1 /* site.c - manage communication with a remote network site */
3 /* The 'site' code doesn't know anything about the structure of the
4 packets it's transmitting. In fact, under the new netlink
5 configuration scheme it doesn't need to know anything at all about
6 IP addresses, except how to contact its peer. This means it could
7 potentially be used to tunnel other protocols too (IPv6, IPX, plain
8 old Ethernet frames) if appropriate netlink code can be written
9 (and that ought not to be too hard, eg. using the TUN/TAP device to
10 pretend to be an Ethernet interface). */
12 /* At some point in the future the netlink code will be asked for
13 configuration information to go in the PING/PONG packets at the end
14 of the key exchange. */
21 #include <sys/socket.h>
25 #include "unaligned.h"
28 #define SETUP_BUFFER_LEN 2048
30 #define DEFAULT_KEY_LIFETIME (3600*1000) /* [ms] */
31 #define DEFAULT_KEY_RENEGOTIATE_GAP (5*60*1000) /* [ms] */
32 #define DEFAULT_SETUP_RETRIES 5
33 #define DEFAULT_SETUP_RETRY_INTERVAL (2*1000) /* [ms] */
34 #define DEFAULT_WAIT_TIME (20*1000) /* [ms] */
36 #define DEFAULT_MOBILE_KEY_LIFETIME (2*24*3600*1000) /* [ms] */
37 #define DEFAULT_MOBILE_KEY_RENEGOTIATE_GAP (12*3600*1000) /* [ms] */
38 #define DEFAULT_MOBILE_SETUP_RETRIES 30
39 #define DEFAULT_MOBILE_SETUP_RETRY_INTERVAL (1*1000) /* [ms] */
40 #define DEFAULT_MOBILE_WAIT_TIME (10*1000) /* [ms] */
42 #define DEFAULT_MOBILE_PEER_EXPIRY (2*60) /* [s] */
43 #define DEFAULT_MOBILE_PEERS_MAX 3 /* send at most this many copies (default) */
45 /* Each site can be in one of several possible states. */
48 SITE_STOP - nothing is allowed to happen; tunnel is down;
49 all session keys have been erased
50 -> SITE_RUN upon external instruction
51 SITE_RUN - site up, maybe with valid key
52 -> SITE_RESOLVE upon outgoing packet and no valid key
53 we start name resolution for the other end of the tunnel
54 -> SITE_SENTMSG2 upon valid incoming message 1 and suitable time
55 we send an appropriate message 2
56 SITE_RESOLVE - waiting for name resolution
57 -> SITE_SENTMSG1 upon successful resolution
58 we send an appropriate message 1
59 -> SITE_SENTMSG2 upon valid incoming message 1 (then abort resolution)
60 we abort resolution and
61 -> SITE_WAIT on timeout or resolution failure
63 -> SITE_SENTMSG2 upon valid incoming message 1 from higher priority end
64 -> SITE_SENTMSG3 upon valid incoming message 2
65 -> SITE_WAIT on timeout
67 -> SITE_SENTMSG4 upon valid incoming message 3
68 -> SITE_WAIT on timeout
70 -> SITE_SENTMSG5 upon valid incoming message 4
71 -> SITE_WAIT on timeout
73 -> SITE_RUN upon valid incoming message 5
74 -> SITE_WAIT on timeout
76 -> SITE_RUN upon valid incoming message 6
77 -> SITE_WAIT on timeout
78 SITE_WAIT - failed to establish key; do nothing for a while
79 -> SITE_RUN on timeout
84 #define SITE_RESOLVE 2
85 #define SITE_SENTMSG1 3
86 #define SITE_SENTMSG2 4
87 #define SITE_SENTMSG3 5
88 #define SITE_SENTMSG4 6
89 #define SITE_SENTMSG5 7
92 int32_t site_max_start_pad = 4*4;
94 static cstring_t state_name(uint32_t state)
97 case 0: return "STOP";
99 case 2: return "RESOLVE";
100 case 3: return "SENTMSG1";
101 case 4: return "SENTMSG2";
102 case 5: return "SENTMSG3";
103 case 6: return "SENTMSG4";
104 case 7: return "SENTMSG5";
105 case 8: return "WAIT";
106 default: return "*bad state*";
112 #define LOG_UNEXPECTED 0x00000001
113 #define LOG_SETUP_INIT 0x00000002
114 #define LOG_SETUP_TIMEOUT 0x00000004
115 #define LOG_ACTIVATE_KEY 0x00000008
116 #define LOG_TIMEOUT_KEY 0x00000010
117 #define LOG_SEC 0x00000020
118 #define LOG_STATE 0x00000040
119 #define LOG_DROP 0x00000080
120 #define LOG_DUMP 0x00000100
121 #define LOG_ERROR 0x00000400
122 #define LOG_PEER_ADDRS 0x00000800
124 static struct flagstr log_event_table[]={
125 { "unexpected", LOG_UNEXPECTED },
126 { "setup-init", LOG_SETUP_INIT },
127 { "setup-timeout", LOG_SETUP_TIMEOUT },
128 { "activate-key", LOG_ACTIVATE_KEY },
129 { "timeout-key", LOG_TIMEOUT_KEY },
130 { "security", LOG_SEC },
131 { "state-change", LOG_STATE },
132 { "packet-drop", LOG_DROP },
133 { "dump-packets", LOG_DUMP },
134 { "errors", LOG_ERROR },
135 { "peer-addrs", LOG_PEER_ADDRS },
136 { "default", LOG_SETUP_INIT|LOG_SETUP_TIMEOUT|
137 LOG_ACTIVATE_KEY|LOG_TIMEOUT_KEY|LOG_SEC|LOG_ERROR },
138 { "all", 0xffffffff },
143 /***** TRANSPORT PEERS declarations *****/
145 /* Details of "mobile peer" semantics:
147 - We record mobile_peers_max peer address/port numbers ("peers")
148 for key setup, and separately mobile_peers_max for data
149 transfer. If these lists fill up, we retain the newest peers.
150 (For non-mobile peers we only record one of each.)
152 - Outgoing packets are sent to every recorded peer in the
155 - Data transfer peers are straightforward: whenever we successfully
156 process a data packet, we record the peer. Also, whenever we
157 successfully complete a key setup, we merge the key setup
158 peers into the data transfer peers.
160 (For "non-mobile" peers we simply copy the peer used for
161 successful key setup, and don't change the peer otherwise.)
163 - Key setup peers are slightly more complicated.
165 Whenever we receive and successfully process a key exchange
166 packet, we record the peer.
168 Whenever we try to initiate a key setup, we copy the list of data
169 transfer peers and use it for key setup. But we also look to see
170 if the config supplies an address and port number and if so we
171 add that as a key setup peer (possibly evicting one of the data
172 transfer peers we just copied).
174 (For "non-mobile" peers, if we if we have a configured peer
175 address and port, we always use that; otherwise if we have a
176 current data peer address we use that; otherwise we do not
177 attempt to initiate a key setup for lack of a peer address.)
179 "Record the peer" means
180 1. expire any peers last seen >120s ("mobile-peer-expiry") ago
181 2. add the peer of the just received packet to the applicable list
182 (possibly evicting older entries)
