static int reconnectionNewEndpointTest(struct InterfaceController* ifController,
uint8_t* pk,
struct Message** fromSwitchPtr,
struct Allocator* alloc,
struct EventBase* eventBase,
struct Log* logger,
struct Interface* routerIf,
struct Random* rand)
{
struct Message* message;
struct Interface iface = {
.sendMessage = messageFromInterface,
.senderContext = &message,
.allocator = alloc
};
uint8_t* buffer = Allocator_malloc(alloc, 512);
struct Message* outgoing =
&(struct Message) { .length = 0, .padding = 512, .bytes = buffer + 512 };
struct CryptoAuth* externalCa = CryptoAuth_new(alloc, NULL, eventBase, logger, rand);
struct Interface* wrapped = CryptoAuth_wrapInterface(&iface, pk, NULL, false, "", externalCa);
CryptoAuth_setAuth(String_CONST("passwd"), 1, wrapped);
struct Interface icIface = {
.allocator = alloc,
.sendMessage = messageFromInterface,
.senderContext = &message
};
InterfaceController_registerPeer(ifController, NULL, NULL, true, false, &icIface);
uint8_t hexBuffer[1025];
for (int i = 0; i < 4; i++) {
outgoing->length = 0;
outgoing->padding = 512;
outgoing->bytes = buffer + 512;
Message_shift(outgoing, 12, NULL);
Bits_memcpyConst(outgoing->bytes, "hello world", 12);
Message_shift(outgoing, SwitchHeader_SIZE, NULL);
Bits_memcpyConst(outgoing->bytes, (&(struct SwitchHeader) {
.label_be = Endian_hostToBigEndian64(1),
.lowBits_be = 0
}), SwitchHeader_SIZE);
wrapped->sendMessage(outgoing, wrapped);
*fromSwitchPtr = NULL;
icIface.receiveMessage(outgoing, &icIface);
message = *fromSwitchPtr;
Assert_true(message);
Assert_true(message->length == 24);
Hex_encode(hexBuffer, 1025, message->bytes, message->length);
printf("%s\n", hexBuffer);
// Need to bounce the packets back when connecting after the first try.
// This is needed to establish the CryptoAuth session and make the InterfaceController
// merge the endpoints.
if (i > 0) {
// Reverse the bits to reverse the path:
uint64_t path;
Bits_memcpyConst(&path, message->bytes, 8);
path = Bits_bitReverse64(path);
Bits_memcpyConst(message->bytes, &path, 8);
printf("sending back response.\n");
routerIf->receiveMessage(message, routerIf);
printf("forwarding response to external cryptoAuth.\n");
iface.receiveMessage(message, &iface);
printf("forwarded.\n");
} else {
printf("not responding because we don't want to establish a connection yet.\n");
}
}
// check everything except the label
Assert_true(!CString_strcmp((char*)hexBuffer+16, "0000000068656c6c6f20776f726c6400"));
// check label: make sure the interface has been switched back into position 0.
uint64_t label_be;
Hex_decode((uint8_t*) &label_be, 8, hexBuffer, 16);
uint64_t rev_label = Bits_bitReverse64(Endian_bigEndianToHost64(label_be));
// check label is decoded to 0
Assert_true(0 == NumberCompress_getDecompressed(rev_label,
NumberCompress_bitsUsedForLabel(rev_label)));
// check no other bits are set
uint64_t out = NumberCompress_getCompressed(0, NumberCompress_bitsUsedForLabel(rev_label));
Assert_true(rev_label == out);
return 0;
}
/**
* This is called as sendMessage() by the switch.
* There is only one switch interface which sends all traffic.
* message is aligned on the beginning of the switch header.
