Implemented link padding and receiver token buckets
Each socket reads at most 'bandwidth' bytes per second sustained, but
can handle bursts of up to 10*bandwidth bytes.
Cells are now sent out at evenly-spaced intervals, with padding sent
out otherwise. Set Linkpadding=0 in the rc file to send cells as soon
as they're available (and to never send padding cells).
Added license/copyrights statements at the top of most files.
router->min and router->max have been merged into a single 'bandwidth'
value. We should make the routerinfo_t reflect this (want to do that,
Mat?)
As the bandwidth increases, and we want to stop sleeping more and more
frequently to send a single cell, cpu usage goes up. At 128kB/s we're
pretty much calling poll with a timeout of 1ms or even 0ms. The current
code takes a timeout of 0-9ms and makes it 10ms. prepare_for_poll()
handles everything that should have happened in the past, so as long as
our buffers don't get too full in that 10ms, we're ok.
Speaking of too full, if you run three servers at 100kB/s with -l debug,
it spends too much time printing debugging messages to be able to keep
up with the cells. The outbuf ultimately fills up and it kills that
connection. If you run with -l err, it works fine up through 500kB/s and
probably beyond. Down the road we'll want to teach it to recognize when
an outbuf is getting full, and back off.
svn:r50
2002-07-16 03:12:15 +02:00
|
|
|
/* Copyright 2001,2002 Roger Dingledine, Matej Pfajfar. */
|
|
|
|
|
/* See LICENSE for licensing information */
|
|
|
|
|
/* $Id$ */
|
2002-06-27 00:45:49 +02:00
|
|
|
|
|
|
|
|
#include "or.h"
|
2003-06-21 21:29:32 +02:00
|
|
|
|
2003-05-28 04:03:25 +02:00
|
|
|
extern or_options_t options; /* command-line and config-file options */
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2003-06-21 21:29:32 +02:00
|
|
|
static int or_handshake_op_send_keys(connection_t *conn);
|
|
|
|
|
static int or_handshake_op_finished_sending_keys(connection_t *conn);
|
|
|
|
|
|
|
|
|
|
static int or_handshake_client_process_auth(connection_t *conn);
|
|
|
|
|
static int or_handshake_client_send_auth(connection_t *conn);
|
|
|
|
|
|
|
|
|
|
static int or_handshake_server_process_auth(connection_t *conn);
|
|
|
|
|
static int or_handshake_server_process_nonce(connection_t *conn);
|
|
|
|
|
|
|
|
|
|
static void connection_or_set_open(connection_t *conn);
|
|
|
|
|
static void conn_or_init_crypto(connection_t *conn);
|
|
|
|
|
|
2003-05-28 04:03:25 +02:00
|
|
|
/*
|
2002-06-27 00:45:49 +02:00
|
|
|
*
|
|
|
|
|
* these two functions are the main ways 'in' to connection_or
|
|
|
|
|
*
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
int connection_or_process_inbuf(connection_t *conn) {
|
|
|
|
|
|
|
|
|
|
assert(conn && conn->type == CONN_TYPE_OR);
|
|
|
|
|
|
|
|
|
|
if(conn->inbuf_reached_eof) {
|
|
|
|
|
/* eof reached, kill it. */
|
2003-06-18 00:18:26 +02:00
|
|
|
log_fn(LOG_DEBUG,"conn reached eof. Closing.");
|
2002-06-27 00:45:49 +02:00
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
Implemented link padding and receiver token buckets
Each socket reads at most 'bandwidth' bytes per second sustained, but
can handle bursts of up to 10*bandwidth bytes.
Cells are now sent out at evenly-spaced intervals, with padding sent
out otherwise. Set Linkpadding=0 in the rc file to send cells as soon
as they're available (and to never send padding cells).
Added license/copyrights statements at the top of most files.
router->min and router->max have been merged into a single 'bandwidth'
value. We should make the routerinfo_t reflect this (want to do that,
Mat?)
As the bandwidth increases, and we want to stop sleeping more and more
frequently to send a single cell, cpu usage goes up. At 128kB/s we're
pretty much calling poll with a timeout of 1ms or even 0ms. The current
code takes a timeout of 0-9ms and makes it 10ms. prepare_for_poll()
handles everything that should have happened in the past, so as long as
our buffers don't get too full in that 10ms, we're ok.
Speaking of too full, if you run three servers at 100kB/s with -l debug,
it spends too much time printing debugging messages to be able to keep
up with the cells. The outbuf ultimately fills up and it kills that
connection. If you run with -l err, it works fine up through 500kB/s and
probably beyond. Down the road we'll want to teach it to recognize when
an outbuf is getting full, and back off.
svn:r50
2002-07-16 03:12:15 +02:00
|
|
|
// log(LOG_DEBUG,"connection_or_process_inbuf(): state %d.",conn->state);
|
2002-06-27 00:45:49 +02:00
|
|
|
|
|
|
|
|
switch(conn->state) {
|
|
|
|
|
case OR_CONN_STATE_CLIENT_AUTH_WAIT:
|
|
|
|
|
return or_handshake_client_process_auth(conn);
|
|
|
|
|
case OR_CONN_STATE_SERVER_AUTH_WAIT:
|
|
|
|
|
return or_handshake_server_process_auth(conn);
|
|
|
|
|
case OR_CONN_STATE_SERVER_NONCE_WAIT:
|
|
|
|
|
return or_handshake_server_process_nonce(conn);
|
|
|
|
|
case OR_CONN_STATE_OPEN:
|
|
|
|
|
return connection_process_cell_from_inbuf(conn);
|
|
|
|
|
default:
|
2003-06-18 00:18:26 +02:00
|
|
|
log_fn(LOG_DEBUG,"called in state where I'm writing. Ignoring buf for now.");
|
2002-06-27 00:45:49 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int connection_or_finished_flushing(connection_t *conn) {
|
|
|
|
|
int e, len=sizeof(e);
|
|
|
|
|
|
|
|
|
|
assert(conn && conn->type == CONN_TYPE_OR);
|
|
|
|
|
|
|
|
|
|
switch(conn->state) {
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
case OR_CONN_STATE_OP_SENDING_KEYS:
|
|
|
|
|
return or_handshake_op_finished_sending_keys(conn);
|
2002-06-27 00:45:49 +02:00
|
|
|
case OR_CONN_STATE_CLIENT_CONNECTING:
|
|
|
|
|
if (getsockopt(conn->s, SOL_SOCKET, SO_ERROR, &e, &len) < 0) { /* not yet */
|
|
|
|
|
if(errno != EINPROGRESS){
|
|
|
|
|
/* yuck. kill it. */
|
2003-06-18 00:18:26 +02:00
|
|
|
