Mercurial > hg > quicktun
annotate src/common.c @ 39:47a34fe75c57
Added option to run a script after opening the tun device
| author | Ivo Smits <Ivo@UCIS.nl> |
|---|---|
| date | Mon, 06 May 2013 23:01:37 +0200 |
| parents | d9f5caa13898 |
| children | 54d28a81ca99 |
| rev | line source |
|---|---|
| 0 | 1 /* Copyright 2010 Ivo Smits <Ivo@UCIS.nl>. All rights reserved. |
| 2 Redistribution and use in source and binary forms, with or without modification, are | |
| 3 permitted provided that the following conditions are met: | |
| 4 | |
| 5 1. Redistributions of source code must retain the above copyright notice, this list of | |
| 6 conditions and the following disclaimer. | |
| 7 | |
| 8 2. Redistributions in binary form must reproduce the above copyright notice, this list | |
| 9 of conditions and the following disclaimer in the documentation and/or other materials | |
| 10 provided with the distribution. | |
| 11 | |
| 12 THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED | |
| 13 WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND | |
| 14 FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR | |
| 15 CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR | |
| 16 CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR | |
| 17 SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON | |
| 18 ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING | |
| 19 NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF | |
| 20 ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | |
| 21 | |
| 22 The views and conclusions contained in the software and documentation are those of the | |
| 23 authors and should not be interpreted as representing official policies, either expressed | |
| 24 or implied, of Ivo Smits.*/ | |
| 25 | |
| 26 #include <stdio.h> | |
| 27 #include <stdlib.h> | |
| 28 #include <string.h> | |
| 29 #include <fcntl.h> | |
|
36
1fe62a94c28a
Added option SETUID to drop privileges
Ivo Smits <Ivo@UCIS.nl>
parents:
35
diff
changeset
|
30 #include <pwd.h> |
| 0 | 31 #ifndef HAVE_NETINET_IN_H |
| 32 #include <netinet/in.h> | |
| 33 #endif | |
| 34 #include <sys/ioctl.h> | |
| 7 | 35 #include <sys/socket.h> |
| 0 | 36 #include <poll.h> |
| 37 #include <netdb.h> | |
| 38 #include <stdlib.h> | |
|
8
6d86596d8884
Fixed BSD support, improved randombytes/secret key generation
ivo <Ivo@UCIS.nl>
parents:
7
diff
changeset
|
39 #include <net/if.h> |
| 7 | 40 #ifdef linux |
| 41 #include <linux/if_tun.h> | |
| 42 #include <linux/if_ether.h> | |
| 43 #else | |
| 44 #define ETH_FRAME_LEN 1514 | |
| 45 #include <net/if_tun.h> | |
| 13 | 46 #ifdef SOLARIS |
| 47 #include <sys/stropts.h> | |
| 48 #include <sys/sockio.h> | |
| 49 #endif | |
| 7 | 50 #endif |
| 0 | 51 |
| 52 #define MAX_PACKET_LEN (ETH_FRAME_LEN+4) //Some space for optional packet information | |
| 53 | |
| 54 struct qtsession; | |
| 55 struct qtproto { | |
| 56 int encrypted; | |
| 57 int buffersize_raw; | |
| 58 int buffersize_enc; | |
| 59 int offset_raw; | |
| 60 int offset_enc; | |
| 61 int (*encode)(struct qtsession* sess, char* raw, char* enc, int len); | |
| 62 int (*decode)(struct qtsession* sess, char* enc, char* raw, int len); | |
| 63 int (*init)(struct qtsession* sess); | |
| 64 int protocol_data_size; | |
| 65 }; | |
| 66 struct qtsession { | |
| 67 struct qtproto protocol; | |
| 68 void* protocol_data; | |
| 69 int fd_socket; | |
| 70 int fd_dev; | |
| 71 int remote_float; | |
| 72 struct sockaddr_in remote_addr; | |
|
35
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
73 int use_pi; |
