static int client_ping_nodes(Onion_Client *onion_c, uint32_t num, Node_format *nodes, uint16_t num_nodes,
IP_Port source)
{
if (num > onion_c->num_friends)
return -1;
if (num_nodes == 0)
return 0;
Onion_Node *list_nodes = NULL;
uint8_t *reference_id = NULL;
uint32_t *ping_nodes_sent_second = NULL;
if (num == 0) {
list_nodes = onion_c->clients_announce_list;
reference_id = onion_c->dht->c->self_public_key;
ping_nodes_sent_second = &onion_c->ping_nodes_sent_second;
} else {
list_nodes = onion_c->friends_list[num - 1].clients_list;
reference_id = onion_c->friends_list[num - 1].real_client_id;
ping_nodes_sent_second = &onion_c->friends_list[num - 1].ping_nodes_sent_second;
}
uint32_t i, j;
int lan_ips_accepted = (LAN_ip(source.ip) == 0);
for (i = 0; i < num_nodes; ++i) {
if (*ping_nodes_sent_second > MAX_PING_NODES_SECOND_PEER)
return 0;
to_host_family(&nodes[i].ip_port.ip);
if (!lan_ips_accepted)
if (LAN_ip(nodes[i].ip_port.ip) == 0)
continue;
if (is_timeout(list_nodes[0].timestamp, ONION_NODE_TIMEOUT)
|| id_closest(reference_id, list_nodes[0].client_id, nodes[i].client_id) == 2) {
/* check if node is already in list. */
for (j = 0; j < MAX_ONION_CLIENTS; ++j) {
if (memcmp(list_nodes[j].client_id, nodes[i].client_id, crypto_box_PUBLICKEYBYTES) == 0) {
break;
}
}
if (j == MAX_ONION_CLIENTS) {
if (client_send_announce_request(onion_c, num, nodes[i].ip_port, nodes[i].client_id, NULL, ~0) == 0)
++*ping_nodes_sent_second;
}
}
}
return 0;
}
static int client_ping_nodes(Onion_Client *onion_c, uint32_t num, const Node_format *nodes, uint16_t num_nodes,
IP_Port source)
{
if (num > onion_c->num_friends)
return -1;
if (num_nodes == 0)
return 0;
Onion_Node *list_nodes = NULL;
uint8_t *reference_id = NULL;
Last_Pinged *last_pinged = NULL;
uint8_t *last_pinged_index = NULL;
if (num == 0) {
list_nodes = onion_c->clients_announce_list;
reference_id = onion_c->c->self_public_key;
last_pinged = onion_c->last_pinged;
last_pinged_index = &onion_c->last_pinged_index;
} else {
list_nodes = onion_c->friends_list[num - 1].clients_list;
reference_id = onion_c->friends_list[num - 1].real_client_id;
last_pinged = onion_c->friends_list[num - 1].last_pinged;
last_pinged_index = &onion_c->friends_list[num - 1].last_pinged_index;
}
uint32_t i, j;
int lan_ips_accepted = (LAN_ip(source.ip) == 0);
for (i = 0; i < num_nodes; ++i) {
if (!lan_ips_accepted)
if (LAN_ip(nodes[i].ip_port.ip) == 0)
continue;
if (is_timeout(list_nodes[0].timestamp, ONION_NODE_TIMEOUT)
|| id_closest(reference_id, list_nodes[0].client_id, nodes[i].client_id) == 2) {
/* check if node is already in list. */
for (j = 0; j < MAX_ONION_CLIENTS; ++j) {
if (memcmp(list_nodes[j].client_id, nodes[i].client_id, crypto_box_PUBLICKEYBYTES) == 0) {
break;
}
}
if (j == MAX_ONION_CLIENTS && good_to_ping(last_pinged, last_pinged_index, nodes[i].client_id)) {
client_send_announce_request(onion_c, num, nodes[i].ip_port, nodes[i].client_id, NULL, ~0);
}
}
}
return 0;
}
int handle_LANdiscovery(uint8_t *packet, uint32_t length, IP_Port source)
{
if (LAN_ip(source.ip) == -1)
return 1;
if (length != crypto_box_PUBLICKEYBYTES + 1)
return 1;
DHT_bootstrap(source, packet + 1);
return 0;
}
/* return 0 if ip is a LAN ip.
* return -1 if it is not.
