xtunnelsxcipher.cpp

xtunnel nat/fw traversal source code

   */

   u_char *ptr = pSRVReply + sizeof(HEADER);
   u_int16_t port = 0;
   u_int i = 0;
   char target[1024] = { 0 };

   for (i = 0; i < hdr->qdcount; i++)
      {
/*
#if DEBUG
      cout << "X-Cipher: ConnectToGlobalServer parsing SRV question " << i + 1 << " of " << hdr->qdcount << endl;
#endif // DEBUG
*/
      if (skip_question((char**)&ptr, (char*)pSRVReply, iResultLength) != 0)
         {
#if DEBUG
         cout << "X-Cipher: ConnectToGlobalServer error parsing SRV question " << i << " of " << hdr->qdcount << endl;
#endif // DEBUG
         return -1;
         }
      }

   for (i = 0; i < hdr->ancount; i++)
      {
/*
#if DEBUG
      cout << "X-Cipher: ConnectToGlobalServer parsing SRV record " << i + 1 << " of " << hdr->ancount << endl;
#endif // DEBUG
*/
      if (decode_srv((char**)&ptr, (char*)pSRVReply, iResultLength, target, &port) != 0)
         {
#if DEBUG
         cout << "X-Cipher: ConnectToGlobalServer error parsing SRV record " << i << " of " << hdr->ancount << endl;
#endif // DEBUG
         return -1;
         }

      // cut the dot off the end to get a valid address?
      if (target[strlen(target) - 1] == '.')
         target[strlen(target) - 1] = 0;

#if DEBUG
      cout << "X-Cipher: ConnectToGlobalServer connecting to " << target << " port " << port << endl;
#endif // DEBUG

      iGlobalServerSocket = u_connect(
         port,
         target
      );
      if (iGlobalServerSocket > -1)
         break;
      }

   return iGlobalServerSocket;
   }

// note that magic number and payload size are not set, 
// and inUnencryptedSize does not include magic number or packet index or encryption header
int SendPacketToGlobalOrMasterServer(
   TXTunnelsPacket* packet,
   ssize_t inUnencryptedSize, 
   unsigned long& ulInOutPacketIndex,
   long lEncryptionType,
   int iGlobalorMasterServerSocket,
   const char* szPassword
   )
	{
   TXTunnelsPacket* pTransmissionData = PreparePacketForTransmit(
      packet,
      inUnencryptedSize,
      lEncryptionType,
      ulInOutPacketIndex,
      szPassword
   );
   if (!pTransmissionData)
      return 1;
      
   int iTransmitErr = TransmitPreparedPacket(
      pTransmissionData,
      iGlobalorMasterServerSocket,
      0,
      NULL
   );
   
   return iTransmitErr;
	}

TXTunnelsPacket* GetGlobalOrMasterServerPacket(
   long& lInOutEncryptionType,
   int iGlobalServerSocket,
   unsigned long ulMessageType,
   const char* szPassword
   )
   {
   TXTunnelsPacket* pPacket = ReceivePacket(
      lInOutEncryptionType,
      iGlobalServerSocket,
      0,
      NULL,
      0,
      0,
      5.,
      szPassword
   );
   
   if (pPacket)
      {
      if (ulMessageType && (ulMessageType != pPacket->m_tHeaderBasic.commandid))
         {
#if DEBUG
		   cout << "PROTOCOL ERROR: GetGlobalOrMasterServerPacket() expected command ID " << ulMessageType << " not " << pPacket->m_tHeaderBasic.commandid << "!!" << endl;
#endif // DEBUG
         return NULL;
         }
      }
   
   return pPacket;
   }

int DoGlobalOrMasterServerLogin(
   int iGlobalOrMasterSocket,
   unsigned long& ulPacketIndex,
   long& lEncryptionType,
   const char* szOurHostName,
   uuid_t& tOurChallengeBlob, // random for global server; sequence id of password for master server
   const char* szLocalPassword,
   char* szMasterToGlobalEncryptionKey,
   char* szGlobalToMasterDecryptionKey
   )
   {
   // note that we always return global server version of communication/protocol errors
   // this is since master server version just aborts quietly if communications fail
   int iResult = 0;
   setnonblock(iGlobalOrMasterSocket);

	unsigned long ulPacketsize = 0;
   TXTunnelsPacket* pReceivedPacket = NULL;
   //char* szRetrievedPassword = NULL;
	
