|
@@ -3,8 +3,9 @@
|
|
|
/* $Id$ */
|
|
|
|
|
|
#include "or.h"
|
|
|
+extern or_options_t options; /* command-line and config-file options */
|
|
|
|
|
|
-/*
|
|
|
+/*
|
|
|
*
|
|
|
* these two functions are the main ways 'in' to connection_or
|
|
|
*
|
|
@@ -44,22 +45,6 @@ int connection_or_finished_flushing(connection_t *conn) {
|
|
|
assert(conn && conn->type == CONN_TYPE_OR);
|
|
|
|
|
|
switch(conn->state) {
|
|
|
- case OR_CONN_STATE_OP_CONNECTING:
|
|
|
- if (getsockopt(conn->s, SOL_SOCKET, SO_ERROR, &e, &len) < 0) { /* not yet */
|
|
|
- if(errno != EINPROGRESS){
|
|
|
- /* yuck. kill it. */
|
|
|
- log(LOG_DEBUG,"connection_or_finished_flushing(): in-progress connect failed. Removing.");
|
|
|
- return -1;
|
|
|
- } else {
|
|
|
- return 0; /* no change, see if next time is better */
|
|
|
- }
|
|
|
- }
|
|
|
- /* the connect has finished. */
|
|
|
-
|
|
|
- log(LOG_DEBUG,"connection_or_finished_flushing() : OP connection to router %s:%u established.",
|
|
|
- conn->address,conn->port);
|
|
|
-
|
|
|
- return or_handshake_op_send_keys(conn);
|
|
|
case OR_CONN_STATE_OP_SENDING_KEYS:
|
|
|
return or_handshake_op_finished_sending_keys(conn);
|
|
|
case OR_CONN_STATE_CLIENT_CONNECTING:
|
|
@@ -77,7 +62,10 @@ int connection_or_finished_flushing(connection_t *conn) {
|
|
|
log(LOG_DEBUG,"connection_or_finished_flushing() : OR connection to router %s:%u established.",
|
|
|
conn->address,conn->port);
|
|
|
|
|
|
- return or_handshake_client_send_auth(conn);
|
|
|
+ if(options.OnionRouter)
|
|
|
+ return or_handshake_client_send_auth(conn);
|
|
|
+ else
|
|
|
+ return or_handshake_op_send_keys(conn);
|
|
|
case OR_CONN_STATE_CLIENT_SENDING_AUTH:
|
|
|
log(LOG_DEBUG,"connection_or_finished_flushing(): client finished sending auth.");
|
|
|
conn->state = OR_CONN_STATE_CLIENT_AUTH_WAIT;
|
|
@@ -121,38 +109,35 @@ void conn_or_init_crypto(connection_t *conn) {
|
|
|
unsigned char iv[16];
|
|
|
|
|
|
assert(conn);
|
|
|
-#if 0
|
|
|
- printf("f_session_key: ");
|
|
|
- for(x=0;x<8;x++) {
|
|
|
- printf("%d ",conn->f_crypto->key[x]);
|
|
|
- }
|
|
|
- printf("\nb_session_key: ");
|
|
|
- for(x=0;x<8;x++) {
|
|
|
- printf("%d ",conn->b_crypto->key[x]);
|
|
|
- }
|
|
|
- printf("\n");
|
|
|
-#endif
|
|
|
|
|
|
memset((void *)iv, 0, 16);
|
|
|
crypto_cipher_set_iv(conn->f_crypto, iv);
|
|
|
crypto_cipher_set_iv(conn->b_crypto, iv);
|
|
|
-
|
|
|
+
|
|
|
crypto_cipher_encrypt_init_cipher(conn->f_crypto);
|
|
|
crypto_cipher_decrypt_init_cipher(conn->b_crypto);
|
|
|
/* always encrypt with f, always decrypt with b */
|
|
|
-
|
|
|
}
|
|
|
|
|
|
-/* helper function for connection_or_connect_as_or and _as_op.
