/**
* Sends an ABORT message downstream to clients
*/
void send_downstream_abort(struct pr_group_list_t *group, uint32_t dest_id,
const char *message, int current)
{
unsigned char *buf;
struct uftp_h *header;
struct abort_h *abort_hdr;
int payloadlen;
buf = safe_calloc(MAXMTU, 1);
header = (struct uftp_h *)buf;
abort_hdr = (struct abort_h *)(buf + sizeof(struct uftp_h));
set_uftp_header(header, ABORT, group);
header->seq = group->send_seq_down++;
header->src_id = uid;
abort_hdr->func = ABORT;
abort_hdr->hlen = sizeof(struct abort_h) / 4;
if ((dest_id == 0) && current) {
abort_hdr->flags |= FLAG_CURRENT_FILE;
}
abort_hdr->host = dest_id;
strncpy(abort_hdr->message, message, sizeof(abort_hdr->message) - 1);
payloadlen = sizeof(struct uftp_h) + sizeof(struct abort_h);
// Proxies should never need to send an encrypted ABORT
if (nb_sendto(listener, buf, payloadlen, 0,
(struct sockaddr *)&group->privatemcast,
family_len(group->privatemcast)) == SOCKET_ERROR) {
gsockerror(group, "Error sending ABORT");
}
free(buf);
}
/**
* Sends a KEYINFO_ACK in response to a KEYINFO
*/
void send_keyinfo_ack(struct group_list_t *group)
{
unsigned char *buf, *encrypted;
struct uftp_h *header;
struct keyinfoack_h *keyinfo_ack;
unsigned char *verifydata, *verify_hash, *verify_val;
unsigned int payloadlen, hashlen;
int verifylen, enclen, len;
buf = safe_calloc(MAXMTU, 1);
header = (struct uftp_h *)buf;
keyinfo_ack = (struct keyinfoack_h *)(buf + sizeof(struct uftp_h));
set_uftp_header(header, KEYINFO_ACK, group);
keyinfo_ack->func = KEYINFO_ACK;
keyinfo_ack->hlen = sizeof(struct keyinfoack_h) / 4;
verifydata = build_verify_data(group, &verifylen);
if (!verifydata) {
glog0(group, "Error getting verify data");
send_abort(group, "Error getting verify data");
free(buf);
return;
}
verify_hash = safe_calloc(group->hmaclen, 1);
verify_val = safe_calloc(VERIFY_LEN + group->hmaclen, 1);
hash(group->hashtype, verifydata, verifylen, verify_hash, &hashlen);
PRF(group->hashtype, VERIFY_LEN, group->groupmaster,
sizeof(group->groupmaster), "client finished",
verify_hash, hashlen, verify_val, &len);
memcpy(keyinfo_ack->verify_data, verify_val, VERIFY_LEN);
free(verifydata);
free(verify_hash);
free(verify_val);
payloadlen = sizeof(struct keyinfoack_h);
encrypted = NULL;
if (!encrypt_and_sign(buf, &encrypted, payloadlen, &enclen, group->keytype,
group->groupkey, group->groupsalt, &group->ivctr, group->ivlen,
group->hashtype, group->grouphmackey, group->hmaclen,group->sigtype,
group->keyextype, group->client_privkey,group->client_privkeylen)) {
glog0(group, "Error encrypting KEYINFO_ACK");
free(buf);
return;
}
payloadlen = enclen + sizeof(struct uftp_h);
if (nb_sendto(listener, encrypted, payloadlen, 0,
(struct sockaddr *)&(group->replyaddr),
family_len(group->replyaddr)) == SOCKET_ERROR) {
gsockerror(group, "Error sending KEYINFO_ACK");
} else {
glog2(group, "KEYINFO_ACK sent");
}
free(encrypted);
free(buf);
}
/**
* Sends back a CC_ACK message for congestion control feedback
*/
void send_cc_ack(struct group_list_t *group)
{
unsigned char *buf, *encrypted, *outpacket;
struct uftp_h *header;
struct cc_ack_h *cc_ack;
struct tfmcc_ack_info_he *tfmcc;
int payloadlen, enclen;
buf = safe_calloc(MAXMTU, 1);
header = (struct uftp_h *)buf;
cc_ack = (struct cc_ack_h *)(buf + sizeof(struct uftp_h));
tfmcc = (struct tfmcc_ack_info_he *)((unsigned char *)cc_ack +
sizeof(struct cc_ack_h));
set_uftp_header(header, CC_ACK, group);
cc_ack->func = CC_ACK;
cc_ack->hlen =
(sizeof(struct cc_ack_h) + sizeof(struct tfmcc_ack_info_he)) / 4;
set_tfmcc_ack_info(group, tfmcc);
payloadlen = cc_ack->hlen * 4;
if ((group->phase != PHASE_REGISTERED) && (group->keytype != KEY_NONE)) {