183 NB that we do not expire peers until an incoming packet arrives.
187 #define MAX_MOBILE_PEERS_MAX 5 /* send at most this many copies, compiled max */
191 struct comm_addr addr;
195 /* configuration information */
196 /* runtime information */
198 transport_peer peers[MAX_MOBILE_PEERS_MAX];
201 /* Basic operations on transport peer address sets */
202 static void transport_peers_clear(struct site *st, transport_peers *peers);
203 static int transport_peers_valid(transport_peers *peers);
204 static void transport_peers_copy(struct site *st, transport_peers *dst,
205 const transport_peers *src);
207 /* Record address of incoming setup packet; resp. data packet. */
208 static void transport_setup_msgok(struct site *st, const struct comm_addr *a);
209 static void transport_data_msgok(struct site *st, const struct comm_addr *a);
211 /* Initialise the setup addresses. Called before we send the first
212 * packet in a key exchange. If we are the initiator, as a result of
213 * resolve completing (or being determined not to be relevant) or an
214 * incoming PROD; if we are the responder, as a result of the MSG1. */
215 static bool_t transport_compute_setupinit_peers(struct site *st,
216 const struct comm_addr *configured_addr /* 0 if none or not found */,
217 const struct comm_addr *incoming_packet_addr /* 0 if none */);
219 /* Called if we are the responder in a key setup, when the resolve
220 * completes. transport_compute_setupinit_peers will hvae been called
221 * earlier. If _complete is called, we are still doing the key setup
222 * (and we should use the new values for both the rest of the key
223 * setup and the ongoing data exchange); if _tardy is called, the key
224 * setup is done (either completed or not) and only the data peers are
226 static void transport_resolve_complete(struct site *st,
227 const struct comm_addr *a);
228 static void transport_resolve_complete_tardy(struct site *st,
229 const struct comm_addr *ca_use);
231 static void transport_xmit(struct site *st, transport_peers *peers,
232 struct buffer_if *buf, bool_t candebug);
234 /***** END of transport peers declarations *****/
238 struct transform_inst_if *transform;
239 uint64_t key_timeout; /* End of life of current key */
240 uint32_t remote_session_id;
246 /* configuration information */
249 bool_t local_mobile, peer_mobile; /* Mobile client support */
250 int32_t transport_peers_max;
251 string_t tunname; /* localname<->remotename by default, used in logs */
252 string_t address; /* DNS name for bootstrapping, optional */
253 int remoteport; /* Port for bootstrapping, optional */
255 struct netlink_if *netlink;
256 struct comm_if **comms;
258 struct resolver_if *resolver;
260 struct random_if *random;
261 struct rsaprivkey_if *privkey;
262 struct rsapubkey_if *pubkey;
263 struct transform_if **transforms;
266 struct hash_if *hash;
268 uint32_t index; /* Index of this site */
269 uint32_t local_capabilities;
270 int32_t setup_retries; /* How many times to send setup packets */
271 int32_t setup_retry_interval; /* Initial timeout for setup packets */
272 int32_t wait_timeout; /* How long to wait if setup unsuccessful */
273 int32_t mobile_peer_expiry; /* How long to remember 2ary addresses */
274 int32_t key_lifetime; /* How long a key lasts once set up */
275 int32_t key_renegotiate_time; /* If we see traffic (or a keepalive)
276 after this time, initiate a new
279 bool_t setup_priority; /* Do we have precedence if both sites emit
280 message 1 simultaneously? */
283 /* runtime information */
285 uint64_t now; /* Most recently seen time */
286 bool_t allow_send_prod;
289 /* The currently established session */
290 struct data_key current;
291 struct data_key auxiliary_key;
292 bool_t auxiliary_is_new;
293 uint64_t renegotiate_key_time; /* When we can negotiate a new key */
294 uint64_t auxiliary_renegotiate_key_time;
295 transport_peers peers; /* Current address(es) of peer for data traffic */
297 /* The current key setup protocol exchange. We can only be
298 involved in one of these at a time. There's a potential for
299 denial of service here (the attacker keeps sending a setup
300 packet; we keep trying to continue the exchange, and have to
301 timeout before we can listen for another setup packet); perhaps
302 we should keep a list of 'bad' sources for setup packets. */
303 uint32_t remote_capabilities;
304 uint16_t remote_adv_mtu;
305 struct transform_if *chosen_transform;
306 uint32_t setup_session_id;
307 transport_peers setup_peers;
308 uint8_t localN[NONCELEN]; /* Nonces for key exchange */
309 uint8_t remoteN[NONCELEN];
310 struct buffer_if buffer; /* Current outgoing key exchange packet */
311 struct buffer_if scratch;
312 int32_t retries; /* Number of retries remaining */
313 uint64_t timeout; /* Timeout for current state */
315 uint8_t *sharedsecret;
316 uint32_t sharedsecretlen, sharedsecretallocd;
317 struct transform_inst_if *new_transform; /* For key setup/verify */
320 static uint32_t event_log_priority(struct site *st, uint32_t event)
322 if (!(event&st->log_events))
325 case LOG_UNEXPECTED: return M_INFO;
326 case LOG_SETUP_INIT: return M_INFO;
327 case LOG_SETUP_TIMEOUT: return M_NOTICE;
328 case LOG_ACTIVATE_KEY: return M_INFO;
329 case LOG_TIMEOUT_KEY: return M_INFO;
330 case LOG_SEC: return M_SECURITY;
331 case LOG_STATE: return M_DEBUG;
332 case LOG_DROP: return M_DEBUG;
333 case LOG_DUMP: return M_DEBUG;
334 case LOG_ERROR: return M_ERR;
335 case LOG_PEER_ADDRS: return M_DEBUG;
336 default: return M_ERR;
340 static void vslog(struct site *st, uint32_t event, cstring_t msg, va_list ap)
342 static void vslog(struct site *st, uint32_t event, cstring_t msg, va_list ap)
346 class=event_log_priority(st, event);
348 slilog_part(st->log,class,"%s: ",st->tunname);
349 vslilog_part(st->log,class,msg,ap);
350 slilog_part(st->log,class,"\n");
354 static void slog(struct site *st, uint32_t event, cstring_t msg, ...)
356 static void slog(struct site *st, uint32_t event, cstring_t msg, ...)
360 vslog(st,event,msg,ap);
364 static void logtimeout(struct site *st, const char *fmt, ...)
366 static void logtimeout(struct site *st, const char *fmt, ...)
368 uint32_t class=event_log_priority(st,LOG_SETUP_TIMEOUT);
375 slilog_part(st->log,class,"%s: ",st->tunname);
376 vslilog_part(st->log,class,fmt,ap);
380 for (i=0, delim=" (tried ";
381 i<st->setup_peers.npeers;
383 transport_peer *peer=&st->setup_peers.peers[i];
384 const char *s=comm_addr_to_string(&peer->addr);
385 slilog_part(st->log,class,"%s%s",delim,s);
388 slilog_part(st->log,class,")\n");
392 static void set_link_quality(struct site *st);
393 static void delete_keys(struct site *st, cstring_t reason, uint32_t loglevel);
394 static void delete_one_key(struct site *st, struct data_key *key,
395 const char *reason /* may be 0 meaning don't log*/,
396 const char *which /* ignored if !reasonn */,
397 uint32_t loglevel /* ignored if !reasonn */);
398 static bool_t initiate_key_setup(struct site *st, cstring_t reason,
399 const struct comm_addr *prod_hint);
400 static void enter_state_run(struct site *st);
401 static bool_t enter_state_resolve(struct site *st);
402 static bool_t enter_new_state(struct site *st,uint32_t next);
403 static void enter_state_wait(struct site *st);
404 static void activate_new_key(struct site *st);
406 static bool_t is_transform_valid(struct transform_inst_if *transform)
408 return transform && transform->valid(transform->st);
411 static bool_t current_valid(struct site *st)
413 return is_transform_valid(st->current.transform);
416 #define DEFINE_CALL_TRANSFORM(fwdrev) \
417 static int call_transform_##fwdrev(struct site *st, \
418 struct transform_inst_if *transform, \
419 struct buffer_if *buf, \
420 const char **errmsg) \
422 if (!is_transform_valid(transform)) { \
423 *errmsg="transform not set up"; \
426 return transform->fwdrev(transform->st,buf,errmsg); \
429 DEFINE_CALL_TRANSFORM(forwards)
430 DEFINE_CALL_TRANSFORM(reverse)
432 static void dispose_transform(struct transform_inst_if **transform_var)
434 struct transform_inst_if *transform=*transform_var;
436 transform->delkey(transform->st);
437 transform->destroy(transform->st);
442 #define CHECK_AVAIL(b,l) do { if ((b)->size<(l)) return False; } while(0)
443 #define CHECK_EMPTY(b) do { if ((b)->size!=0) return False; } while(0)
444 #define CHECK_TYPE(b,t) do { uint32_t type; \
445 CHECK_AVAIL((b),4); \
446 type=buf_unprepend_uint32((b)); \
447 if (type!=(t)) return False; } while(0)
449 static _Bool type_is_msg34(uint32_t type)
452 type == LABEL_MSG3 ||
453 type == LABEL_MSG3BIS ||
460 struct buffer_if extrainfo;
467 struct parsedname remote;
468 struct parsedname local;
469 uint32_t remote_capabilities;
471 int capab_transformnum;
481 static void set_new_transform(struct site *st, char *pk)
483 /* Make room for the shared key */
484 st->sharedsecretlen=st->chosen_transform->keylen?:st->dh->ceil_len;
485 assert(st->sharedsecretlen);
486 if (st->sharedsecretlen > st->sharedsecretallocd) {
487 st->sharedsecretallocd=st->sharedsecretlen;
488 st->sharedsecret=realloc(st->sharedsecret,st->sharedsecretallocd);
490 if (!st->sharedsecret) fatal_perror("site:sharedsecret");
492 /* Generate the shared key */
493 st->dh->makeshared(st->dh->st,st->dhsecret,st->dh->len,pk,
494 st->sharedsecret,st->sharedsecretlen);
