1 /* 2 * VDE Cryptcab 3 * Copyright � 2006-2008 Daniele Lacamera 4 * from an idea by Renzo Davoli 5 * 6 * Released under the terms of GNU GPL v.2 7 * (http://www.gnu.org/licenses/old-licenses/gpl-2.0.html) 8 * with the additional exemption that 9 * compiling, linking, and/or using OpenSSL is allowed. 10 * 11 */ 12 13 #ifndef __CRYPTCAB_H 14 #define __CRYPTCAB_H 15 16 #define _GNU_SOURCE 17 #include <sys/types.h> 18 #include <sys/ioctl.h> 19 #include <sys/time.h> 20 #include <sys/stat.h> 21 #include <sys/socket.h> 22 #include <net/if.h> 23 #include <netinet/in.h> 24 #include <arpa/inet.h> 25 #include <fcntl.h> 26 #include <stdio.h> 27 #include <string.h> 28 #include <stdlib.h> 29 #include <unistd.h> 30 #include <errno.h> 31 #include <sys/socket.h> 32 #include <sys/wait.h> 33 #include <netdb.h> 34 #include <dirent.h> 35 #include <getopt.h> 36 #include <signal.h> 37 38 #include <config.h> 39 #include <vde.h> 40 #include <vdecommon.h> 41 42 43 #define PORTNO 7667 44 45 46 #include <openssl/blowfish.h> 47 #include <openssl/evp.h> 48 #include <sys/stat.h> 49 #include <sys/types.h> 50 #include <sys/ioctl.h> 51 #include <sys/time.h> 52 #include <sys/stat.h> 53 #include <sys/socket.h> 54 #include <net/if.h> 55 #include <netinet/in.h> 56 #include <arpa/inet.h> 57 #include <fcntl.h> 58 #include <stdio.h> 59 #include <string.h> 60 #include <stdlib.h> 61 #include <unistd.h> 62 #include <errno.h> 63 #include <time.h> 64 65 #include <config.h> 66 #include <libvdeplug.h> 67 68 #include "crc32.h" 69 70 #define IP_SIZE 1024 71 #define OP_SIZE 1032 72 #define MAXPKT 2000 73 #define FILENAMESIZE 16 74 75 #ifdef XOR 76 #undef XOR 77 #endif 78 #define XOR(a,b) a==b?0:1 79 80 #define before_time(a,b) a.tv_sec==b.tv_sec?a.tv_usec<b.tv_usec:a.tv_sec<b.tv_sec 81 82 #ifdef MIN 83 #undef MIN 84 #endif 85 #define MIN(a,b) a<b?a:b 86 87 #define SRC_VDE 0x0 88 #define SRC_UDP 0x1 89 90 #define PKT_DATA 0x20 91 #define PKT_CTL 0x40 92 93 #define CMD_LOGIN 0x41 94 #define CMD_CHALLENGE 0x42 95 #define CMD_RESPONSE 0x44 96 #define CMD_AUTH_OK 0x48 97 #define CMD_DENY 0x4A 98 #define CMD_KEEPALIVE 0x4F 99 100 #define ST_CLOSED 0x100 101 #define ST_OPENING 0x200 102 #define ST_CHALLENGE 0x300 103 #define ST_AUTH 0x400 104 #define ST_SERVER 0x500 105 #define ST_WAIT_AUTH 0x600 106 107 #define SESSION_TIMEOUT 120 108 #define CHALLENGE_TIMEOUT 20 109 #define PRELOGIN_TIMEOUT 3 110 #define EXPIRE_NOW 0 111 #define time_now(x) gettimeofday(x,NULL) 112 113 enum e_enc_type { 114 ENC_NOENC = 0, 115 ENC_PRESHARED = 1, 116 ENC_SSH = 2 117 }; 118 119 /* 120 * This struct contains the other endpoint's informations. 121 */ 122 struct peer 123 { 124 struct peer *next; /* Next list element */ 125 unsigned long long counter; /* Progressive N number */ 126 unsigned char key[16]; /* Blowfish key */ 127 unsigned char iv[8]; /* Blowfish vector */ 128 char id[FILENAMESIZE]; /* Filename for key on server */ 129 char challenge[128]; /* 128B Challenge for 4WHS */ 130 struct sockaddr_in in_a; /* Current transport address */ 131 struct sockaddr_in handover_a; /* Handover transport address */ 132 struct timeval expire; /* Expiration timer */ 133 unsigned short state; /* Connection state */ 134 VDECONN *plug; /* Vde connection channel */ 135 136 }; 137 #define ip_address(X) X->in_a.sin_addr.s_addr 138 #define after(a,b) (a.tv_sec == b.tv_sec ) ? (a.tv_usec > b.tv_usec) : (a.tv_sec > b.tv_sec) 139 140 141 /* 142 * Each datagram received from network or from vde_plug 143 * is arranged into a struct like this. 144 */ 145 struct datagram 146 { 147 unsigned char data[MAXPKT]; 148 int len; 149 int src; 150 struct peer *orig; 151 }; 152 153 void vc_printlog(int priority, const char *format, ...); 154 155 void 156 send_udp(unsigned char *data, size_t len, struct peer *p, unsigned char flags ); 157 158 void 159 send_vde( const char *data, size_t len, struct peer *p); 160 161 void 162 vde_plug(struct peer *, char *); 163 164 int isvalid_crc32(unsigned char *block, int len); 165 void disable_encryption(void); 166 void set_nfd(int fd); 167 int isvalid_timestamp(unsigned char *block, int size, struct peer *p); 168 int data_encrypt(unsigned char *src, unsigned char *dst, int len, struct peer *p); 169 int data_decrypt(unsigned char *src, unsigned char *dst, int len, struct peer *p); 170 void set_timestamp(unsigned char *block); 171 void send_udp (unsigned char *data, size_t len, struct peer *p, unsigned char flags); 172 void send_vdeplug(const char *data, size_t len, struct peer *p); 173 174 void cryptcab_server(char *_plugname, unsigned short udp_port, enum e_enc_type enc_type, char *pre_shared); 175 void cryptcab_client(char *_plugname, unsigned short udp_port, enum e_enc_type _enc_type, char *_pre_shared, char *_remoteusr, char *_remotehost, unsigned short _remoteport, unsigned char _keepalives, char *scp_extra_options); 176 177 #endif 178