|
|
|
- * returns NULL if the connection fails. If it succeeds, it sets
|
|
|
- * *result to 1 if connect() returned before completing, or to 2
|
|
|
- * if it completed, and returns the new conn.
|
|
|
- */
|
|
|
-connection_t *connection_or_connect(routerinfo_t *router, uint16_t port, int *result) {
|
|
|
+connection_t *connection_or_connect(routerinfo_t *router) {
|
|
|
connection_t *conn;
|
|
|
struct sockaddr_in router_addr;
|
|
|
int s;
|
|
|
|
|
|
+ assert(router);
|
|
|
+
|
|
|
+ if(router_is_me(router->addr, router->or_port)) {
|
|
|
+ /* this is me! don't connect to me. */
|
|
|
+ log(LOG_DEBUG,"connection_or_connect(): This is me. Skipping.");
|
|
|
+ return NULL;
|
|
|
+ }
|
|
|
+
|
|
|
+ /* this function should never be called if we're already connected to router, but */
|
|
|
+ /* check first to be sure */
|
|
|
+ conn = connection_exact_get_by_addr_port(router->addr,router->or_port);
|
|
|
+ if(conn)
|
|
|
+ return conn;
|
|
|
+
|
|
|
conn = connection_new(CONN_TYPE_OR);
|
|
|
if(!conn) {
|
|
|
return NULL;
|
|
@@ -160,14 +145,13 @@ connection_t *connection_or_connect(routerinfo_t *router, uint16_t port, int *re
|
|
|
|
|
|
/* set up conn so it's got all the data we need to remember */
|
|
|
conn->addr = router->addr;
|
|
|
- conn->port = router->or_port; /* NOTE we store or_port here always */
|
|
|
+ conn->port = router->or_port;
|
|
|
conn->bandwidth = router->bandwidth;
|
|
|
conn->pkey = crypto_pk_dup_key(router->pkey);
|
|
|
conn->address = strdup(router->address);
|
|
|
|
|
|
s=socket(PF_INET,SOCK_STREAM,IPPROTO_TCP);
|
|
|
- if (s < 0)
|
|
|
- {
|
|
|
+ if (s < 0) {
|
|
|
log(LOG_ERR,"Error creating network socket.");
|
|
|
connection_free(conn);
|
|
|
return NULL;
|
|
@@ -176,11 +160,10 @@ connection_t *connection_or_connect(routerinfo_t *router, uint16_t port, int *re
|
|
|
|
|
|
memset((void *)&router_addr,0,sizeof(router_addr));
|
|
|
router_addr.sin_family = AF_INET;
|
|
|
- router_addr.sin_port = htons(port);
|
|
|
+ router_addr.sin_port = htons(router->or_port);
|
|
|
router_addr.sin_addr.s_addr = htonl(router->addr);
|
|
|
|
|
|
- log(LOG_DEBUG,"connection_or_connect() : Trying to connect to %s:%u.",router->address,port);
|
|
|
-
|
|
|
+ log(LOG_DEBUG,"connection_or_connect() : Trying to connect to %s:%u.",router->address,router->or_port);
|
|
|
if(connect(s,(struct sockaddr *)&router_addr,sizeof(router_addr)) < 0){
|
|
|
if(errno != EINPROGRESS){
|
|
|
/* yuck. kill it. */
|
|
@@ -197,9 +180,8 @@ connection_t *connection_or_connect(routerinfo_t *router, uint16_t port, int *re
|
|
|
|
|
|
log(LOG_DEBUG,"connection_or_connect() : connect in progress.");
|
|
|
connection_watch_events(conn, POLLIN | POLLOUT); /* writable indicates finish, readable indicates broken link */