   // master server --> CXgsMarshal_GlobalServerCommunication_Version --> global server
	ulPacketsize = sizeof(TVersionParam);
	g_tSendingPacket.m_tHeaderBasic.commandid = HOST2XT32(EMessageVersion);
	g_tSendingPacket.m_tHeaderBasic.payloadsize = HOST2XT32(ulPacketsize);
	g_tSendingPacket.m_tData.m_tVersion.m_byProtocolMajor = XCipher::EGlobalServer_VERSION_PROTOCOL_MAJOR;
	g_tSendingPacket.m_tData.m_tVersion.m_byProtocolMinor = XCipher::EGlobalServer_VERSION_PROTOCOL_MINOR;
	g_tSendingPacket.m_tData.m_tVersion.m_wVersionID = HOST2XT16(ECurrentServerVersion);
	if (SendPacketToGlobalOrMasterServer(&g_tSendingPacket, ulPacketsize, ulPacketIndex, lEncryptionType, iGlobalOrMasterSocket, szMasterToGlobalEncryptionKey))
		{
		iResult = XCipher::EErrorCommunicationGlobalServer;
		goto bail;
		}

   // master server -->CXgsMarshal_GlobalServerCommunication_MasterServerToGlobalServer_Hello --> global server
   XCipher::TXCipherGlobalServerHelloParam tHelloUnpacked; // = { 0 };
   bzero(&tHelloUnpacked, sizeof(tHelloUnpacked));
   {
   tHelloUnpacked.how = ELoginNamePassword;
   tHelloUnpacked.useridsize = strlen(szOurHostName);
   strcpy(tHelloUnpacked.m_szUserID, szOurHostName);
   tHelloUnpacked.algorithm = EAlgorithm_SHA1; // EAlgorithm_MD5; // EAlgorithm_SHA1
   tHelloUnpacked.challengeblobsize = sizeof(tOurChallengeBlob);
	memcpy(&tHelloUnpacked.challengeblob, &tOurChallengeBlob, tHelloUnpacked.challengeblobsize);
	ulPacketsize = 
	   sizeof(tHelloUnpacked.how)
	   + sizeof(tHelloUnpacked.useridsize)
	   + tHelloUnpacked.useridsize
	   + sizeof(tHelloUnpacked.algorithm)
	   + sizeof(tHelloUnpacked.challengeblobsize)
	   + tHelloUnpacked.challengeblobsize;
	g_tSendingPacket.m_tHeaderBasic.commandid = HOST2XT32(EMessageClientHello);
	g_tSendingPacket.m_tHeaderBasic.payloadsize = HOST2XT32(ulPacketsize);
   char* pCurrentPayloadOffset = g_tSendingPacket.m_tData.m_pPayload;
   *(unsigned long*)pCurrentPayloadOffset = HOST2XT32(tHelloUnpacked.how);
   pCurrentPayloadOffset += sizeof(tHelloUnpacked.how);
   *(unsigned short*)pCurrentPayloadOffset = HOST2XT16(tHelloUnpacked.useridsize);
   pCurrentPayloadOffset += sizeof(tHelloUnpacked.useridsize);
   memcpy(pCurrentPayloadOffset, tHelloUnpacked.m_szUserID, tHelloUnpacked.useridsize);
   pCurrentPayloadOffset += tHelloUnpacked.useridsize;
   *(unsigned long*)pCurrentPayloadOffset = HOST2XT32(tHelloUnpacked.algorithm);
   pCurrentPayloadOffset += sizeof(tHelloUnpacked.algorithm);
   *(unsigned long*)pCurrentPayloadOffset = HOST2XT32(tHelloUnpacked.challengeblobsize);
   pCurrentPayloadOffset += sizeof(tHelloUnpacked.challengeblobsize);
   memcpy(pCurrentPayloadOffset, &tHelloUnpacked.challengeblob, tHelloUnpacked.challengeblobsize);
	if (SendPacketToGlobalOrMasterServer(&g_tSendingPacket, ulPacketsize, ulPacketIndex, lEncryptionType, iGlobalOrMasterSocket, szMasterToGlobalEncryptionKey))
		{
		iResult = XCipher::EErrorCommunicationGlobalServer;
		goto bail;
		}
   }
   
