|
@ -6,6 +6,7 @@ |
|
|
#define N2N_SN_PKTBUF_SIZE 2048 |
|
|
#define N2N_SN_PKTBUF_SIZE 2048 |
|
|
|
|
|
|
|
|
static int try_forward(n2n_sn_t * sss, |
|
|
static int try_forward(n2n_sn_t * sss, |
|
|
|
|
|
const struct sn_community *comm, |
|
|
const n2n_common_t * cmn, |
|
|
const n2n_common_t * cmn, |
|
|
const n2n_mac_t dstMac, |
|
|
const n2n_mac_t dstMac, |
|
|
const uint8_t * pktbuf, |
|
|
const uint8_t * pktbuf, |
|
@ -17,6 +18,7 @@ static ssize_t sendto_sock(n2n_sn_t *sss, |
|
|
size_t pktsize); |
|
|
size_t pktsize); |
|
|
|
|
|
|
|
|
static int try_broadcast(n2n_sn_t * sss, |
|
|
static int try_broadcast(n2n_sn_t * sss, |
|
|
|
|
|
const struct sn_community *comm, |
|
|
const n2n_common_t * cmn, |
|
|
const n2n_common_t * cmn, |
|
|
const n2n_mac_t srcMac, |
|
|
const n2n_mac_t srcMac, |
|
|
const uint8_t * pktbuf, |
|
|
const uint8_t * pktbuf, |
|
@ -43,25 +45,17 @@ static int process_udp(n2n_sn_t *sss, |
|
|
time_t now); |
|
|
time_t now); |
|
|
|
|
|
|
|
|
static int try_forward(n2n_sn_t * sss, |
|
|
static int try_forward(n2n_sn_t * sss, |
|
|
|
|
|
const struct sn_community *comm, |
|
|
const n2n_common_t * cmn, |
|
|
const n2n_common_t * cmn, |
|
|
const n2n_mac_t dstMac, |
|
|
const n2n_mac_t dstMac, |
|
|
const uint8_t * pktbuf, |
|
|
const uint8_t * pktbuf, |
|
|
size_t pktsize) |
|
|
size_t pktsize) |
|
|
{ |
|
|
{ |
|
|
struct peer_info * scan; |
|
|
struct peer_info * scan; |
|
|
struct sn_community *community; |
|
|
|
|
|
macstr_t mac_buf; |
|
|
macstr_t mac_buf; |
|
|
n2n_sock_str_t sockbuf; |
|
|
n2n_sock_str_t sockbuf; |
|
|
|
|
|
|
|
|
HASH_FIND_COMMUNITY(sss->communities, (char *)cmn->community, community); |
|
|
HASH_FIND_PEER(comm->edges, dstMac, scan); |
|
|
|
|
|
|
|
|
if (!community) |
|
|
|
|
|
{ |
|
|
|
|
|
traceEvent(TRACE_DEBUG, "try_forward unknown community %s", cmn->community); |
|
|
|
|
|
return (-1); |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
HASH_FIND_PEER(community->edges, dstMac, scan); |
|
|
|
|
|
|
|
|
|
|
|
if(NULL != scan) |
|
|
if(NULL != scan) |
|
|
{ |
|
|
{ |
|
@ -137,26 +131,20 @@ static ssize_t sendto_sock(n2n_sn_t *sss, |
|
|
* the supernode. |
|
|
* the supernode. |
|
|
*/ |
|
|
*/ |
|
|
static int try_broadcast(n2n_sn_t * sss, |
|
|
static int try_broadcast(n2n_sn_t * sss, |
|
|
|
|
|
const struct sn_community *comm, |
|
|
const n2n_common_t * cmn, |
|
|
const n2n_common_t * cmn, |
|
|
const n2n_mac_t srcMac, |
|
|
const n2n_mac_t srcMac, |
|
|
const uint8_t * pktbuf, |
|
|
const uint8_t * pktbuf, |
|
|
size_t pktsize) |
|
|
size_t pktsize) |
|
|
{ |
|
|
{ |
|
|
struct peer_info *scan, *tmp; |
|
|
struct peer_info *scan, *tmp; |
|
|
struct sn_community *community; |
