From 682b26674e11191f2469f6b37fd92f7176a9a588 Mon Sep 17 00:00:00 2001
From: Christian Pointner <equinox@anytun.org>
Date: Sun, 28 Dec 2008 22:34:14 +0000
Subject: processing of device packets works now (null cipher and no auth algo)

---
 src/cipher.c       | 22 +++++++--------
 src/options.c      |  6 ++---
 src/plain_packet.c | 16 ++++++++++-
 src/plain_packet.h |  1 +
 src/uanytun.c      | 79 +++++++++++++++++++++++++++++++++---------------------
 5 files changed, 78 insertions(+), 46 deletions(-)

(limited to 'src')

diff --git a/src/cipher.c b/src/cipher.c
index cbb2e56..b3a8480 100644
--- a/src/cipher.c
+++ b/src/cipher.c
@@ -56,8 +56,8 @@ void cipher_init(cipher_t** c, const char* type)
   (*c)->type_ = unknown;
   if(!strcmp(type, "null"))
     (*c)->type_ = null;
-  else if(!strcmp(type, "aes-ctr"))
-    (*c)->type_ = aes_ctr;
+/*   else if(!strcmp(type, "aes-ctr")) */
+/*     (*c)->type_ = aes_ctr; */
   else {
     log_printf(ERR, "unknown cipher type");
   }
@@ -128,10 +128,10 @@ void cipher_encrypt(cipher_t* c, plain_packet_t* in, encrypted_packet_t* out, se
   if(c->type_ = null)
     len = cipher_null_encrypt(plain_packet_get_packet(in), plain_packet_get_length(in), 
                               encrypted_packet_get_payload(out), encrypted_packet_get_payload_length(out));
-  else if(c->type_ = aes_ctr)
-    len = cipher_aesctr_encrypt(plain_packet_get_packet(in), plain_packet_get_length(in), 
-                                encrypted_packet_get_payload(out), encrypted_packet_get_payload_length(out),
-                                seq_nr, sender_id, mux);
+/*   else if(c->type_ = aes_ctr) */
+/*     len = cipher_aesctr_encrypt(plain_packet_get_packet(in), plain_packet_get_length(in),  */
+/*                                 encrypted_packet_get_payload(out), encrypted_packet_get_payload_length(out), */
+/*                                 seq_nr, sender_id, mux); */
   else {
     log_printf(ERR, "unknown cipher type");
     return;
@@ -153,11 +153,11 @@ void cipher_decrypt(cipher_t* c, encrypted_packet_t* in, plain_packet_t* out)
   if(c->type_ = null)
     len = cipher_null_decrypt(encrypted_packet_get_payload(in), encrypted_packet_get_payload_length(in),
                               plain_packet_get_packet(out), plain_packet_get_length(out));
-  else if(c->type_ = aes_ctr)
-    len = cipher_aesctr_decrypt(encrypted_packet_get_payload(in), encrypted_packet_get_payload_length(in),
-                                plain_packet_get_packet(out), plain_packet_get_length(out), 
-                                encrypted_packet_get_seq_nr(in), encrypted_packet_get_sender_id(in), 
-                                encrypted_packet_get_mux(in));
+/*   else if(c->type_ = aes_ctr) */
+/*     len = cipher_aesctr_decrypt(encrypted_packet_get_payload(in), encrypted_packet_get_payload_length(in), */
+/*                                 plain_packet_get_packet(out), plain_packet_get_length(out),  */
+/*                                 encrypted_packet_get_seq_nr(in), encrypted_packet_get_sender_id(in),  */
+/*                                 encrypted_packet_get_mux(in)); */
   else {
     log_printf(ERR, "unknown cipher type");
     return;
diff --git a/src/options.c b/src/options.c
index 21ff0bc..79f60e8 100644
--- a/src/options.c
+++ b/src/options.c
@@ -213,9 +213,9 @@ void options_default(options_t* opt)
   opt->ifconfig_param_remote_netmask_ = NULL;
   opt->post_up_script_ = NULL;
   opt->seq_window_size_ = 100;
-  opt->cipher_ = strdup("aes-ctr");
-  opt->kd_prf_ = strdup("aes-ctr");
-  opt->auth_algo_ = strdup("sha1");
+  opt->cipher_ = strdup("null");
+  opt->kd_prf_ = strdup("null");
+  opt->auth_algo_ = strdup("null");
   opt->mux_ = 0;
   opt->key_.buf_ = NULL;
   opt->key_.length_ = 0;
diff --git a/src/plain_packet.c b/src/plain_packet.c
index 69338c1..d11a710 100644
--- a/src/plain_packet.c
+++ b/src/plain_packet.c
@@ -38,6 +38,7 @@
 