encrypted = NULL;
if (!encrypt_and_sign(buf, &encrypted, payloadlen, &enclen,
group->keytype, group->groupkey, group->groupsalt,&group->ivctr,
group->ivlen, group->hashtype, group->grouphmackey,
group->hmaclen, group->sigtype, group->keyextype,
group->client_privkey, group->client_privkeylen)) {
glog0(group, "Error encrypting CC_ACK");
free(buf);
return;
}
outpacket = encrypted;
payloadlen = enclen;
} else {
encrypted = NULL;
outpacket = buf;
}
payloadlen += sizeof(struct uftp_h);
if (nb_sendto(listener, outpacket, payloadlen, 0,
(struct sockaddr *)&group->replyaddr,
family_len(group->replyaddr)) == SOCKET_ERROR) {
gsockerror(group, "Error sending CC_ACK");
} else {
glog2(group, "CC_ACK sent");
}
set_timeout(group, 0);
group->cc_time.tv_sec = 0;
group->cc_time.tv_usec = 0;
free(buf);
}
/**
* Sends an ABORT message to a server
*/
void send_abort(struct group_list_t *group, const char *message)
{
unsigned char *buf, *encrypted, *outpacket;
struct uftp_h *header;
struct abort_h *abort_hdr;
int payloadlen, enclen;
buf = safe_calloc(MAXMTU, 1);
header = (struct uftp_h *)buf;
abort_hdr = (struct abort_h *)(buf + sizeof(struct uftp_h));
set_uftp_header(header, ABORT, group);
abort_hdr->func = ABORT;
abort_hdr->hlen = sizeof(struct abort_h) / 4;
abort_hdr->host = 0;
strncpy(abort_hdr->message, message, sizeof(abort_hdr->message) - 1);
payloadlen = sizeof(struct abort_h);
if ((group->phase != PHASE_REGISTERED) &&
(group->keytype != KEY_NONE)) {
encrypted = NULL;
if (!encrypt_and_sign(buf, &encrypted, payloadlen, &enclen,
group->keytype, group->groupkey, group->groupsalt,&group->ivctr,
group->ivlen, group->hashtype, group->grouphmackey,
group->hmaclen, group->sigtype, group->keyextype,
group->client_privkey, group->client_privkeylen)) {
glog0(group, "Error encrypting ABORT");
free(buf);
return;
}
outpacket = encrypted;
payloadlen = enclen;
} else {
encrypted = NULL;
outpacket = buf;
}
payloadlen += sizeof(struct uftp_h);
if (nb_sendto(listener, outpacket, payloadlen, 0,
(struct sockaddr *)&group->replyaddr,
family_len(group->replyaddr)) == SOCKET_ERROR) {
gsockerror(group, "Error sending ABORT");
}
flush_disk_cache(group);
file_cleanup(group, 1);
free(buf);
free(encrypted);
}
/**
* Sends an ABORT message upstream to a server
*/
void send_upstream_abort(struct pr_group_list_t *group, uint32_t addr,
const char *message)
{
unsigned char *buf;
struct uftp_h *header;
struct abort_h *abort_hdr;
int payloadlen;
buf = safe_calloc(MAXMTU, 1);
header = (struct uftp_h *)buf;
abort_hdr = (struct abort_h *)(buf + sizeof(struct uftp_h));
set_uftp_header(header, ABORT, group);
header->seq = group->send_seq_up++;
header->src_id = uid;
abort_hdr->func = ABORT;
abort_hdr->hlen = sizeof(struct abort_h) / 4;
abort_hdr->flags = 0;
abort_hdr->host = addr;
strncpy(abort_hdr->message, message, sizeof(abort_hdr->message) - 1);
payloadlen = sizeof(struct uftp_h) + sizeof(struct abort_h);
// Proxies should never need to send an encrypted ABORT
if (nb_sendto(listener, buf, payloadlen, 0,
(struct sockaddr *)&group->up_addr,
family_len(group->up_addr)) == SOCKET_ERROR) {
gsockerror(group, "Error sending ABORT");
}
if (addr == 0) {
group_cleanup(group);
}
free(buf);
}
/**
* Sends back a COMPLETE message in response to a DONE or FILEINFO
*/
void send_complete(struct group_list_t *group, int set_freespace)
{
unsigned char *buf, *encrypted, *outpacket;
struct uftp_h *header;
struct complete_h *complete;
struct freespace_info_he *freespace;
int payloadlen, enclen;
struct timeval tv;
gettimeofday(&tv, NULL);
if ((group->phase == PHASE_COMPLETE) &&
(cmptimestamp(tv, group->expire_time) >= 0)) {
glog1(group, "Completion unconfirmed by server");
move_files(group);
