1/*
2 This file is part of Mtproto-proxy Library.
3
4 Mtproto-proxy Library is free software: you can redistribute it and/or modify
5 it under the terms of the GNU Lesser General Public License as published by
6 the Free Software Foundation, either version 2 of the License, or
7 (at your option) any later version.
8
9 Mtproto-proxy Library is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU Lesser General Public License for more details.
13
14 You should have received a copy of the GNU Lesser General Public License
15 along with Mtproto-proxy Library. If not, see <http://www.gnu.org/licenses/>.
16
17 Copyright 2010-2013 Vkontakte Ltd
18 2010-2013 Nikolai Durov
19 2010-2013 Andrey Lopatin
20 2013 Vitaliy Valtman
21
22 Copyright 2014-2016 Telegram Messenger Inc
23 2015-2016 Vitaly Valtman
24*/
25
26#define _FILE_OFFSET_BITS 64
27
28#include <assert.h>
29#include <string.h>
30#include <stdio.h>
31#include <stdlib.h>
32#include <time.h>
33#include <unistd.h>
34#include <stddef.h>
35
36#include "crc32.h"
37#include "crc32c.h"
38#include "net/net-events.h"
39#include "kprintf.h"
40#include "precise-time.h"
41#include "net/net-tcp-connections.h"
42#include "net/net-tcp-rpc-common.h"
43#include "net/net-tcp-rpc-client.h"
44
45#include "vv/vv-io.h"
46
47#include "rpc-const.h"
48#include "net/net-config.h"
49#include "net/net-crypto-aes.h"
50#include "net/net-crypto-dh.h"
51
52#include "net/net-thread.h"
53
54/*
55 *
56 * BASIC RPC CLIENT INTERFACE
57 *
58 */
59
60int tcp_rpcc_parse_execute (connection_job_t c);
61int tcp_rpcc_compact_parse_execute (connection_job_t c);
62int tcp_rpcc_connected (connection_job_t c);
63int tcp_rpcc_connected_nohs (connection_job_t c);
64int tcp_rpcc_close_connection (connection_job_t c, int who);
65int tcp_rpcc_init_outbound (connection_job_t c);
66int tcp_rpc_client_check_ready (connection_job_t c);
67int tcp_rpcc_default_check_perm (connection_job_t c);
68int tcp_rpcc_init_crypto (connection_job_t c);
69int tcp_rpcc_start_crypto (connection_job_t c, char *nonce, int key_select, unsigned char *temp_key, int temp_key_len);
70
71
72conn_type_t ct_tcp_rpc_client = {
73 .magic = CONN_FUNC_MAGIC,
74 .title = "rpc_client",
75 .accept = server_failed,
76 .init_accepted = server_failed,
77 .parse_execute = tcp_rpcc_parse_execute,
78 .close = tcp_rpcc_close_connection,
79 .init_outbound = tcp_rpcc_init_outbound,
80 .connected = tcp_rpcc_connected,
81 .wakeup = server_noop,
82 .check_ready = tcp_rpc_client_check_ready,
83 .flush = tcp_rpc_flush,
84 .write_packet = tcp_rpc_write_packet,
85 .crypto_init = aes_crypto_init,
86 .crypto_free = aes_crypto_free,
87 .crypto_encrypt_output = cpu_tcp_aes_crypto_encrypt_output,
88 .crypto_decrypt_input = cpu_tcp_aes_crypto_decrypt_input,
89 .crypto_needed_output_bytes = cpu_tcp_aes_crypto_needed_output_bytes,
90 .flags = C_RAWMSG,
91};
92
93//int tcp_rpcc_default_execute (connection_job_t c, int op, struct raw_message *raw);
94
95struct tcp_rpc_client_functions default_tcp_rpc_client = {