|
|
|
- *result = 1; /* connecting */
|
|
|
+ conn->state = OR_CONN_STATE_CLIENT_CONNECTING;
|
|
|
return conn;
|
|
|
-
|
|
|
}
|
|
|
}
|
|
|
|
|
@@ -211,62 +193,21 @@ connection_t *connection_or_connect(routerinfo_t *router, uint16_t port, int *re
|
|
|
return NULL;
|
|
|
}
|
|
|
|
|
|
- log(LOG_DEBUG,"connection_or_connect() : Connection to router %s:%u established.",router->address,port);
|
|
|
-
|
|
|
- *result = 2; /* connection finished */
|
|
|
- return(conn);
|
|
|
-}
|
|
|
-
|
|
|
-/*
|
|
|
- *
|
|
|
- * handshake for connecting to the op_port of an onion router
|
|
|
- *
|
|
|
- */
|
|
|
-
|
|
|
-connection_t *connection_or_connect_as_op(routerinfo_t *router) {
|
|
|
- connection_t *conn;
|
|
|
- int result=0; /* so connection_or_connect() can tell us what happened */
|
|
|
-
|
|
|
- assert(router);
|
|
|
-
|
|
|
- if(router_is_me(router->addr, router->or_port)) {
|
|
|
- /* this is me! don't connect to me. */
|
|
|
- log(LOG_WARNING,"connection_or_connect_as_op(): You just asked me to connect to myself.");
|
|
|
- return NULL;
|
|
|
- }
|
|
|
-
|
|
|
- /* this function should never be called if we're already connected to router, but */
|
|
|
- /* check first to be sure */
|
|
|
- conn = connection_exact_get_by_addr_port(router->addr,router->or_port);
|
|
|
- if(conn)
|
|
|
- return conn;
|
|
|
+ log(LOG_DEBUG,"connection_or_connect() : Connection to router %s:%u established.",
|
|
|
+ router->address, router->or_port);
|
|
|
|
|
|
- conn = connection_or_connect(router, router->op_port, &result);
|
|
|
- if(!conn)
|
|
|
- return NULL;
|
|
|
+ if((options.OnionRouter && or_handshake_client_send_auth(conn) >= 0) ||
|
|
|
+ (!options.OnionRouter && or_handshake_op_send_keys(conn) >= 0))
|
|
|
+ return conn; /* success! */
|
|
|
|
|
|
- assert(result != 0); /* if conn is defined, then it must have set result */
|
|
|
-
|
|
|
- /* now we know it succeeded */
|
|
|
- if(result == 1) {
|
|
|
- conn->state = OR_CONN_STATE_OP_CONNECTING;
|
|
|
- return conn;
|
|
|
- }
|
|
|
-
|
|
|
- if(result == 2) {
|
|
|
- /* move to the next step in the handshake */
|
|
|
- if(or_handshake_op_send_keys(conn) < 0) {
|
|
|
- connection_remove(conn);
|
|
|
- connection_free(conn);
|
|
|
- return NULL;
|
|
|
- }
|
|
|
- return conn;
|
|
|
- }
|
|
|
- return NULL; /* shouldn't get here; to keep gcc happy */
|
|
|
+ /* failure */
|
|
|
+ connection_remove(conn);
|
|
|
+ connection_free(conn);
|
|
|
+ return NULL;
|
|
|
}
|
|
|
|
|
|
int or_handshake_op_send_keys(connection_t *conn) {
|
|
|
- unsigned char message[36]; /* bandwidth(32bits), forward key(128bits), backward key(128bits) */
|
|
|
+ unsigned char message[38]; /* flag(16bits), bandwidth(32bits), forward key(128bits), backward key(128bits) */
