forked from Green-Sky/tomato
Green Sky
aae086cc65
b03b571272 fix: flaky tcp test This only fixes the symptoms, not the real problem. Sometimes or consistently on some platforms a socket might need a moment before it can be written to. 32e67ab4c2 cleanup: use typedef for private message ID's in callback 7b1db6adc1 feat: add message IDs to private group messages 99e0bcc27d refactor: Observers/ignored peers can now send and receive custom packets b3c3c49d26 fix: Disable IPv6 in Windows cross-compilation tests e742deddff feat: Check hashes of Windows dependencies when cross-compiling dfb9a0b02b fix: Test the current Windows Dockerfile, not an old Dockerhub image 14de93ccec chore: Use WineHQ's Wine as Debian Bookworm's crashes ed37616249 docs: Update the Windows cross-compilation section 9bb79c174f cleanup: Remove a couple of unnecessary misc_tools dependencies 19475adb70 chore: Statically link OpenMP into the cracker fun util on Windows 1be311e51f feat: Build the fun utils when cross-compiling to Windows 88133f8446 chore: Strip Windows binaries 3cc0ae7535 refactor: Copy over all of the required static dependencies c4fa8f7fb1 feat: Generate .def, .exp and .lib files when building for Windows 74bbac5363 feat: Let CMake create the dll instead of doing so ourselves 246642e9ae feat: Harden Windows cross-compilation 8d431c0d11 chore: Bump Windows build dependency versions e519f7998b fix: Remove unnecessary wsock32 dependency on Windows ed2b60c217 chore: Use a specific non-broken slimcc version. d7f21010a1 chore: Update github actions. e71a68b7f2 docs: Update the list of CMake options 77e08876ff chore: Remove mod and founder from group API naming scheme 12bc042767 docs: add the experimental api build option to INSTALL.md e1fa5cae96 refactor: Rename Queries to Query to align with other enums. be82a3ea30 fix: Correct type for conference offline peer numbers. 0627c36716 test: Add pkgsrc build. 92578afe4b test: Add FreeBSD VM action on GitHub. 52ece0f57b test: Build toxcore on NetBSD (VM). 3fe8ee2c11 chore: Only install tox_private.h on request. 9a8dfa06ab fix: save_compatibility_test failing on big-endian systems 86f5e55578 fix: Don't serve files from websockify. 710eb674a5 fix: Correctly pass extended public keys to group moderation code. 021db7031c refactor: Use `struct`s for extended public/secret keys. a1e999fd80 chore: Compile libsodium reference implementation with compcert. fbe3c19cf5 cleanup: correct a few nullable annotations 623e3ee5c3 cleanup: Don't use `memcpy` to cast arbitrary `struct`s to `uint8_t[]`. c71567dc18 fix: Pass array, not array pointer, to `memcmp`. 9b46a08144 cleanup: Never pass `void*` directly to `memcpy`. 5d7b7a7bbc refactor: Use tox rng to seed the keypair generation. 961891d568 cleanup: Small improvements found by PVS Studio. 8201019f0d chore: Disable NGC saving by default, enable through Tox_Options. 5dd9ee3f65 cleanup: Replace pointer arithmetic with explicit `&arr[i]`. ca4606d49d refactor: Use strong typedef for NGC peer id. 442213b722 cleanup: Simplify custom packet length check in NGC. 08d3393def fix: Correct a few potential null derefs in bootstrap daemon. b9877b32b0 fix: Add missing memunlock of local variable when it goes out of scope. dab5fe44b9 fix: Zero out stack-allocated secret key before return. f058103299 refactor: Make prune_gc_sanctions_list more obviously correct. 3ba7a0dec9 docs: Add static analysis tool list to README. 