81b1e4f6348 chore: Release v0.2.21-rc.1 9303e2e49a1 chore: Update the pkgsrc versions in the update-versions tool 71ec4b3b1e9 chore: Update the version-sync script to work in a post-tox.api.h world 66da842f753 chore: Add version update script compatible with ci-tools. 199878f7660 chore: Use new bazel script for circle ci. 8278e9cda46 chore: Add release issue template and workflow. a9bb3a1c4d1 chore: Fix alpine-s390x build. 6e0a641272e chore: Add a source tarball deploy workflow. 4adebe4d8b1 chore: Don't upload ios/macos variants in deploy workflows. 18f1d858ccb chore: Move one of the 3 freebsd builds to post-submit. 432ab60c002 feat: Add a Makefile for the single file deploy build. a86c0011fd5 chore: Add deploy job for single C file library. 2e7495e8f2a docs: Update changelog format to use the new clog-compatible way. a682da99e84 chore: Export wasmExports from the wasm binary. 12f34cdff27 chore: Add wasm to the nightly binary deploys. 1451029613f chore: Add strict-abi support for macOS/iOS. c53c30e09d9 chore: Add time option to manual fuzz trigger. 2ccecdc2a1a chore: Add remaining fuzz tests to cflite. 4626c2e230e test: Add a Net_Crypto fuzz test. b4a0e617c48 refactor: Use IP string length from ip_ntoa instead of strlen. b85b91f22f6 cleanup: rename getnodes/sendnodes to nodes request/response This change alignes the naming to be closer to the spec and make it less ambiguous. This change also changes the naming of some private/experimental marked APIs. - tox_callback_dht_nodes_response() - tox_dht_nodes_request() - Tox_Event_Dht_Get_Nodes_Response f1991aaa029 perf: Use stack allocation for strerror rendering. 3984211ccbf cleanup: remove kicked peers from saved peers list 26a991ed2be fix: ip to string function not accepting tcp families 712861f2e6d cleanup: Make websockify output qtox-compatible logging. 01932ea2f73 chore: Add opus and vpx to the toxcore wasm build. d29c42ef631 refactor: don't fully discard received DHT nodes. This is mostly forward thinking, where we might introduce other ip families, in addition to ipv4, ipv6, tcp_ipv4 etc. 21e2325934f chore: Fix xcframework tarball creation. b10c8b766ba chore: Fix xcframework checksum creation. 93787a9322e chore: Add ios/macos framework build. 9f723f891d3 fix: run do_gca also in bootstrap nodes 496cc703556 chore: Support arm64 iphone simulator. aa0e2a8e928 chore: Add support for more iOS architectures. 13ad8e81cbf chore: Add binary deploy workflows. c8344726378 refactor: Move tox_log_level out into its own file. 8799bea76c3 cleanup: Mark events/dispatch headers as experimental. d4164edb548 refactor: Remove tox_types.h; use `struct` tags instead. d408c982090 refactor: Move `Tox_Options` to `tox_options.h`. 5ab42d41209 chore: Move most cirrus jobs to circleci. 463eeae1144 cleanup: Avoid clashing with global define `DEBUG`. 92cc1e91747 refactor: Make Tox_Options own the passed proxy host and savedata. f276b397226 test: Add some more asserts for I/O and alloc to succeed. edb4dfc4869 fix: Don't crash on malloc failures in bin_unpack. be457d5d0b2 cleanup: Use tox memory for bin_unpack and net_strerror. git-subtree-dir: external/toxcore/c-toxcore git-subtree-split: 81b1e4f6348124784088591c4fe9ab41e273031d
321 lines
8.2 KiB
C
321 lines
8.2 KiB
C
/* SPDX-License-Identifier: GPL-3.0-or-later
|
|
* Copyright © 2016-2025 The TokTok team.
|
|
* Copyright © 2014 Tox project.