|
|
|
unsigned char cipher[128];
|
|
|
int retval;
|
|
|
|
|
@@ -282,24 +223,13 @@ int or_handshake_op_send_keys(connection_t *conn) {
|
|
|
}
|
|
|
log(LOG_DEBUG,"or_handshake_op_send_keys() : Generated 3DES keys.");
|
|
|
/* compose the message */
|
|
|
- *(uint32_t *)message = htonl(conn->bandwidth);
|
|
|
- memcpy((void *)(message + 4), (void *)conn->f_crypto->key, 16);
|
|
|
- memcpy((void *)(message + 20), (void *)conn->b_crypto->key, 16);
|
|
|
-
|
|
|
-#if 0
|
|
|
- printf("f_session_key: ");
|
|
|
- for(x=0;x<16;x++) {
|
|
|
- printf("%d ",conn->f_crypto->key[x]);
|
|
|
- }
|
|
|
- printf("\nb_session_key: ");
|
|
|
- for(x=0;x<16;x++) {
|
|
|
- printf("%d ",conn->b_crypto->key[x]);
|
|
|
- }
|
|
|
- printf("\n");
|
|
|
-#endif
|
|
|
+ *(uint16_t *)(message) = htons(HANDSHAKE_AS_OP);
|
|
|
+ *(uint32_t *)(message+2) = htonl(conn->bandwidth);
|
|
|
+ memcpy((void *)(message+6), (void *)conn->f_crypto->key, 16);
|
|
|
+ memcpy((void *)(message+22), (void *)conn->b_crypto->key, 16);
|
|
|
|
|
|
/* encrypt with RSA */
|
|
|
- if(crypto_pk_public_encrypt(conn->pkey, message, 36, cipher, RSA_PKCS1_PADDING) < 0) {
|
|
|
+ if(crypto_pk_public_encrypt(conn->pkey, message, 38, cipher, RSA_PKCS1_PADDING) < 0) {
|
|
|
log(LOG_ERR,"or_handshake_op_send_keys(): Public key encryption failed.");
|
|
|
return -1;
|
|
|
}
|
|
@@ -338,49 +268,9 @@ int or_handshake_op_finished_sending_keys(connection_t *conn) {
|
|
|
return 0;
|
|
|
}
|
|
|
|
|
|
-/*
|
|
|
- *
|
|
|
- * auth handshake, as performed by OR *initiating* the connection
|
|
|
- *
|
|
|
- */
|
|
|
-
|
|
|
-connection_t *connection_or_connect_as_or(routerinfo_t *router) {
|
|
|
- connection_t *conn;
|
|
|
- int result=0; /* so connection_or_connect() can tell us what happened */
|
|
|
-
|
|
|
- assert(router);
|
|
|
-
|
|
|
- if(router_is_me(router->addr, router->or_port)) {
|
|
|
- /* this is me! don't connect to me. */
|
|
|
- log(LOG_DEBUG,"connection_or_connect_as_or(): This is me. Skipping.");
|
|
|
- return NULL;
|
|
|
- }
|
|
|
-
|
|
|
- conn = connection_or_connect(router, router->or_port, &result);
|
|
|
- if(!conn)
|
|
|
- return NULL;
|
|
|
-
|
|
|
- /* now we know it succeeded */
|
|
|
- if(result == 1) {
|
|
|
- conn->state = OR_CONN_STATE_CLIENT_CONNECTING;
|
|
|
- return conn;
|
|
|
- }
|
|
|
-
|
|
|
- if(result == 2) {
|
|
|
- /* move to the next step in the handshake */
|
|
|
- if(or_handshake_client_send_auth(conn) < 0) {
|
|
|
- connection_remove(conn);
|
|
|
- connection_free(conn);
|
|
|
- return NULL;
|
|
|
- }
|
|
|
- return conn;
|
|
|
- }
|
|
|
- return NULL; /* shouldn't get here; to keep gcc happy */
|
|
|
-}
|
|
|
-
|
|
|
int or_handshake_client_send_auth(connection_t *conn) {
