/* Add a TCP relay associated to the friend.
*
* return -1 on failure.
* return 0 on success.
*/
int friend_add_tcp_relay(Friend_Connections *fr_c, int friendcon_id, IP_Port ip_port, const uint8_t *public_key)
{
Friend_Conn *friend_con = get_conn(fr_c, friendcon_id);
if (!friend_con)
return -1;
/* Local ip and same pk means that they are hosting a TCP relay. */
if (Local_ip(ip_port.ip) && public_key_cmp(friend_con->dht_temp_pk, public_key) == 0) {
if (friend_con->dht_ip_port.ip.family != 0) {
ip_port.ip = friend_con->dht_ip_port.ip;
} else {
friend_con->hosting_tcp_relay = 0;
}
}
unsigned int i;
uint16_t index = friend_con->tcp_relay_counter % FRIEND_MAX_STORED_TCP_RELAYS;
for (i = 0; i < FRIEND_MAX_STORED_TCP_RELAYS; ++i) {
if (friend_con->tcp_relays[i].ip_port.ip.family != 0
&& public_key_cmp(friend_con->tcp_relays[i].public_key, public_key) == 0) {
memset(&friend_con->tcp_relays[i], 0, sizeof(Node_format));
}
}
friend_con->tcp_relays[index].ip_port = ip_port;
memcpy(friend_con->tcp_relays[index].public_key, public_key, crypto_box_PUBLICKEYBYTES);
++friend_con->tcp_relay_counter;
return add_tcp_relay_peer(fr_c->net_crypto, friend_con->crypt_connection_id, ip_port, public_key);
}
/* Add a TCP relay associated to the friend.
*
* return -1 on failure.
* return 0 on success.
*/
int friend_add_tcp_relay(Friend_Connections *fr_c, int friendcon_id, IP_Port ip_port, const uint8_t *public_key)
{
Friend_Conn *const friend_con = get_conn(fr_c, friendcon_id);
if (!friend_con) {
return -1;
}
/* Local ip and same pk means that they are hosting a TCP relay. */
if (ip_is_local(ip_port.ip) && public_key_cmp(friend_con->dht_temp_pk, public_key) == 0) {
if (!net_family_is_unspec(friend_con->dht_ip_port.ip.family)) {
ip_port.ip = friend_con->dht_ip_port.ip;
} else {
friend_con->hosting_tcp_relay = 0;
}
}
const uint16_t index = friend_con->tcp_relay_counter % FRIEND_MAX_STORED_TCP_RELAYS;
for (unsigned i = 0; i < FRIEND_MAX_STORED_TCP_RELAYS; ++i) {
if (!net_family_is_unspec(friend_con->tcp_relays[i].ip_port.ip.family)
&& public_key_cmp(friend_con->tcp_relays[i].public_key, public_key) == 0) {
memset(&friend_con->tcp_relays[i], 0, sizeof(Node_format));
}
}
friend_con->tcp_relays[index].ip_port = ip_port;
memcpy(friend_con->tcp_relays[index].public_key, public_key, CRYPTO_PUBLIC_KEY_SIZE);
++friend_con->tcp_relay_counter;
return add_tcp_relay_peer(fr_c->net_crypto, friend_con->crypt_connection_id, ip_port, public_key);
}
/* Callback for dht public key changes. */
static void dht_pk_callback(void *object, int32_t number, const uint8_t *dht_public_key, void *userdata)
{
Friend_Connections *const fr_c = (Friend_Connections *)object;
Friend_Conn *const friend_con = get_conn(fr_c, number);
if (!friend_con) {
return;
}
if (public_key_cmp(friend_con->dht_temp_pk, dht_public_key) == 0) {
return;
}
change_dht_pk(fr_c, number, dht_public_key);
/* if pk changed, create a new connection.*/
if (friend_con->crypt_connection_id != -1) {
crypto_kill(fr_c->net_crypto, friend_con->crypt_connection_id);
friend_con->crypt_connection_id = -1;
handle_status(object, number, 0, userdata); /* Going offline. */
}
friend_new_connection(fr_c, number);
onion_set_friend_DHT_pubkey(fr_c->onion_c, friend_con->onion_friendnum, dht_public_key);
}
/* check if public key is in entries list
*
* return -1 if no
* return position in list if yes
*/
static int in_entries(const Onion_Announce *onion_a, const uint8_t *public_key)
{
unsigned int i;
for (i = 0; i < ONION_ANNOUNCE_MAX_ENTRIES; ++i) {
if (!is_timeout(onion_a->entries[i].time, ONION_ANNOUNCE_TIMEOUT)
&& public_key_cmp(onion_a->entries[i].public_key, public_key) == 0) {
return i;
}
}
return -1;
}
/* Find the TCP connection to a relay with relay_pk.
