1
0
mirror of https://github.com/PurpleI2P/i2pd.git synced 2025-01-10 04:07:52 +00:00
i2pd/NTCPSession.cpp

968 lines
28 KiB
C++
Raw Normal View History

2013-09-10 01:35:46 +00:00
#include <string.h>
#include <stdlib.h>
#include "I2PEndian.h"
2013-09-10 01:35:46 +00:00
#include <cryptopp/dh.h>
#include "base64.h"
#include "Log.h"
2014-01-10 03:26:30 +00:00
#include "Timestamp.h"
2013-09-10 01:35:46 +00:00
#include "CryptoConst.h"
#include "I2NPProtocol.h"
#include "RouterContext.h"
#include "Transports.h"
2014-10-24 19:39:53 +00:00
#include "NetDb.h"
2013-09-10 01:35:46 +00:00
#include "NTCPSession.h"
using namespace i2p::crypto;
namespace i2p
{
namespace transport
2013-09-10 01:35:46 +00:00
{
2015-01-11 22:41:56 +00:00
NTCPSession::NTCPSession (NTCPServer& server, std::shared_ptr<const i2p::data::RouterInfo> in_RemoteRouter):
TransportSession (in_RemoteRouter), m_Server (server), m_Socket (m_Server.GetService ()),
2015-02-07 01:53:48 +00:00
m_TerminationTimer (m_Server.GetService ()), m_IsEstablished (false), m_IsTerminated (false),
m_ReceiveBufferOffset (0), m_NextMessage (nullptr), m_IsSending (false),
m_NumSentBytes (0), m_NumReceivedBytes (0)
2013-09-10 01:35:46 +00:00
{
m_DHKeysPair = transports.GetNextDHKeysPair ();
2014-09-12 02:15:20 +00:00
m_Establisher = new Establisher;
2013-09-10 01:35:46 +00:00
}
2013-10-27 15:23:15 +00:00
2014-04-04 17:30:13 +00:00
NTCPSession::~NTCPSession ()
{
2014-09-12 02:15:20 +00:00
delete m_Establisher;
2014-04-04 17:30:13 +00:00
}
2014-11-02 01:53:45 +00:00
void NTCPSession::CreateAESKey (uint8_t * pubKey, i2p::crypto::AESKey& key)
2013-09-10 01:35:46 +00:00
{
CryptoPP::DH dh (elgp, elgg);
2014-04-15 21:44:44 +00:00
uint8_t sharedKey[256];
if (!dh.Agree (sharedKey, m_DHKeysPair->privateKey, pubKey))
2013-09-10 01:35:46 +00:00
{
2014-11-25 17:33:51 +00:00
LogPrint (eLogError, "Couldn't create shared key");
2013-09-10 01:35:46 +00:00
Terminate ();
return;
};
2014-11-02 01:53:45 +00:00
uint8_t * aesKey = key;
if (sharedKey[0] & 0x80)
2013-09-10 01:35:46 +00:00
{
aesKey[0] = 0;
memcpy (aesKey + 1, sharedKey, 31);
2013-09-10 01:35:46 +00:00
}
else if (sharedKey[0])
memcpy (aesKey, sharedKey, 32);
else
{
// find first non-zero byte
uint8_t * nonZero = sharedKey + 1;
while (!*nonZero)
{
nonZero++;
if (nonZero - sharedKey > 32)
{
2014-11-25 17:33:51 +00:00
LogPrint (eLogWarning, "First 32 bytes of shared key is all zeros. Ignored");
return;
}
}
memcpy (aesKey, nonZero, 32);
}
2013-09-10 01:35:46 +00:00
}
2015-02-07 01:53:48 +00:00
void NTCPSession::Done ()
{
m_Server.GetService ().post (std::bind (&NTCPSession::Terminate, shared_from_this ()));
}
2013-09-10 01:35:46 +00:00
void NTCPSession::Terminate ()
{
2015-02-07 01:53:48 +00:00
if (!m_IsTerminated)
{
m_IsTerminated = true;
m_IsEstablished = false;
m_Socket.close ();
transports.PeerDisconnected (shared_from_this ());
m_Server.RemoveNTCPSession (shared_from_this ());
for (auto it: m_SendQueue)
DeleteI2NPMessage (it);
m_SendQueue.clear ();
if (m_NextMessage)
{
i2p::DeleteI2NPMessage (m_NextMessage);
m_NextMessage = nullptr;
}
m_TerminationTimer.cancel ();
2015-02-07 01:53:48 +00:00
LogPrint (eLogInfo, "NTCP session terminated");
}
2013-10-23 02:43:29 +00:00
}
void NTCPSession::Connected ()
{
m_IsEstablished = true;
2013-10-27 15:23:15 +00:00
2014-09-12 02:15:20 +00:00
delete m_Establisher;
m_Establisher = nullptr;
delete m_DHKeysPair;
m_DHKeysPair = nullptr;
2013-10-27 15:23:15 +00:00
SendTimeSyncMessage ();
PostI2NPMessage (CreateDatabaseStoreMsg ()); // we tell immediately who we are
2013-10-27 15:23:15 +00:00
2015-01-13 03:53:35 +00:00
transports.PeerConnected (shared_from_this ());
2013-09-10 01:35:46 +00:00
}
void NTCPSession::ClientLogin ()
{
2014-09-21 00:10:34 +00:00
if (!m_DHKeysPair)
m_DHKeysPair = transports.GetNextDHKeysPair ();
2013-09-10 01:35:46 +00:00
// send Phase1
2014-04-04 17:30:13 +00:00
const uint8_t * x = m_DHKeysPair->publicKey;
2014-09-12 02:15:20 +00:00
memcpy (m_Establisher->phase1.pubKey, x, 256);
CryptoPP::SHA256().CalculateDigest(m_Establisher->phase1.HXxorHI, x, 256);
2014-10-24 19:39:53 +00:00
const uint8_t * ident = m_RemoteIdentity.GetIdentHash ();
2013-09-10 01:35:46 +00:00
for (int i = 0; i < 32; i++)
2014-09-12 02:15:20 +00:00
m_Establisher->phase1.HXxorHI[i] ^= ident[i];
2013-09-10 01:35:46 +00:00
