diff options
| -rw-r--r-- | Makefile | 7 | ||||
| -rw-r--r-- | anytun.cpp | 133 | ||||
| -rw-r--r-- | authAlgo.h | 2 | ||||
| -rw-r--r-- | buffer.h | 6 | ||||
| -rw-r--r-- | cypher.h | 2 | ||||
| -rw-r--r-- | packet.cpp (renamed from package.cpp) | 44 | ||||
| -rw-r--r-- | packet.h (renamed from package.h) | 34 | ||||
| -rw-r--r-- | packetSource.cpp | 57 | ||||
| -rw-r--r-- | packetSource.h | 54 | ||||
| -rw-r--r-- | tunDevice.cpp | 15 | ||||
| -rw-r--r-- | tunDevice.h | 7 |
11 files changed, 294 insertions, 67 deletions
@@ -31,7 +31,7 @@ OPENVPNDEPS = openvpn/tun.o \ -OBJS = anytun.o tunDevice.o buffer.o package.o cypher.o authAlgo.o PracticalSocket.o signalController.o log.o $(OPENVPNDEPS) +OBJS = anytun.o tunDevice.o packetSource.o buffer.o packet.o cypher.o authAlgo.o PracticalSocket.o signalController.o log.o $(OPENVPNDEPS) EXECUTABLE = anytun all: $(EXECUTABLE) @@ -42,10 +42,13 @@ anytun: $(OBJS) tunDevice.o: tunDevice.cpp tunDevice.h $(C++) $(CCFLAGS) $< -c +packetSource.o: packetSource.cpp packetSource.h + $(C++) $(CCFLAGS) $< -c + buffer.o: buffer.cpp buffer.h $(C++) $(CCFLAGS) $< -c -package.o: package.cpp package.h buffer.h +packet.o: packet.cpp packet.h buffer.h $(C++) $(CCFLAGS) $< -c cypher.o: cypher.cpp cypher.h buffer.h @@ -34,35 +34,103 @@ #include "datatypes.h" #include "log.h" -#include "tunDevice.h" #include "buffer.h" -#include "package.h" +#include "packet.h" #include "cypher.h" #include "authAlgo.h" #include "signalController.h" +#include "packetSource.h" +#include "tunDevice.h" + +sender_id_t my_sender_id_ = 23; +u_int16_t local_port_ = 4444; +string remote_addr_ = "127.0.0.1"; +u_int16_t remote_port_ = 4444; +string dev_type_ = "tap"; +string ifconfig_param_1_ = "192.168.200.1"; +string ifconfig_param_2_ = "255.255.255.0"; -void* sender(void* d) +#define PAYLOAD_TYPE_TAP 0x6558 +#define PAYLOAD_TYPE_TUN 0x0800 + +struct Param { - TunDevice* dev = reinterpret_cast<TunDevice*>(d); - - Buffer buf(1600); + TunDevice* dev; + Cypher* c; + AuthAlgo* a; + PacketSource* src; +}; + +void* sender(void* p) +{ + Param* param = reinterpret_cast<Param*>(p); + + seq_nr_t seq = 0; while(1) { - int len = dev->read(buf); - std::cout << "read " << len << " bytes" << std::endl; + Packet pack(1600); + + // read packet from device + int len = param->dev->read(pack); + pack.resizeBack(len); + + // add payload type + if(param->dev->getType() == TunDevice::TYPE_TUN) + pack.addPayloadType(PAYLOAD_TYPE_TUN); + else if(param->dev->getType() == TunDevice::TYPE_TAP) + pack.addPayloadType(PAYLOAD_TYPE_TAP); + else + pack.addPayloadType(0); + + // cypher the packet + param->c->cypher(pack); + + // add header to packet + pack.addHeader(my_sender_id_, seq); + + // calc auth_tag and add it to the packet + auth_tag_t at = param->a->calc(pack); + pack.addAuthTag(at); + + // send it out to remote host + param->src->send(pack, remote_addr_, remote_port_); } pthread_exit(NULL); } -void* receiver(void* d) +void* receiver(void* p) { - TunDevice* dev = reinterpret_cast<TunDevice*>(d); + Param* param = reinterpret_cast<Param*>(p); - Buffer buf(1234); while(1) { - sleep(1); - dev->write(buf); + string remote_host; + u_int16_t remote_port; + Packet pack(1600); + + // read packet from socket + int len = param->src->recv(pack, remote_host, remote_port); + pack.resizeBack(len); + + // check