*
* return connections_number on success.
* return -1 on failure.
*/
static int find_tcp_connection_relay(TCP_Connections *tcp_c, const uint8_t *relay_pk)
{
unsigned int i;
for (i = 0; i < tcp_c->tcp_connections_length; ++i) {
TCP_con *tcp_con = get_tcp_connection(tcp_c, i);
if (tcp_con) {
if (tcp_con->status == TCP_CONN_SLEEPING) {
if (public_key_cmp(tcp_con->relay_pk, relay_pk) == 0) {
return i;
}
} else {
if (public_key_cmp(tcp_con_public_key(tcp_con->connection), relay_pk) == 0) {
return i;
}
}
}
}
return -1;
}
/* return friendcon_id corresponding to the real public key on success.
* return -1 on failure.
*/
int getfriend_conn_id_pk(Friend_Connections *fr_c, const uint8_t *real_pk)
{
for (uint32_t i = 0; i < fr_c->num_cons; ++i) {
Friend_Conn *friend_con = get_conn(fr_c, i);
if (friend_con) {
if (public_key_cmp(friend_con->real_public_key, real_pk) == 0) {
return i;
}
}
}
return -1;
}
/* Find the TCP connection with public_key.
*
* return connections_number on success.
* return -1 on failure.
*/
static int find_tcp_connection_to(TCP_Connections *tcp_c, const uint8_t *public_key)
{
unsigned int i;
for (i = 0; i < tcp_c->connections_length; ++i) {
TCP_Connection_to *con_to = get_connection(tcp_c, i);
if (con_to) {
if (public_key_cmp(con_to->public_key, public_key) == 0) {
return i;
}
}
}
return -1;
}
/* Add nodes to the to_ping list.
* All nodes in this list are pinged every TIME_TO_PING seconds
* and are then removed from the list.
* If the list is full the nodes farthest from our public_key are replaced.
* The purpose of this list is to enable quick integration of new nodes into the
* network while preventing amplification attacks.
*
* return 0 if node was added.
* return -1 if node was not added.
*/
int add_to_ping(PING *ping, const uint8_t *public_key, IP_Port ip_port)
{
if (!ip_isset(&ip_port.ip)) {
return -1;
}
if (!node_addable_to_close_list(ping->dht, public_key, ip_port)) {
return -1;
}
if (in_list(ping->dht->close_clientlist, LCLIENT_LIST, public_key, ip_port)) {
return -1;
}
IP_Port temp;
if (DHT_getfriendip(ping->dht, public_key, &temp) == 0) {
send_ping_request(ping, ip_port, public_key);
return -1;
}
unsigned int i;
for (i = 0; i < MAX_TO_PING; ++i) {
if (!ip_isset(&ping->to_ping[i].ip_port.ip)) {
memcpy(ping->to_ping[i].public_key, public_key, CRYPTO_PUBLIC_KEY_SIZE);
ipport_copy(&ping->to_ping[i].ip_port, &ip_port);
return 0;
}
if (public_key_cmp(ping->to_ping[i].public_key, public_key) == 0) {
return -1;
}
}
if (add_to_list(ping->to_ping, MAX_TO_PING, public_key, ip_port, ping->dht->self_public_key)) {
return 0;
}
return -1;
}
static int handle_new_connections(void *object, New_Connection *n_c)
{
Friend_Connections *const fr_c = (Friend_Connections *)object;
const int friendcon_id = getfriend_conn_id_pk(fr_c, n_c->public_key);
Friend_Conn *const friend_con = get_conn(fr_c, friendcon_id);
if (!friend_con) {
return -1;
}
if (friend_con->crypt_connection_id != -1) {
return -1;
}
const int id = accept_crypto_connection(fr_c->net_crypto, n_c);
if (id == -1) {
return -1;
}
connection_status_handler(fr_c->net_crypto, id, &handle_status, fr_c, friendcon_id);
connection_data_handler(fr_c->net_crypto, id, &handle_packet, fr_c, friendcon_id);
connection_lossy_data_handler(fr_c->net_crypto, id, &handle_lossy_packet, fr_c, friendcon_id);
friend_con->crypt_connection_id = id;
if (!net_family_is_ipv4(n_c->source.ip.family) && !net_family_is_ipv6(n_c->source.ip.family)) {
set_direct_ip_port(fr_c->net_crypto, friend_con->crypt_connection_id, friend_con->dht_ip_port, 0);
