From 1813f3157e8bed35453c0c47f4ce48b2be6a3a72 Mon Sep 17 00:00:00 2001 From: Guus Sliepen Date: Mon, 26 Aug 2019 13:44:51 +0200 Subject: [PATCH] Import Upstream version 1.1~pre11 --- AUTHORS | 22 +- COPYING | 2 +- ChangeLog | 237 ++++ INSTALL | 4 +- Makefile.in | 18 +- NEWS | 78 ++ README | 17 +- THANKS | 27 +- aclocal.m4 | 143 +-- config.guess | 192 +--- config.h.in | 33 +- config.sub | 30 +- configure | 1026 ++++++++++------- configure.ac | 45 +- doc/Makefile.in | 15 +- doc/tinc.8.in | 47 +- doc/tinc.conf.5.in | 154 ++- doc/tinc.info | 460 +++++--- doc/tinc.texi | 169 ++- gui/Makefile.in | 15 +- gui/tinc-gui | 35 +- m4/Makefile.in | 15 +- m4/ax_check_compile_flag.m4 | 72 ++ m4/ax_check_link_flag.m4 | 71 ++ m4/curses.m4 | 9 +- m4/libgcrypt.m4 | 33 + m4/openssl.m4 | 6 +- missing | 4 +- src/Makefile.am | 84 +- src/Makefile.in | 373 +++++-- src/bsd/device.c | 99 +- src/chacha-poly1305/chacha-poly1305.c | 103 ++ src/chacha-poly1305/chacha-poly1305.h | 15 + src/chacha-poly1305/chacha.c | 215 ++++ src/chacha-poly1305/chacha.h | 24 + src/chacha-poly1305/poly1305.c | 197 ++++ src/chacha-poly1305/poly1305.h | 16 + src/cipher.h | 3 - src/conf.c | 30 +- src/connection.h | 4 +- src/control.c | 18 +- src/cygwin/device.c | 27 +- src/device.h | 8 +- src/dummy_device.c | 11 - src/ecdh.h | 4 +- src/ed25519/add_scalar.c | 56 + src/ed25519/ecdh.c | 51 + src/ed25519/ecdsa.c | 145 +++ src/{openssl => ed25519}/ecdsagen.c | 55 +- src/ed25519/ed25519.h | 38 + src/ed25519/fe.c | 1491 +++++++++++++++++++++++++ src/ed25519/fe.h | 41 + src/ed25519/fixedint.h | 70 ++ src/ed25519/ge.c | 467 ++++++++ src/ed25519/ge.h | 74 ++ src/ed25519/key_exchange.c | 79 ++ src/ed25519/keypair.c | 16 + src/ed25519/precomp_data.h | 1391 +++++++++++++++++++++++ src/ed25519/sc.c | 809 ++++++++++++++ src/ed25519/sc.h | 12 + src/ed25519/sha512.c | 275 +++++ src/ed25519/sha512.h | 21 + src/ed25519/sign.c | 31 + src/ed25519/verify.c | 77 ++ src/edge.c | 6 +- src/edge.h | 1 + src/event.c | 173 ++- src/event.h | 7 +- src/graph.c | 30 +- src/hash.c | 7 + src/hash.h | 1 + src/have.h | 1 + src/info.c | 7 +- src/invitation.c | 56 +- src/linux/device.c | 48 +- src/logger.h | 2 + src/meta.c | 11 +- src/meta.h | 6 +- src/mingw/device.c | 131 ++- src/multicast_device.c | 56 +- src/names.c | 24 +- src/net.c | 42 +- src/net.h | 34 +- src/net_packet.c | 471 +++++--- src/net_setup.c | 405 ++++--- src/net_socket.c | 110 +- src/node.c | 55 +- src/node.h | 5 +- src/openssl/cipher.c | 74 +- src/openssl/crypto.c | 68 +- src/openssl/ecdh.c | 96 -- src/openssl/ecdsa.c | 131 --- src/openssl/rsa.c | 4 +- src/process.c | 10 +- src/process.h | 1 + src/protocol.c | 11 - src/protocol.h | 3 +- src/protocol_auth.c | 90 +- src/protocol_edge.c | 22 +- src/protocol_key.c | 81 +- src/protocol_misc.c | 2 +- src/raw_socket_device.c | 28 +- src/route.c | 225 ++-- src/script.c | 2 +- src/solaris/device.c | 396 +++++-- src/sptps.c | 323 +++--- src/sptps.h | 26 +- src/sptps_keypair.c | 108 ++ src/sptps_speed.c | 232 ++++ src/sptps_test.c | 109 +- src/subnet.c | 44 +- src/subnet_parse.c | 307 ++--- src/tincctl.c | 232 ++-- src/tincd.c | 44 +- src/top.c | 25 +- src/uml_device.c | 45 +- src/utils.c | 75 +- src/utils.h | 15 +- src/vde_device.c | 29 +- src/version.c | 24 + src/version.h | 26 + test-driver | 20 +- test/Makefile.am | 1 + test/Makefile.in | 16 +- test/commandline.test | 1 + test/ns-ping.test | 70 ++ test/sptps-basic.test | 8 +- test/testlib.sh | 1 + 128 files changed, 10991 insertions(+), 3132 deletions(-) create mode 100644 m4/ax_check_compile_flag.m4 create mode 100644 m4/ax_check_link_flag.m4 create mode 100644 m4/libgcrypt.m4 create mode 100644 src/chacha-poly1305/chacha-poly1305.c create mode 100644 src/chacha-poly1305/chacha-poly1305.h create mode 100644 src/chacha-poly1305/chacha.c create mode 100644 src/chacha-poly1305/chacha.h create mode 100644 src/chacha-poly1305/poly1305.c create mode 100644 src/chacha-poly1305/poly1305.h create mode 100644 src/ed25519/add_scalar.c create mode 100644 src/ed25519/ecdh.c create mode 100644 src/ed25519/ecdsa.c rename src/{openssl => ed25519}/ecdsagen.c (58%) create mode 100644 src/ed25519/ed25519.h create mode 100644 src/ed25519/fe.c create mode 100644 src/ed25519/fe.h create mode 100644 src/ed25519/fixedint.h create mode 100644 src/ed25519/ge.c create mode 100644 src/ed25519/ge.h create mode 100644 src/ed25519/key_exchange.c create mode 100644 src/ed25519/keypair.c create mode 100644 src/ed25519/precomp_data.h create mode 100644 src/ed25519/sc.c create mode 100644 src/ed25519/sc.h create mode 100644 src/ed25519/sha512.c create mode 100644 src/ed25519/sha512.h create mode 100644 src/ed25519/sign.c create mode 100644 src/ed25519/verify.c delete mode 100644 src/openssl/ecdh.c delete mode 100644 src/openssl/ecdsa.c create mode 100644 src/sptps_keypair.c create mode 100644 src/sptps_speed.c create mode 100644 src/version.c create mode 100644 src/version.h create mode 100755 test/ns-ping.test diff --git a/AUTHORS b/AUTHORS index af11393..07939e8 100644 --- a/AUTHORS +++ b/AUTHORS @@ -1,20 +1,25 @@ Main tinc authors: + - Guus Sliepen - Ivo Timmermans (inactive) -Significant contributions from: -- Michael Tokarev +Significant code contributions from: + +- Brandon Black +- Etienne Dechamps - Florian Forster - Grzegorz Dymarek -- Max Rijevski -- Scott Lamb - Julien Muchembled -- Timothy Redaelli -- Brandon Black - Loïc Grenié +- Max Rijevski +- Michael Tokarev +- Scott Lamb +- Sven-Haegar Koch +- Timothy Redaelli These files are from other sources: - * lib/pidfile.h and lib/pidfile.c are by Martin Schulze, taken from + +* lib/pidfile.h and lib/pidfile.c are by Martin Schulze, taken from the syslog 1.3 sources. * src/bsd/tunemu.c and tunemu.h are by Friedrich Schöller @@ -23,5 +28,4 @@ These files are from other sources: Also some of the macro files in the directory m4, and their accompanying files in lib, were taken from GNU fileutils. -Please see the file THANKS for more information on contributions from -users. +Please see the file THANKS for a list of all contributors to tinc. diff --git a/COPYING b/COPYING index f4dd065..c3d1ceb 100644 --- a/COPYING +++ b/COPYING @@ -1,4 +1,4 @@ -Copyright (C) 1998-2013 Ivo Timmermans, Guus Sliepen and others. +Copyright (C) 1998-2014 Ivo Timmermans, Guus Sliepen and others. See the AUTHORS file for a complete list. This program is free software; you can redistribute it and/or modify it under diff --git a/ChangeLog b/ChangeLog index 9eeabde..b2faf52 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,240 @@ +Version 1.1pre11 December 27 2014 +------------------------------------------------------------------------ + +Etienne Dechamps (68): + Move Solaris if_fd to local scope. + Make device close cleaner. + Cleanly remove the device FD from the event loop before closing it. + Add DeviceStandby option to only enable the device when nodes are reachable. + Make DeviceStandby control network interface link status on Windows. + Fix Windows includes. + Fix errno references when handling socket errors. + Protect against spurious connection events. + Fix connection event error handling. + Use native Windows events for the event loop. + Make the event loop expose a Windows event interface. + Use a Windows event to stop tinc when running as a service. + Remove the TAP-Win32 reader thread. + Add local address information to edges. + Use edge local addresses for local discovery. + Remove broadcast-based local discovery mechanism. + Enable LocalDiscovery by default. + Implement sptps_verify_datagram(). + Make broadcast addresses configurable. + Make IPv4 multicast space 224.0.0.0/4 broadcast by default. + Regenerate build date and time every time tinc is built. + Use git description as the tinc version. + Rewrite, fix and improve str2net(). + When printing MAC addresses, always use trailing zeroes. + Don't print subnet prefix lengths and weights for one-host subnets. + Canonicalize IPv6 addresses as per RFC 5952 before printing them. + Fix tinc event loop reentrancy from timeout handlers. + Make sure myport is set correctly when running with Port = 0. + Fix event loop io tree inconsistency on Windows. + Fix a typo (FORTIFY_SOURCE). + Handle the "no local address" case in send_sptps_data(). + Don't initialize outpkt to an unused value. + Remove redundant connection_t::status.active field. + Only declare the origpriority variable if we support priority. + Remove an unnecessary pointer dereference in execute_script(). + Fix callback signature for TAP-Win32 device_handle_read(). + Remove unused variable in TAP-Win32 setup_device(). + Remove unused device stats variables. + Resolve KEY_EVENT conflict between Windows and ncurses. + Check if devops is valid before closing the device. + Shutdown cleanly when receiving a Windows console shutdown request. + Fix "tinc start" on Windows when the path contains spaces. + Improve subprocess behavior in tinc start command. + Add documentation about using system-assigned ports. + Verify seqno early in sptps_verify_datagram(). + Add a non-interactive mode to tinc commands. + Only read from TAP-Win32 if the device is enabled. + Handle TAP-Win32 immediate reads correctly. + Clarify copyright ownership for code authored by Etienne Dechamps. + Remove Google from the list of copyright owners. + Fix undefined HOST_NAME_MAX on Windows. + Don't enable the device if the reachable count is zero. + Fix wrong identifier in SO_NOSIGPIPE call. + Fix default TAP device on Darwin. + Ignore the Interface option if device rename is impossible. + Fix default device path selection on BSD. + Preemptively mirror REQ_PUBKEY messages from nodes with unknown keys. + Fix protocol version check for type 2 MTU probe replies. + Invalidate UDP information on address changes. + Introduce node IDs. + Change vpn_packet_t::seqno from uint32_t to uint8_t[4]. + Prepend source node ID information to UDP datagrams. + Add UDP datagram relay support to SPTPS. + Don't send MTU probes to nodes we can't reach directly. + Make sure to discover MTU with relays. + Query the Linux device for its MAC address. + Don't spontaneously start SPTPS with neighbors. + Use plain old PACKET for TCP packets sent directly to a neighbor. + +Guus Sliepen (68): + Really fix compiling under Windows. + Add missing attribution for 1.1pre10 to the NEWS file. + Add "network" command to list or switch networks. + Rewind the file before trying to use PEM_read_RSA_PUBKEY(). + Handle a disconnecting tincd better. + Fix return value of b64encode(). + Use Ed25519 keys. + Properly initialize buffers. + Merge branch '1.1-ed25519' into 1.1 + Use the ChaCha-Poly1305 cipher for the SPTPS protocol. + sptps_test: allow using a tun device instead of stdio. + Put brackets around IPv6 addresses in invitation URL, even if there is no port number. + Nexthop calculation should always use the shortest path. + Fix compiler warnings. + Change AutoConnect from int to bool. + Use void pointers to opaque buffers. + Add missing closedir(). + Fix a crash when we have a malformed public ECDSA key of another node. + Fix PMTU discovery via datagram SPTPS. + Add sanity checks when generating new RSA keys. + Rename ECDSA to Ed25519. + Implement a PEM-like format for Ed25519 keys. + Allow Cipher and Digest "none". + Fix base64 decoding of Ed25519 keys. + Return non-zero exit code when "tinc get" does not find the requested variable. + Unconditionally return non-zero exit code when "tinc del" does not find the requested variable. + Remove the warnings when IP_DONTFRAGMENT/IPV6-DONTFRAG is not supported. + Merge branch 'winevents-clean' of https://github.com/dechamps/tinc into 1.1 + Give getsockopt() a reference to a socklen_t. + Fix compiler warnings. + Fix segmentation fault when dumping subnets. + Fix incorrect format qualifiers. + Reserve legacy active bit in connection_status_t. + Fix a potential file descriptor leak. + Fix unsafe use of strncpy() and sprintf(). + Merge branch 'winwarnings' of https://github.com/dechamps/tinc into 1.1 + Merge branch 'ctrl' of https://github.com/dechamps/tinc into 1.1 + Merge branch 'tincstart' of https://github.com/dechamps/tinc into 1.1 + Merge branch 'keysegfault' of https://github.com/dechamps/tinc into 1.1 + Revert "Use git description as the tinc version." + Fix compiler warnings. + Check validity of Ed25519 key during an upgrade. + Log an error message with the node's name when receiving bad SPTPS packets. + Better log messages when we already know the peer's key during an upgrade. + Add an explicit hash_delete() function. + Cache node IDs in a hash table for faster lookups. + Avoid memmove() for legacy UDP packets. + Make UDP packet handling more efficient. + Changes that should have been in commit 46fa12e666badb79e480c4b2399787551f8266d0. + Fix segfault when receiving UDP packets with an unknown source address. + Fix reception of SPTPS UDP packets. + Avoid using OpenSSL's random number functions. + Don't pass uninitialized bytes to ioctl(). + Don't use myself->name in device_disable(), it's already freed. + Fix memory leaks found by Valgrind. + Use void pointers for opaque data blobs in the SPTPS code. + Add a variable offset to vpn_packet_t, drop sptps_packet_t. + Merge remote-tracking branch 'groxxda/gui-fixes' into 1.1 + Allow running tinc without RSA keys. + Update THANKS file. + Check whether res_init() really lives in libresolv. + BSD make doesn't like .PHONY .c files. + We don't depend on ECDH functions from OpenSSL anymore. + Linux doesn't like .PHONY .o files. + Remove AES-GCM support. + Better default paths for log and PID files on Windows. + Add BroadcastSubnet and DeviceStandby options to the manual and completion. + Releasing 1.1pre11. + +Sven-Haegar Koch (4): + Fix exit code of "tinc get". + commandline.test: Adding test that fetching non-existing config setting really fails. + Do not disconnect when no ecdsa key is known yet. + Try handling the case when the first side knows the ecdsa key of + +William A. Kennington III (3): + utils: Refactor get_name's functionality into util for global access + utils: Refactor check_id out of protocol for global access + tincctl: Use replace_name to properly replace and validate input hostnames + +Baptiste Jonglez (2): + Clarify man page regarding the IndirectData option + Fix typos in the manual page + +Alexis Hildebrandt (1): + Add support to link against libresolv Mac OS X + +Armin Fisslthaler (1): + reload /etc/resolv.conf in SIGALRM handler + +Franz Pletz (1): + tinc-gui: Use /usr/bin/env to resolve path to python + +Saverio Proto (1): + Fix typo in comment + +groxxda (1): + tinc-gui: Don't assign broadcast subnets to any node, fix parsing of Edges, fix diplay of Subnet.weight. + +Version 1.1pre10 February 07 2014 +------------------------------------------------------------------------ + +Guus Sliepen (52): + Wrong date for the 1.1pre9 release in the NEWS. + Avoid using BIOs. + Add a benchmark for the SPTPS protocol. + Don't leak memory during the key generation speed test. + Link sptps_speed with -lrt. + Fix segfault when Name = $HOST but $HOST is not set. + Fix typos in the documentation. + Use AES-256-GCM for the SPTPS protocol. + Fix sending empty SPTPS records. + Clean up child processes from proxy type exec. + Make sptps_test less verbose by default. + Fix sending bulk data starting with a newline. + Fix two warnings from Clang's static analyzer. + Remove an unused variable. + Make LocalDiscovery work for SPTPS packets. + Allow "none" for Cipher and Digest again. + Mention in the manual that multiple Address staments are allowed. + If no Port is specified, set myport to actual port of first listening socket. + Update support for Solaris. + Include for PATH_MAX. + Stricter check for raw socket support. + Avoid using a variable named "sun". Solaris doesn't like it. + Use hardcoded value for TUNNEWPPA if net/if_tun.h is missing on Solaris. + Prefer ncurses over curses. + Don't print device statistics when exiting tinc. + Allow running without ECDSA keys If ExperimentalProtocol is not explicitly set. + Give full path to unconfigured tinc-up script. + Don't print an error when no ECDSA key is known for a node using the legacy protocol. + Remove erroneous warning about SPTPS being disabled. + Enable compiler hardening flags by default. + Add our own autoconf check for libgcrypt. + Don't enable -fstack-protector-all. + Fix handling of --with-libgcrypt. + Clarify StrictSubnets. + Update the documentation of the tinc command. + Add index entries for the CLI commands. + Let tinc-gui use correct address family when connecting to tincd via TCP. + Document clearly that tinc depends on curses and readline libraries. + Document that 1.1 uses AES-256 in GCM mode. + Add the ListenAddress option. + Test two tinc daemons using network namespaces. + Add missing newlines when copying variables from tinc.conf to an invitation file. + Don't ask questions if we are not running interactively. + Document Weight and also allow it to be set from tinc.conf. + Use addresses learned from other nodes when making outgoing connections. + Attribution for various contributors. + Handle errors from TAP-Win32/64 adapter in a better way. + Attribution for Dennis Joachimsthaler. + Update copyright notices. + Fix compiling for Windows. + Check whether OpenSSL has support for GCM. + Releasing 1.1pre10. + +Dennis Joachimsthaler (2): + Fix tinc-gui on Windows. + Ensure tinc-gui running in 64 bits mode can find tinc's 32 bit registry key. + +Florent Clairambault (1): + Adding "conf.d" configuration dir support. + Version 1.1pre9 September 08 2013 ------------------------------------------------------------------------ diff --git a/INSTALL b/INSTALL index 007e939..2099840 100644 --- a/INSTALL +++ b/INSTALL @@ -12,8 +12,8 @@ without warranty of any kind. Basic Installation ================== - Briefly, the shell commands `./configure; make; make install' should -configure, build, and install this package. The following + Briefly, the shell command `./configure && make && make install' +should configure, build, and install this package. The following more-detailed instructions are generic; see the `README' file for instructions specific to this package. Some packages provide this `INSTALL' file but do not implement all of the features documented diff --git a/Makefile.in b/Makefile.in index a464e9e..797d7bf 100644 --- a/Makefile.in +++ b/Makefile.in @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.14 from Makefile.am. +# Makefile.in generated by automake 1.14.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994-2013 Free Software Foundation, Inc. @@ -85,9 +85,12 @@ DIST_COMMON = INSTALL NEWS README AUTHORS ChangeLog \ config.sub depcomp install-sh missing ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/m4/attribute.m4 \ - $(top_srcdir)/m4/curses.m4 $(top_srcdir)/m4/lzo.m4 \ - $(top_srcdir)/m4/openssl.m4 $(top_srcdir)/m4/readline.m4 \ - $(top_srcdir)/m4/zlib.m4 $(top_srcdir)/configure.ac + $(top_srcdir)/m4/ax_check_compile_flag.m4 \ + $(top_srcdir)/m4/ax_check_link_flag.m4 \ + $(top_srcdir)/m4/curses.m4 $(top_srcdir)/m4/libgcrypt.m4 \ + $(top_srcdir)/m4/lzo.m4 $(top_srcdir)/m4/openssl.m4 \ + $(top_srcdir)/m4/readline.m4 $(top_srcdir)/m4/zlib.m4 \ + $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) am__CONFIG_DISTCLEAN_FILES = config.status config.cache config.log \ @@ -223,9 +226,6 @@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ LDFLAGS = @LDFLAGS@ -LIBGCRYPT_CFLAGS = @LIBGCRYPT_CFLAGS@ -LIBGCRYPT_CONFIG = @LIBGCRYPT_CONFIG@ -LIBGCRYPT_LIBS = @LIBGCRYPT_LIBS@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LN_S = @LN_S@ @@ -241,7 +241,6 @@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ -RANLIB = @RANLIB@ READLINE_LIBS = @READLINE_LIBS@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ @@ -599,9 +598,10 @@ distcheck: dist && dc_destdir="$${TMPDIR-/tmp}/am-dc-$$$$/" \ && am__cwd=`pwd` \ && $(am__cd) $(distdir)/_build \ - && ../configure --srcdir=.. --prefix="$$dc_install_base" \ + && ../configure \ $(AM_DISTCHECK_CONFIGURE_FLAGS) \ $(DISTCHECK_CONFIGURE_FLAGS) \ + --srcdir=.. --prefix="$$dc_install_base" \ && $(MAKE) $(AM_MAKEFLAGS) \ && $(MAKE) $(AM_MAKEFLAGS) dvi \ && $(MAKE) $(AM_MAKEFLAGS) check \ diff --git a/NEWS b/NEWS index a0ca1d7..abd6a6f 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,81 @@ +Version 1.1pre11 December 27 2014 + + * Added a "network" command to list or switch networks. + + * Switched to Ed25519 keys and the ChaCha-Poly1305 cipher for the new protocol. + + * AutoConnect is now a boolean option, when enabled tinc always tries to keep + at least three meta-connections open. + + * The new protocol now uses UDP much more often. + + * Tinc "del" and "get" commands now return a non-zero exit code when they + don't find the requested variable. + + * Updated documentation. + + * Added a "DeviceStandby" option to defer running tinc-up until a working + connection is made, and which on Windows will also change the network + interface link status accordingly. + + * Tinc now tells the resolver to reload /etc/resolv.conf when it receives + SIGALRM. + + * Improved error messages and event loop handling on Windows. + + * LocalDiscovery now uses local address learned from other nodes, and is + enabled by default. + + * Added a "BroadcastSubnet" option to change the behavior of broadcast packets + in router mode. + + * Added support for dotted quad notation in IPv6 (e.g. ::1.2.3.4). + + * Improved format of printed Subnets, MAC and IPv6 addresses. + + * Added a "--batch" option to force the tinc CLI to run in non-interactive + mode. + + * Improve default Device selection on *BSD and Mac OS X. + + * Allow running tinc without RSA keys. + +Thanks to Etienne Dechamps, Sven-Haegar Koch, William A. Kennington III, +Baptiste Jonglez, Alexis Hildebrandt, Armin Fisslthaler, Franz Pletz, Alexander +Ried and Saverio Proto for their contributions to this version of tinc. + +Version 1.1pre10 February 7 2014 + + * Added a benchmark tool (sptps_speed) for the new protocol. + + * Fixed a crash when using Name = $HOST while $HOST is not set. + + * Use AES-256-GCM for the new protocol. + + * Updated support for Solaris. + + * Allow running tincd without a private ECDSA key present when + ExperimentalProtocol is not explicitly set. + + * Enable various compiler hardening flags by default. + + * Added support for a "conf.d" configuration directory. + + * Fix tinc-gui on Windows, also allowing it to connect to a 32-bits tincd when + tinc-gui is run in a 64-bits Python environment. + + * Added a "ListenAddress" option, which like BindToAddress adds more listening + address/ports, but doesn't bind to them for outgoing sockets. + + * Make invitations work better when the "invite" and "join" commands are not + run interactively. + + * When creating meta-connections to a node for which no Address statement is + specified, try to use addresses learned from other nodes. + +Thanks to Dennis Joachimsthaler and Florent Clairambault for their contribution +to this version of tinc. + Version 1.1pre9 September 8 2013 * The UNIX socket is now created before tinc-up is called. diff --git a/README b/README index ec53243..c88027b 100644 --- a/README +++ b/README @@ -1,7 +1,7 @@ -This is the README file for tinc version 1.1pre9. Installation +This is the README file for tinc version 1.1pre11. Installation instructions may be found in the INSTALL file. -tinc is Copyright (C) 1998-2013 by: +tinc is Copyright (C) 1998-2014 by: Ivo Timmermans, Guus Sliepen , @@ -36,12 +36,11 @@ at your own risk. Compatibility ------------- -Version 1.1pre9 is compatible with 1.0pre8, 1.0 and later, but not with older +Version 1.1pre11 is compatible with 1.0pre8, 1.0 and later, but not with older versions of tinc. -When the ExperimentalProtocol option is used, which is the default since -1.1pre8, tinc is still compatible with 1.0.X and 1.1pre9 itself, but not with -any other 1.1preX version. +When the ExperimentalProtocol option is used, tinc is still compatible with +1.0.X and 1.1pre11 itself, but not with any other 1.1preX version. Requirements @@ -51,7 +50,7 @@ In order to compile tinc, you will need a GNU C compiler environment. Please ensure you have the latest stable versions of all the required libraries: - OpenSSL (http://www.openssl.org/) version 1.0.0 or later, with support for - elliptic curve cryptography (ECC) enabeld. + elliptic curve cryptography (ECC) and Galois counter mode (GCM) enabled. The following libraries are used by default, but can be disabled if necessary: @@ -73,8 +72,8 @@ be forwarded by intermediate nodes. By default, nodes authenticate each other using 2048 bit RSA (or 521 bit ECDSA*) keys. Traffic is encrypted using Blowfish in CBC mode (or AES-256 in -CTR mode*), authenticated using HMAC-SHA1 (or HMAC-SHA-256*), and is protected -against replay attacks. +GCM mode*), authenticated using HMAC-SHA1 (or GCM*), and is protected against +replay attacks. *) When using the ExperimentalProtocol option. diff --git a/THANKS b/THANKS index 6753c2f..d1ee6b4 100644 --- a/THANKS +++ b/THANKS @@ -1,34 +1,51 @@ We would like to thank the following people for their contributions to tinc: * Alexander Reil and Gemeinde Berg +* Alexander Ried +* Alexis Hildebrandt * Allesandro Gatti * Andreas van Cranenburgh * Anthony G. Basile * Armijn Hemel +* Armin Fisslthaler +* Baptiste Jonglez +* Borg * Brandon Black * Cheng LI * Cris van Pelt * Darius Jahandarie +* David Pflug * Delf Eldkraft +* Dennis Joachimsthaler * dnk * Enrique Zanardi * Erik Tews * Etienne Dechamps +* Florent Clairambault * Flynn Marquardt +* Franz Pletz +* Gary Kessler and Claudia Gonzalez * Grzegorz Dymarek * Hans Bayle * Ivo van Dong +* James Cook * James MacLean * Jamie Briggs * Jason Harper +* Jason Livesay +* Jelle de Jong * Jeroen Ubbink * Jerome Etienne +* Jochen Voss * Julien Muchembled +* Lavrans Laading +* Loïc Dachary * Loïc Grenié * Lubomír Bulej * Mads Kiilerich * Marc A. Lehmann * Mark Glines +* Mark Petryk * Markus Goetz * Martin Kihlgren * Martin Schobert @@ -45,16 +62,24 @@ We would like to thank the following people for their contributions to tinc: * Philipp Babel * Robert van der Meulen * Rumko +* Saverio Proto * Scott Lamb +* Steffan Karger * Sven-Haegar Koch * Teemu Kiviniemi +* Thomas Tsiakalakis * Timothy Redaelli +* Tomislav Čohar +* Tommy Arnkværn * Tonnerre Lombard * Vil Brekin +* Vittorio Gambaletta * Wessel Dankers +* William A. Kennington III +* William McArthur * Wouter van Heyst -And everyone we forgot. Thank you! +And everyone we forgot (if we did, please let us know). Thank you! Ivo Timmermans Guus Sliepen diff --git a/aclocal.m4 b/aclocal.m4 index e3a5dd9..16c89a3 100644 --- a/aclocal.m4 +++ b/aclocal.m4 @@ -1,4 +1,4 @@ -# generated automatically by aclocal 1.14 -*- Autoconf -*- +# generated automatically by aclocal 1.14.1 -*- Autoconf -*- # Copyright (C) 1996-2013 Free Software Foundation, Inc. @@ -20,130 +20,6 @@ You have another version of autoconf. It may work, but is not guaranteed to. If you have problems, you may need to regenerate the build system entirely. To do so, use the procedure documented by the package, typically 'autoreconf'.])]) -dnl Autoconf macros for libgcrypt -dnl Copyright (C) 2002, 2004 Free Software Foundation, Inc. -dnl -dnl This file is free software; as a special exception the author gives -dnl unlimited permission to copy and/or distribute it, with or without -dnl modifications, as long as this notice is preserved. -dnl -dnl This file is distributed in the hope that it will be useful, but -dnl WITHOUT ANY WARRANTY, to the extent permitted by law; without even the -dnl implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. - - -dnl AM_PATH_LIBGCRYPT([MINIMUM-VERSION, -dnl [ACTION-IF-FOUND [, ACTION-IF-NOT-FOUND ]]]) -dnl Test for libgcrypt and define LIBGCRYPT_CFLAGS and LIBGCRYPT_LIBS. -dnl MINIMUN-VERSION is a string with the version number optionalliy prefixed -dnl with the API version to also check the API compatibility. Example: -dnl a MINIMUN-VERSION of 1:1.2.5 won't pass the test unless the installed -dnl version of libgcrypt is at least 1.2.5 *and* the API number is 1. Using -dnl this features allows to prevent build against newer versions of libgcrypt -dnl with a changed API. -dnl -AC_DEFUN([AM_PATH_LIBGCRYPT], -[ AC_ARG_WITH(libgcrypt-prefix, - AC_HELP_STRING([--with-libgcrypt-prefix=PFX], - [prefix where LIBGCRYPT is installed (optional)]), - libgcrypt_config_prefix="$withval", libgcrypt_config_prefix="") - if test x$libgcrypt_config_prefix != x ; then - if test x${LIBGCRYPT_CONFIG+set} != xset ; then - LIBGCRYPT_CONFIG=$libgcrypt_config_prefix/bin/libgcrypt-config - fi - fi - - AC_PATH_TOOL(LIBGCRYPT_CONFIG, libgcrypt-config, no) - tmp=ifelse([$1], ,1:1.2.0,$1) - if echo "$tmp" | grep ':' >/dev/null 2>/dev/null ; then - req_libgcrypt_api=`echo "$tmp" | sed 's/\(.*\):\(.*\)/\1/'` - min_libgcrypt_version=`echo "$tmp" | sed 's/\(.*\):\(.*\)/\2/'` - else - req_libgcrypt_api=0 - min_libgcrypt_version="$tmp" - fi - - AC_MSG_CHECKING(for LIBGCRYPT - version >= $min_libgcrypt_version) - ok=no - if test "$LIBGCRYPT_CONFIG" != "no" ; then - req_major=`echo $min_libgcrypt_version | \ - sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\)/\1/'` - req_minor=`echo $min_libgcrypt_version | \ - sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\)/\2/'` - req_micro=`echo $min_libgcrypt_version | \ - sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\)/\3/'` - libgcrypt_config_version=`$LIBGCRYPT_CONFIG --version` - major=`echo $libgcrypt_config_version | \ - sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\).*/\1/'` - minor=`echo $libgcrypt_config_version | \ - sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\).*/\2/'` - micro=`echo $libgcrypt_config_version | \ - sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\).*/\3/'` - if test "$major" -gt "$req_major"; then - ok=yes - else - if test "$major" -eq "$req_major"; then - if test "$minor" -gt "$req_minor"; then - ok=yes - else - if test "$minor" -eq "$req_minor"; then - if test "$micro" -ge "$req_micro"; then - ok=yes - fi - fi - fi - fi - fi - fi - if test $ok = yes; then - AC_MSG_RESULT([yes ($libgcrypt_config_version)]) - else - AC_MSG_RESULT(no) - fi - if test $ok = yes; then - # If we have a recent libgcrypt, we should also check that the - # API is compatible - if test "$req_libgcrypt_api" -gt 0 ; then - tmp=`$LIBGCRYPT_CONFIG --api-version 2>/dev/null || echo 0` - if test "$tmp" -gt 0 ; then - AC_MSG_CHECKING([LIBGCRYPT API version]) - if test "$req_libgcrypt_api" -eq "$tmp" ; then - AC_MSG_RESULT([okay]) - else - ok=no - AC_MSG_RESULT([does not match. want=$req_libgcrypt_api got=$tmp]) - fi - fi - fi - fi - if test $ok = yes; then - LIBGCRYPT_CFLAGS=`$LIBGCRYPT_CONFIG --cflags` - LIBGCRYPT_LIBS=`$LIBGCRYPT_CONFIG --libs` - ifelse([$2], , :, [$2]) - if test x"$host" != x ; then - libgcrypt_config_host=`$LIBGCRYPT_CONFIG --host 2>/dev/null || echo none` - if test x"$libgcrypt_config_host" != xnone ; then - if test x"$libgcrypt_config_host" != x"$host" ; then - AC_MSG_WARN([[ -*** -*** The config script $LIBGCRYPT_CONFIG was -*** built for $libgcrypt_config_host and thus may not match the -*** used host $host. -*** You may want to use the configure option --with-libgcrypt-prefix -*** to specify a matching config script. -***]]) - fi - fi - fi - else - LIBGCRYPT_CFLAGS="" - LIBGCRYPT_LIBS="" - ifelse([$3], , :, [$3]) - fi - AC_SUBST(LIBGCRYPT_CFLAGS) - AC_SUBST(LIBGCRYPT_LIBS) -]) - # Copyright (C) 2002-2013 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation @@ -159,7 +35,7 @@ AC_DEFUN([AM_AUTOMAKE_VERSION], [am__api_version='1.14' dnl Some users find AM_AUTOMAKE_VERSION and mistake it for a way to dnl require some minimum version. Point them to the right macro. -m4_if([$1], [1.14], [], +m4_if([$1], [1.14.1], [], [AC_FATAL([Do not call $0, use AM_INIT_AUTOMAKE([$1]).])])dnl ]) @@ -175,7 +51,7 @@ m4_define([_AM_AUTOCONF_VERSION], []) # Call AM_AUTOMAKE_VERSION and AM_AUTOMAKE_VERSION so they can be traced. # This function is AC_REQUIREd by AM_INIT_AUTOMAKE. AC_DEFUN([AM_SET_CURRENT_AUTOMAKE_VERSION], -[AM_AUTOMAKE_VERSION([1.14])dnl +[AM_AUTOMAKE_VERSION([1.14.1])dnl m4_ifndef([AC_AUTOCONF_VERSION], [m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl _AM_AUTOCONF_VERSION(m4_defn([AC_AUTOCONF_VERSION]))]) @@ -227,10 +103,9 @@ _AM_AUTOCONF_VERSION(m4_defn([AC_AUTOCONF_VERSION]))]) # configured tree to be moved without reconfiguration. AC_DEFUN([AM_AUX_DIR_EXPAND], -[dnl Rely on autoconf to set up CDPATH properly. -AC_PREREQ([2.50])dnl -# expand $ac_aux_dir to an absolute path -am_aux_dir=`cd $ac_aux_dir && pwd` +[AC_REQUIRE([AC_CONFIG_AUX_DIR_DEFAULT])dnl +# Expand $ac_aux_dir to an absolute path. +am_aux_dir=`cd "$ac_aux_dir" && pwd` ]) # AM_CONDITIONAL -*- Autoconf -*- @@ -697,7 +572,8 @@ to "yes", and re-run configure. END AC_MSG_ERROR([Your 'rm' program is bad, sorry.]) fi -fi]) +fi +]) dnl Hook into '_AC_COMPILER_EXEEXT' early to learn its expansion. Do not dnl add the conditional right here, as _AC_COMPILER_EXEEXT may be further @@ -1272,7 +1148,10 @@ AC_SUBST([am__untar]) ]) # _AM_PROG_TAR m4_include([m4/attribute.m4]) +m4_include([m4/ax_check_compile_flag.m4]) +m4_include([m4/ax_check_link_flag.m4]) m4_include([m4/curses.m4]) +m4_include([m4/libgcrypt.m4]) m4_include([m4/lzo.m4]) m4_include([m4/openssl.m4]) m4_include([m4/readline.m4]) diff --git a/config.guess b/config.guess index b79252d..1f5c50c 100755 --- a/config.guess +++ b/config.guess @@ -1,8 +1,8 @@ #! /bin/sh # Attempt to guess a canonical system name. -# Copyright 1992-2013 Free Software Foundation, Inc. +# Copyright 1992-2014 Free Software Foundation, Inc. -timestamp='2013-06-10' +timestamp='2014-03-23' # This file is free software; you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by @@ -50,7 +50,7 @@ version="\ GNU config.guess ($timestamp) Originally written by Per Bothner. -Copyright 1992-2013 Free Software Foundation, Inc. +Copyright 1992-2014 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." @@ -149,7 +149,7 @@ Linux|GNU|GNU/*) LIBC=gnu #endif EOF - eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep '^LIBC'` + eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep '^LIBC' | sed 's, ,,g'` ;; esac @@ -826,7 +826,7 @@ EOF *:MINGW*:*) echo ${UNAME_MACHINE}-pc-mingw32 exit ;; - i*:MSYS*:*) + *:MSYS*:*) echo ${UNAME_MACHINE}-pc-msys exit ;; i*:windows32*:*) @@ -969,10 +969,10 @@ EOF eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep '^CPU'` test x"${CPU}" != x && { echo "${CPU}-unknown-linux-${LIBC}"; exit; } ;; - or1k:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-${LIBC} + openrisc*:Linux:*:*) + echo or1k-unknown-linux-${LIBC} exit ;; - or32:Linux:*:*) + or32:Linux:*:* | or1k*:Linux:*:*) echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; padre:Linux:*:*) @@ -1260,16 +1260,26 @@ EOF if test "$UNAME_PROCESSOR" = unknown ; then UNAME_PROCESSOR=powerpc fi - if [ "$CC_FOR_BUILD" != 'no_compiler_found' ]; then - if (echo '#ifdef __LP64__'; echo IS_64BIT_ARCH; echo '#endif') | \ - (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | \ - grep IS_64BIT_ARCH >/dev/null - then - case $UNAME_PROCESSOR in - i386) UNAME_PROCESSOR=x86_64 ;; - powerpc) UNAME_PROCESSOR=powerpc64 ;; - esac + if test `echo "$UNAME_RELEASE" | sed -e 's/\..*//'` -le 10 ; then + if [ "$CC_FOR_BUILD" != 'no_compiler_found' ]; then + if (echo '#ifdef __LP64__'; echo IS_64BIT_ARCH; echo '#endif') | \ + (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | \ + grep IS_64BIT_ARCH >/dev/null + then + case $UNAME_PROCESSOR in + i386) UNAME_PROCESSOR=x86_64 ;; + powerpc) UNAME_PROCESSOR=powerpc64 ;; + esac + fi fi + elif test "$UNAME_PROCESSOR" = i386 ; then + # Avoid executing cc on OS X 10.9, as it ships with a stub + # that puts up a graphical alert prompting to install + # developer tools. Any system running Mac OS X 10.7 or + # later (Darwin 11 and later) is required to have a 64-bit + # processor. This is not true of the ARM version of Darwin + # that Apple uses in portable devices. + UNAME_PROCESSOR=x86_64 fi echo ${UNAME_PROCESSOR}-apple-darwin${UNAME_RELEASE} exit ;; @@ -1361,154 +1371,6 @@ EOF exit ;; esac -eval $set_cc_for_build -cat >$dummy.c < -# include -#endif -main () -{ -#if defined (sony) -#if defined (MIPSEB) - /* BFD wants "bsd" instead of "newsos". Perhaps BFD should be changed, - I don't know.... */ - printf ("mips-sony-bsd\n"); exit (0); -#else -#include - printf ("m68k-sony-newsos%s\n", -#ifdef NEWSOS4 - "4" -#else - "" -#endif - ); exit (0); -#endif -#endif - -#if defined (__arm) && defined (__acorn) && defined (__unix) - printf ("arm-acorn-riscix\n"); exit (0); -#endif - -#if defined (hp300) && !defined (hpux) - printf ("m68k-hp-bsd\n"); exit (0); -#endif - -#if defined (NeXT) -#if !defined (__ARCHITECTURE__) -#define __ARCHITECTURE__ "m68k" -#endif - int version; - version=`(hostinfo | sed -n 's/.*NeXT Mach \([0-9]*\).*/\1/p') 2>/dev/null`; - if (version < 4) - printf ("%s-next-nextstep%d\n", __ARCHITECTURE__, version); - else - printf ("%s-next-openstep%d\n", __ARCHITECTURE__, version); - exit (0); -#endif - -#if defined (MULTIMAX) || defined (n16) -#if defined (UMAXV) - printf ("ns32k-encore-sysv\n"); exit (0); -#else -#if defined (CMU) - printf ("ns32k-encore-mach\n"); exit (0); -#else - printf ("ns32k-encore-bsd\n"); exit (0); -#endif -#endif -#endif - -#if defined (__386BSD__) - printf ("i386-pc-bsd\n"); exit (0); -#endif - -#if defined (sequent) -#if defined (i386) - printf ("i386-sequent-dynix\n"); exit (0); -#endif -#if defined (ns32000) - printf ("ns32k-sequent-dynix\n"); exit (0); -#endif -#endif - -#if defined (_SEQUENT_) - struct utsname un; - - uname(&un); - - if (strncmp(un.version, "V2", 2) == 0) { - printf ("i386-sequent-ptx2\n"); exit (0); - } - if (strncmp(un.version, "V1", 2) == 0) { /* XXX is V1 correct? */ - printf ("i386-sequent-ptx1\n"); exit (0); - } - printf ("i386-sequent-ptx\n"); exit (0); - -#endif - -#if defined (vax) -# if !defined (ultrix) -# include -# if defined (BSD) -# if BSD == 43 - printf ("vax-dec-bsd4.3\n"); exit (0); -# else -# if BSD == 199006 - printf ("vax-dec-bsd4.3reno\n"); exit (0); -# else - printf ("vax-dec-bsd\n"); exit (0); -# endif -# endif -# else - printf ("vax-dec-bsd\n"); exit (0); -# endif -# else - printf ("vax-dec-ultrix\n"); exit (0); -# endif -#endif - -#if defined (alliant) && defined (i860) - printf ("i860-alliant-bsd\n"); exit (0); -#endif - - exit (1); -} -EOF - -$CC_FOR_BUILD -o $dummy $dummy.c 2>/dev/null && SYSTEM_NAME=`$dummy` && - { echo "$SYSTEM_NAME"; exit; } - -# Apollos put the system type in the environment. - -test -d /usr/apollo && { echo ${ISP}-apollo-${SYSTYPE}; exit; } - -# Convex versions that predate uname can use getsysinfo(1) - -if [ -x /usr/convex/getsysinfo ] -then - case `getsysinfo -f cpu_type` in - c1*) - echo c1-convex-bsd - exit ;; - c2*) - if getsysinfo -f scalar_acc - then echo c32-convex-bsd - else echo c2-convex-bsd - fi - exit ;; - c34*) - echo c34-convex-bsd - exit ;; - c38*) - echo c38-convex-bsd - exit ;; - c4*) - echo c4-convex-bsd - exit ;; - esac -fi - cat >&2 < header file. */ #undef HAVE_DIRENT_H /* DragonFly */ #undef HAVE_DRAGONFLY -/* Define to 1 if you have the `ECDH_compute_key' function. */ -#undef HAVE_ECDH_COMPUTE_KEY - -/* Define to 1 if you have the `ECDSA_verify' function. */ -#undef HAVE_ECDSA_VERIFY - /* Define to 1 if you have the `EVP_EncryptInit_ex' function. */ #undef HAVE_EVP_ENCRYPTINIT_EX @@ -82,6 +84,9 @@ /* Define to 1 if you have the `ftime' function. */ #undef HAVE_FTIME +/* Define to 1 if you have the header file. */ +#undef HAVE_GCRYPT_H + /* Define to 1 if you have the `gettimeofday' function. */ #undef HAVE_GETTIMEOFDAY @@ -94,6 +99,9 @@ /* Define to 1 if you have the `nsl' library (-lnsl). */ #undef HAVE_LIBNSL +/* Define to 1 if you have the `resolv' library (-lresolv). */ +#undef HAVE_LIBRESOLV + /* Define to 1 if you have the `socket' library (-lsocket). */ #undef HAVE_LIBSOCKET @@ -190,12 +198,6 @@ /* OpenBSD */ #undef HAVE_OPENBSD -/* Define to 1 if you have the header file. */ -#undef HAVE_OPENSSL_ECDH_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_OPENSSL_EC_H - /* Define to 1 if you have the header file. */ #undef HAVE_OPENSSL_ENGINE_H @@ -223,8 +225,8 @@ /* Define to 1 if you have the `random' function. */ #undef HAVE_RANDOM -/* Define to 1 if you have the `RAND_pseudo_bytes' function. */ -#undef HAVE_RAND_PSEUDO_BYTES +/* Define to 1 if you have the `RAND_status' function. */ +#undef HAVE_RAND_STATUS /* have readline support */ #undef HAVE_READLINE @@ -235,6 +237,9 @@ /* Define to 1 if you have the header file. */ #undef HAVE_READLINE_READLINE_H +/* Define to 1 if you have the header file. */ +#undef HAVE_RESOLV_H + /* Define to 1 if you have the `select' function. */ #undef HAVE_SELECT diff --git a/config.sub b/config.sub index 9633db7..bba4efb 100755 --- a/config.sub +++ b/config.sub @@ -1,8 +1,8 @@ #! /bin/sh # Configuration validation subroutine script. -# Copyright 1992-2013 Free Software Foundation, Inc. +# Copyright 1992-2014 Free Software Foundation, Inc. -timestamp='2013-08-10' +timestamp='2014-09-11' # This file is free software; you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by @@ -68,7 +68,7 @@ Report bugs and patches to ." version="\ GNU config.sub ($timestamp) -Copyright 1992-2013 Free Software Foundation, Inc. +Copyright 1992-2014 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." @@ -265,6 +265,7 @@ case $basic_machine in | hexagon \ | i370 | i860 | i960 | ia64 \ | ip2k | iq2000 \ + | k1om \ | le32 | le64 \ | lm32 \ | m32c | m32r | m32rle | m68000 | m68k | m88k \ @@ -282,8 +283,10 @@ case $basic_machine in | mips64vr5900 | mips64vr5900el \ | mipsisa32 | mipsisa32el \ | mipsisa32r2 | mipsisa32r2el \ + | mipsisa32r6 | mipsisa32r6el \ | mipsisa64 | mipsisa64el \ | mipsisa64r2 | mipsisa64r2el \ + | mipsisa64r6 | mipsisa64r6el \ | mipsisa64sb1 | mipsisa64sb1el \ | mipsisa64sr71k | mipsisa64sr71kel \ | mipsr5900 | mipsr5900el \ @@ -295,11 +298,11 @@ case $basic_machine in | nds32 | nds32le | nds32be \ | nios | nios2 | nios2eb | nios2el \ | ns16k | ns32k \ - | open8 \ - | or1k | or32 \ + | open8 | or1k | or1knd | or32 \ | pdp10 | pdp11 | pj | pjl \ | powerpc | powerpc64 | powerpc64le | powerpcle \ | pyramid \ + | riscv32 | riscv64 \ | rl78 | rx \ | score \ | sh | sh[1234] | sh[24]a | sh[24]aeb | sh[23]e | sh[34]eb | sheb | shbe | shle | sh[1234]le | sh3ele \ @@ -324,7 +327,7 @@ case $basic_machine in c6x) basic_machine=tic6x-unknown ;; - m6811 | m68hc11 | m6812 | m68hc12 | m68hcs12x | picochip) + m6811 | m68hc11 | m6812 | m68hc12 | m68hcs12x | nvptx | picochip) basic_machine=$basic_machine-unknown os=-none ;; @@ -381,6 +384,7 @@ case $basic_machine in | hexagon-* \ | i*86-* | i860-* | i960-* | ia64-* \ | ip2k-* | iq2000-* \ + | k1om-* \ | le32-* | le64-* \ | lm32-* \ | m32c-* | m32r-* | m32rle-* \ @@ -400,8 +404,10 @@ case $basic_machine in | mips64vr5900-* | mips64vr5900el-* \ | mipsisa32-* | mipsisa32el-* \ | mipsisa32r2-* | mipsisa32r2el-* \ + | mipsisa32r6-* | mipsisa32r6el-* \ | mipsisa64-* | mipsisa64el-* \ | mipsisa64r2-* | mipsisa64r2el-* \ + | mipsisa64r6-* | mipsisa64r6el-* \ | mipsisa64sb1-* | mipsisa64sb1el-* \ | mipsisa64sr71k-* | mipsisa64sr71kel-* \ | mipsr5900-* | mipsr5900el-* \ @@ -413,6 +419,7 @@ case $basic_machine in | nios-* | nios2-* | nios2eb-* | nios2el-* \ | none-* | np1-* | ns16k-* | ns32k-* \ | open8-* \ + | or1k*-* \ | orion-* \ | pdp10-* | pdp11-* | pj-* | pjl-* | pn-* | power-* \ | powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* \ @@ -822,6 +829,10 @@ case $basic_machine in basic_machine=powerpc-unknown os=-morphos ;; + moxiebox) + basic_machine=moxie-unknown + os=-moxiebox + ;; msdos) basic_machine=i386-pc os=-msdos @@ -1367,14 +1378,14 @@ case $os in | -cygwin* | -msys* | -pe* | -psos* | -moss* | -proelf* | -rtems* \ | -mingw32* | -mingw64* | -linux-gnu* | -linux-android* \ | -linux-newlib* | -linux-musl* | -linux-uclibc* \ - | -uxpv* | -beos* | -mpeix* | -udk* \ + | -uxpv* | -beos* | -mpeix* | -udk* | -moxiebox* \ | -interix* | -uwin* | -mks* | -rhapsody* | -darwin* | -opened* \ | -openstep* | -oskit* | -conix* | -pw32* | -nonstopux* \ | -storm-chaos* | -tops10* | -tenex* | -tops20* | -its* \ | -os2* | -vos* | -palmos* | -uclinux* | -nucleus* \ | -morphos* | -superux* | -rtmk* | -rtmk-nova* | -windiss* \ | -powermax* | -dnix* | -nx6 | -nx7 | -sei* | -dragonfly* \ - | -skyos* | -haiku* | -rdos* | -toppers* | -drops* | -es*) + | -skyos* | -haiku* | -rdos* | -toppers* | -drops* | -es* | -tirtos*) # Remember, each alternative MUST END IN *, to match a version number. ;; -qnx*) @@ -1592,9 +1603,6 @@ case $basic_machine in mips*-*) os=-elf ;; - or1k-*) - os=-elf - ;; or32-*) os=-coff ;; diff --git a/configure b/configure index d2816e1..e1bc385 100755 --- a/configure +++ b/configure @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for tinc 1.1pre9. +# Generated by GNU Autoconf 2.69 for tinc 1.1pre11. # # # Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc. @@ -577,8 +577,8 @@ MAKEFLAGS= # Identity of this package. PACKAGE_NAME='tinc' PACKAGE_TARNAME='tinc' -PACKAGE_VERSION='1.1pre9' -PACKAGE_STRING='tinc 1.1pre9' +PACKAGE_VERSION='1.1pre11' +PACKAGE_STRING='tinc 1.1pre11' PACKAGE_BUGREPORT='' PACKAGE_URL='' @@ -627,9 +627,6 @@ GCRYPT_FALSE GCRYPT_TRUE OPENSSL_FALSE OPENSSL_TRUE -LIBGCRYPT_LIBS -LIBGCRYPT_CFLAGS -LIBGCRYPT_CONFIG READLINE_LIBS CURSES_LIBS TUNEMU_FALSE @@ -656,7 +653,6 @@ build_os build_vendor build_cpu build -RANLIB LN_S AM_BACKSLASH AM_DEFAULT_VERBOSITY @@ -752,6 +748,7 @@ enable_uml enable_vde enable_tunemu with_windows2000 +enable_hardening enable_curses with_curses with_curses_include @@ -768,7 +765,9 @@ enable_lzo with_lzo with_lzo_include with_lzo_lib -with_libgcrypt_prefix +with_libgcrypt +with_libgcrypt_include +with_libgcrypt_lib with_openssl with_openssl_include with_openssl_lib @@ -1323,7 +1322,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures tinc 1.1pre9 to adapt to many kinds of systems. +\`configure' configures tinc 1.1pre11 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1393,7 +1392,7 @@ fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of tinc 1.1pre9:";; + short | recursive ) echo "Configuration of tinc 1.1pre11:";; esac cat <<\_ACEOF @@ -1410,17 +1409,18 @@ Optional Features: --enable-uml enable support for User Mode Linux --enable-vde enable support for Virtual Distributed Ethernet --enable-tunemu enable support for the tunemu driver + --disable-hardening disable compiler and linker hardening flags --disable-curses disable curses support --disable-readline disable readline support --disable-zlib disable zlib compression support --disable-lzo disable lzo compression support - --disable-jumbograms enable support for jumbograms (packets up to 9000 + --enable-jumbograms enable support for jumbograms (packets up to 9000 bytes) Optional Packages: --with-PACKAGE[=ARG] use PACKAGE [ARG=yes] --without-PACKAGE do not use PACKAGE (same as --with-PACKAGE=no) - --without-windows2000 compile with support for Windows 2000. This disables + --with-windows2000 compile with support for Windows 2000. This disables support for tunneling over existing IPv6 networks. --with-curses=DIR curses base directory, or: --with-curses-include=DIR @@ -1436,8 +1436,12 @@ Optional Packages: --with-lzo=DIR lzo base directory, or: --with-lzo-include=DIR lzo headers directory --with-lzo-lib=DIR lzo library directory - --with-libgcrypt-prefix=PFX - prefix where LIBGCRYPT is installed (optional) + --with-libgcrypt=DIR libgcrypt base directory, or: + --with-libgcrypt-include=DIR + libgcrypt headers directory (without trailing + /libgcrypt) + --with-libgcrypt-lib=DIR + libgcrypt library directory --with-openssl=DIR OpenSSL base directory, or: --with-openssl-include=DIR OpenSSL headers directory (without trailing @@ -1520,7 +1524,7 @@ fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -tinc configure 1.1pre9 +tinc configure 1.1pre11 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -1769,6 +1773,52 @@ $as_echo "$ac_res" >&6; } } # ac_fn_c_check_header_compile +# ac_fn_c_try_link LINENO +# ----------------------- +# Try to link conftest.$ac_ext, and return whether this succeeded. +ac_fn_c_try_link () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + rm -f conftest.$ac_objext conftest$ac_exeext + if { { ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_link") 2>conftest.err + ac_status=$? + if test -s conftest.err; then + grep -v '^ *+' conftest.err >conftest.er1 + cat conftest.er1 >&5 + mv -f conftest.er1 conftest.err + fi + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest$ac_exeext && { + test "$cross_compiling" = yes || + test -x conftest$ac_exeext + }; then : + ac_retval=0 +else + $as_echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + ac_retval=1 +fi + # Delete the IPA/IPO (Inter Procedural Analysis/Optimization) information + # created by the PGI compiler (conftest_ipa8_conftest.oo), as it would + # interfere with the next link command; also delete a directory that is + # left behind by Apple's compiler. We do this before executing the actions. + rm -rf conftest.dSYM conftest_ipa8_conftest.oo + eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno + as_fn_set_status $ac_retval + +} # ac_fn_c_try_link + # ac_fn_c_check_type LINENO TYPE VAR INCLUDES # ------------------------------------------- # Tests whether TYPE exists after having included INCLUDES, setting cache @@ -1823,52 +1873,6 @@ $as_echo "$ac_res" >&6; } } # ac_fn_c_check_type -# ac_fn_c_try_link LINENO -# ----------------------- -# Try to link conftest.$ac_ext, and return whether this succeeded. -ac_fn_c_try_link () -{ - as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack - rm -f conftest.$ac_objext conftest$ac_exeext - if { { ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" -$as_echo "$ac_try_echo"; } >&5 - (eval "$ac_link") 2>conftest.err - ac_status=$? - if test -s conftest.err; then - grep -v '^ *+' conftest.err >conftest.er1 - cat conftest.er1 >&5 - mv -f conftest.er1 conftest.err - fi - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 - test $ac_status = 0; } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && { - test "$cross_compiling" = yes || - test -x conftest$ac_exeext - }; then : - ac_retval=0 -else - $as_echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_retval=1 -fi - # Delete the IPA/IPO (Inter Procedural Analysis/Optimization) information - # created by the PGI compiler (conftest_ipa8_conftest.oo), as it would - # interfere with the next link command; also delete a directory that is - # left behind by Apple's compiler. We do this before executing the actions. - rm -rf conftest.dSYM conftest_ipa8_conftest.oo - eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno - as_fn_set_status $ac_retval - -} # ac_fn_c_try_link - # ac_fn_c_check_func LINENO FUNC VAR # ---------------------------------- # Tests whether FUNC exists, setting the cache variable VAR accordingly @@ -1985,7 +1989,7 @@ cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by tinc $as_me 1.1pre9, which was +It was created by tinc $as_me 1.1pre11, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -2334,8 +2338,37 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu -# expand $ac_aux_dir to an absolute path -am_aux_dir=`cd $ac_aux_dir && pwd` +ac_aux_dir= +for ac_dir in "$srcdir" "$srcdir/.." "$srcdir/../.."; do + if test -f "$ac_dir/install-sh"; then + ac_aux_dir=$ac_dir + ac_install_sh="$ac_aux_dir/install-sh -c" + break + elif test -f "$ac_dir/install.sh"; then + ac_aux_dir=$ac_dir + ac_install_sh="$ac_aux_dir/install.sh -c" + break + elif test -f "$ac_dir/shtool"; then + ac_aux_dir=$ac_dir + ac_install_sh="$ac_aux_dir/shtool install -c" + break + fi +done +if test -z "$ac_aux_dir"; then + as_fn_error $? "cannot find install-sh, install.sh, or shtool in \"$srcdir\" \"$srcdir/..\" \"$srcdir/../..\"" "$LINENO" 5 +fi + +# These three variables are undocumented and unsupported, +# and are intended to be withdrawn in a future Autoconf release. +# They can cause serious problems if a builder's source tree is in a directory +# whose full name contains unusual characters. +ac_config_guess="$SHELL $ac_aux_dir/config.guess" # Please don't use this var. +ac_config_sub="$SHELL $ac_aux_dir/config.sub" # Please don't use this var. +ac_configure="$SHELL $ac_aux_dir/configure" # Please don't use this var. + + +# Expand $ac_aux_dir to an absolute path. +am_aux_dir=`cd "$ac_aux_dir" && pwd` ac_ext=c ac_cpp='$CPP $CPPFLAGS' @@ -3647,35 +3680,6 @@ $as_echo "$ac_cv_safe_to_define___extensions__" >&6; } am__api_version='1.14' -ac_aux_dir= -for ac_dir in "$srcdir" "$srcdir/.." "$srcdir/../.."; do - if test -f "$ac_dir/install-sh"; then - ac_aux_dir=$ac_dir - ac_install_sh="$ac_aux_dir/install-sh -c" - break - elif test -f "$ac_dir/install.sh"; then - ac_aux_dir=$ac_dir - ac_install_sh="$ac_aux_dir/install.sh -c" - break - elif test -f "$ac_dir/shtool"; then - ac_aux_dir=$ac_dir - ac_install_sh="$ac_aux_dir/shtool install -c" - break - fi -done -if test -z "$ac_aux_dir"; then - as_fn_error $? "cannot find install-sh, install.sh, or shtool in \"$srcdir\" \"$srcdir/..\" \"$srcdir/../..\"" "$LINENO" 5 -fi - -# These three variables are undocumented and unsupported, -# and are intended to be withdrawn in a future Autoconf release. -# They can cause serious problems if a builder's source tree is in a directory -# whose full name contains unusual characters. -ac_config_guess="$SHELL $ac_aux_dir/config.guess" # Please don't use this var. -ac_config_sub="$SHELL $ac_aux_dir/config.sub" # Please don't use this var. -ac_configure="$SHELL $ac_aux_dir/configure" # Please don't use this var. - - # Find a good install program. We prefer a C program (faster), # so one script is as good as another. But avoid the broken or # incompatible versions: @@ -4220,7 +4224,7 @@ fi # Define the identity of the package. PACKAGE='tinc' - VERSION='1.1pre9' + VERSION='1.1pre11' cat >>confdefs.h <<_ACEOF @@ -4440,6 +4444,7 @@ END as_fn_error $? "Your 'rm' program is bad, sorry." "$LINENO" 5 fi fi + ac_config_headers="$ac_config_headers config.h" @@ -4777,98 +4782,6 @@ else $as_echo "no, using $LN_S" >&6; } fi -if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}ranlib", so it can be a program name with args. -set dummy ${ac_tool_prefix}ranlib; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_RANLIB+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$RANLIB"; then - ac_cv_prog_RANLIB="$RANLIB" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_prog_RANLIB="${ac_tool_prefix}ranlib" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -fi -fi -RANLIB=$ac_cv_prog_RANLIB -if test -n "$RANLIB"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $RANLIB" >&5 -$as_echo "$RANLIB" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - -fi -if test -z "$ac_cv_prog_RANLIB"; then - ac_ct_RANLIB=$RANLIB - # Extract the first word of "ranlib", so it can be a program name with args. -set dummy ranlib; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_ac_ct_RANLIB+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$ac_ct_RANLIB"; then - ac_cv_prog_ac_ct_RANLIB="$ac_ct_RANLIB" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_prog_ac_ct_RANLIB="ranlib" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -fi -fi -ac_ct_RANLIB=$ac_cv_prog_ac_ct_RANLIB -if test -n "$ac_ct_RANLIB"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_RANLIB" >&5 -$as_echo "$ac_ct_RANLIB" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - if test "x$ac_ct_RANLIB" = x; then - RANLIB=":" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 -$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} -ac_tool_warned=yes ;; -esac - RANLIB=$ac_ct_RANLIB - fi -else - RANLIB="$ac_cv_prog_RANLIB" -fi - @@ -5254,6 +5167,343 @@ if test -d /sw/lib ; then fi +# Check whether --enable-hardening was given. +if test "${enable_hardening+set}" = set; then : + enableval=$enable_hardening; +fi + +if test "x$enable_hardening" != "xno"; then : + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts -DFORTIFY_SOURCE=2" >&5 +$as_echo_n "checking whether C compiler accepts -DFORTIFY_SOURCE=2... " >&6; } +if ${ax_cv_check_cflags___DFORTIFY_SOURCE_2+:} false; then : + $as_echo_n "(cached) " >&6 +else + + ax_check_save_flags=$CFLAGS + CFLAGS="$CFLAGS -DFORTIFY_SOURCE=2" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ax_cv_check_cflags___DFORTIFY_SOURCE_2=yes +else + ax_cv_check_cflags___DFORTIFY_SOURCE_2=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + CFLAGS=$ax_check_save_flags +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ax_cv_check_cflags___DFORTIFY_SOURCE_2" >&5 +$as_echo "$ax_cv_check_cflags___DFORTIFY_SOURCE_2" >&6; } +if test x"$ax_cv_check_cflags___DFORTIFY_SOURCE_2" = xyes; then : + CPPFLAGS="$CPPFLAGS -DFORTIFY_SOURCE=2" +else + : +fi + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts -fno-strict-overflow" >&5 +$as_echo_n "checking whether C compiler accepts -fno-strict-overflow... " >&6; } +if ${ax_cv_check_cflags___fno_strict_overflow+:} false; then : + $as_echo_n "(cached) " >&6 +else + + ax_check_save_flags=$CFLAGS + CFLAGS="$CFLAGS -fno-strict-overflow" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ax_cv_check_cflags___fno_strict_overflow=yes +else + ax_cv_check_cflags___fno_strict_overflow=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + CFLAGS=$ax_check_save_flags +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ax_cv_check_cflags___fno_strict_overflow" >&5 +$as_echo "$ax_cv_check_cflags___fno_strict_overflow" >&6; } +if test x"$ax_cv_check_cflags___fno_strict_overflow" = xyes; then : + CPPFLAGS="$CPPFLAGS -fno-strict-overflow" +else + : +fi + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts -fwrapv" >&5 +$as_echo_n "checking whether C compiler accepts -fwrapv... " >&6; } +if ${ax_cv_check_cflags___fwrapv+:} false; then : + $as_echo_n "(cached) " >&6 +else + + ax_check_save_flags=$CFLAGS + CFLAGS="$CFLAGS -fwrapv" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ax_cv_check_cflags___fwrapv=yes +else + ax_cv_check_cflags___fwrapv=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + CFLAGS=$ax_check_save_flags +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ax_cv_check_cflags___fwrapv" >&5 +$as_echo "$ax_cv_check_cflags___fwrapv" >&6; } +if test x"$ax_cv_check_cflags___fwrapv" = xyes; then : + CPPFLAGS="$CPPFLAGS -fwrapv" +else + : +fi + + case $host_os in + *mingw*) + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the linker accepts -Wl,--dynamicbase" >&5 +$as_echo_n "checking whether the linker accepts -Wl,--dynamicbase... " >&6; } +if ${ax_cv_check_ldflags___Wl___dynamicbase+:} false; then : + $as_echo_n "(cached) " >&6 +else + + ax_check_save_flags=$LDFLAGS + LDFLAGS="$LDFLAGS -Wl,--dynamicbase" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + ax_cv_check_ldflags___Wl___dynamicbase=yes +else + ax_cv_check_ldflags___Wl___dynamicbase=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + LDFLAGS=$ax_check_save_flags +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ax_cv_check_ldflags___Wl___dynamicbase" >&5 +$as_echo "$ax_cv_check_ldflags___Wl___dynamicbase" >&6; } +if test x"$ax_cv_check_ldflags___Wl___dynamicbase" = xyes; then : + LDFLAGS="$LDFLAGS -Wl,--dynamicbase" +else + : +fi + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the linker accepts -Wl,--nxcompat" >&5 +$as_echo_n "checking whether the linker accepts -Wl,--nxcompat... " >&6; } +if ${ax_cv_check_ldflags___Wl___nxcompat+:} false; then : + $as_echo_n "(cached) " >&6 +else + + ax_check_save_flags=$LDFLAGS + LDFLAGS="$LDFLAGS -Wl,--nxcompat" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + ax_cv_check_ldflags___Wl___nxcompat=yes +else + ax_cv_check_ldflags___Wl___nxcompat=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + LDFLAGS=$ax_check_save_flags +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ax_cv_check_ldflags___Wl___nxcompat" >&5 +$as_echo "$ax_cv_check_ldflags___Wl___nxcompat" >&6; } +if test x"$ax_cv_check_ldflags___Wl___nxcompat" = xyes; then : + LDFLAGS="$LDFLAGS -Wl,--nxcompat" +else + : +fi + + ;; + *) + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts -fPIE" >&5 +$as_echo_n "checking whether C compiler accepts -fPIE... " >&6; } +if ${ax_cv_check_cflags___fPIE+:} false; then : + $as_echo_n "(cached) " >&6 +else + + ax_check_save_flags=$CFLAGS + CFLAGS="$CFLAGS -fPIE" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ax_cv_check_cflags___fPIE=yes +else + ax_cv_check_cflags___fPIE=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + CFLAGS=$ax_check_save_flags +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ax_cv_check_cflags___fPIE" >&5 +$as_echo "$ax_cv_check_cflags___fPIE" >&6; } +if test x"$ax_cv_check_cflags___fPIE" = xyes; then : + CPPFLAGS="$CPPFLAGS -fPIE" +else + : +fi + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the linker accepts -pie" >&5 +$as_echo_n "checking whether the linker accepts -pie... " >&6; } +if ${ax_cv_check_ldflags___pie+:} false; then : + $as_echo_n "(cached) " >&6 +else + + ax_check_save_flags=$LDFLAGS + LDFLAGS="$LDFLAGS -pie" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + ax_cv_check_ldflags___pie=yes +else + ax_cv_check_ldflags___pie=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + LDFLAGS=$ax_check_save_flags +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ax_cv_check_ldflags___pie" >&5 +$as_echo "$ax_cv_check_ldflags___pie" >&6; } +if test x"$ax_cv_check_ldflags___pie" = xyes; then : + LDFLAGS="$LDFLAGS -pie" +else + : +fi + + ;; + esac + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the linker accepts -Wl,-z,relro" >&5 +$as_echo_n "checking whether the linker accepts -Wl,-z,relro... " >&6; } +if ${ax_cv_check_ldflags___Wl__z_relro+:} false; then : + $as_echo_n "(cached) " >&6 +else + + ax_check_save_flags=$LDFLAGS + LDFLAGS="$LDFLAGS -Wl,-z,relro" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + ax_cv_check_ldflags___Wl__z_relro=yes +else + ax_cv_check_ldflags___Wl__z_relro=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + LDFLAGS=$ax_check_save_flags +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ax_cv_check_ldflags___Wl__z_relro" >&5 +$as_echo "$ax_cv_check_ldflags___Wl__z_relro" >&6; } +if test x"$ax_cv_check_ldflags___Wl__z_relro" = xyes; then : + LDFLAGS="$LDFLAGS -Wl,-z,relro" +else + : +fi + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the linker accepts -Wl,-z,now" >&5 +$as_echo_n "checking whether the linker accepts -Wl,-z,now... " >&6; } +if ${ax_cv_check_ldflags___Wl__z_now+:} false; then : + $as_echo_n "(cached) " >&6 +else + + ax_check_save_flags=$LDFLAGS + LDFLAGS="$LDFLAGS -Wl,-z,now" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + ax_cv_check_ldflags___Wl__z_now=yes +else + ax_cv_check_ldflags___Wl__z_now=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + LDFLAGS=$ax_check_save_flags +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ax_cv_check_ldflags___Wl__z_now" >&5 +$as_echo "$ax_cv_check_ldflags___Wl__z_now" >&6; } +if test x"$ax_cv_check_ldflags___Wl__z_now" = xyes; then : + LDFLAGS="$LDFLAGS -Wl,-z,now" +else + : +fi + + + +fi; + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ANSI C header files" >&5 $as_echo_n "checking for ANSI C header files... " >&6; } if ${ac_cv_header_stdc+:} false; then : @@ -5394,7 +5644,7 @@ fi done -for ac_header in netinet/if_ether.h netinet/ip.h netinet/ip6.h +for ac_header in netinet/if_ether.h netinet/ip.h netinet/ip6.h resolv.h do : as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` ac_fn_c_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" "#include \"src/have.h\" @@ -6062,6 +6312,69 @@ cat >>confdefs.h <<_ACEOF _ACEOF +ac_fn_c_check_decl "$LINENO" "res_init" "ac_cv_have_decl_res_init" " + #include + #include + +" +if test "x$ac_cv_have_decl_res_init" = xyes; then : + ac_have_decl=1 +else + ac_have_decl=0 +fi + +cat >>confdefs.h <<_ACEOF +#define HAVE_DECL_RES_INIT $ac_have_decl +_ACEOF +if test $ac_have_decl = 1; then : + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for res_init in -lresolv" >&5 +$as_echo_n "checking for res_init in -lresolv... " >&6; } +if ${ac_cv_lib_resolv_res_init+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-lresolv $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char res_init (); +int +main () +{ +return res_init (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + ac_cv_lib_resolv_res_init=yes +else + ac_cv_lib_resolv_res_init=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_resolv_res_init" >&5 +$as_echo "$ac_cv_lib_resolv_res_init" >&6; } +if test "x$ac_cv_lib_resolv_res_init" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_LIBRESOLV 1 +_ACEOF + + LIBS="-lresolv $LIBS" + +fi + +fi + + cat >confcache <<\_ACEOF # This file is a shell script that caches the results of configure # tests run on this system so they can be shared between configure @@ -6206,7 +6519,46 @@ fi done - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for initscr in -lcurses" >&5 + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for initscr in -lncurses" >&5 +$as_echo_n "checking for initscr in -lncurses... " >&6; } +if ${ac_cv_lib_ncurses_initscr+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-lncurses $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char initscr (); +int +main () +{ +return initscr (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + ac_cv_lib_ncurses_initscr=yes +else + ac_cv_lib_ncurses_initscr=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_ncurses_initscr" >&5 +$as_echo "$ac_cv_lib_ncurses_initscr" >&6; } +if test "x$ac_cv_lib_ncurses_initscr" = xyes; then : + CURSES_LIBS="-lncurses" +else + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for initscr in -lcurses" >&5 $as_echo_n "checking for initscr in -lcurses... " >&6; } if ${ac_cv_lib_curses_initscr+:} false; then : $as_echo_n "(cached) " >&6 @@ -6250,6 +6602,9 @@ else fi +fi + + fi @@ -6638,221 +6993,95 @@ done fi -if test "$with_libgcrypt" = yes; then +if test -n "$with_libgcrypt"; then gcrypt=true -# Check whether --with-libgcrypt-prefix was given. -if test "${with_libgcrypt_prefix+set}" = set; then : - withval=$with_libgcrypt_prefix; libgcrypt_config_prefix="$withval" -else - libgcrypt_config_prefix="" + +# Check whether --with-libgcrypt was given. +if test "${with_libgcrypt+set}" = set; then : + withval=$with_libgcrypt; libgcrypt="$withval" + CPPFLAGS="$CPPFLAGS -I$withval/include" + LDFLAGS="$LDFLAGS -L$withval/lib" + fi - if test x$libgcrypt_config_prefix != x ; then - if test x${LIBGCRYPT_CONFIG+set} != xset ; then - LIBGCRYPT_CONFIG=$libgcrypt_config_prefix/bin/libgcrypt-config - fi - fi - if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}libgcrypt-config", so it can be a program name with args. -set dummy ${ac_tool_prefix}libgcrypt-config; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_path_LIBGCRYPT_CONFIG+:} false; then : + +# Check whether --with-libgcrypt-include was given. +if test "${with_libgcrypt_include+set}" = set; then : + withval=$with_libgcrypt_include; libgcrypt_include="$withval" + CPPFLAGS="$CPPFLAGS -I$withval" + +fi + + + +# Check whether --with-libgcrypt-lib was given. +if test "${with_libgcrypt_lib+set}" = set; then : + withval=$with_libgcrypt_lib; libgcrypt_lib="$withval" + LDFLAGS="$LDFLAGS -L$withval" + +fi + + + for ac_header in gcrypt.h +do : + ac_fn_c_check_header_mongrel "$LINENO" "gcrypt.h" "ac_cv_header_gcrypt_h" "$ac_includes_default" +if test "x$ac_cv_header_gcrypt_h" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_GCRYPT_H 1 +_ACEOF + +else + as_fn_error $? "libgcrypt header files not found." "$LINENO" 5; break + +fi + +done + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for gcry_cipher_encrypt in -lgcrypt" >&5 +$as_echo_n "checking for gcry_cipher_encrypt in -lgcrypt... " >&6; } +if ${ac_cv_lib_gcrypt_gcry_cipher_encrypt+:} false; then : $as_echo_n "(cached) " >&6 else - case $LIBGCRYPT_CONFIG in - [\\/]* | ?:[\\/]*) - ac_cv_path_LIBGCRYPT_CONFIG="$LIBGCRYPT_CONFIG" # Let the user override the test with a path. - ;; - *) - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_path_LIBGCRYPT_CONFIG="$as_dir/$ac_word$ac_exec_ext" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS + ac_check_lib_save_LIBS=$LIBS +LIBS="-lgcrypt $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ - ;; -esac -fi -LIBGCRYPT_CONFIG=$ac_cv_path_LIBGCRYPT_CONFIG -if test -n "$LIBGCRYPT_CONFIG"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $LIBGCRYPT_CONFIG" >&5 -$as_echo "$LIBGCRYPT_CONFIG" >&6; } +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char gcry_cipher_encrypt (); +int +main () +{ +return gcry_cipher_encrypt (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + ac_cv_lib_gcrypt_gcry_cipher_encrypt=yes else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } + ac_cv_lib_gcrypt_gcry_cipher_encrypt=no fi - - +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS fi -if test -z "$ac_cv_path_LIBGCRYPT_CONFIG"; then - ac_pt_LIBGCRYPT_CONFIG=$LIBGCRYPT_CONFIG - # Extract the first word of "libgcrypt-config", so it can be a program name with args. -set dummy libgcrypt-config; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_path_ac_pt_LIBGCRYPT_CONFIG+:} false; then : - $as_echo_n "(cached) " >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_gcrypt_gcry_cipher_encrypt" >&5 +$as_echo "$ac_cv_lib_gcrypt_gcry_cipher_encrypt" >&6; } +if test "x$ac_cv_lib_gcrypt_gcry_cipher_encrypt" = xyes; then : + LIBS="-lgcrypt $LIBS" else - case $ac_pt_LIBGCRYPT_CONFIG in - [\\/]* | ?:[\\/]*) - ac_cv_path_ac_pt_LIBGCRYPT_CONFIG="$ac_pt_LIBGCRYPT_CONFIG" # Let the user override the test with a path. - ;; - *) - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_path_ac_pt_LIBGCRYPT_CONFIG="$as_dir/$ac_word$ac_exec_ext" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS + as_fn_error $? "libgcrypt libraries not found." "$LINENO" 5 - ;; -esac fi -ac_pt_LIBGCRYPT_CONFIG=$ac_cv_path_ac_pt_LIBGCRYPT_CONFIG -if test -n "$ac_pt_LIBGCRYPT_CONFIG"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_pt_LIBGCRYPT_CONFIG" >&5 -$as_echo "$ac_pt_LIBGCRYPT_CONFIG" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - if test "x$ac_pt_LIBGCRYPT_CONFIG" = x; then - LIBGCRYPT_CONFIG="no" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 -$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} -ac_tool_warned=yes ;; -esac - LIBGCRYPT_CONFIG=$ac_pt_LIBGCRYPT_CONFIG - fi -else - LIBGCRYPT_CONFIG="$ac_cv_path_LIBGCRYPT_CONFIG" -fi - - tmp=1.4.0 - if echo "$tmp" | grep ':' >/dev/null 2>/dev/null ; then - req_libgcrypt_api=`echo "$tmp" | sed 's/\(.*\):\(.*\)/\1/'` - min_libgcrypt_version=`echo "$tmp" | sed 's/\(.*\):\(.*\)/\2/'` - else - req_libgcrypt_api=0 - min_libgcrypt_version="$tmp" - fi - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for LIBGCRYPT - version >= $min_libgcrypt_version" >&5 -$as_echo_n "checking for LIBGCRYPT - version >= $min_libgcrypt_version... " >&6; } - ok=no - if test "$LIBGCRYPT_CONFIG" != "no" ; then - req_major=`echo $min_libgcrypt_version | \ - sed 's/\([0-9]*\)\.\([0-9]*\)\.\([0-9]*\)/\1/'` - req_minor=`echo $min_libgcrypt_version | \ - sed 's/\([0-9]*\)\.\([0-9]*\)\.\([0-9]*\)/\2/'` - req_micro=`echo $min_libgcrypt_version | \ - sed 's/\([0-9]*\)\.\([0-9]*\)\.\([0-9]*\)/\3/'` - libgcrypt_config_version=`$LIBGCRYPT_CONFIG --version` - major=`echo $libgcrypt_config_version | \ - sed 's/\([0-9]*\)\.\([0-9]*\)\.\([0-9]*\).*/\1/'` - minor=`echo $libgcrypt_config_version | \ - sed 's/\([0-9]*\)\.\([0-9]*\)\.\([0-9]*\).*/\2/'` - micro=`echo $libgcrypt_config_version | \ - sed 's/\([0-9]*\)\.\([0-9]*\)\.\([0-9]*\).*/\3/'` - if test "$major" -gt "$req_major"; then - ok=yes - else - if test "$major" -eq "$req_major"; then - if test "$minor" -gt "$req_minor"; then - ok=yes - else - if test "$minor" -eq "$req_minor"; then - if test "$micro" -ge "$req_micro"; then - ok=yes - fi - fi - fi - fi - fi - fi - if test $ok = yes; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes ($libgcrypt_config_version)" >&5 -$as_echo "yes ($libgcrypt_config_version)" >&6; } - else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } - fi - if test $ok = yes; then - # If we have a recent libgcrypt, we should also check that the - # API is compatible - if test "$req_libgcrypt_api" -gt 0 ; then - tmp=`$LIBGCRYPT_CONFIG --api-version 2>/dev/null || echo 0` - if test "$tmp" -gt 0 ; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking LIBGCRYPT API version" >&5 -$as_echo_n "checking LIBGCRYPT API version... " >&6; } - if test "$req_libgcrypt_api" -eq "$tmp" ; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: okay" >&5 -$as_echo "okay" >&6; } - else - ok=no - { $as_echo "$as_me:${as_lineno-$LINENO}: result: does not match. want=$req_libgcrypt_api got=$tmp" >&5 -$as_echo "does not match. want=$req_libgcrypt_api got=$tmp" >&6; } - fi - fi - fi - fi - if test $ok = yes; then - LIBGCRYPT_CFLAGS=`$LIBGCRYPT_CONFIG --cflags` - LIBGCRYPT_LIBS=`$LIBGCRYPT_CONFIG --libs` - : - if test x"$host" != x ; then - libgcrypt_config_host=`$LIBGCRYPT_CONFIG --host 2>/dev/null || echo none` - if test x"$libgcrypt_config_host" != xnone ; then - if test x"$libgcrypt_config_host" != x"$host" ; then - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: -*** -*** The config script $LIBGCRYPT_CONFIG was -*** built for $libgcrypt_config_host and thus may not match the -*** used host $host. -*** You may want to use the configure option --with-libgcrypt-prefix -*** to specify a matching config script. -***" >&5 -$as_echo "$as_me: WARNING: -*** -*** The config script $LIBGCRYPT_CONFIG was -*** built for $libgcrypt_config_host and thus may not match the -*** used host $host. -*** You may want to use the configure option --with-libgcrypt-prefix -*** to specify a matching config script. -***" >&2;} - fi - fi - fi - else - LIBGCRYPT_CFLAGS="" - LIBGCRYPT_LIBS="" - : - fi - else @@ -6943,7 +7172,7 @@ if test "${with_openssl_lib+set}" = set; then : fi - for ac_header in openssl/evp.h openssl/rsa.h openssl/rand.h openssl/err.h openssl/sha.h openssl/pem.h openssl/engine.h openssl/ecdh.h openssl/ec.h + for ac_header in openssl/evp.h openssl/rsa.h openssl/rand.h openssl/err.h openssl/sha.h openssl/pem.h openssl/engine.h do : as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default" @@ -7004,7 +7233,7 @@ else fi - for ac_func in RAND_pseudo_bytes EVP_EncryptInit_ex ECDH_compute_key ECDSA_verify + for ac_func in RAND_status EVP_EncryptInit_ex do : as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" @@ -7023,6 +7252,15 @@ done " if test "x$ac_cv_have_decl_OpenSSL_add_all_algorithms" = xyes; then : + ac_have_decl=1 +else + ac_have_decl=0 +fi + +cat >>confdefs.h <<_ACEOF +#define HAVE_DECL_OPENSSL_ADD_ALL_ALGORITHMS $ac_have_decl +_ACEOF +if test $ac_have_decl = 1; then : else as_fn_error $? "Missing OpenSSL functionality, make sure you have installed the latest version." "$LINENO" 5; break @@ -7039,7 +7277,7 @@ else OPENSSL_FALSE= fi - if test "$gcrypt" = true; then + if test -n "$gcrypt"; then GCRYPT_TRUE= GCRYPT_FALSE='#' else @@ -7633,7 +7871,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by tinc $as_me 1.1pre9, which was +This file was extended by tinc $as_me 1.1pre11, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -7699,7 +7937,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -tinc config.status 1.1pre9 +tinc config.status 1.1pre11 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" diff --git a/configure.ac b/configure.ac index 75456a0..6fd2621 100644 --- a/configure.ac +++ b/configure.ac @@ -1,7 +1,7 @@ dnl Process this file with autoconf to produce a configure script. AC_PREREQ(2.61) -AC_INIT([tinc], [1.1pre9]) +AC_INIT([tinc], [1.1pre11]) AC_CONFIG_SRCDIR([src/tincd.c]) AC_GNU_SOURCE AM_INIT_AUTOMAKE([check-news std-options subdir-objects -Wall]) @@ -18,7 +18,6 @@ AC_PROG_CC_C99 AC_PROG_CPP AC_PROG_INSTALL AC_PROG_LN_S -AC_PROG_RANLIB AM_PROG_CC_C_O @@ -109,7 +108,7 @@ AC_ARG_ENABLE(tunemu, ) AC_ARG_WITH(windows2000, - AS_HELP_STRING([--without-windows2000], [compile with support for Windows 2000. This disables support for tunneling over existing IPv6 networks.]), + AS_HELP_STRING([--with-windows2000], [compile with support for Windows 2000. This disables support for tunneling over existing IPv6 networks.]), [ AS_IF([test "x$with_windows2000" = "xyes"], [AC_DEFINE(WITH_WINDOWS2000, 1, [Compile with support for Windows 2000])]) ] @@ -133,6 +132,29 @@ if test -d /sw/lib ; then LIBS="$LIBS -L/sw/lib" fi +dnl Compiler hardening flags +dnl No -fstack-protector-all because it doesn't work on all platforms or architectures. + +AC_ARG_ENABLE([hardening], AS_HELP_STRING([--disable-hardening], [disable compiler and linker hardening flags])) +AS_IF([test "x$enable_hardening" != "xno"], + [AX_CHECK_COMPILE_FLAG([-DFORTIFY_SOURCE=2], [CPPFLAGS="$CPPFLAGS -DFORTIFY_SOURCE=2"]) + AX_CHECK_COMPILE_FLAG([-fno-strict-overflow], [CPPFLAGS="$CPPFLAGS -fno-strict-overflow"]) + AX_CHECK_COMPILE_FLAG([-fwrapv], [CPPFLAGS="$CPPFLAGS -fwrapv"]) + case $host_os in + *mingw*) + AX_CHECK_LINK_FLAG([-Wl,--dynamicbase], [LDFLAGS="$LDFLAGS -Wl,--dynamicbase"]) + AX_CHECK_LINK_FLAG([-Wl,--nxcompat], [LDFLAGS="$LDFLAGS -Wl,--nxcompat"]) + ;; + *) + AX_CHECK_COMPILE_FLAG([-fPIE], [CPPFLAGS="$CPPFLAGS -fPIE"]) + AX_CHECK_LINK_FLAG([-pie], [LDFLAGS="$LDFLAGS -pie"]) + ;; + esac + AX_CHECK_LINK_FLAG([-Wl,-z,relro], [LDFLAGS="$LDFLAGS -Wl,-z,relro"]) + AX_CHECK_LINK_FLAG([-Wl,-z,now], [LDFLAGS="$LDFLAGS -Wl,-z,now"]) + ] +); + dnl Checks for header files. dnl We do this in multiple stages, because unlike Linux all the other operating systems really suck and don't include their own dependencies. @@ -141,7 +163,7 @@ AC_CHECK_HEADERS([stdbool.h syslog.h sys/file.h sys/ioctl.h sys/mman.h sys/param AC_CHECK_HEADERS([net/if.h net/if_types.h linux/if_tun.h net/if_tun.h net/tun/if_tun.h net/if_tap.h net/tap/if_tap.h net/ethernet.h net/if_arp.h netinet/in_systm.h netinet/in.h netinet/in6.h time.h netpacket/packet.h], [], [], [#include "src/have.h"] ) -AC_CHECK_HEADERS([netinet/if_ether.h netinet/ip.h netinet/ip6.h], +AC_CHECK_HEADERS([netinet/if_ether.h netinet/ip.h netinet/ip6.h resolv.h], [], [], [#include "src/have.h"] ) AC_CHECK_HEADERS([netinet/tcp.h netinet/ip_icmp.h netinet/icmp6.h], @@ -182,6 +204,11 @@ AC_CHECK_DECLS([freeaddrinfo, gai_strerror, getaddrinfo, getnameinfo], [], [], [#include "src/have.h"] ) +AC_CHECK_DECLS([res_init], [AC_CHECK_LIB(resolv, res_init)], [], [ + #include + #include +]) + AC_CACHE_SAVE dnl These are defined in files in m4/ @@ -193,20 +220,20 @@ tinc_READLINE tinc_ZLIB tinc_LZO -if test "$with_libgcrypt" = yes; then +if test -n "$with_libgcrypt"; then gcrypt=true - AM_PATH_LIBGCRYPT([1.4.0], [], []) + tinc_LIBGCRYPT else openssl=true tinc_OPENSSL fi AM_CONDITIONAL(OPENSSL, test -n "$openssl") -AM_CONDITIONAL(GCRYPT, test "$gcrypt" = true) +AM_CONDITIONAL(GCRYPT, test -n "$gcrypt") -dnl Check if support for jumbograms is requested +dnl Check if support for jumbograms is requested AC_ARG_ENABLE(jumbograms, - AS_HELP_STRING([--disable-jumbograms], [enable support for jumbograms (packets up to 9000 bytes)]), + AS_HELP_STRING([--enable-jumbograms], [enable support for jumbograms (packets up to 9000 bytes)]), [ AS_IF([test "x$enable_jumbograms" = "xyes"], [ AC_DEFINE(ENABLE_JUMBOGRAMS, 1, [Support for jumbograms (packets up to 9000 bytes)]) ]) ] diff --git a/doc/Makefile.in b/doc/Makefile.in index 352e921..db0d219 100644 --- a/doc/Makefile.in +++ b/doc/Makefile.in @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.14 from Makefile.am. +# Makefile.in generated by automake 1.14.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994-2013 Free Software Foundation, Inc. @@ -80,9 +80,12 @@ subdir = doc DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am texinfo.tex ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/m4/attribute.m4 \ - $(top_srcdir)/m4/curses.m4 $(top_srcdir)/m4/lzo.m4 \ - $(top_srcdir)/m4/openssl.m4 $(top_srcdir)/m4/readline.m4 \ - $(top_srcdir)/m4/zlib.m4 $(top_srcdir)/configure.ac + $(top_srcdir)/m4/ax_check_compile_flag.m4 \ + $(top_srcdir)/m4/ax_check_link_flag.m4 \ + $(top_srcdir)/m4/curses.m4 $(top_srcdir)/m4/libgcrypt.m4 \ + $(top_srcdir)/m4/lzo.m4 $(top_srcdir)/m4/openssl.m4 \ + $(top_srcdir)/m4/readline.m4 $(top_srcdir)/m4/zlib.m4 \ + $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d @@ -216,9 +219,6 @@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ LDFLAGS = @LDFLAGS@ -LIBGCRYPT_CFLAGS = @LIBGCRYPT_CFLAGS@ -LIBGCRYPT_CONFIG = @LIBGCRYPT_CONFIG@ -LIBGCRYPT_LIBS = @LIBGCRYPT_LIBS@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LN_S = @LN_S@ @@ -234,7 +234,6 @@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ -RANLIB = @RANLIB@ READLINE_LIBS = @READLINE_LIBS@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ diff --git a/doc/tinc.8.in b/doc/tinc.8.in index ebf9df1..bb56386 100644 --- a/doc/tinc.8.in +++ b/doc/tinc.8.in @@ -1,4 +1,4 @@ -.Dd 2013-01-15 +.Dd 2014-01-16 .Dt TINCCTL 8 .\" Manual page created by: .\" Scott Lamb @@ -13,14 +13,36 @@ .Op Fl -pidfile Ns = Ns Ar FILENAME .Op Fl -help .Op Fl -version -.Ar COMMAND +.Op Ar COMMAND .Sh DESCRIPTION This is the control program of tinc, a secure virtual private network (VPN) project. .Nm -communicates with -.Xr tincd 8 -to alter and inspect the running VPN's state. +can start and stop +.Xr tincd 8 , +and can to alter and inspect the state of a running VPN. +It can also be used to change the configuration, +or to import or export host configuration files from other nodes. + +If +.Nm +is started with a +.Ar COMMAND , +this command is immediately executed, after which +.Nm +exits. +If no +.Ar COMMAND +is given, +.Nm +will act as a shell; +it will display a prompt, and commands can be entered on the prompt. +If +.Nm +is compiled with libreadline, history and command completion are available on the prompt. +One can also pipe a script containing commands through +.Nm . +In that case, lines starting with a # symbol will be ignored. .Sh OPTIONS .Bl -tag -width indent .It Fl n, -net Ns = Ns Ar NETNAME @@ -47,7 +69,7 @@ option, the value of this environment variable is used. .Sh COMMANDS .Bl -tag -width indent .It init Op Ar name -Create initial configuration files and RSA and ECDSA keypairs with default length. +Create initial configuration files and RSA and Ed25519 keypairs with default length. If no .Ar name for this node is given, it will be asked for. @@ -120,9 +142,9 @@ will be made. Shows the PID of the currently running .Xr tincd 8 . .It generate-keys Op bits -Generate both RSA and ECDSA keypairs (see below) and exit. -.It generate-ecdsa-keys -Generate public/private ECDSA keypair and exit. +Generate both RSA and Ed25519 keypairs (see below) and exit. +.It generate-ed25519-keys +Generate public/private Ed25519 keypair and exit. .It generate-rsa-keys Op bits Generate public/private RSA keypair and exit. If @@ -188,6 +210,11 @@ format to standard output, from where it can be redirected to a file or piped through a program that can parse it directly, such as .Xr tcpdump 8 . +.It network Op Ar netname +If +.Ar netname +is given, switch to that network. +Otherwise, display a list of all networks for which configuration files exist. .El .Sh EXAMPLES Examples of some commands: @@ -197,7 +224,7 @@ tinc -n vpn pcap | tcpdump -r - tinc -n vpn top .Pp .Ed -Example of configuring tinc using +Examples of changing the configuration using .Nm : .Bd -literal -offset indent tinc -n vpn init foo diff --git a/doc/tinc.conf.5.in b/doc/tinc.conf.5.in index 1d5aa4e..9d9bf76 100644 --- a/doc/tinc.conf.5.in +++ b/doc/tinc.conf.5.in @@ -1,4 +1,4 @@ -.Dd 2013-01-14 +.Dd 2014-01-29 .Dt TINC.CONF 5 .\" Manual page created by: .