 #include <stdlib.h>
 #include <string.h>
+#include <netinet/ip.h>
 
 void plain_packet_init(plain_packet_t* packet)
 {
@@ -118,5 +119,18 @@ void plain_packet_set_type(plain_packet_t* packet, payload_type_t type)
   if(!packet)
     return;
 
-  packet->data_.payload_type_ = PAYLOAD_TYPE_T_HTON(type);
+  if(type == PAYLOAD_TYPE_TUN) {
+    if(!packet->payload_length_) {
+      packet->data_.payload_type_ = PAYLOAD_TYPE_T_HTON(PAYLOAD_TYPE_TUN);
+      return;
+    }
+
+    struct ip* hdr = (struct ip*)(packet->data_.buf_ + sizeof(payload_type_t));
+    if(hdr->ip_v == 4)
+      packet->data_.payload_type_ = PAYLOAD_TYPE_T_HTON(PAYLOAD_TYPE_TUN4);
+    else if(hdr->ip_v == 6)
+      packet->data_.payload_type_ = PAYLOAD_TYPE_T_HTON(PAYLOAD_TYPE_TUN6);
+  }
+  else
+    packet->data_.payload_type_ = PAYLOAD_TYPE_T_HTON(type);
 }
diff --git a/src/plain_packet.h b/src/plain_packet.h
index ed967b6..723fe5a 100644
--- a/src/plain_packet.h
+++ b/src/plain_packet.h
@@ -41,6 +41,7 @@
 #define PAYLOAD_TYPE_TUN 0x0000
 #define PAYLOAD_TYPE_TUN4 0x0800
 #define PAYLOAD_TYPE_TUN6 0x86DD 
+#define PAYLOAD_TYPE_UNKNOWN 0xFFFF
 
 struct plain_packet_struct {
   u_int32_t payload_length_;
diff --git a/src/uanytun.c b/src/uanytun.c
index a7e1f7d..649ac7a 100644
--- a/src/uanytun.c
+++ b/src/uanytun.c
@@ -53,7 +53,7 @@
 #include "daemon.h"
 #include "sysexec.h"
 
-void main_loop(tun_device_t* dev, udp_socket_t* sock, options_t* opt)
+int main_loop(tun_device_t* dev, udp_socket_t* sock, options_t* opt)
 {
   log_printf(INFO, "entering main loop");
 
@@ -65,6 +65,13 @@ void main_loop(tun_device_t* dev, udp_socket_t* sock, options_t* opt)
   udp_endpoint_t remote;
   seq_nr_t seq_nr = 0;
 
+  cipher_t* c;
+  cipher_init(&c, opt->cipher_);
+  if(!c) {
+    log_printf(ERR, "could not initialize cipher of type %s", opt->cipher_);
+    return -1;
+  }
+
   while(1) {
     plain_packet_set_payload_length(&plain_packet, -1);
     encrypted_packet_set_length(&encrypted_packet, -1);
@@ -72,42 +79,51 @@ void main_loop(tun_device_t* dev, udp_socket_t* sock, options_t* opt)
 // TODO: add select 
 