8d0811a0f3 docs: Run prettier-markdown on markdown files. 969e3a2bfc refactor: Fix network test not using the strong typedef 93c83fbc7c refactor: Use strong typedef instead of struct for `Socket`. 9fe18b176f fix: Fix some false positive from PVS Studio. 7c44379ccb cleanup: Check that WINXP macro exists before comparing it. 5c93231bef refactor: Make tox mutex non-recursive. aacff73939 docs: Fix up doxyfile. d55fc85ff5 docs: Add more documentation to crypto_core. 5bdaaaedb6 refactor: Remove `Tox *` from `tox_dispatch`. e202341e76 refactor: Don't rely on tox_dispatch passing tox in tests. 34df938f52 chore: Use C++ mode for clang-tidy. 8b05296a78 chore: Check that both gtest and gmock exist for tests. 42010660e1 test: Add slimcc compiler compatibility test. b473630321 chore: Add some comments to the astyle config. b7404f24f6 cleanup: Remove implicit bool conversions. 4e2dba4d9f chore: Reformat sources with astyle. 4359e3a6bc chore: Rename C++ headers to .hh suffixes. 0c05566e58 cleanup: Further `#include` cleanups. 8d29935b7a chore: Only check the bootstrap daemon checksum on release. f70e588bc6 cleanup: Add more `const` where possible. 511bfe39c8 cleanup: Use Bazel modules to enforce proper `#include` hygiene. 1710a0d091 refactor: Move pack/unpack `IP_Port` from DHT into network module. a975943564 chore: Really fix coverage docker image build. c08409390f chore: Fix post-submit coverage image. 39aadf8922 fix: Don't use `memcmp` to compare `IP_Port`s. d94246a906 fix: partially fix a bug that prevented group part messages from sending. eeaa039222 chore: Fix rpm build; add a CI check for it. 8328449c1a chore: Speed up docker builds a bit by reducing layer count. d6d67d56f3 cleanup: Add `const` where possible in auto tests. 6aa9e6850d cleanup: Minor cleanup of event unpack code. bdf460a3a9 refactor: Rename `system_{memory,...}` to `os_{memory,...}`. 203e1af81e fix: a few off by one errors in group autotests 5c093c4888 cleanup: Remove all uses of `SIZEOF_VLA`. 662c2140f3 test: Add goblint static analyser. 8f07755834 cleanup: Use `memzero(x, s)` instead of `memset(x, 0, s)`. a7258e40cf cleanup: Use explicit 0 instead of `PACKET_ID_PADDING`. 6370d0f15d cleanup: Expand the `Tox_Options` accessor macros. 14a1a0b9bd cleanup: Remove plan9 support. a05dccad13 test: Add a simple new/delete test for Tox. 1cdcf938b9 cleanup: Add comment after every `#endif`. ba99d4dc4b test: Fix comment I broke in the events test PR. e07248debb refactor: Migrate auto_tests to new events API. bdd42b5452 refactor: Add common msgpack array packer with callback. 3c659f5288 cleanup: Rename group to conference in groupav documentation. 89957be230 cleanup: Ensure handler params are named after callback params. c650d9d345 refactor: Pass `this` pointer as first param to s11n callbacks. e7fb91ddb8 refactor: Allow NULL pointers for byte arrays in events. 5e2c8cabc1 cleanup: make some improvements to group moderation test 259de4867e cleanup: Remove `bin_pack_{new,free}`. 21a8ff5895 cleanup: skip a do_gc iteration before removing peers marked for deletion 16809dc36e feat: Add dht_get_nodes_response event to the events system. git-subtree-dir: external/toxcore/c-toxcore git-subtree-split: b03b5712720de9a9901ea12fd741f177327a7021
401 lines
13 KiB
C
401 lines
13 KiB
C
/* SPDX-License-Identifier: GPL-3.0-or-later
|
|
* Copyright © 2019-2022 The TokTok team.
