xtunnelsfamilydata.h

xtunnel nat/fw traversal source code

/*

	File:       XTunnelsFamilyData.h

	Contains:   X-Tunnels data members shared between parent and children

	Copyright:  (c) 2003 by Xten Networks, Inc., all rights reserved.

*/

#ifndef XTUNNELSFAMILYDATA_H__AB0DFC9F_ED59_411A_BE38_CEF84ABF1C5A_
#define XTUNNELSFAMILYDATA_H__AB0DFC9F_ED59_411A_BE38_CEF84ABF1C5A_ 1

#include "uiciudp.h"
#include "XTunnelsProtocol.h"

namespace XTunnels {

// used with SIGUSR2 from child to pipe to parent 
//    -- deathwatch info
//    -- host1/host2/password XCipher triplets
//    -- user/host XCipher conversation ID requests
extern int g_pChild2ParentInfoPipe[2];
//    -- user/host XCipher conversation ID replies
extern int g_pParent2ChildInfoPipe[2];

// note that these are only used on above type; compiler can align them as it pleases

enum {
   // to parent
	EInfoPacketChildOnDeathwatch = 1,
	EInfoPacketGotHostKeyPassword = 2,
	EInfoPacketWantCipherKey = 3,
	EInfoPacketClearXCipherCache = 4,
	
	// to child
	//EInfoPacketStatusRequest = 10,
	EInfoPacketCipherKey = 11
}; // end enums

// structures for piping to parent
typedef struct
   {
   unsigned long m_ulStatus; // expected to be SChild::eDeathwatch
   unsigned long m_ulChildIndex;
   unsigned long m_ulActivePortCount;
   unsigned long m_pActivePorts[EMaxActivePortCount];
   } TChildOnDeathwatchInfo;

typedef struct THostPairPasswordInfo
   {
   char m_szHostOne[EMaxDBHostLength];
   char m_szHostTwo[EMaxDBHostLength];
   char m_szPairPassword[EMaxDBHostLength];
   uuid_t m_tSequenceNumber;
   time_t m_tExpires;
   } THostPairPasswordInfo;

typedef struct TCipherKeyRequest
   {
   unsigned long m_ulRequesterPID;
   char m_szLocalHost[EMaxDBHostLength];
   char m_szRemoteHost[EMaxDBHostLength];
   char m_szRemoteUsername[EMaxDBUsernameLength];
   } TCipherKeyRequest;

typedef struct TChildToParentPipePacket
   {
   unsigned long m_ulPacketType;
   union
      {
      TChildOnDeathwatchInfo m_tDeathwatch;
      THostPairPasswordInfo m_tPairPassword;
      TCipherKeyRequest m_tKeyRequest;
      };
   } TChildToParentPipePacket;

typedef struct TCipherKeyReply
   {
   bool m_bFoundCipherKey;
   char m_pCipherkeyBytes[32];
   } TCipherKeyReply;

/*
typedef struct TStatusRequest
   {
   bool m_bSummaryInfoOnly;
   } TStatusRequest;
*/

typedef struct TParentToChildPipePacket
   {
   unsigned long m_ulPacketType;
   union
      {
      TCipherKeyReply m_tCipherKey;
      //TStatusRequest m_tStatus;
      };
   } TParentToChildPipePacket;


// common buffer for constructing messages and sending if no encryption/packing required
extern TXTunnelsPacket g_tSendingPacket;
// for g_tSendingPacket to be encrypted/packed into if necessary
extern TXTunnelsPacket g_tTransmitPacket;
// to read from remote into before checking encryption/packing
extern TXTunnelsPacket g_tReceivedPacket; 
// for g_tReceivedPacket to be unencrypted/unpacked into if necessary
extern TXTunnelsPacket g_tParsedPacket; 

// sets magic number and packet index; encrypts if necessary
// returns &g_tTransmitPacket or NULL if encryption fails
TXTunnelsPacket* PreparePacketForTransmit(
   TXTunnelsPacket* pSourcePacket,
   ssize_t tUnencryptedSize,
   long lEncryptionType,
   unsigned long& ulInOutPacketIndex,
   const char* szPassword
   );

int TransmitPreparedPacket(
   TXTunnelsPacket* pTransmissionData,
   int iTransmitTCPSocket,
   int iTransmitUDPSocket,
   u_buf_t* pUDPDestination
   );

