212 lines
5.2 KiB
C
212 lines
5.2 KiB
C
#include "util.h"
|
|
|
|
#include <unistd.h>
|
|
#include <sys/types.h>
|
|
#include <sys/stat.h>
|
|
#include <fcntl.h>
|
|
|
|
#include <errno.h>
|
|
#include <sys/socket.h>
|
|
#include <linux/if.h>
|
|
#include <linux/if_tun.h>
|
|
#include <sys/ioctl.h>
|
|
|
|
#include <arpa/inet.h>
|
|
#include <netinet/ip.h>
|
|
|
|
#ifndef IFF_MULTI_QUEUE
|
|
#define IFF_MULTI_QUEUE 0x0100
|
|
#endif
|
|
|
|
void* xmalloc( size_t bytes )
|
|
{
|
|
void* result = malloc( bytes );
|
|
|
|
if ( bytes > 0 && result == NULL ) {
|
|
warn( "Couldn't allocate %zu bytes, exiting!", bytes );
|
|
exit(2);
|
|
|
|
}
|
|
|
|
memset( result, 0, bytes );
|
|
return result;
|
|
}
|
|
|
|
int tun_has_multiqueue( int tun_fd )
|
|
{
|
|
int features;
|
|
|
|
if ( ioctl( tun_fd, TUNGETFEATURES, &features ) < 0) {
|
|
warn("Kernel doesn't support TUNGETFEATURES, assuming no multiqueue");
|
|
features = 0;
|
|
}
|
|
|
|
return features & IFF_MULTI_QUEUE;
|
|
}
|
|
|
|
int create_tun( const char *name, int multi )
|
|
{
|
|
int fd, err;
|
|
struct ifreq ifr;
|
|
|
|
if ( ( fd = open( "/dev/net/tun", O_RDWR ) ) < 0 ) {
|
|
warn( "Error %s (%i) opening tun to create %s", strerror(errno), errno, name );
|
|
return -1;
|
|
}
|
|
|
|
memset( &ifr, 0, sizeof( struct ifreq ) );
|
|
|
|
ifr.ifr_flags = IFF_TUN | IFF_NO_PI;
|
|
|
|
if ( multi ) {
|
|
if ( !tun_has_multiqueue( fd ) ) {
|
|
warn( "multiqueue requested but kernel doesn't support it" );
|
|
close( fd );
|
|
return -1;
|
|
}
|
|
|
|
debug( "Creating multi-queue device" );
|
|
ifr.ifr_flags |= IFF_MULTI_QUEUE;
|
|
}
|
|
|
|
|
|
strncpy( ifr.ifr_name, name, IFNAMSIZ );
|
|
|
|
while ( (err = ioctl( fd, TUNSETIFF, (void*) &ifr ) ) < 0 ) {
|
|
if ( errno != EBUSY ) {
|
|
warn( "Error creating tun device %s: %s (%i)", name, strerror(errno), errno );
|
|
close( fd );
|
|
return -1;
|
|
}
|
|
}
|
|
|
|
return fd;
|
|
}
|
|
|
|
int link_set_up( char *link_name, int state )
|
|
{
|
|
int fd = socket( PF_INET, SOCK_DGRAM, IPPROTO_IP );
|
|
struct ifreq ifr;
|
|
|
|
|
|
memset( &ifr, 0, sizeof( struct ifreq ) );
|
|
strncpy( ifr.ifr_name, link_name, IFNAMSIZ );
|
|
|
|
if ( ioctl( fd, SIOCGIFFLAGS, (void*)&ifr ) < 0 ) {
|
|
warn( "Failed to read interface flags for %s: %s", link_name, strerror(errno) );
|
|
return 0;
|
|
}
|
|
|
|
if ( state ) {
|
|
ifr.ifr_flags |= IFF_UP;
|
|
} else {
|
|
ifr.ifr_flags = ( ifr.ifr_flags & ~IFF_UP );
|
|
}
|
|
|
|
if ( ioctl( fd, SIOCSIFFLAGS, (void*)&ifr ) < 0 ) {
|
|
warn( "Failed to set link state for interface %s to %i: %s", link_name, state, strerror(errno) );
|
|
return 0;
|
|
}
|