2014-09-12 02:15:20 +00:00
boost::asio::async_write (m_Socket, boost::asio::buffer (&m_Establisher->phase1, sizeof (NTCPPhase1)), boost::asio::transfer_all (),
2014-11-25 21:30:15 +00:00
std::bind(&NTCPSession::HandlePhase1Sent, shared_from_this (), std::placeholders::_1, std::placeholders::_2));
ScheduleTermination ();
2013-09-10 01:35:46 +00:00
}
void NTCPSession::ServerLogin ()
{
2015-02-10 18:05:08 +00:00
boost::system::error_code ec;
auto ep = m_Socket.remote_endpoint(ec);
if (!ec)
{
m_ConnectedFrom = ep.address ();
// receive Phase1
boost::asio::async_read (m_Socket, boost::asio::buffer(&m_Establisher->phase1, sizeof (NTCPPhase1)), boost::asio::transfer_all (),
std::bind(&NTCPSession::HandlePhase1Received, shared_from_this (),
std::placeholders::_1, std::placeholders::_2));
ScheduleTermination ();
}
2013-09-10 01:35:46 +00:00
}
void NTCPSession::HandlePhase1Sent (const boost::system::error_code& ecode, std::size_t bytes_transferred)
{
if (ecode)
{
2015-01-21 17:08:15 +00:00
LogPrint (eLogError, "Couldn't send Phase 1 message: ", ecode.message ());
2014-09-22 17:28:46 +00:00
if (ecode != boost::asio::error::operation_aborted)
Terminate ();
2013-09-10 01:35:46 +00:00
}
else
{
boost::asio::async_read (m_Socket, boost::asio::buffer(&m_Establisher->phase2, sizeof (NTCPPhase2)), boost::asio::transfer_all (),
2014-11-25 21:30:15 +00:00
std::bind(&NTCPSession::HandlePhase2Received, shared_from_this (),
std::placeholders::_1, std::placeholders::_2));
2013-09-10 01:35:46 +00:00
}
}
void NTCPSession::HandlePhase1Received (const boost::system::error_code& ecode, std::size_t bytes_transferred)
{
if (ecode)
{
2014-11-25 17:33:51 +00:00
LogPrint (eLogError, "Phase 1 read error: ", ecode.message ());
2014-09-22 17:28:46 +00:00
if (ecode != boost::asio::error::operation_aborted)
Terminate ();
2013-09-10 01:35:46 +00:00
}
else
{
// verify ident
uint8_t digest[32];
2014-09-12 02:15:20 +00:00
CryptoPP::SHA256().CalculateDigest(digest, m_Establisher->phase1.pubKey, 256);
2013-09-10 01:35:46 +00:00
const uint8_t * ident = i2p::context.GetRouterInfo ().GetIdentHash ();
for (int i = 0; i < 32; i++)
{
2014-09-12 02:15:20 +00:00
if ((m_Establisher->phase1.HXxorHI[i] ^ ident[i]) != digest[i])
2013-09-10 01:35:46 +00:00
{
2014-11-25 17:33:51 +00:00
LogPrint (eLogError, "Wrong ident");
2013-09-10 01:35:46 +00:00
Terminate ();
return;
}
}
SendPhase2 ();
}
}
void NTCPSession::SendPhase2 ()
{
2014-09-21 00:10:34 +00:00
if (!m_DHKeysPair)
m_DHKeysPair = transports.GetNextDHKeysPair ();
2014-04-04 17:30:13 +00:00
const uint8_t * y = m_DHKeysPair->publicKey;
2014-09-12 02:15:20 +00:00
memcpy (m_Establisher->phase2.pubKey, y, 256);
2013-09-10 01:35:46 +00:00
uint8_t xy[512];
2014-09-12 02:15:20 +00:00
memcpy (xy, m_Establisher->phase1.pubKey, 256);
2013-09-10 01:35:46 +00:00
memcpy (xy + 256, y, 256);
2014-09-12 02:15:20 +00:00
CryptoPP::SHA256().CalculateDigest(m_Establisher->phase2.encrypted.hxy, xy, 512);
2014-01-10 03:26:30 +00:00
uint32_t tsB = htobe32 (i2p::util::GetSecondsSinceEpoch ());
2014-09-12 02:15:20 +00:00
m_Establisher->phase2.encrypted.timestamp = tsB;
2013-09-10 01:35:46 +00:00
// TODO: fill filler
2014-11-02 01:53:45 +00:00
i2p::crypto::AESKey aesKey;
2014-09-12 02:15:20 +00:00
CreateAESKey (m_Establisher->phase1.pubKey, aesKey);
2014-05-07 02:30:09 +00:00
m_Encryption.SetKey (aesKey);
m_Encryption.SetIV (y + 240);
m_Decryption.SetKey (aesKey);
2014-09-12 02:15:20 +00:00
m_Decryption.SetIV (m_Establisher->phase1.HXxorHI + 16);
2013-09-10 01:35:46 +00:00
2014-09-12 02:15:20 +00:00
m_Encryption.Encrypt ((uint8_t *)&m_Establisher->phase2.encrypted, sizeof(m_Establisher->phase2.encrypted), (uint8_t *)&m_Establisher->phase2.encrypted);
boost::asio::async_write (m_Socket, boost::asio::buffer (&m_Establisher->phase2, sizeof (NTCPPhase2)), boost::asio::transfer_all (),
2014-11-25 21:30:15 +00:00
std::bind(&NTCPSession::HandlePhase2Sent, shared_from_this (), std::placeholders::_1, std::placeholders::_2, tsB));
2013-09-10 01:35:46 +00:00
}
void NTCPSession::HandlePhase2Sent (const boost::system::error_code& ecode, std::size_t bytes_transferred, uint32_t tsB)
{
if (ecode)
{
2015-01-21 17:08:15 +00:00
LogPrint (eLogError, "Couldn't send Phase 2 message: ", ecode.message ());
2014-09-22 17:28:46 +00:00
