Mercurial > hg > quicktun
annotate src/common.c @ 41:54d28a81ca99
Small updates in preparation for stateful protocols
| author | Ivo Smits <Ivo@UCIS.nl> |
|---|---|
| date | Thu, 16 May 2013 01:15:01 +0200 |
| parents | 47a34fe75c57 |
| children | e896392f7e03 |
| rev | line source |
|---|---|
| 0 | 1 /* Copyright 2010 Ivo Smits <Ivo@UCIS.nl>. All rights reserved. |
| 2 Redistribution and use in source and binary forms, with or without modification, are | |
| 3 permitted provided that the following conditions are met: | |
| 4 | |
| 5 1. Redistributions of source code must retain the above copyright notice, this list of | |
| 6 conditions and the following disclaimer. | |
| 7 | |
| 8 2. Redistributions in binary form must reproduce the above copyright notice, this list | |
| 9 of conditions and the following disclaimer in the documentation and/or other materials | |
| 10 provided with the distribution. | |
| 11 | |
| 12 THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED | |
| 13 WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND | |
| 14 FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR | |
| 15 CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR | |
| 16 CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR | |
| 17 SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON | |
| 18 ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING | |
| 19 NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF | |
| 20 ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | |
| 21 | |
| 22 The views and conclusions contained in the software and documentation are those of the | |
| 23 authors and should not be interpreted as representing official policies, either expressed | |
| 24 or implied, of Ivo Smits.*/ | |
| 25 | |
| 26 #include <stdio.h> | |
| 27 #include <stdlib.h> | |
| 28 #include <string.h> | |
| 29 #include <fcntl.h> | |
|
36
1fe62a94c28a
Added option SETUID to drop privileges
Ivo Smits <Ivo@UCIS.nl>
parents:
35
diff
changeset
|
30 #include <pwd.h> |
| 0 | 31 #ifndef HAVE_NETINET_IN_H |
| 32 #include <netinet/in.h> | |
| 33 #endif | |
| 34 #include <sys/ioctl.h> | |
| 7 | 35 #include <sys/socket.h> |
| 0 | 36 #include <poll.h> |
| 37 #include <netdb.h> | |
| 38 #include <stdlib.h> | |
|
8
6d86596d8884
Fixed BSD support, improved randombytes/secret key generation
ivo <Ivo@UCIS.nl>
parents:
7
diff
changeset
|
39 #include <net/if.h> |
| 7 | 40 #ifdef linux |
| 41 #include <linux/if_tun.h> | |
| 42 #include <linux/if_ether.h> | |
| 43 #else | |
| 44 #define ETH_FRAME_LEN 1514 | |
| 45 #include <net/if_tun.h> | |
| 13 | 46 #ifdef SOLARIS |
| 47 #include <sys/stropts.h> | |
| 48 #include <sys/sockio.h> | |
| 49 #endif | |
| 7 | 50 #endif |
| 0 | 51 |
| 52 #define MAX_PACKET_LEN (ETH_FRAME_LEN+4) //Some space for optional packet information | |
| 53 | |
| 54 struct qtsession; | |
| 55 struct qtproto { | |
| 56 int encrypted; | |
| 57 int buffersize_raw; | |
| 58 int buffersize_enc; | |
| 59 int offset_raw; | |
| 60 int offset_enc; | |
| 61 int (*encode)(struct qtsession* sess, char* raw, char* enc, int len); | |
| 62 int (*decode)(struct qtsession* sess, char* enc, char* raw, int len); | |
| 63 int (*init)(struct qtsession* sess); | |
| 64 int protocol_data_size; | |
|
41
54d28a81ca99
Small updates in preparation for stateful protocols
Ivo Smits <Ivo@UCIS.nl>
parents:
39
diff
changeset
|
65 void (*idle)(struct qtsession* sess); |
| 0 | 66 }; |
| 67 struct qtsession { | |
| 68 struct qtproto protocol; | |
| 69 void* protocol_data; | |
| 70 int fd_socket; | |
| 71 int fd_dev; | |
| 72 int remote_float; | |
| 73 struct sockaddr_in remote_addr; | |
|
35
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
74 int use_pi; |
|
41
54d28a81ca99
Small updates in preparation for stateful protocols
Ivo Smits <Ivo@UCIS.nl>
parents:
39
diff
changeset
|
75 int poll_timeout; |
|
54d28a81ca99
Small updates in preparation for stateful protocols
