From 65dd1b1e7b663d5b1f18171ff1de0b46a6196d2c Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Sun, 28 Dec 2008 10:36:20 +0000 Subject: added encrypted packet some cleanup --- src/Makefile | 4 ++ src/encrypted_packet.c | 139 +++++++++++++++++++++++++++++++++++++++++++++++++ src/encrypted_packet.h | 80 ++++++++++++++++++++++++++++ src/plain_packet.c | 10 ++-- src/plain_packet.h | 2 +- src/uanytun.c | 72 ++++++++++++++----------- 6 files changed, 271 insertions(+), 36 deletions(-) create mode 100644 src/encrypted_packet.c create mode 100644 src/encrypted_packet.h (limited to 'src') diff --git a/src/Makefile b/src/Makefile index 37cd8bf..d2461ad 100644 --- a/src/Makefile +++ b/src/Makefile @@ -50,6 +50,7 @@ OBJS = log.o \ tun.o \ udp.o \ plain_packet.o \ + encrypted_packet.o \ uanytun.o EXECUTABLE = uanytun @@ -77,6 +78,9 @@ udp.o: udp.c udp.h plain_packet.o: plain_packet.c plain_packet.h $(CC) $(CCFLAGS) $< -c +encrypted_packet.o: encrypted_packet.c encrypted_packet.h + $(CC) $(CCFLAGS) $< -c + distclean: clean find . -name *.o -exec rm -f {} \; find . -name "*.\~*" -exec rm -rf {} \; diff --git a/src/encrypted_packet.c b/src/encrypted_packet.c new file mode 100644 index 0000000..7be3cd5 --- /dev/null +++ b/src/encrypted_packet.c @@ -0,0 +1,139 @@ +/* + * ľAnytun + * + * ľAnytun is a tiny implementation of SATP. Unlike Anytun which is a full + * featured implementation ľAnytun has no support for multiple connections + * or synchronisation. It is a small single threaded implementation intended + * to act as a client on small platforms. + * The secure anycast tunneling protocol (satp) defines a protocol used + * for communication between any combination of unicast and anycast + * tunnel endpoints. It has less protocol overhead than IPSec in Tunnel + * mode and allows tunneling of every ETHER TYPE protocol (e.g. + * ethernet, ip, arp ...). satp directly includes cryptography and + * message authentication based on the methodes used by SRTP. It is + * intended to deliver a generic, scaleable and secure solution for + * tunneling and relaying of packets of any protocol. + * + * + * Copyright (C) 2007-2008 Christian Pointner + * + * This file is part of ľAnytun. + * + * ľAnytun is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3 as + * published by the Free Software Foundation. + * + * ľAnytun is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with ľAnytun. If not, see . + */ + +#include "datatypes.h" + +#include "encrypted_packet.h" + +#include +#include + +void encrypted_packet_init(encrypted_packet_t* packet) +{ + if(!packet) + return; + + memset (packet, 0, sizeof(*packet)); +} + +u_int8_t* encrypted_packet_get_packet(encrypted_packet_t* packet) +{ + if(!packet) + return NULL; + + return packet->data_.buf_; +} + +u_int32_t encrypted_packet_get_length(encrypted_packet_t* packet) +{ + if(!packet) + return 0; + + return (packet->payload_length_ + sizeof(encrypted_packet_header_t)); +} + +u_int8_t* encrypted_packet_get_payload(encrypted_packet_t* packet) +{ + if(!packet) + return NULL; + + return (packet->data_.buf_ + sizeof(encrypted_packet_header_t)); +} + +u_int32_t encrypted_packet_get_payload_length(encrypted_packet_t* packet) +{ + if(!packet) + return 0; + + return packet->payload_length_; +} + +void encrypted_packet_set_payload_length(encrypted_packet_t* packet, u_int32_t len) +{ + if(!packet) + return; + + if(len > ENCRYPTED_PACKET_SIZE_MAX || (len + sizeof(encrypted_packet_header_t)) > ENCRYPTED_PACKET_SIZE_MAX) + len = ENCRYPTED_PACKET_SIZE_MAX - sizeof(encrypted_packet_header_t); + + packet->payload_length_ = len; +} + +seq_nr_t encrypted_packet_get_seq_nr(encrypted_packet_t* packet) +{ + if(!packet) + return 0; + + return SEQ_NR_T_NTOH(packet->data_.header_.seq_nr_); +} + +void encrypted_packet_set_seq_nr(encrypted_packet_t* packet, seq_nr_t seq_nr) +{ + if(!packet) + return; + + packet->data_.header_.seq_nr_ = SEQ_NR_T_HTON(seq_nr); +} + +sender_id_t encrypted_packet_get_sender_id(encrypted_packet_t* packet) +{ + if(!packet) + return 0; + + return SENDER_ID_T_NTOH(packet->data_.header_.sender_id_); +} + +void encrypted_packet_set_sender_id(encrypted_packet_t* packet, sender_id_t sender_id) +{ + if(!packet) + return; + + packet->data_.header_.sender_id_ = SENDER_ID_T_HTON(sender_id); +} + +mux_t encrypted_packet_get_mux(encrypted_packet_t* packet) +{ + if(!packet) + return 0; + + return MUX_T_NTOH(packet->data_.header_.mux_); +} + +void encrypted_packet_set_mux(encrypted_packet_t* packet, mux_t mux) +{ + if(!packet) + return; + + packet->data_.header_.mux_ = MUX_T_HTON(mux); +} diff --git a/src/encrypted_packet.h b/src/encrypted_packet.h new file mode 100644 index 0000000..f2011a0 --- /dev/null +++ b/src/encrypted_packet.h @@ -0,0 +1,80 @@ +/* + * ľAnytun + * + * ľAnytun is a tiny implementation of SATP. Unlike Anytun which is a full + * featured implementation ľAnytun has no support for multiple connections + * or synchronisation. It is a small single threaded implementation intended + * to act as a client on small platforms. + * The secure anycast tunneling protocol (satp) defines a protocol used + * for communication between any combination of unicast and anycast + * tunnel endpoints. It has less protocol overhead than IPSec in Tunnel + * mode and allows tunneling of every ETHER TYPE protocol (e.g. + * ethernet, ip, arp ...). satp directly includes cryptography and + * message authentication based on the methodes used by SRTP. It is + * intended to deliver a generic, scaleable and secure solution for + * tunneling and relaying of packets of any protocol. + * + * + * Copyright (C) 2007-2008 Christian Pointner + * + * This file is part of ľAnytun. + * + * ľAnytun is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3 as + * published by the Free Software Foundation. + * + * ľAnytun is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with ľAnytun. If not, see . + */ + +#ifndef _ENCRYPTED_PACKET_H_ +#define _ENCRYPTED_PACKET_H_ + +#define ENCRYPTED_PACKET_SIZE_MAX 1600 + +#define PAYLOAD_TYPE_TAP 0x6558 +#define PAYLOAD_TYPE_TUN 0x0000 +#define PAYLOAD_TYPE_TUN4 0x0800 +#define PAYLOAD_TYPE_TUN6 0x86DD + +struct __attribute__ ((__packed__)) encrypted_packet_header_struct { + seq_nr_t seq_nr_; + sender_id_t sender_id_; + mux_t mux_; +}; +typedef struct encrypted_packet_header_struct encrypted_packet_header_t; + +struct encrypted_packet_struct { + u_int32_t payload_length_; + union __attribute__ ((__packed__)) { + u_int8_t buf_[ENCRYPTED_PACKET_SIZE_MAX]; + encrypted_packet_header_t header_; + } data_; +}; +typedef struct encrypted_packet_struct encrypted_packet_t; + +void encrypted_packet_init(encrypted_packet_t* packet); + +u_int8_t* encrypted_packet_get_packet(encrypted_packet_t* packet); +u_int32_t encrypted_packet_get_length(encrypted_packet_t* packet); + +u_int8_t* encrypted_packet_get_payload(encrypted_packet_t* packet); +u_int32_t encrypted_packet_get_payload_length(encrypted_packet_t* packet); +void encrypted_packet_set_payload_length(encrypted_packet_t* packet, u_int32_t len); + +seq_nr_t encrypted_packet_get_seq_nr(encrypted_packet_t* packet); +void encrypted_packet_set_seq_nr(encrypted_packet_t* packet, seq_nr_t seq_nr); + +sender_id_t encrypted_packet_get_sender_id(encrypted_packet_t* packet); +void encrypted_packet_set_sender_id(encrypted_packet_t* packet, sender_id_t sender_id); + +mux_t encrypted_packet_get_mux(encrypted_packet_t* packet); +void encrypted_packet_set_mux(encrypted_packet_t* packet, mux_t mux); + + +#endif diff --git a/src/plain_packet.c b/src/plain_packet.c index 1ef05fe..e3fe4c5 100644 --- a/src/plain_packet.c +++ b/src/plain_packet.c @@ -52,7 +52,7 @@ u_int8_t* plain_packet_get_packet(plain_packet_t* packet) if(!packet) return