496 /* Set up the transform */
497 struct transform_if *generator=st->chosen_transform;
498 struct transform_inst_if *generated=generator->create(generator->st);
499 generated->setkey(generated->st,st->sharedsecret,
500 st->sharedsecretlen,st->setup_priority);
501 dispose_transform(&st->new_transform);
502 st->new_transform=generated;
504 slog(st,LOG_SETUP_INIT,"key exchange negotiated transform"
505 " %d (capabilities ours=%#"PRIx32" theirs=%#"PRIx32")",
506 st->chosen_transform->capab_transformnum,
507 st->local_capabilities, st->remote_capabilities);
511 int32_t lenpos, afternul;
513 static void append_string_xinfo_start(struct buffer_if *buf,
514 struct xinfoadd *xia,
516 /* Helps construct one of the names with additional info as found
517 * in MSG1..4. Call this function first, then append all the
518 * desired extra info (not including the nul byte) to the buffer,
519 * then call append_string_xinfo_done. */
521 xia->lenpos = buf->size;
522 buf_append_string(buf,str);
523 buf_append_uint8(buf,0);
524 xia->afternul = buf->size;
526 static void append_string_xinfo_done(struct buffer_if *buf,
527 struct xinfoadd *xia)
529 /* we just need to adjust the string length */
530 if (buf->size == xia->afternul) {
531 /* no extra info, strip the nul too */
532 buf_unappend_uint8(buf);
534 put_uint16(buf->start+xia->lenpos, buf->size-(xia->lenpos+2));
538 /* Build any of msg1 to msg4. msg5 and msg6 are built from the inside
539 out using a transform of config data supplied by netlink */
540 static bool_t generate_msg(struct site *st, uint32_t type, cstring_t what)
546 st->retries=st->setup_retries;
547 BUF_ALLOC(&st->buffer,what);
548 buffer_init(&st->buffer,0);
549 buf_append_uint32(&st->buffer,
550 (type==LABEL_MSG1?0:st->setup_session_id));
551 buf_append_uint32(&st->buffer,st->index);
552 buf_append_uint32(&st->buffer,type);
555 append_string_xinfo_start(&st->buffer,&xia,st->localname);
556 if ((st->local_capabilities & CAPAB_EARLY) || (type != LABEL_MSG1)) {
557 buf_append_uint32(&st->buffer,st->local_capabilities);
559 if (type_is_msg34(type)) {
560 buf_append_uint16(&st->buffer,st->mtu_target);
562 append_string_xinfo_done(&st->buffer,&xia);
564 buf_append_string(&st->buffer,st->remotename);
565 BUF_ADD_OBJ(append,&st->buffer,st->localN);
566 if (type==LABEL_MSG1) return True;
567 BUF_ADD_OBJ(append,&st->buffer,st->remoteN);
568 if (type==LABEL_MSG2) return True;
570 if (hacky_par_mid_failnow()) return False;
572 if (type==LABEL_MSG3BIS)
573 buf_append_uint8(&st->buffer,st->chosen_transform->capab_transformnum);
575 dhpub=st->dh->makepublic(st->dh->st,st->dhsecret,st->dh->len);
576 buf_append_string(&st->buffer,dhpub);
578 hash=safe_malloc(st->hash->len, "generate_msg");
579 hst=st->hash->init();
580 st->hash->update(hst,st->buffer.start,st->buffer.size);
581 st->hash->final(hst,hash);
582 sig=st->privkey->sign(st->privkey->st,hash,st->hash->len);
583 buf_append_string(&st->buffer,sig);
589 static bool_t unpick_name(struct buffer_if *msg, struct parsedname *nm)
592 nm->len=buf_unprepend_uint16(msg);
593 CHECK_AVAIL(msg,nm->len);
594 nm->name=buf_unprepend(msg,nm->len);
595 uint8_t *nul=memchr(nm->name,0,nm->len);
597 buffer_readonly_view(&nm->extrainfo,0,0);
599 buffer_readonly_view(&nm->extrainfo, nul+1, msg->start-(nul+1));
600 nm->len=nul-nm->name;
605 static bool_t unpick_msg(struct site *st, uint32_t type,
606 struct buffer_if *msg, struct msg *m)
608 m->capab_transformnum=-1;
609 m->hashstart=msg->start;
611 m->dest=buf_unprepend_uint32(msg);
613 m->source=buf_unprepend_uint32(msg);
614 CHECK_TYPE(msg,type);
615 if (!unpick_name(msg,&m->remote)) return False;
616 m->remote_capabilities=0;
618 if (m->remote.extrainfo.size) {
619 CHECK_AVAIL(&m->remote.extrainfo,4);
620 m->remote_capabilities=buf_unprepend_uint32(&m->remote.extrainfo);
622 if (type_is_msg34(type) && m->remote.extrainfo.size) {
623 CHECK_AVAIL(&m->remote.extrainfo,2);
624 m->remote_mtu=buf_unprepend_uint16(&m->remote.extrainfo);
626 if (!unpick_name(msg,&m->local)) return False;
627 if (type==LABEL_PROD) {
631 CHECK_AVAIL(msg,NONCELEN);
632 m->nR=buf_unprepend(msg,NONCELEN);
633 if (type==LABEL_MSG1) {
637 CHECK_AVAIL(msg,NONCELEN);
638 m->nL=buf_unprepend(msg,NONCELEN);
639 if (type==LABEL_MSG2) {
643 if (type==LABEL_MSG3BIS) {
645 m->capab_transformnum = buf_unprepend_uint8(msg);
647 m->capab_transformnum = CAPAB_TRANSFORMNUM_ANCIENT;
650 m->pklen=buf_unprepend_uint16(msg);
651 CHECK_AVAIL(msg,m->pklen);
652 m->pk=buf_unprepend(msg,m->pklen);
653 m->hashlen=msg->start-m->hashstart;
655 m->siglen=buf_unprepend_uint16(msg);
656 CHECK_AVAIL(msg,m->siglen);
657 m->sig=buf_unprepend(msg,m->siglen);
662 static bool_t name_matches(const struct parsedname *nm, const char *expected)
664 int expected_len=strlen(expected);
666 nm->len == expected_len &&
667 !memcmp(nm->name, expected, expected_len);
670 static bool_t check_msg(struct site *st, uint32_t type, struct msg *m,
673 if (type==LABEL_MSG1) return True;
675 /* Check that the site names and our nonce have been sent
676 back correctly, and then store our peer's nonce. */
677 if (!name_matches(&m->remote,st->remotename)) {
678 *error="wrong remote site name";
681 if (!name_matches(&m->local,st->localname)) {
682 *error="wrong local site name";
685 if (memcmp(m->nL,st->localN,NONCELEN)!=0) {
686 *error="wrong locally-generated nonce";
689 if (type==LABEL_MSG2) return True;
690 if (!consttime_memeq(m->nR,st->remoteN,NONCELEN)!=0) {
691 *error="wrong remotely-generated nonce";
694 /* MSG3 has complicated rules about capabilities, which are
695 * handled in process_msg3. */
696 if (type==LABEL_MSG3 || type==LABEL_MSG3BIS) return True;
697 if (m->remote_capabilities!=st->remote_capabilities) {
698 *error="remote capabilities changed";
701 if (type==LABEL_MSG4) return True;
702 *error="unknown message type";
706 static bool_t generate_msg1(struct site *st)
708 st->random->generate(st->random->st,NONCELEN,st->localN);
709 return generate_msg(st,LABEL_MSG1,"site:MSG1");
712 static bool_t process_msg1(struct site *st, struct buffer_if *msg1,
713 const struct comm_addr *src, struct msg *m)
715 /* We've already determined we're in an appropriate state to
716 process an incoming MSG1, and that the MSG1 has correct values
719 st->setup_session_id=m->source;
720 st->remote_capabilities=m->remote_capabilities;
721 memcpy(st->remoteN,m->nR,NONCELEN);
725 static bool_t generate_msg2(struct site *st)
727 st->random->generate(st->random->st,NONCELEN,st->localN);
728 return generate_msg(st,LABEL_MSG2,"site:MSG2");
731 static bool_t process_msg2(struct site *st, struct buffer_if *msg2,
732 const struct comm_addr *src)
737 if (!unpick_msg(st,LABEL_MSG2,msg2,&m)) return False;
738 if (!check_msg(st,LABEL_MSG2,&m,&err)) {
739 slog(st,LOG_SEC,"msg2: %s",err);
742 st->setup_session_id=m.source;
743 st->remote_capabilities=m.remote_capabilities;
745 /* Select the transform to use */
747 uint32_t remote_transforms = st->remote_capabilities & CAPAB_TRANSFORM_MASK;
748 if (!remote_transforms)
749 /* old secnets only had this one transform */
750 remote_transforms = 1UL << CAPAB_TRANSFORMNUM_ANCIENT;
752 struct transform_if *ti;
754 for (i=0; i<st->ntransforms; i++) {
755 ti=st->transforms[i];
756 if ((1UL << ti->capab_transformnum) & remote_transforms)
757 goto transform_found;
759 slog(st,LOG_ERROR,"no transforms in common"
760 " (us %#"PRIx32"; them: %#"PRIx32")",
761 st->local_capabilities & CAPAB_TRANSFORM_MASK,
765 st->chosen_transform=ti;
767 memcpy(st->remoteN,m.nR,NONCELEN);
771 static bool_t generate_msg3(struct site *st)
773 /* Now we have our nonce and their nonce. Think of a secret key,
774 and create message number 3. */
775 st->random->generate(st->random->st,st->dh->len,st->dhsecret);
776 return generate_msg(st,
777 (st->remote_capabilities & CAPAB_TRANSFORM_MASK
778 ? LABEL_MSG3BIS : LABEL_MSG3),
782 static bool_t process_msg3_msg4(struct site *st, struct msg *m)
787 /* Check signature and store g^x mod m */
788 hash=safe_malloc(st->hash->len, "process_msg3_msg4");
789 hst=st->hash->init();
790 st->hash->update(hst,m->hashstart,m->hashlen);
791 st->hash->final(hst,hash);
792 /* Terminate signature with a '0' - cheating, but should be ok */
794 if (!st->pubkey->check(st->pubkey->st,hash,st->hash->len,m->sig)) {
795 slog(st,LOG_SEC,"msg3/msg4 signature failed check!");
801 st->remote_adv_mtu=m->remote_mtu;
806 static bool_t process_msg3(struct site *st, struct buffer_if *msg3,
807 const struct comm_addr *src, uint32_t msgtype)
812 assert(msgtype==LABEL_MSG3 || msgtype==LABEL_MSG3BIS);
814 if (!unpick_msg(st,msgtype,msg3,&m)) return False;
815 if (!check_msg(st,msgtype,&m,&err)) {
816 slog(st,LOG_SEC,"msg3: %s",err);
819 uint32_t capab_adv_late = m.remote_capabilities
820 & ~st->remote_capabilities & CAPAB_EARLY;
821 if (capab_adv_late) {
822 slog(st,LOG_SEC,"msg3 impermissibly adds early capability flag(s)"
823 " %#"PRIx32" (was %#"PRIx32", now %#"PRIx32")",
824 capab_adv_late, st->remote_capabilities, m.remote_capabilities);
827 st->remote_capabilities|=m.remote_capabilities;
829 struct transform_if *ti;
831 for (i=0; i<st->ntransforms; i++) {
832 ti=st->transforms[i];
833 if (ti->capab_transformnum == m.capab_transformnum)
834 goto transform_found;