log_fn(LOG_DEBUG,"in-progress connect failed. Removing.");
|
2002-06-27 00:45:49 +02:00
|
|
|
return -1;
|
|
|
|
|
} else {
|
|
|
|
|
return 0; /* no change, see if next time is better */
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
/* the connect has finished. */
|
|
|
|
|
|
2003-06-18 00:18:26 +02:00
|
|
|
log_fn(LOG_DEBUG,"OR connection to router %s:%u established.",
|
2002-08-24 09:55:49 +02:00
|
|
|
conn->address,conn->port);
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2003-05-28 04:03:25 +02:00
|
|
|
if(options.OnionRouter)
|
|
|
|
|
return or_handshake_client_send_auth(conn);
|
|
|
|
|
else
|
|
|
|
|
return or_handshake_op_send_keys(conn);
|
2002-06-27 00:45:49 +02:00
|
|
|
case OR_CONN_STATE_CLIENT_SENDING_AUTH:
|
2003-06-18 00:18:26 +02:00
|
|
|
log_fn(LOG_DEBUG,"client finished sending auth.");
|
2002-06-27 00:45:49 +02:00
|
|
|
conn->state = OR_CONN_STATE_CLIENT_AUTH_WAIT;
|
|
|
|
|
connection_watch_events(conn, POLLIN);
|
|
|
|
|
return 0;
|
|
|
|
|
case OR_CONN_STATE_CLIENT_SENDING_NONCE:
|
2003-06-18 00:18:26 +02:00
|
|
|
log_fn(LOG_DEBUG,"client finished sending nonce.");
|
2002-06-27 00:45:49 +02:00
|
|
|
conn_or_init_crypto(conn);
|
2003-03-24 03:50:07 +01:00
|
|
|
connection_or_set_open(conn);
|
|
|
|
|
|
2002-09-20 21:33:13 +02:00
|
|
|
return connection_process_inbuf(conn); /* in case there's anything waiting on it */
|
2002-06-27 00:45:49 +02:00
|
|
|
case OR_CONN_STATE_SERVER_SENDING_AUTH:
|
2003-06-18 00:18:26 +02:00
|
|
|
log_fn(LOG_DEBUG,"server finished sending auth.");
|
2002-06-27 00:45:49 +02:00
|
|
|
conn->state = OR_CONN_STATE_SERVER_NONCE_WAIT;
|
|
|
|
|
connection_watch_events(conn, POLLIN);
|
|
|
|
|
return 0;
|
|
|
|
|
case OR_CONN_STATE_OPEN:
|
|
|
|
|
/* FIXME down the road, we'll clear out circuits that are pending to close */
|
2002-07-18 08:37:58 +02:00
|
|
|
connection_stop_writing(conn);
|
2002-06-27 00:45:49 +02:00
|
|
|
return 0;
|
|
|
|
|
default:
|
2003-06-18 00:18:26 +02:00
|
|
|
log_fn(LOG_DEBUG,"BUG: called in unexpected state.");
|
2002-06-27 00:45:49 +02:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*********************/
|
|
|
|
|
|
2003-05-28 04:03:25 +02:00
|
|
|
connection_t *connection_or_connect(routerinfo_t *router) {
|
2002-06-27 00:45:49 +02:00
|
|
|
connection_t *conn;
|
|
|
|
|
struct sockaddr_in router_addr;
|
|
|
|
|
int s;
|
|
|
|
|
|
2003-05-28 04:03:25 +02:00
|
|
|
assert(router);
|
|
|
|
|
|
|
|
|
|
if(router_is_me(router->addr, router->or_port)) {
|
|
|
|
|
/* this is me! don't connect to me. */
|
|
|
|
|
log(LOG_DEBUG,"connection_or_connect(): This is me. Skipping.");
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* this function should never be called if we're already connected to router, but */
|
|
|
|
|
/* check first to be sure */
|
|
|
|
|
conn = connection_exact_get_by_addr_port(router->addr,router->or_port);
|
|
|
|
|
if(conn)
|
|
|
|
|
return conn;
|
|
|
|
|
|
2002-06-30 09:37:49 +02:00
|
|
|
conn = connection_new(CONN_TYPE_OR);
|
2003-03-19 23:02:35 +01:00
|
|
|
if(!conn) {
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
return NULL;
|
2003-03-19 23:02:35 +01:00
|
|
|
}
|
2002-06-27 00:45:49 +02:00
|
|
|
|
|
|
|
|
/* set up conn so it's got all the data we need to remember */
|
2002-10-03 00:54:20 +02:00
|
|
|
conn->addr = router->addr;
|
2003-05-28 04:03:25 +02:00
|
|
|
conn->port = router->or_port;
|
2002-09-24 12:43:57 +02:00
|
|
|
conn->bandwidth = router->bandwidth;
|
|
|
|
|
conn->pkey = crypto_pk_dup_key(router->pkey);
|
2002-06-27 00:45:49 +02:00
|
|
|
conn->address = strdup(router->address);
|
|
|
|
|
|
|
|
|
|
s=socket(PF_INET,SOCK_STREAM,IPPROTO_TCP);
|
2003-05-28 04:03:25 +02:00
|
|
|
if (s < 0) {
|
2002-06-27 00:45:49 +02:00
|
|
|
log(LOG_ERR,"Error creating network socket.");
|
|
|
|
|
connection_free(conn);
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
return NULL;
|
2002-06-27 00:45:49 +02:00
|
|
|
}
|
|
|
|
|
fcntl(s, F_SETFL, O_NONBLOCK); /* set s to non-blocking */
|
|
|
|
|
|
|
|
|
|
memset((void *)&router_addr,0,sizeof(router_addr));
|
|
|
|
|
router_addr.sin_family = AF_INET;
|
2003-05-28 04:03:25 +02:00
|
|
|
router_addr.sin_port = htons(router->or_port);
|
2002-10-03 00:54:20 +02:00
|
|
|
router_addr.sin_addr.s_addr = htonl(router->addr);
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2003-05-28 04:03:25 +02:00
|
|
|
log(LOG_DEBUG,"connection_or_connect() : Trying to connect to %s:%u.",router->address,router->or_port);
|
2002-06-27 00:45:49 +02:00
|
|
|
if(connect(s,(struct sockaddr *)&router_addr,sizeof(router_addr)) < 0){
|
|
|
|
|
if(errno != EINPROGRESS){
|
|
|
|
|
/* yuck. kill it. */
|
|
|
|
|
connection_free(conn);
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
return NULL;
|
2002-06-27 00:45:49 +02:00
|
|
|
} else {
|
|
|
|
|
/* it's in progress. set state appropriately and return. */
|
|
|
|
|
conn->s = s;
|
|
|
|
|
|
|
|
|
|
if(connection_add(conn) < 0) { /* no space, forget it */
|
|
|
|
|
connection_free(conn);
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
return NULL;
|
2002-06-27 00:45:49 +02:00
|
|
|
}
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
|
|
|
|
|
log(LOG_DEBUG,"connection_or_connect() : connect in progress.");
|
2002-07-18 08:37:58 +02:00
|
|
|
connection_watch_events(conn, POLLIN | POLLOUT); /* writable indicates finish, readable indicates broken link */
|
2003-05-28 04:03:25 +02:00
|
|
|
conn->state = OR_CONN_STATE_CLIENT_CONNECTING;
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
return conn;
|
2002-06-27 00:45:49 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* it succeeded. we're connected. */
|
|
|
|
|
conn->s = s;
|
|
|
|
|
|
|
|
|
|
if(connection_add(conn) < 0) { /* no space, forget it */
|
|
|
|
|
connection_free(conn);
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
2003-05-28 04:03:25 +02:00
|
|
|