| 0 | 74 }; |
| 75 | |
| 76 #ifdef COMBINED_BINARY | |
| 77 extern char* (*getconf)(const char*); | |
| 78 extern int errorexit(const char*); | |
| 79 extern int errorexitp(const char*); | |
| 80 extern void print_header(); | |
| 81 extern void hex2bin(unsigned char*, unsigned char*, int); | |
|
22
38d495566d1c
Re-added some debugging messages to nacltai protocol code, enabled by the DEBUG environment variable
Ivo Smits <Ivo@UCIS.nl>
parents:
15
diff
changeset
|
82 extern int debug; |
| 0 | 83 #else |
| 84 | |
| 85 char* (*getconf)(const char*) = getenv; | |
|
22
38d495566d1c
Re-added some debugging messages to nacltai protocol code, enabled by the DEBUG environment variable
Ivo Smits <Ivo@UCIS.nl>
parents:
15
diff
changeset
|
86 int debug = 0; |
|
38
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
87 static int gargc = 0; |
|
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
88 static char** gargv = NULL; |
| 0 | 89 |
| 90 int errorexit(const char* text) { | |
| 91 fprintf(stderr, "%s\n", text); | |
| 92 return -1; | |
| 93 } | |
| 94 int errorexitp(const char* text) { | |
| 95 perror(text); | |
| 96 return -1; | |
| 97 } | |
| 98 | |
| 99 void print_header() { | |
|
38
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
100 fprintf(stderr, "UCIS QuickTun "QT_VERSION" (c) 2010-2013 Ivo Smits <Ivo@UCIS.nl>\n"); |
|
22
38d495566d1c
Re-added some debugging messages to nacltai protocol code, enabled by the DEBUG environment variable
Ivo Smits <Ivo@UCIS.nl>
parents:
15
diff
changeset
|
101 fprintf(stderr, "More information: http://wiki.ucis.nl/QuickTun\n"); |
| 0 | 102 } |
| 103 | |
| 104 int init_udp(struct qtsession* session) { | |
| 105 char* envval; | |
|
6
cf9b44b46be5
Use stderr for output instead of stdout, added debugging code to nacltai
root <root@Really.UFO-Net.nl>
parents:
4
diff
changeset
|
106 fprintf(stderr, "Initializing UDP socket...\n"); |
| 0 | 107 int sfd = socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP); |
| 108 if (sfd < 0) return errorexitp("Could not create UDP socket"); | |
| 109 struct sockaddr_in udpaddr; | |
| 110 struct hostent *he; | |
| 111 udpaddr.sin_family = AF_INET; | |
| 112 udpaddr.sin_addr.s_addr = INADDR_ANY; | |
| 113 udpaddr.sin_port = htons(2998); | |
| 114 if (envval = getconf("LOCAL_ADDRESS")) { | |
| 115 he = gethostbyname(envval); | |
| 116 if (!he) return errorexit("bind address lookup failed"); | |
| 117 else if (!he->h_addr_list[0]) return errorexit("no address to bind to"); | |
| 118 udpaddr.sin_addr.s_addr = *((unsigned long*)he->h_addr_list[0]); | |
| 119 udpaddr.sin_family = he->h_addrtype; | |
| 120 } | |
| 121 if (envval = getconf("LOCAL_PORT")) { | |
| 122 udpaddr.sin_port = htons(atoi(envval)); | |
| 123 } | |
| 124 if (bind(sfd, (struct sockaddr*)&udpaddr, sizeof(struct sockaddr_in))) return errorexitp("Could not bind socket"); | |
| 125 if (!(envval = getconf("REMOTE_ADDRESS"))) { | |
| 126 session->remote_float = 1; | |
| 127 //return errorexit("Missing REMOTE_ADDRESS"); | |
| 128 } else { | |
|
12
e4b60d041491
Make sure that the session buffer is zero
Ivo Smits <Ivo@UCIS.nl>
parents:
9
diff
changeset
|
129 session->remote_float = getconf("REMOTE_FLOAT") ? 1 : 0; |
| 0 | 130 he = gethostbyname(envval); |
| 131 if (!he) return errorexit("remote address lookup failed"); | |
| 132 else if (!he->h_addr_list[0]) return errorexit("no address to connect to"); | |
| 133 udpaddr.sin_family = he->h_addrtype; | |
| 134 udpaddr.sin_addr.s_addr = *((unsigned long*)he->h_addr_list[0]); | |
|
2
b2c7c83a1dda
