Show bad behaviors with command show bad

Signed-off-by: Adrien Gallouët <adrien@gallouet.fr>

.github/workflows/build.yml

@@ -0,0 +1,24 @@
+name: Build
+
+on: [push]
+
+jobs:
+  build:
+
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        os: [ubuntu-latest, macOS-latest]
+
+    steps:
+    - uses: actions/checkout@v1
+    - name: Build glorytun
+      run: |
+          git submodule update --init --recursive
+          ./sodium.sh
+          make prefix=. install
+
+    - uses: actions/upload-artifact@v1
+      with:
+        name: bin
+        path: ./bin

.gitignore

@@ -1,4 +1,4 @@
-*.o
+*.[ios]
 *.log
 *.scan
 *.cache
@@ -10,6 +10,7 @@ configure
 build-aux
 .deps
 .dirstamp
+.static
 glorytun
 build*
 VERSION

Makefile

@@ -11,12 +11,15 @@ CFLAGS  ?= -std=c11 -O2 -Wall -fstack-protector-strong
 FLAGS := $(CFLAGS) $(LDFLAGS) $(CPPFLAGS)
 FLAGS += -DPACKAGE_NAME=\"$(NAME)\" -DPACKAGE_VERSION=\"$(VERSION)\"
 
-SRC := argz/argz.c mud/mud.c $(wildcard src/*.c)
+FLAGS += -I.static/$(CROSS)/libsodium-stable/src/libsodium/include
+FLAGS += -L.static/$(CROSS)/libsodium-stable/src/libsodium/.libs
+
+SRC := argz/argz.c mud/mud.c mud/aegis256/aegis256.c $(wildcard src/*.c)
 
 .PHONY: $(NAME)
 $(NAME):
 	@echo "Building $(NAME)"
-	@$(CC) $(FLAGS) -o $(NAME) $(SRC) -lsodium -lm
+	@$(CC) $(FLAGS) -o $(NAME) $(SRC) -lsodium
 
 .PHONY: install
 install: $(NAME)

Makefile.am

@@ -9,6 +9,8 @@ glorytun_SOURCES = \
     argz/argz.h \
     mud/mud.c \
     mud/mud.h \
+    mud/aegis256/aegis256.c \
+    mud/aegis256/aegis256.h \
     src/bench.c \
     src/bind.c \
     src/common.c \

README.md

@@ -11,6 +11,7 @@ Linux is the platform of choice but the code is standard so it should be easily
 It was successfully tested on OpenBSD, FreeBSD and MacOS.
 
 IPv4 and IPv6 are supported.
+On Linux you can have both at the same time by binding `::`.
 
 ## Features
 
@@ -18,17 +19,16 @@ The key features of Glorytun come directly from mud:
 
  * **Fast and highly secure**
 
-   The use of UDP and [libsodium](https://github.com/jedisct1/libsodium) allows you to secure
-   your communications without impacting performance.
-   Glorytun uses AES only if AES-NI is available otherwise ChaCha20 is used.
-   If you are not cpu bounded, you can force the use of ChaCha20 for higher security.
-   All messages are encrypted, authenticated and marked with a timestamp.
-   Perfect forward secrecy is also implemented with ECDH over Curve25519.
+   The use of UDP and libsodium allows you to secure your communications without impacting performance.
+   Glorytun uses AEGIS-256 (a new and very fast AEAD construction) only if AES-NI is available otherwise ChaCha20-Poly1305 is used.
+   Of course, you can force the use of ChaCha20-Poly1305 for higher security.
+   All messages are encrypted, authenticated and timestamped to mitigate a large set of attacks.
+   Perfect forward secrecy is also implemented with ECDH over Curve25519. Keys are rotated every hours.
 
  * **Multipath and active failover**
 
-   This is the main feature of Glorytun that allows to build an SD-WAN like service.
-   This allows a TCP connection to explore and exploit multiple links without being disconnected.
+   Connectivity is now crucial, especially in the SD-WAN world.
+   This feature allows a TCP connection (and all other protocols) to explore and exploit all available links without being disconnected.
    Aggregation should work on all conventional links, only very high latency (+500ms) links are not recommended for now.
 
  * **Traffic shaping**
@@ -41,7 +41,7 @@ The key features of Glorytun come directly from mud:
 
    Bad MTU configuration is a very common problem in the world of VPN.
    As it is critical, Glorytun will try to setup it correctly by guessing its value.
-   It doesn't rely on ICMP Next-hop MTU to avoid black holes.
+   It doesn't rely on Next-hop MTU to avoid ICMP black holes.
    In asymmetric situations the minimum MTU is selected.
 
