diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/anytun.cpp | 22 | ||||
-rw-r--r-- | src/connectionList.cpp | 1 | ||||
-rw-r--r-- | src/options.cpp | 75 | ||||
-rw-r--r-- | src/options.h | 5 |
4 files changed, 75 insertions, 28 deletions
diff --git a/src/anytun.cpp b/src/anytun.cpp index 189385f..eeafc6f 100644 --- a/src/anytun.cpp +++ b/src/anytun.cpp @@ -83,6 +83,7 @@ void createConnection(const PacketSourceEndpoint & remote_end, window_size_t seq seq_nr_t seq_nr_=0; KeyDerivation * kd = KeyDerivationFactory::create(gOpt.getKdPrf()); kd->init(gOpt.getKey(), gOpt.getSalt()); + kd->setLogKDRate(gOpt.getLdKdr()); cLog.msg(Log::PRIO_NOTICE) << "added connection remote host " << remote_end; ConnectionParam connparam ((*kd), (*seq), seq_nr_, remote_end); @@ -327,15 +328,24 @@ int main(int argc, char* argv[]) bool daemonized=false; try { - -// std::cout << "anytun - secure anycast tunneling protocol" << std::endl; - if(!gOpt.parse(argc, argv)) { + cLog.msg(Log::PRIO_NOTICE) << "anytun started..."; +/// std::cout << "anytun - secure anycast tunneling protocol" << std::endl; + int32_t result = gOpt.parse(argc, argv); + if(result) { + if(result > 0) { + std::cerr << "syntax error near: " << argv[result] << std::endl << std::endl; + cLog.msg(Log::PRIO_ERR) << "syntax error, exitting"; + } + if(result == -2) { + std::cerr << "can't parse host-port definition" << std::endl << std::endl; + cLog.msg(Log::PRIO_ERR) << "can't parse host-port definition, exitting"; + } + gOpt.printUsage(); - exit(-1); + + exit(result); } - cLog.msg(Log::PRIO_NOTICE) << "anytun started..."; - std::ofstream pidFile; if(gOpt.getPidFile() != "") { pidFile.open(gOpt.getPidFile().c_str()); diff --git a/src/connectionList.cpp b/src/connectionList.cpp index d6b373f..38244b1 100644 --- a/src/connectionList.cpp +++ b/src/connectionList.cpp @@ -130,6 +130,7 @@ ConnectionParam & ConnectionList::getOrNewConnectionUnlocked(u_int16_t mux) seq_nr_t seq_nr_=0; KeyDerivation * kd = KeyDerivationFactory::create(gOpt.getKdPrf()); kd->init(Buffer(key, sizeof(key)), Buffer(salt, sizeof(salt))); +// kd->setLogKDRate(gOpt.getLdKdr()); ConnectionParam conn ( (*kd), (*seq), seq_nr_, PacketSourceEndpoint()); connections_.insert(ConnectionMap::value_type(mux, conn)); it = connections_.find(mux); diff --git a/src/options.cpp b/src/options.cpp index 868c0bb..40737af 100644 --- a/src/options.cpp +++ b/src/options.cpp @@ -37,6 +37,7 @@ #include "datatypes.h" #include "options.h" +#include "log.h" Options* Options::inst = NULL; Mutex Options::instMutex; @@ -76,6 +77,7 @@ Options::Options() : key_(u_int32_t(0)), salt_(u_int32_t(0)) seq_window_size_ = 100; cipher_ = "aes-ctr"; kd_prf_ = "aes-ctr"; + ld_kdr_ = 0; auth_algo_ = "sha1"; mux_ = 0; } @@ -92,11 +94,23 @@ Options::~Options() else if(str == SHORT || str == LONG) \ VALUE = false; +#define PARSE_SIGNED_INT_PARAM(SHORT, LONG, VALUE) \ + else if(str == SHORT || str == LONG) \ + { \ + if(argc < 1) \ + return i; \ + std::stringstream tmp; \ + tmp << argv[i+1]; \ + tmp >> VALUE; \ + argc--; \ + i++; \ + } + #define PARSE_SCALAR_PARAM(SHORT, LONG, VALUE) \ else if(str == SHORT || str == LONG) \ { \ if(argc < 1 || argv[i+1][0] == '-') \ - return false; \ + return i; \ std::stringstream tmp; \ tmp << argv[i+1]; \ tmp >> VALUE; \ @@ -109,7 +123,7 @@ Options::~Options() { \ if(argc < 2 || \ argv[i+1][0] == '-' || argv[i+2][0] == '-') \ - return false; \ + return i; \ std::stringstream tmp; \ tmp << argv[i+1] << " " << argv[i+2]; \ tmp >> VALUE1; \ @@ -122,7 +136,7 @@ Options::~Options() else if(str == SHORT || str == LONG) \ { \ if(argc < 1 || argv[i+1][0] == '-') \ - return false; \ + return i; \ VALUE = Buffer(std::string(argv[i+1])); \ for(size_t j=0; j < strlen(argv[i+1]); ++j) \ argv[i+1][j] = '#'; \ @@ -134,7 +148,7 @@ Options::~Options() else if(str == SHORT || str == LONG) \ { \ if(argc < 1 || argv[i+1][0] == '-') \ - return false; \ + return i; \ std::stringstream tmp(argv[i+1]); \ while (tmp.good()) \ { \ @@ -146,7 +160,7 @@ Options::~Options() i++; \ } -bool Options::parse(int argc, char* argv[]) +int32_t Options::parse(int argc, char* argv[]) { Lock lock(mutex); @@ -154,19 +168,19 @@ bool Options::parse(int argc, char* argv[]) argc--; std::queue<std::string> route_queue; std::queue<std::string> host_port_queue; + int32_t ld_kdr_tmp = ld_kdr_; for(int i=1; argc > 0; ++i) { std::string str(argv[i]); argc--; if(str == "-h" || str == "--help") - return false; + return -1; PARSE_INVERSE_BOOL_PARAM("-D","--nodaemonize", daemonize_) PARSE_BOOL_PARAM("-C","--chroot", chroot_) PARSE_SCALAR_PARAM("-u","--username", username_) PARSE_SCALAR_PARAM("-H","--chroot-dir", chroot_dir_) PARSE_SCALAR_PARAM("-P","--write-pid", pid_file_) - PARSE_SCALAR_PARAM("-s","--sender-id", sender_id_) PARSE_SCALAR_PARAM("-i","--interface", local_addr_) PARSE_SCALAR_PARAM("-p","--port", local_port_) PARSE_SCALAR_PARAM("-S","--sync-port", local_sync_port_) @@ -179,24 +193,28 @@ bool Options::parse(int argc, char* argv[]) PARSE_SCALAR_PARAM("-t","--type", dev_type_) PARSE_SCALAR_PARAM2("-n","--ifconfig", ifconfig_param_local_, ifconfig_param_remote_netmask_) PARSE_SCALAR_PARAM("-x","--post-up-script", post_up_script_) - PARSE_SCALAR_PARAM("-w","--window-size", seq_window_size_) + PARSE_SCALAR_PARAM("-s","--sender-id", sender_id_) PARSE_SCALAR_PARAM("-m","--mux", mux_) - PARSE_SCALAR_PARAM("-c","--cipher", cipher_) - PARSE_HEXSTRING_PARAM_SEC("-K","--key", key_) - PARSE_HEXSTRING_PARAM_SEC("-A","--salt", salt_) - PARSE_SCALAR_PARAM("-k","--kd-prf", kd_prf_) - PARSE_SCALAR_PARAM("-a","--auth-algo", auth_algo_) + PARSE_SCALAR_PARAM("-w","--window-size", seq_window_size_) PARSE_CSLIST_PARAM("-M","--sync-hosts", host_port_queue) PARSE_CSLIST_PARAM("-X","--control-host", host_port_queue) PARSE_CSLIST_PARAM("-T","--route", route_queue) + PARSE_SCALAR_PARAM("-c","--cipher", cipher_) + PARSE_SCALAR_PARAM("-k","--kd-prf", kd_prf_) + PARSE_SIGNED_INT_PARAM("-l","--ld-kdr", ld_kdr_tmp) + PARSE_SCALAR_PARAM("-a","--auth-algo", auth_algo_) + PARSE_HEXSTRING_PARAM_SEC("-K","--key", key_) + PARSE_HEXSTRING_PARAM_SEC("-A","--salt", salt_) else - return false; + return i; } + ld_kdr_ = ld_kdr_tmp; + if(cipher_ == "null" && auth_algo_ == "null") kd_prf_ = "null"; if((cipher_ != "null" || auth_algo_ != "null") && kd_prf_ == "null") - kd_prf_ = "aes-ctr"; + cLog.msg(Log::PRIO_WARNING) << "using NULL key derivation with encryption and or authentication enabled!"; if(dev_name_ == "" && dev_type_ == "") dev_type_ = "tun"; @@ -204,7 +222,7 @@ bool Options::parse(int argc, char* argv[]) while(!host_port_queue.empty()) { bool ret = splitAndAddHostPort(host_port_queue.front(), connect_to_); - if(!ret) return false; + if(!ret) return -2; host_port_queue.pop(); } while(!route_queue.empty()) @@ -218,7 +236,7 @@ bool Options::parse(int argc, char* argv[]) route_queue.pop(); routes_.push_back(rt); } - return true; + return 0; } bool Options::splitAndAddHostPort(std::string hostPort, ConnectToList& list) @@ -286,7 +304,6 @@ void Options::printUsage() std::cout << " [-u|--username] <username> if chroot change to this user" << std::endl; std::cout << " [-H|--chroot-dir] <path> chroot to this directory" << std::endl; std::cout << " [-P|--write-pid] <path> write pid to this file" << std::endl; - std::cout << " [-s|--sender-id ] <sender id> the sender id to use" << std::endl; std::cout << " [-i|--interface] <ip-address> local anycast ip address to bind to" << std::endl; std::cout << " [-p|--port] <port> local anycast(data) port to bind to" << std::endl; std::cout << " [-I|--sync-interface] <ip-address> local unicast(sync) ip address to bind to" << std::endl; @@ -302,12 +319,14 @@ void Options::printUsage() std::cout << " [-n|--ifconfig] <local> the local address for the tun/tap device" << std::endl << " <remote|netmask> the remote address(tun) or netmask(tap)" << std::endl; std::cout << " [-x|--post-up-script] <script> script gets called after interface is created" << std::endl; - std::cout << " [-w|--window-size] <window size> seqence number window size" << std::endl; + std::cout << " [-s|--sender-id ] <sender id> the sender id to use" << std::endl; std::cout << " [-m|--mux] <mux-id> the multiplex id to use" << std::endl; + std::cout << " [-w|--window-size] <window size> seqence number window size" << std::endl; std::cout << " [-c|--cipher] <cipher type> payload encryption algorithm" << std::endl; std::cout << " [-K|--key] <master key> master key to use for encryption" << std::endl; std::cout << " [-A|--salt] <master salt> master salt to use for encryption" << std::endl; -// std::cout << " [-k|--kd-prf] <kd-prf type> key derivation pseudo random function" << std::endl; + std::cout << " [-k|--kd-prf] <kd-prf type> key derivation pseudo random function" << std::endl; + std::cout << " [-l|--ld-kdr] <ld-kdr> log2 of key derivation rate" << std::endl; std::cout << " [-a|--auth-algo] <algo type> message authentication algorithm" << std::endl; std::cout << " [-T|--route] <net>/<prefix length> add a route to connection, can be invoked several times" << std::endl; } @@ -334,11 +353,12 @@ void Options::printOptions() std::cout << "ifconfig_param_remote_netmask='" << ifconfig_param_remote_netmask_ << "'" << std::endl; std::cout << "post_up_script='" << post_up_script_ << "'" << std::endl; std::cout << "seq_window_size='" << seq_window_size_ << "'" << std::endl; - std::cout << "mux_id='" << mux_ << "'" << std::endl; + std::cout << "mux_id=" << mux_ << std::endl; std::cout << "cipher='" << cipher_ << "'" << std::endl; std::cout << "key=" << key_.getHexDumpOneLine() << std::endl; std::cout << "salt=" << salt_.getHexDumpOneLine() << std::endl; std::cout << "kd_prf='" << kd_prf_ << "'" << std::endl; + std::cout << "ld_kdr=" << static_cast<int32_t>(ld_kdr_) << std::endl; std::cout << "auth_algo='" << auth_algo_ << "'" << std::endl; std::cout << "connect_to="; @@ -650,6 +670,19 @@ Options& Options::setKdPrf(std::string k) return *this; } +int8_t Options::getLdKdr() +{ + Lock lock(mutex); + return ld_kdr_; +} + +Options& Options::setLdKdr(int8_t l) +{ + Lock lock(mutex); + ld_kdr_ = l; + return *this; +} + std::string Options::getAuthAlgo() { Lock lock(mutex); diff --git a/src/options.h b/src/options.h index 56518db..87c6827 100644 --- a/src/options.h +++ b/src/options.h @@ -59,7 +59,7 @@ class Options public: static Options& instance(); - bool parse(int argc, char* argv[]); + int32_t parse(int argc, char* argv[]); void printUsage(); void printOptions(); @@ -110,6 +110,8 @@ public: Options& setCipher(std::string c); std::string getKdPrf(); Options& setKdPrf(std::string k); + int8_t getLdKdr(); + Options& setLdKdr(int8_t l); std::string getAuthAlgo(); Options& setAuthAlgo(std::string a); ConnectToList getConnectTo(); @@ -166,6 +168,7 @@ private: window_size_t seq_window_size_; std::string cipher_; std::string kd_prf_; + int8_t ld_kdr_; std::string auth_algo_; mux_t mux_; Buffer key_; |