log(LOG_DEBUG,"connection_or_connect() : Connection to router %s:%u established.",
|
|
|
|
|
router->address, router->or_port);
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
|
2003-05-28 04:03:25 +02:00
|
|
|
if((options.OnionRouter && or_handshake_client_send_auth(conn) >= 0) ||
|
|
|
|
|
(!options.OnionRouter && or_handshake_op_send_keys(conn) >= 0))
|
|
|
|
|
return conn; /* success! */
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
|
2003-05-28 04:03:25 +02:00
|
|
|
/* failure */
|
|
|
|
|
connection_remove(conn);
|
|
|
|
|
connection_free(conn);
|
|
|
|
|
return NULL;
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
}
|
|
|
|
|
|
2003-06-21 21:29:32 +02:00
|
|
|
/* ********************************** */
|
|
|
|
|
|
|
|
|
|
int connection_or_create_listener(struct sockaddr_in *bindaddr) {
|
|
|
|
|
log(LOG_DEBUG,"connection_create_or_listener starting");
|
|
|
|
|
return connection_create_listener(bindaddr, CONN_TYPE_OR_LISTENER);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int connection_or_handle_listener_read(connection_t *conn) {
|
|
|
|
|
log(LOG_NOTICE,"OR: Received a connection request from a router. Attempting to authenticate.");
|
|
|
|
|
return connection_handle_listener_read(conn, CONN_TYPE_OR, OR_CONN_STATE_SERVER_AUTH_WAIT);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* ***************** */
|
|
|
|
|
/* Helper functions to implement handshaking */
|
|
|
|
|
|
|
|
|
|
#define FLAGS_LEN 2
|
|
|
|
|
#define BANDWIDTH_LEN 4
|
|
|
|
|
#define KEY_LEN 16
|
2003-06-21 23:46:17 +02:00
|
|
|
#define ADDR_LEN 4
|
|
|
|
|
#define PORT_LEN 2
|
2003-06-21 21:29:32 +02:00
|
|
|
#define PKEY_LEN 128
|
|
|
|
|
|
|
|
|
|
static int
|
|
|
|
|
or_handshake_op_send_keys(connection_t *conn) {
|
|
|
|
|
unsigned char message[FLAGS_LEN + BANDWIDTH_LEN + KEY_LEN + KEY_LEN];
|
|
|
|
|
unsigned char cipher[PKEY_LEN];
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
int retval;
|
|
|
|
|
|
|
|
|
|
assert(conn && conn->type == CONN_TYPE_OR);
|
|
|
|
|
|
2003-04-09 00:31:48 +02:00
|
|
|
conn->bandwidth = DEFAULT_BANDWIDTH_OP;
|
|
|
|
|
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
/* generate random keys */
|
2002-08-22 09:30:03 +02:00
|
|
|
if(crypto_cipher_generate_key(conn->f_crypto) ||
|
|
|
|
|
crypto_cipher_generate_key(conn->b_crypto)) {
|
2003-03-19 21:48:56 +01:00
|
|
|
log(LOG_ERR,"Cannot generate a secure 3DES key.");
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
return -1;
|
|
|
|
|
}
|
2003-03-19 21:48:56 +01:00
|
|
|
log(LOG_DEBUG,"or_handshake_op_send_keys() : Generated 3DES keys.");
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
/* compose the message */
|
2003-05-28 04:03:25 +02:00
|
|
|
*(uint16_t *)(message) = htons(HANDSHAKE_AS_OP);
|
2003-06-21 21:29:32 +02:00
|
|
|
*(uint32_t *)(message+FLAGS_LEN) = htonl(conn->bandwidth);
|
|
|
|
|
memcpy((void *)(message+FLAGS_LEN+BANDWIDTH_LEN),
|
|
|
|
|
(void *)conn->f_crypto->key, 16);
|
|
|
|
|
memcpy((void *)(message+FLAGS_LEN+BANDWIDTH_LEN+KEY_LEN),
|
|
|
|
|
(void *)conn->b_crypto->key, 16);
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
|
|
|
|
|
/* encrypt with RSA */
|
2003-06-21 21:29:32 +02:00
|
|
|
if(crypto_pk_public_encrypt(conn->pkey, message, sizeof(message), cipher, RSA_PKCS1_PADDING) < 0) {
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
log(LOG_ERR,"or_handshake_op_send_keys(): Public key encryption failed.");
|
2002-06-27 00:45:49 +02:00
|
|
|
return -1;
|
|
|
|
|
}
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
log(LOG_DEBUG,"or_handshake_op_send_keys() : Encrypted authentication message.");
|
2002-06-27 00:45:49 +02:00
|
|
|
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
/* send message */
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2003-06-21 21:29:32 +02:00
|
|
|
if(connection_write_to_buf(cipher, PKEY_LEN, conn) < 0) {
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
log(LOG_DEBUG,"or_handshake_op_send_keys(): my outbuf is full. Oops.");
|
2002-06-27 00:45:49 +02:00
|
|
|
return -1;
|
|
|
|
|
}
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
retval = connection_flush_buf(conn);
|
|
|
|
|
if(retval < 0) {
|
|
|
|
|
log(LOG_DEBUG,"or_handshake_op_send_keys(): bad socket while flushing.");
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
if(retval > 0) {
|
|
|
|
|
/* still stuff on the buffer. */
|
|
|
|
|
conn->state = OR_CONN_STATE_OP_SENDING_KEYS;
|
|
|
|
|
connection_watch_events(conn, POLLOUT | POLLIN);
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* it finished sending */
|
|
|
|
|
log(LOG_DEBUG,"or_handshake_op_send_keys(): Finished sending authentication message.");
|
|
|
|
|
return or_handshake_op_finished_sending_keys(conn);
|
|
|
|
|
}
|
|
|
|
|
|
2003-06-21 21:29:32 +02:00
|
|
|
static int
|
|
|
|
|
or_handshake_op_finished_sending_keys(connection_t *conn) {
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
|
|
|
|
|
/* do crypto initialization, etc */
|
|
|
|
|
conn_or_init_crypto(conn);
|
|
|
|
|
|
2003-03-24 03:50:07 +01:00
|
|
|
connection_or_set_open(conn);
|
2003-04-16 08:18:31 +02:00
|
|
|
circuit_n_conn_open(conn); /* send the pending onion(s) */
|
2002-09-24 12:43:57 +02:00
|
|
|
return 0;
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
}
|
|
|
|
|
|
2003-06-21 21:29:32 +02:00
|
|
|
static int
|
|
|
|
|
or_handshake_client_send_auth(connection_t *conn) {
|
2002-06-27 00:45:49 +02:00
|
|
|
int retval;
|
2003-06-21 21:29:32 +02:00
|
|
|
char buf[FLAGS_LEN+ADDR_LEN+PORT_LEN+ADDR_LEN+
|
|
|
|
|
PORT_LEN+KEY_LEN+KEY_LEN+BANDWIDTH_LEN];
|
|
|
|
|
char cipher[PKEY_LEN];
|
2002-10-03 00:54:20 +02:00
|
|
|
struct sockaddr_in me; /* my router identity */
|
2002-06-27 00:45:49 +02:00
|
|
|
|
Implemented link padding and receiver token buckets
Each socket reads at most 'bandwidth' bytes per second sustained, but
can handle bursts of up to 10*bandwidth bytes.
