Home Explore Help
Register Sign In
OWEALs
/
tinc
mirror of https://tinc-vpn.org/git/tinc
2
0
Fork 0
Files Issues 0 Wiki
Branch: master
Branches Tags
tinc
/
src
/
protocol_key.c

protocol_key.c 9.7 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351 
  1. /*
    2. 

  2.     protocol_key.c -- handle the meta-protocol, key exchange
    3. 

  3.     Copyright (C) 1999-2005 Ivo Timmermans,
    4. 

  4.                   2000-2016 Guus Sliepen <guus@tinc-vpn.org>
    5. 

  5. 

  6.     This program is free software; you can redistribute it and/or modify
    7. 

  7.     it under the terms of the GNU General Public License as published by
    8. 

  8.     the Free Software Foundation; either version 2 of the License, or
    9. 

  9.     (at your option) any later version.
    10. 

  10. 

  11.     This program is distributed in the hope that it will be useful,
    12. 

  12.     but WITHOUT ANY WARRANTY; without even the implied warranty of
    13. 

  13.     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    14. 

  14.     GNU General Public License for more details.
    15. 

  15. 

  16.     You should have received a copy of the GNU General Public License along
    17. 

  17.     with this program; if not, write to the Free Software Foundation, Inc.,
    18. 

  18.     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
    19. 

  19. */
    20. 

  20. 

  21. #include "system.h"
    22. 

  22. 

  23. #include <openssl/evp.h>
    24. 

  24. #include <openssl/err.h>
    25. 

  25. #include <openssl/rand.h>
    26. 

  26. 

  27. #include "avl_tree.h"
    28. 

  28. #include "connection.h"
    29. 

  29. #include "logger.h"
    30. 

  30. #include "net.h"
    31. 

  31. #include "netutl.h"
    32. 

  32. #include "node.h"
    33. 

  33. #include "protocol.h"
    34. 

  34. #include "utils.h"
    35. 

  35. #include "xalloc.h"
    36. 

  36. 

  37. static bool mykeyused = false;
    38. 

  38. 

  39. void send_key_changed(void) {
    40. 

  40. 	avl_node_t *node;
    41. 

  41. 	connection_t *c;
    42. 

  42. 

  43. 	send_request(everyone, "%d %x %s", KEY_CHANGED, rand(), myself->name);
    44. 

  44. 

  45. 	/* Immediately send new keys to directly connected nodes to keep UDP mappings alive */
    46. 

  46. 

  47. 	for(node = connection_tree->head; node; node = node->next) {
    48. 

  48. 		c = node->data;
    49. 

  49. 

  50. 		if(c->status.active && c->node && c->node->status.reachable) {
    51. 

  51. 			send_ans_key(c->node);
    52. 

  52. 		}
    53. 

  53. 	}
    54. 

  54. }
    55. 

  55. 

  56. bool key_changed_h(connection_t *c) {
    57. 

  57. 	char name[MAX_STRING_SIZE];
    58. 

  58. 	node_t *n;
    59. 

  59. 

  60. 	if(sscanf(c->buffer, "%*d %*x " MAX_STRING, name) != 1) {
    61. 

  61. 		logger(LOG_ERR, "Got bad %s from %s (%s)", "KEY_CHANGED",
    62. 

  62. 		       c->name, c->hostname);
    63. 

  63. 		return false;
    64. 

  64. 	}
    65. 

  65. 

  66. 	if(!check_id(name)) {
    67. 

  67. 		logger(LOG_ERR, "Got bad %s from %s (%s): %s", "KEY_CHANGED", c->name, c->hostname, "invalid name");
    68. 

  68. 		return false;
    69. 

  69. 	}
    70. 

  70. 

  71. 	if(seen_request(c->buffer)) {
    72. 

  72. 		return true;
    73. 

  73. 	}
    74. 

  74. 

  75. 	n = lookup_node(name);
    76. 

  76. 

  77. 	if(!n) {
    78. 

  78. 		logger(LOG_ERR, "Got %s from %s (%s) origin %s which does not exist",
    79. 

  79. 		       "KEY_CHANGED", c->name, c->hostname, name);
    80. 

  80. 		return true;
    81. 

  81. 	}
    82. 

  82. 

  83. 	n->status.validkey = false;
    84. 

  84. 	n->last_req_key = 0;
    85. 

  85. 

  86. 	/* Tell the others */
    87. 

  87. 

  88. 	if(!tunnelserver) {
    89. 

  89. 		forward_request(c);
    90. 

  90. 	}
    91. 

  91. 

  92. 	return true;
    93. 

  93. }
    94. 

  94. 

  95. bool send_req_key(node_t *to) {
    96. 

  96. 	return send_request(to->nexthop->connection, "%d %s %s", REQ_KEY, myself->name, to->name);
    97. 