auth_tag and remove it + auth_tag_t at = param->a->calc(pack); + if(at != pack.getAuthTag()) + continue; + + // compare sender_id and seq with window + pack.removeHeader(); + + // decypher the packet + param->c->cypher(pack); + + // check payload_type and remove it + if((param->dev->getType() == TunDevice::TYPE_TUN && pack.getPayloadType() != PAYLOAD_TYPE_TUN) || + (param->dev->getType() == TunDevice::TYPE_TAP && pack.getPayloadType() != PAYLOAD_TYPE_TAP)) + continue; + pack.removePayloadType(); + + // write it on the device + param->dev->write(pack); } pthread_exit(NULL); } @@ -71,22 +139,40 @@ int main(int argc, char* argv[]) { std::cout << "anytun - secure anycast tunneling protocol" << std::endl; cLog.msg(Log::PRIO_NOTICE) << "anytun started..."; + + if(argc > 1) + my_sender_id_ = atoi(argv[1]); + if(argc > 2) + local_port_ = atoi(argv[2]); + if(argc > 3) + remote_addr_ = argv[3]; + if(argc > 4) + remote_port_ = atoi(argv[4]); + if(argc > 5) + dev_type_ = argv[5]; + if(argc > 6) + ifconfig_param_1_ = argv[6]; + if(argc > 7) + ifconfig_param_2_ = argv[7]; + SignalController sig; sig.init(); -// TunDevice dev("tun", "192.168.200.1", "192.168.201.1"); - TunDevice dev("tap", "192.168.202.1", "255.255.255.0"); -// TunDevice dev("tun17", "192.168.200.1", "192.168.201.1"); - + struct Param p; + p.dev = new TunDevice(dev_type_.c_str(), ifconfig_param_2_.c_str(), ifconfig_param_2_.c_str()); + p.c = new NullCypher(); + p.a = new NullAuthAlgo(); + p.src = new UDPPacketSource(local_port_); + std::cout << "dev created (opened)" << std::endl; - std::cout << "dev opened - actual name is '" << dev.getActualName() << "'" << std::endl; - std::cout << "dev type is '" << dev.getType() << "'" << std::endl; + std::cout << "dev opened - actual name is '" << p.dev->getActualName() << "'" << std::endl; + std::cout << "dev type is '" << p.dev->getTypeString() << "'" << std::endl; pthread_t senderThread; - pthread_create(&senderThread, NULL, sender, &dev); + pthread_create(&senderThread, NULL, sender, &p); pthread_t receiverThread; - pthread_create(&receiverThread, NULL, receiver, &dev); + pthread_create(&receiverThread, NULL, receiver, &p); int ret = sig.run(); @@ -95,5 +181,10 @@ int main(int argc, char* argv[]) pthread_join(senderThread, NULL); pthread_join(receiverThread, NULL); + delete p.dev; + delete p.c; + delete p.a; + delete p.src; + return ret; } @@ -43,7 +43,7 @@ public: virtual auth_tag_t calc(const Buffer& buf) = 0; }; -class NullAuthAlgo : AuthAlgo +class NullAuthAlgo : public AuthAlgo { public: auth_tag_t calc(const Buffer& buf); @@ -31,7 +31,10 @@ #ifndef _BUFFER_H_ #define _BUFFER_H_ +#include "datatypes.h" + class TunDevice; +class UDPPacketSource; class Buffer { @@ -51,8 +54,9 @@ public: u_int8_t operator[](u_int32_t index) const; protected: - operator u_int8_t*(); // just for write/read tun + operator u_int8_t*(); // just for write/read tun and packetSource friend class TunDevice; + friend class UDPPacketSource; u_int8_t *buf_; u_int32_t length_; @@ -46,7 +46,7 @@ protected: virtual Buffer getBitStream(u_int32_t length) = 0; }; -class NullCypher : Cypher +class NullCypher : public Cypher { protected: Buffer getBitStream(u_int32_t length); @@ -33,35 +33,35 @@ #include "datatypes.h" -#include "package.h" +#include "packet.h" -Package::Package() +Packet::Packet() { has_header_ = false; has_payload_type_ = false; has_auth_tag_ = false; } -Package::Package(u_int32_t length) : Buffer(length) +Packet::Packet(u_int32_t length) : Buffer(length) { has_header_ = false; has_payload_type_ = false; has_auth_tag_ = false; } -Package::Package(const Buffer &src) : Buffer(src) +Packet::Packet(const Buffer &src) : Buffer(src) { has_header_ = false; has_payload_type_ = false; has_auth_tag_ = false; } -bool Package::hasHeader() const +bool Packet::hasHeader() const { return has_header_; } -Package& Package::withHeader(bool b) +Packet& Packet::withHeader(bool b) { if(b && length_ >= sizeof(struct HeaderStruct)) has_header_ = true; @@ -71,7 +71,7 @@ Package& Package::withHeader(bool b) return *this; } -seq_nr_t Package::getSeqNr() const +seq_nr_t Packet::getSeqNr() const { if(!has_header_) return 0; @@ -81,7 +81,7 @@ seq_nr_t Package::getSeqNr() const return SEQ_NR_T_NTOH(header->seq_nr); } -sender_id_t Package::getSenderId() const +sender_id_t Packet::getSenderId() const { if(!has_header_) return 0; @@ -91,7 +91,7 @@ sender_id_t Package::getSenderId() const return SENDER_ID_T_NTOH(header->sender_id); } -Package& Package::addHeader(seq_nr_t seq_nr, sender_id_t sender_id) +Packet& Packet::addHeader(seq_nr_t seq_nr, sender_id_t sender_id) { if(!has_header_) { @@ -107,7 +107,7 @@ Package& Package::addHeader(seq_nr_t seq_nr, sender_id_t sender_id) return *this; } -Package& Package::removeHeader() +Packet& Packet::removeHeader() { if(!has_header_) return *this; @@ -120,7 +120,7 @@ Package& Package::removeHeader() return *this; } -Package& Package::setSeqNr(seq_nr_t seq_nr) +Packet& Packet::setSeqNr(seq_nr_t seq_nr) { if(has_header_) { @@ -131,7 +131,7 @@ Package& Package::setSeqNr(seq_nr_t seq_nr) return *this; } -Package& Package::setSenderId(sender_id_t sender_id) +Packet& Packet::setSenderId(sender_id_t sender_id) { if(has_header_) { @@ -144,12 +144,12 @@ Package& Package::setSenderId(sender_id_t sender_id) -bool Package::hasPayloadType() const +bool Packet::hasPayloadType() const { return has_payload_type_; } -Package& Package::withPayloadType(bool b) +Packet& Packet::withPayloadType(bool b) { if(b && length_ >= sizeof(payload_type_t)) has_payload_type_ = true; @@ -159,7 +159,7 @@ Package& Package::withPayloadType(bool b) return *this; } -payload_type_t Package::getPayloadType() const +payload_type_t Packet::getPayloadType() const { if(!has_payload_type_) return 0; @@ -177,7 +177,7 @@ payload_type_t Package::getPayloadType() const return PAYLOAD_TYPE_T_NTOH(*payload_type); } -Package& Package::addPayloadType(payload_type_t payload_type) +Packet& Packet::addPayloadType(payload_type_t payload_type) { if(has_auth_tag_) throw std::runtime_error("can't add payload_type with existing auth_tag"); @@ -196,7 +196,7 @@ Package& Package::addPayloadType(payload_type_t payload_type) return *this; } -Package& Package::removePayloadType() +Packet& Packet::removePayloadType() { if(has_auth_tag_) throw std::runtime_error("can't remove payload_type with existing auth_tag"); @@ -214,12 +214,12 @@ Package& Package::removePayloadType() -bool Package::hasAuthTag() const +bool Packet::hasAuthTag() const { return has_auth_tag_; } -Package& Package::withAuthTag(bool