1
0
mirror of https://github.com/PurpleI2P/i2pd.git synced 2025-01-22 16:34:13 +00:00
i2pd/libi2pd/NTCPSession.cpp

1313 lines
40 KiB
C++
Raw Normal View History

2013-09-09 21:35:46 -04:00
#include <string.h>
#include <stdlib.h>
#include <future>
#include "I2PEndian.h"
2015-11-03 09:15:49 -05:00
#include "Base.h"
2016-05-11 15:12:38 -04:00
#include "Crypto.h"
2013-09-09 21:35:46 -04:00
#include "Log.h"
2014-01-09 22:26:30 -05:00
#include "Timestamp.h"
2013-09-09 21:35:46 -04:00
#include "I2NPProtocol.h"
#include "RouterContext.h"
#include "Transports.h"
#include "NetDb.hpp"
2013-09-09 21:35:46 -04:00
#include "NTCPSession.h"
#include "HTTP.h"
2017-06-01 10:41:15 -04:00
#include "util.h"
2016-11-01 13:57:25 -04:00
#ifdef WITH_EVENTS
2016-10-20 09:12:15 -04:00
#include "Event.h"
2016-11-01 13:57:25 -04:00
#endif
2013-09-09 21:35:46 -04:00
using namespace i2p::crypto;
namespace i2p
{
namespace transport
2013-09-09 21:35:46 -04:00
{
2018-03-20 15:14:31 -04:00
struct NTCPWork
{
std::shared_ptr<NTCPSession> session;
};
2017-05-29 01:28:16 -04:00
NTCPSession::NTCPSession (NTCPServer& server, std::shared_ptr<const i2p::data::RouterInfo> in_RemoteRouter):
TransportSession (in_RemoteRouter, NTCP_ESTABLISH_TIMEOUT),
m_Server (server), m_Socket (m_Server.GetService ()),
m_IsEstablished (false), m_IsTerminated (false),
m_ReceiveBufferOffset (0), m_NextMessage (nullptr), m_IsSending (false)
2017-05-29 01:28:16 -04:00
{
2014-09-11 22:15:20 -04:00
m_Establisher = new Establisher;
2013-09-09 21:35:46 -04:00
}
2017-05-29 01:28:16 -04:00
2014-04-04 13:30:13 -04:00
NTCPSession::~NTCPSession ()
{
2014-09-11 22:15:20 -04:00
delete m_Establisher;
2014-04-04 13:30:13 -04:00
}
void NTCPSession::CreateAESKey (uint8_t * pubKey)
2013-09-09 21:35:46 -04:00
{
2014-04-15 17:44:44 -04:00
uint8_t sharedKey[256];
m_DHKeysPair->Agree (pubKey, sharedKey); // time consuming operation
2017-05-29 01:28:16 -04:00
i2p::crypto::AESKey aesKey;
if (sharedKey[0] & 0x80)
2013-09-09 21:35:46 -04:00
{
aesKey[0] = 0;
memcpy (aesKey + 1, sharedKey, 31);
2017-05-29 01:28:16 -04:00
}
else if (sharedKey[0])
memcpy (aesKey, sharedKey, 32);
else
{
// find first non-zero byte
uint8_t * nonZero = sharedKey + 1;
while (!*nonZero)
{
nonZero++;
if (nonZero - sharedKey > 32)
{
2015-12-18 04:15:05 +00:00
LogPrint (eLogWarning, "NTCP: First 32 bytes of shared key is all zeros, ignored");
return;
2017-05-29 01:28:16 -04:00
}
}
memcpy (aesKey, nonZero, 32);
}
m_Decryption.SetKey (aesKey);
m_Encryption.SetKey (aesKey);
2017-05-29 01:28:16 -04:00
}
2013-09-09 21:35:46 -04:00
2015-02-06 20:53:48 -05:00
void NTCPSession::Done ()
{
2017-05-29 01:28:16 -04:00
m_Server.GetService ().post (std::bind (&NTCPSession::Terminate, shared_from_this ()));
}
2013-09-09 21:35:46 -04:00
void NTCPSession::Terminate ()
{
2015-02-06 20:53:48 -05:00
if (!m_IsTerminated)
2017-05-29 01:28:16 -04:00
{
2015-02-06 20:53:48 -05:00
m_IsTerminated = true;
m_IsEstablished = false;
m_Socket.close ();
transports.PeerDisconnected (shared_from_this ());
m_Server.RemoveNTCPSession (shared_from_this ());
m_SendQueue.clear ();
m_NextMessage = nullptr;
2015-12-18 04:15:05 +00:00
LogPrint (eLogDebug, "NTCP: session terminated");
2017-05-29 01:28:16 -04:00
}
}
2013-10-22 22:43:29 -04:00
void NTCPSession::Connected ()
{
m_IsEstablished = true;
2013-10-27 11:23:15 -04:00
2014-09-11 22:15:20 -04:00
delete m_Establisher;
m_Establisher = nullptr;
2017-05-29 01:28:16 -04:00
m_DHKeysPair = nullptr;
SetTerminationTimeout (NTCP_TERMINATION_TIMEOUT);
2017-05-29 01:28:16 -04:00
SendTimeSyncMessage ();
2015-01-12 22:53:35 -05:00
transports.PeerConnected (shared_from_this ());
2017-05-29 01:28:16 -04:00
}
2018-02-20 12:40:28 -05:00
boost::asio::io_service & NTCPSession::GetService()
{
return m_Server.GetService();
}
2018-02-20 12:59:39 -05:00
2013-09-09 21:35:46 -04:00
void NTCPSession::ClientLogin ()
{
2014-09-20 20:10:34 -04:00
if (!m_DHKeysPair)
m_DHKeysPair = transports.GetNextDHKeysPair ();
2013-09-09 21:35:46 -04:00
// send Phase1
2015-11-03 09:15:49 -05:00
const uint8_t * x = m_DHKeysPair->GetPublicKey ();
2014-09-11 22:15:20 -04:00
memcpy (m_Establisher->phase1.pubKey, x, 256);
2015-11-03 09:15:49 -05:00
SHA256(x, 256, m_Establisher->phase1.HXxorHI);
const uint8_t * ident = m_RemoteIdentity->GetIdentHash ();
2013-09-09 21:35:46 -04:00
for (int i = 0; i < 32; i++)
2014-09-11 22:15:20 -04:00
m_Establisher->phase1.HXxorHI[i] ^= ident[i];
2017-05-29 01:28:16 -04:00
2014-09-11 22:15:20 -04:00
boost::asio::async_write (m_Socket, boost::asio::buffer (&m_Establisher->phase1, sizeof (NTCPPhase1)), boost::asio::transfer_all (),
2017-05-29 01:37:19 -04:00
std::bind(&NTCPSession::HandlePhase1Sent, shared_from_this (), std::placeholders::_1, std::placeholders::_2));
2017-05-29 01:28:16 -04:00
}
2013-09-09 21:35:46 -04:00
void NTCPSession::ServerLogin ()
{
m_LastActivityTimestamp = i2p::util::GetSecondsSinceEpoch ();
2016-12-31 10:51:42 -05:00
// receive Phase1
2017-05-29 01:28:16 -04:00
boost::asio::async_read (m_Socket, boost::asio::buffer(&m_Establisher->phase1, sizeof (NTCPPhase1)), boost::asio::transfer_all (),
std::bind(&NTCPSession::HandlePhase1Received, shared_from_this (),
2016-12-31 10:51:42 -05:00
std::placeholders::_1, std::placeholders::_2));
2017-05-29 01:28:16 -04:00
}
2013-09-09 21:35:46 -04:00
void NTCPSession::HandlePhase1Sent (const boost::system::error_code& ecode, std::size_t bytes_transferred)
{
(void) bytes_transferred;
2013-09-09 21:35:46 -04:00
if (ecode)
2017-05-29 01:35:11 -04:00
{
2016-01-27 21:54:42 -05:00
LogPrint (eLogInfo, "NTCP: couldn't send Phase 1 message: ", ecode.message ());
2014-09-22 13:28:46 -04:00
if (ecode != boost::asio::error::operation_aborted)
Terminate ();
2013-09-09 21:35:46 -04:00
}
else
2017-05-29 01:28:16 -04:00
{
boost::asio::async_read (m_Socket, boost::asio::buffer(&m_Establisher->phase2, sizeof (NTCPPhase2)), boost::asio::transfer_all (),
std::bind(&NTCPSession::HandlePhase2Received, shared_from_this (),
2014-11-25 16:30:15 -05:00
std::placeholders::_1, std::placeholders::_2));
2017-05-29 01:28:16 -04:00
}
}
2013-09-09 21:35:46 -04:00
void NTCPSession::HandlePhase1Received (const boost::system::error_code& ecode, std::size_t bytes_transferred)
{
(void) bytes_transferred;
2013-09-09 21:35:46 -04:00
if (ecode)
2017-05-29 01:35:11 -04:00
{
2016-01-27 21:54:42 -05:00
LogPrint (eLogInfo, "NTCP: phase 1 read error: ", ecode.message ());
2014-09-22 13:28:46 -04:00
if (ecode != boost::asio::error::operation_aborted)