} else {
friend_con->dht_ip_port = n_c->source;
friend_con->dht_ip_port_lastrecv = mono_time_get(fr_c->mono_time);
}
if (public_key_cmp(friend_con->dht_temp_pk, n_c->dht_public_key) != 0) {
change_dht_pk(fr_c, friendcon_id, n_c->dht_public_key);
}
nc_dht_pk_callback(fr_c->net_crypto, id, &dht_pk_callback, fr_c, friendcon_id);
return 0;
}
static int handle_new_connections(void *object, New_Connection *n_c)
{
Friend_Connections *fr_c = object;
int friendcon_id = getfriend_conn_id_pk(fr_c, n_c->public_key);
Friend_Conn *friend_con = get_conn(fr_c, friendcon_id);
if (friend_con) {
if (friend_con->crypt_connection_id != -1)
return -1;
int id = accept_crypto_connection(fr_c->net_crypto, n_c);
if (id == -1) {
return -1;
}
connection_status_handler(fr_c->net_crypto, id, &handle_status, fr_c, friendcon_id);
connection_data_handler(fr_c->net_crypto, id, &handle_packet, fr_c, friendcon_id);
connection_lossy_data_handler(fr_c->net_crypto, id, &handle_lossy_packet, fr_c, friendcon_id);
friend_con->crypt_connection_id = id;
if (n_c->source.ip.family != AF_INET && n_c->source.ip.family != AF_INET6) {
set_direct_ip_port(fr_c->net_crypto, friend_con->crypt_connection_id, friend_con->dht_ip_port, 0);
} else {
friend_con->dht_ip_port = n_c->source;
friend_con->dht_ip_port_lastrecv = unix_time();
}
if (public_key_cmp(friend_con->dht_temp_pk, n_c->dht_public_key) != 0) {
change_dht_pk(fr_c, friendcon_id, n_c->dht_public_key);
}
nc_dht_pk_callback(fr_c->net_crypto, id, &dht_pk_callback, fr_c, friendcon_id);
return 0;
}
return -1;
}
/* return 0 on success.
* return -1 on failure (connection must be killed).
*/
static int handle_TCP_routing_req(TCP_Server *TCP_server, uint32_t con_id, const uint8_t *public_key)
{
uint32_t i;
uint32_t index = ~0;
TCP_Secure_Connection *con = &TCP_server->accepted_connection_array[con_id];
/* If person tries to cennect to himself we deny the request*/
if (public_key_cmp(con->public_key, public_key) == 0) {
if (send_routing_response(con, 0, public_key) == -1) {
return -1;
}
return 0;
}
for (i = 0; i < NUM_CLIENT_CONNECTIONS; ++i) {
if (con->connections[i].status != 0) {
if (public_key_cmp(public_key, con->connections[i].public_key) == 0) {
if (send_routing_response(con, i + NUM_RESERVED_PORTS, public_key) == -1) {
return -1;
}
return 0;
}
} else if (index == (uint32_t)~0) {
index = i;
}
}
if (index == (uint32_t)~0) {
if (send_routing_response(con, 0, public_key) == -1) {
return -1;
}
return 0;
}
int ret = send_routing_response(con, index + NUM_RESERVED_PORTS, public_key);
if (ret == 0) {
return 0;
}
if (ret == -1) {
return -1;
}
con->connections[index].status = 1;
memcpy(con->connections[index].public_key, public_key, crypto_box_PUBLICKEYBYTES);
int other_index = get_TCP_connection_index(TCP_server, public_key);
if (other_index != -1) {
uint32_t other_id = ~0;
TCP_Secure_Connection *other_conn = &TCP_server->accepted_connection_array[other_index];
for (i = 0; i < NUM_CLIENT_CONNECTIONS; ++i) {
if (other_conn->connections[i].status == 1
&& public_key_cmp(other_conn->connections[i].public_key, con->public_key) == 0) {
other_id = i;
break;
}
}
if (other_id != (uint32_t)~0) {
con->connections[index].status = 2;
con->connections[index].index = other_index;
con->connections[index].other_id = other_id;
other_conn->connections[other_id].status = 2;
other_conn->connections[other_id].index = con_id;
other_conn->connections[other_id].other_id = index;
// TODO(irungentoo): return values?