|
|
|
int retval;
|
|
|
- char buf[48];
|
|
|
+ char buf[50];
|
|
|
char cipher[128];
|
|
|
struct sockaddr_in me; /* my router identity */
|
|
|
|
|
@@ -398,17 +288,18 @@ int or_handshake_client_send_auth(connection_t *conn) {
|
|
|
log(LOG_DEBUG,"or_handshake_client_send_auth() : Generated DES keys.");
|
|
|
|
|
|
/* generate first message */
|
|
|
- *(uint32_t*)buf = me.sin_addr.s_addr; /* local address, network order */
|
|
|
- *(uint16_t*)(buf+4) = me.sin_port; /* local port, network order */
|
|
|
- *(uint32_t*)(buf+6) = htonl(conn->addr); /* remote address */
|
|
|
- *(uint16_t*)(buf+10) = htons(conn->port); /* remote port */
|
|
|
- memcpy(buf+12,conn->f_crypto->key,16); /* keys */
|
|
|
- memcpy(buf+28,conn->b_crypto->key,16);
|
|
|
- *(uint32_t *)(buf+44) = htonl(conn->bandwidth); /* max link utilisation */
|
|
|
+ *(uint16_t*)buf = htons(HANDSHAKE_AS_OR);
|
|
|
+ *(uint32_t*)(buf+2) = me.sin_addr.s_addr; /* local address, network order */
|
|
|
+ *(uint16_t*)(buf+6) = me.sin_port; /* local port, network order */
|
|
|
+ *(uint32_t*)(buf+8) = htonl(conn->addr); /* remote address */
|
|
|
+ *(uint16_t*)(buf+12) = htons(conn->port); /* remote port */
|
|
|
+ memcpy(buf+14,conn->f_crypto->key,16); /* keys */
|
|
|
+ memcpy(buf+30,conn->b_crypto->key,16);
|
|
|
+ *(uint32_t *)(buf+46) = htonl(conn->bandwidth); /* max link utilisation */
|
|
|
log(LOG_DEBUG,"or_handshake_client_send_auth() : Generated first authentication message.");
|
|
|
|
|
|
/* encrypt message */
|
|
|
- retval = crypto_pk_public_encrypt(conn->pkey, buf, 48, cipher,RSA_PKCS1_PADDING);
|
|
|
+ retval = crypto_pk_public_encrypt(conn->pkey, buf, 50, cipher,RSA_PKCS1_PADDING);
|
|
|
if (retval == -1) /* error */
|
|
|
{
|
|
|
log(LOG_ERR,"Public-key encryption failed during authentication to %s:%u.",conn->address,conn->port);
|
|
@@ -550,9 +441,11 @@ int or_handshake_client_process_auth(connection_t *conn) {
|
|
|
int or_handshake_server_process_auth(connection_t *conn) {
|
|
|
int retval;
|
|
|
|
|
|
- char buf[128]; /* only 48 of this is expected to be used */
|
|
|
+ char buf[128]; /* 50 of this is expected to be used for OR, 38 for OP */
|
|
|
char cipher[128];
|
|
|
|
|
|
+ unsigned char iv[16];
|
|
|
+
|
|
|
uint32_t addr;
|
|
|
uint16_t port;
|
|
|
|
|
@@ -573,101 +466,130 @@ int or_handshake_server_process_auth(connection_t *conn) {
|
|
|
|
|
|
/* decrypt response */
|
|
|
retval = crypto_pk_private_decrypt(get_privatekey(), cipher, 128, buf, RSA_PKCS1_PADDING);
|
|
|
- if (retval == -1)
|
|
|
- {
|
|
|
+ if (retval == -1) {
|
|
|
log(LOG_ERR,"or_handshake_server_process_auth: Public-key decryption failed.");
|
|
|
log(LOG_DEBUG,"or_handshake_server_process_auth() : Reason : %s.",
