-
Notifications
You must be signed in to change notification settings - Fork 5
/
proxy.h
191 lines (179 loc) · 8.69 KB
/
proxy.h
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
/*
* UFTP - UDP based FTP with multicast
*
* Copyright (C) 2001-2015 Dennis A. Bush, Jr. [email protected]
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* Additional permission under GNU GPL version 3 section 7
*
* If you modify this program, or any covered work, by linking or
* combining it with the OpenSSL project's OpenSSL library (or a
* modified version of that library), containing parts covered by the
* terms of the OpenSSL or SSLeay licenses, the copyright holder
* grants you additional permission to convey the resulting work.
* Corresponding Source for a non-source form of such a combination
* shall include the source code for the parts of OpenSSL used as well
* as that of the covered work.
*/
#ifndef _PROXY_H
#define _PROXY_H
#include "uftp_common.h"
#include "encryption.h"
#define MAX_PEND 10
#define MAXLIST 100
#define KEY_REQ_LIMIT 5
/**
* Type of proxy
*/
enum proxy_type {
UNDEF_PROXY = 0, /// Not specified, indicates an error
SERVER_PROXY = 1, /// Server proxy: forwards to a specific place
CLIENT_PROXY = 2, /// Client proxy: sends to specified destaddr
RESPONSE_PROXY = 3, /// Response proxy: response aggregation only
};
/**
* The state of the given group
*/
enum proxy_phase {
PR_PHASE_REGISTERED = 1, /// Currently setting up group
PR_PHASE_READY = 2, /// Still in setup, but received KEYINFO
PR_PHASE_RECEIVING = 3, /// Group setup complete
PR_PHASE_DONE = 4, /// All clients send COMPLETE for group
};
/**
* The state of a given client when encryption is enabled
*/
enum proxy_client_state {
PR_CLIENT_MUTE = 0, /// Got nothing yet
PR_CLIENT_REGISTERED = 1, /// Got REGISTER (and CLIENT_KEY if required)
PR_CLIENT_CONF = 2, /// Got REG_CONF from server
PR_CLIENT_READY = 3, /// Got INFO_ACK in response to KEYINFO
PR_CLIENT_DONE = 4, /// Sent COMPLETE for group
};
/**
* Info for a particular client for the given group
*/
struct pr_destinfo_t {
char name[DESTNAME_LEN]; /// Hostname of client
uint32_t id; /// UID of client (network byte order)
union key_t pubkey; /// The client's public key
int pubkeylen; /// The length of client's key in bytes
union key_t dhkey; /// The client's ECDH public key
uint8_t verifydata[PUBKEY_LEN]; /// The verify data from a CLIENT_KEY
uint16_t verifylen; /// The length of verifydata in bytes
int registered; /// True if we received a REGISTER
struct timeval regtime; /// Timestamp from last REGISTER
int verified; /// True if we have a verified CLIENT_KEY
int state; /// State as specified by proxy_client_state
int pending; /// Index of pending message
uint8_t rand2[RAND_LEN]; /// Client's random number
uint8_t premaster[MASTER_LEN]; /// Premaster secret sent by client
unsigned int premaster_len; /// Length of premaster secret
uint8_t master[MASTER_LEN]; /// Master key for client
uint8_t hmackey[HMAC_LEN]; /// HMAC key for client
uint8_t key[MAXKEY]; /// Symmetric encryption key for client
uint8_t salt[MAXIV]; /// Salt for block cypher IV for client
};
/**
* Info for a message pending to go upstream
*/
struct pr_pending_info_t {
int msg, count; /// Type and number of pending responses
uint16_t file_id; /// File ID from last client message
struct timeval tstamp; /// Timestamp from last client message
struct timeval rx_tstamp; /// Time last client message received
uint16_t section; /// Section number from last status
uint8_t *naklist; /// NAK list from last status
uint8_t partial; /// PARTIAL flag from last FILEINFO_ACK
uint8_t comp_status; /// status flag from a COMPLETE
};
/**
* Info for a particular group