file_cleanup(group, 0);
return;
}
buf = safe_calloc(MAXMTU, 1);
header = (struct uftp_h *)buf;
complete = (struct complete_h *)(buf + sizeof(struct uftp_h));
freespace = (struct freespace_info_he *)((unsigned char *)complete +
sizeof(struct complete_h));
set_uftp_header(header, COMPLETE, group);
complete->func = COMPLETE;
if (set_freespace) {
complete->hlen = (sizeof(struct complete_h) +
sizeof(struct freespace_info_he)) / 4;
} else {
complete->hlen = sizeof(struct complete_h) / 4;
}
complete->status = group->fileinfo.comp_status;
complete->file_id = htons(group->file_id);
if (set_freespace) {
set_freespace_info(group, freespace);
}
payloadlen = complete->hlen * 4;
if ((group->phase != PHASE_REGISTERED) && (group->keytype != KEY_NONE)) {
encrypted = NULL;
if (!encrypt_and_sign(buf, &encrypted, payloadlen, &enclen,
group->keytype, group->groupkey, group->groupsalt,&group->ivctr,
group->ivlen, group->hashtype, group->grouphmackey,
group->hmaclen, group->sigtype, group->keyextype,
group->client_privkey, group->client_privkeylen)) {
glog0(group, "Error encrypting COMPLETE");
free(buf);
return;
}
outpacket = encrypted;
payloadlen = enclen;
} else {
encrypted = NULL;
outpacket = buf;
}
payloadlen += sizeof(struct uftp_h);
if (nb_sendto(listener, outpacket, payloadlen, 0,
(struct sockaddr *)&group->replyaddr,
family_len(group->replyaddr)) == SOCKET_ERROR) {
gsockerror(group, "Error sending COMPLETE");
} else {
glog2(group, "COMPLETE sent");
}
set_timeout(group, 0);
free(buf);
free(encrypted);
}
/**
* Sends back a STATUS message with the given NAK list
*/
void send_status(struct group_list_t *group, unsigned int section,
const unsigned char *naks, unsigned int nak_count)
{
unsigned char *buf, *encrypted, *outpacket;
struct uftp_h *header;
struct status_h *status;
struct tfmcc_ack_info_he *tfmcc;
unsigned char *sent_naks;
int payloadlen, enclen;
buf = safe_calloc(MAXMTU, 1);
header = (struct uftp_h *)buf;
status = (struct status_h *)(buf + sizeof(struct uftp_h));
tfmcc = (struct tfmcc_ack_info_he *)((unsigned char *)status +
sizeof(struct status_h));
set_uftp_header(header, STATUS, group);
status->func = STATUS;
if (group->cc_type == CC_TFMCC) {
status->hlen =
(sizeof(struct status_h) + sizeof(struct tfmcc_ack_info_he)) / 4;
} else {
status->hlen = sizeof(struct status_h) / 4;
}
status->file_id = htons(group->file_id);
status->section = htons(section);
if (section >= group->fileinfo.big_sections) {
payloadlen = (group->fileinfo.secsize_small / 8) + 1;
} else {
payloadlen = (group->fileinfo.secsize_big / 8) + 1;
}
if (group->cc_type == CC_TFMCC) {
set_tfmcc_ack_info(group, tfmcc);
}
sent_naks = (unsigned char *)status + (status->hlen * 4);
memcpy(sent_naks, naks, payloadlen);
payloadlen += status->hlen * 4;
if ((group->phase != PHASE_REGISTERED) && (group->keytype != KEY_NONE)) {
encrypted = NULL;
if (!encrypt_and_sign(buf, &encrypted, payloadlen, &enclen,
group->keytype, group->groupkey, group->groupsalt,&group->ivctr,
group->ivlen, group->hashtype, group->grouphmackey,
group->hmaclen, group->sigtype, group->keyextype,
group->client_privkey, group->client_privkeylen)) {
glog0(group, "Error encrypting STATUS");
free(buf);
return;
}
outpacket = encrypted;
payloadlen = enclen;
} else {
encrypted = NULL;
outpacket = buf;
}
payloadlen += sizeof(struct uftp_h);
if (nb_sendto(listener, outpacket, payloadlen, 0,
(struct sockaddr *)&group->replyaddr,
family_len(group->replyaddr)) == SOCKET_ERROR) {
gsockerror(group, "Error sending STATUS");
} else {
glog2(group, "Sent %d NAKs for section %d", nak_count, section);
}
free(buf);
free(encrypted);
}
/**
* Send a KEYINFO message. Sent during the Announce phase for a group
* with encryption enabled.