*/
static uint8_t incomingFromSwitch(struct Message* message, struct Interface* switchIf)
{
struct Ducttape_pvt* context = Identity_cast((struct Ducttape_pvt*)switchIf->senderContext);
struct Ducttape_MessageHeader* dtHeader = getDtHeader(message, true);
struct Headers_SwitchHeader* switchHeader = (struct Headers_SwitchHeader*) message->bytes;
Message_shift(message, -Headers_SwitchHeader_SIZE);
// The label comes in reversed from the switch because the switch doesn't know that we aren't
// another switch ready to parse more bits, bit reversing the label yields the source address.
switchHeader->label_be = Bits_bitReverse64(switchHeader->label_be);
if (Headers_getMessageType(switchHeader) == Headers_SwitchHeader_TYPE_CONTROL) {
return handleControlMessage(context, message, switchHeader, switchIf);
}
if (message->length < 8) {
Log_info(context->logger, "runt");
return Error_INVALID;
}
#ifdef Version_2_COMPAT
translateVersion2(message, dtHeader);
#endif
// #1 try to get the session using the handle.
uint32_t nonceOrHandle = Endian_bigEndianToHost32(((uint32_t*)message->bytes)[0]);
struct SessionManager_Session* session = NULL;
if (nonceOrHandle > 3) {
// Run message, it's a handle.
session = SessionManager_sessionForHandle(nonceOrHandle, context->sm);
Message_shift(message, -4);
if (session) {
uint32_t nonce = Endian_bigEndianToHost32(((uint32_t*)message->bytes)[0]);
if (nonce == ~0u) {
Log_debug(context->logger, "Got connectToMe packet at switch layer");
return 0;
}
debugHandlesAndLabel(context->logger, session,
Endian_bigEndianToHost64(switchHeader->label_be),
"running session nonce[%u]",
nonce);
dtHeader->receiveHandle = nonceOrHandle;
} else {
Log_debug(context->logger, "Got message with unrecognized handle");
}
} else if (message->length >= Headers_CryptoAuth_SIZE) {
union Headers_CryptoAuth* caHeader = (union Headers_CryptoAuth*) message->bytes;
uint8_t ip6[16];
uint8_t* herKey = caHeader->handshake.publicKey;
AddressCalc_addressForPublicKey(ip6, herKey);
// a packet which claims to be "from us" causes problems
if (AddressCalc_validAddress(ip6) && Bits_memcmp(ip6, &context->myAddr, 16)) {
session = SessionManager_getSession(ip6, herKey, context->sm);
debugHandlesAndLabel(context->logger, session,
Endian_bigEndianToHost64(switchHeader->label_be),
"new session nonce[%d]", nonceOrHandle);
dtHeader->receiveHandle = Endian_bigEndianToHost32(session->receiveHandle_be);
} else {
Log_debug(context->logger, "Got message with invalid ip addr");
}
}
if (!session) {
#ifdef Log_INFO
uint8_t path[20];
AddrTools_printPath(path, Endian_bigEndianToHost64(switchHeader->label_be));
Log_info(context->logger, "Dropped traffic packet from unknown node. [%s]", path);
#endif
return 0;
}
// This is needed so that the priority and other information
// from the switch header can be passed on properly.
dtHeader->switchHeader = switchHeader;
// This goes to incomingFromCryptoAuth()
// then incomingFromRouter() then core()
dtHeader->layer = Ducttape_SessionLayer_OUTER;
if (session->iface.receiveMessage(message, &session->iface) == Error_AUTHENTICATION) {
debugHandlesAndLabel(context->logger, session,
Endian_bigEndianToHost64(switchHeader->label_be),
"Failed decrypting message NoH[%d] state[%d]",
nonceOrHandle, CryptoAuth_getState(&session->iface));
return Error_AUTHENTICATION;
}
return 0;
}
/**
* This is called as sendMessage() by the switch.
* There is only one switch interface which sends all traffic.
* message is aligned on the beginning of the switch header.