Accept 0.0.0.0 remote address for float mode
ivo <ivo@UFO-Net.nl>
parents:
0
diff
changeset
|
135 if (udpaddr.sin_addr.s_addr == 0) { |
|
b2c7c83a1dda
Accept 0.0.0.0 remote address for float mode
ivo <ivo@UFO-Net.nl>
parents:
0
diff
changeset
|
136 session->remote_float = 1; |
|
b2c7c83a1dda
Accept 0.0.0.0 remote address for float mode
ivo <ivo@UFO-Net.nl>
parents:
0
diff
changeset
|
137 } else { |
|
b2c7c83a1dda
Accept 0.0.0.0 remote address for float mode
ivo <ivo@UFO-Net.nl>
parents:
0
diff
changeset
|
138 if (envval = getconf("REMOTE_PORT")) { |
|
b2c7c83a1dda
Accept 0.0.0.0 remote address for float mode
ivo <ivo@UFO-Net.nl>
parents:
0
diff
changeset
|
139 udpaddr.sin_port = htons(atoi(envval)); |
|
b2c7c83a1dda
Accept 0.0.0.0 remote address for float mode
ivo <ivo@UFO-Net.nl>
parents:
0
diff
changeset
|
140 } |
|
b2c7c83a1dda
Accept 0.0.0.0 remote address for float mode
ivo <ivo@UFO-Net.nl>
parents:
0
diff
changeset
|
141 if (connect(sfd, (struct sockaddr*)&udpaddr, sizeof(struct sockaddr_in))) return errorexitp("Could not connect socket"); |
|
b2c7c83a1dda
Accept 0.0.0.0 remote address for float mode
ivo <ivo@UFO-Net.nl>
parents:
0
diff
changeset
|
142 session->remote_addr = udpaddr; |
| 0 | 143 } |
| 144 } | |
| 145 session->fd_socket = sfd; | |
| 146 return sfd; | |
| 147 } | |
| 148 | |
|
35
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
149 int init_tuntap(struct qtsession* session) { |
| 0 | 150 char* envval; |
| 7 | 151 fprintf(stderr, "Initializing tun/tap device...\n"); |
| 0 | 152 int ttfd; //Tap device file descriptor |
|
35
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
153 int tunmode = 0; |
|
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
154 if (envval = getconf("TUN_MODE")) tunmode = atoi(envval); |
|
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
155 session->use_pi = 0; |
|
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
156 if (tunmode && (envval = getconf("USE_PI"))) session->use_pi = atoi(envval); |
|
32
51c6d2fc712f
Fixes contributed by Daniel Dickinson <daniel@cshore.neomailbox.net>
Ivo Smits <Ivo@UCIS.nl>
parents:
30
diff
changeset
|
157 #if defined linux |
|
15
1fa5b5fa49e1
Fixed a race condition caused by reception of ICMP errors
Ivo Smits <Ivo@UCIS.nl>
parents:
13
diff
changeset
|
158 struct ifreq ifr; //required for tun/tap setup |
|
1fa5b5fa49e1
Fixed a race condition caused by reception of ICMP errors
Ivo Smits <Ivo@UCIS.nl>
parents:
13
diff
changeset
|
159 memset(&ifr, 0, sizeof(ifr)); |
|
1fa5b5fa49e1
Fixed a race condition caused by reception of ICMP errors
Ivo Smits <Ivo@UCIS.nl>
parents:
13
diff
changeset
|
160 if ((ttfd = open("/dev/net/tun", O_RDWR)) < 0) return errorexitp("Could not open tun/tap device file"); |
|
1fa5b5fa49e1
Fixed a race condition caused by reception of ICMP errors
Ivo Smits <Ivo@UCIS.nl>
parents:
13
diff
changeset
|
161 if (envval = getconf("INTERFACE")) strcpy(ifr.ifr_name, envval); |
|
35
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
162 ifr.ifr_flags = tunmode ? IFF_TUN : IFF_TAP; |
|
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
163 if (!session->use_pi) ifr.ifr_flags |= IFF_NO_PI; |
|
15
1fa5b5fa49e1
Fixed a race condition caused by reception of ICMP errors
Ivo Smits <Ivo@UCIS.nl>
parents:
13
diff
changeset
|
164 if (ioctl(ttfd, TUNSETIFF, (void *)&ifr) < 0) return errorexitp("TUNSETIFF ioctl failed"); |
|
32
51c6d2fc712f
Fixes contributed by Daniel Dickinson <daniel@cshore.neomailbox.net>
Ivo Smits <Ivo@UCIS.nl>
parents:
30
diff
changeset
|
