1 // SoftEther VPN Source Code - Developer Edition Master Branch 2 // Cedar Communication Module 3 // © 2020 Nokia 4 5 // Connection.h 6 // Header of Connection.c 7 8 #ifndef CONNECTION_H 9 #define CONNECTION_H 10 11 #include "Cedar.h" 12 13 #include "Mayaqua/Encrypt.h" 14 #include "Mayaqua/Proxy.h" 15 16 // Magic number indicating that the packet is compressed 17 #define CONNECTION_BULK_COMPRESS_SIGNATURE 0xDEADBEEFCAFEFACEULL 18 19 #define KEEP_ALIVE_STRING "Internet Connection Keep Alive Packet" 20 21 #define UPDATE_LAST_COMM_TIME(v, n) {if ((v) <= (n)) { v = (n); } } 22 23 // KEEP CONNECT structure 24 struct KEEP 25 { 26 LOCK *lock; // Lock 27 bool Server; // Server mode 28 volatile bool Halt; // Stop flag 29 bool Enable; // Enable flag 30 char ServerName[MAX_HOST_NAME_LEN + 1]; // Server name 31 UINT ServerPort; // Server port number 32 bool UdpMode; // UDP mode 33 UINT Interval; // Packet transmission interval 34 THREAD *Thread; // Connection thread 35 EVENT *HaltEvent; // Stop event 36 CANCEL *Cancel; // Cancel 37 }; 38 39 // SECURE_SIGN Structure 40 struct SECURE_SIGN 41 { 42 char SecurePublicCertName[MAX_SECURE_DEVICE_FILE_LEN + 1]; // Secure device certificate name 43 char SecurePrivateKeyName[MAX_SECURE_DEVICE_FILE_LEN + 1]; // Secure device secret key name 44 X *ClientCert; // Client certificate 45 UCHAR Random[SHA1_SIZE]; // Random value for signature 46 UCHAR Signature[4096 / 8]; // Signed data 47 UINT UseSecureDeviceId; 48 UINT BitmapId; // Bitmap ID 49 }; 50 51 // Function type declaration 52 typedef bool (CHECK_CERT_PROC)(SESSION *s, CONNECTION *c, X *server_x, bool *expired); 53 typedef bool (SECURE_SIGN_PROC)(SESSION *s, CONNECTION *c, SECURE_SIGN *sign); 54 55 // RC4 key pair 56 struct RC4_KEY_PAIR 57 { 58 UCHAR ServerToClientKey[16]; 59 UCHAR ClientToServerKey[16]; 60 }; 61 62 // Client Options 63 struct CLIENT_OPTION 64 { 65 wchar_t AccountName[MAX_ACCOUNT_NAME_LEN + 1]; // Connection setting name 66 char Hostname[MAX_HOST_NAME_LEN + 1]; // Host name 67 UINT Port; // Port number 68 UINT PortUDP; // UDP port number (0: Use only TCP) 69 UINT ProxyType; // Type of proxy 70 char ProxyName[MAX_HOST_NAME_LEN + 1]; // Proxy server name 71 UINT ProxyPort; // Port number of the proxy server 72 char ProxyUsername[PROXY_MAX_USERNAME_LEN + 1]; // Maximum user name length 73 char ProxyPassword[PROXY_MAX_PASSWORD_LEN + 1]; // Maximum password length 74 char CustomHttpHeader[HTTP_CUSTOM_HEADER_MAX_SIZE + 1]; // Custom HTTP proxy header 75 UINT NumRetry; // Automatic retries 76 UINT RetryInterval; // Retry interval 77 char HubName[MAX_HUBNAME_LEN + 1]; // HUB name 78 UINT MaxConnection; // Maximum number of concurrent TCP connections 79 bool UseEncrypt; // Use encrypted communication 80 bool UseCompress; // Use data compression 81 bool HalfConnection; // Use half connection in TCP 82 bool NoRoutingTracking; // Disable the routing tracking 83 char DeviceName[MAX_DEVICE_NAME_LEN + 1]; // VLAN device name 84 UINT AdditionalConnectionInterval; // Connection attempt interval when additional connection establish 85 UINT ConnectionDisconnectSpan; // Disconnection interval 86 bool HideStatusWindow; // Hide the status window 87 bool HideNicInfoWindow; // Hide the NIC status window 88 bool RequireMonitorMode; // Monitor port mode 89 bool RequireBridgeRoutingMode; // Bridge or routing mode 90 bool DisableQoS; // Disable the VoIP / QoS function 91 bool FromAdminPack; // For Administration Pack 92 bool NoUdpAcceleration; // Do not use UDP acceleration mode 93 UCHAR HostUniqueKey[SHA1_SIZE]; // Host unique key 94 }; 95 96 // Client authentication data 97 struct CLIENT_AUTH 98 { 99 UINT AuthType; // Authentication type 100 char Username[MAX_USERNAME_LEN + 1]; // User name 101 UCHAR HashedPassword[SHA1_SIZE]; // Hashed passwords 102 