/* site.c - manage communication with a remote network site */
+/*
+ * This file is part of secnet.
+ * See README for full list of copyright holders.
+ *
+ * secnet is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version d of the License, or
+ * (at your option) any later version.
+ *
+ * secnet is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * version 3 along with secnet; if not, see
+ * https://www.gnu.org/licenses/gpl.html.
+ */
+
/* The 'site' code doesn't know anything about the structure of the
packets it's transmitting. In fact, under the new netlink
configuration scheme it doesn't need to know anything at all about
/* configuration information */
string_t localname;
string_t remotename;
+ bool_t keepalive;
bool_t local_mobile, peer_mobile; /* Mobile client support */
int32_t transport_peers_max;
string_t tunname; /* localname<->remotename by default, used in logs */
uint32_t mtu_target;
struct netlink_if *netlink;
struct comm_if **comms;
+ struct comm_clientinfo **commclientinfos;
int ncomms;
struct resolver_if *resolver;
struct log_if *log;
assert(st->sharedsecretlen);
if (st->sharedsecretlen > st->sharedsecretallocd) {
st->sharedsecretallocd=st->sharedsecretlen;
- st->sharedsecret=realloc(st->sharedsecret,st->sharedsecretallocd);
+ st->sharedsecret=safe_realloc_ary(st->sharedsecret,1,
+ st->sharedsecretallocd,
+ "site:sharedsecret");
}
- if (!st->sharedsecret) fatal_perror("site:sharedsecret");
/* Generate the shared key */
st->dh->makeshared(st->dh->st,st->dhsecret,st->dh->len,pk,
case LABEL_MSG7:
/* We must forget about the current session. */
delete_keys(st,"request from peer",LOG_SEC);
+ /* probably, the peer is shutting down, and this is going to fail,
+ * but we need to be trying to bring the link up again */
+ if (st->keepalive)
+ initiate_key_setup(st,"peer requested key teardown",0);
return True;
case LABEL_MSG9:
/* Deliver to netlink layer */
}
static void dump_packet(struct site *st, struct buffer_if *buf,
- const struct comm_addr *addr, bool_t incoming)
+ const struct comm_addr *addr, bool_t incoming,
+ bool_t ok)
{
uint32_t dest=get_uint32(buf->start);
uint32_t source=get_uint32(buf->start+4);
uint32_t msgtype=get_uint32(buf->start+8);
if (st->log_events & LOG_DUMP)
- slilog(st->log,M_DEBUG,"%s: %s: %08x<-%08x: %08x:",
+ slilog(st->log,M_DEBUG,"%s: %s: %08x<-%08x: %08x: %s%s",
st->tunname,incoming?"incoming":"outgoing",
- dest,source,msgtype);
+ dest,source,msgtype,comm_addr_to_string(addr),
+ ok?"":" - fail");
+}
+
+static bool_t comm_addr_sendmsg(struct site *st,
+ const struct comm_addr *dest,
+ struct buffer_if *buf)
+{
+ int i;
+ struct comm_clientinfo *commclientinfo = 0;
+
+ for (i=0; i < st->ncomms; i++) {
+ if (st->comms[i] == dest->comm) {
+ commclientinfo = st->commclientinfos[i];
+ break;
+ }
+ }
+ return dest->comm->sendmsg(dest->comm->st, buf, dest, commclientinfo);
}
static uint32_t site_status(void *st)
st->resolving_n_results_all, naddrs);
}
slog(st,LOG_STATE,"resolution completed, %d addrs, eg: %s",
- naddrs, comm_addr_to_string(&addrs[0]));;
+ naddrs, iaddr_to_string(&addrs[0].ia));;
}
switch (st->state) {
memset(st->dhsecret,0,st->dh->len);
memset(st->sharedsecret,0,st->sharedsecretlen);
set_link_quality(st);
+
+ if (st->keepalive && !current_valid(st))
+ initiate_key_setup(st, "keepalive", 0);
}
static bool_t ensure_resolving(struct site *st)
slog(st,LOG_SETUP_INIT,"prodding peer for key exchange");
st->allow_send_prod=0;
generate_prod(st,&st->scratch);
- dump_packet(st,&st->scratch,source,False);
- source->comm->sendmsg(source->comm->st, &st->scratch, source);
+ bool_t ok = comm_addr_sendmsg(st, source, &st->scratch);
+ dump_packet(st,&st->scratch,source,False,ok);
}
static inline void site_settimeout(uint64_t timeout, int *timeout_io)
if (!named_for_us(st,buf,msgtype,&named_msg))
return False;
/* It's a MSG1 addressed to us. Decide what to do about it. */
- dump_packet(st,buf,source,True);
+ dump_packet(st,buf,source,True,True);
if (st->state==SITE_RUN || st->state==SITE_RESOLVE ||
st->state==SITE_WAIT) {
/* We should definitely process it */