Ivo Smits <Ivo@UCIS.nl>
parents:
39
diff
changeset
|
76 void (*sendnetworkpacket)(struct qtsession* sess, char* msg, int len); |
| 0 | 77 }; |
| 78 | |
| 79 #ifdef COMBINED_BINARY | |
| 80 extern char* (*getconf)(const char*); | |
| 81 extern int errorexit(const char*); | |
| 82 extern int errorexitp(const char*); | |
| 83 extern void print_header(); | |
| 84 extern void hex2bin(unsigned char*, unsigned char*, int); | |
|
22
38d495566d1c
Re-added some debugging messages to nacltai protocol code, enabled by the DEBUG environment variable
Ivo Smits <Ivo@UCIS.nl>
parents:
15
diff
changeset
|
85 extern int debug; |
| 0 | 86 #else |
| 87 | |
| 88 char* (*getconf)(const char*) = getenv; | |
|
22
38d495566d1c
Re-added some debugging messages to nacltai protocol code, enabled by the DEBUG environment variable
Ivo Smits <Ivo@UCIS.nl>
parents:
15
diff
changeset
|
89 int debug = 0; |
|
38
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
90 static int gargc = 0; |
|
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
91 static char** gargv = NULL; |
| 0 | 92 |
| 93 int errorexit(const char* text) { | |
| 94 fprintf(stderr, "%s\n", text); | |
| 95 return -1; | |
| 96 } | |
| 97 int errorexitp(const char* text) { | |
| 98 perror(text); | |
| 99 return -1; | |
| 100 } | |
| 101 | |
| 102 void print_header() { | |
|
38
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
103 fprintf(stderr, "UCIS QuickTun "QT_VERSION" (c) 2010-2013 Ivo Smits <Ivo@UCIS.nl>\n"); |
|
22
38d495566d1c
Re-added some debugging messages to nacltai protocol code, enabled by the DEBUG environment variable
Ivo Smits <Ivo@UCIS.nl>
parents:
15
diff
changeset
|
104 fprintf(stderr, "More information: http://wiki.ucis.nl/QuickTun\n"); |
| 0 | 105 } |
| 106 | |
|
41
54d28a81ca99
Small updates in preparation for stateful protocols
Ivo Smits <Ivo@UCIS.nl>
parents:
39
diff
changeset
|
107 static int init_udp(struct qtsession* session) { |
| 0 | 108 char* envval; |
|
6
cf9b44b46be5
Use stderr for output instead of stdout, added debugging code to nacltai
root <root@Really.UFO-Net.nl>
parents:
4
diff
changeset
|
109 fprintf(stderr, "Initializing UDP socket...\n"); |
| 0 | 110 int sfd = socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP); |
| 111 if (sfd < 0) return errorexitp("Could not create UDP socket"); | |
| 112 struct sockaddr_in udpaddr; | |
| 113 struct hostent *he; | |
| 114 udpaddr.sin_family = AF_INET; | |
| 115 udpaddr.sin_addr.s_addr = INADDR_ANY; | |
| 116 udpaddr.sin_port = htons(2998); | |
| 117 if (envval = getconf("LOCAL_ADDRESS")) { | |
| 118 he = gethostbyname(envval); | |
| 119 if (!he) return errorexit("bind address lookup failed"); | |
| 120 else if (!he->h_addr_list[0]) return errorexit("no address to bind to"); | |
| 121 udpaddr.sin_addr.s_addr = *((unsigned long*)he->h_addr_list[0]); | |
| 122 udpaddr.sin_family = he->h_addrtype; | |
| 123 } | |
| 124 if (envval = getconf("LOCAL_PORT")) { | |
| 125 udpaddr.sin_port = htons(atoi(envval)); | |
| 126 } | |
| 127 if (bind(sfd, (struct sockaddr*)&udpaddr, sizeof(struct sockaddr_in))) return errorexitp("Could not bind socket"); | |
| 128 if (!(envval = getconf("REMOTE_ADDRESS"))) { | |
| 129 session->remote_float = 1; | |
| 130 //return errorexit("Missing REMOTE_ADDRESS"); | |
| 131 } else { | |
|
12
e4b60d041491
Make sure that the session buffer is zero
Ivo Smits <Ivo@UCIS.nl>
parents:
9
diff
changeset
|
132 session->remote_float = getconf("REMOTE_FLOAT") ? 1 : 0; |
| 0 | 133 he = gethostbyname(envval); |
| 134 if (!he) return errorexit("remote address lookup failed"); | |
| 135 else if (!he->h_addr_list[0]) return errorexit("no address to connect to"); | |
| 136 udpaddr.sin_family = he->h_addrtype; | |
| 137 udpaddr.sin_addr.s_addr = *((unsigned long*)he->h_addr_list[0]); | |
|
2
b2c7c83a1dda
Accept 0.0.0.0 remote address for float mode
ivo <ivo@UFO-Net.nl>
parents:
0
diff
changeset
|
138 if (udpaddr.sin_addr.s_addr == 0) { |