|
|
|
crypto_perror());
|
|
|
return -1;
|
|
|
}
|
|
|
- else if (retval != 48)
|
|
|
- {
|
|
|
- log(LOG_ERR,"or_handshake_server_process_auth(): received an incorrect authentication request.");
|
|
|
- return -1;
|
|
|
- }
|
|
|
- log(LOG_DEBUG,"or_handshake_server_process_auth() : Decrypted authentication message.");
|
|
|
|
|
|
- /* identify the router */
|
|
|
- addr = ntohl(*(uint32_t*)buf); /* save the IP address */
|
|
|
- port = ntohs(*(uint16_t*)(buf+4)); /* save the port */
|
|
|
+ if (retval == 50) {
|
|
|
|
|
|
- router = router_get_by_addr_port(addr,port);
|
|
|
- if (!router)
|
|
|
- {
|
|
|
- log(LOG_DEBUG,"or_handshake_server_process_auth() : unknown router '%s:%d'. Will drop.", conn->address, port);
|
|
|
- return -1;
|
|
|
- }
|
|
|
- log(LOG_DEBUG,"or_handshake_server_process_auth() : Router identified as %s:%u.",
|
|
|
- router->address,router->or_port);
|
|
|
+ log(LOG_DEBUG,"or_handshake_server_process_auth(): Decrypted OR-style auth message.");
|
|
|
+ if(ntohs(*(uint16_t*)buf) != HANDSHAKE_AS_OR) {
|
|
|
+ log(LOG_DEBUG,"or_handshake_server_process_auth(): ...but wasn't labelled OR. Dropping.");
|
|
|
+ return -1;
|
|
|
+ }
|
|
|
|
|
|
- if(connection_exact_get_by_addr_port(addr,port)) {
|
|
|
- log(LOG_DEBUG,"or_handshake_server_process_auth(): That router is already connected. Dropping.");
|
|
|
- return -1;
|
|
|
- }
|
|
|
+ /* identify the router */
|
|
|
+ addr = ntohl(*(uint32_t*)(buf+2)); /* save the IP address */
|
|
|
+ port = ntohs(*(uint16_t*)(buf+6)); /* save the port */
|
|
|
|
|
|
- /* save keys */
|
|
|
- crypto_cipher_set_key(conn->b_crypto,buf+12);
|
|
|
- crypto_cipher_set_key(conn->f_crypto,buf+28);
|
|
|
+ router = router_get_by_addr_port(addr,port);
|
|
|
+ if (!router) {
|
|
|
+ log(LOG_DEBUG,"or_handshake_server_process_auth() : unknown router '%s:%d'. Will drop.", conn->address, port);
|
|
|
+ return -1;
|
|
|
+ }
|
|
|
+ log(LOG_DEBUG,"or_handshake_server_process_auth() : Router identified as %s:%u.",
|
|
|
+ router->address,router->or_port);
|
|
|
|
|
|
- /* update link info */
|
|
|
- bandwidth = ntohl(*(uint32_t *)(buf+44));
|
|
|
+ if(connection_exact_get_by_addr_port(addr,port)) {
|
|
|
+ log(LOG_DEBUG,"or_handshake_server_process_auth(): That router is already connected. Dropping.");
|
|
|
+ return -1;
|
|
|
+ }
|
|
|
|
|
|
- conn->bandwidth = router->bandwidth;
|
|
|
+ /* save keys */
|
|
|
+ crypto_cipher_set_key(conn->b_crypto,buf+14);
|
|
|
+ crypto_cipher_set_key(conn->f_crypto,buf+30);
|
|
|
|
|
|
- if (conn->bandwidth > bandwidth)
|
|
|
- conn->bandwidth = bandwidth;
|
|
|
+ /* update link info */
|
|
|
+ bandwidth = ntohl(*(uint32_t *)(buf+46));
|
|
|
|
|
|
- /* copy all relevant info to conn */