NULL; - return packet->data.buf_; + return packet->data_.buf_; } u_int32_t plain_packet_get_length(plain_packet_t* packet) @@ -68,7 +68,7 @@ u_int8_t* plain_packet_get_payload(plain_packet_t* packet) if(!packet) return NULL; - return (packet->data.buf_ + sizeof(payload_type_t)); + return (packet->data_.buf_ + sizeof(payload_type_t)); } u_int32_t plain_packet_get_payload_length(plain_packet_t* packet) @@ -94,8 +94,8 @@ payload_type_t plain_packet_get_type(plain_packet_t* packet) { if(!packet) return 0; - - return packet->data.payload_type_; + + return PAYLOAD_TYPE_T_NTOH(packet->data_.payload_type_); } void plain_packet_set_type(plain_packet_t* packet, payload_type_t type) @@ -103,5 +103,5 @@ void plain_packet_set_type(plain_packet_t* packet, payload_type_t type) if(!packet) return; - packet->data.payload_type_ = type; + packet->data_.payload_type_ = PAYLOAD_TYPE_T_HTON(type); } diff --git a/src/plain_packet.h b/src/plain_packet.h index ac1c56f..e2583f9 100644 --- a/src/plain_packet.h +++ b/src/plain_packet.h @@ -47,7 +47,7 @@ struct plain_packet_struct { union __attribute__ ((__packed__)) { u_int8_t buf_[PLAIN_PACKET_SIZE_MAX]; payload_type_t payload_type_; - } data; + } data_; }; typedef struct plain_packet_struct plain_packet_t; diff --git a/src/uanytun.c b/src/uanytun.c index a546287..a80dfe2 100644 --- a/src/uanytun.c +++ b/src/uanytun.c @@ -44,6 +44,7 @@ #include "udp.h" #include "plain_packet.h" +#include "encrypted_packet.h" #include "daemon.h" #include "sysexec.h" @@ -94,60 +95,71 @@ int main(int argc, char* argv[]) log_init("uanytun", DAEMON); signal_init(); - plain_packet_t packet; - plain_packet_init(&packet); + encrypted_packet_t packet; + encrypted_packet_init(&packet); - printf("packet length: %d\n", plain_packet_get_length(&packet)); + printf("packet length: %d\n", encrypted_packet_get_length(&packet)); printf("packet: \n"); - print_hex_dump(plain_packet_get_packet(&packet), plain_packet_get_length(&packet)); - printf("\npayload type: 0x%04X\n", plain_packet_get_type(&packet)); - printf("payload length: %d\n", plain_packet_get_payload_length(&packet)); + print_hex_dump(encrypted_packet_get_packet(&packet), encrypted_packet_get_length(&packet)); + printf("\nseq nr: 0x%08X\n", encrypted_packet_get_seq_nr(&packet)); + printf("sender id: 0x%04X\n", encrypted_packet_get_sender_id(&packet)); + printf("mux: 0x%04X\n", encrypted_packet_get_mux(&packet)); + printf("payload length: %d\n", encrypted_packet_get_payload_length(&packet)); printf("payload: \n"); - print_hex_dump(plain_packet_get_payload(&packet), plain_packet_get_payload_length(&packet)); + print_hex_dump(encrypted_packet_get_payload(&packet), encrypted_packet_get_payload_length(&packet)); printf("\n\n"); - plain_packet_set_payload_length(&packet, 20); + encrypted_packet_set_payload_length(&packet, 20); - - printf("packet length: %d\n", plain_packet_get_length(&packet)); + printf("packet length: %d\n", encrypted_packet_get_length(&packet)); printf("packet: \n"); - print_hex_dump(plain_packet_get_packet(&packet), plain_packet_get_length(&packet)); - printf("\npayload type: 0x%04X\n", plain_packet_get_type(&packet)); - printf("payload length: %d\n", plain_packet_get_payload_length(&packet)); + print_hex_dump(encrypted_packet_get_packet(&packet), encrypted_packet_get_length(&packet)); + printf("\nseq nr: 0x%08X\n", encrypted_packet_get_seq_nr(&packet)); + printf("sender id: 0x%04X\n", encrypted_packet_get_sender_id(&packet)); + printf("mux: 0x%04X\n", encrypted_packet_get_mux(&packet)); + printf("payload length: %d\n", encrypted_packet_get_payload_length(&packet)); printf("payload: \n"); - print_hex_dump(plain_packet_get_payload(&packet), plain_packet_get_payload_length(&packet)); + print_hex_dump(encrypted_packet_get_payload(&packet), encrypted_packet_get_payload_length(&packet)); printf("\n\n"); + u_int32_t i; - for(i=0; i