|
|
*/
|
|
|
|
#include "forwarding.h"
|
|
|
|
#include <assert.h>
|
|
#include <stdlib.h>
|
|
#include <string.h>
|
|
|
|
#include "DHT.h"
|
|
#include "attributes.h"
|
|
#include "ccompat.h"
|
|
#include "crypto_core.h"
|
|
#include "logger.h"
|
|
#include "mono_time.h"
|
|
#include "network.h"
|
|
#include "timed_auth.h"
|
|
|
|
struct Forwarding {
|
|
const Logger *log;
|
|
const Random *rng;
|
|
DHT *dht;
|
|
const Mono_Time *mono_time;
|
|
Networking_Core *net;
|
|
|
|
uint8_t hmac_key[CRYPTO_HMAC_KEY_SIZE];
|
|
|
|
forward_reply_cb *forward_reply_callback;
|
|
void *forward_reply_callback_object;
|
|
|
|
forwarded_request_cb *forwarded_request_callback;
|
|
void *forwarded_request_callback_object;
|
|
|
|
forwarded_response_cb *forwarded_response_callback;
|
|
void *forwarded_response_callback_object;
|
|
};
|
|
|
|
DHT *forwarding_get_dht(const Forwarding *forwarding)
|
|
{
|
|
return forwarding->dht;
|
|
}
|
|
|
|
#define SENDBACK_TIMEOUT 3600
|
|
|
|
bool send_forward_request(const Networking_Core *net, const IP_Port *forwarder,
|
|
const uint8_t *chain_keys, uint16_t chain_length,
|
|
const uint8_t *data, uint16_t data_length)
|
|
{
|
|
if (chain_length == 0 || chain_length > MAX_FORWARD_CHAIN_LENGTH
|
|
|| data_length > MAX_FORWARD_DATA_SIZE) {
|
|
return false;
|
|
}
|
|
|
|
const uint16_t len = forward_chain_packet_size(chain_length, data_length);
|
|
VLA(uint8_t, packet, len);
|
|
|
|
return create_forward_chain_packet(chain_keys, chain_length, data, data_length, packet)
|
|
&& sendpacket(net, forwarder, packet, len) == len;
|
|
}
|
|
|
|
uint16_t forward_chain_packet_size(uint16_t chain_length, uint16_t data_length)
|
|
{
|
|
return chain_length * (1 + CRYPTO_PUBLIC_KEY_SIZE) + data_length;
|
|
}
|
|
|
|
bool create_forward_chain_packet(const uint8_t *chain_keys, uint16_t chain_length,
|
|
const uint8_t *data, uint16_t data_length,
|
|
uint8_t *packet)
|
|
{
|
|
if (chain_length == 0 || chain_length > MAX_FORWARD_CHAIN_LENGTH
|
|
|| data_length > MAX_FORWARD_DATA_SIZE) {
|
|
return false;
|
|
}
|
|
|
|
uint16_t offset = 0;
|
|
|
|
for (uint16_t j = 0; j < chain_length; ++j) {
|
|
packet[offset] = NET_PACKET_FORWARD_REQUEST;
|
|
++offset;
|
|
memcpy(packet + offset, chain_keys + j * CRYPTO_PUBLIC_KEY_SIZE, CRYPTO_PUBLIC_KEY_SIZE);
|
|
offset += CRYPTO_PUBLIC_KEY_SIZE;
|
|
}
|
|
|
|
memcpy(packet + offset, data, data_length);
|
|
return true;
|
|
}
|
|
|
|
non_null()
|
|
static uint16_t forwarding_packet_length(uint16_t sendback_data_len, uint16_t data_length)
|
|
{
|
|
const uint16_t sendback_len = sendback_data_len == 0 ? 0 : TIMED_AUTH_SIZE + sendback_data_len;
|
|
return 1 + 1 + sendback_len + data_length;
|
|
}
|
|
|
|
non_null(1, 4, 6) nullable(2)
|
|
static bool create_forwarding_packet(const Forwarding *forwarding,
|
|
const uint8_t *sendback_data, uint16_t sendback_data_len,
|
|
const uint8_t *data, uint16_t length,
|
|
uint8_t *packet)
|
|
{
|
|
packet[0] = NET_PACKET_FORWARDING;
|
|
|
|
if (sendback_data_len == 0) {
|
|
packet[1] = 0;
|
|
memcpy(packet + 1 + 1, data, length);
|
|
} else {
|
|
const uint16_t sendback_len = TIMED_AUTH_SIZE + sendback_data_len;
|
|
|
|
if (sendback_len > MAX_SENDBACK_SIZE) {
|
|
return false;
|
|
}
|
|
|
|
