Compare commits
19 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
0a797b4f5f | ||
|
|
8cb849fbc3 | ||
|
|
13f9f4c896 | ||
|
|
cfd7af9241 | ||
|
|
c81592fcc5 | ||
|
|
b4a311cdc8 | ||
|
|
08617d0017 | ||
|
|
38cd3b0371 | ||
|
|
5944e61dfe | ||
|
|
585b2b08bc | ||
|
|
a3aa6fc4fb | ||
|
|
6f36424d12 | ||
|
|
fa9301da16 | ||
|
|
c154a00358 | ||
|
|
4246b510d2 | ||
|
|
c71db48ae1 | ||
|
|
e3cce8aeb9 | ||
|
|
ad0d205ff3 | ||
|
|
030087cb27 |
15
.build.sh
Executable file
15
.build.sh
Executable file
@@ -0,0 +1,15 @@
|
||||
#!/bin/sh
|
||||
|
||||
export CC="gcc -static"
|
||||
|
||||
git clone https://github.com/jedisct1/libsodium --depth=1 --branch stable
|
||||
cd libsodium || exit 1
|
||||
./autogen.sh && ./configure --enable-minimal --disable-shared --prefix=/usr && make install
|
||||
cd ..
|
||||
|
||||
./autogen.sh && ./configure && make
|
||||
[ -x glorytun ] || exit 1
|
||||
|
||||
mkdir -p deploy
|
||||
strip -s glorytun
|
||||
mv glorytun deploy/glorytun-$(cat VERSION)-$(uname -m).bin
|
||||
@@ -1,4 +1,4 @@
|
||||
# Glorytun
|
||||
# π₁(Glorytun)=ℤ²
|
||||
|
||||
Small, Simple and Stupid TCP VPN.
|
||||
|
||||
@@ -8,8 +8,7 @@ This code will probably format your harddisk!
|
||||
|
||||
#### Build and Install
|
||||
|
||||
Glorytun depends on [libsodium](https://github.com/jedisct1/libsodium) version >= 1.0.4
|
||||
and needs an AES-NI capable CPU.
|
||||
Glorytun depends on [libsodium](https://github.com/jedisct1/libsodium) version >= 1.0.4.
|
||||
|
||||
To build and install the latest version:
|
||||
|
||||
|
||||
@@ -16,6 +16,8 @@ AC_PROG_CC_C99
|
||||
AC_USE_SYSTEM_EXTENSIONS
|
||||
AC_SEARCH_LIBS([getaddrinfo], [resolv nsl])
|
||||
AC_SEARCH_LIBS([socket], [socket])
|
||||
AC_CHECK_LIB([rt], [clock_gettime])
|
||||
AC_CHECK_FUNCS([clock_gettime])
|
||||
PKG_CHECK_MODULES([libsodium], [libsodium >= 1.0.4])
|
||||
AC_CONFIG_FILES([Makefile])
|
||||
AC_OUTPUT
|
||||
|
||||
10
m4/pkg.m4
10
m4/pkg.m4
@@ -1,6 +1,6 @@
|
||||
dnl pkg.m4 - Macros to locate and utilise pkg-config. -*- Autoconf -*-
|
||||
dnl serial 11 (pkg-config-0.29)
|
||||
dnl
|
||||
# pkg.m4 - Macros to locate and utilise pkg-config. -*- Autoconf -*-
|
||||
# serial 12 (pkg-config-0.29.2)
|
||||
|
||||
dnl Copyright © 2004 Scott James Remnant <scott@netsplit.com>.
|
||||
dnl Copyright © 2012-2015 Dan Nicholson <dbn.lists@gmail.com>
|
||||
dnl
|
||||
@@ -41,7 +41,7 @@ dnl
|
||||
dnl See the "Since" comment for each macro you use to see what version
|
||||
dnl of the macros you require.