   // master server <-- CXgsMarshal_GlobalServerCommunication_Version <-- global server
   {
   pReceivedPacket = GetGlobalOrMasterServerPacket(lEncryptionType, iGlobalOrMasterSocket, EMessageVersion, szGlobalToMasterDecryptionKey);
   if (!pReceivedPacket)
		{
#if DEBUG
		   cout << "PROTOCOL ERROR: GetGlobalOrMasterServerPacket() failed to get EMessageVersion!!" << endl;
#endif // DEBUG
		iResult = XCipher::EErrorProtocolGlobalServer;
		goto bail;
		}
   TVersionParam tVersion = { 0 };
	tVersion.m_byProtocolMajor = pReceivedPacket->m_tData.m_tVersion.m_byProtocolMajor;
	tVersion.m_byProtocolMinor = pReceivedPacket->m_tData.m_tVersion.m_byProtocolMinor;
	tVersion.m_wVersionID = XT2HOST16(pReceivedPacket->m_tData.m_tVersion.m_wVersionID);
	// don't actually do anything with the version yet
   }

   // master server <-- CXgsMarshal_GlobalServerCommunication_GlobalServerToMasterServer_Challenge <-- global server
   ServerChallengeParam tServerChallenge; // = { 0 };
   bzero(&tServerChallenge, sizeof(tServerChallenge));
   pReceivedPacket = GetGlobalOrMasterServerPacket(lEncryptionType, iGlobalOrMasterSocket, EMessageServerChallenge, szGlobalToMasterDecryptionKey);
   if (!pReceivedPacket)
		{
#if DEBUG
		   cout << "PROTOCOL ERROR: GetGlobalOrMasterServerPacket() failed to get EMessageServerChallenge!!" << endl;
#endif // DEBUG
		iResult = XCipher::EErrorProtocolGlobalServer;
		goto bail;
		}
	tServerChallenge.algorithm = XT2HOST32(pReceivedPacket->m_tData.serverchallenge.algorithm);
	tServerChallenge.challengeblobsize = XT2HOST32(pReceivedPacket->m_tData.serverchallenge.challengeblobsize);
   memcpy(tServerChallenge.challengeblob, pReceivedPacket->m_tData.serverchallenge.challengeblob, tServerChallenge.challengeblobsize);
   