if (ecode != boost::asio::error::operation_aborted)
Terminate ();
2013-09-10 01:35:46 +00:00
}
else
{
2014-11-25 17:33:51 +00:00
boost::asio::async_read (m_Socket, boost::asio::buffer(m_ReceiveBuffer, NTCP_DEFAULT_PHASE3_SIZE), boost::asio::transfer_all (),
2014-11-25 21:30:15 +00:00
std::bind(&NTCPSession::HandlePhase3Received, shared_from_this (),
std::placeholders::_1, std::placeholders::_2, tsB));
2013-09-10 01:35:46 +00:00
}
}
void NTCPSession::HandlePhase2Received (const boost::system::error_code& ecode, std::size_t bytes_transferred)
{
if (ecode)
{
2015-01-21 17:08:15 +00:00
LogPrint (eLogError, "Phase 2 read error: ", ecode.message (), ". Wrong ident assumed");
2014-09-22 17:28:46 +00:00
if (ecode != boost::asio::error::operation_aborted)
{
2014-10-24 19:39:53 +00:00
// this RI is not valid
i2p::data::netdb.SetUnreachable (GetRemoteIdentity ().GetIdentHash (), true);
transports.ReuseDHKeysPair (m_DHKeysPair);
2014-09-22 17:28:46 +00:00
m_DHKeysPair = nullptr;
Terminate ();
}
2013-09-10 01:35:46 +00:00
}
else
{
2014-11-02 01:53:45 +00:00
i2p::crypto::AESKey aesKey;
2014-09-12 02:15:20 +00:00
CreateAESKey (m_Establisher->phase2.pubKey, aesKey);
2014-05-07 02:30:09 +00:00
m_Decryption.SetKey (aesKey);
2014-09-12 02:15:20 +00:00
m_Decryption.SetIV (m_Establisher->phase2.pubKey + 240);
2014-05-07 02:30:09 +00:00
m_Encryption.SetKey (aesKey);
2014-09-12 02:15:20 +00:00
m_Encryption.SetIV (m_Establisher->phase1.HXxorHI + 16);
2013-09-10 01:35:46 +00:00
2014-09-12 02:15:20 +00:00
m_Decryption.Decrypt((uint8_t *)&m_Establisher->phase2.encrypted, sizeof(m_Establisher->phase2.encrypted), (uint8_t *)&m_Establisher->phase2.encrypted);
2013-09-10 01:35:46 +00:00
// verify
2014-12-22 02:32:21 +00:00
uint8_t xy[512];
2014-04-04 17:30:13 +00:00
memcpy (xy, m_DHKeysPair->publicKey, 256);
2014-09-12 02:15:20 +00:00
memcpy (xy + 256, m_Establisher->phase2.pubKey, 256);
2014-12-22 02:32:21 +00:00
if (!CryptoPP::SHA256().VerifyDigest(m_Establisher->phase2.encrypted.hxy, xy, 512))
2013-09-10 01:35:46 +00:00
{
2014-11-25 17:33:51 +00:00
LogPrint (eLogError, "Incorrect hash");
transports.ReuseDHKeysPair (m_DHKeysPair);
2014-09-18 15:11:51 +00:00
m_DHKeysPair = nullptr;
2013-09-10 01:35:46 +00:00
Terminate ();
return ;
}
SendPhase3 ();
}
}
void NTCPSession::SendPhase3 ()
{
2014-11-25 15:59:29 +00:00
auto keys = i2p::context.GetPrivateKeys ();
uint8_t * buf = m_ReceiveBuffer;
htobe16buf (buf, keys.GetPublic ().GetFullLen ());
2014-11-25 15:59:29 +00:00
buf += 2;
buf += i2p::context.GetIdentity ().ToBuffer (buf, NTCP_BUFFER_SIZE);
2014-01-10 03:26:30 +00:00
uint32_t tsA = htobe32 (i2p::util::GetSecondsSinceEpoch ());
htobuf32(buf,tsA);
2014-11-25 15:59:29 +00:00
buf += 4;
size_t signatureLen = keys.GetPublic ().GetSignatureLen ();
size_t len = (buf - m_ReceiveBuffer) + signatureLen;
size_t paddingSize = len & 0x0F; // %16
if (paddingSize > 0)
{
paddingSize = 16 - paddingSize;
// TODO: fill padding with random data
buf += paddingSize;
len += paddingSize;
}
2013-09-10 01:35:46 +00:00
SignedData s;
s.Insert (m_Establisher->phase1.pubKey, 256); // x
s.Insert (m_Establisher->phase2.pubKey, 256); // y
2014-10-28 15:47:28 +00:00
s.Insert (m_RemoteIdentity.GetIdentHash (), 32); // ident
s.Insert (tsA); // tsA
s.Insert (m_Establisher->phase2.encrypted.timestamp); // tsB
2014-11-25 15:59:29 +00:00
s.Sign (keys, buf);
2013-09-10 01:35:46 +00:00
2014-11-25 15:59:29 +00:00
m_Encryption.Encrypt(m_ReceiveBuffer, len, m_ReceiveBuffer);
boost::asio::async_write (m_Socket, boost::asio::buffer (m_ReceiveBuffer, len), boost::asio::transfer_all (),
2014-11-25 21:30:15 +00:00
std::bind(&NTCPSession::HandlePhase3Sent, shared_from_this (), std::placeholders::_1, std::placeholders::_2, tsA));
2013-09-10 01:35:46 +00:00
}
void NTCPSession::HandlePhase3Sent (const boost::system::error_code& ecode, std::size_t bytes_transferred, uint32_t tsA)
{
if (ecode)
{
2015-01-21 17:08:15 +00:00
LogPrint (eLogError, "Couldn't send Phase 3 message: ", ecode.message ());
2014-09-22 17:28:46 +00:00
if (ecode != boost::asio::error::operation_aborted)
Terminate ();
2013-09-10 01:35:46 +00:00
}
else
{
2014-11-24 20:26:57 +00:00
// wait for phase4
2014-11-25 15:14:18 +00:00
auto signatureLen = m_RemoteIdentity.GetSignatureLen ();
size_t paddingSize = signatureLen & 0x0F; // %16