|
||||
m4_defun([PKG_PREREQ],
|
||||
[m4_define([PKG_MACROS_VERSION], [0.29])
|
||||
[m4_define([PKG_MACROS_VERSION], [0.29.2])
|
||||
m4_if(m4_version_compare(PKG_MACROS_VERSION, [$1]), -1,
|
||||
[m4_fatal([pkg.m4 version $1 or higher is required but ]PKG_MACROS_VERSION[ found])])
|
||||
])dnl PKG_PREREQ
|
||||
@@ -142,7 +142,7 @@ AC_ARG_VAR([$1][_CFLAGS], [C compiler flags for $1, overriding pkg-config])dnl
|
||||
AC_ARG_VAR([$1][_LIBS], [linker flags for $1, overriding pkg-config])dnl
|
||||
|
||||
pkg_failed=no
|
||||
AC_MSG_CHECKING([for $1])
|
||||
AC_MSG_CHECKING([for $2])
|
||||
|
||||
_PKG_CONFIG([$1][_CFLAGS], [cflags], [$2])
|
||||
_PKG_CONFIG([$1][_LIBS], [libs], [$2])
|
||||
|
||||
317
src/main.c
317
src/main.c
@@ -14,6 +14,7 @@
|
||||
#include <signal.h>
|
||||
#include <poll.h>
|
||||
#include <fcntl.h>
|
||||
#include <time.h>
|
||||
#include <sys/socket.h>
|
||||
#include <sys/time.h>
|
||||
|
||||
@@ -36,6 +37,10 @@
|
||||
|
||||
#include <sodium.h>
|
||||
|
||||
#ifdef __APPLE__
|
||||
#include <mach/mach_time.h>
|
||||
#endif
|
||||
|
||||
#ifndef O_CLOEXEC
|
||||
#define O_CLOEXEC 0
|
||||
#endif
|
||||
@@ -45,8 +50,15 @@
|
||||
#define GT_TUNR_SIZE (GT_PKT_MAX-16-2)
|
||||
#define GT_TUNW_SIZE (GT_PKT_MAX)
|
||||
|
||||
#define GT_ABYTES (16)
|
||||
#define GT_KEYBYTES (32)
|
||||
|
||||
static struct {
|
||||
int timeout;
|
||||
volatile sig_atomic_t quit;
|
||||
volatile sig_atomic_t info;
|
||||
long timeout;
|
||||
int mptcp;
|
||||
int state_fd;
|
||||
} gt;
|
||||
|
||||
struct fdbuf {
|
||||
@@ -57,15 +69,13 @@ struct fdbuf {
|
||||
|
||||
struct crypto_ctx {
|
||||
struct {
|
||||
crypto_aead_aes256gcm_state state;
|
||||
uint8_t nonce[crypto_aead_aes256gcm_NPUBBYTES];
|
||||
uint8_t key[512] _align_(16);
|
||||
uint8_t nonce[16];
|
||||
} write, read;
|
||||
uint8_t skey[crypto_generichash_KEYBYTES];
|
||||
int chacha;
|
||||
};
|
||||
|
||||
volatile sig_atomic_t gt_close = 0;
|
||||
volatile sig_atomic_t gt_info = 0;
|
||||
|
||||
_pure_
|
||||
static int64_t dt_ms (struct timeval *ta, struct timeval *tb)
|
||||
{
|
||||
@@ -104,12 +114,16 @@ enum sk_opt {
|
||||
sk_acceptfilter,
|
||||
sk_quickack,
|
||||
sk_user_timeout,
|
||||
sk_mptcp_26,
|
||||
sk_mptcp_42,
|
||||
};
|
||||
|
||||
static void sk_set (int fd, enum sk_opt opt, const void *val, socklen_t len)
|
||||
static int sk_set (int fd, enum sk_opt opt, const void *val, socklen_t len)
|
||||
{
|
||||
if (!val || len<=0)
|
||||
return;
|
||||
if (!val || len<=0) {
|
||||
errno = EINVAL;
|
||||
return -1;
|
||||
}
|
||||
|
||||
struct {
|
||||
const char *name;
|
||||
@@ -160,26 +174,45 @@ static void sk_set (int fd, enum sk_opt opt, const void *val, socklen_t len)
|
||||
1, IPPROTO_TCP, TCP_USER_TIMEOUT,
|
||||
#endif
|
||||
},
|
||||
[sk_mptcp_26] = { "MPTCP_ENABLED (26)", 1, IPPROTO_TCP, 26 },
|
||||
[sk_mptcp_42] = { "MPTCP_ENABLED (42)", 1, IPPROTO_TCP, 42 },
|
||||
};
|
||||
|
||||
if (!opts[opt].present) {
|
||||
gt_na(opts[opt].name);
|
||||
return;
|
||||
errno = EINVAL;
|
||||
return -1;
|
||||
}
|
||||
|
||||
if (setsockopt(fd, opts[opt].level, opts[opt].option, val, len)==-1)
|
||||
int ret = setsockopt(fd, opts[opt].level, opts[opt].option, val, len);
