summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/cipher.c22
-rw-r--r--src/options.c6
-rw-r--r--src/plain_packet.c16
-rw-r--r--src/plain_packet.h1
-rw-r--r--src/uanytun.c79
5 files changed, 78 insertions, 46 deletions
diff --git a/src/cipher.c b/src/cipher.c
index cbb2e56..b3a8480 100644
--- a/src/cipher.c
+++ b/src/cipher.c
@@ -56,8 +56,8 @@ void cipher_init(cipher_t** c, const char* type)
(*c)->type_ = unknown;
if(!strcmp(type, "null"))
(*c)->type_ = null;
- else if(!strcmp(type, "aes-ctr"))
- (*c)->type_ = aes_ctr;
+/* else if(!strcmp(type, "aes-ctr")) */
+/* (*c)->type_ = aes_ctr; */
else {
log_printf(ERR, "unknown cipher type");
}
@@ -128,10 +128,10 @@ void cipher_encrypt(cipher_t* c, plain_packet_t* in, encrypted_packet_t* out, se
if(c->type_ = null)
len = cipher_null_encrypt(plain_packet_get_packet(in), plain_packet_get_length(in),
encrypted_packet_get_payload(out), encrypted_packet_get_payload_length(out));
- else if(c->type_ = aes_ctr)
- len = cipher_aesctr_encrypt(plain_packet_get_packet(in), plain_packet_get_length(in),
- encrypted_packet_get_payload(out), encrypted_packet_get_payload_length(out),
- seq_nr, sender_id, mux);
+/* else if(c->type_ = aes_ctr) */
+/* len = cipher_aesctr_encrypt(plain_packet_get_packet(in), plain_packet_get_length(in), */
+/* encrypted_packet_get_payload(out), encrypted_packet_get_payload_length(out), */
+/* seq_nr, sender_id, mux); */
else {
log_printf(ERR, "unknown cipher type");
return;
@@ -153,11 +153,11 @@ void cipher_decrypt(cipher_t* c, encrypted_packet_t* in, plain_packet_t* out)
if(c->type_ = null)
len = cipher_null_decrypt(encrypted_packet_get_payload(in), encrypted_packet_get_payload_length(in),
plain_packet_get_packet(out), plain_packet_get_length(out));
- else if(c->type_ = aes_ctr)
- len = cipher_aesctr_decrypt(encrypted_packet_get_payload(in), encrypted_packet_get_payload_length(in),
- plain_packet_get_packet(out), plain_packet_get_length(out),
- encrypted_packet_get_seq_nr(in), encrypted_packet_get_sender_id(in),
- encrypted_packet_get_mux(in));
+/* else if(c->type_ = aes_ctr) */
+/* len = cipher_aesctr_decrypt(encrypted_packet_get_payload(in), encrypted_packet_get_payload_length(in), */
+/* plain_packet_get_packet(out), plain_packet_get_length(out), */
+/* encrypted_packet_get_seq_nr(in), encrypted_packet_get_sender_id(in), */
+/* encrypted_packet_get_mux(in)); */
else {
log_printf(ERR, "unknown cipher type");
return;
diff --git a/src/options.c b/src/options.c
index 21ff0bc..79f60e8 100644
--- a/src/options.c
+++ b/src/options.c
@@ -213,9 +213,9 @@ void options_default(options_t* opt)
opt->ifconfig_param_remote_netmask_ = NULL;
opt->post_up_script_ = NULL;
opt->seq_window_size_ = 100;
- opt->cipher_ = strdup("aes-ctr");
- opt->kd_prf_ = strdup("aes-ctr");
- opt->auth_algo_ = strdup("sha1");
+ opt->cipher_ = strdup("null");
+ opt->kd_prf_ = strdup("null");
+ opt->auth_algo_ = strdup("null");
opt->mux_ = 0;
opt->key_.buf_ = NULL;
opt->key_.length_ = 0;
diff --git a/src/plain_packet.c b/src/plain_packet.c
index 69338c1..d11a710 100644
--- a/src/plain_packet.c
+++ b/src/plain_packet.c
@@ -38,6 +38,7 @@
#include <stdlib.h>
#include <string.h>
+#include <netinet/ip.h>
void plain_packet_init(plain_packet_t* packet)
{
@@ -118,5 +119,18 @@ void plain_packet_set_type(plain_packet_t* packet, payload_type_t type)
if(!packet)
return;
- packet->data_.payload_type_ = PAYLOAD_TYPE_T_HTON(type);
+ if(type == PAYLOAD_TYPE_TUN) {
+ if(!packet->payload_length_) {
+ packet->data_.payload_type_ = PAYLOAD_TYPE_T_HTON(PAYLOAD_TYPE_TUN);
+ return;
+ }
+
+ struct ip* hdr = (struct ip*)(packet->data_.buf_ + sizeof(payload_type_t));
+ if(hdr->ip_v == 4)
+ packet->data_.payload_type_ = PAYLOAD_TYPE_T_HTON(PAYLOAD_TYPE_TUN4);
+ else if(hdr->ip_v == 6)
+ packet->data_.payload_type_ = PAYLOAD_TYPE_T_HTON(PAYLOAD_TYPE_TUN6);
+ }
+ else
+ packet->data_.payload_type_ = PAYLOAD_TYPE_T_HTON(type);
}
diff --git a/src/plain_packet.h b/src/plain_packet.h
index ed967b6..723fe5a 100644
--- a/src/plain_packet.h
+++ b/src/plain_packet.h
@@ -41,6 +41,7 @@
#define PAYLOAD_TYPE_TUN 0x0000
#define PAYLOAD_TYPE_TUN4 0x0800
#define PAYLOAD_TYPE_TUN6 0x86DD