|
|
|
- conn->addr = router->addr, conn->port = router->or_port;
|
|
|
- conn->pkey = crypto_pk_dup_key(router->pkey);
|
|
|
- conn->address = strdup(router->address);
|
|
|
+ conn->bandwidth = router->bandwidth;
|
|
|
|
|
|
- /* generate a nonce */
|
|
|
- retval = crypto_pseudo_rand(8, conn->nonce);
|
|
|
- if (retval) /* error */
|
|
|
- {
|
|
|
- log(LOG_ERR,"Cannot generate a nonce.");
|
|
|
- return -1;
|
|
|
- }
|
|
|
- log(LOG_DEBUG,"or_handshake_server_process_auth() : Nonce generated.");
|
|
|
+ if (conn->bandwidth > bandwidth)
|
|
|
+ conn->bandwidth = bandwidth;
|
|
|
|
|
|
- *(uint32_t *)(buf+44) = htonl(conn->bandwidth); /* send max link utilisation */
|
|
|
- memcpy(buf+48,conn->nonce,8); /* append the nonce to the end of the message */
|
|
|
+ /* copy all relevant info to conn */
|
|
|
+ conn->addr = router->addr, conn->port = router->or_port;
|
|
|
+ conn->pkey = crypto_pk_dup_key(router->pkey);
|
|
|
+ conn->address = strdup(router->address);
|
|
|
|
|
|
- /* encrypt message */
|
|
|
- retval = crypto_pk_public_encrypt(conn->pkey, buf, 56, cipher,RSA_PKCS1_PADDING);
|
|
|
- if (retval == -1) /* error */
|
|
|
- {
|
|
|
- log(LOG_ERR,"Public-key encryption failed during authentication to %s:%u.",conn->address,conn->port);
|
|
|
- log(LOG_DEBUG,"or_handshake_server_process_auth() : Reason : %s.",crypto_perror());
|
|
|
- return -1;
|
|
|
- }
|
|
|
- log(LOG_DEBUG,"or_handshake_server_process_auth() : Reply encrypted.");
|
|
|
+ /* generate a nonce */
|
|
|
+ retval = crypto_pseudo_rand(8, conn->nonce);
|
|
|
+ if (retval) { /* error */
|
|
|
+ log(LOG_ERR,"Cannot generate a nonce.");
|
|
|
+ return -1;
|
|
|
+ }
|
|
|
+ log(LOG_DEBUG,"or_handshake_server_process_auth(): Nonce generated.");
|
|
|
+
|
|
|
+ memmove(buf, buf+2, 46);
|
|
|
+ *(uint32_t *)(buf+44) = htonl(conn->bandwidth); /* send max link utilisation */
|
|
|
+ memcpy(buf+48,conn->nonce,8); /* append the nonce to the end of the message */
|
|
|
+
|
|
|
+ /* encrypt message */
|
|
|
+ retval = crypto_pk_public_encrypt(conn->pkey, buf, 56, cipher,RSA_PKCS1_PADDING);
|
|
|
+ if (retval == -1) { /* error */
|
|
|
+ log(LOG_ERR,"Public-key encryption failed during authentication to %s:%u.",conn->address,conn->port);
|
|
|
+ log(LOG_DEBUG,"or_handshake_server_process_auth() : Reason : %s.",crypto_perror());
|
|
|
+ return -1;
|
|
|
+ }
|
|
|
+ log(LOG_DEBUG,"or_handshake_server_process_auth() : Reply encrypted.");
|
|
|
|
|
|
- /* send message */
|
|
|
+ /* send message */
|
|
|
|
|
|
- if(connection_write_to_buf(cipher, 128, conn) < 0) {
|
|
|
- log(LOG_DEBUG,"or_handshake_server_process_auth(): my outbuf is full. Oops.");
|
|
|
- return -1;
|
|
|
- }
|
|
|
- retval = connection_flush_buf(conn);