165 #elif defined SOLARIS |
| 13 | 166 int ip_fd = -1, if_fd = -1, ppa = 0; |
|
15
1fa5b5fa49e1
Fixed a race condition caused by reception of ICMP errors
Ivo Smits <Ivo@UCIS.nl>
parents:
13
diff
changeset
|
167 if ((ttfd = open("/dev/tun", O_RDWR)) < 0) return errorexitp("Could not open tun device file"); |
|
1fa5b5fa49e1
Fixed a race condition caused by reception of ICMP errors
Ivo Smits <Ivo@UCIS.nl>
parents:
13
diff
changeset
|
168 if ((ip_fd = open("/dev/ip", O_RDWR, 0)) < 0) return errorexitp("Could not open /dev/ip"); |
|
1fa5b5fa49e1
Fixed a race condition caused by reception of ICMP errors
Ivo Smits <Ivo@UCIS.nl>
parents:
13
diff
changeset
|
169 if ((envval = getconf("INTERFACE"))) { |
|
1fa5b5fa49e1
Fixed a race condition caused by reception of ICMP errors
Ivo Smits <Ivo@UCIS.nl>
parents:
13
diff
changeset
|
170 while (*envval && !isdigit((int)*envval)) envval++; |
|
1fa5b5fa49e1
Fixed a race condition caused by reception of ICMP errors
Ivo Smits <Ivo@UCIS.nl>
parents:
13
diff
changeset
|
171 ppa = atoi(envval); |
|
1fa5b5fa49e1
Fixed a race condition caused by reception of ICMP errors
Ivo Smits <Ivo@UCIS.nl>
parents:
13
diff
changeset
|
172 } |
|
1fa5b5fa49e1
Fixed a race condition caused by reception of ICMP errors
Ivo Smits <Ivo@UCIS.nl>
parents:
13
diff
changeset
|
173 if ((ppa = ioctl(ttfd, TUNNEWPPA, ppa)) < 0) return errorexitp("Could not assign new PPA"); |
|
1fa5b5fa49e1
Fixed a race condition caused by reception of ICMP errors
Ivo Smits <Ivo@UCIS.nl>
parents:
13
diff
changeset
|
174 if ((if_fd = open("/dev/tun", O_RDWR, 0)) < 0) return errorexitp("Could not open tun device file again"); |
|
1fa5b5fa49e1
Fixed a race condition caused by reception of ICMP errors
Ivo Smits <Ivo@UCIS.nl>
parents:
13
diff
changeset
|
175 if (ioctl(if_fd, I_PUSH, "ip") < 0) return errorexitp("Could not push IP module"); |
|
1fa5b5fa49e1
Fixed a race condition caused by reception of ICMP errors
Ivo Smits <Ivo@UCIS.nl>
parents:
13
diff
changeset
|
176 if (ioctl(if_fd, IF_UNITSEL, (char *)&ppa) < 0) return errorexitp("Could not set PPA"); |
|
1fa5b5fa49e1
Fixed a race condition caused by reception of ICMP errors
Ivo Smits <Ivo@UCIS.nl>
parents:
13
diff
changeset
|
177 if (ioctl(ip_fd, I_LINK, if_fd) < 0) return errorexitp("Could not link TUN device to IP"); |
| 7 | 178 #else |
|
15
1fa5b5fa49e1
Fixed a race condition caused by reception of ICMP errors
Ivo Smits <Ivo@UCIS.nl>
parents:
13
diff
changeset
|
179 if (!(envval = getconf("INTERFACE"))) envval = "/dev/tun0"; |
|
1fa5b5fa49e1
Fixed a race condition caused by reception of ICMP errors
Ivo Smits <Ivo@UCIS.nl>
parents:
13
diff
changeset
|
180 if ((ttfd = open(envval, O_RDWR)) < 0) return errorexitp("Could not open tun device file"); |
|
35
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
181 if (tunmode) { |
|
33
422f3582bd38
Possible fix for tun mode on FreeBSD
Ivo Smits <Ivo@UCIS.nl>
parents:
32
diff
changeset
|
182 int i = IFF_POINTOPOINT | IFF_MULTICAST; |
|
34
b876afa5a72a
Fixed the build script and FreeBSD tun mode
Ivo Smits <Ivo@UCIS.nl>
parents:
33
diff
changeset
|
183 ioctl(ttfd, TUNSIFMODE, &i); |
|
35
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
184 i = session->use_pi ? 1 : 0; |
|
34
b876afa5a72a
Fixed the build script and FreeBSD tun mode
Ivo Smits <Ivo@UCIS.nl>
parents:
33
diff
changeset
|
185 ioctl(ttfd, TUNSIFHEAD, &i); |
|
33
422f3582bd38
Possible fix for tun mode on FreeBSD
Ivo Smits <Ivo@UCIS.nl>
parents:
32
diff
changeset
|
186 } |
|
15
1fa5b5fa49e1
Fixed a race condition caused by reception of ICMP errors