Cells are now sent out at evenly-spaced intervals, with padding sent
out otherwise. Set Linkpadding=0 in the rc file to send cells as soon
as they're available (and to never send padding cells).
Added license/copyrights statements at the top of most files.
router->min and router->max have been merged into a single 'bandwidth'
value. We should make the routerinfo_t reflect this (want to do that,
Mat?)
As the bandwidth increases, and we want to stop sleeping more and more
frequently to send a single cell, cpu usage goes up. At 128kB/s we're
pretty much calling poll with a timeout of 1ms or even 0ms. The current
code takes a timeout of 0-9ms and makes it 10ms. prepare_for_poll()
handles everything that should have happened in the past, so as long as
our buffers don't get too full in that 10ms, we're ok.
Speaking of too full, if you run three servers at 100kB/s with -l debug,
it spends too much time printing debugging messages to be able to keep
up with the cells. The outbuf ultimately fills up and it kills that
connection. If you run with -l err, it works fine up through 500kB/s and
probably beyond. Down the road we'll want to teach it to recognize when
an outbuf is getting full, and back off.
svn:r50
2002-07-16 03:12:15 +02:00
|
|
|
assert(conn);
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2002-10-03 00:54:20 +02:00
|
|
|
if(learn_my_address(&me) < 0)
|
|
|
|
|
return -1;
|
|
|
|
|
|
2002-06-27 00:45:49 +02:00
|
|
|
/* generate random keys */
|
2002-08-22 09:30:03 +02:00
|
|
|
if(crypto_cipher_generate_key(conn->f_crypto) ||
|
|
|
|
|
crypto_cipher_generate_key(conn->b_crypto)) {
|
2002-06-27 00:45:49 +02:00
|
|
|
log(LOG_ERR,"Cannot generate a secure DES key.");
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
log(LOG_DEBUG,"or_handshake_client_send_auth() : Generated DES keys.");
|
|
|
|
|
|
|
|
|
|
/* generate first message */
|
2003-05-28 04:03:25 +02:00
|
|
|
*(uint16_t*)buf = htons(HANDSHAKE_AS_OR);
|
2003-06-21 21:29:32 +02:00
|
|
|
*(uint32_t*)(buf+FLAGS_LEN) = me.sin_addr.s_addr; /* local address, network order */
|
|
|
|
|
*(uint16_t*)(buf+FLAGS_LEN+ADDR_LEN) = me.sin_port; /* local port, network order */
|
|
|
|
|
*(uint32_t*)(buf+FLAGS_LEN+ADDR_LEN+PORT_LEN) = htonl(conn->addr); /* remote address */
|
|
|
|
|
*(uint16_t*)(buf+FLAGS_LEN+ADDR_LEN+PORT_LEN+ADDR_LEN) = htons(conn->port); /* remote port */
|
|
|
|
|
memcpy(buf+FLAGS_LEN+ADDR_LEN+PORT_LEN+ADDR_LEN+PORT_LEN,
|
|
|
|
|
conn->f_crypto->key,16); /* keys */
|
|
|
|
|
memcpy(buf+FLAGS_LEN+ADDR_LEN+PORT_LEN+ADDR_LEN+PORT_LEN+KEY_LEN,
|
|
|
|
|
conn->b_crypto->key,16);
|
|
|
|
|
*(uint32_t *)(buf+FLAGS_LEN+ADDR_LEN+PORT_LEN+ADDR_LEN+PORT_LEN+
|
|
|
|
|
KEY_LEN+KEY_LEN) = htonl(conn->bandwidth); /* max link utilisation */
|
2002-06-27 00:45:49 +02:00
|
|
|
log(LOG_DEBUG,"or_handshake_client_send_auth() : Generated first authentication message.");
|
|
|
|
|
|
|
|
|
|
/* encrypt message */
|
2003-06-21 21:29:32 +02:00
|
|
|
retval = crypto_pk_public_encrypt(conn->pkey, buf, sizeof(buf), cipher,RSA_PKCS1_PADDING);
|
2002-06-27 00:45:49 +02:00
|
|
|
if (retval == -1) /* error */
|
|
|
|
|
{
|
2002-08-24 09:55:49 +02:00
|
|
|
log(LOG_ERR,"Public-key encryption failed during authentication to %s:%u.",conn->address,conn->port);
|
2002-08-22 09:30:03 +02:00
|
|
|
log(LOG_DEBUG,"or_handshake_client_send_auth() : Reason : %s.",crypto_perror());
|
2002-06-27 00:45:49 +02:00
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
log(LOG_DEBUG,"or_handshake_client_send_auth() : Encrypted authentication message.");
|
|
|
|
|
|
|
|
|
|
/* send message */
|
|
|
|
|
|
2003-06-21 21:29:32 +02:00
|
|
|
if(connection_write_to_buf(cipher, PKEY_LEN, conn) < 0) {
|
2002-06-27 00:45:49 +02:00
|
|
|
log(LOG_DEBUG,"or_handshake_client_send_auth(): my outbuf is full. Oops.");
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
retval = connection_flush_buf(conn);
|
|
|
|
|
if(retval < 0) {
|
|
|
|
|
log(LOG_DEBUG,"or_handshake_client_send_auth(): bad socket while flushing.");
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
if(retval > 0) {
|
|
|
|
|
/* still stuff on the buffer. */
|
|
|
|
|
conn->state = OR_CONN_STATE_CLIENT_SENDING_AUTH;
|
|
|
|
|
connection_watch_events(conn, POLLOUT | POLLIN);
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* it finished sending */
|
|
|
|
|
log(LOG_DEBUG,"or_handshake_client_send_auth(): Finished sending authentication message.");
|
|
|
|
|
conn->state = OR_CONN_STATE_CLIENT_AUTH_WAIT;
|
|
|
|
|
connection_watch_events(conn, POLLIN);
|
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
2003-06-21 21:29:32 +02:00
|
|
|
static int
|
|
|
|
|
or_handshake_client_process_auth(connection_t *conn) {
|
2003-03-19 22:34:38 +01:00
|
|
|
char buf[128]; /* only 56 of this is expected to be used */
|
2002-06-27 00:45:49 +02:00
|
|
|
char cipher[128];
|
Implemented link padding and receiver token buckets
Each socket reads at most 'bandwidth' bytes per second sustained, but
can handle bursts of up to 10*bandwidth bytes.