 ## Caveats
@@ -71,19 +71,16 @@ The more classical autotools suite is also available.
 
 Just run `glorytun` with no arguments to view the list of available commands:
 
-```
-$ glorytun
-available commands:
+    $ glorytun
+    available commands:
 
-  show     show all running tunnels
-  bench    start a crypto bench
-  bind     start a new tunnel
-  set      change tunnel properties
-  keygen   generate a new secret key
-  path     manage paths
-  version  show version
-
-```
+      show     show tunnel info
+      bench    start a crypto bench
+      bind     start a new tunnel
+      set      change tunnel properties
+      keygen   generate a new secret key
+      path     manage paths
+      version  show version
 
 Use the keyword `help` after a command to show its usage.
 

configure.ac

@@ -14,7 +14,6 @@ AM_PROG_CC_C_O
 AC_PROG_CC_C99
 AC_USE_SYSTEM_EXTENSIONS
 AC_SEARCH_LIBS([socket], [socket])
-AC_SEARCH_LIBS([fmin], [m])
 AC_CHECK_LIB([rt], [clock_gettime])
 AC_CHECK_FUNCS([clock_gettime])
 PKG_CHECK_MODULES([libsodium], [libsodium >= 1.0.4])

meson.build

@@ -23,6 +23,7 @@ executable('glorytun', install: true,
   sources: [
     'argz/argz.c',
     'mud/mud.c',
+    'mud/aegis256/aegis256.c',
     'src/bench.c',
     'src/bind.c',
     'src/common.c',
@@ -37,7 +38,6 @@ executable('glorytun', install: true,
   ],
   dependencies: [
     dependency('libsodium', version : '>=1.0.4'),
-    cc.find_library('m', required : false)
   ]
 )
 

sodium.sh

@@ -0,0 +1,29 @@
+#!/bin/sh
+
+mkdir -p .static
+cd .static || exit 1
+
+file=LATEST.tar.gz
+url=https://download.libsodium.org/libsodium/releases
+dir="$PWD"
+
+[ -f "$file" ] || wget -q     "$url/$file" -O "$file"
+[ -f "$file" ] || curl -SsfLO "$url/$file"
+[ -f "$file" ] || {
+	echo "Couldn't download $url/$file"
+	exit 1
+}
+
+if [ "$1" ]; then
+	mkdir -p "$1"
+	cd "$1" || exit 1
+fi
+
+rm -rf libsodium-stable
+tar zxf "$dir/$file"
+cd libsodium-stable || exit 1
+
+NPROC=$(sysctl -n hw.ncpu || nproc) 2>/dev/null
+
+./configure ${1+--host=$1} --enable-minimal --disable-dependency-tracking --enable-static --disable-shared
+make "-j$((NPROC+1))"

src/bench.c

@@ -1,74 +1,39 @@
 #include "common.h"
 
-#include <math.h>
 #include <sodium.h>
 #include <string.h>
 #include <stdio.h>
-#include <sys/time.h>
 #include <time.h>
 #include <unistd.h>
-
-#if defined __APPLE__
-#include <mach/mach_time.h>
-#endif
+#include <inttypes.h>
 
 #include "../argz/argz.h"
+#include "../mud/aegis256/aegis256.h"
 
-#define STR_S(X) (((X) > 1) ? "s" : "")
-
-static unsigned long long
-gt_now(void)
-{
-#if defined __APPLE__
-    static mach_timebase_info_data_t mtid;
-    if (!mtid.denom)
-        mach_timebase_info(&mtid);
-    return (mach_absolute_time() * mtid.numer / mtid.denom) / 1000ULL;
-#elif defined CLOCK_MONOTONIC
-    struct timespec tv;
-    clock_gettime(CLOCK_MONOTONIC, &tv);
-    return (unsigned long long)tv.tv_sec * 1000000ULL
-         + (unsigned long long)tv.tv_nsec / 1000ULL;
-#else
-    struct timeval tv;
-    gettimeofday(&tv, NULL);
-    return (unsigned long long)tv.tv_sec * 1000000ULL
-         + (unsigned long long)tv.tv_usec;
-#endif
-}
+#define NPUBBYTES 32
+#define KEYBYTES  32
+#define ABYTES    16
 
 int
 gt_bench(int argc, char **argv)
 {
-    unsigned long precision = 10;
-    size_t bufsize = 64 * 1024;
-    unsigned long duration = 1000;
-
     struct argz bench_argz[] = {
         {"aes|chacha", NULL, NULL, argz_option},
-        {"precision", "EXPONENT", &precision, argz_ulong},
-        {"bufsize", "BYTES", &bufsize, argz_bytes},
-        {"duration", "SECONDS", &duration, argz_time},
         {NULL}};
 
     if (argz(bench_argz, argc, argv))
         return 1;
 
-    if (duration == 0 || bufsize == 0)
-        return 0;
-
     if (sodium_init() == -1) {
         gt_log("sodium init failed\n");
         return 1;
     }
 
-    duration /= 1000;
-
     int term = isatty(1);
     int aes = argz_is_set(bench_argz, "aes");
     int chacha = argz_is_set(bench_argz, "chacha");
 
-    if (!crypto_aead_aes256gcm_is_available()) {
+    if (!aegis256_is_available()) {
         if (aes) {
             gt_log("aes is not available on your platform\n");
             return 1;
@@ -76,77 +41,65 @@ gt_bench(int argc, char **argv)
         chacha = 1;
     }
 