|
|
|
|
|
macstr_t mac_buf; |
|
|
macstr_t mac_buf; |
|
|
n2n_sock_str_t sockbuf; |
|
|
n2n_sock_str_t sockbuf; |
|
|
|
|
|
|
|
|
traceEvent(TRACE_DEBUG, "try_broadcast"); |
|
|
traceEvent(TRACE_DEBUG, "try_broadcast"); |
|
|
|
|
|
|
|
|
HASH_FIND_COMMUNITY(sss->communities, (char *)cmn->community, community); |
|
|
HASH_ITER(hh, comm->edges, scan, tmp) { |
|
|
|
|
|
if(memcmp(srcMac, scan->mac_addr, sizeof(n2n_mac_t)) != 0) { |
|
|
if (community) |
|
|
|
|
|
{ |
|
|
|
|
|
HASH_ITER(hh, community->edges, scan, tmp) |
|
|
|
|
|
{ |
|
|
|
|
|
if (memcmp(srcMac, scan->mac_addr, sizeof(n2n_mac_t)) != 0) |
|
|
|
|
|
{ |
|
|
|
|
|
/* REVISIT: exclude if the destination socket is where the packet came from. */ |
|
|
/* REVISIT: exclude if the destination socket is where the packet came from. */ |
|
|
int data_sent_len; |
|
|
int data_sent_len; |
|
|
|
|
|
|
|
@ -181,14 +169,10 @@ static int try_broadcast(n2n_sn_t *sss, |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
|
|
|
else |
|
|
|
|
|
traceEvent(TRACE_INFO, "ignoring broadcast on unknown community %s\n", |
|
|
|
|
|
cmn->community); |
|
|
|
|
|
|
|
|
|
|
|
return 0; |
|
|
return 0; |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/** Initialise the supernode structure */ |
|
|
/** Initialise the supernode structure */ |
|
|
int sn_init(n2n_sn_t *sss) |
|
|
int sn_init(n2n_sn_t *sss) |
|
|
{ |
|
|
{ |
|
@ -382,21 +366,75 @@ static int process_udp(n2n_sn_t *sss, |
|
|
n2n_common_t cmn; /* common fields in the packet header */ |
|
|
n2n_common_t cmn; /* common fields in the packet header */ |
|
|
size_t rem; |
|
|
size_t rem; |
|
|
size_t idx; |
|
|
size_t idx; |
|
|
int8_t he = HEADER_ENCRYPTION_UNKNOWN; |
|
|
|
|
|
size_t msg_type; |
|
|
size_t msg_type; |
|
|
uint8_t from_supernode; |
|
|
uint8_t from_supernode; |
|
|
macstr_t mac_buf; |
|
|
macstr_t mac_buf; |
|
|
macstr_t mac_buf2; |
|
|
macstr_t mac_buf2; |
|
|
n2n_sock_str_t sockbuf; |
|
|
n2n_sock_str_t sockbuf; |
|
|
char buf[32]; |
|
|
char buf[32]; |
|
|
|
|
|
struct sn_community *comm, *tmp; |
|
|
|
|
|
|
|
|
traceEvent(TRACE_DEBUG, "Processing incoming UDP packet [len: %lu][sender: %s:%u]", |
|
|
traceEvent(TRACE_DEBUG, "Processing incoming UDP packet [len: %lu][sender: %s:%u]", |
|
|
udp_size, intoa(ntohl(sender_sock->sin_addr.s_addr), buf, sizeof(buf)), |
|
|
udp_size, intoa(ntohl(sender_sock->sin_addr.s_addr), buf, sizeof(buf)), |
|
|
ntohs(sender_sock->sin_port)); |
|
|
ntohs(sender_sock->sin_port)); |
|
|
|
|
|
|
|
|
he = packet_header_decrypt_if_required (udp_buf, udp_size, sss->communities); |
|
|
/* check if header is unenrypted. the following check is around 99.99962 percent reliable.
