1 // SoftEther VPN Source Code - Developer Edition Master Branch
2 // Cedar Communication Module
3 // © 2020 Nokia
4 
5 // Connection.h
6 // Header of Connection.c
7 
8 #ifndef	CONNECTION_H
9 #define	CONNECTION_H
10 
11 #include "Cedar.h"
12 
13 #include "Mayaqua/Encrypt.h"
14 #include "Mayaqua/Proxy.h"
15 
16 // Magic number indicating that the packet is compressed
17 #define	CONNECTION_BULK_COMPRESS_SIGNATURE	0xDEADBEEFCAFEFACEULL
18 
19 #define	KEEP_ALIVE_STRING				"Internet Connection Keep Alive Packet"
20 
21 #define	UPDATE_LAST_COMM_TIME(v, n)		{if ((v) <= (n)) { v = (n); } }
22 
23 // KEEP CONNECT structure
24 struct KEEP
25 {
26 	LOCK *lock;										// Lock
27 	bool Server;									// Server mode
28 	volatile bool Halt;								// Stop flag
29 	bool Enable;									// Enable flag
30 	char ServerName[MAX_HOST_NAME_LEN + 1];			// Server name
31 	UINT ServerPort;								// Server port number
32 	bool UdpMode;									// UDP mode
33 	UINT Interval;									// Packet transmission interval
34 	THREAD *Thread;									// Connection thread
35 	EVENT *HaltEvent;								// Stop event
36 	CANCEL *Cancel;									// Cancel
37 };
38 
39 // SECURE_SIGN Structure
40 struct SECURE_SIGN
41 {
42 	char SecurePublicCertName[MAX_SECURE_DEVICE_FILE_LEN + 1];	// Secure device certificate name
43 	char SecurePrivateKeyName[MAX_SECURE_DEVICE_FILE_LEN + 1];	// Secure device secret key name
44 	X *ClientCert;					// Client certificate
45 	UCHAR Random[SHA1_SIZE];		// Random value for signature
46 	UCHAR Signature[4096 / 8];		// Signed data
47 	UINT UseSecureDeviceId;
48 	UINT BitmapId;					// Bitmap ID
49 };
50 
51 // Function type declaration
52 typedef bool (CHECK_CERT_PROC)(SESSION *s, CONNECTION *c, X *server_x, bool *expired);
53 typedef bool (SECURE_SIGN_PROC)(SESSION *s, CONNECTION *c, SECURE_SIGN *sign);
54 
55 // RC4 key pair
56 struct RC4_KEY_PAIR
57 {
58 	UCHAR ServerToClientKey[16];
59 	UCHAR ClientToServerKey[16];
60 };
61 
62 // Client Options
63 struct CLIENT_OPTION
64 {
65 	wchar_t AccountName[MAX_ACCOUNT_NAME_LEN + 1];			// Connection setting name
66 	char Hostname[MAX_HOST_NAME_LEN + 1];					// Host name
67 	UINT Port;												// Port number
68 	UINT PortUDP;											// UDP port number (0: Use only TCP)
69 	UINT ProxyType;											// Type of proxy
70 	char ProxyName[MAX_HOST_NAME_LEN + 1];					// Proxy server name
71 	UINT ProxyPort;											// Port number of the proxy server
72 	char ProxyUsername[PROXY_MAX_USERNAME_LEN + 1];			// Maximum user name length
73 	char ProxyPassword[PROXY_MAX_PASSWORD_LEN + 1];			// Maximum password length
74 	char CustomHttpHeader[HTTP_CUSTOM_HEADER_MAX_SIZE + 1];	// Custom HTTP proxy header
75 	UINT NumRetry;											// Automatic retries
76 	UINT RetryInterval;										// Retry interval
77 	char HubName[MAX_HUBNAME_LEN + 1];						// HUB name
78 	UINT MaxConnection;										// Maximum number of concurrent TCP connections
79 	bool UseEncrypt;										// Use encrypted communication
80 	bool UseCompress;										// Use data compression
81 	bool HalfConnection;									// Use half connection in TCP
82 	bool NoRoutingTracking;									// Disable the routing tracking
83 	char DeviceName[MAX_DEVICE_NAME_LEN + 1];				// VLAN device name
84 	UINT AdditionalConnectionInterval;						// Connection attempt interval when additional connection establish
85 	UINT ConnectionDisconnectSpan;							// Disconnection interval
86 	bool HideStatusWindow;									// Hide the status window
87 	bool HideNicInfoWindow;									// Hide the NIC status window
88 	bool RequireMonitorMode;								// Monitor port mode
89 	bool RequireBridgeRoutingMode;							// Bridge or routing mode
90 	bool DisableQoS;										// Disable the VoIP / QoS function
91 	bool FromAdminPack;										// For Administration Pack
92 	bool NoUdpAcceleration;									// Do not use UDP acceleration mode
93 	UCHAR HostUniqueKey[SHA1_SIZE];							// Host unique key
94 };
95 
96 // Client authentication data
97 struct CLIENT_AUTH
98 {
99 	UINT AuthType;									// Authentication type