* Returns 1 on success, 0 on fail.
*/
int send_keyinfo(const struct finfo_t *finfo, int attempt)
{
unsigned char *buf, *iv;
struct uftp_h *header;
struct keyinfo_h *keyinfo;
struct destkey *keylist;
unsigned int hsize, payloadlen, len;
int maxdest, packetcnt, dests, iv_init, i;
int unauth_keytype, unauth_keylen, unauth_ivlen;
// Don't use a cipher in an authentication mode to encrypt the group master
unauth_keytype = unauth_key(keytype);
get_key_info(unauth_keytype, &unauth_keylen, &unauth_ivlen);
buf = safe_calloc(MAXMTU, 1);
iv = safe_calloc(unauth_ivlen, 1);
header = (struct uftp_h *)buf;
keyinfo = (struct keyinfo_h *)(buf + sizeof(struct uftp_h));
keylist = (struct destkey *)((char *)keyinfo + sizeof(struct keyinfo_h));
set_uftp_header(header, KEYINFO, finfo->group_id, finfo->group_inst,
grtt, destcount);
keyinfo->func = KEYINFO;
keyinfo->hlen = sizeof(struct keyinfo_h) / 4;
keylist = (struct destkey *)((uint8_t *)keyinfo + (keyinfo->hlen * 4));
iv_init = 0;
hsize = sizeof(struct keyinfo_h);
maxdest = blocksize / sizeof(struct destkey);
packetcnt = 1;
for (i = 0, dests = 0; i < destcount; i++) {
if (destlist[i].status == DEST_REGISTERED) {
if (!iv_init) {
ivctr++;
keyinfo->iv_ctr_hi =htonl((ivctr & 0xFFFFFFFF00000000LL) >> 32);
keyinfo->iv_ctr_lo = htonl(ivctr & 0x00000000FFFFFFFFLL);
iv_init = 1;
}
keylist[dests].dest_id = destlist[i].id;
build_iv(iv, destlist[i].encinfo->salt, unauth_ivlen,
uftp_htonll(ivctr), header->src_id);
if (!encrypt_block(unauth_keytype, iv,destlist[i].encinfo->key,
NULL,0, &groupmaster[1], sizeof(groupmaster) - 1,
keylist[dests].groupmaster, &len)) {
glog0(finfo, "Error encrypting KEYINFO for %s",
destlist[i].name);
free(buf);
free(iv);
return 0;
}
dests++;
}
if ((dests >= maxdest) || ((i == destcount - 1) && (dests > 0))) {
header->seq = htons(send_seq++);
payloadlen = hsize + (dests * sizeof(struct destkey));
glog2(finfo, "Sending KEYINFO %d.%d", attempt, packetcnt);
if (nb_sendto(sock, buf, payloadlen + sizeof(struct uftp_h), 0,
(struct sockaddr *)&receive_dest,
family_len(receive_dest)) == SOCKET_ERROR) {
gsockerror(finfo, "Error sending KEYINFO");
sleep(1);
free(buf);
free(iv);
return 0;
}
if (packet_wait) usleep(packet_wait);
memset(keylist, 0, maxdest * sizeof(struct destkey));
iv_init = 0;
dests = 0;
packetcnt++;
}
}
/**
* Send the ANNOUNCE message
* For open group membership, just send one. For closed group membership,
* list as many destinations as will fit and send multiple packets so that
* each receiver is listed.
* Returns 1 on success, 0 on fail.