|
|
|
if (he < 0) |
|
|
* it heavily relies on the structure of packet's common part |
|
|
return -1; /* something wrong during packet decryption */ |
|
|
* changes to wire.c:encode/decode_common need to go together with this code */ |
|
|
|
|
|
if (udp_size < 20) { |
|
|
|
|
|
traceEvent(TRACE_DEBUG, "process_udp dropped a packet too short to be valid."); |
|
|
|
|
|
return -1; |
|
|
|
|
|
} |
|
|
|
|
|
if ( (udp_buf[19] == (uint8_t)0x00) // null terminated community name
|
|
|
|
|
|
&& (udp_buf[00] == N2N_PKT_VERSION) // correct packet version
|
|
|
|
|
|
&& ((be16toh (*(uint16_t*)&(udp_buf[02])) & N2N_FLAGS_TYPE_MASK ) <= MSG_TYPE_MAX_TYPE ) // message type
|
|
|
|
|
|
&& ( be16toh (*(uint16_t*)&(udp_buf[02])) < N2N_FLAGS_OPTIONS) // flags
|
|
|
|
|
|
) { |
|
|
|
|
|
/* most probably unencrypted */ |
|
|
|
|
|
/* make sure, no downgrading happens here and no unencrypted packets can be
|
|
|
|
|
|
* injected in a community which definitely deals with encrypted headers */ |
|
|
|
|
|
HASH_FIND_COMMUNITY(sss->communities, (char *)&udp_buf[04], comm); |
|
|
|
|
|
if (comm) { |
|
|
|
|
|
if (comm->header_encryption == HEADER_ENCRYPTION_ENABLED) { |
|
|
|
|
|
traceEvent(TRACE_DEBUG, "process_udp dropped a packet with unencrypted header " |
|
|
|
|
|
"addressed to community '%s' which uses encrypted headers.", |
|
|
|
|
|
comm->community); |
|
|
|
|
|
return -1; |
|
|
|
|
|
} |
|
|
|
|
|
if (comm->header_encryption == HEADER_ENCRYPTION_UNKNOWN) { |
|
|
|
|
|
traceEvent (TRACE_INFO, "process_udp locked community '%s' to using " |
|
|
|
|
|
"unencrypted headers.", comm->community); |
|
|
|
|
|
/* set 'no encryption' in case it is not set yet */ |
|
|
|
|
|
comm->header_encryption = HEADER_ENCRYPTION_NONE; |
|
|
|
|
|
comm->header_encryption_ctx = NULL; |
|
|
|
|
|
} |
|
|
|
|
|
} |
|
|
|
|
|
} else { |
|
|
|
|
|
/* most probably encrypted */ |
|
|
|
|
|
/* cycle through the known communities (as keys) to eventually decrypt */ |
|
|
|
|
|
uint32_t ret = 0; |
|
|
|
|
|
HASH_ITER (hh, sss->communities, comm, tmp) { |
|
|
|
|
|
/* skip the definitely unencrypted communities */ |
|
|
|
|
|
if (comm->header_encryption == HEADER_ENCRYPTION_NONE) |
|
|
|
|
|
continue; |
|
|
|
|
|
if ( (ret = packet_header_decrypt (udp_buf, udp_size, comm->community, comm->header_encryption_ctx)) ) { |
|
|
|
|
|
if (comm->header_encryption == HEADER_ENCRYPTION_UNKNOWN) { |
|
|
|
|
|
traceEvent (TRACE_INFO, "process_udp locked community '%s' to using " |
|
|
|
|
|
"encrypted headers.", comm->community); |
|
|
|
|
|
/* set 'encrypted' in case it is not set yet */ |
|
|
|
|
|
comm->header_encryption = HEADER_ENCRYPTION_ENABLED; |
|
|
|
|
|
} |
|
|
|
|
|
// no need to test further communities
|
|
|
|
|
|
break; |
|
|
|
|
|
} |
|
|
|
|
|
} |
|
|
|
|
|
if (!ret) { |
|
|
|
|
|
// no matching key/community
|
|
|
|
|
|
traceEvent(TRACE_DEBUG, "process_udp dropped a packet with seemingly encrypted header " |
|
|
|
|
|