\" Ivo Timmermans @@ -64,20 +64,20 @@ or by using .Sh PUBLIC/PRIVATE KEYS The .Nm tinc Li init -command will have generated both RSA and ECDSA public/private keypairs. +command will have generated both RSA and Ed25519 public/private keypairs. The private keys should be stored in files named .Pa rsa_key.priv and -.Pa ecdsa_key.priv +.Pa ed25519_key.priv in the directory .Pa @sysconfdir@/tinc/ Ns Ar NETNAME Ns Pa / The public keys should be stored in the host configuration file .Pa @sysconfdir@/tinc/ Ns Ar NETNAME Ns Pa /hosts/ Ns Va NAME . The RSA keys are used for backwards compatibility with tinc version 1.0. If you are upgrading from version 1.0 to 1.1, you can keep the old configuration files, -but you will need to create ECDSA keys using the following command: +but you will need to create Ed25519 keys using the following command: .Bd -literal -offset indent -.Nm tinc Fl n Ar NETNAME Li generate-ecdsa-keys +.Nm tinc Fl n Ar NETNAME Li generate-ed25519-keys .Ed .Sh SERVER CONFIGURATION The server configuration of the daemon is done in the file @@ -114,33 +114,24 @@ If .Qq any is selected, then depending on the operating system both IPv4 and IPv6 or just IPv6 listening sockets will be created. -.It Va AutoConnect Li = Ar count Po 0 Pc Bq experimental -If set to a non-zero value, -.Nm -will try to only have -.Ar count -meta connections to other nodes, -by automatically making or breaking connections to known nodes. -Higher values increase redundancy but also increase meta data overhead. -When using this option, a good value is 3. -.It Va BindToAddress Li = Ar address Op Ar port -If your computer has more than one IPv4 or IPv6 address, +.It Va AutoConnect Li = yes | no Po no Pc Bq experimental +If set to yes, .Nm tinc -will by default listen on all of them for incoming connections. -Multiple -.Va BindToAddress -variables may be specified, -in which case listening sockets for each specified address are made. +will automatically set up meta connections to other nodes, +without requiring +.Va ConnectTo +variables. .Pp -If no -.Ar port -is specified, the socket will be bound to the port specified by the -.Va Port -option, or to port 655 if neither is given. -To only bind to a specific port but not to a specific address, use -.Li * -for the -.Ar address . +Note: it is not possible to connect to nodes using zero (system-assigned) ports in this way. +.It Va BindToAddress Li = Ar address Op Ar port +This is the same as +.Va ListenAddress , +however the address given with the +.Va BindToAddress +option will also be used for outgoing connections. This is useful if your +computer has more than one IPv4 or IPv6 address, and you want +.Nm tinc +to only use a specific one for outgoing packets. .It Va BindToInterface Li = Ar interface Bq experimental If your computer has more than one network interface, .Nm tinc @@ -166,6 +157,13 @@ Broadcast packets are sent directly to all nodes that can be reached directly. Broadcast packets received from other nodes are never forwarded. If the IndirectData option is also set, broadcast packets will only be sent to nodes which we have a meta connection to. .El +.It Va BroadcastSubnet Li = Ar address Ns Op Li / Ns Ar prefixlength +Declares a broadcast subnet. Any packet with a destination address falling into such a subnet will be routed as a broadcast (provided all nodes have it declared). +This is most useful to declare subnet broadcast addresses (e.g. 10.42.255.255), otherwise +.Nm tinc +won't know what to do with them. +.Pp +Note that global broadcast addresses (MAC ff:ff:ff:ff:ff:ff, IPv4 255.255.255.255), as well as multicast space (IPv4 224.0.0.0/4, IPv6 ff00::/8) are always considered broadcast addresses and don't need to be declared. .It Va ConnectTo Li = Ar name Specifies which other tinc daemon to connect to on startup. Multiple @@ -178,7 +176,9 @@ The names should be known to this tinc daemon line). .Pp If you don't specify a host with -.Va ConnectTo , +.Va ConnectTo +and don't enable +.Va AutoConnect , .Nm tinc won't try to connect to other daemons at all, and will instead just listen for incoming connections. @@ -202,6 +202,13 @@ instead of .Va Device . The info pages of the tinc package contain more information about configuring the virtual network device. +.It Va DeviceStandby Li = yes | no Po no Pc +When disabled, +.Nm tinc +calls tinc-up on startup, and tinc-down on shutdown. When enabled, +.Nm tinc +will only call tinc-up when at least one node is reachable, and will call tinc-down as soon as no nodes are reachable. +On Windows, this also determines when the virtual network interface "cable" is "plugged". .It Va DeviceType Li = Ar type Pq platform dependent The type of the virtual network device. Tinc will normally automatically select the right type of tun/tap interface, and this option should not be used. @@ -269,17 +276,17 @@ When this option is enabled, packets that cannot be sent directly to the destina but which would have to be forwarded by an intermediate node, are dropped instead. When combined with the IndirectData option, packets for nodes for which we do not have a meta connection with are also dropped. -.It Va ECDSAPrivateKeyFile Li = Ar filename Po Pa @sysconfdir@/tinc/ Ns Ar NETNAME Ns Pa /ecdsa_key.priv Pc -The file in which the private ECDSA key of this tinc daemon resides. +.It Va Ed25519PrivateKeyFile Li = Ar filename Po Pa @sysconfdir@/tinc/ Ns Ar NETNAME Ns Pa /ed25519_key.priv Pc +The file in which the private Ed25519 key of this tinc daemon resides. This is only used if .Va ExperimentalProtocol is enabled. .It Va ExperimentalProtocol Li = yes | no Pq yes When this option is enabled, the SPTPS protocol will be used when connecting to nodes that also support it. Ephemeral ECDH will be used for key exchanges, -and ECDSA will be used instead of RSA for authentication. -When enabled, an ECDSA key must have been generated before with -.Nm tinc generate-ecdsa-keys . +and Ed25519 will be used instead of RSA for authentication. +When enabled, an Ed25519 key must have been generated before with +.Nm tinc generate-ed25519-keys . .It Va Forwarding Li = off | internal | kernel Po internal Pc Bq experimental This option selects the way indirect packets are forwarded. .Bl -tag -width indent @@ -316,7 +323,34 @@ this variable is almost always already correctly set. This option controls the period the encryption keys used to encrypt the data are valid. It is common practice to change keys at regular intervals to make it even harder for crackers, even though it is thought to be nearly impossible to crack a single key. -.It Va LocalDiscovery Li = yes | no Pq no +.It Va ListenAddress Li = Ar address Op Ar port +If your computer has more than one IPv4 or IPv6 address, +.Nm tinc +will by default listen on all of them for incoming connections. +This option can be used to restrict which addresses tinc listens on. +Multiple +.Va ListenAddress +variables may be specified, +in which case listening sockets for each specified address are made. +.Pp +If no +.Ar port +is specified, the socket will listen on the port specified by the +.Va Port +option, or to port 655 if neither is given. +To only listen on a specific port but not on a specific address, use +.Li * +for the +.Ar address . +.Pp +If +.Ar port +is set to zero, it will be randomly assigned by the system. This is useful to randomize source ports of UDP packets, which can improve UDP hole punching reliability. In this case it is recommended to set +.Va AddressFamily +as well, otherwise +.Nm tinc +will assign different ports to different address families but other nodes can only know of one. +.It Va LocalDiscovery Li = yes | no Pq yes When enabled, .Nm tinc will try to detect peers that are on the same local network. @@ -324,11 +358,7 @@ This will allow direct communication using LAN addresses, even if both peers are and they only ConnectTo a third node outside the NAT, which normally would prevent the peers from learning each other's LAN address. .Pp -Currently, local discovery is implemented by sending broadcast packets to the LAN during path MTU discovery. -This feature may not work in all possible situations. -.It Va LocalDiscoveryAddress Li = Ar address -If this variable is specified, local discovery packets are sent to the given -.Ar address . +Currently, local discovery is implemented by sending some packets to the local address of the node during path MTU discovery. This will not work with old nodes that don't transmit their local address. .It Va MACExpire Li = Ar seconds Pq 600 This option controls the amount of time MAC addresses are kept before they are removed. This only has effect when @@ -367,7 +397,8 @@ while no routing table is managed. .It Va Name Li = Ar name Bq required This is the name which identifies this tinc daemon. It must be unique for the virtual private network this daemon will connect to. -The Name may only consist of alphanumeric and underscore characters (a-z, A-Z, 0-9 and _), and is case sensitive. +.Va Name +may only consist of alphanumeric and underscore characters (a-z, A-Z, 0-9 and _), and is case sensitive. If .Va Name starts with a @@ -436,17 +467,18 @@ are available. .It Va ReplayWindow Li = Ar bytes Pq 16 This is the size of the replay tracking window for each remote node, in bytes. The window is a bitfield which tracks 1 packet per bit, so for example -the default setting of 16 will track up to 128 packets in the window. In high +the default setting of 16 will track up to 128 packets in the window. In high bandwidth scenarios, setting this to a higher value can reduce packet loss from the interaction of replay tracking with underlying real packet loss and/or -reordering. Setting this to zero will disable replay tracking completely and +reordering. Setting this to zero will disable replay tracking completely and pass all traffic, but leaves tinc vulnerable to replay-based attacks on your traffic. .It Va StrictSubnets Li = yes | no Po no Pc Bq experimental When this option is enabled tinc will only use Subnet statements which are present in the host config files in the local .Pa @sysconfdir@/tinc/ Ns Ar NETNAME Ns Pa /hosts/ -directory. +directory. Subnets learned via connections to other nodes and which are not +present in the local host config files are ignored. .It Va TunnelServer Li = yes | no Po no Pc Bq experimental When this option is enabled tinc will no longer forward information between other tinc daemons, and will only allow connections with nodes for which host config files are present in the local @@ -507,8 +539,8 @@ will turn off packet authentication. This option has no effect for connections between nodes using .Va ExperimentalProtocol . .It Va IndirectData Li = yes | no Pq no -When set to yes, other nodes which do not already have a meta connection to you -will not try to establish direct communication with you. +When set to yes, only nodes which already have a meta connection to you +will try to establish direct communication with you. It is best to leave this option out or set it to no. .It Va MACLength Li = Ar length Pq 4 The length of the message authentication code used to authenticate UDP packets. @@ -527,6 +559,14 @@ The port number on which this tinc daemon is listening for incoming connections, which is used if no port number is specified in an .Va Address statement. +.Pp +If this is set to zero, the port will be randomly assigned by the system. This is useful to randomize source ports of UDP packets, which can improve UDP hole punching reliability. When setting +.Va Port +to zero it is recommended to set +.Va AddressFamily +as well, otherwise +.Nm tinc +will assign different ports to different address families but other nodes can only know of one. .It Va PublicKey Li = Ar key Bq obsolete The public RSA key of this tinc daemon. It will be used to cryptographically verify it's identity and to set up a secure connection. @@ -561,7 +601,7 @@ IPv6 subnets are notated like fec0:0:0:1::/64. MAC addresses are notated like 0:1a:2b:3c:4d:5e. .Pp A Subnet can be given a weight to indicate its priority over identical Subnets -owned by different nodes. The default weight is 10. Lower values indicate +owned by different nodes. The default weight is 10. Lower values indicate higher priority. Packets will be sent to the node with the highest priority, unless that node is not reachable, in which case the node with the next highest priority will be tried, and so on. @@ -575,6 +615,12 @@ Setting this options also implicitly sets IndirectData. .Pp Since version 1.0.10, tinc will automatically detect whether communication via UDP is possible or not. +.It Va Weight Li = Ar weight +If this variable is set, it overrides the weight given to connections made with +another host. A higher +.Ar weight +means a lower priority is given to this connection when broadcasting or +forwarding packets. .El .Sh SCRIPTS Apart from reading the server and host configuration files, @@ -586,12 +632,16 @@ or .Bl -tag -width indent .It Pa @sysconfdir@/tinc/ Ns Ar NETNAME Ns Pa /tinc-up This is the most important script. -If it is present it will be executed right after the tinc daemon has been started and has connected to the virtual network device. +If it is present it will be executed right after the tinc daemon has been started and has connected to the virtual network device (or when the first node becomes reachable if +.Va DeviceStandby +is used). It should be used to set up the corresponding network interface, but can also be used to start other things. Under Windows you can use the Network Connections control panel instead of creating this script. .It Pa @sysconfdir@/tinc/ Ns Ar NETNAME Ns Pa /tinc-down -This script is started right before the tinc daemon quits. +This script is started right before the tinc daemon quits (or when the last node becomes unreachable if +.Va DeviceStandby +is used). .It Pa @sysconfdir@/tinc/ Ns Ar NETNAME Ns Pa /hosts/ Ns Ar HOST Ns Pa -up This script is started when the tinc daemon with name .Ar HOST @@ -668,6 +718,8 @@ The top directory for configuration files. .It Pa @sysconfdir@/tinc/ Ns Ar NETNAME Ns Pa /tinc.conf The default name of the server configuration file for net .Ar NETNAME . +.It Pa @sysconfdir@/tinc/ Ns Ar NETNAME Ns Pa /conf.d/ +Optional directory from which any .conf file will be loaded .It Pa @sysconfdir@/tinc/ Ns Ar NETNAME Ns Pa /hosts/ Host configuration files are kept in this directory. .It Pa @sysconfdir@/tinc/ Ns Ar NETNAME Ns Pa /tinc-up diff --git a/doc/tinc.info b/doc/tinc.info index 9763256..d294c78 100644 --- a/doc/tinc.info +++ b/doc/tinc.info @@ -1,14 +1,14 @@ -This is tinc.info, produced by makeinfo version 5.1 from tinc.texi. +This is tinc.info, produced by makeinfo version 5.2 from tinc.texi. INFO-DIR-SECTION Networking tools START-INFO-DIR-ENTRY * tinc: (tinc). The tinc Manual. END-INFO-DIR-ENTRY -This is the info manual for tinc version 1.1pre9, a Virtual Private +This is the info manual for tinc version 1.1pre10, a Virtual Private Network daemon. - Copyright (C) 1998-2013 Ivo Timmermans, Guus Sliepen + Copyright (C) 1998-2014 Ivo Timmermans, Guus Sliepen and Wessel Dankers . Permission is granted to make and distribute verbatim copies of this @@ -286,9 +286,9 @@ File: tinc.info, Node: Libraries, Prev: Configuring the kernel, Up: Preparati ============= Before you can configure or build tinc, you need to have the OpenSSL, -zlib and lzo libraries installed on your system. If you try to -configure tinc without having them installed, configure will give you an -error message, and stop. +zlib, lzo, curses and readline libraries installed on your system. If +you try to configure tinc without having them installed, configure will +give you an error message, and stop. * Menu: @@ -724,6 +724,9 @@ The actual configuration of the daemon is done in the file '/etc/tinc/NETNAME/tinc.conf' and at least one other file in the directory '/etc/tinc/NETNAME/hosts/'. +An optionnal directory '/etc/tinc/NETNAME/conf.d' can be added from +which any .conf file will be read. + These file consists of comments (lines started with a #) or assignments in the form of @@ -767,23 +770,16 @@ AddressFamily = (any) system both IPv4 and IPv6 or just IPv6 listening sockets will be created. -AutoConnect = (0) [experimental] - If set to a non-zero value, tinc will try to only have count meta - connections to other nodes, by automatically making or breaking - connections to known nodes. Higher values increase redundancy but - also increase meta data overhead. When using this option, a good - value is 3. +AutoConnect = (no) [experimental] + If set to yes, tinc will automatically set up meta connections to + other nodes, without requiring CONNECTTO variables. BindToAddress =
[] - If your computer has more than one IPv4 or IPv6 address, tinc will - by default listen on all of them for incoming connections. - Multiple BindToAddress variables may be specified, in which case - listening sockets for each specified address are made. - - If no PORT is specified, the socket will be bound to the port - specified by the Port option, or to port 655 if neither is given. - To only bind to a specific port but not to a specific address, use - "*" for the ADDRESS. + This is the same as ListenAddress, however the address given with + the BindToAddress option will also be used for outgoing + connections. This is useful if your computer has more than one + IPv4 or IPv6 address, and you want tinc to only use a specific one + for outgoing packets. BindToInterface = [experimental] If you have more than one network interface in your computer, tinc @@ -815,6 +811,18 @@ Broadcast = (mst) [experimental] broadcast packets will only be sent to nodes which we have a meta connection to. +BroadcastSubnet = ADDRESS[/PREFIXLENGTH] + Declares a broadcast subnet. Any packet with a destination address + falling into such a subnet will be routed as a broadcast (provided + all nodes have it declared). This is most useful to declare subnet + broadcast addresses (e.g. 10.42.255.255), otherwise tinc won't + know what to do with them. + + Note that global broadcast addresses (MAC ff:ff:ff:ff:ff:ff, IPv4 + 255.255.255.255), as well as multicast space (IPv4 224.0.0.0/4, + IPv6 ff00::/8) are always considered broadcast addresses and don't + need to be declared. + ConnectTo = Specifies which other tinc daemon to connect to on startup. Multiple ConnectTo variables may be specified, in which case @@ -822,9 +830,9 @@ ConnectTo = names should be known to this tinc daemon (i.e., there should be a host configuration file for the name on the ConnectTo line). - If you don't specify a host with ConnectTo, tinc won't try to - connect to other daemons at all, and will instead just listen for - incoming connections. + If you don't specify a host with ConnectTo and don't enable + AutoConnect, tinc won't try to connect to other daemons at all, and + will instead just listen for incoming connections. DecrementTTL = (no) [experimental] When enabled, tinc will decrement the Time To Live field in IPv4 @@ -842,6 +850,13 @@ Device = ('/dev/tap0', '/dev/net/tun' or other depending on platform) that you can only use one device per daemon. See also *note Device files::. +DeviceStandby = (no) + When disabled, tinc calls 'tinc-up' on startup, and 'tinc-down' on + shutdown. When enabled, tinc will only call 'tinc-up' when at + least one node is reachable, and will call 'tinc-down' as soon as + no nodes are reachable. On Windows, this also determines when the + virtual network interface "cable" is "plugged". + DeviceType = (platform dependent) The type of the virtual network device. Tinc will normally automatically select the right type of tun/tap interface, and this @@ -914,16 +929,16 @@ DirectOnly = (no) [experimental] IndirectData option, packets for nodes for which we do not have a meta connection with are also dropped. -ECDSAPrivateKeyFile = ('/etc/tinc/NETNAME/ecdsa_key.priv') - The file in which the private ECDSA key of this tinc daemon +Ed25519PrivateKeyFile = ('/etc/tinc/NETNAME/ed25519_key.priv') + The file in which the private Ed25519 key of this tinc daemon resides. This is only used if ExperimentalProtocol is enabled. ExperimentalProtocol = (yes) When this option is enabled, the SPTPS protocol will be used when connecting to nodes that also support it. Ephemeral ECDH will be - used for key exchanges, and ECDSA will be used instead of RSA for - authentication. When enabled, an ECDSA key must have been - generated before with 'tinc generate-ecdsa-keys'. + used for key exchanges, and Ed25519 will be used instead of RSA for + authentication. When enabled, an Ed25519 key must have been + generated before with 'tinc generate-ed25519-keys'. Forwarding = (internal) [experimental] This option selects the way indirect packets are forwarded. @@ -964,6 +979,18 @@ Interface = interface will be used. If you specified a Device, this variable is almost always already correctly set. +ListenAddress =
[] + If your computer has more than one IPv4 or IPv6 address, tinc will + by default listen on all of them for incoming connections. This + option can be used to restrict which addresses tinc listens on. + Multiple ListenAddress variables may be specified, in which case + listening sockets for each specified address are made. + + If no PORT is specified, the socket will listen on the port + specified by the Port option, or to port 655 if neither is given. + To only listen on a specific port but not to a specific address, + use "*" for the ADDRESS. + LocalDiscovery = (no) When enabled, tinc will try to detect peers that are on the same local network. This will allow direct communication using LAN @@ -1065,7 +1092,7 @@ ProcessPriority = adjusted. Increasing the priority may help to reduce latency and packet loss on the VPN. -Proxy = socks4 | socks4 | http | exec ... [experimental] +Proxy = socks4 | socks5 | http | exec ... [experimental] Use a proxy when making outgoing connections. The following proxy types are currently supported: @@ -1074,7 +1101,7 @@ Proxy = socks4 | socks4 | http | exec ... [experimental] Optionally, a USERNAME can be supplied which will be passed on to the proxy server. - socks4
[ ] + socks5
[ ] Connect to the proxy using the SOCKS version 5 protocol. If a USERNAME and PASSWORD are given, basic username/password authentication will be used, otherwise no authentication will @@ -1099,10 +1126,12 @@ ReplayWindow = (16) pass all traffic, but leaves tinc vulnerable to replay-based attacks on your traffic. -StrictSubnets (no) [experimental] +StrictSubnets = (no) [experimental] When this option is enabled tinc will only use Subnet statements which are present in the host config files in the local - '/etc/tinc/NETNAME/hosts/' directory. + '/etc/tinc/NETNAME/hosts/' directory. Subnets learned via + connections to other nodes and which are not present in the local + host config files are ignored. TunnelServer = (no) [experimental] When this option is enabled tinc will no longer forward information @@ -1131,7 +1160,9 @@ Address = [] [recommended] This variable is only required if you want to connect to this host. It must resolve to the external IP address where the host can be reached, not the one that is internal to the VPN. If no port is - specified, the default Port is used. + specified, the default Port is used. Multiple Address variables + can be specified, in which case each address will be tried until a + working connection has been established. Cipher = (blowfish) The symmetric cipher algorithm used to encrypt UDP packets using @@ -1234,6 +1265,12 @@ TCPonly = (no) masquerading firewall, or if UDP packet routing is disabled somehow. Setting this options also implicitly sets IndirectData. +Weight = + If this variable is set, it overrides the weight given to + connections made with another host. A higher weight means a lower + priority is given to this connection when broadcasting or + forwarding packets. +  File: tinc.info, Node: Scripts, Next: How to configure, Prev: Host configuration variables, Up: Configuration files @@ -1353,10 +1390,10 @@ contents: Name = NAME -It will also create private RSA and ECDSA keys, which will be stored in -the files 'rsa_key.priv' and 'ecdsa_key.priv'. It will also create a -host configuration file 'hosts/NAME', which will contain the -corresponding public RSA and ECDSA keys. +It will also create private RSA and Ed25519 keys, which will be stored +in the files 'rsa_key.priv' and 'ed25519_key.priv'. It will also create +a host configuration file 'hosts/NAME', which will contain the +corresponding public RSA and Ed25519 keys. Finally, on UNIX operating systems, it will create an executable script 'tinc-up', which will initially not do anything except warning that you @@ -1375,7 +1412,7 @@ should run the following command: This will add a Subnet statement to your host configuration file. Try opening the file '/etc/tinc/NETNAME/hosts/NAME' in an editor. You -should now see a file containing the public RSA and ECDSA keys (which +should now see a file containing the public RSA and Ed25519 keys (which looks like a bunch of random characters), and the following line at the bottom: @@ -1657,9 +1694,9 @@ Key files A, B, C and D all have their own public/private keypairs: The private RSA key is stored in '/etc/tinc/company/rsa_key.priv', the -private ECDSA key is stored in '/etc/tinc/company/ecdsa_key.priv', and -the public RSA and ECDSA keys are put into the host configuration file -in the '/etc/tinc/company/hosts/' directory. +private Ed25519 key is stored in '/etc/tinc/company/ed25519_key.priv', +and the public RSA and Ed25519 keys are put into the host configuration +file in the '/etc/tinc/company/hosts/' directory. Starting ........ @@ -1997,11 +2034,17 @@ File: tinc.info, Node: Controlling tinc, Next: Technical information, Prev: R 6 Controlling tinc ****************** -You can control and inspect a running tincd through the tinc command. A -quick example: +You can start, stop, control and inspect a running tincd through the +tinc command. A quick example: tinc -n NETNAME reload +If tinc is started without a command, it will act as a shell; it will +display a prompt, and commands can be entered on the prompt. If tinc is +compiled with libreadline, history and command completion are available +on the prompt. One can also pipe a script containing commands through +tinc. In that case, lines starting with a # symbol will be ignored. + * Menu: * tinc runtime options:: @@ -2052,8 +2095,8 @@ File: tinc.info, Node: tinc commands, Next: tinc examples, Prev: tinc environ ================= 'init [NAME]' - Create initial configuration files and RSA and ECDSA keypairs with - default length. If no NAME for this node is given, it will be + Create initial configuration files and RSA and Ed25519 keypairs + with default length. If no NAME for this node is given, it will be asked for. 'get VARIABLE' @@ -2126,12 +2169,12 @@ File: tinc.info, Node: tinc commands, Next: tinc examples, Prev: tinc environ Shows the PID of the currently running 'tincd'. 'generate-keys [BITS]' - Generate both RSA and ECDSA keypairs (see below) and exit. tinc + Generate both RSA and Ed25519 keypairs (see below) and exit. tinc will ask where you want to store the files, but will default to the configuration directory (you can use the -c or -n option). -'generate-ecdsa-keys' - Generate public/private ECDSA keypair and exit. +'generate-ed25519-keys' + Generate public/private Ed25519 keypair and exit. 'generate-rsa-keys [BITS]' Generate public/private RSA keypair and exit. If BITS is omitted, @@ -2195,6 +2238,10 @@ File: tinc.info, Node: tinc commands, Next: tinc examples, Prev: tinc environ file or piped through a program that can parse it directly, such as tcpdump. +'network' + If NETNAME is given, switch to that network. Otherwise, display a + list of all networks for which configuration files exist. +  File: tinc.info, Node: tinc examples, Next: tinc top, Prev: tinc commands, Up: Controlling tinc @@ -2207,7 +2254,7 @@ Examples of some commands: tinc -n vpn pcap | tcpdump -r - tinc -n vpn top -Example of configuring tinc using the tinc command: +Examples of changing the configuration using tinc: tinc -n vpn init foo tinc -n vpn add Subnet 192.168.1.0/24 @@ -2776,11 +2823,11 @@ The expanded key is used as follows: Where initiator_cipher_key is the key used by session initiator to encrypt messages sent to the responder. -When using 521 bits EC keys, the AES-256-CTR cipher and HMAC-SHA-256 -digest algorithm, the sizes are as follows: +When using 256 bits Ed25519 keys, the AES-256-CTR cipher and +HMAC-SHA-256 digest algorithm, the sizes are as follows: - ECDH_SIZE: 67 (= ceil(521/8) + 1) - ECDSA_SIZE: 141 (= 2 * ceil(521/8) + 9) + ECDH_SIZE: 32 (= 256/8) + ECDSA_SIZE: 64 (= 2 * 256/8) CIPHER_KEYSIZE: 48 (= 256/8 + 128/8) DIGEST_KEYSIZE: 32 (= 256/8) @@ -3019,6 +3066,7 @@ Concept Index * ACK: Legacy authentication protocol. (line 6) +* add: tinc commands. (line 22) * Address: Host configuration variables. (line 6) * AddressFamily: Main configuration variables. @@ -3031,83 +3079,107 @@ Concept Index * binary package: Building and installing tinc. (line 9) * BindToAddress: Main configuration variables. - (line 19) + (line 16) * BindToInterface: Main configuration variables. - (line 30) + (line 23) * Broadcast: Main configuration variables. - (line 40) + (line 33) +* BroadcastSubnet: Main configuration variables. + (line 53) * Cabal: Security. (line 6) * CHALLENGE: Legacy authentication protocol. (line 6) * CHAL_REPLY: Legacy authentication protocol. (line 6) * CIDR notation: Host configuration variables. - (line 94) + (line 96) * Cipher: Host configuration variables. - (line 12) + (line 14) * ClampMSS: Host configuration variables. - (line 20) + (line 22) * client: How connections work. (line 18) * command line: Runtime options. (line 9) +* command line interface: Controlling tinc. (line 6) * Compression: Host configuration variables. - (line 26) + (line 28) * connection: The connection. (line 6) * ConnectTo: Main configuration variables. - (line 60) + (line 65) * daemon: Running tinc. (line 11) * data-protocol: The meta-connection. (line 18) +* debug: tinc commands. (line 121) * debug level: Runtime options. (line 17) * debug levels: Debug levels. (line 6) * DecrementTTL: Main configuration variables. - (line 71) + (line 76) +* del: tinc commands. (line 26) * DEL_EDGE: The meta-protocol. (line 46) * DEL_SUBNET: The meta-protocol. (line 46) * Device: Main configuration variables. - (line 80) + (line 85) * DEVICE: Scripts. (line 60) * device files: Device files. (line 6) +* DeviceStandby: Main configuration variables. + (line 92) * DeviceType: Main configuration variables. - (line 87) + (line 99) * Digest: Host configuration variables. - (line 31) + (line 33) * DirectOnly: Main configuration variables. - (line 152) + (line 164) +* disconnect: tinc commands. (line 136) * dummy: Main configuration variables. - (line 94) -* ECDSAPrivateKeyFile: Main configuration variables. - (line 159) + (line 106) +* dump: tinc commands. (line 94) +* Ed25519PrivateKeyFile: Main configuration variables. + (line 171) +* edit: tinc commands. (line 31) * encapsulating: The UDP tunnel. (line 30) * encryption: Encryption of network packets. (line 6) * environment variables: Scripts. (line 48) * example: Example configuration. (line 6) +* exchange: tinc commands. (line 47) +* exchange-all: tinc commands. (line 50) * exec: Main configuration variables. - (line 328) + (line 352) * ExperimentalProtocol: Main configuration variables. - (line 163) + (line 175) +* export: tinc commands. (line 35) +* export-all: tinc commands. (line 39) * Forwarding: Main configuration variables. - (line 170) + (line 182) * frame type: The UDP tunnel. (line 6) +* generate-ed25519-keys: tinc commands. (line 85) +* generate-keys: tinc commands. (line 80) +* generate-rsa-keys: tinc commands. (line 88) +* get: tinc commands. (line 11) +* graph: tinc commands. (line 107) * Hostnames: Main configuration variables. - (line 190) + (line 202) * http: Main configuration variables. - (line 325) + (line 349) * hub: Main configuration variables. - (line 246) + (line 270) * ID: Legacy authentication protocol. (line 6) +* import: tinc commands. (line 42) * IndirectData: Host configuration variables. - (line 38) + (line 40) +* info: tinc commands. (line 114) +* init: tinc commands. (line 6) * Interface: Main configuration variables. - (line 201) + (line 213) * INTERFACE: Scripts. (line 63) * INVITATION_FILE: Scripts. (line 86) * INVITATION_URL: Scripts. (line 90) +* invite: tinc commands. (line 53) * IRC: Contact information. (line 9) +* join: tinc commands. (line 58) * KeyExpire: Main configuration variables. - (line 251) + (line 275) * KEY_CHANGED: The meta-protocol. (line 63) * legacy authentication protocol: Legacy authentication protocol. (line 6) @@ -3115,27 +3187,30 @@ Concept Index * libraries: Libraries. (line 6) * libreadline: libreadline. (line 6) * license: OpenSSL. (line 35) +* ListenAddress: Main configuration variables. + (line 221) * LocalDiscovery: Main configuration variables. - (line 209) + (line 233) * LocalDiscoveryAddress: Main configuration variables. - (line 220) + (line 244) +* log: tinc commands. (line 124) * lzo: lzo. (line 6) * MACExpire: Main configuration variables. - (line 257) + (line 281) * MACLength: Host configuration variables. - (line 43) + (line 45) * MaxConnectionBurst: Main configuration variables. - (line 262) + (line 286) * meta-protocol: The meta-connection. (line 18) * META_KEY: Legacy authentication protocol. (line 6) * Mode: Main configuration variables. - (line 224) + (line 248) * multicast: Main configuration variables. - (line 106) + (line 118) * multiple networks: Multiple networks. (line 6) * Name: Main configuration variables. - (line 268) + (line 292) * NAME: Scripts. (line 57) * netmask: Network interfaces. (line 39) * netname: Multiple networks. (line 6) @@ -3144,101 +3219,114 @@ Concept Index (line 6) * Network Administrators Guide: Configuration introduction. (line 15) +* network [NETNAME]: tinc commands. (line 150) * NODE: Scripts. (line 67) * OpenSSL: OpenSSL. (line 6) * options: Runtime options. (line 9) +* pcap: tinc commands. (line 144) * PEM format: Host configuration variables. - (line 70) + (line 72) +* pid: tinc commands. (line 77) * PING: The meta-protocol. (line 88) * PingInterval: Main configuration variables. - (line 279) + (line 303) * PingTimeout: Main configuration variables. - (line 283) + (line 307) * platforms: Supported platforms. (line 6) * PMTU: Host configuration variables. - (line 50) + (line 52) * PMTUDiscovery: Host configuration variables. - (line 53) + (line 55) * PONG: The meta-protocol. (line 88) * Port: Host configuration variables. - (line 58) + (line 60) * port numbers: Other files. (line 17) * PriorityInheritance: Main configuration variables. - (line 289) + (line 313) * private: Virtual Private Networks. (line 10) * PrivateKey: Main configuration variables. - (line 294) + (line 318) * PrivateKeyFile: Main configuration variables. - (line 300) + (line 324) * ProcessPriority: Main configuration variables. - (line 305) + (line 329) * Proxy: Main configuration variables. - (line 310) + (line 334) * PublicKey: Host configuration variables. - (line 62) + (line 64) * PublicKeyFile: Host configuration variables. - (line 65) + (line 67) +* purge: tinc commands. (line 118) * raw_socket: Main configuration variables. - (line 99) + (line 111) * release: Supported platforms. (line 14) +* reload: tinc commands. (line 72) * REMOTEADDRESS: Scripts. (line 72) * REMOTEPORT: Scripts. (line 75) * ReplayWindow: Main configuration variables. - (line 333) + (line 357) * requirements: Libraries. (line 6) * REQ_KEY: The meta-protocol. (line 63) +* restart: tinc commands. (line 69) +* retry: tinc commands. (line 129) * router: Main configuration variables. - (line 227) + (line 251) * runtime options: Runtime options. (line 9) * scalability: tinc. (line 19) * scripts: Scripts. (line 6) * server: How connections work. (line 18) +* set: tinc commands. (line 16) +* shell: Controlling tinc. (line 11) * signals: Signals. (line 6) * socks4: Main configuration variables. - (line 314) + (line 338) * socks5: Main configuration variables. - (line 319) + (line 343) * SPTPS: Simple Peer-to-Peer Security. (line 6) +* start: tinc commands. (line 63) +* stop: tinc commands. (line 66) * StrictSubnets: Main configuration variables. - (line 344) + (line 368) * Subnet: Host configuration variables. - (line 77) + (line 79) * SUBNET: Scripts. (line 79) * SVPN: Security. (line 11) * switch: Main configuration variables. - (line 235) + (line 259) * TCP: The meta-connection. (line 10) * TCPonly: Host configuration variables. - (line 106) + (line 108) * tinc: Introduction. (line 6) * TINC: Security. (line 6) * tinc-down: Scripts. (line 18) * tinc-up: Scripts. (line 10) * tinc-up <1>: Network interfaces. (line 19) * tincd: tinc. (line 14) +* top: tinc commands. (line 139) +* top <1>: tinc top. (line 6) * traditional VPNs: tinc. (line 19) * tunifhead: Main configuration variables. - (line 141) + (line 153) * TunnelServer: Main configuration variables. - (line 349) + (line 375) * tunnohead: Main configuration variables. - (line 135) + (line 147) * UDP: The UDP tunnel. (line 30) * UDP <1>: Encryption of network packets. (line 11) * UDPRcvBuf: Main configuration variables. - (line 356) + (line 382) * UDPSndBuf: Main configuration variables. - (line 361) + (line 387) * UML: Main configuration variables. - (line 117) + (line 129) * Universal tun/tap: Configuration of Linux kernels. (line 6) * VDE: Main configuration variables. - (line 122) + (line 134) * virtual: Virtual Private Networks. (line 18) * virtual network device: The UDP tunnel. (line 6) @@ -3246,80 +3334,82 @@ Concept Index (line 6) * vpnd: tinc. (line 6) * website: Contact information. (line 6) +* Weight: Host configuration variables. + (line 115) * WEIGHT: Scripts. (line 82) * zlib: zlib. (line 6)  Tag Table: -Node: Top807 -Node: Introduction1127 -Node: Virtual Private Networks1931 -Node: tinc3643 -Node: Supported platforms5155 -Node: Preparations5851 -Node: Configuring the kernel6107 -Node: Configuration of Linux kernels6516 -Node: Configuration of FreeBSD kernels7365 -Node: Configuration of OpenBSD kernels7830 -Node: Configuration of NetBSD kernels8438 -Node: Configuration of Solaris kernels8840 -Node: Configuration of Darwin (MacOS/X) kernels9501 -Node: Configuration of Windows10190 -Node: Libraries10703 -Node: OpenSSL11121 -Node: zlib13393 -Node: lzo14411 -Node: libcurses15401 -Node: libreadline16311 -Node: Installation17248 -Node: Building and installing tinc18257 -Node: Darwin (MacOS/X) build environment18913 -Node: Cygwin (Windows) build environment19477 -Node: MinGW (Windows) build environment20061 -Node: System files20579 -Node: Device files20844 -Node: Other files21257 -Node: Configuration21870 -Node: Configuration introduction22157 -Node: Multiple networks23678 -Node: How connections work25046 -Node: Configuration files27607 -Node: Main configuration variables29135 -Node: Host configuration variables45893 -Node: Scripts51364 -Node: How to configure54765 -Node: Network interfaces59241 -Node: Example configuration61620 -Node: Running tinc66713 -Node: Runtime options67300 -Node: Signals70160 -Node: Debug levels71009 -Node: Solving problems71945 -Node: Error messages73371 -Node: Sending bug reports77688 -Node: Controlling tinc78635 -Node: tinc runtime options79012 -Node: tinc environment variables79699 -Node: tinc commands80028 -Node: tinc examples85138 -Node: tinc top85701 -Node: Technical information87286 -Node: The connection87521 -Node: The UDP tunnel87833 -Node: The meta-connection90878 -Node: The meta-protocol92336 -Node: Security97319 -Node: Legacy authentication protocol98656 -Node: Simple Peer-to-Peer Security103273 -Node: Encryption of network packets108933 -Node: Security issues111562 -Node: Platform specific information113297 -Node: Interface configuration113525 -Node: Routes115966 -Node: About us117877 -Node: Contact information118052 -Node: Authors118454 -Node: Concept Index118856 +Node: Top808 +Node: Introduction1128 +Node: Virtual Private Networks1932 +Node: tinc3644 +Node: Supported platforms5156 +Node: Preparations5852 +Node: Configuring the kernel6108 +Node: Configuration of Linux kernels6517 +Node: Configuration of FreeBSD kernels7366 +Node: Configuration of OpenBSD kernels7831 +Node: Configuration of NetBSD kernels8439 +Node: Configuration of Solaris kernels8841 +Node: Configuration of Darwin (MacOS/X) kernels9502 +Node: Configuration of Windows10191 +Node: Libraries10704 +Node: OpenSSL11140 +Node: zlib13412 +Node: lzo14430 +Node: libcurses15420 +Node: libreadline16330 +Node: Installation17267 +Node: Building and installing tinc18276 +Node: Darwin (MacOS/X) build environment18932 +Node: Cygwin (Windows) build environment19496 +Node: MinGW (Windows) build environment20080 +Node: System files20598 +Node: Device files20863 +Node: Other files21276 +Node: Configuration21889 +Node: Configuration introduction22176 +Node: Multiple networks23697 +Node: How connections work25065 +Node: Configuration files27626 +Node: Main configuration variables29258 +Node: Host configuration variables47397 +Node: Scripts53256 +Node: How to configure56657 +Node: Network interfaces61141 +Node: Example configuration63520 +Node: Running tinc68619 +Node: Runtime options69206 +Node: Signals72066 +Node: Debug levels72915 +Node: Solving problems73851 +Node: Error messages75277 +Node: Sending bug reports79594 +Node: Controlling tinc80541 +Node: tinc runtime options81287 +Node: tinc environment variables81974 +Node: tinc commands82303 +Node: tinc examples87567 +Node: tinc top88129 +Node: Technical information89714 +Node: The connection89949 +Node: The UDP tunnel90261 +Node: The meta-connection93306 +Node: The meta-protocol94764 +Node: Security99747 +Node: Legacy authentication protocol101084 +Node: Simple Peer-to-Peer Security105701 +Node: Encryption of network packets111346 +Node: Security issues113975 +Node: Platform specific information115710 +Node: Interface configuration115938 +Node: Routes118379 +Node: About us120290 +Node: Contact information120465 +Node: Authors120867 +Node: Concept Index121269  End Tag Table diff --git a/doc/tinc.texi b/doc/tinc.texi index acbee94..2cb55a7 100644 --- a/doc/tinc.texi +++ b/doc/tinc.texi @@ -15,7 +15,7 @@ This is the info manual for @value{PACKAGE} version @value{VERSION}, a Virtual Private Network daemon. -Copyright @copyright{} 1998-2013 Ivo Timmermans, +Copyright @copyright{} 1998-2014 Ivo Timmermans, Guus Sliepen and Wessel Dankers . @@ -43,7 +43,7 @@ permission notice identical to this one. @vskip 0pt plus 1filll This is the info manual for @value{PACKAGE} version @value{VERSION}, a Virtual Private Network daemon. -Copyright @copyright{} 1998-2013 Ivo Timmermans, +Copyright @copyright{} 1998-2014 Ivo Timmermans, Guus Sliepen and Wessel Dankers . @@ -335,9 +335,10 @@ as explained in the rest of the documentation. @cindex requirements @cindex libraries -Before you can configure or build tinc, you need to have the OpenSSL, -zlib and lzo libraries installed on your system. If you try to configure tinc without -having them installed, configure will give you an error message, and stop. +Before you can configure or build tinc, you need to have the OpenSSL, zlib, +lzo, curses and readline libraries installed on your system. If you try to +configure tinc without having them installed, configure will give you an error +message, and stop. @menu * OpenSSL:: @@ -793,6 +794,9 @@ The actual configuration of the daemon is done in the file @file{@value{sysconfdir}/tinc/@var{netname}/tinc.conf} and at least one other file in the directory @file{@value{sysconfdir}/tinc/@var{netname}/hosts/}. +An optionnal directory @file{@value{sysconfdir}/tinc/@var{netname}/conf.d} can be added from which +any .conf file will be read. + These file consists of comments (lines started with a #) or assignments in the form of @@ -839,23 +843,16 @@ If any is selected, then depending on the operating system both IPv4 and IPv6 or just IPv6 listening sockets will be created. @cindex AutoConnect -@item AutoConnect = (0) [experimental] -If set to a non-zero value, -tinc will try to only have count meta connections to other nodes, -by automatically making or breaking connections to known nodes. -Higher values increase redundancy but also increase meta data overhead. -When using this option, a good value is 3. +@item AutoConnect = (no) [experimental] +If set to yes, tinc will automatically set up meta connections to other nodes, +without requiring @var{ConnectTo} variables. @cindex BindToAddress @item BindToAddress = <@var{address}> [<@var{port}>] -If your computer has more than one IPv4 or IPv6 address, tinc -will by default listen on all of them for incoming connections. -Multiple BindToAddress variables may be specified, -in which case listening sockets for each specified address are made. - -If no @var{port} is specified, the socket will be bound to the port specified by the Port option, -or to port 655 if neither is given. -To only bind to a specific port but not to a specific address, use "*" for the @var{address}. +This is the same as ListenAddress, however the address given with the BindToAddress option +will also be used for outgoing connections. +This is useful if your computer has more than one IPv4 or IPv6 address, +and you want tinc to only use a specific one for outgoing packets. @cindex BindToInterface @item BindToInterface = <@var{interface}> [experimental] @@ -887,6 +884,18 @@ Broadcast packets received from other nodes are never forwarded. If the IndirectData option is also set, broadcast packets will only be sent to nodes which we have a meta connection to. @end table +@cindex BroadcastSubnet +@item BroadcastSubnet = @var{address}[/@var{prefixlength}] +Declares a broadcast subnet. +Any packet with a destination address falling into such a subnet will be routed as a broadcast +(provided all nodes have it declared). +This is most useful to declare subnet broadcast addresses (e.g. 10.42.255.255), +otherwise tinc won't know what to do with them. + +Note that global broadcast addresses (MAC ff:ff:ff:ff:ff:ff, IPv4 255.255.255.255), +as well as multicast space (IPv4 224.0.0.0/4, IPv6 ff00::/8) +are always considered broadcast addresses and don't need to be declared. + @cindex ConnectTo @item ConnectTo = <@var{name}> Specifies which other tinc daemon to connect to on startup. @@ -895,7 +904,7 @@ in which case outgoing connections to each specified tinc daemon are made. The names should be known to this tinc daemon (i.e., there should be a host configuration file for the name on the ConnectTo line). -If you don't specify a host with ConnectTo, +If you don't specify a host with ConnectTo and don't enable AutoConnect, tinc won't try to connect to other daemons at all, and will instead just listen for incoming connections. @@ -917,6 +926,13 @@ Under Windows, use @var{Interface} instead of @var{Device}. Note that you can only use one device per daemon. See also @ref{Device files}. +@cindex DeviceStandby +@item DeviceStandby = (no) +When disabled, tinc calls @file{tinc-up} on startup, and @file{tinc-down} on shutdown. +When enabled, tinc will only call @file{tinc-up} when at least one node is reachable, +and will call @file{tinc-down} as soon as no nodes are reachable. +On Windows, this also determines when the virtual network interface "cable" is "plugged". + @cindex DeviceType @item DeviceType = <@var{type}> (platform dependent) The type of the virtual network device. @@ -996,18 +1012,18 @@ but which would have to be forwarded by an intermediate node, are dropped instea When combined with the IndirectData option, packets for nodes for which we do not have a meta connection with are also dropped. -@cindex ECDSAPrivateKeyFile -@item ECDSAPrivateKeyFile = <@var{path}> (@file{@value{sysconfdir}/tinc/@var{netname}/ecdsa_key.priv}) -The file in which the private ECDSA key of this tinc daemon resides. +@cindex Ed25519PrivateKeyFile +@item Ed25519PrivateKeyFile = <@var{path}> (@file{@value{sysconfdir}/tinc/@var{netname}/ed25519_key.priv}) +The file in which the private Ed25519 key of this tinc daemon resides. This is only used if ExperimentalProtocol is enabled. @cindex ExperimentalProtocol @item ExperimentalProtocol = (yes) When this option is enabled, the SPTPS protocol will be used when connecting to nodes that also support it. Ephemeral ECDH will be used for key exchanges, -and ECDSA will be used instead of RSA for authentication. -When enabled, an ECDSA key must have been generated before with -@samp{tinc generate-ecdsa-keys}. +and Ed25519 will be used instead of RSA for authentication. +When enabled, an Ed25519 key must have been generated before with +@samp{tinc generate-ed25519-keys}. @cindex Forwarding @item Forwarding = (internal) [experimental] @@ -1046,6 +1062,18 @@ Depending on the operating system and the type of device this may or may not act Under Windows, this variable is used to select which network interface will be used. If you specified a Device, this variable is almost always already correctly set. +@cindex ListenAddress +@item ListenAddress = <@var{address}> [<@var{port}>] +If your computer has more than one IPv4 or IPv6 address, tinc +will by default listen on all of them for incoming connections. +This option can be used to restrict which addresses tinc listens on. +Multiple ListenAddress variables may be specified, +in which case listening sockets for each specified address are made. + +If no @var{port} is specified, the socket will listen on the port specified by the Port option, +or to port 655 if neither is given. +To only listen on a specific port but not to a specific address, use "*" for the @var{address}. + @cindex LocalDiscovery @item LocalDiscovery = (no) When enabled, tinc will try to detect peers that are on the same local network. @@ -1152,7 +1180,7 @@ When this option is used the priority of the tincd process will be adjusted. Increasing the priority may help to reduce latency and packet loss on the VPN. @cindex Proxy -@item Proxy = socks4 | socks4 | http | exec @var{...} [experimental] +@item Proxy = socks4 | socks5 | http | exec @var{...} [experimental] Use a proxy when making outgoing connections. The following proxy types are currently supported: @@ -1163,7 +1191,7 @@ Connects to the proxy using the SOCKS version 4 protocol. Optionally, a @var{username} can be supplied which will be passed on to the proxy server. @cindex socks5 -@item socks4 <@var{address}> <@var{port}> [<@var{username}> <@var{password}>] +@item socks5 <@var{address}> <@var{port}> [<@var{username}> <@var{password}>] Connect to the proxy using the SOCKS version 5 protocol. If a @var{username} and @var{password} are given, basic username/password authentication will be used, otherwise no authentication will be used. @@ -1190,10 +1218,12 @@ pass all traffic, but leaves tinc vulnerable to replay-based attacks on your traffic. @cindex StrictSubnets -@item StrictSubnets (no) [experimental] +@item StrictSubnets = (no) [experimental] When this option is enabled tinc will only use Subnet statements which are present in the host config files in the local @file{@value{sysconfdir}/tinc/@var{netname}/hosts/} directory. +Subnets learned via connections to other nodes and which are not +present in the local host config files are ignored. @cindex TunnelServer @item TunnelServer = (no) [experimental] @@ -1226,6 +1256,8 @@ This variable is only required if you want to connect to this host. It must resolve to the external IP address where the host can be reached, not the one that is internal to the VPN. If no port is specified, the default Port is used. +Multiple Address variables can be specified, in which case each address will be +tried until a working connection has been established. @cindex Cipher @item Cipher = <@var{cipher}> (blowfish) @@ -1336,6 +1368,12 @@ TCP connection instead of a UDP connection. This is especially useful for those who want to run a tinc daemon from behind a masquerading firewall, or if UDP packet routing is disabled somehow. Setting this options also implicitly sets IndirectData. + +@cindex Weight +@item Weight = +If this variable is set, it overrides the weight given to connections made with +another host. A higher weight means a lower priority is given to this +connection when broadcasting or forwarding packets. @end table @@ -1471,9 +1509,9 @@ In the configuration directory, it will create the file @file{tinc.conf} with th Name = @var{name} @end example -It will also create private RSA and ECDSA keys, which will be stored in the files @file{rsa_key.priv} and @file{ecdsa_key.priv}. +It will also create private RSA and Ed25519 keys, which will be stored in the files @file{rsa_key.priv} and @file{ed25519_key.priv}. It will also create a host configuration file @file{hosts/@var{name}}, -which will contain the corresponding public RSA and ECDSA keys. +which will contain the corresponding public RSA and Ed25519 keys. Finally, on UNIX operating systems, it will create an executable script @file{tinc-up}, which will initially not do anything except warning that you should edit it. @@ -1492,7 +1530,7 @@ tinc -n @var{netname} add subnet 192.168.2.0/24 This will add a Subnet statement to your host configuration file. Try opening the file @file{@value{sysconfdir}/tinc/@var{netname}/hosts/@var{name}} in an editor. -You should now see a file containing the public RSA and ECDSA keys (which looks like a bunch of random characters), +You should now see a file containing the public RSA and Ed25519 keys (which looks like a bunch of random characters), and the following line at the bottom: @example @@ -1803,8 +1841,8 @@ Address = 4.5.6.7 A, B, C and D all have their own public/private keypairs: The private RSA key is stored in @file{@value{sysconfdir}/tinc/company/rsa_key.priv}, -the private ECDSA key is stored in @file{@value{sysconfdir}/tinc/company/ecdsa_key.priv}, -and the public RSA and ECDSA keys are put into the host configuration file in the @file{@value{sysconfdir}/tinc/company/hosts/} directory. +the private Ed25519 key is stored in @file{@value{sysconfdir}/tinc/company/ed25519_key.priv}, +and the public RSA and Ed25519 keys are put into the host configuration file in the @file{@value{sysconfdir}/tinc/company/hosts/} directory. @subsubheading Starting @@ -2146,13 +2184,21 @@ Be sure to include the following information in your bugreport: @node Controlling tinc @chapter Controlling tinc -You can control and inspect a running tincd through the tinc +@cindex command line interface +You can start, stop, control and inspect a running tincd through the tinc command. A quick example: @example tinc -n @var{netname} reload @end example +@cindex shell +If tinc is started without a command, it will act as a shell; it will display a +prompt, and commands can be entered on the prompt. If tinc is compiled with +libreadline, history and command completion are available on the prompt. One +can also pipe a script containing commands through tinc. In that case, lines +starting with a # symbol will be ignored. + @menu * tinc runtime options:: * tinc environment variables:: @@ -2206,85 +2252,107 @@ the value of this environment variable is used. @c from the manpage @table @code +@cindex init @item init [@var{name}] -Create initial configuration files and RSA and ECDSA keypairs with default length. +Create initial configuration files and RSA and Ed25519 keypairs with default length. If no @var{name} for this node is given, it will be asked for. +@cindex get @item get @var{variable} Print the current value of configuration variable @var{variable}. If more than one variable with the same name exists, the value of each of them will be printed on a separate line. +@cindex set @item set @var{variable} @var{value} Set configuration variable @var{variable} to the given @var{value}. All previously existing configuration variables with the same name are removed. To set a variable for a specific host, use the notation @var{host}.@var{variable}. +@cindex add @item add @var{variable} @var{value} As above, but without removing any previously existing configuration variables. +@cindex del @item del @var{variable} [@var{value}] Remove configuration variables with the same name and @var{value}. If no @var{value} is given, all configuration variables with the same name will be removed. +@cindex edit @item edit @var{filename} Start an editor for the given configuration file. You do not need to specify the full path to the file. +@cindex export @item export Export the host configuration file of the local node to standard output. +@cindex export-all @item export-all Export all host configuration files to standard output. +@cindex import @item import [--force] Import host configuration file(s) generated by the tinc export command from standard input. Already existing host configuration files are not overwritten unless the option --force is used. +@cindex exchange @item exchange [--force] The same as export followed by import. +@cindex exchange-all @item exchange-all [--force] The same as export-all followed by import. +@cindex invite @item invite @var{name} Prepares an invitation for a new node with the given @var{name}, and prints a short invitation URL that can be used with the join command. +@cindex join @item join [@var{URL}] Join an existing VPN using an invitation URL created using the invite command. If no @var{URL} is given, it will be read from standard input. +@cindex start @item start [tincd options] Start @samp{tincd}, optionally with the given extra options. +@cindex stop @item stop Stop @samp{tincd}. +@cindex restart @item restart [tincd options] Restart @samp{tincd}, optionally with the given extra options. +@cindex reload @item reload Partially rereads configuration files. Connections to hosts whose host config files are removed are closed. New outgoing connections specified in @file{tinc.conf} will be made. +@cindex pid @item pid Shows the PID of the currently running @samp{tincd}. +@cindex generate-keys @item generate-keys [@var{bits}] -Generate both RSA and ECDSA keypairs (see below) and exit. +Generate both RSA and Ed25519 keypairs (see below) and exit. tinc will ask where you want to store the files, but will default to the configuration directory (you can use the -c or -n option). -@item generate-ecdsa-keys -Generate public/private ECDSA keypair and exit. +@cindex generate-ed25519-keys +@item generate-ed25519-keys +Generate public/private Ed25519 keypair and exit. +@cindex generate-rsa-keys @item generate-rsa-keys [@var{bits}] Generate public/private RSA keypair and exit. If @var{bits} is omitted, the default length will be 2048 bits. When saving keys to existing files, tinc will not delete the old keys; you have to remove them manually. +@cindex dump @item dump [reachable] nodes Dump a list of all known nodes in the VPN. If the reachable keyword is used, only lists reachable nodes. @@ -2298,26 +2366,32 @@ Dump a list of all known subnets in the VPN. @item dump connections Dump a list of all meta connections with ourself. +@cindex graph @item dump graph | digraph Dump a graph of the VPN in dotty format. Nodes are colored according to their reachability: red nodes are unreachable, orange nodes are indirectly reachable, green nodes are directly reachable. Black nodes are either directly or indirectly reachable, but direct reachability has not been tried yet. +@cindex info @item info @var{node} | @var{subnet} | @var{address} Show information about a particular @var{node}, @var{subnet} or @var{address}. If an @var{address} is given, any matching subnet will be shown. +@cindex purge @item purge Purges all information remembered about unreachable nodes. +@cindex debug @item debug @var{level} Sets debug level to @var{level}. +@cindex log @item log [@var{level}] Capture log messages from a running tinc daemon. An optional debug level can be given that will be applied only for log messages sent to tinc. +@cindex retry @item retry Forces tinc to try to connect to all uplinks immediately. Usually tinc attempts to do this itself, @@ -2325,19 +2399,27 @@ but increases the time it waits between the attempts each time it failed, and if tinc didn't succeed to connect to an uplink the first time after it started, it defaults to the maximum time of 15 minutes. +@cindex disconnect @item disconnect @var{node} Closes the meta connection with the given @var{node}. +@cindex top @item top If tinc is compiled with libcurses support, this will display live traffic statistics for all the known nodes, similar to the UNIX top command. See below for more information. +@cindex pcap @item pcap Dump VPN traffic going through the local tinc node in pcap-savefile format to standard output, from where it can be redirected to a file or piped through a program that can parse it directly, such as tcpdump. +@cindex network [@var{netname}] +@item network +If @var{netname} is given, switch to that network. +Otherwise, display a list of all networks for which configuration files exist. + @end table @c ================================================================== @@ -2352,7 +2434,7 @@ tinc -n vpn pcap | tcpdump -r - tinc -n vpn top @end example -Example of configuring tinc using the tinc command: +Examples of changing the configuration using tinc: @example tinc -n vpn init foo @@ -2366,6 +2448,7 @@ tinc -n vpn export | gpg --clearsign | mail -s "My config" vpnmaster@@example.co @node tinc top @section tinc top +@cindex top The top command connects to a running tinc daemon and repeatedly queries its per-node traffic counters. It displays a list of all the known nodes in the left-most column, and the amount of bytes and packets read from and sent to each node in the other columns. @@ -2946,12 +3029,12 @@ The expanded key is used as follows: Where initiator_cipher_key is the key used by session initiator to encrypt messages sent to the responder. -When using 521 bits EC keys, the AES-256-CTR cipher and HMAC-SHA-256 digest algorithm, +When using 256 bits Ed25519 keys, the AES-256-CTR cipher and HMAC-SHA-256 digest algorithm, the sizes are as follows: @example -ECDH_SIZE: 67 (= ceil(521/8) + 1) -ECDSA_SIZE: 141 (= 2 * ceil(521/8) + 9) +ECDH_SIZE: 32 (= 256/8) +ECDSA_SIZE: 64 (= 2 * 256/8) CIPHER_KEYSIZE: 48 (= 256/8 + 128/8) DIGEST_KEYSIZE: 32 (= 256/8) @end example diff --git a/gui/Makefile.in b/gui/Makefile.in index 7232f33..772b4ae 100644 --- a/gui/Makefile.in +++ b/gui/Makefile.in @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.14 from Makefile.am. +# Makefile.in generated by automake 1.14.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994-2013 Free Software Foundation, Inc. @@ -83,9 +83,12 @@ DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \ $(dist_bin_SCRIPTS) ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/m4/attribute.m4 \ - $(top_srcdir)/m4/curses.m4 $(top_srcdir)/m4/lzo.m4 \ - $(top_srcdir)/m4/openssl.m4 $(top_srcdir)/m4/readline.m4 \ - $(top_srcdir)/m4/zlib.m4 $(top_srcdir)/configure.ac + $(top_srcdir)/m4/ax_check_compile_flag.m4 \ + $(top_srcdir)/m4/ax_check_link_flag.m4 \ + $(top_srcdir)/m4/curses.m4 $(top_srcdir)/m4/libgcrypt.m4 \ + $(top_srcdir)/m4/lzo.m4 $(top_srcdir)/m4/openssl.m4 \ + $(top_srcdir)/m4/readline.m4 $(top_srcdir)/m4/zlib.m4 \ + $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d @@ -170,9 +173,6 @@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ LDFLAGS = @LDFLAGS@ -LIBGCRYPT_CFLAGS = @LIBGCRYPT_CFLAGS@ -LIBGCRYPT_CONFIG = @LIBGCRYPT_CONFIG@ -LIBGCRYPT_LIBS = @LIBGCRYPT_LIBS@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LN_S = @LN_S@ @@ -188,7 +188,6 @@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ -RANLIB = @RANLIB@ READLINE_LIBS = @READLINE_LIBS@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ diff --git a/gui/tinc-gui b/gui/tinc-gui index 2b4f903..0a6370a 100755 --- a/gui/tinc-gui +++ b/gui/tinc-gui @@ -1,7 +1,8 @@ -#!/usr/bin/python +#!/usr/bin/env python # tinc-gui -- GUI for controlling a running tincd -# Copyright (C) 2009-2012 Guus Sliepen +# Copyright (C) 2009-2014 Guus Sliepen +# 2014 Dennis Joachimsthaler # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -27,7 +28,7 @@ import time from wx.lib.mixins.listctrl import ColumnSorterMixin from wx.lib.mixins.listctrl import ListCtrlAutoWidthMixin -if platform.system == 'Windows': +if platform.system() == 'Windows': import _winreg # Classes to interface with a running tinc daemon @@ -77,8 +78,8 @@ class Edge: self.to = args[1] self.address = args[2] self.port = args[4] - self.options = int(args[5], 16) - self.weight = int(args[6]) + self.options = int(args[-2], 16) + self.weight = int(args[-1]) class Subnet: def parse(self, args): @@ -130,7 +131,11 @@ class VPN: else: # otherwise connect via TCP print(unixfile + " does not exist."); - s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) + if ':' in info[2]: + af = socket.AF_INET6 + else: + af = socket.AF_INET + s = socket.socket(af, socket.SOCK_STREAM) s.connect((info[2], int(info[4]))) self.sf = s.makefile() @@ -187,6 +192,8 @@ class VPN: subnet.parse(resp[2:]) subnet.visited = True self.subnets[(resp[2], resp[3])] = subnet + if subnet.owner == "(broadcast)": + continue self.nodes[subnet.owner].subnets[resp[2]] = subnet elif resp[1] == '6': if len(resp) < 9: @@ -233,10 +240,16 @@ class VPN: return int(resp[2]) def __init__(self, netname = None, pidfile = None): - if platform.system == 'Windows': + if platform.system() == 'Windows': + sam = _winreg.KEY_READ + if platform.machine().endswith('64'): + sam = sam | _winreg.KEY_WOW64_64KEY try: - reg = _winreg.ConnectRegistry(None, HKEY_LOCAL_MACHINE) - key = _winreg.OpenKey(reg, "SOFTWARE\\tinc") + reg = _winreg.ConnectRegistry(None, _winreg.HKEY_LOCAL_MACHINE) + try: + key = _winreg.OpenKey(reg, "SOFTWARE\\tinc", 0, sam) + except WindowsError: + key = _winreg.OpenKey(reg, "SOFTWARE\\Wow6432Node\\tinc", 0, sam) VPN.confdir = _winreg.QueryValue(key, None) except WindowsError: pass @@ -252,7 +265,7 @@ class VPN: if pidfile != None: self.pidfile = pidfile else: - if platform.system == 'Windows': + if platform.system() == 'Windows': self.pidfile = os.path.join(self.confbase, 'pid') else: if netname: @@ -524,7 +537,7 @@ class SubnetsPage(wx.Panel): self.list.InsertStringItem(i, subnet.address + '/' + subnet.prefixlen) else: self.list.SetStringItem(i, 0, subnet.address + '/' + subnet.prefixlen) - self.list.SetStringItem(i, 1, subnet.weight) + self.list.SetStringItem(i, 1, str(subnet.weight)) self.list.SetStringItem(i, 2, subnet.owner) self.list.itemDataMap[i] = (subnet.address + '/' + subnet.prefixlen, subnet.weight, subnet.owner) self.list.SetItemData(i, i) diff --git a/m4/Makefile.in b/m4/Makefile.in index b722bcc..4097869 100644 --- a/m4/Makefile.in +++ b/m4/Makefile.in @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.14 from Makefile.am. +# Makefile.in generated by automake 1.14.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994-2013 Free Software Foundation, Inc. @@ -81,9 +81,12 @@ subdir = m4 DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am README ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/m4/attribute.m4 \ - $(top_srcdir)/m4/curses.m4 $(top_srcdir)/m4/lzo.m4 \ - $(top_srcdir)/m4/openssl.m4 $(top_srcdir)/m4/readline.m4 \ - $(top_srcdir)/m4/zlib.m4 $(top_srcdir)/configure.ac + $(top_srcdir)/m4/ax_check_compile_flag.m4 \ + $(top_srcdir)/m4/ax_check_link_flag.m4 \ + $(top_srcdir)/m4/curses.m4 $(top_srcdir)/m4/libgcrypt.m4 \ + $(top_srcdir)/m4/lzo.m4 $(top_srcdir)/m4/openssl.m4 \ + $(top_srcdir)/m4/readline.m4 $(top_srcdir)/m4/zlib.m4 \ + $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d @@ -139,9 +142,6 @@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ LDFLAGS = @LDFLAGS@ -LIBGCRYPT_CFLAGS = @LIBGCRYPT_CFLAGS@ -LIBGCRYPT_CONFIG = @LIBGCRYPT_CONFIG@ -LIBGCRYPT_LIBS = @LIBGCRYPT_LIBS@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LN_S = @LN_S@ @@ -157,7 +157,6 @@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ -RANLIB = @RANLIB@ READLINE_LIBS = @READLINE_LIBS@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ diff --git a/m4/ax_check_compile_flag.m4 b/m4/ax_check_compile_flag.m4 new file mode 100644 index 0000000..c3a8d69 --- /dev/null +++ b/m4/ax_check_compile_flag.m4 @@ -0,0 +1,72 @@ +# =========================================================================== +# http://www.gnu.org/software/autoconf-archive/ax_check_compile_flag.html +# =========================================================================== +# +# SYNOPSIS +# +# AX_CHECK_COMPILE_FLAG(FLAG, [ACTION-SUCCESS], [ACTION-FAILURE], [EXTRA-FLAGS]) +# +# DESCRIPTION +# +# Check whether the given FLAG works with the current language's compiler +# or gives an error. (Warnings, however, are ignored) +# +# ACTION-SUCCESS/ACTION-FAILURE are shell commands to execute on +# success/failure. +# +# If EXTRA-FLAGS is defined, it is added to the current language's default +# flags (e.g. CFLAGS) when the check is done. The check is thus made with +# the flags: "CFLAGS EXTRA-FLAGS FLAG". This can for example be used to +# force the compiler to issue an error when a bad flag is given. +# +# NOTE: Implementation based on AX_CFLAGS_GCC_OPTION. Please keep this +# macro in sync with AX_CHECK_{PREPROC,LINK}_FLAG. +# +# LICENSE +# +# Copyright (c) 2008 Guido U. Draheim +# Copyright (c) 2011 Maarten Bosmans +# +# This program is free software: you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the +# Free Software Foundation, either version 3 of the License, or (at your +# option) any later version. +# +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General +# Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program. If not, see . +# +# As a special exception, the respective Autoconf Macro's copyright owner +# gives unlimited permission to copy, distribute and modify the configure +# scripts that are the output of Autoconf when processing the Macro. You +# need not follow the terms of the GNU General Public License when using +# or distributing such scripts, even though portions of the text of the +# Macro appear in them. The GNU General Public License (GPL) does govern +# all other use of the material that constitutes the Autoconf Macro. +# +# This special exception to the GPL applies to versions of the Autoconf +# Macro released by the Autoconf Archive. When you make and distribute a +# modified version of the Autoconf Macro, you may extend this special +# exception to the GPL to apply to your modified version as well. + +#serial 2 + +AC_DEFUN([AX_CHECK_COMPILE_FLAG], +[AC_PREREQ(2.59)dnl for _AC_LANG_PREFIX +AS_VAR_PUSHDEF([CACHEVAR],[ax_cv_check_[]_AC_LANG_ABBREV[]flags_$4_$1])dnl +AC_CACHE_CHECK([whether _AC_LANG compiler accepts $1], CACHEVAR, [ + ax_check_save_flags=$[]_AC_LANG_PREFIX[]FLAGS + _AC_LANG_PREFIX[]FLAGS="$[]_AC_LANG_PREFIX[]FLAGS $4 $1" + AC_COMPILE_IFELSE([AC_LANG_PROGRAM()], + [AS_VAR_SET(CACHEVAR,[yes])], + [AS_VAR_SET(CACHEVAR,[no])]) + _AC_LANG_PREFIX[]FLAGS=$ax_check_save_flags]) +AS_IF([test x"AS_VAR_GET(CACHEVAR)" = xyes], + [m4_default([$2], :)], + [m4_default([$3], :)]) +AS_VAR_POPDEF([CACHEVAR])dnl +])dnl AX_CHECK_COMPILE_FLAGS diff --git a/m4/ax_check_link_flag.m4 b/m4/ax_check_link_flag.m4 new file mode 100644 index 0000000..e2d0d36 --- /dev/null +++ b/m4/ax_check_link_flag.m4 @@ -0,0 +1,71 @@ +# =========================================================================== +# http://www.gnu.org/software/autoconf-archive/ax_check_link_flag.html +# =========================================================================== +# +# SYNOPSIS +# +# AX_CHECK_LINK_FLAG(FLAG, [ACTION-SUCCESS], [ACTION-FAILURE], [EXTRA-FLAGS]) +# +# DESCRIPTION +# +# Check whether the given FLAG works with the linker or gives an error. +# (Warnings, however, are ignored) +# +# ACTION-SUCCESS/ACTION-FAILURE are shell commands to execute on +# success/failure. +# +# If EXTRA-FLAGS is defined, it is added to the linker's default flags +# when the check is done. The check is thus made with the flags: "LDFLAGS +# EXTRA-FLAGS FLAG". This can for example be used to force the linker to +# issue an error when a bad flag is given. +# +# NOTE: Implementation based on AX_CFLAGS_GCC_OPTION. Please keep this +# macro in sync with AX_CHECK_{PREPROC,COMPILE}_FLAG. +# +# LICENSE +# +# Copyright (c) 2008 Guido U. Draheim +# Copyright (c) 2011 Maarten Bosmans +# +# This program is free software: you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the +# Free Software Foundation, either version 3 of the License, or (at your +# option) any later version. +# +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General +# Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program. If not, see . +# +# As a special exception, the respective Autoconf Macro's copyright owner +# gives unlimited permission to copy, distribute and modify the configure +# scripts that are the output of Autoconf when processing the Macro. You +# need not follow the terms of the GNU General Public License when using +# or distributing such scripts, even though portions of the text of the +# Macro appear in them. The GNU General Public License (GPL) does govern +# all other use of the material that constitutes the Autoconf Macro. +# +# This special exception to the GPL applies to versions of the Autoconf +# Macro released by the Autoconf Archive. When you make and distribute a +# modified version of the Autoconf Macro, you may extend this special +# exception to the GPL to apply to your modified version as well. + +#serial 2 + +AC_DEFUN([AX_CHECK_LINK_FLAG], +[AS_VAR_PUSHDEF([CACHEVAR],[ax_cv_check_ldflags_$4_$1])dnl +AC_CACHE_CHECK([whether the linker accepts $1], CACHEVAR, [ + ax_check_save_flags=$LDFLAGS + LDFLAGS="$LDFLAGS $4 $1" + AC_LINK_IFELSE([AC_LANG_PROGRAM()], + [AS_VAR_SET(CACHEVAR,[yes])], + [AS_VAR_SET(CACHEVAR,[no])]) + LDFLAGS=$ax_check_save_flags]) +AS_IF([test x"AS_VAR_GET(CACHEVAR)" = xyes], + [m4_default([$2], :)], + [m4_default([$3], :)]) +AS_VAR_POPDEF([CACHEVAR])dnl +])dnl AX_CHECK_LINK_FLAGS diff --git a/m4/curses.m4 b/m4/curses.m4 index 50a90a5..2e8d151 100644 --- a/m4/curses.m4 +++ b/m4/curses.m4 @@ -31,9 +31,12 @@ AC_DEFUN([tinc_CURSES], [AC_MSG_ERROR("curses header files not found."); break] ) - AC_CHECK_LIB(curses, initscr, - [CURSES_LIBS="-lcurses"], - [AC_MSG_ERROR("curses libraries not found.")] + AC_CHECK_LIB(ncurses, initscr, + [CURSES_LIBS="-lncurses"], + [AC_CHECK_LIB(curses, initscr, + [CURSES_LIBS="-lcurses"], + [AC_MSG_ERROR("curses libraries not found.")] + )] ) ]) diff --git a/m4/libgcrypt.m4 b/m4/libgcrypt.m4 new file mode 100644 index 0000000..01c7478 --- /dev/null +++ b/m4/libgcrypt.m4 @@ -0,0 +1,33 @@ +dnl Check to find the libgcrypt headers/libraries + +AC_DEFUN([tinc_LIBGCRYPT], +[ + AC_ARG_WITH(libgcrypt, + AS_HELP_STRING([--with-libgcrypt=DIR], [libgcrypt base directory, or:]), + [libgcrypt="$withval" + CPPFLAGS="$CPPFLAGS -I$withval/include" + LDFLAGS="$LDFLAGS -L$withval/lib"] + ) + + AC_ARG_WITH(libgcrypt-include, + AS_HELP_STRING([--with-libgcrypt-include=DIR], [libgcrypt headers directory (without trailing /libgcrypt)]), + [libgcrypt_include="$withval" + CPPFLAGS="$CPPFLAGS -I$withval"] + ) + + AC_ARG_WITH(libgcrypt-lib, + AS_HELP_STRING([--with-libgcrypt-lib=DIR], [libgcrypt library directory]), + [libgcrypt_lib="$withval" + LDFLAGS="$LDFLAGS -L$withval"] + ) + + AC_CHECK_HEADERS([gcrypt.h], + [], + [AC_MSG_ERROR([libgcrypt header files not found.]); break] + ) + + AC_CHECK_LIB(gcrypt, gcry_cipher_encrypt, + [LIBS="-lgcrypt $LIBS"], + [AC_MSG_ERROR([libgcrypt libraries not found.])] + ) +]) diff --git a/m4/openssl.m4 b/m4/openssl.m4 index 922e468..738c68c 100644 --- a/m4/openssl.m4 +++ b/m4/openssl.m4 @@ -35,7 +35,7 @@ AC_DEFUN([tinc_OPENSSL], LDFLAGS="$LDFLAGS -L$withval"] ) - AC_CHECK_HEADERS([openssl/evp.h openssl/rsa.h openssl/rand.h openssl/err.h openssl/sha.h openssl/pem.h openssl/engine.h openssl/ecdh.h openssl/ec.h], + AC_CHECK_HEADERS([openssl/evp.h openssl/rsa.h openssl/rand.h openssl/err.h openssl/sha.h openssl/pem.h openssl/engine.h], [], [AC_MSG_ERROR([OpenSSL header files not found.]); break] ) @@ -45,11 +45,11 @@ AC_DEFUN([tinc_OPENSSL], [AC_MSG_ERROR([OpenSSL libraries not found.])] ) - AC_CHECK_FUNCS([RAND_pseudo_bytes EVP_EncryptInit_ex ECDH_compute_key ECDSA_verify], , + AC_CHECK_FUNCS([RAND_status EVP_EncryptInit_ex], , [AC_MSG_ERROR([Missing OpenSSL functionality, make sure you have installed the latest version.]); break], ) - AC_CHECK_DECL([OpenSSL_add_all_algorithms], , + AC_CHECK_DECLS([OpenSSL_add_all_algorithms], , [AC_MSG_ERROR([Missing OpenSSL functionality, make sure you have installed the latest version.]); break], [#include ] ) diff --git a/missing b/missing index cdea514..db98974 100755 --- a/missing +++ b/missing @@ -1,7 +1,7 @@ #! /bin/sh # Common wrapper for a few potentially missing GNU programs. -scriptversion=2012-06-26.16; # UTC +scriptversion=2013-10-28.13; # UTC # Copyright (C) 1996-2013 Free Software Foundation, Inc. # Originally written by Fran,cois Pinard , 1996. @@ -160,7 +160,7 @@ give_advice () ;; autom4te*) echo "You might have modified some maintainer files that require" - echo "the 'automa4te' program to be rebuilt." + echo "the 'autom4te' program to be rebuilt." program_details 'autom4te' ;; bison*|yacc*) diff --git a/src/Makefile.am b/src/Makefile.am index 9664352..cd84f3a 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -1,9 +1,36 @@ ## Produce this file with automake to get Makefile.in -sbin_PROGRAMS = tincd tinc sptps_test +sbin_PROGRAMS = tincd tinc sptps_test sptps_keypair + +## Make sure version.c is always rebuilt +.PHONY: version.c +version.c: + +if LINUX +sbin_PROGRAMS += sptps_speed +endif DEFAULT_INCLUDES = +ed25519_SOURCES = \ + ed25519/add_scalar.c \ + ed25519/ed25519.h \ + ed25519/fe.c ed25519/fe.h \ + ed25519/fixedint.h \ + ed25519/ge.c ed25519/ge.h \ + ed25519/key_exchange.c \ + ed25519/keypair.c \ + ed25519/precomp_data.h \ + ed25519/sc.c ed25519/sc.h \ + ed25519/sha512.c ed25519/sha512.h \ + ed25519/sign.c \ + ed25519/verify.c + +chacha_poly1305_SOURCES = \ + chacha-poly1305/chacha.c chacha-poly1305/chacha.h \ + chacha-poly1305/chacha-poly1305.c chacha-poly1305/chacha-poly1305.h \ + chacha-poly1305/poly1305.c chacha-poly1305/poly1305.h + tincd_SOURCES = \ buffer.c buffer.h \ cipher.h \ @@ -63,7 +90,10 @@ tincd_SOURCES = \ system.h \ tincd.c \ utils.c utils.h \ - xalloc.h + xalloc.h \ + version.c version.h \ + $(ed25519_SOURCES) \ + $(chacha_poly1305_SOURCES) tinc_SOURCES = \ dropin.c dropin.h \ @@ -79,13 +109,31 @@ tinc_SOURCES = \ subnet_parse.c subnet.h \ tincctl.c tincctl.h \ top.c top.h \ - utils.c utils.h + utils.c utils.h \ + version.c version.h \ + $(ed25519_SOURCES) \ + $(chacha_poly1305_SOURCES) sptps_test_SOURCES = \ logger.c logger.h \ sptps.c sptps.h \ sptps_test.c \ - utils.c utils.h + utils.c utils.h \ + $(ed25519_SOURCES) \ + $(chacha_poly1305_SOURCES) + +sptps_keypair_SOURCES = \ + sptps_keypair.c \ + utils.c utils.h \ + $(ed25519_SOURCES) + +sptps_speed_SOURCES = \ + logger.c logger.h \ + sptps.c sptps.h \ + sptps_speed.c \ + utils.c utils.h \ + $(ed25519_SOURCES) \ + $(chacha_poly1305_SOURCES) ## Conditionally compile device drivers @@ -125,26 +173,35 @@ tincd_SOURCES += \ openssl/cipher.c \ openssl/crypto.c \ openssl/digest.c openssl/digest.h \ - openssl/ecdh.c \ - openssl/ecdsa.c \ + ed25519/ecdh.c \ + ed25519/ecdsa.c \ openssl/prf.c \ openssl/rsa.c tinc_SOURCES += \ openssl/cipher.c \ openssl/crypto.c \ openssl/digest.c openssl/digest.h \ - openssl/ecdh.c \ - openssl/ecdsa.c \ - openssl/ecdsagen.c \ + ed25519/ecdh.c \ + ed25519/ecdsa.c \ + ed25519/ecdsagen.c \ openssl/prf.c \ openssl/rsa.c \ openssl/rsagen.c sptps_test_SOURCES += \ - openssl/cipher.c \ openssl/crypto.c \ openssl/digest.c openssl/digest.h \ - openssl/ecdh.c \ - openssl/ecdsa.c \ + ed25519/ecdh.c \ + ed25519/ecdsa.c \ + openssl/prf.c +sptps_keypair_SOURCES += \ + openssl/crypto.c \ + ed25519/ecdsagen.c +sptps_speed_SOURCES += \ + openssl/crypto.c \ + openssl/digest.c openssl/digest.h \ + ed25519/ecdh.c \ + ed25519/ecdsa.c \ + ed25519/ecdsagen.c \ openssl/prf.c endif @@ -177,8 +234,9 @@ sptps_test_SOURCES += \ endif tinc_LDADD = $(READLINE_LIBS) $(CURSES_LIBS) +sptps_speed_LDADD = -lrt -LIBS = @LIBS@ @LIBGCRYPT_LIBS@ +LIBS = @LIBS@ if TUNEMU LIBS += -lpcap diff --git a/src/Makefile.in b/src/Makefile.in index a29f6a7..bb7213a 100644 --- a/src/Makefile.in +++ b/src/Makefile.in @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.14 from Makefile.am. +# Makefile.in generated by automake 1.14.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994-2013 Free Software Foundation, Inc. @@ -78,44 +78,57 @@ PRE_UNINSTALL = : POST_UNINSTALL = : build_triplet = @build@ host_triplet = @host@ -sbin_PROGRAMS = tincd$(EXEEXT) tinc$(EXEEXT) sptps_test$(EXEEXT) -@LINUX_TRUE@am__append_1 = linux/device.c -@BSD_TRUE@am__append_2 = bsd/device.c -@BSD_TRUE@@TUNEMU_TRUE@am__append_3 = bsd/tunemu.c bsd/tunemu.h -@SOLARIS_TRUE@am__append_4 = solaris/device.c -@MINGW_TRUE@am__append_5 = mingw/device.c mingw/common.h -@CYGWIN_TRUE@am__append_6 = cygwin/device.c -@UML_TRUE@am__append_7 = uml_device.c -@VDE_TRUE@am__append_8 = vde_device.c -@OPENSSL_TRUE@am__append_9 = \ -@OPENSSL_TRUE@ openssl/cipher.c \ -@OPENSSL_TRUE@ openssl/crypto.c \ -@OPENSSL_TRUE@ openssl/digest.c openssl/digest.h \ -@OPENSSL_TRUE@ openssl/ecdh.c \ -@OPENSSL_TRUE@ openssl/ecdsa.c \ -@OPENSSL_TRUE@ openssl/prf.c \ -@OPENSSL_TRUE@ openssl/rsa.c - +sbin_PROGRAMS = tincd$(EXEEXT) tinc$(EXEEXT) sptps_test$(EXEEXT) \ + sptps_keypair$(EXEEXT) $(am__EXEEXT_1) +@LINUX_TRUE@am__append_1 = sptps_speed +@LINUX_TRUE@am__append_2 = linux/device.c +@BSD_TRUE@am__append_3 = bsd/device.c +@BSD_TRUE@@TUNEMU_TRUE@am__append_4 = bsd/tunemu.c bsd/tunemu.h +@SOLARIS_TRUE@am__append_5 = solaris/device.c +@MINGW_TRUE@am__append_6 = mingw/device.c mingw/common.h +@CYGWIN_TRUE@am__append_7 = cygwin/device.c +@UML_TRUE@am__append_8 = uml_device.c +@VDE_TRUE@am__append_9 = vde_device.c @OPENSSL_TRUE@am__append_10 = \ @OPENSSL_TRUE@ openssl/cipher.c \ @OPENSSL_TRUE@ openssl/crypto.c \ @OPENSSL_TRUE@ openssl/digest.c openssl/digest.h \ -@OPENSSL_TRUE@ openssl/ecdh.c \ -@OPENSSL_TRUE@ openssl/ecdsa.c \ -@OPENSSL_TRUE@ openssl/ecdsagen.c \ +@OPENSSL_TRUE@ ed25519/ecdh.c \ +@OPENSSL_TRUE@ ed25519/ecdsa.c \ @OPENSSL_TRUE@ openssl/prf.c \ -@OPENSSL_TRUE@ openssl/rsa.c \ -@OPENSSL_TRUE@ openssl/rsagen.c +@OPENSSL_TRUE@ openssl/rsa.c @OPENSSL_TRUE@am__append_11 = \ @OPENSSL_TRUE@ openssl/cipher.c \ @OPENSSL_TRUE@ openssl/crypto.c \ @OPENSSL_TRUE@ openssl/digest.c openssl/digest.h \ -@OPENSSL_TRUE@ openssl/ecdh.c \ -@OPENSSL_TRUE@ openssl/ecdsa.c \ +@OPENSSL_TRUE@ ed25519/ecdh.c \ +@OPENSSL_TRUE@ ed25519/ecdsa.c \ +@OPENSSL_TRUE@ ed25519/ecdsagen.c \ +@OPENSSL_TRUE@ openssl/prf.c \ +@OPENSSL_TRUE@ openssl/rsa.c \ +@OPENSSL_TRUE@ openssl/rsagen.c + +@OPENSSL_TRUE@am__append_12 = \ +@OPENSSL_TRUE@ openssl/crypto.c \ +@OPENSSL_TRUE@ openssl/digest.c openssl/digest.h \ +@OPENSSL_TRUE@ ed25519/ecdh.c \ +@OPENSSL_TRUE@ ed25519/ecdsa.c \ @OPENSSL_TRUE@ openssl/prf.c -@GCRYPT_TRUE@am__append_12 = \ +@OPENSSL_TRUE@am__append_13 = \ +@OPENSSL_TRUE@ openssl/crypto.c \ +@OPENSSL_TRUE@ ed25519/ecdsagen.c + +@OPENSSL_TRUE@am__append_14 = \ +@OPENSSL_TRUE@ openssl/crypto.c \ +@OPENSSL_TRUE@ openssl/digest.c openssl/digest.h \ +@OPENSSL_TRUE@ ed25519/ecdh.c \ +@OPENSSL_TRUE@ ed25519/ecdsa.c \ +@OPENSSL_TRUE@ ed25519/ecdsagen.c \ +@OPENSSL_TRUE@ openssl/prf.c + +@GCRYPT_TRUE@am__append_15 = \ @GCRYPT_TRUE@ gcrypt/cipher.c \ @GCRYPT_TRUE@ gcrypt/crypto.c \ @GCRYPT_TRUE@ gcrypt/digest.c gcrypt/digest.h \ @@ -124,7 +137,7 @@ sbin_PROGRAMS = tincd$(EXEEXT) tinc$(EXEEXT) sptps_test$(EXEEXT) @GCRYPT_TRUE@ gcrypt/prf.c \ @GCRYPT_TRUE@ gcrypt/rsa.c -@GCRYPT_TRUE@am__append_13 = \ +@GCRYPT_TRUE@am__append_16 = \ @GCRYPT_TRUE@ gcrypt/cipher.c \ @GCRYPT_TRUE@ gcrypt/crypto.c \ @GCRYPT_TRUE@ gcrypt/digest.c gcrypt/digest.h \ @@ -135,7 +148,7 @@ sbin_PROGRAMS = tincd$(EXEEXT) tinc$(EXEEXT) sptps_test$(EXEEXT) @GCRYPT_TRUE@ gcrypt/rsa.c \ @GCRYPT_TRUE@ gcrypt/rsagen.c -@GCRYPT_TRUE@am__append_14 = \ +@GCRYPT_TRUE@am__append_17 = \ @GCRYPT_TRUE@ gcrypt/cipher.c \ @GCRYPT_TRUE@ gcrypt/crypto.c \ @GCRYPT_TRUE@ gcrypt/digest.c gcrypt/digest.h \ @@ -143,60 +156,120 @@ sbin_PROGRAMS = tincd$(EXEEXT) tinc$(EXEEXT) sptps_test$(EXEEXT) @GCRYPT_TRUE@ gcrypt/ecdsa.c \ @GCRYPT_TRUE@ gcrypt/prf.c -@TUNEMU_TRUE@am__append_15 = -lpcap +@TUNEMU_TRUE@am__append_18 = -lpcap subdir = src DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \ $(top_srcdir)/depcomp ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/m4/attribute.m4 \ - $(top_srcdir)/m4/curses.m4 $(top_srcdir)/m4/lzo.m4 \ - $(top_srcdir)/m4/openssl.m4 $(top_srcdir)/m4/readline.m4 \ - $(top_srcdir)/m4/zlib.m4 $(top_srcdir)/configure.ac + $(top_srcdir)/m4/ax_check_compile_flag.m4 \ + $(top_srcdir)/m4/ax_check_link_flag.m4 \ + $(top_srcdir)/m4/curses.m4 $(top_srcdir)/m4/libgcrypt.m4 \ + $(top_srcdir)/m4/lzo.m4 $(top_srcdir)/m4/openssl.m4 \ + $(top_srcdir)/m4/readline.m4 $(top_srcdir)/m4/zlib.m4 \ + $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/config.h CONFIG_CLEAN_FILES = CONFIG_CLEAN_VPATH_FILES = +@LINUX_TRUE@am__EXEEXT_1 = sptps_speed$(EXEEXT) am__installdirs = "$(DESTDIR)$(sbindir)" PROGRAMS = $(sbin_PROGRAMS) -am__sptps_test_SOURCES_DIST = logger.c logger.h sptps.c sptps.h \ - sptps_test.c utils.c utils.h openssl/cipher.c openssl/crypto.c \ - openssl/digest.c openssl/digest.h openssl/ecdh.c \ - openssl/ecdsa.c openssl/prf.c gcrypt/cipher.c gcrypt/crypto.c \ - gcrypt/digest.c gcrypt/digest.h gcrypt/ecdh.c gcrypt/ecdsa.c \ - gcrypt/prf.c +am__sptps_keypair_SOURCES_DIST = sptps_keypair.c utils.c utils.h \ + ed25519/add_scalar.c ed25519/ed25519.h ed25519/fe.c \ + ed25519/fe.h ed25519/fixedint.h ed25519/ge.c ed25519/ge.h \ + ed25519/key_exchange.c ed25519/keypair.c \ + ed25519/precomp_data.h ed25519/sc.c ed25519/sc.h \ + ed25519/sha512.c ed25519/sha512.h ed25519/sign.c \ + ed25519/verify.c openssl/crypto.c ed25519/ecdsagen.c am__dirstamp = $(am__leading_dot)dirstamp -@OPENSSL_TRUE@am__objects_1 = openssl/cipher.