96 .execute = tcp_rpc_default_execute,
97 .check_ready = tcp_rpcc_default_check_ready,
98 .flush_packet = tcp_rpc_flush_packet,
99 .rpc_check_perm = tcp_rpcc_default_check_perm,
100 .rpc_init_crypto = tcp_rpcc_init_crypto,
101 .rpc_start_crypto = tcp_rpcc_start_crypto,
102 .rpc_ready = server_noop,
103};
104
105static int tcp_rpcc_process_nonce_packet (connection_job_t C, struct raw_message *msg) /* {{{ */ {
106 struct connection_info *c = CONN_INFO (C);
107
108 struct tcp_rpc_data *D = TCP_RPC_DATA(C);
109 union {
110 struct tcp_rpc_nonce_packet s;
111 struct tcp_rpc_nonce_ext_packet x;
112 struct tcp_rpc_nonce_dh_packet dh;
113 } P;
114 struct tcp_rpc_nonce_dh_packet *dh = 0;
115 int res;
116
117 unsigned char temp_dh[256];
118 int temp_dh_len = 0;
119
120 int packet_num = D->in_packet_num - 1;
121 int packet_type;
122 assert (rwm_fetch_lookup (msg, &packet_type, 4) == 4);
123 int packet_len = msg->total_bytes;
124
125 if (packet_num != -2 || packet_type != RPC_NONCE) {
126 return -2;
127 }
128
129 if (packet_len < sizeof (struct tcp_rpc_nonce_packet) || packet_len > sizeof (struct tcp_rpc_nonce_dh_packet)) {
130 return -3;
131 }
132
133 assert (rwm_fetch_data (msg, &P, packet_len) == packet_len);
134
135 vkprintf (2, "Processing nonce packet, crypto schema: %d, key select: %d\n", P.s.crypto_schema, P.s.key_select);
136
137 switch (P.s.crypto_schema) {
138 case RPC_CRYPTO_NONE:
139 if (packet_len != sizeof (struct tcp_rpc_nonce_packet)) {
140 return -3;
141 }
142 break;
143 case RPC_CRYPTO_AES:
144 if (packet_len != sizeof (struct tcp_rpc_nonce_packet)) {
145 return -3;
146 }
147 break;
148 case RPC_CRYPTO_AES_EXT:
149 if (packet_len < sizeof (struct tcp_rpc_nonce_ext_packet) - 4 * RPC_MAX_EXTRA_KEYS) {
150 return -3;
151 }
152 if (P.x.extra_keys_count < 0 || P.x.extra_keys_count > RPC_MAX_EXTRA_KEYS || packet_len != sizeof (struct tcp_rpc_nonce_ext_packet) + 4*(P.x.extra_keys_count - RPC_MAX_EXTRA_KEYS)) {
153 return -3;
154 }
155 break;
156 case RPC_CRYPTO_AES_DH:
157 if (packet_len < sizeof (struct tcp_rpc_nonce_dh_packet) - 4 * RPC_MAX_EXTRA_KEYS) {
158 return -3;
159 }
160 if (P.x.extra_keys_count < 0 || P.x.extra_keys_count > RPC_MAX_EXTRA_KEYS || packet_len != sizeof (struct tcp_rpc_nonce_dh_packet) + 4 * (P.x.extra_keys_count - RPC_MAX_EXTRA_KEYS)) {
161 return -3;
162 }
163 break;
164 default:
165 return -3;
166 }
167
168 switch (P.s.crypto_schema) {
169 case RPC_CRYPTO_NONE:
170 if (P.s.key_select) {
171 return -3;
172 }
173 if (D->crypto_flags & RPCF_ALLOW_UNENC) {
174 if (D->crypto_flags & RPCF_ALLOW_ENC) {
175 // release_all_unprocessed (&c->Out);
176 assert (!c->out_p.total_bytes);
177 }
178 D->crypto_flags = RPCF_ALLOW_UNENC;
179 } else {
180 return -5;
181 }
182 break;
183 case RPC_CRYPTO_AES_DH: {
184 dh = (struct tcp_rpc_nonce_dh_packet *)((char *) &P + 4 * (P.x.extra_keys_count - RPC_MAX_EXTRA_KEYS));
185 if (!dh_params_select) {
186 init_dh_params ();
187 }
