static inline bool decryptMessage(struct Wrapper* wrapper, uint32_t nonce, struct Message* content, uint8_t secret[32]) { if (wrapper->authenticatePackets) { // Decrypt with authentication and replay prevention. int ret = decrypt(nonce, content, secret, wrapper->isInitiator, true); if (ret) { Log_debug1(wrapper->context->logger, "Authenticated decryption failed returning %u\n", ret); return false; } ret = !ReplayProtector_checkNonce(nonce, &wrapper->replayProtector); if (ret) { Log_debug(wrapper->context->logger, "Nonce checking failed.\n"); return false; } } else { decrypt(nonce, content, secret, wrapper->isInitiator, false); } int ret = callReceivedMessage(wrapper, content); if (ret) { Log_debug1(wrapper->context->logger, "Call received message failed returning %u\n", ret); return false; } return true; }
static uint8_t sendMessage(struct Message* message, struct Interface* iface) { struct UDPInterface* context = (struct UDPInterface*) iface->senderContext; assert(context->defaultInterface != iface || !"Error: can't send traffic to the default interface"); struct Endpoint* ep = (struct Endpoint*) (((char*)iface) - offsetof(struct Endpoint, interface)); if (sendto(context->socket, message->bytes, message->length, 0, (struct sockaddr*) &ep->addr, context->addrLen) < 0) { switch (errno) { case EMSGSIZE: return Error_OVERSIZE_MESSAGE; case ENOBUFS: case EAGAIN: #if EWOULDBLOCK != EAGAIN case EWOULDBLOCK: #endif return Error_LINK_LIMIT_EXCEEDED; default:; Log_debug1(context->logger, "Got error sending to socket errno=%d", errno); }; } return 0; }
// Called by the TUN device. static inline uint8_t ip6FromTun(struct Message* message, struct Interface* interface) { struct Context* context = (struct Context*) interface->receiverContext; if (!validIP6(message)) { Log_debug(context->logger, "dropped message from TUN because it was not valid IPv6.\n"); return Error_INVALID; } struct Headers_IP6Header* header = (struct Headers_IP6Header*) message->bytes; if (memcmp(header->sourceAddr, context->myAddr.ip6.bytes, 16)) { Log_warn(context->logger, "dropped message because only one address is allowed to be used " "and the source address was different.\n"); return Error_INVALID; } context->switchHeader = NULL; struct Node* bestNext = RouterModule_getBest(header->destinationAddr, context->routerModule); if (bestNext) { context->forwardTo = &bestNext->address; if (!memcmp(header->destinationAddr, bestNext->address.ip6.bytes, 16)) { // Direct send, skip the innermost layer of encryption. header->hopLimit = 0; #ifdef Log_DEBUG uint8_t nhAddr[60]; Address_print(nhAddr, &bestNext->address); Log_debug1(context->logger, "Forwarding data to %s (last hop)\n", nhAddr); #endif return sendToRouter(&bestNext->address, message, context); } } // Grab out the header so it doesn't get clobbered. struct Headers_IP6Header headerStore; memcpy(&headerStore, header, Headers_IP6Header_SIZE); context->ip6Header = &headerStore; // Shift over the content. Message_shift(message, -Headers_IP6Header_SIZE); struct Interface* session = SessionManager_getSession(headerStore.destinationAddr, NULL, context->sm); // This comes out at outgoingFromMe() context->layer = INNER_LAYER; return session->sendMessage(message, session); }
static uint8_t receiveMessage(struct Message* received, struct Interface* interface) { struct Wrapper* wrapper = (struct Wrapper*) interface->receiverContext; union Headers_CryptoAuth* header = (union Headers_CryptoAuth*) received->bytes; if (received->length < (wrapper->requireAuth ? 20 : 4)) { Log_debug(wrapper->context->logger, "Dropped runt"); return Error_UNDERSIZE_MESSAGE; } assert(received->padding >= 12 || "need at least 12 bytes of padding in incoming message"); #ifdef Log_DEBUG assert(!((uintptr_t)received->bytes % 4) || !"alignment fault"); #endif Message_shift(received, -4); uint32_t nonce = Endian_bigEndianToHost32(header->nonce); if (wrapper->nextNonce < 5) { if (nonce > 3 && nonce != UINT32_MAX && knowHerKey(wrapper)) { Log_debug1(wrapper->context->logger, "Trying final handshake step, nonce=%u\n", nonce); uint8_t secret[32]; getSharedSecret(secret, wrapper->secret, wrapper->tempKey, NULL, wrapper->context->logger); if (decryptMessage(wrapper, nonce, received, secret)) { Log_debug(wrapper->context->logger, "Final handshake step succeeded.