char PlainPassword[MAX_PASSWORD_LEN + 1]; // Password 103 X *ClientX; // Client certificate 104 K *ClientK; // Client private key 105 char SecurePublicCertName[MAX_SECURE_DEVICE_FILE_LEN + 1]; // Secure device certificate name 106 char SecurePrivateKeyName[MAX_SECURE_DEVICE_FILE_LEN + 1]; // Secure device secret key name 107 char OpensslEnginePrivateKeyName[MAX_SECURE_DEVICE_FILE_LEN + 1]; // Secure device secret key name 108 char OpensslEngineName[MAX_SECURE_DEVICE_FILE_LEN + 1]; // Secure device secret key name 109 CHECK_CERT_PROC *CheckCertProc; // Server certificate confirmation procedure 110 SECURE_SIGN_PROC *SecureSignProc; // Security signing procedure 111 }; 112 113 // TCP socket data structure 114 struct TCPSOCK 115 { 116 SOCK *Sock; // Socket 117 FIFO *RecvFifo; // Reception buffer 118 FIFO *SendFifo; // Transmission buffer 119 UINT Mode; // Read mode 120 UINT WantSize; // Requested data size 121 UINT NextBlockNum; // Total number of blocks that can be read next 122 UINT NextBlockSize; // Block size that is planned to read next 123 UINT CurrentPacketNum; // Current packet number 124 UINT64 LastCommTime; // Last communicated time 125 UINT64 LastRecvTime; // Time the last data received 126 UINT LateCount; // The number of delay occurences 127 UINT Direction; // Direction 128 UINT64 NextKeepAliveTime; // Next time to send a KeepAlive packet 129 RC4_KEY_PAIR Rc4KeyPair; // RC4 key pair 130 CRYPT *SendKey; // Transmission key 131 CRYPT *RecvKey; // Reception key 132 UINT64 DisconnectTick; // Time to disconnect this connection 133 UINT64 EstablishedTick; // Establishment time 134 }; 135 136 // TCP communication data structure 137 struct TCP 138 { 139 LIST *TcpSockList; // TCP socket list 140 }; 141 142 // UDP communication data structure 143 struct UDP 144 { 145 SOCK *s; // UDP socket (for transmission) 146 IP ip; // Destination IP address 147 UINT port; // Destination port number 148 UINT64 NextKeepAliveTime; // Next time to send a KeepAlive packet 149 UINT64 Seq; // Packet sequence number 150 UINT64 RecvSeq; 151 QUEUE *BufferQueue; // Queue of buffer to be sent 152 }; 153 154 // Data block 155 struct BLOCK 156 { 157 bool Compressed; // Compression flag 158 UINT Size; // Block size 159 UINT SizeofData; // Data size 160 UCHAR *Buf; // Buffer 161 bool PriorityQoS; // Priority packet for VoIP / QoS function 162 UINT Ttl; // TTL value (Used only in ICMP NAT of Virtual.c) 163 UINT Param1; // Parameter 1 164 bool IsFlooding; // Is flooding packet 165 UCHAR RawFlagRetUdpAccel; // Raw flag returned by UDP accel 166 }; 167 168 // Connection structure 169 struct CONNECTION 170 { 171 LOCK *lock; // Lock 172 REF *ref; // Reference counter 173 CEDAR *Cedar; // Cedar 174 struct SESSION *Session; // Session 175 UINT Protocol; // Protocol 176 SOCK *FirstSock; // Socket for negotiation 177 SOCK *TubeSock; // Socket for in-process communication 178 TCP *Tcp; // TCP communication data structure 179 UDP *Udp; // UDP communication data structure 180 bool ServerMode; // Server mode 181 UINT Status; // Status 182 char *Name; // Connection name 183 THREAD *Thread; // Thread 184 volatile bool Halt; // Stop flag 185 UCHAR Random[SHA1_SIZE]; // Random number for Authentication 186 UINT ServerVer; // Server version 187 UINT ServerBuild; // Server build number 188 UINT ClientVer; // Client version 189 UINT ClientBuild; // Client build number 190 char ServerStr[MAX_SERVER_STR_LEN + 1]; // Server string 191 char ClientStr[MAX_CLIENT_STR_LEN + 1]; // Client string 192 UINT Err; // Error value 193 bool ClientConnectError_NoSavePassword; // Don't save the password for the specified user name 194 QUEUE *ReceivedBlocks; // Block queue that is received 195 QUEUE *SendBlocks; // Block queue planned to be sent 196 QUEUE *SendBlocks2; // Send queue (high priority) 