Cells are now sent out at evenly-spaced intervals, with padding sent
out otherwise. Set Linkpadding=0 in the rc file to send cells as soon
as they're available (and to never send padding cells).
Added license/copyrights statements at the top of most files.
router->min and router->max have been merged into a single 'bandwidth'
value. We should make the routerinfo_t reflect this (want to do that,
Mat?)
As the bandwidth increases, and we want to stop sleeping more and more
frequently to send a single cell, cpu usage goes up. At 128kB/s we're
pretty much calling poll with a timeout of 1ms or even 0ms. The current
code takes a timeout of 0-9ms and makes it 10ms. prepare_for_poll()
handles everything that should have happened in the past, so as long as
our buffers don't get too full in that 10ms, we're ok.
Speaking of too full, if you run three servers at 100kB/s with -l debug,
it spends too much time printing debugging messages to be able to keep
up with the cells. The outbuf ultimately fills up and it kills that
connection. If you run with -l err, it works fine up through 500kB/s and
probably beyond. Down the road we'll want to teach it to recognize when
an outbuf is getting full, and back off.
svn:r50
2002-07-16 03:12:15 +02:00
|
|
|
uint32_t bandwidth;
|
2002-06-27 00:45:49 +02:00
|
|
|
int retval;
|
2002-10-03 00:54:20 +02:00
|
|
|
struct sockaddr_in me; /* my router identity */
|
2002-06-27 00:45:49 +02:00
|
|
|
|
|
|
|
|
assert(conn);
|
|
|
|
|
|
2002-10-03 00:54:20 +02:00
|
|
|
if(learn_my_address(&me) < 0)
|
|
|
|
|
return -1;
|
|
|
|
|
|
2002-06-27 00:45:49 +02:00
|
|
|
if(conn->inbuf_datalen < 128) /* entire response available? */
|
|
|
|
|
return 0; /* not yet */
|
|
|
|
|
|
|
|
|
|
if(connection_fetch_from_buf(cipher,128,conn) < 0) {
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
log(LOG_DEBUG,"or_handshake_client_process_auth() : Received auth.");
|
|
|
|
|
|
|
|
|
|
/* decrypt response */
|
2003-05-08 00:40:03 +02:00
|
|
|
retval = crypto_pk_private_decrypt(get_privatekey(), cipher, 128, buf, RSA_PKCS1_PADDING);
|
2002-06-27 00:45:49 +02:00
|
|
|
if (retval == -1)
|
|
|
|
|
{
|
|
|
|
|
log(LOG_ERR,"Public-key decryption failed during authentication to %s:%u.",
|
2002-08-24 09:55:49 +02:00
|
|
|
conn->address,conn->port);
|
2002-06-27 00:45:49 +02:00
|
|
|
log(LOG_DEBUG,"or_handshake_client_process_auth() : Reason : %s.",
|
2002-08-22 09:30:03 +02:00
|
|
|
crypto_perror());
|
2002-06-27 00:45:49 +02:00
|
|
|
return -1;
|
|
|
|
|
}
|
2003-03-19 22:34:38 +01:00
|
|
|
else if (retval != 56)
|
2002-06-27 00:45:49 +02:00
|
|
|
{
|
2003-03-19 23:02:35 +01:00
|
|
|
log(LOG_ERR,"client_process_auth: incorrect response from router %s:%u.",
|
2002-08-24 09:55:49 +02:00
|
|
|
conn->address,conn->port);
|
2002-06-27 00:45:49 +02:00
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
log(LOG_DEBUG,"or_handshake_client_process_auth() : Decrypted response.");
|
|
|
|
|
/* check validity */
|
2003-03-19 23:02:35 +01:00
|
|
|
if ( (*(uint32_t*)buf != me.sin_addr.s_addr) || /* local address, network order */
|
|
|
|
|
(*(uint16_t*)(buf+4) != me.sin_port) || /* local port, network order */
|
2002-08-24 08:58:25 +02:00
|
|
|
(ntohl(*(uint32_t*)(buf+6)) != conn->addr) || /* remote address */
|
2003-03-19 23:02:35 +01:00
|
|
|
(ntohs(*(uint16_t*)(buf+10)) != conn->port) ) { /* remote port */
|
|
|
|
|
log(LOG_ERR,"client_process_auth: Router %s:%u: bad address info.", conn->address,conn->port);
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
if ( (memcmp(conn->f_crypto->key, buf+12, 16)) || /* keys */
|
|
|
|
|
(memcmp(conn->b_crypto->key, buf+28, 16)) ) {
|
|
|
|
|
log(LOG_ERR,"client_process_auth: Router %s:%u: bad key info.",conn->address,conn->port);
|
2002-06-27 00:45:49 +02:00
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
log(LOG_DEBUG,"or_handshake_client_process_auth() : Response valid.");
|
|
|
|
|
|
|
|
|
|
/* update link info */
|
2003-03-19 21:48:56 +01:00
|
|
|
bandwidth = ntohl(*(uint32_t *)(buf+44));
|
2002-06-27 00:45:49 +02:00
|
|
|
|
Implemented link padding and receiver token buckets
Each socket reads at most 'bandwidth' bytes per second sustained, but
can handle bursts of up to 10*bandwidth bytes.
Cells are now sent out at evenly-spaced intervals, with padding sent
out otherwise. Set Linkpadding=0 in the rc file to send cells as soon
as they're available (and to never send padding cells).
Added license/copyrights statements at the top of most files.
router->min and router->max have been merged into a single 'bandwidth'
value. We should make the routerinfo_t reflect this (want to do that,
Mat?)