\n"); wrapper->nextNonce += 3; memcpy(wrapper->secret, secret, 32); return Error_NONE; } CryptoAuth_reset(interface); Log_debug(wrapper->context->logger, "Final handshake step failed.\n"); } } else if (nonce > 2 && decryptMessage(wrapper, nonce, received, wrapper->secret)) { // If decryptMessage returns false then we will try the packet as a handshake. return Error_NONE; } else { Log_debug(wrapper->context->logger, "Decryption failed, trying message as a handshake.\n"); } Message_shift(received, 4); return decryptHandshake(wrapper, nonce, received, header); }
static uint8_t decryptHandshake(struct Wrapper* wrapper, const uint32_t nonce, struct Message* message, union Headers_CryptoAuth* header) { if (message->length < sizeof(union Headers_CryptoAuth)) { Log_debug(wrapper->context->logger, "Dropped runt packet\n"); return Error_UNDERSIZE_MESSAGE; } // handshake // nextNonce 0: recieving hello. // nextNonce 1: recieving key, we sent hello. // nextNonce 2: recieving first data packet or duplicate hello. // nextNonce 3: recieving first data packet. // nextNonce >3: handshake complete if (wrapper->nextNonce < 2 && nonce == UINT32_MAX && !wrapper->requireAuth) { // Reset without knowing key is allowed until state reaches 2. // this is because we don't know that the other end knows our key until we // have received a valid packet from them. // We can't allow the upper layer to see this message because it's not authenticated. if (!knowHerKey(wrapper)) { memcpy(wrapper->herPerminentPubKey, header->handshake.publicKey, 32); } Message_shift(message, -Headers_CryptoAuth_SIZE); message->length = 0; wrapper->nextNonce = 0; wrapper->user = NULL; // Send an empty response (to initiate the connection). encryptHandshake(message, wrapper); return Error_NONE; } void* user = NULL; uint8_t passwordHashStore[32]; uint8_t* passwordHash = tryAuth(header, passwordHashStore, wrapper, &user); if (wrapper->requireAuth && !user) { Log_debug(wrapper->context->logger, "Dropping message because auth was not given and is required.\n"); return Error_AUTHENTICATION; } if (passwordHash == NULL && header->handshake.auth.challenge.type != 0) { Log_debug(wrapper->context->logger, "Dropping message because it contans an authenticator which is unrecognized.\n"); return Error_AUTHENTICATION; } // What the nextNonce will become if this packet is valid. uint32_t nextNonce; // The secret for decrypting this message. uint8_t sharedSecret[32]; uint8_t* herPermKey = NULL; if (nonce < 2) { if (nonce == 0) { Log_debug1(wrapper->context->logger, "Received a hello packet, using auth: %d\n", (passwordHash != NULL)); } else { Log_debug(wrapper->context->logger, "Received a repeat hello packet\n"); } // Decrypt message with perminent keys. if (!knowHerKey(wrapper) || wrapper->nextNonce == 0) { herPermKey = header->handshake.publicKey; #ifdef Log_DEBUG if (Bits_isZero(header->handshake.publicKey, 32)) { Log_debug(wrapper->context->logger, "Node sent public key of ZERO!\n"); } #endif } else { herPermKey = wrapper->herPerminentPubKey; if (memcmp(header->handshake.publicKey, herPermKey, 32)) { Log_debug(wrapper->context->logger, "Packet contains different perminent key.\n"); return Error_AUTHENTICATION; } } getSharedSecret(sharedSecret, wrapper->context->privateKey, herPermKey, passwordHash, wrapper->context->logger); nextNonce = 2; } else { if (nonce == 2) { Log_debug(wrapper->context->logger, "Received a key packet\n"); } else if (nonce == 3) { Log_debug(wrapper->context->logger, "Received a repeat key packet\n"); } else { Log_debug1(wrapper->context->logger, "Received a packet of unknown type! nonce=%u\n", nonce); } if (memcmp(header->handshake.publicKey, wrapper->herPerminentPubKey, 32)) { Log_debug(wrapper->context->logger, "Packet contains different perminent key.