100 	char Username[MAX_USERNAME_LEN + 1];			// User name
101 	UCHAR HashedPassword[SHA1_SIZE];				// Hashed passwords
102 	char PlainPassword[MAX_PASSWORD_LEN + 1];		// Password
103 	X *ClientX;										// Client certificate
104 	K *ClientK;										// Client private key
105 	char SecurePublicCertName[MAX_SECURE_DEVICE_FILE_LEN + 1];	// Secure device certificate name
106 	char SecurePrivateKeyName[MAX_SECURE_DEVICE_FILE_LEN + 1];	// Secure device secret key name
107 	char OpensslEnginePrivateKeyName[MAX_SECURE_DEVICE_FILE_LEN + 1];	// Secure device secret key name
108 	char OpensslEngineName[MAX_SECURE_DEVICE_FILE_LEN + 1];	// Secure device secret key name
109 	CHECK_CERT_PROC *CheckCertProc;					// Server certificate confirmation procedure
110 	SECURE_SIGN_PROC *SecureSignProc;				// Security signing procedure
111 };
112 
113 // TCP socket data structure
114 struct TCPSOCK
115 {
116 	SOCK *Sock;						// Socket
117 	FIFO *RecvFifo;					// Reception buffer
118 	FIFO *SendFifo;					// Transmission buffer
119 	UINT Mode;						// Read mode
120 	UINT WantSize;					// Requested data size
121 	UINT NextBlockNum;				// Total number of blocks that can be read next
122 	UINT NextBlockSize;				// Block size that is planned to read next
123 	UINT CurrentPacketNum;			// Current packet number
124 	UINT64 LastCommTime;			// Last communicated time
125 	UINT64 LastRecvTime;			// Time the last data received
126 	UINT LateCount;					// The number of delay occurences
127 	UINT Direction;					// Direction
128 	UINT64 NextKeepAliveTime;		// Next time to send a KeepAlive packet
129 	RC4_KEY_PAIR Rc4KeyPair;		// RC4 key pair
130 	CRYPT *SendKey;					// Transmission key
131 	CRYPT *RecvKey;					// Reception key
132 	UINT64 DisconnectTick;			// Time to disconnect this connection
133 	UINT64 EstablishedTick;			// Establishment time
134 };
135 
136 // TCP communication data structure
137 struct TCP
138 {
139 	LIST *TcpSockList;				// TCP socket list
140 };
141 
142 // UDP communication data structure
143 struct UDP
144 {
145 	SOCK *s;						// UDP socket (for transmission)
146 	IP ip;							// Destination IP address
147 	UINT port;						// Destination port number
148 	UINT64 NextKeepAliveTime;		// Next time to send a KeepAlive packet
149 	UINT64 Seq;						// Packet sequence number
150 	UINT64 RecvSeq;
151 	QUEUE *BufferQueue;				// Queue of buffer to be sent
152 };
153 
154 // Data block
155 struct BLOCK
156 {
157 	bool Compressed;				// Compression flag
158 	UINT Size;						// Block size
159 	UINT SizeofData;				// Data size
160 	UCHAR *Buf;						// Buffer
161 	bool PriorityQoS;				// Priority packet for VoIP / QoS function
162 	UINT Ttl;						// TTL value (Used only in ICMP NAT of Virtual.c)
163 	UINT Param1;					// Parameter 1
164 	bool IsFlooding;				// Is flooding packet
165 	UCHAR RawFlagRetUdpAccel;		// Raw flag returned by UDP accel
166 };
167 
168 // Connection structure
169 struct CONNECTION
170 {
171 	LOCK *lock;						// Lock
172 	REF *ref;						// Reference counter
173 	CEDAR *Cedar;					// Cedar
174 	struct SESSION *Session;		// Session
175 	UINT Protocol;					// Protocol
176 	SOCK *FirstSock;				// Socket for negotiation
177 	SOCK *TubeSock;					// Socket for in-process communication
178 	TCP *Tcp;						// TCP communication data structure
179 	UDP *Udp;						// UDP communication data structure
180 	bool ServerMode;				// Server mode
181 	UINT Status;					// Status
182 	char *Name;						// Connection name
183 	THREAD *Thread;					// Thread
184 	volatile bool Halt;				// Stop flag
185 	UCHAR Random[SHA1_SIZE];		// Random number for Authentication
186 	UINT ServerVer;					// Server version
187 	UINT ServerBuild;				// Server build number
188 	UINT ClientVer;					// Client version
189 	UINT ClientBuild;				// Client build number
190 	char ServerStr[MAX_SERVER_STR_LEN + 1];	// Server string
191 	char ClientStr[MAX_CLIENT_STR_LEN + 1];	// Client string
192 	UINT Err;						// Error value
193 	bool ClientConnectError_NoSavePassword;	// Don't save the password for the specified user name
194 	QUEUE *ReceivedBlocks;			// Block queue that is received