Terminate ();
2013-09-09 21:35:46 -04:00
}
else
2017-05-29 01:28:16 -04:00
{
2013-09-09 21:35:46 -04:00
// verify ident
uint8_t digest[32];
2015-11-03 09:15:49 -05:00
SHA256(m_Establisher->phase1.pubKey, 256, digest);
const uint8_t * ident = i2p::context.GetIdentHash ();
2013-09-09 21:35:46 -04:00
for (int i = 0; i < 32; i++)
2017-05-29 01:28:16 -04:00
{
2014-09-11 22:15:20 -04:00
if ((m_Establisher->phase1.HXxorHI[i] ^ ident[i]) != digest[i])
2013-09-09 21:35:46 -04:00
{
2015-12-18 04:15:05 +00:00
LogPrint (eLogError, "NTCP: phase 1 error: ident mismatch");
2013-09-09 21:35:46 -04:00
Terminate ();
return;
2017-05-29 01:28:16 -04:00
}
}
// TODO: check for number of pending keys
2018-03-20 15:14:31 -04:00
auto work = new NTCPWork{shared_from_this()};
m_Server.Work(work->session, [work, this]() -> std::function<void(void)> {
2018-03-20 15:14:31 -04:00
if (!work->session->m_DHKeysPair)
work->session->m_DHKeysPair = transports.GetNextDHKeysPair ();
work->session->CreateAESKey (work->session->m_Establisher->phase1.pubKey);
return std::bind(&NTCPSession::SendPhase2, work->session, work);
2017-05-29 01:35:11 -04:00
});
2017-05-29 01:28:16 -04:00
}
}
2013-09-09 21:35:46 -04:00
2018-03-20 15:14:31 -04:00
void NTCPSession::SendPhase2 (NTCPWork * work)
2013-09-09 21:35:46 -04:00
{
2018-03-20 15:14:31 -04:00
if(work)
delete work;
2015-11-03 09:15:49 -05:00
const uint8_t * y = m_DHKeysPair->GetPublicKey ();
2014-09-11 22:15:20 -04:00
memcpy (m_Establisher->phase2.pubKey, y, 256);
2013-09-09 21:35:46 -04:00
uint8_t xy[512];
2014-09-11 22:15:20 -04:00
memcpy (xy, m_Establisher->phase1.pubKey, 256);
2013-09-09 21:35:46 -04:00
memcpy (xy + 256, y, 256);
2017-05-29 01:28:16 -04:00
SHA256(xy, 512, m_Establisher->phase2.encrypted.hxy);
2014-01-09 22:26:30 -05:00
uint32_t tsB = htobe32 (i2p::util::GetSecondsSinceEpoch ());
2016-01-11 19:03:04 -05:00
memcpy (m_Establisher->phase2.encrypted.timestamp, &tsB, 4);
RAND_bytes (m_Establisher->phase2.encrypted.filler, 12);
2013-09-09 21:35:46 -04:00
2014-05-06 22:30:09 -04:00
m_Encryption.SetIV (y + 240);
2014-09-11 22:15:20 -04:00
m_Decryption.SetIV (m_Establisher->phase1.HXxorHI + 16);
2018-02-20 13:04:39 -05:00
2014-09-11 22:15:20 -04:00
m_Encryption.Encrypt ((uint8_t *)&m_Establisher->phase2.encrypted, sizeof(m_Establisher->phase2.encrypted), (uint8_t *)&m_Establisher->phase2.encrypted);
2018-02-20 12:59:39 -05:00
boost::asio::async_write(m_Socket, boost::asio::buffer (&m_Establisher->phase2, sizeof (NTCPPhase2)), boost::asio::transfer_all(),
std::bind(&NTCPSession::HandlePhase2Sent, shared_from_this(), std::placeholders::_1, std::placeholders::_2, tsB));
2017-05-29 01:28:16 -04:00
}
2013-09-09 21:35:46 -04:00
void NTCPSession::HandlePhase2Sent (const boost::system::error_code& ecode, std::size_t bytes_transferred, uint32_t tsB)
{
(void) bytes_transferred;
2013-09-09 21:35:46 -04:00
if (ecode)
2017-05-29 01:35:11 -04:00
{
2016-01-27 21:54:42 -05:00
LogPrint (eLogInfo, "NTCP: Couldn't send Phase 2 message: ", ecode.message ());
2014-09-22 13:28:46 -04:00
if (ecode != boost::asio::error::operation_aborted)
Terminate ();
2013-09-09 21:35:46 -04:00
}
else
2017-05-29 01:28:16 -04:00
{
boost::asio::async_read (m_Socket, boost::asio::buffer(m_ReceiveBuffer, NTCP_DEFAULT_PHASE3_SIZE), boost::asio::transfer_all (),
std::bind(&NTCPSession::HandlePhase3Received, shared_from_this (),
2014-11-25 16:30:15 -05:00
std::placeholders::_1, std::placeholders::_2, tsB));
2017-05-29 01:28:16 -04:00
}
}
2013-09-09 21:35:46 -04:00
void NTCPSession::HandlePhase2Received (const boost::system::error_code& ecode, std::size_t bytes_transferred)
{
(void) bytes_transferred;
2013-09-09 21:35:46 -04:00
if (ecode)
2017-05-29 01:35:11 -04:00
{
2016-01-27 21:54:42 -05:00
LogPrint (eLogInfo, "NTCP: Phase 2 read error: ", ecode.message (), ". Wrong ident assumed");
2014-09-22 13:28:46 -04:00
if (ecode != boost::asio::error::operation_aborted)
{
2014-10-24 15:39:53 -04:00
// this RI is not valid
2015-11-03 09:15:49 -05:00
i2p::data::netdb.SetUnreachable (GetRemoteIdentity ()->GetIdentHash (), true);
transports.ReuseDHKeysPair (m_DHKeysPair);
2014-09-22 13:28:46 -04:00
m_DHKeysPair = nullptr;
Terminate ();
}
2013-09-09 21:35:46 -04:00
}
else
2017-05-29 01:28:16 -04:00
{
2018-03-20 15:14:31 -04:00
auto work = new NTCPWork{shared_from_this()};
m_Server.Work(work->session, [work, this]() -> std::function<void(void)> {
2018-03-20 15:14:31 -04:00
work->session->CreateAESKey (work->session->m_Establisher->phase2.pubKey);
return std::bind(&NTCPSession::HandlePhase2, work->session, work);
2018-02-20 11:43:13 -05:00
});
2017-05-29 01:28:16 -04:00
}
}
2013-09-09 21:35:46 -04:00
2018-03-20 15:14:31 -04:00
void NTCPSession::HandlePhase2 (NTCPWork * work)
{
2018-03-20 15:14:31 -04:00
if(work) delete work;
m_Decryption.SetIV (m_Establisher->phase2.pubKey + 240);
m_Encryption.SetIV (m_Establisher->phase1.HXxorHI + 16);
2018-02-20 13:03:34 -05:00
m_Decryption.Decrypt((uint8_t *)&m_Establisher->phase2.encrypted, sizeof(m_Establisher->phase2.encrypted), (uint8_t *)&m_Establisher->phase2.encrypted);
// verify
uint8_t xy[512];
memcpy (xy, m_DHKeysPair->GetPublicKey (), 256);
memcpy (xy + 256, m_Establisher->phase2.pubKey, 256);
uint8_t digest[32];
SHA256 (xy, 512, digest);
2017-05-29 01:28:16 -04:00
if (memcmp(m_Establisher->phase2.encrypted.hxy, digest, 32))
{
LogPrint (eLogError, "NTCP: Phase 2 process error: incorrect hash");
transports.ReuseDHKeysPair (m_DHKeysPair);
m_DHKeysPair = nullptr;
Terminate ();
return ;
2017-05-29 01:28:16 -04:00
}
SendPhase3 ();
2017-05-29 01:28:16 -04:00
}
2013-09-09 21:35:46 -04:00
void NTCPSession::SendPhase3 ()
{
2017-01-08 09:07:54 -05:00
auto& keys = i2p::context.GetPrivateKeys ();
2017-05-29 01:28:16 -04:00
uint8_t * buf = m_ReceiveBuffer;
2015-11-03 09:15:49 -05:00
htobe16buf (buf, keys.GetPublic ()->GetFullLen ());
2014-11-25 10:59:29 -05:00
buf += 2;
2015-11-03 09:15:49 -05:00
buf += i2p::context.GetIdentity ()->ToBuffer (buf, NTCP_BUFFER_SIZE);
2014-01-09 22:26:30 -05:00
uint32_t tsA = htobe32 (i2p::util::GetSecondsSinceEpoch ());
htobuf32(buf,tsA);
2017-05-29 01:28:16 -04:00
buf += 4;
2015-11-03 09:15:49 -05:00
size_t signatureLen = keys.GetPublic ()->GetSignatureLen ();
2014-11-25 10:59:29 -05:00
size_t len = (buf - m_ReceiveBuffer) + signatureLen;
size_t paddingSize = len & 0x0F; // %16
2017-05-29 01:28:16 -04:00
if (paddingSize > 0)
2014-11-25 10:59:29 -05:00
{
paddingSize = 16 - paddingSize;
