mirror of
https://github.com/irungentoo/toxcore.git
synced 2024-03-22 13:30:51 +08:00
Slightly more work done on the TCP relay server.
This commit is contained in:
parent
cb9b8fc7cd
commit
29afa26396
|
@ -161,21 +161,62 @@ static int read_TCP_packet(sock_t sock, uint8_t *data, uint16_t length)
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* return 0 if everything went well.
|
/* Kill a TCP_Secure_Connection
|
||||||
* return -1 if the connection must be killed.
|
|
||||||
*/
|
*/
|
||||||
static int handle_TCP_handshake(TCP_Secure_Connection *con, uint8_t *data, uint16_t length)
|
static void kill_TCP_connection(TCP_Secure_Connection *con)
|
||||||
{
|
{
|
||||||
|
kill_sock(con->sock);
|
||||||
|
memset(con, 0, sizeof(TCP_Secure_Connection));
|
||||||
}
|
}
|
||||||
|
|
||||||
/* return 0 if everything went well.
|
/* return 0 if everything went well.
|
||||||
* return -1 if the connection must be killed.
|
* return -1 if the connection must be killed.
|
||||||
*/
|
*/
|
||||||
static int read_connection_handshake(TCP_Secure_Connection *con)
|
static int handle_TCP_handshake(TCP_Secure_Connection *con, uint8_t *data, uint16_t length, uint8_t *self_secret_key)
|
||||||
{
|
{
|
||||||
int ok = 1;
|
if (length != TCP_CLIENT_HANDSHAKE_SIZE)
|
||||||
|
return -1;
|
||||||
|
|
||||||
|
if (con->status != TCP_STATUS_CONNECTED)
|
||||||
|
return -1;
|
||||||
|
|
||||||
|
uint8_t shared_key[crypto_box_BEFORENMBYTES];
|
||||||
|
encrypt_precompute(data, self_secret_key, shared_key);
|
||||||
|
uint8_t plain[TCP_HANDSHAKE_PLAIN_SIZE];
|
||||||
|
int len = decrypt_data_fast(shared_key, data + crypto_box_PUBLICKEYBYTES,
|
||||||
|
data + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES, TCP_HANDSHAKE_PLAIN_SIZE + crypto_box_MACBYTES, plain);
|
||||||
|
|
||||||
|
if (len != TCP_HANDSHAKE_PLAIN_SIZE)
|
||||||
|
return -1;
|
||||||
|
|
||||||
|
uint8_t temp_secret_key[crypto_box_SECRETKEYBYTES];
|
||||||
|
uint8_t resp_plain[TCP_HANDSHAKE_PLAIN_SIZE];
|
||||||
|
crypto_box_keypair(resp_plain, temp_secret_key);
|
||||||
|
random_nonce(con->sent_nonce);
|
||||||
|
memcpy(resp_plain + crypto_box_PUBLICKEYBYTES, con->sent_nonce, crypto_box_NONCEBYTES);
|
||||||
|
memcpy(con->recv_nonce, plain + crypto_box_PUBLICKEYBYTES, crypto_box_NONCEBYTES);
|
||||||
|
|
||||||
|
uint8_t response[TCP_SERVER_HANDSHAKE_SIZE];
|
||||||
|
new_nonce(response);
|
||||||
|
|
||||||
|
len = encrypt_data_fast(shared_key, response, resp_plain, TCP_HANDSHAKE_PLAIN_SIZE, response + crypto_box_NONCEBYTES);
|
||||||
|
|
||||||
|
if (len != TCP_HANDSHAKE_PLAIN_SIZE + crypto_box_MACBYTES)
|
||||||
|
return -1;
|
||||||
|
|
||||||
|
if (TCP_SERVER_HANDSHAKE_SIZE != send(con->sock, response, TCP_SERVER_HANDSHAKE_SIZE, 0))
|
||||||
|
return -1;
|
||||||
|
|
||||||
|
encrypt_precompute(plain, temp_secret_key, con->shared_key);
|
||||||
|
con->status = TCP_STATUS_UNCONFIRMED;
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* return 0 if everything went well.
|
||||||
|
* return -1 if the connection must be killed.