836 slog(st,LOG_SEC,"peer chose unknown-to-us transform %d!",
837 m.capab_transformnum);
840 st->chosen_transform=ti;
842 if (!process_msg3_msg4(st,&m))
845 /* Terminate their DH public key with a '0' */
847 /* Invent our DH secret key */
848 st->random->generate(st->random->st,st->dh->len,st->dhsecret);
850 /* Generate the shared key and set up the transform */
851 set_new_transform(st,m.pk);
856 static bool_t generate_msg4(struct site *st)
858 /* We have both nonces, their public key and our private key. Generate
859 our public key, sign it and send it to them. */
860 return generate_msg(st,LABEL_MSG4,"site:MSG4");
863 static bool_t process_msg4(struct site *st, struct buffer_if *msg4,
864 const struct comm_addr *src)
869 if (!unpick_msg(st,LABEL_MSG4,msg4,&m)) return False;
870 if (!check_msg(st,LABEL_MSG4,&m,&err)) {
871 slog(st,LOG_SEC,"msg4: %s",err);
875 if (!process_msg3_msg4(st,&m))
878 /* Terminate their DH public key with a '0' */
881 /* Generate the shared key and set up the transform */
882 set_new_transform(st,m.pk);
893 static bool_t unpick_msg0(struct site *st, struct buffer_if *msg0,
897 m->dest=buf_unprepend_uint32(msg0);
899 m->source=buf_unprepend_uint32(msg0);
901 m->type=buf_unprepend_uint32(msg0);
903 /* Leaves transformed part of buffer untouched */
906 static bool_t generate_msg5(struct site *st)
908 cstring_t transform_err;
910 BUF_ALLOC(&st->buffer,"site:MSG5");
911 /* We are going to add four words to the message */
912 buffer_init(&st->buffer,calculate_max_start_pad());
913 /* Give the netlink code an opportunity to put its own stuff in the
914 message (configuration information, etc.) */
915 buf_prepend_uint32(&st->buffer,LABEL_MSG5);
916 if (call_transform_forwards(st,st->new_transform,
917 &st->buffer,&transform_err))
919 buf_prepend_uint32(&st->buffer,LABEL_MSG5);
920 buf_prepend_uint32(&st->buffer,st->index);
921 buf_prepend_uint32(&st->buffer,st->setup_session_id);
923 st->retries=st->setup_retries;
927 static bool_t process_msg5(struct site *st, struct buffer_if *msg5,
928 const struct comm_addr *src,
929 struct transform_inst_if *transform)
932 cstring_t transform_err;
934 if (!unpick_msg0(st,msg5,&m)) return False;
936 if (call_transform_reverse(st,transform,msg5,&transform_err)) {
937 /* There's a problem */
938 slog(st,LOG_SEC,"process_msg5: transform: %s",transform_err);
941 /* Buffer should now contain untransformed PING packet data */
943 if (buf_unprepend_uint32(msg5)!=LABEL_MSG5) {
944 slog(st,LOG_SEC,"MSG5/PING packet contained wrong label");
947 /* Older versions of secnet used to write some config data here
948 * which we ignore. So we don't CHECK_EMPTY */
952 static void create_msg6(struct site *st, struct transform_inst_if *transform,
955 cstring_t transform_err;
957 BUF_ALLOC(&st->buffer,"site:MSG6");
958 /* We are going to add four words to the message */
959 buffer_init(&st->buffer,calculate_max_start_pad());
960 /* Give the netlink code an opportunity to put its own stuff in the
961 message (configuration information, etc.) */
962 buf_prepend_uint32(&st->buffer,LABEL_MSG6);
963 int problem = call_transform_forwards(st,transform,
964 &st->buffer,&transform_err);
966 buf_prepend_uint32(&st->buffer,LABEL_MSG6);
967 buf_prepend_uint32(&st->buffer,st->index);
968 buf_prepend_uint32(&st->buffer,session_id);
971 static bool_t generate_msg6(struct site *st)
973 if (!is_transform_valid(st->new_transform))
975 create_msg6(st,st->new_transform,st->setup_session_id);
976 st->retries=1; /* Peer will retransmit MSG5 if this packet gets lost */
980 static bool_t process_msg6(struct site *st, struct buffer_if *msg6,
981 const struct comm_addr *src)
984 cstring_t transform_err;
986 if (!unpick_msg0(st,msg6,&m)) return False;
988 if (call_transform_reverse(st,st->new_transform,msg6,&transform_err)) {
989 /* There's a problem */
990 slog(st,LOG_SEC,"process_msg6: transform: %s",transform_err);
993 /* Buffer should now contain untransformed PING packet data */
995 if (buf_unprepend_uint32(msg6)!=LABEL_MSG6) {
996 slog(st,LOG_SEC,"MSG6/PONG packet contained invalid data");
999 /* Older versions of secnet used to write some config data here
1000 * which we ignore. So we don't CHECK_EMPTY */
1004 static bool_t decrypt_msg0(struct site *st, struct buffer_if *msg0,
1005 const struct comm_addr *src)
1007 cstring_t transform_err, auxkey_err, newkey_err="n/a";
1011 if (!unpick_msg0(st,msg0,&m)) return False;
1013 /* Keep a copy so we can try decrypting it with multiple keys */
1014 buffer_copy(&st->scratch, msg0);
1016 problem = call_transform_reverse(st,st->current.transform,
1017 msg0,&transform_err);
1019 if (!st->auxiliary_is_new)
1020 delete_one_key(st,&st->auxiliary_key,
1021 "peer has used new key","auxiliary key",LOG_SEC);
1027 buffer_copy(msg0, &st->scratch);
1028 problem = call_transform_reverse(st,st->auxiliary_key.transform,
1031 slog(st,LOG_DROP,"processing packet which uses auxiliary key");
1032 if (st->auxiliary_is_new) {
1033 /* We previously timed out in state SENTMSG5 but it turns
1034 * out that our peer did in fact get our MSG5 and is
1035 * using the new key. So we should switch to it too. */
1036 /* This is a bit like activate_new_key. */
1039 st->current=st->auxiliary_key;
1040 st->auxiliary_key=t;
1042 delete_one_key(st,&st->auxiliary_key,"peer has used new key",
1043 "previous key",LOG_SEC);
1044 st->auxiliary_is_new=0;
1045 st->renegotiate_key_time=st->auxiliary_renegotiate_key_time;
1052 if (st->state==SITE_SENTMSG5) {
1053 buffer_copy(msg0, &st->scratch);
1054 problem = call_transform_reverse(st,st->new_transform,
1057 /* It looks like we didn't get the peer's MSG6 */
1058 /* This is like a cut-down enter_new_state(SITE_RUN) */
1059 slog(st,LOG_STATE,"will enter state RUN (MSG0 with new key)");
1060 BUF_FREE(&st->buffer);
1062 activate_new_key(st);
1063 return True; /* do process the data in this packet */
1069 slog(st,LOG_SEC,"transform: %s (aux: %s, new: %s)",
1070 transform_err,auxkey_err,newkey_err);
1071 initiate_key_setup(st,"incoming message would not decrypt",0);
1072 send_nak(src,m.dest,m.source,m.type,msg0,"message would not decrypt");
1076 slog(st,LOG_DROP,"transform: %s (merely skew)",transform_err);
1080 static bool_t process_msg0(struct site *st, struct buffer_if *msg0,
1081 const struct comm_addr *src)
1085 if (!decrypt_msg0(st,msg0,src))
1088 CHECK_AVAIL(msg0,4);
1089 type=buf_unprepend_uint32(msg0);
1092 /* We must forget about the current session. */
1093 delete_keys(st,"request from peer",LOG_SEC);
1096 /* Deliver to netlink layer */
1097 st->netlink->deliver(st->netlink->st,msg0);
1098 transport_data_msgok(st,src);
1099 /* See whether we should start negotiating a new key */
1100 if (st->now > st->renegotiate_key_time)
1101 initiate_key_setup(st,"incoming packet in renegotiation window",0);
1104 slog(st,LOG_SEC,"incoming encrypted message of type %08x "
1111 static void dump_packet(struct site *st, struct buffer_if *buf,
1112 const struct comm_addr *addr, bool_t incoming)
1114 uint32_t dest=get_uint32(buf->start);
1115 uint32_t source=get_uint32(buf->start+4);
1116 uint32_t msgtype=get_uint32(buf->start+8);
1118 if (st->log_events & LOG_DUMP)
1119 slilog(st->log,M_DEBUG,"%s: %s: %08x<-%08x: %08x:",
1120 st->tunname,incoming?"incoming":"outgoing",
1121 dest,source,msgtype);
1124 static uint32_t site_status(void *st)
1129 static bool_t send_msg(struct site *st)
1131 if (st->retries>0) {
1132 transport_xmit(st, &st->setup_peers, &st->buffer, True);
1133 st->timeout=st->now+st->setup_retry_interval;
1136 } else if (st->state==SITE_SENTMSG5) {
1137 logtimeout(st,"timed out sending MSG5, stashing new key");
1138 /* We stash the key we have produced, in case it turns out that
1139 * our peer did see our MSG5 after all and starts using it. */
1140 /* This is a bit like some of activate_new_key */
1141 struct transform_inst_if *t;
1142 t=st->auxiliary_key.transform;
1143 st->auxiliary_key.transform=st->new_transform;
1144 st->new_transform=t;
1145 dispose_transform(&st->new_transform);
1147 st->auxiliary_is_new=1;
1148 st->auxiliary_key.key_timeout=st->now+st->key_lifetime;
1149 st->auxiliary_renegotiate_key_time=st->now+st->key_renegotiate_time;
1150 st->auxiliary_key.remote_session_id=st->setup_session_id;
1152 enter_state_wait(st);
1155 logtimeout(st,"timed out sending key setup packet "
1156 "(in state %s)",state_name(st->state));
1157 enter_state_wait(st);
1162 static void site_resolve_callback(void *sst, struct in_addr *address)
1164 struct site *st=sst;
1165 struct comm_addr ca_buf, *ca_use;
1167 st->resolving=False;
1171 ca_buf.comm=st->comms[0];
1172 ca_buf.sin.sin_family=AF_INET;
1173 ca_buf.sin.sin_port=htons(st->remoteport);
1174 ca_buf.sin.sin_addr=*address;
1176 slog(st,LOG_STATE,"resolution of %s completed: %s",
1177 st->address, comm_addr_to_string(ca_use));;
1179 slog(st,LOG_ERROR,"resolution of %s failed",st->address);
1183 switch (st->state) {
1185 if (transport_compute_setupinit_peers(st,ca_use,0)) {
1186 enter_new_state(st,SITE_SENTMSG1);
1188 /* Can't figure out who to try to to talk to */
1189 slog(st,LOG_SETUP_INIT,
1190 "key exchange failed: cannot find peer address");
1191 enter_state_run(st);
1194 case SITE_SENTMSG1: case SITE_SENTMSG2:
1195 case SITE_SENTMSG3: case SITE_SENTMSG4:
1198 /* We start using the address immediately for data too.
