xtunnelsfamilydata.cpp

xtunnel nat/fw traversal source code

   const char* szCommandName = "?";
   switch (g_tReceivedPacket.m_tHeaderBasic.commandid)
      {
      case EMessagePing:
         szCommandName = "Ping";
         break;
      case EMessageVersion:
         szCommandName = "Version";
         break;
      case EMessageChallengeReply:
         szCommandName = "ChallengeReply";
         break;
      case EMessageDisconnect:
         szCommandName = "Disconnect";
         break;
      case EMessageClientHello:
         szCommandName = "ClientHello";
         break;
      case EMessageClientReady:
         szCommandName = "ClientReady";
         break;
      case EMessageClientRequestSinglePort:
         szCommandName = "ClientRequestSinglePort";
         break;
      case EMessageClientRequestEvenBasedPortPair:
         szCommandName = "ClientRequestEvenBasedPortPair";
         break;
      case EMessageClientRequestClosePort:
         szCommandName = "ClientRequestClosePort";
         break;
      case EMessageClientRequestSendPacket:
         szCommandName = "ClientRequestSendPacket";
         bAnnouncePacket = false;
         break;
      case EMessageClientRequestTestUDPRedirectPortCheck:
         szCommandName = "ClientRequestTestUDPRedirectPortCheck";
         break;
      case EMessageClientRequestBindRedirectPortUDPToIP:
         szCommandName = "ClientRequestBindRedirectPortUDPToIP";
         break;
      case EMessageClientRequestBindTestUDPRedirectPortReply:
         szCommandName = "ClientRequestBindTestUDPRedirectPortReply";
         break;
      case EMessageClientRequestBindUDPRedirectPortPacketForward:
         szCommandName = "ClientRequestBindUDPRedirectPortPacketForward";
         break;
      case EMessageServerChallenge:
         szCommandName = "ServerChallenge";
         break;
      case EMessageServerReady:
         szCommandName = "ServerReady";
         break;
      case EMessageServerPortsAvailable:
         szCommandName = "ServerPortsAvailable";
         break;
      case EMessageServerPacketArrived:
         szCommandName = "ServerPacketArrived";
         break;
      case EMessageServerReplyTestUDPRedirectPortCheck:
         szCommandName = "ServerReplyTestUDPRedirectPortCheck";
         break;
      case EMessageServerReplyBindTestUDPRedirectPortReply:
         szCommandName = "ServerReplyBindTestUDPRedirectPortReply";
         break;
      case EMessage_ServerToClient_NotifyServerSupport:
         szCommandName = "ServerToClient_NotifyServerSupport";
         break;
      case EMessageGlobalServerCommunication_Ready:
         szCommandName = "GlobalServerCommunication_Ready";
         break;
      /*
      case EMessageGlobalServerCommunication_MasterServerToGlobalServer_RequestSecureHostKeyPair:
         szCommandName = "GlobalServerCommunication_MasterServerToGlobalServer_RequestSecureHostKeyPair";
         break;
      case EMessageGlobalServerCommunication_GlobalServerToMasterServer_ReplySecureHostKeyPair:
         szCommandName = "GlobalServerCommunication_GlobalServerToMasterServer_ReplySecureHostKeyPair";
         break;
      case EMessageGlobalServerCommunication_GlobalServerToMasterServer_ReplySecureHostKeyPairError:
         szCommandName = "GlobalServerCommunication_GlobalServerToMasterServer_ReplySecureHostKeyPairError";
         break;
      */
      default:
         break;
      }
   if (bAnnouncePacket)
   	cout << "X-Tunnels: " <<szWhoWeIs << " got " << (iReceiveUDPSocket ? "UDP" : "TCP") << " packet { " 
   	      << g_tReceivedPacket.m_tHeaderBasic.commandid << "(" << szCommandName << "), " 
   	      << g_tReceivedPacket.m_tHeaderBasic.payloadsize << " } " 
   	      << (encrypted ? "" : "not " ) << "encrypted" << endl;
#endif //DEBUG
	if (g_tReceivedPacket.m_tHeaderBasic.payloadsize > EMaxPacketDataSize)
		{
		// this counts as a protocol error, no nice goodbye
#if DEBUG
		cout << "X-Tunnels: " << szWhoWeIs << " got basic packet payload over " << EMaxPacketDataSize << " limit! " << endl;
#endif //DEBUG
      return NULL;
		}

	if (encrypted)
		{
		g_tParsedPacket.m_tHeaderBasic = g_tReceivedPacket.m_tHeaderBasic;
		
		toread = sizeof(TXTunnelsPacketHeaderEncrypt);

      if (iReceiveUDPSocket)
         {
         tDidReadSize = min<int>(toread, udpPacketTotal);
         udpPacketTotal -= tDidReadSize;
         }
      else
      	tDidReadSize = readblock(iReceiveTCPSocket, &g_tReceivedPacket.m_tEncrypt.m_tSpecs, toread);