-    unsigned char *buf = calloc(1, bufsize + crypto_aead_aes256gcm_ABYTES);
-
-    if (!buf) {
-        perror("calloc");
-        return 1;
-    }
-
-    unsigned char npub[crypto_aead_aes256gcm_NPUBBYTES];
-    unsigned char key[crypto_aead_aes256gcm_KEYBYTES];
+    unsigned char buf[1450 + ABYTES];
+    unsigned char npub[NPUBBYTES];
+    unsigned char key[KEYBYTES];
 
+    memset(buf, 0, sizeof(buf));
     randombytes_buf(npub, sizeof(npub));
     randombytes_buf(key, sizeof(key));
 
     if (term) {
-        printf("\n");
-        printf("  %-10s %s\n", "bench", chacha ? "chacha20poly1305" : "aes256gcm");
-        printf("  %-10s %s\n", "libsodium", sodium_version_string());
-        printf("\n");
-        printf("  %-10s 2^(-%lu)\n", "precision", precision);
-        printf("  %-10s %zu byte%s\n", "bufsize", bufsize, STR_S(bufsize));
-        printf("  %-10s %lu second%s\n", "duration", duration, STR_S(duration));
-        printf("\n");
-        printf("------------------------------------------------------------\n");
-        printf(" %3s %9s %14s %14s %14s\n", "2^n", "min", "avg", "max", "delta");
-        printf("------------------------------------------------------------\n");
+        printf("cipher: %s\n\n", GT_CIPHER(chacha));
+        printf("  size       min           mean            max      \n");
+        printf("----------------------------------------------------\n");
     }
 
-    for (int i = 0; !gt_quit && bufsize >> i; i++) {
-        unsigned long long total_dt = 0ULL;
-        size_t total_bytes = 0;
-        double mbps = 0.0;
-        double mbps_min = INFINITY;
-        double mbps_max = 0.0;
-        double mbps_dlt = INFINITY;
+    int64_t size = 20;
 
-        while (!gt_quit && mbps_dlt > ldexp(mbps, -(int)precision)) {
-            crypto_aead_aes256gcm_state ctx;
+    for (int i = 0; !gt_quit && size <= 1450; i++) {
+        struct {
+            int64_t min, mean, max, n;
+        } mbps = { .n = 0 };
 
-            if (!chacha)
-                crypto_aead_aes256gcm_beforenm(&ctx, key);
+        int64_t bytes_max = (int64_t)1 << 24;
 
-            unsigned long long now = gt_now();
-            double mbps_old = mbps;
-            size_t bytes = 0;
+        while (!gt_quit && mbps.n < 10) {
+            int64_t bytes = 0;
+            int64_t base = (int64_t)clock();
 
-            gt_alarm = 0;
-            alarm((unsigned int)duration);
-
-            while (!gt_quit && !gt_alarm) {
+            while (!gt_quit && bytes <= bytes_max) {
                 if (chacha) {
                     crypto_aead_chacha20poly1305_encrypt(
-                        buf, NULL, buf, 1ULL << i, NULL, 0, NULL, npub, key);
+                            buf, NULL, buf, size, NULL, 0, NULL, npub, key);
                 } else {
-                    crypto_aead_aes256gcm_encrypt_afternm(
-                        buf, NULL, buf, 1ULL << i, NULL, 0, NULL, npub,
-                        (const crypto_aead_aes256gcm_state *)&ctx);
+                    aegis256_encrypt(buf, NULL, buf, size, NULL, 0, npub, key);
                 }
-                bytes += 1ULL << i;
+                bytes += size;
             }
 
-            total_dt += gt_now() - now;
-            total_bytes += bytes;
+            int64_t dt = (int64_t)clock() - base;
+            bytes_max = (bytes * (CLOCKS_PER_SEC / 3)) / dt;
+            int64_t _mbps = (8 * bytes * CLOCKS_PER_SEC) / (dt * 1000 * 1000);
 
-            mbps = ((double)total_bytes * 8.0) / (double)total_dt;
-            mbps_min = fmin(mbps_min, mbps);
-            mbps_max = fmax(mbps_max, mbps);
-            mbps_dlt = fabs(mbps_old - mbps);
+            if (!mbps.n++) {
+                mbps.min = _mbps;
+                mbps.max = _mbps;
+                mbps.mean = _mbps;
+                continue;
+            }
+
+            if (mbps.min > _mbps)
+                mbps.min = _mbps;
+
+            if (mbps.max < _mbps)
+                mbps.max = _mbps;
+
+            mbps.mean += (_mbps - mbps.mean) / mbps.n;
 
             if (term) {
-                printf("\r %3i %9.2f Mbps %9.2f Mbps %9.2f Mbps %9.2e",
-                       i, mbps_min, mbps, mbps_max, mbps_dlt);
+                printf("\r %5"PRIi64" %9"PRIi64" Mbps %9"PRIi64" Mbps %9"PRIi64" Mbps",
+                        size, mbps.min, mbps.mean, mbps.max);
                 fflush(stdout);
             }
         }
@@ -154,12 +107,12 @@ gt_bench(int argc, char **argv)
         if (term) {
             printf("\n");
         } else {
-            printf("%i %.2f %.2f %.2f\n", i, mbps_min, mbps, mbps_max);
+            printf("bench %s %"PRIi64" %"PRIi64" %"PRIi64" %"PRIi64"\n",
+                    GT_CIPHER(chacha), size, mbps.min, mbps.mean, mbps.max);
         }
-    }
 