|
|
|
- if(retval < 0) {
|
|
|
- log(LOG_DEBUG,"or_handshake_server_process_auth(): bad socket while flushing.");
|
|
|
- return -1;
|
|
|
- }
|
|
|
- if(retval > 0) {
|
|
|
- /* still stuff on the buffer. */
|
|
|
- conn->state = OR_CONN_STATE_SERVER_SENDING_AUTH;
|
|
|
- connection_watch_events(conn, POLLOUT | POLLIN);
|
|
|
+ if(connection_write_to_buf(cipher, 128, conn) < 0) {
|
|
|
+ log(LOG_DEBUG,"or_handshake_server_process_auth(): my outbuf is full. Oops.");
|
|
|
+ return -1;
|
|
|
+ }
|
|
|
+ retval = connection_flush_buf(conn);
|
|
|
+ if(retval < 0) {
|
|
|
+ log(LOG_DEBUG,"or_handshake_server_process_auth(): bad socket while flushing.");
|
|
|
+ return -1;
|
|
|
+ }
|
|
|
+ if(retval > 0) {
|
|
|
+ /* still stuff on the buffer. */
|
|
|
+ conn->state = OR_CONN_STATE_SERVER_SENDING_AUTH;
|
|
|
+ connection_watch_events(conn, POLLOUT | POLLIN);
|
|
|
+ return 0;
|
|
|
+ }
|
|
|
+
|
|
|
+ /* it finished sending */
|
|
|
+ log(LOG_DEBUG,"or_handshake_server_process_auth(): Finished sending auth.");
|
|
|
+ conn->state = OR_CONN_STATE_SERVER_NONCE_WAIT;
|
|
|
+ connection_watch_events(conn, POLLIN);
|
|
|
return 0;
|
|
|
}
|
|
|
|
|
|
- /* it finished sending */
|
|
|
- log(LOG_DEBUG,"or_handshake_server_process_auth(): Finished sending auth.");
|
|
|
- conn->state = OR_CONN_STATE_SERVER_NONCE_WAIT;
|
|
|
- connection_watch_events(conn, POLLIN);
|
|
|
- return 0;
|
|
|
+ if(retval == 38) {
|
|
|
+ log(LOG_DEBUG,"or_handshake_server_process_auth(): Decrypted OP-style auth message.");
|
|
|
+ if(ntohs(*(uint16_t*)buf) != HANDSHAKE_AS_OP) {
|
|
|
+ log(LOG_DEBUG,"or_handshake_server_process_auth(): ...but wasn't labelled OP. Dropping.");
|
|
|
+ return -1;
|
|
|
+ }
|
|
|
+
|
|
|
+ conn->bandwidth = ntohl(*((uint32_t *)(buf+2)));
|
|
|
+ log(LOG_DEBUG,"or_handshake_server_process_auth(): Bandwidth %d requested.",conn->bandwidth);
|
|
|
+
|
|
|
+ crypto_cipher_set_key(conn->b_crypto, buf+6);
|
|
|
+ crypto_cipher_set_key(conn->f_crypto, buf+22);
|
|
|
+
|
|
|
+ memset(iv, 0, 16);
|
|
|
+ crypto_cipher_set_iv(conn->b_crypto, iv);
|
|
|
+ crypto_cipher_set_iv(conn->f_crypto, iv);
|
|
|
+
|
|
|
+ crypto_cipher_encrypt_init_cipher(conn->b_crypto);
|
|
|
+ crypto_cipher_decrypt_init_cipher(conn->f_crypto);
|
|
|
+
|
|
|
+ conn->state = OR_CONN_STATE_OPEN;
|
|
|
+ connection_init_timeval(conn);
|
|
|
+ connection_watch_events(conn, POLLIN);
|
|
|
+
|
|
|
+ return connection_process_inbuf(conn); /* in case they sent some cells along with the keys */
|
|
|
+ }
|
|
|
|
|
|
+ log(LOG_ERR,"or_handshake_server_process_auth(): received an incorrect authentication request.");
|
|
|
+ return -1;
|
|
|
}
|
|
|
|
|
|
int or_handshake_server_process_nonce(connection_t *conn) {
|