1 /* 2 * UFTP - UDP based FTP with multicast 3 * 4 * Copyright (C) 2001-2020 Dennis A. Bush, Jr. bush@tcnj.edu 5 * 6 * This program is free software: you can redistribute it and/or modify 7 * it under the terms of the GNU General Public License as published by 8 * the Free Software Foundation, either version 3 of the License, or 9 * (at your option) any later version. 10 * 11 * This program is distributed in the hope that it will be useful, 12 * but WITHOUT ANY WARRANTY; without even the implied warranty of 13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14 * GNU General Public License for more details. 15 * 16 * You should have received a copy of the GNU General Public License 17 * along with this program. If not, see <http://www.gnu.org/licenses/>. 18 * 19 * Additional permission under GNU GPL version 3 section 7 20 * 21 * If you modify this program, or any covered work, by linking or 22 * combining it with the OpenSSL project's OpenSSL library (or a 23 * modified version of that library), containing parts covered by the 24 * terms of the OpenSSL or SSLeay licenses, the copyright holder 25 * grants you additional permission to convey the resulting work. 26 * Corresponding Source for a non-source form of such a combination 27 * shall include the source code for the parts of OpenSSL used as well 28 * as that of the covered work. 29 */ 30 31 #ifndef _PROXY_H 32 #define _PROXY_H 33 34 #include "uftp_common.h" 35 #include "encryption.h" 36 37 #define MAX_PEND 10 38 #define MAXLIST 100 39 #define KEY_REQ_LIMIT 5 40 41 /** 42 * Type of proxy 43 */ 44 enum proxy_type { 45 UNDEF_PROXY = 0, /// Not specified, indicates an error 46 SERVER_PROXY = 1, /// Server proxy: forwards to a specific place 47 CLIENT_PROXY = 2, /// Client proxy: sends to specified destaddr 48 RESPONSE_PROXY = 3, /// Response proxy: response aggregation only 49 }; 50 51 /** 52 * The state of the given group 53 */ 54 enum proxy_phase { 55 PR_PHASE_REGISTERED = 1, /// Currently setting up group 56 PR_PHASE_READY = 2, /// Still in setup, but received KEYINFO 57 PR_PHASE_RECEIVING = 3, /// Group setup complete 58 PR_PHASE_DONE = 4, /// All clients send COMPLETE for group 59 }; 60 61 /** 62 * The state of a given client when encryption is enabled 63 */ 64 enum proxy_client_state { 65 PR_CLIENT_MUTE = 0, /// Got nothing yet 66 PR_CLIENT_REGISTERED = 1, /// Got REGISTER (and CLIENT_KEY if required) 67 PR_CLIENT_CONF = 2, /// Got REG_CONF from server 68 PR_CLIENT_READY = 3, /// Got INFO_ACK in response to KEYINFO 69 PR_CLIENT_DONE = 4, /// Sent COMPLETE for group 70 }; 71 72 /** 73 * Info for a particular client for the given group 74 * "server" keys are for the proxy's connection to the client 75 */ 76 struct pr_destinfo_t { 77 char name[DESTNAME_LEN]; /// Hostname of client 78 uint32_t id; /// UID of client (network byte order) 79 union key_t client_pubkey; /// The client's public key 80 int client_pubkeytype; /// The type of client's public key 81 union key_t client_dhkey; /// The client's ECDH public key 82 int registered; /// True if we received a REGISTER 83 struct timeval regtime; /// Timestamp from last REGISTER 84 int state; /// State as specified by proxy_client_state 85 int pending; /// Index of pending message 86 uint8_t rand2[RAND_LEN]; /// Client's random number 87 uint8_t *c_context1; /// Client session context 1 88 uint8_t *c_context2; /// Client session context 2 89 int c_context1_len; /// Length of client context 1 90 int c_context2_len; /// Length of client context 2 91 uint8_t premaster[MASTER4_LEN]; /// Premaster secret resulting from ECDH 92 unsigned int premaster_len; /// Length of premaster secret 93 int has_app_keys; /// True if app keys were generated 94 uint8_t s_hs_key[MAXKEY]; /// Symmetric handshake key for proxy 95 uint8_t s_hs_iv[MAXIV]; /// Symmetric handshake IV for proxy 96 uint8_t c_hs_key[MAXKEY]; /// Symmetric handshake key for client 97 uint8_t c_hs_iv[MAXIV]; /// Symmetric handshake IV for client 98 uint8_t c_app_key[MAXKEY]; /// Symmetric application key for client 99 uint8_t c_app_iv[MAXIV]; /// Symmetric application IV for client 100 uint8_t finished_key[HASH_LEN]; /// Key for client finished message 101 uint8_t verify_data[HASH_LEN]; /// Client's finished hash 102 }; 103 104 /** 105 * Info for a message pending to go upstream 106 */ 107 struct pr_pending_info_t { 108 int msg, count; /// Type and number of pending responses 109 uint16_t file_id; /// File ID from last client message 110 struct timeval tstamp; /// Timestamp from last client message 111 struct timeval rx_tstamp; /// Time last client message received 112 uint16_t section; /// Section number from last status 113 uint8_t *naklist; /// NAK list from last status 114 uint8_t partial; /// PARTIAL flag from last FILEINFO_ACK 115 uint8_t comp_status; /// status flag from a COMPLETE 116 }; 117 118 /** 119 * Info for a particular group 120 * "client" keys are for the proxy's connection to the server 121 */ 122 struct pr_group_list_t { 123 uint32_t group_id; /// Group ID 124 uint8_t group_inst; /// Group instance ID (restart number) 125 uint16_t file_id; /// Dummy field, present for logging macros 126 uint8_t version; /// Protocol version number of server 127 uint32_t src_id; /// ID of server 128 double grtt; /// Server's GRTT 129 uint8_t robust, cc_type; /// Robust factor, congestion control type 130 uint32_t gsize; /// Group size estimate 131 int send_seq_up; /// Outgoing upstream seq. number 132 int send_seq_down; /// Outgoing downstream seq. number 133 union sockaddr_u publicmcast, privatemcast; 134 int multi_join; /// True if we're listening on private addr 135 unsigned int blocksize; /// Size of packet payload 136 unsigned int datapacketsize; /// Max size of UFTP packet 137 union sockaddr_u up_addr; /// Upstream addr to send responses back to 138 struct timeval phase_expire_time, phase_timeout_time, timeout_time; 139 struct timeval start_phase_timeout_time, start_timeout_time; 140 int phase, client_auth; 141 int keyinfo_cnt; 142 struct pr_pending_info_t pending[MAX_PEND]; /// Pending messages to send 143 uint8_t last_seq; /// Last sequence number used in STATUS 144 int keytype, hashtype; /// Encryption parameters 145 union key_t server_pubkey; /// Server's public signing key 146 union key_t proxy_privkey; /// Proxy's private signing key for group 147 union key_t server_dhkey; /// Server ECDH public key for this group 148 union key_t proxy_u_dhkey; /// Proxy's upstream ECDH private key 149 union key_t proxy_d_dhkey; /// Proxy's downstream ECDH private key 150 unsigned int server_pubkeytype; /// Type of server key 151 unsigned int proxy_privkeytype; /// Type of proxy key 152 uint8_t rand1[RAND_LEN]; /// Server's random number 153 uint8_t rand2[RAND_LEN]; /// Proxy's random number 154 uint8_t *s_context; /// Server session context 155 uint8_t *c_context1; /// Client session context 1 156 uint8_t *c_context2; /// Client session context 2 157 uint8_t *p_context; /// Proxy session context 158 int s_context_len; /// Length of server context 159 int c_context1_len; /// Length of client context 1 160 int c_context2_len; /// Length of client context 2 161 int p_context_len; /// Length of proxy context 162 uint8_t premaster[MASTER4_LEN]; /// Premaster secret resulting from ECDH 163 uint8_t groupmaster[MASTER4_LEN];/// Group master key from server 164 unsigned int premaster_len; /// Length of premaster secret 165 uint8_t s_hs_key[MAXKEY]; /// Symmetric handshake key for server 166 uint8_t s_hs_iv[MAXIV]; /// Symmetric handshake IV for server 167 uint8_t c_hs_key[MAXKEY]; /// Symmetric handshake key for proxy 168 uint8_t c_hs_iv[MAXIV]; /// Symmetric handshake IV for proxy 169 uint8_t s_app_key[MAXKEY]; /// Symmetric application key for server 170 uint8_t s_app_iv[MAXIV]; /// Symmetric application IV for server 171 uint8_t c_app_key[MAXKEY]; /// Symmetric application key for proxy 172 uint8_t c_app_iv[MAXIV]; /// Symmetric application IV for proxy 173 uint8_t finished_key[HASH_LEN]; /// Key for proxy's finished message 174 uint8_t verify_data[HASH_LEN]; /// Proxy's finished hash 175 uint64_t ivctr; /// Counter portion of the IV 176 int ivlen, keylen, hashlen; /// Length of hash, symmetric key and iv 177 struct pr_destinfo_t destinfo[MAXPROXYDEST]; /// List of clients 178 int destcount; /// Number of clients served by this proxy 179 }; 180 181 /** 182 * Global command line values and sockets 183 */ 184 extern SOCKET listener; 185 extern char pidfile[MAXPATHNAME]; 186 extern char keyfile[MAXLIST][MAXPATHNAME], keyinfo[MAXLIST][MAXPATHNAME]; 187 extern int proxy_type, debug, rcvbuf, dscp, keyfile_count, keyinfo_count; 188 extern int hb_interval, priority, user_abort, use_ssm; 189 extern unsigned int ttl; 190 extern char portname[PORTNAME_LEN], out_portname[PORTNAME_LEN]; 191 extern int port, out_port; 192 extern union sockaddr_u down_addr; 193 extern int have_down_fingerprint; 194 extern uint8_t down_fingerprint[HMAC_LEN]; 195 extern uint32_t down_nonce, uid; 196 extern union sockaddr_u hb_hosts[MAXLIST]; 197 extern union sockaddr_u pub_multi[MAX_INTERFACES]; 198 extern struct fp_list_t server_fp[MAXLIST], client_fp[MAXPROXYDEST]; 199 extern struct iflist ifl[MAX_INTERFACES], m_interface[MAX_INTERFACES]; 200 extern struct timeval next_hb_time, last_key_req; 201 extern int ifl_len, hbhost_count, server_fp_count, client_fp_count; 202 extern int key_count, pub_multi_count, interface_count, sys_keys; 203 extern struct iflist out_if; 204 extern union key_t privkey[MAXLIST]; 205 extern int privkey_type[MAXLIST]; 206 extern union key_t v4_dhkey; 207 extern uint8_t v4_ecdh_curve; 208 extern struct pr_group_list_t group_list[MAXLIST]; 209 210 #endif // _PROXY_H 211 212