*/
int LAN_ip(IP ip)
{
if (Local_ip(ip)) {
return 0;
}
if (ip.family == AF_INET) {
IP4 ip4 = ip.ip4;
/* 10.0.0.0 to 10.255.255.255 range. */
if (ip4.uint8[0] == 10) {
return 0;
}
/* 172.16.0.0 to 172.31.255.255 range. */
if (ip4.uint8[0] == 172 && ip4.uint8[1] >= 16 && ip4.uint8[1] <= 31) {
return 0;
}
/* 192.168.0.0 to 192.168.255.255 range. */
if (ip4.uint8[0] == 192 && ip4.uint8[1] == 168) {
return 0;
}
/* 169.254.1.0 to 169.254.254.255 range. */
if (ip4.uint8[0] == 169 && ip4.uint8[1] == 254 && ip4.uint8[2] != 0
&& ip4.uint8[2] != 255) {
return 0;
}
/* RFC 6598: 100.64.0.0 to 100.127.255.255 (100.64.0.0/10)
* (shared address space to stack another layer of NAT) */
if ((ip4.uint8[0] == 100) && ((ip4.uint8[1] & 0xC0) == 0x40)) {
return 0;
}
} else if (ip.family == AF_INET6) {
/* autogenerated for each interface: FE80::* (up to FEBF::*)
FF02::1 is - according to RFC 4291 - multicast all-nodes link-local */
if (((ip.ip6.uint8[0] == 0xFF) && (ip.ip6.uint8[1] < 3) && (ip.ip6.uint8[15] == 1)) ||
((ip.ip6.uint8[0] == 0xFE) && ((ip.ip6.uint8[1] & 0xC0) == 0x80))) {
return 0;
}
/* embedded IPv4-in-IPv6 */
if (IPV6_IPV4_IN_V6(ip.ip6)) {
IP ip4;
ip4.family = AF_INET;
ip4.ip4.uint32 = ip.ip6.uint32[3];
return LAN_ip(ip4);
}
}
return -1;
}
static int handle_LANdiscovery(void *object, IP_Port source, uint8_t *packet, uint32_t length)
{
DHT *dht = object;
if (LAN_ip(source.ip) == -1)
return 1;
if (length != crypto_box_PUBLICKEYBYTES + 1)
return 1;
DHT_bootstrap(dht, source, packet + 1);
return 0;
}
static int client_ping_nodes(Onion_Client *onion_c, uint32_t num, Node_format *nodes, uint16_t num_nodes,
IP_Port source)
{
if (num > onion_c->num_friends)
return -1;
if (num_nodes == 0)
return 0;
Onion_Node *list_nodes = NULL;
uint8_t *reference_id = NULL;
if (num == 0) {
list_nodes = onion_c->clients_announce_list;
reference_id = onion_c->dht->c->self_public_key;
} else {
list_nodes = onion_c->friends_list[num - 1].clients_list;
reference_id = onion_c->friends_list[num - 1].real_client_id;
}
uint32_t i;
int lan_ips_accepted = (LAN_ip(source.ip) == 0);
for (i = 0; i < num_nodes; ++i) {
to_host_family(&nodes[i].ip_port.ip);
if (!lan_ips_accepted)
if (LAN_ip(nodes[i].ip_port.ip) == 0)
continue;
if (is_timeout(list_nodes[0].timestamp, ONION_NODE_TIMEOUT)
|| id_closest(reference_id, list_nodes[0].client_id, nodes[i].client_id) == 2) {
client_send_announce_request(onion_c, num, nodes[i].ip_port, nodes[i].client_id, NULL);
}
}
return 0;
}
static int handle_LANdiscovery(void *object, IP_Port source, const uint8_t *packet, uint16_t length, void *userdata)
{
DHT *dht = (DHT *)object;
if (LAN_ip(source.ip) == -1) {
return 1;
}
if (length != CRYPTO_PUBLIC_KEY_SIZE + 1) {
return 1;
}
DHT_bootstrap(dht, source, packet + 1);
return 0;
}
/* return 0 if ip is a LAN ip.
* return -1 if it is not.