// fill padding with random data
RAND_bytes(buf, paddingSize);
2014-11-25 10:59:29 -05:00
buf += paddingSize;
len += paddingSize;
}
2018-02-20 13:03:01 -05:00
2013-09-09 21:35:46 -04:00
SignedData s;
s.Insert (m_Establisher->phase1.pubKey, 256); // x
s.Insert (m_Establisher->phase2.pubKey, 256); // y
2015-11-03 09:15:49 -05:00
s.Insert (m_RemoteIdentity->GetIdentHash (), 32); // ident
2017-05-29 01:28:16 -04:00
s.Insert (tsA); // tsA
2016-01-11 19:03:04 -05:00
s.Insert (m_Establisher->phase2.encrypted.timestamp, 4); // tsB
2014-11-25 10:59:29 -05:00
s.Sign (keys, buf);
2018-02-20 13:03:01 -05:00
2017-05-29 01:28:16 -04:00
m_Encryption.Encrypt(m_ReceiveBuffer, len, m_ReceiveBuffer);
2014-11-25 10:59:29 -05:00
boost::asio::async_write (m_Socket, boost::asio::buffer (m_ReceiveBuffer, len), boost::asio::transfer_all (),
2018-02-20 12:59:39 -05:00
std::bind(&NTCPSession::HandlePhase3Sent, shared_from_this (), std::placeholders::_1, std::placeholders::_2, tsA));
2017-05-29 01:28:16 -04:00
}
2013-09-09 21:35:46 -04:00
void NTCPSession::HandlePhase3Sent (const boost::system::error_code& ecode, std::size_t bytes_transferred, uint32_t tsA)
{
2017-05-29 01:28:16 -04:00
(void) bytes_transferred;
2013-09-09 21:35:46 -04:00
if (ecode)
2017-05-29 01:35:11 -04:00
{
2016-01-27 21:54:42 -05:00
LogPrint (eLogInfo, "NTCP: Couldn't send Phase 3 message: ", ecode.message ());
2014-09-22 13:28:46 -04:00
if (ecode != boost::asio::error::operation_aborted)
Terminate ();
2013-09-09 21:35:46 -04:00
}
else
2017-05-29 01:28:16 -04:00
{
// wait for phase4
2015-11-03 09:15:49 -05:00
auto signatureLen = m_RemoteIdentity->GetSignatureLen ();
2014-11-25 10:14:18 -05:00
size_t paddingSize = signatureLen & 0x0F; // %16
2017-05-29 01:28:16 -04:00
if (paddingSize > 0) signatureLen += (16 - paddingSize);
boost::asio::async_read (m_Socket, boost::asio::buffer(m_ReceiveBuffer, signatureLen), boost::asio::transfer_all (),
std::bind(&NTCPSession::HandlePhase4Received, shared_from_this (),
2014-11-25 16:30:15 -05:00
std::placeholders::_1, std::placeholders::_2, tsA));
2017-05-29 01:28:16 -04:00
}
}
2013-09-09 21:35:46 -04:00
void NTCPSession::HandlePhase3Received (const boost::system::error_code& ecode, std::size_t bytes_transferred, uint32_t tsB)
2017-05-29 01:28:16 -04:00
{
2013-09-09 21:35:46 -04:00
if (ecode)
2017-05-29 01:35:11 -04:00
{
2016-01-27 21:54:42 -05:00
LogPrint (eLogInfo, "NTCP: Phase 3 read error: ", ecode.message ());
2014-09-22 13:28:46 -04:00
if (ecode != boost::asio::error::operation_aborted)
Terminate ();
2013-09-09 21:35:46 -04:00
}
else
2017-05-29 01:28:16 -04:00
{
2014-11-25 12:33:51 -05:00
m_Decryption.Decrypt (m_ReceiveBuffer, bytes_transferred, m_ReceiveBuffer);
uint8_t * buf = m_ReceiveBuffer;
uint16_t size = bufbe16toh (buf);
auto identity = std::make_shared<i2p::data::IdentityEx> (buf + 2, size);
if (m_Server.FindNTCPSession (identity->GetIdentHash ()))
{
2016-01-27 21:54:42 -05:00
LogPrint (eLogInfo, "NTCP: session already exists");
Terminate ();
2017-05-29 01:28:16 -04:00
}
auto existing = i2p::data::netdb.FindRouter (identity->GetIdentHash ()); // check if exists already
SetRemoteIdentity (existing ? existing->GetRouterIdentity () : identity);
2017-05-29 01:28:16 -04:00
2015-11-03 09:15:49 -05:00
size_t expectedSize = size + 2/*size*/ + 4/*timestamp*/ + m_RemoteIdentity->GetSignatureLen ();
2014-11-25 12:33:51 -05:00
size_t paddingLen = expectedSize & 0x0F;
2017-05-29 01:28:16 -04:00
if (paddingLen) paddingLen = (16 - paddingLen);
2014-11-25 12:33:51 -05:00
if (expectedSize > NTCP_DEFAULT_PHASE3_SIZE)
{
// we need more bytes for Phase3
2017-05-29 01:28:16 -04:00
expectedSize += paddingLen;
boost::asio::async_read (m_Socket, boost::asio::buffer(m_ReceiveBuffer + NTCP_DEFAULT_PHASE3_SIZE, expectedSize - NTCP_DEFAULT_PHASE3_SIZE), boost::asio::transfer_all (),
std::bind(&NTCPSession::HandlePhase3ExtraReceived, shared_from_this (),
2014-11-25 16:30:15 -05:00
std::placeholders::_1, std::placeholders::_2, tsB, paddingLen));
2014-11-25 12:33:51 -05:00
}
2014-11-25 14:29:06 -05:00
else
HandlePhase3 (tsB, paddingLen);
2017-05-29 01:28:16 -04:00
}
2014-11-25 12:33:51 -05:00
}
void NTCPSession::HandlePhase3ExtraReceived (const boost::system::error_code& ecode, std::size_t bytes_transferred, uint32_t tsB, size_t paddingLen)
{
if (ecode)
2017-05-29 01:35:11 -04:00
{
2016-01-27 21:54:42 -05:00
LogPrint (eLogInfo, "NTCP: Phase 3 extra read error: ", ecode.message ());
2014-11-25 12:33:51 -05:00
if (ecode != boost::asio::error::operation_aborted)
2013-09-09 21:35:46 -04:00
Terminate ();
2014-11-25 12:33:51 -05:00
}
else
{
m_Decryption.Decrypt (m_ReceiveBuffer + NTCP_DEFAULT_PHASE3_SIZE, bytes_transferred, m_ReceiveBuffer+ NTCP_DEFAULT_PHASE3_SIZE);
HandlePhase3 (tsB, paddingLen);
2017-05-29 01:28:16 -04:00
}
}
2014-11-25 12:33:51 -05:00
void NTCPSession::HandlePhase3 (uint32_t tsB, size_t paddingLen)
{
2015-11-03 09:15:49 -05:00
uint8_t * buf = m_ReceiveBuffer + m_RemoteIdentity->GetFullLen () + 2 /*size*/;
2017-05-29 01:28:16 -04:00
uint32_t tsA = buf32toh(buf);
2014-11-25 12:33:51 -05:00
buf += 4;
2017-05-29 01:28:16 -04:00
buf += paddingLen;
2013-09-09 21:35:46 -04:00
2016-01-26 19:02:06 -05:00
// check timestamp
auto ts = i2p::util::GetSecondsSinceEpoch ();
uint32_t tsA1 = be32toh (tsA);
if (tsA1 < ts - NTCP_CLOCK_SKEW || tsA1 > ts + NTCP_CLOCK_SKEW)
{
2018-08-16 10:13:32 -04:00
LogPrint (eLogError, "NTCP: Phase3 time difference ", (int)(ts - tsA1), " exceeds clock skew");
2016-01-26 19:02:06 -05:00
Terminate ();
return;
2017-05-29 01:28:16 -04:00
}
2016-01-26 19:02:06 -05:00
// check signature
2014-11-25 12:33:51 -05:00
SignedData s;
s.Insert (m_Establisher->phase1.pubKey, 256); // x
s.Insert (m_Establisher->phase2.pubKey, 256); // y
s.Insert (i2p::context.GetRouterInfo ().GetIdentHash (), 32); // ident
s.Insert (tsA); // tsA
2017-05-29 01:28:16 -04:00
s.Insert (tsB); // tsB
2014-11-25 12:33:51 -05:00
if (!s.Verify (m_RemoteIdentity, buf))
2017-05-29 01:28:16 -04:00
{
2015-12-18 04:15:05 +00:00
LogPrint (eLogError, "NTCP: signature verification failed");
2014-11-25 12:33:51 -05:00
Terminate ();
return;
2017-05-29 01:28:16 -04:00
}
2014-11-25 12:33:51 -05:00
SendPhase4 (tsA, tsB);
2013-09-09 21:35:46 -04:00
}
2014-11-25 10:35:35 -05:00
void NTCPSession::SendPhase4 (uint32_t tsA, uint32_t tsB)
2013-09-09 21:35:46 -04:00
{
SignedData s;
s.Insert (m_Establisher->phase1.pubKey, 256); // x
s.Insert (m_Establisher->phase2.pubKey, 256); // y