|
||||
|
||||
if (ret==-1) {
|
||||
int err = errno;
|
||||
gt_log("couldn't set socket option `%s'\n", opts[opt].name);
|
||||
errno = err;
|
||||
}
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
static void sk_set_int (int fd, enum sk_opt opt, int val)
|
||||
static int sk_set_int (int fd, enum sk_opt opt, int val)
|
||||
{
|
||||
return sk_set(fd, opt, &val, sizeof(val));
|
||||
}
|
||||
|
||||
static void sk_set_mptcp (int fd)
|
||||
{
|
||||
if (sk_set_int(fd, sk_mptcp_42, 1)==-1)
|
||||
sk_set_int(fd, sk_mptcp_26, 1);
|
||||
}
|
||||
|
||||
static int sk_listen (int fd, struct addrinfo *ai)
|
||||
{
|
||||
sk_set_int(fd, sk_reuseaddr, 1);
|
||||
|
||||
if (gt.mptcp)
|
||||
sk_set_mptcp(fd);
|
||||
|
||||
if (bind(fd, ai->ai_addr, ai->ai_addrlen)==-1) {
|
||||
perror("bind");
|
||||
return -1;
|
||||
@@ -204,6 +237,9 @@ static int sk_connect (int fd, struct addrinfo *ai)
|
||||
{
|
||||
fd_set_nonblock(fd);
|
||||
|
||||
if (gt.mptcp)
|
||||
sk_set_mptcp(fd);
|
||||
|
||||
int ret = connect(fd, ai->ai_addr, ai->ai_addrlen);
|
||||
|
||||
if (ret==-1) {
|
||||
@@ -258,8 +294,11 @@ static int sk_accept (int fd)
|
||||
|
||||
int ret = accept(fd, (struct sockaddr *)&addr, &addr_size);
|
||||
|
||||
if (ret==-1 && errno!=EINTR)
|
||||
if (ret==-1) {
|
||||
if (errno!=EINTR)
|
||||
perror("accept");
|
||||
return -1;
|
||||
}
|
||||
|
||||
fd_set_nonblock(ret);
|
||||
|
||||
@@ -346,10 +385,10 @@ static void gt_sa_handler (int sig)
|
||||
case SIGINT:
|
||||
case SIGQUIT:
|
||||
case SIGTERM:
|
||||
gt_close = 1;
|
||||
gt.quit = 1;
|
||||
break;
|
||||
case SIGUSR1:
|
||||
gt_info = 1;
|
||||
gt.info = 1;
|
||||
break;
|
||||
}
|
||||
}
|
||||
@@ -480,7 +519,7 @@ static int gt_encrypt (struct crypto_ctx *ctx, buffer_t *dst, buffer_t *src)
|
||||
if (!rs || !ws)
|
||||
return 0;
|
||||
|
||||
const size_t size = rs+crypto_aead_aes256gcm_ABYTES;
|
||||
const size_t size = rs+GT_ABYTES;
|
||||
|
||||
if (size+2>ws)
|
||||
return 0;
|
||||
@@ -488,14 +527,25 @@ static int gt_encrypt (struct crypto_ctx *ctx, buffer_t *dst, buffer_t *src)
|
||||
dst->write[0] = 0xFF&(size>>8);
|
||||
dst->write[1] = 0xFF&(size);
|
||||
|
||||
if (ctx->chacha) {
|
||||
crypto_aead_chacha20poly1305_encrypt(
|
||||
dst->write+2, NULL,
|
||||
src->read, rs,
|
||||
dst->write, 2,
|
||||
NULL, ctx->write.nonce,
|
||||
ctx->write.key);
|
||||
|
||||
sodium_increment(ctx->write.nonce, crypto_aead_chacha20poly1305_NPUBBYTES);
|
||||
} else {
|
||||
crypto_aead_aes256gcm_encrypt_afternm(
|
||||
dst->write+2, NULL,
|
||||
src->read, rs,
|
||||
dst->write, 2,
|
||||
NULL, ctx->write.nonce,
|
||||
(const crypto_aead_aes256gcm_state *)&ctx->write.state);
|
||||
(const crypto_aead_aes256gcm_state *)ctx->write.key);
|
||||
|
||||
sodium_increment(ctx->write.nonce, crypto_aead_aes256gcm_NPUBBYTES);
|
||||
}
|
||||
|
||||
src->read += rs;
|
||||
dst->write += size+2;
|
||||
@@ -511,30 +561,43 @@ static int gt_decrypt (struct crypto_ctx *ctx, buffer_t *dst, buffer_t *src)
|
||||
if (!rs || !ws)
|
||||
return 0;
|
||||
|
||||
if (rs<=2+crypto_aead_aes256gcm_ABYTES)
|
||||
if (rs<=2+GT_ABYTES)
|
||||
return 0;
|
||||
|
||||
