summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--anytun.cpp45
-rw-r--r--keyDerivation.cpp6
-rw-r--r--packetSource.cpp8
-rw-r--r--packetSource.h8
-rw-r--r--tunDevice.cpp8
-rw-r--r--tunDevice.h4
-rw-r--r--wireshark-lua/satp.lua10
7 files changed, 48 insertions, 41 deletions
diff --git a/anytun.cpp b/anytun.cpp
index e679281..4312fa4 100644
--- a/anytun.cpp
+++ b/anytun.cpp
@@ -91,6 +91,7 @@ void createConnection(const std::string & remote_host, u_int16_t remote_port, Co
seq_nr_t seq_nr_=0;
KeyDerivation * kd = new KeyDerivation;
kd->init(Buffer(key, sizeof(key)), Buffer(salt, sizeof(salt)));
+ kd->setLogKDRate(0);
cLog.msg(Log::PRIO_NOTICE) << "added connection remote host " << remote_host << ":" << remote_port;
ConnectionParam connparam ( (*kd), (*seq), seq_nr_, remote_host, remote_port);
cl.addConnection(connparam,0);
@@ -144,10 +145,14 @@ void* sender(void* p)
u_int16_t mux = 0;
while(1)
{
+ plain_packet.setLength(MAX_PACKET_LENGTH);
+ encrypted_packet.setLength(MAX_PACKET_LENGTH);
// read packet from device
- u_int32_t len = param->dev.read(plain_packet);
+ u_int32_t len = param->dev.read(plain_packet.getPayload(), plain_packet.getPayloadLength());
plain_packet.setLength(len);
+ std::cout << "plain_packet.getPayloadLength() = " << plain_packet.getPayloadLength() << std::endl;
+
if(param->cl.empty())
continue;
@@ -167,6 +172,13 @@ void* sender(void* p)
// generate packet-key
conn.kd_.generate(LABEL_SATP_ENCRYPTION, conn.seq_nr_, session_key);
conn.kd_.generate(LABEL_SATP_SALT, conn.seq_nr_, session_salt);
+
+ std::cout << "session_key: ";
+ std::cout << session_key.getHexDump();
+ std::cout << "session_salt: ";
+ std::cout << session_salt.getHexDump() << std::endl;
+
+
c->setKey(session_key);
c->setSalt(session_salt);
@@ -180,7 +192,10 @@ void* sender(void* p)
// conn.kd_.generate(LABEL_SATP_MSG_AUTH, encrypted_packet.getSeqNr(), session_auth_key);
// a->setKey(session_auth_key);
// addPacketAuthTag(encrypted_packet, a.get(), conn);
- param->src.send(encrypted_packet, conn.remote_host_, conn.remote_port_);
+
+ std::cout << "encrypted_packet.getLength() = " << encrypted_packet.getLength() << std::endl << std::endl;
+
+ param->src.send(encrypted_packet.getBuf(), encrypted_packet.getLength(), conn.remote_host_, conn.remote_port_);
}
pthread_exit(NULL);
}
@@ -226,8 +241,8 @@ void* receiver(void* p)
std::auto_ptr<Cipher> c( CipherFactory::create(param->opt.getCipher()) );
// std::auto_ptr<AuthAlgo> a( AuthAlgoFactory::create(param->opt.getAuthAlgo()) );
- EncryptedPacket encrypted_packet(1600); // TODO: dynamic mtu size
- PlainPacket plain_packet(1600);
+ EncryptedPacket encrypted_packet(MAX_PACKET_LENGTH);
+ PlainPacket plain_packet(MAX_PACKET_LENGTH);
Buffer session_key(u_int32_t(SESSION_KEYLEN_ENCR)); // TODO: hardcoded size
Buffer session_salt(u_int32_t(SESSION_KEYLEN_SALT)); // TODO: hardcoded size
@@ -238,8 +253,11 @@ void* receiver(void* p)
string remote_host;
u_int16_t remote_port;
+ plain_packet.setLength(MAX_PACKET_LENGTH);
+ encrypted_packet.setLength(MAX_PACKET_LENGTH);
+
// read packet from socket
- u_int32_t len = param->src.recv(encrypted_packet, remote_host, remote_port);
+ u_int32_t len = param->src.recv(encrypted_packet.getBuf(), encrypted_packet.getLength(), remote_host, remote_port);
encrypted_packet.setLength(len);
// TODO: check auth tag first
@@ -289,7 +307,7 @@ void* receiver(void* p)
continue;
// write it on the device
- param->dev.write(plain_packet);
+ param->dev.write(plain_packet.getPayload(), plain_packet.getLength());
}
pthread_exit(NULL);
}
@@ -313,20 +331,7 @@ bool initLibGCrypt()
std::cout << "initLibGCrypt: Invalid Version of libgcrypt, should be >= " << MIN_GCRYPT_VERSION << std::endl;
return false;
}
-
- // do NOT allocate a pool uof secure memory! Q@NINE?
- // this is NOT thread safe! ?????????????????????????????????? why secure memory????????