*/
int send_announce(const struct finfo_t *finfo, int attempt, int open)
{
int packetlen, rval, iplen, extlen;
unsigned char *buf;
struct uftp_h *header;
struct announce_h *announce;
unsigned char *publicaddr, *privateaddr;
struct enc_info_he *encinfo;
struct timeval tv;
uint32_t *idlist;
buf = safe_calloc(MAXMTU, 1);
if (listen_dest.ss.ss_family == AF_INET6) {
iplen = sizeof(struct in6_addr);
} else {
iplen = sizeof(struct in_addr);
}
header = (struct uftp_h *)buf;
announce = (struct announce_h *)(buf + sizeof(struct uftp_h));
publicaddr = (unsigned char *)announce + sizeof(struct announce_h);
privateaddr = publicaddr + iplen;
encinfo = (struct enc_info_he *)(privateaddr + iplen);
set_uftp_header(header, ANNOUNCE, finfo->group_id, finfo->group_inst,
grtt, destcount);
announce->func = ANNOUNCE;
if (sync_mode) {
announce->flags |= FLAG_SYNC_MODE;
if (sync_preview) {
announce->flags |= FLAG_SYNC_PREVIEW;
}
}
announce->robust = robust;
announce->cc_type = cc_type;
announce->blocksize = htons(blocksize);
gettimeofday(&tv, NULL);
announce->tstamp_sec = htonl(tv.tv_sec);
announce->tstamp_usec = htonl(tv.tv_usec);
if (!is_multicast(&listen_dest, 0)) {
memset(publicaddr, 0, iplen);
memset(privateaddr, 0, iplen);
} else if (listen_dest.ss.ss_family == AF_INET6) {
memcpy(publicaddr, &listen_dest.sin6.sin6_addr.s6_addr, iplen);
memcpy(privateaddr, &receive_dest.sin6.sin6_addr.s6_addr, iplen);
} else {
memcpy(publicaddr, &listen_dest.sin.sin_addr.s_addr, iplen);
memcpy(privateaddr, &receive_dest.sin.sin_addr.s_addr, iplen);
}
if (listen_dest.ss.ss_family == AF_INET6) {
announce->flags |= FLAG_IPV6;
}
if (keytype != KEY_NONE) {
extlen = set_enc_info(finfo, encinfo);
if (extlen == 0) {
glog0(finfo, "Error setting up EXT_ENC_INFO");
free(buf);
return 0;
}
announce->hlen = (sizeof(struct announce_h) +
iplen + iplen + extlen) / 4;
} else {
announce->hlen = (sizeof(struct announce_h) + iplen + iplen) / 4;
}
idlist = (uint32_t *)((uint8_t *)announce + (announce->hlen * 4));
if (open) {
header->seq = htons(send_seq++);
packetlen = sizeof(struct uftp_h) + (announce->hlen * 4);
if (!sign_announce(finfo, buf, packetlen)) {
glog0(finfo, "Error signing ANNOUNCE");
free(buf);
return 0;
}
glog2(finfo, "Sending ANNOUNCE %d", attempt);
if (nb_sendto(sock, buf, packetlen, 0, (struct sockaddr *)&listen_dest,
family_len(listen_dest)) == SOCKET_ERROR) {
gsockerror(finfo, "Error sending ANNOUNCE");
// So we don't spin our wheels...
sleep(1);
free(buf);
return 0;
}
free(buf);
return 1;
} else {
rval = send_multiple(finfo, buf, ANNOUNCE, attempt, idlist,
DEST_MUTE, 0, &listen_dest, 0);
free(buf);
return rval;
}
}
/**
* Sends a FILEINFO_ACK in response to a FILEINFO
*/
void send_fileinfo_ack(struct group_list_t *group, int restart)
{
unsigned char *buf, *encrypted, *outpacket;
struct uftp_h *header;
struct fileinfoack_h *fileinfo_ack;
struct timeval now, send_time;
unsigned int payloadlen;
int enclen;
buf = safe_calloc(MAXMTU, 1);
header = (struct uftp_h *)buf;
fileinfo_ack = (struct fileinfoack_h *)(buf + sizeof(struct uftp_h));
payloadlen = sizeof(struct fileinfoack_h);
set_uftp_header(header, FILEINFO_ACK, group);
fileinfo_ack->func = FILEINFO_ACK;
fileinfo_ack->hlen = sizeof(struct fileinfoack_h) / 4;
fileinfo_ack->file_id = htons(group->file_id);
if (restart) {
fileinfo_ack->flags |= FLAG_PARTIAL;
}
gettimeofday(&now, NULL);
if (cmptimestamp(now, group->last_server_rx_ts) <= 0) {
send_time = group->last_server_ts;
} else {
send_time = add_timeval(group->last_server_ts,
diff_timeval(now, group->last_server_rx_ts));
}
fileinfo_ack->tstamp_sec = htonl((uint32_t)send_time.tv_sec);
fileinfo_ack->tstamp_usec = htonl((uint32_t)send_time.tv_usec);
if (group->keytype != KEY_NONE) {
encrypted = NULL;
if (!encrypt_and_sign(buf, &encrypted, payloadlen, &enclen,
group->keytype, group->groupkey, group->groupsalt,&group->ivctr,
group->ivlen, group->hashtype, group->grouphmackey,
group->hmaclen, group->sigtype, group->keyextype,
group->client_privkey, group->client_privkeylen)) {
glog0(group, "Error encrypting FILEINFO_ACK");
free(buf);
return;
}
outpacket = encrypted;
payloadlen = enclen;
} else {
encrypted = NULL;
outpacket = buf;
}
payloadlen += sizeof(struct uftp_h);
if (nb_sendto(listener, outpacket, payloadlen, 0,
(struct sockaddr *)&(group->replyaddr),
family_len(group->replyaddr)) == SOCKET_ERROR) {
gsockerror(group, "Error sending FILEINFO_ACK");
} else {
glog2(group, "FILEINFO_ACK sent");
}
glog3(group, "send time: %d.%06d", send_time.tv_sec, send_time.tv_usec);
free(encrypted);
free(buf);
}
/**
* Sends a REGISTER message in response to an ANNOUNCE or on timeout when
* waiting for a KEYINFO or REG_CONF. If the register timeout expired, abort.