   // master server --> CXgsMarshal_GlobalServerCommunication_ChallengeReply --> global server
   {
   ChallengeReplyParam tChallengeUnpacked = { 0 };
   MakeSessionKeyColonPasswordDigest(
      tHelloUnpacked.algorithm,
      tServerChallenge.challengeblobsize,
      (char*)tServerChallenge.challengeblob,
      szLocalPassword,
      tChallengeUnpacked.challengereplyblobsize,
      tChallengeUnpacked.challengereplyblob
   );
#if DEBUG
	char digest[255] = { 0 };
	char source[255] = { 0 };
	GetDigestString(tHelloUnpacked.algorithm, (char*)&tChallengeUnpacked.challengereplyblob, digest);
	GetDigestString(tHelloUnpacked.algorithm, (char*)&tServerChallenge.challengeblob, source);
	cout << "Server's challenge: " << source << "[" << tServerChallenge.challengeblobsize << "]" << endl;
	cout << "Our response to server's challenge:      " << digest << "[" << tChallengeUnpacked.challengereplyblobsize << "]" << endl;
#endif // DEBUG
   // session key we make up, and set here our encryption key to go with it
	uuid_t uniquekey;
	FillWithRandomLongs(&uniquekey, sizeof(uniquekey));
	char sessionkey[EMaxSmallBufferSize];
	GetUUIDString((uuid_t*)&uniquekey, sessionkey);
	unsigned long ulSessionKeySize = strlen(sessionkey);
   tChallengeUnpacked.sessionkeysize = ulSessionKeySize;
   memcpy(tChallengeUnpacked.sessionkey, sessionkey, ulSessionKeySize);
	MakeSessionKeyColonPasswordDigestString(
      tHelloUnpacked.algorithm,
	   tChallengeUnpacked.sessionkeysize,
	   tChallengeUnpacked.sessionkey,
      szLocalPassword,
	   szMasterToGlobalEncryptionKey
	   );
/*
#if DEBUG
     	cout << "X-Tunnels: DoGlobalOrMasterServerLogin using password '" << szLocalPassword <<"' encryption=" << tHelloUnpacked.algorithm << ":" << endl;
      cout << "Server's (our) sent session key: " << sessionkey << " }[" << ulSessionKeySize << "] " << endl;
     	cout << "Calculated encryption key      : " << szMasterToGlobalEncryptionKey << " }[" << strlen(szMasterToGlobalEncryptionKey) << "] " << endl;
#endif //DEBUG
*/
   // now pack and send it
	ulPacketsize = 
	   sizeof(tChallengeUnpacked.challengereplyblobsize)
	   + tChallengeUnpacked.challengereplyblobsize
	   + sizeof(tChallengeUnpacked.sessionkeysize)
	   + tChallengeUnpacked.sessionkeysize;
	g_tSendingPacket.m_tHeaderBasic.commandid = HOST2XT32(EMessageChallengeReply);
	g_tSendingPacket.m_tHeaderBasic.payloadsize = HOST2XT32(ulPacketsize);
   char* pCurrentPayloadOffset = g_tSendingPacket.m_tData.m_pPayload;
   *(unsigned long*)pCurrentPayloadOffset = HOST2XT32(tChallengeUnpacked.challengereplyblobsize);
   pCurrentPayloadOffset += sizeof(tChallengeUnpacked.challengereplyblobsize);
   memcpy(pCurrentPayloadOffset, tChallengeUnpacked.challengereplyblob, tChallengeUnpacked.challengereplyblobsize);
   pCurrentPayloadOffset += tChallengeUnpacked.challengereplyblobsize;
   *(unsigned short*)pCurrentPayloadOffset = HOST2XT16(tChallengeUnpacked.sessionkeysize);
   pCurrentPayloadOffset += sizeof(tChallengeUnpacked.sessionkeysize);
   memcpy(pCurrentPayloadOffset, tChallengeUnpacked.sessionkey, tChallengeUnpacked.sessionkeysize);
   pCurrentPayloadOffset += tChallengeUnpacked.sessionkeysize;
	if (SendPacketToGlobalOrMasterServer(&g_tSendingPacket, ulPacketsize, ulPacketIndex, lEncryptionType, iGlobalOrMasterSocket, szMasterToGlobalEncryptionKey))
		{
		iResult = XCipher::EErrorCommunicationGlobalServer;
		goto bail;
		}
   }

