2000-03-26 00:33:07 +00:00
|
|
|
/*
|
|
|
|
|
protocol.h -- header for protocol.c
|
2006-04-26 13:52:58 +00:00
|
|
|
Copyright (C) 1999-2005 Ivo Timmermans,
|
2013-08-13 18:38:57 +00:00
|
|
|
2000-2013 Guus Sliepen <guus@tinc-vpn.org>
|
2000-03-26 00:33:07 +00:00
|
|
|
|
|
|
|
|
This program is free software; you can redistribute it and/or modify
|
|
|
|
|
it under the terms of the GNU General Public License as published by
|
|
|
|
|
the Free Software Foundation; either version 2 of the License, or
|
|
|
|
|
(at your option) any later version.
|
|
|
|
|
|
|
|
|
|
This program is distributed in the hope that it will be useful,
|
|
|
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
GNU General Public License for more details.
|
|
|
|
|
|
2009-09-24 22:01:00 +00:00
|
|
|
You should have received a copy of the GNU General Public License along
|
|
|
|
|
with this program; if not, write to the Free Software Foundation, Inc.,
|
|
|
|
|
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
2000-03-26 00:33:07 +00:00
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
#ifndef __TINC_PROTOCOL_H__
|
|
|
|
|
#define __TINC_PROTOCOL_H__
|
|
|
|
|
|
Add an invitation protocol.
Using the tinc command, an administrator of an existing VPN can generate
invitations for new nodes. The invitation is a small URL that can easily
be copy&pasted into email or live chat. Another person can have tinc
automatically setup the necessary configuration files and exchange keys
with the server, by only using the invitation URL.
The invitation protocol uses temporary ECDSA keys. The invitation URL
consists of the hostname and port of the server, a hash of the server's
temporary ECDSA key and a cookie. When the client wants to accept an
invitation, it also creates a temporary ECDSA key, connects to the server
and says it wants to accept an invitation. Both sides exchange their
temporary keys. The client verifies that the server's key matches the hash
in the invitation URL. After setting up an SPTPS connection using the
temporary keys, the client gives the cookie to the server. If the cookie
is valid, the server sends the client an invitation file containing the
client's new name and a copy of the server's host config file. If everything
is ok, the client will generate a long-term ECDSA key and send it to the
server, which will add it to a new host config file for the client.
The invitation protocol currently allows multiple host config files to be
send from the server to the client. However, the client filters out
most configuration variables for its own host configuration file. In
particular, it only accepts Name, Mode, Broadcast, ConnectTo, Subnet and
AutoConnect. Also, at the moment no tinc-up script is generated.
When an invitation has succesfully been accepted, the client needs to start
the tinc daemon manually.
2013-05-29 16:31:10 +00:00
|
|
|
#include "ecdsa.h"
|
|
|
|
|
|
2011-07-05 19:19:48 +00:00
|
|
|
/* Protocol version. Different major versions are incompatible. */
|
2000-09-11 10:05:35 +00:00
|
|
|
|
2011-07-05 19:19:48 +00:00
|
|
|
#define PROT_MAJOR 17
|
Add UDP_INFO protocol message.
In this commit, nodes use UDP_INFO messages to provide UDP address
information. The basic principle is that the node that receives packets
sends UDP_INFO messages to the node that's sending the packets. The
message originally contains no address information, and is (hopefully)
updated with relevant address information as it gets relayed through the
metagraph - specifically, each intermediate node will update the message
with its best guess as to what the address is while forwarding it.
When a node receives an UDP_INFO message, and it doesn't have a
confirmed UDP tunnel with the originator node, it will update its
records with the new address for that node, so that it always has the
best possible guess as to how to reach that node. This applies to the
destination node of course, but also to any intermediate nodes, because
there's no reason they should pass on the free intel, and because it
results in nice behavior in the presence of relay chains (multiple nodes
in a path all trying to reach the same destination).
If, on the other hand, the node does have a confirmed UDP tunnel, it
will ignore the address information contained in the message.
In all cases, if the node that receives the message is not the
destination node specified in the message, it will forward the message
but not before overriding the address information with the one from its
own records. If the node has a confirmed UDP tunnel, that means the
message is updated with the address of the confirmed tunnel; if not,
the message simply reflects the records of the intermediate node, which
just happen to be the contents of the UDP_INFO message it just got, so
it's simply forwarded with no modification.