"for which no matching community which uses encrypted headers was found."); |
|
|
|
|
|
return -1; |
|
|
|
|
|
} |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
/* Use decode_common() to determine the kind of packet then process it:
|
|
|
/* Use decode_common() to determine the kind of packet then process it:
|
|
|
* |
|
|
* |
|
@ -409,8 +447,7 @@ static int process_udp(n2n_sn_t *sss, |
|
|
|
|
|
|
|
|
rem = udp_size; /* Counts down bytes of packet to protect against buffer overruns. */ |
|
|
rem = udp_size; /* Counts down bytes of packet to protect against buffer overruns. */ |
|
|
idx = 0; /* marches through packet header as parts are decoded. */ |
|
|
idx = 0; /* marches through packet header as parts are decoded. */ |
|
|
if (decode_common(&cmn, udp_buf, &rem, &idx) < 0) |
|
|
if(decode_common(&cmn, udp_buf, &rem, &idx) < 0) { |
|
|
{ |
|
|
|
|
|
traceEvent(TRACE_ERROR, "Failed to decode common section"); |
|
|
traceEvent(TRACE_ERROR, "Failed to decode common section"); |
|
|
return -1; /* failed to decode packet */ |
|
|
return -1; /* failed to decode packet */ |
|
|
} |
|
|
} |
|
@ -418,16 +455,14 @@ static int process_udp(n2n_sn_t *sss, |
|
|
msg_type = cmn.pc; /* packet code */ |
|
|
msg_type = cmn.pc; /* packet code */ |
|
|
from_supernode= cmn.flags & N2N_FLAGS_FROM_SUPERNODE; |
|
|
from_supernode= cmn.flags & N2N_FLAGS_FROM_SUPERNODE; |
|
|
|
|
|
|
|
|
if (cmn.ttl < 1) |
|
|
if(cmn.ttl < 1) { |
|
|
{ |
|
|
|
|
|
traceEvent(TRACE_WARNING, "Expired TTL"); |
|
|
traceEvent(TRACE_WARNING, "Expired TTL"); |
|
|
return 0; /* Don't process further */ |
|
|
return 0; /* Don't process further */ |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
--(cmn.ttl); /* The value copied into all forwarded packets. */ |
|
|
--(cmn.ttl); /* The value copied into all forwarded packets. */ |
|
|
|
|
|
|
|
|
switch (msg_type) |
|
|
switch(msg_type) { |
|
|
{ |
|
|
|
|
|
case MSG_TYPE_PACKET: |
|
|
case MSG_TYPE_PACKET: |
|
|
{ |
|
|
{ |
|
|
/* PACKET from one edge to another edge via supernode. */ |
|
|
/* PACKET from one edge to another edge via supernode. */ |
|
@ -439,7 +474,12 @@ static int process_udp(n2n_sn_t *sss, |
|
|
uint8_t encbuf[N2N_SN_PKTBUF_SIZE]; |
|
|
uint8_t encbuf[N2N_SN_PKTBUF_SIZE]; |
|
|
size_t encx=0; |
|
|
size_t encx=0; |
|
|
int unicast; /* non-zero if unicast */ |
|
|
int unicast; /* non-zero if unicast */ |
|
|
const uint8_t *rec_buf; /* either udp_buf or encbuf */ |
|
|
uint8_t * rec_buf; /* either udp_buf or encbuf */ |
|
|
|
|
|
|
|
|
|
|
|
if(!comm) { |
|
|
|
|
|
traceEvent(TRACE_DEBUG, "process_udp PACKET with unknown community %s", cmn.community); |
|
|
|
|
|
return -1; |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
sss->stats.last_fwd=now; |
|
|
sss->stats.last_fwd=now; |
|
|
decode_PACKET(&pkt, &cmn, udp_buf, &rem, &idx); |
|
|
decode_PACKET(&pkt, &cmn, udp_buf, &rem, &idx); |
|
@ -452,8 +492,7 @@ static int process_udp(n2n_sn_t *sss, |
|
|