188 if (!dh->dh_params_select || dh->dh_params_select != dh_params_select) {
189 return -7;
190 }
191 if (!(D->crypto_flags & RPCF_REQ_DH) || !c->crypto_temp) {
192 return -7;
193 }
194 }
195 case RPC_CRYPTO_AES_EXT:
196 P.s.key_select = select_best_key_signature (P.s.key_select, P.x.extra_keys_count, P.x.extra_key_select);
197 case RPC_CRYPTO_AES:
198 if (!P.s.key_select || !select_best_key_signature (P.s.key_select, 0, 0)) {
199 return -3;
200 }
201 if (!(D->crypto_flags & RPCF_ALLOW_ENC)) {
202 return -5;
203 }
204 if (abs (P.s.crypto_ts - D->nonce_time) > 30) {
205 return -6;
206 }
207 if ((D->crypto_flags & (RPCF_REQ_DH | RPCF_ALLOW_SKIP_DH)) == RPCF_REQ_DH && !dh) {
208 return -7;
209 }
210 if (dh) {
211 temp_dh_len = dh_third_round (temp_dh, dh->g_a, c->crypto_temp);
212 if (temp_dh_len != 256) {
213 return -8;
214 }
215 //active_dh_connections++;
216 incr_active_dh_connections ();
217 __sync_fetch_and_or (&c->flags, C_ISDH);
218 }
219 if (c->crypto_temp) {
220 if (((struct crypto_temp_dh_params *) c->crypto_temp)->magic == CRYPTO_TEMP_DH_PARAMS_MAGIC) {
221 free_crypto_temp (c->crypto_temp, sizeof (struct crypto_temp_dh_params));
222 } else {
223 free_crypto_temp (c->crypto_temp, 0);
224 }
225 c->crypto_temp = 0;
226 }
227 res = TCP_RPCC_FUNC(C)->rpc_start_crypto (C, P.s.crypto_nonce, P.s.key_select, temp_dh, temp_dh_len);
228 if (res < 0) {
229 return -6;
230 }
231 break;
232 default:
233 return -4;
234 }
235
236 vkprintf (2, "Processed nonce packet, crypto flags = %d\n", D->crypto_flags);
237 return 0;
238}
239/* }}} */
240
241static int tcp_rpcc_send_handshake_packet (connection_job_t C) /* {{{ */ {
242 struct connection_info *c = CONN_INFO (C);
243
244 struct tcp_rpc_data *D = TCP_RPC_DATA (C);
245 struct tcp_rpc_handshake_packet P;
246 if (!PID.pid) {
247 init_client_PID (c->our_ip);
248 }
249 memset (&P, 0, sizeof (P));
250 P.type = RPC_HANDSHAKE;
251 P.flags = tcp_get_default_rpc_flags () & RPCF_USE_CRC32C;
252 if (!D->remote_pid.port) {
253 D->remote_pid.ip = (c->remote_ip == 0x7f000001 ? 0 : c->remote_ip);
254 D->remote_pid.port = c->remote_port;
255 }
256 memcpy (&P.sender_pid, &PID, sizeof (struct process_id));
257 memcpy (&P.peer_pid, &D->remote_pid, sizeof (struct process_id));
258
259 tcp_rpc_conn_send_data (JOB_REF_CREATE_PASS (C), sizeof (P), &P);
260
261 return 0;
262}
263/* }}} */
264
265static int tcp_rpcc_send_handshake_error_packet (connection_job_t C, int error_code) /* {{{ */ {
266 struct connection_info *c = CONN_INFO (C);
267
268 struct tcp_rpc_handshake_error_packet P;
269 if (!PID.pid) {
270 init_client_PID (c->our_ip);
271 }
272 memset (&P, 0, sizeof (P));
273 P.type = RPC_HANDSHAKE_ERROR;
274 P.error_code = error_code;
275 memcpy (&P.sender_pid, &PID, sizeof (PID));
276 tcp_rpc_conn_send_data (JOB_REF_CREATE_PASS (C), sizeof (P), &P);
277
278 return 0;
279}
280/* }}} */
281
282static int tcp_rpcc_process_handshake_packet (connection_job_t C, struct raw_message *msg) /* {{{ */ {
283 //struct connection_info *c = CONN_INFO (C);