if (paddingSize > 0) signatureLen += (16 - paddingSize);
boost::asio::async_read (m_Socket, boost::asio::buffer(m_ReceiveBuffer, signatureLen), boost::asio::transfer_all (),
2014-11-25 21:30:15 +00:00
std::bind(&NTCPSession::HandlePhase4Received, shared_from_this (),
std::placeholders::_1, std::placeholders::_2, tsA));
2013-09-10 01:35:46 +00:00
}
}
void NTCPSession::HandlePhase3Received (const boost::system::error_code& ecode, std::size_t bytes_transferred, uint32_t tsB)
{
if (ecode)
{
2014-11-25 17:33:51 +00:00
LogPrint (eLogError, "Phase 3 read error: ", ecode.message ());
2014-09-22 17:28:46 +00:00
if (ecode != boost::asio::error::operation_aborted)
Terminate ();
2013-09-10 01:35:46 +00:00
}
else
{
2014-11-25 17:33:51 +00:00
m_Decryption.Decrypt (m_ReceiveBuffer, bytes_transferred, m_ReceiveBuffer);
uint8_t * buf = m_ReceiveBuffer;
uint16_t size = bufbe16toh (buf);
2014-11-25 17:33:51 +00:00
m_RemoteIdentity.FromBuffer (buf + 2, size);
if (m_Server.FindNTCPSession (m_RemoteIdentity.GetIdentHash ()))
{
LogPrint (eLogError, "NTCP session already exists");
Terminate ();
}
2014-11-25 17:33:51 +00:00
size_t expectedSize = size + 2/*size*/ + 4/*timestamp*/ + m_RemoteIdentity.GetSignatureLen ();
size_t paddingLen = expectedSize & 0x0F;
if (paddingLen) paddingLen = (16 - paddingLen);
if (expectedSize > NTCP_DEFAULT_PHASE3_SIZE)
{
// we need more bytes for Phase3
expectedSize += paddingLen;
boost::asio::async_read (m_Socket, boost::asio::buffer(m_ReceiveBuffer + NTCP_DEFAULT_PHASE3_SIZE, expectedSize), boost::asio::transfer_all (),
2014-11-25 21:30:15 +00:00
std::bind(&NTCPSession::HandlePhase3ExtraReceived, shared_from_this (),
std::placeholders::_1, std::placeholders::_2, tsB, paddingLen));
2014-11-25 17:33:51 +00:00
}
2014-11-25 19:29:06 +00:00
else
HandlePhase3 (tsB, paddingLen);
2014-11-25 17:33:51 +00:00
}
}
void NTCPSession::HandlePhase3ExtraReceived (const boost::system::error_code& ecode, std::size_t bytes_transferred, uint32_t tsB, size_t paddingLen)
{
if (ecode)
{
LogPrint (eLogError, "Phase 3 extra read error: ", ecode.message ());
if (ecode != boost::asio::error::operation_aborted)
2013-09-10 01:35:46 +00:00
Terminate ();
2014-11-25 17:33:51 +00:00
}
else
{
m_Decryption.Decrypt (m_ReceiveBuffer + NTCP_DEFAULT_PHASE3_SIZE, bytes_transferred, m_ReceiveBuffer+ NTCP_DEFAULT_PHASE3_SIZE);
HandlePhase3 (tsB, paddingLen);
}
}
void NTCPSession::HandlePhase3 (uint32_t tsB, size_t paddingLen)
{
uint8_t * buf = m_ReceiveBuffer + m_RemoteIdentity.GetFullLen () + 2 /*size*/;
uint32_t tsA = buf32toh(buf);
2014-11-25 17:33:51 +00:00
buf += 4;
buf += paddingLen;
2013-09-10 01:35:46 +00:00
2014-11-25 17:33:51 +00:00
SignedData s;
s.Insert (m_Establisher->phase1.pubKey, 256); // x
s.Insert (m_Establisher->phase2.pubKey, 256); // y
s.Insert (i2p::context.GetRouterInfo ().GetIdentHash (), 32); // ident
s.Insert (tsA); // tsA
s.Insert (tsB); // tsB
if (!s.Verify (m_RemoteIdentity, buf))
{
LogPrint (eLogError, "signature verification failed");
Terminate ();
return;
2013-09-10 01:35:46 +00:00
}
2014-11-25 17:33:51 +00:00
SendPhase4 (tsA, tsB);
2013-09-10 01:35:46 +00:00
}
2014-11-25 15:35:35 +00:00
void NTCPSession::SendPhase4 (uint32_t tsA, uint32_t tsB)
2013-09-10 01:35:46 +00:00
{
SignedData s;
s.Insert (m_Establisher->phase1.pubKey, 256); // x
s.Insert (m_Establisher->phase2.pubKey, 256); // y
s.Insert (m_RemoteIdentity.GetIdentHash (), 32); // ident
2014-11-25 15:35:35 +00:00
s.Insert (tsA); // tsA
s.Insert (tsB); // tsB
2014-11-24 20:26:57 +00:00
auto keys = i2p::context.GetPrivateKeys ();
2014-11-25 15:14:18 +00:00
auto signatureLen = keys.GetPublic ().GetSignatureLen ();
s.Sign (keys, m_ReceiveBuffer);
size_t paddingSize = signatureLen & 0x0F; // %16
if (paddingSize > 0) signatureLen += (16 - paddingSize);
m_Encryption.Encrypt (m_ReceiveBuffer, signatureLen, m_ReceiveBuffer);
2013-09-10 01:35:46 +00:00
2014-11-25 15:14:18 +00:00
boost::asio::async_write (m_Socket, boost::asio::buffer (m_ReceiveBuffer, signatureLen), boost::asio::transfer_all (),
2014-11-25 21:30:15 +00:00
std::bind(&NTCPSession::HandlePhase4Sent, shared_from_this (), std::placeholders::_1, std::placeholders::_2));
2013-09-10 01:35:46 +00:00
}
void NTCPSession::HandlePhase4Sent (const boost::system::error_code& ecode, std::size_t bytes_transferred)
{
if (ecode)
{