|
|
*/
|
|
|
|
#include "TCP_common.h"
|
|
|
|
#include <string.h>
|
|
|
|
#include "attributes.h"
|
|
#include "ccompat.h"
|
|
#include "crypto_core.h"
|
|
#include "logger.h"
|
|
#include "mem.h"
|
|
#include "network.h"
|
|
|
|
void wipe_priority_list(const Memory *mem, TCP_Priority_List *p)
|
|
{
|
|
while (p != nullptr) {
|
|
TCP_Priority_List *pp = p;
|
|
p = p->next;
|
|
mem_delete(mem, pp->data);
|
|
mem_delete(mem, pp);
|
|
}
|
|
}
|
|
|
|
/**
|
|
* @retval 0 if pending data was sent completely
|
|
* @retval -1 if it wasn't
|
|
*/
|
|
int send_pending_data_nonpriority(const Logger *logger, TCP_Connection *con)
|
|
{
|
|
if (con->last_packet_length == 0) {
|
|
return 0;
|
|
}
|
|
|
|
const uint16_t left = con->last_packet_length - con->last_packet_sent;
|
|
const int len = net_send(con->ns, logger, con->sock, con->last_packet + con->last_packet_sent, left, &con->ip_port,
|
|
con->net_profile);
|
|
|
|
if (len <= 0) {
|
|
return -1;
|
|
}
|
|
|
|
if (len == left) {
|
|
con->last_packet_length = 0;
|
|
con->last_packet_sent = 0;
|
|
return 0;
|
|
}
|
|
|
|
con->last_packet_sent += len;
|
|
return -1;
|
|
}
|
|
|
|
/**
|
|
* @retval 0 if pending data was sent completely
|
|
* @retval -1 if it wasn't
|
|
*/
|
|
int send_pending_data(const Logger *logger, TCP_Connection *con)
|
|
{
|
|
/* finish sending current non-priority packet */
|
|
if (send_pending_data_nonpriority(logger, con) == -1) {
|
|
return -1;
|
|
}
|
|
|
|
TCP_Priority_List *p = con->priority_queue_start;
|
|
|
|
while (p != nullptr) {
|
|
const uint16_t left = p->size - p->sent;
|
|
const int len = net_send(con->ns, logger, con->sock, p->data + p->sent, left, &con->ip_port, con->net_profile);
|
|
|
|
if (len != left) {
|
|
if (len > 0) {
|
|
p->sent += len;
|
|
}
|
|
|
|
break;
|
|
}
|
|
|
|
TCP_Priority_List *pp = p;
|
|
p = p->next;
|
|
mem_delete(con->mem, pp->data);
|
|
mem_delete(con->mem, pp);
|
|
}
|
|
|
|
con->priority_queue_start = p;
|
|
|
|
if (p == nullptr) {
|
|
con->priority_queue_end = nullptr;
|
|
return 0;
|
|
}
|
|
|
|
return -1;
|
|
}
|
|
|
|
/**
|
|
* @retval false on failure (only if mem_alloc fails)
|
|
* @retval true on success
|
|
*/
|
|
non_null()
|
|
static bool add_priority(TCP_Connection *con, const uint8_t *packet, uint16_t size, uint16_t sent)
|
|
{
|
|
TCP_Priority_List *p = con->priority_queue_end;
|
|
TCP_Priority_List *new_list = (TCP_Priority_List *)mem_alloc(con->mem, sizeof(TCP_Priority_List));
|
|
|
|
if (new_list == nullptr) {
|
|
return false;
|
|
}
|
|
|
|
uint8_t *data = (uint8_t *)mem_balloc(con->mem, size);
|
|
|
|
if (data == nullptr) {
|
|
mem_delete(con->mem, new_list);
|
|
return false;
|
|
}
|
|
|
|
memcpy(data, packet, size);
|
|
new_list->data = data;
|
|
new_list->size = size;
|
|
|
|
new_list->next = nullptr;
|
|
new_list->sent = sent;
|
|
|
|
if (p != nullptr) {
|
|
p->next = new_list;
|
|
} else {
|
|
con->priority_queue_start = new_list;
|
|
}
|
|
|
|
con->priority_queue_end = new_list;
|
|
return true;
|
|
}
|
|
|
|
/**
|
|
* @retval 1 on success.
|
|
* @retval 0 if could not send packet.
|
|
* @retval -1 on failure (connection must be killed).
|
|
*/
|
|
int write_packet_tcp_secure_connection(const Logger *logger, TCP_Connection *con, const uint8_t *data, uint16_t length,
|
|
bool priority)
|
|
{
|
|
if (length + CRYPTO_MAC_SIZE > MAX_PACKET_SIZE) {
|
|
return -1;
|
|
}
|
|
|
|
bool sendpriority = true;
|
|
|
|
if (send_pending_data(logger, con) == -1) {
|
|
if (priority) {
|
|
sendpriority = false;
|
|
} else {
|
|
return 0;
|
|
}
|
|
}
|
|
|
|
const uint16_t packet_size = sizeof(uint16_t) + length + CRYPTO_MAC_SIZE;
|
|
VLA(uint8_t, packet, packet_size);
|
|
|
|
uint16_t c_length = net_htons(length + CRYPTO_MAC_SIZE);
|
|
memcpy(packet, &c_length, sizeof(uint16_t));
|
|
int len = encrypt_data_symmetric(con->mem, con->shared_key, con->sent_nonce, data, length, packet + sizeof(uint16_t));
|
|
|
|
if ((unsigned int)len != (packet_size - sizeof(uint16_t))) {
|
|
return -1;
|
|
}
|
|
|
|
if (priority) {
|
|
len = sendpriority ? net_send(con->ns, logger, con->sock, packet, packet_size, &con->ip_port,
|
|
con->net_profile) : 0;
|
|
|
|
if (len <= 0) {
|
|
len = 0;
|
|
}
|
|
|
|
increment_nonce(con->sent_nonce);
|
|
|
|
if ((unsigned int)len == packet_size) {
|
|
return 1;
|
|
}
|
|
|
|
return add_priority(con, packet, packet_size, len) ? 1 : 0;
|
|
}
|
|
|
|
len = net_send(con->ns, logger, con->sock, packet, packet_size, &con->ip_port, con->net_profile);
|
|
|
|
if (len <= 0) {
|
|
return 0;
|
|
}
|
|
|
|
increment_nonce(con->sent_nonce);
|
|
|
|
if ((unsigned int)len == packet_size) {
|
|
return 1;
|
|
}
|
|
|
|
memcpy(con->last_packet, packet, packet_size);
|
|
con->last_packet_length = packet_size;
|
|
con->last_packet_sent = len;
|
|
return 1;
|
|
}
|
|
|
|
/** @brief Read length bytes from socket.