This is similar to the way ANS_KEY messages are currently
overloaded to provide UDP address information, with two differences:
- UDP_INFO messages are sent way more often than ANS_KEY messages,
thereby keeping the address information fresh. Previously, if the UDP
situation were to change after the ANS_KEY message was sent, the
sender would virtually never get the updated information.
- Once a node puts address information in an ANS_KEY message, it is
never changed again as the message travels through the metagraph; in
contrast, UDP_INFO messages behave the opposite way, as they get
rewritten every time they travel through a node with a confirmed UDP
tunnel. The latter behavior seems more appropriate because UDP tunnel
information becomes more relevant as it moves closer to the
destination node. The ANS_KEY behavior is not satisfactory in some
cases such as multi-layered graphs where the first hop is located
before a NAT.
Ultimately, the rationale behind this whole process is to improve UDP
hole punching capabilities when port translation is in effect, and more
generally, to make tinc more reliable in (very) hostile network
conditions (such as multi-layered NAT).
2015-01-03 17:46:33 +00:00
|
|
|
#define PROT_MINOR 5 /* Should not exceed 255! */
|
2000-09-26 14:06:11 +00:00
|
|
|
|
2003-07-29 22:59:01 +00:00
|
|
|
/* Silly Windows */
|
|
|
|
|
|
|
|
|
|
#ifdef ERROR
|
|
|
|
|
#undef ERROR
|
|
|
|
|
#endif
|
|
|
|
|
|
2000-09-11 10:05:35 +00:00
|
|
|
/* Request numbers */
|
|
|
|
|
|
2003-07-22 20:55:21 +00:00
|
|
|
typedef enum request_t {
|
2012-10-10 15:17:49 +00:00
|
|
|
ALL = -1, /* Guardian for allow_request */
|
2002-09-09 21:25:28 +00:00
|
|
|
ID = 0, METAKEY, CHALLENGE, CHAL_REPLY, ACK,
|
|
|
|
|
STATUS, ERROR, TERMREQ,
|
|
|
|
|
PING, PONG,
|
|
|
|
|
ADD_SUBNET, DEL_SUBNET,
|
|
|
|
|
ADD_EDGE, DEL_EDGE,
|
|
|
|
|
KEY_CHANGED, REQ_KEY, ANS_KEY,
|
|
|
|
|
PACKET,
|
2012-07-19 23:02:51 +00:00
|
|
|
/* Tinc 1.1 requests */
|
2009-11-07 22:43:25 +00:00
|
|
|
CONTROL,
|
2012-07-19 23:02:51 +00:00
|
|
|
REQ_PUBKEY, ANS_PUBKEY,
|
2012-07-30 16:36:59 +00:00
|
|
|
REQ_SPTPS,
|
Add UDP_INFO protocol message.
In this commit, nodes use UDP_INFO messages to provide UDP address
information. The basic principle is that the node that receives packets
sends UDP_INFO messages to the node that's sending the packets. The
message originally contains no address information, and is (hopefully)
updated with relevant address information as it gets relayed through the
metagraph - specifically, each intermediate node will update the message
with its best guess as to what the address is while forwarding it.
When a node receives an UDP_INFO message, and it doesn't have a
confirmed UDP tunnel with the originator node, it will update its
records with the new address for that node, so that it always has the
best possible guess as to how to reach that node. This applies to the
destination node of course, but also to any intermediate nodes, because
there's no reason they should pass on the free intel, and because it
results in nice behavior in the presence of relay chains (multiple nodes
in a path all trying to reach the same destination).
If, on the other hand, the node does have a confirmed UDP tunnel, it
will ignore the address information contained in the message.
In all cases, if the node that receives the message is not the
destination node specified in the message, it will forward the message
but not before overriding the address information with the one from its
own records. If the node has a confirmed UDP tunnel, that means the
message is updated with the address of the confirmed tunnel; if not,
the message simply reflects the records of the intermediate node, which
just happen to be the contents of the UDP_INFO message it just got, so
it's simply forwarded with no modification.
This is similar to the way ANS_KEY messages are currently
overloaded to provide UDP address information, with two differences:
- UDP_INFO messages are sent way more often than ANS_KEY messages,
thereby keeping the address information fresh. Previously, if the UDP
situation were to change after the ANS_KEY message was sent, the
sender would virtually never get the updated information.
- Once a node puts address information in an ANS_KEY message, it is
never changed again as the message travels through the metagraph; in
contrast, UDP_INFO messages behave the opposite way, as they get
rewritten every time they travel through a node with a confirmed UDP
tunnel. The latter behavior seems more appropriate because UDP tunnel
information becomes more relevant as it moves closer to the
destination node. The ANS_KEY behavior is not satisfactory in some
cases such as multi-layered graphs where the first hop is located
before a NAT.