*/
struct pr_group_list_t {
uint32_t group_id; /// Group ID
uint8_t group_inst; /// Group instance ID (restart number)
uint16_t file_id; /// Dummy field, present for logging macros
uint8_t version; /// Protocol version number of server
uint32_t src_id; /// ID of server
double grtt; /// Server's GRTT
uint8_t robust, cc_type; /// Robust factor, congestion control type
uint32_t gsize; /// Group size estimate
int send_seq_up; /// Outgoing upstream seq. number
int send_seq_down; /// Outgoing downstream seq. number
union sockaddr_u publicmcast, privatemcast;
int multi_join; /// True if we're listening on private addr
unsigned int blocksize; /// Size of packet payload
unsigned int datapacketsize; /// Max size of UFTP packet
union sockaddr_u up_addr; /// Upstream addr to send responses back to
struct timeval phase_expire_time, phase_timeout_time, timeout_time;
struct timeval start_phase_timeout_time, start_timeout_time;
int phase, client_auth;
int keyinfo_cnt;
struct pr_pending_info_t pending[MAX_PEND]; /// Pending messages to send
uint8_t last_seq; /// Last sequence number used in STATUS
int keytype, hashtype, sigtype, keyextype; /// Encryption parameters
union key_t server_pubkey; /// Server's RSA public key
union key_t proxy_privkey; /// Proxy's RSA private key for this group
union key_t server_dhkey; /// Server ECDH public key for this group
union key_t proxy_dhkey; /// Proxy ECDH public key for this group
unsigned int server_pubkeylen; /// Length in bytes of server key
unsigned int proxy_privkeylen; /// Length in bytes of proxy key
uint8_t rand1[RAND_LEN]; /// Server's random number
uint8_t rand2[RAND_LEN]; /// Proxy's random number
uint8_t premaster[MASTER_LEN]; /// Premaster secret sent by proxy
unsigned int premaster_len; /// Length of premaster secret
uint8_t master[MASTER_LEN]; /// Master key for proxy
uint8_t hmackey[HMAC_LEN]; /// HMAC key for proxy
uint8_t key[MAXKEY]; /// Symmetric encryption key for proxy
uint8_t salt[MAXIV]; /// Salt for block cypher IV for proxy
uint8_t groupmaster[MASTER_LEN];/// Master key for server
uint8_t grouphmackey[HMAC_LEN]; /// HMAC key for server
uint8_t groupkey[MAXKEY]; /// Symmetric encryption key for server
uint8_t groupsalt[MAXIV]; /// Salt for block cypher IV for server
uint64_t ivctr; /// Counter portion of the IV
int ivlen, keylen, hmaclen; /// Length of HMAC key, symmetric key and iv
struct pr_destinfo_t destinfo[MAXPROXYDEST]; /// List of clients
int destcount; /// Number of clients served by this proxy
};
/**
* Global command line values and sockets
*/
extern SOCKET listener;
extern char pidfile[MAXPATHNAME];
extern char keyfile[MAXLIST][MAXPATHNAME], keyinfo[MAXLIST][MAXPATHNAME];
extern int proxy_type, debug, rcvbuf, dscp, keyfile_count, keyinfo_count;
extern int hb_interval, priority;
extern unsigned int ttl;
char portname[PORTNAME_LEN], out_portname[PORTNAME_LEN];
int port, out_port;
extern union sockaddr_u down_addr;
extern int have_down_fingerprint;
extern uint8_t down_fingerprint[HMAC_LEN];
extern uint32_t down_nonce, uid;
extern union sockaddr_u hb_hosts[MAXLIST];
extern union sockaddr_u pub_multi[MAX_INTERFACES];
extern struct fp_list_t server_fp[MAXLIST], client_fp[MAXPROXYDEST];
extern struct iflist ifl[MAX_INTERFACES], m_interface[MAX_INTERFACES];
extern struct timeval next_hb_time, last_key_req;
extern int ifl_len, hbhost_count, server_fp_count, client_fp_count;
extern int key_count, pub_multi_count, interface_count, sys_keys;
extern struct iflist out_if;
extern union key_t privkey[MAXLIST];
extern int privkey_type[MAXLIST];
extern union key_t dhkey;
extern uint8_t ecdh_curve;
extern struct pr_group_list_t group_list[MAXLIST];
#endif // _PROXY_H