|
b2c7c83a1dda
Accept 0.0.0.0 remote address for float mode
ivo <ivo@UFO-Net.nl>
parents:
0
diff
changeset
|
139 session->remote_float = 1; |
|
b2c7c83a1dda
Accept 0.0.0.0 remote address for float mode
ivo <ivo@UFO-Net.nl>
parents:
0
diff
changeset
|
140 } else { |
|
b2c7c83a1dda
Accept 0.0.0.0 remote address for float mode
ivo <ivo@UFO-Net.nl>
parents:
0
diff
changeset
|
141 if (envval = getconf("REMOTE_PORT")) { |
|
b2c7c83a1dda
Accept 0.0.0.0 remote address for float mode
ivo <ivo@UFO-Net.nl>
parents:
0
diff
changeset
|
142 udpaddr.sin_port = htons(atoi(envval)); |
|
b2c7c83a1dda
Accept 0.0.0.0 remote address for float mode
ivo <ivo@UFO-Net.nl>
parents:
0
diff
changeset
|
143 } |
|
b2c7c83a1dda
Accept 0.0.0.0 remote address for float mode
ivo <ivo@UFO-Net.nl>
parents:
0
diff
changeset
|
144 if (connect(sfd, (struct sockaddr*)&udpaddr, sizeof(struct sockaddr_in))) return errorexitp("Could not connect socket"); |
|
b2c7c83a1dda
Accept 0.0.0.0 remote address for float mode
ivo <ivo@UFO-Net.nl>
parents:
0
diff
changeset
|
145 session->remote_addr = udpaddr; |
| 0 | 146 } |
| 147 } | |
| 148 session->fd_socket = sfd; | |
| 149 return sfd; | |
| 150 } | |
| 151 | |
|
41
54d28a81ca99
Small updates in preparation for stateful protocols
Ivo Smits <Ivo@UCIS.nl>
parents:
39
diff
changeset
|
152 static int init_tuntap(struct qtsession* session) { |
| 0 | 153 char* envval; |
| 7 | 154 fprintf(stderr, "Initializing tun/tap device...\n"); |
| 0 | 155 int ttfd; //Tap device file descriptor |
|
35
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
156 int tunmode = 0; |
|
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
157 if (envval = getconf("TUN_MODE")) tunmode = atoi(envval); |
|
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
158 session->use_pi = 0; |
|
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
159 if (tunmode && (envval = getconf("USE_PI"))) session->use_pi = atoi(envval); |
|
32
51c6d2fc712f
Fixes contributed by Daniel Dickinson <daniel@cshore.neomailbox.net>
Ivo Smits <Ivo@UCIS.nl>
parents:
30
diff
changeset
|
160 #if defined linux |
|
15
1fa5b5fa49e1
Fixed a race condition caused by reception of ICMP errors
Ivo Smits <Ivo@UCIS.nl>
parents:
13
diff
changeset
|
161 struct ifreq ifr; //required for tun/tap setup |
|
1fa5b5fa49e1
Fixed a race condition caused by reception of ICMP errors
Ivo Smits <Ivo@UCIS.nl>
parents:
13
diff
changeset
|
162 memset(&ifr, 0, sizeof(ifr)); |
|
1fa5b5fa49e1
Fixed a race condition caused by reception of ICMP errors
Ivo Smits <Ivo@UCIS.nl>
parents:
13
diff
changeset
|
163 if ((ttfd = open("/dev/net/tun", O_RDWR)) < 0) return errorexitp("Could not open tun/tap device file"); |
|
1fa5b5fa49e1
Fixed a race condition caused by reception of ICMP errors
Ivo Smits <Ivo@UCIS.nl>
parents:
13
diff
changeset
|
164 if (envval = getconf("INTERFACE")) strcpy(ifr.ifr_name, envval); |
|
35
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
165 ifr.ifr_flags = tunmode ? IFF_TUN : IFF_TAP; |
|
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
166 if (!session->use_pi) ifr.ifr_flags |= IFF_NO_PI; |
|
15
1fa5b5fa49e1
Fixed a race condition caused by reception of ICMP errors
Ivo Smits <Ivo@UCIS.nl>
parents:
13
diff
changeset
|
167 if (ioctl(ttfd, TUNSETIFF, (void *)&ifr) < 0) return errorexitp("TUNSETIFF ioctl failed"); |
|
32
51c6d2fc712f
Fixes contributed by Daniel Dickinson <daniel@cshore.neomailbox.net>
Ivo Smits <Ivo@UCIS.nl>
parents:
30
diff
changeset
|
168 #elif defined SOLARIS |
| 13 | 169 int ip_fd = -1, if_fd = -1, ppa = 0; |
|
15
1fa5b5fa49e1
Fixed a race condition caused by reception of ICMP errors
Ivo Smits <Ivo@UCIS.nl>
parents:
13
diff
changeset
|
170 if ((ttfd = open("/dev/tun", O_RDWR)) < 0) return errorexitp("Could not open tun device file"); |
|
1fa5b5fa49e1
Fixed a race condition caused by reception of ICMP errors
Ivo Smits <Ivo@UCIS.nl>
parents:
13
diff
changeset
|