\n"); return Error_AUTHENTICATION; } // We sent the hello, this is a key getSharedSecret(sharedSecret, wrapper->secret, wrapper->herPerminentPubKey, passwordHash, wrapper->context->logger); nextNonce = 4; } // Shift it on top of the authenticator before the encrypted public key Message_shift(message, 48 - Headers_CryptoAuth_SIZE); Log_debug1(wrapper->context->logger, "Message length: %u\n", message->length); #ifdef Log_KEYS uint8_t sharedSecretHex[65]; printHexKey(sharedSecretHex, sharedSecret); uint8_t nonceHex[49]; Hex_encode(nonceHex, 49, header->handshake.nonce, 24); uint8_t cipherHex[65]; printHexKey(cipherHex, message->bytes); Log_keys3(wrapper->context->logger, "Decrypting message with:\n" " nonce: %s\n" " secret: %s\n" " cipher: %s\n", nonceHex, sharedSecretHex, cipherHex); #endif // Decrypt her temp public key and the message. if (decryptRndNonce(header->handshake.nonce, message, sharedSecret) != 0) { // just in case memset(header, 0, Headers_CryptoAuth_SIZE); Log_debug(wrapper->context->logger, "Dropped message because authenticated decryption failed.\n"); return Error_AUTHENTICATION; } wrapper->user = user; memcpy(wrapper->tempKey, header->handshake.encryptedTempKey, 32); #ifdef Log_DEBUG assert(!Bits_isZero(header->handshake.encryptedTempKey, 32)); #endif #ifdef Log_KEYS uint8_t tempKeyHex[65]; Hex_encode(tempKeyHex, 65, wrapper->tempKey, 32); Log_keys1(wrapper->context->logger, "Unwrapping temp public key:\n" " %s\n", tempKeyHex); #endif Message_shift(message, -32); wrapper->nextNonce = nextNonce; if (nextNonce == 2) { wrapper->isInitiator = false; } if (herPermKey && herPermKey != wrapper->herPerminentPubKey) { memcpy(wrapper->herPerminentPubKey, herPermKey, 32); } // If this is a handshake which was initiated in reverse because we // didn't know the other node's key, now send what we were going to send. if (wrapper->hasBufferedMessage && message->length == 0) { Log_debug(wrapper->context->logger, "Sending buffered message.\n"); sendMessage(wrapper->bufferedMessage, &wrapper->externalInterface); wrapper->hasBufferedMessage = false; return Error_NONE; } else if (wrapper->hasBufferedMessage) { Log_debug(wrapper->context->logger, "There is a buffered message.\n"); } memset(&wrapper->replayProtector, 0, sizeof(struct ReplayProtector)); setRequiredPadding(wrapper); return callReceivedMessage(wrapper, message); }
static uint8_t encryptHandshake(struct Message* message, struct Wrapper* wrapper) { assert(message->padding >= sizeof(union Headers_CryptoAuth) || !"not enough padding"); Message_shift(message, sizeof(union Headers_CryptoAuth)); union Headers_CryptoAuth* header = (union Headers_CryptoAuth*) message->bytes; // garbage the auth field to frustrate DPI and set the nonce (next 24 bytes after the auth) randombytes((uint8_t*) &header->handshake.auth, sizeof(union Headers_AuthChallenge) + 24); memcpy(&header->handshake.publicKey, wrapper->context->publicKey, 32); if (!knowHerKey(wrapper)) { return genReverseHandshake(message, wrapper, header); } // Password auth uint8_t* passwordHash = NULL; if (wrapper->password != NULL) { struct Auth auth; passwordHash = hashPassword(&auth, wrapper->password, wrapper->authType); memcpy(header->handshake.auth.bytes, &auth.challenge, sizeof(union Headers_AuthChallenge)); } header->handshake.auth.challenge.type = wrapper->authType; Headers_setPacketAuthRequired(&header->handshake.auth, wrapper->authenticatePackets); // set the session state uint32_t sessionState_be = Endian_hostToBigEndian32(wrapper->nextNonce); header->nonce = sessionState_be; if (wrapper->nextNonce == 0 || wrapper->nextNonce == 2) { // If we're sending a hello or a key crypto_box_curve25519xsalsa20poly1305_keypair(header->handshake.encryptedTempKey, wrapper->secret); if (wrapper->nextNonce == 0) { memcpy(wrapper->tempKey, header->handshake.encryptedTempKey, 32); } #ifdef Log_DEBUG assert(!Bits_isZero(header->handshake.encryptedTempKey, 32)); assert(!Bits_isZero(wrapper->secret, 32)); #endif } else if (wrapper->nextNonce == 3) { // Dupe key // If nextNonce