+#define PAYLOAD_TYPE_UNKNOWN 0xFFFF
struct plain_packet_struct {
u_int32_t payload_length_;
diff --git a/src/uanytun.c b/src/uanytun.c
index a7e1f7d..649ac7a 100644
--- a/src/uanytun.c
+++ b/src/uanytun.c
@@ -53,7 +53,7 @@
#include "daemon.h"
#include "sysexec.h"
-void main_loop(tun_device_t* dev, udp_socket_t* sock, options_t* opt)
+int main_loop(tun_device_t* dev, udp_socket_t* sock, options_t* opt)
{
log_printf(INFO, "entering main loop");
@@ -65,6 +65,13 @@ void main_loop(tun_device_t* dev, udp_socket_t* sock, options_t* opt)
udp_endpoint_t remote;
seq_nr_t seq_nr = 0;
+ cipher_t* c;
+ cipher_init(&c, opt->cipher_);
+ if(!c) {
+ log_printf(ERR, "could not initialize cipher of type %s", opt->cipher_);
+ return -1;
+ }
+
while(1) {
plain_packet_set_payload_length(&plain_packet, -1);
encrypted_packet_set_length(&encrypted_packet, -1);
@@ -72,42 +79,51 @@ void main_loop(tun_device_t* dev, udp_socket_t* sock, options_t* opt)
// TODO: add select
// if dev->fd_ is ready:
- len = tun_read(dev, plain_packet_get_payload(&plain_packet), plain_packet_get_payload_length(&plain_packet));
- plain_packet_set_payload_length(&plain_packet, len);
-
- // TODO: cipher packet
- // TODO: add auth-tag
-
- encrypted_packet_set_seq_nr(&encrypted_packet, seq_nr);
- encrypted_packet_set_sender_id(&encrypted_packet, opt->sender_id_);
- encrypted_packet_set_mux(&encrypted_packet, opt->mux_);
-
- udp_write(sock, encrypted_packet_get_packet(&encrypted_packet), encrypted_packet_get_length(&encrypted_packet));
-
-
+ if(1) {
+ len = tun_read(dev, plain_packet_get_payload(&plain_packet), plain_packet_get_payload_length(&plain_packet));
+ plain_packet_set_payload_length(&plain_packet, len);
+
+ if(dev->type_ = TYPE_TUN)
+ plain_packet_set_type(&plain_packet, PAYLOAD_TYPE_TUN);
+ else if(dev->type_ = TYPE_TAP)
+ plain_packet_set_type(&plain_packet, PAYLOAD_TYPE_TAP);
+ else
+ plain_packet_set_type(&plain_packet, PAYLOAD_TYPE_UNKNOWN);
+
+ cipher_encrypt(c, &plain_packet, &encrypted_packet, seq_nr, opt->sender_id_, opt->mux_);
+ seq_nr++;
+
+ // TODO: add auth-tag
+
+ udp_write(sock, encrypted_packet_get_packet(&encrypted_packet), encrypted_packet_get_length(&encrypted_packet));
+ }
// if sock->fd_ is ready:
- len = udp_read(sock, encrypted_packet_get_packet(&encrypted_packet), encrypted_packet_get_length(&encrypted_packet), &remote);
- encrypted_packet_set_length(&encrypted_packet, len);
+/* len = udp_read(sock, encrypted_packet_get_packet(&encrypted_packet), encrypted_packet_get_length(&encrypted_packet), &remote); */
+/* encrypted_packet_set_length(&encrypted_packet, len); */
- // TODO: check auth-tag
+/* // TODO: check auth-tag */
- if(encrypted_packet_get_mux(&encrypted_packet) != opt->mux_)
- continue;
+/* if(encrypted_packet_get_mux(&encrypted_packet) != opt->mux_) */
+/* continue; */
- // TODO: check seq nr for sender id
+/* // TODO: check seq nr for sender id */
- if(memcmp(&remote, &(sock->remote_end_), sizeof(remote))) {
- memcpy(&(sock->remote_end_), &remote, sizeof(remote));
- char* addrstring = udp_endpoint_to_string(remote);
- log_printf(NOTICE, "autodetected remote host changed %s", addrstring);
- free(addrstring);
- }
+/* if(memcmp(&remote, &(sock->remote_end_), sizeof(remote))) { */
+/* memcpy(&(sock->remote_end_), &remote, sizeof(remote)); */
+/* char* addrstring = udp_endpoint_to_string(remote); */
+/* log_printf(NOTICE, "autodetected remote host changed %s", addrstring); */
+/* free(addrstring); */
+/* } */
- // TODO: decipher packet
+/* // TODO: decipher packet */
- tun_write(dev, plain_packet_get_payload(&plain_packet), plain_packet_get_payload_length(&plain_packet));
+/* tun_write(dev, plain_packet_get_payload(&plain_packet), plain_packet_get_payload_length(&plain_packet)); */
}
+
+ cipher_close(&c);
+
+ return 0;
}
void print_hex_dump(const u_int8_t* buf, u_int32_t len)
@@ -195,13 +211,14 @@ int main(int argc, char* argv[])
fclose(pid_file);
}
- main_loop(dev, sock, opt);
+ ret = main_loop(dev, sock, opt);
tun_close(&dev);
udp_close(&sock);
options_clear(&opt);
- log_printf(NOTICE, "normal shutdown");
+ if(!ret)
+ log_printf(NOTICE, "normal shutdown");
- return 0;
+ return ret;
}