As the bandwidth increases, and we want to stop sleeping more and more
frequently to send a single cell, cpu usage goes up. At 128kB/s we're
pretty much calling poll with a timeout of 1ms or even 0ms. The current
code takes a timeout of 0-9ms and makes it 10ms. prepare_for_poll()
handles everything that should have happened in the past, so as long as
our buffers don't get too full in that 10ms, we're ok.
Speaking of too full, if you run three servers at 100kB/s with -l debug,
it spends too much time printing debugging messages to be able to keep
up with the cells. The outbuf ultimately fills up and it kills that
connection. If you run with -l err, it works fine up through 500kB/s and
probably beyond. Down the road we'll want to teach it to recognize when
an outbuf is getting full, and back off.
svn:r50
2002-07-16 03:12:15 +02:00
|
|
|
if (conn->bandwidth > bandwidth)
|
|
|
|
|
conn->bandwidth = bandwidth;
|
2002-06-27 00:45:49 +02:00
|
|
|
|
|
|
|
|
/* reply is just local addr/port, remote addr/port, nonce */
|
2003-03-19 22:34:38 +01:00
|
|
|
memcpy(buf+12, buf+48, 8);
|
2002-06-27 00:45:49 +02:00
|
|
|
|
|
|
|
|
/* encrypt reply */
|
2002-08-22 09:30:03 +02:00
|
|
|
retval = crypto_pk_public_encrypt(conn->pkey, buf, 20, cipher,RSA_PKCS1_PADDING);
|
2002-06-27 00:45:49 +02:00
|
|
|
if (retval == -1) /* error */
|
|
|
|
|
{
|
2002-08-24 09:55:49 +02:00
|
|
|
log(LOG_ERR,"Public-key encryption failed during authentication to %s:%u.",conn->address,conn->port);
|
2002-08-22 09:30:03 +02:00
|
|
|
log(LOG_DEBUG,"or_handshake_client_process_auth() : Reason : %s.",crypto_perror());
|
2002-06-27 00:45:49 +02:00
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* send the message */
|
|
|
|
|
|
|
|
|
|
if(connection_write_to_buf(cipher, 128, conn) < 0) {
|
|
|
|
|
log(LOG_DEBUG,"or_handshake_client_process_auth(): my outbuf is full. Oops.");
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
retval = connection_flush_buf(conn);
|
|
|
|
|
if(retval < 0) {
|
|
|
|
|
log(LOG_DEBUG,"or_handshake_client_process_auth(): bad socket while flushing.");
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
if(retval > 0) {
|
|
|
|
|
/* still stuff on the buffer. */
|
|
|
|
|
conn->state = OR_CONN_STATE_CLIENT_SENDING_NONCE;
|
|
|
|
|
connection_watch_events(conn, POLLOUT | POLLIN);
|
|
|
|
|
/* return(connection_process_inbuf(conn)); process the rest of the inbuf */
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* it finished sending */
|
|
|
|
|
log(LOG_DEBUG,"or_handshake_client_process_auth(): Finished sending nonce.");
|
|
|
|
|
conn_or_init_crypto(conn);
|
2003-03-24 03:50:07 +01:00
|
|
|
connection_or_set_open(conn);
|
2002-06-27 00:45:49 +02:00
|
|
|
return connection_process_inbuf(conn); /* process the rest of the inbuf */
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
*
|
|
|
|
|
* auth handshake, as performed by OR *receiving* the connection
|
|
|
|
|
*
|
|
|
|
|
*/
|
|
|
|
|
|
2003-06-21 21:29:32 +02:00
|
|
|
static int
|
|
|
|
|
or_handshake_server_process_auth(connection_t *conn) {
|
2002-06-27 00:45:49 +02:00
|
|
|
int retval;
|
|
|
|
|
|
2003-05-28 04:03:25 +02:00
|
|
|
char buf[128]; /* 50 of this is expected to be used for OR, 38 for OP */
|
2002-06-27 00:45:49 +02:00
|
|
|
char cipher[128];
|
|
|
|
|
|
2003-05-28 04:03:25 +02:00
|
|
|
unsigned char iv[16];
|
|
|
|
|
|
2002-06-27 00:45:49 +02:00
|
|
|
uint32_t addr;
|
|
|
|
|
uint16_t port;
|
|
|
|
|
|
Implemented link padding and receiver token buckets
Each socket reads at most 'bandwidth' bytes per second sustained, but
can handle bursts of up to 10*bandwidth bytes.
Cells are now sent out at evenly-spaced intervals, with padding sent
out otherwise. Set Linkpadding=0 in the rc file to send cells as soon
as they're available (and to never send padding cells).
Added license/copyrights statements at the top of most files.
router->min and router->max have been merged into a single 'bandwidth'
value. We should make the routerinfo_t reflect this (want to do that,
Mat?)
As the bandwidth increases, and we want to stop sleeping more and more
frequently to send a single cell, cpu usage goes up. At 128kB/s we're
pretty much calling poll with a timeout of 1ms or even 0ms. The current
code takes a timeout of 0-9ms and makes it 10ms. prepare_for_poll()
handles everything that should have happened in the past, so as long as
our buffers don't get too full in that 10ms, we're ok.
Speaking of too full, if you run three servers at 100kB/s with -l debug,
it spends too much time printing debugging messages to be able to keep
up with the cells. The outbuf ultimately fills up and it kills that
connection. If you run with -l err, it works fine up through 500kB/s and
probably beyond. Down the road we'll want to teach it to recognize when
an outbuf is getting full, and back off.