		if (tDidReadSize != toread)
			{
#if DEBUG
			cout << "X-Tunnels: " << szWhoWeIs << " received " << tDidReadSize << " not " << toread << " packet encrypt header bytes" << endl;
#endif //DEBUG
         return NULL;
			}
			
		ulPacketEncryption = XT2HOST32(g_tReceivedPacket.m_tEncrypt.m_tSpecs.m_ulAlgorithm);
		g_tReceivedPacket.m_tEncrypt.m_tSpecs.decryptsize = XT2HOST32(g_tReceivedPacket.m_tEncrypt.m_tSpecs.decryptsize);
	   if (g_tReceivedPacket.m_tEncrypt.m_tSpecs.decryptsize > EMaxPacketDataSize)
		   {
		   // this counts as a protocol error, no nice goodbye
#if DEBUG
		   cout << "X-Tunnels: " << szWhoWeIs << " got decrypted packet payload over " << EMaxPacketDataSize << " limit! " << endl;
#endif //DEBUG
         return NULL;
		   }

/*
#if DEBUG
      cout << "X-Tunnels: " << szWhoWeIs << " got packet with encryption { " 
	         << ulPacketEncryption << ", " << g_tReceivedPacket.m_tEncrypt.m_tSpecs.decryptsize 
	         << " }, decrypting with " << szPassword << endl;
#endif //DEBUG
*/		
		// read into a buffer then decompress to regular packet
		unsigned long ulEncryptedSize = g_tReceivedPacket.m_tHeaderBasic.payloadsize - sizeof(TXTunnelsPacketHeaderEncrypt);
		char* pEncryptedSource = g_tReceivedPacket.m_tEncrypt.m_pEncryptedData;
		toread = ulEncryptedSize;

      if (iReceiveUDPSocket)
         {
         tDidReadSize = min<int>(toread, udpPacketTotal);
         udpPacketTotal -= tDidReadSize;
         }
      else
      	tDidReadSize = readblock(iReceiveTCPSocket, pEncryptedSource, toread);

		if (tDidReadSize != toread)
			{
#if DEBUG
			cout << "X-Tunnels: " << szWhoWeIs << " received " << tDidReadSize << " not " << toread << " encrypted data bytes" << endl;
#endif //DEBUG
         return NULL;
			}

		int decryptErr = 0;
		unsigned long ulDecryptedSize = g_tReceivedPacket.m_tEncrypt.m_tSpecs.decryptsize;
		char* pDecryptedDestination = reinterpret_cast<char*>(&g_tParsedPacket.m_tData);
		switch (ulPacketEncryption)
			{
			case EAlgorithm_None:
#if DEBUG
				cout << "PROTOCOL ERROR: encrypted with algorithm none??" << endl;
#endif //DEBUG
				return NULL;
			case EAlgorithm_Triple_DES:
				decryptErr = DecryptTripleDES(pDecryptedDestination, ulDecryptedSize, pEncryptedSource, ulEncryptedSize, szPassword);
/*
#if DEBUG
				cout << "X-Tunnels: ReceivePacket DecryptTripleDES'd " << ulEncryptedSize << " bytes " << endl;
#endif //DEBUG
*/
				break;
			case EAlgorithm_AES_128_Bits:
				decryptErr = DecryptAES128(pDecryptedDestination, ulDecryptedSize, pEncryptedSource, ulEncryptedSize, szPassword);
/*
#if DEBUG
				cout << "X-Tunnels: ReceivePacket DecryptAES128'd " << ulEncryptedSize << " bytes " << endl;
#endif //DEBUG
*/
				break;
			case EAlgorithm_AES_192_Bits:
				decryptErr = DecryptAES192(pDecryptedDestination, ulDecryptedSize, pEncryptedSource, ulEncryptedSize, szPassword);
/*
#if DEBUG
				cout << "X-Tunnels: ReceivePacket DecryptAES192'd " << ulEncryptedSize << " bytes " << endl;
#endif //DEBUG
*/
				break;
			case EAlgorithm_AES_256_Bits:
				decryptErr = DecryptAES256(pDecryptedDestination, ulDecryptedSize, pEncryptedSource, ulEncryptedSize, szPassword);
/*
#if DEBUG
				cout << "X-Tunnels: ReceivePacket DecryptAES256'd " << ulEncryptedSize << " bytes " << endl;
#endif //DEBUG
*/
				break;
			case EAlgorithm_MD5:
			case EAlgorithm_SHA1:
			default:
#if DEBUG
				cout << "X-Tunnels: ReceivePacket got unknown encryption method " << ulPacketEncryption << endl;
#endif //DEBUG
				//sQuitReason = kDisconnectReasonWrongVersion;
				//sQuitMessage = sMessageBadEncryption;
            return NULL;
			}
		if (decryptErr)
			{
#if DEBUG
				cout << "X-Tunnels: ReceivePacket failed decrypting " << ulPacketEncryption << endl;
#endif //DEBUG
				//sQuitReason = kDisconnectReasonMustClose;
				//sQuitMessage = sMessageFailedDecryption;
            return NULL;
			}