171 if ((ip_fd = open("/dev/ip", O_RDWR, 0)) < 0) return errorexitp("Could not open /dev/ip"); |
|
1fa5b5fa49e1
Fixed a race condition caused by reception of ICMP errors
Ivo Smits <Ivo@UCIS.nl>
parents:
13
diff
changeset
|
172 if ((envval = getconf("INTERFACE"))) { |
|
1fa5b5fa49e1
Fixed a race condition caused by reception of ICMP errors
Ivo Smits <Ivo@UCIS.nl>
parents:
13
diff
changeset
|
173 while (*envval && !isdigit((int)*envval)) envval++; |
|
1fa5b5fa49e1
Fixed a race condition caused by reception of ICMP errors
Ivo Smits <Ivo@UCIS.nl>
parents:
13
diff
changeset
|
174 ppa = atoi(envval); |
|
1fa5b5fa49e1
Fixed a race condition caused by reception of ICMP errors
Ivo Smits <Ivo@UCIS.nl>
parents:
13
diff
changeset
|
175 } |
|
1fa5b5fa49e1
Fixed a race condition caused by reception of ICMP errors
Ivo Smits <Ivo@UCIS.nl>
parents:
13
diff
changeset
|
176 if ((ppa = ioctl(ttfd, TUNNEWPPA, ppa)) < 0) return errorexitp("Could not assign new PPA"); |
|
1fa5b5fa49e1
Fixed a race condition caused by reception of ICMP errors
Ivo Smits <Ivo@UCIS.nl>
parents:
13
diff
changeset
|
177 if ((if_fd = open("/dev/tun", O_RDWR, 0)) < 0) return errorexitp("Could not open tun device file again"); |
|
1fa5b5fa49e1
Fixed a race condition caused by reception of ICMP errors
Ivo Smits <Ivo@UCIS.nl>
parents:
13
diff
changeset
|
178 if (ioctl(if_fd, I_PUSH, "ip") < 0) return errorexitp("Could not push IP module"); |
|
1fa5b5fa49e1
Fixed a race condition caused by reception of ICMP errors
Ivo Smits <Ivo@UCIS.nl>
parents:
13
diff
changeset
|
179 if (ioctl(if_fd, IF_UNITSEL, (char *)&ppa) < 0) return errorexitp("Could not set PPA"); |
|
1fa5b5fa49e1
Fixed a race condition caused by reception of ICMP errors
Ivo Smits <Ivo@UCIS.nl>
parents:
13
diff
changeset
|
180 if (ioctl(ip_fd, I_LINK, if_fd) < 0) return errorexitp("Could not link TUN device to IP"); |
| 7 | 181 #else |
|
15
1fa5b5fa49e1
Fixed a race condition caused by reception of ICMP errors
Ivo Smits <Ivo@UCIS.nl>
parents:
13
diff
changeset
|
182 if (!(envval = getconf("INTERFACE"))) envval = "/dev/tun0"; |
|
1fa5b5fa49e1
Fixed a race condition caused by reception of ICMP errors
Ivo Smits <Ivo@UCIS.nl>
parents:
13
diff
changeset
|
183 if ((ttfd = open(envval, O_RDWR)) < 0) return errorexitp("Could not open tun device file"); |
|
35
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
184 if (tunmode) { |
|
33
422f3582bd38
Possible fix for tun mode on FreeBSD
Ivo Smits <Ivo@UCIS.nl>
parents:
32
diff
changeset
|
185 int i = IFF_POINTOPOINT | IFF_MULTICAST; |
|
34
b876afa5a72a
Fixed the build script and FreeBSD tun mode
Ivo Smits <Ivo@UCIS.nl>
parents:
33
diff
changeset
|
186 ioctl(ttfd, TUNSIFMODE, &i); |
|
35
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
187 i = session->use_pi ? 1 : 0; |
|
34
b876afa5a72a
Fixed the build script and FreeBSD tun mode
Ivo Smits <Ivo@UCIS.nl>
parents:
33
diff
changeset
|
188 ioctl(ttfd, TUNSIFHEAD, &i); |
|
33
422f3582bd38
Possible fix for tun mode on FreeBSD
Ivo Smits <Ivo@UCIS.nl>
parents:
32
diff
changeset
|
189 } |
|
15
1fa5b5fa49e1
Fixed a race condition caused by reception of ICMP errors
Ivo Smits <Ivo@UCIS.nl>
parents:
13
diff
changeset
|
190 #endif |
|
39
47a34fe75c57
Added option to run a script after opening the tun device
Ivo Smits <Ivo@UCIS.nl>
parents:
38
diff
changeset
|
191 if (envval = getconf("TUN_UP_SCRIPT")) system(envval); |
|
35
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
192 session->fd_dev = ttfd; |
| 0 | 193 return ttfd; |
| 194 } | |
| 195 | |
| 196 void hex2bin(unsigned char* dest, unsigned char* src, int count) { | |
| 197 int i; | |
| 198 for (i = 0; i < count; i++) { | |
| 199 if (*src >= '0' && *src <= '9') *dest = *src - '0'; | |
| 200 else if (*src >= 'a' && * src <='f') *dest = *src - 'a' + 10; | |
| 201 else if (*src >= 'A' && * src <='F') *dest = *src - 'A' + 10; | |
| 202 src++; *dest = *dest << 4; | |
| 203 if (*src >= '0' && *src <= '9') *dest += *src - '0'; | |