packet[1] = sendback_len;
|
|
generate_timed_auth(forwarding->mono_time, SENDBACK_TIMEOUT, forwarding->hmac_key, sendback_data,
|
|
sendback_data_len, packet + 1 + 1);
|
|
|
|
if (sendback_data_len != 0) {
|
|
assert(sendback_data != nullptr);
|
|
memcpy(packet + 1 + 1 + TIMED_AUTH_SIZE, sendback_data, sendback_data_len);
|
|
}
|
|
|
|
memcpy(packet + 1 + 1 + sendback_len, data, length);
|
|
}
|
|
|
|
return true;
|
|
}
|
|
|
|
bool send_forwarding(const Forwarding *forwarding, const IP_Port *dest,
|
|
const uint8_t *sendback_data, uint16_t sendback_data_len,
|
|
const uint8_t *data, uint16_t length)
|
|
{
|
|
if (length > MAX_FORWARD_DATA_SIZE) {
|
|
return false;
|
|
}
|
|
|
|
const uint16_t len = forwarding_packet_length(sendback_data_len, length);
|
|
VLA(uint8_t, packet, len);
|
|
create_forwarding_packet(forwarding, sendback_data, sendback_data_len, data, length, packet);
|
|
return sendpacket(forwarding->net, dest, packet, len) == len;
|
|
}
|
|
|
|
#define FORWARD_REQUEST_MIN_PACKET_SIZE (1 + CRYPTO_PUBLIC_KEY_SIZE)
|
|
|
|
non_null(1) nullable(2, 4)
|
|
static bool handle_forward_request_dht(const Forwarding *forwarding,
|
|
const uint8_t *sendback_data, uint16_t sendback_data_len,
|
|
const uint8_t *packet, uint16_t length)
|
|
{
|
|
if (length < FORWARD_REQUEST_MIN_PACKET_SIZE) {
|
|
return false;
|
|
}
|
|
|
|
const uint8_t *const public_key = packet + 1;
|
|
const uint8_t *const forward_data = packet + (1 + CRYPTO_PUBLIC_KEY_SIZE);
|
|
const uint16_t forward_data_len = length - (1 + CRYPTO_PUBLIC_KEY_SIZE);
|
|
|
|
if (TIMED_AUTH_SIZE + sendback_data_len > MAX_SENDBACK_SIZE ||
|
|
forward_data_len > MAX_FORWARD_DATA_SIZE) {
|
|
return false;
|
|
}
|
|
|
|
const uint16_t len = forwarding_packet_length(sendback_data_len, forward_data_len);
|
|
VLA(uint8_t, forwarding_packet, len);
|
|
|
|
create_forwarding_packet(forwarding, sendback_data, sendback_data_len, forward_data, forward_data_len,
|
|
forwarding_packet);
|
|
|
|
return route_packet(forwarding->dht, public_key, forwarding_packet, len) == len;
|
|
}
|
|
|
|
non_null(1, 2) nullable(3, 5)
|
|
static int handle_forward_request(void *object, const IP_Port *source, const uint8_t *packet, uint16_t length,
|
|
void *userdata)
|
|
{
|
|
const Forwarding *forwarding = (const Forwarding *)object;
|
|
|
|
uint8_t sendback_data[1 + MAX_PACKED_IPPORT_SIZE];
|
|
sendback_data[0] = SENDBACK_IPPORT;
|
|
|
|
const int ipport_length = pack_ip_port(forwarding->log, sendback_data + 1, MAX_PACKED_IPPORT_SIZE, source);
|
|
|
|
if (ipport_length == -1) {
|
|
return 1;
|
|
}
|
|
|
|
return handle_forward_request_dht(forwarding, sendback_data, 1 + ipport_length, packet, length) ? 0 : 1;
|
|
}
|
|
|
|
#define MIN_NONEMPTY_SENDBACK_SIZE TIMED_AUTH_SIZE
|
|
#define FORWARD_REPLY_MIN_PACKET_SIZE (1 + 1 + MIN_NONEMPTY_SENDBACK_SIZE)
|
|
|
|
non_null(1, 2) nullable(3, 5)
|
|
static int handle_forward_reply(void *object, const IP_Port *source, const uint8_t *packet, uint16_t length,
|
|
void *userdata)
|
|
{
|
|
const Forwarding *forwarding = (const Forwarding *)object;
|
|
|
|
if (length < FORWARD_REPLY_MIN_PACKET_SIZE) {
|
|
return 1;
|
|
}
|
|
|
|
const uint8_t sendback_len = packet[1];
|
|
const uint8_t *const sendback_auth = packet + 1 + 1;
