/* handle received packets for not yet established crypto connections. */
static void receive_crypto(void)
{
uint32_t i;
for (i = 0; i < MAX_CRYPTO_CONNECTIONS; ++i) {
if (crypto_connections[i].status == CONN_HANDSHAKE_SENT) {
uint8_t temp_data[MAX_DATA_SIZE];
uint8_t secret_nonce[crypto_box_NONCEBYTES];
uint8_t public_key[crypto_box_PUBLICKEYBYTES];
uint8_t session_key[crypto_box_PUBLICKEYBYTES];
uint16_t len;
if (id_packet(crypto_connections[i].number) == 1)
/* if the packet is a friend request drop it (because we are already friends) */
len = read_packet(crypto_connections[i].number, temp_data);
if (id_packet(crypto_connections[i].number) == 2) { /* handle handshake packet. */
len = read_packet(crypto_connections[i].number, temp_data);
if (handle_cryptohandshake(public_key, secret_nonce, session_key, temp_data, len)) {
if (memcmp(public_key, crypto_connections[i].public_key, crypto_box_PUBLICKEYBYTES) == 0) {
memcpy(crypto_connections[i].sent_nonce, secret_nonce, crypto_box_NONCEBYTES);
memcpy(crypto_connections[i].peersessionpublic_key, session_key, crypto_box_PUBLICKEYBYTES);
increment_nonce(crypto_connections[i].sent_nonce);
uint32_t zero = 0;
encrypt_precompute(crypto_connections[i].peersessionpublic_key,
crypto_connections[i].sessionsecret_key,
crypto_connections[i].shared_key);
crypto_connections[i].status = CONN_ESTABLISHED; /* connection status needs to be 3 for write_cryptpacket() to work */
write_cryptpacket(i, ((uint8_t *)&zero), sizeof(zero));
crypto_connections[i].status = CONN_NOT_CONFIRMED; /* set it to its proper value right after. */
}
}
} else if (id_packet(crypto_connections[i].number) != -1) // This should not happen kill the connection if it does
crypto_kill(crypto_connections[i].number);
}
if (crypto_connections[i].status == CONN_NOT_CONFIRMED) {
if (id_packet(crypto_connections[i].number) == 3) {
uint8_t temp_data[MAX_DATA_SIZE];
uint8_t data[MAX_DATA_SIZE];
int length = read_packet(crypto_connections[i].number, temp_data);
int len = decrypt_data(crypto_connections[i].peersessionpublic_key,
crypto_connections[i].sessionsecret_key,
crypto_connections[i].recv_nonce, temp_data + 1, length - 1, data);
uint32_t zero = 0;
if (len == sizeof(uint32_t) && memcmp(((uint8_t *)&zero), data, sizeof(uint32_t)) == 0) {
increment_nonce(crypto_connections[i].recv_nonce);
encrypt_precompute(crypto_connections[i].peersessionpublic_key,
crypto_connections[i].sessionsecret_key,
crypto_connections[i].shared_key);
crypto_connections[i].status = CONN_ESTABLISHED;
/* connection is accepted so we disable the auto kill by setting it to about 1 month from now. */
kill_connection_in(crypto_connections[i].number, 3000000);
} else
crypto_kill(crypto_connections[i].number); // This should not happen kill the connection if it does
} else if(id_packet(crypto_connections[i].number) != -1)
/* This should not happen
kill the connection if it does */
crypto_kill(crypto_connections[i].number);
}
}
}
/* Handle an incoming connection.
*
* return -1 if no crypto inbound connection.
* return incoming connection id (Lossless_UDP one) if there is an incoming crypto connection.
*
* Put the public key of the peer in public_key, the secret_nonce from the handshake into secret_nonce
* and the session public key for the connection in session_key.
* to accept it see: accept_crypto_inbound(...).
* to refuse it just call kill_connection(...) on the connection id.
*/
int crypto_inbound(Net_Crypto *c, uint8_t *public_key, uint8_t *secret_nonce, uint8_t *session_key)
{
while (1) {
int incoming_con = incoming_connection(c->lossless_udp, 1);
if (incoming_con != -1) {
if (is_connected(c->lossless_udp, incoming_con) == LUDP_TIMED_OUT) {
kill_connection(c->lossless_udp, incoming_con);
continue;
}
if (id_packet(c->lossless_udp, incoming_con) == 2) {
uint8_t temp_data[MAX_DATA_SIZE];
uint16_t len = read_packet_silent(c->lossless_udp, incoming_con, temp_data);
if (handle_cryptohandshake(c, public_key, secret_nonce, session_key, temp_data, len)) {
return incoming_con;
}
}
} else {
break;
}
}
return -1;
}
/* handle an incoming connection
return -1 if no crypto inbound connection
return incoming connection id (Lossless_UDP one) if there is an incoming crypto connection
Put the public key of the peer in public_key, the secret_nonce from the handshake into secret_nonce
and the session public key for the connection in session_key
to accept it see: accept_crypto_inbound(...)