1199 * It's best to store it in st->peers now because we might
1200 * go via SENTMSG5, WAIT, and a MSG0, straight into using
1201 * the new key (without updating the data peer addrs). */
1202 transport_resolve_complete(st,ca_use);
1203 } else if (st->local_mobile) {
1204 /* We can't let this rest because we may have a peer
1205 * address which will break in the future. */
1206 slog(st,LOG_SETUP_INIT,"resolution of %s failed: "
1207 "abandoning key exchange",st->address);
1208 enter_state_wait(st);
1210 slog(st,LOG_SETUP_INIT,"resolution of %s failed: "
1211 " continuing to use source address of peer's packets"
1212 " for key exchange and ultimately data",
1218 slog(st,LOG_SETUP_INIT,"resolution of %s completed tardily,"
1219 " updating peer address(es)",st->address);
1220 transport_resolve_complete_tardy(st,ca_use);
1221 } else if (st->local_mobile) {
1222 /* Not very good. We should queue (another) renegotiation
1223 * so that we can update the peer address. */
1224 st->key_renegotiate_time=st->now+st->wait_timeout;
1226 slog(st,LOG_SETUP_INIT,"resolution of %s failed: "
1227 " continuing to use source address of peer's packets",
1238 static bool_t initiate_key_setup(struct site *st, cstring_t reason,
1239 const struct comm_addr *prod_hint)
1241 /* Reentrancy hazard: can call enter_new_state/enter_state_* */
1242 if (st->state!=SITE_RUN) return False;
1243 slog(st,LOG_SETUP_INIT,"initiating key exchange (%s)",reason);
1245 slog(st,LOG_SETUP_INIT,"resolving peer address");
1246 return enter_state_resolve(st);
1247 } else if (transport_compute_setupinit_peers(st,0,prod_hint)) {
1248 return enter_new_state(st,SITE_SENTMSG1);
1250 slog(st,LOG_SETUP_INIT,"key exchange failed: no address for peer");
1254 static void activate_new_key(struct site *st)
1256 struct transform_inst_if *t;
1258 /* We have three transform instances, which we swap between old,
1260 t=st->auxiliary_key.transform;
1261 st->auxiliary_key.transform=st->current.transform;
1262 st->current.transform=st->new_transform;
1263 st->new_transform=t;
1264 dispose_transform(&st->new_transform);
1267 st->auxiliary_is_new=0;
1268 st->auxiliary_key.key_timeout=st->current.key_timeout;
1269 st->current.key_timeout=st->now+st->key_lifetime;
1270 st->renegotiate_key_time=st->now+st->key_renegotiate_time;
1271 transport_peers_copy(st,&st->peers,&st->setup_peers);
1272 st->current.remote_session_id=st->setup_session_id;
1274 /* Compute the inter-site MTU. This is min( our_mtu, their_mtu ).
1275 * But their mtu be unspecified, in which case we just use ours. */
1276 uint32_t intersite_mtu=
1277 MIN(st->mtu_target, st->remote_adv_mtu ?: ~(uint32_t)0);
1278 st->netlink->set_mtu(st->netlink->st,intersite_mtu);
1280 slog(st,LOG_ACTIVATE_KEY,"new key activated"
1281 " (mtu ours=%"PRId32" theirs=%"PRId32" intersite=%"PRId32")",
1282 st->mtu_target, st->remote_adv_mtu, intersite_mtu);
1283 enter_state_run(st);
1286 static void delete_one_key(struct site *st, struct data_key *key,
1287 cstring_t reason, cstring_t which, uint32_t loglevel)
1289 if (!is_transform_valid(key->transform)) return;
1290 if (reason) slog(st,loglevel,"%s deleted (%s)",which,reason);
1291 dispose_transform(&key->transform);
1295 static void delete_keys(struct site *st, cstring_t reason, uint32_t loglevel)
1297 if (current_valid(st)) {
1298 slog(st,loglevel,"session closed (%s)",reason);
1300 delete_one_key(st,&st->current,0,0,0);
1301 set_link_quality(st);
1303 delete_one_key(st,&st->auxiliary_key,0,0,0);
1306 static void state_assert(struct site *st, bool_t ok)
1308 if (!ok) fatal("site:state_assert");
1311 static void enter_state_stop(struct site *st)
1313 st->state=SITE_STOP;
1315 delete_keys(st,"entering state STOP",LOG_TIMEOUT_KEY);
1316 dispose_transform(&st->new_transform);
1319 static void set_link_quality(struct site *st)
1322 if (current_valid(st))
1323 quality=LINK_QUALITY_UP;
1324 else if (st->state==SITE_WAIT || st->state==SITE_STOP)
1325 quality=LINK_QUALITY_DOWN;
1326 else if (st->address)
1327 quality=LINK_QUALITY_DOWN_CURRENT_ADDRESS;
1328 else if (transport_peers_valid(&st->peers))
1329 quality=LINK_QUALITY_DOWN_STALE_ADDRESS;
1331 quality=LINK_QUALITY_DOWN;
1333 st->netlink->set_quality(st->netlink->st,quality);
1336 static void enter_state_run(struct site *st)
1338 slog(st,LOG_STATE,"entering state RUN");
1342 st->setup_session_id=0;
1343 transport_peers_clear(st,&st->setup_peers);
1344 FILLZERO(st->localN);
1345 FILLZERO(st->remoteN);
1346 dispose_transform(&st->new_transform);
1347 memset(st->dhsecret,0,st->dh->len);
1348 memset(st->sharedsecret,0,st->sharedsecretlen);
1349 set_link_quality(st);
1352 static bool_t ensure_resolving(struct site *st)
1354 /* Reentrancy hazard: may call site_resolve_callback and hence
1355 * enter_new_state, enter_state_* and generate_msg*. */
1359 assert(st->address);
1361 /* resolver->request might reentrantly call site_resolve_callback
1362 * which will clear st->resolving, so we need to set it beforehand
1363 * rather than afterwards; also, it might return False, in which
1364 * case we have to clear ->resolving again. */
1366 bool_t ok = st->resolver->request(st->resolver->st,st->address,
1367 site_resolve_callback,st);
1369 st->resolving=False;
1374 static bool_t enter_state_resolve(struct site *st)
1376 /* Reentrancy hazard! See ensure_resolving. */
1377 state_assert(st,st->state==SITE_RUN);
1378 slog(st,LOG_STATE,"entering state RESOLVE");
1379 st->state=SITE_RESOLVE;
1380 return ensure_resolving(st);
1383 static bool_t enter_new_state(struct site *st, uint32_t next)
1385 bool_t (*gen)(struct site *st);
1388 slog(st,LOG_STATE,"entering state %s",state_name(next));
1391 state_assert(st,st->state==SITE_RUN || st->state==SITE_RESOLVE);
1395 state_assert(st,st->state==SITE_RUN || st->state==SITE_RESOLVE ||
1396 st->state==SITE_SENTMSG1 || st->state==SITE_WAIT);
1400 state_assert(st,st->state==SITE_SENTMSG1);
1401 BUF_FREE(&st->buffer);
1405 state_assert(st,st->state==SITE_SENTMSG2);
1406 BUF_FREE(&st->buffer);
1410 state_assert(st,st->state==SITE_SENTMSG3);
1411 BUF_FREE(&st->buffer);
1415 state_assert(st,st->state==SITE_SENTMSG4);
1416 BUF_FREE(&st->buffer);
1421 fatal("enter_new_state(%s): invalid new state",state_name(next));
1425 if (hacky_par_start_failnow()) return False;
1427 r= gen(st) && send_msg(st);
1430 st->setup_retries, st->setup_retry_interval,
1435 if (next==SITE_RUN) {
1436 BUF_FREE(&st->buffer); /* Never reused */
1437 st->timeout=0; /* Never retransmit */
1438 activate_new_key(st);
1442 slog(st,LOG_ERROR,"error entering state %s",state_name(next));
1443 st->buffer.free=False; /* Unconditionally use the buffer; it may be
1444 in either state, and enter_state_wait() will
1446 enter_state_wait(st);
1450 /* msg7 tells our peer that we're about to forget our key */
1451 static bool_t send_msg7(struct site *st, cstring_t reason)
1453 cstring_t transform_err;
1455 if (current_valid(st) && st->buffer.free
1456 && transport_peers_valid(&st->peers)) {
1457 BUF_ALLOC(&st->buffer,"site:MSG7");
1458 buffer_init(&st->buffer,calculate_max_start_pad());
1459 buf_append_uint32(&st->buffer,LABEL_MSG7);
1460 buf_append_string(&st->buffer,reason);
1461 if (call_transform_forwards(st, st->current.transform,
1462 &st->buffer, &transform_err))
1464 buf_prepend_uint32(&st->buffer,LABEL_MSG0);
1465 buf_prepend_uint32(&st->buffer,st->index);
1466 buf_prepend_uint32(&st->buffer,st->current.remote_session_id);
1467 transport_xmit(st,&st->peers,&st->buffer,True);
1468 BUF_FREE(&st->buffer);
1475 /* We go into this state if our peer becomes uncommunicative. Similar to
1476 the "stop" state, we forget all session keys for a while, before
1477 re-entering the "run" state. */
1478 static void enter_state_wait(struct site *st)
1480 slog(st,LOG_STATE,"entering state WAIT");
1481 st->timeout=st->now+st->wait_timeout;
1482 st->state=SITE_WAIT;
1483 set_link_quality(st);
1484 BUF_FREE(&st->buffer); /* will have had an outgoing packet in it */
1485 /* XXX Erase keys etc. */
1488 static void generate_prod(struct site *st, struct buffer_if *buf)
1491 buf_append_uint32(buf,0);
1492 buf_append_uint32(buf,0);