|
||||||
|
*/
|
||||||
|
static int read_connection_handshake(TCP_Secure_Connection *con, uint8_t *self_secret_key)
|
||||||
|
{
|
||||||
while (1) {
|
while (1) {
|
||||||
if (con->next_packet_length == 0) {
|
if (con->next_packet_length == 0) {
|
||||||
uint16_t len = read_length(con->sock);
|
uint16_t len = read_length(con->sock);
|
||||||
|
@ -183,7 +224,7 @@ static int read_connection_handshake(TCP_Secure_Connection *con)
|
||||||
if (len == 0)
|
if (len == 0)
|
||||||
break;
|
break;
|
||||||
|
|
||||||
if (len != TCP_SERVER_HANDSHAKE_SIZE)
|
if (len != TCP_CLIENT_HANDSHAKE_SIZE)
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
con->next_packet_length = len;
|
con->next_packet_length = len;
|
||||||
|
@ -191,7 +232,7 @@ static int read_connection_handshake(TCP_Secure_Connection *con)
|
||||||
uint8_t data[con->next_packet_length];
|
uint8_t data[con->next_packet_length];
|
||||||
|
|
||||||
if (read_TCP_packet(con->sock, data, con->next_packet_length) != -1) {
|
if (read_TCP_packet(con->sock, data, con->next_packet_length) != -1) {
|
||||||
return handle_TCP_handshake(con, data, con->next_packet_length);
|
return handle_TCP_handshake(con, data, con->next_packet_length, self_secret_key);
|
||||||
} else {
|
} else {
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
@ -210,7 +251,7 @@ static int accept_connection(TCP_Server *TCP_server, sock_t sock)
|
||||||
if (!set_nonblock(sock)) {
|
if (!set_nonblock(sock)) {
|
||||||
kill_sock(sock);
|
kill_sock(sock);
|
||||||
return 0;
|
return 0;
|
||||||
}//TODO
|
}
|
||||||
|
|
||||||
printf("accepted %u\n", sock);
|
printf("accepted %u\n", sock);
|
||||||
|
|
||||||
|
@ -241,7 +282,8 @@ static sock_t new_listening_TCP_socket(int family, uint16_t port)
|
||||||
return sock;
|
return sock;
|
||||||
}
|
}
|
||||||
|
|
||||||
TCP_Server *new_TCP_server(uint8_t ipv6_enabled, uint16_t num_sockets, uint16_t *ports)
|
TCP_Server *new_TCP_server(uint8_t ipv6_enabled, uint16_t num_sockets, uint16_t *ports, uint8_t *public_key,
|
||||||
|
uint8_t *secret_key)
|
||||||
{
|
{
|
||||||
if (num_sockets == 0 || ports == NULL)
|
if (num_sockets == 0 || ports == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
@ -277,6 +319,8 @@ TCP_Server *new_TCP_server(uint8_t ipv6_enabled, uint16_t num_sockets, uint16_t
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
memcpy(temp->public_key, public_key, crypto_box_PUBLICKEYBYTES);
|
||||||
|
memcpy(temp->secret_key, secret_key, crypto_box_SECRETKEYBYTES);
|
||||||
return temp;
|
return temp;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -28,7 +28,8 @@
|
||||||
|
|
||||||
#define MAX_INCOMMING_CONNECTIONS 32
|
#define MAX_INCOMMING_CONNECTIONS 32
|
||||||
|
|
||||||
#define TCP_SERVER_HANDSHAKE_SIZE (crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES + crypto_box_MACBYTES)
|
#define TCP_HANDSHAKE_PLAIN_SIZE (crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES)
|
||||||
|
#define TCP_SERVER_HANDSHAKE_SIZE (crypto_box_NONCEBYTES + TCP_HANDSHAKE_PLAIN_SIZE + crypto_box_MACBYTES)
|
||||||
#define TCP_CLIENT_HANDSHAKE_SIZE (crypto_box_PUBLICKEYBYTES + TCP_SERVER_HANDSHAKE_SIZE)
|
#define TCP_CLIENT_HANDSHAKE_SIZE (crypto_box_PUBLICKEYBYTES + TCP_SERVER_HANDSHAKE_SIZE)
|
||||||
|
|
||||||
enum {
|
enum {
|
||||||
|
@ -52,12 +53,16 @@ typedef struct {
|
||||||
sock_t *socks_listening;
|
sock_t *socks_listening;
|
||||||
unsigned int num_listening_socks;
|
unsigned int num_listening_socks;
|
||||||
|
|
||||||
|
uint8_t public_key[crypto_box_PUBLICKEYBYTES];
|
||||||
|
uint8_t secret_key[crypto_box_SECRETKEYBYTES];
|
||||||
TCP_Secure_Connection incomming_connection_queue[MAX_INCOMMING_CONNECTIONS];
|
TCP_Secure_Connection incomming_connection_queue[MAX_INCOMMING_CONNECTIONS];
|
||||||
|
uint16_t incomming_connection_queue_index;
|
||||||
} TCP_Server;
|
} TCP_Server;
|
||||||
|
|
||||||
/* Create new TCP server instance.
|
/* Create new TCP server instance.
|
||||||
*/
|
*/
|
||||||
TCP_Server *new_TCP_server(uint8_t ipv6_enabled, uint16_t num_sockets, uint16_t *ports);
|
TCP_Server *new_TCP_server(uint8_t ipv6_enabled, uint16_t num_sockets, uint16_t *ports, uint8_t *public_key,
|
||||||
|
uint8_t *secret_key);
|
||||||
|
|
||||||
/* Run the TCP_server
|
/* Run the TCP_server
|
||||||
*/
|
*/
|
||||||
|
|
Loading…
Reference in New Issue
Block a user