| 204 else if (*src >= 'a' && *src <= 'f') *dest += *src - 'a' + 10; | |
| 205 else if (*src >= 'A' && *src <= 'F') *dest += *src - 'A' + 10; | |
| 206 src++; dest++; | |
| 207 } | |
| 208 } | |
| 209 | |
|
41
54d28a81ca99
Small updates in preparation for stateful protocols
Ivo Smits <Ivo@UCIS.nl>
parents:
39
diff
changeset
|
210 static int drop_privileges() { |
|
36
1fe62a94c28a
Added option SETUID to drop privileges
Ivo Smits <Ivo@UCIS.nl>
parents:
35
diff
changeset
|
211 char* envval; |
|
1fe62a94c28a
Added option SETUID to drop privileges
Ivo Smits <Ivo@UCIS.nl>
parents:
35
diff
changeset
|
212 if (envval = getconf("SETUID")) { |
|
1fe62a94c28a
Added option SETUID to drop privileges
Ivo Smits <Ivo@UCIS.nl>
parents:
35
diff
changeset
|
213 if (setgroups(0, NULL) == -1) return errorexitp("setgroups"); |
|
1fe62a94c28a
Added option SETUID to drop privileges
Ivo Smits <Ivo@UCIS.nl>
parents:
35
diff
changeset
|
214 struct passwd *pw = getpwnam(envval); |
|
1fe62a94c28a
Added option SETUID to drop privileges
Ivo Smits <Ivo@UCIS.nl>
parents:
35
diff
changeset
|
215 if (!pw) return errorexitp("getpwnam"); |
|
1fe62a94c28a
Added option SETUID to drop privileges
Ivo Smits <Ivo@UCIS.nl>
parents:
35
diff
changeset
|
216 if (setgid(pw->pw_gid) == -1) return errorexitp("setgid"); |
|
1fe62a94c28a
Added option SETUID to drop privileges
Ivo Smits <Ivo@UCIS.nl>
parents:
35
diff
changeset
|
217 if (setuid(pw->pw_uid) == -1) return errorexitp("setuid"); |
|
1fe62a94c28a
Added option SETUID to drop privileges
Ivo Smits <Ivo@UCIS.nl>
parents:
35
diff
changeset
|
218 } |
|
1fe62a94c28a
Added option SETUID to drop privileges
Ivo Smits <Ivo@UCIS.nl>
parents:
35
diff
changeset
|
219 chdir("/"); |
|
1fe62a94c28a
Added option SETUID to drop privileges
Ivo Smits <Ivo@UCIS.nl>
parents:
35
diff
changeset
|
220 } |
|
1fe62a94c28a
Added option SETUID to drop privileges
Ivo Smits <Ivo@UCIS.nl>
parents:
35
diff
changeset
|
221 |
|
41
54d28a81ca99
Small updates in preparation for stateful protocols
Ivo Smits <Ivo@UCIS.nl>
parents:
39
diff
changeset
|
222 static void qtsendnetworkpacket(struct qtsession* session, char* msg, int len) { |
|
54d28a81ca99
Small updates in preparation for stateful protocols
Ivo Smits <Ivo@UCIS.nl>
parents:
39
diff
changeset
|
223 if (session->remote_float == 0) { |
|
54d28a81ca99
Small updates in preparation for stateful protocols
Ivo Smits <Ivo@UCIS.nl>
parents:
39
diff
changeset
|
224 len = write(session->fd_socket, msg, len); |
|
54d28a81ca99
Small updates in preparation for stateful protocols
Ivo Smits <Ivo@UCIS.nl>
parents:
39
diff
changeset
|
225 } else if (session->remote_float == 2) { |
|
54d28a81ca99
Small updates in preparation for stateful protocols
Ivo Smits <Ivo@UCIS.nl>
parents:
39
diff
changeset
|
226 len = sendto(session->fd_socket, msg, len, 0, (struct sockaddr*)&session->remote_addr, sizeof(struct sockaddr_in)); |
|
54d28a81ca99
Small updates in preparation for stateful protocols
Ivo Smits <Ivo@UCIS.nl>
parents:
39
diff
changeset
|
227 } |
|
54d28a81ca99
Small updates in preparation for stateful protocols
Ivo Smits <Ivo@UCIS.nl>
parents:
39
diff
changeset
|
228 } |
|
54d28a81ca99
Small updates in preparation for stateful protocols
Ivo Smits <Ivo@UCIS.nl>
parents:
39
diff
changeset
|
229 |
| 0 | 230 int qtrun(struct qtproto* p) { |
|
22
38d495566d1c
Re-added some debugging messages to nacltai protocol code, enabled by the DEBUG environment variable
Ivo Smits <Ivo@UCIS.nl>
parents:
15
diff
changeset
|
231 if (getconf("DEBUG")) debug = 1; |
| 0 | 232 struct qtsession session; |
|
41
54d28a81ca99
Small updates in preparation for stateful protocols
Ivo Smits <Ivo@UCIS.nl>
parents:
39
diff
changeset
|
233 session.poll_timeout = -1; |
| 0 | 234 session.protocol = *p; |
|
6
cf9b44b46be5
Use stderr for output instead of stdout, added debugging code to nacltai
root <root@Really.UFO-Net.nl>
parents:
4
diff
changeset