2014-11-25 17:33:51 +00:00
LogPrint (eLogWarning, "Couldn't send Phase 4 message: ", ecode.message ());
2014-09-22 17:28:46 +00:00
if (ecode != boost::asio::error::operation_aborted)
Terminate ();
2013-09-10 01:35:46 +00:00
}
else
{
2015-01-21 17:08:15 +00:00
LogPrint (eLogInfo, "NTCP server session from ", m_Socket.remote_endpoint (), " connected");
2015-01-11 22:41:56 +00:00
m_Server.AddNTCPSession (shared_from_this ());
2014-11-25 19:29:06 +00:00
2013-10-23 02:43:29 +00:00
Connected ();
2013-09-10 01:35:46 +00:00
m_ReceiveBufferOffset = 0;
2013-10-27 15:23:15 +00:00
m_NextMessage = nullptr;
2013-09-10 01:35:46 +00:00
Receive ();
}
}
void NTCPSession::HandlePhase4Received (const boost::system::error_code& ecode, std::size_t bytes_transferred, uint32_t tsA)
{
if (ecode)
{
2015-01-21 17:08:15 +00:00
LogPrint (eLogError, "Phase 4 read error: ", ecode.message (), ". Check your clock");
2014-09-22 17:28:46 +00:00
if (ecode != boost::asio::error::operation_aborted)
{
2014-10-24 19:39:53 +00:00
// this router doesn't like us
i2p::data::netdb.SetUnreachable (GetRemoteIdentity ().GetIdentHash (), true);
2014-09-22 17:28:46 +00:00
Terminate ();
}
2013-09-10 01:35:46 +00:00
}
else
{
2014-11-25 15:14:18 +00:00
m_Decryption.Decrypt(m_ReceiveBuffer, bytes_transferred, m_ReceiveBuffer);
2013-09-10 01:35:46 +00:00
// verify signature
SignedData s;
s.Insert (m_Establisher->phase1.pubKey, 256); // x
s.Insert (m_Establisher->phase2.pubKey, 256); // y
s.Insert (i2p::context.GetRouterInfo ().GetIdentHash (), 32); // ident
s.Insert (tsA); // tsA
s.Insert (m_Establisher->phase2.encrypted.timestamp); // tsB
2013-09-10 01:35:46 +00:00
2014-11-25 15:14:18 +00:00
if (!s.Verify (m_RemoteIdentity, m_ReceiveBuffer))
2013-09-10 01:35:46 +00:00
{
2014-11-25 17:33:51 +00:00
LogPrint (eLogError, "signature verification failed");
2013-09-10 01:35:46 +00:00
Terminate ();
return;
}
2015-01-21 17:08:15 +00:00
LogPrint (eLogInfo, "NTCP session to ", m_Socket.remote_endpoint (), " connected");
2013-10-23 02:43:29 +00:00
Connected ();
2013-10-27 15:23:15 +00:00
2013-09-10 01:35:46 +00:00
m_ReceiveBufferOffset = 0;
2013-10-27 15:23:15 +00:00
m_NextMessage = nullptr;
2013-09-10 01:35:46 +00:00
Receive ();
}
}
void NTCPSession::Receive ()
{
2014-09-12 02:15:20 +00:00
m_Socket.async_read_some (boost::asio::buffer(m_ReceiveBuffer + m_ReceiveBufferOffset, NTCP_BUFFER_SIZE - m_ReceiveBufferOffset),
2014-11-25 21:30:15 +00:00
std::bind(&NTCPSession::HandleReceived, shared_from_this (),
std::placeholders::_1, std::placeholders::_2));
2013-09-10 01:35:46 +00:00
}
void NTCPSession::HandleReceived (const boost::system::error_code& ecode, std::size_t bytes_transferred)
{
if (ecode)
{
2014-11-25 17:33:51 +00:00
LogPrint (eLogError, "Read error: ", ecode.message ());
2015-02-10 18:05:08 +00:00
if (!m_NumReceivedBytes) m_Server.Ban (m_ConnectedFrom);
2014-11-01 21:15:59 +00:00
//if (ecode != boost::asio::error::operation_aborted)
2014-09-22 17:28:46 +00:00
Terminate ();
2013-09-10 01:35:46 +00:00
}
else
{
m_NumReceivedBytes += bytes_transferred;
2013-09-10 01:35:46 +00:00
m_ReceiveBufferOffset += bytes_transferred;
2013-10-27 15:23:15 +00:00
if (m_ReceiveBufferOffset >= 16)
2013-09-10 01:35:46 +00:00
{
int numReloads = 0;
do
{
uint8_t * nextBlock = m_ReceiveBuffer;
while (m_ReceiveBufferOffset >= 16)
2014-09-18 15:11:51 +00:00
{
if (!DecryptNextBlock (nextBlock)) // 16 bytes
{
Terminate ();
return;
}
nextBlock += 16;
m_ReceiveBufferOffset -= 16;
}
if (m_ReceiveBufferOffset > 0)
memcpy (m_ReceiveBuffer, nextBlock, m_ReceiveBufferOffset);
// try to read more
if (numReloads < 5)
{
2015-02-14 22:20:21 +00:00
boost::system::error_code ec;
size_t moreBytes = m_Socket.available(ec);
if (moreBytes)
{
if (moreBytes > NTCP_BUFFER_SIZE - m_ReceiveBufferOffset)
moreBytes = NTCP_BUFFER_SIZE - m_ReceiveBufferOffset;
moreBytes = m_Socket.read_some (boost::asio::buffer (m_ReceiveBuffer + m_ReceiveBufferOffset, moreBytes));
if (ec)
{
LogPrint (eLogError, "Read more bytes error: ", ec.message ());
Terminate ();
return;
}
m_NumReceivedBytes += moreBytes;
m_ReceiveBufferOffset += moreBytes;
numReloads++;
}
2014-09-18 15:11:51 +00:00
}
2013-09-10 01:35:46 +00:00
}
while (m_ReceiveBufferOffset >= 16);
2015-01-23 03:00:41 +00:00
m_Handler.Flush ();
2013-09-10 01:35:46 +00:00
}