Ivo Smits <Ivo@UCIS.nl>
parents:
13
diff
changeset
|
187 #endif |
|
39
47a34fe75c57
Added option to run a script after opening the tun device
Ivo Smits <Ivo@UCIS.nl>
parents:
38
diff
changeset
|
188 if (envval = getconf("TUN_UP_SCRIPT")) system(envval); |
|
35
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
189 session->fd_dev = ttfd; |
| 0 | 190 return ttfd; |
| 191 } | |
| 192 | |
| 193 void hex2bin(unsigned char* dest, unsigned char* src, int count) { | |
| 194 int i; | |
| 195 for (i = 0; i < count; i++) { | |
| 196 if (*src >= '0' && *src <= '9') *dest = *src - '0'; | |
| 197 else if (*src >= 'a' && * src <='f') *dest = *src - 'a' + 10; | |
| 198 else if (*src >= 'A' && * src <='F') *dest = *src - 'A' + 10; | |
| 199 src++; *dest = *dest << 4; | |
| 200 if (*src >= '0' && *src <= '9') *dest += *src - '0'; | |
| 201 else if (*src >= 'a' && *src <= 'f') *dest += *src - 'a' + 10; | |
| 202 else if (*src >= 'A' && *src <= 'F') *dest += *src - 'A' + 10; | |
| 203 src++; dest++; | |
| 204 } | |
| 205 } | |
| 206 | |
|
36
1fe62a94c28a
Added option SETUID to drop privileges
Ivo Smits <Ivo@UCIS.nl>
parents:
35
diff
changeset
|
207 int drop_privileges() { |
|
1fe62a94c28a
Added option SETUID to drop privileges
Ivo Smits <Ivo@UCIS.nl>
parents:
35
diff
changeset
|
208 char* envval; |
|
1fe62a94c28a
Added option SETUID to drop privileges
Ivo Smits <Ivo@UCIS.nl>
parents:
35
diff
changeset
|
209 if (envval = getconf("SETUID")) { |
|
1fe62a94c28a
Added option SETUID to drop privileges
Ivo Smits <Ivo@UCIS.nl>
parents:
35
diff
changeset
|
210 if (setgroups(0, NULL) == -1) return errorexitp("setgroups"); |
|
1fe62a94c28a
Added option SETUID to drop privileges
Ivo Smits <Ivo@UCIS.nl>
parents:
35
diff
changeset
|
211 struct passwd *pw = getpwnam(envval); |
|
1fe62a94c28a
Added option SETUID to drop privileges
Ivo Smits <Ivo@UCIS.nl>
parents:
35
diff
changeset
|
212 if (!pw) return errorexitp("getpwnam"); |
|
1fe62a94c28a
Added option SETUID to drop privileges
Ivo Smits <Ivo@UCIS.nl>
parents:
35
diff
changeset
|
213 if (setgid(pw->pw_gid) == -1) return errorexitp("setgid"); |
|
1fe62a94c28a
Added option SETUID to drop privileges
Ivo Smits <Ivo@UCIS.nl>
parents:
35
diff
changeset
|
214 if (setuid(pw->pw_uid) == -1) return errorexitp("setuid"); |
|
1fe62a94c28a
Added option SETUID to drop privileges
Ivo Smits <Ivo@UCIS.nl>
parents:
35
diff
changeset
|
215 } |
|
1fe62a94c28a
Added option SETUID to drop privileges
Ivo Smits <Ivo@UCIS.nl>
parents:
35
diff
changeset
|
216 chdir("/"); |
|
1fe62a94c28a
Added option SETUID to drop privileges
Ivo Smits <Ivo@UCIS.nl>
parents:
35
diff
changeset
|
217 } |
|
1fe62a94c28a
Added option SETUID to drop privileges
Ivo Smits <Ivo@UCIS.nl>
parents:
35
diff
changeset
|
218 |
| 0 | 219 int qtrun(struct qtproto* p) { |
|
22
38d495566d1c
Re-added some debugging messages to nacltai protocol code, enabled by the DEBUG environment variable
Ivo Smits <Ivo@UCIS.nl>
parents:
15
diff
changeset
|
220 if (getconf("DEBUG")) debug = 1; |
| 0 | 221 struct qtsession session; |
| 222 session.protocol = *p; | |
|
6
cf9b44b46be5
Use stderr for output instead of stdout, added debugging code to nacltai
root <root@Really.UFO-Net.nl>
parents:
4
diff
changeset
|
223 |
|
29
7c5e5be876bb
Small fix to error handling during initialization
Ivo Smits <Ivo@UCIS.nl>
parents:
28
diff
changeset
|
224 if (init_udp(&session) < 0) return -1; |
|
6
cf9b44b46be5
Use stderr for output instead of stdout, added debugging code to nacltai
root <root@Really.UFO-Net.nl>
parents:
4
diff
changeset
|