is 1 then we have our pubkey stored in wrapper->tempKey, // If nextNonce is 3 we need to recalculate it each time // because tempKey the final secret. crypto_scalarmult_curve25519_base(header->handshake.encryptedTempKey, wrapper->secret); } else { // Dupe hello // wrapper->nextNonce == 1 // Our public key is cached in wrapper->tempKey so lets copy it out. memcpy(header->handshake.encryptedTempKey, wrapper->tempKey, 32); } uint8_t sharedSecret[32]; if (wrapper->nextNonce < 2) { if (wrapper->nextNonce == 0) { Log_debug(wrapper->context->logger, "Sending hello packet\n"); } else { Log_debug(wrapper->context->logger, "Sending repeat hello packet\n"); } getSharedSecret(sharedSecret, wrapper->context->privateKey, wrapper->herPerminentPubKey, passwordHash, wrapper->context->logger); wrapper->isInitiator = true; wrapper->nextNonce = 1; #ifdef Log_DEBUG assert(!Bits_isZero(header->handshake.encryptedTempKey, 32)); uint8_t myTempPubKey[32]; crypto_scalarmult_curve25519_base(myTempPubKey, wrapper->secret); assert(!memcmp(header->handshake.encryptedTempKey, myTempPubKey, 32)); #endif #ifdef Log_KEYS uint8_t tempKeyHex[65]; Hex_encode(tempKeyHex, 65, header->handshake.encryptedTempKey, 32); Log_keys1(wrapper->context->logger, "Wrapping temp public key:\n" " %s\n", tempKeyHex); #endif } else { if (wrapper->nextNonce == 2) { Log_debug(wrapper->context->logger, "Sending key packet\n"); } else { Log_debug(wrapper->context->logger, "Sending repeat key packet\n"); } // Handshake2 wrapper->tempKey holds her public temp key. // it was put there by receiveMessage() getSharedSecret(sharedSecret, wrapper->context->privateKey, wrapper->tempKey, passwordHash, wrapper->context->logger); wrapper->nextNonce = 3; #ifdef Log_KEYS uint8_t tempKeyHex[65]; Hex_encode(tempKeyHex, 65, wrapper->tempKey, 32); Log_keys1(wrapper->context->logger, "Using their temp public key:\n" " %s\n", tempKeyHex); #endif } // Shift message over the encryptedTempKey field. Message_shift(message, 32 - Headers_CryptoAuth_SIZE); encryptRndNonce(header->handshake.nonce, message, sharedSecret); Log_debug1(wrapper->context->logger, "Message length: %u\n", message->length); #ifdef Log_KEYS uint8_t sharedSecretHex[65]; printHexKey(sharedSecretHex, sharedSecret); uint8_t nonceHex[49]; Hex_encode(nonceHex, 49, header->handshake.nonce, 24); uint8_t cipherHex[65]; printHexKey(cipherHex, message->bytes); Log_keys3(wrapper->context->logger, "Encrypting message with:\n" " nonce: %s\n" " secret: %s\n" " cipher: %s\n", nonceHex, sharedSecretHex, cipherHex); #endif #ifdef Log_DEBUG assert(!Bits_isZero(header->handshake.encryptedTempKey, 32)); #endif // Shift it back -- encryptRndNonce adds 16 bytes of authenticator. Message_shift(message, Headers_CryptoAuth_SIZE - 32 - 16); return wrapper->wrappedInterface->sendMessage(message, wrapper->wrappedInterface); }
/** * This is called as sendMessage() by the switch. * There is only one switch interface which sends all traffic. * message is aligned on the beginning of the switch header. */ static uint8_t incomingFromSwitch(struct Message* message, struct Interface* switchIf) { struct Ducttape* context = switchIf->senderContext; struct Headers_SwitchHeader* switchHeader = (struct Headers_SwitchHeader*) message->bytes; Message_shift(message, -Headers_SwitchHeader_SIZE); // The label comes in reversed from the switch because the switch doesn't know that we aren't // another switch ready to parse more bits, bit reversing the label yields the source address. switchHeader->label_be = Bits_bitReverse64(switchHeader->label_be); if (Headers_getMessageType(switchHeader) == Headers_SwitchHeader_TYPE_CONTROL) { uint8_t labelStr[20]; uint64_t label = Endian_bigEndianToHost64(switchHeader->label_be); AddrTools_printPath(labelStr, label); if (message->length < Control_HEADER_SIZE) { Log_info1(context->logger, "dropped runt ctrl packet from [%s]", labelStr); return Error_NONE; } else { Log_debug1(context->logger, "ctrl packet from [%s]", labelStr); } struct Control* ctrl = (struct Control*) message->bytes; bool