Ultimately, the rationale behind this whole process is to improve UDP
hole punching capabilities when port translation is in effect, and more
generally, to make tinc more reliable in (very) hostile network
conditions (such as multi-layered NAT).
2015-01-03 17:46:33 +00:00
|
|
|
UDP_INFO,
|
2012-10-10 15:17:49 +00:00
|
|
|
LAST /* Guardian for the highest request number */
|
2003-07-22 20:55:21 +00:00
|
|
|
} request_t;
|
2000-03-26 00:33:07 +00:00
|
|
|
|
2002-03-21 23:11:53 +00:00
|
|
|
typedef struct past_request_t {
|
2012-05-08 14:44:15 +00:00
|
|
|
const char *request;
|
2002-09-09 21:25:28 +00:00
|
|
|
time_t firstseen;
|
2002-03-21 23:11:53 +00:00
|
|
|
} past_request_t;
|
|
|
|
|
|
2003-11-17 15:30:18 +00:00
|
|
|
extern bool tunnelserver;
|
2010-03-01 23:18:44 +00:00
|
|
|
extern bool strictsubnets;
|
2011-07-11 19:54:01 +00:00
|
|
|
extern bool experimental;
|
2003-11-17 15:30:18 +00:00
|
|
|
|
Add an invitation protocol.
Using the tinc command, an administrator of an existing VPN can generate
invitations for new nodes. The invitation is a small URL that can easily
be copy&pasted into email or live chat. Another person can have tinc
automatically setup the necessary configuration files and exchange keys
with the server, by only using the invitation URL.
The invitation protocol uses temporary ECDSA keys. The invitation URL
consists of the hostname and port of the server, a hash of the server's
temporary ECDSA key and a cookie. When the client wants to accept an
invitation, it also creates a temporary ECDSA key, connects to the server
and says it wants to accept an invitation. Both sides exchange their
temporary keys. The client verifies that the server's key matches the hash
in the invitation URL. After setting up an SPTPS connection using the
temporary keys, the client gives the cookie to the server. If the cookie
is valid, the server sends the client an invitation file containing the
client's new name and a copy of the server's host config file. If everything
is ok, the client will generate a long-term ECDSA key and send it to the
server, which will add it to a new host config file for the client.
The invitation protocol currently allows multiple host config files to be
send from the server to the client. However, the client filters out
most configuration variables for its own host configuration file. In
particular, it only accepts Name, Mode, Broadcast, ConnectTo, Subnet and
AutoConnect. Also, at the moment no tinc-up script is generated.
When an invitation has succesfully been accepted, the client needs to start
the tinc daemon manually.
2013-05-29 16:31:10 +00:00
|
|
|
extern ecdsa_t *invitation_key;
|
|
|
|
|
|
2005-06-03 10:16:03 +00:00
|
|
|
/* Maximum size of strings in a request.
|
|
|
|
|
* scanf terminates %2048s with a NUL character,
|
|
|
|
|
* but the NUL character can be written after the 2048th non-NUL character.