|
|
*
|
|
* return length on success
|
|
* return -1 on failure/no data in buffer.
|
|
*/
|
|
int read_tcp_packet(
|
|
const Logger *logger, const Memory *mem, const Network *ns, Socket sock, uint8_t *data, uint16_t length, const IP_Port *ip_port)
|
|
{
|
|
const uint16_t count = net_socket_data_recv_buffer(ns, sock);
|
|
|
|
if (count < length) {
|
|
if (count != 0) {
|
|
// Only log when there are some bytes available, as empty buffer
|
|
// is a very common case and this spams our logs.
|
|
LOGGER_TRACE(logger, "recv buffer has %d bytes, but requested %d bytes", count, length);
|
|
}
|
|
return -1;
|
|
}
|
|
|
|
const int len = net_recv(ns, logger, sock, data, length, ip_port);
|
|
|
|
if (len != length) {
|
|
LOGGER_ERROR(logger, "FAIL recv packet");
|
|
return -1;
|
|
}
|
|
|
|
return len;
|
|
}
|
|
|
|
/** @brief Read the next two bytes in TCP stream then convert them to
|
|
* length (host byte order).
|
|
*
|
|
* return length on success
|
|
* return 0 if nothing has been read from socket.
|
|
* return -1 on failure.
|
|
*/
|
|
non_null()
|
|
static uint16_t read_tcp_length(const Logger *logger, const Network *ns, Socket sock, const IP_Port *ip_port)
|
|
{
|
|
const uint16_t count = net_socket_data_recv_buffer(ns, sock);
|
|
|
|
if (count >= sizeof(uint16_t)) {
|
|
uint8_t length_buf[sizeof(uint16_t)];
|
|
const int len = net_recv(ns, logger, sock, length_buf, sizeof(length_buf), ip_port);
|
|
|
|
if (len != sizeof(uint16_t)) {
|
|
LOGGER_ERROR(logger, "FAIL recv packet");
|
|
return 0;
|
|
}
|
|
|
|
uint16_t length;
|
|
net_unpack_u16(length_buf, &length);
|
|
|
|
if (length > MAX_PACKET_SIZE) {
|
|
LOGGER_ERROR(logger, "TCP packet too large: %d > %d", length, MAX_PACKET_SIZE);
|
|
return -1;
|
|
}
|
|
|
|
return length;
|
|
}
|
|
|
|
return 0;
|
|
}
|
|
|
|
/**
|
|
* @return length of received packet on success.
|
|
* @retval 0 if could not read any packet.
|
|
* @retval -1 on failure (connection must be killed).
|
|
*/
|
|
int read_packet_tcp_secure_connection(
|
|
const Logger *logger, const Memory *mem, const Network *ns,
|
|
Socket sock, uint16_t *next_packet_length,
|
|
const uint8_t *shared_key, uint8_t *recv_nonce, uint8_t *data,
|
|
uint16_t max_len, const IP_Port *ip_port)
|
|
{
|
|
if (*next_packet_length == 0) {
|
|
const uint16_t len = read_tcp_length(logger, ns, sock, ip_port);
|
|
|
|
if (len == (uint16_t) -1) {
|
|
return -1;
|
|
}
|
|
|
|
if (len == 0) {
|
|
return 0;
|
|
}
|
|
|
|
*next_packet_length = len;
|
|
}
|
|
|
|
if (max_len + CRYPTO_MAC_SIZE < *next_packet_length) {
|
|
LOGGER_DEBUG(logger, "packet too large");
|
|
return -1;
|
|
}
|
|
|
|
VLA(uint8_t, data_encrypted, (int) *next_packet_length);
|
|
const int len_packet = read_tcp_packet(logger, mem, ns, sock, data_encrypted, *next_packet_length, ip_port);
|
|
|
|
if (len_packet == -1) {
|
|
return 0;
|
|
}
|
|
|
|
if (len_packet != *next_packet_length) {
|
|
LOGGER_WARNING(logger, "invalid packet length: %d, expected %d", len_packet, *next_packet_length);
|
|
return 0;
|
|
}
|
|
|
|
*next_packet_length = 0;
|
|
|
|
const int len = decrypt_data_symmetric(mem, shared_key, recv_nonce, data_encrypted, len_packet, data);
|
|
|
|
if (len + CRYPTO_MAC_SIZE != len_packet) {
|
|
LOGGER_ERROR(logger, "decrypted length %d does not match expected length %d", len + CRYPTO_MAC_SIZE, len_packet);
|
|
return -1;
|
|
}
|
|
|
|
increment_nonce(recv_nonce);
|
|
|
|
return len;
|
|
}
|