const size_t size = (src->read[0]<<8)|src->read[1];
|
||||
|
||||
if (size-crypto_aead_aes256gcm_ABYTES>ws)
|
||||
if (size-GT_ABYTES>ws)
|
||||
return 0;
|
||||
|
||||
if (size+2>rs)
|
||||
return 0;
|
||||
|
||||
if (ctx->chacha) {
|
||||
if (crypto_aead_chacha20poly1305_decrypt(
|
||||
dst->write, NULL,
|
||||
NULL,
|
||||
src->read+2, size,
|
||||
src->read, 2,
|
||||
ctx->read.nonce,
|
||||
ctx->read.key))
|
||||
return -1;
|
||||
|
||||
sodium_increment(ctx->read.nonce, crypto_aead_chacha20poly1305_NPUBBYTES);
|
||||
} else {
|
||||
if (crypto_aead_aes256gcm_decrypt_afternm(
|
||||
dst->write, NULL,
|
||||
NULL,
|
||||
src->read+2, size,
|
||||
src->read, 2,
|
||||
ctx->read.nonce,
|
||||
(const crypto_aead_aes256gcm_state *)&ctx->read.state))
|
||||
(const crypto_aead_aes256gcm_state *)ctx->read.key))
|
||||
return -1;
|
||||
|
||||
sodium_increment(ctx->read.nonce, crypto_aead_aes256gcm_NPUBBYTES);
|
||||
}
|
||||
|
||||
src->read += size+2;
|
||||
dst->write += size-crypto_aead_aes256gcm_ABYTES;
|
||||
dst->write += size-GT_ABYTES;
|
||||
|
||||
return 0;
|
||||
}
|
||||
@@ -772,10 +835,11 @@ static void gt_print_entry (struct tcp_entry *te)
|
||||
uint8_t *key = &te->key[1];
|
||||
size_t size = te->key[0];
|
||||
|
||||
char ip0[INET6_ADDRSTRLEN];
|
||||
char ip1[INET6_ADDRSTRLEN];
|
||||
char ip0[INET6_ADDRSTRLEN] = {0};
|
||||
char ip1[INET6_ADDRSTRLEN] = {0};
|
||||
|
||||
uint16_t port0, port1;
|
||||
uint16_t port0 = 0;
|
||||
uint16_t port1 = 0;
|
||||
|
||||
switch (size) {
|
||||
case 8+4:
|
||||
@@ -942,6 +1006,81 @@ static int gt_track (uint8_t **db, struct ip_common *ic, uint8_t *data, int rev)
|
||||
return 0;
|
||||
}
|
||||
|
||||
static unsigned long long gt_now (void)
|
||||
{
|
||||
#if defined __APPLE__
|
||||
static mach_timebase_info_data_t mtid;
|
||||
if (!mtid.denom) mach_timebase_info(&mtid);
|
||||
return (mach_absolute_time()*mtid.numer/mtid.denom)/1000ULL;
|
||||
#elif defined CLOCK_MONOTONIC
|
||||
struct timespec tv;
|
||||
clock_gettime(CLOCK_MONOTONIC, &tv);
|
||||
return tv.tv_sec*1000000ULL+tv.tv_nsec/1000ULL;
|
||||
#else
|
||||
struct timeval tv;
|
||||
gettimeofday(&tv, NULL);
|
||||
return tv.tv_sec*1000000ULL+tv.tv_usec;
|
||||
#endif
|
||||
}
|
||||
|
||||
static void gt_bench (int chacha)
|
||||
{
|
||||
unsigned char npub[crypto_aead_aes256gcm_NPUBBYTES];
|
||||
memset(npub, 0, sizeof(npub));
|
||||
|
||||
unsigned char key[crypto_aead_aes256gcm_KEYBYTES];
|
||||
memset(key, 1, sizeof(key));
|
||||
|
||||
crypto_aead_aes256gcm_state ctx;
|
||||
|
||||
if (!chacha)
|
||||
crypto_aead_aes256gcm_beforenm(&ctx, key);
|
||||
|
||||
gt_print("bench: %s\n", chacha?"chacha20poly1305":"aes256gcm");
|
||||
|
||||
_align_(16) unsigned char buf[32*1024+crypto_aead_aes256gcm_ABYTES];
|
||||
|
||||
size_t bs = 8;
|
||||
|
||||
while (!gt.quit && bs<=sizeof(buf)) {
|
||||
size_t total_size = 0;
|
||||
unsigned long long total_dt = 0.0;
|
||||
double mbps = 0.0;
|
||||
|
||||
while (!gt.quit) {
|
||||
unsigned long long now = gt_now();
|
||||
|
||||
size_t size = 0;
|
||||
|
||||
while (!gt.quit && size<16*1024*1024) {
|
||||
if (chacha) {
|
||||
crypto_aead_chacha20poly1305_encrypt(buf, NULL,