to refuse it just call kill_connection(...) on the connection id */
int crypto_inbound(uint8_t * public_key, uint8_t * secret_nonce, uint8_t * session_key)
{
uint32_t i;
for(i = 0; i < MAX_INCOMING; ++i)
{
if(incoming_connections[i] != -1)
{
if(is_connected(incoming_connections[i]) == 4 || is_connected(incoming_connections[i]) == 0)
{
kill_connection(incoming_connections[i]);
incoming_connections[i] = -1;
continue;
}
if(id_packet(incoming_connections[i]) == 2)
{
uint8_t temp_data[MAX_DATA_SIZE];
uint16_t len = read_packet(incoming_connections[i], temp_data);
if(handle_cryptohandshake(public_key, secret_nonce, session_key, temp_data, len))
{
int connection_id = incoming_connections[i];
incoming_connections[i] = -1; /* remove this connection from the incoming connection list. */
return connection_id;
}
}
}
}
return -1;
}
/* Handle received packets for not yet established crypto connections. */
static void receive_crypto(Net_Crypto *c)
{
uint32_t i;
uint64_t temp_time = unix_time();
for (i = 0; i < c->crypto_connections_length; ++i) {
if (c->crypto_connections[i].status == CRYPTO_CONN_NO_CONNECTION)
continue;
if (c->crypto_connections[i].status == CRYPTO_CONN_HANDSHAKE_SENT) {
uint8_t temp_data[MAX_DATA_SIZE];
uint8_t secret_nonce[crypto_box_NONCEBYTES];
uint8_t public_key[crypto_box_PUBLICKEYBYTES];
uint8_t session_key[crypto_box_PUBLICKEYBYTES];
uint16_t len;
if (id_packet(c->lossless_udp, c->crypto_connections[i].number) == 2) { /* Handle handshake packet. */
len = read_packet(c->lossless_udp, c->crypto_connections[i].number, temp_data);
if (handle_cryptohandshake(c, public_key, secret_nonce, session_key, temp_data, len)) {
if (memcmp(public_key, c->crypto_connections[i].public_key, crypto_box_PUBLICKEYBYTES) == 0) {
memcpy(c->crypto_connections[i].sent_nonce, secret_nonce, crypto_box_NONCEBYTES);
memcpy(c->crypto_connections[i].peersessionpublic_key, session_key, crypto_box_PUBLICKEYBYTES);
increment_nonce(c->crypto_connections[i].sent_nonce);
uint32_t zero = 0;
encrypt_precompute(c->crypto_connections[i].peersessionpublic_key,
c->crypto_connections[i].sessionsecret_key,
c->crypto_connections[i].shared_key);
c->crypto_connections[i].status =
CRYPTO_CONN_ESTABLISHED; /* Connection status needs to be 3 for write_cryptpacket() to work. */
write_cryptpacket(c, i, ((uint8_t *)&zero), sizeof(zero));
c->crypto_connections[i].status = CRYPTO_CONN_NOT_CONFIRMED; /* Set it to its proper value right after. */
} else {
/* This should not happen, timeout the connection if it does. */
c->crypto_connections[i].status = CRYPTO_CONN_TIMED_OUT;
}
} else {
/* This should not happen, timeout the connection if it does. */
c->crypto_connections[i].status = CRYPTO_CONN_TIMED_OUT;
}
} else if (id_packet(c->lossless_udp,
c->crypto_connections[i].number) != -1) {
/* This should not happen, timeout the connection if it does. */
c->crypto_connections[i].status = CRYPTO_CONN_TIMED_OUT;
}
}
if (c->crypto_connections[i].status == CRYPTO_CONN_NOT_CONFIRMED) {
if (id_packet(c->lossless_udp, c->crypto_connections[i].number) == 3) {
uint8_t temp_data[MAX_DATA_SIZE];
uint8_t data[MAX_DATA_SIZE];
int length = read_packet(c->lossless_udp, c->crypto_connections[i].number, temp_data);
int len = decrypt_data(c->crypto_connections[i].peersessionpublic_key,
c->crypto_connections[i].sessionsecret_key,
c->crypto_connections[i].recv_nonce, temp_data + 1, length - 1, data);
uint32_t zero = 0;
if (len == sizeof(uint32_t) && memcmp(((uint8_t *)&zero), data, sizeof(uint32_t)) == 0) {
increment_nonce(c->crypto_connections[i].recv_nonce);
encrypt_precompute(c->crypto_connections[i].peersessionpublic_key,
c->crypto_connections[i].sessionsecret_key,