|
|
|
|
|
*/
|
2000-11-22 19:55:53 +00:00
|
|
|
|
2005-06-03 10:16:03 +00:00
|
|
|
#define MAX_STRING_SIZE 2049
|
2002-02-26 23:26:41 +00:00
|
|
|
#define MAX_STRING "%2048s"
|
2000-11-22 19:55:53 +00:00
|
|
|
|
2003-07-22 20:55:21 +00:00
|
|
|
#include "edge.h"
|
|
|
|
|
#include "net.h"
|
|
|
|
|
#include "node.h"
|
|
|
|
|
#include "subnet.h"
|
|
|
|
|
|
2002-02-10 21:57:54 +00:00
|
|
|
/* Basic functions */
|
2000-09-11 10:05:35 +00:00
|
|
|
|
2003-07-30 21:52:41 +00:00
|
|
|
extern bool send_request(struct connection_t *, const char *, ...) __attribute__ ((__format__(printf, 2, 3)));
|
2012-05-08 14:44:15 +00:00
|
|
|
extern void forward_request(struct connection_t *, const char *);
|
|
|
|
|
extern bool receive_request(struct connection_t *, const char *);
|
2000-03-26 00:33:07 +00:00
|
|
|
|
2002-03-22 11:43:48 +00:00
|
|
|
extern void init_requests(void);
|
|
|
|
|
extern void exit_requests(void);
|
2012-05-08 14:44:15 +00:00
|
|
|
extern bool seen_request(const char *);
|
2002-03-22 11:43:48 +00:00
|
|
|
|
2002-02-10 21:57:54 +00:00
|
|
|
/* Requests */
|
|
|
|
|
|
2003-07-22 20:55:21 +00:00
|
|
|
extern bool send_id(struct connection_t *);
|
|
|
|
|
extern bool send_metakey(struct connection_t *);
|
2011-07-07 20:30:55 +00:00
|
|
|
extern bool send_metakey_ec(struct connection_t *);
|
2003-07-22 20:55:21 +00:00
|
|
|
extern bool send_challenge(struct connection_t *);
|
|
|
|
|
extern bool send_chal_reply(struct connection_t *);
|
|
|
|
|
extern bool send_ack(struct connection_t *);
|
2003-07-24 12:08:16 +00:00
|
|
|
extern bool send_status(struct connection_t *, int, const char *);
|
2012-05-08 14:44:15 +00:00
|
|
|
extern bool send_error(struct connection_t *, int, const char *);
|
2003-07-22 20:55:21 +00:00
|
|
|
extern bool send_termreq(struct connection_t *);
|
|
|
|
|
extern bool send_ping(struct connection_t *);
|
|
|
|
|
extern bool send_pong(struct connection_t *);
|
2003-07-24 12:08:16 +00:00
|
|
|
extern bool send_add_subnet(struct connection_t *, const struct subnet_t *);
|
|
|
|
|
extern bool send_del_subnet(struct connection_t *, const struct subnet_t *);
|
|
|
|
|
extern bool send_add_edge(struct connection_t *, const struct edge_t *);
|
|
|
|
|
extern bool send_del_edge(struct connection_t *, const struct edge_t *);
|
2011-05-28 21:36:52 +00:00
|
|
|
extern void send_key_changed(void);
|
2009-04-02 23:05:23 +00:00
|
|
|
extern bool send_req_key(struct node_t *);
|
|
|
|
|
extern bool send_ans_key(struct node_t *);
|
2011-05-28 21:36:52 +00:00
|
|
|
extern bool send_tcppacket(struct connection_t *, const struct vpn_packet_t *);
|
Add UDP_INFO protocol message.
In this commit, nodes use UDP_INFO messages to provide UDP address
information. The basic principle is that the node that receives packets
sends UDP_INFO messages to the node that's sending the packets. The
message originally contains no address information, and is (hopefully)
updated with relevant address information as it gets relayed through the
metagraph - specifically, each intermediate node will update the message
with its best guess as to what the address is while forwarding it.
When a node receives an UDP_INFO message, and it doesn't have a
confirmed UDP tunnel with the originator node, it will update its
records with the new address for that node, so that it always has the
best possible guess as to how to reach that node. This applies to the
destination node of course, but also to any intermediate nodes, because
there's no reason they should pass on the free intel, and because it
results in nice behavior in the presence of relay chains (multiple nodes
in a path all trying to reach the same destination).
If, on the other hand, the node does have a confirmed UDP tunnel, it
will ignore the address information contained in the message.
In all cases, if the node that receives the message is not the
destination node specified in the message, it will forward the message
but not before overriding the address information with the one from its
own records. If the node has a confirmed UDP tunnel, that means the
message is updated with the address of the confirmed tunnel; if not,
the message simply reflects the records of the intermediate node, which
just happen to be the contents of the UDP_INFO message it just got, so
it's simply forwarded with no modification.
This is similar to the way ANS_KEY messages are currently
overloaded to provide UDP address information, with two differences:
- UDP_INFO messages are sent way more often than ANS_KEY messages,
thereby keeping the address information fresh. Previously, if the UDP
situation were to change after the ANS_KEY message was sent, the
sender would virtually never get the updated information.
- Once a node puts address information in an ANS_KEY message, it is
never changed again as the message travels through the metagraph; in
contrast, UDP_INFO messages behave the opposite way, as they get
rewritten every time they travel through a node with a confirmed UDP
tunnel. The latter behavior seems more appropriate because UDP tunnel
information becomes more relevant as it moves closer to the
destination node. The ANS_KEY behavior is not satisfactory in some
cases such as multi-layered graphs where the first hop is located
before a NAT.
Ultimately, the rationale behind this whole process is to improve UDP
hole punching capabilities when port translation is in effect, and more
generally, to make tinc more reliable in (very) hostile network
conditions (such as multi-layered NAT).