ScheduleTermination (); // reset termination timer
2013-09-10 01:35:46 +00:00
Receive ();
}
}
2014-09-18 15:11:51 +00:00
bool NTCPSession::DecryptNextBlock (const uint8_t * encrypted) // 16 bytes
2013-09-10 01:35:46 +00:00
{
2013-10-27 15:23:15 +00:00
if (!m_NextMessage) // new message, header expected
2013-09-10 01:35:46 +00:00
{
2013-10-27 15:23:15 +00:00
m_NextMessage = i2p::NewI2NPMessage ();
m_NextMessageOffset = 0;
2014-05-14 18:54:01 +00:00
m_Decryption.Decrypt (encrypted, m_NextMessage->buf);
uint16_t dataSize = bufbe16toh (m_NextMessage->buf);
2013-10-27 15:23:15 +00:00
if (dataSize)
{
// new message
2014-08-27 14:02:23 +00:00
if (dataSize > NTCP_MAX_MESSAGE_SIZE)
{
2014-11-25 17:33:51 +00:00
LogPrint (eLogError, "NTCP data size ", dataSize, " exceeds max size");
2014-08-27 14:02:23 +00:00
i2p::DeleteI2NPMessage (m_NextMessage);
m_NextMessage = nullptr;
2014-09-18 15:11:51 +00:00
return false;
2014-08-27 14:02:23 +00:00
}
m_NextMessageOffset += 16;
m_NextMessage->offset = 2; // size field
m_NextMessage->len = dataSize + 2;
2013-09-10 01:35:46 +00:00
}
2013-10-27 15:23:15 +00:00
else
{
2013-10-27 15:23:15 +00:00
// timestamp
LogPrint ("Timestamp");
i2p::DeleteI2NPMessage (m_NextMessage);
m_NextMessage = nullptr;
2014-09-18 15:11:51 +00:00
return true;
}
2013-10-27 15:23:15 +00:00
}
else // message continues
{
2014-05-14 18:54:01 +00:00
m_Decryption.Decrypt (encrypted, m_NextMessage->buf + m_NextMessageOffset);
2013-10-27 15:23:15 +00:00
m_NextMessageOffset += 16;
}
2013-09-10 01:35:46 +00:00
2013-10-27 15:23:15 +00:00
if (m_NextMessageOffset >= m_NextMessage->len + 4) // +checksum
{
// we have a complete I2NP message
2015-01-23 03:00:41 +00:00
m_Handler.PutNextMessage (m_NextMessage);
m_NextMessage = nullptr;
2014-09-18 15:11:51 +00:00
}
return true;
2013-10-27 15:23:15 +00:00
}
2013-09-10 01:35:46 +00:00
void NTCPSession::Send (i2p::I2NPMessage * msg)
{
2015-01-28 00:12:27 +00:00
m_IsSending = true;
boost::asio::async_write (m_Socket, CreateMsgBuffer (msg), boost::asio::transfer_all (),
2015-01-21 17:08:15 +00:00
std::bind(&NTCPSession::HandleSent, shared_from_this (), std::placeholders::_1, std::placeholders::_2, std::vector<I2NPMessage *>{ msg }));
}
boost::asio::const_buffers_1 NTCPSession::CreateMsgBuffer (I2NPMessage * msg)
2013-09-10 01:35:46 +00:00
{
uint8_t * sendBuffer;
int len;
if (msg)
{
// regular I2NP
if (msg->offset < 2)
{
2014-11-25 17:33:51 +00:00
LogPrint (eLogError, "Malformed I2NP message");
i2p::DeleteI2NPMessage (msg);
}
sendBuffer = msg->GetBuffer () - 2;
len = msg->GetLength ();
htobe16buf (sendBuffer, len);
}
else
{
// prepare timestamp
sendBuffer = m_TimeSyncBuffer;
len = 4;
htobuf16(sendBuffer, 0);
htobe32buf (sendBuffer + 2, time (0));
}
int rem = (len + 6) & 0x0F; // %16
2013-09-10 01:35:46 +00:00
int padding = 0;
if (rem > 0) padding = 16 - rem;
// TODO: fill padding
2013-10-23 02:43:29 +00:00
m_Adler.CalculateDigest (sendBuffer + len + 2 + padding, sendBuffer, len + 2+ padding);
2013-09-10 01:35:46 +00:00
int l = len + padding + 6;
2014-05-07 02:30:09 +00:00
m_Encryption.Encrypt(sendBuffer, l, sendBuffer);
return boost::asio::buffer ((const uint8_t *)sendBuffer, l);
}
2015-01-21 17:08:15 +00:00
2013-09-10 01:35:46 +00:00
void NTCPSession::Send (const std::vector<I2NPMessage *>& msgs)
{
2015-01-28 00:12:27 +00:00
m_IsSending = true;
std::vector<boost::asio::const_buffer> bufs;
for (auto it: msgs)
bufs.push_back (CreateMsgBuffer (it));
boost::asio::async_write (m_Socket, bufs, boost::asio::transfer_all (),
2015-01-21 17:08:15 +00:00
std::bind(&NTCPSession::HandleSent, shared_from_this (), std::placeholders::_1, std::placeholders::_2, msgs));
}
2015-01-21 17:08:15 +00:00
void NTCPSession::HandleSent (const boost::system::error_code& ecode, std::size_t bytes_transferred, std::vector<I2NPMessage *> msgs)
{
2015-01-28 00:12:27 +00:00
m_IsSending = false;
for (auto it: msgs)
if (it) i2p::DeleteI2NPMessage (it);
if (ecode)
{
LogPrint (eLogWarning, "Couldn't send msgs: ", ecode.message ());
// we shouldn't call Terminate () here, because HandleReceive takes care
// TODO: 'delete this' statement in Terminate () must be eliminated later
// Terminate ();
}
else
{
m_NumSentBytes += bytes_transferred;
2015-01-28 00:12:27 +00:00
if (!m_SendQueue.empty())
{
Send (m_SendQueue);
m_SendQueue.clear ();
}