284
285 struct tcp_rpc_data *D = TCP_RPC_DATA(C);
286 struct tcp_rpc_handshake_packet P;
287
288 int packet_num = D->in_packet_num - 1;
289 int packet_len = msg->total_bytes;
290 int packet_type;
291 assert (rwm_fetch_lookup (msg, &packet_type, 4) == 4);
292
293 if (packet_num != -1 || packet_type != RPC_HANDSHAKE) {
294 return -2;
295 }
296 if (packet_len != sizeof (struct tcp_rpc_handshake_packet)) {
297 tcp_rpcc_send_handshake_error_packet (C, -3);
298 return -3;
299 }
300 assert (rwm_fetch_data (msg, &P, packet_len) == packet_len);
301 if (!matches_pid (&P.sender_pid, &D->remote_pid) && !(TCP_RPCC_FUNC(C)->mode_flags & TCP_RPC_IGNORE_PID)) {
302 vkprintf (1, "PID mismatch during client RPC handshake: local %08x:%d:%d:%d, remote %08x:%d:%d:%d\n",
303 D->remote_pid.ip, D->remote_pid.port, D->remote_pid.pid, D->remote_pid.utime, P.sender_pid.ip, P.sender_pid.port, P.sender_pid.pid, P.sender_pid.utime);
304 tcp_rpcc_send_handshake_error_packet (C, -6);
305 return -6;
306 }
307 if (!P.sender_pid.ip) {
308 P.sender_pid.ip = D->remote_pid.ip;
309 }
310 memcpy (&D->remote_pid, &P.sender_pid, sizeof (struct process_id));
311 if (!matches_pid (&PID, &P.peer_pid)) {
312 tcp_rpcc_send_handshake_error_packet (C, -4);
313 return -4;
314 }
315 if (P.flags & 0xff) {
316 tcp_rpcc_send_handshake_error_packet (C, -7);
317 return -7;
318 }
319 if (P.flags & RPCF_USE_CRC32C) {
320 if (!(tcp_get_default_rpc_flags () & RPCF_USE_CRC32C)) {
321 tcp_rpcc_send_handshake_error_packet (C, -8);
322 return -8;
323 }
324 D->crypto_flags |= RPCF_USE_CRC32C;
325 D->custom_crc_partial = crc32c_partial;
326 }
327 return 0;
328}
329/* }}} */
330
331int tcp_rpcc_parse_execute (connection_job_t C) /* {{{ */ {
332 struct connection_info *c = CONN_INFO (C);
333
334 vkprintf (4, "%s. in_total_bytes = %d\n", __func__, c->in.total_bytes);
335 struct tcp_rpc_data *D = TCP_RPC_DATA(C);
336 int len;
337
338 while (1) {
339 len = c->in.total_bytes;
340 if (len <= 0) {
341 break;
342 }
343 if (len < 4) {
344 return 4 - len;
345 }
346
347 int packet_len;
348 assert (rwm_fetch_lookup (&c->in, &packet_len, 4) == 4);
349 if (packet_len <= 0 || (packet_len & 3) || (packet_len > TCP_RPCC_FUNC(C)->max_packet_len && TCP_RPCC_FUNC(C)->max_packet_len > 0)) {
350 vkprintf (1, "error while parsing packet: bad packet length %d\n", packet_len);
351 fail_connection (C, -1);
352 return 0;
353 }
354
355 if (packet_len == 4) {
356 assert (rwm_skip_data (&c->in, 4) == 4);
357 continue;
358 }
359
360 if (packet_len < 16) {
361 vkprintf (1, "error while parsing packet: bad packet length %d\n", packet_len);
362 fail_connection (C, -2);
363 return 0;
364 }
365
366 if (len < packet_len) {
367 return packet_len - len;
368 }
369
370
371 struct raw_message msg;
372 if (c->in.total_bytes == packet_len) {
373 msg = c->in;
374 rwm_init (&c->in, 0);
375 } else {
376 rwm_split_head (&msg, &c->in, packet_len);
377 }
378
379 unsigned crc32;
380 assert (rwm_fetch_data_back (&msg, &crc32, 4) == 4);