*/
int LAN_ip(IP ip)
{
if (ip.family == AF_INET) {
IP4 ip4 = ip.ip4;
/* Loopback. */
if (ip4.uint8[0] == 127)
return 0;
/* 10.0.0.0 to 10.255.255.255 range. */
if (ip4.uint8[0] == 10)
return 0;
/* 172.16.0.0 to 172.31.255.255 range. */
if (ip4.uint8[0] == 172 && ip4.uint8[1] >= 16 && ip4.uint8[1] <= 31)
return 0;
/* 192.168.0.0 to 192.168.255.255 range. */
if (ip4.uint8[0] == 192 && ip4.uint8[1] == 168)
return 0;
/* 169.254.1.0 to 169.254.254.255 range. */
if (ip4.uint8[0] == 169 && ip4.uint8[1] == 254 && ip4.uint8[2] != 0
&& ip4.uint8[2] != 255)
return 0;
} else if (ip.family == AF_INET6) {
/* autogenerated for each interface: FE80::* (up to FEBF::*)
FF02::1 is - according to RFC 4291 - multicast all-nodes link-local */
if (((ip.ip6.uint8[0] == 0xFF) && (ip.ip6.uint8[1] < 3) && (ip.ip6.uint8[15] == 1)) ||
((ip.ip6.uint8[0] == 0xFE) && ((ip.ip6.uint8[1] & 0xC0) == 0x80)))
return 0;
/* embedded IPv4-in-IPv6 */
if (IN6_IS_ADDR_V4MAPPED(&ip.ip6.in6_addr)) {
IP ip4;
ip4.family = AF_INET;
ip4.ip4.uint32 = ip.ip6.uint32[3];
return LAN_ip(ip4);
}
}
return -1;
}
static int handle_announce_request(void *object, IP_Port source, const uint8_t *packet, uint16_t length, void *userdata)
{
Onion_Announce *onion_a = (Onion_Announce *)object;
if (length != ANNOUNCE_REQUEST_SIZE_RECV) {
return 1;
}
const uint8_t *packet_public_key = packet + 1 + CRYPTO_NONCE_SIZE;
uint8_t shared_key[CRYPTO_SHARED_KEY_SIZE];
get_shared_key(&onion_a->shared_keys_recv, shared_key, onion_a->dht->self_secret_key, packet_public_key);
uint8_t plain[ONION_PING_ID_SIZE + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_PUBLIC_KEY_SIZE +
ONION_ANNOUNCE_SENDBACK_DATA_LENGTH];
int len = decrypt_data_symmetric(shared_key, packet + 1, packet + 1 + CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE,
ONION_PING_ID_SIZE + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_PUBLIC_KEY_SIZE + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH +
CRYPTO_MAC_SIZE, plain);
if ((uint32_t)len != sizeof(plain)) {
return 1;
}
uint8_t ping_id1[ONION_PING_ID_SIZE];
generate_ping_id(onion_a, unix_time(), packet_public_key, source, ping_id1);
uint8_t ping_id2[ONION_PING_ID_SIZE];
generate_ping_id(onion_a, unix_time() + PING_ID_TIMEOUT, packet_public_key, source, ping_id2);
int index = -1;
uint8_t *data_public_key = plain + ONION_PING_ID_SIZE + CRYPTO_PUBLIC_KEY_SIZE;
if (crypto_memcmp(ping_id1, plain, ONION_PING_ID_SIZE) == 0
|| crypto_memcmp(ping_id2, plain, ONION_PING_ID_SIZE) == 0) {
index = add_to_entries(onion_a, source, packet_public_key, data_public_key,
packet + (ANNOUNCE_REQUEST_SIZE_RECV - ONION_RETURN_3));
} else {
index = in_entries(onion_a, plain + ONION_PING_ID_SIZE);
}
/*Respond with a announce response packet*/
Node_format nodes_list[MAX_SENT_NODES];
unsigned int num_nodes = get_close_nodes(onion_a->dht, plain + ONION_PING_ID_SIZE, nodes_list, 0,
LAN_ip(source.ip) == 0, 1);
uint8_t nonce[CRYPTO_NONCE_SIZE];
random_nonce(nonce);
uint8_t pl[1 + ONION_PING_ID_SIZE + sizeof(nodes_list)];
if (index == -1) {
pl[0] = 0;
memcpy(pl + 1, ping_id2, ONION_PING_ID_SIZE);
} else {
if (public_key_cmp(onion_a->entries[index].public_key, packet_public_key) == 0) {
if (public_key_cmp(onion_a->entries[index].data_public_key, data_public_key) != 0) {
pl[0] = 0;
memcpy(pl + 1, ping_id2, ONION_PING_ID_SIZE);
} else {
pl[0] = 2;
memcpy(pl + 1, ping_id2, ONION_PING_ID_SIZE);
}
} else {
pl[0] = 1;
memcpy(pl + 1, onion_a->entries[index].data_public_key, CRYPTO_PUBLIC_KEY_SIZE);
}
}
int nodes_length = 0;
if (num_nodes != 0) {
nodes_length = pack_nodes(pl + 1 + ONION_PING_ID_SIZE, sizeof(nodes_list), nodes_list, num_nodes);
if (nodes_length <= 0) {
return 1;
}
}
uint8_t data[ONION_ANNOUNCE_RESPONSE_MAX_SIZE];
len = encrypt_data_symmetric(shared_key, nonce, pl, 1 + ONION_PING_ID_SIZE + nodes_length,
data + 1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + CRYPTO_NONCE_SIZE);
if (len != 1 + ONION_PING_ID_SIZE + nodes_length + CRYPTO_MAC_SIZE) {
return 1;
}
data[0] = NET_PACKET_ANNOUNCE_RESPONSE;
memcpy(data + 1, plain + ONION_PING_ID_SIZE + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_PUBLIC_KEY_SIZE,
ONION_ANNOUNCE_SENDBACK_DATA_LENGTH);
memcpy(data + 1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH, nonce, CRYPTO_NONCE_SIZE);
if (send_onion_response(onion_a->net, source, data,
1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + CRYPTO_NONCE_SIZE + len,
packet + (ANNOUNCE_REQUEST_SIZE_RECV - ONION_RETURN_3)) == -1) {
return 1;
}
return 0;
}