225 int sfd = session.fd_socket; |
|
cf9b44b46be5
Use stderr for output instead of stdout, added debugging code to nacltai
root <root@Really.UFO-Net.nl>
parents:
4
diff
changeset
|
226 |
|
35
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
227 if (init_tuntap(&session) < 0) return -1; |
|
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
228 int ttfd = session.fd_dev; |
| 0 | 229 |
| 230 char protocol_data[p->protocol_data_size]; | |
|
12
e4b60d041491
Make sure that the session buffer is zero
Ivo Smits <Ivo@UCIS.nl>
parents:
9
diff
changeset
|
231 memset(protocol_data, 0, p->protocol_data_size); |
| 0 | 232 session.protocol_data = &protocol_data; |
|
27
5ba185ca7102
Fixed error checking during initialization, restructured code a bit to make it even simpler
Ivo Smits <Ivo@UCIS.nl>
parents:
22
diff
changeset
|
233 if (p->init && p->init(&session) < 0) return -1; |
| 0 | 234 |
|
36
1fe62a94c28a
Added option SETUID to drop privileges
Ivo Smits <Ivo@UCIS.nl>
parents:
35
diff
changeset
|
235 if (drop_privileges() < 0) return -1; |
|
1fe62a94c28a
Added option SETUID to drop privileges
Ivo Smits <Ivo@UCIS.nl>
parents:
35
diff
changeset
|
236 |
|
6
cf9b44b46be5
Use stderr for output instead of stdout, added debugging code to nacltai
root <root@Really.UFO-Net.nl>
parents:
4
diff
changeset
|
237 fprintf(stderr, "The tunnel is now operational!\n"); |
| 0 | 238 |
| 239 struct pollfd fds[2]; | |
| 240 fds[0].fd = ttfd; | |
| 241 fds[0].events = POLLIN; | |
| 242 fds[1].fd = sfd; | |
| 243 fds[1].events = POLLIN; | |
| 244 | |
| 245 struct sockaddr_in recvaddr; | |
| 246 | |
|
35
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
247 int pi_length = 0; |
|
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
248 if (session.use_pi == 2) pi_length = 4; |
|
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
249 |
|
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
250 char buffer_raw_a[p->buffersize_raw + pi_length]; |
| 0 | 251 char buffer_enc_a[p->buffersize_enc]; |
| 252 char* buffer_raw = buffer_raw_a; | |
| 253 char* buffer_enc = buffer_enc_a; | |
| 254 | |
| 255 while (1) { | |
| 256 int len = poll(fds, 2, -1); | |
| 257 if (len < 0) return errorexitp("poll error"); | |
| 258 else if (fds[0].revents & (POLLERR | POLLHUP | POLLNVAL)) return errorexit("poll error on tap device"); | |
| 259 else if (fds[1].revents & (POLLHUP | POLLNVAL)) return errorexit("poll error on udp socket"); | |
| 260 if (fds[0].revents & POLLIN) { | |
|
35
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
261 len = read(ttfd, buffer_raw + p->offset_raw, p->buffersize_raw + pi_length); |
|
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
262 if (len < pi_length) errorexit("read packet smaller than header from tun device"); |
| 0 | 263 if (session.remote_float == 0 || session.remote_float == 2) { |
|
35
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
264 len = p->encode(&session, buffer_raw + pi_length, buffer_enc, len - pi_length); |
| 0 | 265 if (len < 0) return len; |
| 266 if (session.remote_float == 0) { | |
|
15
1fa5b5fa49e1
Fixed a race condition caused by reception of ICMP errors
Ivo Smits <Ivo@UCIS.nl>
parents:
13
diff
changeset
|
267 len = write(sfd, buffer_enc + p->offset_enc, len); |
| 0 | 268 } else { |
|
15
1fa5b5fa49e1
Fixed a race condition caused by reception of ICMP errors
Ivo Smits <Ivo@UCIS.nl>
parents:
13
diff
changeset
|
269 len = sendto(sfd, buffer_enc + p->offset_enc, len, 0, (struct sockaddr*)&session.remote_addr, sizeof(session.remote_addr)); |
| 0 | 270 } |