$(OBJEXT) \ -@OPENSSL_TRUE@ openssl/crypto.$(OBJEXT) \ -@OPENSSL_TRUE@ openssl/digest.$(OBJEXT) openssl/ecdh.$(OBJEXT) \ -@OPENSSL_TRUE@ openssl/ecdsa.$(OBJEXT) openssl/prf.$(OBJEXT) -@GCRYPT_TRUE@am__objects_2 = gcrypt/cipher.$(OBJEXT) \ +am__objects_1 = ed25519/add_scalar.$(OBJEXT) ed25519/fe.$(OBJEXT) \ + ed25519/ge.$(OBJEXT) ed25519/key_exchange.$(OBJEXT) \ + ed25519/keypair.$(OBJEXT) ed25519/sc.$(OBJEXT) \ + ed25519/sha512.$(OBJEXT) ed25519/sign.$(OBJEXT) \ + ed25519/verify.$(OBJEXT) +@OPENSSL_TRUE@am__objects_2 = openssl/crypto.$(OBJEXT) \ +@OPENSSL_TRUE@ ed25519/ecdsagen.$(OBJEXT) +am_sptps_keypair_OBJECTS = sptps_keypair.$(OBJEXT) utils.$(OBJEXT) \ + $(am__objects_1) $(am__objects_2) +sptps_keypair_OBJECTS = $(am_sptps_keypair_OBJECTS) +sptps_keypair_LDADD = $(LDADD) +am__sptps_speed_SOURCES_DIST = logger.c logger.h sptps.c sptps.h \ + sptps_speed.c utils.c utils.h ed25519/add_scalar.c \ + ed25519/ed25519.h ed25519/fe.c ed25519/fe.h ed25519/fixedint.h \ + ed25519/ge.c ed25519/ge.h ed25519/key_exchange.c \ + ed25519/keypair.c ed25519/precomp_data.h ed25519/sc.c \ + ed25519/sc.h ed25519/sha512.c ed25519/sha512.h ed25519/sign.c \ + ed25519/verify.c chacha-poly1305/chacha.c \ + chacha-poly1305/chacha.h chacha-poly1305/chacha-poly1305.c \ + chacha-poly1305/chacha-poly1305.h chacha-poly1305/poly1305.c \ + chacha-poly1305/poly1305.h openssl/crypto.c openssl/digest.c \ + openssl/digest.h ed25519/ecdh.c ed25519/ecdsa.c \ + ed25519/ecdsagen.c openssl/prf.c +am__objects_3 = chacha-poly1305/chacha.$(OBJEXT) \ + chacha-poly1305/chacha-poly1305.$(OBJEXT) \ + chacha-poly1305/poly1305.$(OBJEXT) +@OPENSSL_TRUE@am__objects_4 = openssl/crypto.$(OBJEXT) \ +@OPENSSL_TRUE@ openssl/digest.$(OBJEXT) ed25519/ecdh.$(OBJEXT) \ +@OPENSSL_TRUE@ ed25519/ecdsa.$(OBJEXT) \ +@OPENSSL_TRUE@ ed25519/ecdsagen.$(OBJEXT) openssl/prf.$(OBJEXT) +am_sptps_speed_OBJECTS = logger.$(OBJEXT) sptps.$(OBJEXT) \ + sptps_speed.$(OBJEXT) utils.$(OBJEXT) $(am__objects_1) \ + $(am__objects_3) $(am__objects_4) +sptps_speed_OBJECTS = $(am_sptps_speed_OBJECTS) +sptps_speed_DEPENDENCIES = +am__sptps_test_SOURCES_DIST = logger.c logger.h sptps.c sptps.h \ + sptps_test.c utils.c utils.h ed25519/add_scalar.c \ + ed25519/ed25519.h ed25519/fe.c ed25519/fe.h ed25519/fixedint.h \ + ed25519/ge.c ed25519/ge.h ed25519/key_exchange.c \ + ed25519/keypair.c ed25519/precomp_data.h ed25519/sc.c \ + ed25519/sc.h ed25519/sha512.c ed25519/sha512.h ed25519/sign.c \ + ed25519/verify.c chacha-poly1305/chacha.c \ + chacha-poly1305/chacha.h chacha-poly1305/chacha-poly1305.c \ + chacha-poly1305/chacha-poly1305.h chacha-poly1305/poly1305.c \ + chacha-poly1305/poly1305.h openssl/crypto.c openssl/digest.c \ + openssl/digest.h ed25519/ecdh.c ed25519/ecdsa.c openssl/prf.c \ + gcrypt/cipher.c gcrypt/crypto.c gcrypt/digest.c \ + gcrypt/digest.h gcrypt/ecdh.c gcrypt/ecdsa.c gcrypt/prf.c +@OPENSSL_TRUE@am__objects_5 = openssl/crypto.$(OBJEXT) \ +@OPENSSL_TRUE@ openssl/digest.$(OBJEXT) ed25519/ecdh.$(OBJEXT) \ +@OPENSSL_TRUE@ ed25519/ecdsa.$(OBJEXT) openssl/prf.$(OBJEXT) +@GCRYPT_TRUE@am__objects_6 = gcrypt/cipher.$(OBJEXT) \ @GCRYPT_TRUE@ gcrypt/crypto.$(OBJEXT) gcrypt/digest.$(OBJEXT) \ @GCRYPT_TRUE@ gcrypt/ecdh.$(OBJEXT) gcrypt/ecdsa.$(OBJEXT) \ @GCRYPT_TRUE@ gcrypt/prf.$(OBJEXT) am_sptps_test_OBJECTS = logger.$(OBJEXT) sptps.$(OBJEXT) \ sptps_test.$(OBJEXT) utils.$(OBJEXT) $(am__objects_1) \ - $(am__objects_2) + $(am__objects_3) $(am__objects_5) $(am__objects_6) sptps_test_OBJECTS = $(am_sptps_test_OBJECTS) sptps_test_LDADD = $(LDADD) am__tinc_SOURCES_DIST = dropin.c dropin.h getopt.c getopt.h getopt1.c \ info.c info.h invitation.c invitation.h list.c list.h names.c \ names.h netutl.c netutl.h script.c script.h sptps.c sptps.h \ subnet_parse.c subnet.h tincctl.c tincctl.h top.c top.h \ - utils.c utils.h openssl/cipher.c openssl/crypto.c \ - openssl/digest.c openssl/digest.h openssl/ecdh.c \ - openssl/ecdsa.c openssl/ecdsagen.c openssl/prf.c openssl/rsa.c \ + utils.c utils.h version.c version.h ed25519/add_scalar.c \ + ed25519/ed25519.h ed25519/fe.c ed25519/fe.h ed25519/fixedint.h \ + ed25519/ge.c ed25519/ge.h ed25519/key_exchange.c \ + ed25519/keypair.c ed25519/precomp_data.h ed25519/sc.c \ + ed25519/sc.h ed25519/sha512.c ed25519/sha512.h ed25519/sign.c \ + ed25519/verify.c chacha-poly1305/chacha.c \ + chacha-poly1305/chacha.h chacha-poly1305/chacha-poly1305.c \ + chacha-poly1305/chacha-poly1305.h chacha-poly1305/poly1305.c \ + chacha-poly1305/poly1305.h openssl/cipher.c openssl/crypto.c \ + openssl/digest.c openssl/digest.h ed25519/ecdh.c \ + ed25519/ecdsa.c ed25519/ecdsagen.c openssl/prf.c openssl/rsa.c \ openssl/rsagen.c gcrypt/cipher.c gcrypt/crypto.c \ gcrypt/digest.c gcrypt/digest.h gcrypt/ecdh.c gcrypt/ecdsa.c \ gcrypt/ecdsagen.c gcrypt/prf.c gcrypt/rsa.c gcrypt/rsagen.c -@OPENSSL_TRUE@am__objects_3 = openssl/cipher.$(OBJEXT) \ +@OPENSSL_TRUE@am__objects_7 = openssl/cipher.$(OBJEXT) \ @OPENSSL_TRUE@ openssl/crypto.$(OBJEXT) \ -@OPENSSL_TRUE@ openssl/digest.$(OBJEXT) openssl/ecdh.$(OBJEXT) \ -@OPENSSL_TRUE@ openssl/ecdsa.$(OBJEXT) \ -@OPENSSL_TRUE@ openssl/ecdsagen.$(OBJEXT) openssl/prf.$(OBJEXT) \ +@OPENSSL_TRUE@ openssl/digest.$(OBJEXT) ed25519/ecdh.$(OBJEXT) \ +@OPENSSL_TRUE@ ed25519/ecdsa.$(OBJEXT) \ +@OPENSSL_TRUE@ ed25519/ecdsagen.$(OBJEXT) openssl/prf.$(OBJEXT) \ @OPENSSL_TRUE@ openssl/rsa.$(OBJEXT) openssl/rsagen.$(OBJEXT) -@GCRYPT_TRUE@am__objects_4 = gcrypt/cipher.$(OBJEXT) \ +@GCRYPT_TRUE@am__objects_8 = gcrypt/cipher.$(OBJEXT) \ @GCRYPT_TRUE@ gcrypt/crypto.$(OBJEXT) gcrypt/digest.$(OBJEXT) \ @GCRYPT_TRUE@ gcrypt/ecdh.$(OBJEXT) gcrypt/ecdsa.$(OBJEXT) \ @GCRYPT_TRUE@ gcrypt/ecdsagen.$(OBJEXT) gcrypt/prf.$(OBJEXT) \ @@ -205,8 +278,9 @@ am_tinc_OBJECTS = dropin.$(OBJEXT) getopt.$(OBJEXT) getopt1.$(OBJEXT) \ info.$(OBJEXT) invitation.$(OBJEXT) list.$(OBJEXT) \ names.$(OBJEXT) netutl.$(OBJEXT) script.$(OBJEXT) \ sptps.$(OBJEXT) subnet_parse.$(OBJEXT) tincctl.$(OBJEXT) \ - top.$(OBJEXT) utils.$(OBJEXT) $(am__objects_3) \ - $(am__objects_4) + top.$(OBJEXT) utils.$(OBJEXT) version.$(OBJEXT) \ + $(am__objects_1) $(am__objects_3) $(am__objects_7) \ + $(am__objects_8) tinc_OBJECTS = $(am_tinc_OBJECTS) am__DEPENDENCIES_1 = tinc_DEPENDENCIES = $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) @@ -225,28 +299,37 @@ am__tincd_SOURCES_DIST = buffer.c buffer.h cipher.h conf.c conf.h \ protocol_subnet.c raw_socket_device.c route.c route.h rsa.h \ rsagen.h script.c script.h splay_tree.c splay_tree.h sptps.c \ sptps.h subnet.c subnet.h subnet_parse.c system.h tincd.c \ - utils.c utils.h xalloc.h linux/device.c bsd/device.c \ + utils.c utils.h xalloc.h version.c version.h \ + ed25519/add_scalar.c ed25519/ed25519.h ed25519/fe.c \ + ed25519/fe.h ed25519/fixedint.h ed25519/ge.c ed25519/ge.h \ + ed25519/key_exchange.c ed25519/keypair.c \ + ed25519/precomp_data.h ed25519/sc.c ed25519/sc.h \ + ed25519/sha512.c ed25519/sha512.h ed25519/sign.c \ + ed25519/verify.c chacha-poly1305/chacha.c \ + chacha-poly1305/chacha.h chacha-poly1305/chacha-poly1305.c \ + chacha-poly1305/chacha-poly1305.h chacha-poly1305/poly1305.c \ + chacha-poly1305/poly1305.h linux/device.c bsd/device.c \ bsd/tunemu.c bsd/tunemu.h solaris/device.c mingw/device.c \ mingw/common.h cygwin/device.c uml_device.c vde_device.c \ openssl/cipher.c openssl/crypto.c openssl/digest.c \ - openssl/digest.h openssl/ecdh.c openssl/ecdsa.c openssl/prf.c \ + openssl/digest.h ed25519/ecdh.c ed25519/ecdsa.c openssl/prf.c \ openssl/rsa.c gcrypt/cipher.c gcrypt/crypto.c gcrypt/digest.c \ gcrypt/digest.h gcrypt/ecdh.c gcrypt/ecdsa.c gcrypt/prf.c \ gcrypt/rsa.c -@LINUX_TRUE@am__objects_5 = linux/device.$(OBJEXT) -@BSD_TRUE@am__objects_6 = bsd/device.$(OBJEXT) -@BSD_TRUE@@TUNEMU_TRUE@am__objects_7 = bsd/tunemu.$(OBJEXT) -@SOLARIS_TRUE@am__objects_8 = solaris/device.$(OBJEXT) -@MINGW_TRUE@am__objects_9 = mingw/device.$(OBJEXT) -@CYGWIN_TRUE@am__objects_10 = cygwin/device.$(OBJEXT) -@UML_TRUE@am__objects_11 = uml_device.$(OBJEXT) -@VDE_TRUE@am__objects_12 = vde_device.$(OBJEXT) -@OPENSSL_TRUE@am__objects_13 = openssl/cipher.$(OBJEXT) \ +@LINUX_TRUE@am__objects_9 = linux/device.$(OBJEXT) +@BSD_TRUE@am__objects_10 = bsd/device.$(OBJEXT) +@BSD_TRUE@@TUNEMU_TRUE@am__objects_11 = bsd/tunemu.$(OBJEXT) +@SOLARIS_TRUE@am__objects_12 = solaris/device.$(OBJEXT) +@MINGW_TRUE@am__objects_13 = mingw/device.$(OBJEXT) +@CYGWIN_TRUE@am__objects_14 = cygwin/device.$(OBJEXT) +@UML_TRUE@am__objects_15 = uml_device.$(OBJEXT) +@VDE_TRUE@am__objects_16 = vde_device.$(OBJEXT) +@OPENSSL_TRUE@am__objects_17 = openssl/cipher.$(OBJEXT) \ @OPENSSL_TRUE@ openssl/crypto.$(OBJEXT) \ -@OPENSSL_TRUE@ openssl/digest.$(OBJEXT) openssl/ecdh.$(OBJEXT) \ -@OPENSSL_TRUE@ openssl/ecdsa.$(OBJEXT) openssl/prf.$(OBJEXT) \ +@OPENSSL_TRUE@ openssl/digest.$(OBJEXT) ed25519/ecdh.$(OBJEXT) \ +@OPENSSL_TRUE@ ed25519/ecdsa.$(OBJEXT) openssl/prf.$(OBJEXT) \ @OPENSSL_TRUE@ openssl/rsa.$(OBJEXT) -@GCRYPT_TRUE@am__objects_14 = gcrypt/cipher.$(OBJEXT) \ +@GCRYPT_TRUE@am__objects_18 = gcrypt/cipher.$(OBJEXT) \ @GCRYPT_TRUE@ gcrypt/crypto.$(OBJEXT) gcrypt/digest.$(OBJEXT) \ @GCRYPT_TRUE@ gcrypt/ecdh.$(OBJEXT) gcrypt/ecdsa.$(OBJEXT) \ @GCRYPT_TRUE@ gcrypt/prf.$(OBJEXT) gcrypt/rsa.$(OBJEXT) @@ -265,10 +348,11 @@ am_tincd_OBJECTS = buffer.$(OBJEXT) conf.$(OBJEXT) \ raw_socket_device.$(OBJEXT) route.$(OBJEXT) script.$(OBJEXT) \ splay_tree.$(OBJEXT) sptps.$(OBJEXT) subnet.$(OBJEXT) \ subnet_parse.$(OBJEXT) tincd.$(OBJEXT) utils.$(OBJEXT) \ - $(am__objects_5) $(am__objects_6) $(am__objects_7) \ - $(am__objects_8) $(am__objects_9) $(am__objects_10) \ - $(am__objects_11) $(am__objects_12) $(am__objects_13) \ - $(am__objects_14) + version.$(OBJEXT) $(am__objects_1) $(am__objects_3) \ + $(am__objects_9) $(am__objects_10) $(am__objects_11) \ + $(am__objects_12) $(am__objects_13) $(am__objects_14) \ + $(am__objects_15) $(am__objects_16) $(am__objects_17) \ + $(am__objects_18) tincd_OBJECTS = $(am_tincd_OBJECTS) tincd_LDADD = $(LDADD) AM_V_P = $(am__v_P_@AM_V@) @@ -298,9 +382,11 @@ AM_V_CCLD = $(am__v_CCLD_@AM_V@) am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@) am__v_CCLD_0 = @echo " CCLD " $@; am__v_CCLD_1 = -SOURCES = $(sptps_test_SOURCES) $(tinc_SOURCES) $(tincd_SOURCES) -DIST_SOURCES = $(am__sptps_test_SOURCES_DIST) $(am__tinc_SOURCES_DIST) \ - $(am__tincd_SOURCES_DIST) +SOURCES = $(sptps_keypair_SOURCES) $(sptps_speed_SOURCES) \ + $(sptps_test_SOURCES) $(tinc_SOURCES) $(tincd_SOURCES) +DIST_SOURCES = $(am__sptps_keypair_SOURCES_DIST) \ + $(am__sptps_speed_SOURCES_DIST) $(am__sptps_test_SOURCES_DIST) \ + $(am__tinc_SOURCES_DIST) $(am__tincd_SOURCES_DIST) am__can_run_installinfo = \ case $$AM_UPDATE_INFO_DIR in \ n|no|NO) false;; \ @@ -354,11 +440,8 @@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ LDFLAGS = @LDFLAGS@ -LIBGCRYPT_CFLAGS = @LIBGCRYPT_CFLAGS@ -LIBGCRYPT_CONFIG = @LIBGCRYPT_CONFIG@ -LIBGCRYPT_LIBS = @LIBGCRYPT_LIBS@ LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ @LIBGCRYPT_LIBS@ $(am__append_15) +LIBS = @LIBS@ $(am__append_18) LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAKEINFO = @MAKEINFO@ @@ -372,7 +455,6 @@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ -RANLIB = @RANLIB@ READLINE_LIBS = @READLINE_LIBS@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ @@ -429,6 +511,25 @@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ DEFAULT_INCLUDES = +ed25519_SOURCES = \ + ed25519/add_scalar.c \ + ed25519/ed25519.h \ + ed25519/fe.c ed25519/fe.h \ + ed25519/fixedint.h \ + ed25519/ge.c ed25519/ge.h \ + ed25519/key_exchange.c \ + ed25519/keypair.c \ + ed25519/precomp_data.h \ + ed25519/sc.c ed25519/sc.h \ + ed25519/sha512.c ed25519/sha512.h \ + ed25519/sign.c \ + ed25519/verify.c + +chacha_poly1305_SOURCES = \ + chacha-poly1305/chacha.c chacha-poly1305/chacha.h \ + chacha-poly1305/chacha-poly1305.c chacha-poly1305/chacha-poly1305.h \ + chacha-poly1305/poly1305.c chacha-poly1305/poly1305.h + tincd_SOURCES = buffer.c buffer.h cipher.h conf.c conf.h connection.c \ connection.h control.c control.h control_common.h crypto.h \ device.h digest.h dropin.c dropin.h dummy_device.c ecdh.h \ @@ -444,18 +545,27 @@ tincd_SOURCES = buffer.c buffer.h cipher.h conf.c conf.h connection.c \ protocol_subnet.c raw_socket_device.c route.c route.h rsa.h \ rsagen.h script.c script.h splay_tree.c splay_tree.h sptps.c \ sptps.h subnet.c subnet.h subnet_parse.c system.h tincd.c \ - utils.c utils.h xalloc.h $(am__append_1) $(am__append_2) \ + utils.c utils.h xalloc.h version.c version.h \ + $(ed25519_SOURCES) $(chacha_poly1305_SOURCES) $(am__append_2) \ $(am__append_3) $(am__append_4) $(am__append_5) \ $(am__append_6) $(am__append_7) $(am__append_8) \ - $(am__append_9) $(am__append_12) + $(am__append_9) $(am__append_10) $(am__append_15) tinc_SOURCES = dropin.c dropin.h getopt.c getopt.h getopt1.c info.c \ info.h invitation.c invitation.h list.c list.h names.c names.h \ netutl.c netutl.h script.c script.h sptps.c sptps.h \ subnet_parse.c subnet.h tincctl.c tincctl.h top.c top.h \ - utils.c utils.h $(am__append_10) $(am__append_13) + utils.c utils.h version.c version.h $(ed25519_SOURCES) \ + $(chacha_poly1305_SOURCES) $(am__append_11) $(am__append_16) sptps_test_SOURCES = logger.c logger.h sptps.c sptps.h sptps_test.c \ - utils.c utils.h $(am__append_11) $(am__append_14) + utils.c utils.h $(ed25519_SOURCES) $(chacha_poly1305_SOURCES) \ + $(am__append_12) $(am__append_17) +sptps_keypair_SOURCES = sptps_keypair.c utils.c utils.h \ + $(ed25519_SOURCES) $(am__append_13) +sptps_speed_SOURCES = logger.c logger.h sptps.c sptps.h sptps_speed.c \ + utils.c utils.h $(ed25519_SOURCES) $(chacha_poly1305_SOURCES) \ + $(am__append_14) tinc_LDADD = $(READLINE_LIBS) $(CURSES_LIBS) +sptps_speed_LDADD = -lrt AM_CFLAGS = -DCONFDIR=\"$(sysconfdir)\" -DLOCALSTATEDIR=\"$(localstatedir)\" -DSBINDIR=\"$(sbindir)\" all: all-am @@ -549,24 +659,69 @@ installcheck-sbinPROGRAMS: $(sbin_PROGRAMS) else echo "$$f does not support $$opt" 1>&2; bad=1; fi; \ done; \ done; rm -f c$${pid}_.???; exit $$bad +ed25519/$(am__dirstamp): + @$(MKDIR_P) ed25519 + @: > ed25519/$(am__dirstamp) +ed25519/$(DEPDIR)/$(am__dirstamp): + @$(MKDIR_P) ed25519/$(DEPDIR) + @: > ed25519/$(DEPDIR)/$(am__dirstamp) +ed25519/add_scalar.$(OBJEXT): ed25519/$(am__dirstamp) \ + ed25519/$(DEPDIR)/$(am__dirstamp) +ed25519/fe.$(OBJEXT): ed25519/$(am__dirstamp) \ + ed25519/$(DEPDIR)/$(am__dirstamp) +ed25519/ge.$(OBJEXT): ed25519/$(am__dirstamp) \ + ed25519/$(DEPDIR)/$(am__dirstamp) +ed25519/key_exchange.$(OBJEXT): ed25519/$(am__dirstamp) \ + ed25519/$(DEPDIR)/$(am__dirstamp) +ed25519/keypair.$(OBJEXT): ed25519/$(am__dirstamp) \ + ed25519/$(DEPDIR)/$(am__dirstamp) +ed25519/sc.$(OBJEXT): ed25519/$(am__dirstamp) \ + ed25519/$(DEPDIR)/$(am__dirstamp) +ed25519/sha512.$(OBJEXT): ed25519/$(am__dirstamp) \ + ed25519/$(DEPDIR)/$(am__dirstamp) +ed25519/sign.$(OBJEXT): ed25519/$(am__dirstamp) \ + ed25519/$(DEPDIR)/$(am__dirstamp) +ed25519/verify.$(OBJEXT): ed25519/$(am__dirstamp) \ + ed25519/$(DEPDIR)/$(am__dirstamp) openssl/$(am__dirstamp): @$(MKDIR_P) openssl @: > openssl/$(am__dirstamp) openssl/$(DEPDIR)/$(am__dirstamp): @$(MKDIR_P) openssl/$(DEPDIR) @: > openssl/$(DEPDIR)/$(am__dirstamp) -openssl/cipher.$(OBJEXT): openssl/$(am__dirstamp) \ - openssl/$(DEPDIR)/$(am__dirstamp) openssl/crypto.$(OBJEXT): openssl/$(am__dirstamp) \ openssl/$(DEPDIR)/$(am__dirstamp) +ed25519/ecdsagen.$(OBJEXT): ed25519/$(am__dirstamp) \ + ed25519/$(DEPDIR)/$(am__dirstamp) + +sptps_keypair$(EXEEXT): $(sptps_keypair_OBJECTS) $(sptps_keypair_DEPENDENCIES) $(EXTRA_sptps_keypair_DEPENDENCIES) + @rm -f sptps_keypair$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(sptps_keypair_OBJECTS) $(sptps_keypair_LDADD) $(LIBS) +chacha-poly1305/$(am__dirstamp): + @$(MKDIR_P) chacha-poly1305 + @: > chacha-poly1305/$(am__dirstamp) +chacha-poly1305/$(DEPDIR)/$(am__dirstamp): + @$(MKDIR_P) chacha-poly1305/$(DEPDIR) + @: > chacha-poly1305/$(DEPDIR)/$(am__dirstamp) +chacha-poly1305/chacha.$(OBJEXT): chacha-poly1305/$(am__dirstamp) \ + chacha-poly1305/$(DEPDIR)/$(am__dirstamp) +chacha-poly1305/chacha-poly1305.$(OBJEXT): \ + chacha-poly1305/$(am__dirstamp) \ + chacha-poly1305/$(DEPDIR)/$(am__dirstamp) +chacha-poly1305/poly1305.$(OBJEXT): chacha-poly1305/$(am__dirstamp) \ + chacha-poly1305/$(DEPDIR)/$(am__dirstamp) openssl/digest.$(OBJEXT): openssl/$(am__dirstamp) \ openssl/$(DEPDIR)/$(am__dirstamp) -openssl/ecdh.$(OBJEXT): openssl/$(am__dirstamp) \ - openssl/$(DEPDIR)/$(am__dirstamp) -openssl/ecdsa.$(OBJEXT): openssl/$(am__dirstamp) \ - openssl/$(DEPDIR)/$(am__dirstamp) +ed25519/ecdh.$(OBJEXT): ed25519/$(am__dirstamp) \ + ed25519/$(DEPDIR)/$(am__dirstamp) +ed25519/ecdsa.$(OBJEXT): ed25519/$(am__dirstamp) \ + ed25519/$(DEPDIR)/$(am__dirstamp) openssl/prf.$(OBJEXT): openssl/$(am__dirstamp) \ openssl/$(DEPDIR)/$(am__dirstamp) + +sptps_speed$(EXEEXT): $(sptps_speed_OBJECTS) $(sptps_speed_DEPENDENCIES) $(EXTRA_sptps_speed_DEPENDENCIES) + @rm -f sptps_speed$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(sptps_speed_OBJECTS) $(sptps_speed_LDADD) $(LIBS) gcrypt/$(am__dirstamp): @$(MKDIR_P) gcrypt @: > gcrypt/$(am__dirstamp) @@ -589,7 +744,7 @@ gcrypt/prf.$(OBJEXT): gcrypt/$(am__dirstamp) \ sptps_test$(EXEEXT): $(sptps_test_OBJECTS) $(sptps_test_DEPENDENCIES) $(EXTRA_sptps_test_DEPENDENCIES) @rm -f sptps_test$(EXEEXT) $(AM_V_CCLD)$(LINK) $(sptps_test_OBJECTS) $(sptps_test_LDADD) $(LIBS) -openssl/ecdsagen.$(OBJEXT): openssl/$(am__dirstamp) \ +openssl/cipher.$(OBJEXT): openssl/$(am__dirstamp) \ openssl/$(DEPDIR)/$(am__dirstamp) openssl/rsa.$(OBJEXT): openssl/$(am__dirstamp) \ openssl/$(DEPDIR)/$(am__dirstamp) @@ -655,7 +810,9 @@ tincd$(EXEEXT): $(tincd_OBJECTS) $(tincd_DEPENDENCIES) $(EXTRA_tincd_DEPENDENCIE mostlyclean-compile: -rm -f *.$(OBJEXT) -rm -f bsd/*.$(OBJEXT) + -rm -f chacha-poly1305/*.$(OBJEXT) -rm -f cygwin/*.$(OBJEXT) + -rm -f ed25519/*.$(OBJEXT) -rm -f gcrypt/*.$(OBJEXT) -rm -f linux/*.$(OBJEXT) -rm -f mingw/*.$(OBJEXT) @@ -704,6 +861,8 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/script.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/splay_tree.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sptps.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sptps_keypair.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sptps_speed.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sptps_test.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/subnet.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/subnet_parse.Po@am__quote@ @@ -713,9 +872,25 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/uml_device.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/utils.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/vde_device.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/version.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@bsd/$(DEPDIR)/device.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@bsd/$(DEPDIR)/tunemu.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@chacha-poly1305/$(DEPDIR)/chacha-poly1305.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@chacha-poly1305/$(DEPDIR)/chacha.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@chacha-poly1305/$(DEPDIR)/poly1305.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@cygwin/$(DEPDIR)/device.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@ed25519/$(DEPDIR)/add_scalar.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@ed25519/$(DEPDIR)/ecdh.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@ed25519/$(DEPDIR)/ecdsa.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@ed25519/$(DEPDIR)/ecdsagen.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@ed25519/$(DEPDIR)/fe.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@ed25519/$(DEPDIR)/ge.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@ed25519/$(DEPDIR)/key_exchange.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@ed25519/$(DEPDIR)/keypair.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@ed25519/$(DEPDIR)/sc.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@ed25519/$(DEPDIR)/sha512.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@ed25519/$(DEPDIR)/sign.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@ed25519/$(DEPDIR)/verify.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@gcrypt/$(DEPDIR)/cipher.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@gcrypt/$(DEPDIR)/crypto.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@gcrypt/$(DEPDIR)/digest.Po@am__quote@ @@ -730,9 +905,6 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@openssl/$(DEPDIR)/cipher.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@openssl/$(DEPDIR)/crypto.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@openssl/$(DEPDIR)/digest.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@openssl/$(DEPDIR)/ecdh.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@openssl/$(DEPDIR)/ecdsa.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@openssl/$(DEPDIR)/ecdsagen.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@openssl/$(DEPDIR)/prf.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@openssl/$(DEPDIR)/rsa.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@openssl/$(DEPDIR)/rsagen.Po@am__quote@ @@ -871,8 +1043,12 @@ distclean-generic: -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) -rm -f bsd/$(DEPDIR)/$(am__dirstamp) -rm -f bsd/$(am__dirstamp) + -rm -f chacha-poly1305/$(DEPDIR)/$(am__dirstamp) + -rm -f chacha-poly1305/$(am__dirstamp) -rm -f cygwin/$(DEPDIR)/$(am__dirstamp) -rm -f cygwin/$(am__dirstamp) + -rm -f ed25519/$(DEPDIR)/$(am__dirstamp) + -rm -f ed25519/$(am__dirstamp) -rm -f gcrypt/$(DEPDIR)/$(am__dirstamp) -rm -f gcrypt/$(am__dirstamp) -rm -f linux/$(DEPDIR)/$(am__dirstamp) @@ -892,7 +1068,7 @@ clean: clean-am clean-am: clean-generic clean-sbinPROGRAMS mostlyclean-am distclean: distclean-am - -rm -rf ./$(DEPDIR) bsd/$(DEPDIR) cygwin/$(DEPDIR) gcrypt/$(DEPDIR) linux/$(DEPDIR) mingw/$(DEPDIR) openssl/$(DEPDIR) solaris/$(DEPDIR) + -rm -rf ./$(DEPDIR) bsd/$(DEPDIR) chacha-poly1305/$(DEPDIR) cygwin/$(DEPDIR) ed25519/$(DEPDIR) gcrypt/$(DEPDIR) linux/$(DEPDIR) mingw/$(DEPDIR) openssl/$(DEPDIR) solaris/$(DEPDIR) -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags @@ -938,7 +1114,7 @@ install-ps-am: installcheck-am: installcheck-sbinPROGRAMS maintainer-clean: maintainer-clean-am - -rm -rf ./$(DEPDIR) bsd/$(DEPDIR) cygwin/$(DEPDIR) gcrypt/$(DEPDIR) linux/$(DEPDIR) mingw/$(DEPDIR) openssl/$(DEPDIR) solaris/$(DEPDIR) + -rm -rf ./$(DEPDIR) bsd/$(DEPDIR) chacha-poly1305/$(DEPDIR) cygwin/$(DEPDIR) ed25519/$(DEPDIR) gcrypt/$(DEPDIR) linux/$(DEPDIR) mingw/$(DEPDIR) openssl/$(DEPDIR) solaris/$(DEPDIR) -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic @@ -973,6 +1149,9 @@ uninstall-am: uninstall-sbinPROGRAMS uninstall-am uninstall-sbinPROGRAMS +.PHONY: version.c +version.c: + # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: diff --git a/src/bsd/device.c b/src/bsd/device.c index e083519..d1a993b 100644 --- a/src/bsd/device.c +++ b/src/bsd/device.c @@ -1,7 +1,7 @@ /* device.c -- Interaction BSD tun/tap device Copyright (C) 2001-2005 Ivo Timmermans, - 2001-2013 Guus Sliepen + 2001-2014 Guus Sliepen 2009 Grzegorz Dymarek This program is free software; you can redistribute it and/or modify @@ -35,7 +35,7 @@ #endif #define DEFAULT_TUN_DEVICE "/dev/tun0" -#if defined(HAVE_FREEBSD) || defined(HAVE_NETBSD) +#if defined(HAVE_DARWIN) || defined(HAVE_FREEBSD) || defined(HAVE_NETBSD) #define DEFAULT_TAP_DEVICE "/dev/tap0" #else #define DEFAULT_TAP_DEVICE "/dev/tun0" @@ -54,8 +54,6 @@ int device_fd = -1; char *device = NULL; char *iface = NULL; static char *device_info = NULL; -static uint64_t device_total_in = 0; -static uint64_t device_total_out = 0; #if defined(ENABLE_TUNEMU) static device_type_t device_type = DEVICE_TYPE_TUNEMU; #elif defined(HAVE_OPENBSD) || defined(HAVE_FREEBSD) || defined(HAVE_DRAGONFLY) @@ -65,18 +63,9 @@ static device_type_t device_type = DEVICE_TYPE_TUN; #endif static bool setup_device(void) { + get_config_string(lookup_config(config_tree, "Device"), &device); + char *type; - - if(!get_config_string(lookup_config(config_tree, "Device"), &device)) { - if(routing_mode == RMODE_ROUTER) - device = xstrdup(DEFAULT_TUN_DEVICE); - else - device = xstrdup(DEFAULT_TAP_DEVICE); - } - - if(!get_config_string(lookup_config(config_tree, "Interface"), &iface)) - iface = xstrdup(strrchr(device, '/') ? strrchr(device, '/') + 1 : device); - if(get_config_string(lookup_config(config_tree, "DeviceType"), &type)) { if(!strcasecmp(type, "tun")) /* use default */; @@ -95,10 +84,29 @@ static bool setup_device(void) { return false; } } else { - if(strstr(device, "tap") || routing_mode != RMODE_ROUTER) + if((device && strstr(device, "tap")) || routing_mode != RMODE_ROUTER) device_type = DEVICE_TYPE_TAP; } + if(!device) { + if(device_type == DEVICE_TYPE_TAP) + device = xstrdup(DEFAULT_TAP_DEVICE); + else + device = xstrdup(DEFAULT_TUN_DEVICE); + } + + if(!get_config_string(lookup_config(config_tree, "Interface"), &iface)) + iface = NULL; +#ifndef TAPGIFNAME + if (iface) { + logger(DEBUG_ALWAYS, LOG_WARNING, "Ignoring specified interface name '%s' as device rename is not supported on this platform", iface); + free(iface); + iface = NULL; + } +#endif + if (!iface) + iface = xstrdup(strrchr(device, '/') ? strrchr(device, '/') + 1 : device); + switch(device_type) { #ifdef ENABLE_TUNEMU case DEVICE_TYPE_TUNEMU: { @@ -199,9 +207,11 @@ static void close_device(void) { default: close(device_fd); } + device_fd = -1; - free(device); - free(iface); + free(device); device = NULL; + free(iface); iface = NULL; + device_info = NULL; } static bool read_packet(vpn_packet_t *packet) { @@ -212,10 +222,10 @@ static bool read_packet(vpn_packet_t *packet) { #ifdef ENABLE_TUNEMU case DEVICE_TYPE_TUNEMU: if(device_type == DEVICE_TYPE_TUNEMU) - inlen = tunemu_read(device_fd, packet->data + 14, MTU - 14); + inlen = tunemu_read(device_fd, DATA(packet) + 14, MTU - 14); else #endif - inlen = read(device_fd, packet->data + 14, MTU - 14); + inlen = read(device_fd, DATA(packet) + 14, MTU - 14); if(inlen <= 0) { logger(DEBUG_ALWAYS, LOG_ERR, "Error while reading from %s %s: %s", device_info, @@ -223,29 +233,29 @@ static bool read_packet(vpn_packet_t *packet) { return false; } - switch(packet->data[14] >> 4) { + switch(DATA(packet)[14] >> 4) { case 4: - packet->data[12] = 0x08; - packet->data[13] = 0x00; + DATA(packet)[12] = 0x08; + DATA(packet)[13] = 0x00; break; case 6: - packet->data[12] = 0x86; - packet->data[13] = 0xDD; + DATA(packet)[12] = 0x86; + DATA(packet)[13] = 0xDD; break; default: logger(DEBUG_TRAFFIC, LOG_ERR, "Unknown IP version %d while reading packet from %s %s", - packet->data[14] >> 4, device_info, device); + DATA(packet)[14] >> 4, device_info, device); return false; } - memset(packet->data, 0, 12); + memset(DATA(packet), 0, 12); packet->len = inlen + 14; break; case DEVICE_TYPE_TUNIFHEAD: { u_int32_t type; - struct iovec vector[2] = {{&type, sizeof type}, {packet->data + 14, MTU - 14}}; + struct iovec vector[2] = {{&type, sizeof type}, {DATA(packet) + 14, MTU - 14}}; if((inlen = readv(device_fd, vector, 2)) <= 0) { logger(DEBUG_ALWAYS, LOG_ERR, "Error while reading from %s %s: %s", device_info, @@ -255,13 +265,13 @@ static bool read_packet(vpn_packet_t *packet) { switch (ntohl(type)) { case AF_INET: - packet->data[12] = 0x08; - packet->data[13] = 0x00; + DATA(packet)[12] = 0x08; + DATA(packet)[13] = 0x00; break; case AF_INET6: - packet->data[12] = 0x86; - packet->data[13] = 0xDD; + DATA(packet)[12] = 0x86; + DATA(packet)[13] = 0xDD; break; default: @@ -271,13 +281,13 @@ static bool read_packet(vpn_packet_t *packet) { return false; } - memset(packet->data, 0, 12); + memset(DATA(packet), 0, 12); packet->len = inlen + 10; break; } case DEVICE_TYPE_TAP: - if((inlen = read(device_fd, packet->data, MTU)) <= 0) { + if((inlen = read(device_fd, DATA(packet), MTU)) <= 0) { logger(DEBUG_ALWAYS, LOG_ERR, "Error while reading from %s %s: %s", device_info, device, strerror(errno)); return false; @@ -290,8 +300,6 @@ static bool read_packet(vpn_packet_t *packet) { return false; } - device_total_in += packet->len; - logger(DEBUG_TRAFFIC, LOG_DEBUG, "Read packet of %d bytes from %s", packet->len, device_info); @@ -304,7 +312,7 @@ static bool write_packet(vpn_packet_t *packet) { switch(device_type) { case DEVICE_TYPE_TUN: - if(write(device_fd, packet->data + 14, packet->len - 14) < 0) { + if(write(device_fd, DATA(packet) + 14, packet->len - 14) < 0) { logger(DEBUG_ALWAYS, LOG_ERR, "Error while writing to %s %s: %s", device_info, device, strerror(errno)); return false; @@ -313,10 +321,10 @@ static bool write_packet(vpn_packet_t *packet) { case DEVICE_TYPE_TUNIFHEAD: { u_int32_t type; - struct iovec vector[2] = {{&type, sizeof type}, {packet->data + 14, packet->len - 14}}; + struct iovec vector[2] = {{&type, sizeof type}, {DATA(packet) + 14, packet->len - 14}}; int af; - af = (packet->data[12] << 8) + packet->data[13]; + af = (DATA(packet)[12] << 8) + DATA(packet)[13]; switch (af) { case 0x0800: @@ -341,7 +349,7 @@ static bool write_packet(vpn_packet_t *packet) { } case DEVICE_TYPE_TAP: - if(write(device_fd, packet->data, packet->len) < 0) { + if(write(device_fd, DATA(packet), packet->len) < 0) { logger(DEBUG_ALWAYS, LOG_ERR, "Error while writing to %s %s: %s", device_info, device, strerror(errno)); return false; @@ -350,7 +358,7 @@ static bool write_packet(vpn_packet_t *packet) { #ifdef ENABLE_TUNEMU case DEVICE_TYPE_TUNEMU: - if(tunemu_write(device_fd, packet->data + 14, packet->len - 14) < 0) { + if(tunemu_write(device_fd, DATA(packet) + 14, packet->len - 14) < 0) { logger(DEBUG_ALWAYS, LOG_ERR, "Error while writing to %s %s: %s", device_info, device, strerror(errno)); return false; @@ -362,21 +370,12 @@ static bool write_packet(vpn_packet_t *packet) { return false; } - device_total_out += packet->len; - return true; } -static void dump_device_stats(void) { - logger(DEBUG_ALWAYS, LOG_DEBUG, "Statistics for %s %s:", device_info, device); - logger(DEBUG_ALWAYS, LOG_DEBUG, " total bytes in: %10"PRIu64, device_total_in); - logger(DEBUG_ALWAYS, LOG_DEBUG, " total bytes out: %10"PRIu64, device_total_out); -} - const devops_t os_devops = { .setup = setup_device, .close = close_device, .read = read_packet, .write = write_packet, - .dump_stats = dump_device_stats, }; diff --git a/src/chacha-poly1305/chacha-poly1305.c b/src/chacha-poly1305/chacha-poly1305.c new file mode 100644 index 0000000..bd5cb2c --- /dev/null +++ b/src/chacha-poly1305/chacha-poly1305.c @@ -0,0 +1,103 @@ +#include "../system.h" + +#include "../cipher.h" +#include "../xalloc.h" + +#include "chacha.h" +#include "chacha-poly1305.h" +#include "poly1305.h" + +struct chacha_poly1305_ctx { + struct chacha_ctx main_ctx, header_ctx; +}; + +chacha_poly1305_ctx_t *chacha_poly1305_init(void) +{ + chacha_poly1305_ctx_t *ctx = xzalloc(sizeof *ctx); + return ctx; +} + +void chacha_poly1305_exit(chacha_poly1305_ctx_t *ctx) +{ + free(ctx); +} + +bool chacha_poly1305_set_key(chacha_poly1305_ctx_t *ctx, const void *key) +{ + chacha_keysetup(&ctx->main_ctx, key, 256); + chacha_keysetup(&ctx->header_ctx, key + 32, 256); + return true; +} + +static void put_u64(void *vp, uint64_t v) +{ + uint8_t *p = (uint8_t *) vp; + + p[0] = (uint8_t) (v >> 56) & 0xff; + p[1] = (uint8_t) (v >> 48) & 0xff; + p[2] = (uint8_t) (v >> 40) & 0xff; + p[3] = (uint8_t) (v >> 32) & 0xff; + p[4] = (uint8_t) (v >> 24) & 0xff; + p[5] = (uint8_t) (v >> 16) & 0xff; + p[6] = (uint8_t) (v >> 8) & 0xff; + p[7] = (uint8_t) v & 0xff; +} + +bool chacha_poly1305_encrypt(chacha_poly1305_ctx_t *ctx, uint64_t seqnr, const void *indata, size_t inlen, void *outdata, size_t *outlen) { + uint8_t seqbuf[8]; + const uint8_t one[8] = { 1, 0, 0, 0, 0, 0, 0, 0 }; /* NB little-endian */ + uint8_t poly_key[POLY1305_KEYLEN]; + + /* + * Run ChaCha20 once to generate the Poly1305 key. The IV is the + * packet sequence number. + */ + memset(poly_key, 0, sizeof(poly_key)); + put_u64(seqbuf, seqnr); + chacha_ivsetup(&ctx->main_ctx, seqbuf, NULL); + chacha_encrypt_bytes(&ctx->main_ctx, poly_key, poly_key, sizeof(poly_key)); + + /* Set Chacha's block counter to 1 */ + chacha_ivsetup(&ctx->main_ctx, seqbuf, one); + + chacha_encrypt_bytes(&ctx->main_ctx, indata, outdata, inlen); + poly1305_auth(outdata + inlen, outdata, inlen, poly_key); + + if (outlen) + *outlen = inlen + POLY1305_TAGLEN; + + return true; +} + +bool chacha_poly1305_decrypt(chacha_poly1305_ctx_t *ctx, uint64_t seqnr, const void *indata, size_t inlen, void *outdata, size_t *outlen) { + uint8_t seqbuf[8]; + const uint8_t one[8] = { 1, 0, 0, 0, 0, 0, 0, 0 }; /* NB little-endian */ + uint8_t expected_tag[POLY1305_TAGLEN], poly_key[POLY1305_KEYLEN]; + + /* + * Run ChaCha20 once to generate the Poly1305 key. The IV is the + * packet sequence number. + */ + memset(poly_key, 0, sizeof(poly_key)); + put_u64(seqbuf, seqnr); + chacha_ivsetup(&ctx->main_ctx, seqbuf, NULL); + chacha_encrypt_bytes(&ctx->main_ctx, poly_key, poly_key, sizeof(poly_key)); + + /* Set Chacha's block counter to 1 */ + chacha_ivsetup(&ctx->main_ctx, seqbuf, one); + + /* Check tag before anything else */ + inlen -= POLY1305_TAGLEN; + const uint8_t *tag = indata + inlen; + + poly1305_auth(expected_tag, indata, inlen, poly_key); + if (memcmp(expected_tag, tag, POLY1305_TAGLEN)) + return false; + + chacha_encrypt_bytes(&ctx->main_ctx, indata, outdata, inlen); + + if (outlen) + *outlen = inlen; + + return true; +} diff --git a/src/chacha-poly1305/chacha-poly1305.h b/src/chacha-poly1305/chacha-poly1305.h new file mode 100644 index 0000000..af7eaf5 --- /dev/null +++ b/src/chacha-poly1305/chacha-poly1305.h @@ -0,0 +1,15 @@ +#ifndef CHACHA_POLY1305_H +#define CHACHA_POLY1305_H + +#define CHACHA_POLY1305_KEYLEN 64 + +typedef struct chacha_poly1305_ctx chacha_poly1305_ctx_t; + +extern chacha_poly1305_ctx_t *chacha_poly1305_init(void); +extern void chacha_poly1305_exit(chacha_poly1305_ctx_t *); +extern bool chacha_poly1305_set_key(chacha_poly1305_ctx_t *ctx, const void *key); + +extern bool chacha_poly1305_encrypt(chacha_poly1305_ctx_t *ctx, uint64_t seqnr, const void *indata, size_t inlen, void *outdata, size_t *outlen); +extern bool chacha_poly1305_decrypt(chacha_poly1305_ctx_t *ctx, uint64_t seqnr, const void *indata, size_t inlen, void *outdata, size_t *outlen); + +#endif //CHACHA_POLY1305_H diff --git a/src/chacha-poly1305/chacha.c b/src/chacha-poly1305/chacha.c new file mode 100644 index 0000000..2d0b918 --- /dev/null +++ b/src/chacha-poly1305/chacha.c @@ -0,0 +1,215 @@ +/* +chacha-merged.c version 20080118 +D. J. Bernstein +Public domain. +*/ + +#include "../system.h" + +#include "chacha.h" + +typedef struct chacha_ctx chacha_ctx; + +#define U8C(v) (v##U) +#define U32C(v) (v##U) + +#define U8V(v) ((uint8_t)(v) & U8C(0xFF)) +#define U32V(v) ((uint32_t)(v) & U32C(0xFFFFFFFF)) + +#define ROTL32(v, n) \ + (U32V((v) << (n)) | ((v) >> (32 - (n)))) + +#define U8TO32_LITTLE(p) \ + (((uint32_t)((p)[0]) ) | \ + ((uint32_t)((p)[1]) << 8) | \ + ((uint32_t)((p)[2]) << 16) | \ + ((uint32_t)((p)[3]) << 24)) + +#define U32TO8_LITTLE(p, v) \ + do { \ + (p)[0] = U8V((v) ); \ + (p)[1] = U8V((v) >> 8); \ + (p)[2] = U8V((v) >> 16); \ + (p)[3] = U8V((v) >> 24); \ + } while (0) + +#define ROTATE(v,c) (ROTL32(v,c)) +#define XOR(v,w) ((v) ^ (w)) +#define PLUS(v,w) (U32V((v) + (w))) +#define PLUSONE(v) (PLUS((v),1)) + +#define QUARTERROUND(a,b,c,d) \ + a = PLUS(a,b); d = ROTATE(XOR(d,a),16); \ + c = PLUS(c,d); b = ROTATE(XOR(b,c),12); \ + a = PLUS(a,b); d = ROTATE(XOR(d,a), 8); \ + c = PLUS(c,d); b = ROTATE(XOR(b,c), 7); + +static const char sigma[16] = "expand 32-byte k"; +static const char tau[16] = "expand 16-byte k"; + +void chacha_keysetup(chacha_ctx *x, const uint8_t *k, uint32_t kbits) +{ + const char *constants; + + x->input[4] = U8TO32_LITTLE(k + 0); + x->input[5] = U8TO32_LITTLE(k + 4); + x->input[6] = U8TO32_LITTLE(k + 8); + x->input[7] = U8TO32_LITTLE(k + 12); + if (kbits == 256) { /* recommended */ + k += 16; + constants = sigma; + } else { /* kbits == 128 */ + constants = tau; + } + x->input[8] = U8TO32_LITTLE(k + 0); + x->input[9] = U8TO32_LITTLE(k + 4); + x->input[10] = U8TO32_LITTLE(k + 8); + x->input[11] = U8TO32_LITTLE(k + 12); + x->input[0] = U8TO32_LITTLE(constants + 0); + x->input[1] = U8TO32_LITTLE(constants + 4); + x->input[2] = U8TO32_LITTLE(constants + 8); + x->input[3] = U8TO32_LITTLE(constants + 12); +} + +void chacha_ivsetup(chacha_ctx *x, const uint8_t *iv, const uint8_t *counter) +{ + x->input[12] = counter == NULL ? 0 : U8TO32_LITTLE(counter + 0); + x->input[13] = counter == NULL ? 0 : U8TO32_LITTLE(counter + 4); + x->input[14] = U8TO32_LITTLE(iv + 0); + x->input[15] = U8TO32_LITTLE(iv + 4); +} + +void +chacha_encrypt_bytes(chacha_ctx *x, const uint8_t *m, uint8_t *c, uint32_t bytes) +{ + uint32_t x0, x1, x2, x3, x4, x5, x6, x7, x8, x9, x10, x11, x12, x13, x14, x15; + uint32_t j0, j1, j2, j3, j4, j5, j6, j7, j8, j9, j10, j11, j12, j13, j14, j15; + uint8_t *ctarget = NULL; + uint8_t tmp[64]; + uint32_t i; + + if (!bytes) + return; + + j0 = x->input[0]; + j1 = x->input[1]; + j2 = x->input[2]; + j3 = x->input[3]; + j4 = x->input[4]; + j5 = x->input[5]; + j6 = x->input[6]; + j7 = x->input[7]; + j8 = x->input[8]; + j9 = x->input[9]; + j10 = x->input[10]; + j11 = x->input[11]; + j12 = x->input[12]; + j13 = x->input[13]; + j14 = x->input[14]; + j15 = x->input[15]; + + for (;;) { + if (bytes < 64) { + for (i = 0; i < bytes; ++i) + tmp[i] = m[i]; + m = tmp; + ctarget = c; + c = tmp; + } + x0 = j0; + x1 = j1; + x2 = j2; + x3 = j3; + x4 = j4; + x5 = j5; + x6 = j6; + x7 = j7; + x8 = j8; + x9 = j9; + x10 = j10; + x11 = j11; + x12 = j12; + x13 = j13; + x14 = j14; + x15 = j15; + for (i = 20; i > 0; i -= 2) { + QUARTERROUND(x0, x4, x8, x12) + QUARTERROUND(x1, x5, x9, x13) + QUARTERROUND(x2, x6, x10, x14) + QUARTERROUND(x3, x7, x11, x15) + QUARTERROUND(x0, x5, x10, x15) + QUARTERROUND(x1, x6, x11, x12) + QUARTERROUND(x2, x7, x8, x13) + QUARTERROUND(x3, x4, x9, x14) + } + x0 = PLUS(x0, j0); + x1 = PLUS(x1, j1); + x2 = PLUS(x2, j2); + x3 = PLUS(x3, j3); + x4 = PLUS(x4, j4); + x5 = PLUS(x5, j5); + x6 = PLUS(x6, j6); + x7 = PLUS(x7, j7); + x8 = PLUS(x8, j8); + x9 = PLUS(x9, j9); + x10 = PLUS(x10, j10); + x11 = PLUS(x11, j11); + x12 = PLUS(x12, j12); + x13 = PLUS(x13, j13); + x14 = PLUS(x14, j14); + x15 = PLUS(x15, j15); + + x0 = XOR(x0, U8TO32_LITTLE(m + 0)); + x1 = XOR(x1, U8TO32_LITTLE(m + 4)); + x2 = XOR(x2, U8TO32_LITTLE(m + 8)); + x3 = XOR(x3, U8TO32_LITTLE(m + 12)); + x4 = XOR(x4, U8TO32_LITTLE(m + 16)); + x5 = XOR(x5, U8TO32_LITTLE(m + 20)); + x6 = XOR(x6, U8TO32_LITTLE(m + 24)); + x7 = XOR(x7, U8TO32_LITTLE(m + 28)); + x8 = XOR(x8, U8TO32_LITTLE(m + 32)); + x9 = XOR(x9, U8TO32_LITTLE(m + 36)); + x10 = XOR(x10, U8TO32_LITTLE(m + 40)); + x11 = XOR(x11, U8TO32_LITTLE(m + 44)); + x12 = XOR(x12, U8TO32_LITTLE(m + 48)); + x13 = XOR(x13, U8TO32_LITTLE(m + 52)); + x14 = XOR(x14, U8TO32_LITTLE(m + 56)); + x15 = XOR(x15, U8TO32_LITTLE(m + 60)); + + j12 = PLUSONE(j12); + if (!j12) { + j13 = PLUSONE(j13); + /* stopping at 2^70 bytes per nonce is user's responsibility */ + } + + U32TO8_LITTLE(c + 0, x0); + U32TO8_LITTLE(c + 4, x1); + U32TO8_LITTLE(c + 8, x2); + U32TO8_LITTLE(c + 12, x3); + U32TO8_LITTLE(c + 16, x4); + U32TO8_LITTLE(c + 20, x5); + U32TO8_LITTLE(c + 24, x6); + U32TO8_LITTLE(c + 28, x7); + U32TO8_LITTLE(c + 32, x8); + U32TO8_LITTLE(c + 36, x9); + U32TO8_LITTLE(c + 40, x10); + U32TO8_LITTLE(c + 44, x11); + U32TO8_LITTLE(c + 48, x12); + U32TO8_LITTLE(c + 52, x13); + U32TO8_LITTLE(c + 56, x14); + U32TO8_LITTLE(c + 60, x15); + + if (bytes <= 64) { + if (bytes < 64) { + for (i = 0; i < bytes; ++i) + ctarget[i] = c[i]; + } + x->input[12] = j12; + x->input[13] = j13; + return; + } + bytes -= 64; + c += 64; + m += 64; + } +} diff --git a/src/chacha-poly1305/chacha.h b/src/chacha-poly1305/chacha.h new file mode 100644 index 0000000..af1b9a4 --- /dev/null +++ b/src/chacha-poly1305/chacha.h @@ -0,0 +1,24 @@ +/* +chacha-merged.c version 20080118 +D. J. Bernstein +Public domain. +*/ + +#ifndef CHACHA_H +#define CHACHA_H + +struct chacha_ctx { + uint32_t input[16]; +}; + +#define CHACHA_MINKEYLEN 16 +#define CHACHA_NONCELEN 8 +#define CHACHA_CTRLEN 8 +#define CHACHA_STATELEN (CHACHA_NONCELEN+CHACHA_CTRLEN) +#define CHACHA_BLOCKLEN 64 + +void chacha_keysetup(struct chacha_ctx *x, const uint8_t *k, uint32_t kbits); +void chacha_ivsetup(struct chacha_ctx *x, const uint8_t *iv, const uint8_t *ctr); +void chacha_encrypt_bytes(struct chacha_ctx *x, const uint8_t *m, uint8_t * c, uint32_t bytes); + +#endif /* CHACHA_H */ diff --git a/src/chacha-poly1305/poly1305.c b/src/chacha-poly1305/poly1305.c new file mode 100644 index 0000000..f1ddf2d --- /dev/null +++ b/src/chacha-poly1305/poly1305.c @@ -0,0 +1,197 @@ +/* + * Public Domain poly1305 from Andrew Moon + * poly1305-donna-unrolled.c from https://github.com/floodyberry/poly1305-donna + */ + +#include "../system.h" + +#include "poly1305.h" + +#define mul32x32_64(a,b) ((uint64_t)(a) * (b)) + +#define U8TO32_LE(p) \ + (((uint32_t)((p)[0])) | \ + ((uint32_t)((p)[1]) << 8) | \ + ((uint32_t)((p)[2]) << 16) | \ + ((uint32_t)((p)[3]) << 24)) + +#define U32TO8_LE(p, v) \ + do { \ + (p)[0] = (uint8_t)((v)); \ + (p)[1] = (uint8_t)((v) >> 8); \ + (p)[2] = (uint8_t)((v) >> 16); \ + (p)[3] = (uint8_t)((v) >> 24); \ + } while (0) + +void +poly1305_auth(unsigned char out[POLY1305_TAGLEN], const unsigned char *m, size_t inlen, const unsigned char key[POLY1305_KEYLEN]) +{ + uint32_t t0, t1, t2, t3; + uint32_t h0, h1, h2, h3, h4; + uint32_t r0, r1, r2, r3, r4; + uint32_t s1, s2, s3, s4; + uint32_t b, nb; + size_t j; + uint64_t t[5]; + uint64_t f0, f1, f2, f3; + uint32_t g0, g1, g2, g3, g4; + uint64_t c; + unsigned char mp[16]; + + /* clamp key */ + t0 = U8TO32_LE(key + 0); + t1 = U8TO32_LE(key + 4); + t2 = U8TO32_LE(key + 8); + t3 = U8TO32_LE(key + 12); + + /* precompute multipliers */ + r0 = t0 & 0x3ffffff; + t0 >>= 26; + t0 |= t1 << 6; + r1 = t0 & 0x3ffff03; + t1 >>= 20; + t1 |= t2 << 12; + r2 = t1 & 0x3ffc0ff; + t2 >>= 14; + t2 |= t3 << 18; + r3 = t2 & 0x3f03fff; + t3 >>= 8; + r4 = t3 & 0x00fffff; + + s1 = r1 * 5; + s2 = r2 * 5; + s3 = r3 * 5; + s4 = r4 * 5; + + /* init state */ + h0 = 0; + h1 = 0; + h2 = 0; + h3 = 0; + h4 = 0; + + /* full blocks */ + if (inlen < 16) + goto poly1305_donna_atmost15bytes; + + poly1305_donna_16bytes: + m += 16; + inlen -= 16; + + t0 = U8TO32_LE(m - 16); + t1 = U8TO32_LE(m - 12); + t2 = U8TO32_LE(m - 8); + t3 = U8TO32_LE(m - 4); + + h0 += t0 & 0x3ffffff; + h1 += ((((uint64_t) t1 << 32) | t0) >> 26) & 0x3ffffff; + h2 += ((((uint64_t) t2 << 32) | t1) >> 20) & 0x3ffffff; + h3 += ((((uint64_t) t3 << 32) | t2) >> 14) & 0x3ffffff; + h4 += (t3 >> 8) | (1 << 24); + + poly1305_donna_mul: + t[0] = mul32x32_64(h0, r0) + mul32x32_64(h1, s4) + mul32x32_64(h2, s3) + mul32x32_64(h3, s2) + mul32x32_64(h4, s1); + t[1] = mul32x32_64(h0, r1) + mul32x32_64(h1, r0) + mul32x32_64(h2, s4) + mul32x32_64(h3, s3) + mul32x32_64(h4, s2); + t[2] = mul32x32_64(h0, r2) + mul32x32_64(h1, r1) + mul32x32_64(h2, r0) + mul32x32_64(h3, s4) + mul32x32_64(h4, s3); + t[3] = mul32x32_64(h0, r3) + mul32x32_64(h1, r2) + mul32x32_64(h2, r1) + mul32x32_64(h3, r0) + mul32x32_64(h4, s4); + t[4] = mul32x32_64(h0, r4) + mul32x32_64(h1, r3) + mul32x32_64(h2, r2) + mul32x32_64(h3, r1) + mul32x32_64(h4, r0); + + h0 = (uint32_t) t[0] & 0x3ffffff; + c = (t[0] >> 26); + t[1] += c; + h1 = (uint32_t) t[1] & 0x3ffffff; + b = (uint32_t) (t[1] >> 26); + t[2] += b; + h2 = (uint32_t) t[2] & 0x3ffffff; + b = (uint32_t) (t[2] >> 26); + t[3] += b; + h3 = (uint32_t) t[3] & 0x3ffffff; + b = (uint32_t) (t[3] >> 26); + t[4] += b; + h4 = (uint32_t) t[4] & 0x3ffffff; + b = (uint32_t) (t[4] >> 26); + h0 += b * 5; + + if (inlen >= 16) + goto poly1305_donna_16bytes; + + /* final bytes */ + poly1305_donna_atmost15bytes: + if (!inlen) + goto poly1305_donna_finish; + + for (j = 0; j < inlen; j++) + mp[j] = m[j]; + mp[j++] = 1; + for (; j < 16; j++) + mp[j] = 0; + inlen = 0; + + t0 = U8TO32_LE(mp + 0); + t1 = U8TO32_LE(mp + 4); + t2 = U8TO32_LE(mp + 8); + t3 = U8TO32_LE(mp + 12); + + h0 += t0 & 0x3ffffff; + h1 += ((((uint64_t) t1 << 32) | t0) >> 26) & 0x3ffffff; + h2 += ((((uint64_t) t2 << 32) | t1) >> 20) & 0x3ffffff; + h3 += ((((uint64_t) t3 << 32) | t2) >> 14) & 0x3ffffff; + h4 += (t3 >> 8); + + goto poly1305_donna_mul; + + poly1305_donna_finish: + b = h0 >> 26; + h0 = h0 & 0x3ffffff; + h1 += b; + b = h1 >> 26; + h1 = h1 & 0x3ffffff; + h2 += b; + b = h2 >> 26; + h2 = h2 & 0x3ffffff; + h3 += b; + b = h3 >> 26; + h3 = h3 & 0x3ffffff; + h4 += b; + b = h4 >> 26; + h4 = h4 & 0x3ffffff; + h0 += b * 5; + b = h0 >> 26; + h0 = h0 & 0x3ffffff; + h1 += b; + + g0 = h0 + 5; + b = g0 >> 26; + g0 &= 0x3ffffff; + g1 = h1 + b; + b = g1 >> 26; + g1 &= 0x3ffffff; + g2 = h2 + b; + b = g2 >> 26; + g2 &= 0x3ffffff; + g3 = h3 + b; + b = g3 >> 26; + g3 &= 0x3ffffff; + g4 = h4 + b - (1 << 26); + + b = (g4 >> 31) - 1; + nb = ~b; + h0 = (h0 & nb) | (g0 & b); + h1 = (h1 & nb) | (g1 & b); + h2 = (h2 & nb) | (g2 & b); + h3 = (h3 & nb) | (g3 & b); + h4 = (h4 & nb) | (g4 & b); + + f0 = ((h0) | (h1 << 26)) + (uint64_t) U8TO32_LE(&key[16]); + f1 = ((h1 >> 6) | (h2 << 20)) + (uint64_t) U8TO32_LE(&key[20]); + f2 = ((h2 >> 12) | (h3 << 14)) + (uint64_t) U8TO32_LE(&key[24]); + f3 = ((h3 >> 18) | (h4 << 8)) + (uint64_t) U8TO32_LE(&key[28]); + + U32TO8_LE(&out[0], f0); + f1 += (f0 >> 32); + U32TO8_LE(&out[4], f1); + f2 += (f1 >> 32); + U32TO8_LE(&out[8], f2); + f3 += (f2 >> 32); + U32TO8_LE(&out[12], f3); +} diff --git a/src/chacha-poly1305/poly1305.h b/src/chacha-poly1305/poly1305.h new file mode 100644 index 0000000..9a64015 --- /dev/null +++ b/src/chacha-poly1305/poly1305.h @@ -0,0 +1,16 @@ +/* $OpenBSD: poly1305.h,v 1.2 2013/12/19 22:57:13 djm Exp $ */ + +/* + * Public Domain poly1305 from Andrew Moon + * poly1305-donna-unrolled.c from https://github.com/floodyberry/poly1305-donna + */ + +#ifndef POLY1305_H +#define POLY1305_H + +#define POLY1305_KEYLEN 32 +#define POLY1305_TAGLEN 16 + +void poly1305_auth(uint8_t out[POLY1305_TAGLEN], const uint8_t *m, size_t inlen, const uint8_t key[POLY1305_KEYLEN]); + +#endif /* POLY1305_H */ diff --git a/src/cipher.h b/src/cipher.h index 17ca614..47cd1cd 100644 --- a/src/cipher.h +++ b/src/cipher.h @@ -34,11 +34,8 @@ extern size_t cipher_keylength(const cipher_t *); extern void cipher_get_key(const cipher_t *, void *); extern bool cipher_set_key(cipher_t *, void *, bool) __attribute__ ((__warn_unused_result__)); extern bool cipher_set_key_from_rsa(cipher_t *, void *, size_t, bool) __attribute__ ((__warn_unused_result__)); -extern bool cipher_set_counter(cipher_t *, const void *, size_t) __attribute__ ((__warn_unused_result__)); -extern bool cipher_set_counter_key(cipher_t *, void *) __attribute__ ((__warn_unused_result__)); extern bool cipher_encrypt(cipher_t *, const void *indata, size_t inlen, void *outdata, size_t *outlen, bool oneshot) __attribute__ ((__warn_unused_result__)); extern bool cipher_decrypt(cipher_t *, const void *indata, size_t inlen, void *outdata, size_t *outlen, bool oneshot) __attribute__ ((__warn_unused_result__)); -extern bool cipher_counter_xor(cipher_t *, const void *indata, size_t inlen, void *outdata) __attribute__ ((__warn_unused_result__)); extern int cipher_get_nid(const cipher_t *); extern bool cipher_active(const cipher_t *); diff --git a/src/conf.c b/src/conf.c index 3c64519..e0d8e92 100644 --- a/src/conf.c +++ b/src/conf.c @@ -1,10 +1,11 @@ /* conf.c -- configuration code - Copyright (C) 1998 Robert van der Meulen + Copyright (C) 1998 Robert van der Meulen 1998-2005 Ivo Timmermans - 2000-2013 Guus Sliepen + 2000 Cris van Pelt 2010-2011 Julien Muchembled - 2000 Cris van Pelt + 2000-2013 Guus Sliepen + 2013 Florent Clairambault This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -376,6 +377,29 @@ bool read_server_config(void) { errno = 0; x = read_config_file(config_tree, fname); + // We will try to read the conf files in the "conf.d" dir + if (x) { + char * dname; + xasprintf(&dname, "%s" SLASH "conf.d", confbase); + DIR *dir = opendir (dname); + // If we can find this dir + if (dir) { + struct dirent *ep; + // We list all the files in it + while (x && (ep = readdir (dir))) { + size_t l = strlen(ep->d_name); + // And we try to read the ones that end with ".conf" + if (l > 5 && !strcmp(".conf", & ep->d_name[ l - 5 ])) { + free(fname); + xasprintf(&fname, "%s" SLASH "%s", dname, ep->d_name); + x = read_config_file(config_tree, fname); + } + } + closedir (dir); + } + free(dname); + } + if(!x && errno) logger(DEBUG_ALWAYS, LOG_ERR, "Failed to read `%s': %s", fname, strerror(errno)); diff --git a/src/connection.h b/src/connection.h index b5d3d18..b74b582 100644 --- a/src/connection.h +++ b/src/connection.h @@ -36,7 +36,7 @@ typedef struct connection_status_t { unsigned int pinged:1; /* sent ping */ - unsigned int active:1; /* 1 if active.. */ + unsigned int unused_active:1; unsigned int connecting:1; /* 1 if we are waiting for a non-blocking connect() to finish */ unsigned int unused_termreq:1; /* the termination of this connection was requested */ unsigned int remove_unused:1; /* Set to 1 if you want this connection removed */ @@ -49,7 +49,7 @@ typedef struct connection_status_t { unsigned int log:1; /* 1 if this is a control connection requesting log dump */ unsigned int invitation:1; /* 1 if this is an invitation */ unsigned int invitation_used:1; /* 1 if the invitation has been consumed */ - unsigned int unused:19; + unsigned int unused:18; } connection_status_t; #include "ecdsa.h" diff --git a/src/control.c b/src/control.c index f7d67ac..98eae80 100644 --- a/src/control.c +++ b/src/control.c @@ -106,7 +106,7 @@ bool control_h(connection_t *c, const char *request) { for list_each(connection_t, other, connection_list) { if(strcmp(other->name, name)) continue; - terminate_connection(other, other->status.active); + terminate_connection(other, other->edge); found = true; } @@ -178,15 +178,15 @@ bool init_control(void) { #ifndef HAVE_MINGW int unix_fd = socket(AF_UNIX, SOCK_STREAM, 0); if(unix_fd < 0) { - logger(DEBUG_ALWAYS, LOG_ERR, "Could not create UNIX socket: %s", sockstrerror(errno)); + logger(DEBUG_ALWAYS, LOG_ERR, "Could not create UNIX socket: %s", sockstrerror(sockerrno)); return false; } - struct sockaddr_un sun; - sun.sun_family = AF_UNIX; - strncpy(sun.sun_path, unixsocketname, sizeof sun.sun_path); + struct sockaddr_un sa_un; + sa_un.sun_family = AF_UNIX; + strncpy(sa_un.sun_path, unixsocketname, sizeof sa_un.sun_path); - if(connect(unix_fd, (struct sockaddr *)&sun, sizeof sun) >= 0) { + if(connect(unix_fd, (struct sockaddr *)&sa_un, sizeof sa_un) >= 0) { logger(DEBUG_ALWAYS, LOG_ERR, "UNIX socket %s is still in use!", unixsocketname); return false; } @@ -194,16 +194,16 @@ bool init_control(void) { unlink(unixsocketname); umask(mask | 077); - int result = bind(unix_fd, (struct sockaddr *)&sun, sizeof sun); + int result = bind(unix_fd, (struct sockaddr *)&sa_un, sizeof sa_un); umask(mask); if(result < 0) { - logger(DEBUG_ALWAYS, LOG_ERR, "Could not bind UNIX socket to %s: %s", unixsocketname, sockstrerror(errno)); + logger(DEBUG_ALWAYS, LOG_ERR, "Could not bind UNIX socket to %s: %s", unixsocketname, sockstrerror(sockerrno)); return false; } if(listen(unix_fd, 3) < 0) { - logger(DEBUG_ALWAYS, LOG_ERR, "Could not listen on UNIX socket %s: %s", unixsocketname, sockstrerror(errno)); + logger(DEBUG_ALWAYS, LOG_ERR, "Could not listen on UNIX socket %s: %s", unixsocketname, sockstrerror(sockerrno)); return false; } diff --git a/src/cygwin/device.c b/src/cygwin/device.c index f4dcae4..4c3a60d 100644 --- a/src/cygwin/device.c +++ b/src/cygwin/device.c @@ -1,7 +1,7 @@ /* device.c -- Interaction with Windows tap driver in a Cygwin environment Copyright (C) 2002-2005 Ivo Timmermans, - 2002-2013 Guus Sliepen + 2002-2014 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -40,9 +40,6 @@ char *device = NULL; char *iface = NULL; static char *device_info = NULL; -static uint64_t device_total_in = 0; -static uint64_t device_total_out = 0; - static pid_t reader_pid; static int sp[2]; @@ -218,18 +215,19 @@ static bool setup_device(void) { static void close_device(void) { close(sp[0]); close(sp[1]); - CloseHandle(device_handle); + CloseHandle(device_handle); device_handle = INVALID_HANDLE_VALUE; kill(reader_pid, SIGKILL); - free(device); - free(iface); + free(device); device = NULL; + free(iface); iface = NULL; + device_info = NULL; } static bool read_packet(vpn_packet_t *packet) { int inlen; - if((inlen = read(sp[0], packet->data, MTU)) <= 0) { + if((inlen = read(sp[0], DATA(packet), MTU)) <= 0) { logger(DEBUG_ALWAYS, LOG_ERR, "Error while reading from %s %s: %s", device_info, device, strerror(errno)); return false; @@ -237,8 +235,6 @@ static bool read_packet(vpn_packet_t *packet) { packet->len = inlen; - device_total_in += packet->len; - logger(DEBUG_TRAFFIC, LOG_DEBUG, "Read packet of %d bytes from %s", packet->len, device_info); @@ -251,26 +247,17 @@ static bool write_packet(vpn_packet_t *packet) { logger(DEBUG_TRAFFIC, LOG_DEBUG, "Writing packet of %d bytes to %s", packet->len, device_info); - if(!WriteFile (device_handle, packet->data, packet->len, &outlen, NULL)) { + if(!WriteFile (device_handle, DATA(packet), packet->len, &outlen, NULL)) { logger(DEBUG_ALWAYS, LOG_ERR, "Error while writing to %s %s: %s", device_info, device, winerror(GetLastError())); return false; } - device_total_out += packet->len; - return true; } -static void dump_device_stats(void) { - logger(DEBUG_ALWAYS, LOG_DEBUG, "Statistics for %s %s:", device_info, device); - logger(DEBUG_ALWAYS, LOG_DEBUG, " total bytes in: %10"PRIu64, device_total_in); - logger(DEBUG_ALWAYS, LOG_DEBUG, " total bytes out: %10"PRIu64, device_total_out); -} - const devops_t os_devops = { .setup = setup_device, .close = close_device, .read = read_packet, .write = write_packet, - .dump_stats = dump_device_stats, }; diff --git a/src/device.h b/src/device.h index c91f035..8046a25 100644 --- a/src/device.h +++ b/src/device.h @@ -27,17 +27,13 @@ extern int device_fd; extern char *device; extern char *iface; -extern uint64_t device_in_packets; -extern uint64_t device_in_bytes; -extern uint64_t device_out_packets; -extern uint64_t device_out_bytes; - typedef struct devops_t { bool (*setup)(void); void (*close)(void); bool (*read)(struct vpn_packet_t *); bool (*write)(struct vpn_packet_t *); - void (*dump_stats)(void); + void (*enable)(void); /* optional */ + void (*disable)(void); /* optional */ } devops_t; extern const devops_t os_devops; diff --git a/src/dummy_device.c b/src/dummy_device.c index d508180..c43d586 100644 --- a/src/dummy_device.c +++ b/src/dummy_device.c @@ -25,9 +25,6 @@ static char *device_info = "dummy device"; -static uint64_t device_total_in = 0; -static uint64_t device_total_out = 0; - static bool setup_device(void) { device = "dummy"; iface = "dummy"; @@ -43,20 +40,12 @@ static bool read_packet(vpn_packet_t *packet) { } static bool write_packet(vpn_packet_t *packet) { - device_total_out += packet->len; return true; } -static void dump_device_stats(void) { - logger(DEBUG_ALWAYS, LOG_DEBUG, "Statistics for %s %s:", device_info, device); - logger(DEBUG_ALWAYS, LOG_DEBUG, " total bytes in: %10"PRIu64, device_total_in); - logger(DEBUG_ALWAYS, LOG_DEBUG, " total bytes out: %10"PRIu64, device_total_out); -} - const devops_t dummy_devops = { .setup = setup_device, .close = close_device, .read = read_packet, .write = write_packet, - .dump_stats = dump_device_stats, }; diff --git a/src/ecdh.h b/src/ecdh.h index fbd4729..c5ea3ef 100644 --- a/src/ecdh.h +++ b/src/ecdh.h @@ -20,8 +20,8 @@ #ifndef __TINC_ECDH_H__ #define __TINC_ECDH_H__ -#define ECDH_SIZE 67 -#define ECDH_SHARED_SIZE 66 +#define ECDH_SIZE 32 +#define ECDH_SHARED_SIZE 32 #ifndef __TINC_ECDH_INTERNAL__ typedef struct ecdh ecdh_t; diff --git a/src/ed25519/add_scalar.c b/src/ed25519/add_scalar.c new file mode 100644 index 0000000..262ec72 --- /dev/null +++ b/src/ed25519/add_scalar.c @@ -0,0 +1,56 @@ +#include "ed25519.h" +#include "ge.h" +#include "sc.h" + + +/* see http://crypto.stackexchange.com/a/6215/4697 */ +void ed25519_add_scalar(unsigned char *public_key, unsigned char *private_key, const unsigned char *scalar) { + const unsigned char SC_1[32] = {1}; /* scalar with value 1 */ + + unsigned char n[32]; + ge_p3 nB; + ge_p1p1 A_p1p1; + ge_p3 A; + ge_p3 public_key_unpacked; + ge_cached T; + + int i; + + /* copy the scalar and clear highest bit */ + for (i = 0; i < 31; ++i) { + n[i] = scalar[i]; + } + n[31] = scalar[31] & 127; + + /* private key: a = n + t */ + if (private_key) { + sc_muladd(private_key, SC_1, n, private_key); + } + + /* public key: A = nB + T */ + if (public_key) { + /* if we know the private key we don't need a point addition, which is faster */ + /* using a "timing attack" you could find out wether or not we know the private + key, but this information seems rather useless - if this is important pass + public_key and private_key seperately in 2 function calls */ + if (private_key) { + ge_scalarmult_base(&A, private_key); + } else { + /* unpack public key into T */ + ge_frombytes_negate_vartime(&public_key_unpacked, public_key); + fe_neg(public_key_unpacked.X, public_key_unpacked.X); // undo negate + fe_neg(public_key_unpacked.T, public_key_unpacked.T); // undo negate + ge_p3_to_cached(&T, &public_key_unpacked); + + /* calculate n*B */ + ge_scalarmult_base(&nB, n); + + /* A = n*B + T */ + ge_add(&A_p1p1, &nB, &T); + ge_p1p1_to_p3(&A, &A_p1p1); + } + + /* pack public key */ + ge_p3_tobytes(public_key, &A); + } +} diff --git a/src/ed25519/ecdh.c b/src/ed25519/ecdh.c new file mode 100644 index 0000000..d0cd7e0 --- /dev/null +++ b/src/ed25519/ecdh.c @@ -0,0 +1,51 @@ +/* + ecdh.c -- Diffie-Hellman key exchange handling + Copyright (C) 2011-2013 Guus Sliepen + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +*/ + +#include "../system.h" + +#include "ed25519.h" + +#define __TINC_ECDH_INTERNAL__ +typedef struct ecdh_t { + uint8_t private[64]; +} ecdh_t; + +#include "../crypto.h" +#include "../ecdh.h" +#include "../xalloc.h" + +ecdh_t *ecdh_generate_public(void *pubkey) { + ecdh_t *ecdh = xzalloc(sizeof *ecdh); + + uint8_t seed[32]; + randomize(seed, sizeof seed); + ed25519_create_keypair(pubkey, ecdh->private, seed); + + return ecdh; +} + +bool ecdh_compute_shared(ecdh_t *ecdh, const void *pubkey, void *shared) { + ed25519_key_exchange(shared, pubkey, ecdh->private); + free(ecdh); + return true; +} + +void ecdh_free(ecdh_t *ecdh) { + free(ecdh); +} diff --git a/src/ed25519/ecdsa.c b/src/ed25519/ecdsa.c new file mode 100644 index 0000000..bfdabc1 --- /dev/null +++ b/src/ed25519/ecdsa.c @@ -0,0 +1,145 @@ +/* + ecdsa.c -- ECDSA key handling + Copyright (C) 2011-2013 Guus Sliepen + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +*/ + +#include "../system.h" + +#include "ed25519.h" + +#define __TINC_ECDSA_INTERNAL__ +typedef struct { + uint8_t private[64]; + uint8_t public[32]; +} ecdsa_t; + +#include "../logger.h" +#include "../ecdsa.h" +#include "../utils.h" +#include "../xalloc.h" + +// Get and set ECDSA keys +// +ecdsa_t *ecdsa_set_base64_public_key(const char *p) { + int len = strlen(p); + + if(len != 43) { + logger(DEBUG_ALWAYS, LOG_ERR, "Invalid size %d for public key!", len); + return 0; + } + + ecdsa_t *ecdsa = xzalloc(sizeof *ecdsa); + len = b64decode(p, ecdsa->public, len); + if(len != 32) { + logger(DEBUG_ALWAYS, LOG_ERR, "Invalid format of public key! len = %d", len); + free(ecdsa); + return 0; + } + + return ecdsa; +} + +char *ecdsa_get_base64_public_key(ecdsa_t *ecdsa) { + char *base64 = xmalloc(44); + b64encode(ecdsa->public, base64, sizeof ecdsa->public); + + return base64; +} + +// Read PEM ECDSA keys + +static bool read_pem(FILE *fp, const char *type, void *buf, size_t size) { + char line[1024]; + bool data = false; + size_t typelen = strlen(type); + + while(fgets(line, sizeof line, fp)) { + if(!data) { + if(strncmp(line, "-----BEGIN ", 11)) + continue; + if(strncmp(line + 11, type, typelen)) + continue; + data = true; + continue; + } + + if(!strncmp(line, "-----END ", 9)) + break; + + size_t linelen = strcspn(line, "\r\n"); + size_t len = b64decode(line, line, linelen); + if(!len) { + logger(DEBUG_ALWAYS, LOG_ERR, "Invalid base64 data in PEM file\n"); + return false; + } + + if(len > size) { + logger(DEBUG_ALWAYS, LOG_ERR, "Too much base64 data in PEM file\n"); + return false; + } + + memcpy(buf, line, len); + buf += len; + size -= len; + } + + if(size) { + logger(DEBUG_ALWAYS, LOG_ERR, "Too little base64 data in PEM file\n"); + return false; + } + + return true; +} + +ecdsa_t *ecdsa_read_pem_public_key(FILE *fp) { + ecdsa_t *ecdsa = xzalloc(sizeof *ecdsa); + if(read_pem(fp, "ED25519 PUBLIC KEY", ecdsa->public, sizeof ecdsa->public)) + return ecdsa; + free(ecdsa); + return 0; +} + +ecdsa_t *ecdsa_read_pem_private_key(FILE *fp) { + ecdsa_t *ecdsa = xmalloc(sizeof *ecdsa); + if(read_pem(fp, "ED25519 PRIVATE KEY", ecdsa->private, sizeof *ecdsa)) + return ecdsa; + free(ecdsa); + return 0; +} + +size_t ecdsa_size(ecdsa_t *ecdsa) { + return 64; +} + +// TODO: standardise output format? + +bool ecdsa_sign(ecdsa_t *ecdsa, const void *in, size_t len, void *sig) { + ed25519_sign(sig, in, len, ecdsa->public, ecdsa->private); + return true; +} + +bool ecdsa_verify(ecdsa_t *ecdsa, const void *in, size_t len, const void *sig) { + return ed25519_verify(sig, in, len, ecdsa->public); +} + +bool ecdsa_active(ecdsa_t *ecdsa) { + return ecdsa; +} + +void ecdsa_free(ecdsa_t *ecdsa) { + free(ecdsa); +} diff --git a/src/openssl/ecdsagen.c b/src/ed25519/ecdsagen.c similarity index 58% rename from src/openssl/ecdsagen.c rename to src/ed25519/ecdsagen.c index 31e5847..d2a1489 100644 --- a/src/openssl/ecdsagen.c +++ b/src/ed25519/ecdsagen.c @@ -19,13 +19,15 @@ #include "../system.h" -#include -#include -#include +#include "ed25519.h" #define __TINC_ECDSA_INTERNAL__ -typedef EC_KEY ecdsa_t; +typedef struct { + uint8_t private[64]; + uint8_t public[32]; +} ecdsa_t; +#include "../crypto.h" #include "../ecdsagen.h" #include "../utils.h" #include "../xalloc.h" @@ -33,38 +35,37 @@ typedef EC_KEY ecdsa_t; // Generate ECDSA key ecdsa_t *ecdsa_generate(void) { - ecdsa_t *ecdsa = EC_KEY_new_by_curve_name(NID_secp521r1); + ecdsa_t *ecdsa = xzalloc(sizeof *ecdsa); - if(!ecdsa || !EC_KEY_generate_key(ecdsa)) { - fprintf(stderr, "Generating EC key failed: %s", ERR_error_string(ERR_get_error(), NULL)); - ecdsa_free(ecdsa); - return false; - } - - EC_KEY_set_asn1_flag(ecdsa, OPENSSL_EC_NAMED_CURVE); - EC_KEY_set_conv_form(ecdsa, POINT_CONVERSION_COMPRESSED); + uint8_t seed[32]; + randomize(seed, sizeof seed); + ed25519_create_keypair(ecdsa->public, ecdsa->private, seed); return ecdsa; } // Write PEM ECDSA keys +static bool write_pem(FILE *fp, const char *type, void *buf, size_t size) { + fprintf(fp, "-----BEGIN %s-----\n", type); + + char base64[65]; + while(size) { + size_t todo = size > 48 ? 48 : size; + b64encode(buf, base64, todo); + fprintf(fp, "%s\n", base64); + buf += todo; + size -= todo; + } + + fprintf(fp, "-----END %s-----\n", type); + return !ferror(fp); +} + bool ecdsa_write_pem_public_key(ecdsa_t *ecdsa, FILE *fp) { - BIO *out = BIO_new(BIO_s_file()); - if(!out) - return false; - BIO_set_fp(out, fp, BIO_NOCLOSE); - bool result = PEM_write_bio_EC_PUBKEY(out, ecdsa); - BIO_free(out); - return result; + return write_pem(fp, "ED25519 PUBLIC KEY", ecdsa->public, sizeof ecdsa->public); } bool ecdsa_write_pem_private_key(ecdsa_t *ecdsa, FILE *fp) { - BIO *out = BIO_new(BIO_s_file()); - if(!out) - return false; - BIO_set_fp(out, fp, BIO_NOCLOSE); - bool result = PEM_write_bio_ECPrivateKey(out, ecdsa, NULL, NULL, 0, NULL, NULL); - BIO_free(out); - return result; + return write_pem(fp, "ED25519 PRIVATE KEY", ecdsa->private, sizeof *ecdsa); } diff --git a/src/ed25519/ed25519.h b/src/ed25519/ed25519.h new file mode 100644 index 0000000..bb34f89 --- /dev/null +++ b/src/ed25519/ed25519.h @@ -0,0 +1,38 @@ +#ifndef ED25519_H +#define ED25519_H + +#include + +#if defined(_WIN32) + #if defined(ED25519_BUILD_DLL) + #define ED25519_DECLSPEC __declspec(dllexport) + #elif defined(ED25519_DLL) + #define ED25519_DECLSPEC __declspec(dllimport) + #else + #define ED25519_DECLSPEC + #endif +#else + #define ED25519_DECLSPEC +#endif + + +#ifdef __cplusplus +extern "C" { +#endif + +#ifndef ED25519_NO_SEED +int ED25519_DECLSPEC ed25519_create_seed(unsigned char *seed); +#endif + +void ED25519_DECLSPEC ed25519_create_keypair(unsigned char *public_key, unsigned char *private_key, const unsigned char *seed); +void ED25519_DECLSPEC ed25519_sign(unsigned char *signature, const unsigned char *message, size_t message_len, const unsigned char *public_key, const unsigned char *private_key); +int ED25519_DECLSPEC ed25519_verify(const unsigned char *signature, const unsigned char *message, size_t message_len, const unsigned char *private_key); +void ED25519_DECLSPEC ed25519_add_scalar(unsigned char *public_key, unsigned char *private_key, const unsigned char *scalar); +void ED25519_DECLSPEC ed25519_key_exchange(unsigned char *shared_secret, const unsigned char *public_key, const unsigned char *private_key); + + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/src/ed25519/fe.c b/src/ed25519/fe.c new file mode 100644 index 0000000..448e3e9 --- /dev/null +++ b/src/ed25519/fe.c @@ -0,0 +1,1491 @@ +#include "fixedint.h" +#include "fe.h" + + +/* + helper functions +*/ +static uint64_t load_3(const unsigned char *in) { + uint64_t result; + + result = (uint64_t) in[0]; + result |= ((uint64_t) in[1]) << 8; + result |= ((uint64_t) in[2]) << 16; + + return result; +} + +static uint64_t load_4(const unsigned char *in) { + uint64_t result; + + result = (uint64_t) in[0]; + result |= ((uint64_t) in[1]) << 8; + result |= ((uint64_t) in[2]) << 16; + result |= ((uint64_t) in[3]) << 24; + + return result; +} + + + +/* + h = 0 +*/ + +void fe_0(fe h) { + h[0] = 0; + h[1] = 0; + h[2] = 0; + h[3] = 0; + h[4] = 0; + h[5] = 0; + h[6] = 0; + h[7] = 0; + h[8] = 0; + h[9] = 0; +} + + + +/* + h = 1 +*/ + +void fe_1(fe h) { + h[0] = 1; + h[1] = 0; + h[2] = 0; + h[3] = 0; + h[4] = 0; + h[5] = 0; + h[6] = 0; + h[7] = 0; + h[8] = 0; + h[9] = 0; +} + + + +/* + h = f + g + Can overlap h with f or g. + + Preconditions: + |f| bounded by 1.1*2^25,1.1*2^24,1.1*2^25,1.1*2^24,etc. + |g| bounded by 1.1*2^25,1.1*2^24,1.1*2^25,1.1*2^24,etc. + + Postconditions: + |h| bounded by 1.1*2^26,1.1*2^25,1.1*2^26,1.1*2^25,etc. +*/ + +void fe_add(fe h, const fe f, const fe g) { + int32_t f0 = f[0]; + int32_t f1 = f[1]; + int32_t f2 = f[2]; + int32_t f3 = f[3]; + int32_t f4 = f[4]; + int32_t f5 = f[5]; + int32_t f6 = f[6]; + int32_t f7 = f[7]; + int32_t f8 = f[8]; + int32_t f9 = f[9]; + int32_t g0 = g[0]; + int32_t g1 = g[1]; + int32_t g2 = g[2]; + int32_t g3 = g[3]; + int32_t g4 = g[4]; + int32_t g5 = g[5]; + int32_t g6 = g[6]; + int32_t g7 = g[7]; + int32_t g8 = g[8]; + int32_t g9 = g[9]; + int32_t h0 = f0 + g0; + int32_t h1 = f1 + g1; + int32_t h2 = f2 + g2; + int32_t h3 = f3 + g3; + int32_t h4 = f4 + g4; + int32_t h5 = f5 + g5; + int32_t h6 = f6 + g6; + int32_t h7 = f7 + g7; + int32_t h8 = f8 + g8; + int32_t h9 = f9 + g9; + + h[0] = h0; + h[1] = h1; + h[2] = h2; + h[3] = h3; + h[4] = h4; + h[5] = h5; + h[6] = h6; + h[7] = h7; + h[8] = h8; + h[9] = h9; +} + + + +/* + Replace (f,g) with (g,g) if b == 1; + replace (f,g) with (f,g) if b == 0. + + Preconditions: b in {0,1}. +*/ + +void fe_cmov(fe f, const fe g, unsigned int b) { + int32_t f0 = f[0]; + int32_t f1 = f[1]; + int32_t f2 = f[2]; + int32_t f3 = f[3]; + int32_t f4 = f[4]; + int32_t f5 = f[5]; + int32_t f6 = f[6]; + int32_t f7 = f[7]; + int32_t f8 = f[8]; + int32_t f9 = f[9]; + int32_t g0 = g[0]; + int32_t g1 = g[1]; + int32_t g2 = g[2]; + int32_t g3 = g[3]; + int32_t g4 = g[4]; + int32_t g5 = g[5]; + int32_t g6 = g[6]; + int32_t g7 = g[7]; + int32_t g8 = g[8]; + int32_t g9 = g[9]; + int32_t x0 = f0 ^ g0; + int32_t x1 = f1 ^ g1; + int32_t x2 = f2 ^ g2; + int32_t x3 = f3 ^ g3; + int32_t x4 = f4 ^ g4; + int32_t x5 = f5 ^ g5; + int32_t x6 = f6 ^ g6; + int32_t x7 = f7 ^ g7; + int32_t x8 = f8 ^ g8; + int32_t x9 = f9 ^ g9; + + b = (unsigned int) (- (int) b); /* silence warning */ + x0 &= b; + x1 &= b; + x2 &= b; + x3 &= b; + x4 &= b; + x5 &= b; + x6 &= b; + x7 &= b; + x8 &= b; + x9 &= b; + + f[0] = f0 ^ x0; + f[1] = f1 ^ x1; + f[2] = f2 ^ x2; + f[3] = f3 ^ x3; + f[4] = f4 ^ x4; + f[5] = f5 ^ x5; + f[6] = f6 ^ x6; + f[7] = f7 ^ x7; + f[8] = f8 ^ x8; + f[9] = f9 ^ x9; +} + +/* + Replace (f,g) with (g,f) if b == 1; + replace (f,g) with (f,g) if b == 0. + + Preconditions: b in {0,1}. +*/ + +void fe_cswap(fe f,fe g,unsigned int b) { + int32_t f0 = f[0]; + int32_t f1 = f[1]; + int32_t f2 = f[2]; + int32_t f3 = f[3]; + int32_t f4 = f[4]; + int32_t f5 = f[5]; + int32_t f6 = f[6]; + int32_t f7 = f[7]; + int32_t f8 = f[8]; + int32_t f9 = f[9]; + int32_t g0 = g[0]; + int32_t g1 = g[1]; + int32_t g2 = g[2]; + int32_t g3 = g[3]; + int32_t g4 = g[4]; + int32_t g5 = g[5]; + int32_t g6 = g[6]; + int32_t g7 = g[7]; + int32_t g8 = g[8]; + int32_t g9 = g[9]; + int32_t x0 = f0 ^ g0; + int32_t x1 = f1 ^ g1; + int32_t x2 = f2 ^ g2; + int32_t x3 = f3 ^ g3; + int32_t x4 = f4 ^ g4; + int32_t x5 = f5 ^ g5; + int32_t x6 = f6 ^ g6; + int32_t x7 = f7 ^ g7; + int32_t x8 = f8 ^ g8; + int32_t x9 = f9 ^ g9; + b = -b; + x0 &= b; + x1 &= b; + x2 &= b; + x3 &= b; + x4 &= b; + x5 &= b; + x6 &= b; + x7 &= b; + x8 &= b; + x9 &= b; + f[0] = f0 ^ x0; + f[1] = f1 ^ x1; + f[2] = f2 ^ x2; + f[3] = f3 ^ x3; + f[4] = f4 ^ x4; + f[5] = f5 ^ x5; + f[6] = f6 ^ x6; + f[7] = f7 ^ x7; + f[8] = f8 ^ x8; + f[9] = f9 ^ x9; + g[0] = g0 ^ x0; + g[1] = g1 ^ x1; + g[2] = g2 ^ x2; + g[3] = g3 ^ x3; + g[4] = g4 ^ x4; + g[5] = g5 ^ x5; + g[6] = g6 ^ x6; + g[7] = g7 ^ x7; + g[8] = g8 ^ x8; + g[9] = g9 ^ x9; +} + + + +/* + h = f +*/ + +void fe_copy(fe h, const fe f) { + int32_t f0 = f[0]; + int32_t f1 = f[1]; + int32_t f2 = f[2]; + int32_t f3 = f[3]; + int32_t f4 = f[4]; + int32_t f5 = f[5]; + int32_t f6 = f[6]; + int32_t f7 = f[7]; + int32_t f8 = f[8]; + int32_t f9 = f[9]; + + h[0] = f0; + h[1] = f1; + h[2] = f2; + h[3] = f3; + h[4] = f4; + h[5] = f5; + h[6] = f6; + h[7] = f7; + h[8] = f8; + h[9] = f9; +} + + + +/* + Ignores top bit of h. +*/ + +void fe_frombytes(fe h, const unsigned char *s) { + int64_t h0 = load_4(s); + int64_t h1 = load_3(s + 4) << 6; + int64_t h2 = load_3(s + 7) << 5; + int64_t h3 = load_3(s + 10) << 3; + int64_t h4 = load_3(s + 13) << 2; + int64_t h5 = load_4(s + 16); + int64_t h6 = load_3(s + 20) << 7; + int64_t h7 = load_3(s + 23) << 5; + int64_t h8 = load_3(s + 26) << 4; + int64_t h9 = (load_3(s + 29) & 8388607) << 2; + int64_t carry0; + int64_t carry1; + int64_t carry2; + int64_t carry3; + int64_t carry4; + int64_t carry5; + int64_t carry6; + int64_t carry7; + int64_t carry8; + int64_t carry9; + + carry9 = (h9 + (int64_t) (1 << 24)) >> 25; + h0 += carry9 * 19; + h9 -= carry9 << 25; + carry1 = (h1 + (int64_t) (1 << 24)) >> 25; + h2 += carry1; + h1 -= carry1 << 25; + carry3 = (h3 + (int64_t) (1 << 24)) >> 25; + h4 += carry3; + h3 -= carry3 << 25; + carry5 = (h5 + (int64_t) (1 << 24)) >> 25; + h6 += carry5; + h5 -= carry5 << 25; + carry7 = (h7 + (int64_t) (1 << 24)) >> 25; + h8 += carry7; + h7 -= carry7 << 25; + carry0 = (h0 + (int64_t) (1 << 25)) >> 26; + h1 += carry0; + h0 -= carry0 << 26; + carry2 = (h2 + (int64_t) (1 << 25)) >> 26; + h3 += carry2; + h2 -= carry2 << 26; + carry4 = (h4 + (int64_t) (1 << 25)) >> 26; + h5 += carry4; + h4 -= carry4 << 26; + carry6 = (h6 + (int64_t) (1 << 25)) >> 26; + h7 += carry6; + h6 -= carry6 << 26; + carry8 = (h8 + (int64_t) (1 << 25)) >> 26; + h9 += carry8; + h8 -= carry8 << 26; + + h[0] = (int32_t) h0; + h[1] = (int32_t) h1; + h[2] = (int32_t) h2; + h[3] = (int32_t) h3; + h[4] = (int32_t) h4; + h[5] = (int32_t) h5; + h[6] = (int32_t) h6; + h[7] = (int32_t) h7; + h[8] = (int32_t) h8; + h[9] = (int32_t) h9; +} + + + +void fe_invert(fe out, const fe z) { + fe t0; + fe t1; + fe t2; + fe t3; + int i; + + fe_sq(t0, z); + + for (i = 1; i < 1; ++i) { + fe_sq(t0, t0); + } + + fe_sq(t1, t0); + + for (i = 1; i < 2; ++i) { + fe_sq(t1, t1); + } + + fe_mul(t1, z, t1); + fe_mul(t0, t0, t1); + fe_sq(t2, t0); + + for (i = 1; i < 1; ++i) { + fe_sq(t2, t2); + } + + fe_mul(t1, t1, t2); + fe_sq(t2, t1); + + for (i = 1; i < 5; ++i) { + fe_sq(t2, t2); + } + + fe_mul(t1, t2, t1); + fe_sq(t2, t1); + + for (i = 1; i < 10; ++i) { + fe_sq(t2, t2); + } + + fe_mul(t2, t2, t1); + fe_sq(t3, t2); + + for (i = 1; i < 20; ++i) { + fe_sq(t3, t3); + } + + fe_mul(t2, t3, t2); + fe_sq(t2, t2); + + for (i = 1; i < 10; ++i) { + fe_sq(t2, t2); + } + + fe_mul(t1, t2, t1); + fe_sq(t2, t1); + + for (i = 1; i < 50; ++i) { + fe_sq(t2, t2); + } + + fe_mul(t2, t2, t1); + fe_sq(t3, t2); + + for (i = 1; i < 100; ++i) { + fe_sq(t3, t3); + } + + fe_mul(t2, t3, t2); + fe_sq(t2, t2); + + for (i = 1; i < 50; ++i) { + fe_sq(t2, t2); + } + + fe_mul(t1, t2, t1); + fe_sq(t1, t1); + + for (i = 1; i < 5; ++i) { + fe_sq(t1, t1); + } + + fe_mul(out, t1, t0); +} + + + +/* + return 1 if f is in {1,3,5,...,q-2} + return 0 if f is in {0,2,4,...,q-1} + + Preconditions: + |f| bounded by 1.1*2^26,1.1*2^25,1.1*2^26,1.1*2^25,etc. +*/ + +int fe_isnegative(const fe f) { + unsigned char s[32]; + + fe_tobytes(s, f); + + return s[0] & 1; +} + + + +/* + return 1 if f == 0 + return 0 if f != 0 + + Preconditions: + |f| bounded by 1.1*2^26,1.1*2^25,1.1*2^26,1.1*2^25,etc. +*/ + +int fe_isnonzero(const fe f) { + unsigned char s[32]; + unsigned char r; + + fe_tobytes(s, f); + + r = s[0]; + #define F(i) r |= s[i] + F(1); + F(2); + F(3); + F(4); + F(5); + F(6); + F(7); + F(8); + F(9); + F(10); + F(11); + F(12); + F(13); + F(14); + F(15); + F(16); + F(17); + F(18); + F(19); + F(20); + F(21); + F(22); + F(23); + F(24); + F(25); + F(26); + F(27); + F(28); + F(29); + F(30); + F(31); + #undef F + + return r != 0; +} + + + +/* + h = f * g + Can overlap h with f or g. + + Preconditions: + |f| bounded by 1.65*2^26,1.65*2^25,1.65*2^26,1.65*2^25,etc. + |g| bounded by 1.65*2^26,1.65*2^25,1.65*2^26,1.65*2^25,etc. + + Postconditions: + |h| bounded by 1.01*2^25,1.01*2^24,1.01*2^25,1.01*2^24,etc. + */ + + /* + Notes on implementation strategy: + + Using schoolbook multiplication. + Karatsuba would save a little in some cost models. + + Most multiplications by 2 and 19 are 32-bit precomputations; + cheaper than 64-bit postcomputations. + + There is one remaining multiplication by 19 in the carry chain; + one *19 precomputation can be merged into this, + but the resulting data flow is considerably less clean. + + There are 12 carries below. + 10 of them are 2-way parallelizable and vectorizable. + Can get away with 11 carries, but then data flow is much deeper. + + With tighter constraints on inputs can squeeze carries into int32. +*/ + +void fe_mul(fe h, const fe f, const fe g) { + int32_t f0 = f[0]; + int32_t f1 = f[1]; + int32_t f2 = f[2]; + int32_t f3 = f[3]; + int32_t f4 = f[4]; + int32_t f5 = f[5]; + int32_t f6 = f[6]; + int32_t f7 = f[7]; + int32_t f8 = f[8]; + int32_t f9 = f[9]; + int32_t g0 = g[0]; + int32_t g1 = g[1]; + int32_t g2 = g[2]; + int32_t g3 = g[3]; + int32_t g4 = g[4]; + int32_t g5 = g[5]; + int32_t g6 = g[6]; + int32_t g7 = g[7]; + int32_t g8 = g[8]; + int32_t g9 = g[9]; + int32_t g1_19 = 19 * g1; /* 1.959375*2^29 */ + int32_t g2_19 = 19 * g2; /* 1.959375*2^30; still ok */ + int32_t g3_19 = 19 * g3; + int32_t g4_19 = 19 * g4; + int32_t g5_19 = 19 * g5; + int32_t g6_19 = 19 * g6; + int32_t g7_19 = 19 * g7; + int32_t g8_19 = 19 * g8; + int32_t g9_19 = 19 * g9; + int32_t f1_2 = 2 * f1; + int32_t f3_2 = 2 * f3; + int32_t f5_2 = 2 * f5; + int32_t f7_2 = 2 * f7; + int32_t f9_2 = 2 * f9; + int64_t f0g0 = f0 * (int64_t) g0; + int64_t f0g1 = f0 * (int64_t) g1; + int64_t f0g2 = f0 * (int64_t) g2; + int64_t f0g3 = f0 * (int64_t) g3; + int64_t f0g4 = f0 * (int64_t) g4; + int64_t f0g5 = f0 * (int64_t) g5; + int64_t f0g6 = f0 * (int64_t) g6; + int64_t f0g7 = f0 * (int64_t) g7; + int64_t f0g8 = f0 * (int64_t) g8; + int64_t f0g9 = f0 * (int64_t) g9; + int64_t f1g0 = f1 * (int64_t) g0; + int64_t f1g1_2 = f1_2 * (int64_t) g1; + int64_t f1g2 = f1 * (int64_t) g2; + int64_t f1g3_2 = f1_2 * (int64_t) g3; + int64_t f1g4 = f1 * (int64_t) g4; + int64_t f1g5_2 = f1_2 * (int64_t) g5; + int64_t f1g6 = f1 * (int64_t) g6; + int64_t f1g7_2 = f1_2 * (int64_t) g7; + int64_t f1g8 = f1 * (int64_t) g8; + int64_t f1g9_38 = f1_2 * (int64_t) g9_19; + int64_t f2g0 = f2 * (int64_t) g0; + int64_t f2g1 = f2 * (int64_t) g1; + int64_t f2g2 = f2 * (int64_t) g2; + int64_t f2g3 = f2 * (int64_t) g3; + int64_t f2g4 = f2 * (int64_t) g4; + int64_t f2g5 = f2 * (int64_t) g5; + int64_t f2g6 = f2 * (int64_t) g6; + int64_t f2g7 = f2 * (int64_t) g7; + int64_t f2g8_19 = f2 * (int64_t) g8_19; + int64_t f2g9_19 = f2 * (int64_t) g9_19; + int64_t f3g0 = f3 * (int64_t) g0; + int64_t f3g1_2 = f3_2 * (int64_t) g1; + int64_t f3g2 = f3 * (int64_t) g2; + int64_t f3g3_2 = f3_2 * (int64_t) g3; + int64_t f3g4 = f3 * (int64_t) g4; + int64_t f3g5_2 = f3_2 * (int64_t) g5; + int64_t f3g6 = f3 * (int64_t) g6; + int64_t f3g7_38 = f3_2 * (int64_t) g7_19; + int64_t f3g8_19 = f3 * (int64_t) g8_19; + int64_t f3g9_38 = f3_2 * (int64_t) g9_19; + int64_t f4g0 = f4 * (int64_t) g0; + int64_t f4g1 = f4 * (int64_t) g1; + int64_t f4g2 = f4 * (int64_t) g2; + int64_t f4g3 = f4 * (int64_t) g3; + int64_t f4g4 = f4 * (int64_t) g4; + int64_t f4g5 = f4 * (int64_t) g5; + int64_t f4g6_19 = f4 * (int64_t) g6_19; + int64_t f4g7_19 = f4 * (int64_t) g7_19; + int64_t f4g8_19 = f4 * (int64_t) g8_19; + int64_t f4g9_19 = f4 * (int64_t) g9_19; + int64_t f5g0 = f5 * (int64_t) g0; + int64_t f5g1_2 = f5_2 * (int64_t) g1; + int64_t f5g2 = f5 * (int64_t) g2; + int64_t f5g3_2 = f5_2 * (int64_t) g3; + int64_t f5g4 = f5 * (int64_t) g4; + int64_t f5g5_38 = f5_2 * (int64_t) g5_19; + int64_t f5g6_19 = f5 * (int64_t) g6_19; + int64_t f5g7_38 = f5_2 * (int64_t) g7_19; + int64_t f5g8_19 = f5 * (int64_t) g8_19; + int64_t f5g9_38 = f5_2 * (int64_t) g9_19; + int64_t f6g0 = f6 * (int64_t) g0; + int64_t f6g1 = f6 * (int64_t) g1; + int64_t f6g2 = f6 * (int64_t) g2; + int64_t f6g3 = f6 * (int64_t) g3; + int64_t f6g4_19 = f6 * (int64_t) g4_19; + int64_t f6g5_19 = f6 * (int64_t) g5_19; + int64_t f6g6_19 = f6 * (int64_t) g6_19; + int64_t f6g7_19 = f6 * (int64_t) g7_19; + int64_t f6g8_19 = f6 * (int64_t) g8_19; + int64_t f6g9_19 = f6 * (int64_t) g9_19; + int64_t f7g0 = f7 * (int64_t) g0; + int64_t f7g1_2 = f7_2 * (int64_t) g1; + int64_t f7g2 = f7 * (int64_t) g2; + int64_t f7g3_38 = f7_2 * (int64_t) g3_19; + int64_t f7g4_19 = f7 * (int64_t) g4_19; + int64_t f7g5_38 = f7_2 * (int64_t) g5_19; + int64_t f7g6_19 = f7 * (int64_t) g6_19; + int64_t f7g7_38 = f7_2 * (int64_t) g7_19; + int64_t f7g8_19 = f7 * (int64_t) g8_19; + int64_t f7g9_38 = f7_2 * (int64_t) g9_19; + int64_t f8g0 = f8 * (int64_t) g0; + int64_t f8g1 = f8 * (int64_t) g1; + int64_t f8g2_19 = f8 * (int64_t) g2_19; + int64_t f8g3_19 = f8 * (int64_t) g3_19; + int64_t f8g4_19 = f8 * (int64_t) g4_19; + int64_t f8g5_19 = f8 * (int64_t) g5_19; + int64_t f8g6_19 = f8 * (int64_t) g6_19; + int64_t f8g7_19 = f8 * (int64_t) g7_19; + int64_t f8g8_19 = f8 * (int64_t) g8_19; + int64_t f8g9_19 = f8 * (int64_t) g9_19; + int64_t f9g0 = f9 * (int64_t) g0; + int64_t f9g1_38 = f9_2 * (int64_t) g1_19; + int64_t f9g2_19 = f9 * (int64_t) g2_19; + int64_t f9g3_38 = f9_2 * (int64_t) g3_19; + int64_t f9g4_19 = f9 * (int64_t) g4_19; + int64_t f9g5_38 = f9_2 * (int64_t) g5_19; + int64_t f9g6_19 = f9 * (int64_t) g6_19; + int64_t f9g7_38 = f9_2 * (int64_t) g7_19; + int64_t f9g8_19 = f9 * (int64_t) g8_19; + int64_t f9g9_38 = f9_2 * (int64_t) g9_19; + int64_t h0 = f0g0 + f1g9_38 + f2g8_19 + f3g7_38 + f4g6_19 + f5g5_38 + f6g4_19 + f7g3_38 + f8g2_19 + f9g1_38; + int64_t h1 = f0g1 + f1g0 + f2g9_19 + f3g8_19 + f4g7_19 + f5g6_19 + f6g5_19 + f7g4_19 + f8g3_19 + f9g2_19; + int64_t h2 = f0g2 + f1g1_2 + f2g0 + f3g9_38 + f4g8_19 + f5g7_38 + f6g6_19 + f7g5_38 + f8g4_19 + f9g3_38; + int64_t h3 = f0g3 + f1g2 + f2g1 + f3g0 + f4g9_19 + f5g8_19 + f6g7_19 + f7g6_19 + f8g5_19 + f9g4_19; + int64_t h4 = f0g4 + f1g3_2 + f2g2 + f3g1_2 + f4g0 + f5g9_38 + f6g8_19 + f7g7_38 + f8g6_19 + f9g5_38; + int64_t h5 = f0g5 + f1g4 + f2g3 + f3g2 + f4g1 + f5g0 + f6g9_19 + f7g8_19 + f8g7_19 + f9g6_19; + int64_t h6 = f0g6 + f1g5_2 + f2g4 + f3g3_2 + f4g2 + f5g1_2 + f6g0 + f7g9_38 + f8g8_19 + f9g7_38; + int64_t h7 = f0g7 + f1g6 + f2g5 + f3g4 + f4g3 + f5g2 + f6g1 + f7g0 + f8g9_19 + f9g8_19; + int64_t h8 = f0g8 + f1g7_2 + f2g6 + f3g5_2 + f4g4 + f5g3_2 + f6g2 + f7g1_2 + f8g0 + f9g9_38; + int64_t h9 = f0g9 + f1g8 + f2g7 + f3g6 + f4g5 + f5g4 + f6g3 + f7g2 + f8g1 + f9g0 ; + int64_t carry0; + int64_t carry1; + int64_t carry2; + int64_t carry3; + int64_t carry4; + int64_t carry5; + int64_t carry6; + int64_t carry7; + int64_t carry8; + int64_t carry9; + + carry0 = (h0 + (int64_t) (1 << 25)) >> 26; + h1 += carry0; + h0 -= carry0 << 26; + carry4 = (h4 + (int64_t) (1 << 25)) >> 26; + h5 += carry4; + h4 -= carry4 << 26; + + carry1 = (h1 + (int64_t) (1 << 24)) >> 25; + h2 += carry1; + h1 -= carry1 << 25; + carry5 = (h5 + (int64_t) (1 << 24)) >> 25; + h6 += carry5; + h5 -= carry5 << 25; + + carry2 = (h2 + (int64_t) (1 << 25)) >> 26; + h3 += carry2; + h2 -= carry2 << 26; + carry6 = (h6 + (int64_t) (1 << 25)) >> 26; + h7 += carry6; + h6 -= carry6 << 26; + + carry3 = (h3 + (int64_t) (1 << 24)) >> 25; + h4 += carry3; + h3 -= carry3 << 25; + carry7 = (h7 + (int64_t) (1 << 24)) >> 25; + h8 += carry7; + h7 -= carry7 << 25; + + carry4 = (h4 + (int64_t) (1 << 25)) >> 26; + h5 += carry4; + h4 -= carry4 << 26; + carry8 = (h8 + (int64_t) (1 << 25)) >> 26; + h9 += carry8; + h8 -= carry8 << 26; + + carry9 = (h9 + (int64_t) (1 << 24)) >> 25; + h0 += carry9 * 19; + h9 -= carry9 << 25; + + carry0 = (h0 + (int64_t) (1 << 25)) >> 26; + h1 += carry0; + h0 -= carry0 << 26; + + h[0] = (int32_t) h0; + h[1] = (int32_t) h1; + h[2] = (int32_t) h2; + h[3] = (int32_t) h3; + h[4] = (int32_t) h4; + h[5] = (int32_t) h5; + h[6] = (int32_t) h6; + h[7] = (int32_t) h7; + h[8] = (int32_t) h8; + h[9] = (int32_t) h9; +} + + +/* +h = f * 121666 +Can overlap h with f. + +Preconditions: + |f| bounded by 1.1*2^26,1.1*2^25,1.1*2^26,1.1*2^25,etc. + +Postconditions: + |h| bounded by 1.1*2^25,1.1*2^24,1.1*2^25,1.1*2^24,etc. +*/ + +void fe_mul121666(fe h, fe f) { + int32_t f0 = f[0]; + int32_t f1 = f[1]; + int32_t f2 = f[2]; + int32_t f3 = f[3]; + int32_t f4 = f[4]; + int32_t f5 = f[5]; + int32_t f6 = f[6]; + int32_t f7 = f[7]; + int32_t f8 = f[8]; + int32_t f9 = f[9]; + int64_t h0 = f0 * (int64_t) 121666; + int64_t h1 = f1 * (int64_t) 121666; + int64_t h2 = f2 * (int64_t) 121666; + int64_t h3 = f3 * (int64_t) 121666; + int64_t h4 = f4 * (int64_t) 121666; + int64_t h5 = f5 * (int64_t) 121666; + int64_t h6 = f6 * (int64_t) 121666; + int64_t h7 = f7 * (int64_t) 121666; + int64_t h8 = f8 * (int64_t) 121666; + int64_t h9 = f9 * (int64_t) 121666; + int64_t carry0; + int64_t carry1; + int64_t carry2; + int64_t carry3; + int64_t carry4; + int64_t carry5; + int64_t carry6; + int64_t carry7; + int64_t carry8; + int64_t carry9; + + carry9 = (h9 + (int64_t) (1<<24)) >> 25; h0 += carry9 * 19; h9 -= carry9 << 25; + carry1 = (h1 + (int64_t) (1<<24)) >> 25; h2 += carry1; h1 -= carry1 << 25; + carry3 = (h3 + (int64_t) (1<<24)) >> 25; h4 += carry3; h3 -= carry3 << 25; + carry5 = (h5 + (int64_t) (1<<24)) >> 25; h6 += carry5; h5 -= carry5 << 25; + carry7 = (h7 + (int64_t) (1<<24)) >> 25; h8 += carry7; h7 -= carry7 << 25; + + carry0 = (h0 + (int64_t) (1<<25)) >> 26; h1 += carry0; h0 -= carry0 << 26; + carry2 = (h2 + (int64_t) (1<<25)) >> 26; h3 += carry2; h2 -= carry2 << 26; + carry4 = (h4 + (int64_t) (1<<25)) >> 26; h5 += carry4; h4 -= carry4 << 26; + carry6 = (h6 + (int64_t) (1<<25)) >> 26; h7 += carry6; h6 -= carry6 << 26; + carry8 = (h8 + (int64_t) (1<<25)) >> 26; h9 += carry8; h8 -= carry8 << 26; + + h[0] = h0; + h[1] = h1; + h[2] = h2; + h[3] = h3; + h[4] = h4; + h[5] = h5; + h[6] = h6; + h[7] = h7; + h[8] = h8; + h[9] = h9; +} + + +/* +h = -f + +Preconditions: + |f| bounded by 1.1*2^25,1.1*2^24,1.1*2^25,1.1*2^24,etc. + +Postconditions: + |h| bounded by 1.1*2^25,1.1*2^24,1.1*2^25,1.1*2^24,etc. +*/ + +void fe_neg(fe h, const fe f) { + int32_t f0 = f[0]; + int32_t f1 = f[1]; + int32_t f2 = f[2]; + int32_t f3 = f[3]; + int32_t f4 = f[4]; + int32_t f5 = f[5]; + int32_t f6 = f[6]; + int32_t f7 = f[7]; + int32_t f8 = f[8]; + int32_t f9 = f[9]; + int32_t h0 = -f0; + int32_t h1 = -f1; + int32_t h2 = -f2; + int32_t h3 = -f3; + int32_t h4 = -f4; + int32_t h5 = -f5; + int32_t h6 = -f6; + int32_t h7 = -f7; + int32_t h8 = -f8; + int32_t h9 = -f9; + + h[0] = h0; + h[1] = h1; + h[2] = h2; + h[3] = h3; + h[4] = h4; + h[5] = h5; + h[6] = h6; + h[7] = h7; + h[8] = h8; + h[9] = h9; +} + + +void fe_pow22523(fe out, const fe z) { + fe t0; + fe t1; + fe t2; + int i; + fe_sq(t0, z); + + for (i = 1; i < 1; ++i) { + fe_sq(t0, t0); + } + + fe_sq(t1, t0); + + for (i = 1; i < 2; ++i) { + fe_sq(t1, t1); + } + + fe_mul(t1, z, t1); + fe_mul(t0, t0, t1); + fe_sq(t0, t0); + + for (i = 1; i < 1; ++i) { + fe_sq(t0, t0); + } + + fe_mul(t0, t1, t0); + fe_sq(t1, t0); + + for (i = 1; i < 5; ++i) { + fe_sq(t1, t1); + } + + fe_mul(t0, t1, t0); + fe_sq(t1, t0); + + for (i = 1; i < 10; ++i) { + fe_sq(t1, t1); + } + + fe_mul(t1, t1, t0); + fe_sq(t2, t1); + + for (i = 1; i < 20; ++i) { + fe_sq(t2, t2); + } + + fe_mul(t1, t2, t1); + fe_sq(t1, t1); + + for (i = 1; i < 10; ++i) { + fe_sq(t1, t1); + } + + fe_mul(t0, t1, t0); + fe_sq(t1, t0); + + for (i = 1; i < 50; ++i) { + fe_sq(t1, t1); + } + + fe_mul(t1, t1, t0); + fe_sq(t2, t1); + + for (i = 1; i < 100; ++i) { + fe_sq(t2, t2); + } + + fe_mul(t1, t2, t1); + fe_sq(t1, t1); + + for (i = 1; i < 50; ++i) { + fe_sq(t1, t1); + } + + fe_mul(t0, t1, t0); + fe_sq(t0, t0); + + for (i = 1; i < 2; ++i) { + fe_sq(t0, t0); + } + + fe_mul(out, t0, z); + return; +} + + +/* +h = f * f +Can overlap h with f. + +Preconditions: + |f| bounded by 1.65*2^26,1.65*2^25,1.65*2^26,1.65*2^25,etc. + +Postconditions: + |h| bounded by 1.01*2^25,1.01*2^24,1.01*2^25,1.01*2^24,etc. +*/ + +/* +See fe_mul.c for discussion of implementation strategy. +*/ + +void fe_sq(fe h, const fe f) { + int32_t f0 = f[0]; + int32_t f1 = f[1]; + int32_t f2 = f[2]; + int32_t f3 = f[3]; + int32_t f4 = f[4]; + int32_t f5 = f[5]; + int32_t f6 = f[6]; + int32_t f7 = f[7]; + int32_t f8 = f[8]; + int32_t f9 = f[9]; + int32_t f0_2 = 2 * f0; + int32_t f1_2 = 2 * f1; + int32_t f2_2 = 2 * f2; + int32_t f3_2 = 2 * f3; + int32_t f4_2 = 2 * f4; + int32_t f5_2 = 2 * f5; + int32_t f6_2 = 2 * f6; + int32_t f7_2 = 2 * f7; + int32_t f5_38 = 38 * f5; /* 1.959375*2^30 */ + int32_t f6_19 = 19 * f6; /* 1.959375*2^30 */ + int32_t f7_38 = 38 * f7; /* 1.959375*2^30 */ + int32_t f8_19 = 19 * f8; /* 1.959375*2^30 */ + int32_t f9_38 = 38 * f9; /* 1.959375*2^30 */ + int64_t f0f0 = f0 * (int64_t) f0; + int64_t f0f1_2 = f0_2 * (int64_t) f1; + int64_t f0f2_2 = f0_2 * (int64_t) f2; + int64_t f0f3_2 = f0_2 * (int64_t) f3; + int64_t f0f4_2 = f0_2 * (int64_t) f4; + int64_t f0f5_2 = f0_2 * (int64_t) f5; + int64_t f0f6_2 = f0_2 * (int64_t) f6; + int64_t f0f7_2 = f0_2 * (int64_t) f7; + int64_t f0f8_2 = f0_2 * (int64_t) f8; + int64_t f0f9_2 = f0_2 * (int64_t) f9; + int64_t f1f1_2 = f1_2 * (int64_t) f1; + int64_t f1f2_2 = f1_2 * (int64_t) f2; + int64_t f1f3_4 = f1_2 * (int64_t) f3_2; + int64_t f1f4_2 = f1_2 * (int64_t) f4; + int64_t f1f5_4 = f1_2 * (int64_t) f5_2; + int64_t f1f6_2 = f1_2 * (int64_t) f6; + int64_t f1f7_4 = f1_2 * (int64_t) f7_2; + int64_t f1f8_2 = f1_2 * (int64_t) f8; + int64_t f1f9_76 = f1_2 * (int64_t) f9_38; + int64_t f2f2 = f2 * (int64_t) f2; + int64_t f2f3_2 = f2_2 * (int64_t) f3; + int64_t f2f4_2 = f2_2 * (int64_t) f4; + int64_t f2f5_2 = f2_2 * (int64_t) f5; + int64_t f2f6_2 = f2_2 * (int64_t) f6; + int64_t f2f7_2 = f2_2 * (int64_t) f7; + int64_t f2f8_38 = f2_2 * (int64_t) f8_19; + int64_t f2f9_38 = f2 * (int64_t) f9_38; + int64_t f3f3_2 = f3_2 * (int64_t) f3; + int64_t f3f4_2 = f3_2 * (int64_t) f4; + int64_t f3f5_4 = f3_2 * (int64_t) f5_2; + int64_t f3f6_2 = f3_2 * (int64_t) f6; + int64_t f3f7_76 = f3_2 * (int64_t) f7_38; + int64_t f3f8_38 = f3_2 * (int64_t) f8_19; + int64_t f3f9_76 = f3_2 * (int64_t) f9_38; + int64_t f4f4 = f4 * (int64_t) f4; + int64_t f4f5_2 = f4_2 * (int64_t) f5; + int64_t f4f6_38 = f4_2 * (int64_t) f6_19; + int64_t f4f7_38 = f4 * (int64_t) f7_38; + int64_t f4f8_38 = f4_2 * (int64_t) f8_19; + int64_t f4f9_38 = f4 * (int64_t) f9_38; + int64_t f5f5_38 = f5 * (int64_t) f5_38; + int64_t f5f6_38 = f5_2 * (int64_t) f6_19; + int64_t f5f7_76 = f5_2 * (int64_t) f7_38; + int64_t f5f8_38 = f5_2 * (int64_t) f8_19; + int64_t f5f9_76 = f5_2 * (int64_t) f9_38; + int64_t f6f6_19 = f6 * (int64_t) f6_19; + int64_t f6f7_38 = f6 * (int64_t) f7_38; + int64_t f6f8_38 = f6_2 * (int64_t) f8_19; + int64_t f6f9_38 = f6 * (int64_t) f9_38; + int64_t f7f7_38 = f7 * (int64_t) f7_38; + int64_t f7f8_38 = f7_2 * (int64_t) f8_19; + int64_t f7f9_76 = f7_2 * (int64_t) f9_38; + int64_t f8f8_19 = f8 * (int64_t) f8_19; + int64_t f8f9_38 = f8 * (int64_t) f9_38; + int64_t f9f9_38 = f9 * (int64_t) f9_38; + int64_t h0 = f0f0 + f1f9_76 + f2f8_38 + f3f7_76 + f4f6_38 + f5f5_38; + int64_t h1 = f0f1_2 + f2f9_38 + f3f8_38 + f4f7_38 + f5f6_38; + int64_t h2 = f0f2_2 + f1f1_2 + f3f9_76 + f4f8_38 + f5f7_76 + f6f6_19; + int64_t h3 = f0f3_2 + f1f2_2 + f4f9_38 + f5f8_38 + f6f7_38; + int64_t h4 = f0f4_2 + f1f3_4 + f2f2 + f5f9_76 + f6f8_38 + f7f7_38; + int64_t h5 = f0f5_2 + f1f4_2 + f2f3_2 + f6f9_38 + f7f8_38; + int64_t h6 = f0f6_2 + f1f5_4 + f2f4_2 + f3f3_2 + f7f9_76 + f8f8_19; + int64_t h7 = f0f7_2 + f1f6_2 + f2f5_2 + f3f4_2 + f8f9_38; + int64_t h8 = f0f8_2 + f1f7_4 + f2f6_2 + f3f5_4 + f4f4 + f9f9_38; + int64_t h9 = f0f9_2 + f1f8_2 + f2f7_2 + f3f6_2 + f4f5_2; + int64_t carry0; + int64_t carry1; + int64_t carry2; + int64_t carry3; + int64_t carry4; + int64_t carry5; + int64_t carry6; + int64_t carry7; + int64_t carry8; + int64_t carry9; + carry0 = (h0 + (int64_t) (1 << 25)) >> 26; + h1 += carry0; + h0 -= carry0 << 26; + carry4 = (h4 + (int64_t) (1 << 25)) >> 26; + h5 += carry4; + h4 -= carry4 << 26; + carry1 = (h1 + (int64_t) (1 << 24)) >> 25; + h2 += carry1; + h1 -= carry1 << 25; + carry5 = (h5 + (int64_t) (1 << 24)) >> 25; + h6 += carry5; + h5 -= carry5 << 25; + carry2 = (h2 + (int64_t) (1 << 25)) >> 26; + h3 += carry2; + h2 -= carry2 << 26; + carry6 = (h6 + (int64_t) (1 << 25)) >> 26; + h7 += carry6; + h6 -= carry6 << 26; + carry3 = (h3 + (int64_t) (1 << 24)) >> 25; + h4 += carry3; + h3 -= carry3 << 25; + carry7 = (h7 + (int64_t) (1 << 24)) >> 25; + h8 += carry7; + h7 -= carry7 << 25; + carry4 = (h4 + (int64_t) (1 << 25)) >> 26; + h5 += carry4; + h4 -= carry4 << 26; + carry8 = (h8 + (int64_t) (1 << 25)) >> 26; + h9 += carry8; + h8 -= carry8 << 26; + carry9 = (h9 + (int64_t) (1 << 24)) >> 25; + h0 += carry9 * 19; + h9 -= carry9 << 25; + carry0 = (h0 + (int64_t) (1 << 25)) >> 26; + h1 += carry0; + h0 -= carry0 << 26; + h[0] = (int32_t) h0; + h[1] = (int32_t) h1; + h[2] = (int32_t) h2; + h[3] = (int32_t) h3; + h[4] = (int32_t) h4; + h[5] = (int32_t) h5; + h[6] = (int32_t) h6; + h[7] = (int32_t) h7; + h[8] = (int32_t) h8; + h[9] = (int32_t) h9; +} + + +/* +h = 2 * f * f +Can overlap h with f. + +Preconditions: + |f| bounded by 1.65*2^26,1.65*2^25,1.65*2^26,1.65*2^25,etc. + +Postconditions: + |h| bounded by 1.01*2^25,1.01*2^24,1.01*2^25,1.01*2^24,etc. +*/ + +/* +See fe_mul.c for discussion of implementation strategy. +*/ + +void fe_sq2(fe h, const fe f) { + int32_t f0 = f[0]; + int32_t f1 = f[1]; + int32_t f2 = f[2]; + int32_t f3 = f[3]; + int32_t f4 = f[4]; + int32_t f5 = f[5]; + int32_t f6 = f[6]; + int32_t f7 = f[7]; + int32_t f8 = f[8]; + int32_t f9 = f[9]; + int32_t f0_2 = 2 * f0; + int32_t f1_2 = 2 * f1; + int32_t f2_2 = 2 * f2; + int32_t f3_2 = 2 * f3; + int32_t f4_2 = 2 * f4; + int32_t f5_2 = 2 * f5; + int32_t f6_2 = 2 * f6; + int32_t f7_2 = 2 * f7; + int32_t f5_38 = 38 * f5; /* 1.959375*2^30 */ + int32_t f6_19 = 19 * f6; /* 1.959375*2^30 */ + int32_t f7_38 = 38 * f7; /* 1.959375*2^30 */ + int32_t f8_19 = 19 * f8; /* 1.959375*2^30 */ + int32_t f9_38 = 38 * f9; /* 1.959375*2^30 */ + int64_t f0f0 = f0 * (int64_t) f0; + int64_t f0f1_2 = f0_2 * (int64_t) f1; + int64_t f0f2_2 = f0_2 * (int64_t) f2; + int64_t f0f3_2 = f0_2 * (int64_t) f3; + int64_t f0f4_2 = f0_2 * (int64_t) f4; + int64_t f0f5_2 = f0_2 * (int64_t) f5; + int64_t f0f6_2 = f0_2 * (int64_t) f6; + int64_t f0f7_2 = f0_2 * (int64_t) f7; + int64_t f0f8_2 = f0_2 * (int64_t) f8; + int64_t f0f9_2 = f0_2 * (int64_t) f9; + int64_t f1f1_2 = f1_2 * (int64_t) f1; + int64_t f1f2_2 = f1_2 * (int64_t) f2; + int64_t f1f3_4 = f1_2 * (int64_t) f3_2; + int64_t f1f4_2 = f1_2 * (int64_t) f4; + int64_t f1f5_4 = f1_2 * (int64_t) f5_2; + int64_t f1f6_2 = f1_2 * (int64_t) f6; + int64_t f1f7_4 = f1_2 * (int64_t) f7_2; + int64_t f1f8_2 = f1_2 * (int64_t) f8; + int64_t f1f9_76 = f1_2 * (int64_t) f9_38; + int64_t f2f2 = f2 * (int64_t) f2; + int64_t f2f3_2 = f2_2 * (int64_t) f3; + int64_t f2f4_2 = f2_2 * (int64_t) f4; + int64_t f2f5_2 = f2_2 * (int64_t) f5; + int64_t f2f6_2 = f2_2 * (int64_t) f6; + int64_t f2f7_2 = f2_2 * (int64_t) f7; + int64_t f2f8_38 = f2_2 * (int64_t) f8_19; + int64_t f2f9_38 = f2 * (int64_t) f9_38; + int64_t f3f3_2 = f3_2 * (int64_t) f3; + int64_t f3f4_2 = f3_2 * (int64_t) f4; + int64_t f3f5_4 = f3_2 * (int64_t) f5_2; + int64_t f3f6_2 = f3_2 * (int64_t) f6; + int64_t f3f7_76 = f3_2 * (int64_t) f7_38; + int64_t f3f8_38 = f3_2 * (int64_t) f8_19; + int64_t f3f9_76 = f3_2 * (int64_t) f9_38; + int64_t f4f4 = f4 * (int64_t) f4; + int64_t f4f5_2 = f4_2 * (int64_t) f5; + int64_t f4f6_38 = f4_2 * (int64_t) f6_19; + int64_t f4f7_38 = f4 * (int64_t) f7_38; + int64_t f4f8_38 = f4_2 * (int64_t) f8_19; + int64_t f4f9_38 = f4 * (int64_t) f9_38; + int64_t f5f5_38 = f5 * (int64_t) f5_38; + int64_t f5f6_38 = f5_2 * (int64_t) f6_19; + int64_t f5f7_76 = f5_2 * (int64_t) f7_38; + int64_t f5f8_38 = f5_2 * (int64_t) f8_19; + int64_t f5f9_76 = f5_2 * (int64_t) f9_38; + int64_t f6f6_19 = f6 * (int64_t) f6_19; + int64_t f6f7_38 = f6 * (int64_t) f7_38; + int64_t f6f8_38 = f6_2 * (int64_t) f8_19; + int64_t f6f9_38 = f6 * (int64_t) f9_38; + int64_t f7f7_38 = f7 * (int64_t) f7_38; + int64_t f7f8_38 = f7_2 * (int64_t) f8_19; + int64_t f7f9_76 = f7_2 * (int64_t) f9_38; + int64_t f8f8_19 = f8 * (int64_t) f8_19; + int64_t f8f9_38 = f8 * (int64_t) f9_38; + int64_t f9f9_38 = f9 * (int64_t) f9_38; + int64_t h0 = f0f0 + f1f9_76 + f2f8_38 + f3f7_76 + f4f6_38 + f5f5_38; + int64_t h1 = f0f1_2 + f2f9_38 + f3f8_38 + f4f7_38 + f5f6_38; + int64_t h2 = f0f2_2 + f1f1_2 + f3f9_76 + f4f8_38 + f5f7_76 + f6f6_19; + int64_t h3 = f0f3_2 + f1f2_2 + f4f9_38 + f5f8_38 + f6f7_38; + int64_t h4 = f0f4_2 + f1f3_4 + f2f2 + f5f9_76 + f6f8_38 + f7f7_38; + int64_t h5 = f0f5_2 + f1f4_2 + f2f3_2 + f6f9_38 + f7f8_38; + int64_t h6 = f0f6_2 + f1f5_4 + f2f4_2 + f3f3_2 + f7f9_76 + f8f8_19; + int64_t h7 = f0f7_2 + f1f6_2 + f2f5_2 + f3f4_2 + f8f9_38; + int64_t h8 = f0f8_2 + f1f7_4 + f2f6_2 + f3f5_4 + f4f4 + f9f9_38; + int64_t h9 = f0f9_2 + f1f8_2 + f2f7_2 + f3f6_2 + f4f5_2; + int64_t carry0; + int64_t carry1; + int64_t carry2; + int64_t carry3; + int64_t carry4; + int64_t carry5; + int64_t carry6; + int64_t carry7; + int64_t carry8; + int64_t carry9; + h0 += h0; + h1 += h1; + h2 += h2; + h3 += h3; + h4 += h4; + h5 += h5; + h6 += h6; + h7 += h7; + h8 += h8; + h9 += h9; + carry0 = (h0 + (int64_t) (1 << 25)) >> 26; + h1 += carry0; + h0 -= carry0 << 26; + carry4 = (h4 + (int64_t) (1 << 25)) >> 26; + h5 += carry4; + h4 -= carry4 << 26; + carry1 = (h1 + (int64_t) (1 << 24)) >> 25; + h2 += carry1; + h1 -= carry1 << 25; + carry5 = (h5 + (int64_t) (1 << 24)) >> 25; + h6 += carry5; + h5 -= carry5 << 25; + carry2 = (h2 + (int64_t) (1 << 25)) >> 26; + h3 += carry2; + h2 -= carry2 << 26; + carry6 = (h6 + (int64_t) (1 << 25)) >> 26; + h7 += carry6; + h6 -= carry6 << 26; + carry3 = (h3 + (int64_t) (1 << 24)) >> 25; + h4 += carry3; + h3 -= carry3 << 25; + carry7 = (h7 + (int64_t) (1 << 24)) >> 25; + h8 += carry7; + h7 -= carry7 << 25; + carry4 = (h4 + (int64_t) (1 << 25)) >> 26; + h5 += carry4; + h4 -= carry4 << 26; + carry8 = (h8 + (int64_t) (1 << 25)) >> 26; + h9 += carry8; + h8 -= carry8 << 26; + carry9 = (h9 + (int64_t) (1 << 24)) >> 25; + h0 += carry9 * 19; + h9 -= carry9 << 25; + carry0 = (h0 + (int64_t) (1 << 25)) >> 26; + h1 += carry0; + h0 -= carry0 << 26; + h[0] = (int32_t) h0; + h[1] = (int32_t) h1; + h[2] = (int32_t) h2; + h[3] = (int32_t) h3; + h[4] = (int32_t) h4; + h[5] = (int32_t) h5; + h[6] = (int32_t) h6; + h[7] = (int32_t) h7; + h[8] = (int32_t) h8; + h[9] = (int32_t) h9; +} + + +/* +h = f - g +Can overlap h with f or g. + +Preconditions: + |f| bounded by 1.1*2^25,1.1*2^24,1.1*2^25,1.1*2^24,etc. + |g| bounded by 1.1*2^25,1.1*2^24,1.1*2^25,1.1*2^24,etc. + +Postconditions: + |h| bounded by 1.1*2^26,1.1*2^25,1.1*2^26,1.1*2^25,etc. +*/ + +void fe_sub(fe h, const fe f, const fe g) { + int32_t f0 = f[0]; + int32_t f1 = f[1]; + int32_t f2 = f[2]; + int32_t f3 = f[3]; + int32_t f4 = f[4]; + int32_t f5 = f[5]; + int32_t f6 = f[6]; + int32_t f7 = f[7]; + int32_t f8 = f[8]; + int32_t f9 = f[9]; + int32_t g0 = g[0]; + int32_t g1 = g[1]; + int32_t g2 = g[2]; + int32_t g3 = g[3]; + int32_t g4 = g[4]; + int32_t g5 = g[5]; + int32_t g6 = g[6]; + int32_t g7 = g[7]; + int32_t g8 = g[8]; + int32_t g9 = g[9]; + int32_t h0 = f0 - g0; + int32_t h1 = f1 - g1; + int32_t h2 = f2 - g2; + int32_t h3 = f3 - g3; + int32_t h4 = f4 - g4; + int32_t h5 = f5 - g5; + int32_t h6 = f6 - g6; + int32_t h7 = f7 - g7; + int32_t h8 = f8 - g8; + int32_t h9 = f9 - g9; + + h[0] = h0; + h[1] = h1; + h[2] = h2; + h[3] = h3; + h[4] = h4; + h[5] = h5; + h[6] = h6; + h[7] = h7; + h[8] = h8; + h[9] = h9; +} + + + +/* +Preconditions: + |h| bounded by 1.1*2^26,1.1*2^25,1.1*2^26,1.1*2^25,etc. + +Write p=2^255-19; q=floor(h/p). +Basic claim: q = floor(2^(-255)(h + 19 2^(-25)h9 + 2^(-1))). + +Proof: + Have |h|<=p so |q|<=1 so |19^2 2^(-255) q|<1/4. + Also have |h-2^230 h9|<2^231 so |19 2^(-255)(h-2^230 h9)|<1/4. + + Write y=2^(-1)-19^2 2^(-255)q-19 2^(-255)(h-2^230 h9). + Then 0> 25; + q = (h0 + q) >> 26; + q = (h1 + q) >> 25; + q = (h2 + q) >> 26; + q = (h3 + q) >> 25; + q = (h4 + q) >> 26; + q = (h5 + q) >> 25; + q = (h6 + q) >> 26; + q = (h7 + q) >> 25; + q = (h8 + q) >> 26; + q = (h9 + q) >> 25; + /* Goal: Output h-(2^255-19)q, which is between 0 and 2^255-20. */ + h0 += 19 * q; + /* Goal: Output h-2^255 q, which is between 0 and 2^255-20. */ + carry0 = h0 >> 26; + h1 += carry0; + h0 -= carry0 << 26; + carry1 = h1 >> 25; + h2 += carry1; + h1 -= carry1 << 25; + carry2 = h2 >> 26; + h3 += carry2; + h2 -= carry2 << 26; + carry3 = h3 >> 25; + h4 += carry3; + h3 -= carry3 << 25; + carry4 = h4 >> 26; + h5 += carry4; + h4 -= carry4 << 26; + carry5 = h5 >> 25; + h6 += carry5; + h5 -= carry5 << 25; + carry6 = h6 >> 26; + h7 += carry6; + h6 -= carry6 << 26; + carry7 = h7 >> 25; + h8 += carry7; + h7 -= carry7 << 25; + carry8 = h8 >> 26; + h9 += carry8; + h8 -= carry8 << 26; + carry9 = h9 >> 25; + h9 -= carry9 << 25; + + /* h10 = carry9 */ + /* + Goal: Output h0+...+2^255 h10-2^255 q, which is between 0 and 2^255-20. + Have h0+...+2^230 h9 between 0 and 2^255-1; + evidently 2^255 h10-2^255 q = 0. + Goal: Output h0+...+2^230 h9. + */ + s[0] = (unsigned char) (h0 >> 0); + s[1] = (unsigned char) (h0 >> 8); + s[2] = (unsigned char) (h0 >> 16); + s[3] = (unsigned char) ((h0 >> 24) | (h1 << 2)); + s[4] = (unsigned char) (h1 >> 6); + s[5] = (unsigned char) (h1 >> 14); + s[6] = (unsigned char) ((h1 >> 22) | (h2 << 3)); + s[7] = (unsigned char) (h2 >> 5); + s[8] = (unsigned char) (h2 >> 13); + s[9] = (unsigned char) ((h2 >> 21) | (h3 << 5)); + s[10] = (unsigned char) (h3 >> 3); + s[11] = (unsigned char) (h3 >> 11); + s[12] = (unsigned char) ((h3 >> 19) | (h4 << 6)); + s[13] = (unsigned char) (h4 >> 2); + s[14] = (unsigned char) (h4 >> 10); + s[15] = (unsigned char) (h4 >> 18); + s[16] = (unsigned char) (h5 >> 0); + s[17] = (unsigned char) (h5 >> 8); + s[18] = (unsigned char) (h5 >> 16); + s[19] = (unsigned char) ((h5 >> 24) | (h6 << 1)); + s[20] = (unsigned char) (h6 >> 7); + s[21] = (unsigned char) (h6 >> 15); + s[22] = (unsigned char) ((h6 >> 23) | (h7 << 3)); + s[23] = (unsigned char) (h7 >> 5); + s[24] = (unsigned char) (h7 >> 13); + s[25] = (unsigned char) ((h7 >> 21) | (h8 << 4)); + s[26] = (unsigned char) (h8 >> 4); + s[27] = (unsigned char) (h8 >> 12); + s[28] = (unsigned char) ((h8 >> 20) | (h9 << 6)); + s[29] = (unsigned char) (h9 >> 2); + s[30] = (unsigned char) (h9 >> 10); + s[31] = (unsigned char) (h9 >> 18); +} diff --git a/src/ed25519/fe.h b/src/ed25519/fe.h new file mode 100644 index 0000000..b4b62d2 --- /dev/null +++ b/src/ed25519/fe.h @@ -0,0 +1,41 @@ +#ifndef FE_H +#define FE_H + +#include "fixedint.h" + + +/* + fe means field element. + Here the field is \Z/(2^255-19). + An element t, entries t[0]...t[9], represents the integer + t[0]+2^26 t[1]+2^51 t[2]+2^77 t[3]+2^102 t[4]+...+2^230 t[9]. + Bounds on each t[i] vary depending on context. +*/ + + +typedef int32_t fe[10]; + + +void fe_0(fe h); +void fe_1(fe h); + +void fe_frombytes(fe h, const unsigned char *s); +void fe_tobytes(unsigned char *s, const fe h); + +void fe_copy(fe h, const fe f); +int fe_isnegative(const fe f); +int fe_isnonzero(const fe f); +void fe_cmov(fe f, const fe g, unsigned int b); +void fe_cswap(fe f, fe g, unsigned int b); + +void fe_neg(fe h, const fe f); +void fe_add(fe h, const fe f, const fe g); +void fe_invert(fe out, const fe z); +void fe_sq(fe h, const fe f); +void fe_sq2(fe h, const fe f); +void fe_mul(fe h, const fe f, const fe g); +void fe_mul121666(fe h, fe f); +void fe_pow22523(fe out, const fe z); +void fe_sub(fe h, const fe f, const fe g); + +#endif diff --git a/src/ed25519/fixedint.h b/src/ed25519/fixedint.h new file mode 100644 index 0000000..d03e4bd --- /dev/null +++ b/src/ed25519/fixedint.h @@ -0,0 +1,70 @@ +/* + Portable header to provide the 32 and 64 bits type. + + Not a compatible replacement for , do not blindly use it as such. +*/ + +#if ((defined(__STDC__) && __STDC__ && __STDC_VERSION__ >= 199901L) || (defined(__WATCOMC__) && (defined(_STDINT_H_INCLUDED) || __WATCOMC__ >= 1250)) || (defined(__GNUC__) && (defined(_STDINT_H) || defined(_STDINT_H_) || defined(__UINT_FAST64_TYPE__)) )) && !defined(FIXEDINT_H_INCLUDED) + #include + #define FIXEDINT_H_INCLUDED + + #if defined(__WATCOMC__) && __WATCOMC__ >= 1250 && !defined(UINT64_C) + #include + #define UINT64_C(x) (x + (UINT64_MAX - UINT64_MAX)) + #endif +#endif + + +#ifndef FIXEDINT_H_INCLUDED + #define FIXEDINT_H_INCLUDED + + /* (u)int32_t */ + #ifndef uint32_t + #if (ULONG_MAX == 0xffffffffUL) + typedef unsigned long uint32_t; + #elif (UINT_MAX == 0xffffffffUL) + typedef unsigned int uint32_t; + #elif (USHRT_MAX == 0xffffffffUL) + typedef unsigned short uint32_t; + #endif + #endif + + + #ifndef int32_t + #if (LONG_MAX == 0x7fffffffL) + typedef signed long int32_t; + #elif (INT_MAX == 0x7fffffffL) + typedef signed int int32_t; + #elif (SHRT_MAX == 0x7fffffffL) + typedef signed short int32_t; + #endif + #endif + + + /* (u)int64_t */ + #if (defined(__STDC__) && defined(__STDC_VERSION__) && __STDC__ && __STDC_VERSION__ >= 199901L) + typedef long long int64_t; + typedef unsigned long long uint64_t; + + #define UINT64_C(v) v ##ULL + #define INT64_C(v) v ##LL + #elif defined(__GNUC__) + __extension__ typedef long long int64_t; + __extension__ typedef unsigned long long uint64_t; + + #define UINT64_C(v) v ##ULL + #define INT64_C(v) v ##LL + #elif defined(__MWERKS__) || defined(__SUNPRO_C) || defined(__SUNPRO_CC) || defined(__APPLE_CC__) || defined(_LONG_LONG) || defined(_CRAYC) + typedef long long int64_t; + typedef unsigned long long uint64_t; + + #define UINT64_C(v) v ##ULL + #define INT64_C(v) v ##LL + #elif (defined(__WATCOMC__) && defined(__WATCOM_INT64__)) || (defined(_MSC_VER) && _INTEGRAL_MAX_BITS >= 64) || (defined(__BORLANDC__) && __BORLANDC__ > 0x460) || defined(__alpha) || defined(__DECC) + typedef __int64 int64_t; + typedef unsigned __int64 uint64_t; + + #define UINT64_C(v) v ##UI64 + #define INT64_C(v) v ##I64 + #endif +#endif diff --git a/src/ed25519/ge.c b/src/ed25519/ge.c new file mode 100644 index 0000000..3c342b1 --- /dev/null +++ b/src/ed25519/ge.c @@ -0,0 +1,467 @@ +#include "ge.h" +#include "precomp_data.h" + + +/* +r = p + q +*/ + +void ge_add(ge_p1p1 *r, const ge_p3 *p, const ge_cached *q) { + fe t0; + fe_add(r->X, p->Y, p->X); + fe_sub(r->Y, p->Y, p->X); + fe_mul(r->Z, r->X, q->YplusX); + fe_mul(r->Y, r->Y, q->YminusX); + fe_mul(r->T, q->T2d, p->T); + fe_mul(r->X, p->Z, q->Z); + fe_add(t0, r->X, r->X); + fe_sub(r->X, r->Z, r->Y); + fe_add(r->Y, r->Z, r->Y); + fe_add(r->Z, t0, r->T); + fe_sub(r->T, t0, r->T); +} + + +static void slide(signed char *r, const unsigned char *a) { + int i; + int b; + int k; + + for (i = 0; i < 256; ++i) { + r[i] = 1 & (a[i >> 3] >> (i & 7)); + } + + for (i = 0; i < 256; ++i) + if (r[i]) { + for (b = 1; b <= 6 && i + b < 256; ++b) { + if (r[i + b]) { + if (r[i] + (r[i + b] << b) <= 15) { + r[i] += r[i + b] << b; + r[i + b] = 0; + } else if (r[i] - (r[i + b] << b) >= -15) { + r[i] -= r[i + b] << b; + + for (k = i + b; k < 256; ++k) { + if (!r[k]) { + r[k] = 1; + break; + } + + r[k] = 0; + } + } else { + break; + } + } + } + } +} + +/* +r = a * A + b * B +where a = a[0]+256*a[1]+...+256^31 a[31]. +and b = b[0]+256*b[1]+...+256^31 b[31]. +B is the Ed25519 base point (x,4/5) with x positive. +*/ + +void ge_double_scalarmult_vartime(ge_p2 *r, const unsigned char *a, const ge_p3 *A, const unsigned char *b) { + signed char aslide[256]; + signed char bslide[256]; + ge_cached Ai[8]; /* A,3A,5A,7A,9A,11A,13A,15A */ + ge_p1p1 t; + ge_p3 u; + ge_p3 A2; + int i; + slide(aslide, a); + slide(bslide, b); + ge_p3_to_cached(&Ai[0], A); + ge_p3_dbl(&t, A); + ge_p1p1_to_p3(&A2, &t); + ge_add(&t, &A2, &Ai[0]); + ge_p1p1_to_p3(&u, &t); + ge_p3_to_cached(&Ai[1], &u); + ge_add(&t, &A2, &Ai[1]); + ge_p1p1_to_p3(&u, &t); + ge_p3_to_cached(&Ai[2], &u); + ge_add(&t, &A2, &Ai[2]); + ge_p1p1_to_p3(&u, &t); + ge_p3_to_cached(&Ai[3], &u); + ge_add(&t, &A2, &Ai[3]); + ge_p1p1_to_p3(&u, &t); + ge_p3_to_cached(&Ai[4], &u); + ge_add(&t, &A2, &Ai[4]); + ge_p1p1_to_p3(&u, &t); + ge_p3_to_cached(&Ai[5], &u); + ge_add(&t, &A2, &Ai[5]); + ge_p1p1_to_p3(&u, &t); + ge_p3_to_cached(&Ai[6], &u); + ge_add(&t, &A2, &Ai[6]); + ge_p1p1_to_p3(&u, &t); + ge_p3_to_cached(&Ai[7], &u); + ge_p2_0(r); + + for (i = 255; i >= 0; --i) { + if (aslide[i] || bslide[i]) { + break; + } + } + + for (; i >= 0; --i) { + ge_p2_dbl(&t, r); + + if (aslide[i] > 0) { + ge_p1p1_to_p3(&u, &t); + ge_add(&t, &u, &Ai[aslide[i] / 2]); + } else if (aslide[i] < 0) { + ge_p1p1_to_p3(&u, &t); + ge_sub(&t, &u, &Ai[(-aslide[i]) / 2]); + } + + if (bslide[i] > 0) { + ge_p1p1_to_p3(&u, &t); + ge_madd(&t, &u, &Bi[bslide[i] / 2]); + } else if (bslide[i] < 0) { + ge_p1p1_to_p3(&u, &t); + ge_msub(&t, &u, &Bi[(-bslide[i]) / 2]); + } + + ge_p1p1_to_p2(r, &t); + } +} + + +static const fe d = { + -10913610, 13857413, -15372611, 6949391, 114729, -8787816, -6275908, -3247719, -18696448, -12055116 +}; + +static const fe sqrtm1 = { + -32595792, -7943725, 9377950, 3500415, 12389472, -272473, -25146209, -2005654, 326686, 11406482 +}; + +int ge_frombytes_negate_vartime(ge_p3 *h, const unsigned char *s) { + fe u; + fe v; + fe v3; + fe vxx; + fe check; + fe_frombytes(h->Y, s); + fe_1(h->Z); + fe_sq(u, h->Y); + fe_mul(v, u, d); + fe_sub(u, u, h->Z); /* u = y^2-1 */ + fe_add(v, v, h->Z); /* v = dy^2+1 */ + fe_sq(v3, v); + fe_mul(v3, v3, v); /* v3 = v^3 */ + fe_sq(h->X, v3); + fe_mul(h->X, h->X, v); + fe_mul(h->X, h->X, u); /* x = uv^7 */ + fe_pow22523(h->X, h->X); /* x = (uv^7)^((q-5)/8) */ + fe_mul(h->X, h->X, v3); + fe_mul(h->X, h->X, u); /* x = uv^3(uv^7)^((q-5)/8) */ + fe_sq(vxx, h->X); + fe_mul(vxx, vxx, v); + fe_sub(check, vxx, u); /* vx^2-u */ + + if (fe_isnonzero(check)) { + fe_add(check, vxx, u); /* vx^2+u */ + + if (fe_isnonzero(check)) { + return -1; + } + + fe_mul(h->X, h->X, sqrtm1); + } + + if (fe_isnegative(h->X) == (s[31] >> 7)) { + fe_neg(h->X, h->X); + } + + fe_mul(h->T, h->X, h->Y); + return 0; +} + + +/* +r = p + q +*/ + +void ge_madd(ge_p1p1 *r, const ge_p3 *p, const ge_precomp *q) { + fe t0; + fe_add(r->X, p->Y, p->X); + fe_sub(r->Y, p->Y, p->X); + fe_mul(r->Z, r->X, q->yplusx); + fe_mul(r->Y, r->Y, q->yminusx); + fe_mul(r->T, q->xy2d, p->T); + fe_add(t0, p->Z, p->Z); + fe_sub(r->X, r->Z, r->Y); + fe_add(r->Y, r->Z, r->Y); + fe_add(r->Z, t0, r->T); + fe_sub(r->T, t0, r->T); +} + + +/* +r = p - q +*/ + +void ge_msub(ge_p1p1 *r, const ge_p3 *p, const ge_precomp *q) { + fe t0; + + fe_add(r->X, p->Y, p->X); + fe_sub(r->Y, p->Y, p->X); + fe_mul(r->Z, r->X, q->yminusx); + fe_mul(r->Y, r->Y, q->yplusx); + fe_mul(r->T, q->xy2d, p->T); + fe_add(t0, p->Z, p->Z); + fe_sub(r->X, r->Z, r->Y); + fe_add(r->Y, r->Z, r->Y); + fe_sub(r->Z, t0, r->T); + fe_add(r->T, t0, r->T); +} + + +/* +r = p +*/ + +void ge_p1p1_to_p2(ge_p2 *r, const ge_p1p1 *p) { + fe_mul(r->X, p->X, p->T); + fe_mul(r->Y, p->Y, p->Z); + fe_mul(r->Z, p->Z, p->T); +} + + + +/* +r = p +*/ + +void ge_p1p1_to_p3(ge_p3 *r, const ge_p1p1 *p) { + fe_mul(r->X, p->X, p->T); + fe_mul(r->Y, p->Y, p->Z); + fe_mul(r->Z, p->Z, p->T); + fe_mul(r->T, p->X, p->Y); +} + + +void ge_p2_0(ge_p2 *h) { + fe_0(h->X); + fe_1(h->Y); + fe_1(h->Z); +} + + + +/* +r = 2 * p +*/ + +void ge_p2_dbl(ge_p1p1 *r, const ge_p2 *p) { + fe t0; + + fe_sq(r->X, p->X); + fe_sq(r->Z, p->Y); + fe_sq2(r->T, p->Z); + fe_add(r->Y, p->X, p->Y); + fe_sq(t0, r->Y); + fe_add(r->Y, r->Z, r->X); + fe_sub(r->Z, r->Z, r->X); + fe_sub(r->X, t0, r->Y); + fe_sub(r->T, r->T, r->Z); +} + + +void ge_p3_0(ge_p3 *h) { + fe_0(h->X); + fe_1(h->Y); + fe_1(h->Z); + fe_0(h->T); +} + + +/* +r = 2 * p +*/ + +void ge_p3_dbl(ge_p1p1 *r, const ge_p3 *p) { + ge_p2 q; + ge_p3_to_p2(&q, p); + ge_p2_dbl(r, &q); +} + + + +/* +r = p +*/ + +static const fe d2 = { + -21827239, -5839606, -30745221, 13898782, 229458, 15978800, -12551817, -6495438, 29715968, 9444199 +}; + +void ge_p3_to_cached(ge_cached *r, const ge_p3 *p) { + fe_add(r->YplusX, p->Y, p->X); + fe_sub(r->YminusX, p->Y, p->X); + fe_copy(r->Z, p->Z); + fe_mul(r->T2d, p->T, d2); +} + + +/* +r = p +*/ + +void ge_p3_to_p2(ge_p2 *r, const ge_p3 *p) { + fe_copy(r->X, p->X); + fe_copy(r->Y, p->Y); + fe_copy(r->Z, p->Z); +} + + +void ge_p3_tobytes(unsigned char *s, const ge_p3 *h) { + fe recip; + fe x; + fe y; + fe_invert(recip, h->Z); + fe_mul(x, h->X, recip); + fe_mul(y, h->Y, recip); + fe_tobytes(s, y); + s[31] ^= fe_isnegative(x) << 7; +} + + +static unsigned char equal(signed char b, signed char c) { + unsigned char ub = b; + unsigned char uc = c; + unsigned char x = ub ^ uc; /* 0: yes; 1..255: no */ + uint64_t y = x; /* 0: yes; 1..255: no */ + y -= 1; /* large: yes; 0..254: no */ + y >>= 63; /* 1: yes; 0: no */ + return (unsigned char) y; +} + +static unsigned char negative(signed char b) { + uint64_t x = b; /* 18446744073709551361..18446744073709551615: yes; 0..255: no */ + x >>= 63; /* 1: yes; 0: no */ + return (unsigned char) x; +} + +static void cmov(ge_precomp *t, ge_precomp *u, unsigned char b) { + fe_cmov(t->yplusx, u->yplusx, b); + fe_cmov(t->yminusx, u->yminusx, b); + fe_cmov(t->xy2d, u->xy2d, b); +} + + +static void select(ge_precomp *t, int pos, signed char b) { + ge_precomp minust; + unsigned char bnegative = negative(b); + unsigned char babs = b - (((-bnegative) & b) << 1); + fe_1(t->yplusx); + fe_1(t->yminusx); + fe_0(t->xy2d); + cmov(t, &base[pos][0], equal(babs, 1)); + cmov(t, &base[pos][1], equal(babs, 2)); + cmov(t, &base[pos][2], equal(babs, 3)); + cmov(t, &base[pos][3], equal(babs, 4)); + cmov(t, &base[pos][4], equal(babs, 5)); + cmov(t, &base[pos][5], equal(babs, 6)); + cmov(t, &base[pos][6], equal(babs, 7)); + cmov(t, &base[pos][7], equal(babs, 8)); + fe_copy(minust.yplusx, t->yminusx); + fe_copy(minust.yminusx, t->yplusx); + fe_neg(minust.xy2d, t->xy2d); + cmov(t, &minust, bnegative); +} + +/* +h = a * B +where a = a[0]+256*a[1]+...+256^31 a[31] +B is the Ed25519 base point (x,4/5) with x positive. + +Preconditions: + a[31] <= 127 +*/ + +void ge_scalarmult_base(ge_p3 *h, const unsigned char *a) { + signed char e[64]; + signed char carry; + ge_p1p1 r; + ge_p2 s; + ge_precomp t; + int i; + + for (i = 0; i < 32; ++i) { + e[2 * i + 0] = (a[i] >> 0) & 15; + e[2 * i + 1] = (a[i] >> 4) & 15; + } + + /* each e[i] is between 0 and 15 */ + /* e[63] is between 0 and 7 */ + carry = 0; + + for (i = 0; i < 63; ++i) { + e[i] += carry; + carry = e[i] + 8; + carry >>= 4; + e[i] -= carry << 4; + } + + e[63] += carry; + /* each e[i] is between -8 and 8 */ + ge_p3_0(h); + + for (i = 1; i < 64; i += 2) { + select(&t, i / 2, e[i]); + ge_madd(&r, h, &t); + ge_p1p1_to_p3(h, &r); + } + + ge_p3_dbl(&r, h); + ge_p1p1_to_p2(&s, &r); + ge_p2_dbl(&r, &s); + ge_p1p1_to_p2(&s, &r); + ge_p2_dbl(&r, &s); + ge_p1p1_to_p2(&s, &r); + ge_p2_dbl(&r, &s); + ge_p1p1_to_p3(h, &r); + + for (i = 0; i < 64; i += 2) { + select(&t, i / 2, e[i]); + ge_madd(&r, h, &t); + ge_p1p1_to_p3(h, &r); + } +} + + +/* +r = p - q +*/ + +void ge_sub(ge_p1p1 *r, const ge_p3 *p, const ge_cached *q) { + fe t0; + + fe_add(r->X, p->Y, p->X); + fe_sub(r->Y, p->Y, p->X); + fe_mul(r->Z, r->X, q->YminusX); + fe_mul(r->Y, r->Y, q->YplusX); + fe_mul(r->T, q->T2d, p->T); + fe_mul(r->X, p->Z, q->Z); + fe_add(t0, r->X, r->X); + fe_sub(r->X, r->Z, r->Y); + fe_add(r->Y, r->Z, r->Y); + fe_sub(r->Z, t0, r->T); + fe_add(r->T, t0, r->T); +} + + +void ge_tobytes(unsigned char *s, const ge_p2 *h) { + fe recip; + fe x; + fe y; + fe_invert(recip, h->Z); + fe_mul(x, h->X, recip); + fe_mul(y, h->Y, recip); + fe_tobytes(s, y); + s[31] ^= fe_isnegative(x) << 7; +} diff --git a/src/ed25519/ge.h b/src/ed25519/ge.h new file mode 100644 index 0000000..17fde2d --- /dev/null +++ b/src/ed25519/ge.h @@ -0,0 +1,74 @@ +#ifndef GE_H +#define GE_H + +#include "fe.h" + + +/* +ge means group element. + +Here the group is the set of pairs (x,y) of field elements (see fe.h) +satisfying -x^2 + y^2 = 1 + d x^2y^2 +where d = -121665/121666. + +Representations: + ge_p2 (projective): (X:Y:Z) satisfying x=X/Z, y=Y/Z + ge_p3 (extended): (X:Y:Z:T) satisfying x=X/Z, y=Y/Z, XY=ZT + ge_p1p1 (completed): ((X:Z),(Y:T)) satisfying x=X/Z, y=Y/T + ge_precomp (Duif): (y+x,y-x,2dxy) +*/ + +typedef struct { + fe X; + fe Y; + fe Z; +} ge_p2; + +typedef struct { + fe X; + fe Y; + fe Z; + fe T; +} ge_p3; + +typedef struct { + fe X; + fe Y; + fe Z; + fe T; +} ge_p1p1; + +typedef struct { + fe yplusx; + fe yminusx; + fe xy2d; +} ge_precomp; + +typedef struct { + fe YplusX; + fe YminusX; + fe Z; + fe T2d; +} ge_cached; + +void ge_p3_tobytes(unsigned char *s, const ge_p3 *h); +void ge_tobytes(unsigned char *s, const ge_p2 *h); +int ge_frombytes_negate_vartime(ge_p3 *h, const unsigned char *s); + +void ge_add(ge_p1p1 *r, const ge_p3 *p, const ge_cached *q); +void ge_sub(ge_p1p1 *r, const ge_p3 *p, const ge_cached *q); +void ge_double_scalarmult_vartime(ge_p2 *r, const unsigned char *a, const ge_p3 *A, const unsigned char *b); +void ge_madd(ge_p1p1 *r, const ge_p3 *p, const ge_precomp *q); +void ge_msub(ge_p1p1 *r, const ge_p3 *p, const ge_precomp *q); +void ge_scalarmult_base(ge_p3 *h, const unsigned char *a); + +void ge_p1p1_to_p2(ge_p2 *r, const ge_p1p1 *p); +void ge_p1p1_to_p3(ge_p3 *r, const ge_p1p1 *p); +void ge_p2_0(ge_p2 *h); +void ge_p2_dbl(ge_p1p1 *r, const ge_p2 *p); +void ge_p3_0(ge_p3 *h); +void ge_p3_dbl(ge_p1p1 *r, const ge_p3 *p); +void ge_p3_to_cached(ge_cached *r, const ge_p3 *p); +void ge_p3_to_p2(ge_p2 *r, const ge_p3 *p); + +#endif diff --git a/src/ed25519/key_exchange.c b/src/ed25519/key_exchange.c new file mode 100644 index 0000000..abd75da --- /dev/null +++ b/src/ed25519/key_exchange.c @@ -0,0 +1,79 @@ +#include "ed25519.h" +#include "fe.h" + +void ed25519_key_exchange(unsigned char *shared_secret, const unsigned char *public_key, const unsigned char *private_key) { + unsigned char e[32]; + unsigned int i; + + fe x1; + fe x2; + fe z2; + fe x3; + fe z3; + fe tmp0; + fe tmp1; + + int pos; + unsigned int swap; + unsigned int b; + + /* copy the private key and make sure it's valid */ + for (i = 0; i < 32; ++i) { + e[i] = private_key[i]; + } + + e[0] &= 248; + e[31] &= 63; + e[31] |= 64; + + /* unpack the public key and convert edwards to montgomery */ + /* due to CodesInChaos: montgomeryX = (edwardsY + 1)*inverse(1 - edwardsY) mod p */ + fe_frombytes(x1, public_key); + fe_1(tmp1); + fe_add(tmp0, x1, tmp1); + fe_sub(tmp1, tmp1, x1); + fe_invert(tmp1, tmp1); + fe_mul(x1, tmp0, tmp1); + + fe_1(x2); + fe_0(z2); + fe_copy(x3, x1); + fe_1(z3); + + swap = 0; + for (pos = 254; pos >= 0; --pos) { + b = e[pos / 8] >> (pos & 7); + b &= 1; + swap ^= b; + fe_cswap(x2, x3, swap); + fe_cswap(z2, z3, swap); + swap = b; + + /* from montgomery.h */ + fe_sub(tmp0, x3, z3); + fe_sub(tmp1, x2, z2); + fe_add(x2, x2, z2); + fe_add(z2, x3, z3); + fe_mul(z3, tmp0, x2); + fe_mul(z2, z2, tmp1); + fe_sq(tmp0, tmp1); + fe_sq(tmp1, x2); + fe_add(x3, z3, z2); + fe_sub(z2, z3, z2); + fe_mul(x2, tmp1, tmp0); + fe_sub(tmp1, tmp1, tmp0); + fe_sq(z2, z2); + fe_mul121666(z3, tmp1); + fe_sq(x3, x3); + fe_add(tmp0, tmp0, z3); + fe_mul(z3, x1, z2); + fe_mul(z2, tmp1, tmp0); + } + + fe_cswap(x2, x3, swap); + fe_cswap(z2, z3, swap); + + fe_invert(z2, z2); + fe_mul(x2, x2, z2); + fe_tobytes(shared_secret, x2); +} diff --git a/src/ed25519/keypair.c b/src/ed25519/keypair.c new file mode 100644 index 0000000..dc1b8ec --- /dev/null +++ b/src/ed25519/keypair.c @@ -0,0 +1,16 @@ +#include "ed25519.h" +#include "sha512.h" +#include "ge.h" + + +void ed25519_create_keypair(unsigned char *public_key, unsigned char *private_key, const unsigned char *seed) { + ge_p3 A; + + sha512(seed, 32, private_key); + private_key[0] &= 248; + private_key[31] &= 63; + private_key[31] |= 64; + + ge_scalarmult_base(&A, private_key); + ge_p3_tobytes(public_key, &A); +} diff --git a/src/ed25519/precomp_data.h b/src/ed25519/precomp_data.h new file mode 100644 index 0000000..776b84f --- /dev/null +++ b/src/ed25519/precomp_data.h @@ -0,0 +1,1391 @@ +static ge_precomp Bi[8] = { + { + { 25967493, -14356035, 29566456, 3660896, -12694345, 4014787, 27544626, -11754271, -6079156, 2047605 }, + { -12545711, 934262, -2722910, 3049990, -727428, 9406986, 12720692, 5043384, 19500929, -15469378 }, + { -8738181, 4489570, 9688441, -14785194, 10184609, -12363380, 29287919, 11864899, -24514362, -4438546 }, + }, + { + { 15636291, -9688557, 24204773, -7912398, 616977, -16685262, 27787600, -14772189, 28944400, -1550024 }, + { 16568933, 4717097, -11556148, -1102322, 15682896, -11807043, 16354577, -11775962, 7689662, 11199574 }, + { 30464156, -5976125, -11779434, -15670865, 23220365, 15915852, 7512774, 10017326, -17749093, -9920357 }, + }, + { + { 10861363, 11473154, 27284546, 1981175, -30064349, 12577861, 32867885, 14515107, -15438304, 10819380 }, + { 4708026, 6336745, 20377586, 9066809, -11272109, 6594696, -25653668, 12483688, -12668491, 5581306 }, + { 19563160, 16186464, -29386857, 4097519, 10237984, -4348115, 28542350, 13850243, -23678021, -15815942 }, + }, + { + { 5153746, 9909285, 1723747, -2777874, 30523605, 5516873, 19480852, 5230134, -23952439, -15175766 }, + { -30269007, -3463509, 7665486, 10083793, 28475525, 1649722, 20654025, 16520125, 30598449, 7715701 }, + { 28881845, 14381568, 9657904, 3680757, -20181635, 7843316, -31400660, 1370708, 29794553, -1409300 }, + }, + { + { -22518993, -6692182, 14201702, -8745502, -23510406, 8844726, 18474211, -1361450, -13062696, 13821877 }, + { -6455177, -7839871, 3374702, -4740862, -27098617, -10571707, 31655028, -7212327, 18853322, -14220951 }, + { 4566830, -12963868, -28974889, -12240689, -7602672, -2830569, -8514358, -10431137, 2207753, -3209784 }, + }, + { + { -25154831, -4185821, 29681144, 7868801, -6854661, -9423865, -12437364, -663000, -31111463, -16132436 }, + { 25576264, -2703214, 7349804, -11814844, 16472782, 9300885, 3844789, 15725684, 171356, 6466918 }, + { 23103977, 13316479, 9739013, -16149481, 817875, -15038942, 8965339, -14088058, -30714912, 16193877 }, + }, + { + { -33521811, 3180713, -2394130, 14003687, -16903474, -16270840, 17238398, 4729455, -18074513, 9256800 }, + { -25182317, -4174131, 32336398, 5036987, -21236817, 11360617, 22616405, 9761698, -19827198, 630305 }, + { -13720693, 2639453, -24237460, -7406481, 9494427, -5774029, -6554551, -15960994, -2449256, -14291300 }, + }, + { + { -3151181, -5046075, 9282714, 6866145, -31907062, -863023, -18940575, 15033784, 25105118, -7894876 }, + { -24326370, 15950226, -31801215, -14592823, -11662737, -5090925, 1573892, -2625887, 2198790, -15804619 }, + { -3099351, 10324967, -2241613, 7453183, -5446979, -2735503, -13812022, -16236442, -32461234, -12290683 }, + }, +}; + + +/* base[i][j] = (j+1)*256^i*B */ +static ge_precomp base[32][8] = { + { + { + { 25967493, -14356035, 29566456, 3660896, -12694345, 4014787, 27544626, -11754271, -6079156, 2047605 }, + { -12545711, 934262, -2722910, 3049990, -727428, 9406986, 12720692, 5043384, 19500929, -15469378 }, + { -8738181, 4489570, 9688441, -14785194, 10184609, -12363380, 29287919, 11864899, -24514362, -4438546 }, + }, + { + { -12815894, -12976347, -21581243, 11784320, -25355658, -2750717, -11717903, -3814571, -358445, -10211303 }, + { -21703237, 6903825, 27185491, 6451973, -29577724, -9554005, -15616551, 11189268, -26829678, -5319081 }, + { 26966642, 11152617, 32442495, 15396054, 14353839, -12752335, -3128826, -9541118, -15472047, -4166697 }, + }, + { + { 15636291, -9688557, 24204773, -7912398, 616977, -16685262, 27787600, -14772189, 28944400, -1550024 }, + { 16568933, 4717097, -11556148, -1102322, 15682896, -11807043, 16354577, -11775962, 7689662, 11199574 }, + { 30464156, -5976125, -11779434, -15670865, 23220365, 15915852, 7512774, 10017326, -17749093, -9920357 }, + }, + { + { -17036878, 13921892, 10945806, -6033431, 27105052, -16084379, -28926210, 15006023, 3284568, -6276540 }, + { 23599295, -8306047, -11193664, -7687416, 13236774, 10506355, 7464579, 9656445, 13059162, 10374397 }, + { 7798556, 16710257, 3033922, 2874086, 28997861, 2835604, 32406664, -3839045, -641708, -101325 }, + }, + { + { 10861363, 11473154, 27284546, 1981175, -30064349, 12577861, 32867885, 14515107, -15438304, 10819380 }, + { 4708026, 6336745, 20377586, 9066809, -11272109, 6594696, -25653668, 12483688, -12668491, 5581306 }, + { 19563160, 16186464, -29386857, 4097519, 10237984, -4348115, 28542350, 13850243, -23678021, -15815942 }, + }, + { + { -15371964, -12862754, 32573250, 4720197, -26436522, 5875511, -19188627, -15224819, -9818940, -12085777 }, + { -8549212, 109983, 15149363, 2178705, 22900618, 4543417, 3044240, -15689887, 1762328, 14866737 }, + { -18199695, -15951423, -10473290, 1707278, -17185920, 3916101, -28236412, 3959421, 27914454, 4383652 }, + }, + { + { 5153746, 9909285, 1723747, -2777874, 30523605, 5516873, 19480852, 5230134, -23952439, -15175766 }, + { -30269007, -3463509, 7665486, 10083793, 28475525, 1649722, 20654025, 16520125, 30598449, 7715701 }, + { 28881845, 14381568, 9657904, 3680757, -20181635, 7843316, -31400660, 1370708, 29794553, -1409300 }, + }, + { + { 14499471, -2729599, -33191113, -4254652, 28494862, 14271267, 30290735, 10876454, -33154098, 2381726 }, + { -7195431, -2655363, -14730155, 462251, -27724326, 3941372, -6236617, 3696005, -32300832, 15351955 }, + { 27431194, 8222322, 16448760, -3907995, -18707002, 11938355, -32961401, -2970515, 29551813, 10109425 }, + }, + }, + { + { + { -13657040, -13155431, -31283750, 11777098, 21447386, 6519384, -2378284, -1627556, 10092783, -4764171 }, + { 27939166, 14210322, 4677035, 16277044, -22964462, -12398139, -32508754, 12005538, -17810127, 12803510 }, + { 17228999, -15661624, -1233527, 300140, -1224870, -11714777, 30364213, -9038194, 18016357, 4397660 }, + }, + { + { -10958843, -7690207, 4776341, -14954238, 27850028, -15602212, -26619106, 14544525, -17477504, 982639 }, + { 29253598, 15796703, -2863982, -9908884, 10057023, 3163536, 7332899, -4120128, -21047696, 9934963 }, + { 5793303, 16271923, -24131614, -10116404, 29188560, 1206517, -14747930, 4559895, -30123922, -10897950 }, + }, + { + { -27643952, -11493006, 16282657, -11036493, 28414021, -15012264, 24191034, 4541697, -13338309, 5500568 }, + { 12650548, -1497113, 9052871, 11355358, -17680037, -8400164, -17430592, 12264343, 10874051, 13524335 }, + { 25556948, -3045990, 714651, 2510400, 23394682, -10415330, 33119038, 5080568, -22528059, 5376628 }, + }, + { + { -26088264, -4011052, -17013699, -3537628, -6726793, 1920897, -22321305, -9447443, 4535768, 1569007 }, + { -2255422, 14606630, -21692440, -8039818, 28430649, 8775819, -30494562, 3044290, 31848280, 12543772 }, + { -22028579, 2943893, -31857513, 6777306, 13784462, -4292203, -27377195, -2062731, 7718482, 14474653 }, + }, + { + { 2385315, 2454213, -22631320, 46603, -4437935, -15680415, 656965, -7236665, 24316168, -5253567 }, + { 13741529, 10911568, -33233417, -8603737, -20177830, -1033297, 33040651, -13424532, -20729456, 8321686 }, + { 21060490, -2212744, 15712757, -4336099, 1639040, 10656336, 23845965, -11874838, -9984458, 608372 }, + }, + { + { -13672732, -15087586, -10889693, -7557059, -6036909, 11305547, 1123968, -6780577, 27229399, 23887 }, + { -23244140, -294205, -11744728, 14712571, -29465699, -2029617, 12797024, -6440308, -1633405, 16678954 }, + { -29500620, 4770662, -16054387, 14001338, 7830047, 9564805, -1508144, -4795045, -17169265, 4904953 }, + }, + { + { 24059557, 14617003, 19037157, -15039908, 19766093, -14906429, 5169211, 16191880, 2128236, -4326833 }, + { -16981152, 4124966, -8540610, -10653797, 30336522, -14105247, -29806336, 916033, -6882542, -2986532 }, + { -22630907, 12419372, -7134229, -7473371, -16478904, 16739175, 285431, 2763829, 15736322, 4143876 }, + }, + { + { 2379352, 11839345, -4110402, -5988665, 11274298, 794957, 212801, -14594663, 23527084, -16458268 }, + { 33431127, -11130478, -17838966, -15626900, 8909499, 8376530, -32625340, 4087881, -15188911, -14416214 }, + { 1767683, 7197987, -13205226, -2022635, -13091350, 448826, 5799055, 4357868, -4774191, -16323038 }, + }, + }, + { + { + { 6721966, 13833823, -23523388, -1551314, 26354293, -11863321, 23365147, -3949732, 7390890, 2759800 }, + { 4409041, 2052381, 23373853, 10530217, 7676779, -12885954, 21302353, -4264057, 1244380, -12919645 }, + { -4421239, 7169619, 4982368, -2957590, 30256825, -2777540, 14086413, 9208236, 15886429, 16489664 }, + }, + { + { 1996075, 10375649, 14346367, 13311202, -6874135, -16438411, -13693198, 398369, -30606455, -712933 }, + { -25307465, 9795880, -2777414, 14878809, -33531835, 14780363, 13348553, 12076947, -30836462, 5113182 }, + { -17770784, 11797796, 31950843, 13929123, -25888302, 12288344, -30341101, -7336386, 13847711, 5387222 }, + }, + { + { -18582163, -3416217, 17824843, -2340966, 22744343, -10442611, 8763061, 3617786, -19600662, 10370991 }, + { 20246567, -14369378, 22358229, -543712, 18507283, -10413996, 14554437, -8746092, 32232924, 16763880 }, + { 9648505, 10094563, 26416693, 14745928, -30374318, -6472621, 11094161, 15689506, 3140038, -16510092 }, + }, + { + { -16160072, 5472695, 31895588, 4744994, 8823515, 10365685, -27224800, 9448613, -28774454, 366295 }, + { 19153450, 11523972, -11096490, -6503142, -24647631, 5420647, 28344573, 8041113, 719605, 11671788 }, + { 8678025, 2694440, -6808014, 2517372, 4964326, 11152271, -15432916, -15266516, 27000813, -10195553 }, + }, + { + { -15157904, 7134312, 8639287, -2814877, -7235688, 10421742, 564065, 5336097, 6750977, -14521026 }, + { 11836410, -3979488, 26297894, 16080799, 23455045, 15735944, 1695823, -8819122, 8169720, 16220347 }, + { -18115838, 8653647, 17578566, -6092619, -8025777, -16012763, -11144307, -2627664, -5990708, -14166033 }, + }, + { + { -23308498, -10968312, 15213228, -10081214, -30853605, -11050004, 27884329, 2847284, 2655861, 1738395 }, + { -27537433, -14253021, -25336301, -8002780, -9370762, 8129821, 21651608, -3239336, -19087449, -11005278 }, + { 1533110, 3437855, 23735889, 459276, 29970501, 11335377, 26030092, 5821408, 10478196, 8544890 }, + }, + { + { 32173121, -16129311, 24896207, 3921497, 22579056, -3410854, 19270449, 12217473, 17789017, -3395995 }, + { -30552961, -2228401, -15578829, -10147201, 13243889, 517024, 15479401, -3853233, 30460520, 1052596 }, + { -11614875, 13323618, 32618793, 8175907, -15230173, 12596687, 27491595, -4612359, 3179268, -9478891 }, + }, + { + { 31947069, -14366651, -4640583, -15339921, -15125977, -6039709, -14756777, -16411740, 19072640, -9511060 }, + { 11685058, 11822410, 3158003, -13952594, 33402194, -4165066, 5977896, -5215017, 473099, 5040608 }, + { -20290863, 8198642, -27410132, 11602123, 1290375, -2799760, 28326862, 1721092, -19558642, -3131606 }, + }, + }, + { + { + { 7881532, 10687937, 7578723, 7738378, -18951012, -2553952, 21820786, 8076149, -27868496, 11538389 }, + { -19935666, 3899861, 18283497, -6801568, -15728660, -11249211, 8754525, 7446702, -5676054, 5797016 }, + { -11295600, -3793569, -15782110, -7964573, 12708869, -8456199, 2014099, -9050574, -2369172, -5877341 }, + }, + { + { -22472376, -11568741, -27682020, 1146375, 18956691, 16640559, 1192730, -3714199, 15123619, 10811505 }, + { 14352098, -3419715, -18942044, 10822655, 32750596, 4699007, -70363, 15776356, -28886779, -11974553 }, + { -28241164, -8072475, -4978962, -5315317, 29416931, 1847569, -20654173, -16484855, 4714547, -9600655 }, + }, + { + { 15200332, 8368572, 19679101, 15970074, -31872674, 1959451, 24611599, -4543832, -11745876, 12340220 }, + { 12876937, -10480056, 33134381, 6590940, -6307776, 14872440, 9613953, 8241152, 15370987, 9608631 }, + { -4143277, -12014408, 8446281, -391603, 4407738, 13629032, -7724868, 15866074, -28210621, -8814099 }, + }, + { + { 26660628, -15677655, 8393734, 358047, -7401291, 992988, -23904233, 858697, 20571223, 8420556 }, + { 14620715, 13067227, -15447274, 8264467, 14106269, 15080814, 33531827, 12516406, -21574435, -12476749 }, + { 236881, 10476226, 57258, -14677024, 6472998, 2466984, 17258519, 7256740, 8791136, 15069930 }, + }, + { + { 1276410, -9371918, 22949635, -16322807, -23493039, -5702186, 14711875, 4874229, -30663140, -2331391 }, + { 5855666, 4990204, -13711848, 7294284, -7804282, 1924647, -1423175, -7912378, -33069337, 9234253 }, + { 20590503, -9018988, 31529744, -7352666, -2706834, 10650548, 31559055, -11609587, 18979186, 13396066 }, + }, + { + { 24474287, 4968103, 22267082, 4407354, 24063882, -8325180, -18816887, 13594782, 33514650, 7021958 }, + { -11566906, -6565505, -21365085, 15928892, -26158305, 4315421, -25948728, -3916677, -21480480, 12868082 }, + { -28635013, 13504661, 19988037, -2132761, 21078225, 6443208, -21446107, 2244500, -12455797, -8089383 }, + }, + { + { -30595528, 13793479, -5852820, 319136, -25723172, -6263899, 33086546, 8957937, -15233648, 5540521 }, + { -11630176, -11503902, -8119500, -7643073, 2620056, 1022908, -23710744, -1568984, -16128528, -14962807 }, + { 23152971, 775386, 27395463, 14006635, -9701118, 4649512, 1689819, 892185, -11513277, -15205948 }, + }, + { + { 9770129, 9586738, 26496094, 4324120, 1556511, -3550024, 27453819, 4763127, -19179614, 5867134 }, + { -32765025, 1927590, 31726409, -4753295, 23962434, -16019500, 27846559, 5931263, -29749703, -16108455 }, + { 27461885, -2977536, 22380810, 1815854, -23033753, -3031938, 7283490, -15148073, -19526700, 7734629 }, + }, + }, + { + { + { -8010264, -9590817, -11120403, 6196038, 29344158, -13430885, 7585295, -3176626, 18549497, 15302069 }, + { -32658337, -6171222, -7672793, -11051681, 6258878, 13504381, 10458790, -6418461, -8872242, 8424746 }, + { 24687205, 8613276, -30667046, -3233545, 1863892, -1830544, 19206234, 7134917, -11284482, -828919 }, + }, + { + { 11334899, -9218022, 8025293, 12707519, 17523892, -10476071, 10243738, -14685461, -5066034, 16498837 }, + { 8911542, 6887158, -9584260, -6958590, 11145641, -9543680, 17303925, -14124238, 6536641, 10543906 }, + { -28946384, 15479763, -17466835, 568876, -1497683, 11223454, -2669190, -16625574, -27235709, 8876771 }, + }, + { + { -25742899, -12566864, -15649966, -846607, -33026686, -796288, -33481822, 15824474, -604426, -9039817 }, + { 10330056, 70051, 7957388, -9002667, 9764902, 15609756, 27698697, -4890037, 1657394, 3084098 }, + { 10477963, -7470260, 12119566, -13250805, 29016247, -5365589, 31280319, 14396151, -30233575, 15272409 }, + }, + { + { -12288309, 3169463, 28813183, 16658753, 25116432, -5630466, -25173957, -12636138, -25014757, 1950504 }, + { -26180358, 9489187, 11053416, -14746161, -31053720, 5825630, -8384306, -8767532, 15341279, 8373727 }, + { 28685821, 7759505, -14378516, -12002860, -31971820, 4079242, 298136, -10232602, -2878207, 15190420 }, + }, + { + { -32932876, 13806336, -14337485, -15794431, -24004620, 10940928, 8669718, 2742393, -26033313, -6875003 }, + { -1580388, -11729417, -25979658, -11445023, -17411874, -10912854, 9291594, -16247779, -12154742, 6048605 }, + { -30305315, 14843444, 1539301, 11864366, 20201677, 1900163, 13934231, 5128323, 11213262, 9168384 }, + }, + { + { -26280513, 11007847, 19408960, -940758, -18592965, -4328580, -5088060, -11105150, 20470157, -16398701 }, + { -23136053, 9282192, 14855179, -15390078, -7362815, -14408560, -22783952, 14461608, 14042978, 5230683 }, + { 29969567, -2741594, -16711867, -8552442, 9175486, -2468974, 21556951, 3506042, -5933891, -12449708 }, + }, + { + { -3144746, 8744661, 19704003, 4581278, -20430686, 6830683, -21284170, 8971513, -28539189, 15326563 }, + { -19464629, 10110288, -17262528, -3503892, -23500387, 1355669, -15523050, 15300988, -20514118, 9168260 }, + { -5353335, 4488613, -23803248, 16314347, 7780487, -15638939, -28948358, 9601605, 33087103, -9011387 }, + }, + { + { -19443170, -15512900, -20797467, -12445323, -29824447, 10229461, -27444329, -15000531, -5996870, 15664672 }, + { 23294591, -16632613, -22650781, -8470978, 27844204, 11461195, 13099750, -2460356, 18151676, 13417686 }, + { -24722913, -4176517, -31150679, 5988919, -26858785, 6685065, 1661597, -12551441, 15271676, -15452665 }, + }, + }, + { + { + { 11433042, -13228665, 8239631, -5279517, -1985436, -725718, -18698764, 2167544, -6921301, -13440182 }, + { -31436171, 15575146, 30436815, 12192228, -22463353, 9395379, -9917708, -8638997, 12215110, 12028277 }, + { 14098400, 6555944, 23007258, 5757252, -15427832, -12950502, 30123440, 4617780, -16900089, -655628 }, + }, + { + { -4026201, -15240835, 11893168, 13718664, -14809462, 1847385, -15819999, 10154009, 23973261, -12684474 }, + { -26531820, -3695990, -1908898, 2534301, -31870557, -16550355, 18341390, -11419951, 32013174, -10103539 }, + { -25479301, 10876443, -11771086, -14625140, -12369567, 1838104, 21911214, 6354752, 4425632, -837822 }, + }, + { + { -10433389, -14612966, 22229858, -3091047, -13191166, 776729, -17415375, -12020462, 4725005, 14044970 }, + { 19268650, -7304421, 1555349, 8692754, -21474059, -9910664, 6347390, -1411784, -19522291, -16109756 }, + { -24864089, 12986008, -10898878, -5558584, -11312371, -148526, 19541418, 8180106, 9282262, 10282508 }, + }, + { + { -26205082, 4428547, -8661196, -13194263, 4098402, -14165257, 15522535, 8372215, 5542595, -10702683 }, + { -10562541, 14895633, 26814552, -16673850, -17480754, -2489360, -2781891, 6993761, -18093885, 10114655 }, + { -20107055, -929418, 31422704, 10427861, -7110749, 6150669, -29091755, -11529146, 25953725, -106158 }, + }, + { + { -4234397, -8039292, -9119125, 3046000, 2101609, -12607294, 19390020, 6094296, -3315279, 12831125 }, + { -15998678, 7578152, 5310217, 14408357, -33548620, -224739, 31575954, 6326196, 7381791, -2421839 }, + { -20902779, 3296811, 24736065, -16328389, 18374254, 7318640, 6295303, 8082724, -15362489, 12339664 }, + }, + { + { 27724736, 2291157, 6088201, -14184798, 1792727, 5857634, 13848414, 15768922, 25091167, 14856294 }, + { -18866652, 8331043, 24373479, 8541013, -701998, -9269457, 12927300, -12695493, -22182473, -9012899 }, + { -11423429, -5421590, 11632845, 3405020, 30536730, -11674039, -27260765, 13866390, 30146206, 9142070 }, + }, + { + { 3924129, -15307516, -13817122, -10054960, 12291820, -668366, -27702774, 9326384, -8237858, 4171294 }, + { -15921940, 16037937, 6713787, 16606682, -21612135, 2790944, 26396185, 3731949, 345228, -5462949 }, + { -21327538, 13448259, 25284571, 1143661, 20614966, -8849387, 2031539, -12391231, -16253183, -13582083 }, + }, + { + { 31016211, -16722429, 26371392, -14451233, -5027349, 14854137, 17477601, 3842657, 28012650, -16405420 }, + { -5075835, 9368966, -8562079, -4600902, -15249953, 6970560, -9189873, 16292057, -8867157, 3507940 }, + { 29439664, 3537914, 23333589, 6997794, -17555561, -11018068, -15209202, -15051267, -9164929, 6580396 }, + }, + }, + { + { + { -12185861, -7679788, 16438269, 10826160, -8696817, -6235611, 17860444, -9273846, -2095802, 9304567 }, + { 20714564, -4336911, 29088195, 7406487, 11426967, -5095705, 14792667, -14608617, 5289421, -477127 }, + { -16665533, -10650790, -6160345, -13305760, 9192020, -1802462, 17271490, 12349094, 26939669, -3752294 }, + }, + { + { -12889898, 9373458, 31595848, 16374215, 21471720, 13221525, -27283495, -12348559, -3698806, 117887 }, + { 22263325, -6560050, 3984570, -11174646, -15114008, -566785, 28311253, 5358056, -23319780, 541964 }, + { 16259219, 3261970, 2309254, -15534474, -16885711, -4581916, 24134070, -16705829, -13337066, -13552195 }, + }, + { + { 9378160, -13140186, -22845982, -12745264, 28198281, -7244098, -2399684, -717351, 690426, 14876244 }, + { 24977353, -314384, -8223969, -13465086, 28432343, -1176353, -13068804, -12297348, -22380984, 6618999 }, + { -1538174, 11685646, 12944378, 13682314, -24389511, -14413193, 8044829, -13817328, 32239829, -5652762 }, + }, + { + { -18603066, 4762990, -926250, 8885304, -28412480, -3187315, 9781647, -10350059, 32779359, 5095274 }, + { -33008130, -5214506, -32264887, -3685216, 9460461, -9327423, -24601656, 14506724, 21639561, -2630236 }, + { -16400943, -13112215, 25239338, 15531969, 3987758, -4499318, -1289502, -6863535, 17874574, 558605 }, + }, + { + { -13600129, 10240081, 9171883, 16131053, -20869254, 9599700, 33499487, 5080151, 2085892, 5119761 }, + { -22205145, -2519528, -16381601, 414691, -25019550, 2170430, 30634760, -8363614, -31999993, -5759884 }, + { -6845704, 15791202, 8550074, -1312654, 29928809, -12092256, 27534430, -7192145, -22351378, 12961482 }, + }, + { + { -24492060, -9570771, 10368194, 11582341, -23397293, -2245287, 16533930, 8206996, -30194652, -5159638 }, + { -11121496, -3382234, 2307366, 6362031, -135455, 8868177, -16835630, 7031275, 7589640, 8945490 }, + { -32152748, 8917967, 6661220, -11677616, -1192060, -15793393, 7251489, -11182180, 24099109, -14456170 }, + }, + { + { 5019558, -7907470, 4244127, -14714356, -26933272, 6453165, -19118182, -13289025, -6231896, -10280736 }, + { 10853594, 10721687, 26480089, 5861829, -22995819, 1972175, -1866647, -10557898, -3363451, -6441124 }, + { -17002408, 5906790, 221599, -6563147, 7828208, -13248918, 24362661, -2008168, -13866408, 7421392 }, + }, + { + { 8139927, -6546497, 32257646, -5890546, 30375719, 1886181, -21175108, 15441252, 28826358, -4123029 }, + { 6267086, 9695052, 7709135, -16603597, -32869068, -1886135, 14795160, -7840124, 13746021, -1742048 }, + { 28584902, 7787108, -6732942, -15050729, 22846041, -7571236, -3181936, -363524, 4771362, -8419958 }, + }, + }, + { + { + { 24949256, 6376279, -27466481, -8174608, -18646154, -9930606, 33543569, -12141695, 3569627, 11342593 }, + { 26514989, 4740088, 27912651, 3697550, 19331575, -11472339, 6809886, 4608608, 7325975, -14801071 }, + { -11618399, -14554430, -24321212, 7655128, -1369274, 5214312, -27400540, 10258390, -17646694, -8186692 }, + }, + { + { 11431204, 15823007, 26570245, 14329124, 18029990, 4796082, -31446179, 15580664, 9280358, -3973687 }, + { -160783, -10326257, -22855316, -4304997, -20861367, -13621002, -32810901, -11181622, -15545091, 4387441 }, + { -20799378, 12194512, 3937617, -5805892, -27154820, 9340370, -24513992, 8548137, 20617071, -7482001 }, + }, + { + { -938825, -3930586, -8714311, 16124718, 24603125, -6225393, -13775352, -11875822, 24345683, 10325460 }, + { -19855277, -1568885, -22202708, 8714034, 14007766, 6928528, 16318175, -1010689, 4766743, 3552007 }, + { -21751364, -16730916, 1351763, -803421, -4009670, 3950935, 3217514, 14481909, 10988822, -3994762 }, + }, + { + { 15564307, -14311570, 3101243, 5684148, 30446780, -8051356, 12677127, -6505343, -8295852, 13296005 }, + { -9442290, 6624296, -30298964, -11913677, -4670981, -2057379, 31521204, 9614054, -30000824, 12074674 }, + { 4771191, -135239, 14290749, -13089852, 27992298, 14998318, -1413936, -1556716, 29832613, -16391035 }, + }, + { + { 7064884, -7541174, -19161962, -5067537, -18891269, -2912736, 25825242, 5293297, -27122660, 13101590 }, + { -2298563, 2439670, -7466610, 1719965, -27267541, -16328445, 32512469, -5317593, -30356070, -4190957 }, + { -30006540, 10162316, -33180176, 3981723, -16482138, -13070044, 14413974, 9515896, 19568978, 9628812 }, + }, + { + { 33053803, 199357, 15894591, 1583059, 27380243, -4580435, -17838894, -6106839, -6291786, 3437740 }, + { -18978877, 3884493, 19469877, 12726490, 15913552, 13614290, -22961733, 70104, 7463304, 4176122 }, + { -27124001, 10659917, 11482427, -16070381, 12771467, -6635117, -32719404, -5322751, 24216882, 5944158 }, + }, + { + { 8894125, 7450974, -2664149, -9765752, -28080517, -12389115, 19345746, 14680796, 11632993, 5847885 }, + { 26942781, -2315317, 9129564, -4906607, 26024105, 11769399, -11518837, 6367194, -9727230, 4782140 }, + { 19916461, -4828410, -22910704, -11414391, 25606324, -5972441, 33253853, 8220911, 6358847, -1873857 }, + }, + { + { 801428, -2081702, 16569428, 11065167, 29875704, 96627, 7908388, -4480480, -13538503, 1387155 }, + { 19646058, 5720633, -11416706, 12814209, 11607948, 12749789, 14147075, 15156355, -21866831, 11835260 }, + { 19299512, 1155910, 28703737, 14890794, 2925026, 7269399, 26121523, 15467869, -26560550, 5052483 }, + }, + }, + { + { + { -3017432, 10058206, 1980837, 3964243, 22160966, 12322533, -6431123, -12618185, 12228557, -7003677 }, + { 32944382, 14922211, -22844894, 5188528, 21913450, -8719943, 4001465, 13238564, -6114803, 8653815 }, + { 22865569, -4652735, 27603668, -12545395, 14348958, 8234005, 24808405, 5719875, 28483275, 2841751 }, + }, + { + { -16420968, -1113305, -327719, -12107856, 21886282, -15552774, -1887966, -315658, 19932058, -12739203 }, + { -11656086, 10087521, -8864888, -5536143, -19278573, -3055912, 3999228, 13239134, -4777469, -13910208 }, + { 1382174, -11694719, 17266790, 9194690, -13324356, 9720081, 20403944, 11284705, -14013818, 3093230 }, + }, + { + { 16650921, -11037932, -1064178, 1570629, -8329746, 7352753, -302424, 16271225, -24049421, -6691850 }, + { -21911077, -5927941, -4611316, -5560156, -31744103, -10785293, 24123614, 15193618, -21652117, -16739389 }, + { -9935934, -4289447, -25279823, 4372842, 2087473, 10399484, 31870908, 14690798, 17361620, 11864968 }, + }, + { + { -11307610, 6210372, 13206574, 5806320, -29017692, -13967200, -12331205, -7486601, -25578460, -16240689 }, + { 14668462, -12270235, 26039039, 15305210, 25515617, 4542480, 10453892, 6577524, 9145645, -6443880 }, + { 5974874, 3053895, -9433049, -10385191, -31865124, 3225009, -7972642, 3936128, -5652273, -3050304 }, + }, + { + { 30625386, -4729400, -25555961, -12792866, -20484575, 7695099, 17097188, -16303496, -27999779, 1803632 }, + { -3553091, 9865099, -5228566, 4272701, -5673832, -16689700, 14911344, 12196514, -21405489, 7047412 }, + { 20093277, 9920966, -11138194, -5343857, 13161587, 12044805, -32856851, 4124601, -32343828, -10257566 }, + }, + { + { -20788824, 14084654, -13531713, 7842147, 19119038, -13822605, 4752377, -8714640, -21679658, 2288038 }, + { -26819236, -3283715, 29965059, 3039786, -14473765, 2540457, 29457502, 14625692, -24819617, 12570232 }, + { -1063558, -11551823, 16920318, 12494842, 1278292, -5869109, -21159943, -3498680, -11974704, 4724943 }, + }, + { + { 17960970, -11775534, -4140968, -9702530, -8876562, -1410617, -12907383, -8659932, -29576300, 1903856 }, + { 23134274, -14279132, -10681997, -1611936, 20684485, 15770816, -12989750, 3190296, 26955097, 14109738 }, + { 15308788, 5320727, -30113809, -14318877, 22902008, 7767164, 29425325, -11277562, 31960942, 11934971 }, + }, + { + { -27395711, 8435796, 4109644, 12222639, -24627868, 14818669, 20638173, 4875028, 10491392, 1379718 }, + { -13159415, 9197841, 3875503, -8936108, -1383712, -5879801, 33518459, 16176658, 21432314, 12180697 }, + { -11787308, 11500838, 13787581, -13832590, -22430679, 10140205, 1465425, 12689540, -10301319, -13872883 }, + }, + }, + { + { + { 5414091, -15386041, -21007664, 9643570, 12834970, 1186149, -2622916, -1342231, 26128231, 6032912 }, + { -26337395, -13766162, 32496025, -13653919, 17847801, -12669156, 3604025, 8316894, -25875034, -10437358 }, + { 3296484, 6223048, 24680646, -12246460, -23052020, 5903205, -8862297, -4639164, 12376617, 3188849 }, + }, + { + { 29190488, -14659046, 27549113, -1183516, 3520066, -10697301, 32049515, -7309113, -16109234, -9852307 }, + { -14744486, -9309156, 735818, -598978, -20407687, -5057904, 25246078, -15795669, 18640741, -960977 }, + { -6928835, -16430795, 10361374, 5642961, 4910474, 12345252, -31638386, -494430, 10530747, 1053335 }, + }, + { + { -29265967, -14186805, -13538216, -12117373, -19457059, -10655384, -31462369, -2948985, 24018831, 15026644 }, + { -22592535, -3145277, -2289276, 5953843, -13440189, 9425631, 25310643, 13003497, -2314791, -15145616 }, + { -27419985, -603321, -8043984, -1669117, -26092265, 13987819, -27297622, 187899, -23166419, -2531735 }, + }, + { + { -21744398, -13810475, 1844840, 5021428, -10434399, -15911473, 9716667, 16266922, -5070217, 726099 }, + { 29370922, -6053998, 7334071, -15342259, 9385287, 2247707, -13661962, -4839461, 30007388, -15823341 }, + { -936379, 16086691, 23751945, -543318, -1167538, -5189036, 9137109, 730663, 9835848, 4555336 }, + }, + { + { -23376435, 1410446, -22253753, -12899614, 30867635, 15826977, 17693930, 544696, -11985298, 12422646 }, + { 31117226, -12215734, -13502838, 6561947, -9876867, -12757670, -5118685, -4096706, 29120153, 13924425 }, + { -17400879, -14233209, 19675799, -2734756, -11006962, -5858820, -9383939, -11317700, 7240931, -237388 }, + }, + { + { -31361739, -11346780, -15007447, -5856218, -22453340, -12152771, 1222336, 4389483, 3293637, -15551743 }, + { -16684801, -14444245, 11038544, 11054958, -13801175, -3338533, -24319580, 7733547, 12796905, -6335822 }, + { -8759414, -10817836, -25418864, 10783769, -30615557, -9746811, -28253339, 3647836, 3222231, -11160462 }, + }, + { + { 18606113, 1693100, -25448386, -15170272, 4112353, 10045021, 23603893, -2048234, -7550776, 2484985 }, + { 9255317, -3131197, -12156162, -1004256, 13098013, -9214866, 16377220, -2102812, -19802075, -3034702 }, + { -22729289, 7496160, -5742199, 11329249, 19991973, -3347502, -31718148, 9936966, -30097688, -10618797 }, + }, + { + { 21878590, -5001297, 4338336, 13643897, -3036865, 13160960, 19708896, 5415497, -7360503, -4109293 }, + { 27736861, 10103576, 12500508, 8502413, -3413016, -9633558, 10436918, -1550276, -23659143, -8132100 }, + { 19492550, -12104365, -29681976, -852630, -3208171, 12403437, 30066266, 8367329, 13243957, 8709688 }, + }, + }, + { + { + { 12015105, 2801261, 28198131, 10151021, 24818120, -4743133, -11194191, -5645734, 5150968, 7274186 }, + { 2831366, -12492146, 1478975, 6122054, 23825128, -12733586, 31097299, 6083058, 31021603, -9793610 }, + { -2529932, -2229646, 445613, 10720828, -13849527, -11505937, -23507731, 16354465, 15067285, -14147707 }, + }, + { + { 7840942, 14037873, -33364863, 15934016, -728213, -3642706, 21403988, 1057586, -19379462, -12403220 }, + { 915865, -16469274, 15608285, -8789130, -24357026, 6060030, -17371319, 8410997, -7220461, 16527025 }, + { 32922597, -556987, 20336074, -16184568, 10903705, -5384487, 16957574, 52992, 23834301, 6588044 }, + }, + { + { 32752030, 11232950, 3381995, -8714866, 22652988, -10744103, 17159699, 16689107, -20314580, -1305992 }, + { -4689649, 9166776, -25710296, -10847306, 11576752, 12733943, 7924251, -2752281, 1976123, -7249027 }, + { 21251222, 16309901, -2983015, -6783122, 30810597, 12967303, 156041, -3371252, 12331345, -8237197 }, + }, + { + { 8651614, -4477032, -16085636, -4996994, 13002507, 2950805, 29054427, -5106970, 10008136, -4667901 }, + { 31486080, 15114593, -14261250, 12951354, 14369431, -7387845, 16347321, -13662089, 8684155, -10532952 }, + { 19443825, 11385320, 24468943, -9659068, -23919258, 2187569, -26263207, -6086921, 31316348, 14219878 }, + }, + { + { -28594490, 1193785, 32245219, 11392485, 31092169, 15722801, 27146014, 6992409, 29126555, 9207390 }, + { 32382935, 1110093, 18477781, 11028262, -27411763, -7548111, -4980517, 10843782, -7957600, -14435730 }, + { 2814918, 7836403, 27519878, -7868156, -20894015, -11553689, -21494559, 8550130, 28346258, 1994730 }, + }, + { + { -19578299, 8085545, -14000519, -3948622, 2785838, -16231307, -19516951, 7174894, 22628102, 8115180 }, + { -30405132, 955511, -11133838, -15078069, -32447087, -13278079, -25651578, 3317160, -9943017, 930272 }, + { -15303681, -6833769, 28856490, 1357446, 23421993, 1057177, 24091212, -1388970, -22765376, -10650715 }, + }, + { + { -22751231, -5303997, -12907607, -12768866, -15811511, -7797053, -14839018, -16554220, -1867018, 8398970 }, + { -31969310, 2106403, -4736360, 1362501, 12813763, 16200670, 22981545, -6291273, 18009408, -15772772 }, + { -17220923, -9545221, -27784654, 14166835, 29815394, 7444469, 29551787, -3727419, 19288549, 1325865 }, + }, + { + { 15100157, -15835752, -23923978, -1005098, -26450192, 15509408, 12376730, -3479146, 33166107, -8042750 }, + { 20909231, 13023121, -9209752, 16251778, -5778415, -8094914, 12412151, 10018715, 2213263, -13878373 }, + { 32529814, -11074689, 30361439, -16689753, -9135940, 1513226, 22922121, 6382134, -5766928, 8371348 }, + }, + }, + { + { + { 9923462, 11271500, 12616794, 3544722, -29998368, -1721626, 12891687, -8193132, -26442943, 10486144 }, + { -22597207, -7012665, 8587003, -8257861, 4084309, -12970062, 361726, 2610596, -23921530, -11455195 }, + { 5408411, -1136691, -4969122, 10561668, 24145918, 14240566, 31319731, -4235541, 19985175, -3436086 }, + }, + { + { -13994457, 16616821, 14549246, 3341099, 32155958, 13648976, -17577068, 8849297, 65030, 8370684 }, + { -8320926, -12049626, 31204563, 5839400, -20627288, -1057277, -19442942, 6922164, 12743482, -9800518 }, + { -2361371, 12678785, 28815050, 4759974, -23893047, 4884717, 23783145, 11038569, 18800704, 255233 }, + }, + { + { -5269658, -1773886, 13957886, 7990715, 23132995, 728773, 13393847, 9066957, 19258688, -14753793 }, + { -2936654, -10827535, -10432089, 14516793, -3640786, 4372541, -31934921, 2209390, -1524053, 2055794 }, + { 580882, 16705327, 5468415, -2683018, -30926419, -14696000, -7203346, -8994389, -30021019, 7394435 }, + }, + { + { 23838809, 1822728, -15738443, 15242727, 8318092, -3733104, -21672180, -3492205, -4821741, 14799921 }, + { 13345610, 9759151, 3371034, -16137791, 16353039, 8577942, 31129804, 13496856, -9056018, 7402518 }, + { 2286874, -4435931, -20042458, -2008336, -13696227, 5038122, 11006906, -15760352, 8205061, 1607563 }, + }, + { + { 14414086, -8002132, 3331830, -3208217, 22249151, -5594188, 18364661, -2906958, 30019587, -9029278 }, + { -27688051, 1585953, -10775053, 931069, -29120221, -11002319, -14410829, 12029093, 9944378, 8024 }, + { 4368715, -3709630, 29874200, -15022983, -20230386, -11410704, -16114594, -999085, -8142388, 5640030 }, + }, + { + { 10299610, 13746483, 11661824, 16234854, 7630238, 5998374, 9809887, -16694564, 15219798, -14327783 }, + { 27425505, -5719081, 3055006, 10660664, 23458024, 595578, -15398605, -1173195, -18342183, 9742717 }, + { 6744077, 2427284, 26042789, 2720740, -847906, 1118974, 32324614, 7406442, 12420155, 1994844 }, + }, + { + { 14012521, -5024720, -18384453, -9578469, -26485342, -3936439, -13033478, -10909803, 24319929, -6446333 }, + { 16412690, -4507367, 10772641, 15929391, -17068788, -4658621, 10555945, -10484049, -30102368, -4739048 }, + { 22397382, -7767684, -9293161, -12792868, 17166287, -9755136, -27333065, 6199366, 21880021, -12250760 }, + }, + { + { -4283307, 5368523, -31117018, 8163389, -30323063, 3209128, 16557151, 8890729, 8840445, 4957760 }, + { -15447727, 709327, -6919446, -10870178, -29777922, 6522332, -21720181, 12130072, -14796503, 5005757 }, + { -2114751, -14308128, 23019042, 15765735, -25269683, 6002752, 10183197, -13239326, -16395286, -2176112 }, + }, + }, + { + { + { -19025756, 1632005, 13466291, -7995100, -23640451, 16573537, -32013908, -3057104, 22208662, 2000468 }, + { 3065073, -1412761, -25598674, -361432, -17683065, -5703415, -8164212, 11248527, -3691214, -7414184 }, + { 10379208, -6045554, 8877319, 1473647, -29291284, -12507580, 16690915, 2553332, -3132688, 16400289 }, + }, + { + { 15716668, 1254266, -18472690, 7446274, -8448918, 6344164, -22097271, -7285580, 26894937, 9132066 }, + { 24158887, 12938817, 11085297, -8177598, -28063478, -4457083, -30576463, 64452, -6817084, -2692882 }, + { 13488534, 7794716, 22236231, 5989356, 25426474, -12578208, 2350710, -3418511, -4688006, 2364226 }, + }, + { + { 16335052, 9132434, 25640582, 6678888, 1725628, 8517937, -11807024, -11697457, 15445875, -7798101 }, + { 29004207, -7867081, 28661402, -640412, -12794003, -7943086, 31863255, -4135540, -278050, -15759279 }, + { -6122061, -14866665, -28614905, 14569919, -10857999, -3591829, 10343412, -6976290, -29828287, -10815811 }, + }, + { + { 27081650, 3463984, 14099042, -4517604, 1616303, -6205604, 29542636, 15372179, 17293797, 960709 }, + { 20263915, 11434237, -5765435, 11236810, 13505955, -10857102, -16111345, 6493122, -19384511, 7639714 }, + { -2830798, -14839232, 25403038, -8215196, -8317012, -16173699, 18006287, -16043750, 29994677, -15808121 }, + }, + { + { 9769828, 5202651, -24157398, -13631392, -28051003, -11561624, -24613141, -13860782, -31184575, 709464 }, + { 12286395, 13076066, -21775189, -1176622, -25003198, 4057652, -32018128, -8890874, 16102007, 13205847 }, + { 13733362, 5599946, 10557076, 3195751, -5557991, 8536970, -25540170, 8525972, 10151379, 10394400 }, + }, + { + { 4024660, -16137551, 22436262, 12276534, -9099015, -2686099, 19698229, 11743039, -33302334, 8934414 }, + { -15879800, -4525240, -8580747, -2934061, 14634845, -698278, -9449077, 3137094, -11536886, 11721158 }, + { 17555939, -5013938, 8268606, 2331751, -22738815, 9761013, 9319229, 8835153, -9205489, -1280045 }, + }, + { + { -461409, -7830014, 20614118, 16688288, -7514766, -4807119, 22300304, 505429, 6108462, -6183415 }, + { -5070281, 12367917, -30663534, 3234473, 32617080, -8422642, 29880583, -13483331, -26898490, -7867459 }, + { -31975283, 5726539, 26934134, 10237677, -3173717, -605053, 24199304, 3795095, 7592688, -14992079 }, + }, + { + { 21594432, -14964228, 17466408, -4077222, 32537084, 2739898, 6407723, 12018833, -28256052, 4298412 }, + { -20650503, -11961496, -27236275, 570498, 3767144, -1717540, 13891942, -1569194, 13717174, 10805743 }, + { -14676630, -15644296, 15287174, 11927123, 24177847, -8175568, -796431, 14860609, -26938930, -5863836 }, + }, + }, + { + { + { 12962541, 5311799, -10060768, 11658280, 18855286, -7954201, 13286263, -12808704, -4381056, 9882022 }, + { 18512079, 11319350, -20123124, 15090309, 18818594, 5271736, -22727904, 3666879, -23967430, -3299429 }, + { -6789020, -3146043, 16192429, 13241070, 15898607, -14206114, -10084880, -6661110, -2403099, 5276065 }, + }, + { + { 30169808, -5317648, 26306206, -11750859, 27814964, 7069267, 7152851, 3684982, 1449224, 13082861 }, + { 10342826, 3098505, 2119311, 193222, 25702612, 12233820, 23697382, 15056736, -21016438, -8202000 }, + { -33150110, 3261608, 22745853, 7948688, 19370557, -15177665, -26171976, 6482814, -10300080, -11060101 }, + }, + { + { 32869458, -5408545, 25609743, 15678670, -10687769, -15471071, 26112421, 2521008, -22664288, 6904815 }, + { 29506923, 4457497, 3377935, -9796444, -30510046, 12935080, 1561737, 3841096, -29003639, -6657642 }, + { 10340844, -6630377, -18656632, -2278430, 12621151, -13339055, 30878497, -11824370, -25584551, 5181966 }, + }, + { + { 25940115, -12658025, 17324188, -10307374, -8671468, 15029094, 24396252, -16450922, -2322852, -12388574 }, + { -21765684, 9916823, -1300409, 4079498, -1028346, 11909559, 1782390, 12641087, 20603771, -6561742 }, + { -18882287, -11673380, 24849422, 11501709, 13161720, -4768874, 1925523, 11914390, 4662781, 7820689 }, + }, + { + { 12241050, -425982, 8132691, 9393934, 32846760, -1599620, 29749456, 12172924, 16136752, 15264020 }, + { -10349955, -14680563, -8211979, 2330220, -17662549, -14545780, 10658213, 6671822, 19012087, 3772772 }, + { 3753511, -3421066, 10617074, 2028709, 14841030, -6721664, 28718732, -15762884, 20527771, 12988982 }, + }, + { + { -14822485, -5797269, -3707987, 12689773, -898983, -10914866, -24183046, -10564943, 3299665, -12424953 }, + { -16777703, -15253301, -9642417, 4978983, 3308785, 8755439, 6943197, 6461331, -25583147, 8991218 }, + { -17226263, 1816362, -1673288, -6086439, 31783888, -8175991, -32948145, 7417950, -30242287, 1507265 }, + }, + { + { 29692663, 6829891, -10498800, 4334896, 20945975, -11906496, -28887608, 8209391, 14606362, -10647073 }, + { -3481570, 8707081, 32188102, 5672294, 22096700, 1711240, -33020695, 9761487, 4170404, -2085325 }, + { -11587470, 14855945, -4127778, -1531857, -26649089, 15084046, 22186522, 16002000, -14276837, -8400798 }, + }, + { + { -4811456, 13761029, -31703877, -2483919, -3312471, 7869047, -7113572, -9620092, 13240845, 10965870 }, + { -7742563, -8256762, -14768334, -13656260, -23232383, 12387166, 4498947, 14147411, 29514390, 4302863 }, + { -13413405, -12407859, 20757302, -13801832, 14785143, 8976368, -5061276, -2144373, 17846988, -13971927 }, + }, + }, + { + { + { -2244452, -754728, -4597030, -1066309, -6247172, 1455299, -21647728, -9214789, -5222701, 12650267 }, + { -9906797, -16070310, 21134160, 12198166, -27064575, 708126, 387813, 13770293, -19134326, 10958663 }, + { 22470984, 12369526, 23446014, -5441109, -21520802, -9698723, -11772496, -11574455, -25083830, 4271862 }, + }, + { + { -25169565, -10053642, -19909332, 15361595, -5984358, 2159192, 75375, -4278529, -32526221, 8469673 }, + { 15854970, 4148314, -8893890, 7259002, 11666551, 13824734, -30531198, 2697372, 24154791, -9460943 }, + { 15446137, -15806644, 29759747, 14019369, 30811221, -9610191, -31582008, 12840104, 24913809, 9815020 }, + }, + { + { -4709286, -5614269, -31841498, -12288893, -14443537, 10799414, -9103676, 13438769, 18735128, 9466238 }, + { 11933045, 9281483, 5081055, -5183824, -2628162, -4905629, -7727821, -10896103, -22728655, 16199064 }, + { 14576810, 379472, -26786533, -8317236, -29426508, -10812974, -102766, 1876699, 30801119, 2164795 }, + }, + { + { 15995086, 3199873, 13672555, 13712240, -19378835, -4647646, -13081610, -15496269, -13492807, 1268052 }, + { -10290614, -3659039, -3286592, 10948818, 23037027, 3794475, -3470338, -12600221, -17055369, 3565904 }, + { 29210088, -9419337, -5919792, -4952785, 10834811, -13327726, -16512102, -10820713, -27162222, -14030531 }, + }, + { + { -13161890, 15508588, 16663704, -8156150, -28349942, 9019123, -29183421, -3769423, 2244111, -14001979 }, + { -5152875, -3800936, -9306475, -6071583, 16243069, 14684434, -25673088, -16180800, 13491506, 4641841 }, + { 10813417, 643330, -19188515, -728916, 30292062, -16600078, 27548447, -7721242, 14476989, -12767431 }, + }, + { + { 10292079, 9984945, 6481436, 8279905, -7251514, 7032743, 27282937, -1644259, -27912810, 12651324 }, + { -31185513, -813383, 22271204, 11835308, 10201545, 15351028, 17099662, 3988035, 21721536, -3148940 }, + { 10202177, -6545839, -31373232, -9574638, -32150642, -8119683, -12906320, 3852694, 13216206, 14842320 }, + }, + { + { -15815640, -10601066, -6538952, -7258995, -6984659, -6581778, -31500847, 13765824, -27434397, 9900184 }, + { 14465505, -13833331, -32133984, -14738873, -27443187, 12990492, 33046193, 15796406, -7051866, -8040114 }, + { 30924417, -8279620, 6359016, -12816335, 16508377, 9071735, -25488601, 15413635, 9524356, -7018878 }, + }, + { + { 12274201, -13175547, 32627641, -1785326, 6736625, 13267305, 5237659, -5109483, 15663516, 4035784 }, + { -2951309, 8903985, 17349946, 601635, -16432815, -4612556, -13732739, -15889334, -22258478, 4659091 }, + { -16916263, -4952973, -30393711, -15158821, 20774812, 15897498, 5736189, 15026997, -2178256, -13455585 }, + }, + }, + { + { + { -8858980, -2219056, 28571666, -10155518, -474467, -10105698, -3801496, 278095, 23440562, -290208 }, + { 10226241, -5928702, 15139956, 120818, -14867693, 5218603, 32937275, 11551483, -16571960, -7442864 }, + { 17932739, -12437276, -24039557, 10749060, 11316803, 7535897, 22503767, 5561594, -3646624, 3898661 }, + }, + { + { 7749907, -969567, -16339731, -16464, -25018111, 15122143, -1573531, 7152530, 21831162, 1245233 }, + { 26958459, -14658026, 4314586, 8346991, -5677764, 11960072, -32589295, -620035, -30402091, -16716212 }, + { -12165896, 9166947, 33491384, 13673479, 29787085, 13096535, 6280834, 14587357, -22338025, 13987525 }, + }, + { + { -24349909, 7778775, 21116000, 15572597, -4833266, -5357778, -4300898, -5124639, -7469781, -2858068 }, + { 9681908, -6737123, -31951644, 13591838, -6883821, 386950, 31622781, 6439245, -14581012, 4091397 }, + { -8426427, 1470727, -28109679, -1596990, 3978627, -5123623, -19622683, 12092163, 29077877, -14741988 }, + }, + { + { 5269168, -6859726, -13230211, -8020715, 25932563, 1763552, -5606110, -5505881, -20017847, 2357889 }, + { 32264008, -15407652, -5387735, -1160093, -2091322, -3946900, 23104804, -12869908, 5727338, 189038 }, + { 14609123, -8954470, -6000566, -16622781, -14577387, -7743898, -26745169, 10942115, -25888931, -14884697 }, + }, + { + { 20513500, 5557931, -15604613, 7829531, 26413943, -2019404, -21378968, 7471781, 13913677, -5137875 }, + { -25574376, 11967826, 29233242, 12948236, -6754465, 4713227, -8940970, 14059180, 12878652, 8511905 }, + { -25656801, 3393631, -2955415, -7075526, -2250709, 9366908, -30223418, 6812974, 5568676, -3127656 }, + }, + { + { 11630004, 12144454, 2116339, 13606037, 27378885, 15676917, -17408753, -13504373, -14395196, 8070818 }, + { 27117696, -10007378, -31282771, -5570088, 1127282, 12772488, -29845906, 10483306, -11552749, -1028714 }, + { 10637467, -5688064, 5674781, 1072708, -26343588, -6982302, -1683975, 9177853, -27493162, 15431203 }, + }, + { + { 20525145, 10892566, -12742472, 12779443, -29493034, 16150075, -28240519, 14943142, -15056790, -7935931 }, + { -30024462, 5626926, -551567, -9981087, 753598, 11981191, 25244767, -3239766, -3356550, 9594024 }, + { -23752644, 2636870, -5163910, -10103818, 585134, 7877383, 11345683, -6492290, 13352335, -10977084 }, + }, + { + { -1931799, -5407458, 3304649, -12884869, 17015806, -4877091, -29783850, -7752482, -13215537, -319204 }, + { 20239939, 6607058, 6203985, 3483793, -18386976, -779229, -20723742, 15077870, -22750759, 14523817 }, + { 27406042, -6041657, 27423596, -4497394, 4996214, 10002360, -28842031, -4545494, -30172742, -4805667 }, + }, + }, + { + { + { 11374242, 12660715, 17861383, -12540833, 10935568, 1099227, -13886076, -9091740, -27727044, 11358504 }, + { -12730809, 10311867, 1510375, 10778093, -2119455, -9145702, 32676003, 11149336, -26123651, 4985768 }, + { -19096303, 341147, -6197485, -239033, 15756973, -8796662, -983043, 13794114, -19414307, -15621255 }, + }, + { + { 6490081, 11940286, 25495923, -7726360, 8668373, -8751316, 3367603, 6970005, -1691065, -9004790 }, + { 1656497, 13457317, 15370807, 6364910, 13605745, 8362338, -19174622, -5475723, -16796596, -5031438 }, + { -22273315, -13524424, -64685, -4334223, -18605636, -10921968, -20571065, -7007978, -99853, -10237333 }, + }, + { + { 17747465, 10039260, 19368299, -4050591, -20630635, -16041286, 31992683, -15857976, -29260363, -5511971 }, + { 31932027, -4986141, -19612382, 16366580, 22023614, 88450, 11371999, -3744247, 4882242, -10626905 }, + { 29796507, 37186, 19818052, 10115756, -11829032, 3352736, 18551198, 3272828, -5190932, -4162409 }, + }, + { + { 12501286, 4044383, -8612957, -13392385, -32430052, 5136599, -19230378, -3529697, 330070, -3659409 }, + { 6384877, 2899513, 17807477, 7663917, -2358888, 12363165, 25366522, -8573892, -271295, 12071499 }, + { -8365515, -4042521, 25133448, -4517355, -6211027, 2265927, -32769618, 1936675, -5159697, 3829363 }, + }, + { + { 28425966, -5835433, -577090, -4697198, -14217555, 6870930, 7921550, -6567787, 26333140, 14267664 }, + { -11067219, 11871231, 27385719, -10559544, -4585914, -11189312, 10004786, -8709488, -21761224, 8930324 }, + { -21197785, -16396035, 25654216, -1725397, 12282012, 11008919, 1541940, 4757911, -26491501, -16408940 }, + }, + { + { 13537262, -7759490, -20604840, 10961927, -5922820, -13218065, -13156584, 6217254, -15943699, 13814990 }, + { -17422573, 15157790, 18705543, 29619, 24409717, -260476, 27361681, 9257833, -1956526, -1776914 }, + { -25045300, -10191966, 15366585, 15166509, -13105086, 8423556, -29171540, 12361135, -18685978, 4578290 }, + }, + { + { 24579768, 3711570, 1342322, -11180126, -27005135, 14124956, -22544529, 14074919, 21964432, 8235257 }, + { -6528613, -2411497, 9442966, -5925588, 12025640, -1487420, -2981514, -1669206, 13006806, 2355433 }, + { -16304899, -13605259, -6632427, -5142349, 16974359, -10911083, 27202044, 1719366, 1141648, -12796236 }, + }, + { + { -12863944, -13219986, -8318266, -11018091, -6810145, -4843894, 13475066, -3133972, 32674895, 13715045 }, + { 11423335, -5468059, 32344216, 8962751, 24989809, 9241752, -13265253, 16086212, -28740881, -15642093 }, + { -1409668, 12530728, -6368726, 10847387, 19531186, -14132160, -11709148, 7791794, -27245943, 4383347 }, + }, + }, + { + { + { -28970898, 5271447, -1266009, -9736989, -12455236, 16732599, -4862407, -4906449, 27193557, 6245191 }, + { -15193956, 5362278, -1783893, 2695834, 4960227, 12840725, 23061898, 3260492, 22510453, 8577507 }, + { -12632451, 11257346, -32692994, 13548177, -721004, 10879011, 31168030, 13952092, -29571492, -3635906 }, + }, + { + { 3877321, -9572739, 32416692, 5405324, -11004407, -13656635, 3759769, 11935320, 5611860, 8164018 }, + { -16275802, 14667797, 15906460, 12155291, -22111149, -9039718, 32003002, -8832289, 5773085, -8422109 }, + { -23788118, -8254300, 1950875, 8937633, 18686727, 16459170, -905725, 12376320, 31632953, 190926 }, + }, + { + { -24593607, -16138885, -8423991, 13378746, 14162407, 6901328, -8288749, 4508564, -25341555, -3627528 }, + { 8884438, -5884009, 6023974, 10104341, -6881569, -4941533, 18722941, -14786005, -1672488, 827625 }, + { -32720583, -16289296, -32503547, 7101210, 13354605, 2659080, -1800575, -14108036, -24878478, 1541286 }, + }, + { + { 2901347, -1117687, 3880376, -10059388, -17620940, -3612781, -21802117, -3567481, 20456845, -1885033 }, + { 27019610, 12299467, -13658288, -1603234, -12861660, -4861471, -19540150, -5016058, 29439641, 15138866 }, + { 21536104, -6626420, -32447818, -10690208, -22408077, 5175814, -5420040, -16361163, 7779328, 109896 }, + }, + { + { 30279744, 14648750, -8044871, 6425558, 13639621, -743509, 28698390, 12180118, 23177719, -554075 }, + { 26572847, 3405927, -31701700, 12890905, -19265668, 