-
- /* Allocate a pool of 16k secure memory. This also drops priviliges
- * on some systems. */
-// err = gcry_control(GCRYCTL_INIT_SECMEM, GCRYPT_SEC_MEM, 0);
-// if( err )
-// {
-// cLog.msg(Log::PRIO_ERR) << "Failed to allocate " << GCRYPT_SEC_MEM << " bytes of secure memory: " << gpg_strerror( err );
-// std::cout << "Failed to allocate " << GCRYPT_SEC_MEM << " bytes of secure memory: " << gpg_strerror( err ) << std::endl;
-// return false;
-// }
-
+
// Tell Libgcrypt that initialization has completed.
gcry_error_t err = gcry_control(GCRYCTL_INITIALIZATION_FINISHED);
if( err ) {
diff --git a/keyDerivation.cpp b/keyDerivation.cpp
index dbafec6..cfd70d4 100644
--- a/keyDerivation.cpp
+++ b/keyDerivation.cpp
@@ -102,8 +102,10 @@ void KeyDerivation::generate(satp_prf_label label, seq_nr_t seq_nr, Buffer& key)
r = 0; // TODO: no new key should be generated if r == 0, except it is the first time
else
{
- Mpi seq = seq_nr;
- Mpi rate = 1;
+ Mpi seq(32);
+ seq = seq_nr;
+ Mpi rate(48);
+ rate = 1;
rate = rate.mul2exp(ld_kdr_);
r = seq / rate;
}
diff --git a/packetSource.cpp b/packetSource.cpp
index 063d142..5264302 100644
--- a/packetSource.cpp
+++ b/packetSource.cpp
@@ -46,12 +46,12 @@ UDPPacketSource::UDPPacketSource(std::string localaddr, u_int16_t port) : UDPSoc
{
}
-u_int32_t UDPPacketSource::recv(Buffer& buf, std::string& addr, u_int16_t &port)
+u_int32_t UDPPacketSource::recv(u_int8_t* buf, u_int32_t len, std::string& addr, u_int16_t &port)
{
- return recvFrom(buf, buf.getLength(), addr, port);
+ return recvFrom(buf, len, addr, port);
}
-void UDPPacketSource::send(Buffer& buf, std::string addr, u_int16_t port)
+void UDPPacketSource::send(u_int8_t* buf, u_int32_t len, std::string addr, u_int16_t port)
{
- sendTo(buf, buf.getLength(), addr, port);
+ sendTo(buf, len, addr, port);
}
diff --git a/packetSource.h b/packetSource.h
index a085b04..81abef8 100644
--- a/packetSource.h
+++ b/packetSource.h
@@ -37,8 +37,8 @@ class PacketSource
public:
virtual ~PacketSource() {}
- virtual u_int32_t recv(Buffer& buf, std::string& addr, u_int16_t &port) = 0;
- virtual void send(Buffer& buf, std::string addr, u_int16_t port) = 0;
+ virtual u_int32_t recv(u_int8_t* buf, u_int32_t len, std::string& addr, u_int16_t &port) = 0;
+ virtual void send(u_int8_t* buf, u_int32_t len, std::string addr, u_int16_t port) = 0;
};
class UDPPacketSource : public PacketSource, public UDPSocket
@@ -48,7 +48,7 @@ public:
UDPPacketSource(u_int16_t port);
UDPPacketSource(std::string localaddr, u_int16_t port);
- u_int32_t recv(Buffer& buf, std::string& addr, u_int16_t &port);
- void send(Buffer& buf, std::string addr, u_int16_t port);
+ u_int32_t recv(u_int8_t* buf, u_int32_t len, std::string& addr, u_int16_t &port);
+ void send(u_int8_t* buf, u_int32_t len, std::string addr, u_int16_t port);
};
diff --git a/tunDevice.cpp b/tunDevice.cpp
index 81f4cbb..b1ba686 100644
--- a/tunDevice.cpp
+++ b/tunDevice.cpp
@@ -110,7 +110,7 @@ TunDevice::~TunDevice()
close_tun(dev_);
}
-short TunDevice::read(Buffer& buf)
+short TunDevice::read(u_int8_t* buf, u_int32_t len)
{
if(!dev_)
return -1;
@@ -121,15 +121,15 @@ short TunDevice::read(Buffer& buf)
pfd[0].revents = 0;
poll(pfd, 1, -1);
Lock lock(io_mutex_);
- return read_tun(dev_, buf, buf.getLength());
+ return read_tun(dev_, buf, len);
}
-int TunDevice::write(Buffer& buf)
+int TunDevice::write(u_int8_t* buf, u_int32_t len)
{
if(!dev_)
return -1;
Lock lock(io_mutex_);
- return write_tun(dev_, buf, buf.getLength());
+ return write_tun(dev_, buf, len);
}
char* TunDevice::getActualName()
diff --git a/tunDevice.h b/tunDevice.h
index 7e4493c..af08132 100644
--- a/tunDevice.h
+++ b/tunDevice.h
@@ -48,8 +48,8 @@ public:
void close();
bool isOpen();
- short read(Buffer& buf);
- int write(Buffer& buf);
+ short read(u_int8_t* buf, u_int32_t len);
+ int write(u_int8_t* buf, u_int32_t len);
char* getActualName();
u_int32_t getType();
diff --git a/wireshark-lua/satp.lua b/wireshark-lua/satp.lua
index d6a8b76..50c7c32 100644
--- a/wireshark-lua/satp.lua
+++ b/wireshark-lua/satp.lua
@@ -13,16 +13,16 @@ do
subtree:add(buffer(0,4),"Sequence Number: " .. buffer(0,4):uint())
subtree:add(buffer(4,2),"Sender ID: " .. buffer(4,2):uint())
subtree:add(buffer(6,2),"Mux: " .. buffer(6,2):uint())
- subtree:add(buffer(8,2),"Payload Type: " .. buffer(8,2):uint())
+-- subtree:add(buffer(8,2),"Payload Type: " .. buffer(8,2):uint())
local data_dis = Dissector.get("data")
local payload_dis = Dissector.get("ip")
- if payload_dis ~= nil then
- payload_dis:call(buffer(10):tvb(),pinfo,tree)
- else
+-- if payload_dis ~= nil then
+-- payload_dis:call(buffer(10):tvb(),pinfo,tree)
+-- else
data_dis:call(buffer(10):tvb(),pinfo,tree)
- end
+-- end
end
-- load the udp.port table
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-07 17:50:29 +0000