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
|
|
int session_setup( struct session *session, char *config_file, char *ifname, int multi )
|
|
{
|
|
memset( session, 0, sizeof( struct session ) );
|
|
|
|
session->rlocs = rlocs_new( config_file );
|
|
|
|
if ( session->rlocs == NULL ) {
|
|
warn( "Failed to get config from %s", config_file );
|
|
return 0;
|
|
}
|
|
|
|
rlocs_debug_output( session->rlocs );
|
|
|
|
session->fd = create_tun( ifname, multi );
|
|
if ( session->fd == -1 ) {
|
|
warn( "Error opening %s for listening", ifname );
|
|
rlocs_free( session->rlocs );
|
|
return 0;
|
|
}
|
|
link_set_up( ifname, 1 );
|
|
|
|
return 1;
|
|
}
|
|
|
|
int session_upgrade_rlocs( struct session *session, int argc, char** args )
|
|
{
|
|
int i, num_rlocs = argc / 2;
|
|
|
|
if ( argc%2 != 0 ) {
|
|
warn( "Odd number of arguments. Format: [<rlc> <filename>]n" );
|
|
return 0;
|
|
}
|
|
|
|
for ( i = 0 ; i < num_rlocs ; i++ ) {
|
|
char *rloc_str = args[i*2];
|
|
char *filename = args[(i*2)+1];
|
|
struct rloc *rloc;
|
|
|
|
if ( strchr( rloc_str, ':' ) == NULL ) { /* IPv4 */
|
|
struct in_addr ip;
|
|
if ( inet_pton( AF_INET, rloc_str, &ip ) != 1 ) {
|
|
warn( "Couldn't parse %s as an IPv4 address", rloc_str );
|
|
return 0;
|
|
}
|
|
rloc = rloc_find_by_address( session->rlocs, &ip, NULL );
|
|
} else { /* IPv6 */
|
|
struct in6_addr ip6;
|
|
if ( inet_pton( AF_INET6, rloc_str, &ip6 ) != 1 ) {
|
|
warn( "Couldn't parse %s as an IPv6 address", rloc_str );
|
|
return 0;
|
|
}
|
|
rloc = rloc_find_by_address( session->rlocs, NULL, &ip6 );
|
|
}
|
|
|
|
if (rloc == NULL ) {
|
|
warn( "Couldn't find rloc for %s", rloc_str );
|
|
return 0;
|
|
}
|
|
|
|
if ( !rlocs_add_private_key( session->rlocs, rloc, filename ) ) {
|
|
warn( "Couldn't upgrade rloc %s with %s", rloc_str, filename );
|
|
return 0;
|
|
}
|
|
|
|
info( "Upgraded RLOC %s with private key %s", rloc_str, filename );
|
|
}
|
|
|
|
return 1;
|
|
}
|
|
|
|
|
|
void session_teardown( struct session *session )
|
|
{
|
|
rlocs_free( session->rlocs );
|
|
if ( session->fd >= 0 ) {
|
|
close( session->fd );
|
|
}
|
|
}
|
|
|
|
|
|
// TODO: we can speed this one up, if necessary, by re-using the context.
|
|
// TODO: some error-checking
|
|
int sha256sum( unsigned char *src, size_t src_len, unsigned char dst[SHA256_DIGEST_LENGTH] )
|
|
{
|
|
unsigned int size = SHA256_DIGEST_LENGTH;
|
|
EVP_MD_CTX *ctx = EVP_MD_CTX_create();
|
|
EVP_DigestInit_ex( ctx, EVP_sha256(), NULL );
|
|
|
|
|
|
EVP_DigestUpdate( ctx, src, src_len );
|
|
EVP_DigestFinal_ex( ctx, &dst[0], &size );
|
|
EVP_MD_CTX_destroy( ctx );
|
|
|
|
|
|
return size == SHA256_DIGEST_LENGTH;
|
|
}
|