1493 buf_append_uint32(buf,LABEL_PROD);
1494 buf_append_string(buf,st->localname);
1495 buf_append_string(buf,st->remotename);
1498 static void generate_send_prod(struct site *st,
1499 const struct comm_addr *source)
1501 if (!st->allow_send_prod) return; /* too soon */
1502 if (!(st->state==SITE_RUN || st->state==SITE_RESOLVE ||
1503 st->state==SITE_WAIT)) return; /* we'd ignore peer's MSG1 */
1505 slog(st,LOG_SETUP_INIT,"prodding peer for key exchange");
1506 st->allow_send_prod=0;
1507 generate_prod(st,&st->scratch);
1508 dump_packet(st,&st->scratch,source,False);
1509 source->comm->sendmsg(source->comm->st, &st->scratch, source);
1512 static inline void site_settimeout(uint64_t timeout, int *timeout_io)
1515 int64_t offset=timeout-*now;
1516 if (offset<0) offset=0;
1517 if (offset>INT_MAX) offset=INT_MAX;
1518 if (*timeout_io<0 || offset<*timeout_io)
1523 static int site_beforepoll(void *sst, struct pollfd *fds, int *nfds_io,
1526 struct site *st=sst;
1528 *nfds_io=0; /* We don't use any file descriptors */
1531 /* Work out when our next timeout is. The earlier of 'timeout' or
1532 'current.key_timeout'. A stored value of '0' indicates no timeout
1534 site_settimeout(st->timeout, timeout_io);
1535 site_settimeout(st->current.key_timeout, timeout_io);
1536 site_settimeout(st->auxiliary_key.key_timeout, timeout_io);
1538 return 0; /* success */
1541 static void check_expiry(struct site *st, struct data_key *key,
1544 if (key->key_timeout && *now>key->key_timeout) {
1545 delete_one_key(st,key,"maximum life exceeded",which,LOG_TIMEOUT_KEY);
1549 /* NB site_afterpoll will be called before site_beforepoll is ever called */
1550 static void site_afterpoll(void *sst, struct pollfd *fds, int nfds)
1552 struct site *st=sst;
1555 if (st->timeout && *now>st->timeout) {
1557 if (st->state>=SITE_SENTMSG1 && st->state<=SITE_SENTMSG5) {
1558 if (!hacky_par_start_failnow())
1560 } else if (st->state==SITE_WAIT) {
1561 enter_state_run(st);
1563 slog(st,LOG_ERROR,"site_afterpoll: unexpected timeout, state=%d",
1567 check_expiry(st,&st->current,"current key");
1568 check_expiry(st,&st->auxiliary_key,"auxiliary key");
1571 /* This function is called by the netlink device to deliver packets
1572 intended for the remote network. The packet is in "raw" wire
1573 format, but is guaranteed to be word-aligned. */
1574 static void site_outgoing(void *sst, struct buffer_if *buf)
1576 struct site *st=sst;
1577 cstring_t transform_err;
1579 if (st->state==SITE_STOP) {
1584 st->allow_send_prod=1;
1586 /* In all other states we consider delivering the packet if we have
1587 a valid key and a valid address to send it to. */
1588 if (current_valid(st) && transport_peers_valid(&st->peers)) {
1589 /* Transform it and send it */
1591 buf_prepend_uint32(buf,LABEL_MSG9);
1592 if (call_transform_forwards(st, st->current.transform,
1593 buf, &transform_err))
1595 buf_prepend_uint32(buf,LABEL_MSG0);
1596 buf_prepend_uint32(buf,st->index);
1597 buf_prepend_uint32(buf,st->current.remote_session_id);
1598 transport_xmit(st,&st->peers,buf,False);
1605 slog(st,LOG_DROP,"discarding outgoing packet of size %d",buf->size);
1607 initiate_key_setup(st,"outgoing packet",0);
1610 static bool_t named_for_us(struct site *st, const struct buffer_if *buf_in,
1611 uint32_t type, struct msg *m)
1612 /* For packets which are identified by the local and remote names.
1613 * If it has our name and our peer's name in it it's for us. */
1615 struct buffer_if buf[1];
1616 buffer_readonly_clone(buf,buf_in);
1617 return unpick_msg(st,type,buf,m)
1618 && name_matches(&m->remote,st->remotename)
1619 && name_matches(&m->local,st->localname);
1622 /* This function is called by the communication device to deliver
1623 packets from our peers.
1624 It should return True if the packet is recognised as being for
1625 this current site instance (and should therefore not be processed
1626 by other sites), even if the packet was otherwise ignored. */
1627 static bool_t site_incoming(void *sst, struct buffer_if *buf,
1628 const struct comm_addr *source)
1630 struct site *st=sst;
1632 if (buf->size < 12) return False;
1634 uint32_t dest=get_uint32(buf->start);
1635 uint32_t msgtype=get_uint32(buf->start+8);
1636 struct msg named_msg;
1638 if (msgtype==LABEL_MSG1) {
1639 if (!named_for_us(st,buf,msgtype,&named_msg))
1641 /* It's a MSG1 addressed to us. Decide what to do about it. */
1642 dump_packet(st,buf,source,True);
1643 if (st->state==SITE_RUN || st->state==SITE_RESOLVE ||
1644 st->state==SITE_WAIT) {
1645 /* We should definitely process it */
1646 transport_compute_setupinit_peers(st,0,source);
1647 if (process_msg1(st,buf,source,&named_msg)) {
1648 slog(st,LOG_SETUP_INIT,"key setup initiated by peer");
1649 bool_t entered=enter_new_state(st,SITE_SENTMSG2);
1650 if (entered && st->address && st->local_mobile)
1651 /* We must do this as the very last thing, because
1652 the resolver callback might reenter us. */
1653 ensure_resolving(st);
1655 slog(st,LOG_ERROR,"failed to process incoming msg1");
1659 } else if (st->state==SITE_SENTMSG1) {
1660 /* We've just sent a message 1! They may have crossed on
1661 the wire. If we have priority then we ignore the
1662 incoming one, otherwise we process it as usual. */
1663 if (st->setup_priority) {
1665 slog(st,LOG_DUMP,"crossed msg1s; we are higher "
1666 "priority => ignore incoming msg1");
1669 slog(st,LOG_DUMP,"crossed msg1s; we are lower "
1670 "priority => use incoming msg1");
1671 if (process_msg1(st,buf,source,&named_msg)) {
1672 BUF_FREE(&st->buffer); /* Free our old message 1 */
1673 transport_setup_msgok(st,source);
1674 enter_new_state(st,SITE_SENTMSG2);
1676 slog(st,LOG_ERROR,"failed to process an incoming "
1677 "crossed msg1 (we have low priority)");
1683 /* The message 1 was received at an unexpected stage of the
1684 key setup. XXX POLICY - what do we do? */
1685 slog(st,LOG_UNEXPECTED,"unexpected incoming message 1");
1689 if (msgtype==LABEL_PROD) {
1690 if (!named_for_us(st,buf,msgtype,&named_msg))
1692 dump_packet(st,buf,source,True);
1693 if (st->state!=SITE_RUN) {
1694 slog(st,LOG_DROP,"ignoring PROD when not in state RUN");
1695 } else if (current_valid(st)) {
1696 slog(st,LOG_DROP,"ignoring PROD when we think we have a key");
1698 initiate_key_setup(st,"peer sent PROD packet",source);
1703 if (dest==st->index) {
1704 /* Explicitly addressed to us */
1705 if (msgtype!=LABEL_MSG0) dump_packet(st,buf,source,True);
1708 /* If the source is our current peer then initiate a key setup,
1709 because our peer's forgotten the key */
1710 if (get_uint32(buf->start+4)==st->current.remote_session_id) {
1712 initiated = initiate_key_setup(st,"received a NAK",source);
1713 if (!initiated) generate_send_prod(st,source);
1715 slog(st,LOG_SEC,"bad incoming NAK");
1719 process_msg0(st,buf,source);
1722 /* Setup packet: should not have been explicitly addressed
1724 slog(st,LOG_SEC,"incoming explicitly addressed msg1");
1727 /* Setup packet: expected only in state SENTMSG1 */
1728 if (st->state!=SITE_SENTMSG1) {
1729 slog(st,LOG_UNEXPECTED,"unexpected MSG2");
1730 } else if (process_msg2(st,buf,source)) {
1731 transport_setup_msgok(st,source);
1732 enter_new_state(st,SITE_SENTMSG3);
1734 slog(st,LOG_SEC,"invalid MSG2");
1739 /* Setup packet: expected only in state SENTMSG2 */
1740 if (st->state!=SITE_SENTMSG2) {
1741 slog(st,LOG_UNEXPECTED,"unexpected MSG3");
1742 } else if (process_msg3(st,buf,source,msgtype)) {
1743 transport_setup_msgok(st,source);
1744 enter_new_state(st,SITE_SENTMSG4);
1746 slog(st,LOG_SEC,"invalid MSG3");
1750 /* Setup packet: expected only in state SENTMSG3 */
1751 if (st->state!=SITE_SENTMSG3) {
1752 slog(st,LOG_UNEXPECTED,"unexpected MSG4");
1753 } else if (process_msg4(st,buf,source)) {
1754 transport_setup_msgok(st,source);
1755 enter_new_state(st,SITE_SENTMSG5);
1757 slog(st,LOG_SEC,"invalid MSG4");
1761 /* Setup packet: expected only in state SENTMSG4 */
1762 /* (may turn up in state RUN if our return MSG6 was lost
1763 and the new key has already been activated. In that
1764 case we discard it. The peer will realise that we
1765 are using the new key when they see our data packets.
