207 lines
5.4 KiB
C
207 lines
5.4 KiB
C
#include "util.h"
|
|
|
|
#include <unistd.h>
|
|
#include <sys/types.h>
|
|
#include <sys/stat.h>
|
|
#include <fcntl.h>
|
|
|
|
#include <errno.h>
|
|
#include <sys/socket.h>
|
|
#include <linux/if.h>
|
|
#include <linux/if_tun.h>
|
|
#include <sys/ioctl.h>
|
|
|
|
#include <arpa/inet.h>
|
|
#include <netinet/ip.h>
|
|
|
|
void* xmalloc( size_t bytes )
|
|
{
|
|
void* result = malloc( bytes );
|
|
|
|
if ( bytes > 0 && result == NULL ) {
|
|
warn( "Couldn't allocate memory, exiting!" );
|
|
exit(2);
|
|
|
|
}
|
|
|
|
memset( result, 0, bytes );
|
|
return result;
|
|
}
|
|
|
|
int create_tun( const char* name )
|
|
{
|
|
int fd, err;
|
|
struct ifreq ifr;
|
|
|
|
if ( ( fd = open( "/dev/net/tun", O_RDWR ) ) < 0 ) {
|
|
warn( "Error %s opening tun to create %s", strerror(errno), name );
|
|
return -1;
|
|
}
|
|
|
|
memset( &ifr, 0, sizeof( struct ifreq ) );
|
|
|
|
ifr.ifr_flags = IFF_TUN | IFF_NO_PI | IFF_UP;
|
|
strncpy( ifr.ifr_name, name, IFNAMSIZ );
|
|
|
|
if ( (err = ioctl( fd, TUNSETIFF, (void*) &ifr ) ) < 0 ) {
|
|
warn( "Error creating tun device %s: %s", name, strerror(errno) );
|
|
close( fd );
|
|
return -1;
|
|
}
|
|
|
|
return fd;
|
|
}
|
|
|
|
int link_set_up( char *link_name, int state )
|
|
{
|
|
int fd = socket( PF_INET, SOCK_DGRAM, IPPROTO_IP );
|
|
struct ifreq ifr;
|
|
|
|
|
|
memset( &ifr, 0, sizeof( struct ifreq ) );
|
|
strncpy( ifr.ifr_name, link_name, IFNAMSIZ );
|
|
|
|
if ( ioctl( fd, SIOCGIFFLAGS, (void*)&ifr ) < 0 ) {
|
|
warn( "Failed to read interface flags for %s: %s", link_name, strerror(errno) );
|
|
return 0;
|
|
}
|
|
|
|
if ( state ) {
|
|
ifr.ifr_flags |= IFF_UP;
|
|
} else {
|
|
ifr.ifr_flags = ( ifr.ifr_flags & ~IFF_UP );
|
|
}
|
|
|
|
if ( ioctl( fd, SIOCSIFFLAGS, (void*)&ifr ) < 0 ) {
|
|
warn( "Failed to set link state for interface %s to %i: %s", link_name, state, strerror(errno) );
|
|
return 0;
|
|
}
|
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
|
|
int session_setup( struct session *session, char *config_file, char *listen_if, char *output_if )
|
|
{
|
|
memset( session, 0, sizeof( struct session ) );
|
|
session->listen_if = -1;
|
|
session->output_if = -1;
|
|
|
|
session->rlocs = rlocs_new( config_file );
|
|
|
|
if ( session->rlocs == NULL ) {
|
|
warn( "Failed to get config from %s", config_file );
|
|
return 0;
|
|
}
|
|
|
|
rlocs_debug_output( session->rlocs );
|
|
|
|
// TODO: We can scale the tun architecture by using multiqueue and having
|
|
// a bunch of workers, rather than this noddy scheme. If we don't jump
|
|
// directly to something saner, anyway...