2015-01-03 17:46:33 +00:00
|
|
|
extern bool send_udp_info(struct node_t *, struct node_t *);
|
2002-02-10 21:57:54 +00:00
|
|
|
|
|
|
|
|
/* Request handlers */
|
|
|
|
|
|
2012-05-08 14:44:15 +00:00
|
|
|
extern bool id_h(struct connection_t *, const char *);
|
|
|
|
|
extern bool metakey_h(struct connection_t *, const char *);
|
|
|
|
|
extern bool challenge_h(struct connection_t *, const char *);
|
|
|
|
|
extern bool chal_reply_h(struct connection_t *, const char *);
|
|
|
|
|
extern bool ack_h(struct connection_t *, const char *);
|
|
|
|
|
extern bool status_h(struct connection_t *, const char *);
|
|
|
|
|
extern bool error_h(struct connection_t *, const char *);
|
|
|
|
|
extern bool termreq_h(struct connection_t *, const char *);
|
|
|
|
|
extern bool ping_h(struct connection_t *, const char *);
|
|
|
|
|
extern bool pong_h(struct connection_t *, const char *);
|
|
|
|
|
extern bool add_subnet_h(struct connection_t *, const char *);
|
|
|
|
|
extern bool del_subnet_h(struct connection_t *, const char *);
|
|
|
|
|
extern bool add_edge_h(struct connection_t *, const char *);
|
|
|
|
|
extern bool del_edge_h(struct connection_t *, const char *);
|
|
|
|
|
extern bool key_changed_h(struct connection_t *, const char *);
|
|
|
|
|
extern bool req_key_h(struct connection_t *, const char *);
|
|
|
|
|
extern bool ans_key_h(struct connection_t *, const char *);
|
|
|
|
|
extern bool tcppacket_h(struct connection_t *, const char *);
|
|
|
|
|
extern bool control_h(struct connection_t *, const char *);
|
Add UDP_INFO protocol message.
In this commit, nodes use UDP_INFO messages to provide UDP address
information. The basic principle is that the node that receives packets
sends UDP_INFO messages to the node that's sending the packets. The
message originally contains no address information, and is (hopefully)
updated with relevant address information as it gets relayed through the
metagraph - specifically, each intermediate node will update the message
with its best guess as to what the address is while forwarding it.
When a node receives an UDP_INFO message, and it doesn't have a
confirmed UDP tunnel with the originator node, it will update its
records with the new address for that node, so that it always has the
best possible guess as to how to reach that node. This applies to the
destination node of course, but also to any intermediate nodes, because
there's no reason they should pass on the free intel, and because it
results in nice behavior in the presence of relay chains (multiple nodes
in a path all trying to reach the same destination).
If, on the other hand, the node does have a confirmed UDP tunnel, it
will ignore the address information contained in the message.
In all cases, if the node that receives the message is not the
destination node specified in the message, it will forward the message
but not before overriding the address information with the one from its
own records. If the node has a confirmed UDP tunnel, that means the
message is updated with the address of the confirmed tunnel; if not,
the message simply reflects the records of the intermediate node, which
just happen to be the contents of the UDP_INFO message it just got, so
it's simply forwarded with no modification.
This is similar to the way ANS_KEY messages are currently
overloaded to provide UDP address information, with two differences:
- UDP_INFO messages are sent way more often than ANS_KEY messages,
thereby keeping the address information fresh. Previously, if the UDP
situation were to change after the ANS_KEY message was sent, the
sender would virtually never get the updated information.
- Once a node puts address information in an ANS_KEY message, it is
never changed again as the message travels through the metagraph; in
contrast, UDP_INFO messages behave the opposite way, as they get
rewritten every time they travel through a node with a confirmed UDP
tunnel. The latter behavior seems more appropriate because UDP tunnel
information becomes more relevant as it moves closer to the
destination node. The ANS_KEY behavior is not satisfactory in some
cases such as multi-layered graphs where the first hop is located
before a NAT.
Ultimately, the rationale behind this whole process is to improve UDP
hole punching capabilities when port translation is in effect, and more
generally, to make tinc more reliable in (very) hostile network
conditions (such as multi-layered NAT).
2015-01-03 17:46:33 +00:00
|
|
|
extern bool udp_info_h(struct connection_t *, const char *);
|
2002-02-10 21:57:54 +00:00
|
|
|
|
2012-10-10 15:17:49 +00:00
|
|
|
#endif /* __TINC_PROTOCOL_H__ */
|