send_connect_notification(con, index);
send_connect_notification(other_conn, other_id);
}
}
return 0;
}
static int handle_announce_request(void *object, IP_Port source, const uint8_t *packet, uint16_t length, void *userdata)
{
Onion_Announce *onion_a = (Onion_Announce *)object;
if (length != ANNOUNCE_REQUEST_SIZE_RECV) {
return 1;
}
const uint8_t *packet_public_key = packet + 1 + CRYPTO_NONCE_SIZE;
uint8_t shared_key[CRYPTO_SHARED_KEY_SIZE];
get_shared_key(&onion_a->shared_keys_recv, shared_key, onion_a->dht->self_secret_key, packet_public_key);
uint8_t plain[ONION_PING_ID_SIZE + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_PUBLIC_KEY_SIZE +
ONION_ANNOUNCE_SENDBACK_DATA_LENGTH];
int len = decrypt_data_symmetric(shared_key, packet + 1, packet + 1 + CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE,
ONION_PING_ID_SIZE + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_PUBLIC_KEY_SIZE + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH +
CRYPTO_MAC_SIZE, plain);
if ((uint32_t)len != sizeof(plain)) {
return 1;
}
uint8_t ping_id1[ONION_PING_ID_SIZE];
generate_ping_id(onion_a, unix_time(), packet_public_key, source, ping_id1);
uint8_t ping_id2[ONION_PING_ID_SIZE];
generate_ping_id(onion_a, unix_time() + PING_ID_TIMEOUT, packet_public_key, source, ping_id2);
int index = -1;
uint8_t *data_public_key = plain + ONION_PING_ID_SIZE + CRYPTO_PUBLIC_KEY_SIZE;
if (crypto_memcmp(ping_id1, plain, ONION_PING_ID_SIZE) == 0
|| crypto_memcmp(ping_id2, plain, ONION_PING_ID_SIZE) == 0) {
index = add_to_entries(onion_a, source, packet_public_key, data_public_key,
packet + (ANNOUNCE_REQUEST_SIZE_RECV - ONION_RETURN_3));
} else {
index = in_entries(onion_a, plain + ONION_PING_ID_SIZE);
}
/*Respond with a announce response packet*/
Node_format nodes_list[MAX_SENT_NODES];
unsigned int num_nodes = get_close_nodes(onion_a->dht, plain + ONION_PING_ID_SIZE, nodes_list, 0,
LAN_ip(source.ip) == 0, 1);
uint8_t nonce[CRYPTO_NONCE_SIZE];
random_nonce(nonce);
uint8_t pl[1 + ONION_PING_ID_SIZE + sizeof(nodes_list)];
if (index == -1) {
pl[0] = 0;
memcpy(pl + 1, ping_id2, ONION_PING_ID_SIZE);
} else {
if (public_key_cmp(onion_a->entries[index].public_key, packet_public_key) == 0) {
if (public_key_cmp(onion_a->entries[index].data_public_key, data_public_key) != 0) {
pl[0] = 0;
memcpy(pl + 1, ping_id2, ONION_PING_ID_SIZE);
} else {
pl[0] = 2;
memcpy(pl + 1, ping_id2, ONION_PING_ID_SIZE);
}
} else {
pl[0] = 1;
memcpy(pl + 1, onion_a->entries[index].data_public_key, CRYPTO_PUBLIC_KEY_SIZE);
}
}
int nodes_length = 0;
if (num_nodes != 0) {
nodes_length = pack_nodes(pl + 1 + ONION_PING_ID_SIZE, sizeof(nodes_list), nodes_list, num_nodes);
if (nodes_length <= 0) {
return 1;
}
}
uint8_t data[ONION_ANNOUNCE_RESPONSE_MAX_SIZE];
len = encrypt_data_symmetric(shared_key, nonce, pl, 1 + ONION_PING_ID_SIZE + nodes_length,
data + 1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + CRYPTO_NONCE_SIZE);
if (len != 1 + ONION_PING_ID_SIZE + nodes_length + CRYPTO_MAC_SIZE) {
return 1;
}
data[0] = NET_PACKET_ANNOUNCE_RESPONSE;
memcpy(data + 1, plain + ONION_PING_ID_SIZE + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_PUBLIC_KEY_SIZE,
ONION_ANNOUNCE_SENDBACK_DATA_LENGTH);
memcpy(data + 1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH, nonce, CRYPTO_NONCE_SIZE);
if (send_onion_response(onion_a->net, source, data,
1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + CRYPTO_NONCE_SIZE + len,
packet + (ANNOUNCE_REQUEST_SIZE_RECV - ONION_RETURN_3)) == -1) {
return 1;
}
return 0;
}