1766 Until then the peer's data packets to us get discarded. */
1767 if (st->state==SITE_SENTMSG4) {
1768 if (process_msg5(st,buf,source,st->new_transform)) {
1769 transport_setup_msgok(st,source);
1770 enter_new_state(st,SITE_RUN);
1772 slog(st,LOG_SEC,"invalid MSG5");
1774 } else if (st->state==SITE_RUN) {
1775 if (process_msg5(st,buf,source,st->current.transform)) {
1776 slog(st,LOG_DROP,"got MSG5, retransmitting MSG6");
1777 transport_setup_msgok(st,source);
1778 create_msg6(st,st->current.transform,
1779 st->current.remote_session_id);
1780 transport_xmit(st,&st->peers,&st->buffer,True);
1781 BUF_FREE(&st->buffer);
1783 slog(st,LOG_SEC,"invalid MSG5 (in state RUN)");
1786 slog(st,LOG_UNEXPECTED,"unexpected MSG5");
1790 /* Setup packet: expected only in state SENTMSG5 */
1791 if (st->state!=SITE_SENTMSG5) {
1792 slog(st,LOG_UNEXPECTED,"unexpected MSG6");
1793 } else if (process_msg6(st,buf,source)) {
1794 BUF_FREE(&st->buffer); /* Free message 5 */
1795 transport_setup_msgok(st,source);
1796 activate_new_key(st);
1798 slog(st,LOG_SEC,"invalid MSG6");
1802 slog(st,LOG_SEC,"received message of unknown type 0x%08x",
1813 static void site_control(void *vst, bool_t run)
1815 struct site *st=vst;
1816 if (run) enter_state_run(st);
1817 else enter_state_stop(st);
1820 static void site_phase_hook(void *sst, uint32_t newphase)
1822 struct site *st=sst;
1824 /* The program is shutting down; tell our peer */
1825 send_msg7(st,"shutting down");
1828 static list_t *site_apply(closure_t *self, struct cloc loc, dict_t *context,
1831 static uint32_t index_sequence;
1837 st=safe_malloc(sizeof(*st),"site_apply");
1839 st->cl.description="site";
1840 st->cl.type=CL_SITE;
1842 st->cl.interface=&st->ops;
1844 st->ops.control=site_control;
1845 st->ops.status=site_status;
1847 /* First parameter must be a dict */
1848 item=list_elem(args,0);
1849 if (!item || item->type!=t_dict)
1850 cfgfatal(loc,"site","parameter must be a dictionary\n");
1852 dict=item->data.dict;
1853 st->localname=dict_read_string(dict, "local-name", True, "site", loc);
1854 st->remotename=dict_read_string(dict, "name", True, "site", loc);
1856 st->peer_mobile=dict_read_bool(dict,"mobile",False,"site",loc,False);
1858 dict_read_bool(dict,"local-mobile",False,"site",loc,False);
1860 /* Sanity check (which also allows the 'sites' file to include
1861 site() closures for all sites including our own): refuse to
1862 talk to ourselves */
1863 if (strcmp(st->localname,st->remotename)==0) {
1864 Message(M_DEBUG,"site %s: local-name==name -> ignoring this site\n",
1866 if (st->peer_mobile != st->local_mobile)
1867 cfgfatal(loc,"site","site %s's peer-mobile=%d"
1868 " but our local-mobile=%d\n",
1869 st->localname, st->peer_mobile, st->local_mobile);
1873 if (st->peer_mobile && st->local_mobile) {
1874 Message(M_WARNING,"site %s: site is mobile but so are we"
1875 " -> ignoring this site\n", st->remotename);
1880 assert(index_sequence < 0xffffffffUL);
1881 st->index = ++index_sequence;
1882 st->local_capabilities = 0;
1883 st->netlink=find_cl_if(dict,"link",CL_NETLINK,True,"site",loc);
1885 #define GET_CLOSURE_LIST(dictkey,things,nthings,CL_TYPE) do{ \
1886 list_t *things##_cfg=dict_lookup(dict,dictkey); \
1887 if (!things##_cfg) \
1888 cfgfatal(loc,"site","closure list \"%s\" not found\n",dictkey); \
1889 st->nthings=list_length(things##_cfg); \
1890 st->things=safe_malloc_ary(sizeof(*st->things),st->nthings,dictkey "s"); \
1891 assert(st->nthings); \
1892 for (i=0; i<st->nthings; i++) { \
1893 item_t *item=list_elem(things##_cfg,i); \
1894 if (item->type!=t_closure) \
1895 cfgfatal(loc,"site","%s is not a closure\n",dictkey); \
1896 closure_t *cl=item->data.closure; \
1897 if (cl->type!=CL_TYPE) \
1898 cfgfatal(loc,"site","%s closure wrong type\n",dictkey); \
1899 st->things[i]=cl->interface; \
1903 GET_CLOSURE_LIST("comm",comms,ncomms,CL_COMM);
1905 st->resolver=find_cl_if(dict,"resolver",CL_RESOLVER,True,"site",loc);
1906 st->log=find_cl_if(dict,"log",CL_LOG,True,"site",loc);
1907 st->random=find_cl_if(dict,"random",CL_RANDOMSRC,True,"site",loc);
1909 st->privkey=find_cl_if(dict,"local-key",CL_RSAPRIVKEY,True,"site",loc);
1910 st->address=dict_read_string(dict, "address", False, "site", loc);
1912 st->remoteport=dict_read_number(dict,"port",True,"site",loc,0);
1913 else st->remoteport=0;
1914 st->pubkey=find_cl_if(dict,"key",CL_RSAPUBKEY,True,"site",loc);
1916 GET_CLOSURE_LIST("transform",transforms,ntransforms,CL_TRANSFORM);
1918 st->dh=find_cl_if(dict,"dh",CL_DH,True,"site",loc);
1919 st->hash=find_cl_if(dict,"hash",CL_HASH,True,"site",loc);
1921 #define DEFAULT(D) (st->peer_mobile || st->local_mobile \
1922 ? DEFAULT_MOBILE_##D : DEFAULT_##D)
1923 #define CFG_NUMBER(k,D) dict_read_number(dict,(k),False,"site",loc,DEFAULT(D));
1925 st->key_lifetime= CFG_NUMBER("key-lifetime", KEY_LIFETIME);
1926 st->setup_retries= CFG_NUMBER("setup-retries", SETUP_RETRIES);
1927 st->setup_retry_interval= CFG_NUMBER("setup-timeout", SETUP_RETRY_INTERVAL);
1928 st->wait_timeout= CFG_NUMBER("wait-time", WAIT_TIME);
1929 st->mtu_target= dict_read_number(dict,"mtu-target",False,"site",loc,0);
1931 st->mobile_peer_expiry= dict_read_number(
1932 dict,"mobile-peer-expiry",False,"site",loc,DEFAULT_MOBILE_PEER_EXPIRY);
1934 st->transport_peers_max= !st->peer_mobile ? 1 : dict_read_number(
1935 dict,"mobile-peers-max",False,"site",loc,DEFAULT_MOBILE_PEERS_MAX);
1936 if (st->transport_peers_max<1 ||
1937 st->transport_peers_max>=MAX_MOBILE_PEERS_MAX) {
1938 cfgfatal(loc,"site","mobile-peers-max must be in range 1.."