 // if dev->fd_ is ready:
-    len = tun_read(dev, plain_packet_get_payload(&plain_packet), plain_packet_get_payload_length(&plain_packet));
-    plain_packet_set_payload_length(&plain_packet, len);
-    
-   // TODO: cipher packet
-   // TODO: add auth-tag
-
-    encrypted_packet_set_seq_nr(&encrypted_packet, seq_nr);
-    encrypted_packet_set_sender_id(&encrypted_packet, opt->sender_id_);
-    encrypted_packet_set_mux(&encrypted_packet, opt->mux_);
-
-    udp_write(sock, encrypted_packet_get_packet(&encrypted_packet), encrypted_packet_get_length(&encrypted_packet));
-    
-
+    if(1) {
+      len = tun_read(dev, plain_packet_get_payload(&plain_packet), plain_packet_get_payload_length(&plain_packet));
+      plain_packet_set_payload_length(&plain_packet, len);
+      
+      if(dev->type_ = TYPE_TUN)
+        plain_packet_set_type(&plain_packet, PAYLOAD_TYPE_TUN);
+      else if(dev->type_ = TYPE_TAP)
+        plain_packet_set_type(&plain_packet, PAYLOAD_TYPE_TAP);    
+      else
+        plain_packet_set_type(&plain_packet, PAYLOAD_TYPE_UNKNOWN);
+      
+      cipher_encrypt(c, &plain_packet, &encrypted_packet, seq_nr, opt->sender_id_, opt->mux_); 
+      seq_nr++;
+      
+          // TODO: add auth-tag
+      
+      udp_write(sock, encrypted_packet_get_packet(&encrypted_packet), encrypted_packet_get_length(&encrypted_packet));
+    }
 
 // if sock->fd_ is ready:
-    len = udp_read(sock, encrypted_packet_get_packet(&encrypted_packet), encrypted_packet_get_length(&encrypted_packet), &remote);
-    encrypted_packet_set_length(&encrypted_packet, len);
+/*     len = udp_read(sock, encrypted_packet_get_packet(&encrypted_packet), encrypted_packet_get_length(&encrypted_packet), &remote); */
+/*     encrypted_packet_set_length(&encrypted_packet, len); */
 
-   // TODO: check auth-tag
+/*    // TODO: check auth-tag */
 
-    if(encrypted_packet_get_mux(&encrypted_packet) != opt->mux_)
-      continue;
+/*     if(encrypted_packet_get_mux(&encrypted_packet) != opt->mux_) */
+/*       continue; */
 
-   // TODO: check seq nr for sender id
+/*    // TODO: check seq nr for sender id */
 
-    if(memcmp(&remote, &(sock->remote_end_), sizeof(remote))) {
-      memcpy(&(sock->remote_end_), &remote, sizeof(remote));
-      char* addrstring = udp_endpoint_to_string(remote);
-      log_printf(NOTICE, "autodetected remote host changed %s", addrstring);
-      free(addrstring);
-    }
+/*     if(memcmp(&remote, &(sock->remote_end_), sizeof(remote))) { */
+/*       memcpy(&(sock->remote_end_), &remote, sizeof(remote)); */
+/*       char* addrstring = udp_endpoint_to_string(remote); */
+/*       log_printf(NOTICE, "autodetected remote host changed %s", addrstring); */
+/*       free(addrstring); */
+/*     } */
 
-   // TODO: decipher packet
+/*    // TODO: decipher packet */
 
-    tun_write(dev, plain_packet_get_payload(&plain_packet), plain_packet_get_payload_length(&plain_packet));
+/*     tun_write(dev, plain_packet_get_payload(&plain_packet), plain_packet_get_payload_length(&plain_packet)); */
   }
+
+  cipher_close(&c);
+
+  return 0;
 }
 
 void print_hex_dump(const u_int8_t* buf, u_int32_t len)
@@ -195,13 +211,14 @@ int main(int argc, char* argv[])
     fclose(pid_file);
   }
 
-  main_loop(dev, sock, opt);
+  ret = main_loop(dev, sock, opt);
 
   tun_close(&dev);
   udp_close(&sock);
   options_clear(&opt);
 
-  log_printf(NOTICE, "normal shutdown");
+  if(!ret)
+    log_printf(NOTICE, "normal shutdown");
 
-  return 0;
+  return ret;
 }
-- 
cgit v1.2.3