|
||||
buf, bs, NULL, 0, NULL, npub, key);
|
||||
} else {
|
||||
crypto_aead_aes256gcm_encrypt_afternm(buf, NULL,
|
||||
buf, bs, NULL, 0, NULL, npub,
|
||||
(const crypto_aead_aes256gcm_state *)&ctx);
|
||||
}
|
||||
size += bs;
|
||||
}
|
||||
|
||||
total_dt += gt_now()-now;
|
||||
total_size += size;
|
||||
|
||||
double last_mbps = mbps;
|
||||
mbps = total_size*8.0/total_dt;
|
||||
|
||||
double diff = mbps-last_mbps;
|
||||
|
||||
if (-0.1<diff && diff<0.1)
|
||||
break;
|
||||
}
|
||||
|
||||
gt_print("%6zu bytes %9.2f Mbps\n", bs, mbps);
|
||||
bs *= 2;
|
||||
}
|
||||
}
|
||||
|
||||
static int gt_setup_secretkey (struct crypto_ctx *ctx, char *keyfile)
|
||||
{
|
||||
const size_t size = sizeof(ctx->skey);
|
||||
@@ -951,7 +1090,7 @@ static int gt_setup_secretkey (struct crypto_ctx *ctx, char *keyfile)
|
||||
|
||||
randombytes_buf(ctx->skey, size);
|
||||
gt_tohex(buf, sizeof(buf), ctx->skey, size);
|
||||
state("SECRETKEY", buf);
|
||||
state_send(gt.state_fd, "SECRETKEY", buf);
|
||||
|
||||
return 0;
|
||||
}
|
||||
@@ -987,17 +1126,16 @@ static int gt_setup_secretkey (struct crypto_ctx *ctx, char *keyfile)
|
||||
|
||||
static int gt_setup_crypto (struct crypto_ctx *ctx, int fd, int listener)
|
||||
{
|
||||
const uint8_t gt[] = {'G', 'T', VERSION_MAJOR, 0 };
|
||||
const uint8_t proto[] = {'G', 'T', VERSION_MAJOR, (uint8_t)ctx->chacha };
|
||||
|
||||
const size_t size = 96;
|
||||
const size_t hash_size = 32;
|
||||
|
||||
const size_t nonce_size = crypto_aead_aes256gcm_NPUBBYTES;
|
||||
const size_t public_size = crypto_scalarmult_SCALARBYTES;
|
||||
|
||||
uint8_t secret[crypto_scalarmult_SCALARBYTES];
|
||||
uint8_t shared[crypto_scalarmult_BYTES];
|
||||
uint8_t key[crypto_aead_aes256gcm_KEYBYTES];
|
||||
|
||||
uint8_t key_r[GT_KEYBYTES];
|
||||
uint8_t key_w[GT_KEYBYTES];
|
||||
|
||||
uint8_t data_r[size], data_w[size];
|
||||
uint8_t auth_r[hash_size], auth_w[hash_size];
|
||||
@@ -1006,12 +1144,11 @@ static int gt_setup_crypto (struct crypto_ctx *ctx, int fd, int listener)
|
||||
crypto_generichash_state state;
|
||||
|
||||
memset(data_w, 0, size);
|
||||
randombytes_buf(data_w, nonce_size);
|
||||
|
||||
randombytes_buf(secret, sizeof(secret));
|
||||
crypto_scalarmult_base(&data_w[nonce_size], secret);
|
||||
crypto_scalarmult_base(data_w, secret);
|
||||
|
||||
memcpy(&data_w[size-hash_size-sizeof(gt)], gt, sizeof(gt));
|
||||
memcpy(&data_w[size-hash_size-sizeof(proto)], proto, sizeof(proto));
|
||||
|
||||
crypto_generichash(&data_w[size-hash_size], hash_size,
|
||||
data_w, size-hash_size, ctx->skey, sizeof(ctx->skey));
|
||||
@@ -1022,14 +1159,26 @@ static int gt_setup_crypto (struct crypto_ctx *ctx, int fd, int listener)
|
||||
if (fd_read_all(fd, data_r, size)!=size)
|
||||
return -1;
|
||||
|
||||
if (memcmp(&data_r[size-hash_size-sizeof(gt)], gt, sizeof(gt)))
|
||||
if (memcmp(&data_r[size-hash_size-sizeof(proto)], proto, 3)) {
|
||||
gt_log("bad packet [%02"PRIX8"%02"PRIX8"%02"PRIX8"] !\n",
|
||||
&data_r[size-hash_size-sizeof(proto)+0],
|
||||
&data_r[size-hash_size-sizeof(proto)+1],
|
||||
&data_r[size-hash_size-sizeof(proto)+2]);
|
||||
return -2;
|
||||
}
|
||||
|
||||