pong = false; if (ctrl->type_be == Control_ERROR_be) { if (message->length < Control_Error_MIN_SIZE) { Log_info1(context->logger, "dropped runt error packet from [%s]", labelStr); return Error_NONE; } Log_info2(context->logger, "error packet from [%s], error type [%d]", labelStr, Endian_bigEndianToHost32(ctrl->content.error.errorType_be)); RouterModule_brokenPath(Endian_bigEndianToHost64(switchHeader->label_be), context->routerModule); uint8_t causeType = Headers_getMessageType(&ctrl->content.error.cause); if (causeType == Headers_SwitchHeader_TYPE_CONTROL) { if (message->length < Control_Error_MIN_SIZE + Control_HEADER_SIZE) { Log_info1(context->logger, "error packet from [%s] containing runt cause packet", labelStr); return Error_NONE; } struct Control* causeCtrl = (struct Control*) &(&ctrl->content.error.cause)[1]; if (causeCtrl->type_be != Control_PING_be) { Log_info3(context->logger, "error packet from [%s] caused by [%s] packet ([%d])", labelStr, Control_typeString(causeCtrl->type_be), Endian_bigEndianToHost16(causeCtrl->type_be)); } else { Log_debug2(context->logger, "error packet from [%s] in response to ping, length: [%d].", labelStr, message->length); // errors resulting from pings are forwarded back to the pinger. pong = true; } } else if (causeType != Headers_SwitchHeader_TYPE_DATA) { Log_info1(context->logger, "error packet from [%s] containing cause of unknown type [%d]", labelStr); } } else if (ctrl->type_be == Control_PONG_be) { pong = true; } else if (ctrl->type_be == Control_PING_be) { ctrl->type_be = Control_PONG_be; Message_shift(message, Headers_SwitchHeader_SIZE); switchIf->receiveMessage(message, switchIf); } else { Log_info2(context->logger, "control packet of unknown type from [%s], type [%d]", labelStr, Endian_bigEndianToHost16(ctrl->type_be)); } if (pong) { // Shift back over the header Message_shift(message, Headers_SwitchHeader_SIZE); context->switchPingerIf->receiveMessage(message, context->switchPingerIf); } return Error_NONE; } uint8_t* herKey = extractPublicKey(message, switchHeader->label_be, context->logger); int herAddrIndex; if (herKey) { uint8_t herAddrStore[16]; AddressCalc_addressForPublicKey(herAddrStore, herKey); if (herAddrStore[0] != 0xFC) { Log_debug(context->logger, "Got message from peer whose address is not in fc00::/8 range.\n"); return 0; } herAddrIndex = AddressMapper_put(switchHeader->label_be, herAddrStore, &context->addrMap); } else { herAddrIndex = AddressMapper_indexOf(switchHeader->label_be, &context->addrMap); if (herAddrIndex == -1) { uint64_t label = Endian_bigEndianToHost64(switchHeader->label_be); struct Node* n = RouterModule_getNode(label, context->routerModule); if (n) { herAddrIndex = AddressMapper_put(switchHeader->label_be, n->address.ip6.bytes, &context->addrMap); } else { #ifdef Log_DEBUG uint8_t switchAddr[20]; AddrTools_printPath(switchAddr, Endian_bigEndianToHost64(switchHeader->label_be)); Log_debug1(context->logger, "Dropped traffic packet from unknown node. (%s)\n", &switchAddr); #endif return 0; } } } // If the source address is the same as the router address, no third layer of crypto. context->routerAddress = context->addrMap.entries[herAddrIndex].address; // This is needed so that the priority and other information // from the switch header can be passed on properly. context->switchHeader = switchHeader; context->session = SessionManager_getSession(context->routerAddress, herKey, context->sm); // This goes to incomingFromCryptoAuth() // then incomingFromRouter() then core() context->layer = OUTER_LAYER; context->session->receiveMessage(message, context->session); return 0; }