c->crypto_connections[i].shared_key);
c->crypto_connections[i].status = CRYPTO_CONN_ESTABLISHED;
c->crypto_connections[i].timeout = ~0;
/* Connection is accepted. */
confirm_connection(c->lossless_udp, c->crypto_connections[i].number);
} else {
/* This should not happen, timeout the connection if it does. */
c->crypto_connections[i].status = CRYPTO_CONN_TIMED_OUT;
}
} else if (id_packet(c->lossless_udp, c->crypto_connections[i].number) != -1) {
/* This should not happen, timeout the connection if it does. */
c->crypto_connections[i].status = CRYPTO_CONN_TIMED_OUT;
}
}
if (temp_time > c->crypto_connections[i].timeout) {
c->crypto_connections[i].status = CRYPTO_CONN_TIMED_OUT;
}
}
}
/* Handle received packets for not yet established crypto connections. */
static void receive_crypto(Net_Crypto *c)
{
uint32_t i;
for (i = 0; i < c->crypto_connections_length; ++i) {
if (c->crypto_connections[i].status == CONN_HANDSHAKE_SENT) {
uint8_t temp_data[MAX_DATA_SIZE];
uint8_t secret_nonce[crypto_box_NONCEBYTES];
uint8_t public_key[crypto_box_PUBLICKEYBYTES];
uint8_t session_key[crypto_box_PUBLICKEYBYTES];
uint16_t len;
if (id_packet(c->lossless_udp, c->crypto_connections[i].number) == 2) { /* Handle handshake packet. */
len = read_packet(c->lossless_udp, c->crypto_connections[i].number, temp_data);
if (handle_cryptohandshake(c, public_key, secret_nonce, session_key, temp_data, len)) {
if (memcmp(public_key, c->crypto_connections[i].public_key, crypto_box_PUBLICKEYBYTES) == 0) {
memcpy(c->crypto_connections[i].sent_nonce, secret_nonce, crypto_box_NONCEBYTES);
memcpy(c->crypto_connections[i].peersessionpublic_key, session_key, crypto_box_PUBLICKEYBYTES);
increment_nonce(c->crypto_connections[i].sent_nonce);
uint32_t zero = 0;
encrypt_precompute(c->crypto_connections[i].peersessionpublic_key,
c->crypto_connections[i].sessionsecret_key,
c->crypto_connections[i].shared_key);
c->crypto_connections[i].status =
CONN_ESTABLISHED; /* Connection status needs to be 3 for write_cryptpacket() to work. */
write_cryptpacket(c, i, ((uint8_t *)&zero), sizeof(zero));
c->crypto_connections[i].status = CONN_NOT_CONFIRMED; /* Set it to its proper value right after. */
}
}
} else if (id_packet(c->lossless_udp,
c->crypto_connections[i].number) != -1) { // This should not happen, kill the connection if it does.
crypto_kill(c, i);
return;
}
}
if (c->crypto_connections[i].status == CONN_NOT_CONFIRMED) {
if (id_packet(c->lossless_udp, c->crypto_connections[i].number) == 3) {
uint8_t temp_data[MAX_DATA_SIZE];
uint8_t data[MAX_DATA_SIZE];
int length = read_packet(c->lossless_udp, c->crypto_connections[i].number, temp_data);
int len = decrypt_data(c->crypto_connections[i].peersessionpublic_key,
c->crypto_connections[i].sessionsecret_key,
c->crypto_connections[i].recv_nonce, temp_data + 1, length - 1, data);
uint32_t zero = 0;
if (len == sizeof(uint32_t) && memcmp(((uint8_t *)&zero), data, sizeof(uint32_t)) == 0) {
increment_nonce(c->crypto_connections[i].recv_nonce);
encrypt_precompute(c->crypto_connections[i].peersessionpublic_key,
c->crypto_connections[i].sessionsecret_key,
c->crypto_connections[i].shared_key);
c->crypto_connections[i].status = CONN_ESTABLISHED;
/* Connection is accepted so we disable the auto kill by setting it to about 1 month from now. */
kill_connection_in(c->lossless_udp, c->crypto_connections[i].number, 3000000);
} else {
/* This should not happen, kill the connection if it does. */
crypto_kill(c, i);
return;
}
} else if (id_packet(c->lossless_udp, c->crypto_connections[i].number) != -1)
/* This should not happen, kill the connection if it does. */
crypto_kill(c, i);
return;
}
}
}