*/
static uint8_t incomingFromSwitch(struct Message* message, struct Interface* switchIf)
{
struct Ducttape* context = switchIf->senderContext;
struct Headers_SwitchHeader* switchHeader = (struct Headers_SwitchHeader*) message->bytes;
Message_shift(message, -Headers_SwitchHeader_SIZE);
// The label comes in reversed from the switch because the switch doesn't know that we aren't
// another switch ready to parse more bits, bit reversing the label yields the source address.
switchHeader->label_be = Bits_bitReverse64(switchHeader->label_be);
if (Headers_getMessageType(switchHeader) == Headers_SwitchHeader_TYPE_CONTROL) {
uint8_t labelStr[20];
uint64_t label = Endian_bigEndianToHost64(switchHeader->label_be);
AddrTools_printPath(labelStr, label);
if (message->length < Control_HEADER_SIZE) {
Log_info1(context->logger, "dropped runt ctrl packet from [%s]", labelStr);
return Error_NONE;
} else {
Log_debug1(context->logger, "ctrl packet from [%s]", labelStr);
}
struct Control* ctrl = (struct Control*) message->bytes;
bool pong = false;
if (ctrl->type_be == Control_ERROR_be) {
if (message->length < Control_Error_MIN_SIZE) {
Log_info1(context->logger, "dropped runt error packet from [%s]", labelStr);
return Error_NONE;
}
Log_info2(context->logger,
"error packet from [%s], error type [%d]",
labelStr,
Endian_bigEndianToHost32(ctrl->content.error.errorType_be));
RouterModule_brokenPath(Endian_bigEndianToHost64(switchHeader->label_be),
context->routerModule);
uint8_t causeType = Headers_getMessageType(&ctrl->content.error.cause);
if (causeType == Headers_SwitchHeader_TYPE_CONTROL) {
if (message->length < Control_Error_MIN_SIZE + Control_HEADER_SIZE) {
Log_info1(context->logger,
"error packet from [%s] containing runt cause packet",
labelStr);
return Error_NONE;
}
struct Control* causeCtrl = (struct Control*) &(&ctrl->content.error.cause)[1];
if (causeCtrl->type_be != Control_PING_be) {
Log_info3(context->logger,
"error packet from [%s] caused by [%s] packet ([%d])",
labelStr,
Control_typeString(causeCtrl->type_be),
Endian_bigEndianToHost16(causeCtrl->type_be));
} else {
Log_debug2(context->logger,
"error packet from [%s] in response to ping, length: [%d].",
labelStr,
message->length);
// errors resulting from pings are forwarded back to the pinger.
pong = true;
}
} else if (causeType != Headers_SwitchHeader_TYPE_DATA) {
Log_info1(context->logger,
"error packet from [%s] containing cause of unknown type [%d]",
labelStr);
}
} else if (ctrl->type_be == Control_PONG_be) {
pong = true;
} else if (ctrl->type_be == Control_PING_be) {
ctrl->type_be = Control_PONG_be;
Message_shift(message, Headers_SwitchHeader_SIZE);
switchIf->receiveMessage(message, switchIf);
} else {
Log_info2(context->logger,
"control packet of unknown type from [%s], type [%d]",
labelStr, Endian_bigEndianToHost16(ctrl->type_be));
}
if (pong) {
// Shift back over the header
Message_shift(message, Headers_SwitchHeader_SIZE);
context->switchPingerIf->receiveMessage(message, context->switchPingerIf);
}
return Error_NONE;
}
uint8_t* herKey = extractPublicKey(message, switchHeader->label_be, context->logger);
int herAddrIndex;
if (herKey) {
uint8_t herAddrStore[16];
AddressCalc_addressForPublicKey(herAddrStore, herKey);
if (herAddrStore[0] != 0xFC) {
Log_debug(context->logger,
"Got message from peer whose address is not in fc00::/8 range.\n");
return 0;
}
herAddrIndex = AddressMapper_put(switchHeader->label_be, herAddrStore, &context->addrMap);
} else {
herAddrIndex = AddressMapper_indexOf(switchHeader->label_be, &context->addrMap);
if (herAddrIndex == -1) {
uint64_t label = Endian_bigEndianToHost64(switchHeader->label_be);
struct Node* n = RouterModule_getNode(label, context->routerModule);
if (n) {
herAddrIndex = AddressMapper_put(switchHeader->label_be,
n->address.ip6.bytes,
&context->addrMap);
} else {
#ifdef Log_DEBUG
uint8_t switchAddr[20];
AddrTools_printPath(switchAddr, Endian_bigEndianToHost64(switchHeader->label_be));
Log_debug1(context->logger,
"Dropped traffic packet from unknown node. (%s)\n",
&switchAddr);
#endif
return 0;
}
}
}
// If the source address is the same as the router address, no third layer of crypto.