macaddr_str(mac_buf2, pkt.dstMac), |
|
|
macaddr_str(mac_buf2, pkt.dstMac), |
|
|
(from_supernode?"from sn":"local")); |
|
|
(from_supernode?"from sn":"local")); |
|
|
|
|
|
|
|
|
if (!from_supernode) |
|
|
if(!from_supernode) { |
|
|
{ |
|
|
|
|
|
memcpy(&cmn2, &cmn, sizeof(n2n_common_t)); |
|
|
memcpy(&cmn2, &cmn, sizeof(n2n_common_t)); |
|
|
|
|
|
|
|
|
/* We are going to add socket even if it was not there before */ |
|
|
/* We are going to add socket even if it was not there before */ |
|
@ -468,11 +507,12 @@ static int process_udp(n2n_sn_t *sss, |
|
|
/* Re-encode the header. */ |
|
|
/* Re-encode the header. */ |
|
|
encode_PACKET(encbuf, &encx, &cmn2, &pkt); |
|
|
encode_PACKET(encbuf, &encx, &cmn2, &pkt); |
|
|
|
|
|
|
|
|
|
|
|
if (comm->header_encryption == HEADER_ENCRYPTION_ENABLED) |
|
|
|
|
|
packet_header_encrypt (rec_buf, encx, comm->header_encryption_ctx); |
|
|
|
|
|
|
|
|
/* Copy the original payload unchanged */ |
|
|
/* Copy the original payload unchanged */ |
|
|
encode_buf(encbuf, &encx, (udp_buf + idx), (udp_size - idx)); |
|
|
encode_buf(encbuf, &encx, (udp_buf + idx), (udp_size - idx)); |
|
|
} |
|
|
} else { |
|
|
else |
|
|
|
|
|
{ |
|
|
|
|
|
/* Already from a supernode. Nothing to modify, just pass to
|
|
|
/* Already from a supernode. Nothing to modify, just pass to
|
|
|
* destination. */ |
|
|
* destination. */ |
|
|
|
|
|
|
|
@ -480,13 +520,16 @@ static int process_udp(n2n_sn_t *sss, |
|
|
|
|
|
|
|
|
rec_buf = udp_buf; |
|
|
rec_buf = udp_buf; |
|
|
encx = udp_size; |
|
|
encx = udp_size; |
|
|
|
|
|
|
|
|
|
|
|
if (comm->header_encryption == HEADER_ENCRYPTION_ENABLED) |
|
|
|
|
|
packet_header_encrypt (rec_buf, idx, comm->header_encryption_ctx); |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
/* Common section to forward the final product. */ |
|
|
/* Common section to forward the final product. */ |
|
|
if(unicast) |
|
|
if(unicast) |
|
|
try_forward(sss, &cmn, pkt.dstMac, rec_buf, encx); |
|
|
try_forward(sss, comm, &cmn, pkt.dstMac, rec_buf, encx); |
|
|
else |
|
|
else |
|
|
try_broadcast(sss, &cmn, pkt.srcMac, rec_buf, encx); |
|
|
try_broadcast(sss, comm, &cmn, pkt.srcMac, rec_buf, encx); |
|
|
break; |
|
|
break; |
|
|
} |
|
|
} |
|
|
case MSG_TYPE_REGISTER: |
|
|
case MSG_TYPE_REGISTER: |
|
@ -498,22 +541,25 @@ static int process_udp(n2n_sn_t *sss, |
|
|
uint8_t encbuf[N2N_SN_PKTBUF_SIZE]; |
|
|
uint8_t encbuf[N2N_SN_PKTBUF_SIZE]; |
|
|
size_t encx=0; |
|
|
size_t encx=0; |
|
|
int unicast; /* non-zero if unicast */ |
|
|
int unicast; /* non-zero if unicast */ |
|
|
const uint8_t *rec_buf; /* either udp_buf or encbuf */ |
|
|
uint8_t * rec_buf; /* either udp_buf or encbuf */ |
|
|
|
|
|
|
|
|
|
|
|
if(!comm) { |
|
|
|
|
|
traceEvent(TRACE_DEBUG, "process_udp REGISTER from unknown community %s", cmn.community); |
|
|
|
|
|
return -1; |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
sss->stats.last_fwd=now; |
|
|
sss->stats.last_fwd=now; |