if (data_r[size-hash_size-sizeof(proto)+3] && !ctx->chacha) {
|
||||
gt_log("peer wants chacha20\n");
|
||||
ctx->chacha = 1;
|
||||
}
|
||||
|
||||
crypto_generichash(hash, hash_size,
|
||||
data_r, size-hash_size, ctx->skey, sizeof(ctx->skey));
|
||||
|
||||
if (sodium_memcmp(&data_r[size-hash_size], hash, hash_size))
|
||||
if (sodium_memcmp(&data_r[size-hash_size], hash, hash_size)) {
|
||||
gt_log("peer sends a bad hash!\n");
|
||||
return -2;
|
||||
}
|
||||
|
||||
if (listener && fd_write_all(fd, data_w, size)!=size)
|
||||
return -1;
|
||||
@@ -1046,32 +1195,43 @@ static int gt_setup_crypto (struct crypto_ctx *ctx, int fd, int listener)
|
||||
crypto_generichash(hash, hash_size,
|
||||
data_w, size, ctx->skey, sizeof(ctx->skey));
|
||||
|
||||
if (sodium_memcmp(auth_r, hash, hash_size))
|
||||
if (sodium_memcmp(auth_r, hash, hash_size)) {
|
||||
gt_log("peer sends a bad hash (challenge-response)!\n");
|
||||
return -2;
|
||||
}
|
||||
|
||||
if (crypto_scalarmult(shared, secret, &data_r[nonce_size]))
|
||||
if (crypto_scalarmult(shared, secret, data_r)) {
|
||||
gt_log("I'm just gonna hurt you really, really, BAD\n");
|
||||
return -2;
|
||||
}
|
||||
|
||||
crypto_generichash_init(&state, ctx->skey, sizeof(ctx->skey), sizeof(key));
|
||||
crypto_generichash_init(&state, ctx->skey, sizeof(ctx->skey), sizeof(key_r));
|
||||
crypto_generichash_update(&state, shared, sizeof(shared));
|
||||
crypto_generichash_update(&state, data_r, size);
|
||||
crypto_generichash_update(&state, data_w, size);
|
||||
crypto_generichash_final(&state, key, sizeof(key));
|
||||
crypto_aead_aes256gcm_beforenm(&ctx->read.state, key);
|
||||
crypto_generichash_final(&state, key_r, sizeof(key_r));
|
||||
|
||||
crypto_generichash_init(&state, ctx->skey, sizeof(ctx->skey), sizeof(key));
|
||||
crypto_generichash_init(&state, ctx->skey, sizeof(ctx->skey), sizeof(key_w));
|
||||
crypto_generichash_update(&state, shared, sizeof(shared));
|
||||
crypto_generichash_update(&state, data_w, size);
|
||||
crypto_generichash_update(&state, data_r, size);
|
||||
crypto_generichash_final(&state, key, sizeof(key));
|
||||
crypto_aead_aes256gcm_beforenm(&ctx->write.state, key);
|
||||
crypto_generichash_final(&state, key_w, sizeof(key_w));
|
||||
|
||||
if (ctx->chacha) {
|
||||
memcpy(ctx->read.key, key_r, sizeof(key_r));
|
||||
memcpy(ctx->write.key, key_w, sizeof(key_w));
|
||||
} else {
|
||||
crypto_aead_aes256gcm_beforenm(&ctx->read.key, key_r);
|
||||
crypto_aead_aes256gcm_beforenm(&ctx->write.key, key_w);
|
||||
}
|
||||
|
||||
sodium_memzero(secret, sizeof(secret));
|
||||
sodium_memzero(shared, sizeof(shared));
|
||||
sodium_memzero(key, sizeof(key));
|
||||
sodium_memzero(key_r, sizeof(key_r));
|
||||
sodium_memzero(key_w, sizeof(key_w));
|
||||
|
||||
memcpy(ctx->read.nonce, data_r, nonce_size);
|
||||
memcpy(ctx->write.nonce, data_w, nonce_size);
|
||||
memset(ctx->read.nonce, 0, sizeof(ctx->read.nonce));
|
||||
memset(ctx->write.nonce, 0, sizeof(ctx->write.nonce));
|
||||
|
||||
return 0;
|
||||
}
|
||||
@@ -1130,6 +1290,9 @@ int main (int argc, char **argv)
|
||||
{ "retry", &retry_opts, option_option },
|
||||
{ "statefile", &statefile, option_str },
