From aa1f4311f9b519b68cd0a401f76cfecdf0ba7e08 Mon Sep 17 00:00:00 2001 From: Logan oos Even <46396513+Logan007@users.noreply.github.com> Date: Tue, 16 Mar 2021 17:24:59 +0545 Subject: [PATCH] adapted packet format (#662) * adapted packet format --- include/n2n_typedefs.h | 9 ++++---- src/edge_utils.c | 43 +++++++++++++++++------------------- src/sn_utils.c | 49 +++++++++++++++++++++--------------------- src/wire.c | 4 ++-- 4 files changed, 50 insertions(+), 55 deletions(-) diff --git a/include/n2n_typedefs.h b/include/n2n_typedefs.h index be20913..388dd27 100644 --- a/include/n2n_typedefs.h +++ b/include/n2n_typedefs.h @@ -345,7 +345,7 @@ typedef struct n2n_PACKET { typedef struct n2n_REGISTER_SUPER { n2n_cookie_t cookie; /**< Link REGISTER_SUPER and REGISTER_SUPER_ACK */ n2n_mac_t edgeMac; /**< MAC to register with edge sending socket */ - n2n_sock_t sock; /**< Sending socket associated with srcMac */ + n2n_sock_t sock; /**< Sending socket associated with edgeMac */ n2n_ip_subnet_t dev_addr; /**< IP address of the tuntap adapter. */ n2n_desc_t dev_desc; /**< Hint description correlated with the edge */ n2n_auth_t auth; /**< Authentication scheme and tokens */ @@ -355,10 +355,10 @@ typedef struct n2n_REGISTER_SUPER { /* Linked with n2n_register_super_ack in n2n_pc_t. Only from supernode to edge. */ typedef struct n2n_REGISTER_SUPER_ACK { n2n_cookie_t cookie; /**< Return cookie from REGISTER_SUPER */ - n2n_mac_t edgeMac; /**< MAC registered to edge sending socket */ + n2n_mac_t srcMac; /**< MAC of answering supernode */ n2n_ip_subnet_t dev_addr; /**< Assign an IP address to the tuntap adapter of edge. */ uint16_t lifetime; /**< How long the registration will live */ - n2n_sock_t sock; /**< Sending sockets associated with edgeMac */ + n2n_sock_t sock; /**< Sending sockets associated with edge */ n2n_auth_t auth; /**< Authentication scheme and tokens */ /** The packet format provides additional supernode definitions here. @@ -366,8 +366,7 @@ typedef struct n2n_REGISTER_SUPER_ACK { * n2n_sock_t. */ uint8_t num_sn; /**< Number of supernodes that were send - * even if we cannot store them all. If - * non-zero then sn_bak is valid. */ + * even if we cannot store them all. */ } n2n_REGISTER_SUPER_ACK_t; diff --git a/src/edge_utils.c b/src/edge_utils.c index 756b8aa..d025334 100644 --- a/src/edge_utils.c +++ b/src/edge_utils.c @@ -2233,7 +2233,7 @@ void process_udp (n2n_edge_t *eee, const struct sockaddr_in *sender_sock, const decode_PACKET(&pkt, &cmn, udp_buf, &rem, &idx); if(eee->conf.header_encryption == HEADER_ENCRYPTION_ENABLED) { - if(!find_peer_time_stamp_and_verify (eee, sn, pkt.srcMac, stamp, TIME_STAMP_ALLOW_JITTER)) { + if(!find_peer_time_stamp_and_verify(eee, sn, pkt.srcMac, stamp, TIME_STAMP_ALLOW_JITTER)) { traceEvent(TRACE_DEBUG, "readFromIPSocket dropped PACKET due to time stamp error."); return; } @@ -2280,8 +2280,8 @@ void process_udp (n2n_edge_t *eee, const struct sockaddr_in *sender_sock, const via_multicast &= is_null_mac(reg.dstMac); if(eee->conf.header_encryption == HEADER_ENCRYPTION_ENABLED) { - if(!find_peer_time_stamp_and_verify (eee, sn, reg.srcMac, stamp, - via_multicast ? TIME_STAMP_ALLOW_JITTER : TIME_STAMP_NO_JITTER)) { + if(!find_peer_time_stamp_and_verify(eee, sn, reg.srcMac, stamp, + via_multicast ? TIME_STAMP_ALLOW_JITTER : TIME_STAMP_NO_JITTER)) { traceEvent(TRACE_DEBUG, "readFromIPSocket dropped REGISTER due to time stamp error."); return; } @@ -2330,7 +2330,7 @@ void process_udp (n2n_edge_t *eee, const struct sockaddr_in *sender_sock, const decode_REGISTER_ACK(&ra, &cmn, udp_buf, &rem, &idx); if(eee->conf.header_encryption == HEADER_ENCRYPTION_ENABLED) { - if(!find_peer_time_stamp_and_verify (eee, sn, ra.srcMac, stamp, TIME_STAMP_NO_JITTER)) { + if(!find_peer_time_stamp_and_verify(eee, sn, ra.srcMac, stamp, TIME_STAMP_NO_JITTER)) { traceEvent(TRACE_DEBUG, "readFromIPSocket dropped REGISTER_ACK due to time stamp error."); return; } @@ -2364,7 +2364,7 @@ void process_udp (n2n_edge_t *eee, const struct sockaddr_in *sender_sock, const decode_REGISTER_SUPER_ACK(&ra, &cmn, udp_buf, &rem, &idx, tmpbuf); if(eee->conf.header_encryption == HEADER_ENCRYPTION_ENABLED) { - if(!find_peer_time_stamp_and_verify (eee, sn, null_mac, stamp, TIME_STAMP_NO_JITTER)) { + if(!find_peer_time_stamp_and_verify(eee, sn, ra.srcMac, stamp, TIME_STAMP_NO_JITTER)) { traceEvent(TRACE_DEBUG, "readFromIPSocket dropped REGISTER_SUPER_ACK due to time stamp error."); return; } @@ -2373,22 +2373,20 @@ void process_udp (n2n_edge_t *eee, const struct sockaddr_in *sender_sock, const if(is_valid_peer_sock(&ra.sock)) orig_sender = &(ra.sock); - traceEvent(TRACE_INFO, "Rx REGISTER_SUPER_ACK myMAC=%s [%s] (external %s). Attempts %u", - macaddr_str(mac_buf1, ra.edgeMac), + traceEvent(TRACE_INFO, "Rx REGISTER_SUPER_ACK from MAC %s [%s] (external %s). Attempts %u", + macaddr_str(mac_buf1, ra.srcMac), sock_to_cstr(sockbuf1, &sender), sock_to_cstr(sockbuf2, orig_sender), (unsigned int)eee->sup_attempts); - // this even holds true for auto ip assignment as own mac is null_mac - if(memcmp(ra.edgeMac, eee->device.mac_addr, N2N_MAC_SIZE)) { - traceEvent(TRACE_INFO, "readFromIPSocket dropped REGISTER_SUPER_ACK due to wrong addressing."); - return; - } - if(0 == memcmp(ra.cookie, eee->curr_sn->last_cookie, N2N_COOKIE_SIZE)) { handle_remote_auth(eee, sn, &(ra.auth)); + HASH_DEL(eee->conf.supernodes, eee->curr_sn); + memcpy(&eee->curr_sn->mac_addr, ra.srcMac, N2N_MAC_SIZE); + HASH_ADD_PEER(eee->conf.supernodes, eee->curr_sn); + payload = (n2n_REGISTER_SUPER_ACK_payload_t*)tmpbuf; // from here on, 'sn' gets used differently @@ -2427,9 +2425,9 @@ void process_udp (n2n_edge_t *eee, const struct sockaddr_in *sender_sock, const } } - // update last_sup only on 'real' REGISTER_SUPER_ACKs, not on bootstrap ones (null_mac) - // this allows reliable in/out PACKET drop if not really registered with a supernode yet - if(!is_null_mac(ra.edgeMac)) { + // update last_sup only on 'real' REGISTER_SUPER_ACKs, not on bootstrap ones (own MAC address + // still null_mac) this allows reliable in/out PACKET drop if not really registered with a supernode yet + if(!is_null_mac(eee->device.mac_addr)) { if(!eee->last_sup) { // indicates successful connection between the edge and a supernode traceEvent(TRACE_NORMAL, "[OK] Edge Peer <<< ================ >>> Super Node"); @@ -2446,7 +2444,7 @@ void process_udp (n2n_edge_t *eee, const struct sockaddr_in *sender_sock, const * based on its NAT configuration. */ //eee->conf.register_interval = ra.lifetime; - if(eee->cb.sn_registration_updated && !is_null_mac(ra.edgeMac)) + if(eee->cb.sn_registration_updated && !is_null_mac(eee->device.mac_addr)) eee->cb.sn_registration_updated(eee, now, &sender); } else { @@ -2495,7 +2493,7 @@ void process_udp (n2n_edge_t *eee, const struct sockaddr_in *sender_sock, const decode_PEER_INFO(&pi, &cmn, udp_buf, &rem, &idx); if(eee->conf.header_encryption == HEADER_ENCRYPTION_ENABLED) { - if(!find_peer_time_stamp_and_verify (eee, sn, null_mac, stamp, TIME_STAMP_ALLOW_JITTER)) { + if(!find_peer_time_stamp_and_verify(eee, sn, null_mac, stamp, TIME_STAMP_ALLOW_JITTER)) { traceEvent(TRACE_DEBUG, "readFromIPSocket dropped PEER_INFO due to time stamp error."); return; } @@ -2731,9 +2729,9 @@ int run_edge_loop (n2n_edge_t *eee, int *keep_running) { // external if(FD_ISSET(eee->sock, &socket_mask)) { - if (0 != fetch_and_eventually_process_data (eee, eee->sock, - pktbuf, &expected, &position, - now)) { + if (0 != fetch_and_eventually_process_data(eee, eee->sock, + pktbuf, &expected, &position, + now)) { *keep_running = 0; break; } @@ -2751,7 +2749,6 @@ int run_edge_loop (n2n_edge_t *eee, int *keep_running) { } #ifndef SKIP_MULTICAST_PEERS_DISCOVERY - if(FD_ISSET(eee->udp_multicast_sock, &socket_mask)) { if (0 != fetch_and_eventually_process_data (eee, eee->udp_multicast_sock, pktbuf, &expected, &position, @@ -3412,7 +3409,7 @@ int quick_edge_init (char *device_name, char *community_name, device_mac, DEFAULT_MTU #ifdef WIN32 , 0 -#endif +#endif ) < 0) return(-2); diff --git a/src/sn_utils.c b/src/sn_utils.c index 5e0e281..de176a6 100644 --- a/src/sn_utils.c +++ b/src/sn_utils.c @@ -896,6 +896,7 @@ static int re_register_and_purge_supernodes (n2n_sn_t *sss, struct sn_community } memcpy(reg.cookie, cookie, N2N_COOKIE_SIZE); + memcpy(peer->last_cookie, cookie, N2N_COOKIE_SIZE); reg.dev_addr.net_addr = ntohl(peer->dev_addr.net_addr); reg.dev_addr.net_bitlen = mask2bitlen(ntohl(peer->dev_addr.net_bitlen)); get_local_auth(sss, &(reg.auth)); @@ -1519,12 +1520,7 @@ static int process_udp (n2n_sn_t * sss, memcpy(cmn2.community, cmn.community, sizeof(n2n_community_t)); memcpy(&(ack.cookie), &(reg.cookie), sizeof(n2n_cookie_t)); - - if(comm->is_federation == IS_FEDERATION) { - memcpy(ack.edgeMac, sss->mac_addr, sizeof(n2n_mac_t)); - } else { - memcpy(ack.edgeMac, reg.edgeMac, sizeof(n2n_mac_t)); - } + memcpy(ack.srcMac, sss->mac_addr, sizeof(n2n_mac_t)); if((reg.dev_addr.net_addr == 0) || (reg.dev_addr.net_addr == 0xFFFFFFFF) || (reg.dev_addr.net_bitlen == 0) || ((reg.dev_addr.net_addr & 0xFFFF0000) == 0xA9FE0000 /* 169.254.0.0 */)) { @@ -1686,7 +1682,7 @@ static int process_udp (n2n_sn_t * sss, decode_UNREGISTER_SUPER(&unreg, &cmn, udp_buf, &rem, &idx); if(comm->header_encryption == HEADER_ENCRYPTION_ENABLED) { - if(!find_edge_time_stamp_and_verify (comm->edges, sn, unreg.srcMac, stamp, TIME_STAMP_NO_JITTER)) { + if(!find_edge_time_stamp_and_verify(comm->edges, sn, unreg.srcMac, stamp, TIME_STAMP_NO_JITTER)) { traceEvent(TRACE_DEBUG, "process_udp dropped UNREGISTER_SUPER due to time stamp error."); return -1; } @@ -1747,21 +1743,21 @@ static int process_udp (n2n_sn_t * sss, if(comm) { if(comm->header_encryption == HEADER_ENCRYPTION_ENABLED) { - if(!find_edge_time_stamp_and_verify (comm->edges, sn, ack.edgeMac, stamp, TIME_STAMP_NO_JITTER)) { + if(!find_edge_time_stamp_and_verify(comm->edges, sn, ack.srcMac, stamp, TIME_STAMP_NO_JITTER)) { traceEvent(TRACE_DEBUG, "process_udp dropped REGISTER_SUPER_ACK due to time stamp error."); return -1; } } } - traceEvent(TRACE_INFO, "Rx REGISTER_SUPER_ACK myMAC=%s [%s] (external %s)", - macaddr_str(mac_buf1, ack.edgeMac), + traceEvent(TRACE_INFO, "Rx REGISTER_SUPER_ACK from MAC %s [%s] (external %s)", + macaddr_str(mac_buf1, ack.srcMac), sock_to_cstr(sockbuf1, &sender), sock_to_cstr(sockbuf2, orig_sender)); if(comm->is_federation == IS_FEDERATION) { skip_add = SN_ADD_SKIP; - scan = add_sn_to_list_by_mac_or_sock(&(sss->federation->edges), &sender, ack.edgeMac, &skip_add); + scan = add_sn_to_list_by_mac_or_sock(&(sss->federation->edges), &sender, ack.srcMac, &skip_add); if(scan != NULL) { scan->last_seen = now; } else { @@ -1770,22 +1766,25 @@ static int process_udp (n2n_sn_t * sss, } } - payload = (n2n_REGISTER_SUPER_ACK_payload_t *)dec_tmpbuf; + if(0 == memcmp(ack.cookie, scan->last_cookie, N2N_COOKIE_SIZE)) { + payload = (n2n_REGISTER_SUPER_ACK_payload_t *)dec_tmpbuf; - for(i = 0; i < ack.num_sn; i++) { - skip_add = SN_ADD; - tmp = add_sn_to_list_by_mac_or_sock(&(sss->federation->edges), &(payload->sock), payload->mac, &skip_add); - // other supernodes communicate via standard udp socket - tmp->socket_fd = sss->sock; + for(i = 0; i < ack.num_sn; i++) { + skip_add = SN_ADD; + tmp = add_sn_to_list_by_mac_or_sock(&(sss->federation->edges), &(payload->sock), payload->mac, &skip_add); + // other supernodes communicate via standard udp socket + tmp->socket_fd = sss->sock; - if(skip_add == SN_ADD_ADDED) { - tmp->last_seen = now - LAST_SEEN_SN_NEW; - } + if(skip_add == SN_ADD_ADDED) { + tmp->last_seen = now - LAST_SEEN_SN_NEW; + } - // shift to next payload entry - payload++; + // shift to next payload entry + payload++; + } + } else { + traceEvent(TRACE_INFO, "Rx REGISTER_SUPER_ACK with wrong or old cookie."); } - break; } @@ -1814,7 +1813,7 @@ static int process_udp (n2n_sn_t * sss, if(comm) { if(comm->header_encryption == HEADER_ENCRYPTION_ENABLED) { - if(!find_edge_time_stamp_and_verify (comm->edges, sn, nak.srcMac, stamp, TIME_STAMP_NO_JITTER)) { + if(!find_edge_time_stamp_and_verify(comm->edges, sn, nak.srcMac, stamp, TIME_STAMP_NO_JITTER)) { traceEvent(TRACE_DEBUG, "process_udp dropped REGISTER_SUPER_NAK due to time stamp error."); return -1; } @@ -1895,7 +1894,7 @@ static int process_udp (n2n_sn_t * sss, // already checked for valid comm if(comm) { if(comm->header_encryption == HEADER_ENCRYPTION_ENABLED) { - if(!find_edge_time_stamp_and_verify (comm->edges, sn, query.srcMac, stamp, TIME_STAMP_ALLOW_JITTER)) { + if(!find_edge_time_stamp_and_verify(comm->edges, sn, query.srcMac, stamp, TIME_STAMP_ALLOW_JITTER)) { traceEvent(TRACE_DEBUG, "process_udp dropped QUERY_PEER due to time stamp error."); return -1; } diff --git a/src/wire.c b/src/wire.c index 12d12c9..4b6eb2f 100644 --- a/src/wire.c +++ b/src/wire.c @@ -478,7 +478,7 @@ int encode_REGISTER_SUPER_ACK (uint8_t *base, retval += encode_common(base, idx, common); retval += encode_buf(base, idx, reg->cookie, N2N_COOKIE_SIZE); - retval += encode_mac(base, idx, reg->edgeMac); + retval += encode_mac(base, idx, reg->srcMac); retval += encode_uint32(base, idx, reg->dev_addr.net_addr); retval += encode_uint8(base, idx, reg->dev_addr.net_bitlen); retval += encode_uint16(base, idx, reg->lifetime); @@ -501,7 +501,7 @@ int decode_REGISTER_SUPER_ACK (n2n_REGISTER_SUPER_ACK_t *reg, memset(reg, 0, sizeof(n2n_REGISTER_SUPER_ACK_t)); retval += decode_buf(reg->cookie, N2N_COOKIE_SIZE, base, rem, idx); - retval += decode_mac(reg->edgeMac, base, rem, idx); + retval += decode_mac(reg->srcMac, base, rem, idx); retval += decode_uint32(&(reg->dev_addr.net_addr), base, rem, idx); retval += decode_uint8(&(reg->dev_addr.net_bitlen), base, rem, idx); retval += decode_uint16(&(reg->lifetime), base, rem, idx);