   // master server <-- CXgsMarshal_GlobalServerCommunication_ChallengeReply <-- global server
   {
   pReceivedPacket = GetGlobalOrMasterServerPacket(lEncryptionType, iGlobalOrMasterSocket, EMessageChallengeReply, szGlobalToMasterDecryptionKey);
   if (!pReceivedPacket)
		{
#if DEBUG
		   cout << "PROTOCOL ERROR: GetGlobalOrMasterServerPacket() failed to get EMessageChallengeReply!!" << endl;
#endif // DEBUG
		iResult = XCipher::EErrorProtocolGlobalServer;
		goto bail;
		}
   char szServersReplyToClientChallenge[EMaxSmallBufferSize] = { 0 };
	unsigned long ulBlobSize = XT2HOST32(pReceivedPacket->m_tData.challengereply.challengereplyblobsize);
   char* szPackedChallengeReplyData = pReceivedPacket->m_tData.challengereply.challengereplyblob;
	memcpy(szServersReplyToClientChallenge, szPackedChallengeReplyData, ulBlobSize);
	szPackedChallengeReplyData += ulBlobSize;
   unsigned short usSessionKeySize = XT2HOST16(*(unsigned short*)szPackedChallengeReplyData);
   szPackedChallengeReplyData += sizeof(unsigned short);
   char* szSessionKey = szPackedChallengeReplyData;
	{
   char szClientsAnswerToClientChallenge[EMaxSmallBufferSize] = { 0 };
   unsigned long ulDigestSize = 0;
   MakeSessionKeyColonPasswordDigest(
      tHelloUnpacked.algorithm,
      tHelloUnpacked.challengeblobsize,
      (char*)&tHelloUnpacked.challengeblob,
      (char*)szLocalPassword,
   	ulDigestSize,
   	(char*)szClientsAnswerToClientChallenge
   	);
	bool isOK = 0 == memcmp(szClientsAnswerToClientChallenge, szServersReplyToClientChallenge, ulBlobSize);
	if (!isOK)
		{
#if DEBUG
	   cout << "PROTOCOL ERROR: child " << getpid() << " DoGlobalOrMasterServerLogin() failed " << ulBlobSize << " byte challenge compare!!" << endl;
   	char digest[255] = { 0 };
   	char server[255] = { 0 };
   	char source[255] = { 0 };
   	GetDigestString(tHelloUnpacked.algorithm, szClientsAnswerToClientChallenge, digest);
   	GetDigestString(tHelloUnpacked.algorithm, szServersReplyToClientChallenge, server);
   	GetDigestString(tHelloUnpacked.algorithm, (char*)&tHelloUnpacked.challengeblob, source);
   	cout << "Our challenge: " << source << "[" << tHelloUnpacked.challengeblobsize << "]" << endl;
   	cout << "Our response to our challenge:      " << digest << "[" << ulDigestSize << "]" << endl;
   	cout << "Server's response to our challenge: " << server << "[" << ulBlobSize << "]" << endl;
#endif // DEBUG
		iResult = XCipher::EErrorProtocolGlobalServer;
		goto bail;
		}
	MakeSessionKeyColonPasswordDigestString(
      tHelloUnpacked.algorithm,
	   usSessionKeySize,
	   szSessionKey,
      szLocalPassword,
	   szGlobalToMasterDecryptionKey
	   );
/*
#if DEBUG
     	cout << "X-Tunnels: DoGlobalOrMasterServerLogin using password '" << szLocalPassword <<"' encryption=" << tHelloUnpacked.algorithm << ":" << endl;
     	cout << "Client (them) sent session key: " << szSessionKey << " }[" << usSessionKeySize << "] " << endl;
     	cout << "Calculated decryption key     : " << szGlobalToMasterDecryptionKey << " }[" << strlen(szGlobalToMasterDecryptionKey) << "] " << endl;
#endif // DEBUG
*/
	}
   }

   // master server --> CXgsMarshal_GlobalServerCommunication_Ready --> global server
	ulPacketsize = 0;
	g_tSendingPacket.m_tHeaderBasic.commandid = HOST2XT32(XCipher::EMessageGlobalServerCommunication_Ready);
	g_tSendingPacket.m_tHeaderBasic.payloadsize = HOST2XT32(ulPacketsize);
	if (SendPacketToGlobalOrMasterServer(&g_tSendingPacket, ulPacketsize, ulPacketIndex, lEncryptionType, iGlobalOrMasterSocket, szMasterToGlobalEncryptionKey))
		{
		iResult = XCipher::EErrorCommunicationGlobalServer;
		goto bail;
		}

   // master server <-- CXgsMarshal_GlobalServerCommunication_Ready <-- global server
   pReceivedPacket = GetGlobalOrMasterServerPacket(lEncryptionType, iGlobalOrMasterSocket, XCipher::EMessageGlobalServerCommunication_Ready, szGlobalToMasterDecryptionKey);
   if (!pReceivedPacket)