|
||||
{ "timeout", >.timeout, option_long },
|
||||
{ "bench", NULL, option_option },
|
||||
{ "chacha20", NULL, option_option },
|
||||
{ "mptcp", NULL, option_option },
|
||||
{ "debug", NULL, option_option },
|
||||
{ "version", NULL, option_option },
|
||||
{ NULL },
|
||||
@@ -1149,6 +1312,25 @@ int main (int argc, char **argv)
|
||||
const int noquickack = option_is_set(opts, "noquickack");
|
||||
const int debug = option_is_set(opts, "debug");
|
||||
|
||||
int chacha = option_is_set(opts, "chacha20");
|
||||
|
||||
gt.mptcp = option_is_set(opts, "mptcp");
|
||||
|
||||
if (sodium_init()==-1) {
|
||||
gt_log("libsodium initialization has failed\n");
|
||||
return 1;
|
||||
}
|
||||
|
||||
if (!chacha && !crypto_aead_aes256gcm_is_available()) {
|
||||
gt_na("AES-256-GCM");
|
||||
chacha = 1;
|
||||
}
|
||||
|
||||
if (option_is_set(opts, "bench")) {
|
||||
gt_bench(chacha);
|
||||
return 0;
|
||||
}
|
||||
|
||||
if (buffer_size < GT_PKT_MAX) {
|
||||
buffer_size = GT_PKT_MAX;
|
||||
gt_log("buffer size must be greater than or equal to %li\n", buffer_size);
|
||||
@@ -1169,22 +1351,14 @@ int main (int argc, char **argv)
|
||||
return 1;
|
||||
}
|
||||
|
||||
if (sodium_init()==-1) {
|
||||
gt_log("libsodium initialization has failed\n");
|
||||
return 1;
|
||||
}
|
||||
|
||||
if (!crypto_aead_aes256gcm_is_available()) {
|
||||
gt_na("AES-256-GCM");
|
||||
return 1;
|
||||
}
|
||||
|
||||
struct addrinfo *ai = ai_create(host, port, listener);
|
||||
|
||||
if (!ai)
|
||||
return 1;
|
||||
|
||||
if (state_init(statefile))
|
||||
gt.state_fd = state_create(statefile);
|
||||
|
||||
if (statefile && gt.state_fd==-1)
|
||||
return 1;
|
||||
|
||||
struct fdbuf tun = { .fd = -1 };
|
||||
@@ -1224,9 +1398,9 @@ int main (int argc, char **argv)
|
||||
long retry = 0;
|
||||
uint8_t *db = NULL;
|
||||
|
||||
state("INITIALIZED", tun_name);
|
||||
state_send(gt.state_fd, "INITIALIZED", tun_name);
|
||||
|
||||
while (!gt_close) {
|
||||
while (!gt.quit) {
|
||||
if (retry_count>=0 && retry>=retry_count+1) {
|
||||
gt_log("couldn't %s (%d attempt%s)\n", listener?"listen":"connect",
|
||||
(int)retry, (retry>1)?"s":"");
|
||||
@@ -1277,20 +1451,16 @@ int main (int argc, char **argv)
|
||||
sk_set_int(sock.fd, sk_user_timeout, gt.timeout);
|
||||
sk_set(sock.fd, sk_congestion, congestion, str_len(congestion));
|
||||
|
||||
switch (gt_setup_crypto(&ctx, sock.fd, listener)) {
|
||||
case -2:
|
||||
gt_log("%s: key exchange could not be verified!\n", sockname);
|
||||
goto restart;
|
||||
case -1:
|
||||
ctx.chacha = chacha;
|
||||
|
||||
if (gt_setup_crypto(&ctx, sock.fd, listener)) {
|
||||
gt_log("%s: key exchange failed\n", sockname);
|
||||
goto restart;
|
||||
default:
|
||||
break;
|
||||
}
|
||||
|
||||
retry = 0;
|
||||
|
||||
state("STARTED", sockname);
|
||||
state_send(gt.state_fd, "STARTED", tun_name);
|
||||
|
||||
fd_set rfds;
|
||||
FD_ZERO(&rfds);
|
||||
@@ -1301,7 +1471,7 @@ int main (int argc, char **argv)
|
||||
buffer_format(&sock.read);
|
||||
|
||||
while (1) {
|
||||
if _0_(gt_close)
|
||||
if _0_(gt.quit)
|
||||
stop_loop |= 1;
|
||||
|
||||
if _0_(stop_loop) {
|
||||
