diff options
-rw-r--r-- | src/cipher.c | 22 | ||||
-rw-r--r-- | src/options.c | 6 | ||||
-rw-r--r-- | src/plain_packet.c | 16 | ||||
-rw-r--r-- | src/plain_packet.h | 1 | ||||
-rw-r--r-- | src/uanytun.c | 79 |
5 files changed, 78 insertions, 46 deletions
diff --git a/src/cipher.c b/src/cipher.c index cbb2e56..b3a8480 100644 --- a/src/cipher.c +++ b/src/cipher.c @@ -56,8 +56,8 @@ void cipher_init(cipher_t** c, const char* type) (*c)->type_ = unknown; if(!strcmp(type, "null")) (*c)->type_ = null; - else if(!strcmp(type, "aes-ctr")) - (*c)->type_ = aes_ctr; +/* else if(!strcmp(type, "aes-ctr")) */ +/* (*c)->type_ = aes_ctr; */ else { log_printf(ERR, "unknown cipher type"); } @@ -128,10 +128,10 @@ void cipher_encrypt(cipher_t* c, plain_packet_t* in, encrypted_packet_t* out, se if(c->type_ = null) len = cipher_null_encrypt(plain_packet_get_packet(in), plain_packet_get_length(in), encrypted_packet_get_payload(out), encrypted_packet_get_payload_length(out)); - else if(c->type_ = aes_ctr) - len = cipher_aesctr_encrypt(plain_packet_get_packet(in), plain_packet_get_length(in), - encrypted_packet_get_payload(out), encrypted_packet_get_payload_length(out), - seq_nr, sender_id, mux); +/* else if(c->type_ = aes_ctr) */ +/* len = cipher_aesctr_encrypt(plain_packet_get_packet(in), plain_packet_get_length(in), */ +/* encrypted_packet_get_payload(out), encrypted_packet_get_payload_length(out), */ +/* seq_nr, sender_id, mux); */ else { log_printf(ERR, "unknown cipher type"); return; @@ -153,11 +153,11 @@ void cipher_decrypt(cipher_t* c, encrypted_packet_t* in, plain_packet_t* out) if(c->type_ = null) len = cipher_null_decrypt(encrypted_packet_get_payload(in), encrypted_packet_get_payload_length(in), plain_packet_get_packet(out), plain_packet_get_length(out)); - else if(c->type_ = aes_ctr) - len = cipher_aesctr_decrypt(encrypted_packet_get_payload(in), encrypted_packet_get_payload_length(in), - plain_packet_get_packet(out), plain_packet_get_length(out), - encrypted_packet_get_seq_nr(in), encrypted_packet_get_sender_id(in), - encrypted_packet_get_mux(in)); +/* else if(c->type_ = aes_ctr) */ +/* len = cipher_aesctr_decrypt(encrypted_packet_get_payload(in), encrypted_packet_get_payload_length(in), */ +/* plain_packet_get_packet(out), plain_packet_get_length(out), */ +/* encrypted_packet_get_seq_nr(in), encrypted_packet_get_sender_id(in), */ +/* encrypted_packet_get_mux(in)); */ else { log_printf(ERR, "unknown cipher type"); return; diff --git a/src/options.c b/src/options.c index 21ff0bc..79f60e8 100644 --- a/src/options.c +++ b/src/options.c @@ -213,9 +213,9 @@ void options_default(options_t* opt) opt->ifconfig_param_remote_netmask_ = NULL; opt->post_up_script_ = NULL; opt->seq_window_size_ = 100; - opt->cipher_ = strdup("aes-ctr"); - opt->kd_prf_ = strdup("aes-ctr"); - opt->auth_algo_ = strdup("sha1"); + opt->cipher_ = strdup("null"); + opt->kd_prf_ = strdup("null"); + opt->auth_algo_ = strdup("null"); opt->mux_ = 0; opt->key_.buf_ = NULL; opt->key_.length_ = 0; diff --git a/src/plain_packet.c b/src/plain_packet.c index 69338c1..d11a710 100644 --- a/src/plain_packet.c +++ b/src/plain_packet.c @@ -38,6 +38,7 @@ #include <stdlib.h> #include <string.h> +#include <netinet/ip.h> void plain_packet_init(plain_packet_t* packet) { @@ -118,5 +119,18 @@ void plain_packet_set_type(plain_packet_t* packet, payload_type_t type) if(!packet) return; - packet->data_.payload_type_ = PAYLOAD_TYPE_T_HTON(type); + if(type == PAYLOAD_TYPE_TUN) { + if(!packet->payload_length_) { + packet->data_.payload_type_ = PAYLOAD_TYPE_T_HTON(PAYLOAD_TYPE_TUN); + return; + } + + struct ip* hdr = (struct ip*)(packet->data_.buf_ + sizeof(payload_type_t)); + if(hdr->ip_v == 4) + packet->data_.payload_type_ = PAYLOAD_TYPE_T_HTON(PAYLOAD_TYPE_TUN4); + else if(hdr->ip_v == 6) + packet->data_.payload_type_ = PAYLOAD_TYPE_T_HTON(PAYLOAD_TYPE_TUN6); + } + else + packet->data_.payload_type_ = PAYLOAD_TYPE_T_HTON(type); } diff --git a/src/plain_packet.h b/src/plain_packet.h index ed967b6..723fe5a 100644 --- a/src/plain_packet.h +++ b/src/plain_packet.h @@ -41,6 +41,7 @@ #define PAYLOAD_TYPE_TUN 0x0000 #define PAYLOAD_TYPE_TUN4 0x0800 #define PAYLOAD_TYPE_TUN6 