2015-11-03 09:15:49 -05:00
s.Insert (m_RemoteIdentity->GetIdentHash (), 32); // ident
2014-11-25 10:35:35 -05:00
s.Insert (tsA); // tsA
s.Insert (tsB); // tsB
2017-01-08 09:07:54 -05:00
auto& keys = i2p::context.GetPrivateKeys ();
2017-05-29 01:28:16 -04:00
auto signatureLen = keys.GetPublic ()->GetSignatureLen ();
2014-11-25 10:14:18 -05:00
s.Sign (keys, m_ReceiveBuffer);
size_t paddingSize = signatureLen & 0x0F; // %16
2017-05-29 01:28:16 -04:00
if (paddingSize > 0) signatureLen += (16 - paddingSize);
2014-11-25 10:14:18 -05:00
m_Encryption.Encrypt (m_ReceiveBuffer, signatureLen, m_ReceiveBuffer);
2013-09-09 21:35:46 -04:00
2014-11-25 10:14:18 -05:00
boost::asio::async_write (m_Socket, boost::asio::buffer (m_ReceiveBuffer, signatureLen), boost::asio::transfer_all (),
2017-05-29 01:39:11 -04:00
std::bind(&NTCPSession::HandlePhase4Sent, shared_from_this (), std::placeholders::_1, std::placeholders::_2));
2017-05-29 01:28:16 -04:00
}
2013-09-09 21:35:46 -04:00
void NTCPSession::HandlePhase4Sent (const boost::system::error_code& ecode, std::size_t bytes_transferred)
{
(void) bytes_transferred;
2013-09-09 21:35:46 -04:00
if (ecode)
2017-05-29 01:35:11 -04:00
{
2015-12-18 04:15:05 +00:00
LogPrint (eLogWarning, "NTCP: Couldn't send Phase 4 message: ", ecode.message ());
2014-09-22 13:28:46 -04:00
if (ecode != boost::asio::error::operation_aborted)
Terminate ();
2013-09-09 21:35:46 -04:00
}
else
2017-05-29 01:28:16 -04:00
{
2016-06-27 13:00:00 +00:00
LogPrint (eLogDebug, "NTCP: Server session from ", m_Socket.remote_endpoint (), " connected");
2015-01-11 17:41:56 -05:00
m_Server.AddNTCPSession (shared_from_this ());
2014-11-25 14:29:06 -05:00
2013-10-22 22:43:29 -04:00
Connected ();
2013-09-09 21:35:46 -04:00
m_ReceiveBufferOffset = 0;
2013-10-27 11:23:15 -04:00
m_NextMessage = nullptr;
2013-09-09 21:35:46 -04:00
Receive ();
2017-05-29 01:28:16 -04:00
}
}
2013-09-09 21:35:46 -04:00
void NTCPSession::HandlePhase4Received (const boost::system::error_code& ecode, std::size_t bytes_transferred, uint32_t tsA)
{
if (ecode)
2017-05-29 01:35:11 -04:00
{
2015-12-18 04:15:05 +00:00
LogPrint (eLogError, "NTCP: Phase 4 read error: ", ecode.message (), ". Check your clock");
2014-09-22 13:28:46 -04:00
if (ecode != boost::asio::error::operation_aborted)
{
2017-05-29 01:28:16 -04:00
// this router doesn't like us
2015-11-03 09:15:49 -05:00
i2p::data::netdb.SetUnreachable (GetRemoteIdentity ()->GetIdentHash (), true);
2014-09-22 13:28:46 -04:00
Terminate ();
2017-05-29 01:28:16 -04:00
}
2013-09-09 21:35:46 -04:00
}
else
2017-05-29 01:28:16 -04:00
{
2014-11-25 10:14:18 -05:00
m_Decryption.Decrypt(m_ReceiveBuffer, bytes_transferred, m_ReceiveBuffer);
2013-09-09 21:35:46 -04:00
2016-01-26 19:02:06 -05:00
// check timestamp
uint32_t tsB = bufbe32toh (m_Establisher->phase2.encrypted.timestamp);
auto ts = i2p::util::GetSecondsSinceEpoch ();
if (tsB < ts - NTCP_CLOCK_SKEW || tsB > ts + NTCP_CLOCK_SKEW)
{
2018-08-16 10:13:32 -04:00
LogPrint (eLogError, "NTCP: Phase4 time difference ", (int)(ts - tsB), " exceeds clock skew");
2016-01-26 19:02:06 -05:00
Terminate ();
return;
2017-05-29 01:28:16 -04:00
}
2013-09-09 21:35:46 -04:00
// verify signature
SignedData s;
s.Insert (m_Establisher->phase1.pubKey, 256); // x
s.Insert (m_Establisher->phase2.pubKey, 256); // y
2015-11-03 09:15:49 -05:00
s.Insert (i2p::context.GetIdentHash (), 32); // ident
s.Insert (tsA); // tsA
2016-01-11 19:03:04 -05:00
s.Insert (m_Establisher->phase2.encrypted.timestamp, 4); // tsB
2013-09-09 21:35:46 -04:00
2014-11-25 10:14:18 -05:00
if (!s.Verify (m_RemoteIdentity, m_ReceiveBuffer))
2017-05-29 01:28:16 -04:00
{
2015-12-18 04:15:05 +00:00
LogPrint (eLogError, "NTCP: Phase 4 process error: signature verification failed");
2013-09-09 21:35:46 -04:00
Terminate ();
return;
2017-05-29 01:28:16 -04:00
}
2015-12-18 04:15:05 +00:00
LogPrint (eLogDebug, "NTCP: session to ", m_Socket.remote_endpoint (), " connected");
2013-10-22 22:43:29 -04:00
Connected ();
2017-05-29 01:28:16 -04:00
2013-09-09 21:35:46 -04:00
m_ReceiveBufferOffset = 0;
2013-10-27 11:23:15 -04:00
m_NextMessage = nullptr;
2013-09-09 21:35:46 -04:00
Receive ();
}
}
void NTCPSession::Receive ()
{
2017-05-29 01:28:16 -04:00
m_Socket.async_read_some (boost::asio::buffer(m_ReceiveBuffer + m_ReceiveBufferOffset, NTCP_BUFFER_SIZE - m_ReceiveBufferOffset),
std::bind(&NTCPSession::HandleReceived, shared_from_this (),
2014-11-25 16:30:15 -05:00
std::placeholders::_1, std::placeholders::_2));
2017-05-29 01:28:16 -04:00
}
2013-09-09 21:35:46 -04:00
void NTCPSession::HandleReceived (const boost::system::error_code& ecode, std::size_t bytes_transferred)
{
2017-05-29 01:28:16 -04:00
if (ecode)
{
2016-02-11 00:00:00 +00:00
if (ecode != boost::asio::error::operation_aborted)
LogPrint (eLogDebug, "NTCP: Read error: ", ecode.message ());
2014-11-01 17:15:59 -04:00
//if (ecode != boost::asio::error::operation_aborted)
2016-02-11 00:00:00 +00:00
Terminate ();
2013-09-09 21:35:46 -04:00
}
else
{
m_NumReceivedBytes += bytes_transferred;
2015-03-16 19:33:59 -04:00
i2p::transport::transports.UpdateReceivedBytes (bytes_transferred);
2013-09-09 21:35:46 -04:00
m_ReceiveBufferOffset += bytes_transferred;
2013-10-27 11:23:15 -04:00
if (m_ReceiveBufferOffset >= 16)
2017-05-29 01:28:16 -04:00
{
// process received data
uint8_t * nextBlock = m_ReceiveBuffer;
while (m_ReceiveBufferOffset >= 16)
{
if (!DecryptNextBlock (nextBlock)) // 16 bytes
2014-09-18 11:11:51 -04:00
{
Terminate ();
2017-05-29 01:28:16 -04:00
return;
}
nextBlock += 16;
m_ReceiveBufferOffset -= 16;
2017-05-29 01:28:16 -04:00
}
if (m_ReceiveBufferOffset > 0)
memcpy (m_ReceiveBuffer, nextBlock, m_ReceiveBufferOffset);
}
// read and process more is available
boost::system::error_code ec;
size_t moreBytes = m_Socket.available(ec);
if (moreBytes && !ec)
{
uint8_t * buf = nullptr, * moreBuf = m_ReceiveBuffer;
if (moreBytes + m_ReceiveBufferOffset > NTCP_BUFFER_SIZE)
{
2017-01-04 17:25:30 -05:00
buf = new uint8_t[moreBytes + m_ReceiveBufferOffset + 16];
moreBuf = buf;
2017-01-04 17:25:30 -05:00
uint8_t rem = ((size_t)buf) & 0x0f;
if (rem) moreBuf += (16 - rem); // align 16
if (m_ReceiveBufferOffset)
memcpy (moreBuf, m_ReceiveBuffer, m_ReceiveBufferOffset);
}
moreBytes = m_Socket.read_some (boost::asio::buffer (moreBuf + m_ReceiveBufferOffset, moreBytes), ec);
if (ec)
{
LogPrint (eLogInfo, "NTCP: Read more bytes error: ", ec.message ());
delete[] buf;
Terminate ();
return;
2017-05-29 01:28:16 -04:00