	   // for transmit, always match encryption of last client buffer received 
	   lInOutEncryptionType = ulPacketEncryption;

      // fix parsed size and handle the packet
      g_tParsedPacket.m_tHeaderBasic.payloadsize = g_tReceivedPacket.m_tEncrypt.m_tSpecs.decryptsize;
      
      pUnencryptedPacket = &g_tParsedPacket;
		}
	else
		{
		// read straight into regular packet
		toread = g_tReceivedPacket.m_tHeaderBasic.payloadsize;

      if (iReceiveUDPSocket)
         {
         tDidReadSize = min<int>(toread, udpPacketTotal);
         udpPacketTotal -= tDidReadSize;
         }
      else
      	tDidReadSize = readblock(iReceiveTCPSocket, &g_tReceivedPacket.m_tData, toread);

		if (tDidReadSize != toread)
			{
#if DEBUG
			cout << "X-Tunnels: " << szWhoWeIs << " received " << tDidReadSize << " not " << toread << " unencrypted " << (iReceiveUDPSocket ? "UDP" : "TCP") << " data bytes, errno is " << errno << endl;
#endif //DEBUG
         return NULL;
			}

	   // -- but can't eliminate encryption completely!
	   if (EAlgorithm_None != lInOutEncryptionType)
	      {
#if DEBUG
         cout << "PROTOCOL ERROR: tried to send an unencrypted packet after an encrypted one?" << endl;
#endif //DEBUG

         // discard if UDP, protocol error immediate shutdown if TCP
	      return NULL;
         }
         
      pUnencryptedPacket = &g_tReceivedPacket;
		}

   // check magic number and index out of payload
   if (pUnencryptedPacket)
      {
    	unsigned long ulMagicNumber = XT2HOST32(pUnencryptedPacket->m_tData.m_ulPacketMagicNumber);
    	pUnencryptedPacket->m_tData.m_ulPacketMagicNumber = ulMagicNumber;
      //pUnencryptedPacket->m_tHeaderBasic.payloadsize -= sizeof(ulMagicNumber);
	   unsigned long ulPacketIndex = XT2HOST32(pUnencryptedPacket->m_tData.m_ulPacketIndex);
    	pUnencryptedPacket->m_tData.m_ulPacketIndex = ulPacketIndex;
      //pUnencryptedPacket->m_tHeaderBasic.payloadsize -= sizeof(ulPacketIndex);

   	if (ulMagicNumber != EPacketMagicNumber)
   	   {
#if DEBUG
		   cout << "PROTOCOL ERROR: ReceivePacket() failed magic number ("
		      << EPacketMagicNumber << ") check with " << ulMagicNumber << "! " << endl;
#endif // DEBUG
         pUnencryptedPacket = NULL;
	      }
	
	   // ulPacketIndex not currently checked
      }
	
	return pUnencryptedPacket;
   }

// 1 = MD5 - m_pChallengeBlob is a unqiue ID which opposite side must pass into an 
// MD5 algorithm as "uniqueID:password" and reply with the result
// must reply with blob of string of MD5 result, without final NUL byte, 
// blob size is the string length
// EAlgorithm_SHA1 = 6,
// -- m_pChallengeBlob is a unqiue ID which opposite side must pass into an SHA1 algorithm 
// as "uniqueID:password" and reply with the result
// must reply with blob of string of SHA1 result, without final NUL byte,
// blob size is the string length
// HMAC is always 20 bytes long

void MakeSessionKeyColonPasswordDigest(
   unsigned long ulEncryptionType,
   unsigned long ulSessionKeySize,
   const char* szSessionKey,
   const char* szPassword,
	unsigned long& ulOutDigestSize,
	char* pOutDigest
	)
	{
   ulOutDigestSize = 0;
   pOutDigest[0] = 0;
   if (!szPassword)
      {
#if DEBUG
         cout << "MakeSessionKeyColonPasswordDigest: called with NULL password?? " << endl;
#endif //DEBUG
      return;
      }

	switch (ulEncryptionType)
	   {
	   case EAlgorithm_MD5:
#if DEBUG
         //cout << "MakeSessionKeyColonPasswordDigest: calculating MD5 digest " << endl;
#endif //DEBUG
      	MakeMD5SessionKeyColonPasswordDigest(
      	   ulSessionKeySize,
      	   szSessionKey,
      	   szPassword,
      	   ulOutDigestSize,
      	   pOutDigest
      	   );
         break;
	   case EAlgorithm_SHA1:
#if DEBUG
         //cout << "MakeSessionKeyColonPasswordDigest: calculating SHA1 digest " << endl;
#endif //DEBUG
      	MakeSHA1SessionKeyColonPasswordDigest(
      	   ulSessionKeySize,
      	   szSessionKey,
      	   szPassword,
      	   ulOutDigestSize,
      	   pOutDigest
      	   );
         break;
      default:
         break;
      }
	}