0x86DD +#define PAYLOAD_TYPE_UNKNOWN 0xFFFF struct plain_packet_struct { u_int32_t payload_length_; diff --git a/src/uanytun.c b/src/uanytun.c index a7e1f7d..649ac7a 100644 --- a/src/uanytun.c +++ b/src/uanytun.c @@ -53,7 +53,7 @@ #include "daemon.h" #include "sysexec.h" -void main_loop(tun_device_t* dev, udp_socket_t* sock, options_t* opt) +int main_loop(tun_device_t* dev, udp_socket_t* sock, options_t* opt) { log_printf(INFO, "entering main loop"); @@ -65,6 +65,13 @@ void main_loop(tun_device_t* dev, udp_socket_t* sock, options_t* opt) udp_endpoint_t remote; seq_nr_t seq_nr = 0; + cipher_t* c; + cipher_init(&c, opt->cipher_); + if(!c) { + log_printf(ERR, "could not initialize cipher of type %s", opt->cipher_); + return -1; + } + while(1) { plain_packet_set_payload_length(&plain_packet, -1); encrypted_packet_set_length(&encrypted_packet, -1); @@ -72,42 +79,51 @@ void main_loop(tun_device_t* dev, udp_socket_t* sock, options_t* opt) // TODO: add select // if dev->fd_ is ready: - len = tun_read(dev, plain_packet_get_payload(&plain_packet), plain_packet_get_payload_length(&plain_packet)); - plain_packet_set_payload_length(&plain_packet, len); - - // TODO: cipher packet - // TODO: add auth-tag - - encrypted_packet_set_seq_nr(&encrypted_packet, seq_nr); - encrypted_packet_set_sender_id(&encrypted_packet, opt->sender_id_); - encrypted_packet_set_mux(&encrypted_packet, opt->mux_); - - udp_write(sock, encrypted_packet_get_packet(&encrypted_packet), encrypted_packet_get_length(&encrypted_packet)); - - + if(1) { + len = tun_read(dev, plain_packet_get_payload(&plain_packet), plain_packet_get_payload_length(&plain_packet)); + plain_packet_set_payload_length(&plain_packet, len); + + if(dev->type_ = TYPE_TUN) + plain_packet_set_type(&plain_packet, PAYLOAD_TYPE_TUN); + else if(dev->type_ = TYPE_TAP) + plain_packet_set_type(&plain_packet, PAYLOAD_TYPE_TAP); + else + plain_packet_set_type(&plain_packet, PAYLOAD_TYPE_UNKNOWN); + + cipher_encrypt(c, &plain_packet, &encrypted_packet, seq_nr, opt->sender_id_, opt->mux_); + seq_nr++; + + // TODO: add auth-tag + + udp_write(sock, encrypted_packet_get_packet(&encrypted_packet), encrypted_packet_get_length(&encrypted_packet)); + } // if sock->fd_ is ready: - len = udp_read(sock, encrypted_packet_get_packet(&encrypted_packet), encrypted_packet_get_length(&encrypted_packet), &remote); - encrypted_packet_set_length(&encrypted_packet, len); +/* len = udp_read(sock, encrypted_packet_get_packet(&encrypted_packet), encrypted_packet_get_length(&encrypted_packet), &remote); */ +/* encrypted_packet_set_length(&encrypted_packet, len); */ - // TODO: check auth-tag +/* // TODO: check auth-tag */ - if(encrypted_packet_get_mux(&encrypted_packet) != opt->mux_) - continue; +/* if(encrypted_packet_get_mux(&encrypted_packet) != opt->mux_) */ +/* continue; */ - // TODO: check seq nr for sender id +/* // TODO: check seq nr for sender id */ - if(memcmp(&remote, &(sock->remote_end_), sizeof(remote))) { - memcpy(&(sock->remote_end_), &remote, sizeof(remote)); - char* addrstring = udp_endpoint_to_string(remote); - log_printf(NOTICE, "autodetected remote host changed %s", addrstring); - free(addrstring); - } +/* if(memcmp(&remote, &(sock->remote_end_), sizeof(remote))) { */ +/* memcpy(&(sock->remote_end_), &remote, sizeof(remote)); */ +/* char* addrstring = udp_endpoint_to_string(remote); */ +/* log_printf(NOTICE, "autodetected remote host changed %s", addrstring); */ +/* free(addrstring); */ +/* } */ - // TODO: decipher packet +/* // TODO: decipher packet */ - tun_write(dev, plain_packet_get_payload(&plain_packet), plain_packet_get_payload_length(&plain_packet)); +/* tun_write(dev, plain_packet_get_payload(&plain_packet), plain_packet_get_payload_length(&plain_packet)); */ } + + cipher_close(&c); + + return 0; } void print_hex_dump(const u_int8_t* buf, u_int32_t len) @@ -195,13 +211,14 @@ int main(int argc, char* argv[]) fclose(pid_file); } - main_loop(dev, sock, opt); + ret = main_loop(dev, sock, opt); tun_close(&dev); udp_close(&sock); options_clear(&opt); - log_printf(NOTICE, "normal shutdown"); + if(!ret) + log_printf(NOTICE, "normal shutdown"); - return 0; + return ret; } |