else
ScheduleTermination (); // reset termination timer
}
}
2013-09-10 01:35:46 +00:00
void NTCPSession::SendTimeSyncMessage ()
{
Send (nullptr);
2013-09-10 01:35:46 +00:00
}
2013-10-23 02:43:29 +00:00
void NTCPSession::SendI2NPMessage (I2NPMessage * msg)
2015-01-12 02:00:38 +00:00
{
m_Server.GetService ().post (std::bind (&NTCPSession::PostI2NPMessage, shared_from_this (), msg));
}
void NTCPSession::PostI2NPMessage (I2NPMessage * msg)
2013-10-23 02:43:29 +00:00
{
if (msg)
2015-01-28 00:12:27 +00:00
{
if (m_IsTerminated)
{
DeleteI2NPMessage (msg);
return;
}
2015-01-28 00:12:27 +00:00
if (m_IsSending)
m_SendQueue.push_back (msg);
else
Send (msg);
}
2013-11-29 12:52:09 +00:00
}
2015-01-21 02:05:57 +00:00
void NTCPSession::SendI2NPMessages (const std::vector<I2NPMessage *>& msgs)
{
m_Server.GetService ().post (std::bind (&NTCPSession::PostI2NPMessages, shared_from_this (), msgs));
}
void NTCPSession::PostI2NPMessages (std::vector<I2NPMessage *> msgs)
{
if (m_IsTerminated)
{
for (auto it: msgs)
DeleteI2NPMessage (it);
return;
}
2015-01-28 00:12:27 +00:00
if (m_IsSending)
{
for (auto it: msgs)
m_SendQueue.push_back (it);
}
else
Send (msgs);
2015-01-21 02:05:57 +00:00
}
2015-01-12 02:00:38 +00:00
2013-11-29 12:52:09 +00:00
void NTCPSession::ScheduleTermination ()
{
m_TerminationTimer.cancel ();
2014-04-08 01:40:28 +00:00
m_TerminationTimer.expires_from_now (boost::posix_time::seconds(NTCP_TERMINATION_TIMEOUT));
2014-11-25 21:30:15 +00:00
m_TerminationTimer.async_wait (std::bind (&NTCPSession::HandleTerminationTimer,
shared_from_this (), std::placeholders::_1));
2013-11-29 12:52:09 +00:00
}
void NTCPSession::HandleTerminationTimer (const boost::system::error_code& ecode)
{
if (ecode != boost::asio::error::operation_aborted)
{
2014-04-08 01:40:28 +00:00
LogPrint ("No activity fo ", NTCP_TERMINATION_TIMEOUT, " seconds");
2014-11-01 21:15:59 +00:00
//Terminate ();
m_Socket.close ();// invoke Terminate () from HandleReceive
2013-10-23 02:43:29 +00:00
}
}
2015-01-11 22:41:56 +00:00
//-----------------------------------------
NTCPServer::NTCPServer (int port):
m_IsRunning (false), m_Thread (nullptr), m_Work (m_Service),
m_NTCPAcceptor (nullptr), m_NTCPV6Acceptor (nullptr)
{
}
NTCPServer::~NTCPServer ()
{
Stop ();
}
void NTCPServer::Start ()
{
if (!m_IsRunning)
{
m_IsRunning = true;
m_Thread = new std::thread (std::bind (&NTCPServer::Run, this));
// create acceptors
auto addresses = context.GetRouterInfo ().GetAddresses ();
for (auto& address : addresses)
{
if (address.transportStyle == i2p::data::RouterInfo::eTransportNTCP && address.host.is_v4 ())
{
m_NTCPAcceptor = new boost::asio::ip::tcp::acceptor (m_Service,
boost::asio::ip::tcp::endpoint(boost::asio::ip::tcp::v4(), address.port));
2015-01-21 17:08:15 +00:00
LogPrint (eLogInfo, "Start listening TCP port ", address.port);
2015-01-11 22:41:56 +00:00
auto conn = std::make_shared<NTCPSession>(*this);
m_NTCPAcceptor->async_accept(conn->GetSocket (), std::bind (&NTCPServer::HandleAccept, this,
conn, std::placeholders::_1));
if (context.SupportsV6 ())
{
m_NTCPV6Acceptor = new boost::asio::ip::tcp::acceptor (m_Service);
m_NTCPV6Acceptor->open (boost::asio::ip::tcp::v6());
m_NTCPV6Acceptor->set_option (boost::asio::ip::v6_only (true));
m_NTCPV6Acceptor->bind (boost::asio::ip::tcp::endpoint(boost::asio::ip::tcp::v6(), address.port));
m_NTCPV6Acceptor->listen ();
2015-01-21 17:08:15 +00:00
LogPrint (eLogInfo, "Start listening V6 TCP port ", address.port);
2015-01-11 22:41:56 +00:00
auto conn = std::make_shared<NTCPSession> (*this);
m_NTCPV6Acceptor->async_accept(conn->GetSocket (), std::bind (&NTCPServer::HandleAcceptV6,
this, conn, std::placeholders::_1));
}
}
}
}
}
void NTCPServer::Stop ()
{
m_NTCPSessions.clear ();
if (m_IsRunning)
{
m_IsRunning = false;
delete m_NTCPAcceptor;
m_NTCPAcceptor = nullptr;
delete m_NTCPV6Acceptor;
m_NTCPV6Acceptor = nullptr;
m_Service.stop ();
if (m_Thread)
{
m_Thread->join ();
delete m_Thread;
m_Thread = nullptr;
}
}
}
void NTCPServer::Run ()
{
while (m_IsRunning)
{
try
{
m_Service.run ();
}
catch (std::exception& ex)
{
LogPrint ("NTCP server: ", ex.what ());
}
}
}
void NTCPServer::AddNTCPSession (std::shared_ptr<NTCPSession> session)
{
if (session)
2015-01-12 17:15:54 +00:00
{
std::unique_lock<std::mutex> l(m_NTCPSessionsMutex);
2015-01-11 22:41:56 +00:00
