",
gnutls_strerror(ret));
terminate();
}
if (debug)
success("server: Handshake was completed\n");
if (debug)
success("server: TLS version is: %s\n",
gnutls_protocol_get_name
(gnutls_protocol_get_version(session)));
/* see the Getting peer's information example */
/* print_info(session); */
do {
ret = gnutls_record_send(session, buffer, sizeof(buffer));
} while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED);
if (ret < 0) {
close(fd);
gnutls_deinit(session);
fail("server: data sending has failed (%s)\n\n",
gnutls_strerror(ret));
terminate();
}
/* do not wait for the peer to close the connection.
*/
gnutls_bye(session, GNUTLS_SHUT_WR);
close(fd);
gnutls_deinit(session);
gnutls_anon_free_server_credentials(anoncred);
gnutls_free(cookie_key.data);
gnutls_global_deinit();
if (debug)
success("server: finished\n");
}
int dtls_gnutls_accept(struct conn *conn)
{
char sock_buf[SOCK_ADDR_BUFSIZE];
char cookie_buf[SOCK_ADDR_BUFSIZE];
struct dtls_gnutls_data *d;
uint8_t buffer[2048];
int tlen, rc;
time_t c_timer;
int bits;
gnutls_datum_t cookie_key;
gnutls_dtls_prestate_st prestate;
gnutls_key_generate(&cookie_key, GNUTLS_COOKIE_KEY_SIZE);
cw_dbg(DBG_DTLS, "Session cookie for %s generated: %s",
sock_addr2str(&conn->addr, sock_buf),
sock_hwaddrtostr((uint8_t *) (&cookie_key),
sizeof(cookie_key), cookie_buf, ""));
memset(&prestate, 0, sizeof(prestate));
tlen = dtls_gnutls_bio_read(conn, buffer, sizeof(buffer));
gnutls_dtls_cookie_send(&cookie_key, &conn->addr, sizeof(conn->addr),
&prestate, (gnutls_transport_ptr_t) conn,
dtls_gnutls_bio_write);
rc = -1;
c_timer = cw_timer_start(10);
while (!cw_timer_timeout(c_timer)) {
tlen = conn_q_recv_packet_peek(conn, buffer, sizeof(buffer));
if (tlen < 0 && errno == EAGAIN)
continue;
if (tlen < 0) {
/* something went wrong, we should log a message */
continue;
}
rc = gnutls_dtls_cookie_verify(&cookie_key,
&conn->addr,
sizeof(conn->addr), buffer + 4, tlen - 4,
&prestate);
if (rc < 0) {
cw_dbg(DBG_DTLS, "Cookie couldn't be verified: %s",
gnutls_strerror(rc));
dtls_gnutls_bio_read(conn, buffer, sizeof(buffer));
continue;
}
break;
}
if (rc < 0) {
cw_log(LOG_ERR, "Cookie couldn't be verified: %s", gnutls_strerror(rc));
return 0;
}
cw_dbg(DBG_DTLS, "Cookie verified! Starting handshake with %s ...",
sock_addr2str(&conn->addr, sock_buf));
d = dtls_gnutls_data_create(conn, GNUTLS_SERVER | GNUTLS_DATAGRAM);
if (!d)
return 0;
if (conn->dtls_psk_enable) {
gnutls_psk_server_credentials_t cred;
rc = gnutls_psk_allocate_server_credentials(&cred);
if (rc != 0) {
cw_log(LOG_ERR,"gnutls_psk_allocate_server_credentials() failed.");
}
/* GnuTLS will call psk_creds to ask for the key associated with the
client's username.*/
gnutls_psk_set_server_credentials_function(cred, psk_creds);
/* // Pass the "credentials" to the GnuTLS session. GnuTLS does NOT make an
// internal copy of the information, so we have to keep the 'cred' structure
// in memory (and not modify it) until we're done with this session.*/
rc = gnutls_credentials_set(d->session, GNUTLS_CRD_PSK, cred);
if (rc != 0) {
cw_log(LOG_ERR,"gnutls_credentials_set() failed.\n");
}
}
/* Generate Diffie-Hellman parameters - for use with DHE
* kx algorithms. When short bit length is used, it might
* be wise to regenerate parameters often.