b) +Packet& Packet::withAuthTag(bool b) { if(b && length_ >= sizeof(auth_tag_t)) has_auth_tag_ = true; @@ -229,7 +229,7 @@ Package& Package::withAuthTag(bool b) return *this; } -auth_tag_t Package::getAuthTag() const +auth_tag_t Packet::getAuthTag() const { if(!has_auth_tag_) return 0; @@ -242,7 +242,7 @@ auth_tag_t Package::getAuthTag() const return AUTH_TAG_T_NTOH(*auth_tag); } -Package& Package::addAuthTag(auth_tag_t auth_tag) +Packet& Packet::addAuthTag(auth_tag_t auth_tag) { if(!has_auth_tag_) { @@ -258,7 +258,7 @@ Package& Package::addAuthTag(auth_tag_t auth_tag) return *this; } -Package& Package::removeAuthTag() +Packet& Packet::removeAuthTag() { if(!has_auth_tag_) return *this; @@ -28,39 +28,39 @@ * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ -#ifndef _PACKAGE_H_ -#define _PACKAGE_H_ +#ifndef _PACKET_H_ +#define _PACKET_H_ #include "datatypes.h" #include "buffer.h" -class Package : public Buffer +class Packet : public Buffer { public: - Package(); - Package(u_int32_t length); - Package(const Buffer &src); + Packet(); + Packet(u_int32_t length); + Packet(const Buffer &src); bool hasHeader() const; - Package& withHeader(bool b); + Packet& withHeader(bool b); seq_nr_t getSeqNr() const; sender_id_t getSenderId() const; - Package& addHeader(seq_nr_t seq_nr, sender_id_t sender_id); - Package& removeHeader(); - Package& setSeqNr(seq_nr_t seq_nr); - Package& setSenderId(sender_id_t sender_id); + Packet& addHeader(seq_nr_t seq_nr, sender_id_t sender_id); + Packet& removeHeader(); + Packet& setSeqNr(seq_nr_t seq_nr); + Packet& setSenderId(sender_id_t sender_id); bool hasPayloadType() const; - Package& withPayloadType(bool b); + Packet& withPayloadType(bool b); payload_type_t getPayloadType() const; - Package& addPayloadType(payload_type_t payload_type); - Package& removePayloadType(); + Packet& addPayloadType(payload_type_t payload_type); + Packet& removePayloadType(); bool hasAuthTag() const; - Package& withAuthTag(bool b); + Packet& withAuthTag(bool b); auth_tag_t getAuthTag() const; - Package& addAuthTag(auth_tag_t auth_tag); - Package& removeAuthTag(); + Packet& addAuthTag(auth_tag_t auth_tag); + Packet& removeAuthTag(); private: struct HeaderStruct diff --git a/packetSource.cpp b/packetSource.cpp new file mode 100644 index 0000000..8ef122d --- /dev/null +++ b/packetSource.cpp @@ -0,0 +1,57 @@ +/* + * anytun + * + * The secure anycast tunneling protocol (satp) defines a protocol used + * for communication between any combination of unicast and anycast + * tunnel endpoints. It has less protocol overhead than IPSec in Tunnel + * mode and allows tunneling of every ETHER TYPE protocol (e.g. + * ethernet, ip, arp ...). satp directly includes cryptography and + * message authentication based on the methodes used by SRTP. It is + * intended to deliver a generic, scaleable and secure solution for + * tunneling and relaying of packets of any protocol. + * + * + * Copyright (C) 2007 anytun.org <satp@wirdorange.org> + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2 + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program (see the file COPYING included with this + * distribution); if not, write to the Free Software Foundation, Inc., + * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + +#include "datatypes.h" + +#include "packetSource.h" +#include "buffer.h" +#include "PracticalSocket.h" + +UDPPacketSource::UDPPacketSource() +{ +} + +UDPPacketSource::UDPPacketSource(u_int16_t port) : UDPSocket(port) +{ +} + +UDPPacketSource::UDPPacketSource(std::string localaddr, u_int16_t port) : UDPSocket(localaddr, port) +{ +} + +u_int32_t UDPPacketSource::recv(Buffer buf, std::string addr, u_int16_t &port) +{ + return recvFrom(buf, buf.getLength(), addr, port); +} + +void UDPPacketSource::send(Buffer buf, std::string addr, u_int16_t port) +{ + sendTo(buf, buf.getLength(), addr, port); +} diff --git a/packetSource.h b/packetSource.h new file mode 100644 index 0000000..3cd4fb5 --- /dev/null +++ b/packetSource.h @@ -0,0 +1,54 @@ +/* + * anytun + * + * The secure anycast tunneling protocol (satp) defines a protocol used + * for communication between any combination of unicast and anycast + * tunnel endpoints. It has less protocol overhead than IPSec in Tunnel + * mode and allows tunneling of every ETHER TYPE protocol (e.g. + * ethernet, ip, arp ...). satp directly includes cryptography and + * message authentication based on the methodes used by SRTP. It is + * intended to deliver a generic, scaleable and secure solution for + * tunneling and relaying of packets of any protocol. + * + * + * Copyright (C) 2007 anytun.org <satp@wirdorange.org> + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2 + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program (see the file COPYING included with this + * distribution); if not, write to the Free Software Foundation, Inc., + * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + +#include "datatypes.h" +#include "buffer.h" +#include "PracticalSocket.h" + +class PacketSource +{ +public: + virtual ~PacketSource() {} + + virtual u_int32_t recv(Buffer buf, std::string addr, u_int16_t &port) = 0; + virtual void send(Buffer buf, std::string addr, u_int16_t port) = 0; +}; + +class UDPPacketSource : public PacketSource, public UDPSocket +{ +public: + UDPPacketSource(); + UDPPacketSource(u_int16_t port); + UDPPacketSource(std::string localaddr, u_int16_t port); + + u_int32_t recv(Buffer buf, std::string addr, u_int16_t &port); + void send(Buffer buf, std::string addr, u_int16_t port); +}; + diff --git a/tunDevice.cpp b/tunDevice.cpp index e4cc5af..8898c7f 100644 --- a/tunDevice.cpp +++ b/tunDevice.cpp @@ -140,7 +140,20 @@ char* TunDevice::getActualName() return dev_->actual_name; } -char* TunDevice::getType() +u_int32_t TunDevice::getType() +{ + if(!dev_) + return TYPE_UNDEF; + + switch(dev_->type) + { + case DEV_TYPE_TUN: return TYPE_TUN; + case DEV_TYPE_TAP: return TYPE_TAP; + } + return TYPE_UNDEF; +} + +char* TunDevice::getTypeString() { if(!dev_) return NULL; diff --git a/tunDevice.h b/tunDevice.h index ee8b45d..8d6e9bd 100644 --- a/tunDevice.h +++ b/tunDevice.h @@ -37,6 +37,10 @@ class TunDevice { public: + static const u_int32_t TYPE_UNDEF = 0; + static const u_int32_t TYPE_TUN = 1; + static const u_int32_t TYPE_TAP = 2; + TunDevice(const char* dev, const char* ifcfg_lp, const char* ifcfg_rnmp); ~TunDevice(); @@ -48,7 +52,8 @@ public: int write(Buffer& buf); char* getActualName(); - char* getType(); + u_int32_t getType(); + char* getTypeString(); private: void operator=(const TunDevice &src); |