/** * Messages with content encrypted and header decrypted are sent here to be forwarded. * they may come from us, or from another node and may be to us or to any other node. * Message is aligned on the beginning of the ipv6 header. */ static inline int core(struct Message* message, struct Ducttape* context) { context->ip6Header = (struct Headers_IP6Header*) message->bytes; if (isForMe(message, context)) { Message_shift(message, -Headers_IP6Header_SIZE); if (memcmp(context->routerAddress, context->ip6Header->sourceAddr, 16)) { // triple encrypted // This call goes to incomingForMe() context->layer = INNER_LAYER; context->session = SessionManager_getSession(context->ip6Header->sourceAddr, NULL, context->sm); return context->session->receiveMessage(message, context->session); } else { // double encrypted, inner layer plaintext. // The session is still set from the router-to-router traffic and that is the one we use // to determine the node's id. return incomingForMe(message, context, CryptoAuth_getHerPublicKey(context->session)); } } if (context->ip6Header->hopLimit == 0) { Log_debug(context->logger, "dropped message because hop limit has been exceeded.\n"); // TODO: send back an error message in response. return Error_UNDELIVERABLE; } context->ip6Header->hopLimit--; struct Address* ft = context->forwardTo; context->forwardTo = NULL; if (!ft) { struct Node* bestNext = RouterModule_lookup(context->ip6Header->destinationAddr, context->routerModule); if (bestNext) { ft = &bestNext->address; } } if (ft) { #ifdef Log_DEBUG uint8_t nhAddr[60]; Address_print(nhAddr, ft); if (memcmp(context->ip6Header->destinationAddr, ft->ip6.bytes, 16)) { // Potentially forwarding for ourselves. struct Address destination; Bits_memcpyConst(destination.ip6.bytes, context->ip6Header->destinationAddr, 16); uint8_t ipAddr[40]; Address_printIp(ipAddr, &destination); Log_debug2(context->logger, "Forwarding data to %s via %s\n", ipAddr, nhAddr); } else { // Definitely forwarding on behalf of someone else. Log_debug1(context->logger, "Forwarding data to %s (last hop)\n", nhAddr); } #endif return sendToRouter(ft, message, context); } Log_debug(context->logger, "Dropped message because this node is the closest known " "node to the destination.\n"); return Error_UNDELIVERABLE; }
/** * This is called as sendMessage() by the switch. * There is only one switch interface which sends all traffic. * message is aligned on the beginning of the switch header. */ static uint8_t incomingFromSwitch(struct Message* message, struct Interface* switchIf) { struct Context* context = switchIf->senderContext; struct Headers_SwitchHeader* switchHeader = (struct Headers_SwitchHeader*) message->bytes; Message_shift(message, -Headers_SwitchHeader_SIZE); // The label comes in reversed from the switch because the switch doesn't know that we aren't // another switch ready to parse more bits, bit reversing the label yields the source address. switchHeader->label_be = Bits_bitReverse64(switchHeader->label_be); if (Headers_getMessageType(switchHeader) == MessageType_CONTROL) { struct Control* ctrl = (struct Control*) (switchHeader + 1); if (ctrl->type_be == Control_ERROR_be) { if (memcmp(&ctrl->content.error.cause.label_be, &switchHeader->label_be, 8)) { Log_warn(context->logger, "Different label for cause than return packet, this shouldn't happen. " "Perhaps a packet was corrupted.\n"); return 0; } uint32_t errType_be = ctrl->content.error.errorType_be; if (errType_be == Endian_bigEndianToHost32(Error_MALFORMED_ADDRESS)) { Log_info(context->logger, "Got malformed-address error, removing route.\n"); RouterModule_brokenPath(switchHeader->label_be, context->routerModule); return 0; } Log_info1(context->logger, "Got error packet, error type: %d", Endian_bigEndianToHost32(errType_be)); } return 0; } uint8_t* herKey = extractPublicKey(message, switchHeader->label_be, context->logger); int herAddrIndex; if (herKey) { uint8_t herAddrStore[16]; AddressCalc_addressForPublicKey(herAddrStore, herKey); if (herAddrStore[0] != 0xFC) { Log_debug(context->logger, "Got message from peer whose address is not in fc00::/8 range.