*/
void send_register(struct group_list_t *group)
{
struct uftp_h *header;
struct register_h *reg;
unsigned char *buf, *keydata;
struct timeval now, send_time;
unsigned int len, meslen;
union key_t key;
gettimeofday(&now, NULL);
if (cmptimestamp(now, group->expire_time) >= 0) {
glog1(group, "Registration unconfirmed by server");
send_abort(group, "Registration unconfirmed");
return;
}
buf = safe_calloc(MAXMTU, 1);
header = (struct uftp_h *)buf;
reg = (struct register_h *)(buf + sizeof(struct uftp_h));
keydata = (unsigned char *)reg + sizeof(struct register_h);
set_uftp_header(header, REGISTER, group);
reg->func = REGISTER;
if (group->keytype != KEY_NONE) {
memcpy(reg->rand2, group->rand2, RAND_LEN);
if (group->keyextype == KEYEX_RSA) {
if (has_proxy) {
key = proxy_pubkey;
} else {
key = group->server_pubkey;
}
if (!RSA_encrypt(key.rsa, group->premaster, group->premaster_len,
keydata, &len)) {
glog0(group, "Error encrypting premaster secret");
send_abort(group, "Error encrypting premaster secret");
free(buf);
return;
}
} else {
uint16_t keylen;
if (!export_EC_key(group->client_dhkey.ec, keydata, &keylen)) {
glog0(group, "Error exporting ECDH public key");
send_abort(group, "Error exporting ECDH public key");
free(buf);
return;
}
len = keylen;
}
reg->keyinfo_len = htons(len);
} else {
len = 0;
}
gettimeofday(&now, NULL);
if (cmptimestamp(now, group->last_server_rx_ts) <= 0) {
send_time = group->last_server_ts;
} else {
send_time = add_timeval(group->last_server_ts,
diff_timeval(now, group->last_server_rx_ts));
}
reg->tstamp_sec = htonl((uint32_t)send_time.tv_sec);
reg->tstamp_usec = htonl((uint32_t)send_time.tv_usec);
reg->hlen = (sizeof(struct register_h) + len) / 4;
meslen = sizeof(struct uftp_h) + (reg->hlen * 4);
if (nb_sendto(listener, buf, meslen, 0,
(struct sockaddr *)&(group->replyaddr),
family_len(group->replyaddr)) == SOCKET_ERROR) {
gsockerror(group, "Error sending REGISTER");
} else {
glog2(group, "REGISTER sent");
}
glog3(group, "send time: %d.%06d", send_time.tv_sec, send_time.tv_usec);
set_timeout(group, 0);
if (group->client_auth) {
send_client_key(group);
}
free(buf);
}
/**
* Sends a CLIENT_KEY message if the server requested it.
* Always sent right after a REGISTER.
*/
void send_client_key(struct group_list_t *group)
{
struct uftp_h *header;
struct client_key_h *client_key;
unsigned char *buf, *keyblob, *verify;
uint8_t *verifydata;
unsigned int siglen, meslen;
int verifylen;
uint16_t bloblen;
buf = safe_calloc(MAXMTU, 1);
header = (struct uftp_h *)buf;
client_key = (struct client_key_h *)(buf + sizeof(struct uftp_h));
keyblob = (unsigned char *)client_key + sizeof(struct client_key_h);
verifydata = build_verify_data(group, &verifylen);
if (!verifydata) {
glog0(group, "Error getting verify data");
send_abort(group, "Error getting verify data");
goto end;
}
set_uftp_header(header, CLIENT_KEY, group);
client_key->func = CLIENT_KEY;
if ((group->keyextype == KEYEX_RSA) ||
(group->keyextype == KEYEX_ECDH_RSA)) {
if (!export_RSA_key(group->client_privkey.rsa, keyblob, &bloblen)) {
glog0(group, "Error exporting public key");
send_abort(group, "Error exporting public key");
goto end;
}
verify = keyblob + bloblen;
if (!create_RSA_sig(group->client_privkey.rsa, group->hashtype,
verifydata, verifylen, verify, &siglen)) {
glog0(group, "Error signing verify data");
send_abort(group, "Error signing verify data");
goto end;
}
} else {
if (!export_EC_key(group->client_privkey.ec, keyblob, &bloblen)) {
glog0(group, "Error exporting public key");
send_abort(group, "Error exporting public key");
goto end;
}
verify = keyblob + bloblen;
if (!create_ECDSA_sig(group->client_privkey.ec, group->hashtype,
verifydata, verifylen, verify, &siglen)) {
glog0(group, "Error signing verify data");
send_abort(group, "Error signing verify data");
goto end;
}
}
client_key->bloblen = htons(bloblen);
client_key->siglen = htons(siglen);
client_key->hlen = (sizeof(struct client_key_h) + bloblen + siglen) / 4;
meslen = sizeof(struct uftp_h) + (client_key->hlen * 4);
if (nb_sendto(listener, buf, meslen, 0,
(struct sockaddr *)&(group->replyaddr),
family_len(group->replyaddr)) == SOCKET_ERROR) {
gsockerror(group, "Error sending CLIENT_KEY");
} else {
glog2(group, "CLIENT_KEY sent");
}
end:
free(verifydata);
free(buf);
}
/**
* Forward a message unmodified to the next hop, resigning if necessary.