|
235 |
|
29
7c5e5be876bb
Small fix to error handling during initialization
Ivo Smits <Ivo@UCIS.nl>
parents:
28
diff
changeset
|
236 if (init_udp(&session) < 0) return -1; |
|
6
cf9b44b46be5
Use stderr for output instead of stdout, added debugging code to nacltai
root <root@Really.UFO-Net.nl>
parents:
4
diff
changeset
|
237 int sfd = session.fd_socket; |
|
cf9b44b46be5
Use stderr for output instead of stdout, added debugging code to nacltai
root <root@Really.UFO-Net.nl>
parents:
4
diff
changeset
|
238 |
|
41
54d28a81ca99
Small updates in preparation for stateful protocols
Ivo Smits <Ivo@UCIS.nl>
parents:
39
diff
changeset
|
239 session.sendnetworkpacket = qtsendnetworkpacket; |
|
54d28a81ca99
Small updates in preparation for stateful protocols
Ivo Smits <Ivo@UCIS.nl>
parents:
39
diff
changeset
|
240 |
|
35
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
241 if (init_tuntap(&session) < 0) return -1; |
|
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
242 int ttfd = session.fd_dev; |
| 0 | 243 |
| 244 char protocol_data[p->protocol_data_size]; | |
|
12
e4b60d041491
Make sure that the session buffer is zero
Ivo Smits <Ivo@UCIS.nl>
parents:
9
diff
changeset
|
245 memset(protocol_data, 0, p->protocol_data_size); |
| 0 | 246 session.protocol_data = &protocol_data; |
|
27
5ba185ca7102
Fixed error checking during initialization, restructured code a bit to make it even simpler
Ivo Smits <Ivo@UCIS.nl>
parents:
22
diff
changeset
|
247 if (p->init && p->init(&session) < 0) return -1; |
| 0 | 248 |
|
36
1fe62a94c28a
Added option SETUID to drop privileges
Ivo Smits <Ivo@UCIS.nl>
parents:
35
diff
changeset
|
249 if (drop_privileges() < 0) return -1; |
|
1fe62a94c28a
Added option SETUID to drop privileges
Ivo Smits <Ivo@UCIS.nl>
parents:
35
diff
changeset
|
250 |
|
6
cf9b44b46be5
Use stderr for output instead of stdout, added debugging code to nacltai
root <root@Really.UFO-Net.nl>
parents:
4
diff
changeset
|
251 fprintf(stderr, "The tunnel is now operational!\n"); |
| 0 | 252 |
| 253 struct pollfd fds[2]; | |
| 254 fds[0].fd = ttfd; | |
| 255 fds[0].events = POLLIN; | |
| 256 fds[1].fd = sfd; | |
| 257 fds[1].events = POLLIN; | |
| 258 | |
| 259 struct sockaddr_in recvaddr; | |
| 260 | |
|
35
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
261 int pi_length = 0; |
|
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
262 if (session.use_pi == 2) pi_length = 4; |
|
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
263 |
|
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
264 char buffer_raw_a[p->buffersize_raw + pi_length]; |
| 0 | 265 char buffer_enc_a[p->buffersize_enc]; |
| 266 char* buffer_raw = buffer_raw_a; | |
| 267 char* buffer_enc = buffer_enc_a; | |
| 268 | |
| 269 while (1) { | |
|
41
54d28a81ca99
Small updates in preparation for stateful protocols
Ivo Smits <Ivo@UCIS.nl>
parents:
39
diff
changeset
|
270 int len = poll(fds, 2, session.poll_timeout); |
| 0 | 271 if (len < 0) return errorexitp("poll error"); |
| 272 else if (fds[0].revents & (POLLERR | POLLHUP | POLLNVAL)) return errorexit("poll error on tap device"); | |
| 273 else if (fds[1].revents & (POLLHUP | POLLNVAL)) return errorexit("poll error on udp socket"); | |
|
41
54d28a81ca99
Small updates in preparation for stateful protocols
Ivo Smits <Ivo@UCIS.nl>
parents:
39
diff
changeset
|
274 if (len == 0 && p->idle) p->idle(&session); |
| 0 | 275 if (fds[0].revents & POLLIN) { |
|
35
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
276 len = read(ttfd, buffer_raw + p->offset_raw, p->buffersize_raw + pi_length); |
|
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
277 if (len < pi_length) errorexit("read packet smaller than header from tun device"); |
| 0 | 278 if (session.remote_float == 0 || session.remote_float == 2) { |
|
35
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
279 len = p->encode(&session, buffer_raw + pi_length, buffer_enc, len - pi_length); |