\n"); return 0; } herAddrIndex = AddressMapper_put(switchHeader->label_be, herAddrStore, &context->addrMap); } else { herAddrIndex = AddressMapper_indexOf(switchHeader->label_be, &context->addrMap); if (herAddrIndex == -1) { struct Node* n = RouterModule_getNode(switchHeader->label_be, context->routerModule); if (n) { herAddrIndex = AddressMapper_put(switchHeader->label_be, n->address.ip6.bytes, &context->addrMap); } else { #ifdef Log_DEBUG uint8_t switchAddr[20]; struct Address addr; addr.networkAddress_be = switchHeader->label_be; Address_printNetworkAddress(switchAddr, &addr); Log_debug1(context->logger, "Dropped traffic packet from unknown node. (%s)\n", &switchAddr); #endif return 0; } } } uint8_t* herAddr = context->addrMap.addresses[herAddrIndex]; // This is needed so that the priority and other information // from the switch header can be passed on properly. context->switchHeader = switchHeader; context->session = SessionManager_getSession(herAddr, herKey, context->sm); // This goes to incomingFromCryptoAuth() // then incomingFromRouter() then core() context->layer = OUTER_LAYER; context->session->receiveMessage(message, context->session); return 0; }
/** * Messages with content encrypted and header decrypted are sent here to be forwarded. * they may come from us, or from another node and may be to us or to any other node. * Message is aligned on the beginning of the ipv6 header. */ static inline int core(struct Message* message, struct Context* context) { context->ip6Header = (struct Headers_IP6Header*) message->bytes; if (!validIP6(message)) { Log_debug(context->logger, "Dropping message because of invalid ipv6 header.\n"); return Error_INVALID; } // Do this here and check for 1 hop, not 0 because we want to differentiate between single // hop traffic and routed traffic as single hop traffic doesn't need 2 layers of crypto. if (context->ip6Header->hopLimit == 1) { Log_debug(context->logger, "dropped message because hop limit has been exceeded.\n"); // TODO: send back an error message in response. return Error_UNDELIVERABLE; } if (isForMe(message, context)) { Message_shift(message, -Headers_IP6Header_SIZE); if (context->ip6Header->hopLimit != 0) { // triple encrypted // This call goes to incomingForMe() context->layer = INNER_LAYER; context->session = SessionManager_getSession(context->ip6Header->sourceAddr, NULL, context->sm); return context->session->receiveMessage(message, context->session); } else { // double encrypted, inner layer plaintext. // The session is still set from the router-to-router traffic and that is the one we use // to determine the node's id. return incomingForMe(message, context); } } if (context->ip6Header->hopLimit == 0) { Log_debug(context->logger, "0 hop message not addressed to us, broken route.\n"); return 0; } context->ip6Header->hopLimit--; struct Address* ft = context->forwardTo; context->forwardTo = NULL; if (!ft) { struct Node* bestNext = RouterModule_getBest(context->ip6Header->destinationAddr, context->routerModule); if (bestNext) { ft = &bestNext->address; } } if (ft) { #ifdef Log_DEBUG uint8_t nhAddr[60]; Address_print(nhAddr, ft); if (memcmp(context->ip6Header->destinationAddr, ft->ip6.bytes, 16)) { // Potentially forwarding for ourselves. struct Address destination; memcpy(destination.ip6.bytes, context->ip6Header->destinationAddr, 16); uint8_t ipAddr[40]; Address_printIp(ipAddr, &destination); Log_debug2(context->logger, "Forwarding data to %s via %s\n", ipAddr, nhAddr); } else { // Definitely forwarding on behalf of someone else. Log_debug1(context->logger, "Forwarding data to %s (last hop)\n", nhAddr); } #endif return sendToRouter(ft, message, context); } Log_debug(context->logger, "Dropped message because this node is the closest known " "node to the destination.\n"); return Error_UNDELIVERABLE; }