}
m_ReceiveBufferOffset += moreBytes;
m_NumReceivedBytes += moreBytes;
i2p::transport::transports.UpdateReceivedBytes (moreBytes);
2017-05-29 01:28:16 -04:00
// process more data
uint8_t * nextBlock = moreBuf;
while (m_ReceiveBufferOffset >= 16)
{
if (!DecryptNextBlock (nextBlock)) // 16 bytes
{
delete[] buf;
Terminate ();
2017-05-29 01:28:16 -04:00
return;
}
nextBlock += 16;
m_ReceiveBufferOffset -= 16;
2017-05-29 01:28:16 -04:00
}
if (m_ReceiveBufferOffset > 0)
memcpy (m_ReceiveBuffer, nextBlock, m_ReceiveBufferOffset); // nextBlock points to memory inside buf
delete[] buf;
2017-05-29 01:28:16 -04:00
}
m_Handler.Flush ();
m_LastActivityTimestamp = i2p::util::GetSecondsSinceEpoch ();
2013-09-09 21:35:46 -04:00
Receive ();
2017-05-29 01:28:16 -04:00
}
}
2013-09-09 21:35:46 -04:00
2014-09-18 11:11:51 -04:00
bool NTCPSession::DecryptNextBlock (const uint8_t * encrypted) // 16 bytes
2013-09-09 21:35:46 -04:00
{
2013-10-27 11:23:15 -04:00
if (!m_NextMessage) // new message, header expected
2017-05-29 01:28:16 -04:00
{
2015-12-18 04:15:05 +00:00
// decrypt header and extract length
2015-03-12 22:38:22 -04:00
uint8_t buf[16];
m_Decryption.Decrypt (encrypted, buf);
uint16_t dataSize = bufbe16toh (buf);
2013-10-27 11:23:15 -04:00
if (dataSize)
{
// new message
if (dataSize + 16U + 15U > NTCP_MAX_MESSAGE_SIZE - 2) // + 6 + padding
2014-08-27 10:02:23 -04:00
{
2015-12-18 04:15:05 +00:00
LogPrint (eLogError, "NTCP: data size ", dataSize, " exceeds max size");
2014-09-18 11:11:51 -04:00
return false;
2014-08-27 10:02:23 -04:00
}
m_NextMessage = (dataSize + 16U + 15U) <= I2NP_MAX_SHORT_MESSAGE_SIZE - 2 ? NewI2NPShortMessage () : NewI2NPMessage ();
m_NextMessage->Align (16);
m_NextMessage->offset += 2; // size field
2017-05-29 01:28:16 -04:00
m_NextMessage->len = m_NextMessage->offset + dataSize;
memcpy (m_NextMessage->GetBuffer () - 2, buf, 16);
2015-03-12 22:38:22 -04:00
m_NextMessageOffset = 16;
2017-05-29 01:28:16 -04:00
}
2013-10-27 11:23:15 -04:00
else
2017-05-29 01:28:16 -04:00
{
2013-10-27 11:23:15 -04:00
// timestamp
int diff = (int)bufbe32toh (buf + 2) - (int)i2p::util::GetSecondsSinceEpoch ();
LogPrint (eLogInfo, "NTCP: Timestamp. Time difference ", diff, " seconds");
2014-09-18 11:11:51 -04:00
return true;
2017-05-29 01:28:16 -04:00
}
}
2013-10-27 11:23:15 -04:00
else // message continues
2017-05-29 01:28:16 -04:00
{
m_Decryption.Decrypt (encrypted, m_NextMessage->GetBuffer () - 2 + m_NextMessageOffset);
2013-10-27 11:23:15 -04:00
m_NextMessageOffset += 16;
2017-05-29 01:28:16 -04:00
}
if (m_NextMessageOffset >= m_NextMessage->GetLength () + 2 + 4) // +checksum
2017-05-29 01:28:16 -04:00
{
2013-10-27 11:23:15 -04:00
// we have a complete I2NP message
2015-11-03 09:15:49 -05:00
uint8_t checksum[4];
htobe32buf (checksum, adler32 (adler32 (0, Z_NULL, 0), m_NextMessage->GetBuffer () - 2, m_NextMessageOffset - 4));
if (!memcmp (m_NextMessage->GetBuffer () - 2 + m_NextMessageOffset - 4, checksum, 4))
2016-01-18 21:13:43 -05:00
{
if (!m_NextMessage->IsExpired ())
2016-11-01 10:26:40 -04:00
{
2016-11-01 13:57:25 -04:00
#ifdef WITH_EVENTS
2016-12-07 11:52:20 -05:00
QueueIntEvent("transport.recvmsg", GetIdentHashBase64(), 1);
2016-11-01 13:57:25 -04:00
#endif
2016-01-18 21:13:43 -05:00
m_Handler.PutNextMessage (m_NextMessage);
2016-11-01 10:26:40 -04:00
}
2016-01-18 21:13:43 -05:00
else
LogPrint (eLogInfo, "NTCP: message expired");
2017-05-29 01:28:16 -04:00
}
2015-06-14 10:37:15 -04:00
else
2015-12-18 04:15:05 +00:00
LogPrint (eLogWarning, "NTCP: Incorrect adler checksum of message, dropped");
m_NextMessage = nullptr;
2014-09-18 11:11:51 -04:00
}
2017-05-29 01:28:16 -04:00
return true;
}
2013-09-09 21:35:46 -04:00
void NTCPSession::Send (std::shared_ptr<i2p::I2NPMessage> msg)
{
2015-01-27 19:12:27 -05:00
m_IsSending = true;
2017-05-29 01:28:16 -04:00
boost::asio::async_write (m_Socket, CreateMsgBuffer (msg), boost::asio::transfer_all (),
2017-05-29 01:44:06 -04:00
std::bind(&NTCPSession::HandleSent, shared_from_this (), std::placeholders::_1, std::placeholders::_2, std::vector<std::shared_ptr<I2NPMessage> >{ msg }));
}
boost::asio::const_buffers_1 NTCPSession::CreateMsgBuffer (std::shared_ptr<I2NPMessage> msg)
2013-09-09 21:35:46 -04:00
{
uint8_t * sendBuffer;
int len;
if (msg)
2017-05-29 01:28:16 -04:00
{
// regular I2NP
if (msg->offset < 2)
2015-12-18 04:15:05 +00:00
LogPrint (eLogError, "NTCP: Malformed I2NP message"); // TODO:
2017-05-29 01:28:16 -04:00
sendBuffer = msg->GetBuffer () - 2;
len = msg->GetLength ();
htobe16buf (sendBuffer, len);
2017-05-29 01:28:16 -04:00
}
else
{
// prepare timestamp
sendBuffer = m_TimeSyncBuffer;
len = 4;
htobuf16(sendBuffer, 0);
htobe32buf (sendBuffer + 2, i2p::util::GetSecondsSinceEpoch ());
2017-05-29 01:28:16 -04:00
}
int rem = (len + 6) & 0x0F; // %16
2013-09-09 21:35:46 -04:00
int padding = 0;
if (rem > 0) {
padding = 16 - rem;
// fill with random padding
RAND_bytes(sendBuffer + len + 2, padding);
}
2015-11-03 09:15:49 -05:00
htobe32buf (sendBuffer + len + 2 + padding, adler32 (adler32 (0, Z_NULL, 0), sendBuffer, len + 2+ padding));
2013-09-09 21:35:46 -04:00
int l = len + padding + 6;
2017-05-29 01:28:16 -04:00
m_Encryption.Encrypt(sendBuffer, l, sendBuffer);
return boost::asio::buffer ((const uint8_t *)sendBuffer, l);
2017-05-29 01:28:16 -04:00
}
2015-01-21 12:08:15 -05:00
2013-09-09 21:35:46 -04:00
void NTCPSession::Send (const std::vector<std::shared_ptr<I2NPMessage> >& msgs)
{
2015-01-27 19:12:27 -05:00
m_IsSending = true;
std::vector<boost::asio::const_buffer> bufs;
2016-08-08 00:52:18 +03:00
for (const auto& it: msgs)
bufs.push_back (CreateMsgBuffer (it));
2017-05-29 01:28:16 -04:00
boost::asio::async_write (m_Socket, bufs, boost::asio::transfer_all (),
2017-05-29 01:44:06 -04:00
std::bind(&NTCPSession::HandleSent, shared_from_this (), std::placeholders::_1, std::placeholders::_2, msgs));
}
2017-05-29 01:28:16 -04:00
void NTCPSession::HandleSent (const boost::system::error_code& ecode, std::size_t bytes_transferred, std::vector<std::shared_ptr<I2NPMessage> > msgs)
{
(void) msgs;
2015-01-27 19:12:27 -05:00
m_IsSending = false;
if (ecode)
2017-05-29 01:35:11 -04:00
{
2015-12-18 04:15:05 +00:00
LogPrint (eLogWarning, "NTCP: Couldn't send msgs: ", ecode.message ());
// we shouldn't call Terminate () here, because HandleReceive takes care
// TODO: 'delete this' statement in Terminate () must be eliminated later
// Terminate ();
}
else
2017-05-29 01:28:16 -04:00
{