|
|
const uint8_t *const sendback_data = sendback_auth + TIMED_AUTH_SIZE;
|
|
|
|
if (sendback_len > MAX_SENDBACK_SIZE) {
|
|
/* value 0xff is reserved for possible future expansion */
|
|
return 1;
|
|
}
|
|
|
|
if (sendback_len < TIMED_AUTH_SIZE + 1) {
|
|
return 1;
|
|
}
|
|
|
|
const uint16_t sendback_data_len = sendback_len - TIMED_AUTH_SIZE;
|
|
|
|
if (length < 1 + 1 + sendback_len) {
|
|
return 1;
|
|
}
|
|
|
|
const uint8_t *const to_forward = packet + (1 + 1 + sendback_len);
|
|
const uint16_t to_forward_len = length - (1 + 1 + sendback_len);
|
|
|
|
if (!check_timed_auth(forwarding->mono_time, SENDBACK_TIMEOUT, forwarding->hmac_key, sendback_data, sendback_data_len,
|
|
sendback_auth)) {
|
|
return 1;
|
|
}
|
|
|
|
if (sendback_data[0] == SENDBACK_IPPORT) {
|
|
IP_Port dest;
|
|
|
|
if (unpack_ip_port(&dest, sendback_data + 1, sendback_data_len - 1, false)
|
|
!= sendback_data_len - 1) {
|
|
return 1;
|
|
}
|
|
|
|
return send_forwarding(forwarding, &dest, nullptr, 0, to_forward, to_forward_len) ? 0 : 1;
|
|
}
|
|
|
|
if (sendback_data[0] == SENDBACK_FORWARD) {
|
|
IP_Port forwarder;
|
|
const int ipport_length = unpack_ip_port(&forwarder, sendback_data + 1, sendback_data_len - 1, false);
|
|
|
|
if (ipport_length == -1) {
|
|
return 1;
|
|
}
|
|
|
|
const uint8_t *const forward_sendback = sendback_data + (1 + ipport_length);
|
|
const uint16_t forward_sendback_len = sendback_data_len - (1 + ipport_length);
|
|
|
|
return forward_reply(forwarding->net, &forwarder, forward_sendback, forward_sendback_len, to_forward,
|
|
to_forward_len) ? 0 : 1;
|
|
}
|
|
|
|
if (forwarding->forward_reply_callback == nullptr) {
|
|
return 1;
|
|
}
|
|
|
|
return forwarding->forward_reply_callback(forwarding->forward_reply_callback_object,
|
|
sendback_data, sendback_data_len,
|
|
to_forward, to_forward_len) ? 0 : 1;
|
|
}
|
|
|
|
#define FORWARDING_MIN_PACKET_SIZE (1 + 1)
|
|
|
|
non_null(1, 2) nullable(3, 5)
|
|
static int handle_forwarding(void *object, const IP_Port *source, const uint8_t *packet, uint16_t length,
|
|
void *userdata)
|
|
{
|
|
const Forwarding *forwarding = (const Forwarding *)object;
|
|
|
|
if (length < FORWARDING_MIN_PACKET_SIZE) {
|
|
return 1;
|
|
}
|
|
|
|
const uint8_t sendback_len = packet[1];
|
|
|
|
if (length < 1 + 1 + sendback_len) {
|
|
return 1;
|
|
}
|
|
|
|
const uint8_t *const sendback = packet + 1 + 1;
|
|
|
|
const uint8_t *const forwarded = sendback + sendback_len;
|
|
const uint16_t forwarded_len = length - (1 + 1 + sendback_len);
|
|
|
|
if (forwarded_len >= 1 && forwarded[0] == NET_PACKET_FORWARD_REQUEST) {
|
|
VLA(uint8_t, sendback_data, 1 + MAX_PACKED_IPPORT_SIZE + sendback_len);
|
|
sendback_data[0] = SENDBACK_FORWARD;
|
|
|
|
const int ipport_length = pack_ip_port(forwarding->log, sendback_data + 1, MAX_PACKED_IPPORT_SIZE, source);
|
|
|
|
if (ipport_length == -1) {
|
|
return 1;
|
|
}
|
|
|
|
memcpy(sendback_data + 1 + ipport_length, sendback, sendback_len);
|
|
|
|
return handle_forward_request_dht(forwarding, sendback_data, 1 + ipport_length + sendback_len, forwarded,
|
|
forwarded_len) ? 0 : 1;
|
|
}
|
|
|
|
if (sendback_len > 0) {
|
|
if (forwarding->forwarded_request_callback == nullptr) {
|
|
return 1;
|
|
}
|
|
|
|