5335866, -6493768, 2378492, 4439158, -13279347 }, + { -22716706, 3489070, -9225266, -332753, 18875722, -1140095, 14819434, -12731527, -17717757, -5461437 }, + }, + { + { -5056483, 16566551, 15953661, 3767752, -10436499, 15627060, -820954, 2177225, 8550082, -15114165 }, + { -18473302, 16596775, -381660, 15663611, 22860960, 15585581, -27844109, -3582739, -23260460, -8428588 }, + { -32480551, 15707275, -8205912, -5652081, 29464558, 2713815, -22725137, 15860482, -21902570, 1494193 }, + }, + { + { -19562091, -14087393, -25583872, -9299552, 13127842, 759709, 21923482, 16529112, 8742704, 12967017 }, + { -28464899, 1553205, 32536856, -10473729, -24691605, -406174, -8914625, -2933896, -29903758, 15553883 }, + { 21877909, 3230008, 9881174, 10539357, -4797115, 2841332, 11543572, 14513274, 19375923, -12647961 }, + }, + { + { 8832269, -14495485, 13253511, 5137575, 5037871, 4078777, 24880818, -6222716, 2862653, 9455043 }, + { 29306751, 5123106, 20245049, -14149889, 9592566, 8447059, -2077124, -2990080, 15511449, 4789663 }, + { -20679756, 7004547, 8824831, -9434977, -4045704, -3750736, -5754762, 108893, 23513200, 16652362 }, + }, + }, + { + { + { -33256173, 4144782, -4476029, -6579123, 10770039, -7155542, -6650416, -12936300, -18319198, 10212860 }, + { 2756081, 8598110, 7383731, -6859892, 22312759, -1105012, 21179801, 2600940, -9988298, -12506466 }, + { -24645692, 13317462, -30449259, -15653928, 21365574, -10869657, 11344424, 864440, -2499677, -16710063 }, + }, + { + { -26432803, 6148329, -17184412, -14474154, 18782929, -275997, -22561534, 211300, 2719757, 4940997 }, + { -1323882, 3911313, -6948744, 14759765, -30027150, 7851207, 21690126, 8518463, 26699843, 5276295 }, + { -13149873, -6429067, 9396249, 365013, 24703301, -10488939, 1321586, 149635, -15452774, 7159369 }, + }, + { + { 9987780, -3404759, 17507962, 9505530, 9731535, -2165514, 22356009, 8312176, 22477218, -8403385 }, + { 18155857, -16504990, 19744716, 9006923, 15154154, -10538976, 24256460, -4864995, -22548173, 9334109 }, + { 2986088, -4911893, 10776628, -3473844, 10620590, -7083203, -21413845, 14253545, -22587149, 536906 }, + }, + { + { 4377756, 8115836, 24567078, 15495314, 11625074, 13064599, 7390551, 10589625, 10838060, -15420424 }, + { -19342404, 867880, 9277171, -3218459, -14431572, -1986443, 19295826, -15796950, 6378260, 699185 }, + { 7895026, 4057113, -7081772, -13077756, -17886831, -323126, -716039, 15693155, -5045064, -13373962 }, + }, + { + { -7737563, -5869402, -14566319, -7406919, 11385654, 13201616, 31730678, -10962840, -3918636, -9669325 }, + { 10188286, -15770834, -7336361, 13427543, 22223443, 14896287, 30743455, 7116568, -21786507, 5427593 }, + { 696102, 13206899, 27047647, -10632082, 15285305, -9853179, 10798490, -4578720, 19236243, 12477404 }, + }, + { + { -11229439, 11243796, -17054270, -8040865, -788228, -8167967, -3897669, 11180504, -23169516, 7733644 }, + { 17800790, -14036179, -27000429, -11766671, 23887827, 3149671, 23466177, -10538171, 10322027, 15313801 }, + { 26246234, 11968874, 32263343, -5468728, 6830755, -13323031, -15794704, -101982, -24449242, 10890804 }, + }, + { + { -31365647, 10271363, -12660625, -6267268, 16690207, -13062544, -14982212, 16484931, 25180797, -5334884 }, + { -586574, 10376444, -32586414, -11286356, 19801893, 10997610, 2276632, 9482883, 316878, 13820577 }, + { -9882808, -4510367, -2115506, 16457136, -11100081, 11674996, 30756178, -7515054, 30696930, -3712849 }, + }, + { + { 32988917, -9603412, 12499366, 7910787, -10617257, -11931514, -7342816, -9985397, -32349517, 7392473 }, + { -8855661, 15927861, 9866406, -3649411, -2396914, -16655781, -30409476, -9134995, 25112947, -2926644 }, + { -2504044, -436966, 25621774, -5678772, 15085042, -5479877, -24884878, -13526194, 5537438, -13914319 }, + }, + }, + { + { + { -11225584, 2320285, -9584280, 10149187, -33444663, 5808648, -14876251, -1729667, 31234590, 6090599 }, + { -9633316, 116426, 26083934, 2897444, -6364437, -2688086, 609721, 15878753, -6970405, -9034768 }, + { -27757857, 247744, -15194774, -9002551, 23288161, -10011936, -23869595, 6503646, 20650474, 1804084 }, + }, + { + { -27589786, 15456424, 8972517, 8469608, 15640622, 4439847, 3121995, -10329713, 27842616, -202328 }, + { -15306973, 2839644, 22530074, 10026331, 4602058, 5048462, 28248656, 5031932, -11375082, 12714369 }, + { 20807691, -7270825, 29286141, 11421711, -27876523, -13868230, -21227475, 1035546, -19733229, 12796920 }, + }, + { + { 12076899, -14301286, -8785001, -11848922, -25012791, 16400684, -17591495, -12899438, 3480665, -15182815 }, + { -32361549, 5457597, 28548107, 7833186, 7303070, -11953545, -24363064, -15921875, -33374054, 2771025 }, + { -21389266, 421932, 26597266, 6860826, 22486084, -6737172, -17137485, -4210226, -24552282, 15673397 }, + }, + { + { -20184622, 2338216, 19788685, -9620956, -4001265, -8740893, -20271184, 4733254, 3727144, -12934448 }, + { 6120119, 814863, -11794402, -622716, 6812205, -15747771, 2019594, 7975683, 31123697, -10958981 }, + { 30069250, -11435332, 30434654, 2958439, 18399564, -976289, 12296869, 9204260, -16432438, 9648165 }, + }, + { + { 32705432, -1550977, 30705658, 7451065, -11805606, 9631813, 3305266, 5248604, -26008332, -11377501 }, + { 17219865, 2375039, -31570947, -5575615, -19459679, 9219903, 294711, 15298639, 2662509, -16297073 }, + { -1172927, -7558695, -4366770, -4287744, -21346413, -8434326, 32087529, -1222777, 32247248, -14389861 }, + }, + { + { 14312628, 1221556, 17395390, -8700143, -4945741, -8684635, -28197744, -9637817, -16027623, -13378845 }, + { -1428825, -9678990, -9235681, 6549687, -7383069, -468664, 23046502, 9803137, 17597934, 2346211 }, + { 18510800, 15337574, 26171504, 981392, -22241552, 7827556, -23491134, -11323352, 3059833, -11782870 }, + }, + { + { 10141598, 6082907, 17829293, -1947643, 9830092, 13613136, -25556636, -5544586, -33502212, 3592096 }, + { 33114168, -15889352, -26525686, -13343397, 33076705, 8716171, 1151462, 1521897, -982665, -6837803 }, + { -32939165, -4255815, 23947181, -324178, -33072974, -12305637, -16637686, 3891704, 26353178, 693168 }, + }, + { + { 30374239, 1595580, -16884039, 13186931, 4600344, 406904, 9585294, -400668, 31375464, 14369965 }, + { -14370654, -7772529, 1510301, 6434173, -18784789, -6262728, 32732230, -13108839, 17901441, 16011505 }, + { 18171223, -11934626, -12500402, 15197122, -11038147, -15230035, -19172240, -16046376, 8764035, 12309598 }, + }, + }, + { + { + { 5975908, -5243188, -19459362, -9681747, -11541277, 14015782, -23665757, 1228319, 17544096, -10593782 }, + { 5811932, -1715293, 3442887, -2269310, -18367348, -8359541, -18044043, -15410127, -5565381, 12348900 }, + { -31399660, 11407555, 25755363, 6891399, -3256938, 14872274, -24849353, 8141295, -10632534, -585479 }, + }, + { + { -12675304, 694026, -5076145, 13300344, 14015258, -14451394, -9698672, -11329050, 30944593, 1130208 }, + { 8247766, -6710942, -26562381, -7709309, -14401939, -14648910, 4652152, 2488540, 23550156, -271232 }, + { 17294316, -3788438, 7026748, 15626851, 22990044, 113481, 2267737, -5908146, -408818, -137719 }, + }, + { + { 16091085, -16253926, 18599252, 7340678, 2137637, -1221657, -3364161, 14550936, 3260525, -7166271 }, + { -4910104, -13332887, 18550887, 10864893, -16459325, -7291596, -23028869, -13204905, -12748722, 2701326 }, + { -8574695, 16099415, 4629974, -16340524, -20786213, -6005432, -10018363, 9276971, 11329923, 1862132 }, + }, + { + { 14763076, -15903608, -30918270, 3689867, 3511892, 10313526, -21951088, 12219231, -9037963, -940300 }, + { 8894987, -3446094, 6150753, 3013931, 301220, 15693451, -31981216, -2909717, -15438168, 11595570 }, + { 15214962, 3537601, -26238722, -14058872, 4418657, -15230761, 13947276, 10730794, -13489462, -4363670 }, + }, + { + { -2538306, 7682793, 32759013, 263109, -29984731, -7955452, -22332124, -10188635, 977108, 699994 }, + { -12466472, 4195084, -9211532, 550904, -15565337, 12917920, 19118110, -439841, -30534533, -14337913 }, + { 31788461, -14507657, 4799989, 7372237, 8808585, -14747943, 9408237, -10051775, 12493932, -5409317 }, + }, + { + { -25680606, 5260744, -19235809, -6284470, -3695942, 16566087, 27218280, 2607121, 29375955, 6024730 }, + { 842132, -2794693, -4763381, -8722815, 26332018, -12405641, 11831880, 6985184, -9940361, 2854096 }, + { -4847262, -7969331, 2516242, -5847713, 9695691, -7221186, 16512645, 960770, 12121869, 16648078 }, + }, + { + { -15218652, 14667096, -13336229, 2013717, 30598287, -464137, -31504922, -7882064, 20237806, 2838411 }, + { -19288047, 4453152, 15298546, -16178388, 22115043, -15972604, 12544294, -13470457, 1068881, -12499905 }, + { -9558883, -16518835, 33238498, 13506958, 30505848, -1114596, -8486907, -2630053, 12521378, 4845654 }, + }, + { + { -28198521, 10744108, -2958380, 10199664, 7759311, -13088600, 3409348, -873400, -6482306, -12885870 }, + { -23561822, 6230156, -20382013, 10655314, -24040585, -11621172, 10477734, -1240216, -3113227, 13974498 }, + { 12966261, 15550616, -32038948, -1615346, 21025980, -629444, 5642325, 7188737, 18895762, 12629579 }, + }, + }, + { + { + { 14741879, -14946887, 22177208, -11721237, 1279741, 8058600, 11758140, 789443, 32195181, 3895677 }, + { 10758205, 15755439, -4509950, 9243698, -4879422, 6879879, -2204575, -3566119, -8982069, 4429647 }, + { -2453894, 15725973, -20436342, -10410672, -5803908, -11040220, -7135870, -11642895, 18047436, -15281743 }, + }, + { + { -25173001, -11307165, 29759956, 11776784, -22262383, -15820455, 10993114, -12850837, -17620701, -9408468 }, + { 21987233, 700364, -24505048, 14972008, -7774265, -5718395, 32155026, 2581431, -29958985, 8773375 }, + { -25568350, 454463, -13211935, 16126715, 25240068, 8594567, 20656846, 12017935, -7874389, -13920155 }, + }, + { + { 6028182, 6263078, -31011806, -11301710, -818919, 2461772, -31841174, -5468042, -1721788, -2776725 }, + { -12278994, 16624277, 987579, -5922598, 32908203, 1248608, 7719845, -4166698, 28408820, 6816612 }, + { -10358094, -8237829, 19549651, -12169222, 22082623, 16147817, 20613181, 13982702, -10339570, 5067943 }, + }, + { + { -30505967, -3821767, 12074681, 13582412, -19877972, 2443951, -19719286, 12746132, 5331210, -10105944 }, + { 30528811, 3601899, -1957090, 4619785, -27361822, -15436388, 24180793, -12570394, 27679908, -1648928 }, + { 9402404, -13957065, 32834043, 10838634, -26580150, -13237195, 26653274, -8685565, 22611444, -12715406 }, + }, + { + { 22190590, 1118029, 22736441, 15130463, -30460692, -5991321, 19189625, -4648942, 4854859, 6622139 }, + { -8310738, -2953450, -8262579, -3388049, -10401731, -271929, 13424426, -3567227, 26404409, 13001963 }, + { -31241838, -15415700, -2994250, 8939346, 11562230, -12840670, -26064365, -11621720, -15405155, 11020693 }, + }, + { + { 1866042, -7949489, -7898649, -10301010, 12483315, 13477547, 3175636, -12424163, 28761762, 1406734 }, + { -448555, -1777666, 13018551, 3194501, -9580420, -11161737, 24760585, -4347088, 25577411, -13378680 }, + { -24290378, 4759345, -690653, -1852816, 2066747, 10693769, -29595790, 9884936, -9368926, 4745410 }, + }, + { + { -9141284, 6049714, -19531061, -4341411, -31260798, 9944276, -15462008, -11311852, 10931924, -11931931 }, + { -16561513, 14112680, -8012645, 4817318, -8040464, -11414606, -22853429, 10856641, -20470770, 13434654 }, + { 22759489, -10073434, -16766264, -1871422, 13637442, -10168091, 1765144, -12654326, 28445307, -5364710 }, + }, + { + { 29875063, 12493613, 2795536, -3786330, 1710620, 15181182, -10195717, -8788675, 9074234, 1167180 }, + { -26205683, 11014233, -9842651, -2635485, -26908120, 7532294, -18716888, -9535498, 3843903, 9367684 }, + { -10969595, -6403711, 9591134, 9582310, 11349256, 108879, 16235123, 8601684, -139197, 4242895 }, + }, + }, + { + { + { 22092954, -13191123, -2042793, -11968512, 32186753, -11517388, -6574341, 2470660, -27417366, 16625501 }, + { -11057722, 3042016, 13770083, -9257922, 584236, -544855, -7770857, 2602725, -27351616, 14247413 }, + { 6314175, -10264892, -32772502, 15957557, -10157730, 168750, -8618807, 14290061, 27108877, -1180880 }, + }, + { + { -8586597, -7170966, 13241782, 10960156, -32991015, -13794596, 33547976, -11058889, -27148451, 981874 }, + { 22833440, 9293594, -32649448, -13618667, -9136966, 14756819, -22928859, -13970780, -10479804, -16197962 }, + { -7768587, 3326786, -28111797, 10783824, 19178761, 14905060, 22680049, 13906969, -15933690, 3797899 }, + }, + { + { 21721356, -4212746, -12206123, 9310182, -3882239, -13653110, 23740224, -2709232, 20491983, -8042152 }, + { 9209270, -15135055, -13256557, -6167798, -731016, 15289673, 25947805, 15286587, 30997318, -6703063 }, + { 7392032, 16618386, 23946583, -8039892, -13265164, -1533858, -14197445, -2321576, 17649998, -250080 }, + }, + { + { -9301088, -14193827, 30609526, -3049543, -25175069, -1283752, -15241566, -9525724, -2233253, 7662146 }, + { -17558673, 1763594, -33114336, 15908610, -30040870, -12174295, 7335080, -8472199, -3174674, 3440183 }, + { -19889700, -5977008, -24111293, -9688870, 10799743, -16571957, 40450, -4431835, 4862400, 1133 }, + }, + { + { -32856209, -7873957, -5422389, 14860950, -16319031, 7956142, 7258061, 311861, -30594991, -7379421 }, + { -3773428, -1565936, 28985340, 7499440, 24445838, 9325937, 29727763, 16527196, 18278453, 15405622 }, + { -4381906, 8508652, -19898366, -3674424, -5984453, 15149970, -13313598, 843523, -21875062, 13626197 }, + }, + { + { 2281448, -13487055, -10915418, -2609910, 1879358, 16164207, -10783882, 3953792, 13340839, 15928663 }, + { 31727126, -7179855, -18437503, -8283652, 2875793, -16390330, -25269894, -7014826, -23452306, 5964753 }, + { 4100420, -5959452, -17179337, 6017714, -18705837, 12227141, -26684835, 11344144, 2538215, -7570755 }, + }, + { + { -9433605, 6123113, 11159803, -2156608, 30016280, 14966241, -20474983, 1485421, -629256, -15958862 }, + { -26804558, 4260919, 11851389, 9658551, -32017107, 16367492, -20205425, -13191288, 11659922, -11115118 }, + { 26180396, 10015009, -30844224, -8581293, 5418197, 9480663, 2231568, -10170080, 33100372, -1306171 }, + }, + { + { 15121113, -5201871, -10389905, 15427821, -27509937, -15992507, 21670947, 4486675, -5931810, -14466380 }, + { 16166486, -9483733, -11104130, 6023908, -31926798, -1364923, 2340060, -16254968, -10735770, -10039824 }, + { 28042865, -3557089, -12126526, 12259706, -3717498, -6945899, 6766453, -8689599, 18036436, 5803270 }, + }, + }, + { + { + { -817581, 6763912, 11803561, 1585585, 10958447, -2671165, 23855391, 4598332, -6159431, -14117438 }, + { -31031306, -14256194, 17332029, -2383520, 31312682, -5967183, 696309, 50292, -20095739, 11763584 }, + { -594563, -2514283, -32234153, 12643980, 12650761, 14811489, 665117, -12613632, -19773211, -10713562 }, + }, + { + { 30464590, -11262872, -4127476, -12734478, 19835327, -7105613, -24396175, 2075773, -17020157, 992471 }, + { 18357185, -6994433, 7766382, 16342475, -29324918, 411174, 14578841, 8080033, -11574335, -10601610 }, + { 19598397, 10334610, 12555054, 2555664, 18821899, -10339780, 21873263, 16014234, 26224780, 16452269 }, + }, + { + { -30223925, 5145196, 5944548, 16385966, 3976735, 2009897, -11377804, -7618186, -20533829, 3698650 }, + { 14187449, 3448569, -10636236, -10810935, -22663880, -3433596, 7268410, -10890444, 27394301, 12015369 }, + { 19695761, 16087646, 28032085, 12999827, 6817792, 11427614, 20244189, -1312777, -13259127, -3402461 }, + }, + { + { 30860103, 12735208, -1888245, -4699734, -16974906, 2256940, -8166013, 12298312, -8550524, -10393462 }, + { -5719826, -11245325, -1910649, 15569035, 26642876, -7587760, -5789354, -15118654, -4976164, 12651793 }, + { -2848395, 9953421, 11531313, -5282879, 26895123, -12697089, -13118820, -16517902, 9768698, -2533218 }, + }, + { + { -24719459, 1894651, -287698, -4704085, 15348719, -8156530, 32767513, 12765450, 4940095, 10678226 }, + { 18860224, 15980149, -18987240, -1562570, -26233012, -11071856, -7843882, 13944024, -24372348, 16582019 }, + { -15504260, 4970268, -29893044, 4175593, -20993212, -2199756, -11704054, 15444560, -11003761, 7989037 }, + }, + { + { 31490452, 5568061, -2412803, 2182383, -32336847, 4531686, -32078269, 6200206, -19686113, -14800171 }, + { -17308668, -15879940, -31522777, -2831, -32887382, 16375549, 8680158, -16371713, 28550068, -6857132 }, + { -28126887, -5688091, 16837845, -1820458, -6850681, 12700016, -30039981, 4364038, 1155602, 5988841 }, + }, + { + { 21890435, -13272907, -12624011, 12154349, -7831873, 15300496, 23148983, -4470481, 24618407, 8283181 }, + { -33136107, -10512751, 9975416, 6841041, -31559793, 16356536, 3070187, -7025928, 1466169, 10740210 }, + { -1509399, -15488185, -13503385, -10655916, 32799044, 909394, -13938903, -5779719, -32164649, -15327040 }, + }, + { + { 3960823, -14267803, -28026090, -15918051, -19404858, 13146868, 15567327, 951507, -3260321, -573935 }, + { 24740841, 5052253, -30094131, 8961361, 25877428, 6165135, -24368180, 14397372, -7380369, -6144105 }, + { -28888365, 3510803, -28103278, -1158478, -11238128, -10631454, -15441463, -14453128, -1625486, -6494814 }, + }, + }, + { + { + { 793299, -9230478, 8836302, -6235707, -27360908, -2369593, 33152843, -4885251, -9906200, -621852 }, + { 5666233, 525582, 20782575, -8038419, -24538499, 14657740, 16099374, 1468826, -6171428, -15186581 }, + { -4859255, -3779343, -2917758, -6748019, 7778750, 11688288, -30404353, -9871238, -1558923, -9863646 }, + }, + { + { 10896332, -7719704, 824275, 472601, -19460308, 3009587, 25248958, 14783338, -30581476, -15757844 }, + { 10566929, 12612572, -31944212, 11118703, -12633376, 12362879, 21752402, 8822496, 24003793, 14264025 }, + { 27713862, -7355973, -11008240, 9227530, 27050101, 2504721, 23886875, -13117525, 13958495, -5732453 }, + }, + { + { -23481610, 4867226, -27247128, 3900521, 29838369, -8212291, -31889399, -10041781, 7340521, -15410068 }, + { 4646514, -8011124, -22766023, -11532654, 23184553, 8566613, 31366726, -1381061, -15066784, -10375192 }, + { -17270517, 12723032, -16993061, 14878794, 21619651, -6197576, 27584817, 3093888, -8843694, 3849921 }, + }, + { + { -9064912, 2103172, 25561640, -15125738, -5239824, 9582958, 32477045, -9017955, 5002294, -15550259 }, + { -12057553, -11177906, 21115585, -13365155, 8808712, -12030708, 16489530, 13378448, -25845716, 12741426 }, + { -5946367, 10645103, -30911586, 15390284, -3286982, -7118677, 24306472, 15852464, 28834118, -7646072 }, + }, + { + { -17335748, -9107057, -24531279, 9434953, -8472084, -583362, -13090771, 455841, 20461858, 5491305 }, + { 13669248, -16095482, -12481974, -10203039, -14569770, -11893198, -24995986, 11293807, -28588204, -9421832 }, + { 28497928, 6272777, -33022994, 14470570, 8906179, -1225630, 18504674, -14165166, 29867745, -8795943 }, + }, + { + { -16207023, 13517196, -27799630, -13697798, 24009064, -6373891, -6367600, -13175392, 22853429, -4012011 }, + { 24191378, 16712145, -13931797, 15217831, 14542237, 1646131, 18603514, -11037887, 12876623, -2112447 }, + { 17902668, 4518229, -411702, -2829247, 26878217, 5258055, -12860753, 608397, 16031844, 3723494 }, + }, + { + { -28632773, 12763728, -20446446, 7577504, 33001348, -13017745, 17558842, -7872890, 23896954, -4314245 }, + { -20005381, -12011952, 31520464, 605201, 2543521, 5991821, -2945064, 7229064, -9919646, -8826859 }, + { 28816045, 298879, -28165016, -15920938, 19000928, -1665890, -12680833, -2949325, -18051778, -2082915 }, + }, + { + { 16000882, -344896, 3493092, -11447198, -29504595, -13159789, 12577740, 16041268, -19715240, 7847707 }, + { 10151868, 10572098, 27312476, 7922682, 14825339, 4723128, -32855931, -6519018, -10020567, 3852848 }, + { -11430470, 15697596, -21121557, -4420647, 5386314, 15063598, 16514493, -15932110, 29330899, -15076224 }, + }, + }, + { + { + { -25499735, -4378794, -15222908, -6901211, 16615731, 2051784, 3303702, 15490, -27548796, 12314391 }, + { 15683520, -6003043, 18109120, -9980648, 15337968, -5997823, -16717435, 15921866, 16103996, -3731215 }, + { -23169824, -10781249, 13588192, -1628807, -3798557, -1074929, -19273607, 5402699, -29815713, -9841101 }, + }, + { + { 23190676, 2384583, -32714340, 3462154, -29903655, -1529132, -11266856, 8911517, -25205859, 2739713 }, + { 21374101, -3554250, -33524649, 9874411, 15377179, 11831242, -33529904, 6134907, 4931255, 11987849 }, + { -7732, -2978858, -16223486, 7277597, 105524, -322051, -31480539, 13861388, -30076310, 10117930 }, + }, + { + { -29501170, -10744872, -26163768, 13051539, -25625564, 5089643, -6325503, 6704079, 12890019, 15728940 }, + { -21972360, -11771379, -951059, -4418840, 14704840, 2695116, 903376, -10428139, 12885167, 8311031 }, + { -17516482, 5352194, 10384213, -13811658, 7506451, 13453191, 26423267, 4384730, 1888765, -5435404 }, + }, + { + { -25817338, -3107312, -13494599, -3182506, 30896459, -13921729, -32251644, -12707869, -19464434, -3340243 }, + { -23607977, -2665774, -526091, 4651136, 5765089, 4618330, 6092245, 14845197, 17151279, -9854116 }, + { -24830458, -12733720, -15165978, 10367250, -29530908, -265356, 22825805, -7087279, -16866484, 16176525 }, + }, + { + { -23583256, 6564961, 20063689, 3798228, -4740178, 7359225, 2006182, -10363426, -28746253, -10197509 }, + { -10626600, -4486402, -13320562, -5125317, 3432136, -6393229, 23632037, -1940610, 32808310, 1099883 }, + { 15030977, 5768825, -27451236, -2887299, -6427378, -15361371, -15277896, -6809350, 2051441, -15225865 }, + }, + { + { -3362323, -7239372, 7517890, 9824992, 23555850, 295369, 5148398, -14154188, -22686354, 16633660 }, + { 4577086, -16752288, 13249841, -15304328, 19958763, -14537274, 18559670, -10759549, 8402478, -9864273 }, + { -28406330, -1051581, -26790155, -907698, -17212414, -11030789, 9453451, -14980072, 17983010, 9967138 }, + }, + { + { -25762494, 6524722, 26585488, 9969270, 24709298, 1220360, -1677990, 7806337, 17507396, 3651560 }, + { -10420457, -4118111, 14584639, 15971087, -15768321, 8861010, 26556809, -5574557, -18553322, -11357135 }, + { 2839101, 14284142, 4029895, 3472686, 14402957, 12689363, -26642121, 8459447, -5605463, -7621941 }, + }, + { + { -4839289, -3535444, 9744961, 2871048, 25113978, 3187018, -25110813, -849066, 17258084, -7977739 }, + { 18164541, -10595176, -17154882, -1542417, 19237078, -9745295, 23357533, -15217008, 26908270, 12150756 }, + { -30264870, -7647865, 5112249, -7036672, -1499807, -6974257, 43168, -5537701, -32302074, 16215819 }, + }, + }, + { + { + { -6898905, 9824394, -12304779, -4401089, -31397141, -6276835, 32574489, 12532905, -7503072, -8675347 }, + { -27343522, -16515468, -27151524, -10722951, 946346, 16291093, 254968, 7168080, 21676107, -1943028 }, + { 21260961, -8424752, -16831886, -11920822, -23677961, 3968121, -3651949, -6215466, -3556191, -7913075 }, + }, + { + { 16544754, 13250366, -16804428, 15546242, -4583003, 12757258, -2462308, -8680336, -18907032, -9662799 }, + { -2415239, -15577728, 18312303, 4964443, -15272530, -12653564, 26820651, 16690659, 25459437, -4564609 }, + { -25144690, 11425020, 28423002, -11020557, -6144921, -15826224, 9142795, -2391602, -6432418, -1644817 }, + }, + { + { -23104652, 6253476, 16964147, -3768872, -25113972, -12296437, -27457225, -16344658, 6335692, 7249989 }, + { -30333227, 13979675, 7503222, -12368314, -11956721, -4621693, -30272269, 2682242, 25993170, -12478523 }, + { 4364628, 5930691, 32304656, -10044554, -8054781, 15091131, 22857016, -10598955, 31820368, 15075278 }, + }, + { + { 31879134, -8918693, 17258761, 90626, -8041836, -4917709, 24162788, -9650886, -17970238, 12833045 }, + { 19073683, 14851414, -24403169, -11860168, 7625278, 11091125, -19619190, 2074449, -9413939, 14905377 }, + { 24483667, -11935567, -2518866, -11547418, -1553130, 15355506, -25282080, 9253129, 27628530, -7555480 }, + }, + { + { 17597607, 8340603, 19355617, 552187, 26198470, -3176583, 4593324, -9157582, -14110875, 15297016 }, + { 510886, 14337390, -31785257, 16638632, 6328095, 2713355, -20217417, -11864220, 8683221, 2921426 }, + { 18606791, 11874196, 27155355, -5281482, -24031742, 6265446, -25178240, -1278924, 4674690, 13890525 }, + }, + { + { 13609624, 13069022, -27372361, -13055908, 24360586, 9592974, 14977157, 9835105, 4389687, 288396 }, + { 9922506, -519394, 13613107, 5883594, -18758345, -434263, -12304062, 8317628, 23388070, 16052080 }, + { 12720016, 11937594, -31970060, -5028689, 26900120, 8561328, -20155687, -11632979, -14754271, -10812892 }, + }, + { + { 15961858, 14150409, 26716931, -665832, -22794328, 13603569, 11829573, 7467844, -28822128, 929275 }, + { 11038231, -11582396, -27310482, -7316562, -10498527, -16307831, -23479533, -9371869, -21393143, 2465074 }, + { 20017163, -4323226, 27915242, 1529148, 12396362, 15675764, 13817261, -9658066, 2463391, -4622140 }, + }, + { + { -16358878, -12663911, -12065183, 4996454, -1256422, 1073572, 9583558, 12851107, 4003896, 12673717 }, + { -1731589, -15155870, -3262930, 16143082, 19294135, 13385325, 14741514, -9103726, 7903886, 2348101 }, + { 24536016, -16515207, 12715592, -3862155, 1511293, 10047386, -3842346, -7129159, -28377538, 10048127 }, + }, + }, + { + { + { -12622226, -6204820, 30718825, 2591312, -10617028, 12192840, 18873298, -7297090, -32297756, 15221632 }, + { -26478122, -11103864, 11546244, -1852483, 9180880, 7656409, -21343950, 2095755, 29769758, 6593415 }, + { -31994208, -2907461, 4176912, 3264766, 12538965, -868111, 26312345, -6118678, 30958054, 8292160 }, + }, + { + { 31429822, -13959116, 29173532, 15632448, 12174511, -2760094, 32808831, 3977186, 26143136, -3148876 }, + { 22648901, 1402143, -22799984, 13746059, 7936347, 365344, -8668633, -1674433, -3758243, -2304625 }, + { -15491917, 8012313, -2514730, -12702462, -23965846, -10254029, -1612713, -1535569, -16664475, 8194478 }, + }, + { + { 27338066, -7507420, -7414224, 10140405, -19026427, -6589889, 27277191, 8855376, 28572286, 3005164 }, + { 26287124, 4821776, 25476601, -4145903, -3764513, -15788984, -18008582, 1182479, -26094821, -13079595 }, + { -7171154, 3178080, 23970071, 6201893, -17195577, -4489192, -21876275, -13982627, 32208683, -1198248 }, + }, + { + { -16657702, 2817643, -10286362, 14811298, 6024667, 13349505, -27315504, -10497842, -27672585, -11539858 }, + { 15941029, -9405932, -21367050, 8062055, 31876073, -238629, -15278393, -1444429, 15397331, -4130193 }, + { 8934485, -13485467, -23286397, -13423241, -32446090, 14047986, 31170398, -1441021, -27505566, 15087184 }, + }, + { + { -18357243, -2156491, 24524913, -16677868, 15520427, -6360776, -15502406, 11461896, 16788528, -5868942 }, + { -1947386, 16013773, 21750665, 3714552, -17401782, -16055433, -3770287, -10323320, 31322514, -11615635 }, + { 21426655, -5650218, -13648287, -5347537, -28812189, -4920970, -18275391, -14621414, 13040862, -12112948 }, + }, + { + { 11293895, 12478086, -27136401, 15083750, -29307421, 14748872, 14555558, -13417103, 1613711, 4896935 }, + { -25894883, 15323294, -8489791, -8057900, 25967126, -13425460, 2825960, -4897045, -23971776, -11267415 }, + { -15924766, -5229880, -17443532, 6410664, 3622847, 10243618, 20615400, 12405433, -23753030, -8436416 }, + }, + { + { -7091295, 12556208, -20191352, 9025187, -17072479, 4333801, 4378436, 2432030, 23097949, -566018 }, + { 4565804, -16025654, 20084412, -7842817, 1724999, 189254, 24767264, 10103221, -18512313, 2424778 }, + { 366633, -11976806, 8173090, -6890119, 30788634, 5745705, -7168678, 1344109, -3642553, 12412659 }, + }, + { + { -24001791, 7690286, 14929416, -168257, -32210835, -13412986, 24162697, -15326504, -3141501, 11179385 }, + { 18289522, -14724954, 8056945, 16430056, -21729724, 7842514, -6001441, -1486897, -18684645, -11443503 }, + { 476239, 6601091, -6152790, -9723375, 17503545, -4863900, 27672959, 13403813, 11052904, 5219329 }, + }, + }, + { + { + { 20678546, -8375738, -32671898, 8849123, -5009758, 14574752, 31186971, -3973730, 9014762, -8579056 }, + { -13644050, -10350239, -15962508, 5075808, -1514661, -11534600, -33102500, 9160280, 8473550, -3256838 }, + { 24900749, 14435722, 17209120, -15292541, -22592275, 9878983, -7689309, -16335821, -24568481, 11788948 }, + }, + { + { -3118155, -11395194, -13802089, 14797441, 9652448, -6845904, -20037437, 10410733, -24568470, -1458691 }, + { -15659161, 16736706, -22467150, 10215878, -9097177, 7563911, 11871841, -12505194, -18513325, 8464118 }, + { -23400612, 8348507, -14585951, -861714, -3950205, -6373419, 14325289, 8628612, 33313881, -8370517 }, + }, + { + { -20186973, -4967935, 22367356, 5271547, -1097117, -4788838, -24805667, -10236854, -8940735, -5818269 }, + { -6948785, -1795212, -32625683, -16021179, 32635414, -7374245, 15989197, -12838188, 28358192, -4253904 }, + { -23561781, -2799059, -32351682, -1661963, -9147719, 10429267, -16637684, 4072016, -5351664, 5596589 }, + }, + { + { -28236598, -3390048, 12312896, 6213178, 3117142, 16078565, 29266239, 2557221, 1768301, 15373193 }, + { -7243358, -3246960, -4593467, -7553353, -127927, -912245, -1090902, -4504991, -24660491, 3442910 }, + { -30210571, 5124043, 14181784, 8197961, 18964734, -11939093, 22597931, 7176455, -18585478, 13365930 }, + }, + { + { -7877390, -1499958, 8324673, 4690079, 6261860, 890446, 24538107, -8570186, -9689599, -3031667 }, + { 25008904, -10771599, -4305031, -9638010, 16265036, 15721635, 683793, -11823784, 15723479, -15163481 }, + { -9660625, 12374379, -27006999, -7026148, -7724114, -12314514, 11879682, 5400171, 519526, -1235876 }, + }, + { + { 22258397, -16332233, -7869817, 14613016, -22520255, -2950923, -20353881, 7315967, 16648397, 7605640 }, + { -8081308, -8464597, -8223311, 9719710, 19259459, -15348212, 23994942, -5281555, -9468848, 4763278 }, + { -21699244, 9220969, -15730624, 1084137, -25476107, -2852390, 31088447, -7764523, -11356529, 728112 }, + }, + { + { 26047220, -11751471, -6900323, -16521798, 24092068, 9158119, -4273545, -12555558, -29365436, -5498272 }, + { 17510331, -322857, 5854289, 8403524, 17133918, -3112612, -28111007, 12327945, 10750447, 10014012 }, + { -10312768, 3936952, 9156313, -8897683, 16498692, -994647, -27481051, -666732, 3424691, 7540221 }, + }, + { + { 30322361, -6964110, 11361005, -4143317, 7433304, 4989748, -7071422, -16317219, -9244265, 15258046 }, + { 13054562, -2779497, 19155474, 469045, -12482797, 4566042, 5631406, 2711395, 1062915, -5136345 }, + { -19240248, -11254599, -29509029, -7499965, -5835763, 13005411, -6066489, 12194497, 32960380, 1459310 }, + }, + }, + { + { + { 19852034, 7027924, 23669353, 10020366, 8586503, -6657907, 394197, -6101885, 18638003, -11174937 }, + { 31395534, 15098109, 26581030, 8030562, -16527914, -5007134, 9012486, -7584354, -6643087, -5442636 }, + { -9192165, -2347377, -1997099, 4529534, 25766844, 607986, -13222, 9677543, -32294889, -6456008 }, + }, + { + { -2444496, -149937, 29348902, 8186665, 1873760, 12489863, -30934579, -7839692, -7852844, -8138429 }, + { -15236356, -15433509, 7766470, 746860, 26346930, -10221762, -27333451, 10754588, -9431476, 5203576 }, + { 31834314, 14135496, -770007, 5159118, 20917671, -16768096, -7467973, -7337524, 31809243, 7347066 }, + }, + { + { -9606723, -11874240, 20414459, 13033986, 13716524, -11691881, 19797970, -12211255, 15192876, -2087490 }, + { -12663563, -2181719, 1168162, -3804809, 26747877, -14138091, 10609330, 12694420, 33473243, -13382104 }, + { 33184999, 11180355, 15832085, -11385430, -1633671, 225884, 15089336, -11023903, -6135662, 14480053 }, + }, + { + { 31308717, -5619998, 31030840, -1897099, 15674547, -6582883, 5496208, 13685227, 27595050, 8737275 }, + { -20318852, -15150239, 10933843, -16178022, 8335352, -7546022, -31008351, -12610604, 26498114, 66511 }, + { 22644454, -8761729, -16671776, 4884562, -3105614, -13559366, 30540766, -4286747, -13327787, -7515095 }, + }, + { + { -28017847, 9834845, 18617207, -2681312, -3401956, -13307506, 8205540, 13585437, -17127465, 15115439 }, + { 23711543, -672915, 31206561, -8362711, 6164647, -9709987, -33535882, -1426096, 8236921, 16492939 }, + { -23910559, -13515526, -26299483, -4503841, 25005590, -7687270, 19574902, 10071562, 6708380, -6222424 }, + }, + { + { 2101391, -4930054, 19702731, 2367575, -15427167, 1047675, 5301017, 9328700, 29955601, -11678310 }, + { 3096359, 9271816, -21620864, -15521844, -14847996, -7592937, -25892142, -12635595, -9917575, 6216608 }, + { -32615849, 338663, -25195611, 2510422, -29213566, -13820213, 24822830, -6146567, -26767480, 7525079 }, + }, + { + { -23066649, -13985623, 16133487, -7896178, -3389565, 778788, -910336, -2782495, -19386633, 11994101 }, + { 21691500, -13624626, -641331, -14367021, 3285881, -3483596, -25064666, 9718258, -7477437, 13381418 }, + { 18445390, -4202236, 14979846, 11622458, -1727110, -3582980, 23111648, -6375247, 28535282, 15779576 }, + }, + { + { 30098053, 3089662, -9234387, 16662135, -21306940, 11308411, -14068454, 12021730, 9955285, -16303356 }, + { 9734894, -14576830, -7473633, -9138735, 2060392, 11313496, -18426029, 9924399, 20194861, 13380996 }, + { -26378102, -7965207, -22167821, 15789297, -18055342, -6168792, -1984914, 15707771, 26342023, 10146099 }, + }, + }, + { + { + { -26016874, -219943, 21339191, -41388, 19745256, -2878700, -29637280, 2227040, 21612326, -545728 }, + { -13077387, 1184228, 23562814, -5970442, -20351244, -6348714, 25764461, 12243797, -20856566, 11649658 }, + { -10031494, 11262626, 27384172, 2271902, 26947504, -15997771, 39944, 6114064, 33514190, 2333242 }, + }, + { + { -21433588, -12421821, 8119782, 7219913, -21830522, -9016134, -6679750, -12670638, 24350578, -13450001 }, + { -4116307, -11271533, -23886186, 4843615, -30088339, 690623, -31536088, -10406836, 8317860, 12352766 }, + { 18200138, -14475911, -33087759, -2696619, -23702521, -9102511, -23552096, -2287550, 20712163, 6719373 }, + }, + { + { 26656208, 6075253, -7858556, 1886072, -28344043, 4262326, 11117530, -3763210, 26224235, -3297458 }, + { -17168938, -14854097, -3395676, -16369877, -19954045, 14050420, 21728352, 9493610, 18620611, -16428628 }, + { -13323321, 13325349, 11432106, 5964811, 18609221, 6062965, -5269471, -9725556, -30701573, -16479657 }, + }, + { + { -23860538, -11233159, 26961357, 1640861, -32413112, -16737940, 12248509, -5240639, 13735342, 1934062 }, + { 25089769, 6742589, 17081145, -13406266, 21909293, -16067981, -15136294, -3765346, -21277997, 5473616 }, + { 31883677, -7961101, 1083432, -11572403, 22828471, 13290673, -7125085, 12469656, 29111212, -5451014 }, + }, + { + { 24244947, -15050407, -26262976, 2791540, -14997599, 16666678, 24367466, 6388839, -10295587, 452383 }, + { -25640782, -3417841, 5217916, 16224624, 19987036, -4082269, -24236251, -5915248, 15766062, 8407814 }, + { -20406999, 13990231, 15495425, 16395525, 5377168, 15166495, -8917023, -4388953, -8067909, 2276718 }, + }, + { + { 30157918, 12924066, -17712050, 9245753, 19895028, 3368142, -23827587, 5096219, 22740376, -7303417 }, + { 2041139, -14256350, 7783687, 13876377, -25946985, -13352459, 24051124, 13742383, -15637599, 13295222 }, + { 33338237, -8505733, 12532113, 7977527, 9106186, -1715251, -17720195, -4612972, -4451357, -14669444 }, + }, + { + { -20045281, 5454097, -14346548, 6447146, 28862071, 1883651, -2469266, -4141880, 7770569, 9620597 }, + { 23208068, 7979712, 33071466, 8149229, 1758231, -10834995, 30945528, -1694323, -33502340, -14767970 }, + { 1439958, -16270480, -1079989, -793782, 4625402, 10647766, -5043801, 1220118, 30494170, -11440799 }, + }, + { + { -5037580, -13028295, -2970559, -3061767, 15640974, -6701666, -26739026, 926050, -1684339, -13333647 }, + { 13908495, -3549272, 30919928, -6273825, -21521863, 7989039, 9021034, 9078865, 3353509, 4033511 }, + { -29663431, -15113610, 32259991, -344482, 24295849, -12912123, 23161163, 8839127, 27485041, 7356032 }, + }, + }, + { + { + { 9661027, 705443, 11980065, -5370154, -1628543, 14661173, -6346142, 2625015, 28431036, -16771834 }, + { -23839233, -8311415, -25945511, 7480958, -17681669, -8354183, -22545972, 14150565, 15970762, 4099461 }, + { 29262576, 16756590, 26350592, -8793563, 8529671, -11208050, 13617293, -9937143, 11465739, 8317062 }, + }, + { + { -25493081, -6962928, 32500200, -9419051, -23038724, -2302222, 14898637, 3848455, 20969334, -5157516 }, + { -20384450, -14347713, -18336405, 13884722, -33039454, 2842114, -21610826, -3649888, 11177095, 14989547 }, + { -24496721, -11716016, 16959896, 2278463, 12066309, 10137771, 13515641, 2581286, -28487508, 9930240 }, + }, + { + { -17751622, -2097826, 16544300, -13009300, -15914807, -14949081, 18345767, -13403753, 16291481, -5314038 }, + { -33229194, 2553288, 32678213, 9875984, 8534129, 6889387, -9676774, 6957617, 4368891, 9788741 }, + { 16660756, 7281060, -10830758, 12911820, 20108584, -8101676, -21722536, -8613148, 16250552, -11111103 }, + }, + { + { -19765507, 2390526, -16551031, 14161980, 1905286, 6414907, 4689584, 10604807, -30190403, 4782747 }, + { -1354539, 14736941, -7367442, -13292886, 7710542, -14155590, -9981571, 4383045, 22546403, 437323 }, + { 31665577, -12180464, -16186830, 1491339, -18368625, 3294682, 27343084, 2786261, -30633590, -14097016 }, + }, + { + { -14467279, -683715, -33374107, 7448552, 19294360, 14334329, -19690631, 2355319, -19284671, -6114373 }, + { 15121312, -15796162, 6377020, -6031361, -10798111, -12957845, 18952177, 15496498, -29380133, 11754228 }, + { -2637277, -13483075, 8488727, -14303896, 12728761, -1622493, 7141596, 11724556, 22761615, -10134141 }, + }, + { + { 16918416, 11729663, -18083579, 3022987, -31015732, -13339659, -28741185, -12227393, 32851222, 11717399 }, + { 11166634, 7338049, -6722523, 4531520, -29468672, -7302055, 31474879, 3483633, -1193175, -4030831 }, + { -185635, 9921305, 31456609, -13536438, -12013818, 13348923, 33142652, 6546660, -19985279, -3948376 }, + }, + { + { -32460596, 11266712, -11197107, -7899103, 31703694, 3855903, -8537131, -12833048, -30772034, -15486313 }, + { -18006477, 12709068, 3991746, -6479188, -21491523, -10550425, -31135347, -16049879, 10928917, 3011958 }, + { -6957757, -15594337, 31696059, 334240, 29576716, 14796075, -30831056, -12805180, 18008031, 10258577 }, + }, + { + { -22448644, 15655569, 7018479, -4410003, -30314266, -1201591, -1853465, 1367120, 25127874, 6671743 }, + { 29701166, -14373934, -10878120, 9279288, -17568, 13127210, 21382910, 11042292, 25838796, 4642684 }, + { -20430234, 14955537, -24126347, 8124619, -5369288, -5990470, 30468147, -13900640, 18423289, 4177476 }, + }, + }, +}; \ No newline at end of file diff --git a/src/ed25519/sc.c b/src/ed25519/sc.c new file mode 100644 index 0000000..ca5bad2 --- /dev/null +++ b/src/ed25519/sc.c @@ -0,0 +1,809 @@ +#include "fixedint.h" +#include "sc.h" + +static uint64_t load_3(const unsigned char *in) { + uint64_t result; + + result = (uint64_t) in[0]; + result |= ((uint64_t) in[1]) << 8; + result |= ((uint64_t) in[2]) << 16; + + return result; +} + +static uint64_t load_4(const unsigned char *in) { + uint64_t result; + + result = (uint64_t) in[0]; + result |= ((uint64_t) in[1]) << 8; + result |= ((uint64_t) in[2]) << 16; + result |= ((uint64_t) in[3]) << 24; + + return result; +} + +/* +Input: + s[0]+256*s[1]+...+256^63*s[63] = s + +Output: + s[0]+256*s[1]+...+256^31*s[31] = s mod l + where l = 2^252 + 27742317777372353535851937790883648493. + Overwrites s in place. +*/ + +void sc_reduce(unsigned char *s) { + int64_t s0 = 2097151 & load_3(s); + int64_t s1 = 2097151 & (load_4(s + 2) >> 5); + int64_t s2 = 2097151 & (load_3(s + 5) >> 2); + int64_t s3 = 2097151 & (load_4(s + 7) >> 7); + int64_t s4 = 2097151 & (load_4(s + 10) >> 4); + int64_t s5 = 2097151 & (load_3(s + 13) >> 1); + int64_t s6 = 2097151 & (load_4(s + 15) >> 6); + int64_t s7 = 2097151 & (load_3(s + 18) >> 3); + int64_t s8 = 2097151 & load_3(s + 21); + int64_t s9 = 2097151 & (load_4(s + 23) >> 5); + int64_t s10 = 2097151 & (load_3(s + 26) >> 2); + int64_t s11 = 2097151 & (load_4(s + 28) >> 7); + int64_t s12 = 2097151 & (load_4(s + 31) >> 4); + int64_t s13 = 2097151 & (load_3(s + 34) >> 1); + int64_t s14 = 2097151 & (load_4(s + 36) >> 6); + int64_t s15 = 2097151 & (load_3(s + 39) >> 3); + int64_t s16 = 2097151 & load_3(s + 42); + int64_t s17 = 2097151 & (load_4(s + 44) >> 5); + int64_t s18 = 2097151 & (load_3(s + 47) >> 2); + int64_t s19 = 2097151 & (load_4(s + 49) >> 7); + int64_t s20 = 2097151 & (load_4(s + 52) >> 4); + int64_t s21 = 2097151 & (load_3(s + 55) >> 1); + int64_t s22 = 2097151 & (load_4(s + 57) >> 6); + int64_t s23 = (load_4(s + 60) >> 3); + int64_t carry0; + int64_t carry1; + int64_t carry2; + int64_t carry3; + int64_t carry4; + int64_t carry5; + int64_t carry6; + int64_t carry7; + int64_t carry8; + int64_t carry9; + int64_t carry10; + int64_t carry11; + int64_t carry12; + int64_t carry13; + int64_t carry14; + int64_t carry15; + int64_t carry16; + + s11 += s23 * 666643; + s12 += s23 * 470296; + s13 += s23 * 654183; + s14 -= s23 * 997805; + s15 += s23 * 136657; + s16 -= s23 * 683901; + s23 = 0; + s10 += s22 * 666643; + s11 += s22 * 470296; + s12 += s22 * 654183; + s13 -= s22 * 997805; + s14 += s22 * 136657; + s15 -= s22 * 683901; + s22 = 0; + s9 += s21 * 666643; + s10 += s21 * 470296; + s11 += s21 * 654183; + s12 -= s21 * 997805; + s13 += s21 * 136657; + s14 -= s21 * 683901; + s21 = 0; + s8 += s20 * 666643; + s9 += s20 * 470296; + s10 += s20 * 654183; + s11 -= s20 * 997805; + s12 += s20 * 136657; + s13 -= s20 * 683901; + s20 = 0; + s7 += s19 * 666643; + s8 += s19 * 470296; + s9 += s19 * 654183; + s10 -= s19 * 997805; + s11 += s19 * 136657; + s12 -= s19 * 683901; + s19 = 0; + s6 += s18 * 666643; + s7 += s18 * 470296; + s8 += s18 * 654183; + s9 -= s18 * 997805; + s10 += s18 * 136657; + s11 -= s18 * 683901; + s18 = 0; + carry6 = (s6 + (1 << 20)) >> 21; + s7 += carry6; + s6 -= carry6 << 21; + carry8 = (s8 + (1 << 20)) >> 21; + s9 += carry8; + s8 -= carry8 << 21; + carry10 = (s10 + (1 << 20)) >> 21; + s11 += carry10; + s10 -= carry10 << 21; + carry12 = (s12 + (1 << 20)) >> 21; + s13 += carry12; + s12 -= carry12 << 21; + carry14 = (s14 + (1 << 20)) >> 21; + s15 += carry14; + s14 -= carry14 << 21; + carry16 = (s16 + (1 << 20)) >> 21; + s17 += carry16; + s16 -= carry16 << 21; + carry7 = (s7 + (1 << 20)) >> 21; + s8 += carry7; + s7 -= carry7 << 21; + carry9 = (s9 + (1 << 20)) >> 21; + s10 += carry9; + s9 -= carry9 << 21; + carry11 = (s11 + (1 << 20)) >> 21; + s12 += carry11; + s11 -= carry11 << 21; + carry13 = (s13 + (1 << 20)) >> 21; + s14 += carry13; + s13 -= carry13 << 21; + carry15 = (s15 + (1 << 20)) >> 21; + s16 += carry15; + s15 -= carry15 << 21; + s5 += s17 * 666643; + s6 += s17 * 470296; + s7 += s17 * 654183; + s8 -= s17 * 997805; + s9 += s17 * 136657; + s10 -= s17 * 683901; + s17 = 0; + s4 += s16 * 666643; + s5 += s16 * 470296; + s6 += s16 * 654183; + s7 -= s16 * 997805; + s8 += s16 * 136657; + s9 -= s16 * 683901; + s16 = 0; + s3 += s15 * 666643; + s4 += s15 * 470296; + s5 += s15 * 654183; + s6 -= s15 * 997805; + s7 += s15 * 136657; + s8 -= s15 * 683901; + s15 = 0; + s2 += s14 * 666643; + s3 += s14 * 470296; + s4 += s14 * 654183; + s5 -= s14 * 997805; + s6 += s14 * 136657; + s7 -= s14 * 683901; + s14 = 0; + s1 += s13 * 666643; + s2 += s13 * 470296; + s3 += s13 * 654183; + s4 -= s13 * 997805; + s5 += s13 * 136657; + s6 -= s13 * 683901; + s13 = 0; + s0 += s12 * 666643; + s1 += s12 * 470296; + s2 += s12 * 654183; + s3 -= s12 * 997805; + s4 += s12 * 136657; + s5 -= s12 * 683901; + s12 = 0; + carry0 = (s0 + (1 << 20)) >> 21; + s1 += carry0; + s0 -= carry0 << 21; + carry2 = (s2 + (1 << 20)) >> 21; + s3 += carry2; + s2 -= carry2 << 21; + carry4 = (s4 + (1 << 20)) >> 21; + s5 += carry4; + s4 -= carry4 << 21; + carry6 = (s6 + (1 << 20)) >> 21; + s7 += carry6; + s6 -= carry6 << 21; + carry8 = (s8 + (1 << 20)) >> 21; + s9 += carry8; + s8 -= carry8 << 21; + carry10 = (s10 + (1 << 20)) >> 21; + s11 += carry10; + s10 -= carry10 << 21; + carry1 = (s1 + (1 << 20)) >> 21; + s2 += carry1; + s1 -= carry1 << 21; + carry3 = (s3 + (1 << 20)) >> 21; + s4 += carry3; + s3 -= carry3 << 21; + carry5 = (s5 + (1 << 20)) >> 21; + s6 += carry5; + s5 -= carry5 << 21; + carry7 = (s7 + (1 << 20)) >> 21; + s8 += carry7; + s7 -= carry7 << 21; + carry9 = (s9 + (1 << 20)) >> 21; + s10 += carry9; + s9 -= carry9 << 21; + carry11 = (s11 + (1 << 20)) >> 21; + s12 += carry11; + s11 -= carry11 << 21; + s0 += s12 * 666643; + s1 += s12 * 470296; + s2 += s12 * 654183; + s3 -= s12 * 997805; + s4 += s12 * 136657; + s5 -= s12 * 683901; + s12 = 0; + carry0 = s0 >> 21; + s1 += carry0; + s0 -= carry0 << 21; + carry1 = s1 >> 21; + s2 += carry1; + s1 -= carry1 << 21; + carry2 = s2 >> 21; + s3 += carry2; + s2 -= carry2 << 21; + carry3 = s3 >> 21; + s4 += carry3; + s3 -= carry3 << 21; + carry4 = s4 >> 21; + s5 += carry4; + s4 -= carry4 << 21; + carry5 = s5 >> 21; + s6 += carry5; + s5 -= carry5 << 21; + carry6 = s6 >> 21; + s7 += carry6; + s6 -= carry6 << 21; + carry7 = s7 >> 21; + s8 += carry7; + s7 -= carry7 << 21; + carry8 = s8 >> 21; + s9 += carry8; + s8 -= carry8 << 21; + carry9 = s9 >> 21; + s10 += carry9; + s9 -= carry9 << 21; + carry10 = s10 >> 21; + s11 += carry10; + s10 -= carry10 << 21; + carry11 = s11 >> 21; + s12 += carry11; + s11 -= carry11 << 21; + s0 += s12 * 666643; + s1 += s12 * 470296; + s2 += s12 * 654183; + s3 -= s12 * 997805; + s4 += s12 * 136657; + s5 -= s12 * 683901; + s12 = 0; + carry0 = s0 >> 21; + s1 += carry0; + s0 -= carry0 << 21; + carry1 = s1 >> 21; + s2 += carry1; + s1 -= carry1 << 21; + carry2 = s2 >> 21; + s3 += carry2; + s2 -= carry2 << 21; + carry3 = s3 >> 21; + s4 += carry3; + s3 -= carry3 << 21; + carry4 = s4 >> 21; + s5 += carry4; + s4 -= carry4 << 21; + carry5 = s5 >> 21; + s6 += carry5; + s5 -= carry5 << 21; + carry6 = s6 >> 21; + s7 += carry6; + s6 -= carry6 << 21; + carry7 = s7 >> 21; + s8 += carry7; + s7 -= carry7 << 21; + carry8 = s8 >> 21; + s9 += carry8; + s8 -= carry8 << 21; + carry9 = s9 >> 21; + s10 += carry9; + s9 -= carry9 << 21; + carry10 = s10 >> 21; + s11 += carry10; + s10 -= carry10 << 21; + + s[0] = (unsigned char) (s0 >> 0); + s[1] = (unsigned char) (s0 >> 8); + s[2] = (unsigned char) ((s0 >> 16) | (s1 << 5)); + s[3] = (unsigned char) (s1 >> 3); + s[4] = (unsigned char) (s1 >> 11); + s[5] = (unsigned char) ((s1 >> 19) | (s2 << 2)); + s[6] = (unsigned char) (s2 >> 6); + s[7] = (unsigned char) ((s2 >> 14) | (s3 << 7)); + s[8] = (unsigned char) (s3 >> 1); + s[9] = (unsigned char) (s3 >> 9); + s[10] = (unsigned char) ((s3 >> 17) | (s4 << 4)); + s[11] = (unsigned char) (s4 >> 4); + s[12] = (unsigned char) (s4 >> 12); + s[13] = (unsigned char) ((s4 >> 20) | (s5 << 1)); + s[14] = (unsigned char) (s5 >> 7); + s[15] = (unsigned char) ((s5 >> 15) | (s6 << 6)); + s[16] = (unsigned char) (s6 >> 2); + s[17] = (unsigned char) (s6 >> 10); + s[18] = (unsigned char) ((s6 >> 18) | (s7 << 3)); + s[19] = (unsigned char) (s7 >> 5); + s[20] = (unsigned char) (s7 >> 13); + s[21] = (unsigned char) (s8 >> 0); + s[22] = (unsigned char) (s8 >> 8); + s[23] = (unsigned char) ((s8 >> 16) | (s9 << 5)); + s[24] = (unsigned char) (s9 >> 3); + s[25] = (unsigned char) (s9 >> 11); + s[26] = (unsigned char) ((s9 >> 19) | (s10 << 2)); + s[27] = (unsigned char) (s10 >> 6); + s[28] = (unsigned char) ((s10 >> 14) | (s11 << 7)); + s[29] = (unsigned char) (s11 >> 1); + s[30] = (unsigned char) (s11 >> 9); + s[31] = (unsigned char) (s11 >> 17); +} + + + +/* +Input: + a[0]+256*a[1]+...+256^31*a[31] = a + b[0]+256*b[1]+...+256^31*b[31] = b + c[0]+256*c[1]+...+256^31*c[31] = c + +Output: + s[0]+256*s[1]+...+256^31*s[31] = (ab+c) mod l + where l = 2^252 + 27742317777372353535851937790883648493. +*/ + +void sc_muladd(unsigned char *s, const unsigned char *a, const unsigned char *b, const unsigned char *c) { + int64_t a0 = 2097151 & load_3(a); + int64_t a1 = 2097151 & (load_4(a + 2) >> 5); + int64_t a2 = 2097151 & (load_3(a + 5) >> 2); + int64_t a3 = 2097151 & (load_4(a + 7) >> 7); + int64_t a4 = 2097151 & (load_4(a + 10) >> 4); + int64_t a5 = 2097151 & (load_3(a + 13) >> 1); + int64_t a6 = 2097151 & (load_4(a + 15) >> 6); + int64_t a7 = 2097151 & (load_3(a + 18) >> 3); + int64_t a8 = 2097151 & load_3(a + 21); + int64_t a9 = 2097151 & (load_4(a + 23) >> 5); + int64_t a10 = 2097151 & (load_3(a + 26) >> 2); + int64_t a11 = (load_4(a + 28) >> 7); + int64_t b0 = 2097151 & load_3(b); + int64_t b1 = 2097151 & (load_4(b + 2) >> 5); + int64_t b2 = 2097151 & (load_3(b + 5) >> 2); + int64_t b3 = 2097151 & (load_4(b + 7) >> 7); + int64_t b4 = 2097151 & (load_4(b + 10) >> 4); + int64_t b5 = 2097151 & (load_3(b + 13) >> 1); + int64_t b6 = 2097151 & (load_4(b + 15) >> 6); + int64_t b7 = 2097151 & (load_3(b + 18) >> 3); + int64_t b8 = 2097151 & load_3(b + 21); + int64_t b9 = 2097151 & (load_4(b + 23) >> 5); + int64_t b10 = 2097151 & (load_3(b + 26) >> 2); + int64_t b11 = (load_4(b + 28) >> 7); + int64_t c0 = 2097151 & load_3(c); + int64_t c1 = 2097151 & (load_4(c + 2) >> 5); + int64_t c2 = 2097151 & (load_3(c + 5) >> 2); + int64_t c3 = 2097151 & (load_4(c + 7) >> 7); + int64_t c4 = 2097151 & (load_4(c + 10) >> 4); + int64_t c5 = 2097151 & (load_3(c + 13) >> 1); + int64_t c6 = 2097151 & (load_4(c + 15) >> 6); + int64_t c7 = 2097151 & (load_3(c + 18) >> 3); + int64_t c8 = 2097151 & load_3(c + 21); + int64_t c9 = 2097151 & (load_4(c + 23) >> 5); + int64_t c10 = 2097151 & (load_3(c + 26) >> 2); + int64_t c11 = (load_4(c + 28) >> 7); + int64_t s0; + int64_t s1; + int64_t s2; + int64_t s3; + int64_t s4; + int64_t s5; + int64_t s6; + int64_t s7; + int64_t s8; + int64_t s9; + int64_t s10; + int64_t s11; + int64_t s12; + int64_t s13; + int64_t s14; + int64_t s15; + int64_t s16; + int64_t s17; + int64_t s18; + int64_t s19; + int64_t s20; + int64_t s21; + int64_t s22; + int64_t s23; + int64_t carry0; + int64_t carry1; + int64_t carry2; + int64_t carry3; + int64_t carry4; + int64_t carry5; + int64_t carry6; + int64_t carry7; + int64_t carry8; + int64_t carry9; + int64_t carry10; + int64_t carry11; + int64_t carry12; + int64_t carry13; + int64_t carry14; + int64_t carry15; + int64_t carry16; + int64_t carry17; + int64_t carry18; + int64_t carry19; + int64_t carry20; + int64_t carry21; + int64_t carry22; + + s0 = c0 + a0 * b0; + s1 = c1 + a0 * b1 + a1 * b0; + s2 = c2 + a0 * b2 + a1 * b1 + a2 * b0; + s3 = c3 + a0 * b3 + a1 * b2 + a2 * b1 + a3 * b0; + s4 = c4 + a0 * b4 + a1 * b3 + a2 * b2 + a3 * b1 + a4 * b0; + s5 = c5 + a0 * b5 + a1 * b4 + a2 * b3 + a3 * b2 + a4 * b1 + a5 * b0; + s6 = c6 + a0 * b6 + a1 * b5 + a2 * b4 + a3 * b3 + a4 * b2 + a5 * b1 + a6 * b0; + s7 = c7 + a0 * b7 + a1 * b6 + a2 * b5 + a3 * b4 + a4 * b3 + a5 * b2 + a6 * b1 + a7 * b0; + s8 = c8 + a0 * b8 + a1 * b7 + a2 * b6 + a3 * b5 + a4 * b4 + a5 * b3 + a6 * b2 + a7 * b1 + a8 * b0; + s9 = c9 + a0 * b9 + a1 * b8 + a2 * b7 + a3 * b6 + a4 * b5 + a5 * b4 + a6 * b3 + a7 * b2 + a8 * b1 + a9 * b0; + s10 = c10 + a0 * b10 + a1 * b9 + a2 * b8 + a3 * b7 + a4 * b6 + a5 * b5 + a6 * b4 + a7 * b3 + a8 * b2 + a9 * b1 + a10 * b0; + s11 = c11 + a0 * b11 + a1 * b10 + a2 * b9 + a3 * b8 + a4 * b7 + a5 * b6 + a6 * b5 + a7 * b4 + a8 * b3 + a9 * b2 + a10 * b1 + a11 * b0; + s12 = a1 * b11 + a2 * b10 + a3 * b9 + a4 * b8 + a5 * b7 + a6 * b6 + a7 * b5 + a8 * b4 + a9 * b3 + a10 * b2 + a11 * b1; + s13 = a2 * b11 + a3 * b10 + a4 * b9 + a5 * b8 + a6 * b7 + a7 * b6 + a8 * b5 + a9 * b4 + a10 * b3 + a11 * b2; + s14 = a3 * b11 + a4 * b10 + a5 * b9 + a6 * b8 + a7 * b7 + a8 * b6 + a9 * b5 + a10 * b4 + a11 * b3; + s15 = a4 * b11 + a5 * b10 + a6 * b9 + a7 * b8 + a8 * b7 + a9 * b6 + a10 * b5 + a11 * b4; + s16 = a5 * b11 + a6 * b10 + a7 * b9 + a8 * b8 + a9 * b7 + a10 * b6 + a11 * b5; + s17 = a6 * b11 + a7 * b10 + a8 * b9 + a9 * b8 + a10 * b7 + a11 * b6; + s18 = a7 * b11 + a8 * b10 + a9 * b9 + a10 * b8 + a11 * b7; + s19 = a8 * b11 + a9 * b10 + a10 * b9 + a11 * b8; + s20 = a9 * b11 + a10 * b10 + a11 * b9; + s21 = a10 * b11 + a11 * b10; + s22 = a11 * b11; + s23 = 0; + carry0 = (s0 + (1 << 20)) >> 21; + s1 += carry0; + s0 -= carry0 << 21; + carry2 = (s2 + (1 << 20)) >> 21; + s3 += carry2; + s2 -= carry2 << 21; + carry4 = (s4 + (1 << 20)) >> 21; + s5 += carry4; + s4 -= carry4 << 21; + carry6 = (s6 + (1 << 20)) >> 21; + s7 += carry6; + s6 -= carry6 << 21; + carry8 = (s8 + (1 << 20)) >> 21; + s9 += carry8; + s8 -= carry8 << 21; + carry10 = (s10 + (1 << 20)) >> 21; + s11 += carry10; + s10 -= carry10 << 21; + carry12 = (s12 + (1 << 20)) >> 21; + s13 += carry12; + s12 -= carry12 << 21; + carry14 = (s14 + (1 << 20)) >> 21; + s15 += carry14; + s14 -= carry14 << 21; + carry16 = (s16 + (1 << 20)) >> 21; + s17 += carry16; + s16 -= carry16 << 21; + carry18 = (s18 + (1 << 20)) >> 21; + s19 += carry18; + s18 -= carry18 << 21; + carry20 = (s20 + (1 << 20)) >> 21; + s21 += carry20; + s20 -= carry20 << 21; + carry22 = (s22 + (1 << 20)) >> 21; + s23 += carry22; + s22 -= carry22 << 21; + carry1 = (s1 + (1 << 20)) >> 21; + s2 += carry1; + s1 -= carry1 << 21; + carry3 = (s3 + (1 << 20)) >> 21; + s4 += carry3; + s3 -= carry3 << 21; + carry5 = (s5 + (1 << 20)) >> 21; + s6 += carry5; + s5 -= carry5 << 21; + carry7 = (s7 + (1 << 20)) >> 21; + s8 += carry7; + s7 -= carry7 << 21; + carry9 = (s9 + (1 << 20)) >> 21; + s10 += carry9; + s9 -= carry9 << 21; + carry11 = (s11 + (1 << 20)) >> 21; + s12 += carry11; + s11 -= carry11 << 21; + carry13 = (s13 + (1 << 20)) >> 21; + s14 += carry13; + s13 -= carry13 << 21; + carry15 = (s15 + (1 << 20)) >> 21; + s16 += carry15; + s15 -= carry15 << 21; + carry17 = (s17 + (1 << 20)) >> 21; + s18 += carry17; + s17 -= carry17 << 21; + carry19 = (s19 + (1 << 20)) >> 21; + s20 += carry19; + s19 -= carry19 << 21; + carry21 = (s21 + (1 << 20)) >> 21; + s22 += carry21; + s21 -= carry21 << 21; + s11 += s23 * 666643; + s12 += s23 * 470296; + s13 += s23 * 654183; + s14 -= s23 * 997805; + s15 += s23 * 136657; + s16 -= s23 * 683901; + s23 = 0; + s10 += s22 * 666643; + s11 += s22 * 470296; + s12 += s22 * 654183; + s13 -= s22 * 997805; + s14 += s22 * 136657; + s15 -= s22 * 683901; + s22 = 0; + s9 += s21 * 666643; + s10 += s21 * 470296; + s11 += s21 * 654183; + s12 -= s21 * 997805; + s13 += s21 * 136657; + s14 -= s21 * 683901; + s21 = 0; + s8 += s20 * 666643; + s9 += s20 * 470296; + s10 += s20 * 654183; + s11 -= s20 * 997805; + s12 += s20 * 136657; + s13 -= s20 * 683901; + s20 = 0; + s7 += s19 * 666643; + s8 += s19 * 470296; + s9 += s19 * 654183; + s10 -= s19 * 997805; + s11 += s19 * 136657; + s12 -= s19 * 683901; + s19 = 0; + s6 += s18 * 666643; + s7 += s18 * 470296; + s8 += s18 * 654183; + s9 -= s18 * 997805; + s10 += s18 * 136657; + s11 -= s18 * 683901; + s18 = 0; + carry6 = (s6 + (1 << 20)) >> 21; + s7 += carry6; + s6 -= carry6 << 21; + carry8 = (s8 + (1 << 20)) >> 21; + s9 += carry8; + s8 -= carry8 << 21; + carry10 = (s10 + (1 << 20)) >> 21; + s11 += carry10; + s10 -= carry10 << 21; + carry12 = (s12 + (1 << 20)) >> 21; + s13 += carry12; + s12 -= carry12 << 21; + carry14 = (s14 + (1 << 20)) >> 21; + s15 += carry14; + s14 -= carry14 << 21; + carry16 = (s16 + (1 << 20)) >> 21; + s17 += carry16; + s16 -= carry16 << 21; + carry7 = (s7 + (1 << 20)) >> 21; + s8 += carry7; + s7 -= carry7 << 21; + carry9 = (s9 + (1 << 20)) >> 21; + s10 += carry9; + s9 -= carry9 << 21; + carry11 = (s11 + (1 << 20)) >> 21; + s12 += carry11; + s11 -= carry11 << 21; + carry13 = (s13 + (1 << 20)) >> 21; + s14 += carry13; + s13 -= carry13 << 21; + carry15 = (s15 + (1 << 20)) >> 21; + s16 += carry15; + s15 -= carry15 << 21; + s5 += s17 * 666643; + s6 += s17 * 470296; + s7 += s17 * 654183; + s8 -= s17 * 997805; + s9 += s17 * 136657; + s10 -= s17 * 683901; + s17 = 0; + s4 += s16 * 666643; + s5 += s16 * 470296; + s6 += s16 * 654183; + s7 -= s16 * 997805; + s8 += s16 * 136657; + s9 -= s16 * 683901; + s16 = 0; + s3 += s15 * 666643; + s4 += s15 * 470296; + s5 += s15 * 654183; + s6 -= s15 * 997805; + s7 += s15 * 136657; + s8 -= s15 * 683901; + s15 = 0; + s2 += s14 * 666643; + s3 += s14 * 470296; + s4 += s14 * 654183; + s5 -= s14 * 997805; + s6 += s14 * 136657; + s7 -= s14 * 683901; + s14 = 0; + s1 += s13 * 666643; + s2 += s13 * 470296; + s3 += s13 * 654183; + s4 -= s13 * 997805; + s5 += s13 * 136657; + s6 -= s13 * 683901; + s13 = 0; + s0 += s12 * 666643; + s1 += s12 * 470296; + s2 += s12 * 654183; + s3 -= s12 * 997805; + s4 += s12 * 136657; + s5 -= s12 * 683901; + s12 = 0; + carry0 = (s0 + (1 << 20)) >> 21; + s1 += carry0; + s0 -= carry0 << 21; + carry2 = (s2 + (1 << 20)) >> 21; + s3 += carry2; + s2 -= carry2 << 21; + carry4 = (s4 + (1 << 20)) >> 21; + s5 += carry4; + s4 -= carry4 << 21; + carry6 = (s6 + (1 << 20)) >> 21; + s7 += carry6; + s6 -= carry6 << 21; + carry8 = (s8 + (1 << 20)) >> 21; + s9 += carry8; + s8 -= carry8 << 21; + carry10 = (s10 + (1 << 20)) >> 21; + s11 += carry10; + s10 -= carry10 << 21; + carry1 = (s1 + (1 << 20)) >> 21; + s2 += carry1; + s1 -= carry1 << 21; + carry3 = (s3 + (1 << 20)) >> 21; + s4 += carry3; + s3 -= carry3 << 21; + carry5 = (s5 + (1 << 20)) >> 21; + s6 += carry5; + s5 -= carry5 << 21; + carry7 = (s7 + (1 << 20)) >> 21; + s8 += carry7; + s7 -= carry7 << 21; + carry9 = (s9 + (1 << 20)) >> 21; + s10 += carry9; + s9 -= carry9 << 21; + carry11 = (s11 + (1 << 20)) >> 21; + s12 += carry11; + s11 -= carry11 << 21; + s0 += s12 * 666643; + s1 += s12 * 470296; + s2 += s12 * 654183; + s3 -= s12 * 997805; + s4 += s12 * 136657; + s5 -= s12 * 683901; + s12 = 0; + carry0 = s0 >> 21; + s1 += carry0; + s0 -= carry0 << 21; + carry1 = s1 >> 21; + s2 += carry1; + s1 -= carry1 << 21; + carry2 = s2 >> 21; + s3 += carry2; + s2 -= carry2 << 21; + carry3 = s3 >> 21; + s4 += carry3; + s3 -= carry3 << 21; + carry4 = s4 >> 21; + s5 += carry4; + s4 -= carry4 << 21; + carry5 = s5 >> 21; + s6 += carry5; + s5 -= carry5 << 21; + carry6 = s6 >> 21; + s7 += carry6; + s6 -= carry6 << 21; + carry7 = s7 >> 21; + s8 += carry7; + s7 -= carry7 << 21; + carry8 = s8 >> 21; + s9 += carry8; + s8 -= carry8 << 21; + carry9 = s9 >> 21; + s10 += carry9; + s9 -= carry9 << 21; + carry10 = s10 >> 21; + s11 += carry10; + s10 -= carry10 << 21; + carry11 = s11 >> 21; + s12 += carry11; + s11 -= carry11 << 21; + s0 += s12 * 666643; + s1 += s12 * 470296; + s2 += s12 * 654183; + s3 -= s12 * 997805; + s4 += s12 * 136657; + s5 -= s12 * 683901; + s12 = 0; + carry0 = s0 >> 21; + s1 += carry0; + s0 -= carry0 << 21; + carry1 = s1 >> 21; + s2 += carry1; + s1 -= carry1 << 21; + carry2 = s2 >> 21; + s3 += carry2; + s2 -= carry2 << 21; + carry3 = s3 >> 21; + s4 += carry3; + s3 -= carry3 << 21; + carry4 = s4 >> 21; + s5 += carry4; + s4 -= carry4 << 21; + carry5 = s5 >> 21; + s6 += carry5; + s5 -= carry5 << 21; + carry6 = s6 >> 21; + s7 += carry6; + s6 -= carry6 << 21; + carry7 = s7 >> 21; + s8 += carry7; + s7 -= carry7 << 21; + carry8 = s8 >> 21; + s9 += carry8; + s8 -= carry8 << 21; + carry9 = s9 >> 21; + s10 += carry9; + s9 -= carry9 << 21; + carry10 = s10 >> 21; + s11 += carry10; + s10 -= carry10 << 21; + + s[0] = (unsigned char) (s0 >> 0); + s[1] = (unsigned char) (s0 >> 8); + s[2] = (unsigned char) ((s0 >> 16) | (s1 << 5)); + s[3] = (unsigned char) (s1 >> 3); + s[4] = (unsigned char) (s1 >> 11); + s[5] = (unsigned char) ((s1 >> 19) | (s2 << 2)); + s[6] = (unsigned char) (s2 >> 6); + s[7] = (unsigned char) ((s2 >> 14) | (s3 << 7)); + s[8] = (unsigned char) (s3 >> 1); + s[9] = (unsigned char) (s3 >> 9); + s[10] = (unsigned char) ((s3 >> 17) | (s4 << 4)); + s[11] = (unsigned char) (s4 >> 4); + s[12] = (unsigned char) (s4 >> 12); + s[13] = (unsigned char) ((s4 >> 20) | (s5 << 1)); + s[14] = (unsigned char) (s5 >> 7); + s[15] = (unsigned char) ((s5 >> 15) | (s6 << 6)); + s[16] = (unsigned char) (s6 >> 2); + s[17] = (unsigned char) (s6 >> 10); + s[18] = (unsigned char) ((s6 >> 18) | (s7 << 3)); + s[19] = (unsigned char) (s7 >> 5); + s[20] = (unsigned char) (s7 >> 13); + s[21] = (unsigned char) (s8 >> 0); + s[22] = (unsigned char) (s8 >> 8); + s[23] = (unsigned char) ((s8 >> 16) | (s9 << 5)); + s[24] = (unsigned char) (s9 >> 3); + s[25] = (unsigned char) (s9 >> 11); + s[26] = (unsigned char) ((s9 >> 19) | (s10 << 2)); + s[27] = (unsigned char) (s10 >> 6); + s[28] = (unsigned char) ((s10 >> 14) | (s11 << 7)); + s[29] = (unsigned char) (s11 >> 1); + s[30] = (unsigned char) (s11 >> 9); + s[31] = (unsigned char) (s11 >> 17); +} diff --git a/src/ed25519/sc.h b/src/ed25519/sc.h new file mode 100644 index 0000000..8fa727e --- /dev/null +++ b/src/ed25519/sc.h @@ -0,0 +1,12 @@ +#ifndef SC_H +#define SC_H + +/* +The set of scalars is \Z/l +where l = 2^252 + 27742317777372353535851937790883648493. +*/ + +void sc_reduce(unsigned char *s); +void sc_muladd(unsigned char *s, const unsigned char *a, const unsigned char *b, const unsigned char *c); + +#endif \ No newline at end of file diff --git a/src/ed25519/sha512.c b/src/ed25519/sha512.c new file mode 100644 index 0000000..cb8ae71 --- /dev/null +++ b/src/ed25519/sha512.c @@ -0,0 +1,275 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtom.org + */ + +#include "fixedint.h" +#include "sha512.h" + +/* the K array */ +static const uint64_t K[80] = { + UINT64_C(0x428a2f98d728ae22), UINT64_C(0x7137449123ef65cd), + UINT64_C(0xb5c0fbcfec4d3b2f), UINT64_C(0xe9b5dba58189dbbc), + UINT64_C(0x3956c25bf348b538), UINT64_C(0x59f111f1b605d019), + UINT64_C(0x923f82a4af194f9b), UINT64_C(0xab1c5ed5da6d8118), + UINT64_C(0xd807aa98a3030242), UINT64_C(0x12835b0145706fbe), + UINT64_C(0x243185be4ee4b28c), UINT64_C(0x550c7dc3d5ffb4e2), + UINT64_C(0x72be5d74f27b896f), UINT64_C(0x80deb1fe3b1696b1), + UINT64_C(0x9bdc06a725c71235), UINT64_C(0xc19bf174cf692694), + UINT64_C(0xe49b69c19ef14ad2), UINT64_C(0xefbe4786384f25e3), + UINT64_C(0x0fc19dc68b8cd5b5), UINT64_C(0x240ca1cc77ac9c65), + UINT64_C(0x2de92c6f592b0275), UINT64_C(0x4a7484aa6ea6e483), + UINT64_C(0x5cb0a9dcbd41fbd4), UINT64_C(0x76f988da831153b5), + UINT64_C(0x983e5152ee66dfab), UINT64_C(0xa831c66d2db43210), + UINT64_C(0xb00327c898fb213f), UINT64_C(0xbf597fc7beef0ee4), + UINT64_C(0xc6e00bf33da88fc2), UINT64_C(0xd5a79147930aa725), + UINT64_C(0x06ca6351e003826f), UINT64_C(0x142929670a0e6e70), + UINT64_C(0x27b70a8546d22ffc), UINT64_C(0x2e1b21385c26c926), + UINT64_C(0x4d2c6dfc5ac42aed), UINT64_C(0x53380d139d95b3df), + UINT64_C(0x650a73548baf63de), UINT64_C(0x766a0abb3c77b2a8), + UINT64_C(0x81c2c92e47edaee6), UINT64_C(0x92722c851482353b), + UINT64_C(0xa2bfe8a14cf10364), UINT64_C(0xa81a664bbc423001), + UINT64_C(0xc24b8b70d0f89791), UINT64_C(0xc76c51a30654be30), + UINT64_C(0xd192e819d6ef5218), UINT64_C(0xd69906245565a910), + UINT64_C(0xf40e35855771202a), UINT64_C(0x106aa07032bbd1b8), + UINT64_C(0x19a4c116b8d2d0c8), UINT64_C(0x1e376c085141ab53), + UINT64_C(0x2748774cdf8eeb99), UINT64_C(0x34b0bcb5e19b48a8), + UINT64_C(0x391c0cb3c5c95a63), UINT64_C(0x4ed8aa4ae3418acb), + UINT64_C(0x5b9cca4f7763e373), UINT64_C(0x682e6ff3d6b2b8a3), + UINT64_C(0x748f82ee5defb2fc), UINT64_C(0x78a5636f43172f60), + UINT64_C(0x84c87814a1f0ab72), UINT64_C(0x8cc702081a6439ec), + UINT64_C(0x90befffa23631e28), UINT64_C(0xa4506cebde82bde9), + UINT64_C(0xbef9a3f7b2c67915), UINT64_C(0xc67178f2e372532b), + UINT64_C(0xca273eceea26619c), UINT64_C(0xd186b8c721c0c207), + UINT64_C(0xeada7dd6cde0eb1e), UINT64_C(0xf57d4f7fee6ed178), + UINT64_C(0x06f067aa72176fba), UINT64_C(0x0a637dc5a2c898a6), + UINT64_C(0x113f9804bef90dae), UINT64_C(0x1b710b35131c471b), + UINT64_C(0x28db77f523047d84), UINT64_C(0x32caab7b40c72493), + UINT64_C(0x3c9ebe0a15c9bebc), UINT64_C(0x431d67c49c100d4c), + UINT64_C(0x4cc5d4becb3e42b6), UINT64_C(0x597f299cfc657e2a), + UINT64_C(0x5fcb6fab3ad6faec), UINT64_C(0x6c44198c4a475817) +}; + +/* Various logical functions */ + +#define ROR64c(x, y) \ + ( ((((x)&UINT64_C(0xFFFFFFFFFFFFFFFF))>>((uint64_t)(y)&UINT64_C(63))) | \ + ((x)<<((uint64_t)(64-((y)&UINT64_C(63)))))) & UINT64_C(0xFFFFFFFFFFFFFFFF)) + +#define STORE64H(x, y) \ + { (y)[0] = (unsigned char)(((x)>>56)&255); (y)[1] = (unsigned char)(((x)>>48)&255); \ + (y)[2] = (unsigned char)(((x)>>40)&255); (y)[3] = (unsigned char)(((x)>>32)&255); \ + (y)[4] = (unsigned char)(((x)>>24)&255); (y)[5] = (unsigned char)(((x)>>16)&255); \ + (y)[6] = (unsigned char)(((x)>>8)&255); (y)[7] = (unsigned char)((x)&255); } + +#define LOAD64H(x, y) \ + { x = (((uint64_t)((y)[0] & 255))<<56)|(((uint64_t)((y)[1] & 255))<<48) | \ + (((uint64_t)((y)[2] & 255))<<40)|(((uint64_t)((y)[3] & 255))<<32) | \ + (((uint64_t)((y)[4] & 255))<<24)|(((uint64_t)((y)[5] & 255))<<16) | \ + (((uint64_t)((y)[6] & 255))<<8)|(((uint64_t)((y)[7] & 255))); } + + +#define Ch(x,y,z) (z ^ (x & (y ^ z))) +#define Maj(x,y,z) (((x | y) & z) | (x & y)) +#define S(x, n) ROR64c(x, n) +#define R(x, n) (((x) &UINT64_C(0xFFFFFFFFFFFFFFFF))>>((uint64_t)n)) +#define Sigma0(x) (S(x, 28) ^ S(x, 34) ^ S(x, 39)) +#define Sigma1(x) (S(x, 14) ^ S(x, 18) ^ S(x, 41)) +#define Gamma0(x) (S(x, 1) ^ S(x, 8) ^ R(x, 7)) +#define Gamma1(x) (S(x, 19) ^ S(x, 61) ^ R(x, 6)) +#ifndef MIN + #define MIN(x, y) ( ((x)<(y))?(x):(y) ) +#endif + +/* compress 1024-bits */ +static int sha512_compress(sha512_context *md, unsigned char *buf) +{ + uint64_t S[8], W[80], t0, t1; + int i; + + /* copy state into S */ + for (i = 0; i < 8; i++) { + S[i] = md->state[i]; + } + + /* copy the state into 1024-bits into W[0..15] */ + for (i = 0; i < 16; i++) { + LOAD64H(W[i], buf + (8*i)); + } + + /* fill W[16..79] */ + for (i = 16; i < 80; i++) { + W[i] = Gamma1(W[i - 2]) + W[i - 7] + Gamma0(W[i - 15]) + W[i - 16]; + } + +/* Compress */ + #define RND(a,b,c,d,e,f,g,h,i) \ + t0 = h + Sigma1(e) + Ch(e, f, g) + K[i] + W[i]; \ + t1 = Sigma0(a) + Maj(a, b, c);\ + d += t0; \ + h = t0 + t1; + + for (i = 0; i < 80; i += 8) { + RND(S[0],S[1],S[2],S[3],S[4],S[5],S[6],S[7],i+0); + RND(S[7],S[0],S[1],S[2],S[3],S[4],S[5],S[6],i+1); + RND(S[6],S[7],S[0],S[1],S[2],S[3],S[4],S[5],i+2); + RND(S[5],S[6],S[7],S[0],S[1],S[2],S[3],S[4],i+3); + RND(S[4],S[5],S[6],S[7],S[0],S[1],S[2],S[3],i+4); + RND(S[3],S[4],S[5],S[6],S[7],S[0],S[1],S[2],i+5); + RND(S[2],S[3],S[4],S[5],S[6],S[7],S[0],S[1],i+6); + RND(S[1],S[2],S[3],S[4],S[5],S[6],S[7],S[0],i+7); + } + + #undef RND + + + + /* feedback */ + for (i = 0; i < 8; i++) { + md->state[i] = md->state[i] + S[i]; + } + + return 0; +} + + +/** + Initialize the hash state + @param md The hash state you wish to initialize + @return 0 if successful +*/ +int sha512_init(sha512_context * md) { + if (md == NULL) return 1; + + md->curlen = 0; + md->length = 0; + md->state[0] = UINT64_C(0x6a09e667f3bcc908); + md->state[1] = UINT64_C(0xbb67ae8584caa73b); + md->state[2] = UINT64_C(0x3c6ef372fe94f82b); + md->state[3] = UINT64_C(0xa54ff53a5f1d36f1); + md->state[4] = UINT64_C(0x510e527fade682d1); + md->state[5] = UINT64_C(0x9b05688c2b3e6c1f); + md->state[6] = UINT64_C(0x1f83d9abfb41bd6b); + md->state[7] = UINT64_C(0x5be0cd19137e2179); + + return 0; +} + +/** + Process a block of memory though the hash + @param md The hash state + @param in The data to hash + @param inlen The length of the data (octets) + @return 0 if successful +*/ +int sha512_update (sha512_context * md, const unsigned char *in, size_t inlen) +{ + size_t n; + size_t i; + int err; + if (md == NULL) return 1; + if (in == NULL) return 1; + if (md->curlen > sizeof(md->buf)) { + return 1; + } + while (inlen > 0) { + if (md->curlen == 0 && inlen >= 128) { + if ((err = sha512_compress (md, (unsigned char *)in)) != 0) { + return err; + } + md->length += 128 * 8; + in += 128; + inlen -= 128; + } else { + n = MIN(inlen, (128 - md->curlen)); + + for (i = 0; i < n; i++) { + md->buf[i + md->curlen] = in[i]; + } + + + md->curlen += n; + in += n; + inlen -= n; + if (md->curlen == 128) { + if ((err = sha512_compress (md, md->buf)) != 0) { + return err; + } + md->length += 8*128; + md->curlen = 0; + } + } + } + return 0; +} + +/** + Terminate the hash to get the digest + @param md The hash state + @param out [out] The destination of the hash (64 bytes) + @return 0 if successful +*/ + int sha512_final(sha512_context * md, unsigned char *out) + { + int i; + + if (md == NULL) return 1; + if (out == NULL) return 1; + + if (md->curlen >= sizeof(md->buf)) { + return 1; + } + + /* increase the length of the message */ + md->length += md->curlen * UINT64_C(8); + + /* append the '1' bit */ + md->buf[md->curlen++] = (unsigned char)0x80; + + /* if the length is currently above 112 bytes we append zeros + * then compress. Then we can fall back to padding zeros and length + * encoding like normal. + */ + if (md->curlen > 112) { + while (md->curlen < 128) { + md->buf[md->curlen++] = (unsigned char)0; + } + sha512_compress(md, md->buf); + md->curlen = 0; + } + + /* pad upto 120 bytes of zeroes + * note: that from 112 to 120 is the 64 MSB of the length. We assume that you won't hash + * > 2^64 bits of data... :-) + */ +while (md->curlen < 120) { + md->buf[md->curlen++] = (unsigned char)0; +} + + /* store length */ +STORE64H(md->length, md->buf+120); +sha512_compress(md, md->buf); + + /* copy output */ +for (i = 0; i < 8; i++) { + STORE64H(md->state[i], out+(8*i)); +} + +return 0; +} + +int sha512(const unsigned char *message, size_t message_len, unsigned char *out) +{ + sha512_context ctx; + int ret; + if ((ret = sha512_init(&ctx))) return ret; + if ((ret = sha512_update(&ctx, message, message_len))) return ret; + if ((ret = sha512_final(&ctx, out))) return ret; + return 0; +} diff --git a/src/ed25519/sha512.h b/src/ed25519/sha512.h new file mode 100644 index 0000000..e56b00e --- /dev/null +++ b/src/ed25519/sha512.h @@ -0,0 +1,21 @@ +#ifndef SHA512_H +#define SHA512_H + +#include + +#include "fixedint.h" + +/* state */ +typedef struct sha512_context_ { + uint64_t length, state[8]; + size_t curlen; + unsigned char buf[128]; +} sha512_context; + + +int sha512_init(sha512_context * md); +int sha512_final(sha512_context * md, unsigned char *out); +int sha512_update(sha512_context * md, const unsigned char *in, size_t inlen); +int sha512(const unsigned char *message, size_t message_len, unsigned char *out); + +#endif \ No newline at end of file diff --git a/src/ed25519/sign.c b/src/ed25519/sign.c new file mode 100644 index 0000000..199a839 --- /dev/null +++ b/src/ed25519/sign.c @@ -0,0 +1,31 @@ +#include "ed25519.h" +#include "sha512.h" +#include "ge.h" +#include "sc.h" + + +void ed25519_sign(unsigned char *signature, const unsigned char *message, size_t message_len, const unsigned char *public_key, const unsigned char *private_key) { + sha512_context hash; + unsigned char hram[64]; + unsigned char r[64]; + ge_p3 R; + + + sha512_init(&hash); + sha512_update(&hash, private_key + 32, 32); + sha512_update(&hash, message, message_len); + sha512_final(&hash, r); + + sc_reduce(r); + ge_scalarmult_base(&R, r); + ge_p3_tobytes(signature, &R); + + sha512_init(&hash); + sha512_update(&hash, signature, 32); + sha512_update(&hash, public_key, 32); + sha512_update(&hash, message, message_len); + sha512_final(&hash, hram); + + sc_reduce(hram); + sc_muladd(signature + 32, hram, private_key, r); +} diff --git a/src/ed25519/verify.c b/src/ed25519/verify.c new file mode 100644 index 0000000..32f988e --- /dev/null +++ b/src/ed25519/verify.c @@ -0,0 +1,77 @@ +#include "ed25519.h" +#include "sha512.h" +#include "ge.h" +#include "sc.h" + +static int consttime_equal(const unsigned char *x, const unsigned char *y) { + unsigned char r = 0; + + r = x[0] ^ y[0]; + #define F(i) r |= x[i] ^ y[i] + F(1); + F(2); + F(3); + F(4); + F(5); + F(6); + F(7); + F(8); + F(9); + F(10); + F(11); + F(12); + F(13); + F(14); + F(15); + F(16); + F(17); + F(18); + F(19); + F(20); + F(21); + F(22); + F(23); + F(24); + F(25); + F(26); + F(27); + F(28); + F(29); + F(30); + F(31); + #undef F + + return !r; +} + +int ed25519_verify(const unsigned char *signature, const unsigned char *message, size_t message_len, const unsigned char *public_key) { + unsigned char h[64]; + unsigned char checker[32]; + sha512_context hash; + ge_p3 A; + ge_p2 R; + + if (signature[63] & 224) { + return 0; + } + + if (ge_frombytes_negate_vartime(&A, public_key) != 0) { + return 0; + } + + sha512_init(&hash); + sha512_update(&hash, signature, 32); + sha512_update(&hash, public_key, 32); + sha512_update(&hash, message, message_len); + sha512_final(&hash, h); + + sc_reduce(h); + ge_double_scalarmult_vartime(&R, h, &A, signature + 32); + ge_tobytes(checker, &R); + + if (!consttime_equal(checker, signature)) { + return 0; + } + + return 1; +} diff --git a/src/edge.c b/src/edge.c index f185b4f..2eaae5d 100644 --- a/src/edge.c +++ b/src/edge.c @@ -110,11 +110,13 @@ bool dump_edges(connection_t *c) { for splay_each(node_t, n, node_tree) { for splay_each(edge_t, e, n->edge_tree) { char *address = sockaddr2hostname(&e->address); - send_request(c, "%d %d %s %s %s %x %d", + char* local_address = sockaddr2hostname(&e->local_address); + send_request(c, "%d %d %s %s %s %s %x %d", CONTROL, REQ_DUMP_EDGES, e->from->name, e->to->name, address, - e->options, e->weight); + local_address, e->options, e->weight); free(address); + free(local_address); } } diff --git a/src/edge.h b/src/edge.h index cbd9e5a..ed46b8a 100644 --- a/src/edge.h +++ b/src/edge.h @@ -30,6 +30,7 @@ typedef struct edge_t { struct node_t *from; struct node_t *to; sockaddr_t address; + sockaddr_t local_address; uint32_t options; /* options turned on for this edge */ int weight; /* weight of this edge */ diff --git a/src/event.c b/src/event.c index 5a1e4f5..60d357d 100644 --- a/src/event.c +++ b/src/event.c @@ -23,15 +23,26 @@ #include "event.h" #include "net.h" #include "utils.h" +#include "xalloc.h" struct timeval now; +#ifndef HAVE_MINGW static fd_set readfds; static fd_set writefds; -static volatile bool running; +#else +static const long READ_EVENTS = FD_READ | FD_ACCEPT | FD_CLOSE; +static const long WRITE_EVENTS = FD_WRITE | FD_CONNECT; +static DWORD event_count = 0; +#endif +static bool running; static int io_compare(const io_t *a, const io_t *b) { +#ifndef HAVE_MINGW return a->fd - b->fd; +#else + return a->event - b->event; +#endif } static int timeout_compare(const timeout_t *a, const timeout_t *b) { @@ -60,6 +71,14 @@ void io_add(io_t *io, io_cb_t cb, void *data, int fd, int flags) { return; io->fd = fd; +#ifdef HAVE_MINGW + if (io->fd != -1) { + io->event = WSACreateEvent(); + if (io->event == WSA_INVALID_EVENT) + abort(); + } + event_count++; +#endif io->cb = cb; io->data = data; io->node.data = io; @@ -70,9 +89,21 @@ void io_add(io_t *io, io_cb_t cb, void *data, int fd, int flags) { abort(); } -void io_set(io_t *io, int flags) { - io->flags = flags; +#ifdef HAVE_MINGW +void io_add_event(io_t *io, io_cb_t cb, void *data, WSAEVENT event) { + io->event = event; + io_add(io, cb, data, -1, 0); +} +#endif +void io_set(io_t *io, int flags) { + if (flags == io->flags) + return; + io->flags = flags; + if (io->fd == -1) + return; + +#ifndef HAVE_MINGW if(flags & IO_READ) FD_SET(io->fd, &readfds); else @@ -82,6 +113,15 @@ void io_set(io_t *io, int flags) { FD_SET(io->fd, &writefds); else FD_CLR(io->fd, &writefds); +#else + long events = 0; + if (flags & IO_WRITE) + events |= WRITE_EVENTS; + if (flags & IO_READ) + events |= READ_EVENTS; + if (WSAEventSelect(io->fd, io->event, events) != 0) + abort(); +#endif } void io_del(io_t *io) { @@ -89,6 +129,11 @@ void io_del(io_t *io) { return; io_set(io, 0); +#ifdef HAVE_MINGW + if (io->fd != -1 && WSACloseEvent(io->event) == FALSE) + abort(); + event_count--; +#endif splay_unlink_node(&io_tree, &io->node); io->cb = NULL; @@ -182,30 +227,37 @@ void signal_del(signal_t *sig) { } #endif +static struct timeval * get_time_remaining(struct timeval *diff) { + gettimeofday(&now, NULL); + struct timeval *tv = NULL; + + while(timeout_tree.head) { + timeout_t *timeout = timeout_tree.head->data; + timersub(&timeout->tv, &now, diff); + + if(diff->tv_sec < 0) { + timeout->cb(timeout->data); + if(timercmp(&timeout->tv, &now, <)) + timeout_del(timeout); + } else { + tv = diff; + break; + } + } + + return tv; +} + bool event_loop(void) { running = true; +#ifndef HAVE_MINGW fd_set readable; fd_set writable; while(running) { - gettimeofday(&now, NULL); - struct timeval diff, *tv = NULL; - - while(timeout_tree.head) { - timeout_t *timeout = timeout_tree.head->data; - timersub(&timeout->tv, &now, &diff); - - if(diff.tv_sec < 0) { - timeout->cb(timeout->data); - if(timercmp(&timeout->tv, &now, <)) - timeout_del(timeout); - } else { - tv = &diff; - break; - } - } - + struct timeval diff; + struct timeval *tv = get_time_remaining(&diff); memcpy(&readable, &readfds, sizeof readable); memcpy(&writable, &writefds, sizeof writable); @@ -216,16 +268,10 @@ bool event_loop(void) { fds = last->fd + 1; } -#ifdef HAVE_MINGW - LeaveCriticalSection(&mutex); -#endif int n = select(fds, &readable, &writable, NULL, tv); -#ifdef HAVE_MINGW - EnterCriticalSection(&mutex); -#endif if(n < 0) { - if(sockwouldblock(errno)) + if(sockwouldblock(sockerrno)) continue; else return false; @@ -241,16 +287,77 @@ bool event_loop(void) { io->cb(io->data, IO_READ); } } +#else + while (running) { + struct timeval diff; + struct timeval *tv = get_time_remaining(&diff); + DWORD timeout_ms = tv ? (tv->tv_sec * 1000 + tv->tv_usec / 1000 + 1) : WSA_INFINITE; + + if (!event_count) { + Sleep(timeout_ms); + continue; + } + + /* + For some reason, Microsoft decided to make the FD_WRITE event edge-triggered instead of level-triggered, + which is the opposite of what select() does. In practice, that means that if a FD_WRITE event triggers, + it will never trigger again until a send() returns EWOULDBLOCK. Since the semantics of this event loop + is that write events are level-triggered (i.e. they continue firing until the socket is full), we need + to emulate these semantics by making sure we fire each IO_WRITE that is still writeable. + + Note that technically FD_CLOSE has the same problem, but it's okay because user code does not rely on + this event being fired again if ignored. + */ + io_t* writeable_io = NULL; + for splay_each(io_t, io, &io_tree) + if (io->flags & IO_WRITE && send(io->fd, NULL, 0, 0) == 0) { + writeable_io = io; + break; + } + if (writeable_io) { + writeable_io->cb(writeable_io->data, IO_WRITE); + continue; + } + + WSAEVENT* events = xmalloc(event_count * sizeof(*events)); + DWORD event_index = 0; + for splay_each(io_t, io, &io_tree) { + events[event_index] = io->event; + event_index++; + } + + DWORD result = WSAWaitForMultipleEvents(event_count, events, FALSE, timeout_ms, FALSE); + + WSAEVENT event; + if (result >= WSA_WAIT_EVENT_0 && result < WSA_WAIT_EVENT_0 + event_count) + event = events[result - WSA_WAIT_EVENT_0]; + free(events); + if (result == WSA_WAIT_TIMEOUT) + continue; + if (result < WSA_WAIT_EVENT_0 || result >= WSA_WAIT_EVENT_0 + event_count) + return false; + + io_t *io = splay_search(&io_tree, &((io_t){.event = event})); + if (!io) + abort(); + + if (io->fd == -1) { + io->cb(io->data, 0); + } else { + WSANETWORKEVENTS network_events; + if (WSAEnumNetworkEvents(io->fd, io->event, &network_events) != 0) + return false; + if (network_events.lNetworkEvents & WRITE_EVENTS) + io->cb(io->data, IO_WRITE); + if (network_events.lNetworkEvents & READ_EVENTS) + io->cb(io->data, IO_READ); + } + } +#endif return true; } -void event_flush_output(void) { - for splay_each(io_t, io, &io_tree) - if(FD_ISSET(io->fd, &writefds)) - io->cb(io->data, IO_WRITE); -} - void event_exit(void) { running = false; } diff --git a/src/event.h b/src/event.h index c6522c0..0ff8e01 100644 --- a/src/event.h +++ b/src/event.h @@ -32,6 +32,9 @@ typedef void (*signal_cb_t)(void *data); typedef struct io_t { int fd; int flags; +#ifdef HAVE_MINGW + WSAEVENT event; +#endif io_cb_t cb; void *data; splay_node_t node; @@ -54,6 +57,9 @@ typedef struct signal_t { extern struct timeval now; extern void io_add(io_t *io, io_cb_t cb, void *data, int fd, int flags); +#ifdef HAVE_MINGW +extern void io_add_event(io_t *io, io_cb_t cb, void* data, WSAEVENT event); +#endif extern void io_del(io_t *io); extern void io_set(io_t *io, int flags); @@ -65,7 +71,6 @@ extern void signal_add(signal_t *sig, signal_cb_t cb, void *data, int signum); extern void signal_del(signal_t *sig); extern bool event_loop(void); -extern void event_flush_output(void); extern void event_exit(void); #endif diff --git a/src/graph.c b/src/graph.c index 396e35a..70d6573 100644 --- a/src/graph.c +++ b/src/graph.c @@ -176,9 +176,13 @@ static void sssp_bfs(void) { && (e->to->distance != n->distance + 1 || e->weight >= e->to->prevedge->weight)) continue; + // Only update nexthop if it doesn't increase the path length + + if(!e->to->status.visited || (e->to->distance == n->distance + 1 && e->weight >= e->to->prevedge->weight)) + e->to->nexthop = (n->nexthop == myself) ? e->to : n->nexthop; + e->to->status.visited = true; e->to->status.indirect = indirect; - e->to->nexthop = (n->nexthop == myself) ? e->to : n->nexthop; e->to->prevedge = e; e->to->via = indirect ? n->via : e->to; e->to->options = e->options; @@ -200,6 +204,9 @@ static void sssp_bfs(void) { static void check_reachability(void) { /* Check reachability status. */ + int reachable_count = 0; + int became_reachable_count = 0; + int became_unreachable_count = 0; for splay_each(node_t, n, node_tree) { if(n->status.visited != n->status.reachable) { n->status.reachable = !n->status.reachable; @@ -208,9 +215,13 @@ static void check_reachability(void) { if(n->status.reachable) { logger(DEBUG_TRAFFIC, LOG_DEBUG, "Node %s (%s) became reachable", n->name, n->hostname); + if (n != myself) + became_reachable_count++; } else { logger(DEBUG_TRAFFIC, LOG_DEBUG, "Node %s (%s) became unreachable", n->name, n->hostname); + if (n != myself) + became_unreachable_count++; } if(experimental && OPTION_VERSION(n->options) >= 2) @@ -264,15 +275,18 @@ static void check_reachability(void) { update_node_udp(n, NULL); memset(&n->status, 0, sizeof n->status); n->options = 0; - } else if(n->connection) { - if(n->status.sptps) { - if(n->connection->outgoing) - send_req_key(n); - } else { - send_ans_key(n); - } } } + + if(n->status.reachable && n != myself) + reachable_count++; + } + + if (device_standby) { + if (reachable_count == 0 && became_unreachable_count > 0) + device_disable(); + else if (reachable_count > 0 && reachable_count == became_reachable_count) + device_enable(); } } diff --git a/src/hash.c b/src/hash.c index 8fb9ca6..91fc3d6 100644 --- a/src/hash.c +++ b/src/hash.c @@ -91,6 +91,13 @@ void *hash_search_or_insert(hash_t *hash, const void *key, const void *value) { return NULL; } +/* Deleting */ + +void hash_delete(hash_t *hash, const void *key) { + uint32_t i = modulo(hash_function(key, hash->size), hash->n); + hash->values[i] = NULL; +} + /* Utility functions */ void hash_clear(hash_t *hash) { diff --git a/src/hash.h b/src/hash.h index 83ed6af..30a15fb 100644 --- a/src/hash.h +++ b/src/hash.h @@ -31,6 +31,7 @@ extern hash_t *hash_alloc(size_t n, size_t size) __attribute__ ((__malloc__)); extern void hash_free(hash_t *); extern void hash_insert(hash_t *, const void *key, const void *value); +extern void hash_delete(hash_t *, const void *key); extern void *hash_search(const hash_t *, const void *key); extern void *hash_search_or_insert(hash_t *, const void *key, const void *value); diff --git a/src/have.h b/src/have.h index 3ada63a..85479f7 100644 --- a/src/have.h +++ b/src/have.h @@ -39,6 +39,7 @@ #include #include #include +#include #ifdef HAVE_MINGW #include diff --git a/src/info.c b/src/info.c index af085bc..b9a6fcf 100644 --- a/src/info.c +++ b/src/info.c @@ -24,6 +24,7 @@ #include "subnet.h" #include "tincctl.h" #include "info.h" +#include "utils.h" #include "xalloc.h" void logger(int level, int priority, const char *format, ...) { @@ -49,6 +50,7 @@ static int info_node(int fd, const char *item) { char line[4096]; char node[4096]; + char id[4096]; char from[4096]; char to[4096]; char subnet[4096]; @@ -67,12 +69,12 @@ static int info_node(int fd, const char *item) { long int last_state_change; while(recvline(fd, line, sizeof line)) { - int n = sscanf(line, "%d %d %s %s port %s %d %d %d %d %x %"PRIx32" %s %s %d %hd %hd %hd %ld", &code, &req, node, host, port, &cipher, &digest, &maclength, &compression, &options, &status_union.raw, nexthop, via, &distance, &pmtu, &minmtu, &maxmtu, &last_state_change); + int n = sscanf(line, "%d %d %s %s %s port %s %d %d %d %d %x %"PRIx32" %s %s %d %hd %hd %hd %ld", &code, &req, node, id, host, port, &cipher, &digest, &maclength, &compression, &options, &status_union.raw, nexthop, via, &distance, &pmtu, &minmtu, &maxmtu, &last_state_change); if(n == 2) break; - if(n != 18) { + if(n != 19) { fprintf(stderr, "Unable to parse node dump from tincd.\n"); return 1; } @@ -94,6 +96,7 @@ static int info_node(int fd, const char *item) { } printf("Node: %s\n", item); + printf("Node ID: %s\n", id); printf("Address: %s port %s\n", host, port); char timestr[32] = "never"; diff --git a/src/invitation.c b/src/invitation.c index 59bcf45..dff8d5f 100644 --- a/src/invitation.c +++ b/src/invitation.c @@ -1,6 +1,6 @@ /* invitation.c -- Create and accept invitations - Copyright (C) 2013 Guus Sliepen + Copyright (C) 2013-2014 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -142,12 +142,19 @@ char *get_my_hostname() { } } + if(!tty) { + if(!hostname) { + fprintf(stderr, "Could not determine the external address or hostname. Please set Address manually.