svn:r50
2002-07-16 03:12:15 +02:00
|
|
|
uint32_t bandwidth;
|
2002-06-27 00:45:49 +02:00
|
|
|
routerinfo_t *router;
|
|
|
|
|
|
|
|
|
|
assert(conn);
|
|
|
|
|
|
|
|
|
|
log(LOG_DEBUG,"or_handshake_server_process_auth() entered.");
|
|
|
|
|
|
|
|
|
|
if(conn->inbuf_datalen < 128) /* entire response available? */
|
|
|
|
|
return 0; /* not yet */
|
|
|
|
|
|
|
|
|
|
if(connection_fetch_from_buf(cipher,128,conn) < 0) {
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
log(LOG_DEBUG,"or_handshake_server_process_auth() : Received auth.");
|
|
|
|
|
|
|
|
|
|
/* decrypt response */
|
2003-05-08 00:40:03 +02:00
|
|
|
retval = crypto_pk_private_decrypt(get_privatekey(), cipher, 128, buf, RSA_PKCS1_PADDING);
|
2003-05-28 04:03:25 +02:00
|
|
|
if (retval == -1) {
|
2003-03-19 23:02:35 +01:00
|
|
|
log(LOG_ERR,"or_handshake_server_process_auth: Public-key decryption failed.");
|
2002-06-27 00:45:49 +02:00
|
|
|
log(LOG_DEBUG,"or_handshake_server_process_auth() : Reason : %s.",
|
2002-08-22 09:30:03 +02:00
|
|
|
crypto_perror());
|
2002-06-27 00:45:49 +02:00
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
2003-05-28 04:03:25 +02:00
|
|
|
if (retval == 50) {
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2003-05-28 04:03:25 +02:00
|
|
|
log(LOG_DEBUG,"or_handshake_server_process_auth(): Decrypted OR-style auth message.");
|
|
|
|
|
if(ntohs(*(uint16_t*)buf) != HANDSHAKE_AS_OR) {
|
|
|
|
|
log(LOG_DEBUG,"or_handshake_server_process_auth(): ...but wasn't labelled OR. Dropping.");
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2003-05-28 04:03:25 +02:00
|
|
|
/* identify the router */
|
|
|
|
|
addr = ntohl(*(uint32_t*)(buf+2)); /* save the IP address */
|
|
|
|
|
port = ntohs(*(uint16_t*)(buf+6)); /* save the port */
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2003-05-28 04:03:25 +02:00
|
|
|
router = router_get_by_addr_port(addr,port);
|
|
|
|
|
if (!router) {
|
|
|
|
|
log(LOG_DEBUG,"or_handshake_server_process_auth() : unknown router '%s:%d'. Will drop.", conn->address, port);
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
log(LOG_DEBUG,"or_handshake_server_process_auth() : Router identified as %s:%u.",
|
|
|
|
|
router->address,router->or_port);
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2003-05-28 04:03:25 +02:00
|
|
|
if(connection_exact_get_by_addr_port(addr,port)) {
|
|
|
|
|
log(LOG_DEBUG,"or_handshake_server_process_auth(): That router is already connected. Dropping.");
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2003-05-28 04:03:25 +02:00
|
|
|
/* save keys */
|
|
|
|
|
crypto_cipher_set_key(conn->b_crypto,buf+14);
|
|
|
|
|
crypto_cipher_set_key(conn->f_crypto,buf+30);
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2003-05-28 04:03:25 +02:00
|
|
|
/* update link info */
|
|
|
|
|
bandwidth = ntohl(*(uint32_t *)(buf+46));
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2003-05-28 04:03:25 +02:00
|
|
|
conn->bandwidth = router->bandwidth;
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2003-05-28 04:03:25 +02:00
|
|
|
if (conn->bandwidth > bandwidth)
|
|
|
|
|
conn->bandwidth = bandwidth;
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2003-05-28 04:03:25 +02:00
|
|
|
/* copy all relevant info to conn */
|
|
|
|
|
conn->addr = router->addr, conn->port = router->or_port;
|
|
|
|
|
conn->pkey = crypto_pk_dup_key(router->pkey);
|
|
|
|
|
conn->address = strdup(router->address);
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2003-05-28 04:03:25 +02:00
|
|
|
/* generate a nonce */
|
2003-06-14 03:29:16 +02:00
|
|
|
retval = crypto_rand(8, conn->nonce);
|
2003-05-28 04:03:25 +02:00
|
|
|
if (retval) { /* error */
|
|
|
|
|
log(LOG_ERR,"Cannot generate a nonce.");
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
log(LOG_DEBUG,"or_handshake_server_process_auth(): Nonce generated.");
|
|
|
|
|
|
2003-05-28 08:19:58 +02:00
|
|
|
memmove(buf, buf+2, 44);
|
2003-05-28 04:03:25 +02:00
|
|
|
*(uint32_t *)(buf+44) = htonl(conn->bandwidth); /* send max link utilisation */
|
|
|
|
|
memcpy(buf+48,conn->nonce,8); /* append the nonce to the end of the message */
|
|
|
|
|
|
|
|
|
|
/* encrypt message */
|
|
|
|
|
retval = crypto_pk_public_encrypt(conn->pkey, buf, 56, cipher,RSA_PKCS1_PADDING);
|
|
|
|
|
if (retval == -1) { /* error */
|
|
|
|
|
log(LOG_ERR,"Public-key encryption failed during authentication to %s:%u.",conn->address,conn->port);
|
|
|
|
|
log(LOG_DEBUG,"or_handshake_server_process_auth() : Reason : %s.",crypto_perror());
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
log(LOG_DEBUG,"or_handshake_server_process_auth() : Reply encrypted.");
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2003-05-28 04:03:25 +02:00
|
|
|
/* send message */
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2003-05-28 04:03:25 +02:00
|
|
|
if(connection_write_to_buf(cipher, 128, conn) < 0) {
|
|
|
|
|
log(LOG_DEBUG,"or_handshake_server_process_auth(): my outbuf is full. Oops.");
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
retval = connection_flush_buf(conn);
|
|
|
|
|
if(retval < 0) {
|
|
|
|
|
log(LOG_DEBUG,"or_handshake_server_process_auth(): bad socket while flushing.");
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
if(retval > 0) {
|
|
|
|
|
/* still stuff on the buffer. */
|
|
|
|
|
conn->state = OR_CONN_STATE_SERVER_SENDING_AUTH;
|
|
|
|
|
connection_watch_events(conn, POLLOUT | POLLIN);
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* it finished sending */
|
|
|
|
|
log(LOG_DEBUG,"or_handshake_server_process_auth(): Finished sending auth.");
|
|
|
|
|
conn->state = OR_CONN_STATE_SERVER_NONCE_WAIT;
|
|
|
|
|
connection_watch_events(conn, POLLIN);
|
2002-06-27 00:45:49 +02:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2003-05-28 04:03:25 +02:00