m_NTCPSessions[session->GetRemoteIdentity ().GetIdentHash ()] = session;
2015-01-12 17:15:54 +00:00
}
2015-01-11 22:41:56 +00:00
}
void NTCPServer::RemoveNTCPSession (std::shared_ptr<NTCPSession> session)
{
if (session)
2015-01-12 17:15:54 +00:00
{
std::unique_lock<std::mutex> l(m_NTCPSessionsMutex);
2015-01-11 22:41:56 +00:00
m_NTCPSessions.erase (session->GetRemoteIdentity ().GetIdentHash ());
2015-01-12 17:15:54 +00:00
}
2015-01-11 22:41:56 +00:00
}
std::shared_ptr<NTCPSession> NTCPServer::FindNTCPSession (const i2p::data::IdentHash& ident)
{
2015-01-12 17:15:54 +00:00
std::unique_lock<std::mutex> l(m_NTCPSessionsMutex);
2015-01-11 22:41:56 +00:00
auto it = m_NTCPSessions.find (ident);
if (it != m_NTCPSessions.end ())
return it->second;
return nullptr;
}
void NTCPServer::HandleAccept (std::shared_ptr<NTCPSession> conn, const boost::system::error_code& error)
{
if (!error)
{
2015-02-06 18:49:00 +00:00
boost::system::error_code ec;
auto ep = conn->GetSocket ().remote_endpoint(ec);
if (!ec)
{
LogPrint (eLogInfo, "Connected from ", ep);
2015-02-10 18:05:08 +00:00
auto it = m_BanList.find (ep.address ());
if (it != m_BanList.end ())
{
uint32_t ts = i2p::util::GetSecondsSinceEpoch ();
if (ts < it->second)
{
LogPrint (eLogInfo, ep.address (), " is banned for ", it->second - ts, " more seconds");
conn = nullptr;
}
else
m_BanList.erase (it);
}
if (conn)
conn->ServerLogin ();
2015-02-06 18:49:00 +00:00
}
else
LogPrint (eLogError, "Connected from error ", ec.message ());
2015-01-11 22:41:56 +00:00
}
if (error != boost::asio::error::operation_aborted)
{
conn = std::make_shared<NTCPSession> (*this);
m_NTCPAcceptor->async_accept(conn->GetSocket (), std::bind (&NTCPServer::HandleAccept, this,
conn, std::placeholders::_1));
}
}
void NTCPServer::HandleAcceptV6 (std::shared_ptr<NTCPSession> conn, const boost::system::error_code& error)
{
if (!error)
{
2015-02-06 18:49:00 +00:00
boost::system::error_code ec;
auto ep = conn->GetSocket ().remote_endpoint(ec);
if (!ec)
{
LogPrint (eLogInfo, "Connected from ", ep);
2015-02-10 20:54:07 +00:00
auto it = m_BanList.find (ep.address ());
if (it != m_BanList.end ())
{
uint32_t ts = i2p::util::GetSecondsSinceEpoch ();
if (ts < it->second)
{
LogPrint (eLogInfo, ep.address (), " is banned for ", it->second - ts, " more seconds");
conn = nullptr;
}
else
m_BanList.erase (it);
}
if (conn)
conn->ServerLogin ();
2015-02-06 18:49:00 +00:00
}
else
LogPrint (eLogError, "Connected from error ", ec.message ());
2015-01-11 22:41:56 +00:00
}
if (error != boost::asio::error::operation_aborted)
{
conn = std::make_shared<NTCPSession> (*this);
m_NTCPV6Acceptor->async_accept(conn->GetSocket (), std::bind (&NTCPServer::HandleAcceptV6, this,
conn, std::placeholders::_1));
}
}
void NTCPServer::Connect (const boost::asio::ip::address& address, int port, std::shared_ptr<NTCPSession> conn)
{
2015-01-21 17:08:15 +00:00
LogPrint (eLogInfo, "Connecting to ", address ,":", port);
2015-01-11 22:41:56 +00:00
m_Service.post([conn, this]()
{
this->AddNTCPSession (conn);
});
conn->GetSocket ().async_connect (boost::asio::ip::tcp::endpoint (address, port),
std::bind (&NTCPServer::HandleConnect, this, std::placeholders::_1, conn));
}
void NTCPServer::HandleConnect (const boost::system::error_code& ecode, std::shared_ptr<NTCPSession> conn)
{
if (ecode)
{
2015-01-21 17:08:15 +00:00
LogPrint (eLogError, "Connect error: ", ecode.message ());
2015-01-11 22:41:56 +00:00
if (ecode != boost::asio::error::operation_aborted)
i2p::data::netdb.SetUnreachable (conn->GetRemoteIdentity ().GetIdentHash (), true);
2015-02-06 16:14:41 +00:00
conn->Terminate ();
2015-01-11 22:41:56 +00:00
}
else
{
2015-01-21 17:08:15 +00:00
LogPrint (eLogInfo, "Connected to ", conn->GetSocket ().remote_endpoint ());
2015-01-11 22:41:56 +00:00
if (conn->GetSocket ().local_endpoint ().protocol () == boost::asio::ip::tcp::v6()) // ipv6
context.UpdateNTCPV6Address (conn->GetSocket ().local_endpoint ().address ());
conn->ClientLogin ();
}
}
2015-02-10 18:05:08 +00:00
void NTCPServer::Ban (const boost::asio::ip::address& addr)
{
uint32_t ts = i2p::util::GetSecondsSinceEpoch ();
m_BanList[addr] = ts + NTCP_BAN_EXPIRATION_TIMEOUT;
LogPrint (eLogInfo, addr, " has been banned for ", NTCP_BAN_EXPIRATION_TIMEOUT, " seconds");
}
2013-09-10 01:35:46 +00:00
}
}