-    printf("\n");
-    free(buf);
+        size += 2 * 5 * 13;
+    }
 
     return 0;
 }

src/bind.c

@@ -193,8 +193,8 @@ gt_bind(int argc, char **argv)
         return 1;
     }
 
-    if (fd_set_nonblock(tun_fd) ||
-        fd_set_nonblock(mud_fd) ||
+    if (//fd_set_nonblock(tun_fd) ||
+        //fd_set_nonblock(mud_fd) ||
         fd_set_nonblock(ctl_fd)) {
         gt_log("couldn't setup non-blocking fds\n");
         return 1;
@@ -204,31 +204,60 @@ gt_bind(int argc, char **argv)
 
     gt_log("running on device %s as pid %li\n", tun_name, pid);
 
-    fd_set rfds;
+    fd_set rfds, wfds;
     FD_ZERO(&rfds);
+    FD_ZERO(&wfds);
 
-    const int last_fd = 1 + MAX(tun_fd, MAX(mud_fd, ctl_fd));
+    int tun_can_read = 0;
+    int tun_can_write = 0;
+    int mud_can_read = 0;
+    int mud_can_write = 0;
+
+    int last_fd = MAX(tun_fd, mud_fd);
+    last_fd = 1 + MAX(last_fd, ctl_fd);
 
     unsigned char buf[4096];
 
     while (!gt_quit) {
-        long send_wait = mud_send_wait(mud);
+        if (tun_can_write) {
+            FD_CLR(tun_fd, &wfds);
+        } else {
+            FD_SET(tun_fd, &wfds);
+        }
 
-        if (send_wait) {
+        if (mud_can_write) {
+            FD_CLR(mud_fd, &wfds);
+        } else {
+            FD_SET(mud_fd, &wfds);
+        }
+
+        if (tun_can_read) {
             FD_CLR(tun_fd, &rfds);
         } else {
             FD_SET(tun_fd, &rfds);
         }
 
-        FD_SET(mud_fd, &rfds);
+        if (mud_can_read) {
+            FD_CLR(mud_fd, &rfds);
+        } else {
+            FD_SET(mud_fd, &rfds);
+        }
+
         FD_SET(ctl_fd, &rfds);
 
         struct timeval tv = {
-            .tv_sec  = 0,
-            .tv_usec = send_wait,
+            .tv_usec = 100000,
         };
 
-        const int ret = select(last_fd, &rfds, NULL, NULL, send_wait > 0 ? &tv : NULL);
+        if (mud_can_read && tun_can_write) {
+            tv.tv_usec = 0;
+        } else if (tun_can_read && mud_can_write) {
+            long send_wait = mud_send_wait(mud);
+            if (send_wait >= 0)
+                tv.tv_usec = send_wait * 1000;
+        }
+
+        const int ret = select(last_fd, &rfds, &wfds, NULL, &tv);
 
         if (ret == -1) {
             if (errno == EBADF) {
@@ -238,8 +267,43 @@ gt_bind(int argc, char **argv)
             continue;
         }
 
+        if (FD_ISSET(tun_fd, &rfds))
+            tun_can_read = 1;
+
+        if (FD_ISSET(tun_fd, &wfds))
+            tun_can_write = 1;
+
+        if (FD_ISSET(mud_fd, &rfds))
+            mud_can_read = 1;
+
+        if (FD_ISSET(mud_fd, &wfds))
+            mud_can_write = 1;
+
         mtu = gt_setup_mtu(mud, mtu, tun_name);
 