\n"); + return NULL; + } + goto save; + } + again: - printf("Please enter your host's external address or hostname"); + fprintf(stderr, "Please enter your host's external address or hostname"); if(hostname) - printf(" [%s]", hostname); - printf(": "); - fflush(stdout); + fprintf(stderr, " [%s]", hostname); + fprintf(stderr, ": "); if(!fgets(line, sizeof line, stdin)) { fprintf(stderr, "Error while reading stdin: %s\n", strerror(errno)); @@ -190,8 +197,10 @@ done: else xasprintf(&hostport, "%s:%s", hostname, port); } else { - hostport = hostname; - hostname = NULL; + if(strchr(hostname, ':')) + xasprintf(&hostport, "[%s]", hostname); + else + hostport = xstrdup(hostname); } free(hostname); @@ -241,7 +250,7 @@ int cmd_invite(int argc, char *argv[]) { } free(filename); - // If a daemon is running, ensure no other nodes now about this name + // If a daemon is running, ensure no other nodes know about this name bool found = false; if(connect_tincd(false)) { sendline(fd, "%d %d", CONTROL, REQ_DUMP_NODES); @@ -312,7 +321,7 @@ int cmd_invite(int argc, char *argv[]) { free(filename); ecdsa_t *key; - xasprintf(&filename, "%s" SLASH "invitations" SLASH "ecdsa_key.priv", confbase); + xasprintf(&filename, "%s" SLASH "invitations" SLASH "ed25519_key.priv", confbase); // Remove the key if there are no outstanding invitations. if(!count) @@ -404,8 +413,12 @@ int cmd_invite(int argc, char *argv[]) { char buf[1024]; while(fgets(buf, sizeof buf, tc)) { if((!strncasecmp(buf, "Mode", 4) && strchr(" \t=", buf[4])) - || (!strncasecmp(buf, "Broadcast", 9) && strchr(" \t=", buf[9]))) + || (!strncasecmp(buf, "Broadcast", 9) && strchr(" \t=", buf[9]))) { fputs(buf, f); + // Make sure there is a newline character. + if(!strchr(buf, '\n')) + fputc('\n', f); + } } fclose(tc); } @@ -567,7 +580,7 @@ make_names: if(!access(tinc_conf, F_OK)) { fprintf(stderr, "Configuration file %s already exists!\n", tinc_conf); - if(!tty || confbasegiven) + if(confbasegiven) return false; // Generate a random netname, ask for a better one later. @@ -600,6 +613,7 @@ make_names: FILE *fh = fopen(filename, "w"); if(!fh) { fprintf(stderr, "Could not create file %s: %s\n", filename, strerror(errno)); + fclose(f); return false; } @@ -709,7 +723,7 @@ make_names: if(!b64key) return false; - xasprintf(&filename, "%s" SLASH "ecdsa_key.priv", confbase); + xasprintf(&filename, "%s" SLASH "ed25519_key.priv", confbase); f = fopenmask(filename, "w", 0600); if(!ecdsa_write_pem_private_key(key, f)) { @@ -721,7 +735,7 @@ make_names: fclose(f); - fprintf(fh, "ECDSAPublicKey = %s\n", b64key); + fprintf(fh, "Ed25519PublicKey = %s\n", b64key); sptps_send_record(&sptps, 1, b64key, strlen(b64key)); free(b64key); @@ -743,7 +757,7 @@ make_names: check_port(name); ask_netname: - if(ask_netname) { + if(ask_netname && tty) { fprintf(stderr, "Enter a new netname: "); if(!fgets(line, sizeof line, stdin)) { fprintf(stderr, "Error while reading stdin: %s\n", strerror(errno)); @@ -767,11 +781,13 @@ ask_netname: make_names(); } + fprintf(stderr, "Configuration stored in: %s\n", confbase); + return true; } -static bool invitation_send(void *handle, uint8_t type, const char *data, size_t len) { +static bool invitation_send(void *handle, uint8_t type, const void *data, size_t len) { while(len) { int result = send(sock, data, len, 0); if(result == -1 && errno == EINTR) @@ -784,7 +800,7 @@ static bool invitation_send(void *handle, uint8_t type, const char *data, size_t return true; } -static bool invitation_receive(void *handle, uint8_t type, const char *msg, uint16_t len) { +static bool invitation_receive(void *handle, uint8_t type, const void *msg, uint16_t len) { switch(type) { case SPTPS_HANDSHAKE: return sptps_send_record(&sptps, 0, cookie, sizeof cookie); @@ -850,10 +866,8 @@ int cmd_join(int argc, char *argv[]) { if(argc > 1) { invitation = argv[1]; } else { - if(tty) { - printf("Enter invitation URL: "); - fflush(stdout); - } + if(tty) + fprintf(stderr, "Enter invitation URL: "); errno = EPIPE; if(!fgets(line, sizeof line, stdin)) { fprintf(stderr, "Error while reading stdin: %s\n", strerror(errno)); @@ -893,7 +907,7 @@ int cmd_join(int argc, char *argv[]) { if(!port || !*port) port = "655"; - if(!b64decode(slash, hash, 18) || !b64decode(slash + 24, cookie, 18)) + if(!b64decode(slash, hash, 24) || !b64decode(slash + 24, cookie, 24)) goto invalid; // Generate a throw-away key for the invitation. diff --git a/src/linux/device.c b/src/linux/device.c index 127e3e8..5717d92 100644 --- a/src/linux/device.c +++ b/src/linux/device.c @@ -1,7 +1,7 @@ /* device.c -- Interaction with Linux ethertap and tun/tap device Copyright (C) 2001-2005 Ivo Timmermans, - 2001-2013 Guus Sliepen + 2001-2014 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -46,11 +46,6 @@ static char *type = NULL; static char ifrname[IFNAMSIZ]; static char *device_info; -uint64_t device_in_packets = 0; -uint64_t device_in_bytes = 0; -uint64_t device_out_packets = 0; -uint64_t device_out_bytes = 0; - static bool setup_device(void) { if(!get_config_string(lookup_config(config_tree, "Device"), &device)) device = xstrdup(DEFAULT_DEVICE); @@ -110,15 +105,25 @@ static bool setup_device(void) { logger(DEBUG_ALWAYS, LOG_INFO, "%s is a %s", device, device_info); + if(ifr.ifr_flags & IFF_TAP) { + struct ifreq ifr_mac = {}; + if(!ioctl(device_fd, SIOCGIFHWADDR, &ifr_mac)) + memcpy(mymac.x, ifr_mac.ifr_hwaddr.sa_data, ETH_ALEN); + else + logger(DEBUG_ALWAYS, LOG_WARNING, "Could not get MAC address of %s: %s", device, strerror(errno)); + } + return true; } static void close_device(void) { close(device_fd); + device_fd = -1; - free(type); - free(device); - free(iface); + free(type); type = NULL; + free(device); device = NULL; + free(iface); iface = NULL; + device_info = NULL; } static bool read_packet(vpn_packet_t *packet) { @@ -126,7 +131,7 @@ static bool read_packet(vpn_packet_t *packet) { switch(device_type) { case DEVICE_TYPE_TUN: - inlen = read(device_fd, packet->data + 10, MTU - 10); + inlen = read(device_fd, DATA(packet) + 10, MTU - 10); if(inlen <= 0) { logger(DEBUG_ALWAYS, LOG_ERR, "Error while reading from %s %s: %s", @@ -134,11 +139,11 @@ static bool read_packet(vpn_packet_t *packet) { return false; } - memset(packet->data, 0, 12); + memset(DATA(packet), 0, 12); packet->len = inlen + 10; break; case DEVICE_TYPE_TAP: - inlen = read(device_fd, packet->data, MTU); + inlen = read(device_fd, DATA(packet), MTU); if(inlen <= 0) { logger(DEBUG_ALWAYS, LOG_ERR, "Error while reading from %s %s: %s", @@ -152,9 +157,6 @@ static bool read_packet(vpn_packet_t *packet) { abort(); } - device_in_packets++; - device_in_bytes += packet->len; - logger(DEBUG_TRAFFIC, LOG_DEBUG, "Read packet of %d bytes from %s", packet->len, device_info); @@ -167,15 +169,15 @@ static bool write_packet(vpn_packet_t *packet) { switch(device_type) { case DEVICE_TYPE_TUN: - packet->data[10] = packet->data[11] = 0; - if(write(device_fd, packet->data + 10, packet->len - 10) < 0) { + DATA(packet)[10] = DATA(packet)[11] = 0; + if(write(device_fd, DATA(packet) + 10, packet->len - 10) < 0) { logger(DEBUG_ALWAYS, LOG_ERR, "Can't write to %s %s: %s", device_info, device, strerror(errno)); return false; } break; case DEVICE_TYPE_TAP: - if(write(device_fd, packet->data, packet->len) < 0) { + if(write(device_fd, DATA(packet), packet->len) < 0) { logger(DEBUG_ALWAYS, LOG_ERR, "Can't write to %s %s: %s", device_info, device, strerror(errno)); return false; @@ -185,22 +187,12 @@ static bool write_packet(vpn_packet_t *packet) { abort(); } - device_out_packets++; - device_out_bytes += packet->len; - return true; } -static void dump_device_stats(void) { - logger(DEBUG_ALWAYS, LOG_DEBUG, "Statistics for %s %s:", device_info, device); - logger(DEBUG_ALWAYS, LOG_DEBUG, " total bytes in: %10"PRIu64, device_in_bytes); - logger(DEBUG_ALWAYS, LOG_DEBUG, " total bytes out: %10"PRIu64, device_out_bytes); -} - const devops_t os_devops = { .setup = setup_device, .close = close_device, .read = read_packet, .write = write_packet, - .dump_stats = dump_device_stats, }; diff --git a/src/logger.h b/src/logger.h index 637eef8..8f69029 100644 --- a/src/logger.h +++ b/src/logger.h @@ -65,6 +65,8 @@ enum { #endif #endif +#include + extern debug_t debug_level; extern bool logcontrol; extern void openlogger(const char *, logmode_t); diff --git a/src/meta.c b/src/meta.c index 887da4a..73769d9 100644 --- a/src/meta.c +++ b/src/meta.c @@ -1,6 +1,6 @@ /* meta.c -- handle the meta communication - Copyright (C) 2000-2013 Guus Sliepen , + Copyright (C) 2000-2014 Guus Sliepen , 2000-2005 Ivo Timmermans 2006 Scott Lamb @@ -30,7 +30,7 @@ #include "utils.h" #include "xalloc.h" -bool send_meta_sptps(void *handle, uint8_t type, const char *buffer, size_t length) { +bool send_meta_sptps(void *handle, uint8_t type, const void *buffer, size_t length) { connection_t *c = handle; if(!c) { @@ -76,11 +76,12 @@ bool send_meta(connection_t *c, const char *buffer, int length) { void broadcast_meta(connection_t *from, const char *buffer, int length) { for list_each(connection_t, c, connection_list) - if(c != from && c->status.active) + if(c != from && c->edge) send_meta(c, buffer, length); } -bool receive_meta_sptps(void *handle, uint8_t type, const char *data, uint16_t length) { +bool receive_meta_sptps(void *handle, uint8_t type, const void *vdata, uint16_t length) { + const char *data = vdata; connection_t *c = handle; if(!c) { @@ -142,7 +143,7 @@ bool receive_meta(connection_t *c) { inlen = recv(c->socket, inbuf, sizeof inbuf - c->inbuf.len, 0); if(inlen <= 0) { - if(!inlen || !errno) { + if(!inlen || !sockerrno) { logger(DEBUG_CONNECTIONS, LOG_NOTICE, "Connection closed by %s (%s)", c->name, c->hostname); } else if(sockwouldblock(sockerrno)) diff --git a/src/meta.h b/src/meta.h index 2a71228..ddc5418 100644 --- a/src/meta.h +++ b/src/meta.h @@ -1,6 +1,6 @@ /* meta.h -- header for meta.c - Copyright (C) 2000-2012 Guus Sliepen , + Copyright (C) 2000-2014 Guus Sliepen , 2000-2005 Ivo Timmermans This program is free software; you can redistribute it and/or modify @@ -24,8 +24,8 @@ #include "connection.h" extern bool send_meta(struct connection_t *, const char *, int); -extern bool send_meta_sptps(void *, uint8_t, const char *, size_t); -extern bool receive_meta_sptps(void *, uint8_t, const char *, uint16_t); +extern bool send_meta_sptps(void *, uint8_t, const void *, size_t); +extern bool receive_meta_sptps(void *, uint8_t, const void *, uint16_t); extern void broadcast_meta(struct connection_t *, const char *, int); extern bool receive_meta(struct connection_t *); diff --git a/src/mingw/device.c b/src/mingw/device.c index abe544e..19719a7 100644 --- a/src/mingw/device.c +++ b/src/mingw/device.c @@ -1,7 +1,7 @@ /* device.c -- Interaction with Windows tap driver in a MinGW environment Copyright (C) 2002-2005 Ivo Timmermans, - 2002-2013 Guus Sliepen + 2002-2014 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -36,55 +36,52 @@ int device_fd = -1; static HANDLE device_handle = INVALID_HANDLE_VALUE; +static io_t device_read_io; +static OVERLAPPED device_read_overlapped; +static vpn_packet_t device_read_packet; char *device = NULL; char *iface = NULL; static char *device_info = NULL; -static uint64_t device_total_in = 0; -static uint64_t device_total_out = 0; - extern char *myport; -static DWORD WINAPI tapreader(void *bla) { +static void device_issue_read() { + device_read_overlapped.Offset = 0; + device_read_overlapped.OffsetHigh = 0; + int status; - DWORD len; - OVERLAPPED overlapped; - vpn_packet_t packet; - - logger(DEBUG_ALWAYS, LOG_DEBUG, "Tap reader running"); - - /* Read from tap device and send to parent */ - - overlapped.hEvent = CreateEvent(NULL, TRUE, FALSE, NULL); - - for(;;) { - overlapped.Offset = 0; - overlapped.OffsetHigh = 0; - ResetEvent(overlapped.hEvent); - - status = ReadFile(device_handle, (void *)packet.data, MTU, &len, &overlapped); - - if(!status) { - if(GetLastError() == ERROR_IO_PENDING) { - WaitForSingleObject(overlapped.hEvent, INFINITE); - if(!GetOverlappedResult(device_handle, &overlapped, &len, FALSE)) - continue; - } else { + for (;;) { + DWORD len; + status = ReadFile(device_handle, (void *)device_read_packet.data, MTU, &len, &device_read_overlapped); + if (!status) { + if (GetLastError() != ERROR_IO_PENDING) logger(DEBUG_ALWAYS, LOG_ERR, "Error while reading from %s %s: %s", device_info, device, strerror(errno)); - return -1; - } + break; } - EnterCriticalSection(&mutex); - packet.len = len; - packet.priority = 0; - route(myself, &packet); - event_flush_output(); - LeaveCriticalSection(&mutex); + device_read_packet.len = len; + device_read_packet.priority = 0; + route(myself, &device_read_packet); } } +static void device_handle_read(void *data, int flags) { + ResetEvent(device_read_overlapped.hEvent); + + DWORD len; + if (!GetOverlappedResult(device_handle, &device_read_overlapped, &len, FALSE)) { + logger(DEBUG_ALWAYS, LOG_ERR, "Error getting read result from %s %s: %s", device_info, + device, strerror(errno)); + return; + } + + device_read_packet.len = len; + device_read_packet.priority = 0; + route(myself, &device_read_packet); + device_issue_read(); +} + static bool setup_device(void) { HKEY key, key2; int i; @@ -94,12 +91,10 @@ static bool setup_device(void) { char adaptername[1024]; char tapname[1024]; DWORD len; - unsigned long status; bool found = false; int err; - HANDLE thread; get_config_string(lookup_config(config_tree, "Device"), &device); get_config_string(lookup_config(config_tree, "Interface"), &iface); @@ -191,20 +186,6 @@ static bool setup_device(void) { overwrite_mac = 1; } - /* Start the tap reader */ - - thread = CreateThread(NULL, 0, tapreader, NULL, 0, NULL); - - if(!thread) { - logger(DEBUG_ALWAYS, LOG_ERR, "System call `%s' failed: %s", "CreateThread", winerror(GetLastError())); - return false; - } - - /* Set media status for newer TAP-Win32 devices */ - - status = true; - DeviceIoControl(device_handle, TAP_IOCTL_SET_MEDIA_STATUS, &status, sizeof status, &status, sizeof status, &len, NULL); - device_info = "Windows tap device"; logger(DEBUG_ALWAYS, LOG_INFO, "%s (%s) is a %s", device, iface, device_info); @@ -212,11 +193,36 @@ static bool setup_device(void) { return true; } -static void close_device(void) { - CloseHandle(device_handle); +static void enable_device(void) { + logger(DEBUG_ALWAYS, LOG_INFO, "Enabling %s", device_info); - free(device); - free(iface); + ULONG status = 1; + DWORD len; + DeviceIoControl(device_handle, TAP_IOCTL_SET_MEDIA_STATUS, &status, sizeof status, &status, sizeof status, &len, NULL); + + io_add_event(&device_read_io, device_handle_read, NULL, CreateEvent(NULL, TRUE, FALSE, NULL)); + device_read_overlapped.hEvent = device_read_io.event; + device_issue_read(); +} + +static void disable_device(void) { + logger(DEBUG_ALWAYS, LOG_INFO, "Disabling %s", device_info); + + io_del(&device_read_io); + CancelIo(device_handle); + CloseHandle(device_read_overlapped.hEvent); + + ULONG status = 0; + DWORD len; + DeviceIoControl(device_handle, TAP_IOCTL_SET_MEDIA_STATUS, &status, sizeof status, &status, sizeof status, &len, NULL); +} + +static void close_device(void) { + CloseHandle(device_handle); device_handle = INVALID_HANDLE_VALUE; + + free(device); device = NULL; + free(iface); iface = NULL; + device_info = NULL; } static bool read_packet(vpn_packet_t *packet) { @@ -230,26 +236,19 @@ static bool write_packet(vpn_packet_t *packet) { logger(DEBUG_TRAFFIC, LOG_DEBUG, "Writing packet of %d bytes to %s", packet->len, device_info); - if(!WriteFile(device_handle, packet->data, packet->len, &outlen, &overlapped)) { + if(!WriteFile(device_handle, DATA(packet), packet->len, &outlen, &overlapped)) { logger(DEBUG_ALWAYS, LOG_ERR, "Error while writing to %s %s: %s", device_info, device, winerror(GetLastError())); return false; } - device_total_out += packet->len; - return true; } -static void dump_device_stats(void) { - logger(DEBUG_ALWAYS, LOG_DEBUG, "Statistics for %s %s:", device_info, device); - logger(DEBUG_ALWAYS, LOG_DEBUG, " total bytes in: %10"PRIu64, device_total_in); - logger(DEBUG_ALWAYS, LOG_DEBUG, " total bytes out: %10"PRIu64, device_total_out); -} - const devops_t os_devops = { .setup = setup_device, .close = close_device, .read = read_packet, .write = write_packet, - .dump_stats = dump_device_stats, + .enable = enable_device, + .disable = disable_device, }; diff --git a/src/multicast_device.c b/src/multicast_device.c index 600b77c..931a8d0 100644 --- a/src/multicast_device.c +++ b/src/multicast_device.c @@ -31,9 +31,6 @@ static char *device_info; -static uint64_t device_total_in = 0; -static uint64_t device_total_out = 0; - static struct addrinfo *ai = NULL; static mac_t ignore_src = {{0}}; @@ -132,7 +129,7 @@ static bool setup_device(void) { #endif default: - logger(DEBUG_ALWAYS, LOG_ERR, "Multicast for address family %hx unsupported", ai->ai_family); + logger(DEBUG_ALWAYS, LOG_ERR, "Multicast for address family %x unsupported", ai->ai_family); goto error; } @@ -151,33 +148,33 @@ error: } static void close_device(void) { - close(device_fd); + close(device_fd); device_fd = -1; - free(device); - free(iface); + free(device); device = NULL; + free(iface); iface = NULL; - if(ai) - freeaddrinfo(ai); + if(ai) { + freeaddrinfo(ai); ai = NULL; + } + device_info = NULL; } static bool read_packet(vpn_packet_t *packet) { int lenin; - if((lenin = recv(device_fd, (void *)packet->data, MTU, 0)) <= 0) { + if((lenin = recv(device_fd, DATA(packet), MTU, 0)) <= 0) { logger(DEBUG_ALWAYS, LOG_ERR, "Error while reading from %s %s: %s", device_info, - device, strerror(errno)); + device, sockstrerror(sockerrno)); return false; } - if(!memcmp(&ignore_src, packet->data + 6, sizeof ignore_src)) { + if(!memcmp(&ignore_src, DATA(packet) + 6, sizeof ignore_src)) { logger(DEBUG_SCARY_THINGS, LOG_DEBUG, "Ignoring loopback packet of %d bytes from %s", lenin, device_info); return false; } packet->len = lenin; - device_total_in += packet->len; - logger(DEBUG_TRAFFIC, LOG_DEBUG, "Read packet of %d bytes from %s", packet->len, device_info); @@ -188,45 +185,20 @@ static bool write_packet(vpn_packet_t *packet) { logger(DEBUG_TRAFFIC, LOG_DEBUG, "Writing packet of %d bytes to %s", packet->len, device_info); - if(sendto(device_fd, (void *)packet->data, packet->len, 0, ai->ai_addr, ai->ai_addrlen) < 0) { + if(sendto(device_fd, DATA(packet), packet->len, 0, ai->ai_addr, ai->ai_addrlen) < 0) { logger(DEBUG_ALWAYS, LOG_ERR, "Can't write to %s %s: %s", device_info, device, - strerror(errno)); + sockstrerror(sockerrno)); return false; } - device_total_out += packet->len; - - memcpy(&ignore_src, packet->data + 6, sizeof ignore_src); + memcpy(&ignore_src, DATA(packet) + 6, sizeof ignore_src); return true; } -static void dump_device_stats(void) { - logger(DEBUG_ALWAYS, LOG_DEBUG, "Statistics for %s %s:", device_info, device); - logger(DEBUG_ALWAYS, LOG_DEBUG, " total bytes in: %10"PRIu64, device_total_in); - logger(DEBUG_ALWAYS, LOG_DEBUG, " total bytes out: %10"PRIu64, device_total_out); -} - const devops_t multicast_devops = { .setup = setup_device, .close = close_device, .read = read_packet, .write = write_packet, - .dump_stats = dump_device_stats, }; - -#if 0 - -static bool not_supported(void) { - logger(DEBUG_ALWAYS, LOG_ERR, "Raw socket device not supported on this platform"); - return false; -} - -const devops_t multicast_devops = { - .setup = not_supported, - .close = NULL, - .read = NULL, - .write = NULL, - .dump_stats = NULL, -}; -#endif diff --git a/src/names.c b/src/names.c index 37708f8..8218216 100644 --- a/src/names.c +++ b/src/names.c @@ -64,8 +64,6 @@ void make_names(void) { else xasprintf(&confbase, "%s", installdir); } - if(!pidfilename) - xasprintf(&pidfilename, "%s" SLASH "pid", confbase); } RegCloseKey(key); } @@ -73,11 +71,26 @@ void make_names(void) { if(!confdir) confdir = xstrdup(CONFDIR SLASH "tinc"); + if(!confbase) { + if(netname) + xasprintf(&confbase, CONFDIR SLASH "tinc" SLASH "%s", netname); + else + xasprintf(&confbase, CONFDIR SLASH "tinc"); + } + +#ifdef HAVE_MINGW + if(!logfilename) + xasprintf(&logfilename, "%s" SLASH "log", confbase); + + if(!pidfilename) + xasprintf(&pidfilename, "%s" SLASH "pid", confbase); +#else if(!logfilename) xasprintf(&logfilename, LOCALSTATEDIR SLASH "log" SLASH "%s.log", identname); if(!pidfilename) xasprintf(&pidfilename, LOCALSTATEDIR SLASH "run" SLASH "%s.pid", identname); +#endif if(!unixsocketname) { int len = strlen(pidfilename); @@ -88,13 +101,6 @@ void make_names(void) { else strcpy(unixsocketname + len, ".socket"); } - - if(!confbase) { - if(netname) - xasprintf(&confbase, CONFDIR SLASH "tinc" SLASH "%s", netname); - else - xasprintf(&confbase, CONFDIR SLASH "tinc"); - } } void free_names(void) { diff --git a/src/net.c b/src/net.c index 286f157..91b9305 100644 --- a/src/net.c +++ b/src/net.c @@ -36,6 +36,10 @@ #include "subnet.h" #include "xalloc.h" +#ifdef HAVE_RESOLV_H +#include +#endif + int contradicting_add_edge = 0; int contradicting_del_edge = 0; static int sleeptime = 10; @@ -93,8 +97,6 @@ void purge(void) { void terminate_connection(connection_t *c, bool report) { logger(DEBUG_CONNECTIONS, LOG_NOTICE, "Closing connection with %s (%s)", c->name, c->hostname); - c->status.active = false; - if(c->node && c->node->connection == c) c->node->connection = NULL; @@ -129,6 +131,12 @@ void terminate_connection(connection_t *c, bool report) { if(outgoing) do_outgoing_connection(outgoing); + +#ifndef HAVE_MINGW + /* Clean up dead proxy processes */ + + while(waitpid(-1, NULL, WNOHANG) > 0); +#endif } /* @@ -145,7 +153,7 @@ static void timeout_handler(void *data) { continue; if(c->last_ping_time + pingtimeout <= now.tv_sec) { - if(c->status.active) { + if(c->edge) { if(c->status.pinged) { logger(DEBUG_CONNECTIONS, LOG_INFO, "%s (%s) didn't respond to PING in %ld seconds", c->name, c->hostname, (long)now.tv_sec - c->last_ping_time); } else if(c->last_ping_time + pinginterval <= now.tv_sec) { @@ -160,7 +168,7 @@ static void timeout_handler(void *data) { else logger(DEBUG_CONNECTIONS, LOG_WARNING, "Timeout from %s (%s) during authentication", c->name, c->hostname); } - terminate_connection(c, c->status.active); + terminate_connection(c, c->edge); } } @@ -194,11 +202,11 @@ static void periodic_handler(void *data) { /* Count number of active connections */ int nc = 0; for list_each(connection_t, c, connection_list) { - if(c->status.active && !c->status.control) + if(c->edge) nc++; } - if(nc < autoconnect) { + if(nc < 3) { /* Not enough active connections, try to add one. Choose a random node, if we don't have a connection to it, and we are not already trying to make one, create an @@ -232,7 +240,7 @@ static void periodic_handler(void *data) { } break; } - } else if(nc > autoconnect) { + } else if(nc > 3) { /* Too many active connections, try to remove one. Choose a random outgoing connection to a node that has at least one other connection. @@ -241,7 +249,7 @@ static void periodic_handler(void *data) { int i = 0; for list_each(connection_t, c, connection_list) { - if(!c->status.active || c->status.control) + if(!c->edge) continue; if(i++ != r) @@ -253,12 +261,12 @@ static void periodic_handler(void *data) { logger(DEBUG_CONNECTIONS, LOG_INFO, "Autodisconnecting from %s", c->name); list_delete(outgoing_list, c->outgoing); c->outgoing = NULL; - terminate_connection(c, c->status.active); + terminate_connection(c, c->edge); break; } } - if(nc >= autoconnect) { + if(nc >= 3) { /* If we have enough active connections, remove any pending outgoing connections. */ @@ -283,7 +291,7 @@ static void periodic_handler(void *data) { void handle_meta_connection_data(connection_t *c) { if (!receive_meta(c)) { - terminate_connection(c, c->status.active); + terminate_connection(c, c->edge); return; } } @@ -303,6 +311,9 @@ static void sighup_handler(void *data) { static void sigalrm_handler(void *data) { logger(DEBUG_ALWAYS, LOG_NOTICE, "Got %s signal", strsignal(((signal_t *)data)->signum)); +#ifdef HAVE_DECL_RES_INIT + res_init(); +#endif retry(); } #endif @@ -334,11 +345,14 @@ int reload_configuration(void) { if(strictsubnets) { for splay_each(subnet_t, subnet, subnet_tree) - subnet->expires = 1; + if (subnet->owner) + subnet->expires = 1; load_all_subnets(); for splay_each(subnet_t, subnet, subnet_tree) { + if (!subnet->owner) + continue; if(subnet->expires == 1) { send_del_subnet(everyone, subnet); if(subnet->owner->status.reachable) @@ -402,7 +416,7 @@ int reload_configuration(void) { struct stat s; if(stat(fname, &s) || s.st_mtime > last_config_check) { logger(DEBUG_CONNECTIONS, LOG_INFO, "Host config file of %s has been changed", c->name); - terminate_connection(c, c->status.active); + terminate_connection(c, c->edge); } free(fname); } @@ -452,7 +466,7 @@ int main_loop(void) { #endif if(!event_loop()) { - logger(DEBUG_ALWAYS, LOG_ERR, "Error while waiting for input: %s", strerror(errno)); + logger(DEBUG_ALWAYS, LOG_ERR, "Error while waiting for input: %s", sockstrerror(sockerrno)); return 1; } diff --git a/src/net.h b/src/net.h index 9a97276..dcc99a4 100644 --- a/src/net.h +++ b/src/net.h @@ -1,7 +1,7 @@ /* net.h -- header for net.c Copyright (C) 1998-2005 Ivo Timmermans - 2000-2013 Guus Sliepen + 2000-2014 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -32,8 +32,8 @@ #define MTU 1518 /* 1500 bytes payload + 14 bytes ethernet header + 4 bytes VLAN tag */ #endif -/* MAXSIZE is the maximum size of an encapsulated packet: MTU + seqno + padding + HMAC + compressor overhead */ -#define MAXSIZE (MTU + 4 + CIPHER_MAX_BLOCK_SIZE + DIGEST_MAX_SIZE + MTU/64 + 20) +/* MAXSIZE is the maximum size of an encapsulated packet: MTU + seqno + srcid + dstid + padding + HMAC + compressor overhead */ +#define MAXSIZE (MTU + 4 + sizeof(node_id_t) + sizeof(node_id_t) + CIPHER_MAX_BLOCK_SIZE + DIGEST_MAX_SIZE + MTU/64 + 20) /* MAXBUFSIZE is the maximum size of a request: enough for a MAXSIZEd packet or a 8192 bits RSA key */ #define MAXBUFSIZE ((MAXSIZE > 2048 ? MAXSIZE : 2048) + 128) @@ -52,7 +52,12 @@ typedef struct ipv6_t { uint16_t x[8]; } ipv6_t; +typedef struct node_id_t { + uint8_t x[6]; +} node_id_t; + typedef short length_t; +typedef uint32_t seqno_t; #define AF_UNKNOWN 255 @@ -80,10 +85,16 @@ typedef union sockaddr_t { #define SALEN(s) (s.sa_family==AF_INET?sizeof(struct sockaddr_in):sizeof(struct sockaddr_in6)) #endif +#define SEQNO(x) ((x)->data + (x)->offset - 4) +#define SRCID(x) ((node_id_t *)((x)->data + (x)->offset - 6)) +#define DSTID(x) ((node_id_t *)((x)->data + (x)->offset - 12)) +#define DATA(x) ((x)->data + (x)->offset) +#define DEFAULT_PACKET_OFFSET 12 + typedef struct vpn_packet_t { - length_t len; /* the actual number of bytes in the `data' field */ + length_t len; /* The actual number of valid bytes in the `data' field (including seqno or dstid/srcid) */ + length_t offset; /* Offset in the buffer where the packet data starts (righter after seqno or dstid/srcid) */ int priority; /* priority or TOS */ - uint32_t seqno; /* 32 bits sequence number (network byte order of course) */ uint8_t data[MAXSIZE]; } vpn_packet_t; @@ -103,6 +114,7 @@ typedef struct listen_socket_t { io_t tcp; io_t udp; sockaddr_t sa; + bool bindto; } listen_socket_t; #include "conf.h" @@ -125,7 +137,6 @@ extern int seconds_till_retry; extern int addressfamily; extern unsigned replaywin; extern bool localdiscovery; -extern sockaddr_t localdiscovery_address; extern listen_socket_t listen_socket[MAXSOCKETS]; extern int listen_sockets; @@ -136,7 +147,8 @@ extern int udp_sndbuf; extern int max_connection_burst; extern bool do_prune; extern char *myport; -extern int autoconnect; +extern bool device_standby; +extern bool autoconnect; extern bool disablebuggypeers; extern int contradicting_add_edge; extern int contradicting_del_edge; @@ -171,12 +183,14 @@ extern void handle_new_meta_connection(void *, int); extern void handle_new_unix_connection(void *, int); extern int setup_listen_socket(const sockaddr_t *); extern int setup_vpn_in_socket(const sockaddr_t *); -extern bool send_sptps_data(void *handle, uint8_t type, const char *data, size_t len); -extern bool receive_sptps_record(void *handle, uint8_t type, const char *data, uint16_t len); +extern bool send_sptps_data(void *handle, uint8_t type, const void *data, size_t len); +extern bool receive_sptps_record(void *handle, uint8_t type, const void *data, uint16_t len); extern void send_packet(struct node_t *, vpn_packet_t *); extern void receive_tcppacket(struct connection_t *, const char *, int); extern void broadcast_packet(const struct node_t *, vpn_packet_t *); extern char *get_name(void); +extern void device_enable(void); +extern void device_disable(void); extern bool setup_myself_reloadable(void); extern bool setup_network(void); extern void setup_outgoing_connection(struct outgoing_t *); @@ -199,8 +213,6 @@ extern void load_all_nodes(void); #ifndef HAVE_MINGW #define closesocket(s) close(s) -#else -extern CRITICAL_SECTION mutex; #endif #endif /* __TINC_NET_H__ */ diff --git a/src/net_packet.c b/src/net_packet.c index 1159231..c146109 100644 --- a/src/net_packet.c +++ b/src/net_packet.c @@ -1,7 +1,7 @@ /* net_packet.c -- Handles in- and outgoing VPN packets Copyright (C) 1998-2005 Ivo Timmermans, - 2000-2013 Guus Sliepen + 2000-2014 Guus Sliepen 2010 Timothy Redaelli 2010 Brandon Black @@ -54,8 +54,7 @@ static char lzo_wrkmem[LZO1X_999_MEM_COMPRESS > LZO1X_1_MEM_COMPRESS ? LZO1X_999 static void send_udppacket(node_t *, vpn_packet_t *); unsigned replaywin = 16; -bool localdiscovery = false; -sockaddr_t localdiscovery_address; +bool localdiscovery = true; #define MAX_SEQNO 1073741824 @@ -140,19 +139,19 @@ static void send_mtu_probe_handler(void *data) { len = 64; vpn_packet_t packet; - memset(packet.data, 0, 14); - randomize(packet.data + 14, len - 14); + packet.offset = DEFAULT_PACKET_OFFSET; + memset(DATA(&packet), 0, 14); + randomize(DATA(&packet) + 14, len - 14); packet.len = len; - if(i >= 4 && n->mtuprobes <= 10) - packet.priority = -1; - else - packet.priority = 0; + packet.priority = 0; + n->status.send_locally = i >= 4 && n->mtuprobes <= 10 && n->prevedge; logger(DEBUG_TRAFFIC, LOG_INFO, "Sending MTU probe length %d to %s (%s)", len, n->name, n->hostname); send_udppacket(n, &packet); } + n->status.send_locally = false; n->probe_counter = 0; gettimeofday(&n->probe_time, NULL); @@ -178,24 +177,24 @@ void send_mtu_probe(node_t *n) { } static void mtu_probe_h(node_t *n, vpn_packet_t *packet, length_t len) { - if(!packet->data[0]) { + if(!DATA(packet)[0]) { logger(DEBUG_TRAFFIC, LOG_INFO, "Got MTU probe request %d from %s (%s)", packet->len, n->name, n->hostname); /* It's a probe request, send back a reply */ /* Type 2 probe replies were introduced in protocol 17.3 */ - if ((n->options >> 24) == 3) { - uint8_t* data = packet->data; + if ((n->options >> 24) >= 3) { + uint8_t *data = DATA(packet); *data++ = 2; uint16_t len16 = htons(len); memcpy(data, &len16, 2); data += 2; struct timeval now; gettimeofday(&now, NULL); uint32_t sec = htonl(now.tv_sec); memcpy(data, &sec, 4); data += 4; uint32_t usec = htonl(now.tv_usec); memcpy(data, &usec, 4); data += 4; - packet->len = data - packet->data; + packet->len -= 10; } else { /* Legacy protocol: n won't understand type 2 probe replies. */ - packet->data[0] = 1; + DATA(packet)[0] = 1; } /* Temporarily set udp_confirmed, so that the reply is sent @@ -207,14 +206,14 @@ static void mtu_probe_h(node_t *n, vpn_packet_t *packet, length_t len) { n->status.udp_confirmed = udp_confirmed; } else { length_t probelen = len; - if (packet->data[0] == 2) { + if (DATA(packet)[0] == 2) { if (len < 3) logger(DEBUG_TRAFFIC, LOG_WARNING, "Received invalid (too short) MTU probe reply from %s (%s)", n->name, n->hostname); else { - uint16_t probelen16; memcpy(&probelen16, packet->data + 1, 2); probelen = ntohs(probelen16); + uint16_t probelen16; memcpy(&probelen16, DATA(packet) + 1, 2); probelen = ntohs(probelen16); } } - logger(DEBUG_TRAFFIC, LOG_INFO, "Got type %d MTU probe reply %d from %s (%s)", packet->data[0], probelen, n->name, n->hostname); + logger(DEBUG_TRAFFIC, LOG_INFO, "Got type %d MTU probe reply %d from %s (%s)", DATA(packet)[0], probelen, n->name, n->hostname); /* It's a valid reply: now we know bidirectional communication is possible using the address and socket that the reply @@ -256,9 +255,9 @@ static void mtu_probe_h(node_t *n, vpn_packet_t *packet, length_t len) { timersub(&now, &n->probe_time, &diff); struct timeval probe_timestamp = now; - if (packet->data[0] == 2 && packet->len >= 11) { - uint32_t sec; memcpy(&sec, packet->data + 3, 4); - uint32_t usec; memcpy(&usec, packet->data + 7, 4); + if (DATA(packet)[0] == 2 && packet->len >= 11) { + uint32_t sec; memcpy(&sec, DATA(packet) + 3, 4); + uint32_t usec; memcpy(&usec, DATA(packet) + 7, 4); probe_timestamp.tv_sec = ntohl(sec); probe_timestamp.tv_usec = ntohl(usec); } @@ -350,20 +349,21 @@ static void receive_packet(node_t *n, vpn_packet_t *packet) { static bool try_mac(node_t *n, const vpn_packet_t *inpkt) { if(n->status.sptps) - return sptps_verify_datagram(&n->sptps, (char *)&inpkt->seqno, inpkt->len); + return sptps_verify_datagram(&n->sptps, DATA(inpkt), inpkt->len); - if(!digest_active(n->indigest) || inpkt->len < sizeof inpkt->seqno + digest_length(n->indigest)) + if(!digest_active(n->indigest) || inpkt->len < sizeof(seqno_t) + digest_length(n->indigest)) return false; - return digest_verify(n->indigest, &inpkt->seqno, inpkt->len - digest_length(n->indigest), (const char *)&inpkt->seqno + inpkt->len - digest_length(n->indigest)); + return digest_verify(n->indigest, SEQNO(inpkt), inpkt->len - digest_length(n->indigest), DATA(inpkt) + inpkt->len - digest_length(n->indigest)); } -static void receive_udppacket(node_t *n, vpn_packet_t *inpkt) { +static bool receive_udppacket(node_t *n, vpn_packet_t *inpkt) { vpn_packet_t pkt1, pkt2; vpn_packet_t *pkt[] = { &pkt1, &pkt2, &pkt1, &pkt2 }; int nextpkt = 0; - vpn_packet_t *outpkt = pkt[0]; size_t outlen; + pkt1.offset = DEFAULT_PACKET_OFFSET; + pkt2.offset = DEFAULT_PACKET_OFFSET; if(n->status.sptps) { if(!n->sptps.state) { @@ -373,43 +373,51 @@ static void receive_udppacket(node_t *n, vpn_packet_t *inpkt) { } else { logger(DEBUG_TRAFFIC, LOG_DEBUG, "Got packet from %s (%s) but he hasn't got our key yet", n->name, n->hostname); } - return; + return false; } - sptps_receive_data(&n->sptps, (char *)&inpkt->seqno, inpkt->len); - return; + inpkt->offset += 2 * sizeof(node_id_t); + if(!sptps_receive_data(&n->sptps, DATA(inpkt), inpkt->len - 2 * sizeof(node_id_t))) { + logger(DEBUG_TRAFFIC, LOG_ERR, "Got bad packet from %s (%s)", n->name, n->hostname); + return false; + } + return true; } - if(!cipher_active(n->incipher)) { + if(!n->status.validkey) { logger(DEBUG_TRAFFIC, LOG_DEBUG, "Got packet from %s (%s) but he hasn't got our key yet", n->name, n->hostname); - return; + return false; } /* Check packet length */ - if(inpkt->len < sizeof inpkt->seqno + digest_length(n->indigest)) { + if(inpkt->len < sizeof(seqno_t) + digest_length(n->indigest)) { logger(DEBUG_TRAFFIC, LOG_DEBUG, "Got too short packet from %s (%s)", n->name, n->hostname); - return; + return false; } + /* It's a legacy UDP packet, the data starts after the seqno */ + + inpkt->offset += sizeof(seqno_t); + /* Check the message authentication code */ if(digest_active(n->indigest)) { inpkt->len -= digest_length(n->indigest); - if(!digest_verify(n->indigest, &inpkt->seqno, inpkt->len, (const char *)&inpkt->seqno + inpkt->len)) { + if(!digest_verify(n->indigest, SEQNO(inpkt), inpkt->len, SEQNO(inpkt) + inpkt->len)) { logger(DEBUG_TRAFFIC, LOG_DEBUG, "Got unauthenticated packet from %s (%s)", n->name, n->hostname); - return; + return false; } } /* Decrypt the packet */ if(cipher_active(n->incipher)) { - outpkt = pkt[nextpkt++]; + vpn_packet_t *outpkt = pkt[nextpkt++]; outlen = MAXSIZE; - if(!cipher_decrypt(n->incipher, &inpkt->seqno, inpkt->len, &outpkt->seqno, &outlen, true)) { + if(!cipher_decrypt(n->incipher, SEQNO(inpkt), inpkt->len, SEQNO(outpkt), &outlen, true)) { logger(DEBUG_TRAFFIC, LOG_DEBUG, "Error decrypting packet from %s (%s)", n->name, n->hostname); - return; + return false; } outpkt->len = outlen; @@ -418,38 +426,40 @@ static void receive_udppacket(node_t *n, vpn_packet_t *inpkt) { /* Check the sequence number */ - inpkt->len -= sizeof inpkt->seqno; - inpkt->seqno = ntohl(inpkt->seqno); + seqno_t seqno; + memcpy(&seqno, SEQNO(inpkt), sizeof seqno); + seqno = ntohl(seqno); + inpkt->len -= sizeof seqno; if(replaywin) { - if(inpkt->seqno != n->received_seqno + 1) { - if(inpkt->seqno >= n->received_seqno + replaywin * 8) { + if(seqno != n->received_seqno + 1) { + if(seqno >= n->received_seqno + replaywin * 8) { if(n->farfuture++ < replaywin >> 2) { logger(DEBUG_ALWAYS, LOG_WARNING, "Packet from %s (%s) is %d seqs in the future, dropped (%u)", - n->name, n->hostname, inpkt->seqno - n->received_seqno - 1, n->farfuture); - return; + n->name, n->hostname, seqno - n->received_seqno - 1, n->farfuture); + return false; } logger(DEBUG_ALWAYS, LOG_WARNING, "Lost %d packets from %s (%s)", - inpkt->seqno - n->received_seqno - 1, n->name, n->hostname); + seqno - n->received_seqno - 1, n->name, n->hostname); memset(n->late, 0, replaywin); - } else if (inpkt->seqno <= n->received_seqno) { - if((n->received_seqno >= replaywin * 8 && inpkt->seqno <= n->received_seqno - replaywin * 8) || !(n->late[(inpkt->seqno / 8) % replaywin] & (1 << inpkt->seqno % 8))) { + } else if (seqno <= n->received_seqno) { + if((n->received_seqno >= replaywin * 8 && seqno <= n->received_seqno - replaywin * 8) || !(n->late[(seqno / 8) % replaywin] & (1 << seqno % 8))) { logger(DEBUG_ALWAYS, LOG_WARNING, "Got late or replayed packet from %s (%s), seqno %d, last received %d", - n->name, n->hostname, inpkt->seqno, n->received_seqno); - return; + n->name, n->hostname, seqno, n->received_seqno); + return false; } } else { - for(int i = n->received_seqno + 1; i < inpkt->seqno; i++) + for(int i = n->received_seqno + 1; i < seqno; i++) n->late[(i / 8) % replaywin] |= 1 << i % 8; } } n->farfuture = 0; - n->late[(inpkt->seqno / 8) % replaywin] &= ~(1 << inpkt->seqno % 8); + n->late[(seqno / 8) % replaywin] &= ~(1 << seqno % 8); } - if(inpkt->seqno > n->received_seqno) - n->received_seqno = inpkt->seqno; + if(seqno > n->received_seqno) + n->received_seqno = seqno; n->received++; @@ -461,12 +471,12 @@ static void receive_udppacket(node_t *n, vpn_packet_t *inpkt) { length_t origlen = inpkt->len; if(n->incompression) { - outpkt = pkt[nextpkt++]; + vpn_packet_t *outpkt = pkt[nextpkt++]; - if((outpkt->len = uncompress_packet(outpkt->data, inpkt->data, inpkt->len, n->incompression)) < 0) { + if((outpkt->len = uncompress_packet(DATA(outpkt), DATA(inpkt), inpkt->len, n->incompression)) < 0) { logger(DEBUG_TRAFFIC, LOG_ERR, "Error while uncompressing packet from %s (%s)", n->name, n->hostname); - return; + return false; } inpkt = outpkt; @@ -476,16 +486,18 @@ static void receive_udppacket(node_t *n, vpn_packet_t *inpkt) { inpkt->priority = 0; - if(!inpkt->data[12] && !inpkt->data[13]) + if(!DATA(inpkt)[12] && !DATA(inpkt)[13]) mtu_probe_h(n, inpkt, origlen); else receive_packet(n, inpkt); + return true; } void receive_tcppacket(connection_t *c, const char *buffer, int len) { vpn_packet_t outpkt; + outpkt.offset = DEFAULT_PACKET_OFFSET; - if(len > sizeof outpkt.data) + if(len > sizeof outpkt.data - outpkt.offset) return; outpkt.len = len; @@ -493,30 +505,46 @@ void receive_tcppacket(connection_t *c, const char *buffer, int len) { outpkt.priority = 0; else outpkt.priority = -1; - memcpy(outpkt.data, buffer, len); + memcpy(DATA(&outpkt), buffer, len); receive_packet(c->node, &outpkt); } -static void send_sptps_packet(node_t *n, vpn_packet_t *origpkt) { - if(!n->status.validkey) { - logger(DEBUG_TRAFFIC, LOG_INFO, "No valid key known yet for %s (%s)", n->name, n->hostname); - if(!n->status.waitingforkey) - send_req_key(n); - else if(n->last_req_key + 10 < now.tv_sec) { - logger(DEBUG_ALWAYS, LOG_DEBUG, "No key from %s after 10 seconds, restarting SPTPS", n->name); - sptps_stop(&n->sptps); - n->status.waitingforkey = false; - send_req_key(n); - } - return; +static bool try_sptps(node_t *n) { + if(n->status.validkey) + return true; + + /* If n is a TCP-only neighbor, we'll only use "cleartext" PACKET + messages anyway, so there's no need for SPTPS at all. */ + if(n->connection && ((myself->options | n->options) & OPTION_TCPONLY)) + return false; + + logger(DEBUG_TRAFFIC, LOG_INFO, "No valid key known yet for %s (%s)", n->name, n->hostname); + + if(!n->status.waitingforkey) + send_req_key(n); + else if(n->last_req_key + 10 < now.tv_sec) { + logger(DEBUG_ALWAYS, LOG_DEBUG, "No key from %s after 10 seconds, restarting SPTPS", n->name); + sptps_stop(&n->sptps); + n->status.waitingforkey = false; + send_req_key(n); } + return false; +} + +static void send_sptps_packet(node_t *n, vpn_packet_t *origpkt) { + /* Note: condition order is as intended - even if we have a direct + metaconnection, we want to try SPTPS anyway as it's the only way to + get UDP going */ + if(!try_sptps(n) && !n->connection) + return; + uint8_t type = 0; int offset = 0; - if(!(origpkt->data[12] | origpkt->data[13])) { - sptps_send_record(&n->sptps, PKT_PROBE, (char *)origpkt->data, origpkt->len); + if(!(DATA(origpkt)[12] | DATA(origpkt)[13])) { + sptps_send_record(&n->sptps, PKT_PROBE, (char *)DATA(origpkt), origpkt->len); return; } @@ -531,7 +559,8 @@ static void send_sptps_packet(node_t *n, vpn_packet_t *origpkt) { vpn_packet_t outpkt; if(n->outcompression) { - int len = compress_packet(outpkt.data + offset, origpkt->data + offset, origpkt->len - offset, n->outcompression); + outpkt.offset = 0; + int len = compress_packet(DATA(&outpkt) + offset, DATA(origpkt) + offset, origpkt->len - offset, n->outcompression); if(len < 0) { logger(DEBUG_TRAFFIC, LOG_ERR, "Error while compressing packet to %s (%s)", n->name, n->hostname); } else if(len < origpkt->len - offset) { @@ -541,10 +570,29 @@ static void send_sptps_packet(node_t *n, vpn_packet_t *origpkt) { } } - sptps_send_record(&n->sptps, type, (char *)origpkt->data + offset, origpkt->len - offset); + /* If we have a direct metaconnection to n, and we can't use UDP, then + don't bother with SPTPS and just use a "plaintext" PACKET message. + We don't really care about end-to-end security since we're not + sending the message through any intermediate nodes. */ + if(n->connection && origpkt->len > n->minmtu) + send_tcppacket(n->connection, origpkt); + else + sptps_send_record(&n->sptps, type, DATA(origpkt) + offset, origpkt->len - offset); return; } +static void adapt_socket(const sockaddr_t *sa, int *sock) { + /* Make sure we have a suitable socket for the chosen address */ + if(listen_socket[*sock].sa.sa.sa_family != sa->sa.sa_family) { + for(int i = 0; i < listen_sockets; i++) { + if(listen_socket[i].sa.sa.sa_family == sa->sa.sa_family) { + *sock = i; + break; + } + } + } +} + static void choose_udp_address(const node_t *n, const sockaddr_t **sa, int *sock) { /* Latest guess */ *sa = &n->address; @@ -583,54 +631,30 @@ static void choose_udp_address(const node_t *n, const sockaddr_t **sa, int *sock *sock = rand() % listen_sockets; } - /* Make sure we have a suitable socket for the chosen address */ - if(listen_socket[*sock].sa.sa.sa_family != (*sa)->sa.sa_family) { - for(int i = 0; i < listen_sockets; i++) { - if(listen_socket[i].sa.sa.sa_family == (*sa)->sa.sa_family) { - *sock = i; - break; - } - } - } + adapt_socket(*sa, sock); } -static void choose_broadcast_address(const node_t *n, const sockaddr_t **sa, int *sock) { - static sockaddr_t broadcast_ipv4 = { - .in = { - .sin_family = AF_INET, - .sin_addr.s_addr = -1, - } - }; +static void choose_local_address(const node_t *n, const sockaddr_t **sa, int *sock) { + *sa = NULL; - static sockaddr_t broadcast_ipv6 = { - .in6 = { - .sin6_family = AF_INET6, - .sin6_addr.s6_addr[0x0] = 0xff, - .sin6_addr.s6_addr[0x1] = 0x02, - .sin6_addr.s6_addr[0xf] = 0x01, - } - }; + /* Pick one of the edges from this node at random, then use its local address. */ - *sock = rand() % listen_sockets; + int i = 0; + int j = rand() % n->edge_tree->count; + edge_t *candidate = NULL; - if(listen_socket[*sock].sa.sa.sa_family == AF_INET6) { - if(localdiscovery_address.sa.sa_family == AF_INET6) { - localdiscovery_address.in6.sin6_port = n->prevedge->address.in.sin_port; - *sa = &localdiscovery_address; - } else { - broadcast_ipv6.in6.sin6_port = n->prevedge->address.in.sin_port; - broadcast_ipv6.in6.sin6_scope_id = listen_socket[*sock].sa.in6.sin6_scope_id; - *sa = &broadcast_ipv6; - } - } else { - if(localdiscovery_address.sa.sa_family == AF_INET) { - localdiscovery_address.in.sin_port = n->prevedge->address.in.sin_port; - *sa = &localdiscovery_address; - } else { - broadcast_ipv4.in.sin_port = n->prevedge->address.in.sin_port; - *sa = &broadcast_ipv4; + for splay_each(edge_t, e, n->edge_tree) { + if(i++ == j) { + candidate = e; + break; } } + + if (candidate && candidate->local_address.sa.sa_family) { + *sa = &candidate->local_address; + *sock = rand() % listen_sockets; + adapt_socket(*sa, sock); + } } static void send_udppacket(node_t *n, vpn_packet_t *origpkt) { @@ -643,8 +667,11 @@ static void send_udppacket(node_t *n, vpn_packet_t *origpkt) { size_t outlen; #if defined(SOL_IP) && defined(IP_TOS) static int priority = 0; -#endif int origpriority = origpkt->priority; +#endif + + pkt1.offset = DEFAULT_PACKET_OFFSET; + pkt2.offset = DEFAULT_PACKET_OFFSET; if(!n->status.reachable) { logger(DEBUG_TRAFFIC, LOG_INFO, "Trying to send UDP packet to unreachable node %s (%s)", n->name, n->hostname); @@ -671,7 +698,7 @@ static void send_udppacket(node_t *n, vpn_packet_t *origpkt) { return; } - if(n->options & OPTION_PMTU_DISCOVERY && inpkt->len > n->minmtu && (inpkt->data[12] | inpkt->data[13])) { + if(n->options & OPTION_PMTU_DISCOVERY && inpkt->len > n->minmtu && (DATA(inpkt)[12] | DATA(inpkt)[13])) { logger(DEBUG_TRAFFIC, LOG_INFO, "Packet for %s (%s) larger than minimum MTU, forwarding via %s", n->name, n->hostname, n != n->nexthop ? n->nexthop->name : "TCP"); @@ -689,7 +716,7 @@ static void send_udppacket(node_t *n, vpn_packet_t *origpkt) { if(n->outcompression) { outpkt = pkt[nextpkt++]; - if((outpkt->len = compress_packet(outpkt->data, inpkt->data, inpkt->len, n->outcompression)) < 0) { + if((outpkt->len = compress_packet(DATA(outpkt), DATA(inpkt), inpkt->len, n->outcompression)) < 0) { logger(DEBUG_TRAFFIC, LOG_ERR, "Error while compressing packet to %s (%s)", n->name, n->hostname); return; @@ -700,8 +727,9 @@ static void send_udppacket(node_t *n, vpn_packet_t *origpkt) { /* Add sequence number */ - inpkt->seqno = htonl(++(n->sent_seqno)); - inpkt->len += sizeof inpkt->seqno; + seqno_t seqno = htonl(++(n->sent_seqno)); + memcpy(SEQNO(inpkt), &seqno, sizeof seqno); + inpkt->len += sizeof seqno; /* Encrypt the packet */ @@ -709,7 +737,7 @@ static void send_udppacket(node_t *n, vpn_packet_t *origpkt) { outpkt = pkt[nextpkt++]; outlen = MAXSIZE; - if(!cipher_encrypt(n->outcipher, &inpkt->seqno, inpkt->len, &outpkt->seqno, &outlen, true)) { + if(!cipher_encrypt(n->outcipher, SEQNO(inpkt), inpkt->len, SEQNO(outpkt), &outlen, true)) { logger(DEBUG_TRAFFIC, LOG_ERR, "Error while encrypting packet to %s (%s)", n->name, n->hostname); goto end; } @@ -721,7 +749,7 @@ static void send_udppacket(node_t *n, vpn_packet_t *origpkt) { /* Add the message authentication code */ if(digest_active(n->outdigest)) { - if(!digest_create(n->outdigest, &inpkt->seqno, inpkt->len, (char *)&inpkt->seqno + inpkt->len)) { + if(!digest_create(n->outdigest, SEQNO(inpkt), inpkt->len, SEQNO(inpkt) + inpkt->len)) { logger(DEBUG_TRAFFIC, LOG_ERR, "Error while encrypting packet to %s (%s)", n->name, n->hostname); goto end; } @@ -731,14 +759,12 @@ static void send_udppacket(node_t *n, vpn_packet_t *origpkt) { /* Send the packet */ - const sockaddr_t *sa; + const sockaddr_t *sa = NULL; int sock; - /* Overloaded use of priority field: -1 means local broadcast */ - - if(origpriority == -1 && n->prevedge) - choose_broadcast_address(n, &sa, &sock); - else + if(n->status.send_locally) + choose_local_address(n, &sa, &sock); + if(!sa) choose_udp_address(n, &sa, &sock); #if defined(SOL_IP) && defined(IP_TOS) @@ -747,11 +773,11 @@ static void send_udppacket(node_t *n, vpn_packet_t *origpkt) { priority = origpriority; logger(DEBUG_TRAFFIC, LOG_DEBUG, "Setting outgoing packet priority to %d", priority); if(setsockopt(listen_socket[n->sock].udp.fd, SOL_IP, IP_TOS, &priority, sizeof(priority))) /* SO_PRIORITY doesn't seem to work */ - logger(DEBUG_ALWAYS, LOG_ERR, "System call `%s' failed: %s", "setsockopt", strerror(errno)); + logger(DEBUG_ALWAYS, LOG_ERR, "System call `%s' failed: %s", "setsockopt", sockstrerror(sockerrno)); } #endif - if(sendto(listen_socket[sock].udp.fd, (char *) &inpkt->seqno, inpkt->len, 0, &sa->sa, SALEN(sa->sa)) < 0 && !sockwouldblock(sockerrno)) { + if(sendto(listen_socket[sock].udp.fd, SEQNO(inpkt), inpkt->len, 0, &sa->sa, SALEN(sa->sa)) < 0 && !sockwouldblock(sockerrno)) { if(sockmsgsize(sockerrno)) { if(n->maxmtu >= origlen) n->maxmtu = origlen - 1; @@ -765,39 +791,67 @@ end: origpkt->len = origlen; } -bool send_sptps_data(void *handle, uint8_t type, const char *data, size_t len) { - node_t *to = handle; +static bool send_sptps_data_priv(node_t *to, node_t *from, int type, const void *data, size_t len) { + node_t *relay = (to->via != myself && (type == PKT_PROBE || (len - SPTPS_DATAGRAM_OVERHEAD) <= to->via->minmtu)) ? to->via : to->nexthop; + bool direct = from == myself && to == relay; + bool relay_supported = (relay->options >> 24) >= 4; + bool tcponly = (myself->options | relay->options) & OPTION_TCPONLY; - /* Send it via TCP if it is a handshake packet, TCPOnly is in use, or this packet is larger than the MTU. */ + /* We don't really need the relay's key, but we need to establish a UDP tunnel with it and discover its MTU. */ + if (!direct && relay_supported && !tcponly) + try_sptps(relay); - if(type >= SPTPS_HANDSHAKE || ((myself->options | to->options) & OPTION_TCPONLY) || (type != PKT_PROBE && len > to->minmtu)) { + /* Send it via TCP if it is a handshake packet, TCPOnly is in use, this is a relay packet that the other node cannot understand, or this packet is larger than the MTU. + TODO: When relaying, the original sender does not know the end-to-end PMTU (it only knows the PMTU of the first hop). + This can lead to scenarios where large packets are sent over UDP to relay, but then relay has no choice but fall back to TCP. */ + + if(type == SPTPS_HANDSHAKE || tcponly || (!direct && !relay_supported) || (type != PKT_PROBE && (len - SPTPS_DATAGRAM_OVERHEAD) > relay->minmtu)) { char buf[len * 4 / 3 + 5]; b64encode(data, buf, len); /* If no valid key is known yet, send the packets using ANS_KEY requests, to ensure we get to learn the reflexive UDP address. */ - if(!to->status.validkey) { + if(from == myself && !to->status.validkey) { to->incompression = myself->incompression; - return send_request(to->nexthop->connection, "%d %s %s %s -1 -1 -1 %d", ANS_KEY, myself->name, to->name, buf, to->incompression); + return send_request(to->nexthop->connection, "%d %s %s %s -1 -1 -1 %d", ANS_KEY, from->name, to->name, buf, to->incompression); } else { - return send_request(to->nexthop->connection, "%d %s %s %d %s", REQ_KEY, myself->name, to->name, REQ_SPTPS, buf); + return send_request(to->nexthop->connection, "%d %s %s %d %s", REQ_KEY, from->name, to->name, REQ_SPTPS, buf); } } - /* Otherwise, send the packet via UDP */ - - const sockaddr_t *sa; - int sock; - - choose_udp_address(to, &sa, &sock); - - if(sendto(listen_socket[sock].udp.fd, data, len, 0, &sa->sa, SALEN(sa->sa)) < 0 && !sockwouldblock(sockerrno)) { - if(sockmsgsize(sockerrno)) { - if(to->maxmtu >= len) - to->maxmtu = len - 1; - if(to->mtu >= len) - to->mtu = len - 1; + size_t overhead = 0; + if(relay_supported) overhead += sizeof to->id + sizeof from->id; + char buf[len + overhead]; char* buf_ptr = buf; + if(relay_supported) { + if(direct) { + /* Inform the recipient that this packet was sent directly. */ + node_id_t nullid = {}; + memcpy(buf_ptr, &nullid, sizeof nullid); buf_ptr += sizeof nullid; } else { - logger(DEBUG_TRAFFIC, LOG_WARNING, "Error sending UDP SPTPS packet to %s (%s): %s", to->name, to->hostname, sockstrerror(sockerrno)); + memcpy(buf_ptr, &to->id, sizeof to->id); buf_ptr += sizeof to->id; + } + memcpy(buf_ptr, &from->id, sizeof from->id); buf_ptr += sizeof from->id; + + } + /* TODO: if this copy turns out to be a performance concern, change sptps_send_record() to add some "pre-padding" to the buffer and use that instead */ + memcpy(buf_ptr, data, len); buf_ptr += len; + + const sockaddr_t *sa = NULL; + int sock; + if(relay->status.send_locally) + choose_local_address(relay, &sa, &sock); + if(!sa) + choose_udp_address(relay, &sa, &sock); + logger(DEBUG_TRAFFIC, LOG_INFO, "Sending packet from %s (%s) to %s (%s) via %s (%s)", from->name, from->hostname, to->name, to->hostname, relay->name, relay->hostname); + if(sendto(listen_socket[sock].udp.fd, buf, buf_ptr - buf, 0, &sa->sa, SALEN(sa->sa)) < 0 && !sockwouldblock(sockerrno)) { + if(sockmsgsize(sockerrno)) { + // Compensate for SPTPS overhead + len -= SPTPS_DATAGRAM_OVERHEAD; + if(relay->maxmtu >= len) + relay->maxmtu = len - 1; + if(relay->mtu >= len) + relay->mtu = len - 1; + } else { + logger(DEBUG_TRAFFIC, LOG_WARNING, "Error sending UDP SPTPS packet to %s (%s): %s", relay->name, relay->hostname, sockstrerror(sockerrno)); return false; } } @@ -805,7 +859,11 @@ bool send_sptps_data(void *handle, uint8_t type, const char *data, size_t len) { return true; } -bool receive_sptps_record(void *handle, uint8_t type, const char *data, uint16_t len) { +bool send_sptps_data(void *handle, uint8_t type, const void *data, size_t len) { + return send_sptps_data_priv(handle, myself, type, data, len); +} + +bool receive_sptps_record(void *handle, uint8_t type, const void *data, uint16_t len) { node_t *from = handle; if(type == SPTPS_HANDSHAKE) { @@ -823,10 +881,11 @@ bool receive_sptps_record(void *handle, uint8_t type, const char *data, uint16_t } vpn_packet_t inpkt; + inpkt.offset = DEFAULT_PACKET_OFFSET; if(type == PKT_PROBE) { inpkt.len = len; - memcpy(inpkt.data, data, len); + memcpy(DATA(&inpkt), data, len); mtu_probe_h(from, &inpkt, len); return true; } @@ -846,7 +905,7 @@ bool receive_sptps_record(void *handle, uint8_t type, const char *data, uint16_t int offset = (type & PKT_MAC) ? 0 : 14; if(type & PKT_COMPRESSED) { - length_t ulen = uncompress_packet(inpkt.data + offset, (const uint8_t *)data, len, from->incompression); + length_t ulen = uncompress_packet(DATA(&inpkt) + offset, (const uint8_t *)data, len, from->incompression); if(ulen < 0) { return false; } else { @@ -855,25 +914,25 @@ bool receive_sptps_record(void *handle, uint8_t type, const char *data, uint16_t if(inpkt.len > MAXSIZE) abort(); } else { - memcpy(inpkt.data + offset, data, len); + memcpy(DATA(&inpkt) + offset, data, len); inpkt.len = len + offset; } /* Generate the Ethernet packet type if necessary */ if(offset) { - switch(inpkt.data[14] >> 4) { + switch(DATA(&inpkt)[14] >> 4) { case 4: - inpkt.data[12] = 0x08; - inpkt.data[13] = 0x00; + DATA(&inpkt)[12] = 0x08; + DATA(&inpkt)[13] = 0x00; break; case 6: - inpkt.data[12] = 0x86; - inpkt.data[13] = 0xDD; + DATA(&inpkt)[12] = 0x86; + DATA(&inpkt)[13] = 0xDD; break; default: logger(DEBUG_TRAFFIC, LOG_ERR, "Unknown IP version %d while reading packet from %s (%s)", - inpkt.data[14] >> 4, from->name, from->hostname); + DATA(&inpkt)[14] >> 4, from->name, from->hostname); return false; } } @@ -890,7 +949,7 @@ void send_packet(node_t *n, vpn_packet_t *packet) { if(n == myself) { if(overwrite_mac) - memcpy(packet->data, mymac.x, ETH_ALEN); + memcpy(DATA(packet), mymac.x, ETH_ALEN); n->out_packets++; n->out_bytes += packet->len; devops.write(packet); @@ -948,7 +1007,7 @@ void broadcast_packet(const node_t *from, vpn_packet_t *packet) { // usually distributes the sending of broadcast packets over all nodes. case BMODE_MST: for list_each(connection_t, c, connection_list) - if(c->status.active && c->status.mst && c != from->nexthop->connection) + if(c->edge && c->status.mst && c != from->nexthop->connection) send_packet(c->node, packet); break; @@ -1002,12 +1061,14 @@ void handle_incoming_vpn_data(void *data, int flags) { listen_socket_t *ls = data; vpn_packet_t pkt; char *hostname; - sockaddr_t from = {{0}}; - socklen_t fromlen = sizeof from; - node_t *n; - int len; + node_id_t nullid = {}; + sockaddr_t addr = {}; + socklen_t addrlen = sizeof addr; + node_t *from, *to; + bool direct = false; - len = recvfrom(ls->udp.fd, (char *) &pkt.seqno, MAXSIZE, 0, &from.sa, &fromlen); + pkt.offset = 0; + int len = recvfrom(ls->udp.fd, DATA(&pkt), MAXSIZE, 0, &addr.sa, &addrlen); if(len <= 0 || len > MAXSIZE) { if(!sockwouldblock(sockerrno)) @@ -1017,32 +1078,76 @@ void handle_incoming_vpn_data(void *data, int flags) { pkt.len = len; - sockaddrunmap(&from); /* Some braindead IPv6 implementations do stupid things. */ + sockaddrunmap(&addr); /* Some braindead IPv6 implementations do stupid things. */ - n = lookup_node_udp(&from); + // Try to figure out who sent this packet. + + node_t *n = lookup_node_udp(&addr); if(!n) { - n = try_harder(&from, &pkt); - if(n) - update_node_udp(n, &from); - else if(debug_level >= DEBUG_PROTOCOL) { - hostname = sockaddr2hostname(&from); - logger(DEBUG_PROTOCOL, LOG_WARNING, "Received UDP packet from unknown source %s", hostname); - free(hostname); - return; + // It might be from a 1.1 node, which might have a source ID in the packet. + pkt.offset = 2 * sizeof(node_id_t); + from = lookup_node_id(SRCID(&pkt)); + if(from && !memcmp(DSTID(&pkt), &nullid, sizeof nullid) && from->status.sptps) { + if(sptps_verify_datagram(&from->sptps, DATA(&pkt), pkt.len - 2 * sizeof(node_id_t))) + n = from; + else + goto skip_harder; } - else - return; } - n->sock = ls - listen_socket; + if(!n) { + pkt.offset = 0; + n = try_harder(&addr, &pkt); + } - receive_udppacket(n, &pkt); +skip_harder: + if(!n) { + if(debug_level >= DEBUG_PROTOCOL) { + hostname = sockaddr2hostname(&addr); + logger(DEBUG_PROTOCOL, LOG_WARNING, "Received UDP packet from unknown source %s", hostname); + free(hostname); + } + return; + } + + if(n->status.sptps) { + pkt.offset = 2 * sizeof(node_id_t); + + if(!memcmp(DSTID(&pkt), &nullid, sizeof nullid)) { + direct = true; + from = n; + to = myself; + } else { + from = lookup_node_id(SRCID(&pkt)); + to = lookup_node_id(DSTID(&pkt)); + } + if(!from || !to) { + logger(DEBUG_PROTOCOL, LOG_WARNING, "Received UDP packet from %s (%s) with unknown source and/or destination ID", n->name, n->hostname); + return; + } + + if(to != myself) { + send_sptps_data_priv(to, n, 0, DATA(&pkt), pkt.len - 2 * sizeof(node_id_t)); + return; + } + } else { + direct = true; + from = n; + } + + pkt.offset = 0; + if(!receive_udppacket(from, &pkt)) + return; + + n->sock = ls - listen_socket; + if(direct && sockaddrcmp(&addr, &n->address)) + update_node_udp(n, &addr); } void handle_device_data(void *data, int flags) { vpn_packet_t packet; - + packet.offset = DEFAULT_PACKET_OFFSET; packet.priority = 0; if(devops.read(&packet)) { diff --git a/src/net_setup.c b/src/net_setup.c index b9c5df7..29f1212 100644 --- a/src/net_setup.c +++ b/src/net_setup.c @@ -1,7 +1,7 @@ /* net_setup.c -- Setup. Copyright (C) 1998-2005 Ivo Timmermans, - 2000-2013 Guus Sliepen + 2000-2014 Guus Sliepen 2006 Scott Lamb 2010 Brandon Black @@ -44,15 +44,17 @@ #include "xalloc.h" char *myport; +static char *myname; static io_t device_io; devops_t devops; +bool device_standby = false; char *proxyhost; char *proxyport; char *proxyuser; char *proxypass; proxytype_t proxytype; -int autoconnect; +bool autoconnect; bool disablebuggypeers; char *scriptinterpreter; @@ -71,25 +73,23 @@ bool node_read_ecdsa_public_key(node_t *n) { if(!read_host_config(config_tree, n->name)) goto exit; - /* First, check for simple ECDSAPublicKey statement */ + /* First, check for simple Ed25519PublicKey statement */ - if(get_config_string(lookup_config(config_tree, "ECDSAPublicKey"), &p)) { + if(get_config_string(lookup_config(config_tree, "Ed25519PublicKey"), &p)) { n->ecdsa = ecdsa_set_base64_public_key(p); free(p); goto exit; } - /* Else, check for ECDSAPublicKeyFile statement and read it */ + /* Else, check for Ed25519PublicKeyFile statement and read it */ - if(!get_config_string(lookup_config(config_tree, "ECDSAPublicKeyFile"), &pubname)) + if(!get_config_string(lookup_config(config_tree, "Ed25519PublicKeyFile"), &pubname)) xasprintf(&pubname, "%s" SLASH "hosts" SLASH "%s", confbase, n->name); fp = fopen(pubname, "r"); - if(!fp) { - logger(DEBUG_ALWAYS, LOG_ERR, "Error reading ECDSA public key file `%s': %s", pubname, strerror(errno)); + if(!fp) goto exit; - } n->ecdsa = ecdsa_read_pem_public_key(fp); fclose(fp); @@ -114,23 +114,23 @@ bool read_ecdsa_public_key(connection_t *c) { return false; } - /* First, check for simple ECDSAPublicKey statement */ + /* First, check for simple Ed25519PublicKey statement */ - if(get_config_string(lookup_config(c->config_tree, "ECDSAPublicKey"), &p)) { + if(get_config_string(lookup_config(c->config_tree, "Ed25519PublicKey"), &p)) { c->ecdsa = ecdsa_set_base64_public_key(p); free(p); return c->ecdsa; } - /* Else, check for ECDSAPublicKeyFile statement and read it */ + /* Else, check for Ed25519PublicKeyFile statement and read it */ - if(!get_config_string(lookup_config(c->config_tree, "ECDSAPublicKeyFile"), &fname)) + if(!get_config_string(lookup_config(c->config_tree, "Ed25519PublicKeyFile"), &fname)) xasprintf(&fname, "%s" SLASH "hosts" SLASH "%s", confbase, c->name); fp = fopen(fname, "r"); if(!fp) { - logger(DEBUG_ALWAYS, LOG_ERR, "Error reading ECDSA public key file `%s': %s", + logger(DEBUG_ALWAYS, LOG_ERR, "Error reading Ed25519 public key file `%s': %s", fname, strerror(errno)); free(fname); return false; @@ -140,7 +140,7 @@ bool read_ecdsa_public_key(connection_t *c) { fclose(fp); if(!c->ecdsa) - logger(DEBUG_ALWAYS, LOG_ERR, "Parsing ECDSA public key file `%s' failed.", fname); + logger(DEBUG_ALWAYS, LOG_ERR, "Parsing Ed25519 public key file `%s' failed.", fname); free(fname); return c->ecdsa; } @@ -189,15 +189,15 @@ static bool read_ecdsa_private_key(void) { /* Check for PrivateKeyFile statement and read it */ - if(!get_config_string(lookup_config(config_tree, "ECDSAPrivateKeyFile"), &fname)) - xasprintf(&fname, "%s" SLASH "ecdsa_key.priv", confbase); + if(!get_config_string(lookup_config(config_tree, "Ed25519PrivateKeyFile"), &fname)) + xasprintf(&fname, "%s" SLASH "ed25519_key.priv", confbase); fp = fopen(fname, "r"); if(!fp) { - logger(DEBUG_ALWAYS, LOG_ERR, "Error reading ECDSA private key file `%s': %s", fname, strerror(errno)); + logger(DEBUG_ALWAYS, LOG_ERR, "Error reading Ed25519 private key file `%s': %s", fname, strerror(errno)); if(errno == ENOENT) - logger(DEBUG_ALWAYS, LOG_INFO, "Create an ECDSA keypair with `tinc -n %s generate-ecdsa-keys'.", netname ?: "."); + logger(DEBUG_ALWAYS, LOG_INFO, "Create an Ed25519 keypair with `tinc -n %s generate-ed25519-keys'.", netname ?: "."); free(fname); return false; } @@ -206,20 +206,20 @@ static bool read_ecdsa_private_key(void) { struct stat s; if(fstat(fileno(fp), &s)) { - logger(DEBUG_ALWAYS, LOG_ERR, "Could not stat ECDSA private key file `%s': %s'", fname, strerror(errno)); + logger(DEBUG_ALWAYS, LOG_ERR, "Could not stat Ed25519 private key file `%s': %s'", fname, strerror(errno)); free(fname); return false; } if(s.st_mode & ~0100700) - logger(DEBUG_ALWAYS, LOG_WARNING, "Warning: insecure file permissions for ECDSA private key file `%s'!", fname); + logger(DEBUG_ALWAYS, LOG_WARNING, "Warning: insecure file permissions for Ed25519 private key file `%s'!", fname); #endif myself->connection->ecdsa = ecdsa_read_pem_private_key(fp); fclose(fp); if(!myself->connection->ecdsa) - logger(DEBUG_ALWAYS, LOG_ERR, "Reading ECDSA private key file `%s' failed: %s", fname, strerror(errno)); + logger(DEBUG_ALWAYS, LOG_ERR, "Reading Ed25519 private key file `%s' failed", fname); free(fname); return myself->connection->ecdsa; } @@ -233,7 +233,7 @@ static bool read_invitation_key(void) { invitation_key = NULL; } - xasprintf(&fname, "%s" SLASH "invitations" SLASH "ecdsa_key.priv", confbase); + xasprintf(&fname, "%s" SLASH "invitations" SLASH "ed25519_key.priv", confbase); fp = fopen(fname, "r"); @@ -241,7 +241,7 @@ static bool read_invitation_key(void) { invitation_key = ecdsa_read_pem_private_key(fp); fclose(fp); if(!invitation_key) - logger(DEBUG_ALWAYS, LOG_ERR, "Reading ECDSA private key file `%s' failed: %s", fname, strerror(errno)); + logger(DEBUG_ALWAYS, LOG_ERR, "Reading Ed25519 private key file `%s' failed", fname); } free(fname); @@ -277,6 +277,8 @@ static bool read_rsa_private_key(void) { if(!fp) { logger(DEBUG_ALWAYS, LOG_ERR, "Error reading RSA private key file `%s': %s", fname, strerror(errno)); + if(errno == ENOENT) + logger(DEBUG_ALWAYS, LOG_INFO, "Create an RSA keypair with `tinc -n %s generate-rsa-keys'.", netname ?: "."); free(fname); return false; } @@ -403,40 +405,16 @@ void load_all_nodes(void) { char *get_name(void) { char *name = NULL; + char *returned_name; get_config_string(lookup_config(config_tree, "Name"), &name); if(!name) return NULL; - if(*name == '$') { - char *envname = getenv(name + 1); - if(!envname) { - if(strcmp(name + 1, "HOST")) { - logger(DEBUG_ALWAYS, LOG_ERR, "Invalid Name: environment variable %s does not exist\n", name + 1); - return false; - } - char envname[32]; - if(gethostname(envname, 32)) { - logger(DEBUG_ALWAYS, LOG_ERR, "Could not get hostname: %s\n", strerror(errno)); - return false; - } - envname[31] = 0; - } - free(name); - name = xstrdup(envname); - for(char *c = name; *c; c++) - if(!isalnum(*c)) - *c = '_'; - } - - if(!check_id(name)) { - logger(DEBUG_ALWAYS, LOG_ERR, "Invalid name for myself!"); - free(name); - return false; - } - - return name; + returned_name = replace_name(name); + free(name); + return returned_name; } bool setup_myself_reloadable(void) { @@ -445,7 +423,6 @@ bool setup_myself_reloadable(void) { char *fmode = NULL; char *bmode = NULL; char *afname = NULL; - char *address = NULL; char *space; bool choice; @@ -532,16 +509,6 @@ bool setup_myself_reloadable(void) { get_config_bool(lookup_config(config_tree, "DirectOnly"), &directonly); get_config_bool(lookup_config(config_tree, "LocalDiscovery"), &localdiscovery); - memset(&localdiscovery_address, 0, sizeof localdiscovery_address); - if(get_config_string(lookup_config(config_tree, "LocalDiscoveryAddress"), &address)) { - struct addrinfo *ai = str2addrinfo(address, myport, SOCK_DGRAM); - free(address); - if(!ai) - return false; - memcpy(&localdiscovery_address, ai->ai_addr, ai->ai_addrlen); - } - - if(get_config_string(lookup_config(config_tree, "Mode"), &rmode)) { if(!strcasecmp(rmode, "router")) routing_mode = RMODE_ROUTER; @@ -596,6 +563,20 @@ bool setup_myself_reloadable(void) { free(bmode); } + const char* const DEFAULT_BROADCAST_SUBNETS[] = { "ff:ff:ff:ff:ff:ff", "255.255.255.255", "224.0.0.0/4", "ff00::/8" }; + for (size_t i = 0; i < sizeof(DEFAULT_BROADCAST_SUBNETS) / sizeof(*DEFAULT_BROADCAST_SUBNETS); i++) { + subnet_t *s = new_subnet(); + if (!str2net(s, DEFAULT_BROADCAST_SUBNETS[i])) + abort(); + subnet_add(NULL, s); + } + for (config_t* cfg = lookup_config(config_tree, "BroadcastSubnet"); cfg; cfg = lookup_config_next(config_tree, cfg)) { + subnet_t *s; + if (!get_config_subnet(cfg, &s)) + continue; + subnet_add(NULL, s); + } + #if !defined(SOL_IP) || !defined(IP_TOS) if(priorityinheritance) logger(DEBUG_ALWAYS, LOG_WARNING, "%s not supported on this platform", "PriorityInheritance"); @@ -631,7 +612,15 @@ bool setup_myself_reloadable(void) { if(!get_config_int(lookup_config(config_tree, "KeyExpire"), &keylifetime)) keylifetime = 3600; - get_config_int(lookup_config(config_tree, "AutoConnect"), &autoconnect); + config_t *cfg = lookup_config(config_tree, "AutoConnect"); + if(cfg) { + if(!get_config_bool(cfg, &autoconnect)) { + // Some backwards compatibility with when this option was an int + int val = 0; + get_config_int(cfg, &val); + autoconnect = val; + } + } get_config_bool(lookup_config(config_tree, "DisableBuggyPeers"), &disablebuggypeers); @@ -640,18 +629,133 @@ bool setup_myself_reloadable(void) { return true; } +/* + Add listening sockets. +*/ +static bool add_listen_address(char *address, bool bindto) { + char *port = myport; + + if(address) { + char *space = strchr(address, ' '); + if(space) { + *space++ = 0; + port = space; + } + + if(!strcmp(address, "*")) + *address = 0; + } + + struct addrinfo *ai, hint = {0}; + hint.ai_family = addressfamily; + hint.ai_socktype = SOCK_STREAM; + hint.ai_protocol = IPPROTO_TCP; + hint.ai_flags = AI_PASSIVE; + + int err = getaddrinfo(address && *address ? address : NULL, port, &hint, &ai); + free(address); + + if(err || !ai) { + logger(DEBUG_ALWAYS, LOG_ERR, "System call `%s' failed: %s", "getaddrinfo", err == EAI_SYSTEM ? strerror(err) : gai_strerror(err)); + return false; + } + + for(struct addrinfo *aip = ai; aip; aip = aip->ai_next) { + // Ignore duplicate addresses + bool found = false; + + for(int i = 0; i < listen_sockets; i++) + if(!memcmp(&listen_socket[i].sa, aip->ai_addr, aip->ai_addrlen)) { + found = true; + break; + } + + if(found) + continue; + + if(listen_sockets >= MAXSOCKETS) { + logger(DEBUG_ALWAYS, LOG_ERR, "Too many listening sockets"); + return false; + } + + int tcp_fd = setup_listen_socket((sockaddr_t *) aip->ai_addr); + + if(tcp_fd < 0) + continue; + + int udp_fd = setup_vpn_in_socket((sockaddr_t *) aip->ai_addr); + + if(tcp_fd < 0) { + close(tcp_fd); + continue; + } + + io_add(&listen_socket[listen_sockets].tcp, handle_new_meta_connection, &listen_socket[listen_sockets], tcp_fd, IO_READ); + io_add(&listen_socket[listen_sockets].udp, handle_incoming_vpn_data, &listen_socket[listen_sockets], udp_fd, IO_READ); + + if(debug_level >= DEBUG_CONNECTIONS) { + char *hostname = sockaddr2hostname((sockaddr_t *) aip->ai_addr); + logger(DEBUG_CONNECTIONS, LOG_NOTICE, "Listening on %s", hostname); + free(hostname); + } + + listen_socket[listen_sockets].bindto = bindto; + memcpy(&listen_socket[listen_sockets].sa, aip->ai_addr, aip->ai_addrlen); + listen_sockets++; + } + + freeaddrinfo(ai); + return true; +} + +void device_enable(void) { + if (devops.enable) + devops.enable(); + + /* Run tinc-up script to further initialize the tap interface */ + + char *envp[5] = {NULL}; + xasprintf(&envp[0], "NETNAME=%s", netname ? : ""); + xasprintf(&envp[1], "DEVICE=%s", device ? : ""); + xasprintf(&envp[2], "INTERFACE=%s", iface ? : ""); + xasprintf(&envp[3], "NAME=%s", myname); + + execute_script("tinc-up", envp); + + for(int i = 0; i < 4; i++) + free(envp[i]); +} + +void device_disable(void) { + char *envp[5] = {NULL}; + xasprintf(&envp[0], "NETNAME=%s", netname ? : ""); + xasprintf(&envp[1], "DEVICE=%s", device ? : ""); + xasprintf(&envp[2], "INTERFACE=%s", iface ? : ""); + xasprintf(&envp[3], "NAME=%s", myname); + + execute_script("tinc-down", envp); + + for(int i = 0; i < 4; i++) + free(envp[i]); + + if (devops.disable) + devops.disable(); +} + /* Configure node_t myself and set up the local sockets (listen only) */ static bool setup_myself(void) { char *name, *hostname, *cipher, *digest, *type; char *address = NULL; + bool port_specified = false; if(!(name = get_name())) { logger(DEBUG_ALWAYS, LOG_ERR, "Name for tinc daemon required!"); return false; } + myname = xstrdup(name); myself = new_node(); myself->connection = new_connection(); myself->name = name; @@ -660,9 +764,8 @@ static bool setup_myself(void) { if(!get_config_string(lookup_config(config_tree, "Port"), &myport)) myport = xstrdup("655"); - - xasprintf(&myself->hostname, "MYSELF port %s", myport); - myself->connection->hostname = xstrdup(myself->hostname); + else + port_specified = true; myself->connection->options = 0; myself->connection->protocol_major = PROT_MAJOR; @@ -670,13 +773,25 @@ static bool setup_myself(void) { myself->options |= PROT_MINOR << 24; - get_config_bool(lookup_config(config_tree, "ExperimentalProtocol"), &experimental); + if(!get_config_bool(lookup_config(config_tree, "ExperimentalProtocol"), &experimental)) { + experimental = read_ecdsa_private_key(); + if(!experimental) + logger(DEBUG_ALWAYS, LOG_WARNING, "Support for SPTPS disabled."); + } else { + if(experimental && !read_ecdsa_private_key()) + return false; + } - if(experimental && !read_ecdsa_private_key()) - return false; + if(!read_rsa_private_key()) { + if(experimental) { + logger(DEBUG_ALWAYS, LOG_WARNING, "Support for legacy protocol disabled."); + } else { + logger(DEBUG_ALWAYS, LOG_ERR, "No private keys available, cannot start tinc!"); + return false; + } + } - if(!read_rsa_private_key()) - return false; + /* Ensure myport is numeric */ if(!atoi(myport)) { struct addrinfo *ai = str2addrinfo("localhost", myport, SOCK_DGRAM); @@ -744,7 +859,9 @@ static bool setup_myself(void) { if(!get_config_string(lookup_config(config_tree, "Cipher"), &cipher)) cipher = xstrdup("blowfish"); - if(!(myself->incipher = cipher_open_by_name(cipher))) { + if(!strcasecmp(cipher, "none")) { + myself->incipher = NULL; + } else if(!(myself->incipher = cipher_open_by_name(cipher))) { logger(DEBUG_ALWAYS, LOG_ERR, "Unrecognized cipher type!"); return false; } @@ -766,7 +883,9 @@ static bool setup_myself(void) { if(!get_config_string(lookup_config(config_tree, "Digest"), &digest)) digest = xstrdup("sha1"); - if(!(myself->indigest = digest_open_by_name(digest, maclength))) { + if(!strcasecmp(digest, "none")) { + myself->indigest = NULL; + } else if(!