|
|
decode_REGISTER(®, &cmn, udp_buf, &rem, &idx); |
|
|
decode_REGISTER(®, &cmn, udp_buf, &rem, &idx); |
|
|
|
|
|
|
|
|
unicast = (0 == is_multi_broadcast(reg.dstMac)); |
|
|
unicast = (0 == is_multi_broadcast(reg.dstMac)); |
|
|
|
|
|
|
|
|
if (unicast) |
|
|
if(unicast) { |
|
|
{ |
|
|
|
|
|
traceEvent(TRACE_DEBUG, "Rx REGISTER %s -> %s %s", |
|
|
traceEvent(TRACE_DEBUG, "Rx REGISTER %s -> %s %s", |
|
|
macaddr_str(mac_buf, reg.srcMac), |
|
|
macaddr_str(mac_buf, reg.srcMac), |
|
|
macaddr_str(mac_buf2, reg.dstMac), |
|
|
macaddr_str(mac_buf2, reg.dstMac), |
|
|
((cmn.flags & N2N_FLAGS_FROM_SUPERNODE)?"from sn":"local")); |
|
|
((cmn.flags & N2N_FLAGS_FROM_SUPERNODE)?"from sn":"local")); |
|
|
|
|
|
|
|
|
if (0 == (cmn.flags & N2N_FLAGS_FROM_SUPERNODE)) |
|
|
if(0 == (cmn.flags & N2N_FLAGS_FROM_SUPERNODE)) { |
|
|
{ |
|
|
|
|
|
memcpy(&cmn2, &cmn, sizeof(n2n_common_t)); |
|
|
memcpy(&cmn2, &cmn, sizeof(n2n_common_t)); |
|
|
|
|
|
|
|
|
/* We are going to add socket even if it was not there before */ |
|
|
/* We are going to add socket even if it was not there before */ |
|
@ -530,9 +576,7 @@ static int process_udp(n2n_sn_t *sss, |
|
|
|
|
|
|
|
|
/* Copy the original payload unchanged */ |
|
|
/* Copy the original payload unchanged */ |
|
|
encode_buf(encbuf, &encx, (udp_buf + idx), (udp_size - idx)); |
|
|
encode_buf(encbuf, &encx, (udp_buf + idx), (udp_size - idx)); |
|
|
} |
|
|
} else { |
|
|
else |
|
|
|
|
|
{ |
|
|
|
|
|
/* Already from a supernode. Nothing to modify, just pass to
|
|
|
/* Already from a supernode. Nothing to modify, just pass to
|
|
|
* destination. */ |
|
|
* destination. */ |
|
|
|
|
|
|
|
@ -540,9 +584,11 @@ static int process_udp(n2n_sn_t *sss, |
|
|
encx = udp_size; |
|
|
encx = udp_size; |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
try_forward(sss, &cmn, reg.dstMac, rec_buf, encx); /* unicast only */ |
|
|
if (comm->header_encryption == HEADER_ENCRYPTION_ENABLED) |
|
|
} |
|
|
packet_header_encrypt (rec_buf, idx, comm->header_encryption_ctx); |
|
|
else |
|
|
|
|
|
|
|
|
try_forward(sss, comm, &cmn, reg.dstMac, rec_buf, encx); /* unicast only */ |
|
|
|
|
|
} else |
|
|
traceEvent(TRACE_ERROR, "Rx REGISTER with multicast destination"); |
|
|
traceEvent(TRACE_ERROR, "Rx REGISTER with multicast destination"); |
|
|
break; |
|
|
break; |
|
|
} |
|
|
} |
|
@ -556,27 +602,22 @@ static int process_udp(n2n_sn_t *sss, |
|
|
n2n_common_t cmn2; |
|
|
n2n_common_t cmn2; |
|
|
uint8_t ackbuf[N2N_SN_PKTBUF_SIZE]; |
|
|
uint8_t ackbuf[N2N_SN_PKTBUF_SIZE]; |
|
|
size_t encx=0; |
|
|
size_t encx=0; |
|
|
struct sn_community *comm; |
|
|
|
|
|
|
|
|
|
|
|
/* Edge requesting registration with us. */ |
|
|
/* Edge requesting registration with us. */ |
|
|
sss->stats.last_reg_super=now; |
|
|
sss->stats.last_reg_super=now; |
|
|
++(sss->stats.reg_super); |
|
|
++(sss->stats.reg_super); |
|
|
decode_REGISTER_SUPER(®, &cmn, udp_buf, &rem, &idx); |