+        if (tun_can_read && mud_can_write && !mud_send_wait(mud)) {
+            struct ip_common ic;
+            int r = tun_read(tun_fd, buf, sizeof(buf));
+
+            if (r > 0 && !ip_get_common(&ic, buf, r)) {
+                mud_send(mud, buf, (size_t)r, ic.tc);
+                mud_can_write = 0;
+            }
+
+            tun_can_read = 0;
+        }
+
+        if (mud_can_read && tun_can_write)  {
+            int r = mud_recv(mud, buf, sizeof(buf));
+
+            if (r > 0 && ip_is_valid(buf, r)) {
+                tun_write(tun_fd, buf, (size_t)r);
+                tun_can_write = 0;
+            }
+
+            mud_can_read = 0;
+        }
+
         if (FD_ISSET(ctl_fd, &rfds)) {
             struct ctl_msg req, res = {.reply = 1};
             struct sockaddr_storage ss;
@@ -299,12 +363,17 @@ gt_bind(int argc, char **argv)
                         res.ret = errno;
                     break;
                 case CTL_STATUS:
+                    memcpy(res.status.tun_name, tun_name, sizeof(tun_name)); // XXX
                     res.status.pid = pid;
                     res.status.mtu = mtu;
                     res.status.chacha = chacha;
                     res.status.bind = bind_addr;
                     res.status.peer = peer_addr;
                     break;
+                case CTL_BAD:
+                    if (mud_get_bad(mud, &res.bad))
+                        res.ret = errno;
+                    break;
                 }
                 if (sendto(ctl_fd, &res, sizeof(res), 0,
                            (const struct sockaddr *)&ss, sl) == -1)
@@ -313,36 +382,6 @@ gt_bind(int argc, char **argv)
                 perror("recvfrom(ctl)");
             }
         }
-
-        if (FD_ISSET(mud_fd, &rfds))  {
-            int n = 1000;
-
-            while (n--) {
-                const int r = mud_recv(mud, buf, sizeof(buf));
-
-                if (r <= 0)
-                    break;
-
-                if (ip_is_valid(buf, r))
-                    tun_write(tun_fd, buf, (size_t)r);
-            }
-        }
-
-        if (FD_ISSET(tun_fd, &rfds) && !mud_send_wait(mud)) {
-            struct ip_common ic;
-            const int r = tun_read(tun_fd, buf, sizeof(buf));
-
-            if (r > 0 && !ip_get_common(&ic, buf, r)) {
-             // TODO: disable hash for now
-             // unsigned char hash[crypto_shorthash_BYTES];
-             // crypto_shorthash(hash, (const unsigned char *)&ic, sizeof(ic), hashkey);
-
-                unsigned h = 0;
-             // memcpy(&h, hash, sizeof(h));
-
-                mud_send(mud, buf, (size_t)r, (h << 8) | ic.tc);
-            }
-        }
     }
 
     if (gt_reload && tun_fd >= 0)

src/common.h

@@ -54,6 +54,8 @@
 #undef MIN
 #define MIN(x,y) ({ __typeof__(x) X=(x); __typeof__(y) Y=(y); X < Y ? X : Y; })
 
+#define GT_CIPHER(x)  ((x) ? "chacha20poly1305" : "aegis256")
+
 extern volatile sig_atomic_t gt_alarm;
 extern volatile sig_atomic_t gt_reload;
 extern volatile sig_atomic_t gt_quit;

src/ctl.c

@@ -13,17 +13,12 @@
 int
 ctl_reply(int fd, struct ctl_msg *res, struct ctl_msg *req)
 {
-    if (fd == -1) {
-        errno = EINVAL;
-        return -1;
-    }
-
     if ((send(fd, req, sizeof(struct ctl_msg), 0) == -1) ||
         (recv(fd, res, sizeof(struct ctl_msg), 0) == -1))
         return -1;
 
     if (res->type != req->type || !res->reply) {
-        errno = EINVAL;
+        errno = EBADMSG;
         return -1;
     }
 
@@ -58,33 +53,30 @@ ctl_setsun(struct sockaddr_un *dst, const char *dir, const char *file)
 static int
 ctl_bind(int fd, const char *dir, const char *file)
 {
+    char name[10] = { [0] = '.' };
     struct sockaddr_un sun;
 
     if (str_empty(file)) {
-        char name[10] = { [0] = '.' };
         unsigned pid = (unsigned)getpid();
 
         for (size_t i = 1; i < sizeof(name) - 1; i++, pid >>= 4)
             name[i] = "uncopyrightables"[pid & 15];
 
-        if (ctl_setsun(&sun, dir, name))
-            return -1;
-    } else {
-        if (ctl_setsun(&sun, dir, file))
-            return -1;
-
-        unlink(sun.sun_path);
+        file = name;
     }
 
+    if (ctl_setsun(&sun, dir, file))
+        return -1;
+
+    if (unlink(sun.sun_path) && errno != ENOENT)
+        return -1;
+
     return bind(fd, (struct sockaddr *)&sun, sizeof(sun));
 }
 
 void
 ctl_delete(int fd)
 {
-    if (fd == -1)
-        return;
-
     struct sockaddr_storage ss = { 0 };
     socklen_t sslen = sizeof(ss);
 
@@ -108,9 +100,6 @@ ctl_create(const char *dir, const char *file)
 
     int fd = socket(AF_UNIX, SOCK_DGRAM, 0);
 
-    if (fd == -1)
-        return -1;
-
     if (ctl_bind(fd, dir, file)) {
         int err = errno;
         close(fd);
@@ -132,9 +121,7 @@ ctl_connect(const char *dir, const char *file)
     }
 
     if (!file) {
-        dp = opendir(dir);
-
-        if (!dp)
+        if (dp = opendir(dir), !dp)
             return -1;
 
         struct dirent *d = NULL;
@@ -145,7 +132,7 @@ ctl_connect(const char *dir, const char *file)
 
             if (file) {
                 closedir(dp);
-                return -3;
+                return CTL_ERROR_MANY;
             }
 
             file = &d->d_name[0];
@@ -153,7 +140,7 @@ ctl_connect(const char *dir, const char *file)
 
         if (!file) {
             closedir(dp);
-            return -2;
+            return CTL_ERROR_NONE;
         }
     }
 