m_LastActivityTimestamp = i2p::util::GetSecondsSinceEpoch ();
m_NumSentBytes += bytes_transferred;
2015-03-16 19:33:59 -04:00
i2p::transport::transports.UpdateSentBytes (bytes_transferred);
2015-01-27 19:12:27 -05:00
if (!m_SendQueue.empty())
{
Send (m_SendQueue);
m_SendQueue.clear ();
2017-05-29 01:28:16 -04:00
}
}
}
2013-09-09 21:35:46 -04:00
void NTCPSession::SendTimeSyncMessage ()
{
Send (nullptr);
2017-05-29 01:28:16 -04:00
}
2013-09-09 21:35:46 -04:00
2015-01-20 21:05:57 -05:00
void NTCPSession::SendI2NPMessages (const std::vector<std::shared_ptr<I2NPMessage> >& msgs)
2015-01-20 21:05:57 -05:00
{
2017-05-29 01:28:16 -04:00
m_Server.GetService ().post (std::bind (&NTCPSession::PostI2NPMessages, shared_from_this (), msgs));
}
2015-01-20 21:05:57 -05:00
void NTCPSession::PostI2NPMessages (std::vector<std::shared_ptr<I2NPMessage> > msgs)
2015-01-20 21:05:57 -05:00
{
if (m_IsTerminated) return;
2015-01-27 19:12:27 -05:00
if (m_IsSending)
{
2017-05-29 01:28:16 -04:00
if (m_SendQueue.size () < NTCP_MAX_OUTGOING_QUEUE_SIZE)
2016-07-12 16:26:36 -04:00
{
2016-08-08 00:52:18 +03:00
for (const auto& it: msgs)
2016-07-12 16:26:36 -04:00
m_SendQueue.push_back (it);
}
else
{
LogPrint (eLogWarning, "NTCP: outgoing messages queue size exceeds ", NTCP_MAX_OUTGOING_QUEUE_SIZE);
Terminate ();
2017-05-29 01:28:16 -04:00
}
}
else
2015-01-27 19:12:27 -05:00
Send (msgs);
2017-05-29 01:28:16 -04:00
}
2015-01-11 17:41:56 -05:00
//-----------------------------------------
2018-02-20 11:38:48 -05:00
NTCPServer::NTCPServer (int workers):
2017-05-29 01:28:16 -04:00
m_IsRunning (false), m_Thread (nullptr), m_Work (m_Service),
m_TerminationTimer (m_Service), m_NTCPAcceptor (nullptr), m_NTCPV6Acceptor (nullptr),
2017-10-30 08:27:55 -04:00
m_ProxyType(eNoProxy), m_Resolver(m_Service), m_ProxyEndpoint(nullptr),
m_SoftLimit(0), m_HardLimit(0)
2015-01-11 17:41:56 -05:00
{
2018-02-20 11:38:48 -05:00
if(workers <= 0) workers = 1;
m_CryptoPool = std::make_shared<Pool>(workers);
2015-01-11 17:41:56 -05:00
}
2017-05-29 01:28:16 -04:00
2015-01-11 17:41:56 -05:00
NTCPServer::~NTCPServer ()
{
Stop ();
2017-05-29 01:28:16 -04:00
}
2015-01-11 17:41:56 -05:00
void NTCPServer::Start ()
{
if (!m_IsRunning)
2017-05-29 01:28:16 -04:00
{
2015-01-11 17:41:56 -05:00
m_IsRunning = true;
m_Thread = new std::thread (std::bind (&NTCPServer::Run, this));
// we are using a proxy, don't create any acceptors
if(UsingProxy())
2017-05-29 01:28:16 -04:00
{
// TODO: resolve proxy until it is resolved
boost::asio::ip::tcp::resolver::query q(m_ProxyAddress, std::to_string(m_ProxyPort));
2017-05-29 01:28:16 -04:00
boost::system::error_code e;
auto itr = m_Resolver.resolve(q, e);
if(e)
{
LogPrint(eLogError, "NTCP: Failed to resolve proxy ", e.message());
}
else
{
m_ProxyEndpoint = new boost::asio::ip::tcp::endpoint(*itr);
2017-05-29 01:28:16 -04:00
}
}
else
2015-01-11 17:41:56 -05:00
{
2017-05-29 01:28:16 -04:00
// create acceptors
auto& addresses = context.GetRouterInfo ().GetAddresses ();
for (const auto& address: addresses)
2016-06-13 11:34:44 -04:00
{
2017-05-29 01:28:16 -04:00
if (!address) continue;
2018-07-23 15:44:36 -04:00
if (address->transportStyle == i2p::data::RouterInfo::eTransportNTCP && !address->IsNTCP2 ())
2016-06-13 11:34:44 -04:00
{
2017-05-29 01:28:16 -04:00
if (address->host.is_v4())
2016-06-13 11:34:44 -04:00
{
2017-05-29 01:28:16 -04:00
try
{
m_NTCPAcceptor = new boost::asio::ip::tcp::acceptor (m_Service, boost::asio::ip::tcp::endpoint(boost::asio::ip::tcp::v4(), address->port));
} catch ( std::exception & ex ) {
/** fail to bind ip4 */
LogPrint(eLogError, "NTCP: Failed to bind to ip4 port ",address->port, ex.what());
continue;
}
LogPrint (eLogInfo, "NTCP: Start listening TCP port ", address->port);
auto conn = std::make_shared<NTCPSession>(*this);
m_NTCPAcceptor->async_accept(conn->GetSocket (), std::bind (&NTCPServer::HandleAccept, this, conn, std::placeholders::_1));
2016-06-13 11:34:44 -04:00
}
2017-05-29 01:28:16 -04:00
else if (address->host.is_v6() && context.SupportsV6 ())
2016-06-13 11:34:44 -04:00
{
2017-05-29 01:28:16 -04:00
m_NTCPV6Acceptor = new boost::asio::ip::tcp::acceptor (m_Service);
try
{
m_NTCPV6Acceptor->open (boost::asio::ip::tcp::v6());
m_NTCPV6Acceptor->set_option (boost::asio::ip::v6_only (true));
2019-02-28 16:00:26 -05:00
m_NTCPV6Acceptor->set_option (boost::asio::socket_base::reuse_address (true));
2017-05-29 01:28:16 -04:00
m_NTCPV6Acceptor->bind (boost::asio::ip::tcp::endpoint(boost::asio::ip::tcp::v6(), address->port));
m_NTCPV6Acceptor->listen ();
LogPrint (eLogInfo, "NTCP: Start listening V6 TCP port ", address->port);
auto conn = std::make_shared<NTCPSession> (*this);
m_NTCPV6Acceptor->async_accept(conn->GetSocket (), std::bind (&NTCPServer::HandleAcceptV6, this, conn, std::placeholders::_1));
} catch ( std::exception & ex ) {
LogPrint(eLogError, "NTCP: failed to bind to ip6 port ", address->port);
continue;
}
2016-06-13 11:34:44 -04:00
}
2017-05-29 01:28:16 -04:00
}
2016-06-13 11:34:44 -04:00
}
}
2017-05-29 01:28:16 -04:00
ScheduleTermination ();
}
2015-01-11 17:41:56 -05:00
}
2017-05-29 01:28:16 -04:00
2015-01-11 17:41:56 -05:00
void NTCPServer::Stop ()
2017-05-29 01:28:16 -04:00
{
2016-11-30 09:24:49 -05:00
{
// we have to copy it because Terminate changes m_NTCPSessions
2017-05-29 01:28:16 -04:00
auto ntcpSessions = m_NTCPSessions;
2016-11-30 09:24:49 -05:00
for (auto& it: ntcpSessions)
it.second->Terminate ();
for (auto& it: m_PendingIncomingSessions)
it->Terminate ();
2017-05-29 01:28:16 -04:00
}
2015-01-11 17:41:56 -05:00
m_NTCPSessions.clear ();
if (m_IsRunning)
2017-05-29 01:28:16 -04:00
{
2015-01-11 17:41:56 -05:00
m_IsRunning = false;
2017-05-29 01:28:16 -04:00
m_TerminationTimer.cancel ();
2017-05-29 01:44:06 -04:00
if (m_NTCPAcceptor)
2017-05-29 01:28:16 -04:00
{
delete m_NTCPAcceptor;
m_NTCPAcceptor = nullptr;
}
2017-05-29 01:44:06 -04:00
if (m_NTCPV6Acceptor)
{
2017-05-29 01:44:06 -04:00
delete m_NTCPV6Acceptor;
m_NTCPV6Acceptor = nullptr;
}
2015-01-11 17:41:56 -05:00
m_Service.stop ();
if (m_Thread)
2017-05-29 01:28:16 -04:00
{
m_Thread->join ();
2015-01-11 17:41:56 -05:00
delete m_Thread;
m_Thread = nullptr;
2017-05-29 01:28:16 -04:00
}
if(m_ProxyEndpoint)
2017-05-29 01:28:16 -04:00
{
delete m_ProxyEndpoint;
m_ProxyEndpoint = nullptr;
2017-05-29 01:28:16 -04:00
}
}
}
2015-01-11 17:41:56 -05:00
2017-05-29 01:28:16 -04:00
void NTCPServer::Run ()
{
2015-01-11 17:41:56 -05:00
while (m_IsRunning)
{
try
2017-05-29 01:28:16 -04:00
{