*/
/*bits = gnutls_sec_param_to_pk_bits(GNUTLS_PK_DH, GNUTLS_SEC_PARAM_LEGACY); */
bits = conn->dtls_dhbits;
gnutls_dh_params_init(&d->dh_params);
cw_dbg(DBG_DTLS, "Generating DH params, %d", bits);
gnutls_dh_params_generate2(d->dh_params, bits);
cw_dbg(DBG_DTLS, "DH params generated, %d", bits);
gnutls_certificate_set_dh_params(d->x509_cred, d->dh_params);
gnutls_certificate_server_set_request(d->session, GNUTLS_CERT_REQUEST);
gnutls_dtls_prestate_set(d->session, &prestate);
c_timer = cw_timer_start(10);
do {
rc = gnutls_handshake(d->session);
} while (!cw_timer_timeout(c_timer) && rc == GNUTLS_E_AGAIN);
if (rc < 0) {
cw_log(LOG_ERR, "Error in handshake with %s: %s",
sock_addr2str(&conn->addr, sock_buf), gnutls_strerror(rc));
return 0;
}
cw_dbg(DBG_DTLS, "Handshake with %s successful.",
sock_addr2str(&conn->addr, sock_buf));
conn->dtls_data = d;
conn->read = dtls_gnutls_read;
conn->write = dtls_gnutls_write;
return 1;
}
static void server(int fd)
{
int ret, csend = 0;
gnutls_anon_server_credentials_t anoncred;
char buffer[MAX_BUF + 1];
gnutls_datum_t cookie_key;
gnutls_dtls_prestate_st prestate;
gnutls_session_t session;
unsigned try = 0;
/* this must be called once in the program
*/
global_init();
if (debug) {
gnutls_global_set_log_function(server_log_func);
gnutls_global_set_log_level(4711);
}
ret = gnutls_key_generate(&cookie_key, GNUTLS_COOKIE_KEY_SIZE);
if (ret < 0) {
fail("Cannot generate key: %s\n", gnutls_strerror(ret));
exit(1);
}
gnutls_anon_allocate_server_credentials(&anoncred);
gnutls_init(&session, GNUTLS_SERVER | GNUTLS_DATAGRAM);
gnutls_handshake_set_timeout(session, SERV_TIMEOUT * 1000);
gnutls_dtls_set_mtu(session, 1500);
/* avoid calling all the priority functions, since the defaults
* are adequate.
*/
gnutls_priority_set_direct(session,
"NONE:+VERS-DTLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL",
NULL);
gnutls_credentials_set(session, GNUTLS_CRD_ANON, anoncred);
gnutls_transport_set_int(session, fd);
gnutls_transport_set_push_function(session, push);
for (;;) {
ret = recv_timeout(fd, buffer, sizeof(buffer), MSG_PEEK, SERV_TIMEOUT);
if (ret < 0) {
if (try != 0) {
success("Server was terminated as expected!\n");
goto exit;
} else {
fail("Error receiving first message\n");
exit(1);
}
}
try++;
memset(&prestate, 0, sizeof(prestate));
prestate.record_seq = 105791312;
prestate.hsk_write_seq = 67166359;
ret =
gnutls_dtls_cookie_verify(&cookie_key, CLI_ADDR,
CLI_ADDR_LEN, buffer, ret,
&prestate);
if (ret < 0) { /* cookie not valid */
if (debug)
success("Sending hello verify request\n");
ret =
gnutls_dtls_cookie_send(&cookie_key, CLI_ADDR,
CLI_ADDR_LEN,
&prestate,
(gnutls_transport_ptr_t)
(long) fd, push);
if (ret < 0) {
fail("Cannot send data\n");
exit(1);
}
/* discard peeked data */
recv_timeout(fd, buffer, sizeof(buffer), 0, SERV_TIMEOUT);
csend++;
if (csend > 2) {
fail("too many cookies sent\n");
exit(1);
}
continue;
}
/* success */
break;
}
fail("Shouldn't have reached here\n");
exit(1);
exit:
gnutls_deinit(session);
gnutls_free(cookie_key.data);
gnutls_anon_free_server_credentials(anoncred);
gnutls_global_deinit();
}
/**
* gnutls_session_ticket_key_generate:
* @key: is a pointer to a #gnutls_datum_t which will contain a newly
* created key.
*
* Generate a random key to encrypt security parameters within
* SessionTicket.
*
* Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, or an
* error code.
*
* Since: 2.10.0
**/
int gnutls_session_ticket_key_generate(gnutls_datum_t * key)
{
return gnutls_key_generate(key, SESSION_KEY_SIZE);
}