197 COUNTER *CurrentNumConnection; // Counter of the number of current connections 198 LIST *ConnectingThreads; // List of connected threads 199 LIST *ConnectingSocks; // List of the connected sockets 200 bool flag1; // Flag 1 201 UCHAR *RecvBuf; // Receive buffer 202 char ServerName[MAX_HOST_NAME_LEN + 1]; // Server name 203 UINT ServerPort; // Port number 204 bool RestoreServerNameAndPort; // Flag to restore the server name and port number to original 205 bool UseTicket; // Ticket using flag 206 UCHAR Ticket[SHA1_SIZE]; // Ticket 207 UINT CurrentSendQueueSize; // Total size of the transmission queue 208 X *ServerX; // Server certificate 209 X *ClientX; // Client certificate 210 char *CipherName; // Encryption algorithm name 211 UINT64 ConnectedTick; // Time it is connected 212 IP ClientIp; // Client IP address 213 char ClientHostname[MAX_HOST_NAME_LEN + 1]; // Client host name 214 UINT Type; // Type 215 void *hWndForUI; // Parent window 216 bool IsInProc; // In-process 217 char InProcPrefix[64]; // Prefix 218 UINT InProcLayer; // InProc layer 219 UINT AdditionalConnectionFailedCounter; // Additional connection failure counter 220 UINT64 LastCounterResetTick; // Time the counter was reset finally 221 bool WasSstp; // Processed the SSTP 222 bool WasDatProxy; // DAT proxy processed 223 UCHAR CToken_Hash[SHA1_SIZE]; // CTOKEN_HASH 224 UINT LastTcpQueueSize; // The last queue size of TCP sockets 225 UINT LastPacketQueueSize; // The last queue size of packets 226 UINT LastRecvFifoTotalSize; // The last RecvFifo total size 227 UINT LastRecvBlocksNum; // The last ReceivedBlocks num 228 bool IsJsonRpc; // Is JSON-RPC 229 bool JsonRpcAuthed; // JSON-RPC Authed 230 LISTENER *Listener; // Listener ref 231 }; 232 233 234 235 // Function prototypes 236 237 CONNECTION *NewClientConnection(SESSION *s); 238 CONNECTION *NewClientConnectionEx(SESSION *s, char *client_str, UINT client_ver, UINT client_build); 239 CONNECTION *NewServerConnection(CEDAR *cedar, SOCK *s, THREAD *t); 240 void ReleaseConnection(CONNECTION *c); 241 void CleanupConnection(CONNECTION *c); 242 int CompareConnection(void *p1, void *p2); 243 void StopConnection(CONNECTION *c, bool no_wait); 244 void ConnectionAccept(CONNECTION *c); 245 void StartTunnelingMode(CONNECTION *c); 246 void EndTunnelingMode(CONNECTION *c); 247 void DisconnectTcpSockets(CONNECTION *c); 248 void ConnectionReceive(CONNECTION *c, CANCEL *c1, CANCEL *c2); 249 void ConnectionSend(CONNECTION *c, UINT64 now); 250 TCPSOCK *NewTcpSock(SOCK *s); 251 void FreeTcpSock(TCPSOCK *ts); 252 BLOCK *NewBlock(void *data, UINT size, int compress); 253 void FreeBlock(BLOCK *b); 254 void StopAllAdditionalConnectThread(CONNECTION *c); 255 UINT GenNextKeepAliveSpan(CONNECTION *c); 256 void SendKeepAlive(CONNECTION *c, TCPSOCK *ts); 257 void DisconnectUDPSockets(CONNECTION *c); 258 void PutUDPPacketData(CONNECTION *c, void *data, UINT size); 259 void SendDataWithUDP(SOCK *s, CONNECTION *c); 260 void InsertReceivedBlockToQueue(CONNECTION *c, BLOCK *block, bool no_lock); 261 UINT TcpSockRecv(SESSION *s, TCPSOCK *ts, void *data, UINT size); 262 UINT TcpSockSend(SESSION *s, TCPSOCK *ts, void *data, UINT size); 263 void WriteSendFifo(SESSION *s, TCPSOCK *ts, void *data, UINT size); 264 void WriteRecvFifo(SESSION *s, TCPSOCK *ts, void *data, UINT size); 265 CLIENT_AUTH *CopyClientAuth(CLIENT_AUTH *a); 266 BUF *NewKeepPacket(bool server_mode); 267 void KeepThread(THREAD *thread, void *param); 268 KEEP *StartKeep(); 269 void StopKeep(KEEP *k); 270 void InRpcSecureSign(SECURE_SIGN *t, PACK *p); 271 void OutRpcSecureSign(PACK *p, SECURE_SIGN *t); 272 void FreeRpcSecureSign(SECURE_SIGN *t); 273 void NormalizeEthMtu(BRIDGE *b, CONNECTION *c, UINT packet_size); 274 UINT GetMachineRand(); 275 276 277 278 #endif // CONNECTION_H 279