2015-01-11 17:41:56 -05:00
m_Service.run ();
}
catch (std::exception& ex)
{
2015-12-18 04:15:05 +00:00
LogPrint (eLogError, "NTCP: runtime exception: ", ex.what ());
2017-05-29 01:28:16 -04:00
}
}
}
2015-01-11 17:41:56 -05:00
2015-11-25 11:51:35 -05:00
bool NTCPServer::AddNTCPSession (std::shared_ptr<NTCPSession> session)
2015-01-11 17:41:56 -05:00
{
2015-11-25 11:51:35 -05:00
if (!session || !session->GetRemoteIdentity ()) return false;
auto& ident = session->GetRemoteIdentity ()->GetIdentHash ();
auto it = m_NTCPSessions.find (ident);
if (it != m_NTCPSessions.end ())
2015-01-12 12:15:54 -05:00
{
2015-12-18 04:15:05 +00:00
LogPrint (eLogWarning, "NTCP: session to ", ident.ToBase64 (), " already exists");
2016-08-03 10:40:30 -04:00
session->Terminate();
2015-11-25 11:51:35 -05:00
return false;
2015-01-12 12:15:54 -05:00
}
2015-11-25 11:51:35 -05:00
m_NTCPSessions.insert (std::pair<i2p::data::IdentHash, std::shared_ptr<NTCPSession> >(ident, session));
return true;
2017-05-29 01:28:16 -04:00
}
2015-01-11 17:41:56 -05:00
void NTCPServer::RemoveNTCPSession (std::shared_ptr<NTCPSession> session)
{
2015-11-03 09:15:49 -05:00
if (session && session->GetRemoteIdentity ())
m_NTCPSessions.erase (session->GetRemoteIdentity ()->GetIdentHash ());
2017-05-29 01:28:16 -04:00
}
2015-01-11 17:41:56 -05:00
std::shared_ptr<NTCPSession> NTCPServer::FindNTCPSession (const i2p::data::IdentHash& ident)
{
auto it = m_NTCPSessions.find (ident);
if (it != m_NTCPSessions.end ())
return it->second;
return nullptr;
2017-05-29 01:28:16 -04:00
}
2015-01-11 17:41:56 -05:00
void NTCPServer::HandleAccept (std::shared_ptr<NTCPSession> conn, const boost::system::error_code& error)
2017-05-29 01:28:16 -04:00
{
2015-01-11 17:41:56 -05:00
if (!error)
{
2015-02-06 13:49:00 -05:00
boost::system::error_code ec;
2017-05-29 01:28:16 -04:00
auto ep = conn->GetSocket ().remote_endpoint(ec);
2015-02-06 13:49:00 -05:00
if (!ec)
{
2017-10-30 08:27:55 -04:00
if(ShouldLimit())
{
// hit limit, close premature
LogPrint(eLogWarning, "NTCP: limiting with backoff session from ", ep);
2017-10-30 08:37:54 -04:00
conn->Terminate();
2017-10-30 08:27:55 -04:00
return;
}
2015-12-18 04:15:05 +00:00
LogPrint (eLogDebug, "NTCP: Connected from ", ep);
2015-02-10 13:05:08 -05:00
if (conn)
{
2015-02-10 13:05:08 -05:00
conn->ServerLogin ();
m_PendingIncomingSessions.push_back (conn);
2017-05-29 01:28:16 -04:00
}
2015-02-06 13:49:00 -05:00
}
else
2015-12-18 04:15:05 +00:00
LogPrint (eLogError, "NTCP: Connected from error ", ec.message ());
2015-01-11 17:41:56 -05:00
}
2017-05-29 01:28:16 -04:00
2015-01-11 17:41:56 -05:00
if (error != boost::asio::error::operation_aborted)
{
2017-05-29 01:44:06 -04:00
conn = std::make_shared<NTCPSession> (*this);
2017-05-29 01:28:16 -04:00
m_NTCPAcceptor->async_accept(conn->GetSocket (), std::bind (&NTCPServer::HandleAccept, this,
2015-01-11 17:41:56 -05:00
conn, std::placeholders::_1));
2017-05-29 01:28:16 -04:00
}
2015-01-11 17:41:56 -05:00
}
void NTCPServer::HandleAcceptV6 (std::shared_ptr<NTCPSession> conn, const boost::system::error_code& error)
2017-05-29 01:28:16 -04:00
{
2015-01-11 17:41:56 -05:00
if (!error)
{
2015-02-06 13:49:00 -05:00
boost::system::error_code ec;
2017-05-29 01:28:16 -04:00
auto ep = conn->GetSocket ().remote_endpoint(ec);
2015-02-06 13:49:00 -05:00
if (!ec)
{
2017-10-30 08:27:55 -04:00
if(ShouldLimit())
{
// hit limit, close premature
LogPrint(eLogWarning, "NTCP: limiting with backoff on session from ", ep);
2017-10-30 08:37:54 -04:00
conn->Terminate();
2017-10-30 08:27:55 -04:00
return;
}
2015-12-18 04:15:05 +00:00
LogPrint (eLogDebug, "NTCP: Connected from ", ep);
2015-02-10 15:54:07 -05:00
if (conn)
2017-05-29 01:28:16 -04:00
{
2015-02-10 15:54:07 -05:00
conn->ServerLogin ();
m_PendingIncomingSessions.push_back (conn);
2017-05-29 01:28:16 -04:00
}
2015-02-06 13:49:00 -05:00
}
else
2015-12-18 04:15:05 +00:00
LogPrint (eLogError, "NTCP: Connected from error ", ec.message ());
2015-01-11 17:41:56 -05:00
}
if (error != boost::asio::error::operation_aborted)
{
2017-05-29 01:44:06 -04:00
conn = std::make_shared<NTCPSession> (*this);
2017-05-29 01:28:16 -04:00
m_NTCPV6Acceptor->async_accept(conn->GetSocket (), std::bind (&NTCPServer::HandleAcceptV6, this,
2015-01-11 17:41:56 -05:00
conn, std::placeholders::_1));
2017-05-29 01:28:16 -04:00
}
}
2015-01-11 17:41:56 -05:00
2017-05-29 01:28:16 -04:00
void NTCPServer::Connect(const boost::asio::ip::address & address, uint16_t port, std::shared_ptr<NTCPSession> conn)
2015-01-11 17:41:56 -05:00
{
2015-12-18 04:15:05 +00:00
LogPrint (eLogDebug, "NTCP: Connecting to ", address ,":", port);
2017-05-29 01:53:34 -04:00
m_Service.post([=]() {
2015-11-25 11:51:35 -05:00
if (this->AddNTCPSession (conn))
2016-11-29 14:12:44 -05:00
{
2017-05-29 01:28:16 -04:00
2016-11-29 14:12:44 -05:00
auto timer = std::make_shared<boost::asio::deadline_timer>(m_Service);
2017-05-29 01:28:16 -04:00
timer->expires_from_now (boost::posix_time::seconds(NTCP_CONNECT_TIMEOUT));
timer->async_wait ([conn](const boost::system::error_code& ecode) {
if (ecode != boost::asio::error::operation_aborted)
2016-11-29 14:12:44 -05:00
{
2017-05-29 01:28:16 -04:00
LogPrint (eLogInfo, "NTCP: Not connected in ", NTCP_CONNECT_TIMEOUT, " seconds");
conn->Terminate ();
}
});
conn->GetSocket ().async_connect (boost::asio::ip::tcp::endpoint (address, port), std::bind (&NTCPServer::HandleConnect, this, std::placeholders::_1, conn, timer));
}
});
}
void NTCPServer::ConnectWithProxy (const std::string& host, uint16_t port, RemoteAddressType addrtype, std::shared_ptr<NTCPSession> conn)
2017-05-29 01:28:16 -04:00
{
if(m_ProxyEndpoint == nullptr)
2017-05-29 01:28:16 -04:00
{
return;
}
m_Service.post([=]() {
if (this->AddNTCPSession (conn))
{
auto timer = std::make_shared<boost::asio::deadline_timer>(m_Service);
2017-05-29 02:12:16 -04:00
auto timeout = NTCP_CONNECT_TIMEOUT * 5;
2017-05-29 02:16:57 -04:00
conn->SetTerminationTimeout(timeout * 2);
2017-05-29 01:28:16 -04:00
timer->expires_from_now (boost::posix_time::seconds(timeout));
timer->async_wait ([conn, timeout](const boost::system::error_code& ecode) {
if (ecode != boost::asio::error::operation_aborted)
{
LogPrint (eLogInfo, "NTCP: Not connected in ", timeout, " seconds");
i2p::data::netdb.SetUnreachable (conn->GetRemoteIdentity ()->GetIdentHash (), true);
conn->Terminate ();
}
});
conn->GetSocket ().async_connect (*m_ProxyEndpoint, std::bind (&NTCPServer::HandleProxyConnect, this, std::placeholders::_1, conn, timer, host, port, addrtype));