if (msgtype==LABEL_PROD) {
if (!named_for_us(st,buf,msgtype,&named_msg))
return False;
- dump_packet(st,buf,source,True);
+ dump_packet(st,buf,source,True,True);
if (st->state!=SITE_RUN) {
slog(st,LOG_DROP,"ignoring PROD when not in state RUN");
} else if (current_valid(st)) {
}
if (dest==st->index) {
/* Explicitly addressed to us */
- if (msgtype!=LABEL_MSG0) dump_packet(st,buf,source,True);
+ if (msgtype!=LABEL_MSG0) dump_packet(st,buf,source,True,True);
switch (msgtype) {
case LABEL_NAK:
/* If the source is our current peer then initiate a key setup,
send_msg7(st,"shutting down");
}
+static void site_childpersist_clearkeys(void *sst, uint32_t newphase)
+{
+ struct site *st=sst;
+ dispose_transform(&st->current.transform);
+ dispose_transform(&st->auxiliary_key.transform);
+ dispose_transform(&st->new_transform);
+ /* Not much point overwiting the signing key, since we loaded it
+ from disk, and it is only valid prospectively if at all,
+ anyway. */
+ /* XXX it would be best to overwrite the DH state, because that
+ _is_ relevant to forward secrecy. However we have no
+ convenient interface for doing that and in practice gmp has
+ probably dribbled droppings all over the malloc arena. A good
+ way to fix this would be to have a privsep child for asymmetric
+ crypto operations, but that's a task for another day. */
+}
+
static list_t *site_apply(closure_t *self, struct cloc loc, dict_t *context,
list_t *args)
{
dict_t *dict;
int i;
- st=safe_malloc(sizeof(*st),"site_apply");
+ NEW(st);
st->cl.description="site";
st->cl.type=CL_SITE;
st->localname=dict_read_string(dict, "local-name", True, "site", loc);
st->remotename=dict_read_string(dict, "name", True, "site", loc);
+ st->keepalive=dict_read_bool(dict,"keepalive",False,"site",loc,False);
+
st->peer_mobile=dict_read_bool(dict,"mobile",False,"site",loc,False);
st->local_mobile=
dict_read_bool(dict,"local-mobile",False,"site",loc,False);
if (!things##_cfg) \
cfgfatal(loc,"site","closure list \"%s\" not found\n",dictkey); \
st->nthings=list_length(things##_cfg); \
- st->things=safe_malloc_ary(sizeof(*st->things),st->nthings,dictkey "s"); \
+ NEW_ARY(st->things,st->nthings); \
assert(st->nthings); \
for (i=0; i<st->nthings; i++) { \
item_t *item=list_elem(things##_cfg,i); \
GET_CLOSURE_LIST("comm",comms,ncomms,CL_COMM);
+ NEW_ARY(st->commclientinfos, st->ncomms);
+ dict_t *comminfo = dict_read_dict(dict,"comm-info",False,"site",loc);
+ for (i=0; i<st->ncomms; i++) {
+ st->commclientinfos[i] =
+ !comminfo ? 0 :
+ st->comms[i]->clientinfo(st->comms[i],comminfo,loc);
+ }
+
st->resolver=find_cl_if(dict,"resolver",CL_RESOLVER,True,"site",loc);
st->log=find_cl_if(dict,"log",CL_LOG,True,"site",loc);
st->random=find_cl_if(dict,"random",CL_RANDOMSRC,True,"site",loc);
/* We are interested in poll(), but only for timeouts. We don't have
any fds of our own. */
- register_for_poll(st, site_beforepoll, site_afterpoll, 0, "site");
+ register_for_poll(st, site_beforepoll, site_afterpoll, "site");
st->timeout=0;
st->remote_capabilities=0;
enter_state_stop(st);
add_hook(PHASE_SHUTDOWN,site_phase_hook,st);
+ add_hook(PHASE_CHILDPERSIST,site_childpersist_clearkeys,st);
return new_closure(&st->cl);
}
int nfailed=0;
for (slot=0; slot<peers->npeers; slot++) {
transport_peer *peer=&peers->peers[slot];
+ bool_t ok = comm_addr_sendmsg(st, &peer->addr, buf);
if (candebug)
- dump_packet(st, buf, &peer->addr, False);
- bool_t ok =
- peer->addr.comm->sendmsg(peer->addr.comm->st, buf, &peer->addr);
+ dump_packet(st, buf, &peer->addr, False, ok);
if (!ok) {
failed |= 1U << slot;
nfailed++;
transport_peers__copy_by_mask(peers->peers,&wslot,~failed,peers);
assert(wslot+nfailed == peers->npeers);
COPY_ARRAY(peers->peers+wslot, failedpeers, nfailed);
+ transport_peers_debug(st,peers,"mobile failure reorder",0,0,0);
}
} else {
if (failed && peers->npeers > 1) {
int wslot=0;
transport_peers__copy_by_mask(peers->peers,&wslot,~failed,peers);
peers->npeers=wslot;
+ transport_peers_debug(st,peers,"non-mobile failure cleanup",0,0,0);
}
}
}
~ianmdlvl / secnet.git / blobdiff