@@ -171,9 +158,6 @@ ctl_connect(const char *dir, const char *file)
 
     int fd = ctl_create(dir, NULL);
 
-    if (fd == -1)
-        return -1;
-
     if (connect(fd, (struct sockaddr *)&sun, sizeof(sun))) {
         int err = errno;
         ctl_delete(fd);

src/ctl.h

@@ -4,6 +4,9 @@
 
 #include <sys/socket.h>
 
+#define CTL_ERROR_NONE (-2)
+#define CTL_ERROR_MANY (-3)
+
 enum ctl_type {
     CTL_NONE = 0,
     CTL_STATE,
@@ -13,6 +16,7 @@ enum ctl_type {
     CTL_KXTIMEOUT,
     CTL_TIMETOLERANCE,
     CTL_PATH_STATUS,
+    CTL_BAD,
 };
 
 struct ctl_msg {
@@ -27,12 +31,14 @@ struct ctl_msg {
         } path;
         struct mud_path path_status;
         struct {
+            char tun_name[64];
             long pid;
             size_t mtu;
             int chacha;
             struct sockaddr_storage bind;
             struct sockaddr_storage peer;
         } status;
+        struct mud_bad bad;
         size_t mtu;
         int tc;
         unsigned long ms;

src/main.c

@@ -75,7 +75,7 @@ main(int argc, char **argv)
         char *help;
         int (*call)(int, char **);
     } cmd[] = {
-        {"show", "show all running tunnels", gt_show},
+        {"show", "show tunnel info", gt_show},
         {"bench", "start a crypto bench", gt_bench},
         {"bind", "start a new tunnel", gt_bind},
         {"set", "change tunnel properties", gt_set},

src/path.c

@@ -34,27 +34,26 @@ gt_path_print_status(struct mud_path *path, int term)
     const char *statusstr = path->ok ? "OK" : "DEGRADED";
 
     printf(term ? "path %s\n"
-            "  status:   %s\n"
-            "  bind:     %s port %"PRIu16"\n"
-            "  public:   %s port %"PRIu16"\n"
-            "  peer:     %s port %"PRIu16"\n"
-            "  mtu:      %zu bytes\n"
-            "  rtt:      %.3f ms\n"
-            "  rttvar:   %.3f ms\n"
-            "  rate tx:  %"PRIu64" bytes/sec\n"
-            "  rate rx:  %"PRIu64" bytes/sec\n"
-            "  total tx: %"PRIu64" packets\n"
-            "  total rx: %"PRIu64" packets\n"
+            "  status:  %s\n"
+            "  bind:    %s port %"PRIu16"\n"
+            "  public:  %s port %"PRIu16"\n"
+            "  peer:    %s port %"PRIu16"\n"
+            "  mtu:     %zu bytes\n"
+            "  rtt:     %.3f ms\n"
+            "  rttvar:  %.3f ms\n"
+            "  tx:\n"
+            "    rate:  %"PRIu64" bytes/sec\n"
+            "    loss:  %"PRIu64" percent\n"
+            "    total: %"PRIu64" packets\n"
+            "  rx:\n"
+            "    rate:  %"PRIu64" bytes/sec\n"
+            "    loss:  %"PRIu64" percent\n"
+            "    total: %"PRIu64" packets\n"
             : "path %s %s"
-            " %s %"PRIu16
-            " %s %"PRIu16
-            " %s %"PRIu16
-            " %zu"
-            " %.3f %.3f"
-            " %"PRIu64
-            " %"PRIu64
-            " %"PRIu64
-            " %"PRIu64
+            " %s %"PRIu16" %s %"PRIu16" %s %"PRIu16
+            " %zu %.3f %.3f"
+            " %"PRIu64" %"PRIu64" %"PRIu64
+            " %"PRIu64" %"PRIu64" %"PRIu64
             "\n",
         statestr,
         statusstr,
@@ -67,14 +66,37 @@ gt_path_print_status(struct mud_path *path, int term)
         path->mtu.ok,
         (double)path->rtt.val / 1e3,
         (double)path->rtt.var / 1e3,
-        path->rate_tx,
-        path->rate_rx,
-        path->send.total,
-        path->recv.total);
+        path->tx.rate,
+        path->tx.loss,
+        path->tx.total,
+        path->rx.rate,
+        path->rx.loss,
+        path->rx.total);
 }
 