381
382 unsigned packet_crc32 = rwm_custom_crc32 (&msg, packet_len - 4, D->custom_crc_partial);
383 if (crc32 != packet_crc32) {
384 vkprintf (1, "error while parsing packet: crc32 mismatch: %08x != %08x\n", packet_crc32, crc32);
385 fail_connection (C, -3);
386 rwm_free (&msg);
387 return 0;
388 }
389
390 assert (rwm_skip_data (&msg, 4) == 4); // len
391 int packet_num;
392 int packet_type;
393 assert (rwm_fetch_data (&msg, &packet_num, 4) == 4);
394 assert (rwm_fetch_lookup (&msg, &packet_type, 4) == 4);
395 packet_len -= 12;
396
397 if (verbosity > 2) {
398 fprintf (stderr, "received packet from connection %d\n", c->fd);
399 rwm_dump (&msg);
400 }
401
402 if (packet_num != D->in_packet_num) {
403 vkprintf (1, "error while parsing packet: got packet num %d, expected %d\n", packet_num, D->in_packet_num);
404 fail_connection (C, -4);
405 rwm_free (&msg);
406 return 0;
407 }
408
409 if (packet_num < 0) {
410 D->in_packet_num ++;
411 int res;
412 if (packet_num == -2) {
413 res = tcp_rpcc_process_nonce_packet (C, &msg);
414 if (res >= 0) {
415 res = tcp_rpcc_send_handshake_packet (C);
416 }
417 } else if (packet_num == -1) {
418 res = tcp_rpcc_process_handshake_packet (C, &msg);
419 if (res >= 0 && TCP_RPCC_FUNC(C)->rpc_ready) {
420 notification_event_insert_tcp_conn_ready (C);
421 }
422 } else {
423 vkprintf (1, "bad packet num %d\n", packet_num);
424 res = -5;
425 }
426
427 rwm_free (&msg);
428 if (res < 0) {
429 fail_connection (C, res);
430 return 0;
431 }
432 continue;
433 }
434
435 D->in_packet_num ++;
436
437 int res;
438 if (packet_type == RPC_PING) {
439 res = tcp_rpc_default_execute (C, packet_type, &msg);
440 } else {
441 res = TCP_RPCC_FUNC(C)->execute (C, packet_type, &msg);
442 }
443
444 if (res <= 0) {
445 rwm_free (&msg);
446 }
447 }
448 return 0;
449}
450/* }}} */
451
452int tcp_rpcc_connected (connection_job_t C) /* {{{ */ {
453 struct connection_info *c = CONN_INFO (C);
454
455 TCP_RPC_DATA(C)->out_packet_num = -2;
456 c->last_query_sent_time = precise_now;
457
458 if (TCP_RPCC_FUNC(C)->rpc_check_perm) {
459 int res = TCP_RPCC_FUNC(C)->rpc_check_perm (C);
460 if (res < 0) {
461 return res;
462 }
463 res &= RPCF_ALLOW_UNENC | RPCF_ALLOW_ENC | RPCF_REQ_DH | RPCF_ALLOW_SKIP_DH;
464 if (!(res & (RPCF_ALLOW_UNENC | RPCF_ALLOW_ENC))) {
465 return -1;
466 }
467 TCP_RPC_DATA(C)->crypto_flags = res;
468 } else {
469 TCP_RPC_DATA(C)->crypto_flags = RPCF_ALLOW_ENC | RPCF_ALLOW_UNENC;
470 }
471 vkprintf (2, "RPC connection #%d: [%s]:%d -> [%s]:%d connected, crypto_flags = %d\n", c->fd, show_our_ip (C), c->our_port, show_remote_ip (C), c->remote_port, TCP_RPC_DATA(C)->crypto_flags);
472
473 assert (TCP_RPCC_FUNC(C)->rpc_init_crypto);
474 int res = TCP_RPCC_FUNC(C)->rpc_init_crypto (C);
475
476 if (res > 0) {
477 assert (TCP_RPC_DATA(C)->crypto_flags & RPCF_ENC_SENT);
478 } else {
479 return -1;
480 }
481
482 assert (TCP_RPCC_FUNC(C)->flush_packet);
483 TCP_RPCC_FUNC(C)->flush_packet (C);
484
485 return 0;