@@ -1328,9 +1498,12 @@ int main (int argc, char **argv)
|
||||
}
|
||||
|
||||
struct timeval timeout = {
|
||||
.tv_usec = 1000,
|
||||
.tv_usec = 100000,
|
||||
};
|
||||
|
||||
if (buffer_read_size(&sock.write))
|
||||
timeout.tv_usec = 1000;
|
||||
|
||||
if _0_(select(sock.fd+1, &rfds, NULL, NULL, &timeout)==-1) {
|
||||
if (errno==EINTR)
|
||||
continue;
|
||||
@@ -1352,7 +1525,7 @@ int main (int argc, char **argv)
|
||||
const ssize_t r = tun_read(tun.fd, tun.read.write, GT_MTU_MAX);
|
||||
|
||||
if (r<=0) {
|
||||
gt_close |= !r;
|
||||
gt.quit |= !r;
|
||||
break;
|
||||
}
|
||||
|
||||
@@ -1448,7 +1621,7 @@ int main (int argc, char **argv)
|
||||
if (r==ic.size)
|
||||
tun.write.read += r;
|
||||
} else {
|
||||
gt_close |= !r;
|
||||
gt.quit |= !r;
|
||||
break;
|
||||
}
|
||||
}
|
||||
@@ -1460,7 +1633,7 @@ int main (int argc, char **argv)
|
||||
sock.fd = -1;
|
||||
}
|
||||
|
||||
state("STOPPED", sockname);
|
||||
state_send(gt.state_fd, "STOPPED", tun_name);
|
||||
|
||||
if (sockname) {
|
||||
free(sockname);
|
||||
|
||||
41
src/state.c
41
src/state.c
@@ -7,16 +7,14 @@
|
||||
#include <fcntl.h>
|
||||
#include <sys/stat.h>
|
||||
|
||||
static int state_fd = -1;
|
||||
|
||||
int state_init (const char *filename)
|
||||
int state_create (const char *filename)
|
||||
{
|
||||
if (str_empty(filename))
|
||||
return 0;
|
||||
return -1;
|
||||
|
||||
state_fd = open(filename, O_WRONLY);
|
||||
int fd = open(filename, O_WRONLY);
|
||||
|
||||
if (state_fd==-1) {
|
||||
if (fd==-1) {
|
||||
if (errno!=EINTR)
|
||||
perror("open");
|
||||
return -1;
|
||||
@@ -24,38 +22,41 @@ int state_init (const char *filename)
|
||||
|
||||
struct stat st = {0};
|
||||
|
||||
if (fstat(state_fd, &st)==-1) {
|
||||
if (fstat(fd, &st)==-1) {
|
||||
perror("fstat");
|
||||
close(state_fd);
|
||||
state_fd = -1;
|
||||
close(fd);
|
||||
return -1;
|
||||
}
|
||||
|
||||
if (!S_ISFIFO(st.st_mode)) {
|
||||
gt_log("`%s' is not a fifo\n", filename);
|
||||
close(state_fd);
|
||||
state_fd = -1;
|
||||
close(fd);
|
||||
return -1;
|
||||
}
|
||||
|
||||
return 0;
|
||||
return fd;
|
||||
}
|
||||
|
||||
void state (const char *state, const char *info)
|
||||
void state_send (int fd, const char *state, const char *info)
|
||||
{
|
||||
if (str_empty(state))
|
||||
return;
|
||||
|
||||
if (fd==-1) {
|
||||
gt_print("%s %s\n", state, info);
|
||||
return;
|
||||
}
|
||||
|
||||
const char *strs[] = { state, " ", info, "\n" };
|
||||
char *str = str_cat(strs, COUNT(strs));
|
||||
|
||||
if (!str)
|
||||
if (!str) {
|
||||
perror("str_cat");
|
||||
return;
|
||||
|
||||
if (state_fd==-1) {
|
||||
gt_print("%s", str);
|
||||
} else {
|
||||
if (write(state_fd, str, str_len(str))==-1 && errno!=EINTR)
|
||||
perror("write");
|
||||
}
|
||||
|
||||
if (write(fd, str, str_len(str))==-1 && errno!=EINTR)
|
||||
perror("write");
|
||||
|
||||
free(str);
|
||||
}
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
#pragma once
|
||||
|
||||
int state_init (const char *);
|
||||
void state (const char *, const char *);
|
||||
int state_create (const char *);
|
||||
void state_send (int, const char *, const char *);
|
||||
|
||||
Reference in New Issue
Block a user