struct Node* NodeStore_getBest(struct Address* targetAddress, struct NodeStore* store) { struct NodeCollector_Element element = { .value = 0, .distance = UINT32_MAX, .node = NULL }; struct NodeCollector collector = { .capacity = 1, .targetPrefix = Address_getPrefix(targetAddress), .targetAddress = targetAddress, .nodes = &element, .logger = store->logger }; collector.thisNodeDistance = Address_getPrefix(store->thisNodeAddress) ^ collector.targetPrefix; for (uint32_t i = 0; i < store->size; i++) { NodeCollector_addNode(store->headers + i, store->nodes + i, &collector); } return element.node ? nodeForHeader(element.node, store) : NULL; } struct NodeList* NodeStore_getNodesByAddr(struct Address* address, const uint32_t max, const struct Allocator* allocator, struct NodeStore* store) { struct NodeCollector* collector = NodeCollector_new(address, max, store->thisNodeAddress, true, store->logger, allocator); for (uint32_t i = 0; i < store->size; i++) { DistanceNodeCollector_addNode(store->headers + i, store->nodes + i, collector); } struct NodeList* out = allocator->malloc(sizeof(struct NodeList), allocator); out->nodes = allocator->malloc(max * sizeof(char*), allocator); uint32_t outIndex = 0; for (uint32_t i = 0; i < max; i++) { if (collector->nodes[i].node != NULL && !memcmp(collector->nodes[i].body->address.ip6.bytes, address->ip6.bytes, 16)) { out->nodes[outIndex] = collector->nodes[i].body; outIndex++; } } out->size = outIndex; return out; } /** See: NodeStore.h */ struct NodeList* NodeStore_getClosestNodes(struct NodeStore* store, struct Address* targetAddress, struct Address* requestorsAddress, const uint32_t count, const bool allowNodesFartherThanUs, const struct Allocator* allocator) { struct NodeCollector* collector = NodeCollector_new(targetAddress, count, store->thisNodeAddress, allowNodesFartherThanUs, store->logger, allocator); // Don't send nodes which route back to the node which asked us. uint32_t index = (requestorsAddress) ? getSwitchIndex(requestorsAddress) : 0; // naive implementation, todo make this faster for (uint32_t i = 0; i < store->size; i++) { if (requestorsAddress && store->headers[i].switchIndex == index) { continue; } NodeCollector_addNode(store->headers + i, store->nodes + i, collector); } struct NodeList* out = allocator->malloc(sizeof(struct NodeList), allocator); out->nodes = allocator->malloc(count * sizeof(char*), allocator); uint32_t outIndex = 0; for (uint32_t i = 0; i < count; i++) { if (collector->nodes[i].node != NULL) { out->nodes[outIndex] = nodeForHeader(collector->nodes[i].node, store); outIndex++; } } out->size = outIndex; return out; } /** See: NodeStore.h */ void NodeStore_updateReach(const struct Node* const node, const struct NodeStore* const store) { store->headers[node - store->nodes].reach = node->reach; } uint32_t NodeStore_size(const struct NodeStore* const store) { return store->size; } struct Node* NodeStore_getNodeByNetworkAddr(uint64_t networkAddress_be, struct NodeStore* store) { for (uint32_t i = 0; i < store->size; i++) { if (networkAddress_be == store->nodes[i].address.networkAddress_be) { return &store->nodes[i]; } } return NULL; } void NodeStore_dumpTables(struct Writer* writer, struct NodeStore* store) { for (uint32_t i = 0; i < store->size; i++) { uint8_t out[60]; Address_print(out, &store->nodes[i].address); writer->write(out, 60, writer); snprintf((char*)out, 60, " link quality = %u\n", store->headers[i].reach); writer->write(out, strlen((char*)out), writer); } } void NodeStore_remove(struct Node* node, struct NodeStore* store) { assert(node >= store->nodes && node < store->nodes + store->size); #ifdef Log_DEBUG uint8_t addr[60]; Address_print(addr, &node->address); Log_debug1(store->logger, "Removing route to %s\n", addr); #endif store->size--; memcpy(node, &store->nodes[store->size], sizeof(struct Node)); struct NodeHeader* header = &store->headers[node - store->nodes]; memcpy(header, &store->headers[store->size], sizeof(struct NodeHeader)); } static void sendEntries(struct NodeStore* store, struct List_Item* last, String* txid, bool isMore) { struct Dict_Entry txidEntry = { .next = NULL, .key = CJDHTConstants_TXID, .val = &(Object) { .type = Object_STRING, .as.string = txid } }; struct Dict_Entry tableEntry = { .next = &txidEntry, .key = &(String) { .len = 12, .bytes = "routingTable" }, .val = &(Object) { .type = Object_LIST, .as.list = &last } }; Dict d; if (isMore) { struct Dict_Entry more = { .next = &tableEntry, .key = &(String) { .len = 4, .bytes = "more" }, .val = &(Object) { .type = Object_INTEGER, .as.number = 1 } }; d = &more; } else {