*/
void forward_message(struct pr_group_list_t *group,
const union sockaddr_u *src,
unsigned char *packet, int packetlen)
{
struct uftp_h *header;
struct encrypted_h *encrypted;
struct announce_h *announce;
struct enc_info_he *encinfo;
union sockaddr_u dest;
unsigned int meslen, siglen;
int hostidx, rval, iplen, resign;
char destname[INET6_ADDRSTRLEN], destport[PORTNAME_LEN];
uint8_t *sig, *sigcopy;
union key_t key;
header = (struct uftp_h *)packet;
meslen = (unsigned int)packetlen;
memset(&dest, 0, sizeof(dest));
if (!memcmp(src, &group->up_addr, sizeof(*src))) {
if (proxy_type == RESPONSE_PROXY) {
// Response proxy, no downstream forwarding
set_timeout(group, 0, 0);
return;
} else if (proxy_type == SERVER_PROXY) {
dest = down_addr;
} else {
if (header->func == ANNOUNCE) {
dest = group->publicmcast;
} else {
dest = group->privatemcast;
}
key = group->server_pubkey;
}
} else {
dest = group->up_addr;
if (proxy_type != SERVER_PROXY) {
hostidx = find_client(group, header->src_id);
if (hostidx == -1) {
glog1(group, "Couldn't find receiver in list");
return;
}
key = group->destinfo[hostidx].pubkey;
}
}
// If we're using KEYEX signatures, or sending an ANNOUNCE with ECDH,
// verify the signature and resign
resign = 0;
if ((proxy_type != SERVER_PROXY) && (header->func == ENCRYPTED) &&
(group->sigtype == SIG_KEYEX)) {
encrypted = (struct encrypted_h *)(packet + sizeof(struct uftp_h));
sig = (uint8_t *)encrypted + sizeof(struct encrypted_h);
siglen = ntohs(encrypted->sig_len);
resign = 1;
} else if ((proxy_type != SERVER_PROXY) && (header->func == ANNOUNCE) &&
((group->keyextype == KEYEX_ECDH_RSA) ||
(group->keyextype == KEYEX_ECDH_ECDSA))) {
announce = (struct announce_h *)(packet + sizeof(struct uftp_h));
iplen = ((announce->flags & FLAG_IPV6) != 0) ? 16 : 4;
encinfo = (struct enc_info_he *) ((uint8_t *)announce +
sizeof(struct announce_h) + iplen + iplen);
sig = (uint8_t *)encinfo + sizeof(struct enc_info_he) +
ntohs(encinfo->keylen) + ntohs(encinfo->dhlen);
siglen = ntohs(encinfo->siglen);
resign = 1;
}
if (resign) {
sigcopy = safe_calloc(siglen, 1);
memcpy(sigcopy, sig, siglen);
memset(sig, 0, siglen);
if ((group->keyextype == KEYEX_RSA) ||
(group->keyextype == KEYEX_ECDH_RSA)) {
if (header->func == ENCRYPTED) {
if (!verify_RSA_sig(key.rsa, group->hashtype, packet,
meslen, sigcopy, siglen)) {
glog1(group, "Signature verification failed");
free(sigcopy);
return;
}
}
if (!create_RSA_sig(group->proxy_privkey.rsa, group->hashtype,
packet, meslen, sigcopy, &siglen)) {
glog0(group, "Signature creation failed");
free(sigcopy);
return;
}
} else {
if (header->func == ENCRYPTED) {
if (!verify_ECDSA_sig(key.ec, group->hashtype, packet,
meslen, sigcopy, siglen)) {
glog1(group, "Signature verification failed");
free(sigcopy);
return;
}
}
if (!create_ECDSA_sig(group->proxy_privkey.ec, group->hashtype,
packet, meslen, sigcopy, &siglen)) {
glog0(group, "Signature creation failed");
free(sigcopy);
return;
}
}
memcpy(sig, sigcopy, siglen);
free(sigcopy);
}
if (nb_sendto(listener, packet, meslen, 0, (struct sockaddr *)&dest,
family_len(dest)) == SOCKET_ERROR) {
gsockerror(group, "Error forwarding message");
if ((rval = getnameinfo((struct sockaddr *)&dest, family_len(dest),
destname, sizeof(destname), destport, sizeof(destport),
NI_NUMERICHOST | NI_NUMERICSERV)) != 0) {
glog1(group, "getnameinfo failed: %s", gai_strerror(rval));
}
glog2(group, "Dest: %s:%s", destname, destport);
}
set_timeout(group, 0, 0);
}
/**
* Sends a KEYINFO to each client that the server sent a REG_CONF for.