| 271 } | |
| 272 } | |
|
15
1fa5b5fa49e1
Fixed a race condition caused by reception of ICMP errors
Ivo Smits <Ivo@UCIS.nl>
parents:
13
diff
changeset
|
273 if (fds[1].revents & POLLERR) { |
|
1fa5b5fa49e1
Fixed a race condition caused by reception of ICMP errors
Ivo Smits <Ivo@UCIS.nl>
parents:
13
diff
changeset
|
274 int out; |
|
1fa5b5fa49e1
Fixed a race condition caused by reception of ICMP errors
Ivo Smits <Ivo@UCIS.nl>
parents:
13
diff
changeset
|
275 len = sizeof(out); |
|
1fa5b5fa49e1
Fixed a race condition caused by reception of ICMP errors
Ivo Smits <Ivo@UCIS.nl>
parents:
13
diff
changeset
|
276 getsockopt(sfd, SOL_SOCKET, SO_ERROR, &out, &len); |
|
1fa5b5fa49e1
Fixed a race condition caused by reception of ICMP errors
Ivo Smits <Ivo@UCIS.nl>
parents:
13
diff
changeset
|
277 fprintf(stderr, "Received error %d on udp socket\n", out); |
|
1fa5b5fa49e1
Fixed a race condition caused by reception of ICMP errors
Ivo Smits <Ivo@UCIS.nl>
parents:
13
diff
changeset
|
278 } |
| 0 | 279 if (fds[1].revents & POLLIN) { |
| 280 socklen_t recvaddr_len = sizeof(recvaddr); | |
| 281 if (session.remote_float == 0) { | |
| 282 len = read(sfd, buffer_enc + p->offset_enc, p->buffersize_enc); | |
| 283 } else { | |
| 284 len = recvfrom(sfd, buffer_enc + p->offset_enc, p->buffersize_enc, 0, (struct sockaddr*)&recvaddr, &recvaddr_len); | |
| 285 } | |
| 286 if (len < 0) { | |
|
15
1fa5b5fa49e1
Fixed a race condition caused by reception of ICMP errors
Ivo Smits <Ivo@UCIS.nl>
parents:
13
diff
changeset
|
287 long long out; |
|
1fa5b5fa49e1
Fixed a race condition caused by reception of ICMP errors
Ivo Smits <Ivo@UCIS.nl>
parents:
13
diff
changeset
|
288 len = sizeof(out); |
| 0 | 289 getsockopt(sfd, SOL_SOCKET, SO_ERROR, &out, &len); |
|
15
1fa5b5fa49e1
Fixed a race condition caused by reception of ICMP errors
Ivo Smits <Ivo@UCIS.nl>
parents:
13
diff
changeset
|
290 fprintf(stderr, "Received end of file on udp socket (error %d)\n", out); |
| 0 | 291 } else { |
|
35
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
292 len = p->decode(&session, buffer_enc, buffer_raw + pi_length, len); |
|
28
e77af6acb559
Small fixes: abort before updating remote endpoint after serious decryption error, print IP address bytes in the expected order
Ivo Smits <Ivo@UCIS.nl>
parents:
27
diff
changeset
|
293 if (len < 0) return len; |
| 0 | 294 if (len != 0 && session.remote_float != 0 && (session.remote_addr.sin_addr.s_addr != recvaddr.sin_addr.s_addr || session.remote_addr.sin_port != recvaddr.sin_port)) { |
|
28
e77af6acb559
Small fixes: abort before updating remote endpoint after serious decryption error, print IP address bytes in the expected order
Ivo Smits <Ivo@UCIS.nl>
parents:
27
diff
changeset
|
295 fprintf(stderr, "Remote endpoint has changed to %08X:%d\n", ntohl(recvaddr.sin_addr.s_addr), ntohs(recvaddr.sin_port)); |
| 0 | 296 session.remote_addr = recvaddr; |
| 297 session.remote_float = 2; | |
| 298 } | |
|
35
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
299 if (session.use_pi == 2) { |
|
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
300 int ipver = 0; |
|
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
301 if (len >= 1) ipver = (buffer_raw[p->offset_raw + pi_length] >> 4) & 0xf; |
|
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
302 int pihdr = 0; |
|
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
303 #if defined linux |
|
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
304 if (ipver == 4) pihdr = 0x0000 | (0x0008 << 16); //little endian: flags and protocol are swapped |