|
|
|
if(retval == 38) {
|
|
|
|
|
log(LOG_DEBUG,"or_handshake_server_process_auth(): Decrypted OP-style auth message.");
|
|
|
|
|
if(ntohs(*(uint16_t*)buf) != HANDSHAKE_AS_OP) {
|
|
|
|
|
log(LOG_DEBUG,"or_handshake_server_process_auth(): ...but wasn't labelled OP. Dropping.");
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
conn->bandwidth = ntohl(*((uint32_t *)(buf+2)));
|
|
|
|
|
log(LOG_DEBUG,"or_handshake_server_process_auth(): Bandwidth %d requested.",conn->bandwidth);
|
|
|
|
|
|
|
|
|
|
crypto_cipher_set_key(conn->b_crypto, buf+6);
|
|
|
|
|
crypto_cipher_set_key(conn->f_crypto, buf+22);
|
|
|
|
|
|
|
|
|
|
memset(iv, 0, 16);
|
|
|
|
|
crypto_cipher_set_iv(conn->b_crypto, iv);
|
|
|
|
|
crypto_cipher_set_iv(conn->f_crypto, iv);
|
|
|
|
|
|
|
|
|
|
crypto_cipher_encrypt_init_cipher(conn->b_crypto);
|
|
|
|
|
crypto_cipher_decrypt_init_cipher(conn->f_crypto);
|
|
|
|
|
|
|
|
|
|
conn->state = OR_CONN_STATE_OPEN;
|
|
|
|
|
connection_init_timeval(conn);
|
|
|
|
|
connection_watch_events(conn, POLLIN);
|
|
|
|
|
|
|
|
|
|
return connection_process_inbuf(conn); /* in case they sent some cells along with the keys */
|
|
|
|
|
}
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2003-05-28 04:03:25 +02:00
|
|
|
log(LOG_ERR,"or_handshake_server_process_auth(): received an incorrect authentication request.");
|
|
|
|
|
return -1;
|
2002-06-27 00:45:49 +02:00
|
|
|
}
|
|
|
|
|
|
2003-06-21 21:29:32 +02:00
|
|
|
static int
|
|
|
|
|
or_handshake_server_process_nonce(connection_t *conn) {
|
2002-06-27 00:45:49 +02:00
|
|
|
|
|
|
|
|
char buf[128];
|
|
|
|
|
char cipher[128];
|
|
|
|
|
int retval;
|
2002-10-03 00:54:20 +02:00
|
|
|
struct sockaddr_in me; /* my router identity */
|
2002-06-27 00:45:49 +02:00
|
|
|
|
|
|
|
|
assert(conn);
|
|
|
|
|
|
2002-10-03 00:54:20 +02:00
|
|
|
if(learn_my_address(&me) < 0)
|
|
|
|
|
return -1;
|
|
|
|
|
|
2002-06-27 00:45:49 +02:00
|
|
|
if(conn->inbuf_datalen < 128) /* entire response available? */
|
|
|
|
|
return 0; /* not yet */
|
|
|
|
|
|
|
|
|
|
if(connection_fetch_from_buf(cipher,128,conn) < 0) {
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
log(LOG_DEBUG,"or_handshake_server_process_nonce() : Received auth.");
|
|
|
|
|
|
|
|
|
|
/* decrypt response */
|
2003-05-08 00:40:03 +02:00
|
|
|
retval = crypto_pk_private_decrypt(get_privatekey(), cipher, 128, buf,RSA_PKCS1_PADDING);
|
2002-06-27 00:45:49 +02:00
|
|
|
if (retval == -1)
|
|
|
|
|
{
|
|
|
|
|
log(LOG_ERR,"Public-key decryption failed during authentication to %s:%u.",
|
2002-08-24 09:55:49 +02:00
|
|
|
conn->address,conn->port);
|
2002-06-27 00:45:49 +02:00
|
|
|
log(LOG_DEBUG,"or_handshake_server_process_nonce() : Reason : %s.",
|
2002-08-22 09:30:03 +02:00
|
|
|
crypto_perror());
|
2002-06-27 00:45:49 +02:00
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
else if (retval != 20)
|
|
|
|
|
{
|
2003-03-19 23:02:35 +01:00
|
|
|
log(LOG_ERR,"server_process_nonce: incorrect response from router %s:%u.",
|
2002-08-24 09:55:49 +02:00
|
|
|
conn->address,conn->port);
|
2002-06-27 00:45:49 +02:00
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
log(LOG_DEBUG,"or_handshake_server_process_nonce() : Response decrypted.");
|
|
|
|
|
|
|
|
|
|
/* check validity */
|
2002-08-24 08:58:25 +02:00
|
|
|
if ((ntohl(*(uint32_t*)buf) != conn->addr) || /* remote address */
|
2002-08-24 09:55:49 +02:00
|
|
|
(ntohs(*(uint16_t*)(buf+4)) != conn->port) || /* remote port */
|
2002-10-03 00:54:20 +02:00
|
|
|
(*(uint32_t*)(buf+6) != me.sin_addr.s_addr) || /* local address, network order */
|
|
|
|
|
(*(uint16_t*)(buf+10) != me.sin_port) || /* local port, network order */
|
2002-06-27 00:45:49 +02:00
|
|
|
(memcmp(conn->nonce,buf+12,8))) /* nonce */
|
|
|
|
|
{
|
2003-03-19 23:02:35 +01:00
|
|
|
log(LOG_ERR,"server_process_nonce: Router %s:%u gave bad response.",conn->address,conn->port);
|
2002-06-27 00:45:49 +02:00
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
log(LOG_DEBUG,"or_handshake_server_process_nonce() : Response valid. Authentication complete.");
|
|
|
|
|
|
|
|
|
|
conn_or_init_crypto(conn);
|
2003-03-24 03:50:07 +01:00
|
|
|
connection_or_set_open(conn);
|
2002-06-27 00:45:49 +02:00
|
|
|
return connection_process_inbuf(conn); /* process the rest of the inbuf */
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
2003-06-21 21:29:32 +02:00
|
|
|
/*********************/
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2003-06-21 21:29:32 +02:00
|
|
|
static void
|
|
|
|
|
connection_or_set_open(connection_t *conn) {
|
|
|
|
|
conn->state = OR_CONN_STATE_OPEN;
|
|
|
|
|
directory_set_dirty();
|
|
|
|
|
connection_init_timeval(conn);
|
|
|
|
|
connection_watch_events(conn, POLLIN);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void
|
|
|
|
|
conn_or_init_crypto(connection_t *conn) {
|
|
|
|
|
//int x;
|
|
|
|
|
unsigned char iv[16];
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2003-06-21 21:29:32 +02:00
|
|
|
assert(conn);
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2003-06-21 21:29:32 +02:00
|
|
|
memset((void *)iv, 0, 16);
|
|
|
|
|
crypto_cipher_set_iv(conn->f_crypto, iv);
|
|
|
|
|
crypto_cipher_set_iv(conn->b_crypto, iv);
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2003-06-21 21:29:32 +02:00
|
|
|
crypto_cipher_encrypt_init_cipher(conn->f_crypto);
|
|
|
|
|
crypto_cipher_decrypt_init_cipher(conn->b_crypto);
|
|
|
|
|
/* always encrypt with f, always decrypt with b */
|
2002-06-27 00:45:49 +02:00
|
|
|
}
|
|
|
|
|
|
2003-06-21 21:29:32 +02:00
|
|
|
|
|
|
|
|
|
2003-04-07 04:12:02 +02:00
|
|
|
/*
|
|
|
|
|
Local Variables:
|
|
|
|
|
mode:c
|
|
|
|
|
indent-tabs-mode:nil
|
|
|
|
|
c-basic-offset:2
|
|
|
|
|
End:
|
|
|
|
|
*/
|