 static int
-gt_path_status(int fd)
+gt_path_cmp_addr(struct sockaddr_storage *a, struct sockaddr_storage *b)
+{
+    if (a->ss_family != b->ss_family)
+        return 1;
+
+    if (a->ss_family == AF_INET) {
+        struct sockaddr_in *A = (struct sockaddr_in *)a;
+        struct sockaddr_in *B = (struct sockaddr_in *)b;
+        return ((memcmp(&A->sin_addr, &B->sin_addr, sizeof(A->sin_addr))));
+    }
+
+    if (a->ss_family == AF_INET6) {
+        struct sockaddr_in6 *A = (struct sockaddr_in6 *)a;
+        struct sockaddr_in6 *B = (struct sockaddr_in6 *)b;
+        return ((memcmp(&A->sin6_addr, &B->sin6_addr, sizeof(A->sin6_addr))));
+    }
+
+    return 1;
+}
+
+static int
+gt_path_status(int fd, int state, struct sockaddr_storage *addr)
 {
     struct ctl_msg req = {
         .type = CTL_PATH_STATUS,
@@ -90,8 +112,10 @@ gt_path_status(int fd)
         if (recv(fd, &res, sizeof(struct ctl_msg), 0) == -1)
             return -1;
 
-        if (res.type != req.type)
-            return -2;
+        if (res.type != req.type) {
+            errno = EBADMSG;
+            return -1;
+        }
 
         if (res.ret == EAGAIN) {
             memcpy(&path[count], &res.path_status, sizeof(struct mud_path));
@@ -104,8 +128,11 @@ gt_path_status(int fd)
 
     int term = isatty(1);
 
-    for (int i = 0; i < count; i++)
-        gt_path_print_status(&path[i], term);
+    for (int i = 0; i < count; i++) {
+        if ((state == MUD_EMPTY || path[i].state == state) &&
+            (!addr->ss_family || !gt_path_cmp_addr(addr, &path[i].local_addr)))
+            gt_path_print_status(&path[i], term);
+    }
 
     return 0;
 }
@@ -117,6 +144,9 @@ gt_path(int argc, char **argv)
 
     struct ctl_msg req = {
         .type = CTL_STATE,
+        .path = {
+            .state = MUD_EMPTY,
+        },
     }, res = {0};
 
     struct argz ratez[] = {
@@ -141,10 +171,10 @@ gt_path(int argc, char **argv)
         case -1:
             perror("path");
             break;
-        case -2:
+        case CTL_ERROR_NONE:
             gt_log("no device\n");
             break;
-        case -3:
+        case CTL_ERROR_MANY:
             gt_log("please choose a device\n");
             break;
         default:
@@ -153,24 +183,27 @@ gt_path(int argc, char **argv)
         return 1;
     }
 
-    int ret = 0;
+    int set_rate = argz_is_set(pathz, "rate");
 
-    if (!req.path.addr.ss_family) {
-        ret = gt_path_status(fd);
+    if (set_rate && !req.path.addr.ss_family) {
+        gt_log("please specify a path\n");
+        return 1;
+    }
 
-        if (ret == -2)
-            gt_log("bad reply from server\n");
+    if (argz_is_set(pathz, "up")) {
+        req.path.state = MUD_UP;
+    } else if (argz_is_set(pathz, "backup")) {
+        req.path.state = MUD_BACKUP;
+    } else if (argz_is_set(pathz, "down")) {
+        req.path.state = MUD_DOWN;
+    }
+
+    int ret;
+
+    if (!req.path.addr.ss_family ||
+        (req.path.state == MUD_EMPTY && !set_rate)) {
+        ret = gt_path_status(fd, req.path.state, &req.path.addr);
     } else {
-        req.path.state = MUD_EMPTY;
-
-        if (argz_is_set(pathz, "up")) {
-            req.path.state = MUD_UP;
-        } else if (argz_is_set(pathz, "backup")) {
-            req.path.state = MUD_BACKUP;
-        } else if (argz_is_set(pathz, "down")) {
-            req.path.state = MUD_DOWN;
-        }
-
         ret = ctl_reply(fd, &res, &req);
     }
 

src/set.c

@@ -134,10 +134,10 @@ gt_set(int argc, char **argv)
         case -1:
             perror("set");
             break;
-        case -2:
+        case CTL_ERROR_NONE:
             gt_log("no device\n");
             break;
-        case -3:
+        case CTL_ERROR_MANY:
             gt_log("please choose a device\n");
             break;
         default:

src/show.c

@@ -11,8 +11,49 @@
 #include <arpa/inet.h>
 #include <unistd.h>
 
+static void
+gt_show_bad_line(int term, char *name, uint64_t count,
+                 struct sockaddr_storage *ss)
+{
+    if (!count)
+        return;
+
+    char addr[INET6_ADDRSTRLEN];
+    gt_toaddr(addr, sizeof(addr), (struct sockaddr *)ss);
+
+    printf(term ? "%s:\n"
+                  "  count: %"PRIu64"\n"
+                  "  last:  %s port %"PRIu16"\n"
+                : "%s"
+                  " %"PRIu64
+                  " %s %"PRIu16
+                  "\n",
+           name, count, addr[0] ? addr : "-",
+           gt_get_port((struct sockaddr *)ss));
+}
+
 static int
-gt_show_dev_status(int fd, const char *dev)
+gt_show_bad(int fd)
+{
+    struct ctl_msg res, req = {.type = CTL_BAD};
+
+    if (ctl_reply(fd, &res, &req))
+        return -1;
+
+    int term = isatty(1);
+
+    gt_show_bad_line(term, "decrypt",
+            res.bad.decrypt.count, &res.bad.decrypt.addr);
+    gt_show_bad_line(term, "difftime",
+            res.bad.difftime.count, &res.bad.difftime.addr);
+    gt_show_bad_line(term, "keyx",
+            res.bad.keyx.count, &res.bad.keyx.addr);
+
+    return 0;
+}
+
+static int
+gt_show_status(int fd)
 {
     struct ctl_msg res, req = {.type = CTL_STATUS};
 