forwarding->forwarded_request_callback(forwarding->forwarded_request_callback_object,
|
|
source, sendback, sendback_len,
|
|
forwarded, forwarded_len, userdata);
|
|
return 0;
|
|
} else {
|
|
if (forwarding->forwarded_response_callback == nullptr) {
|
|
return 1;
|
|
}
|
|
|
|
forwarding->forwarded_response_callback(forwarding->forwarded_response_callback_object,
|
|
forwarded, forwarded_len, userdata);
|
|
return 0;
|
|
}
|
|
}
|
|
|
|
bool forward_reply(const Networking_Core *net, const IP_Port *forwarder,
|
|
const uint8_t *sendback, uint16_t sendback_length,
|
|
const uint8_t *data, uint16_t length)
|
|
{
|
|
if (sendback_length > MAX_SENDBACK_SIZE ||
|
|
length > MAX_FORWARD_DATA_SIZE) {
|
|
return false;
|
|
}
|
|
|
|
const uint16_t len = 1 + 1 + sendback_length + length;
|
|
VLA(uint8_t, packet, len);
|
|
packet[0] = NET_PACKET_FORWARD_REPLY;
|
|
packet[1] = (uint8_t) sendback_length;
|
|
memcpy(packet + 1 + 1, sendback, sendback_length);
|
|
memcpy(packet + 1 + 1 + sendback_length, data, length);
|
|
return sendpacket(net, forwarder, packet, len) == len;
|
|
}
|
|
|
|
void set_callback_forwarded_request(Forwarding *forwarding, forwarded_request_cb *function, void *object)
|
|
{
|
|
forwarding->forwarded_request_callback = function;
|
|
forwarding->forwarded_request_callback_object = object;
|
|
}
|
|
|
|
void set_callback_forwarded_response(Forwarding *forwarding, forwarded_response_cb *function, void *object)
|
|
{
|
|
forwarding->forwarded_response_callback = function;
|
|
forwarding->forwarded_response_callback_object = object;
|
|
}
|
|
|
|
void set_callback_forward_reply(Forwarding *forwarding, forward_reply_cb *function, void *object)
|
|
{
|
|
forwarding->forward_reply_callback = function;
|
|
forwarding->forward_reply_callback_object = object;
|
|
}
|
|
|
|
Forwarding *new_forwarding(const Logger *log, const Random *rng, const Mono_Time *mono_time, DHT *dht)
|
|
{
|
|
if (log == nullptr || mono_time == nullptr || dht == nullptr) {
|
|
return nullptr;
|
|
}
|
|
|
|
Forwarding *forwarding = (Forwarding *)calloc(1, sizeof(Forwarding));
|
|
|
|
if (forwarding == nullptr) {
|
|
return nullptr;
|
|
}
|
|
|
|
forwarding->log = log;
|
|
forwarding->rng = rng;
|
|
forwarding->mono_time = mono_time;
|
|
forwarding->dht = dht;
|
|
forwarding->net = dht_get_net(dht);
|
|
|
|
networking_registerhandler(forwarding->net, NET_PACKET_FORWARD_REQUEST, &handle_forward_request, forwarding);
|
|
networking_registerhandler(forwarding->net, NET_PACKET_FORWARD_REPLY, &handle_forward_reply, forwarding);
|
|
networking_registerhandler(forwarding->net, NET_PACKET_FORWARDING, &handle_forwarding, forwarding);
|
|
|
|
new_hmac_key(forwarding->rng, forwarding->hmac_key);
|
|
|
|
return forwarding;
|
|
}
|
|
|
|
void kill_forwarding(Forwarding *forwarding)
|
|
{
|
|
if (forwarding == nullptr) {
|
|
return;
|
|
}
|
|
|
|
networking_registerhandler(forwarding->net, NET_PACKET_FORWARD_REQUEST, nullptr, nullptr);
|
|
networking_registerhandler(forwarding->net, NET_PACKET_FORWARD_REPLY, nullptr, nullptr);
|
|
networking_registerhandler(forwarding->net, NET_PACKET_FORWARDING, nullptr, nullptr);
|
|
|
|
crypto_memzero(forwarding->hmac_key, CRYPTO_HMAC_KEY_SIZE);
|
|
|
|
free(forwarding);
|
|
}
|