1939 STRING(MAX_MOBILE_PEERS_MAX) "\n");
1942 if (st->key_lifetime < DEFAULT(KEY_RENEGOTIATE_GAP)*2)
1943 st->key_renegotiate_time=st->key_lifetime/2;
1945 st->key_renegotiate_time=st->key_lifetime-DEFAULT(KEY_RENEGOTIATE_GAP);
1946 st->key_renegotiate_time=dict_read_number(
1947 dict,"renegotiate-time",False,"site",loc,st->key_renegotiate_time);
1948 if (st->key_renegotiate_time > st->key_lifetime) {
1949 cfgfatal(loc,"site",
1950 "renegotiate-time must be less than key-lifetime\n");
1953 st->log_events=string_list_to_word(dict_lookup(dict,"log-events"),
1954 log_event_table,"site");
1956 st->resolving=False;
1957 st->allow_send_prod=0;
1959 st->tunname=safe_malloc(strlen(st->localname)+strlen(st->remotename)+5,
1961 sprintf(st->tunname,"%s<->%s",st->localname,st->remotename);
1963 /* The information we expect to see in incoming messages of type 1 */
1964 /* fixme: lots of unchecked overflows here, but the results are only
1965 corrupted packets rather than undefined behaviour */
1966 st->setup_priority=(strcmp(st->localname,st->remotename)>0);
1968 buffer_new(&st->buffer,SETUP_BUFFER_LEN);
1970 buffer_new(&st->scratch,SETUP_BUFFER_LEN);
1971 BUF_ALLOC(&st->scratch,"site:scratch");
1973 /* We are interested in poll(), but only for timeouts. We don't have
1974 any fds of our own. */
1975 register_for_poll(st, site_beforepoll, site_afterpoll, 0, "site");
1978 st->remote_capabilities=0;
1979 st->chosen_transform=0;
1980 st->current.key_timeout=0;
1981 st->auxiliary_key.key_timeout=0;
1982 transport_peers_clear(st,&st->peers);
1983 transport_peers_clear(st,&st->setup_peers);
1984 /* XXX mlock these */
1985 st->dhsecret=safe_malloc(st->dh->len,"site:dhsecret");
1986 st->sharedsecretlen=st->sharedsecretallocd=0;
1989 for (i=0; i<st->ntransforms; i++) {
1990 struct transform_if *ti=st->transforms[i];
1991 uint32_t capbit = 1UL << ti->capab_transformnum;
1992 if (st->local_capabilities & capbit)
1993 slog(st,LOG_ERROR,"transformnum capability bit"
1994 " %d (%#"PRIx32") reused", ti->capab_transformnum, capbit);
1995 st->local_capabilities |= capbit;
1998 /* We need to register the remote networks with the netlink device */
1999 uint32_t netlink_mtu; /* local virtual interface mtu */
2000 st->netlink->reg(st->netlink->st, site_outgoing, st, &netlink_mtu);
2001 if (!st->mtu_target)
2002 st->mtu_target=netlink_mtu;
2004 for (i=0; i<st->ncomms; i++)
2005 st->comms[i]->request_notify(st->comms[i]->st, st, site_incoming);
2007 st->current.transform=0;
2008 st->auxiliary_key.transform=0;
2009 st->new_transform=0;
2010 st->auxiliary_is_new=0;
2012 enter_state_stop(st);
2014 add_hook(PHASE_SHUTDOWN,site_phase_hook,st);
2016 return new_closure(&st->cl);
2019 void site_module(dict_t *dict)
2021 add_closure(dict,"site",site_apply);
2025 /***** TRANSPORT PEERS definitions *****/
2027 static void transport_peers_debug(struct site *st, transport_peers *dst,
2028 const char *didwhat,
2029 int nargs, const struct comm_addr *args,
2034 if (!(st->log_events & LOG_PEER_ADDRS))
2035 return; /* an optimisation */
2037 slog(st, LOG_PEER_ADDRS, "peers (%s) %s nargs=%d => npeers=%d",
2038 (dst==&st->peers ? "data" :
2039 dst==&st->setup_peers ? "setup" : "UNKNOWN"),
2040 didwhat, nargs, dst->npeers);
2042 for (i=0, argp=(void*)args;
2044 i++, (argp+=stride?stride:sizeof(*args))) {
2045 const struct comm_addr *ca=(void*)argp;
2046 slog(st, LOG_PEER_ADDRS, " args: addrs[%d]=%s",
2047 i, comm_addr_to_string(ca));
2049 for (i=0; i<dst->npeers; i++) {
2050 struct timeval diff;
2051 timersub(tv_now,&dst->peers[i].last,&diff);
2052 const struct comm_addr *ca=&dst->peers[i].addr;
2053 slog(st, LOG_PEER_ADDRS, " peers: addrs[%d]=%s T-%ld.%06ld",
2054 i, comm_addr_to_string(ca),
2055 (unsigned long)diff.tv_sec, (unsigned long)diff.tv_usec);
2059 static int transport_peer_compar(const void *av, const void *bv) {
2060 const transport_peer *a=av;
2061 const transport_peer *b=bv;
2062 /* put most recent first in the array */
2063 if (timercmp(&a->last, &b->last, <)) return +1;
2064 if (timercmp(&a->last, &b->last, >)) return -11;
2068 static void transport_peers_expire(struct site *st, transport_peers *peers) {
2069 /* peers must be sorted first */
2070 int previous_peers=peers->npeers;
2071 struct timeval oldest;
2072 oldest.tv_sec = tv_now->tv_sec - st->mobile_peer_expiry;
2073 oldest.tv_usec = tv_now->tv_usec;
2074 while (peers->npeers>1 &&
2075 timercmp(&peers->peers[peers->npeers-1].last, &oldest, <))
2077 if (peers->npeers != previous_peers)
2078 transport_peers_debug(st,peers,"expire", 0,0,0);
2081 static void transport_record_peer(struct site *st, transport_peers *peers,
2082 const struct comm_addr *addr, const char *m) {
2083 int slot, changed=0;
2085 for (slot=0; slot<peers->npeers; slot++)
2086 if (!memcmp(&peers->peers[slot].addr, addr, sizeof(*addr)))
2090 if (peers->npeers==st->transport_peers_max)
2091 slot=st->transport_peers_max-1;
2093 slot=peers->npeers++;
2096 peers->peers[slot].addr=*addr;
2097 peers->peers[slot].last=*tv_now;
2099 if (peers->npeers>1)
2100 qsort(peers->peers, peers->npeers,
2101 sizeof(*peers->peers), transport_peer_compar);
2103 if (changed || peers->npeers!=1)
2104 transport_peers_debug(st,peers,m, 1,addr,0);
2105 transport_peers_expire(st, peers);
2108 static bool_t transport_compute_setupinit_peers(struct site *st,
2109 const struct comm_addr *configured_addr /* 0 if none or not found */,
2110 const struct comm_addr *incoming_packet_addr /* 0 if none */) {
2112 if (!configured_addr && !incoming_packet_addr &&
2113 !transport_peers_valid(&st->peers))
2116 slog(st,LOG_SETUP_INIT,
2117 "using:%s%s %d old peer address(es)",
2118 configured_addr ? " configured address;" : "",
2119 incoming_packet_addr ? " incoming packet address;" : "",
2122 /* Non-mobile peers have st->peers.npeers==0 or ==1, since they
2123 * have transport_peers_max==1. The effect is that this code
2124 * always uses the configured address if supplied, or otherwise
2125 * the address of the incoming PROD, or the existing data peer if
2126 * one exists; this is as desired. */
2128 transport_peers_copy(st,&st->setup_peers,&st->peers);
2130 if (incoming_packet_addr)
2131 transport_record_peer(st,&st->setup_peers,incoming_packet_addr,
2134 if (configured_addr)
2135 transport_record_peer(st,&st->setup_peers,configured_addr,"setupinit");
2137 assert(transport_peers_valid(&st->setup_peers));
2141 static void transport_setup_msgok(struct site *st, const struct comm_addr *a) {
2142 if (st->peer_mobile)
2143 transport_record_peer(st,&st->setup_peers,a,"setupmsg");
2145 static void transport_data_msgok(struct site *st, const struct comm_addr *a) {
2146 if (st->peer_mobile)
2147 transport_record_peer(st,&st->peers,a,"datamsg");
2150 static int transport_peers_valid(transport_peers *peers) {
2151 return peers->npeers;
2153 static void transport_peers_clear(struct site *st, transport_peers *peers) {
2155 transport_peers_debug(st,peers,"clear",0,0,0);
2157 static void transport_peers_copy(struct site *st, transport_peers *dst,
2158 const transport_peers *src) {
2159 dst->npeers=src->npeers;
2160 memcpy(dst->peers, src->peers, sizeof(*dst->peers) * dst->npeers);
2161 transport_peers_debug(st,dst,"copy",
2162 src->npeers, &src->peers->addr, sizeof(*src->peers));
2165 static void transport_resolve_complete(struct site *st,
2166 const struct comm_addr *ca_use) {
2167 transport_record_peer(st,&st->peers,ca_use,"resolved data");
2168 transport_record_peer(st,&st->setup_peers,ca_use,"resolved setup");
2171 static void transport_resolve_complete_tardy(struct site *st,
2172 const struct comm_addr *ca_use) {
2173 transport_record_peer(st,&st->peers,ca_use,"resolved tardily");
2176 void transport_xmit(struct site *st, transport_peers *peers,
2177 struct buffer_if *buf, bool_t candebug) {
2179 transport_peers_expire(st, peers);
2180 for (slot=0; slot<peers->npeers; slot++) {
2181 transport_peer *peer=&peers->peers[slot];
2183 dump_packet(st, buf, &peer->addr, False);
2184 peer->addr.comm->sendmsg(peer->addr.comm->st, buf, &peer->addr);
2188 /***** END of transport peers declarations *****/