*/
void send_keyinfo(struct pr_group_list_t *group, const uint32_t *addrlist,
int addrlen)
{
unsigned char *buf, *iv;
struct uftp_h *header;
struct keyinfo_h *keyinfo_hdr;
struct destkey *keylist;
unsigned int payloadlen, len;
int maxdest, packetcnt, dests, iv_init, foundaddr, i, j;
int unauth_keytype, unauth_keylen, unauth_ivlen;
struct pr_destinfo_t *dest;
// Don't use a cipher in an authentication mode to encrypt the group master
unauth_keytype = unauth_key(group->keytype);
get_key_info(unauth_keytype, &unauth_keylen, &unauth_ivlen);
buf = safe_calloc(MAXMTU, 1);
iv = safe_calloc(unauth_ivlen, 1);
header = (struct uftp_h *)buf;
keyinfo_hdr = (struct keyinfo_h *)(buf + sizeof(struct uftp_h));
keylist= (struct destkey *)((char *)keyinfo_hdr + sizeof(struct keyinfo_h));
set_uftp_header(header, KEYINFO, group);
keyinfo_hdr->func = KEYINFO;
keyinfo_hdr->hlen = sizeof(struct keyinfo_h) / 4;
iv_init = 0;
maxdest = max_msg_dest(group, KEYINFO, keyinfo_hdr->hlen * 4);
packetcnt = 1;
for (i = 0, dests = 0; i < group->destcount; i++) {
dest = &group->destinfo[i];
if (dest->state == PR_CLIENT_CONF) {
if (addrlist) {
// We just got a REG_CONF, so only send to listed hosts
for (j = 0, foundaddr = 0; (j < addrlen) && (!foundaddr); j++) {
if (dest->id == addrlist[j]) {
foundaddr = 1;
}
}
} else {
foundaddr = 1;
}
if (foundaddr) {
if (!iv_init) {
group->ivctr++;
keyinfo_hdr->iv_ctr_hi =
htonl((group->ivctr & 0xFFFFFFFF00000000LL) >> 32);
keyinfo_hdr->iv_ctr_lo =
htonl(group->ivctr & 0x00000000FFFFFFFFLL);
iv_init = 1;
}
keylist[dests].dest_id = dest->id;
build_iv(iv, dest->salt, unauth_ivlen,
uftp_htonll(group->ivctr), group->src_id);
if (!encrypt_block(unauth_keytype, iv, dest->key,
NULL, 0, &group->groupmaster[1],
sizeof(group->groupmaster) - 1,
keylist[dests].groupmaster, &len)) {
glog0(group, "Error encrypting KEYINFO for %s", dest->name);
free(buf);
free(iv);
return;
}
dests++;
}
}
if ((dests >= maxdest) ||
((i == group->destcount - 1) && (dests > 0))) {
payloadlen = sizeof(struct keyinfo_h) +
(dests * sizeof(struct destkey));
glog2(group,"Sending KEYINFO %d.%d", group->keyinfo_cnt, packetcnt);
if (nb_sendto(listener, buf, payloadlen + sizeof(struct uftp_h), 0,
(struct sockaddr *)&group->privatemcast,
family_len(group->privatemcast)) == SOCKET_ERROR) {
gsockerror(group, "Error sending KEYINFO");
free(buf);
free(iv);
return;
}
// TODO: This value is good for around 100Mbps. This is under the
// assumption that the client proxy is local to the clients
// it serves. This should probably be a parameter.
usleep(120);
memset(keylist, 0, maxdest * sizeof(struct destkey));
iv_init = 0;
dests = 0;
packetcnt++;
}
}