486}
487/* }}} */
488
489int tcp_rpcc_close_connection (connection_job_t C, int who) {
490 if (TCP_RPCC_FUNC(C)->rpc_close) {
491 notification_event_insert_tcp_conn_close (C);
492 }
493
494 return cpu_server_close_connection (C, who);
495}
496
497
498int tcp_rpc_client_check_ready (connection_job_t c) {
499 return TCP_RPCC_FUNC(c)->check_ready (c);
500}
501
502int tcp_rpcc_default_check_ready (connection_job_t C) {
503 struct connection_info *c = CONN_INFO (C);
504
505 if (c->flags & C_ERROR) {
506 return c->ready = cr_failed;
507 }
508
509 const double CONNECT_TIMEOUT = 3.0;
510 if (c->status == conn_connecting || TCP_RPC_DATA(C)->in_packet_num < 0) {
511 //if (TCP_RPC_DATA(C)->in_packet_num == -1 && c->status == conn_running) {
512 // return c->ready = cr_ok;
513 //}
514
515 assert (c->last_query_sent_time != 0);
516 if (c->last_query_sent_time < precise_now - CONNECT_TIMEOUT) {
517 fail_connection (C, -6);
518 return c->ready = cr_failed;
519 }
520 return c->ready = cr_notyet;
521 }
522
523 if (c->status == conn_working) {
524 return c->ready = cr_ok;
525 }
526
527 fail_connection (C, -7);
528 return c->ready = cr_failed;
529}
530
531
532int tcp_rpcc_init_fake_crypto (connection_job_t c) {
533 if (!(TCP_RPC_DATA(c)->crypto_flags & RPCF_ALLOW_UNENC)) {
534 return -1;
535 }
536
537 struct tcp_rpc_nonce_packet buf;
538 memset (&buf, 0, sizeof (buf));
539 buf.type = RPC_NONCE;
540 buf.crypto_schema = RPC_CRYPTO_NONE;
541
542 tcp_rpc_conn_send_data (JOB_REF_CREATE_PASS (c), sizeof (buf), &buf);
543
544 assert ((TCP_RPC_DATA(c)->crypto_flags & (RPCF_ALLOW_ENC | RPCF_ENC_SENT)) == 0);
545 TCP_RPC_DATA(c)->crypto_flags |= RPCF_ENC_SENT;
546
547 return 1;
548}
549
550
551int tcp_rpcc_init_outbound (connection_job_t C) {
552 struct connection_info *c = CONN_INFO (C);
553
554 vkprintf (3, "rpcc_init_outbound (%d)\n", c->fd);
555 struct tcp_rpc_data *D = TCP_RPC_DATA(C);
556 c->last_query_sent_time = precise_now;
557 D->custom_crc_partial = crc32_partial;
558
559 if (TCP_RPCC_FUNC(C)->rpc_check_perm) {
560 int res = TCP_RPCC_FUNC(C)->rpc_check_perm (C);
561 if (res < 0) {
562 return res;
563 }
564 res &= RPCF_ALLOW_UNENC | RPCF_ALLOW_ENC | RPCF_REQ_DH | RPCF_ALLOW_SKIP_DH;
565 if (!(res & (RPCF_ALLOW_UNENC | RPCF_ALLOW_ENC))) {
566 return -1;
567 }
568 if (res & RPCF_REQ_DH) {
569 if (tcp_add_dh_accept () < 0) {
570 return -1;
571 }
572 }
573
574 D->crypto_flags = res;
575 } else {
576 D->crypto_flags = RPCF_ALLOW_UNENC;
577 }
578
579 D->in_packet_num = -2;
580
581 return 0;
582}
583
584static int force_rpc_dh;
585
586void tcp_force_enable_dh (void) {
587 force_rpc_dh |= 4;
588}
589
590int tcp_rpcc_default_check_perm (connection_job_t C) {
591 struct connection_info *c = CONN_INFO (C);
592
593 vkprintf (3, "tcp_rpcc_default_check_perm(%d): [%s]:%d -> [%s]:%d\n", c->fd, show_our_ip (C), c->our_port, show_remote_ip (C), c->remote_port);
594
595 return RPCF_ALLOW_ENC | tcp_get_default_rpc_flags();
596}
597
598int tcp_rpcc_init_crypto (connection_job_t C) {