  97. }
    98. 

  98. 

  99. bool req_key_h(connection_t *c) {
    100. 

  100. 	char from_name[MAX_STRING_SIZE];
    101. 

  101. 	char to_name[MAX_STRING_SIZE];
    102. 

  102. 	node_t *from, *to;
    103. 

  103. 

  104. 	if(sscanf(c->buffer, "%*d " MAX_STRING " " MAX_STRING, from_name, to_name) != 2) {
    105. 

  105. 		logger(LOG_ERR, "Got bad %s from %s (%s)", "REQ_KEY", c->name,
    106. 

  106. 		       c->hostname);
    107. 

  107. 		return false;
    108. 

  108. 	}
    109. 

  109. 

  110. 	if(!check_id(from_name) || !check_id(to_name)) {
    111. 

  111. 		logger(LOG_ERR, "Got bad %s from %s (%s): %s", "REQ_KEY", c->name, c->hostname, "invalid name");
    112. 

  112. 		return false;
    113. 

  113. 	}
    114. 

  114. 

  115. 	from = lookup_node(from_name);
    116. 

  116. 

  117. 	if(!from) {
    118. 

  118. 		logger(LOG_ERR, "Got %s from %s (%s) origin %s which does not exist in our connection list",
    119. 

  119. 		       "REQ_KEY", c->name, c->hostname, from_name);
    120. 

  120. 		return true;
    121. 

  121. 	}
    122. 

  122. 

  123. 	to = lookup_node(to_name);
    124. 

  124. 

  125. 	if(!to) {
    126. 

  126. 		logger(LOG_ERR, "Got %s from %s (%s) destination %s which does not exist in our connection list",
    127. 

  127. 		       "REQ_KEY", c->name, c->hostname, to_name);
    128. 

  128. 		return true;
    129. 

  129. 	}
    130. 

  130. 

  131. 	/* Check if this key request is for us */
    132. 

  132. 

  133. 	if(to == myself) {                      /* Yes, send our own key back */
    134. 

  134. 		if(!from->status.reachable) {
    135. 

  135. 			logger(LOG_WARNING, "Got %s from %s (%s) origin %s which is not reachable",
    136. 

  136. 			       "REQ_KEY", c->name, c->hostname, from_name);
    137. 

  137. 			return true;
    138. 

  138. 		}
    139. 

  139. 

  140. 		if(!send_ans_key(from)) {
    141. 

  141. 			return false;
    142. 

  142. 		}
    143. 

  143. 	} else {
    144. 

  144. 		if(tunnelserver) {
    145. 

  145. 			return true;
    146. 

  146. 		}
    147. 

  147. 

  148. 		if(!to->status.reachable) {
    149. 

  149. 			logger(LOG_WARNING, "Got %s from %s (%s) destination %s which is not reachable",
    150. 

  150. 			       "REQ_KEY", c->name, c->hostname, to_name);
    151. 

  151. 			return true;
    152. 

  152. 		}
    153. 

  153. 

  154. 		send_request(to->nexthop->connection, "%s", c->buffer);
    155. 

  155. 	}
    156. 

  156. 

  157. 	return true;
    158. 

  158. }
    159. 

  159. 

  160. bool send_ans_key(node_t *to) {
    161. 

  161. 	// Set key parameters
    162. 

  162. 	to->incipher = myself->incipher;
    163. 

  163. 	to->inkeylength = myself->inkeylength;
    164. 

  164. 	to->indigest = myself->indigest;
    165. 

  165. 	to->inmaclength = myself->inmaclength;
    166. 

  166. 	to->incompression = myself->incompression;
    167. 

  167. 

  168. 	// Allocate memory for key
    169. 

  169. 	to->inkey = xrealloc(to->inkey, to->inkeylength);
    170. 

  170. 

  171. 	// Create a new key
    172. 

  172. 	if(1 != RAND_bytes((unsigned char *)to->inkey, to->inkeylength)) {
    173. 

  173. 		int err = ERR_get_error();
    174. 

  174. 		logger(LOG_ERR, "Failed to generate random for key (%s)", ERR_error_string(err, NULL));
    175. 

  175. 		return false; // Do not send insecure keys, let connection attempt fail.
    176. 

  176. 	}
    177. 

  177. 

  178. 	if(to->incipher) {
    179. 

  179. 		EVP_DecryptInit_ex(to->inctx, to->incipher, NULL, (unsigned char *)to->inkey, (unsigned char *)to->inkey + EVP_CIPHER_key_length(to->incipher));
    180. 

  180. 	}
    181. 

  181. 

  182. 	// Reset sequence number and late packet window
    183. 

  183. 	mykeyused = true;
    184. 