// returns nil for protocol failure
TXTunnelsPacket* ReceivePacket(
   long& lInOutEncryptionType,
   int iReceiveTCPSocket,
   int iReceiveUDPSocket,
   u_buf_t* pUDPDestination,
   unsigned long ulBoundUDPRedirectAddress,
   u_port_t tBoundUDPRedirectPort,
   double dTimeoutSeconds,
   const char* szPassword
   );

// 1 = MD5 - m_pChallengeBlob is a unqiue ID which opposite side must pass into an 
// MD5 algorithm as "uniqueID:password" and reply with the result
// must reply with blob of string of MD5 result, without final NUL byte, 
// blob size is the string length
// EAlgorithm_SHA1 = 6,
// -- m_pChallengeBlob is a unqiue ID which opposite side must pass into an SHA1 algorithm 
// as "uniqueID:password" and reply with the result
// must reply with blob of string of SHA1 result, without final NUL byte,
// blob size is the string length
// HMAC is always 20 bytes long

void MakeSHA1SessionKeyColonPasswordDigest(
   unsigned long ulSessionKeySize,
   const char* szSessionKey,
   const char* szPassword,
	unsigned long& ulOutDigestSize,
	char* pOutDigest
   );

void MakeSessionKeyColonPasswordDigest(
   unsigned long ulEncryptionType,
   unsigned long ulSessionKeySize,
   const char* szSessionKey,
   const char* szPassword,
	unsigned long& ulOutDigestSize,
	char* pOutDigest
	);

void MakeSessionKeyColonPasswordDigestString(
   unsigned long ulEncryptionType,
   unsigned long ulSessionKeySize,
   const char* szSessionKey,
   const char* szPassword,
	char* szOutString
	);

void Get32ByteString(const unsigned char* pBytes, char* szOutString);
const char* GetSHA1DigestString(const unsigned char* pSHA1Digest, char* szOutString);
const char* GetDigestString(unsigned long ulKeyEncryptionType, char* pDigest, char* szOutString);

// for uuids and digests
void FillWithRandomLongs(void* pRandomize, int iSize);

// returns copy created with new[]
char* CreateString(const char* szFromString);

// stuff for parent <> child communication

enum {
   // indices of a pipe's int fd[2]
   EReadEnd = 0,
   EWriteEnd = 1
}; // end enums

long PipeRead(int pPipe[2], void* pData, unsigned long ulSize);
long PipeWrite(int pPipe[2], const void* pData, unsigned long ulSize);

// encryption/decryption
int DecryptTripleDES(
   char* inDestination,
   unsigned long inDestSize,
   char* inSource,
   unsigned long inSourceSize,
   const char* szPassword
);
int DecryptAES128(
   char* inDestination,
   unsigned long inDestSize,
   char* inSource,
   unsigned long inSourceSize,
   const char* szPassword
);
int DecryptAES192(
   char* inDestination,
   unsigned long inDestSize,
   char* inSource,
   unsigned long inSourceSize,
   const char* szPassword
);
int DecryptAES256(
   char* inDestination,
   unsigned long inDestSize,
   char* inSource,
   unsigned long inSourceSize,
   const char* szPassword
);
int EncryptTripleDES(
   char* outDestination,
   unsigned long& outDestSize,
   char* inSource,
   unsigned long inSourceSize,
   const char* szPassword
);
int EncryptAES128(
   char* outDestination,
   unsigned long& outDestSize,
   char* inSource,
   unsigned long inSourceSize,
   const char* szPassword
);
int EncryptAES192(
   char* outDestination,
   unsigned long& outDestSize,
   char* inSource,
   unsigned long inSourceSize,
   const char* szPassword
);
int EncryptAES256(
   char* outDestination,
   unsigned long& outDestSize,
   char* inSource,
   unsigned long inSourceSize,
   const char* szPassword
);

} // end namespace XTunnels

#endif // XTUNNELSFAMILYDATA_H__AB0DFC9F_ED59_411A_BE38_CEF84ABF1C5A_