(myself->indigest = digest_open_by_name(digest, maclength))) { logger(DEBUG_ALWAYS, LOG_ERR, "Unrecognized digest type!"); return false; } @@ -822,6 +941,8 @@ static bool setup_myself(void) { #endif } + get_config_bool(lookup_config(config_tree, "DeviceStandby"), &device_standby); + if(!devops.setup()) return false; @@ -847,7 +968,7 @@ static bool setup_myself(void) { for(int i = 0; i < listen_sockets; i++) { salen = sizeof sa; if(getsockname(i + 3, &sa.sa, &salen) < 0) { - logger(DEBUG_ALWAYS, LOG_ERR, "Could not get address of listen fd %d: %s", i + 3, sockstrerror(errno)); + logger(DEBUG_ALWAYS, LOG_ERR, "Could not get address of listen fd %d: %s", i + 3, sockstrerror(sockerrno)); return false; } @@ -872,73 +993,25 @@ static bool setup_myself(void) { } } else { listen_sockets = 0; - config_t *cfg = lookup_config(config_tree, "BindToAddress"); + int cfgs = 0; - do { + for(config_t *cfg = lookup_config(config_tree, "BindToAddress"); cfg; cfg = lookup_config_next(config_tree, cfg)) { + cfgs++; get_config_string(cfg, &address); - if(cfg) - cfg = lookup_config_next(config_tree, cfg); - - char *port = myport; - - if(address) { - char *space = strchr(address, ' '); - if(space) { - *space++ = 0; - port = space; - } - - if(!strcmp(address, "*")) - *address = 0; - } - - struct addrinfo *ai, hint = {0}; - hint.ai_family = addressfamily; - hint.ai_socktype = SOCK_STREAM; - hint.ai_protocol = IPPROTO_TCP; - hint.ai_flags = AI_PASSIVE; - - int err = getaddrinfo(address && *address ? address : NULL, port, &hint, &ai); - free(address); - - if(err || !ai) { - logger(DEBUG_ALWAYS, LOG_ERR, "System call `%s' failed: %s", "getaddrinfo", err == EAI_SYSTEM ? strerror(err) : gai_strerror(err)); + if(!add_listen_address(address, true)) return false; - } + } - for(struct addrinfo *aip = ai; aip; aip = aip->ai_next) { - if(listen_sockets >= MAXSOCKETS) { - logger(DEBUG_ALWAYS, LOG_ERR, "Too many listening sockets"); - return false; - } + for(config_t *cfg = lookup_config(config_tree, "ListenAddress"); cfg; cfg = lookup_config_next(config_tree, cfg)) { + cfgs++; + get_config_string(cfg, &address); + if(!add_listen_address(address, false)) + return false; + } - int tcp_fd = setup_listen_socket((sockaddr_t *) aip->ai_addr); - - if(tcp_fd < 0) - continue; - - int udp_fd = setup_vpn_in_socket((sockaddr_t *) aip->ai_addr); - - if(tcp_fd < 0) { - close(tcp_fd); - continue; - } - - io_add(&listen_socket[listen_sockets].tcp, handle_new_meta_connection, &listen_socket[listen_sockets], tcp_fd, IO_READ); - io_add(&listen_socket[listen_sockets].udp, handle_incoming_vpn_data, &listen_socket[listen_sockets], udp_fd, IO_READ); - - if(debug_level >= DEBUG_CONNECTIONS) { - hostname = sockaddr2hostname((sockaddr_t *) aip->ai_addr); - logger(DEBUG_CONNECTIONS, LOG_NOTICE, "Listening on %s", hostname); - free(hostname); - } - - memcpy(&listen_socket[listen_sockets].sa, aip->ai_addr, aip->ai_addrlen); - listen_sockets++; - } - - freeaddrinfo(ai); - } while(cfg); + if(!cfgs) + if(!add_listen_address(address, NULL)) + return false; } if(!listen_sockets) { @@ -946,6 +1019,24 @@ static bool setup_myself(void) { return false; } + /* If no Port option was specified, set myport to the port used by the first listening socket. */ + + if(!port_specified || atoi(myport) == 0) { + sockaddr_t sa; + socklen_t salen = sizeof sa; + if(!getsockname(listen_socket[0].udp.fd, &sa.sa, &salen)) { + free(myport); + sockaddr2str(&sa, NULL, &myport); + if(!myport) + myport = xstrdup("655"); + } + } + + xasprintf(&myself->hostname, "MYSELF port %s", myport); + myself->connection->hostname = xstrdup(myself->hostname); + + /* Done. */ + last_config_check = now.tv_sec; return true; @@ -982,18 +1073,8 @@ bool setup_network(void) { if(!init_control()) return false; - /* Run tinc-up script to further initialize the tap interface */ - - char *envp[5] = {NULL}; - xasprintf(&envp[0], "NETNAME=%s", netname ? : ""); - xasprintf(&envp[1], "DEVICE=%s", device ? : ""); - xasprintf(&envp[2], "INTERFACE=%s", iface ? : ""); - xasprintf(&envp[3], "NAME=%s", myself->name); - - execute_script("tinc-up", envp); - - for(int i = 0; i < 4; i++) - free(envp[i]); + if (!device_standby) + device_enable(); /* Run subnet-up scripts for our own subnets */ @@ -1016,7 +1097,8 @@ void close_network_connections(void) { terminate_connection(c, false); } - list_delete_list(outgoing_list); + if(outgoing_list) + list_delete_list(outgoing_list); if(myself && myself->connection) { subnet_update(myself, NULL, false); @@ -1031,28 +1113,27 @@ void close_network_connections(void) { close(listen_socket[i].udp.fd); } - char *envp[5] = {NULL}; - xasprintf(&envp[0], "NETNAME=%s", netname ? : ""); - xasprintf(&envp[1], "DEVICE=%s", device ? : ""); - xasprintf(&envp[2], "INTERFACE=%s", iface ? : ""); - xasprintf(&envp[3], "NAME=%s", myself->name); - exit_requests(); exit_edges(); exit_subnets(); exit_nodes(); exit_connections(); - execute_script("tinc-down", envp); + if (!device_standby) + device_disable(); - if(myport) free(myport); + free(myport); - for(int i = 0; i < 4; i++) - free(envp[i]); - - devops.close(); + if (device_fd >= 0) + io_del(&device_io); + if (devops.close) + devops.close(); exit_control(); + free(myname); + free(scriptextension); + free(scriptinterpreter); + return; } diff --git a/src/net_socket.c b/src/net_socket.c index ab3c17e..1bf9d16 100644 --- a/src/net_socket.c +++ b/src/net_socket.c @@ -1,7 +1,7 @@ /* net_socket.c -- Handle various kinds of sockets. Copyright (C) 1998-2005 Ivo Timmermans, - 2000-2013 Guus Sliepen + 2000-2014 Guus Sliepen 2006 Scott Lamb 2009 Florian Forster @@ -103,7 +103,7 @@ static bool bind_to_interface(int sd) { status = setsockopt(sd, SOL_SOCKET, SO_BINDTODEVICE, (void *)&ifr, sizeof(ifr)); if(status) { logger(DEBUG_ALWAYS, LOG_ERR, "Can't bind to interface %s: %s", iface, - strerror(errno)); + sockstrerror(sockerrno)); return false; } #else /* if !defined(SOL_SOCKET) || !defined(SO_BINDTODEVICE) */ @@ -116,7 +116,7 @@ static bool bind_to_interface(int sd) { static bool bind_to_address(connection_t *c) { int s = -1; - for(int i = 0; i < listen_sockets; i++) { + for(int i = 0; i < listen_sockets && listen_socket[i].bindto; i++) { if(listen_socket[i].sa.sa.sa_family != c->address.sa.sa_family) continue; if(s >= 0) @@ -134,7 +134,7 @@ static bool bind_to_address(connection_t *c) { sa.in6.sin6_port = 0; if(bind(c->socket, &sa.sa, SALEN(sa.sa))) { - logger(DEBUG_CONNECTIONS, LOG_WARNING, "Can't bind outgoing socket: %s", strerror(errno)); + logger(DEBUG_CONNECTIONS, LOG_WARNING, "Can't bind outgoing socket: %s", sockstrerror(sockerrno)); return false; } @@ -179,7 +179,7 @@ int setup_listen_socket(const sockaddr_t *sa) { if(setsockopt(nfd, SOL_SOCKET, SO_BINDTODEVICE, (void *)&ifr, sizeof ifr)) { closesocket(nfd); logger(DEBUG_ALWAYS, LOG_ERR, "Can't bind to interface %s: %s", iface, - strerror(sockerrno)); + sockstrerror(sockerrno)); return -1; } #else @@ -247,10 +247,10 @@ int setup_vpn_in_socket(const sockaddr_t *sa) { setsockopt(nfd, SOL_SOCKET, SO_BROADCAST, (void *)&option, sizeof option); if(udp_rcvbuf && setsockopt(nfd, SOL_SOCKET, SO_RCVBUF, (void *)&udp_rcvbuf, sizeof(udp_rcvbuf))) - logger(DEBUG_ALWAYS, LOG_WARNING, "Can't set UDP SO_RCVBUF to %i: %s", udp_rcvbuf, strerror(errno)); + logger(DEBUG_ALWAYS, LOG_WARNING, "Can't set UDP SO_RCVBUF to %i: %s", udp_rcvbuf, sockstrerror(sockerrno)); if(udp_sndbuf && setsockopt(nfd, SOL_SOCKET, SO_SNDBUF, (void *)&udp_sndbuf, sizeof(udp_sndbuf))) - logger(DEBUG_ALWAYS, LOG_WARNING, "Can't set UDP SO_SNDBUF to %i: %s", udp_sndbuf, strerror(errno)); + logger(DEBUG_ALWAYS, LOG_WARNING, "Can't set UDP SO_SNDBUF to %i: %s", udp_sndbuf, sockstrerror(sockerrno)); #if defined(IPPROTO_IPV6) && defined(IPV6_V6ONLY) if(sa->sa.sa_family == AF_INET6) @@ -271,8 +271,6 @@ int setup_vpn_in_socket(const sockaddr_t *sa) { option = 1; setsockopt(nfd, IPPROTO_IP, IP_DONTFRAGMENT, (void *)&option, sizeof(option)); } -#else -#warning No way to disable IPv4 fragmentation #endif #if defined(SOL_IPV6) && defined(IPV6_MTU_DISCOVER) && defined(IPV6_PMTUDISC_DO) @@ -285,8 +283,6 @@ int setup_vpn_in_socket(const sockaddr_t *sa) { option = 1; setsockopt(nfd, IPPROTO_IPV6, IPV6_DONTFRAG, (void *)&option, sizeof(option)); } -#else -#warning No way to disable IPv6 fragmentation #endif if (!bind_to_interface(nfd)) { @@ -334,7 +330,7 @@ static void do_outgoing_pipe(connection_t *c, char *command) { int fd[2]; if(socketpair(AF_UNIX, SOCK_STREAM, 0, fd)) { - logger(DEBUG_ALWAYS, LOG_ERR, "Could not create socketpair: %s", strerror(errno)); + logger(DEBUG_ALWAYS, LOG_ERR, "Could not create socketpair: %s", sockstrerror(sockerrno)); return; } @@ -383,16 +379,16 @@ static void handle_meta_write(connection_t *c) { ssize_t outlen = send(c->socket, c->outbuf.data + c->outbuf.offset, c->outbuf.len - c->outbuf.offset, 0); if(outlen <= 0) { - if(!errno || errno == EPIPE) { + if(!sockerrno || sockerrno == EPIPE) { logger(DEBUG_CONNECTIONS, LOG_NOTICE, "Connection closed by %s (%s)", c->name, c->hostname); } else if(sockwouldblock(sockerrno)) { logger(DEBUG_CONNECTIONS, LOG_DEBUG, "Sending %d bytes to %s (%s) would block", c->outbuf.len - c->outbuf.offset, c->name, c->hostname); return; } else { - logger(DEBUG_CONNECTIONS, LOG_ERR, "Could not send %d bytes of data to %s (%s): %s", c->outbuf.len - c->outbuf.offset, c->name, c->hostname, strerror(errno)); + logger(DEBUG_CONNECTIONS, LOG_ERR, "Could not send %d bytes of data to %s (%s): %s", c->outbuf.len - c->outbuf.offset, c->name, c->hostname, sockstrerror(sockerrno)); } - terminate_connection(c, c->status.active); + terminate_connection(c, c->edge); return; } @@ -405,19 +401,38 @@ static void handle_meta_io(void *data, int flags) { connection_t *c = data; if(c->status.connecting) { - c->status.connecting = false; + /* + The event loop does not protect against spurious events. Verify that we are actually connected + by issuing an empty send() call. - int result; - socklen_t len = sizeof result; - getsockopt(c->socket, SOL_SOCKET, SO_ERROR, (void *)&result, &len); - - if(!result) - finish_connecting(c); - else { - logger(DEBUG_CONNECTIONS, LOG_DEBUG, "Error while connecting to %s (%s): %s", c->name, c->hostname, sockstrerror(result)); - terminate_connection(c, false); + Note that the behavior of send() on potentially unconnected sockets differ between platforms: + +------------+-----------+-------------+-----------+ + | Event | POSIX | Linux | Windows | + +------------+-----------+-------------+-----------+ + | Spurious | ENOTCONN | EWOULDBLOCK | ENOTCONN | + | Failed | ENOTCONN | (cause) | ENOTCONN | + | Successful | (success) | (success) | (success) | + +------------+-----------+-------------+-----------+ + */ + if (send(c->socket, NULL, 0, 0) != 0) { + if (sockwouldblock(sockerrno)) + return; + int socket_error; + if (!socknotconn(sockerrno)) + socket_error = sockerrno; + else { + socklen_t len = sizeof socket_error; + getsockopt(c->socket, SOL_SOCKET, SO_ERROR, (void *)&socket_error, &len); + } + if (socket_error) { + logger(DEBUG_CONNECTIONS, LOG_DEBUG, "Error while connecting to %s (%s): %s", c->name, c->hostname, sockstrerror(socket_error)); + terminate_connection(c, false); + } return; } + + c->status.connecting = false; + finish_connecting(c); } if(flags & IO_WRITE) @@ -547,6 +562,39 @@ begin: return true; } +// Find edges pointing to this node, and use them to build a list of unique, known addresses. +static struct addrinfo *get_known_addresses(node_t *n) { + struct addrinfo *ai = NULL; + + for splay_each(edge_t, e, n->edge_tree) { + if(!e->reverse) + continue; + + bool found = false; + for(struct addrinfo *aip = ai; aip; aip = aip->ai_next) { + if(!sockaddrcmp(&e->reverse->address, (sockaddr_t *)aip->ai_addr)) { + found = true; + break; + } + } + if(found) + continue; + + struct addrinfo *nai = xzalloc(sizeof *nai); + if(ai) + ai->ai_next = nai; + ai = nai; + ai->ai_family = e->reverse->address.sa.sa_family; + ai->ai_socktype = SOCK_STREAM; + ai->ai_protocol = IPPROTO_TCP; + ai->ai_addrlen = SALEN(e->reverse->address.sa); + ai->ai_addr = xmalloc(ai->ai_addrlen); + memcpy(ai->ai_addr, &e->reverse->address, ai->ai_addrlen); + } + + return ai; +} + void setup_outgoing_connection(outgoing_t *outgoing) { timeout_del(&outgoing->ev); @@ -564,8 +612,12 @@ void setup_outgoing_connection(outgoing_t *outgoing) { outgoing->cfg = lookup_config(outgoing->config_tree, "Address"); if(!outgoing->cfg) { - logger(DEBUG_ALWAYS, LOG_ERR, "No address specified for %s", outgoing->name); - return; + if(n) + outgoing->aip = outgoing->ai = get_known_addresses(n); + if(!outgoing->ai) { + logger(DEBUG_ALWAYS, LOG_ERR, "No address known for %s", outgoing->name); + return; + } } do_outgoing_connection(outgoing); @@ -594,7 +646,6 @@ void handle_new_meta_connection(void *data, int flags) { // Check if we get many connections from the same host static sockaddr_t prev_sa; - static time_t prev_time; static int tarpit = -1; if(tarpit >= 0) { @@ -621,7 +672,6 @@ void handle_new_meta_connection(void *data, int flags) { } memcpy(&prev_sa, &sa, sizeof sa); - prev_time = now.tv_sec; // Check if we get many connections from different hosts @@ -770,7 +820,7 @@ void try_outgoing_connections(void) { if(c->outgoing && c->outgoing->timeout == -1) { c->outgoing = NULL; logger(DEBUG_CONNECTIONS, LOG_INFO, "No more outgoing connection to %s", c->name); - terminate_connection(c, c->status.active); + terminate_connection(c, c->edge); } } diff --git a/src/node.c b/src/node.c index aab83ca..e97bfaf 100644 --- a/src/node.c +++ b/src/node.c @@ -30,8 +30,12 @@ #include "utils.h" #include "xalloc.h" +static digest_t *sha256; + splay_tree_t *node_tree; +static splay_tree_t *node_id_tree; static hash_t *node_udp_cache; +static hash_t *node_id_cache; node_t *myself; @@ -39,14 +43,26 @@ static int node_compare(const node_t *a, const node_t *b) { return strcmp(a->name, b->name); } +static int node_id_compare(const node_t *a, const node_t *b) { + return memcmp(&a->id, &b->id, sizeof(node_id_t)); +} + void init_nodes(void) { + sha256 = digest_open_by_name("sha256", sizeof(node_id_t)); + node_tree = splay_alloc_tree((splay_compare_t) node_compare, (splay_action_t) free_node); + node_id_tree = splay_alloc_tree((splay_compare_t) node_id_compare, NULL); node_udp_cache = hash_alloc(0x100, sizeof(sockaddr_t)); + node_id_cache = hash_alloc(0x100, sizeof(node_id_t)); } void exit_nodes(void) { + hash_free(node_id_cache); hash_free(node_udp_cache); + splay_delete_tree(node_id_tree); splay_delete_tree(node_tree); + + digest_close(sha256); } node_t *new_node(void) { @@ -93,16 +109,23 @@ void free_node(node_t *n) { } void node_add(node_t *n) { + digest_create(sha256, n->name, strlen(n->name), &n->id); + splay_insert(node_tree, n); + splay_insert(node_id_tree, n); } void node_del(node_t *n) { + hash_delete(node_udp_cache, &n->address); + hash_delete(node_id_cache, &n->id); + for splay_each(subnet_t, s, n->subnet_tree) subnet_del(n, s); for splay_each(edge_t, e, n->edge_tree) edge_del(e); + splay_delete(node_id_tree, n); splay_delete(node_tree, n); } @@ -114,6 +137,18 @@ node_t *lookup_node(char *name) { return splay_search(node_tree, &n); } +node_t *lookup_node_id(const node_id_t *id) { + node_t *n = hash_search(node_id_cache, id); + if(!n) { + node_t tmp = {.id = *id}; + n = splay_search(node_id_tree, &tmp); + if(n) + hash_insert(node_id_cache, id, n); + } + + return n; +} + node_t *lookup_node_udp(const sockaddr_t *sa) { return hash_search(node_udp_cache, sa); } @@ -124,7 +159,7 @@ void update_node_udp(node_t *n, const sockaddr_t *sa) { return; } - hash_insert(node_udp_cache, &n->address, NULL); + hash_delete(node_udp_cache, &n->address); if(sa) { n->address = *sa; @@ -140,15 +175,27 @@ void update_node_udp(node_t *n, const sockaddr_t *sa) { n->hostname = sockaddr2hostname(&n->address); logger(DEBUG_PROTOCOL, LOG_DEBUG, "UDP address of %s set to %s", n->name, n->hostname); } + + /* invalidate UDP information - note that this is a security feature as well to make sure + we can't be tricked into flooding any random address with UDP packets */ + n->status.udp_confirmed = false; + n->mtuprobes = 0; + n->minmtu = 0; + n->maxmtu = MTU; } bool dump_nodes(connection_t *c) { - for splay_each(node_t, n, node_tree) - send_request(c, "%d %d %s %s %d %d %d %d %x %x %s %s %d %hd %hd %hd %ld", CONTROL, REQ_DUMP_NODES, - n->name, n->hostname ?: "unknown port unknown", cipher_get_nid(n->outcipher), + for splay_each(node_t, n, node_tree) { + char id[2 * sizeof n->id + 1]; + for (size_t c = 0; c < sizeof n->id; ++c) + sprintf(id + 2 * c, "%02hhx", n->id.x[c]); + id[sizeof id - 1] = 0; + send_request(c, "%d %d %s %s %s %d %d %d %d %x %x %s %s %d %hd %hd %hd %ld", CONTROL, REQ_DUMP_NODES, + n->name, id, n->hostname ?: "unknown port unknown", cipher_get_nid(n->outcipher), digest_get_nid(n->outdigest), (int)digest_length(n->outdigest), n->outcompression, n->options, bitfield_to_int(&n->status, sizeof n->status), n->nexthop ? n->nexthop->name : "-", n->via ? n->via->name ?: "-" : "-", n->distance, n->mtu, n->minmtu, n->maxmtu, (long)n->last_state_change); + } return send_request(c, "%d %d", CONTROL, REQ_DUMP_NODES); } diff --git a/src/node.h b/src/node.h index e704ba8..b6db18b 100644 --- a/src/node.h +++ b/src/node.h @@ -37,11 +37,13 @@ typedef struct node_status_t { unsigned int indirect:1; /* 1 if this node is not directly reachable by us */ unsigned int sptps:1; /* 1 if this node supports SPTPS */ unsigned int udp_confirmed:1; /* 1 if the address is one that we received UDP traffic on */ - unsigned int unused:24; + unsigned int send_locally:1; /* 1 if the next UDP packet should be sent on the local network */ + unsigned int unused:23; } node_status_t; typedef struct node_t { char *name; /* name of this node */ + node_id_t id; /* unique node ID (name hash) */ uint32_t options; /* options turned on for this node */ int sock; /* Socket to use for outgoing UDP packets */ @@ -110,6 +112,7 @@ extern void free_node(node_t *); extern void node_add(node_t *); extern void node_del(node_t *); extern node_t *lookup_node(char *); +extern node_t *lookup_node_id(const node_id_t *); extern node_t *lookup_node_udp(const sockaddr_t *); extern bool dump_nodes(struct connection_t *); extern bool dump_traffic(struct connection_t *); diff --git a/src/openssl/cipher.c b/src/openssl/cipher.c index 5d9bebc..9b39a28 100644 --- a/src/openssl/cipher.c +++ b/src/openssl/cipher.c @@ -30,15 +30,8 @@ struct cipher { EVP_CIPHER_CTX ctx; const EVP_CIPHER *cipher; - struct cipher_counter *counter; }; -typedef struct cipher_counter { - unsigned char counter[CIPHER_MAX_IV_SIZE]; - unsigned char block[CIPHER_MAX_IV_SIZE]; - int n; -} cipher_counter_t; - static cipher_t *cipher_open(const EVP_CIPHER *evp_cipher) { cipher_t *cipher = xzalloc(sizeof *cipher); cipher->cipher = evp_cipher; @@ -76,7 +69,6 @@ void cipher_close(cipher_t *cipher) { return; EVP_CIPHER_CTX_cleanup(&cipher->ctx); - free(cipher->counter); free(cipher); } @@ -84,7 +76,7 @@ size_t cipher_keylength(const cipher_t *cipher) { if(!cipher || !cipher->cipher) return 0; - return cipher->cipher->key_len + cipher->cipher->block_size; + return cipher->cipher->key_len + cipher->cipher->iv_len; } bool cipher_set_key(cipher_t *cipher, void *key, bool encrypt) { @@ -117,70 +109,6 @@ bool cipher_set_key_from_rsa(cipher_t *cipher, void *key, size_t len, bool encry return false; } -bool cipher_set_counter(cipher_t *cipher, const void *counter, size_t len) { - if(len > cipher->cipher->block_size - 4) { - logger(DEBUG_ALWAYS, LOG_ERR, "Counter too long"); - abort(); - } - - memcpy(cipher->counter->counter + cipher->cipher->block_size - len, counter, len); - memset(cipher->counter->counter, 0, 4); - cipher->counter->n = 0; - - return true; -} - -bool cipher_set_counter_key(cipher_t *cipher, void *key) { - int result = EVP_EncryptInit_ex(&cipher->ctx, cipher->cipher, NULL, (unsigned char *)key, NULL); - if(!result) { - logger(DEBUG_ALWAYS, LOG_ERR, "Error while setting key: %s", ERR_error_string(ERR_get_error(), NULL)); - return false; - } - - if(!cipher->counter) - cipher->counter = xzalloc(sizeof *cipher->counter); - else - cipher->counter->n = 0; - - memcpy(cipher->counter->counter, (unsigned char *)key + cipher->cipher->key_len, cipher->cipher->block_size); - - return true; -} - -bool cipher_counter_xor(cipher_t *cipher, const void *indata, size_t inlen, void *outdata) { - if(!cipher->counter) { - logger(DEBUG_ALWAYS, LOG_ERR, "Counter not initialized"); - return false; - } - - const unsigned char *in = indata; - unsigned char *out = outdata; - - while(inlen--) { - // Encrypt the new counter value if we need it - if(!cipher->counter->n) { - int len; - if(!EVP_EncryptUpdate(&cipher->ctx, cipher->counter->block, &len, cipher->counter->counter, cipher->cipher->block_size)) { - logger(DEBUG_ALWAYS, LOG_ERR, "Error while encrypting: %s", ERR_error_string(ERR_get_error(), NULL)); - return false; - } - - // Increase the counter value - for(int i = 0; i < cipher->cipher->block_size; i++) - if(++cipher->counter->counter[i]) - break; - } - - *out++ = *in++ ^ cipher->counter->block[cipher->counter->n++]; - - if(cipher->counter->n >= cipher->cipher->block_size) - cipher->counter->n = 0; - } - - return true; -} - - bool cipher_encrypt(cipher_t *cipher, const void *indata, size_t inlen, void *outdata, size_t *outlen, bool oneshot) { if(oneshot) { int len, pad; diff --git a/src/openssl/crypto.c b/src/openssl/crypto.c index 6c5cbc8..5b866b0 100644 --- a/src/openssl/crypto.c +++ b/src/openssl/crypto.c @@ -1,6 +1,6 @@ /* crypto.c -- Cryptographic miscellaneous functions and initialisation - Copyright (C) 2007-2013 Guus Sliepen + Copyright (C) 2007-2014 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -25,8 +25,65 @@ #include "../crypto.h" +#ifndef HAVE_MINGW + +static int random_fd = -1; + +static void random_init(void) { + random_fd = open("/dev/urandom", O_RDONLY); + if(random_fd < 0) + random_fd = open("/dev/random", O_RDONLY); + if(random_fd < 0) { + fprintf(stderr, "Could not open source of random numbers: %s\n", strerror(errno)); + abort(); + } +} + +static void random_exit(void) { + close(random_fd); +} + +void randomize(void *out, size_t outlen) { + while(outlen) { + size_t len = read(random_fd, out, outlen); + if(len <= 0) { + if(errno == EAGAIN || errno == EINTR) + continue; + fprintf(stderr, "Could not read random numbers: %s\n", strerror(errno)); + abort(); + } + out += len; + outlen -= len; + } +} + +#else + +#include +HCRYPTPROV prov; + +void random_init(void) { + if(!CryptAcquireContext(&prov, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) { + fprintf(stderr, "CryptAcquireContext() failed!\n"); + abort(); + } +} + +void random_exit(void) { + CryptReleaseContext(prov, 0); +} + +void randomize(void *out, size_t outlen) { + if(!CryptGenRandom(prov, outlen, out)) { + fprintf(stderr, "CryptGenRandom() failed\n"); + abort(); + } +} + +#endif + void crypto_init(void) { - RAND_load_file("/dev/urandom", 1024); + random_init(); ENGINE_load_builtin_engines(); ENGINE_register_all_complete(); @@ -42,8 +99,7 @@ void crypto_init(void) { void crypto_exit(void) { EVP_cleanup(); -} - -void randomize(void *out, size_t outlen) { - RAND_pseudo_bytes(out, outlen); + ERR_free_strings(); + ENGINE_cleanup(); + random_exit(); } diff --git a/src/openssl/ecdh.c b/src/openssl/ecdh.c deleted file mode 100644 index d997007..0000000 --- a/src/openssl/ecdh.c +++ /dev/null @@ -1,96 +0,0 @@ -/* - ecdh.c -- Diffie-Hellman key exchange handling - Copyright (C) 2011-2013 Guus Sliepen - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License along - with this program; if not, write to the Free Software Foundation, Inc., - 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -*/ - -#include "../system.h" - -#include -#include -#include -#include - -#define __TINC_ECDH_INTERNAL__ -typedef EC_KEY ecdh_t; - -#include "../ecdh.h" -#include "../logger.h" -#include "../utils.h" -#include "../xalloc.h" - -ecdh_t *ecdh_generate_public(void *pubkey) { - ecdh_t *ecdh = EC_KEY_new_by_curve_name(NID_secp521r1); - if(!ecdh) { - logger(DEBUG_ALWAYS, LOG_ERR, "Generating EC key_by_curve_name failed: %s", ERR_error_string(ERR_get_error(), NULL)); - return false; - } - - if(!EC_KEY_generate_key(ecdh)) { - EC_KEY_free(ecdh); - logger(DEBUG_ALWAYS, LOG_ERR, "Generating EC key failed: %s", ERR_error_string(ERR_get_error(), NULL)); - return NULL; - } - - const EC_POINT *point = EC_KEY_get0_public_key(ecdh); - if(!point) { - EC_KEY_free(ecdh); - logger(DEBUG_ALWAYS, LOG_ERR, "Getting public key failed: %s", ERR_error_string(ERR_get_error(), NULL)); - return NULL; - } - - size_t result = EC_POINT_point2oct(EC_KEY_get0_group(ecdh), point, POINT_CONVERSION_COMPRESSED, pubkey, ECDH_SIZE, NULL); - if(!result) { - EC_KEY_free(ecdh); - logger(DEBUG_ALWAYS, LOG_ERR, "Converting EC_POINT to binary failed: %s", ERR_error_string(ERR_get_error(), NULL)); - return NULL; - } - - return ecdh; -} - -bool ecdh_compute_shared(ecdh_t *ecdh, const void *pubkey, void *shared) { - EC_POINT *point = EC_POINT_new(EC_KEY_get0_group(ecdh)); - if(!point) { - logger(DEBUG_ALWAYS, LOG_ERR, "EC_POINT_new() failed: %s", ERR_error_string(ERR_get_error(), NULL)); - EC_KEY_free(ecdh); - return false; - } - - int result = EC_POINT_oct2point(EC_KEY_get0_group(ecdh), point, pubkey, ECDH_SIZE, NULL); - if(!result) { - EC_POINT_free(point); - EC_KEY_free(ecdh); - logger(DEBUG_ALWAYS, LOG_ERR, "Converting binary to EC_POINT failed: %s", ERR_error_string(ERR_get_error(), NULL)); - return false; - } - - result = ECDH_compute_key(shared, ECDH_SIZE, point, ecdh, NULL); - EC_POINT_free(point); - EC_KEY_free(ecdh); - - if(!result) { - logger(DEBUG_ALWAYS, LOG_ERR, "Computing Elliptic Curve Diffie-Hellman shared key failed: %s", ERR_error_string(ERR_get_error(), NULL)); - return false; - } - - return true; -} - -void ecdh_free(ecdh_t *ecdh) { - if(ecdh) - EC_KEY_free(ecdh); -} diff --git a/src/openssl/ecdsa.c b/src/openssl/ecdsa.c deleted file mode 100644 index bca89fc..0000000 --- a/src/openssl/ecdsa.c +++ /dev/null @@ -1,131 +0,0 @@ -/* - ecdsa.c -- ECDSA key handling - Copyright (C) 2011-2013 Guus Sliepen - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License along - with this program; if not, write to the Free Software Foundation, Inc., - 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -*/ - -#include "../system.h" - -#include -#include - -#define __TINC_ECDSA_INTERNAL__ -typedef EC_KEY ecdsa_t; - -#include "../logger.h" -#include "../ecdsa.h" -#include "../utils.h" -#include "../xalloc.h" - -// Get and set ECDSA keys -// -ecdsa_t *ecdsa_set_base64_public_key(const char *p) { - ecdsa_t *ecdsa = EC_KEY_new_by_curve_name(NID_secp521r1); - if(!ecdsa) { - logger(DEBUG_ALWAYS, LOG_DEBUG, "EC_KEY_new_by_curve_name failed: %s", ERR_error_string(ERR_get_error(), NULL)); - return NULL; - } - - int len = strlen(p); - unsigned char pubkey[len / 4 * 3 + 3]; - const unsigned char *ppubkey = pubkey; - len = b64decode(p, (char *)pubkey, len); - - if(!o2i_ECPublicKey(&ecdsa, &ppubkey, len)) { - logger(DEBUG_ALWAYS, LOG_DEBUG, "o2i_ECPublicKey failed: %s", ERR_error_string(ERR_get_error(), NULL)); - EC_KEY_free(ecdsa); - return NULL; - } - - return ecdsa; -} - -char *ecdsa_get_base64_public_key(ecdsa_t *ecdsa) { - unsigned char *pubkey = NULL; - int len = i2o_ECPublicKey(ecdsa, &pubkey); - - char *base64 = xmalloc(len * 4 / 3 + 5); - b64encode((char *)pubkey, base64, len); - - free(pubkey); - - return base64; -} - -// Read PEM ECDSA keys - -ecdsa_t *ecdsa_read_pem_public_key(FILE *fp) { - ecdsa_t *ecdsa = PEM_read_EC_PUBKEY(fp, NULL, NULL, NULL); - - if(!ecdsa) - logger(DEBUG_ALWAYS, LOG_ERR, "Unable to read ECDSA public key: %s", ERR_error_string(ERR_get_error(), NULL)); - - return ecdsa; -} - -ecdsa_t *ecdsa_read_pem_private_key(FILE *fp) { - ecdsa_t *ecdsa = PEM_read_ECPrivateKey(fp, NULL, NULL, NULL); - - if(!ecdsa) - logger(DEBUG_ALWAYS, LOG_ERR, "Unable to read ECDSA private key: %s", ERR_error_string(ERR_get_error(), NULL)); - - return ecdsa; -} - -size_t ecdsa_size(ecdsa_t *ecdsa) { - return ECDSA_size(ecdsa); -} - -// TODO: standardise output format? - -bool ecdsa_sign(ecdsa_t *ecdsa, const void *in, size_t len, void *sig) { - unsigned int siglen = ECDSA_size(ecdsa); - - unsigned char hash[SHA512_DIGEST_LENGTH]; - SHA512(in, len, hash); - - memset(sig, 0, siglen); - - if(!ECDSA_sign(0, hash, sizeof hash, sig, &siglen, ecdsa)) { - logger(DEBUG_ALWAYS, LOG_DEBUG, "ECDSA_sign() failed: %s", ERR_error_string(ERR_get_error(), NULL)); - return false; - } - - return true; -} - -bool ecdsa_verify(ecdsa_t *ecdsa, const void *in, size_t len, const void *sig) { - unsigned int siglen = ECDSA_size(ecdsa); - - unsigned char hash[SHA512_DIGEST_LENGTH]; - SHA512(in, len, hash); - - if(!ECDSA_verify(0, hash, sizeof hash, sig, siglen, ecdsa)) { - logger(DEBUG_ALWAYS, LOG_DEBUG, "ECDSA_verify() failed: %s", ERR_error_string(ERR_get_error(), NULL)); - return false; - } - - return true; -} - -bool ecdsa_active(ecdsa_t *ecdsa) { - return ecdsa; -} - -void ecdsa_free(ecdsa_t *ecdsa) { - if(ecdsa) - EC_KEY_free(ecdsa); -} diff --git a/src/openssl/rsa.c b/src/openssl/rsa.c index 20bfb65..9c1f498 100644 --- a/src/openssl/rsa.c +++ b/src/openssl/rsa.c @@ -61,8 +61,10 @@ rsa_t *rsa_set_hex_private_key(char *n, char *e, char *d) { rsa_t *rsa_read_pem_public_key(FILE *fp) { rsa_t *rsa = PEM_read_RSAPublicKey(fp, NULL, NULL, NULL); - if(!rsa) + if(!rsa) { + rewind(fp); rsa = PEM_read_RSA_PUBKEY(fp, NULL, NULL, NULL); + } if(!rsa) logger(DEBUG_ALWAYS, LOG_ERR, "Unable to read RSA public key: %s", ERR_error_string(ERR_get_error(), NULL)); diff --git a/src/process.c b/src/process.c index c1038bc..2243bf9 100644 --- a/src/process.c +++ b/src/process.c @@ -34,6 +34,7 @@ #include "subnet.h" #include "utils.h" #include "xalloc.h" +#include "version.h" /* If zero, don't detach from the terminal. */ bool do_detach = true; @@ -108,6 +109,8 @@ static bool install_service(void) { return true; } +io_t stop_io; + DWORD WINAPI controlhandler(DWORD request, DWORD type, LPVOID boe, LPVOID bah) { switch(request) { case SERVICE_CONTROL_INTERROGATE: @@ -124,10 +127,11 @@ DWORD WINAPI controlhandler(DWORD request, DWORD type, LPVOID boe, LPVOID bah) { return ERROR_CALL_NOT_IMPLEMENTED; } - event_exit(); - status.dwWaitHint = 30000; + status.dwWaitHint = 1000; status.dwCurrentState = SERVICE_STOP_PENDING; SetServiceStatus(statushandle, &status); + if (WSASetEvent(stop_io.event) == FALSE) + abort(); return NO_ERROR; } @@ -209,7 +213,7 @@ bool detach(void) { openlogger(identname, use_logfile?LOGMODE_FILE:(do_detach?LOGMODE_SYSLOG:LOGMODE_STDERR)); logger(DEBUG_ALWAYS, LOG_NOTICE, "tincd %s (%s %s) starting, debug level %d", - VERSION, __DATE__, __TIME__, debug_level); + VERSION, BUILD_DATE, BUILD_TIME, debug_level); return true; } diff --git a/src/process.h b/src/process.h index 4cdf711..ce2daed 100644 --- a/src/process.h +++ b/src/process.h @@ -29,6 +29,7 @@ extern bool detach(void); extern bool kill_other(int); #ifdef HAVE_MINGW +extern io_t stop_io; extern bool init_service(void); #endif diff --git a/src/protocol.c b/src/protocol.c index 374c522..1ec169a 100644 --- a/src/protocol.c +++ b/src/protocol.c @@ -55,17 +55,6 @@ static char (*request_name[]) = { static splay_tree_t *past_request_tree; -bool check_id(const char *id) { - if(!id || !*id) - return false; - - for(; *id; id++) - if(!isalnum(*id) && *id != '_') - return false; - - return true; -} - /* Generic request routines - takes care of logging and error detection as well */ diff --git a/src/protocol.h b/src/protocol.h index e771c54..080d50c 100644 --- a/src/protocol.h +++ b/src/protocol.h @@ -26,7 +26,7 @@ /* Protocol version. Different major versions are incompatible. */ #define PROT_MAJOR 17 -#define PROT_MINOR 3 /* Should not exceed 255! */ +#define PROT_MINOR 4 /* Should not exceed 255! */ /* Silly Windows */ @@ -81,7 +81,6 @@ extern ecdsa_t *invitation_key; extern bool send_request(struct connection_t *, const char *, ...) __attribute__ ((__format__(printf, 2, 3))); extern void forward_request(struct connection_t *, const char *); extern bool receive_request(struct connection_t *, const char *); -extern bool check_id(const char *); extern void init_requests(void); extern void exit_requests(void); diff --git a/src/protocol_auth.c b/src/protocol_auth.c index 147c3b4..cd39f28 100644 --- a/src/protocol_auth.c +++ b/src/protocol_auth.c @@ -1,7 +1,7 @@ /* protocol_auth.c -- handle the meta-protocol, authentication Copyright (C) 1999-2005 Ivo Timmermans, - 2000-2013 Guus Sliepen + 2000-2014 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -172,7 +172,7 @@ static bool finalize_invitation(connection_t *c, const char *data, uint16_t len) return false; } - fprintf(f, "ECDSAPublicKey = %s\n", data); + fprintf(f, "Ed25519PublicKey = %s\n", data); fclose(f); logger(DEBUG_CONNECTIONS, LOG_INFO, "Key succesfully received from %s (%s)", c->name, c->hostname); @@ -198,7 +198,7 @@ static bool finalize_invitation(connection_t *c, const char *data, uint16_t len) return true; } -static bool receive_invitation_sptps(void *handle, uint8_t type, const char *data, uint16_t len) { +static bool receive_invitation_sptps(void *handle, uint8_t type, const void *data, uint16_t len) { connection_t *c = handle; if(type == 128) @@ -380,12 +380,13 @@ bool id_h(connection_t *c, const char *request) { if(experimental) read_ecdsa_public_key(c); - } else { - if(c->protocol_minor && !ecdsa_active(c->ecdsa)) - c->protocol_minor = 1; + /* Ignore failures if no key known yet */ } - /* Forbid version rollback for nodes whose ECDSA key we know */ + if(c->protocol_minor && !ecdsa_active(c->ecdsa)) + c->protocol_minor = 1; + + /* Forbid version rollback for nodes whose Ed25519 key we know */ if(ecdsa_active(c->ecdsa) && c->protocol_minor < 2) { logger(DEBUG_ALWAYS, LOG_ERR, "Peer %s (%s) tries to roll back protocol version to %d.%d", @@ -411,6 +412,11 @@ bool id_h(connection_t *c, const char *request) { } bool send_metakey(connection_t *c) { + if(!myself->connection->rsa) { + logger(DEBUG_CONNECTIONS, LOG_ERR, "Peer %s (%s) uses legacy protocol which we don't support", c->name, c->hostname); + return false; + } + if(!read_rsa_public_key(c)) return false; @@ -420,7 +426,7 @@ bool send_metakey(connection_t *c) { if(!(c->outdigest = digest_open_sha1(-1))) return false; - size_t len = rsa_size(c->rsa); + const size_t len = rsa_size(c->rsa); char key[len]; char enckey[len]; char hexkey[2 * len + 1]; @@ -477,9 +483,12 @@ bool send_metakey(connection_t *c) { } bool metakey_h(connection_t *c, const char *request) { + if(!myself->connection->rsa) + return false; + char hexkey[MAX_STRING_SIZE]; int cipher, digest, maclength, compression; - size_t len = rsa_size(myself->connection->rsa); + const size_t len = rsa_size(myself->connection->rsa); char enckey[len]; char key[len]; @@ -513,14 +522,22 @@ bool metakey_h(connection_t *c, const char *request) { /* Check and lookup cipher and digest algorithms */ - if(!(c->incipher = cipher_open_by_nid(cipher)) || !cipher_set_key_from_rsa(c->incipher, key, len, false)) { - logger(DEBUG_ALWAYS, LOG_ERR, "Error during initialisation of cipher from %s (%s)", c->name, c->hostname); - return false; + if(cipher) { + if(!(c->incipher = cipher_open_by_nid(cipher)) || !cipher_set_key_from_rsa(c->incipher, key, len, false)) { + logger(DEBUG_ALWAYS, LOG_ERR, "Error during initialisation of cipher from %s (%s)", c->name, c->hostname); + return false; + } + } else { + c->incipher = NULL; } - if(!(c->indigest = digest_open_by_nid(digest, -1))) { - logger(DEBUG_ALWAYS, LOG_ERR, "Error during initialisation of digest from %s (%s)", c->name, c->hostname); - return false; + if(digest) { + if(!(c->indigest = digest_open_by_nid(digest, -1))) { + logger(DEBUG_ALWAYS, LOG_ERR, "Error during initialisation of digest from %s (%s)", c->name, c->hostname); + return false; + } + } else { + c->indigest = NULL; } c->status.decryptin = true; @@ -531,7 +548,7 @@ bool metakey_h(connection_t *c, const char *request) { } bool send_challenge(connection_t *c) { - size_t len = rsa_size(c->rsa); + const size_t len = rsa_size(c->rsa); char buffer[len * 2 + 1]; if(!c->hischallenge) @@ -551,8 +568,11 @@ bool send_challenge(connection_t *c) { } bool challenge_h(connection_t *c, const char *request) { + if(!myself->connection->rsa) + return false; + char buffer[MAX_STRING_SIZE]; - size_t len = rsa_size(myself->connection->rsa); + const size_t len = rsa_size(myself->connection->rsa); size_t digestlen = digest_length(c->indigest); char digest[digestlen]; @@ -628,7 +648,7 @@ bool chal_reply_h(connection_t *c, const char *request) { } static bool send_upgrade(connection_t *c) { - /* Special case when protocol_minor is 1: the other end is ECDSA capable, + /* Special case when protocol_minor is 1: the other end is Ed25519 capable, * but doesn't know our key yet. So send it now. */ char *pubkey = ecdsa_get_base64_public_key(myself->connection->ecdsa); @@ -672,7 +692,8 @@ bool send_ack(connection_t *c) { if(choice) c->options |= OPTION_CLAMP_MSS; - get_config_int(lookup_config(c->config_tree, "Weight"), &c->estimated_weight); + if(!get_config_int(lookup_config(c->config_tree, "Weight"), &c->estimated_weight)) + get_config_int(lookup_config(config_tree, "Weight"), &c->estimated_weight); return send_request(c, "%d %s %d %x", ACK, myport, c->estimated_weight, (c->options & 0xffffff) | (experimental ? (PROT_MINOR << 24) : 0)); } @@ -716,12 +737,26 @@ static bool upgrade_h(connection_t *c, const char *request) { } if(ecdsa_active(c->ecdsa) || read_ecdsa_public_key(c)) { - logger(DEBUG_ALWAYS, LOG_INFO, "Already have ECDSA public key from %s (%s), not upgrading.", c->name, c->hostname); + char *knownkey = ecdsa_get_base64_public_key(c->ecdsa); + bool different = strcmp(knownkey, pubkey); + free(knownkey); + if(different) { + logger(DEBUG_ALWAYS, LOG_ERR, "Already have an Ed25519 public key from %s (%s) which is different from the one presented now!", c->name, c->hostname); + return false; + } + logger(DEBUG_ALWAYS, LOG_INFO, "Already have Ed25519 public key from %s (%s), ignoring.", c->name, c->hostname); + c->allow_request = TERMREQ; + return send_termreq(c); + } + + c->ecdsa = ecdsa_set_base64_public_key(pubkey); + if(!c->ecdsa) { + logger(DEBUG_ALWAYS, LOG_INFO, "Got bad Ed25519 public key from %s (%s), not upgrading.", c->name, c->hostname); return false; } - logger(DEBUG_ALWAYS, LOG_INFO, "Got ECDSA public key from %s (%s), upgrading!", c->name, c->hostname); - append_config_file(c->name, "ECDSAPublicKey", pubkey); + logger(DEBUG_ALWAYS, LOG_INFO, "Got Ed25519 public key from %s (%s), upgrading!", c->name, c->hostname); + append_config_file(c->name, "Ed25519PublicKey", pubkey); c->allow_request = TERMREQ; return send_termreq(c); } @@ -795,7 +830,6 @@ bool ack_h(connection_t *c, const char *request) { /* Activate this connection */ c->allow_request = ALL; - c->status.active = true; logger(DEBUG_CONNECTIONS, LOG_NOTICE, "Connection with %s (%s) activated", c->name, c->hostname); @@ -812,6 +846,16 @@ bool ack_h(connection_t *c, const char *request) { sockaddr2str(&c->address, &hisaddress, NULL); c->edge->address = str2sockaddr(hisaddress, hisport); free(hisaddress); + sockaddr_t local_sa; + socklen_t local_salen = sizeof local_sa; + if (getsockname(c->socket, &local_sa.sa, &local_salen) < 0) + logger(DEBUG_ALWAYS, LOG_WARNING, "Could not get local socket address for connection with %s", c->name); + else { + char *local_address; + sockaddr2str(&local_sa, &local_address, NULL); + c->edge->local_address = str2sockaddr(local_address, myport); + free(local_address); + } c->edge->weight = (weight + c->estimated_weight) / 2; c->edge->connection = c; c->edge->options = c->options; diff --git a/src/protocol_edge.c b/src/protocol_edge.c index e285a6d..4760162 100644 --- a/src/protocol_edge.c +++ b/src/protocol_edge.c @@ -37,14 +37,19 @@ bool send_add_edge(connection_t *c, const edge_t *e) { bool x; char *address, *port; + char *local_address, *local_port; sockaddr2str(&e->address, &address, &port); + sockaddr2str(&e->local_address, &local_address, &local_port); - x = send_request(c, "%d %x %s %s %s %s %x %d", ADD_EDGE, rand(), + x = send_request(c, "%d %x %s %s %s %s %x %d %s %s", ADD_EDGE, rand(), e->from->name, e->to->name, address, port, - e->options, e->weight); + e->options, e->weight, local_address, local_port); + free(address); free(port); + free(local_address); + free(local_port); return x; } @@ -56,12 +61,15 @@ bool add_edge_h(connection_t *c, const char *request) { char to_name[MAX_STRING_SIZE]; char to_address[MAX_STRING_SIZE]; char to_port[MAX_STRING_SIZE]; - sockaddr_t address; + char address_local[MAX_STRING_SIZE] = "unknown"; + char port_local[MAX_STRING_SIZE] = "unknown"; + sockaddr_t address, local_address; uint32_t options; int weight; - if(sscanf(request, "%*d %*x "MAX_STRING" "MAX_STRING" "MAX_STRING" "MAX_STRING" %x %d", - from_name, to_name, to_address, to_port, &options, &weight) != 6) { + int parameter_count = sscanf(request, "%*d %*x "MAX_STRING" "MAX_STRING" "MAX_STRING" "MAX_STRING" %x %d "MAX_STRING" "MAX_STRING, + from_name, to_name, to_address, to_port, &options, &weight, address_local, port_local); + if (parameter_count != 6 && parameter_count != 8) { logger(DEBUG_ALWAYS, LOG_ERR, "Got bad %s from %s (%s)", "ADD_EDGE", c->name, c->hostname); return false; @@ -109,13 +117,14 @@ bool add_edge_h(connection_t *c, const char *request) { /* Convert addresses */ address = str2sockaddr(to_address, to_port); + local_address = str2sockaddr(address_local, port_local); /* Check if edge already exists */ e = lookup_edge(from, to); if(e) { - if(e->weight != weight || e->options != options || sockaddrcmp(&e->address, &address)) { + if(e->weight != weight || e->options != options || sockaddrcmp(&e->address, &address) || sockaddrcmp(&e->local_address, &local_address)) { if(from == myself) { logger(DEBUG_PROTOCOL, LOG_WARNING, "Got %s from %s (%s) for ourself which does not match existing entry", "ADD_EDGE", c->name, c->hostname); @@ -145,6 +154,7 @@ bool add_edge_h(connection_t *c, const char *request) { e->from = from; e->to = to; e->address = address; + e->local_address = local_address; e->options = options; e->weight = weight; edge_add(e); diff --git a/src/protocol_key.c b/src/protocol_key.c index a3cf3f5..8b19d90 100644 --- a/src/protocol_key.c +++ b/src/protocol_key.c @@ -1,7 +1,7 @@ /* protocol_key.c -- handle the meta-protocol, key exchange Copyright (C) 1999-2005 Ivo Timmermans, - 2000-2013 Guus Sliepen + 2000-2014 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -41,7 +41,7 @@ void send_key_changed(void) { /* Immediately send new keys to directly connected nodes to keep UDP mappings alive */ for list_each(connection_t, c, connection_list) - if(c->status.active && c->node && c->node->status.reachable && !c->node->status.sptps) + if(c->edge && c->node && c->node->status.reachable && !c->node->status.sptps) send_ans_key(c->node); /* Force key exchange for connections using SPTPS */ @@ -87,7 +87,7 @@ bool key_changed_h(connection_t *c, const char *request) { return true; } -static bool send_initial_sptps_data(void *handle, uint8_t type, const char *data, size_t len) { +static bool send_initial_sptps_data(void *handle, uint8_t type, const void *data, size_t len) { node_t *to = handle; to->sptps.send_data = send_sptps_data; char buf[len * 4 / 3 + 5]; @@ -98,7 +98,7 @@ static bool send_initial_sptps_data(void *handle, uint8_t type, const char *data bool send_req_key(node_t *to) { if(to->status.sptps) { if(!node_read_ecdsa_public_key(to)) { - logger(DEBUG_PROTOCOL, LOG_DEBUG, "No ECDSA key known for %s (%s)", to->name, to->hostname); + logger(DEBUG_PROTOCOL, LOG_DEBUG, "No Ed25519 key known for %s (%s)", to->name, to->hostname); send_request(to->nexthop->connection, "%d %s %s %d", REQ_KEY, myself->name, to->name, REQ_PUBKEY); return true; } @@ -124,6 +124,11 @@ bool send_req_key(node_t *to) { static bool req_key_ext_h(connection_t *c, const char *request, node_t *from, int reqno) { switch(reqno) { case REQ_PUBKEY: { + if(!node_read_ecdsa_public_key(from)) { + /* Request their key *before* we send our key back. Otherwise the first SPTPS packet from them will get dropped. */ + logger(DEBUG_PROTOCOL, LOG_DEBUG, "Preemptively requesting Ed25519 key for %s (%s)", from->name, from->hostname); + send_request(from->nexthop->connection, "%d %s %s %d", REQ_KEY, myself->name, from->name, REQ_PUBKEY); + } char *pubkey = ecdsa_get_base64_public_key(myself->connection->ecdsa); send_request(from->nexthop->connection, "%d %s %s %d %s", REQ_KEY, myself->name, from->name, ANS_PUBKEY, pubkey); free(pubkey); @@ -142,14 +147,14 @@ static bool req_key_ext_h(connection_t *c, const char *request, node_t *from, in return true; } - logger(DEBUG_PROTOCOL, LOG_INFO, "Learned ECDSA public key from %s (%s)", from->name, from->hostname); - append_config_file(from->name, "ECDSAPublicKey", pubkey); + logger(DEBUG_PROTOCOL, LOG_INFO, "Learned Ed25519 public key from %s (%s)", from->name, from->hostname); + append_config_file(from->name, "Ed25519PublicKey", pubkey); return true; } case REQ_KEY: { if(!node_read_ecdsa_public_key(from)) { - logger(DEBUG_PROTOCOL, LOG_DEBUG, "No ECDSA key known for %s (%s)", from->name, from->hostname); + logger(DEBUG_PROTOCOL, LOG_DEBUG, "No Ed25519 key known for %s (%s)", from->name, from->hostname); send_request(from->nexthop->connection, "%d %s %s %d", REQ_KEY, myself->name, from->name, REQ_PUBKEY); return true; } @@ -250,6 +255,7 @@ bool req_key_h(connection_t *c, const char *request) { return true; } + /* TODO: forwarding SPTPS packets in this way is inefficient because we send them over TCP without checking for UDP connectivity */ send_request(to->nexthop->connection, "%s", request); } @@ -260,25 +266,32 @@ bool send_ans_key(node_t *to) { if(to->status.sptps) abort(); - size_t keylen = cipher_keylength(myself->incipher); + size_t keylen = myself->incipher ? cipher_keylength(myself->incipher) : 1; char key[keylen * 2 + 1]; + randomize(key, keylen); + cipher_close(to->incipher); digest_close(to->indigest); - to->incipher = cipher_open_by_nid(cipher_get_nid(myself->incipher)); - to->indigest = digest_open_by_nid(digest_get_nid(myself->indigest), digest_length(myself->indigest)); + if(myself->incipher) { + to->incipher = cipher_open_by_nid(cipher_get_nid(myself->incipher)); + if(!to->incipher) + abort(); + if(!cipher_set_key(to->incipher, key, false)) + abort(); + } + + if(myself->indigest) { + to->indigest = digest_open_by_nid(digest_get_nid(myself->indigest), digest_length(myself->indigest)); + if(!to->indigest) + abort(); + if(!digest_set_key(to->indigest, key, keylen)) + abort(); + } + to->incompression = myself->incompression; - if(!to->incipher || !to->indigest) - abort(); - - randomize(key, keylen); - if(!cipher_set_key(to->incipher, key, false)) - abort(); - if(!digest_set_key(to->indigest, key, keylen)) - abort(); - bin2hex(key, key, keylen); // Reset sequence number and late packet window @@ -386,7 +399,9 @@ bool ans_key_h(connection_t *c, const char *request) { update_node_udp(from, &sa); } - if(from->options & OPTION_PMTU_DISCOVERY && !(from->options & OPTION_TCPONLY)) + /* Don't send probes if we can't send UDP packets directly to that node. + TODO: the indirect (via) condition can change at any time as edges are added and removed, so this should probably be moved to graph.c. */ + if((from->via == myself || from->via == from) && from->options & OPTION_PMTU_DISCOVERY && !(from->options & OPTION_TCPONLY)) send_mtu_probe(from); } @@ -395,14 +410,22 @@ bool ans_key_h(connection_t *c, const char *request) { /* Check and lookup cipher and digest algorithms */ - if(!(from->outcipher = cipher_open_by_nid(cipher))) { - logger(DEBUG_ALWAYS, LOG_ERR, "Node %s (%s) uses unknown cipher!", from->name, from->hostname); - return false; + if(cipher) { + if(!(from->outcipher = cipher_open_by_nid(cipher))) { + logger(DEBUG_ALWAYS, LOG_ERR, "Node %s (%s) uses unknown cipher!", from->name, from->hostname); + return false; + } + } else { + from->outcipher = NULL; } - if(!(from->outdigest = digest_open_by_nid(digest, maclength))) { - logger(DEBUG_ALWAYS, LOG_ERR, "Node %s (%s) uses unknown digest!", from->name, from->hostname); - return false; + if(digest) { + if(!(from->outdigest = digest_open_by_nid(digest, maclength))) { + logger(DEBUG_ALWAYS, LOG_ERR, "Node %s (%s) uses unknown digest!", from->name, from->hostname); + return false; + } + } else { + from->outdigest = NULL; } if(maclength != digest_length(from->outdigest)) { @@ -414,16 +437,16 @@ bool ans_key_h(connection_t *c, const char *request) { keylen = hex2bin(key, key, sizeof key); - if(keylen != cipher_keylength(from->outcipher)) { + if(keylen != (from->outcipher ? cipher_keylength(from->outcipher) : 1)) { logger(DEBUG_ALWAYS, LOG_ERR, "Node %s (%s) uses wrong keylength!", from->name, from->hostname); return true; } /* Update our copy of the origin's packet key */ - if(!cipher_set_key(from->outcipher, key, true)) + if(from->outcipher && !cipher_set_key(from->outcipher, key, true)) return false; - if(!digest_set_key(from->outdigest, key, keylen)) + if(from->outdigest && !digest_set_key(from->outdigest, key, keylen)) return false; from->status.validkey = true; diff --git a/src/protocol_misc.c b/src/protocol_misc.c index 022438e..713dacf 100644 --- a/src/protocol_misc.c +++ b/src/protocol_misc.c @@ -131,7 +131,7 @@ bool send_tcppacket(connection_t *c, const vpn_packet_t *packet) { if(!send_request(c, "%d %hd", PACKET, packet->len)) return false; - return send_meta(c, (char *)packet->data, packet->len); + return send_meta(c, (char *)DATA(packet), packet->len); } bool tcppacket_h(connection_t *c, const char *request) { diff --git a/src/raw_socket_device.c b/src/raw_socket_device.c index 48954d5..eb38be2 100644 --- a/src/raw_socket_device.c +++ b/src/raw_socket_device.c @@ -32,12 +32,9 @@ #include "route.h" #include "xalloc.h" -#if defined(PF_PACKET) && defined(ETH_P_ALL) && defined(AF_PACKET) +#if defined(PF_PACKET) && defined(ETH_P_ALL) && defined(AF_PACKET) && defined(SIOCGIFINDEX) static char *device_info; -static uint64_t device_total_in = 0; -static uint64_t device_total_out = 0; - static bool setup_device(void) { struct ifreq ifr; struct sockaddr_ll sa; @@ -86,16 +83,17 @@ static bool setup_device(void) { } static void close_device(void) { - close(device_fd); + close(device_fd); device_fd = -1; - free(device); - free(iface); + free(device); device = NULL; + free(iface); iface = NULL; + device_info = NULL; } static bool read_packet(vpn_packet_t *packet) { int inlen; - if((inlen = read(device_fd, packet->data, MTU)) <= 0) { + if((inlen = read(device_fd, DATA(packet), MTU)) <= 0) { logger(DEBUG_ALWAYS, LOG_ERR, "Error while reading from %s %s: %s", device_info, device, strerror(errno)); return false; @@ -103,8 +101,6 @@ static bool read_packet(vpn_packet_t *packet) { packet->len = inlen; - device_total_in += packet->len; - logger(DEBUG_TRAFFIC, LOG_DEBUG, "Read packet of %d bytes from %s", packet->len, device_info); @@ -115,29 +111,20 @@ static bool write_packet(vpn_packet_t *packet) { logger(DEBUG_TRAFFIC, LOG_DEBUG, "Writing packet of %d bytes to %s", packet->len, device_info); - if(write(device_fd, packet->data, packet->len) < 0) { + if(write(device_fd, DATA(packet), packet->len) < 0) { logger(DEBUG_ALWAYS, LOG_ERR, "Can't write to %s %s: %s", device_info, device, strerror(errno)); return false; } - device_total_out += packet->len; - return true; } -static void dump_device_stats(void) { - logger(DEBUG_ALWAYS, LOG_DEBUG, "Statistics for %s %s:", device_info, device); - logger(DEBUG_ALWAYS, LOG_DEBUG, " total bytes in: %10"PRIu64, device_total_in); - logger(DEBUG_ALWAYS, LOG_DEBUG, " total bytes out: %10"PRIu64, device_total_out); -} - const devops_t raw_socket_devops = { .setup = setup_device, .close = close_device, .read = read_packet, .write = write_packet, - .dump_stats = dump_device_stats, }; #else @@ -152,6 +139,5 @@ const devops_t raw_socket_devops = { .close = NULL, .read = NULL, .write = NULL, - .dump_stats = NULL, }; #endif diff --git a/src/route.c b/src/route.c index 00ba4c0..2785146 100644 --- a/src/route.c +++ b/src/route.c @@ -115,16 +115,16 @@ static void clamp_mss(const node_t *source, const node_t *via, vpn_packet_t *pac /* Find TCP header */ int start = ether_size; - uint16_t type = packet->data[12] << 8 | packet->data[13]; + uint16_t type = DATA(packet)[12] << 8 | DATA(packet)[13]; if(type == ETH_P_8021Q) { start += 4; - type = packet->data[16] << 8 | packet->data[17]; + type = DATA(packet)[16] << 8 | DATA(packet)[17]; } - if(type == ETH_P_IP && packet->data[start + 9] == 6) - start += (packet->data[start] & 0xf) * 4; - else if(type == ETH_P_IPV6 && packet->data[start + 6] == 6) + if(type == ETH_P_IP && DATA(packet)[start + 9] == 6) + start += (DATA(packet)[start] & 0xf) * 4; + else if(type == ETH_P_IPV6 && DATA(packet)[start + 6] == 6) start += 40; else return; @@ -133,38 +133,38 @@ static void clamp_mss(const node_t *source, const node_t *via, vpn_packet_t *pac return; /* Use data offset field to calculate length of options field */ - int len = ((packet->data[start + 12] >> 4) - 5) * 4; + int len = ((DATA(packet)[start + 12] >> 4) - 5) * 4; if(packet->len < start + 20 + len) return; /* Search for MSS option header */ for(int i = 0; i < len;) { - if(packet->data[start + 20 + i] == 0) + if(DATA(packet)[start + 20 + i] == 0) break; - if(packet->data[start + 20 + i] == 1) { + if(DATA(packet)[start + 20 + i] == 1) { i++; continue; } - if(i > len - 2 || i > len - packet->data[start + 21 + i]) + if(i > len - 2 || i > len - DATA(packet)[start + 21 + i]) break; - if(packet->data[start + 20 + i] != 2) { - if(packet->data[start + 21 + i] < 2) + if(DATA(packet)[start + 20 + i] != 2) { + if(DATA(packet)[start + 21 + i] < 2) break; - i += packet->data[start + 21 + i]; + i += DATA(packet)[start + 21 + i]; continue; } - if(packet->data[start + 21] != 4) + if(DATA(packet)[start + 21] != 4) break; /* Found it */ - uint16_t oldmss = packet->data[start + 22 + i] << 8 | packet->data[start + 23 + i]; + uint16_t oldmss = DATA(packet)[start + 22 + i] << 8 | DATA(packet)[start + 23 + i]; uint16_t newmss = mtu - start - 20; - uint16_t csum = packet->data[start + 16] << 8 | packet->data[start + 17]; + uint16_t csum = DATA(packet)[start + 16] << 8 | DATA(packet)[start + 17]; if(oldmss <= newmss) break; @@ -172,23 +172,23 @@ static void clamp_mss(const node_t *source, const node_t *via, vpn_packet_t *pac logger(DEBUG_TRAFFIC, LOG_INFO, "Clamping MSS of packet from %s to %s to %d", source->name, via->name, newmss); /* Update the MSS value and the checksum */ - packet->data[start + 22 + i] = newmss >> 8; - packet->data[start + 23 + i] = newmss & 0xff; + DATA(packet)[start + 22 + i] = newmss >> 8; + DATA(packet)[start + 23 + i] = newmss & 0xff; csum ^= 0xffff; csum -= oldmss; csum += newmss; csum ^= 0xffff; - packet->data[start + 16] = csum >> 8; - packet->data[start + 17] = csum & 0xff; + DATA(packet)[start + 16] = csum >> 8; + DATA(packet)[start + 17] = csum & 0xff; break; } } static void swap_mac_addresses(vpn_packet_t *packet) { mac_t tmp; - memcpy(&tmp, &packet->data[0], sizeof tmp); - memcpy(&packet->data[0], &packet->data[6], sizeof tmp); - memcpy(&packet->data[6], &tmp, sizeof tmp); + memcpy(&tmp, &DATA(packet)[0], sizeof tmp); + memcpy(&DATA(packet)[0], &DATA(packet)[6], sizeof tmp); + memcpy(&DATA(packet)[6], &tmp, sizeof tmp); } static void age_subnets(void *data) { @@ -203,7 +203,7 @@ static void age_subnets(void *data) { } for list_each(connection_t, c, connection_list) - if(c->status.active) + if(c->edge) send_del_subnet(c, s); subnet_del(myself, s); @@ -223,7 +223,7 @@ static void learn_mac(mac_t *address) { /* If we don't know this MAC address yet, store it */ if(!subnet) { - logger(DEBUG_TRAFFIC, LOG_INFO, "Learned new MAC address %hx:%hx:%hx:%hx:%hx:%hx", + logger(DEBUG_TRAFFIC, LOG_INFO, "Learned new MAC address %x:%x:%x:%x:%x:%x", address->x[0], address->x[1], address->x[2], address->x[3], address->x[4], address->x[5]); @@ -238,7 +238,7 @@ static void learn_mac(mac_t *address) { /* And tell all other tinc daemons it's our MAC */ for list_each(connection_t, c, connection_list) - if(c->status.active) + if(c->edge) send_add_subnet(c, subnet); timeout_add(&age_subnets_timeout, age_subnets, NULL, &(struct timeval){10, rand() % 100000}); @@ -267,7 +267,7 @@ static void route_ipv4_unreachable(node_t *source, vpn_packet_t *packet, length_ /* Copy headers from packet into properly aligned structs on the stack */ - memcpy(&ip, packet->data + ether_size, ip_size); + memcpy(&ip, DATA(packet) + ether_size, ip_size); /* Remember original source and destination */ @@ -284,7 +284,7 @@ static void route_ipv4_unreachable(node_t *source, vpn_packet_t *packet, length_ /* Copy first part of original contents to ICMP message */ - memmove(packet->data + ether_size + ip_size + icmp_size, packet->data + ether_size, oldlen); + memmove(DATA(packet) + ether_size + ip_size + icmp_size, DATA(packet) + ether_size, oldlen); /* Fill in IPv4 header */ @@ -309,12 +309,12 @@ static void route_ipv4_unreachable(node_t *source, vpn_packet_t *packet, length_ icmp.icmp_cksum = 0; icmp.icmp_cksum = inet_checksum(&icmp, icmp_size, ~0); - icmp.icmp_cksum = inet_checksum(packet->data + ether_size + ip_size + icmp_size, oldlen, icmp.icmp_cksum); + icmp.icmp_cksum = inet_checksum(DATA(packet) + ether_size + ip_size + icmp_size, oldlen, icmp.icmp_cksum); /* Copy structs on stack back to packet */ - memcpy(packet->data + ether_size, &ip, ip_size); - memcpy(packet->data + ether_size + ip_size, &icmp, icmp_size); + memcpy(DATA(packet) + ether_size, &ip, ip_size); + memcpy(DATA(packet) + ether_size + ip_size, &icmp, icmp_size); packet->len = ether_size + ip_size + icmp_size + oldlen; @@ -330,8 +330,9 @@ static void fragment_ipv4_packet(node_t *dest, vpn_packet_t *packet, length_t et uint8_t *offset; uint16_t ip_off, origf; - memcpy(&ip, packet->data + ether_size, ip_size); + memcpy(&ip, DATA(packet) + ether_size, ip_size); fragment.priority = packet->priority; + fragment.offset = DEFAULT_PACKET_OFFSET; if(ip.ip_hl != ip_size / 4) return; @@ -345,7 +346,7 @@ static void fragment_ipv4_packet(node_t *dest, vpn_packet_t *packet, length_t et logger(DEBUG_TRAFFIC, LOG_INFO, "Fragmenting packet of %d bytes to %s (%s)", packet->len, dest->name, dest->hostname); - offset = packet->data + ether_size + ip_size; + offset = DATA(packet) + ether_size + ip_size; maxlen = (dest->mtu - ether_size - ip_size) & ~0x7; ip_off = ntohs(ip.ip_off); origf = ip_off & ~IP_OFFMASK; @@ -353,7 +354,7 @@ static void fragment_ipv4_packet(node_t *dest, vpn_packet_t *packet, length_t et while(todo) { len = todo > maxlen ? maxlen : todo; - memcpy(fragment.data + ether_size + ip_size, offset, len); + memcpy(DATA(&fragment) + ether_size + ip_size, offset, len); todo -= len; offset += len; @@ -361,8 +362,8 @@ static void fragment_ipv4_packet(node_t *dest, vpn_packet_t *packet, length_t et ip.ip_off = htons(ip_off | origf | (todo ? IP_MF : 0)); ip.ip_sum = 0; ip.ip_sum = inet_checksum(&ip, ip_size, ~0); - memcpy(fragment.data, packet->data, ether_size); - memcpy(fragment.data + ether_size, &ip, ip_size); + memcpy(DATA(&fragment), DATA(packet), ether_size); + memcpy(DATA(&fragment) + ether_size, &ip, ip_size); fragment.len = ether_size + ip_size + len; send_packet(dest, &fragment); @@ -371,12 +372,15 @@ static void fragment_ipv4_packet(node_t *dest, vpn_packet_t *packet, length_t et } } -static void route_ipv4_unicast(node_t *source, vpn_packet_t *packet) { +static void route_ipv4(node_t *source, vpn_packet_t *packet) { + if(!checklength(source, packet, ether_size + ip_size)) + return; + subnet_t *subnet; node_t *via; ipv4_t dest; - memcpy(&dest, &packet->data[30], sizeof dest); + memcpy(&dest, &DATA(packet)[30], sizeof dest); subnet = lookup_subnet_ipv4(&dest); if(!subnet) { @@ -391,6 +395,11 @@ static void route_ipv4_unicast(node_t *source, vpn_packet_t *packet) { return; } + if (!subnet->owner) { + broadcast_packet(source, packet); + return; + } + if(subnet->owner == source) { logger(DEBUG_TRAFFIC, LOG_WARNING, "Packet looping back to %s (%s)!", source->name, source->hostname); return; @@ -403,7 +412,7 @@ static void route_ipv4_unicast(node_t *source, vpn_packet_t *packet) { return route_ipv4_unreachable(source, packet, ether_size, ICMP_DEST_UNREACH, ICMP_NET_ANO); if(priorityinheritance) - packet->priority = packet->data[15]; + packet->priority = DATA(packet)[15]; via = (subnet->owner->via == myself) ? subnet->owner->nexthop : subnet->owner->via; @@ -417,7 +426,7 @@ static void route_ipv4_unicast(node_t *source, vpn_packet_t *packet) { if(via && packet->len > MAX(via->mtu, 590) && via != myself) { logger(DEBUG_TRAFFIC, LOG_INFO, "Packet for %s (%s) length %d larger than MTU %d", subnet->owner->name, subnet->owner->hostname, packet->len, via->mtu); - if(packet->data[20] & 0x40) { + if(DATA(packet)[20] & 0x40) { packet->len = MAX(via->mtu, 590); route_ipv4_unreachable(source, packet, ether_size, ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED); } else { @@ -432,20 +441,6 @@ static void route_ipv4_unicast(node_t *source, vpn_packet_t *packet) { send_packet(subnet->owner, packet); } -static void route_ipv4(node_t *source, vpn_packet_t *packet) { - if(!checklength(source, packet, ether_size + ip_size)) - return; - - if(broadcast_mode && (((packet->data[30] & 0xf0) == 0xe0) || ( - packet->data[30] == 255 && - packet->data[31] == 255 && - packet->data[32] == 255 && - packet->data[33] == 255))) - broadcast_packet(source, packet); - else - route_ipv4_unicast(source, packet); -} - /* RFC 2463 */ static void route_ipv6_unreachable(node_t *source, vpn_packet_t *packet, length_t ether_size, uint8_t type, uint8_t code) { @@ -469,7 +464,7 @@ static void route_ipv6_unreachable(node_t *source, vpn_packet_t *packet, length_ /* Copy headers from packet to structs on the stack */ - memcpy(&ip6, packet->data + ether_size, ip6_size); + memcpy(&ip6, DATA(packet) + ether_size, ip6_size); /* Remember original source and destination */ @@ -486,7 +481,7 @@ static void route_ipv6_unreachable(node_t *source, vpn_packet_t *packet, length_ /* Copy first part of original contents to ICMP message */ - memmove(packet->data + ether_size + ip6_size + icmp6_size, packet->data + ether_size, pseudo.length); + memmove(DATA(packet) + ether_size + ip6_size + icmp6_size, DATA(packet) + ether_size, pseudo.length); /* Fill in IPv6 header */ @@ -512,26 +507,36 @@ static void route_ipv6_unreachable(node_t *source, vpn_packet_t *packet, length_ checksum = inet_checksum(&pseudo, sizeof pseudo, ~0); checksum = inet_checksum(&icmp6, icmp6_size, checksum); - checksum = inet_checksum(packet->data + ether_size + ip6_size + icmp6_size, ntohl(pseudo.length) - icmp6_size, checksum); + checksum = inet_checksum(DATA(packet) + ether_size + ip6_size + icmp6_size, ntohl(pseudo.length) - icmp6_size, checksum); icmp6.icmp6_cksum = checksum; /* Copy structs on stack back to packet */ - memcpy(packet->data + ether_size, &ip6, ip6_size); - memcpy(packet->data + ether_size + ip6_size, &icmp6, icmp6_size); + memcpy(DATA(packet) + ether_size, &ip6, ip6_size); + memcpy(DATA(packet) + ether_size + ip6_size, &icmp6, icmp6_size); packet->len = ether_size + ip6_size + ntohl(pseudo.length); send_packet(source, packet); } -static void route_ipv6_unicast(node_t *source, vpn_packet_t *packet) { +static void route_neighborsol(node_t *source, vpn_packet_t *packet); + +static void route_ipv6(node_t *source, vpn_packet_t *packet) { + if(!checklength(source, packet, ether_size + ip6_size)) + return; + + if(DATA(packet)[20] == IPPROTO_ICMPV6 && checklength(source, packet, ether_size + ip6_size + icmp6_size) && DATA(packet)[54] == ND_NEIGHBOR_SOLICIT) { + route_neighborsol(source, packet); + return; + } + subnet_t *subnet; node_t *via; ipv6_t dest; - memcpy(&dest, &packet->data[38], sizeof dest); + memcpy(&dest, &DATA(packet)[38], sizeof dest); subnet = lookup_subnet_ipv6(&dest); if(!subnet) { @@ -550,6 +555,11 @@ static void route_ipv6_unicast(node_t *source, vpn_packet_t *packet) { return; } + if (!subnet->owner) { + broadcast_packet(source, packet); + return; + } + if(subnet->owner == source) { logger(DEBUG_TRAFFIC, LOG_WARNING, "Packet looping back to %s (%s)!", source->name, source->hostname); return; @@ -612,15 +622,15 @@ static void route_neighborsol(node_t *source, vpn_packet_t *packet) { /* Copy headers from packet to structs on the stack */ - memcpy(&ip6, packet->data + ether_size, ip6_size); - memcpy(&ns, packet->data + ether_size + ip6_size, ns_size); + memcpy(&ip6, DATA(packet) + ether_size, ip6_size); + memcpy(&ns, DATA(packet) + ether_size + ip6_size, ns_size); if(has_opt) - memcpy(&opt, packet->data + ether_size + ip6_size + ns_size, opt_size); + memcpy(&opt, DATA(packet) + ether_size + ip6_size + ns_size, opt_size); /* First, snatch the source address from the neighbor solicitation packet */ if(overwrite_mac) - memcpy(mymac.x, packet->data + ETH_ALEN, ETH_ALEN); + memcpy(mymac.x, DATA(packet) + ETH_ALEN, ETH_ALEN); /* Check if this is a valid neighbor solicitation request */ @@ -646,7 +656,7 @@ static void route_neighborsol(node_t *source, vpn_packet_t *packet) { checksum = inet_checksum(&ns, ns_size, checksum); if(has_opt) { checksum = inet_checksum(&opt, opt_size, checksum); - checksum = inet_checksum(packet->data + ether_size + ip6_size + ns_size + opt_size, ETH_ALEN, checksum); + checksum = inet_checksum(DATA(packet) + ether_size + ip6_size + ns_size + opt_size, ETH_ALEN, checksum); } if(checksum) { @@ -679,14 +689,14 @@ static void route_neighborsol(node_t *source, vpn_packet_t *packet) { /* Create neighbor advertation reply */ - memcpy(packet->data, packet->data + ETH_ALEN, ETH_ALEN); /* copy destination address */ - packet->data[ETH_ALEN * 2 - 1] ^= 0xFF; /* mangle source address so it looks like it's not from us */ + memcpy(DATA(packet), DATA(packet) + ETH_ALEN, ETH_ALEN); /* copy destination address */ + DATA(packet)[ETH_ALEN * 2 - 1] ^= 0xFF; /* mangle source address so it looks like it's not from us */ ip6.ip6_dst = ip6.ip6_src; /* swap destination and source protocoll address */ ip6.ip6_src = ns.nd_ns_target; if(has_opt) - memcpy(packet->data + ether_size + ip6_size + ns_size + opt_size, packet->data + ETH_ALEN, ETH_ALEN); /* add fake source hard addr */ + memcpy(DATA(packet) + ether_size + ip6_size + ns_size + opt_size, DATA(packet) + ETH_ALEN, ETH_ALEN); /* add fake source hard addr */ ns.nd_ns_cksum = 0; ns.nd_ns_type = ND_NEIGHBOR_ADVERT; @@ -709,36 +719,21 @@ static void route_neighborsol(node_t *source, vpn_packet_t *packet) { checksum = inet_checksum(&ns, ns_size, checksum); if(has_opt) { checksum = inet_checksum(&opt, opt_size, checksum); - checksum = inet_checksum(packet->data + ether_size + ip6_size + ns_size + opt_size, ETH_ALEN, checksum); + checksum = inet_checksum(DATA(packet) + ether_size + ip6_size + ns_size + opt_size, ETH_ALEN, checksum); } ns.nd_ns_hdr.icmp6_cksum = checksum; /* Copy structs on stack back to packet */ - memcpy(packet->data + ether_size, &ip6, ip6_size); - memcpy(packet->data + ether_size + ip6_size, &ns, ns_size); + memcpy(DATA(packet) + ether_size, &ip6, ip6_size); + memcpy(DATA(packet) + ether_size + ip6_size, &ns, ns_size); if(has_opt) - memcpy(packet->data + ether_size + ip6_size + ns_size, &opt, opt_size); + memcpy(DATA(packet) + ether_size + ip6_size + ns_size, &opt, opt_size); send_packet(source, packet); } -static void route_ipv6(node_t *source, vpn_packet_t *packet) { - if(!checklength(source, packet, ether_size + ip6_size)) - return; - - if(packet->data[20] == IPPROTO_ICMPV6 && checklength(source, packet, ether_size + ip6_size + icmp6_size) && packet->data[54] == ND_NEIGHBOR_SOLICIT) { - route_neighborsol(source, packet); - return; - } - - if(broadcast_mode && packet->data[38] == 255) - broadcast_packet(source, packet); - else - route_ipv6_unicast(source, packet); -} - /* RFC 826 */ static void route_arp(node_t *source, vpn_packet_t *packet) { @@ -757,11 +752,11 @@ static void route_arp(node_t *source, vpn_packet_t *packet) { /* First, snatch the source address from the ARP packet */ if(overwrite_mac) - memcpy(mymac.x, packet->data + ETH_ALEN, ETH_ALEN); + memcpy(mymac.x, DATA(packet) + ETH_ALEN, ETH_ALEN); /* Copy headers from packet to structs on the stack */ - memcpy(&arp, packet->data + ether_size, arp_size); + memcpy(&arp, DATA(packet) + ether_size, arp_size); /* Check if this is a valid ARP request */ @@ -787,20 +782,20 @@ static void route_arp(node_t *source, vpn_packet_t *packet) { if(subnet->owner == myself) return; /* silently ignore */ - memcpy(packet->data, packet->data + ETH_ALEN, ETH_ALEN); /* copy destination address */ - packet->data[ETH_ALEN * 2 - 1] ^= 0xFF; /* mangle source address so it looks like it's not from us */ + memcpy(DATA(packet), DATA(packet) + ETH_ALEN, ETH_ALEN); /* copy destination address */ + DATA(packet)[ETH_ALEN * 2 - 1] ^= 0xFF; /* mangle source address so it looks like it's not from us */ memcpy(&addr, arp.arp_tpa, sizeof addr); /* save protocol addr */ memcpy(arp.arp_tpa, arp.arp_spa, sizeof addr); /* swap destination and source protocol address */ memcpy(arp.arp_spa, &addr, sizeof addr); /* ... */ memcpy(arp.arp_tha, arp.arp_sha, ETH_ALEN); /* set target hard/proto addr */ - memcpy(arp.arp_sha, packet->data + ETH_ALEN, ETH_ALEN); /* add fake source hard addr */ + memcpy(arp.arp_sha, DATA(packet) + ETH_ALEN, ETH_ALEN); /* add fake source hard addr */ arp.arp_op = htons(ARPOP_REPLY); /* Copy structs on stack back to packet */ - memcpy(packet->data + ether_size, &arp, arp_size); + memcpy(DATA(packet) + ether_size, &arp, arp_size); send_packet(source, packet); } @@ -813,16 +808,16 @@ static void route_mac(node_t *source, vpn_packet_t *packet) { if(source == myself) { mac_t src; - memcpy(&src, &packet->data[6], sizeof src); + memcpy(&src, &DATA(packet)[6], sizeof src); learn_mac(&src); } /* Lookup destination address */ - memcpy(&dest, &packet->data[0], sizeof dest); + memcpy(&dest, &DATA(packet)[0], sizeof dest); subnet = lookup_subnet_mac(NULL, &dest); - if(!subnet) { + if(!subnet || !subnet->owner) { broadcast_packet(source, packet); return; } @@ -835,10 +830,10 @@ static void route_mac(node_t *source, vpn_packet_t *packet) { if(forwarding_mode == FMODE_OFF && source != myself && subnet->owner != myself) return; - uint16_t type = packet->data[12] << 8 | packet->data[13]; + uint16_t type = DATA(packet)[12] << 8 | DATA(packet)[13]; if(priorityinheritance && type == ETH_P_IP && packet->len >= ether_size + ip_size) - packet->priority = packet->data[15]; + packet->priority = DATA(packet)[15]; // Handle packets larger than PMTU @@ -852,12 +847,12 @@ static void route_mac(node_t *source, vpn_packet_t *packet) { length_t ethlen = 14; if(type == ETH_P_8021Q) { - type = packet->data[16] << 8 | packet->data[17]; + type = DATA(packet)[16] << 8 | DATA(packet)[17]; ethlen += 4; } if(type == ETH_P_IP && packet->len > 576 + ethlen) { - if(packet->data[6 + ethlen] & 0x40) { + if(DATA(packet)[6 + ethlen] & 0x40) { packet->len = via->mtu; route_ipv4_unreachable(source, packet, ethlen, ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED); } else { @@ -889,16 +884,16 @@ static void send_pcap(vpn_packet_t *packet) { len = c->outmaclength; if(send_request(c, "%d %d %d", CONTROL, REQ_PCAP, len)) - send_meta(c, (char *)packet->data, len); + send_meta(c, (char *)DATA(packet), len); } } static bool do_decrement_ttl(node_t *source, vpn_packet_t *packet) { - uint16_t type = packet->data[12] << 8 | packet->data[13]; + uint16_t type = DATA(packet)[12] << 8 | DATA(packet)[13]; length_t ethlen = ether_size; if(type == ETH_P_8021Q) { - type = packet->data[16] << 8 | packet->data[17]; + type = DATA(packet)[16] << 8 | DATA(packet)[17]; ethlen += 4; } @@ -907,22 +902,22 @@ static bool do_decrement_ttl(node_t *source, vpn_packet_t *packet) { if(!checklength(source, packet, ethlen + ip_size)) return false; - if(packet->data[ethlen + 8] < 1) { - if(packet->data[ethlen + 11] != IPPROTO_ICMP || packet->data[ethlen + 32] != ICMP_TIME_EXCEEDED) + if(DATA(packet)[ethlen + 8] < 1) { + if(DATA(packet)[ethlen + 11] != IPPROTO_ICMP || DATA(packet)[ethlen + 32] != ICMP_TIME_EXCEEDED) route_ipv4_unreachable(source, packet, ethlen, ICMP_TIME_EXCEEDED, ICMP_EXC_TTL); return false; } - uint16_t old = packet->data[ethlen + 8] << 8 | packet->data[ethlen + 9]; - packet->data[ethlen + 8]--; - uint16_t new = packet->data[ethlen + 8] << 8 | packet->data[ethlen + 9]; + uint16_t old = DATA(packet)[ethlen + 8] << 8 | DATA(packet)[ethlen + 9]; + DATA(packet)[ethlen + 8]--; + uint16_t new = DATA(packet)[ethlen + 8] << 8 | DATA(packet)[ethlen + 9]; - uint32_t checksum = packet->data[ethlen + 10] << 8 | packet->data[ethlen + 11]; + uint32_t checksum = DATA(packet)[ethlen + 10] << 8 | DATA(packet)[ethlen + 11]; checksum += old + (~new & 0xFFFF); while(checksum >> 16) checksum = (checksum & 0xFFFF) + (checksum >> 16); - packet->data[ethlen + 10] = checksum >> 8; - packet->data[ethlen + 11] = checksum & 0xff; + DATA(packet)[ethlen + 10] = checksum >> 8; + DATA(packet)[ethlen + 11] = checksum & 0xff; return true; @@ -930,13 +925,13 @@ static bool do_decrement_ttl(node_t *source, vpn_packet_t *packet) { if(!checklength(source, packet, ethlen + ip6_size)) return false; - if(packet->data[ethlen + 7] < 1) { - if(packet->data[ethlen + 6] != IPPROTO_ICMPV6 || packet->data[ethlen + 40] != ICMP6_TIME_EXCEEDED) + if(DATA(packet)[ethlen + 7] < 1) { + if(DATA(packet)[ethlen + 6] != IPPROTO_ICMPV6 || DATA(packet)[ethlen + 40] != ICMP6_TIME_EXCEEDED) route_ipv6_unreachable(source, packet, ethlen, ICMP6_TIME_EXCEEDED, ICMP6_TIME_EXCEED_TRANSIT); return false; } - packet->data[ethlen + 7]--; + DATA(packet)[ethlen + 7]--; return true; @@ -961,7 +956,7 @@ void route(node_t *source, vpn_packet_t *packet) { if(!do_decrement_ttl(source, packet)) return; - uint16_t type = packet->data[12] << 8 | packet->data[13]; + uint16_t type = DATA(packet)[12] << 8 | DATA(packet)[13]; switch (routing_mode) { case RMODE_ROUTER: diff --git a/src/script.c b/src/script.c index 9a43d53..6389cb4 100644 --- a/src/script.c +++ b/src/script.c @@ -49,7 +49,7 @@ bool execute_script(const char *name, char **envp) { if(q) { memcpy(ext, p, q - p); ext[q - p] = 0; - *q++; + q++; } else { strcpy(ext, p); } diff --git a/src/solaris/device.c b/src/solaris/device.c index 21ce73f..fadae57 100644 --- a/src/solaris/device.c +++ b/src/solaris/device.c @@ -1,7 +1,8 @@ /* device.c -- Interaction with Solaris tun device Copyright (C) 2001-2005 Ivo Timmermans, - 2001-2013 Guus Sliepen + 2002-2010 OpenVPN Technologies, Inc. + 2001-2014 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -23,171 +24,350 @@ #include #include -#include #include "../conf.h" #include "../device.h" #include "../logger.h" #include "../names.h" #include "../net.h" +#include "../route.h" #include "../utils.h" #include "../xalloc.h" -#define DEFAULT_DEVICE "/dev/tun" +#ifndef TUNNEWPPA +#warning Missing net/if_tun.h, using hardcoded value for TUNNEWPPA +#define TUNNEWPPA (('T'<<16) | 0x0001) +#endif + +#define DEFAULT_TUN_DEVICE "/dev/tun" +#define DEFAULT_TAP_DEVICE "/dev/tap" + +static enum { + DEVICE_TYPE_TUN, + DEVICE_TYPE_TAP, +} device_type = DEVICE_TYPE_TUN; int device_fd = -1; -static int ip_fd = -1, if_fd = -1; +static int ip_fd = -1; char *device = NULL; char *iface = NULL; static char *device_info = NULL; -static uint64_t device_total_in = 0; -static uint64_t device_total_out = 0; - static bool setup_device(void) { - int ppa; - char *ptr; + char *type; - if(!get_config_string(lookup_config(config_tree, "Device"), &device)) - device = xstrdup(DEFAULT_DEVICE); + if(!get_config_string(lookup_config(config_tree, "Device"), &device)) { + if(routing_mode == RMODE_ROUTER) + device = xstrdup(DEFAULT_TUN_DEVICE); + else + device = xstrdup(DEFAULT_TAP_DEVICE); + } - if((device_fd = open(device, O_RDWR | O_NONBLOCK)) < 0) { - logger(DEBUG_ALWAYS, LOG_ERR, "Could not open %s: %s", device, strerror(errno)); + if(get_config_string(lookup_config(config_tree, "DeviceType"), &type)) { + if(!strcasecmp(type, "tun")) + /* use default */; + else if(!strcasecmp(type, "tap")) + device_type = DEVICE_TYPE_TAP; + else { + logger(DEBUG_ALWAYS, LOG_ERR, "Unknown device type %s!", type); + return false; + } + } else { + if(strstr(device, "tap") || routing_mode != RMODE_ROUTER) + device_type = DEVICE_TYPE_TAP; + } + + if(device_type == DEVICE_TYPE_TUN) + device_info = "Solaris tun device"; + else + device_info = "Solaris tap device"; + + /* The following is black magic copied from OpenVPN. */ + + if((ip_fd = open("/dev/ip", O_RDWR, 0)) < 0) { + logger(DEBUG_ALWAYS, LOG_ERR, "Could not open %s: %s\n", "/dev/ip", strerror(errno)); return false; } + if((device_fd = open(device, O_RDWR, 0)) < 0) { + logger(DEBUG_ALWAYS, LOG_ERR, "Could not open %s: %s\n", device, strerror(errno)); + return false; + } + + /* Get unit number. */ + + char *ptr = device; + get_config_string(lookup_config(config_tree, "Interface"), &ptr); + + while(*ptr && !isdigit(*ptr)) + ptr++; + int ppa = atoi(ptr); + + /* Assign a new PPA and get its unit number. */ + + struct strioctl strioc_ppa = { + .ic_cmd = TUNNEWPPA, + .ic_len = sizeof ppa, + .ic_dp = (char *)&ppa, + }; + + if(!*ptr) { /* no number given, try dynamic */ + bool found = false; + while(!found && ppa < 64) { + int new_ppa = ioctl(device_fd, I_STR, &strioc_ppa); + if(new_ppa >= 0) { + ppa = new_ppa; + found = true; + break; + } + ppa++; + } + if(!found) { + logger(DEBUG_ALWAYS, LOG_ERR, "Could not find free PPA for %s %s!", device_info, device); + return false; + } + } else { /* try this particular one */ + if((ppa = ioctl(device_fd, I_STR, &strioc_ppa)) < 0) { + logger(DEBUG_ALWAYS, LOG_ERR, "Could not assign PPA %d for %s %s!", ppa, device_info, device); + return false; + } + } + + int if_fd; + if((if_fd = open(device, O_RDWR, 0)) < 0) { + logger(DEBUG_ALWAYS, LOG_ERR, "Could not open %s: %s\n", device, strerror(errno)); + return false; + } + + if(ioctl(if_fd, I_PUSH, "ip") < 0) { + logger(DEBUG_ALWAYS, LOG_ERR, "Could not push IP module onto %s %s!", device_info, device); + return false; + } + + xasprintf(&iface, "%s%d", device_type == DEVICE_TYPE_TUN ? "tun" : "tap", ppa); + + { + /* Remove muxes just in case they are left over from a crashed tincd */ + struct lifreq ifr = {}; + strncpy(ifr.lifr_name, iface, sizeof ifr.lifr_name); + if(ioctl(ip_fd, SIOCGLIFMUXID, &ifr) >= 0) { + int muxid = ifr.lifr_arp_muxid; + ioctl(ip_fd, I_PUNLINK, muxid); + muxid = ifr.lifr_ip_muxid; + ioctl(ip_fd, I_PUNLINK, muxid); + } + } + + if(device_type == DEVICE_TYPE_TUN) { + /* Assign ppa according to the unit number returned by tun device */ + if(ioctl(if_fd, IF_UNITSEL, (char *)&ppa) < 0) { + logger(DEBUG_ALWAYS, LOG_ERR, "Could not set PPA %d on %s %s!", ppa, device_info, device); + return false; + } + } + + int arp_fd = -1; + + if(device_type == DEVICE_TYPE_TAP) { + struct lifreq ifr = {}; + + if(ioctl(if_fd, SIOCGLIFFLAGS, &ifr) < 0) { + logger(DEBUG_ALWAYS, LOG_ERR, "Could not set flags on %s %s!", device_info, device); + return false; + } + + strncpy(ifr.lifr_name, iface, sizeof(ifr.lifr_name)); + ifr.lifr_ppa = ppa; + + /* Assign ppa according to the unit number returned by tun device */ + if(ioctl(if_fd, SIOCSLIFNAME, &ifr) < 0) { + logger(DEBUG_ALWAYS, LOG_ERR, "Could not set PPA %d on %s %s!", ppa, device_info, device); + return false; + } + if(ioctl(if_fd, SIOCGLIFFLAGS, &ifr) < 0) { + logger(DEBUG_ALWAYS, LOG_ERR, "Could not set flags on %s %s!", device_info, device); + return false; + } + + /* Push arp module to if_fd */ + if(ioctl(if_fd, I_PUSH, "arp") < 0) { + logger(DEBUG_ALWAYS, LOG_ERR, "Could not push ARP module onto %s %s!", device_info, device); + return false; + } + + /* Pop any modules on the stream */ + while(true) { + if(ioctl(ip_fd, I_POP, NULL) < 0) + break; + } + + /* Push arp module to ip_fd */ + if(ioctl(ip_fd, I_PUSH, "arp") < 0) { + logger(DEBUG_ALWAYS, LOG_ERR, "Could not push ARP module onto %s!", "/dev/ip"); + return false; + } + + /* Open arp_fd */ + if((arp_fd = open(device, O_RDWR, 0)) < 0) { + logger(DEBUG_ALWAYS, LOG_ERR, "Could not open %s: %s\n", device, strerror(errno)); + return false; + } + + /* Push arp module to arp_fd */ + if(ioctl(arp_fd, I_PUSH, "arp") < 0) { + logger(DEBUG_ALWAYS, LOG_ERR, "Could not push ARP module onto %s %s!", device_info, device); + return false; + } + + /* Set ifname to arp */ + struct strioctl strioc_if = { + .ic_cmd = SIOCSLIFNAME, + .ic_len = sizeof ifr, + .ic_dp = (char *)&ifr, + }; + + if(ioctl(arp_fd, I_STR, &strioc_if) < 0) { + logger(DEBUG_ALWAYS, LOG_ERR, "Could not set ifname to %s %s", device_info, device); + return false; + } + } + + int ip_muxid, arp_muxid; + + if((ip_muxid = ioctl(ip_fd, I_PLINK, if_fd)) < 0) { + logger(DEBUG_ALWAYS, LOG_ERR, "Could not link %s %s to IP", device_info, device); + return false; + } + + if(device_type == DEVICE_TYPE_TAP) { + if((arp_muxid = ioctl(ip_fd, I_PLINK, arp_fd)) < 0) { + logger(DEBUG_ALWAYS, LOG_ERR, "Could not link %s %s to ARP", device_info, device); + return false; + } + close(arp_fd); + } + + struct lifreq ifr = {}; + strncpy(ifr.lifr_name, iface, sizeof(ifr.lifr_name)); + ifr.lifr_ip_muxid = ip_muxid; + if(device_type == DEVICE_TYPE_TAP) { + ifr.lifr_arp_muxid = arp_muxid; + } + + if(ioctl(ip_fd, SIOCSLIFMUXID, &ifr) < 0) { + if(device_type == DEVICE_TYPE_TAP) { + ioctl(ip_fd, I_PUNLINK, arp_muxid); + } + ioctl(ip_fd, I_PUNLINK, ip_muxid); + logger(DEBUG_ALWAYS, LOG_ERR, "Could not set multiplexor id for %s %s", device_info, device); + return false; + } + + close(if_fd); + #ifdef FD_CLOEXEC fcntl(device_fd, F_SETFD, FD_CLOEXEC); -#endif - - ppa = 0; - - ptr = device; - while(*ptr && !isdigit((int) *ptr)) - ptr++; - ppa = atoi(ptr); - - if((ip_fd = open("/dev/ip", O_RDWR, 0)) < 0) { - logger(DEBUG_ALWAYS, LOG_ERR, "Could not open /dev/ip: %s", strerror(errno)); - return false; - } - -#ifdef FD_CLOEXEC fcntl(ip_fd, F_SETFD, FD_CLOEXEC); #endif - /* Assign a new PPA and get its unit number. */ - if((ppa = ioctl(device_fd, TUNNEWPPA, ppa)) < 0) { - logger(DEBUG_ALWAYS, LOG_ERR, "Can't assign new interface: %s", strerror(errno)); - return false; - } - - if((if_fd = open(device, O_RDWR, 0)) < 0) { - logger(DEBUG_ALWAYS, LOG_ERR, "Could not open %s twice: %s", device, - strerror(errno)); - return false; - } - -#ifdef FD_CLOEXEC - fcntl(if_fd, F_SETFD, FD_CLOEXEC); -#endif - - if(ioctl(if_fd, I_PUSH, "ip") < 0) { - logger(DEBUG_ALWAYS, LOG_ERR, "Can't push IP module: %s", strerror(errno)); - return false; - } - - /* Assign ppa according to the unit number returned by tun device */ - if(ioctl(if_fd, IF_UNITSEL, (char *) &ppa) < 0) { - logger(DEBUG_ALWAYS, LOG_ERR, "Can't set PPA %d: %s", ppa, strerror(errno)); - return false; - } - - if(ioctl(ip_fd, I_LINK, if_fd) < 0) { - logger(DEBUG_ALWAYS, LOG_ERR, "Can't link TUN device to IP: %s", strerror(errno)); - return false; - } - - if(!get_config_string(lookup_config(config_tree, "Interface"), &iface)) - xasprintf(&iface, "tun%d", ppa); - - device_info = "Solaris tun device"; - logger(DEBUG_ALWAYS, LOG_INFO, "%s is a %s", device, device_info); return true; } static void close_device(void) { - close(if_fd); - close(ip_fd); - close(device_fd); + if(iface) { + struct lifreq ifr = {}; + strncpy(ifr.lifr_name, iface, sizeof ifr.lifr_name); + if(ioctl(ip_fd, SIOCGLIFMUXID, &ifr) >= 0) { + int muxid = ifr.lifr_arp_muxid; + ioctl(ip_fd, I_PUNLINK, muxid); + muxid = ifr.lifr_ip_muxid; + ioctl(ip_fd, I_PUNLINK, muxid); + } + } - free(device); - free(iface); + close(ip_fd); ip_fd = -1; + close(device_fd); device_fd = -1; + + free(device); device = NULL; + free(iface); iface = NULL; } static bool read_packet(vpn_packet_t *packet) { int inlen; - if((inlen = read(device_fd, packet->data + 14, MTU - 14)) <= 0) { - logger(DEBUG_ALWAYS, LOG_ERR, "Error while reading from %s %s: %s", device_info, - device, strerror(errno)); - return false; - } + switch(device_type) { + case DEVICE_TYPE_TUN: + if((inlen = read(device_fd, DATA(packet) + 14, MTU - 14)) <= 0) { + logger(DEBUG_ALWAYS, LOG_ERR, "Error while reading from %s %s: %s", device_info, device, strerror(errno)); + return false; + } - switch(packet->data[14] >> 4) { - case 4: - packet->data[12] = 0x08; - packet->data[13] = 0x00; + switch(DATA(packet)[14] >> 4) { + case 4: + DATA(packet)[12] = 0x08; + DATA(packet)[13] = 0x00; + break; + case 6: + DATA(packet)[12] = 0x86; + DATA(packet)[13] = 0xDD; + break; + default: + logger(DEBUG_TRAFFIC, LOG_ERR, "Unknown IP version %d while reading packet from %s %s", DATA(packet)[14] >> 4, device_info, device); + return false; + } + + memset(DATA(packet), 0, 12); + packet->len = inlen + 14; break; - case 6: - packet->data[12] = 0x86; - packet->data[13] = 0xDD; + + case DEVICE_TYPE_TAP: + if((inlen = read(device_fd, DATA(packet), MTU)) <= 0) { + logger(DEBUG_ALWAYS, LOG_ERR, "Error while reading from %s %s: %s", device_info, device, strerror(errno)); + return false; + } + + packet->len = inlen + 14; break; + default: - logger(DEBUG_TRAFFIC, LOG_ERR, - "Unknown IP version %d while reading packet from %s %s", - packet->data[14] >> 4, device_info, device); - return false; + abort(); } - memset(packet->data, 0, 12); - packet->len = inlen + 14; - - device_total_in += packet->len; - - logger(DEBUG_TRAFFIC, LOG_DEBUG, "Read packet of %d bytes from %s", packet->len, - device_info); + logger(DEBUG_TRAFFIC, LOG_DEBUG, "Read packet of %d bytes from %s", packet->len, device_info); return true; } static bool write_packet(vpn_packet_t *packet) { - logger(DEBUG_TRAFFIC, LOG_DEBUG, "Writing packet of %d bytes to %s", - packet->len, device_info); + logger(DEBUG_TRAFFIC, LOG_DEBUG, "Writing packet of %d bytes to %s", packet->len, device_info); - if(write(device_fd, packet->data + 14, packet->len - 14) < 0) { - logger(DEBUG_ALWAYS, LOG_ERR, "Can't write to %s %s: %s", device_info, - device, strerror(errno)); - return false; + switch(device_type) { + case DEVICE_TYPE_TUN: + if(write(device_fd, DATA(packet) + 14, packet->len - 14) < 0) { + logger(DEBUG_ALWAYS, LOG_ERR, "Can't write to %s %s: %s", device_info, device, strerror(errno)); + return false; + } + break; + + case DEVICE_TYPE_TAP: + if(write(device_fd, DATA(packet), packet->len) < 0) { + logger(DEBUG_ALWAYS, LOG_ERR, "Can't write to %s %s: %s", device_info, device, strerror(errno)); + return false; + } + break; + + default: + abort(); } - device_total_out += packet->len; - return true; } -static void dump_device_stats(void) { - logger(DEBUG_ALWAYS, LOG_DEBUG, "Statistics for %s %s:", device_info, device); - logger(DEBUG_ALWAYS, LOG_DEBUG, " total bytes in: %10"PRIu64, device_total_in); - logger(DEBUG_ALWAYS, LOG_DEBUG, " total bytes out: %10"PRIu64, device_total_out); -} - const devops_t os_devops = { .setup = setup_device, .close = close_device, .read = read_packet, .write = write_packet, - .dump_stats = dump_device_stats, }; diff --git a/src/sptps.c b/src/sptps.c index 62cfb1f..a598768 100644 --- a/src/sptps.c +++ b/src/sptps.c @@ -1,6 +1,6 @@ /* sptps.c -- Simple Peer-to-Peer Security - Copyright (C) 2011-2013 Guus Sliepen , + Copyright (C) 2011-2014 Guus Sliepen , 2010 Brandon L. Black This program is free software; you can redistribute it and/or modify @@ -20,9 +20,8 @@ #include "system.h" -#include "cipher.h" +#include "chacha-poly1305/chacha-poly1305.h" #include "crypto.h" -#include "digest.h" #include "ecdh.h" #include "ecdsa.h" #include "logger.h" @@ -40,7 +39,7 @@ unsigned int sptps_replaywin = 16; Sign all handshake messages up to ECDHE kex with long-term public keys. (done) - HMACed KEX finished message to prevent downgrade attacks and prove you have the right key material (done by virtue of ECDSA over the whole ECDHE exchange?) + HMACed KEX finished message to prevent downgrade attacks and prove you have the right key material (done by virtue of Ed25519 over the whole ECDHE exchange?) Explicit close message needs to be added. @@ -82,72 +81,53 @@ static void warning(sptps_t *s, const char *format, ...) { } // Send a record (datagram version, accepts all record types, handles encryption and authentication). -static bool send_record_priv_datagram(sptps_t *s, uint8_t type, const char *data, uint16_t len) { - char buffer[len + 23UL]; +static bool send_record_priv_datagram(sptps_t *s, uint8_t type, const void *data, uint16_t len) { + char buffer[len + 21UL]; // Create header with sequence number, length and record type - uint32_t seqno = htonl(s->outseqno++); - uint16_t netlen = htons(len); + uint32_t seqno = s->outseqno++; + uint32_t netseqno = ntohl(seqno); - memcpy(buffer, &netlen, 2); - memcpy(buffer + 2, &seqno, 4); - buffer[6] = type; - - // Add plaintext (TODO: avoid unnecessary copy) - memcpy(buffer + 7, data, len); + memcpy(buffer, &netseqno, 4); + buffer[4] = type; + memcpy(buffer + 5, data, len); if(s->outstate) { // If first handshake has finished, encrypt and HMAC - if(!cipher_set_counter(s->outcipher, &seqno, sizeof seqno)) - return false; - - if(!cipher_counter_xor(s->outcipher, buffer + 6, len + 1UL, buffer + 6)) - return false; - - if(!digest_create(s->outdigest, buffer, len + 7UL, buffer + 7UL + len)) - return false; - - return s->send_data(s->handle, type, buffer + 2, len + 21UL); + chacha_poly1305_encrypt(s->outcipher, seqno, buffer + 4, len + 1, buffer + 4, NULL); + return s->send_data(s->handle, type, buffer, len + 21UL); } else { // Otherwise send as plaintext - return s->send_data(s->handle, type, buffer + 2, len + 5UL); + return s->send_data(s->handle, type, buffer, len + 5UL); } } // Send a record (private version, accepts all record types, handles encryption and authentication). -static bool send_record_priv(sptps_t *s, uint8_t type, const char *data, uint16_t len) { +static bool send_record_priv(sptps_t *s, uint8_t type, const void *data, uint16_t len) { if(s->datagram) return send_record_priv_datagram(s, type, data, len); - char buffer[len + 23UL]; + char buffer[len + 19UL]; // Create header with sequence number, length and record type - uint32_t seqno = htonl(s->outseqno++); + uint32_t seqno = s->outseqno++; uint16_t netlen = htons(len); - memcpy(buffer, &seqno, 4); - memcpy(buffer + 4, &netlen, 2); - buffer[6] = type; - - // Add plaintext (TODO: avoid unnecessary copy) - memcpy(buffer + 7, data, len); + memcpy(buffer, &netlen, 2); + buffer[2] = type; + memcpy(buffer + 3, data, len); if(s->outstate) { // If first handshake has finished, encrypt and HMAC - if(!cipher_counter_xor(s->outcipher, buffer + 4, len + 3UL, buffer + 4)) - return false; - - if(!digest_create(s->outdigest, buffer, len + 7UL, buffer + 7UL + len)) - return false; - - return s->send_data(s->handle, type, buffer + 4, len + 19UL); + chacha_poly1305_encrypt(s->outcipher, seqno, buffer + 2, len + 1, buffer + 2, NULL); + return s->send_data(s->handle, type, buffer, len + 19UL); } else { // Otherwise send as plaintext - return s->send_data(s->handle, type, buffer + 4, len + 3UL); + return s->send_data(s->handle, type, buffer, len + 3UL); } } // Send an application record. -bool sptps_send_record(sptps_t *s, uint8_t type, const char *data, uint16_t len) { +bool sptps_send_record(sptps_t *s, uint8_t type, const void *data, uint16_t len) { // Sanity checks: application cannot send data before handshake is finished, // and only record types 0..127 are allowed. if(!s->outstate) @@ -165,7 +145,7 @@ static bool send_kex(sptps_t *s) { // Make room for our KEX message, which we will keep around since send_sig() needs it. if(s->mykex) - abort(); + return false; s->mykex = realloc(s->mykex, 1 + 32 + keylen); if(!s->mykex) return error(s, errno, strerror(errno)); @@ -178,12 +158,12 @@ static bool send_kex(sptps_t *s) { // Create a new ECDH public key. if(!