|
|
|
|
session->listen_if = create_tun( listen_if );
|
|
if ( session->listen_if == -1 ) {
|
|
warn( "Error opening %s for listening", listen_if );
|
|
rlocs_free( session->rlocs );
|
|
return 0;
|
|
}
|
|
link_set_up( listen_if, 1 );
|
|
|
|
|
|
if ( strcmp( listen_if, output_if ) == 0 ) {
|
|
session->same_if = 1;
|
|
session->output_if = session->listen_if;
|
|
} else {
|
|
session->same_if = 0;
|
|
session->output_if = create_tun( output_if );
|
|
|
|
if ( session->output_if == -1 ) {
|
|
warn( "Error opening %s for outputting", output_if );
|
|
rlocs_free( session->rlocs );
|
|
close( session->listen_if );
|
|
return 0;
|
|
}
|
|
link_set_up( output_if, 1 );
|
|
}
|
|
|
|
return 1;
|
|
}
|
|
|
|
int session_upgrade_rlocs( struct session *session, int argc, char** args )
|
|
{
|
|
int i, num_rlocs = argc / 2;
|
|
|
|
if ( argc%2 != 0 ) {
|
|
warn( "Odd number of arguments. Format: [<rlc> <filename>]n" );
|
|
return 0;
|
|
}
|
|
|
|
for ( i = 0 ; i < num_rlocs ; i++ ) {
|
|
char *rloc_str = args[i*2];
|
|
char *filename = args[(i*2)+1];
|
|
struct rloc *rloc;
|
|
|
|
if ( strchr( rloc_str, ':' ) == NULL ) { /* IPv4 */
|
|
struct in_addr ip;
|
|
if ( inet_pton( AF_INET, rloc_str, &ip ) != 1 ) {
|
|
warn( "Couldn't parse %s as an IPv4 address", rloc_str );
|
|
return 0;
|
|
}
|
|
rloc = rloc_find_by_address( session->rlocs, &ip, NULL );
|
|
} else { /* IPv6 */
|
|
struct in6_addr ip6;
|
|
if ( inet_pton( AF_INET6, rloc_str, &ip6 ) != 1 ) {
|
|
warn( "Couldn't parse %s as an IPv6 address", rloc_str );
|
|
return 0;
|
|
}
|
|
rloc = rloc_find_by_address( session->rlocs, NULL, &ip6 );
|
|
}
|
|
|
|
if (rloc == NULL ) {
|
|
warn( "Couldn't find rloc for %s", rloc_str );
|
|
return 0;
|
|
}
|
|
|
|
if ( !rloc_add_private_key( rloc, filename ) ) {
|
|
warn( "Couldn't upgrade rloc %s with %s", rloc_str, filename );
|
|
return 0;
|
|
}
|
|
|
|
info( "Upgraded RLOC %s with private key %s", rloc_str, filename );
|
|
}
|
|
|
|
return 1;
|
|
}
|
|
|
|
|
|
void session_teardown( struct session *session )
|
|
{
|
|
rlocs_free( session->rlocs );
|
|
if ( session->listen_if >= 0 ) {
|
|
close( session->listen_if );
|
|
}
|
|
|
|
if ( session->output_if >= 0 && !session->same_if ) {
|
|
close( session->output_if );
|
|
}
|
|
}
|
|
|
|
|
|
// TODO: we can speed this one up, if necessary, by re-using the context.
|
|
// TODO: some error-checking
|
|
int sha256sum( unsigned char *src, size_t src_len, unsigned char dst[SHA256_DIGEST_LENGTH] )
|
|
{
|
|
unsigned int size = SHA256_DIGEST_LENGTH;
|
|
EVP_MD_CTX *ctx = EVP_MD_CTX_create();
|
|
EVP_DigestInit_ex( ctx, EVP_sha256(), NULL );
|
|
|
|
|
|
EVP_DigestUpdate( ctx, src, src_len );
|
|
EVP_DigestFinal_ex( ctx, &dst[0], &size );
|
|
EVP_MD_CTX_destroy( ctx );
|
|
|
|
|
|
return size == SHA256_DIGEST_LENGTH;
|
|
} |