| 0 | 280 if (len < 0) return len; |
|
41
54d28a81ca99
Small updates in preparation for stateful protocols
Ivo Smits <Ivo@UCIS.nl>
parents:
39
diff
changeset
|
281 if (len == 0) continue; //encoding is not yet possible |
|
54d28a81ca99
Small updates in preparation for stateful protocols
Ivo Smits <Ivo@UCIS.nl>
parents:
39
diff
changeset
|
282 qtsendnetworkpacket(&session, buffer_enc + p->offset_enc, len); |
| 0 | 283 } |
| 284 } | |
|
15
1fa5b5fa49e1
Fixed a race condition caused by reception of ICMP errors
Ivo Smits <Ivo@UCIS.nl>
parents:
13
diff
changeset
|
285 if (fds[1].revents & POLLERR) { |
|
1fa5b5fa49e1
Fixed a race condition caused by reception of ICMP errors
Ivo Smits <Ivo@UCIS.nl>
parents:
13
diff
changeset
|
286 int out; |
|
1fa5b5fa49e1
Fixed a race condition caused by reception of ICMP errors
Ivo Smits <Ivo@UCIS.nl>
parents:
13
diff
changeset
|
287 len = sizeof(out); |
|
1fa5b5fa49e1
Fixed a race condition caused by reception of ICMP errors
Ivo Smits <Ivo@UCIS.nl>
parents:
13
diff
changeset
|
288 getsockopt(sfd, SOL_SOCKET, SO_ERROR, &out, &len); |
|
1fa5b5fa49e1
Fixed a race condition caused by reception of ICMP errors
Ivo Smits <Ivo@UCIS.nl>
parents:
13
diff
changeset
|
289 fprintf(stderr, "Received error %d on udp socket\n", out); |
|
1fa5b5fa49e1
Fixed a race condition caused by reception of ICMP errors
Ivo Smits <Ivo@UCIS.nl>
parents:
13
diff
changeset
|
290 } |
| 0 | 291 if (fds[1].revents & POLLIN) { |
| 292 socklen_t recvaddr_len = sizeof(recvaddr); | |
| 293 if (session.remote_float == 0) { | |
| 294 len = read(sfd, buffer_enc + p->offset_enc, p->buffersize_enc); | |
| 295 } else { | |
| 296 len = recvfrom(sfd, buffer_enc + p->offset_enc, p->buffersize_enc, 0, (struct sockaddr*)&recvaddr, &recvaddr_len); | |
| 297 } | |
| 298 if (len < 0) { | |
|
15
1fa5b5fa49e1
Fixed a race condition caused by reception of ICMP errors
Ivo Smits <Ivo@UCIS.nl>
parents:
13
diff
changeset
|
299 long long out; |
|
1fa5b5fa49e1
Fixed a race condition caused by reception of ICMP errors
Ivo Smits <Ivo@UCIS.nl>
parents:
13
diff
changeset
|
300 len = sizeof(out); |
| 0 | 301 getsockopt(sfd, SOL_SOCKET, SO_ERROR, &out, &len); |
|
41
54d28a81ca99
Small updates in preparation for stateful protocols
Ivo Smits <Ivo@UCIS.nl>
parents:
39
diff
changeset
|
302 fprintf(stderr, "Received end of file on udp socket (error %lld)\n", out); |
| 0 | 303 } else { |
|
35
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
304 len = p->decode(&session, buffer_enc, buffer_raw + pi_length, len); |
|
41
54d28a81ca99
Small updates in preparation for stateful protocols
Ivo Smits <Ivo@UCIS.nl>
parents:
39
diff
changeset
|
305 if (len < 0) continue; |
|
54d28a81ca99
Small updates in preparation for stateful protocols
Ivo Smits <Ivo@UCIS.nl>
parents:
39
diff
changeset
|
306 if (session.remote_float != 0 && (session.remote_addr.sin_addr.s_addr != recvaddr.sin_addr.s_addr || session.remote_addr.sin_port != recvaddr.sin_port)) { |
|
28
e77af6acb559
Small fixes: abort before updating remote endpoint after serious decryption error, print IP address bytes in the expected order
Ivo Smits <Ivo@UCIS.nl>
parents:
27
diff
changeset
|
307 fprintf(stderr, "Remote endpoint has changed to %08X:%d\n", ntohl(recvaddr.sin_addr.s_addr), ntohs(recvaddr.sin_port)); |
| 0 | 308 session.remote_addr = recvaddr; |
| 309 session.remote_float = 2; | |
| 310 } | |
|
41
54d28a81ca99
Small updates in preparation for stateful protocols
Ivo Smits <Ivo@UCIS.nl>
parents:
39
diff
changeset
|
311 if (len > 0 && session.use_pi == 2) { |
|
54d28a81ca99
Small updates in preparation for stateful protocols
Ivo Smits <Ivo@UCIS.nl>
parents:
39
diff
changeset
|
312 int ipver = (buffer_raw[p->offset_raw + pi_length] >> 4) & 0xf; |
|
35
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
313 int pihdr = 0; |
|
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
314 #if defined linux |
|