(s->ecdh = ecdh_generate_public(s->mykex + 1 + 32))) - return false; + return error(s, EINVAL, "Failed to generate ECDH public key"); return send_record_priv(s, SPTPS_HANDSHAKE, s->mykex, 1 + 32 + keylen); } -// Send a SIGnature record, containing an ECDSA signature over both KEX records. +// Send a SIGnature record, containing an Ed25519 signature over both KEX records. static bool send_sig(sptps_t *s) { size_t keylen = ECDH_SIZE; size_t siglen = ecdsa_size(s->mykey); @@ -199,7 +179,7 @@ static bool send_sig(sptps_t *s) { // Sign the result. if(!ecdsa_sign(s->mykey, msg, sizeof msg, sig)) - return false; + return error(s, EINVAL, "Failed to sign SIG record"); // Send the SIG exchange record. return send_record_priv(s, SPTPS_HANDSHAKE, sig, sizeof sig); @@ -209,16 +189,14 @@ static bool send_sig(sptps_t *s) { static bool generate_key_material(sptps_t *s, const char *shared, size_t len) { // Initialise cipher and digest structures if necessary if(!s->outstate) { - s->incipher = cipher_open_by_name("aes-256-ecb"); - s->outcipher = cipher_open_by_name("aes-256-ecb"); - s->indigest = digest_open_by_name("sha256", 16); - s->outdigest = digest_open_by_name("sha256", 16); - if(!s->incipher || !s->outcipher || !s->indigest || !s->outdigest) - return false; + s->incipher = chacha_poly1305_init(); + s->outcipher = chacha_poly1305_init(); + if(!s->incipher || !s->outcipher) + return error(s, EINVAL, "Failed to open cipher"); } // Allocate memory for key material - size_t keylen = digest_keylength(s->indigest) + digest_keylength(s->outdigest) + cipher_keylength(s->incipher) + cipher_keylength(s->outcipher); + size_t keylen = 2 * CHACHA_POLY1305_KEYLEN; s->key = realloc(s->key, keylen); if(!s->key) @@ -238,7 +216,7 @@ static bool generate_key_material(sptps_t *s, const char *shared, size_t len) { // Use PRF to generate the key material if(!prf(shared, len, seed, s->labellen + 64 + 13, s->key, keylen)) - return false; + return error(s, EINVAL, "Failed to generate key material"); return true; } @@ -254,17 +232,11 @@ static bool receive_ack(sptps_t *s, const char *data, uint16_t len) { return error(s, EIO, "Invalid ACK record length"); if(s->initiator) { - bool result - = cipher_set_counter_key(s->incipher, s->key) - && digest_set_key(s->indigest, s->key + cipher_keylength(s->incipher), digest_keylength(s->indigest)); - if(!result) - return false; + if(!chacha_poly1305_set_key(s->incipher, s->key)) + return error(s, EINVAL, "Failed to set counter"); } else { - bool result - = cipher_set_counter_key(s->incipher, s->key + cipher_keylength(s->outcipher) + digest_keylength(s->outdigest)) - && digest_set_key(s->indigest, s->key + cipher_keylength(s->outcipher) + digest_keylength(s->outdigest) + cipher_keylength(s->incipher), digest_keylength(s->indigest)); - if(!result) - return false; + if(!chacha_poly1305_set_key(s->incipher, s->key + CHACHA_POLY1305_KEYLEN)) + return error(s, EINVAL, "Failed to set counter"); } free(s->key); @@ -284,7 +256,7 @@ static bool receive_kex(sptps_t *s, const char *data, uint16_t len) { // Make a copy of the KEX message, send_sig() and receive_sig() need it if(s->hiskex) - abort(); + return error(s, EINVAL, "Received a second KEX message before first has been processed"); s->hiskex = realloc(s->hiskex, len); if(!s->hiskex) return error(s, errno, strerror(errno)); @@ -313,12 +285,12 @@ static bool receive_sig(sptps_t *s, const char *data, uint16_t len) { // Verify signature. if(!ecdsa_verify(s->hiskey, msg, sizeof msg, data)) - return false; + return error(s, EIO, "Failed to verify SIG record"); // Compute shared secret. char shared[ECDH_SHARED_SIZE]; if(!ecdh_compute_shared(s->ecdh, s->hiskex + 1 + 32, shared)) - return false; + return error(s, EINVAL, "Failed to compute ECDH shared secret"); s->ecdh = NULL; // Generate key material from shared secret. @@ -337,17 +309,11 @@ static bool receive_sig(sptps_t *s, const char *data, uint16_t len) { // TODO: only set new keys after ACK has been set/received if(s->initiator) { - bool result - = cipher_set_counter_key(s->outcipher, s->key + cipher_keylength(s->incipher) + digest_keylength(s->indigest)) - && digest_set_key(s->outdigest, s->key + cipher_keylength(s->incipher) + digest_keylength(s->indigest) + cipher_keylength(s->outcipher), digest_keylength(s->outdigest)); - if(!result) - return false; + if(!chacha_poly1305_set_key(s->outcipher, s->key + CHACHA_POLY1305_KEYLEN)) + return error(s, EINVAL, "Failed to set key"); } else { - bool result - = cipher_set_counter_key(s->outcipher, s->key) - && digest_set_key(s->outdigest, s->key + cipher_keylength(s->outcipher), digest_keylength(s->outdigest)); - if(!result) - return false; + if(!chacha_poly1305_set_key(s->outcipher, s->key)) + return error(s, EINVAL, "Failed to set key"); } return true; @@ -404,18 +370,73 @@ static bool receive_handshake(sptps_t *s, const char *data, uint16_t len) { } } +static bool sptps_check_seqno(sptps_t *s, uint32_t seqno, bool update_state) { + // Replay protection using a sliding window of configurable size. + // s->inseqno is expected sequence number + // seqno is received sequence number + // s->late[] is a circular buffer, a 1 bit means a packet has not been received yet + // The circular buffer contains bits for sequence numbers from s->inseqno - s->replaywin * 8 to (but excluding) s->inseqno. + if(s->replaywin) { + if(seqno != s->inseqno) { + if(seqno >= s->inseqno + s->replaywin * 8) { + // Prevent packets that jump far ahead of the queue from causing many others to be dropped. + bool farfuture = s->farfuture < s->replaywin >> 2; + if (update_state) + s->farfuture++; + if(farfuture) + return error(s, EIO, "Packet is %d seqs in the future, dropped (%u)\n", seqno - s->inseqno, s->farfuture); + + // Unless we have seen lots of them, in which case we consider the others lost. + warning(s, "Lost %d packets\n", seqno - s->inseqno); + if (update_state) { + // Mark all packets in the replay window as being late. + memset(s->late, 255, s->replaywin); + } + } else if (seqno < s->inseqno) { + // If the sequence number is farther in the past than the bitmap goes, or if the packet was already received, drop it. + if((s->inseqno >= s->replaywin * 8 && seqno < s->inseqno - s->replaywin * 8) || !(s->late[(seqno / 8) % s->replaywin] & (1 << seqno % 8))) + return error(s, EIO, "Received late or replayed packet, seqno %d, last received %d\n", seqno, s->inseqno); + } else if (update_state) { + // We missed some packets. Mark them in the bitmap as being late. + for(int i = s->inseqno; i < seqno; i++) + s->late[(i / 8) % s->replaywin] |= 1 << i % 8; + } + } + + if (update_state) { + // Mark the current packet as not being late. + s->late[(seqno / 8) % s->replaywin] &= ~(1 << seqno % 8); + s->farfuture = 0; + } + } + + if (update_state) { + if(seqno >= s->inseqno) + s->inseqno = seqno + 1; + + if(!s->inseqno) + s->received = 0; + else + s->received++; + } + + return true; +} + // Check datagram for valid HMAC -bool sptps_verify_datagram(sptps_t *s, const char *data, size_t len) { +bool sptps_verify_datagram(sptps_t *s, const void *data, size_t len) { if(!s->instate || len < 21) + return error(s, EIO, "Received short packet"); + + uint32_t seqno; + memcpy(&seqno, data, 4); + seqno = ntohl(seqno); + if (!sptps_check_seqno(s, seqno, false)) return false; - char buffer[len + 23]; - uint16_t netlen = htons(len - 21); - - memcpy(buffer, &netlen, 2); - memcpy(buffer + 2, data, len); - - return digest_verify(s->indigest, buffer, len - 14, buffer + len - 14); + char buffer[len]; + size_t outlen; + return chacha_poly1305_decrypt(s->incipher, seqno, data + 4, len - 4, buffer, &outlen); } // Receive incoming data, datagram version. @@ -441,77 +462,31 @@ static bool sptps_receive_data_datagram(sptps_t *s, const char *data, size_t len return receive_handshake(s, data + 5, len - 5); } - // Check HMAC. - uint16_t netlen = htons(len - 21); + // Decrypt - char buffer[len + 23]; + char buffer[len]; - memcpy(buffer, &netlen, 2); - memcpy(buffer + 2, data, len); + size_t outlen; - if(!digest_verify(s->indigest, buffer, len - 14, buffer + len - 14)) - return error(s, EIO, "Invalid HMAC"); + if(!chacha_poly1305_decrypt(s->incipher, seqno, data + 4, len - 4, buffer, &outlen)) + return error(s, EIO, "Failed to decrypt and verify packet"); - // Replay protection using a sliding window of configurable size. - // s->inseqno is expected sequence number - // seqno is received sequence number - // s->late[] is a circular buffer, a 1 bit means a packet has not been received yet - // The circular buffer contains bits for sequence numbers from s->inseqno - s->replaywin * 8 to (but excluding) s->inseqno. - if(s->replaywin) { - if(seqno != s->inseqno) { - if(seqno >= s->inseqno + s->replaywin * 8) { - // Prevent packets that jump far ahead of the queue from causing many others to be dropped. - if(s->farfuture++ < s->replaywin >> 2) - return error(s, EIO, "Packet is %d seqs in the future, dropped (%u)\n", seqno - s->inseqno, s->farfuture); - - // Unless we have seen lots of them, in which case we consider the others lost. - warning(s, "Lost %d packets\n", seqno - s->inseqno); - // Mark all packets in the replay window as being late. - memset(s->late, 255, s->replaywin); - } else if (seqno < s->inseqno) { - // If the sequence number is farther in the past than the bitmap goes, or if the packet was already received, drop it. - if((s->inseqno >= s->replaywin * 8 && seqno < s->inseqno - s->replaywin * 8) || !(s->late[(seqno / 8) % s->replaywin] & (1 << seqno % 8))) - return error(s, EIO, "Received late or replayed packet, seqno %d, last received %d\n", seqno, s->inseqno); - } else { - // We missed some packets. Mark them in the bitmap as being late. - for(int i = s->inseqno; i < seqno; i++) - s->late[(i / 8) % s->replaywin] |= 1 << i % 8; - } - } - - // Mark the current packet as not being late. - s->late[(seqno / 8) % s->replaywin] &= ~(1 << seqno % 8); - s->farfuture = 0; - } - - if(seqno >= s->inseqno) - s->inseqno = seqno + 1; - - if(!s->inseqno) - s->received = 0; - else - s->received++; - - // Decrypt. - memcpy(&seqno, buffer + 2, 4); - if(!cipher_set_counter(s->incipher, &seqno, sizeof seqno)) - return false; - if(!cipher_counter_xor(s->incipher, buffer + 6, len - 4, buffer + 6)) + if(!sptps_check_seqno(s, seqno, true)) return false; // Append a NULL byte for safety. - buffer[len - 14] = 0; + buffer[len - 20] = 0; - uint8_t type = buffer[6]; + uint8_t type = buffer[0]; if(type < SPTPS_HANDSHAKE) { if(!s->instate) return error(s, EIO, "Application record received before handshake finished"); - if(!s->receive_record(s->handle, type, buffer + 7, len - 21)) - return false; + if(!s->receive_record(s->handle, type, buffer + 1, len - 21)) + abort(); } else if(type == SPTPS_HANDSHAKE) { - if(!receive_handshake(s, buffer + 7, len - 21)) - return false; + if(!receive_handshake(s, buffer + 1, len - 21)) + abort(); } else { return error(s, EIO, "Invalid record type %d", type); } @@ -520,7 +495,7 @@ static bool sptps_receive_data_datagram(sptps_t *s, const char *data, size_t len } // Receive incoming data. Check if it contains a complete record, if so, handle it. -bool sptps_receive_data(sptps_t *s, const char *data, size_t len) { +bool sptps_receive_data(sptps_t *s, const void *data, size_t len) { if(!s->state) return error(s, EIO, "Invalid session state zero"); @@ -529,8 +504,8 @@ bool sptps_receive_data(sptps_t *s, const char *data, size_t len) { while(len) { // First read the 2 length bytes. - if(s->buflen < 6) { - size_t toread = 6 - s->buflen; + if(s->buflen < 2) { + size_t toread = 2 - s->buflen; if(toread > len) toread = len; @@ -541,36 +516,26 @@ bool sptps_receive_data(sptps_t *s, const char *data, size_t len) { data += toread; // Exit early if we don't have the full length. - if(s->buflen < 6) + if(s->buflen < 2) return true; - // Decrypt the length bytes - - if(s->instate) { - if(!cipher_counter_xor(s->incipher, s->inbuf + 4, 2, &s->reclen)) - return false; - } else { - memcpy(&s->reclen, s->inbuf + 4, 2); - } + // Get the length bytes + memcpy(&s->reclen, s->inbuf, 2); s->reclen = ntohs(s->reclen); // If we have the length bytes, ensure our buffer can hold the whole request. - s->inbuf = realloc(s->inbuf, s->reclen + 23UL); + s->inbuf = realloc(s->inbuf, s->reclen + 19UL); if(!s->inbuf) return error(s, errno, strerror(errno)); - // Add sequence number. - uint32_t seqno = htonl(s->inseqno++); - memcpy(s->inbuf, &seqno, 4); - // Exit early if we have no more data to process. if(!len) return true; } // Read up to the end of the record. - size_t toread = s->reclen + (s->instate ? 23UL : 7UL) - s->buflen; + size_t toread = s->reclen + (s->instate ? 19UL : 3UL) - s->buflen; if(toread > len) toread = len; @@ -580,43 +545,44 @@ bool sptps_receive_data(sptps_t *s, const char *data, size_t len) { data += toread; // If we don't have a whole record, exit. - if(s->buflen < s->reclen + (s->instate ? 23UL : 7UL)) + if(s->buflen < s->reclen + (s->instate ? 19UL : 3UL)) return true; + // Update sequence number. + + uint32_t seqno = s->inseqno++; + // Check HMAC and decrypt. if(s->instate) { - if(!digest_verify(s->indigest, s->inbuf, s->reclen + 7UL, s->inbuf + s->reclen + 7UL)) - return error(s, EIO, "Invalid HMAC"); - - if(!cipher_counter_xor(s->incipher, s->inbuf + 6UL, s->reclen + 1UL, s->inbuf + 6UL)) - return false; + if(!chacha_poly1305_decrypt(s->incipher, seqno, s->inbuf + 2UL, s->reclen + 17UL, s->inbuf + 2UL, NULL)) + return error(s, EINVAL, "Failed to decrypt and verify record"); } // Append a NULL byte for safety. - s->inbuf[s->reclen + 7UL] = 0; + s->inbuf[s->reclen + 3UL] = 0; - uint8_t type = s->inbuf[6]; + uint8_t type = s->inbuf[2]; if(type < SPTPS_HANDSHAKE) { if(!s->instate) return error(s, EIO, "Application record received before handshake finished"); - if(!s->receive_record(s->handle, type, s->inbuf + 7, s->reclen)) + if(!s->receive_record(s->handle, type, s->inbuf + 3, s->reclen)) return false; } else if(type == SPTPS_HANDSHAKE) { - if(!receive_handshake(s, s->inbuf + 7, s->reclen)) + if(!receive_handshake(s, s->inbuf + 3, s->reclen)) return false; } else { return error(s, EIO, "Invalid record type %d", type); } - s->buflen = 4; + s->buflen = 0; } return true; } // Start a SPTPS session. -bool sptps_start(sptps_t *s, void *handle, bool initiator, bool datagram, ecdsa_t *mykey, ecdsa_t *hiskey, const char *label, size_t labellen, send_data_t send_data, receive_record_t receive_record) { +bool sptps_start(sptps_t *s, void *handle, bool initiator, bool datagram, ecdsa_t *mykey, ecdsa_t *hiskey, const void *label, size_t labellen, send_data_t send_data, receive_record_t receive_record) { // Initialise struct sptps memset(s, 0, sizeof *s); @@ -641,8 +607,7 @@ bool sptps_start(sptps_t *s, void *handle, bool initiator, bool datagram, ecdsa_ s->inbuf = malloc(7); if(!s->inbuf) return error(s, errno, strerror(errno)); - s->buflen = 4; - memset(s->inbuf, 0, 4); + s->buflen = 0; } memcpy(s->label, label, labellen); @@ -659,10 +624,8 @@ bool sptps_start(sptps_t *s, void *handle, bool initiator, bool datagram, ecdsa_ // Stop a SPTPS session. bool sptps_stop(sptps_t *s) { // Clean up any resources. - cipher_close(s->incipher); - cipher_close(s->outcipher); - digest_close(s->indigest); - digest_close(s->outdigest); + chacha_poly1305_exit(s->incipher); + chacha_poly1305_exit(s->outcipher); ecdh_free(s->ecdh); free(s->inbuf); free(s->mykex); diff --git a/src/sptps.h b/src/sptps.h index 3a8e65f..a2633bd 100644 --- a/src/sptps.h +++ b/src/sptps.h @@ -1,6 +1,6 @@ /* sptps.h -- Simple Peer-to-Peer Security - Copyright (C) 2011-2013 Guus Sliepen , + Copyright (C) 2011-2014 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -22,8 +22,7 @@ #include "system.h" -#include "cipher.h" -#include "digest.h" +#include "chacha-poly1305/chacha-poly1305.h" #include "ecdh.h" #include "ecdsa.h" @@ -40,8 +39,11 @@ #define SPTPS_SIG 3 // Waiting for a SIGnature record #define SPTPS_ACK 4 // Waiting for an ACKnowledgement record -typedef bool (*send_data_t)(void *handle, uint8_t type, const char *data, size_t len); -typedef bool (*receive_record_t)(void *handle, uint8_t type, const char *data, uint16_t len); +// Overhead for datagrams +#define SPTPS_DATAGRAM_OVERHEAD 21 + +typedef bool (*send_data_t)(void *handle, uint8_t type, const void *data, size_t len); +typedef bool (*receive_record_t)(void *handle, uint8_t type, const void *data, uint16_t len); typedef struct sptps { bool initiator; @@ -53,8 +55,7 @@ typedef struct sptps { uint16_t reclen; bool instate; - cipher_t *incipher; - digest_t *indigest; + chacha_poly1305_ctx_t *incipher; uint32_t inseqno; uint32_t received; unsigned int replaywin; @@ -62,8 +63,7 @@ typedef struct sptps { char *late; bool outstate; - cipher_t *outcipher; - digest_t *outdigest; + chacha_poly1305_ctx_t *outcipher; uint32_t outseqno; ecdsa_t *mykey; @@ -85,11 +85,11 @@ extern unsigned int sptps_replaywin; extern void sptps_log_quiet(sptps_t *s, int s_errno, const char *format, va_list ap); extern void sptps_log_stderr(sptps_t *s, int s_errno, const char *format, va_list ap); extern void (*sptps_log)(sptps_t *s, int s_errno, const char *format, va_list ap); -extern bool sptps_start(sptps_t *s, void *handle, bool initiator, bool datagram, ecdsa_t *mykey, ecdsa_t *hiskey, const char *label, size_t labellen, send_data_t send_data, receive_record_t receive_record); +extern bool sptps_start(sptps_t *s, void *handle, bool initiator, bool datagram, ecdsa_t *mykey, ecdsa_t *hiskey, const void *label, size_t labellen, send_data_t send_data, receive_record_t receive_record); extern bool sptps_stop(sptps_t *s); -extern bool sptps_send_record(sptps_t *s, uint8_t type, const char *data, uint16_t len); -extern bool sptps_receive_data(sptps_t *s, const char *data, size_t len); +extern bool sptps_send_record(sptps_t *s, uint8_t type, const void *data, uint16_t len); +extern bool sptps_receive_data(sptps_t *s, const void *data, size_t len); extern bool sptps_force_kex(sptps_t *s); -extern bool sptps_verify_datagram(sptps_t *s, const char *data, size_t len); +extern bool sptps_verify_datagram(sptps_t *s, const void *data, size_t len); #endif diff --git a/src/sptps_keypair.c b/src/sptps_keypair.c new file mode 100644 index 0000000..399404e --- /dev/null +++ b/src/sptps_keypair.c @@ -0,0 +1,108 @@ +/* + sptps_test.c -- Simple Peer-to-Peer Security test program + Copyright (C) 2011-2013 Guus Sliepen , + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +*/ + +#include "system.h" + +#include + +#include "crypto.h" +#include "ecdsagen.h" +#include "utils.h" + +static char *program_name; + +void logger(int level, int priority, const char *format, ...) { + va_list ap; + va_start(ap, format); + vfprintf(stderr, format, ap); + va_end(ap); + fputc('\n', stderr); +} + +static void usage() { + fprintf(stderr, "Usage: %s [options] private_key_file public_key_file\n\n", program_name); + fprintf(stderr, "Valid options are:\n" + " --help Display this help and exit.\n" + "\n"); + fprintf(stderr, "Report bugs to tinc@tinc-vpn.org.\n"); +} + +static struct option const long_options[] = { + {"help", no_argument, NULL, 1}, + {NULL, 0, NULL, 0} +}; + +int main(int argc, char *argv[]) { + program_name = argv[0]; + int r; + int option_index = 0; + + while((r = getopt_long(argc, argv, "", long_options, &option_index)) != EOF) { + switch (r) { + case 0: /* long option */ + break; + + case '?': /* wrong options */ + usage(); + return 1; + + case 1: /* help */ + usage(); + return 0; + + default: + break; + } + } + + argc -= optind - 1; + argv += optind - 1; + + if(argc != 3) { + fprintf(stderr, "Wrong number of arguments.\n"); + usage(); + return 1; + } + + crypto_init(); + + ecdsa_t *key = ecdsa_generate(); + if(!key) + return 1; + + FILE *fp = fopen(argv[1], "w"); + if(fp) { + ecdsa_write_pem_private_key(key, fp); + fclose(fp); + } else { + fprintf(stderr, "Could not open '%s' for writing: %s\n", argv[1], strerror(errno)); + return 1; + } + + fp = fopen(argv[2], "w"); + if(fp) { + ecdsa_write_pem_public_key(key, fp); + fclose(fp); + } else { + fprintf(stderr, "Could not open '%s' for writing: %s\n", argv[2], strerror(errno)); + return 1; + } + + return 0; +} diff --git a/src/sptps_speed.c b/src/sptps_speed.c new file mode 100644 index 0000000..ab41e8d --- /dev/null +++ b/src/sptps_speed.c @@ -0,0 +1,232 @@ +/* + sptps_speed.c -- SPTPS benchmark + Copyright (C) 2013-2014 Guus Sliepen + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +*/ + +#include "system.h" +#include "utils.h" + +#include + +#include "crypto.h" +#include "ecdh.h" +#include "ecdsa.h" +#include "ecdsagen.h" +#include "sptps.h" + +// Symbols necessary to link with logger.o +bool send_request(void *c, const char *msg, ...) { return false; } +struct list_t *connection_list = NULL; +bool send_meta(void *c, const char *msg , int len) { return false; } +char *logfilename = NULL; +struct timeval now; + +static bool send_data(void *handle, uint8_t type, const void *data, size_t len) { + int fd = *(int *)handle; + send(fd, data, len, 0); + return true; +} + +static bool receive_record(void *handle, uint8_t type, const void *data, uint16_t len) { + return true; +} + +static void receive_data(sptps_t *sptps) { + char buf[4096]; + int fd = *(int *)sptps->handle; + size_t len = recv(fd, buf, sizeof buf, 0); + if(!sptps_receive_data(sptps, buf, len)) + abort(); +} + +struct timespec start; +struct timespec end; +double elapsed; +double rate; +unsigned int count; + +static void clock_start() { + count = 0; + clock_gettime(CLOCK_PROCESS_CPUTIME_ID, &start); +} + +static bool clock_countto(double seconds) { + clock_gettime(CLOCK_PROCESS_CPUTIME_ID, &end); + elapsed = end.tv_sec + end.tv_nsec * 1e-9 - start.tv_sec - start.tv_nsec * 1e-9; + if(elapsed < seconds) + return ++count; + + rate = count / elapsed; + return false; +} + +int main(int argc, char *argv[]) { + ecdsa_t *key1, *key2; + ecdh_t *ecdh1, *ecdh2; + sptps_t sptps1, sptps2; + char buf1[4096], buf2[4096], buf3[4096]; + double duration = argc > 1 ? atof(argv[1]) : 10; + + crypto_init(); + + randomize(buf1, sizeof buf1); + randomize(buf2, sizeof buf2); + randomize(buf3, sizeof buf3); + + // Key generation + + fprintf(stderr, "Generating keys for %lg seconds: ", duration); + for(clock_start(); clock_countto(duration);) + ecdsa_free(ecdsa_generate()); + fprintf(stderr, "%17.2lf op/s\n", rate); + + key1 = ecdsa_generate(); + key2 = ecdsa_generate(); + + // Ed25519 signatures + + fprintf(stderr, "Ed25519 sign for %lg seconds: ", duration); + for(clock_start(); clock_countto(duration);) + ecdsa_sign(key1, buf1, 256, buf2); + fprintf(stderr, "%22.2lf op/s\n", rate); + + fprintf(stderr, "Ed25519 verify for %lg seconds: ", duration); + for(clock_start(); clock_countto(duration);) + ecdsa_verify(key1, buf1, 256, buf2); + fprintf(stderr, "%20.2lf op/s\n", rate); + + ecdh1 = ecdh_generate_public(buf1); + fprintf(stderr, "ECDH for %lg seconds: ", duration); + for(clock_start(); clock_countto(duration);) { + ecdh2 = ecdh_generate_public(buf2); + ecdh_compute_shared(ecdh2, buf1, buf3); + } + fprintf(stderr, "%28.2lf op/s\n", rate); + ecdh_free(ecdh1); + + // SPTPS authentication phase + + int fd[2]; + if(socketpair(AF_UNIX, SOCK_STREAM, 0, fd)) { + fprintf(stderr, "Could not create a UNIX socket pair: %s\n", sockstrerror(sockerrno)); + return 1; + } + + struct pollfd pfd[2] = {{fd[0], POLLIN}, {fd[1], POLLIN}}; + + fprintf(stderr, "SPTPS/TCP authenticate for %lg seconds: ", duration); + for(clock_start(); clock_countto(duration);) { + sptps_start(&sptps1, fd + 0, true, false, key1, key2, "sptps_speed", 11, send_data, receive_record); + sptps_start(&sptps2, fd + 1, false, false, key2, key1, "sptps_speed", 11, send_data, receive_record); + while(poll(pfd, 2, 0)) { + if(pfd[0].revents) + receive_data(&sptps1); + if(pfd[1].revents) + receive_data(&sptps2); + } + sptps_stop(&sptps1); + sptps_stop(&sptps2); + } + fprintf(stderr, "%10.2lf op/s\n", rate * 2); + + // SPTPS data + + sptps_start(&sptps1, fd + 0, true, false, key1, key2, "sptps_speed", 11, send_data, receive_record); + sptps_start(&sptps2, fd + 1, false, false, key2, key1, "sptps_speed", 11, send_data, receive_record); + while(poll(pfd, 2, 0)) { + if(pfd[0].revents) + receive_data(&sptps1); + if(pfd[1].revents) + receive_data(&sptps2); + } + fprintf(stderr, "SPTPS/TCP transmit for %lg seconds: ", duration); + for(clock_start(); clock_countto(duration);) { + if(!sptps_send_record(&sptps1, 0, buf1, 1451)) + abort(); + receive_data(&sptps2); + } + rate *= 2 * 1451 * 8; + if(rate > 1e9) + fprintf(stderr, "%14.2lf Gbit/s\n", rate / 1e9); + else if(rate > 1e6) + fprintf(stderr, "%14.2lf Mbit/s\n", rate / 1e6); + else if(rate > 1e3) + fprintf(stderr, "%14.2lf kbit/s\n", rate / 1e3); + sptps_stop(&sptps1); + sptps_stop(&sptps2); + + // SPTPS datagram authentication phase + + close(fd[0]); + close(fd[1]); + + if(socketpair(AF_UNIX, SOCK_DGRAM, 0, fd)) { + fprintf(stderr, "Could not create a UNIX socket pair: %s\n", sockstrerror(sockerrno)); + return 1; + } + + fprintf(stderr, "SPTPS/UDP authenticate for %lg seconds: ", duration); + for(clock_start(); clock_countto(duration);) { + sptps_start(&sptps1, fd + 0, true, true, key1, key2, "sptps_speed", 11, send_data, receive_record); + sptps_start(&sptps2, fd + 1, false, true, key2, key1, "sptps_speed", 11, send_data, receive_record); + while(poll(pfd, 2, 0)) { + if(pfd[0].revents) + receive_data(&sptps1); + if(pfd[1].revents) + receive_data(&sptps2); + } + sptps_stop(&sptps1); + sptps_stop(&sptps2); + } + fprintf(stderr, "%10.2lf op/s\n", rate * 2); + + // SPTPS datagram data + + sptps_start(&sptps1, fd + 0, true, true, key1, key2, "sptps_speed", 11, send_data, receive_record); + sptps_start(&sptps2, fd + 1, false, true, key2, key1, "sptps_speed", 11, send_data, receive_record); + while(poll(pfd, 2, 0)) { + if(pfd[0].revents) + receive_data(&sptps1); + if(pfd[1].revents) + receive_data(&sptps2); + } + fprintf(stderr, "SPTPS/UDP transmit for %lg seconds: ", duration); + for(clock_start(); clock_countto(duration);) { + if(!sptps_send_record(&sptps1, 0, buf1, 1451)) + abort(); + receive_data(&sptps2); + } + rate *= 2 * 1451 * 8; + if(rate > 1e9) + fprintf(stderr, "%14.2lf Gbit/s\n", rate / 1e9); + else if(rate > 1e6) + fprintf(stderr, "%14.2lf Mbit/s\n", rate / 1e6); + else if(rate > 1e3) + fprintf(stderr, "%14.2lf kbit/s\n", rate / 1e3); + sptps_stop(&sptps1); + sptps_stop(&sptps2); + + // Clean up + + close(fd[0]); + close(fd[1]); + ecdsa_free(key1); + ecdsa_free(key2); + crypto_exit(); + + return 0; +} diff --git a/src/sptps_test.c b/src/sptps_test.c index 7aa7a0a..95bfda8 100644 --- a/src/sptps_test.c +++ b/src/sptps_test.c @@ -1,6 +1,6 @@ /* sptps_test.c -- Simple Peer-to-Peer Security test program - Copyright (C) 2011-2013 Guus Sliepen , + Copyright (C) 2011-2014 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -19,6 +19,10 @@ #include "system.h" +#ifdef HAVE_LINUX +#include +#endif + #include #include "crypto.h" @@ -33,23 +37,28 @@ bool send_meta(void *c, const char *msg , int len) { return false; } char *logfilename = NULL; struct timeval now; +static bool verbose; static bool readonly; static bool writeonly; +static int in = 0; +static int out = 1; -static bool send_data(void *handle, uint8_t type, const char *data, size_t len) { +static bool send_data(void *handle, uint8_t type, const void *data, size_t len) { char hex[len * 2 + 1]; bin2hex(data, hex, len); - fprintf(stderr, "Sending %d bytes of data:\n%s\n", (int)len, hex); + if(verbose) + fprintf(stderr, "Sending %d bytes of data:\n%s\n", (int)len, hex); const int *sock = handle; if(send(*sock, data, len, 0) != len) return false; return true; } -static bool receive_record(void *handle, uint8_t type, const char *data, uint16_t len) { - fprintf(stderr, "Received type %d record of %hu bytes:\n", type, len); +static bool receive_record(void *handle, uint8_t type, const void *data, uint16_t len) { + if(verbose) + fprintf(stderr, "Received type %d record of %hu bytes:\n", type, len); if(!writeonly) - fwrite(data, len, 1, stdout); + write(out, data, len); return true; } @@ -60,6 +69,7 @@ static struct option const long_options[] = { {"writeonly", no_argument, NULL, 'w'}, {"packet-loss", required_argument, NULL, 'L'}, {"replay-window", required_argument, NULL, 'W'}, + {"verbose", required_argument, NULL, 'v'}, {"help", no_argument, NULL, 1}, {NULL, 0, NULL, 0} }; @@ -67,14 +77,18 @@ static struct option const long_options[] = { const char *program_name; static void usage() { - fprintf(stderr, "Usage: %s [options] my_ecdsa_key_file his_ecdsa_key_file [host] port\n\n", program_name); + fprintf(stderr, "Usage: %s [options] my_ed25519_key_file his_ed25519_key_file [host] port\n\n", program_name); fprintf(stderr, "Valid options are:\n" " -d, --datagram Enable datagram mode.\n" " -q, --quit Quit when EOF occurs on stdin.\n" " -r, --readonly Only send data from the socket to stdout.\n" +#ifdef HAVE_LINUX + " -t, --tun Use a tun device instead of stdio.\n" +#endif " -w, --writeonly Only send data from stdin to the socket.\n" " -L, --packet-loss RATE Fake packet loss of RATE percent.\n" " -R, --replay-window N Set replay window to N bytes.\n" + " -v, --verbose Display debug messages.\n" "\n"); fprintf(stderr, "Report bugs to tinc@tinc-vpn.org.\n"); } @@ -83,13 +97,16 @@ int main(int argc, char *argv[]) { program_name = argv[0]; bool initiator = false; bool datagram = false; +#ifdef HAVE_LINUX + bool tun = false; +#endif int packetloss = 0; int r; int option_index = 0; ecdsa_t *mykey = NULL, *hiskey = NULL; bool quit = false; - while((r = getopt_long(argc, argv, "dqrwL:W:", long_options, &option_index)) != EOF) { + while((r = getopt_long(argc, argv, "dqrtwL:W:v", long_options, &option_index)) != EOF) { switch (r) { case 0: /* long option */ break; @@ -106,6 +123,16 @@ int main(int argc, char *argv[]) { readonly = true; break; + case 't': /* read only */ +#ifdef HAVE_LINUX + tun = true; +#else + fprintf(stderr, "--tun is only supported on Linux.\n"); + usage(); + return 1; +#endif + break; + case 'w': /* write only */ writeonly = true; break; @@ -118,6 +145,10 @@ int main(int argc, char *argv[]) { sptps_replaywin = atoi(optarg); break; + case 'v': /* be verbose */ + verbose = true; + break; + case '?': /* wrong options */ usage(); return 1; @@ -145,6 +176,25 @@ int main(int argc, char *argv[]) { srand(time(NULL)); +#ifdef HAVE_LINUX + if(tun) { + in = out = open("/dev/net/tun", O_RDWR | O_NONBLOCK); + if(in < 0) { + fprintf(stderr, "Could not open tun device: %s\n", strerror(errno)); + return 1; + } + struct ifreq ifr = { + .ifr_flags = IFF_TUN + }; + if(ioctl(in, TUNSETIFF, &ifr)) { + fprintf(stderr, "Could not configure tun interface: %s\n", strerror(errno)); + return 1; + } + ifr.ifr_name[IFNAMSIZ - 1] = 0; + fprintf(stderr, "Using tun interface %s\n", ifr.ifr_name); + } +#endif + #ifdef HAVE_MINGW static struct WSAData wsa_state; if(WSAStartup(MAKEWORD(2, 2), &wsa_state)) @@ -160,13 +210,13 @@ int main(int argc, char *argv[]) { hint.ai_flags = initiator ? 0 : AI_PASSIVE; if(getaddrinfo(initiator ? argv[3] : NULL, initiator ? argv[4] : argv[3], &hint, &ai) || !ai) { - fprintf(stderr, "getaddrinfo() failed: %s\n", strerror(errno)); + fprintf(stderr, "getaddrinfo() failed: %s\n", sockstrerror(sockerrno)); return 1; } int sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol); if(sock < 0) { - fprintf(stderr, "Could not create socket: %s\n", strerror(errno)); + fprintf(stderr, "Could not create socket: %s\n", sockstrerror(sockerrno)); return 1; } @@ -175,26 +225,26 @@ int main(int argc, char *argv[]) { if(initiator) { if(connect(sock, ai->ai_addr, ai->ai_addrlen)) { - fprintf(stderr, "Could not connect to peer: %s\n", strerror(errno)); + fprintf(stderr, "Could not connect to peer: %s\n", sockstrerror(sockerrno)); return 1; } fprintf(stderr, "Connected\n"); } else { if(bind(sock, ai->ai_addr, ai->ai_addrlen)) { - fprintf(stderr, "Could not bind socket: %s\n", strerror(errno)); + fprintf(stderr, "Could not bind socket: %s\n", sockstrerror(sockerrno)); return 1; } if(!datagram) { if(listen(sock, 1)) { - fprintf(stderr, "Could not listen on socket: %s\n", strerror(errno)); + fprintf(stderr, "Could not listen on socket: %s\n", sockstrerror(sockerrno)); return 1; } fprintf(stderr, "Listening...\n"); sock = accept(sock, NULL, NULL); if(sock < 0) { - fprintf(stderr, "Could not accept connection: %s\n", strerror(errno)); + fprintf(stderr, "Could not accept connection: %s\n", sockstrerror(sockerrno)); return 1; } } else { @@ -205,12 +255,12 @@ int main(int argc, char *argv[]) { socklen_t addrlen = sizeof addr; if(recvfrom(sock, buf, sizeof buf, MSG_PEEK, &addr, &addrlen) <= 0) { - fprintf(stderr, "Could not read from socket: %s\n", strerror(errno)); + fprintf(stderr, "Could not read from socket: %s\n", sockstrerror(sockerrno)); return 1; } if(connect(sock, &addr, addrlen)) { - fprintf(stderr, "Could not accept connection: %s\n", strerror(errno)); + fprintf(stderr, "Could not accept connection: %s\n", sockstrerror(sockerrno)); return 1; } } @@ -230,7 +280,8 @@ int main(int argc, char *argv[]) { return 1; fclose(fp); - fprintf(stderr, "Keys loaded\n"); + if(verbose) + fprintf(stderr, "Keys loaded\n"); sptps_t s; if(!sptps_start(&s, &sock, initiator, datagram, mykey, hiskey, "sptps_test", 10, send_data, receive_record)) @@ -246,15 +297,14 @@ int main(int argc, char *argv[]) { FD_ZERO(&fds); #ifndef HAVE_MINGW if(!readonly && s.instate) - FD_SET(0, &fds); + FD_SET(in, &fds); #endif FD_SET(sock, &fds); if(select(sock + 1, &fds, NULL, NULL, NULL) <= 0) return 1; - if(FD_ISSET(0, &fds)) { - ssize_t len = read(0, buf, sizeof buf); - fprintf(stderr, "%zd\n", len); + if(FD_ISSET(in, &fds)) { + ssize_t len = read(in, buf, sizeof buf); if(len < 0) { fprintf(stderr, "Could not read from stdin: %s\n", strerror(errno)); return 1; @@ -274,25 +324,28 @@ int main(int argc, char *argv[]) { if(len > 1) sptps_send_record(&s, 0, buf, len); } else - if(!sptps_send_record(&s, buf[0] == '!' ? 1 : 0, buf, buf[0] == '\n' ? 0 : buf[0] == '*' ? sizeof buf : len)) + if(!sptps_send_record(&s, buf[0] == '!' ? 1 : 0, buf, (len == 1 && buf[0] == '\n') ? 0 : buf[0] == '*' ? sizeof buf : len)) return 1; } if(FD_ISSET(sock, &fds)) { ssize_t len = recv(sock, buf, sizeof buf, 0); if(len < 0) { - fprintf(stderr, "Could not read from socket: %s\n", strerror(errno)); + fprintf(stderr, "Could not read from socket: %s\n", sockstrerror(sockerrno)); return 1; } if(len == 0) { fprintf(stderr, "Connection terminated by peer.\n"); break; } - char hex[len * 2 + 1]; - bin2hex(buf, hex, len); - fprintf(stderr, "Received %d bytes of data:\n%s\n", (int)len, hex); - if((rand() % 100) < packetloss) { - fprintf(stderr, "Dropped.\n"); + if(verbose) { + char hex[len * 2 + 1]; + bin2hex(buf, hex, len); + fprintf(stderr, "Received %d bytes of data:\n%s\n", (int)len, hex); + } + if(packetloss && (rand() % 100) < packetloss) { + if(verbose) + fprintf(stderr, "Dropped.\n"); continue; } if(!sptps_receive_data(&s, buf, len) && !datagram) diff --git a/src/subnet.c b/src/subnet.c index 7ff8f7a..534e5b5 100644 --- a/src/subnet.c +++ b/src/subnet.c @@ -92,13 +92,15 @@ void subnet_add(node_t *n, subnet_t *subnet) { subnet->owner = n; splay_insert(subnet_tree, subnet); - splay_insert(n->subnet_tree, subnet); + if (n) + splay_insert(n->subnet_tree, subnet); subnet_cache_flush(); } void subnet_del(node_t *n, subnet_t *subnet) { - splay_delete(n->subnet_tree, subnet); + if (n) + splay_delete(n->subnet_tree, subnet); splay_delete(subnet_tree, subnet); subnet_cache_flush(); @@ -126,7 +128,7 @@ subnet_t *lookup_subnet_mac(const node_t *owner, const mac_t *address) { if(!memcmp(address, &p->net.mac.address, sizeof *address)) { r = p; - if(p->owner->status.reachable) + if(!p->owner || p->owner->status.reachable) break; } } @@ -155,7 +157,7 @@ subnet_t *lookup_subnet_ipv4(const ipv4_t *address) { if(!maskcmp(address, &p->net.ipv4.address, p->net.ipv4.prefixlength)) { r = p; - if(p->owner->status.reachable) + if(!p->owner || p->owner->status.reachable) break; } } @@ -184,7 +186,7 @@ subnet_t *lookup_subnet_ipv6(const ipv6_t *address) { if(!maskcmp(address, &p->net.ipv6.address, p->net.ipv6.prefixlength)) { r = p; - if(p->owner->status.reachable) + if(!p->owner || p->owner->status.reachable) break; } } @@ -205,21 +207,21 @@ void subnet_update(node_t *owner, subnet_t *subnet, bool up) { // Prepare environment variables to be passed to the script char *envp[10] = {NULL}; - xasprintf(&envp[0], "NETNAME=%s", netname ? : ""); - xasprintf(&envp[1], "DEVICE=%s", device ? : ""); - xasprintf(&envp[2], "INTERFACE=%s", iface ? : ""); - xasprintf(&envp[3], "NODE=%s", owner->name); + int n = 0; + xasprintf(&envp[n++], "NETNAME=%s", netname ? : ""); + xasprintf(&envp[n++], "DEVICE=%s", device ? : ""); + xasprintf(&envp[n++], "INTERFACE=%s", iface ? : ""); + xasprintf(&envp[n++], "NODE=%s", owner->name); if(owner != myself) { sockaddr2str(&owner->address, &address, &port); - // 4 and 5 are reserved for SUBNET and WEIGHT - xasprintf(&envp[6], "REMOTEADDRESS=%s", address); - xasprintf(&envp[7], "REMOTEPORT=%s", port); + xasprintf(&envp[n++], "REMOTEADDRESS=%s", address); + xasprintf(&envp[n++], "REMOTEPORT=%s", port); free(port); free(address); } - xasprintf(&envp[8], "NAME=%s", myself->name); + xasprintf(&envp[n++], "NAME=%s", myself->name); name = up ? "subnet-up" : "subnet-down"; @@ -236,12 +238,10 @@ void subnet_update(node_t *owner, subnet_t *subnet, bool up) { weight = empty; // Prepare the SUBNET and WEIGHT variables - if(envp[4]) - free(envp[4]); - if(envp[5]) - free(envp[5]); - xasprintf(&envp[4], "SUBNET=%s", netstr); - xasprintf(&envp[5], "WEIGHT=%s", weight); + free(envp[n]); + free(envp[n + 1]); + xasprintf(&envp[n], "SUBNET=%s", netstr); + xasprintf(&envp[n + 1], "WEIGHT=%s", weight); execute_script(name, envp); } @@ -255,8 +255,8 @@ void subnet_update(node_t *owner, subnet_t *subnet, bool up) { weight = empty; // Prepare the SUBNET and WEIGHT variables - xasprintf(&envp[4], "SUBNET=%s", netstr); - xasprintf(&envp[5], "WEIGHT=%s", weight); + xasprintf(&envp[n], "SUBNET=%s", netstr); + xasprintf(&envp[n + 1], "WEIGHT=%s", weight); execute_script(name, envp); } @@ -275,7 +275,7 @@ bool dump_subnets(connection_t *c) { send_request(c, "%d %d %s %s", CONTROL, REQ_DUMP_SUBNETS, - netstr, subnet->owner->name); + netstr, subnet->owner ? subnet->owner->name : "(broadcast)"); } return send_request(c, "%d %d", CONTROL, REQ_DUMP_SUBNETS); diff --git a/src/subnet_parse.c b/src/subnet_parse.c index f980180..c919b59 100644 --- a/src/subnet_parse.c +++ b/src/subnet_parse.c @@ -27,6 +27,9 @@ #include "utils.h" #include "xalloc.h" +/* Changing this default will affect ADD_SUBNET messages - beware of inconsistencies between versions */ +static const int DEFAULT_WEIGHT = 10; + /* Subnet mask handling */ int maskcmp(const void *va, const void *vb, int masklen) { @@ -181,150 +184,121 @@ int subnet_compare(const subnet_t *a, const subnet_t *b) { /* Ascii representation of subnets */ bool str2net(subnet_t *subnet, const char *subnetstr) { - int i, l; + char str[1024]; + strncpy(str, subnetstr, sizeof(str)); + str[sizeof str - 1] = 0; + int consumed; + + int weight = DEFAULT_WEIGHT; + char *weight_separator = strchr(str, '#'); + if (weight_separator) { + char *weight_str = weight_separator + 1; + if (sscanf(weight_str, "%d%n", &weight, &consumed) < 1) + return false; + if (weight_str[consumed]) + return false; + *weight_separator = 0; + } + + int prefixlength = -1; + char *prefixlength_separator = strchr(str, '/'); + if (prefixlength_separator) { + char* prefixlength_str = prefixlength_separator + 1; + if (sscanf(prefixlength_str, "%d%n", &prefixlength, &consumed) < 1) + return false; + if (prefixlength_str[consumed]) + return false; + *prefixlength_separator = 0; + + if (prefixlength < 0) + return false; + } + uint16_t x[8]; - int weight = 10; - - if(sscanf(subnetstr, "%hu.%hu.%hu.%hu/%d#%d", - &x[0], &x[1], &x[2], &x[3], &l, &weight) >= 5) { - if(l < 0 || l > 32) + if (sscanf(str, "%hx:%hx:%hx:%hx:%hx:%hx%n", &x[0], &x[1], &x[2], &x[3], &x[4], &x[5], &consumed) >= 6 && !str[consumed]) { + /* + Normally we should check that each part has two digits to prevent ambiguities. + However, in old tinc versions net2str() will agressively return MAC addresses with one-digit parts, + so we have to accept them otherwise we would be unable to parse ADD_SUBNET messages. + */ + if (prefixlength >= 0) return false; - subnet->type = SUBNET_IPV4; - subnet->net.ipv4.prefixlength = l; - subnet->weight = weight; - - for(int i = 0; i < 4; i++) { - if(x[i] > 255) - return false; - subnet->net.ipv4.address.x[i] = x[i]; - } - - return true; - } - - if(sscanf(subnetstr, "%hx:%hx:%hx:%hx:%hx:%hx:%hx:%hx/%d#%d", - &x[0], &x[1], &x[2], &x[3], &x[4], &x[5], &x[6], &x[7], - &l, &weight) >= 9) { - if(l < 0 || l > 128) - return false; - - subnet->type = SUBNET_IPV6; - subnet->net.ipv6.prefixlength = l; - subnet->weight = weight; - - for(i = 0; i < 8; i++) - subnet->net.ipv6.address.x[i] = htons(x[i]); - - return true; - } - - if(sscanf(subnetstr, "%hu.%hu.%hu.%hu#%d", &x[0], &x[1], &x[2], &x[3], &weight) >= 4) { - subnet->type = SUBNET_IPV4; - subnet->net.ipv4.prefixlength = 32; - subnet->weight = weight; - - for(i = 0; i < 4; i++) { - if(x[i] > 255) - return false; - subnet->net.ipv4.address.x[i] = x[i]; - } - - return true; - } - - if(sscanf(subnetstr, "%hx:%hx:%hx:%hx:%hx:%hx:%hx:%hx#%d", - &x[0], &x[1], &x[2], &x[3], &x[4], &x[5], &x[6], &x[7], &weight) >= 8) { - subnet->type = SUBNET_IPV6; - subnet->net.ipv6.prefixlength = 128; - subnet->weight = weight; - - for(i = 0; i < 8; i++) - subnet->net.ipv6.address.x[i] = htons(x[i]); - - return true; - } - - if(sscanf(subnetstr, "%hx:%hx:%hx:%hx:%hx:%hx#%d", - &x[0], &x[1], &x[2], &x[3], &x[4], &x[5], &weight) >= 6) { subnet->type = SUBNET_MAC; subnet->weight = weight; - - for(i = 0; i < 6; i++) + for(int i = 0; i < 6; i++) subnet->net.mac.address.x[i] = x[i]; - return true; } - // IPv6 short form - if(strstr(subnetstr, "::")) { - const char *p; - char *q; - int colons = 0; - - // Count number of colons - for(p = subnetstr; *p; p++) - if(*p == ':') - colons++; - - if(colons > 7) + if (sscanf(str, "%hu.%hu.%hu.%hu%n", &x[0], &x[1], &x[2], &x[3], &consumed) >= 4 && !str[consumed]) { + if (prefixlength == -1) + prefixlength = 32; + if (prefixlength > 32) return false; - // Scan numbers before the double colon - p = subnetstr; - for(i = 0; i < colons; i++) { - if(*p == ':') - break; - x[i] = strtoul(p, &q, 0x10); - if(!q || p == q || *q != ':') + subnet->type = SUBNET_IPV4; + subnet->net.ipv4.prefixlength = prefixlength; + subnet->weight = weight; + for(int i = 0; i < 4; i++) { + if (x[i] > 255) return false; - p = ++q; + subnet->net.ipv4.address.x[i] = x[i]; } + return true; + } - p++; - colons -= i; - if(!i) { - p++; - colons--; - } + /* IPv6 */ - if(!*p || *p == '/' || *p == '#') - colons--; - - // Fill in the blanks - for(; i < 8 - colons; i++) - x[i] = 0; - - // Scan the remaining numbers - for(; i < 8; i++) { - x[i] = strtoul(p, &q, 0x10); - if(!q || p == q) + char* last_colon = strrchr(str, ':'); + if (last_colon && sscanf(last_colon, ":%hu.%hu.%hu.%hu%n", &x[0], &x[1], &x[2], &x[3], &consumed) >= 4 && !last_colon[consumed]) { + /* Dotted quad suffix notation, convert to standard IPv6 notation */ + for (int i = 0; i < 4; i++) + if (x[i] > 255) return false; - if(i == 7) { - p = q; - break; + snprintf(last_colon, sizeof str - (last_colon - str), ":%02x%02x:%02x%02x", x[0], x[1], x[2], x[3]); + } + + char* double_colon = strstr(str, "::"); + if (double_colon) { + /* Figure out how many zero groups we need to expand */ + int zero_group_count = 8; + for (const char* cur = str; *cur; cur++) + if (*cur != ':') { + zero_group_count--; + while(cur[1] && cur[1] != ':') + cur++; } - if(*q != ':') - return false; - p = ++q; - } + if (zero_group_count < 1) + return false; - l = 128; - if(*p == '/') - sscanf(p, "/%d#%d", &l, &weight); - else if(*p == '#') - sscanf(p, "#%d", &weight); + /* Split the double colon in the middle to make room for zero groups */ + double_colon++; + memmove(double_colon + (zero_group_count * 2 - 1), double_colon, strlen(double_colon) + 1); - if(l < 0 || l > 128) + /* Write zero groups in the resulting gap, overwriting the second colon */ + for (int i = 0; i < zero_group_count; i++) + memcpy(&double_colon[i * 2], "0:", 2); + + /* Remove any leading or trailing colons */ + if (str[0] == ':') + memmove(&str[0], &str[1], strlen(&str[1]) + 1); + if (str[strlen(str) - 1] == ':') + str[strlen(str) - 1] = 0; + } + + if (sscanf(str, "%hx:%hx:%hx:%hx:%hx:%hx:%hx:%hx%n", + &x[0], &x[1], &x[2], &x[3], &x[4], &x[5], &x[6], &x[7], &consumed) >= 8 && !str[consumed]) { + if (prefixlength == -1) + prefixlength = 128; + if (prefixlength > 128) return false; subnet->type = SUBNET_IPV6; - subnet->net.ipv6.prefixlength = l; + subnet->net.ipv6.prefixlength = prefixlength; subnet->weight = weight; - - for(i = 0; i < 8; i++) + for(int i = 0; i < 8; i++) subnet->net.ipv6.address.x[i] = htons(x[i]); - return true; } @@ -337,46 +311,101 @@ bool net2str(char *netstr, int len, const subnet_t *subnet) { return false; } + int result; + int prefixlength = -1; switch (subnet->type) { case SUBNET_MAC: - snprintf(netstr, len, "%hx:%hx:%hx:%hx:%hx:%hx#%d", + result = snprintf(netstr, len, "%02x:%02x:%02x:%02x:%02x:%02x", subnet->net.mac.address.x[0], subnet->net.mac.address.x[1], subnet->net.mac.address.x[2], subnet->net.mac.address.x[3], subnet->net.mac.address.x[4], - subnet->net.mac.address.x[5], - subnet->weight); + subnet->net.mac.address.x[5]); + netstr += result; + len -= result; break; case SUBNET_IPV4: - snprintf(netstr, len, "%hu.%hu.%hu.%hu/%d#%d", + result = snprintf(netstr, len, "%u.%u.%u.%u", subnet->net.ipv4.address.x[0], subnet->net.ipv4.address.x[1], subnet->net.ipv4.address.x[2], - subnet->net.ipv4.address.x[3], - subnet->net.ipv4.prefixlength, - subnet->weight); + subnet->net.ipv4.address.x[3]); + netstr += result; + len -= result; + prefixlength = subnet->net.ipv4.prefixlength; + if (prefixlength == 32) + prefixlength = -1; break; - case SUBNET_IPV6: - snprintf(netstr, len, "%hx:%hx:%hx:%hx:%hx:%hx:%hx:%hx/%d#%d", - ntohs(subnet->net.ipv6.address.x[0]), - ntohs(subnet->net.ipv6.address.x[1]), - ntohs(subnet->net.ipv6.address.x[2]), - ntohs(subnet->net.ipv6.address.x[3]), - ntohs(subnet->net.ipv6.address.x[4]), - ntohs(subnet->net.ipv6.address.x[5]), - ntohs(subnet->net.ipv6.address.x[6]), - ntohs(subnet->net.ipv6.address.x[7]), - subnet->net.ipv6.prefixlength, - subnet->weight); + case SUBNET_IPV6: { + /* Find the longest sequence of consecutive zeroes */ + int max_zero_length = 0; + int max_zero_length_index = 0; + int current_zero_length = 0; + int current_zero_length_index = 0; + for (int i = 0; i < 8; i++) { + if (subnet->net.ipv6.address.x[i] != 0) + current_zero_length = 0; + else { + if (current_zero_length == 0) + current_zero_length_index = i; + current_zero_length++; + if (current_zero_length > max_zero_length) { + max_zero_length = current_zero_length; + max_zero_length_index = current_zero_length_index; + } + } + } + + /* Print the address */ + for (int i = 0; i < 8;) { + if (max_zero_length > 1 && max_zero_length_index == i) { + /* Shorten the representation as per RFC 5952 */ + const char* const FORMATS[] = { "%.1s", "%.2s", "%.3s" }; + const char* const* format = &FORMATS[0]; + if (i == 0) + format++; + if (i + max_zero_length == 8) + format++; + result = snprintf(netstr, len, *format, ":::"); + i += max_zero_length; + } else { + result = snprintf(netstr, len, "%hx:", ntohs(subnet->net.ipv6.address.x[i])); + i++; + } + netstr += result; + len -= result; + } + + /* Remove the trailing colon */ + netstr--; + len++; + *netstr = 0; + + prefixlength = subnet->net.ipv6.prefixlength; + if (prefixlength == 128) + prefixlength = -1; break; + } default: logger(DEBUG_ALWAYS, LOG_ERR, "net2str() was called with unknown subnet type %d, exiting!", subnet->type); exit(1); } + if (prefixlength >= 0) { + result = snprintf(netstr, len, "/%d", prefixlength); + netstr += result; + len -= result; + } + + if (subnet->weight != DEFAULT_WEIGHT) { + snprintf(netstr, len, "#%d", subnet->weight); + netstr += result; + len -= result; + } + return true; } diff --git a/src/tincctl.c b/src/tincctl.c index a986af7..abaf6ee 100644 --- a/src/tincctl.c +++ b/src/tincctl.c @@ -1,6 +1,6 @@ /* tincctl.c -- Controlling a running tincd - Copyright (C) 2007-2013 Guus Sliepen + Copyright (C) 2007-2014 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -38,6 +38,11 @@ #include "utils.h" #include "tincctl.h" #include "top.h" +#include "version.h" + +#ifndef MSG_NOSIGNAL +#define MSG_NOSIGNAL 0 +#endif static char **orig_argv; static int orig_argc; @@ -67,8 +72,10 @@ bool confbasegiven = false; bool netnamegiven = false; char *scriptinterpreter = NULL; char *scriptextension = ""; +static char *prompt; static struct option const long_options[] = { + {"batch", no_argument, NULL, 'b'}, {"config", required_argument, NULL, 'c'}, {"net", required_argument, NULL, 'n'}, {"help", no_argument, NULL, 1}, @@ -80,8 +87,8 @@ static struct option const long_options[] = { static void version(void) { printf("%s version %s (built %s %s, protocol %d.%d)\n", PACKAGE, - VERSION, __DATE__, __TIME__, PROT_MAJOR, PROT_MINOR); - printf("Copyright (C) 1998-2012 Ivo Timmermans, Guus Sliepen and others.\n" + VERSION, BUILD_DATE, BUILD_TIME, PROT_MAJOR, PROT_MINOR); + printf("Copyright (C) 1998-2014 Ivo Timmermans, Guus Sliepen and others.\n" "See the AUTHORS file for a complete list.\n\n" "tinc comes with ABSOLUTELY NO WARRANTY. This is free software,\n" "and you are welcome to redistribute it under certain conditions;\n" @@ -94,6 +101,7 @@ static void usage(bool status) { } else { printf("Usage: %s [options] command\n\n", program_name); printf("Valid options are:\n" + " -b, --batch Don't ask for anything (non-interactive mode).\n" " -c, --config=DIR Read configuration options from DIR.\n" " -n, --net=NETNAME Connect to net NETNAME.\n" " --pidfile=FILENAME Read control cookie from FILENAME.\n" @@ -111,9 +119,9 @@ static void usage(bool status) { " restart [tincd options] Restart tincd.\n" " reload Partially reload configuration of running tincd.\n" " pid Show PID of currently running tincd.\n" - " generate-keys [bits] Generate new RSA and ECDSA public/private keypairs.\n" + " generate-keys [bits] Generate new RSA and Ed25519 public/private keypairs.\n" " generate-rsa-keys [bits] Generate a new RSA public/private keypair.\n" - " generate-ecdsa-keys Generate a new ECDSA public/private keypair.\n" + " generate-ed25519-keys Generate a new Ed25519 public/private keypair.\n" " dump Dump a list of one of the following things:\n" " [reachable] nodes - all known nodes in the VPN\n" " edges - all known connections in the VPN\n" @@ -137,6 +145,7 @@ static void usage(bool status) { " exchange-all [--force] Same as export-all followed by import\n" " invite NODE [...] Generate an invitation for NODE\n" " join INVITATION Join a VPN using an INVITIATION\n" + " network [NETNAME] List all known networks, or switch to the one named NETNAME.\n" "\n"); printf("Report bugs to tinc@tinc-vpn.org.\n"); } @@ -151,6 +160,10 @@ static bool parse_options(int argc, char **argv) { case 0: /* long option */ break; + case 'b': + tty = false; + break; + case 'c': /* config file */ confbase = xstrdup(optarg); confbasegiven = true; @@ -240,19 +253,19 @@ static void disable_old_keys(const char *filename, const char *what) { while(fgets(buf, sizeof buf, r)) { if(!block && !strncmp(buf, "-----BEGIN ", 11)) { - if((strstr(buf, " EC ") && strstr(what, "ECDSA")) || (strstr(buf, " RSA ") && strstr(what, "RSA"))) { + if((strstr(buf, " ED25519 ") && strstr(what, "Ed25519")) || (strstr(buf, " RSA ") && strstr(what, "RSA"))) { disabled = true; block = true; } } - bool ecdsapubkey = !strncasecmp(buf, "ECDSAPublicKey", 14) && strchr(" \t=", buf[14]) && strstr(what, "ECDSA"); + bool ed25519pubkey = !strncasecmp(buf, "Ed25519PublicKey", 16) && strchr(" \t=", buf[16]) && strstr(what, "Ed25519"); - if(ecdsapubkey) + if(ed25519pubkey) disabled = true; if(w) { - if(block || ecdsapubkey) + if(block || ed25519pubkey) fputc('#', w); if(fputs(buf, w) < 0) { error = true; @@ -308,8 +321,7 @@ static FILE *ask_and_open(const char *filename, const char *what, const char *mo /* Check stdin and stdout */ if(ask && tty) { /* Ask for a file and/or directory name. */ - fprintf(stdout, "Please enter a file to save %s to [%s]: ", what, filename); - fflush(stdout); + fprintf(stderr, "Please enter a file to save %s to [%s]: ", what, filename); if(fgets(buf, sizeof buf, stdin) == NULL) { fprintf(stderr, "Error while reading stdin: %s\n", strerror(errno)); @@ -350,15 +362,15 @@ static FILE *ask_and_open(const char *filename, const char *what, const char *mo } /* - Generate a public/private ECDSA keypair, and ask for a file to store + Generate a public/private Ed25519 keypair, and ask for a file to store them in. */ -static bool ecdsa_keygen(bool ask) { +static bool ed25519_keygen(bool ask) { ecdsa_t *key; FILE *f; char *pubname, *privname; - fprintf(stderr, "Generating ECDSA keypair:\n"); + fprintf(stderr, "Generating Ed25519 keypair:\n"); if(!(key = ecdsa_generate())) { fprintf(stderr, "Error during key generation!\n"); @@ -366,8 +378,8 @@ static bool ecdsa_keygen(bool ask) { } else fprintf(stderr, "Done.\n"); - xasprintf(&privname, "%s" SLASH "ecdsa_key.priv", confbase); - f = ask_and_open(privname, "private ECDSA key", "a", ask, 0600); + xasprintf(&privname, "%s" SLASH "ed25519_key.priv", confbase); + f = ask_and_open(privname, "private Ed25519 key", "a", ask, 0600); free(privname); if(!f) @@ -385,16 +397,16 @@ static bool ecdsa_keygen(bool ask) { if(name) xasprintf(&pubname, "%s" SLASH "hosts" SLASH "%s", confbase, name); else - xasprintf(&pubname, "%s" SLASH "ecdsa_key.pub", confbase); + xasprintf(&pubname, "%s" SLASH "ed25519_key.pub", confbase); - f = ask_and_open(pubname, "public ECDSA key", "a", ask, 0666); + f = ask_and_open(pubname, "public Ed25519 key", "a", ask, 0666); free(pubname); if(!f) return false; char *pubkey = ecdsa_get_base64_public_key(key); - fprintf(f, "ECDSAPublicKey = %s\n", pubkey); + fprintf(f, "Ed25519PublicKey = %s\n", pubkey); free(pubkey); fclose(f); @@ -412,6 +424,15 @@ static bool rsa_keygen(int bits, bool ask) { FILE *f; char *pubname, *privname; + // Make sure the key size is a multiple of 8 bits. + bits &= ~0x7; + + // Force them to be between 1024 and 8192 bits long. + if(bits < 1024) + bits = 1024; + if(bits > 8192) + bits = 8192; + fprintf(stderr, "Generating %d bits keys:\n", bits); if(!(key = rsa_generate(bits, 0x10001))) { @@ -471,7 +492,7 @@ bool recvline(int fd, char *line, size_t len) { while(!(newline = memchr(buffer, '\n', blen))) { int result = recv(fd, buffer + blen, sizeof buffer - blen, 0); - if(result == -1 && errno == EINTR) + if(result == -1 && sockerrno == EINTR) continue; else if(result <= 0) return false; @@ -497,7 +518,7 @@ bool recvdata(int fd, char *data, size_t len) { while(blen < len) { int result = recv(fd, buffer + blen, sizeof buffer - blen, 0); - if(result == -1 && errno == EINTR) + if(result == -1 && sockerrno == EINTR) continue; else if(result <= 0) return false; @@ -528,8 +549,8 @@ bool sendline(int fd, char *format, ...) { blen++; while(blen) { - int result = send(fd, p, blen, 0); - if(result == -1 && errno == EINTR) + int result = send(fd, p, blen, MSG_NOSIGNAL); + if(result == -1 && sockerrno == EINTR) continue; else if(result <= 0) return false; @@ -709,7 +730,7 @@ bool connect_tincd(bool verbose) { if(getaddrinfo(host, port, &hints, &res) || !res) { if(verbose) - fprintf(stderr, "Cannot resolve %s port %s: %s", host, port, strerror(errno)); + fprintf(stderr, "Cannot resolve %s port %s: %s", host, port, sockstrerror(sockerrno)); return false; } @@ -740,6 +761,11 @@ bool connect_tincd(bool verbose) { freeaddrinfo(res); #endif +#ifdef SO_NOSIGPIPE + static const int one = 1; + setsockopt(fd, SOL_SOCKET, SO_NOSIGPIPE, (void *)&one, sizeof one); +#endif + char data[4096]; int version; @@ -790,16 +816,31 @@ static int cmd_start(int argc, char *argv[]) { int nargc = 0; char **nargv = xzalloc((optind + argc) * sizeof *nargv); - nargv[nargc++] = c; + char *arg0 = c; +#ifdef HAVE_MINGW + /* + Windows has no real concept of an "argv array". A command line is just one string. + The CRT of the new process will decode the command line string to generate argv before calling main(), and (by convention) + it uses quotes to handle spaces in arguments. + Therefore we need to quote all arguments that might contain spaces. No, execvp() won't do that for us (see MSDN). + If we don't do that, then execvp() will run fine but any spaces in the filename contained in arg0 will bleed + into the next arguments when the spawned process' CRT parses its command line, resulting in chaos. + */ + xasprintf(&arg0, "\"%s\"", arg0); +#endif + nargv[nargc++] = arg0; for(int i = 1; i < optind; i++) nargv[nargc++] = orig_argv[i]; for(int i = 1; i < argc; i++) nargv[nargc++] = argv[i]; #ifdef HAVE_MINGW - execvp(c, nargv); - fprintf(stderr, "Error starting %s: %s\n", c, strerror(errno)); - return 1; + int status = spawnvp(_P_WAIT, c, nargv); + if (status == -1) { + fprintf(stderr, "Error starting %s: %s\n", c, strerror(errno)); + return 1; + } + return status; #else pid_t pid = fork(); if(pid == -1) { @@ -961,11 +1002,14 @@ static int cmd_dump(int argc, char *argv[]) { break; char node[4096]; + char id[4096]; char from[4096]; char to[4096]; char subnet[4096]; char host[4096]; char port[4096]; + char local_host[4096]; + char local_port[4096]; char via[4096]; char nexthop[4096]; int cipher, digest, maclength, compression, distance, socket, weight; @@ -976,8 +1020,8 @@ static int cmd_dump(int argc, char *argv[]) { switch(req) { case REQ_DUMP_NODES: { - int n = sscanf(line, "%*d %*d %s %s port %s %d %d %d %d %x %x %s %s %d %hd %hd %hd %ld", node, host, port, &cipher, &digest, &maclength, &compression, &options, &status_int, nexthop, via, &distance, &pmtu, &minmtu, &maxmtu, &last_state_change); - if(n != 16) { + int n = sscanf(line, "%*d %*d %s %s %s port %s %d %d %d %d %x %x %s %s %d %hd %hd %hd %ld", node, id, host, port, &cipher, &digest, &maclength, &compression, &options, &status_int, nexthop, via, &distance, &pmtu, &minmtu, &maxmtu, &last_state_change); + if(n != 17) { fprintf(stderr, "Unable to parse node dump from tincd: %s\n", line); return 1; } @@ -1000,14 +1044,14 @@ static int cmd_dump(int argc, char *argv[]) { } else { if(only_reachable && !status.reachable) continue; - printf("%s at %s port %s cipher %d digest %d maclength %d compression %d options %x status %04x nexthop %s via %s distance %d pmtu %hd (min %hd max %hd)\n", - node, host, port, cipher, digest, maclength, compression, options, status_int, nexthop, via, distance, pmtu, minmtu, maxmtu); + printf("%s id %s at %s port %s cipher %d digest %d maclength %d compression %d options %x status %04x nexthop %s via %s distance %d pmtu %hd (min %hd max %hd)\n", + node, id, host, port, cipher, digest, maclength, compression, options, status_int, nexthop, via, distance, pmtu, minmtu, maxmtu); } } break; case REQ_DUMP_EDGES: { - int n = sscanf(line, "%*d %*d %s %s %s port %s %x %d", from, to, host, port, &options, &weight); - if(n != 6) { + int n = sscanf(line, "%*d %*d %s %s %s port %s %s port %s %x %d", from, to, host, port, local_host, local_port, &options, &weight); + if(n != 8) { fprintf(stderr, "Unable to parse edge dump from tincd.\n"); return 1; } @@ -1019,7 +1063,7 @@ static int cmd_dump(int argc, char *argv[]) { else if(do_graph == 2) printf(" %s -> %s [w = %f, weight = %f];\n", node1, node2, w, w); } else { - printf("%s to %s at %s port %s options %x weight %d\n", from, to, host, port, options, weight); + printf("%s to %s at %s port %s local %s port %s options %x weight %d\n", from, to, host, port, local_host, local_port, options, weight); } } break; @@ -1262,7 +1306,7 @@ char *get_my_name(bool verbose) { continue; if(*value) { fclose(f); - return strdup(value); + return replace_name(value); } } @@ -1279,12 +1323,14 @@ const var_t variables[] = { {"BindToAddress", VAR_SERVER | VAR_MULTIPLE}, {"BindToInterface", VAR_SERVER}, {"Broadcast", VAR_SERVER | VAR_SAFE}, + {"BroadcastSubnet", VAR_SERVER | VAR_MULTIPLE | VAR_SAFE}, {"ConnectTo", VAR_SERVER | VAR_MULTIPLE | VAR_SAFE}, {"DecrementTTL", VAR_SERVER}, {"Device", VAR_SERVER}, + {"DeviceStandby", VAR_SERVER}, {"DeviceType", VAR_SERVER}, {"DirectOnly", VAR_SERVER}, - {"ECDSAPrivateKeyFile", VAR_SERVER}, + {"Ed25519PrivateKeyFile", VAR_SERVER}, {"ExperimentalProtocol", VAR_SERVER}, {"Forwarding", VAR_SERVER}, {"GraphDumpFile", VAR_SERVER | VAR_OBSOLETE}, @@ -1292,6 +1338,7 @@ const var_t variables[] = { {"IffOneQueue", VAR_SERVER}, {"Interface", VAR_SERVER}, {"KeyExpire", VAR_SERVER}, + {"ListenAddress", VAR_SERVER | VAR_MULTIPLE}, {"LocalDiscovery", VAR_SERVER}, {"MACExpire", VAR_SERVER}, {"MaxConnectionBurst", VAR_SERVER}, @@ -1321,8 +1368,8 @@ const var_t variables[] = { {"ClampMSS", VAR_SERVER | VAR_HOST}, {"Compression", VAR_SERVER | VAR_HOST}, {"Digest", VAR_SERVER | VAR_HOST}, - {"ECDSAPublicKey", VAR_HOST}, - {"ECDSAPublicKeyFile", VAR_SERVER | VAR_HOST}, + {"Ed25519PublicKey", VAR_HOST}, + {"Ed25519PublicKeyFile", VAR_SERVER | VAR_HOST}, {"IndirectData", VAR_SERVER | VAR_HOST}, {"MACLength", VAR_SERVER | VAR_HOST}, {"PMTU", VAR_SERVER | VAR_HOST}, @@ -1591,9 +1638,12 @@ static int cmd_config(int argc, char *argv[]) { } if(action < -1) { - if(!found) + if(found) { + return 0; + } else { fprintf(stderr, "No matching configuration variables found.\n"); - return 0; + return 1; + } } // Make sure we wrote everything... @@ -1606,7 +1656,7 @@ static int cmd_config(int argc, char *argv[]) { if(action < 0 && !removed) { remove(tmpfile); fprintf(stderr, "No configuration variables deleted.\n"); - return *value != 0; + return 1; } // Replace the configuration file with the new one @@ -1628,18 +1678,6 @@ static int cmd_config(int argc, char *argv[]) { return 0; } -bool check_id(const char *name) { - if(!name || !*name) - return false; - - for(int i = 0; i < strlen(name); i++) { - if(!isalnum(name[i]) && name[i] != '_') - return false; - } - - return true; -} - static bool try_bind(int port) { struct addrinfo *ai = NULL; struct addrinfo hint = { @@ -1710,8 +1748,7 @@ static int cmd_init(int argc, char *argv[]) { } else if(argc < 2) { if(tty) { char buf[1024]; - fprintf(stdout, "Enter the Name you want your tinc node to have: "); - fflush(stdout); + fprintf(stderr, "Enter the Name you want your tinc node to have: "); if(!fgets(buf, sizeof buf, stdin)) { fprintf(stderr, "Error while reading stdin: %s\n", strerror(errno)); return 1; @@ -1763,7 +1800,7 @@ static int cmd_init(int argc, char *argv[]) { fprintf(f, "Name = %s\n", name); fclose(f); - if(!rsa_keygen(2048, false) || !ecdsa_keygen(false)) + if(!rsa_keygen(2048, false) || !ed25519_keygen(false)) return 1; check_port(name); @@ -1777,7 +1814,7 @@ static int cmd_init(int argc, char *argv[]) { fprintf(stderr, "Could not create file %s: %s\n", filename, strerror(errno)); return 1; } - fprintf(f, "#!/bin/sh\n\necho 'Unconfigured tinc-up script, please edit!'\n\n#ifconfig $INTERFACE netmask \n"); + fprintf(f, "#!/bin/sh\n\necho 'Unconfigured tinc-up script, please edit '$0'!'\n\n#ifconfig $INTERFACE netmask \n"); fclose(f); } #endif @@ -1795,7 +1832,7 @@ static int cmd_generate_keys(int argc, char *argv[]) { if(!name) name = get_my_name(false); - return !(rsa_keygen(argc > 1 ? atoi(argv[1]) : 2048, true) && ecdsa_keygen(true)); + return !(rsa_keygen(argc > 1 ? atoi(argv[1]) : 2048, true) && ed25519_keygen(true)); } static int cmd_generate_rsa_keys(int argc, char *argv[]) { @@ -1810,7 +1847,7 @@ static int cmd_generate_rsa_keys(int argc, char *argv[]) { return !rsa_keygen(argc > 1 ? atoi(argv[1]) : 2048, true); } -static int cmd_generate_ecdsa_keys(int argc, char *argv[]) { +static int cmd_generate_ed25519_keys(int argc, char *argv[]) { if(argc > 1) { fprintf(stderr, "Too many arguments!\n"); return 1; @@ -1819,7 +1856,7 @@ static int cmd_generate_ecdsa_keys(int argc, char *argv[]) { if(!name) name = get_my_name(false); - return !ecdsa_keygen(true); + return !ed25519_keygen(true); } static int cmd_help(int argc, char *argv[]) { @@ -2067,6 +2104,72 @@ static int cmd_exchange_all(int argc, char *argv[]) { return cmd_export_all(argc, argv) ?: cmd_import(argc, argv); } +static int switch_network(char *name) { + if(fd >= 0) { + close(fd); + fd = -1; + } + + free(confbase); + confbase = NULL; + free(pidfilename); + pidfilename = NULL; + free(logfilename); + logfilename = NULL; + free(unixsocketname); + unixsocketname = NULL; + free(tinc_conf); + free(hosts_dir); + free(prompt); + + free(netname); + netname = strcmp(name, ".") ? xstrdup(name) : NULL; + + make_names(); + xasprintf(&tinc_conf, "%s" SLASH "tinc.conf", confbase); + xasprintf(&hosts_dir, "%s" SLASH "hosts", confbase); + xasprintf(&prompt, "%s> ", identname); + + return 0; +} + +static int cmd_network(int argc, char *argv[]) { + if(argc > 2) { + fprintf(stderr, "Too many arguments!\n"); + return 1; + } + + if(argc == 2) + return switch_network(argv[1]); + + DIR *dir = opendir(confdir); + if(!dir) { + fprintf(stderr, "Could not read directory %s: %s\n", confdir, strerror(errno)); + return 1; + } + + struct dirent *ent; + while((ent = readdir(dir))) { + if(*ent->d_name == '.') + continue; + + if(!strcmp(ent->d_name, "tinc.conf")) { + printf(".\n"); + continue; + } + + char *fname; + xasprintf(&fname, "%s/%s/tinc.conf", confdir, ent->d_name); + if(!access(fname, R_OK)) + printf("%s\n", ent->d_name); + free(fname); + } + + closedir(dir); + + return 0; +} + static const struct { const char *command; int (*function)(int argc, char *argv[]); @@ -2094,7 +2197,7 @@ static const struct { {"init", cmd_init}, {"generate-keys", cmd_generate_keys}, {"generate-rsa-keys", cmd_generate_rsa_keys}, - {"generate-ecdsa-keys", cmd_generate_ecdsa_keys}, + {"generate-ed25519-keys", cmd_generate_ed25519_keys}, {"help", cmd_help}, {"version", cmd_version}, {"info", cmd_info}, @@ -2106,6 +2209,7 @@ static const struct { {"exchange-all", cmd_exchange_all}, {"invite", cmd_invite}, {"join", cmd_join}, + {"network", cmd_network}, {NULL, NULL}, }; @@ -2232,7 +2336,6 @@ static char **completion (const char *text, int start, int end) { #endif static int cmd_shell(int argc, char *argv[]) { - char *prompt; xasprintf(&prompt, "%s> ", identname); int result = 0; char buf[4096]; @@ -2336,6 +2439,7 @@ int main(int argc, char *argv[]) { program_name = argv[0]; orig_argv = argv; orig_argc = argc; + tty = isatty(0) && isatty(1); if(!parse_options(argc, argv)) return 1; @@ -2366,8 +2470,6 @@ int main(int argc, char *argv[]) { srand(time(NULL)); crypto_init(); - tty = isatty(0) && isatty(1); - if(optind >= argc) return cmd_shell(argc, argv); diff --git a/src/tincd.c b/src/tincd.c index 84036ad..15cddb1 100644 --- a/src/tincd.c +++ b/src/tincd.c @@ -1,7 +1,7 @@ /* tincd.c -- the main file for tincd Copyright (C) 1998-2005 Ivo Timmermans - 2000-2013 Guus Sliepen + 2000-2014 Guus Sliepen 2008 Max Rijevski 2009 Michael Tokarev 2010 Julien Muchembled @@ -49,6 +49,7 @@ #include "control.h" #include "crypto.h" #include "device.h" +#include "event.h" #include "logger.h" #include "names.h" #include "net.h" @@ -57,6 +58,7 @@ #include "protocol.h" #include "utils.h" #include "xalloc.h" +#include "version.h" /* If nonzero, display usage information and exit. */ static bool show_help = false; @@ -106,7 +108,6 @@ static struct option const long_options[] = { #ifdef HAVE_MINGW static struct WSAData wsa_state; -CRITICAL_SECTION mutex; int main2(int argc, char **argv); #endif @@ -303,6 +304,17 @@ static bool drop_privs(void) { #ifdef HAVE_MINGW # define setpriority(level) !SetPriorityClass(GetCurrentProcess(), (level)) + +static void stop_handler(void *data, int flags) { + event_exit(); +} + +static BOOL WINAPI console_ctrl_handler(DWORD type) { + logger(DEBUG_ALWAYS, LOG_NOTICE, "Got console shutdown request"); + if (WSASetEvent(stop_io.event) == FALSE) + abort(); + return TRUE; +} #else # define NORMAL_PRIORITY_CLASS 0 # define BELOW_NORMAL_PRIORITY_CLASS 10 @@ -320,8 +332,8 @@ int main(int argc, char **argv) { if(show_version) { printf("%s version %s (built %s %s, protocol %d.%d)\n", PACKAGE, - VERSION, __DATE__, __TIME__, PROT_MAJOR, PROT_MINOR); - printf("Copyright (C) 1998-2013 Ivo Timmermans, Guus Sliepen and others.\n" + VERSION, BUILD_DATE, BUILD_TIME, PROT_MAJOR, PROT_MINOR); + printf("Copyright (C) 1998-2014 Ivo Timmermans, Guus Sliepen and others.\n" "See the AUTHORS file for a complete list.\n\n" "tinc comes with ABSOLUTELY NO WARRANTY. This is free software,\n" "and you are welcome to redistribute it under certain conditions;\n" @@ -371,15 +383,24 @@ int main(int argc, char **argv) { #endif #ifdef HAVE_MINGW - if(!do_detach || !init_service()) - return main2(argc, argv); - else - return 1; + io_add_event(&stop_io, stop_handler, NULL, WSACreateEvent()); + if (stop_io.event == FALSE) + abort(); + + int result; + if(!do_detach || !init_service()) { + SetConsoleCtrlHandler(console_ctrl_handler, TRUE); + result = main2(argc, argv); + } else + result = 1; + + if (WSACloseEvent(stop_io.event) == FALSE) + abort(); + io_del(&stop_io); + return result; } int main2(int argc, char **argv) { - InitializeCriticalSection(&mutex); - EnterCriticalSection(&mutex); #endif char *priority = NULL; @@ -440,9 +461,6 @@ int main2(int argc, char **argv) { /* Shutdown properly. */ - if(debug_level >= DEBUG_CONNECTIONS) - devops.dump_stats(); - end: close_network_connections(); diff --git a/src/top.c b/src/top.c index b1ab40c..40b8047 100644 --- a/src/top.c +++ b/src/top.c @@ -21,6 +21,7 @@ #ifdef HAVE_CURSES +#undef KEY_EVENT /* There are conflicting declarations for KEY_EVENT in Windows wincon.h and curses.h. */ #include #include "control_common.h" @@ -66,8 +67,10 @@ static float bscale = 1; static const char *punit = "pkts"; static float pscale = 1; -static void update(int fd) { - sendline(fd, "%d %d", CONTROL, REQ_DUMP_TRAFFIC); +static bool update(int fd) { + if(!sendline(fd, "%d %d", CONTROL, REQ_DUMP_TRAFFIC)) + return false; + gettimeofday(&cur, NULL); timersub(&cur, &prev, &diff); @@ -90,13 +93,10 @@ static void update(int fd) { int n = sscanf(line, "%d %d %s %"PRIu64" %"PRIu64" %"PRIu64" %"PRIu64, &code, &req, name, &in_packets, &in_bytes, &out_packets, &out_bytes); if(n == 2) - break; + return true; - if(n != 7) { - endwin(); - fprintf(stderr, "Error receiving traffic information\n"); - exit(1); - } + if(n != 7) + return false; nodestats_t *found = NULL; @@ -133,6 +133,8 @@ static void update(int fd) { found->out_packets = out_packets; found->out_bytes = out_bytes; } + + return false; } static int cmpfloat(float a, float b) { @@ -213,7 +215,8 @@ static void redraw(void) { for(int i = 0; i < n; i++) sorted[i]->i = i; - qsort(sorted, n, sizeof *sorted, sortfunc); + if(sorted) + qsort(sorted, n, sizeof *sorted, sortfunc); for(int i = 0, row = 3; i < n; i++, row++) { nodestats_t *node = sorted[i]; @@ -245,7 +248,9 @@ void top(int fd) { bool running = true; while(running) { - update(fd); + if(!update(fd)) + break; + redraw(); switch(getch()) { diff --git a/src/uml_device.c b/src/uml_device.c index d06832b..57d4843 100644 --- a/src/uml_device.c +++ b/src/uml_device.c @@ -38,9 +38,6 @@ static int write_fd = -1; static int state = 0; static char *device_info; -static uint64_t device_total_in = 0; -static uint64_t device_total_out = 0; - enum request_type { REQ_NEW_CONTROL }; static struct request { @@ -159,22 +156,29 @@ static bool setup_device(void) { } void close_device(void) { - if(listen_fd >= 0) - close(listen_fd); + if(listen_fd >= 0) { + close(listen_fd); listen_fd = -1; + } - if(request_fd >= 0) - close(request_fd); + if(request_fd >= 0) { + close(request_fd); request_fd = -1; + } - if(data_fd >= 0) - close(data_fd); + if(data_fd >= 0) { + close(data_fd); data_fd = -1; + } - if(write_fd >= 0) - close(write_fd); + if(write_fd >= 0) { + close(write_fd); write_fd = -1; + } unlink(device); - free(device); - if(iface) free(iface); + free(device); device = NULL; + if(iface) { + free(iface); iface = NULL; + } + device_info = NULL; } static bool read_packet(vpn_packet_t *packet) { @@ -240,7 +244,7 @@ static bool read_packet(vpn_packet_t *packet) { } case 2: { - if((inlen = read(data_fd, packet->data, MTU)) <= 0) { + if((inlen = read(data_fd, DATA(packet), MTU)) <= 0) { logger(DEBUG_ALWAYS, LOG_ERR, "Error while reading from %s %s: %s", device_info, device, strerror(errno)); event_exit(); @@ -249,8 +253,6 @@ static bool read_packet(vpn_packet_t *packet) { packet->len = inlen; - device_total_in += packet->len; - logger(DEBUG_TRAFFIC, LOG_DEBUG, "Read packet of %d bytes from %s", packet->len, device_info); @@ -273,7 +275,7 @@ static bool write_packet(vpn_packet_t *packet) { logger(DEBUG_TRAFFIC, LOG_DEBUG, "Writing packet of %d bytes to %s", packet->len, device_info); - if(write(write_fd, packet->data, packet->len) < 0) { + if(write(write_fd, DATA(packet), packet->len) < 0) { if(errno != EINTR && errno != EAGAIN) { logger(DEBUG_ALWAYS, LOG_ERR, "Can't write to %s %s: %s", device_info, device, strerror(errno)); event_exit(); @@ -282,21 +284,12 @@ static bool write_packet(vpn_packet_t *packet) { return false; } - device_total_out += packet->len; - return true; } -static void dump_device_stats(void) { - logger(DEBUG_ALWAYS, LOG_DEBUG, "Statistics for %s %s:", device_info, device); - logger(DEBUG_ALWAYS, LOG_DEBUG, " total bytes in: %10"PRIu64, device_total_in); - logger(DEBUG_ALWAYS, LOG_DEBUG, " total bytes out: %10"PRIu64, device_total_out); -} - const devops_t uml_devops = { .setup = setup_device, .close = close_device, .read = read_packet, .write = write_packet, - .dump_stats = dump_device_stats, }; diff --git a/src/utils.c b/src/utils.c index edaa354..65ba4b9 100644 --- a/src/utils.c +++ b/src/utils.c @@ -18,10 +18,10 @@ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ +#include "logger.h" #include "system.h" - -#include "../src/logger.h" #include "utils.h" +#include "xalloc.h" static const char hexadecimals[] = "0123456789ABCDEF"; static const char base64_original[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; @@ -52,14 +52,16 @@ static int charhex2bin(char c) { return toupper(c) - 'A' + 10; } -int hex2bin(const char *src, char *dst, int length) { +int hex2bin(const char *src, void *vdst, int length) { + char *dst = vdst; int i; for(i = 0; i < length && isxdigit(src[i * 2]) && isxdigit(src[i * 2 + 1]); i++) dst[i] = charhex2bin(src[i * 2]) * 16 + charhex2bin(src[i * 2 + 1]); return i; } -int bin2hex(const char *src, char *dst, int length) { +int bin2hex(const void *vsrc, char *dst, int length) { + const char *src = vsrc; for(int i = length - 1; i >= 0; i--) { dst[i * 2 + 1] = hexadecimals[(unsigned char) src[i] & 15]; dst[i * 2] = hexadecimals[(unsigned char) src[i] >> 4]; @@ -68,12 +70,12 @@ int bin2hex(const char *src, char *dst, int length) { return length * 2; } -int b64decode(const char *src, char *dst, int length) { +int b64decode(const char *src, void *dst, int length) { int i; uint32_t triplet = 0; unsigned char *udst = (unsigned char *)dst; - for(i = 0; i < length / 3 * 4 && src[i]; i++) { + for(i = 0; i < length && src[i]; i++) { triplet |= base64_decode[src[i] & 0xff] << (6 * (i & 3)); if((i & 3) == 3) { if(triplet & 0xff000000U) @@ -99,7 +101,7 @@ int b64decode(const char *src, char *dst, int length) { } } -static int b64encode_internal(const char *src, char *dst, int length, const char *alphabet) { +static int b64encode_internal(const void *src, char *dst, int length, const char *alphabet) { uint32_t triplet; const unsigned char *usrc = (unsigned char *)src; int si = length / 3 * 3; @@ -112,14 +114,14 @@ static int b64encode_internal(const char *src, char *dst, int length, const char dst[di + 1] = alphabet[triplet & 63]; triplet >>= 6; dst[di + 2] = alphabet[triplet]; dst[di + 3] = 0; - length = di + 2; + length = di + 3; break; case 1: triplet = usrc[si]; dst[di] = alphabet[triplet & 63]; triplet >>= 6; dst[di + 1] = alphabet[triplet]; dst[di + 2] = 0; - length = di + 1; + length = di + 2; break; default: dst[di] = 0; @@ -140,11 +142,11 @@ static int b64encode_internal(const char *src, char *dst, int length, const char return length; } -int b64encode(const char *src, char *dst, int length) { +int b64encode(const void *src, char *dst, int length) { return b64encode_internal(src, dst, length, base64_original); } -int b64encode_urlsafe(const char *src, char *dst, int length) { +int b64encode_urlsafe(const void *src, char *dst, int length) { return b64encode_internal(src, dst, length, base64_urlsafe); } @@ -177,3 +179,54 @@ unsigned int bitfield_to_int(const void *bitfield, size_t size) { memcpy(&value, bitfield, size); return value; } + +bool check_id(const char *id) { + if(!id || !*id) + return false; + + for(; *id; id++) + if(!isalnum(*id) && *id != '_') + return false; + + return true; +} + +/* Windows doesn't define HOST_NAME_MAX. */ +#ifndef HOST_NAME_MAX +#define HOST_NAME_MAX 255 +#endif + +char *replace_name(const char *name) { + char *ret_name; + + if (name[0] == '$') { + char *envname = getenv(name + 1); + char hostname[HOST_NAME_MAX+1]; + if (!envname) { + if (strcmp(name + 1, "HOST")) { + logger(DEBUG_ALWAYS, LOG_ERR, "Invalid Name: environment variable %s does not exist\n", name + 1); + return NULL; + } + if (gethostname(hostname, sizeof hostname) || !*hostname) { + logger(DEBUG_ALWAYS, LOG_ERR, "Could not get hostname: %s\n", sockstrerror(sockerrno)); + return NULL; + } + hostname[HOST_NAME_MAX] = 0; + envname = hostname; + } + ret_name = xstrdup(envname); + for (char *c = ret_name; *c; c++) + if (!isalnum(*c)) + *c = '_'; + } else { + ret_name = xstrdup(name); + } + + if (!check_id(ret_name)) { + logger(DEBUG_ALWAYS, LOG_ERR, "Invalid name for myself!"); + free(ret_name); + return NULL; + } + + return ret_name; +} diff --git a/src/utils.h b/src/utils.h index 85d6bf2..c3364ce 100644 --- a/src/utils.h +++ b/src/utils.h @@ -21,12 +21,12 @@ #ifndef __TINC_UTILS_H__ #define __TINC_UTILS_H__ -extern int hex2bin(const char *src, char *dst, int length); -extern int bin2hex(const char *src, char *dst, int length); +extern int hex2bin(const char *src, void *dst, int length); +extern int bin2hex(const void *src, char *dst, int length); -extern int b64encode(const char *src, char *dst, int length); -extern int b64encode_urlsafe(const char *src, char *dst, int length); -extern int b64decode(const char *src, char *dst, int length); +extern int b64encode(const void *src, char *dst, int length); +extern int b64encode_urlsafe(const void *src, char *dst, int length); +extern int b64decode(const char *src, void *dst, int length); #ifdef HAVE_MINGW extern const char *winerror(int); @@ -37,6 +37,7 @@ extern const char *winerror(int); #define sockmsgsize(x) ((x) == WSAEMSGSIZE) #define sockinprogress(x) ((x) == WSAEINPROGRESS || (x) == WSAEWOULDBLOCK) #define sockinuse(x) ((x) == WSAEADDRINUSE) +#define socknotconn(x) ((x) == WSAENOTCONN) #else #define sockerrno errno #define sockstrerror(x) strerror(x) @@ -44,8 +45,12 @@ extern const char *winerror(int); #define sockmsgsize(x) ((x) == EMSGSIZE) #define sockinprogress(x) ((x) == EINPROGRESS) #define sockinuse(x) ((x) == EADDRINUSE) +#define socknotconn(x) ((x) == ENOTCONN) #endif extern unsigned int bitfield_to_int(const void *bitfield, size_t size); +extern bool check_id(const char *); +char *replace_name(const char *name); + #endif /* __TINC_UTILS_H__ */ diff --git a/src/vde_device.c b/src/vde_device.c index 446ca16..73ad713 100644 --- a/src/vde_device.c +++ b/src/vde_device.c @@ -36,9 +36,6 @@ static int port = 0; static char *group = NULL; static char *device_info; -static uint64_t device_total_in = 0; -static uint64_t device_total_out = 0; - static bool setup_device(void) { libvdeplug_dynopen(plug); @@ -85,19 +82,22 @@ static bool setup_device(void) { } static void close_device(void) { - if(conn) - plug.vde_close(conn); + if(conn) { + plug.vde_close(conn); conn = NULL; + } if(plug.dl_handle) libvdeplug_dynclose(plug); - free(device); + free(device); device = NULL; - free(iface); + free(iface); iface = NULL; + + device_info = NULL; } static bool read_packet(vpn_packet_t *packet) { - int lenin = (ssize_t)plug.vde_recv(conn, packet->data, MTU, 0); + int lenin = (ssize_t)plug.vde_recv(conn, DATA(packet), MTU, 0); if(lenin <= 0) { logger(DEBUG_ALWAYS, LOG_ERR, "Error while reading from %s %s: %s", device_info, device, strerror(errno)); event_exit(); @@ -105,14 +105,14 @@ static bool read_packet(vpn_packet_t *packet) { } packet->len = lenin; - device_total_in += packet->len; + logger(DEBUG_TRAFFIC, LOG_DEBUG, "Read packet of %d bytes from %s", packet->len, device_info); return true; } static bool write_packet(vpn_packet_t *packet) { - if((ssize_t)plug.vde_send(conn, packet->data, packet->len, 0) < 0) { + if((ssize_t)plug.vde_send(conn, DATA(packet), packet->len, 0) < 0) { if(errno != EINTR && errno != EAGAIN) { logger(DEBUG_ALWAYS, LOG_ERR, "Can't write to %s %s: %s", device_info, device, strerror(errno)); event_exit(); @@ -121,21 +121,12 @@ static bool write_packet(vpn_packet_t *packet) { return false; } - device_total_out += packet->len; - return true; } -static void dump_device_stats(void) { - logger(DEBUG_ALWAYS, LOG_DEBUG, "Statistics for %s %s:", device_info, device); - logger(DEBUG_ALWAYS, LOG_DEBUG, " total bytes in: %10"PRIu64, device_total_in); - logger(DEBUG_ALWAYS, LOG_DEBUG, " total bytes out: %10"PRIu64, device_total_out); -} - const devops_t vde_devops = { .setup = setup_device, .close = close_device, .read = read_packet, .write = write_packet, - .dump_stats = dump_device_stats, }; diff --git a/src/version.c b/src/version.c new file mode 100644 index 0000000..fc62c8a --- /dev/null +++ b/src/version.c @@ -0,0 +1,24 @@ +/* + version.c -- version information + Copyright (C) 2014 Etienne Dechamps + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +*/ + +#include "version.h" + +/* This file is always rebuilt (even if there are no changes) so that the following is updated */ +const char* const BUILD_DATE = __DATE__; +const char* const BUILD_TIME = __TIME__; diff --git a/src/version.h b/src/version.h new file mode 100644 index 0000000..d3e4a1f --- /dev/null +++ b/src/version.h @@ -0,0 +1,26 @@ +/* + version.h -- header for version.c + Copyright (C) 2014 Etienne Dechamps + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +*/ + +#ifndef __TINC_VERSION_H__ +#define __TINC_VERSION_H__ + +extern const char* const BUILD_DATE; +extern const char* const BUILD_TIME; + +#endif /* __TINC_VERSION_H__ */ diff --git a/test-driver b/test-driver index 32bf39e..d306056 100755 --- a/test-driver +++ b/test-driver @@ -1,7 +1,7 @@ #! /bin/sh # test-driver - basic testsuite driver script. -scriptversion=2012-06-27.10; # UTC +scriptversion=2013-07-13.22; # UTC # Copyright (C) 2011-2013 Free Software Foundation, Inc. # @@ -44,13 +44,12 @@ print_usage () Usage: test-driver --test-name=NAME --log-file=PATH --trs-file=PATH [--expect-failure={yes|no}] [--color-tests={yes|no}] - [--enable-hard-errors={yes|no}] [--] TEST-SCRIPT + [--enable-hard-errors={yes|no}] [--] + TEST-SCRIPT [TEST-SCRIPT-ARGUMENTS] The '--test-name', '--log-file' and '--trs-file' options are mandatory. END } -# TODO: better error handling in option parsing (in particular, ensure -# TODO: $log_file, $trs_file and $test_name are defined). test_name= # Used for reporting. log_file= # Where to save the output of the test script. trs_file= # Where to save the metadata of the test run. @@ -69,10 +68,23 @@ while test $# -gt 0; do --enable-hard-errors) enable_hard_errors=$2; shift;; --) shift; break;; -*) usage_error "invalid option: '$1'";; + *) break;; esac shift done +missing_opts= +test x"$test_name" = x && missing_opts="$missing_opts --test-name" +test x"$log_file" = x && missing_opts="$missing_opts --log-file" +test x"$trs_file" = x && missing_opts="$missing_opts --trs-file" +if test x"$missing_opts" != x; then + usage_error "the following mandatory options are missing:$missing_opts" +fi + +if test $# -eq 0; then + usage_error "missing argument" +fi + if test $color_tests = yes; then # Keep this in sync with 'lib/am/check.am:$(am__tty_colors)'. red='' # Red. diff --git a/test/Makefile.am b/test/Makefile.am index a9c3895..5457b2f 100644 --- a/test/Makefile.am +++ b/test/Makefile.am @@ -4,6 +4,7 @@ TESTS = \ executables.test \ import-export.test \ invite-join.test \ + ns-ping.test \ ping.test \ sptps-basic.test \ variables.test diff --git a/test/Makefile.in b/test/Makefile.in index c6421fa..cdea11e 100644 --- a/test/Makefile.in +++ b/test/Makefile.in @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.14 from Makefile.am. +# Makefile.in generated by automake 1.14.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994-2013 Free Software Foundation, Inc. @@ -84,9 +84,12 @@ DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \ $(top_srcdir)/test-driver ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/m4/attribute.m4 \ - $(top_srcdir)/m4/curses.m4 $(top_srcdir)/m4/lzo.m4 \ - $(top_srcdir)/m4/openssl.m4 $(top_srcdir)/m4/readline.m4 \ - $(top_srcdir)/m4/zlib.m4 $(top_srcdir)/configure.ac + $(top_srcdir)/m4/ax_check_compile_flag.m4 \ + $(top_srcdir)/m4/ax_check_link_flag.m4 \ + $(top_srcdir)/m4/curses.m4 $(top_srcdir)/m4/libgcrypt.m4 \ + $(top_srcdir)/m4/lzo.m4 $(top_srcdir)/m4/openssl.m4 \ + $(top_srcdir)/m4/readline.m4 $(top_srcdir)/m4/zlib.m4 \ + $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d @@ -381,9 +384,6 @@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ LDFLAGS = @LDFLAGS@ -LIBGCRYPT_CFLAGS = @LIBGCRYPT_CFLAGS@ -LIBGCRYPT_CONFIG = @LIBGCRYPT_CONFIG@ -LIBGCRYPT_LIBS = @LIBGCRYPT_LIBS@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LN_S = @LN_S@ @@ -399,7 +399,6 @@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ -RANLIB = @RANLIB@ READLINE_LIBS = @READLINE_LIBS@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ @@ -461,6 +460,7 @@ TESTS = \ executables.test \ import-export.test \ invite-join.test \ + ns-ping.test \ ping.test \ sptps-basic.test \ variables.test diff --git a/test/commandline.test b/test/commandline.test index e95c953..157eb54 100755 --- a/test/commandline.test +++ b/test/commandline.test @@ -44,6 +44,7 @@ $tinc $c1 --net foo get name # Test tinc command line options that should not work +$tinc $c1 -n foo get somethingreallyunknown && exit 1 || true $tinc $c1 --net && exit 1 || true $tinc $c1 --net get name && exit 1 || true $tinc $c1 foo && exit 1 || true diff --git a/test/ns-ping.test b/test/ns-ping.test new file mode 100755 index 0000000..d5f9c7f --- /dev/null +++ b/test/ns-ping.test @@ -0,0 +1,70 @@ +#!/bin/sh + +. ./testlib.sh + +# Skip this test if we aren't root or if "ip netns" does not exist + +test "`id -u`" = "0" || exit 77 +ip netns list || exit 77 + +# Initialize two nodes + +$tinc $c1 <$d1/tinc-up <$d2/tinc-up <