context->routerAddress = context->addrMap.entries[herAddrIndex].address;
// This is needed so that the priority and other information
// from the switch header can be passed on properly.
context->switchHeader = switchHeader;
context->session = SessionManager_getSession(context->routerAddress, herKey, context->sm);
// This goes to incomingFromCryptoAuth()
// then incomingFromRouter() then core()
context->layer = OUTER_LAYER;
context->session->receiveMessage(message, context->session);
return 0;
}
/**
* This is called as sendMessage() by the switch.
* There is only one switch interface which sends all traffic.
* message is aligned on the beginning of the switch header.
*/
static uint8_t incomingFromSwitch(struct Message* message, struct Interface* switchIf)
{
struct Context* context = switchIf->senderContext;
struct Headers_SwitchHeader* switchHeader = (struct Headers_SwitchHeader*) message->bytes;
Message_shift(message, -Headers_SwitchHeader_SIZE);
// The label comes in reversed from the switch because the switch doesn't know that we aren't
// another switch ready to parse more bits, bit reversing the label yields the source address.
switchHeader->label_be = Bits_bitReverse64(switchHeader->label_be);
if (Headers_getMessageType(switchHeader) == MessageType_CONTROL) {
struct Control* ctrl = (struct Control*) (switchHeader + 1);
if (ctrl->type_be == Control_ERROR_be) {
if (memcmp(&ctrl->content.error.cause.label_be, &switchHeader->label_be, 8)) {
Log_warn(context->logger,
"Different label for cause than return packet, this shouldn't happen. "
"Perhaps a packet was corrupted.\n");
return 0;
}
uint32_t errType_be = ctrl->content.error.errorType_be;
if (errType_be == Endian_bigEndianToHost32(Error_MALFORMED_ADDRESS)) {
Log_info(context->logger, "Got malformed-address error, removing route.\n");
RouterModule_brokenPath(switchHeader->label_be, context->routerModule);
return 0;
}
Log_info1(context->logger,
"Got error packet, error type: %d",
Endian_bigEndianToHost32(errType_be));
}
return 0;
}
uint8_t* herKey = extractPublicKey(message, switchHeader->label_be, context->logger);
int herAddrIndex;
if (herKey) {
uint8_t herAddrStore[16];
AddressCalc_addressForPublicKey(herAddrStore, herKey);
if (herAddrStore[0] != 0xFC) {
Log_debug(context->logger,
"Got message from peer whose address is not in fc00::/8 range.\n");
return 0;
}
herAddrIndex = AddressMapper_put(switchHeader->label_be, herAddrStore, &context->addrMap);
} else {
herAddrIndex = AddressMapper_indexOf(switchHeader->label_be, &context->addrMap);
if (herAddrIndex == -1) {
struct Node* n = RouterModule_getNode(switchHeader->label_be, context->routerModule);
if (n) {
herAddrIndex = AddressMapper_put(switchHeader->label_be,
n->address.ip6.bytes,
&context->addrMap);
} else {
#ifdef Log_DEBUG
uint8_t switchAddr[20];
struct Address addr;
addr.networkAddress_be = switchHeader->label_be;
Address_printNetworkAddress(switchAddr, &addr);
Log_debug1(context->logger,
"Dropped traffic packet from unknown node. (%s)\n",
&switchAddr);
#endif
return 0;
}
}
}
uint8_t* herAddr = context->addrMap.addresses[herAddrIndex];
// This is needed so that the priority and other information
// from the switch header can be passed on properly.
context->switchHeader = switchHeader;
context->session = SessionManager_getSession(herAddr, herKey, context->sm);
// This goes to incomingFromCryptoAuth()
// then incomingFromRouter() then core()
context->layer = OUTER_LAYER;
context->session->receiveMessage(message, context->session);
return 0;
}