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
315 if (ipver == 4) pihdr = 0x0000 | (0x0008 << 16); //little endian: flags and protocol are swapped |
|
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
316 else if (ipver == 6) pihdr = 0x0000 | (0xdd86 << 16); |
|
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
317 #else |
|
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
318 if (ipver == 4) pihdr = htonl(AF_INET); |
|
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
319 else if (ipver == 6) pihdr = htonl(AF_INET6); |
|
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
320 #endif |
|
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
321 *(int*)(buffer_raw + p->offset_raw) = ipver; |
|
a1ec0d6b6f13
Added USE_PI=2 setting to automatically add/remove packet information header
Ivo Smits <Ivo@UCIS.nl>
parents:
34
diff
changeset
|
322 } |
|
41
54d28a81ca99
Small updates in preparation for stateful protocols
Ivo Smits <Ivo@UCIS.nl>
parents:
39
diff
changeset
|
323 if (len > 0) write(ttfd, buffer_raw + p->offset_raw, len + pi_length); |
| 0 | 324 } |
| 325 } | |
| 326 } | |
| 327 return 0; | |
| 328 } | |
|
38
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
329 |
|
41
54d28a81ca99
Small updates in preparation for stateful protocols
Ivo Smits <Ivo@UCIS.nl>
parents:
39
diff
changeset
|
330 static char* getconfcmdargs(const char* name) { |
|
38
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
331 int i; |
|
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
332 for (i = 1; i < gargc - 2; i++) { |
|
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
333 if (strcmp(gargv[i], "-c")) continue; |
|
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
334 if (strcmp(gargv[i + 1], name)) continue; |
|
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
335 return gargv[i + 2]; |
|
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
336 } |
|
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
337 return NULL; |
|
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
338 } |
|
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
339 |
|
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
340 int qtprocessargs(int argc, char** argv) { |
|
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
341 int i; |
|
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
342 for (i = 1; i < argc; i++) { |
|
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
343 char* a = argv[i]; |
|
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
344 if (!strcmp(a, "-h") || !strcmp(a, "--help")) { |
|
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
345 return errorexit("Please read the documentation at http://wiki.ucis.nl/QuickTun"); |
|
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
346 } else if (!strcmp(a, "-v") || !strcmp(a, "--version")) { |
|
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
347 return errorexit("UCIS QuickTun "QT_VERSION); |
|
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
348 } else if (!strcmp(a, "-c")) { |
|
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
349 gargc = argc; |
|
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
350 gargv = argv; |
|
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
351 getconf = getconfcmdargs; |
|
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
352 i += 2; |
|
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
353 } else { |
|
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
354 return errorexit("Unexpected command line argument"); |
|
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
355 } |
|
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
356 } |
|
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
36
diff
changeset
|
357 } |
| 0 | 358 #endif |
|
30
6f0e6b7dc088
Fixed build script to support multiple abis on one machine, bugfix in code, minor improvements
Ivo Smits <Ivo@UCIS.nl>
parents:
29
diff
changeset
|
359 |