|
|
decode_REGISTER_SUPER(®, &cmn, udp_buf, &rem, &idx); |
|
|
|
|
|
|
|
|
HASH_FIND_COMMUNITY(sss->communities, (char *)cmn.community, comm); |
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
/*
|
|
|
Before we move any further, we need to check if the requested |
|
|
Before we move any further, we need to check if the requested |
|
|
community is allowed by the supernode. In case it is not we do |
|
|
community is allowed by the supernode. In case it is not we do |
|
|
not report any message back to the edge to hide the supernode |
|
|
not report any message back to the edge to hide the supernode |
|
|
existance (better from the security standpoint) |
|
|
existance (better from the security standpoint) |
|
|
*/ |
|
|
*/ |
|
|
if (!comm && !sss->lock_communities) |
|
|
if(!comm && !sss->lock_communities) { |
|
|
{ |
|
|
|
|
|
comm = calloc(1, sizeof(struct sn_community)); |
|
|
comm = calloc(1, sizeof(struct sn_community)); |
|
|
|
|
|
|
|
|
if (comm) |
|
|
if(comm) { |
|
|
{ |
|
|
|
|
|
strncpy(comm->community, (char*)cmn.community, N2N_COMMUNITY_SIZE-1); |
|
|
strncpy(comm->community, (char*)cmn.community, N2N_COMMUNITY_SIZE-1); |
|
|
comm->community[N2N_COMMUNITY_SIZE-1] = '\0'; |
|
|
comm->community[N2N_COMMUNITY_SIZE-1] = '\0'; |
|
|
/* new communities introduced by REGISTERs could not have had encrypted header */ |
|
|
/* new communities introduced by REGISTERs could not have had encrypted header */ |
|
@ -589,8 +630,7 @@ static int process_udp(n2n_sn_t *sss, |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
if (comm) |
|
|
if(comm) { |
|
|
{ |
|
|
|
|
|
cmn2.ttl = N2N_DEFAULT_TTL; |
|
|
cmn2.ttl = N2N_DEFAULT_TTL; |
|
|
cmn2.pc = n2n_register_super_ack; |
|
|
cmn2.pc = n2n_register_super_ack; |
|
|
cmn2.flags = N2N_FLAGS_SOCKET | N2N_FLAGS_FROM_SUPERNODE; |
|
|
cmn2.flags = N2N_FLAGS_SOCKET | N2N_FLAGS_FROM_SUPERNODE; |
|
@ -615,26 +655,31 @@ static int process_udp(n2n_sn_t *sss, |
|
|
|
|
|
|
|
|
encode_REGISTER_SUPER_ACK(ackbuf, &encx, &cmn2, &ack); |
|
|
encode_REGISTER_SUPER_ACK(ackbuf, &encx, &cmn2, &ack); |
|
|
|
|
|
|
|
|
|
|
|
if (comm->header_encryption == HEADER_ENCRYPTION_ENABLED) |
|
|
|
|
|
packet_header_encrypt (ackbuf, encx, comm->header_encryption_ctx); |
|
|
|
|
|
|
|
|
sendto(sss->sock, ackbuf, encx, 0, |
|
|
sendto(sss->sock, ackbuf, encx, 0, |
|
|
(struct sockaddr *)sender_sock, sizeof(struct sockaddr_in)); |
|
|
(struct sockaddr *)sender_sock, sizeof(struct sockaddr_in)); |
|
|
|
|
|
|
|
|
traceEvent(TRACE_DEBUG, "Tx REGISTER_SUPER_ACK for %s [%s]", |
|
|
traceEvent(TRACE_DEBUG, "Tx REGISTER_SUPER_ACK for %s [%s]", |
|
|
macaddr_str(mac_buf, reg.edgeMac), |
|
|
macaddr_str(mac_buf, reg.edgeMac), |
|
|
sock_to_cstr(sockbuf, &(ack.sock))); |
|
|
sock_to_cstr(sockbuf, &(ack.sock))); |
|
|
} |
|
|
} else |
|
|
else |
|
|
|
|
|
traceEvent(TRACE_INFO, "Discarded registration: unallowed community '%s'", |
|
|
traceEvent(TRACE_INFO, "Discarded registration: unallowed community '%s'", |