  184. 	to->received_seqno = 0;
    185. 

  185. 

  186. 	if(replaywin) {
    187. 

  187. 		memset(to->late, 0, replaywin);
    188. 

  188. 	}
    189. 

  189. 

  190. 	// Convert to hexadecimal and send
    191. 

  191. 	char key[2 * to->inkeylength + 1];
    192. 

  192. 	bin2hex(to->inkey, key, to->inkeylength);
    193. 

  193. 	key[to->inkeylength * 2] = '\0';
    194. 

  194. 

  195. 	return send_request(to->nexthop->connection, "%d %s %s %s %d %d %d %d", ANS_KEY,
    196. 

  196. 	                    myself->name, to->name, key,
    197. 

  197. 	                    to->incipher ? EVP_CIPHER_nid(to->incipher) : 0,
    198. 

  198. 	                    to->indigest ? EVP_MD_type(to->indigest) : 0, to->inmaclength,
    199. 

  199. 	                    to->incompression);
    200. 

  200. }
    201. 

  201. 

  202. bool ans_key_h(connection_t *c) {
    203. 

  203. 	char from_name[MAX_STRING_SIZE];
    204. 

  204. 	char to_name[MAX_STRING_SIZE];
    205. 

  205. 	char key[MAX_STRING_SIZE];
    206. 

  206. 	char address[MAX_STRING_SIZE] = "";
    207. 

  207. 	char port[MAX_STRING_SIZE] = "";
    208. 

  208. 	int cipher, digest, maclength, compression;
    209. 

  209. 	node_t *from, *to;
    210. 

  210. 

  211. 	if(sscanf(c->buffer, "%*d "MAX_STRING" "MAX_STRING" "MAX_STRING" %d %d %d %d "MAX_STRING" "MAX_STRING,
    212. 

  212. 	                from_name, to_name, key, &cipher, &digest, &maclength,
    213. 

  213. 	                &compression, address, port) < 7) {
    214. 

  214. 		logger(LOG_ERR, "Got bad %s from %s (%s)", "ANS_KEY", c->name,
    215. 

  215. 		       c->hostname);
    216. 

  216. 		return false;
    217. 

  217. 	}
    218. 

  218. 

  219. 	if(!check_id(from_name) || !check_id(to_name)) {
    220. 

  220. 		logger(LOG_ERR, "Got bad %s from %s (%s): %s", "ANS_KEY", c->name, c->hostname, "invalid name");
    221. 

  221. 		return false;
    222. 

  222. 	}
    223. 

  223. 

  224. 	from = lookup_node(from_name);
    225. 

  225. 

  226. 	if(!from) {
    227. 

  227. 		logger(LOG_ERR, "Got %s from %s (%s) origin %s which does not exist in our connection list",
    228. 

  228. 		       "ANS_KEY", c->name, c->hostname, from_name);
    229. 

  229. 		return true;
    230. 

  230. 	}
    231. 

  231. 

  232. 	to = lookup_node(to_name);
    233. 

  233. 

  234. 	if(!to) {
    235. 

  235. 		logger(LOG_ERR, "Got %s from %s (%s) destination %s which does not exist in our connection list",
    236. 

  236. 		       "ANS_KEY", c->name, c->hostname, to_name);
    237. 

  237. 		return true;
    238. 

  238. 	}
    239. 

  239. 

  240. 	/* Forward it if necessary */
    241. 

  241. 

  242. 	if(to != myself) {
    243. 

  243. 		if(tunnelserver) {
    244. 

  244. 			return true;
    245. 

  245. 		}
    246. 

  246. 

  247. 		if(!to->status.reachable) {
    248. 

  248. 			logger(LOG_WARNING, "Got %s from %s (%s) destination %s which is not reachable",
    249. 

  249. 			       "ANS_KEY", c->name, c->hostname, to_name);
    250. 

  250. 			return true;
    251. 

  251. 		}
    252. 

  252. 

  253. 		if(!*address && from->address.sa.sa_family != AF_UNSPEC && to->minmtu) {
    254. 

  254. 			char *address, *port;
    255. 

  255. 			ifdebug(PROTOCOL) logger(LOG_DEBUG, "Appending reflexive UDP address to ANS_KEY from %s to %s", from->name, to->name);
    256. 

  256. 			sockaddr2str(&from->address, &address, &port);
    257. 

  257. 			send_request(to->nexthop->connection, "%s %s %s", c->buffer, address, port);
    258. 

  258. 			free(address);
    259. 

  259. 			free(port);
    260. 

  260. 			return true;
    261. 

  261. 		}
    262. 

  262. 

  263. 		return send_request(to->nexthop->connection, "%s", c->buffer);
    264. 

  264. 	}
    265. 

  265. 