|
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
305 else if (ipver == 6) pihdr = 0x0000 | (0xdd86 << 16); |
|
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
306 #else |
|
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
307 if (ipver == 4) pihdr = htonl(AF_INET); |
|
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
308 else if (ipver == 6) pihdr = htonl(AF_INET6); |
|
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
309 #endif |
|
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
310 *(int*)(buffer_raw + p->offset_raw) = ipver; |
|
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
311 } |
|
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
312 write(ttfd, buffer_raw + p->offset_raw, len + pi_length); |
| 0 | 313 } |
| 314 } | |
| 315 } | |
| 316 return 0; | |
| 317 } | |
|
38
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
318 |
|
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
319 char* getconfcmdargs(const char* name) { |
|
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
320 int i; |
|
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
321 for (i = 1; i < gargc - 2; i++) { |
|
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
322 if (strcmp(gargv[i], "-c")) continue; |
|
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
323 if (strcmp(gargv[i + 1], name)) continue; |
|
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
324 return gargv[i + 2]; |
|
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
325 } |
|
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
326 return NULL; |
|
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
327 } |
|
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
328 |
|
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
329 int qtprocessargs(int argc, char** argv) { |
|
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
330 int i; |
|
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
331 for (i = 1; i < argc; i++) { |
|
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
332 char* a = argv[i]; |
|
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
333 if (!strcmp(a, "-h") || !strcmp(a, "--help")) { |
|
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
334 return errorexit("Please read the documentation at http://wiki.ucis.nl/QuickTun"); |
|
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
335 } else if (!strcmp(a, "-v") || !strcmp(a, "--version")) { |
|
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
336 return errorexit("UCIS QuickTun "QT_VERSION); |
|
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
337 } else if (!strcmp(a, "-c")) { |
|
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
338 gargc = argc; |
|
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
339 gargv = argv; |
|
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
340 getconf = getconfcmdargs; |
|
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
341 i += 2; |
|
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
342 } else { |
|
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
343 return errorexit("Unexpected command line argument"); |
|
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
344 } |
|
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
345 } |
|
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
346 } |
| 0 | 347 #endif |
|
30
6f0e6b7dc088
Fixed build script to support multiple abis on one machine, bugfix in code, minor improvements
Ivo Smits <Ivo@UCIS.nl>
parents:
29
diff
changeset
|
348 |