|
|
(char*)cmn.community); |
|
|
(char*)cmn.community); |
|
|
break; |
|
|
break; |
|
|
} |
|
|
} |
|
|
case MSG_TYPE_QUERY_PEER: |
|
|
case MSG_TYPE_QUERY_PEER: { |
|
|
{ |
|
|
|
|
|
n2n_QUERY_PEER_t query; |
|
|
n2n_QUERY_PEER_t query; |
|
|
uint8_t encbuf[N2N_SN_PKTBUF_SIZE]; |
|
|
uint8_t encbuf[N2N_SN_PKTBUF_SIZE]; |
|
|
size_t encx=0; |
|
|
size_t encx=0; |
|
|
n2n_common_t cmn2; |
|
|
n2n_common_t cmn2; |
|
|
n2n_PEER_INFO_t pi; |
|
|
n2n_PEER_INFO_t pi; |
|
|
struct sn_community *community; |
|
|
|
|
|
|
|
|
if(!comm) { |
|
|
|
|
|
traceEvent(TRACE_DEBUG, "process_udp QUERY_PEER from unknown community %s", cmn.community); |
|
|
|
|
|
return -1; |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
decode_QUERY_PEER( &query, &cmn, udp_buf, &rem, &idx ); |
|
|
decode_QUERY_PEER( &query, &cmn, udp_buf, &rem, &idx ); |
|
|
|
|
|
|
|
@ -642,15 +687,10 @@ static int process_udp(n2n_sn_t *sss, |
|
|
macaddr_str( mac_buf, query.srcMac ), |
|
|
macaddr_str( mac_buf, query.srcMac ), |
|
|
macaddr_str( mac_buf2, query.targetMac ) ); |
|
|
macaddr_str( mac_buf2, query.targetMac ) ); |
|
|
|
|
|
|
|
|
HASH_FIND_COMMUNITY(sss->communities, (char *)cmn.community, community); |
|
|
|
|
|
|
|
|
|
|
|
if (community) |
|
|
|
|
|
{ |
|
|
|
|
|
struct peer_info *scan; |
|
|
struct peer_info *scan; |
|
|
HASH_FIND_PEER(community->edges, query.targetMac, scan); |
|
|
HASH_FIND_PEER(comm->edges, query.targetMac, scan); |
|
|
|
|
|
|
|
|
if (scan) |
|
|
if (scan) { |
|
|
{ |
|
|
|
|
|
cmn2.ttl = N2N_DEFAULT_TTL; |
|
|
cmn2.ttl = N2N_DEFAULT_TTL; |
|
|
cmn2.pc = n2n_peer_info; |
|
|
cmn2.pc = n2n_peer_info; |
|
|
cmn2.flags = N2N_FLAGS_FROM_SUPERNODE; |
|
|
cmn2.flags = N2N_FLAGS_FROM_SUPERNODE; |
|
@ -662,18 +702,18 @@ static int process_udp(n2n_sn_t *sss, |
|
|
|
|
|
|
|
|
encode_PEER_INFO( encbuf, &encx, &cmn2, &pi ); |
|
|
encode_PEER_INFO( encbuf, &encx, &cmn2, &pi ); |
|
|
|
|
|
|
|
|
|
|
|
if (comm->header_encryption == HEADER_ENCRYPTION_ENABLED) |
|
|
|
|
|
packet_header_encrypt (encbuf, encx, comm->header_encryption_ctx); |
|
|
|
|
|
|
|
|
sendto( sss->sock, encbuf, encx, 0, |
|
|
sendto( sss->sock, encbuf, encx, 0, |
|
|
(struct sockaddr *)sender_sock, sizeof(struct sockaddr_in) ); |
|
|
(struct sockaddr *)sender_sock, sizeof(struct sockaddr_in) ); |
|
|
|
|
|
|
|
|
traceEvent( TRACE_DEBUG, "Tx PEER_INFO to %s", |
|
|
traceEvent( TRACE_DEBUG, "Tx PEER_INFO to %s", |
|
|
macaddr_str( mac_buf, query.srcMac ) ); |
|
|
macaddr_str( mac_buf, query.srcMac ) ); |
|
|
} |
|
|
} else { |
|
|
else |
|
|
|
|
|
{ |
|
|
|
|
|
traceEvent( TRACE_DEBUG, "Ignoring QUERY_PEER for unknown edge %s", |
|
|
traceEvent( TRACE_DEBUG, "Ignoring QUERY_PEER for unknown edge %s", |
|
|
macaddr_str( mac_buf, query.targetMac ) ); |
|
|
macaddr_str( mac_buf, query.targetMac ) ); |
|
|
} |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
break; |
|
|
break; |
|
|
} |
|
|
} |
|
|