  266. 	/* Don't use key material until every check has passed. */
    267. 

  267. 	from->status.validkey = false;
    268. 

  268. 

  269. 	/* Update our copy of the origin's packet key */
    270. 

  270. 	from->outkey = xrealloc(from->outkey, strlen(key) / 2);
    271. 

  271. 	from->outkeylength = strlen(key) / 2;
    272. 

  272. 

  273. 	if(!hex2bin(key, from->outkey, from->outkeylength)) {
    274. 

  274. 		logger(LOG_ERR, "Got bad %s from %s(%s): %s", "ANS_KEY", from->name, from->hostname, "invalid key");
    275. 

  275. 		return true;
    276. 

  276. 	}
    277. 

  277. 

  278. 	/* Check and lookup cipher and digest algorithms */
    279. 

  279. 

  280. 	if(cipher) {
    281. 

  281. 		from->outcipher = EVP_get_cipherbynid(cipher);
    282. 

  282. 

  283. 		if(!from->outcipher) {
    284. 

  284. 			logger(LOG_ERR, "Node %s (%s) uses unknown cipher!", from->name,
    285. 

  285. 			       from->hostname);
    286. 

  286. 			return true;
    287. 

  287. 		}
    288. 

  288. 

  289. 		if(from->outkeylength != EVP_CIPHER_key_length(from->outcipher) + EVP_CIPHER_iv_length(from->outcipher)) {
    290. 

  290. 			logger(LOG_ERR, "Node %s (%s) uses wrong keylength!", from->name,
    291. 

  291. 			       from->hostname);
    292. 

  292. 			return true;
    293. 

  293. 		}
    294. 

  294. 	} else {
    295. 

  295. 		if(from->outkeylength != 1) {
    296. 

  296. 			logger(LOG_ERR, "Node %s (%s) uses wrong keylength!", from->name, from->hostname);
    297. 

  297. 			return true;
    298. 

  298. 		}
    299. 

  299. 

  300. 		from->outcipher = NULL;
    301. 

  301. 	}
    302. 

  302. 

  303. 	from->outmaclength = maclength;
    304. 

  304. 

  305. 	if(digest) {
    306. 

  306. 		from->outdigest = EVP_get_digestbynid(digest);
    307. 

  307. 

  308. 		if(!from->outdigest) {
    309. 

  309. 			logger(LOG_ERR, "Node %s (%s) uses unknown digest!", from->name,
    310. 

  310. 			       from->hostname);
    311. 

  311. 			return true;
    312. 

  312. 		}
    313. 

  313. 

  314. 		if(from->outmaclength > EVP_MD_size(from->outdigest) || from->outmaclength < 0) {
    315. 

  315. 			logger(LOG_ERR, "Node %s (%s) uses bogus MAC length!",
    316. 

  316. 			       from->name, from->hostname);
    317. 

  317. 			return true;
    318. 

  318. 		}
    319. 

  319. 	} else {
    320. 

  320. 		from->outdigest = NULL;
    321. 

  321. 	}
    322. 

  322. 

  323. 	if(compression < 0 || compression > 11) {
    324. 

  324. 		logger(LOG_ERR, "Node %s (%s) uses bogus compression level!", from->name, from->hostname);
    325. 

  325. 		return true;
    326. 

  326. 	}
    327. 

  327. 

  328. 	from->outcompression = compression;
    329. 

  329. 

  330. 	if(from->outcipher)
    331. 

  331. 		if(!EVP_EncryptInit_ex(from->outctx, from->outcipher, NULL, (unsigned char *)from->outkey, (unsigned char *)from->outkey + EVP_CIPHER_key_length(from->outcipher))) {
    332. 

  332. 			logger(LOG_ERR, "Error during initialisation of key from %s (%s): %s",
    333. 

  333. 			       from->name, from->hostname, ERR_error_string(ERR_get_error(), NULL));
    334. 

  334. 			return true;
    335. 

  335. 		}
    336. 

  336. 

  337. 	from->status.validkey = true;
    338. 

  338. 	from->sent_seqno = 0;
    339. 

  339. 

  340. 	if(*address && *port) {
    341. 

  341. 		ifdebug(PROTOCOL) logger(LOG_DEBUG, "Using reflexive UDP address from %s: %s port %s", from->name, address, port);
    342. 

  342. 		sockaddr_t sa = str2sockaddr(address, port);
    343. 

  343. 		update_node_udp(from, &sa);
    344. 

  344. 	}
    345. 

  345. 

  346. 	if(from->options & OPTION_PMTU_DISCOVERY && !from->mtuevent) {
    347. 

  347. 		send_mtu_probe(from);
    348. 

  348. 	}
    349. 

  349. 

  350. 	return true;
    351. 

  351. }
    352.