195 	QUEUE *SendBlocks;				// Block queue planned to be sent
196 	QUEUE *SendBlocks2;				// Send queue (high priority)
197 	COUNTER *CurrentNumConnection;	// Counter of the number of current connections
198 	LIST *ConnectingThreads;		// List of connected threads
199 	LIST *ConnectingSocks;			// List of the connected sockets
200 	bool flag1;						// Flag 1
201 	UCHAR *RecvBuf;					// Receive buffer
202 	char ServerName[MAX_HOST_NAME_LEN + 1];	// Server name
203 	UINT ServerPort;				// Port number
204 	bool RestoreServerNameAndPort;	// Flag to restore the  server name and port number to original
205 	bool UseTicket;					// Ticket using flag
206 	UCHAR Ticket[SHA1_SIZE];		// Ticket
207 	UINT CurrentSendQueueSize;		// Total size of the transmission queue
208 	X *ServerX;						// Server certificate
209 	X *ClientX;						// Client certificate
210 	char *CipherName;				// Encryption algorithm name
211 	UINT64 ConnectedTick;			// Time it is connected
212 	IP ClientIp;					// Client IP address
213 	char ClientHostname[MAX_HOST_NAME_LEN + 1];	// Client host name
214 	UINT Type;						// Type
215 	void *hWndForUI;				// Parent window
216 	bool IsInProc;					// In-process
217 	char InProcPrefix[64];			// Prefix
218 	UINT InProcLayer;				// InProc layer
219 	UINT AdditionalConnectionFailedCounter;		// Additional connection failure counter
220 	UINT64 LastCounterResetTick;	// Time the counter was reset finally
221 	bool WasSstp;					// Processed the SSTP
222 	bool WasDatProxy;				// DAT proxy processed
223 	UCHAR CToken_Hash[SHA1_SIZE];	// CTOKEN_HASH
224 	UINT LastTcpQueueSize;			// The last queue size of TCP sockets
225 	UINT LastPacketQueueSize;		// The last queue size of packets
226 	UINT LastRecvFifoTotalSize;		// The last RecvFifo total size
227 	UINT LastRecvBlocksNum;			// The last ReceivedBlocks num
228 	bool IsJsonRpc;					// Is JSON-RPC
229 	bool JsonRpcAuthed;				// JSON-RPC Authed
230 	LISTENER *Listener;				// Listener ref
231 };
232 
233 
234 
235 // Function prototypes
236 
237 CONNECTION *NewClientConnection(SESSION *s);
238 CONNECTION *NewClientConnectionEx(SESSION *s, char *client_str, UINT client_ver, UINT client_build);
239 CONNECTION *NewServerConnection(CEDAR *cedar, SOCK *s, THREAD *t);
240 void ReleaseConnection(CONNECTION *c);
241 void CleanupConnection(CONNECTION *c);
242 int CompareConnection(void *p1, void *p2);
243 void StopConnection(CONNECTION *c, bool no_wait);
244 void ConnectionAccept(CONNECTION *c);
245 void StartTunnelingMode(CONNECTION *c);
246 void EndTunnelingMode(CONNECTION *c);
247 void DisconnectTcpSockets(CONNECTION *c);
248 void ConnectionReceive(CONNECTION *c, CANCEL *c1, CANCEL *c2);
249 void ConnectionSend(CONNECTION *c, UINT64 now);
250 TCPSOCK *NewTcpSock(SOCK *s);
251 void FreeTcpSock(TCPSOCK *ts);
252 BLOCK *NewBlock(void *data, UINT size, int compress);
253 void FreeBlock(BLOCK *b);
254 void StopAllAdditionalConnectThread(CONNECTION *c);
255 UINT GenNextKeepAliveSpan(CONNECTION *c);
256 void SendKeepAlive(CONNECTION *c, TCPSOCK *ts);
257 void DisconnectUDPSockets(CONNECTION *c);
258 void PutUDPPacketData(CONNECTION *c, void *data, UINT size);
259 void SendDataWithUDP(SOCK *s, CONNECTION *c);
260 void InsertReceivedBlockToQueue(CONNECTION *c, BLOCK *block, bool no_lock);
261 UINT TcpSockRecv(SESSION *s, TCPSOCK *ts, void *data, UINT size);
262 UINT TcpSockSend(SESSION *s, TCPSOCK *ts, void *data, UINT size);
263 void WriteSendFifo(SESSION *s, TCPSOCK *ts, void *data, UINT size);
264 void WriteRecvFifo(SESSION *s, TCPSOCK *ts, void *data, UINT size);
265 CLIENT_AUTH *CopyClientAuth(CLIENT_AUTH *a);
266 BUF *NewKeepPacket(bool server_mode);
267 void KeepThread(THREAD *thread, void *param);
268 KEEP *StartKeep();
269 void StopKeep(KEEP *k);
270 void InRpcSecureSign(SECURE_SIGN *t, PACK *p);
271 void OutRpcSecureSign(PACK *p, SECURE_SIGN *t);
272 void FreeRpcSecureSign(SECURE_SIGN *t);
273 void NormalizeEthMtu(BRIDGE *b, CONNECTION *c, UINT packet_size);
274 UINT GetMachineRand();
275 
276 
277 
278 #endif	// CONNECTION_H
279