599 struct connection_info *c = CONN_INFO (C);
600
601 if (!(TCP_RPC_DATA(C)->crypto_flags & RPCF_ALLOW_ENC)) {
602 return tcp_rpcc_init_fake_crypto (C);
603 }
604
605 TCP_RPC_DATA(C)->nonce_time = time (0);
606
607 aes_generate_nonce (TCP_RPC_DATA(C)->nonce);
608
609 if (!dh_params_select) {
610 assert (init_dh_params () >= 0);
611 assert (dh_params_select);
612 }
613
614 union {
615 struct tcp_rpc_nonce_packet s;
616 struct tcp_rpc_nonce_ext_packet x;
617 struct tcp_rpc_nonce_dh_packet dh;
618 } buf;
619 int len = sizeof (struct tcp_rpc_nonce_packet);
620
621 memset (&buf, 0, sizeof (buf));
622 memcpy (buf.s.crypto_nonce, TCP_RPC_DATA(C)->nonce, 16);
623 buf.s.crypto_ts = TCP_RPC_DATA(C)->nonce_time;
624 buf.s.type = RPC_NONCE;
625 buf.s.key_select = main_secret.key_signature;
626 buf.s.crypto_schema = RPC_CRYPTO_AES;
627 int extra_keys = buf.x.extra_keys_count = 0;
628 assert (extra_keys >= 0 && extra_keys <= RPC_MAX_EXTRA_KEYS);
629
630 if (TCP_RPC_DATA(C)->crypto_flags & RPCF_REQ_DH) {
631 buf.s.crypto_schema = RPC_CRYPTO_AES_DH;
632 len = sizeof (struct tcp_rpc_nonce_dh_packet) + 4*(extra_keys - RPC_MAX_EXTRA_KEYS);
633 struct tcp_rpc_nonce_dh_packet *dh = (struct tcp_rpc_nonce_dh_packet *)((char *) &buf + 4*(extra_keys - RPC_MAX_EXTRA_KEYS));
634 dh->dh_params_select = dh_params_select;
635 assert (!c->crypto_temp);
636 c->crypto_temp = alloc_crypto_temp (sizeof (struct crypto_temp_dh_params));
637 assert (c->crypto_temp);
638 dh_first_round (dh->g_a, c->crypto_temp);
639 } else if (extra_keys) {
640 buf.s.crypto_schema = RPC_CRYPTO_AES_EXT;
641 len = offsetof (struct tcp_rpc_nonce_ext_packet, extra_key_select) + 4 * extra_keys;
642 }
643
644 tcp_rpc_conn_send_data (JOB_REF_CREATE_PASS (C), len, &buf);
645
646 assert ((TCP_RPC_DATA(C)->crypto_flags & (RPCF_ALLOW_ENC | RPCF_ENC_SENT)) == RPCF_ALLOW_ENC);
647 TCP_RPC_DATA(C)->crypto_flags |= RPCF_ENC_SENT;
648
649 assert (!c->crypto);
650
651 return 1;
652}
653
654int tcp_rpcc_start_crypto (connection_job_t C, char *nonce, int key_select, unsigned char *temp_key, int temp_key_len) {
655 struct connection_info *c = CONN_INFO (C);
656
657 struct tcp_rpc_data *D = TCP_RPC_DATA(C);
658
659 vkprintf (2, "rpcc_start_crypto: key_select = %d\n", key_select);
660
661 if (c->crypto) {
662 return -1;
663 }
664
665 if (c->in.total_bytes || c->out.total_bytes || !D->nonce_time) {
666 return -1;
667 }
668
669 if (!key_select) {
670 return -1;
671 }
672
673 aes_secret_t *secret = &main_secret;
674
675 struct aes_key_data aes_keys;
676
677 if (aes_create_keys (&aes_keys, 1, nonce, D->nonce, D->nonce_time, nat_translate_ip (c->remote_ip), c->remote_port, c->remote_ipv6, nat_translate_ip (c->our_ip), c->our_port, c->our_ipv6, secret, temp_key, temp_key_len) < 0) {
678 return -1;
679 }
680
681 if (aes_crypto_init (C, &aes_keys, sizeof (aes_keys)) < 0) {
682 return -1;
683 }
684
685 return 1;
686}
687
688/*
689 *
690 * END (BASIC RPC CLIENT)
691 *
692 */
693
694
695