@@ -32,29 +73,29 @@ gt_show_dev_status(int fd, const char *dev)
 
     if (server) {
         printf(term ? "server %s:\n"
-                      "  pid:       %li\n"
-                      "  bind:      %s port %"PRIu16"\n"
-                      "  mtu:       %zu\n"
-                      "  cipher:    %s\n"
+                      "  pid:    %li\n"
+                      "  bind:   %s port %"PRIu16"\n"
+                      "  mtu:    %zu\n"
+                      "  cipher: %s\n"
                     : "server %s"
                       " %li"
                       " %s %"PRIu16
                       " %zu"
                       " %s"
                       "\n",
-               dev,
+               res.status.tun_name,
                res.status.pid,
                bindstr[0] ? bindstr : "-",
                gt_get_port((struct sockaddr *)&res.status.bind),
                res.status.mtu,
-               res.status.chacha ? "chacha20poly1305" : "aes256gcm");
+               GT_CIPHER(res.status.chacha));
     } else {
         printf(term ? "client %s:\n"
-                      "  pid:       %li\n"
-                      "  bind:      %s port %"PRIu16"\n"
-                      "  peer:      %s port %"PRIu16"\n"
-                      "  mtu:       %zu\n"
-                      "  cipher:    %s\n"
+                      "  pid:    %li\n"
+                      "  bind:   %s port %"PRIu16"\n"
+                      "  peer:   %s port %"PRIu16"\n"
+                      "  mtu:    %zu\n"
+                      "  cipher: %s\n"
                     : "client %s"
                       " %li"
                       " %s %"PRIu16
@@ -62,43 +103,19 @@ gt_show_dev_status(int fd, const char *dev)
                       " %zu"
                       " %s"
                       "\n",
-               dev,
+               res.status.tun_name,
                res.status.pid,
                bindstr[0] ? bindstr : "-",
                gt_get_port((struct sockaddr *)&res.status.bind),
                peerstr[0] ? peerstr : "-",
                gt_get_port((struct sockaddr *)&res.status.peer),
                res.status.mtu,
-               res.status.chacha ? "chacha20poly1305" : "aes256gcm");
+               GT_CIPHER(res.status.chacha));
     }
 
     return 0;
 }
 
-static int
-gt_show_dev(const char *dev)
-{
-    int fd = ctl_connect(GT_RUNDIR, dev);
-
-    if (fd < 0) {
-        if (fd == -1)
-            perror("show");
-        return -1;
-    }
-
-    int ret = gt_show_dev_status(fd, dev);
-
-    if (ret == -1)
-        perror(dev);
-
-    if (ret == -2)
-        gt_log("%s: bad reply from server\n", dev);
-
-    ctl_delete(fd);
-
-    return ret;
-}
-
 int
 gt_show(int argc, char **argv)
 {
@@ -106,32 +123,39 @@ gt_show(int argc, char **argv)
 
     struct argz showz[] = {
         {"dev", "NAME", &dev, argz_str},
+        {"bad", NULL, NULL, argz_option},
         {NULL}};
 
     if (argz(showz, argc, argv))
         return 1;
 
-    if (dev)
-        return !!gt_show_dev(dev);
+    int fd = ctl_connect(GT_RUNDIR, dev);
 
-    DIR *dp = opendir(GT_RUNDIR);
-
-    if (!dp) {
-        if (errno == ENOENT)
-            return 0;
-        perror("show");
+    if (fd < 0) {
+        switch (fd) {
+        case -1:
+            perror("show");
+            break;
+        case CTL_ERROR_NONE:
+            gt_log("no device\n");
+            break;
+        case CTL_ERROR_MANY:
+            gt_log("please choose a device\n");
+            break;
+        default:
+            gt_log("couldn't connect\n");
+        }
         return 1;
     }
 
-    int ret = 0;
-    struct dirent *d = NULL;
+    int ret = argz_is_set(showz, "bad")
+            ? gt_show_bad(fd)
+            : gt_show_status(fd);
 
-    while (d = readdir(dp), d) {
-        if (d->d_name[0] != '.')
-            ret |= !!gt_show_dev(d->d_name);
-    }
+    if (ret == -1)
+        perror("show");
 
-    closedir(dp);
+    ctl_delete(fd);
 
-    return ret;
+    return !!ret;
 }