2017-05-29 01:28:16 -04:00
}
});
2015-01-11 17:41:56 -05:00
}
2016-11-29 14:12:44 -05:00
void NTCPServer::HandleConnect (const boost::system::error_code& ecode, std::shared_ptr<NTCPSession> conn, std::shared_ptr<boost::asio::deadline_timer> timer)
2015-01-11 17:41:56 -05:00
{
2017-05-29 01:28:16 -04:00
timer->cancel ();
2015-01-11 17:41:56 -05:00
if (ecode)
2017-05-29 01:28:16 -04:00
{
LogPrint (eLogInfo, "NTCP: Connect error ", ecode.message ());
2015-01-11 17:41:56 -05:00
if (ecode != boost::asio::error::operation_aborted)
2015-11-03 09:15:49 -05:00
i2p::data::netdb.SetUnreachable (conn->GetRemoteIdentity ()->GetIdentHash (), true);
2015-02-06 11:14:41 -05:00
conn->Terminate ();
2015-01-11 17:41:56 -05:00
}
else
{
2015-12-18 04:15:05 +00:00
LogPrint (eLogDebug, "NTCP: Connected to ", conn->GetSocket ().remote_endpoint ());
2015-01-11 17:41:56 -05:00
conn->ClientLogin ();
2017-05-29 01:28:16 -04:00
}
}
void NTCPServer::UseProxy(ProxyType proxytype, const std::string & addr, uint16_t port)
2017-05-29 01:28:16 -04:00
{
m_ProxyType = proxytype;
m_ProxyAddress = addr;
m_ProxyPort = port;
2017-05-29 01:28:16 -04:00
}
void NTCPServer::HandleProxyConnect(const boost::system::error_code& ecode, std::shared_ptr<NTCPSession> conn, std::shared_ptr<boost::asio::deadline_timer> timer, const std::string & host, uint16_t port, RemoteAddressType addrtype)
2017-05-29 01:28:16 -04:00
{
if(ecode)
{
LogPrint(eLogWarning, "NTCP: failed to connect to proxy ", ecode.message());
timer->cancel();
conn->Terminate();
2017-05-29 01:28:16 -04:00
return;
}
if(m_ProxyType == eSocksProxy)
2017-05-29 01:28:16 -04:00
{
// TODO: support username/password auth etc
uint8_t buff[3] = {0x05, 0x01, 0x00};
boost::asio::async_write(conn->GetSocket(), boost::asio::buffer(buff, 3), boost::asio::transfer_all(), [=] (const boost::system::error_code & ec, std::size_t transferred) {
(void) transferred;
if(ec)
{
LogPrint(eLogWarning, "NTCP: socks5 write error ", ec.message());
}
});
uint8_t readbuff[2];
boost::asio::async_read(conn->GetSocket(), boost::asio::buffer(readbuff, 2), [=](const boost::system::error_code & ec, std::size_t transferred) {
if(ec)
{
LogPrint(eLogError, "NTCP: socks5 read error ", ec.message());
timer->cancel();
conn->Terminate();
return;
}
else if(transferred == 2)
{
if(readbuff[1] == 0x00)
{
AfterSocksHandshake(conn, timer, host, port, addrtype);
return;
}
else if (readbuff[1] == 0xff)
{
LogPrint(eLogError, "NTCP: socks5 proxy rejected authentication");
timer->cancel();
conn->Terminate();
return;
}
}
LogPrint(eLogError, "NTCP: socks5 server gave invalid response");
timer->cancel();
conn->Terminate();
});
2017-05-29 01:28:16 -04:00
}
else if(m_ProxyType == eHTTPProxy)
{
i2p::http::HTTPReq req;
req.method = "CONNECT";
req.version ="HTTP/1.1";
if(addrtype == eIP6Address)
req.uri = "[" + host + "]:" + std::to_string(port);
else
req.uri = host + ":" + std::to_string(port);
2017-05-29 01:28:16 -04:00
boost::asio::streambuf writebuff;
std::ostream out(&writebuff);
out << req.to_string();
2017-05-29 10:09:24 -04:00
boost::asio::async_write(conn->GetSocket(), writebuff.data(), boost::asio::transfer_all(), [=](const boost::system::error_code & ec, std::size_t transferred) {
(void) transferred;
if(ec)
LogPrint(eLogError, "NTCP: http proxy write error ", ec.message());
});
2017-05-29 10:09:24 -04:00
boost::asio::streambuf * readbuff = new boost::asio::streambuf;
boost::asio::async_read_until(conn->GetSocket(), *readbuff, "\r\n\r\n", [=] (const boost::system::error_code & ec, std::size_t transferred) {
if(ec)
{
LogPrint(eLogError, "NTCP: http proxy read error ", ec.message());
timer->cancel();
conn->Terminate();
}
else
{
2017-05-29 10:09:24 -04:00
readbuff->commit(transferred);
i2p::http::HTTPRes res;
2017-05-29 10:09:24 -04:00
if(res.parse(boost::asio::buffer_cast<const char*>(readbuff->data()), readbuff->size()) > 0)
{
if(res.code == 200)
{
timer->cancel();
conn->ClientLogin();
2017-05-29 10:09:24 -04:00
delete readbuff;
return;
}
else
{
LogPrint(eLogError, "NTCP: http proxy rejected request ", res.code);
}
}
else
LogPrint(eLogError, "NTCP: http proxy gave malformed response");
timer->cancel();
conn->Terminate();
2017-05-29 10:09:24 -04:00
delete readbuff;
}
});
}
else
LogPrint(eLogError, "NTCP: unknown proxy type, invalid state");
}
void NTCPServer::AfterSocksHandshake(std::shared_ptr<NTCPSession> conn, std::shared_ptr<boost::asio::deadline_timer> timer, const std::string & host, uint16_t port, RemoteAddressType addrtype)
{
// build request
size_t sz = 0;
uint8_t buff[256];
uint8_t readbuff[256];
buff[0] = 0x05;
buff[1] = 0x01;
buff[2] = 0x00;
if(addrtype == eIP4Address)
{
buff[3] = 0x01;
auto addr = boost::asio::ip::address::from_string(host).to_v4();
auto addrbytes = addr.to_bytes();
auto addrsize = addrbytes.size();
memcpy(buff+4, addrbytes.data(), addrsize);
}
else if (addrtype == eIP6Address)
{
buff[3] = 0x04;
auto addr = boost::asio::ip::address::from_string(host).to_v6();
auto addrbytes = addr.to_bytes();
auto addrsize = addrbytes.size();
memcpy(buff+4, addrbytes.data(), addrsize);
}
else if (addrtype == eHostname)
{
buff[3] = 0x03;
size_t addrsize = host.size();
sz = addrsize + 1 + 4;
if (2 + sz > sizeof(buff))
{
// too big
return;
}
buff[4] = (uint8_t) addrsize;
2017-11-18 09:50:05 -05:00
memcpy(buff+5, host.c_str(), addrsize);
}
htobe16buf(buff+sz, port);
sz += 2;
2017-05-29 02:12:16 -04:00
boost::asio::async_write(conn->GetSocket(), boost::asio::buffer(buff, sz), boost::asio::transfer_all(), [=](const boost::system::error_code & ec, std::size_t written) {
2017-05-29 01:28:16 -04:00
if(ec)
{
LogPrint(eLogError, "NTCP: failed to write handshake to socks proxy ", ec.message());
return;
}
});
2017-11-18 09:50:05 -05:00
boost::asio::async_read(conn->GetSocket(), boost::asio::buffer(readbuff, 10), [=](const boost::system::error_code & e, std::size_t transferred) {
if(e)
{
LogPrint(eLogError, "NTCP: socks proxy read error ", e.message());
}
else if(transferred == sz)
{
if( readbuff[1] == 0x00)
2017-05-29 02:12:16 -04:00
{
timer->cancel();
conn->ClientLogin();
return;
}
2017-05-29 01:28:16 -04:00
}
if(!e)
i2p::data::netdb.SetUnreachable (conn->GetRemoteIdentity ()->GetIdentHash (), true);
timer->cancel();
conn->Terminate();
2017-05-29 01:28:16 -04:00
});
}
2015-02-10 13:05:08 -05:00
void NTCPServer::ScheduleTermination ()
{
m_TerminationTimer.expires_from_now (boost::posix_time::seconds(NTCP_TERMINATION_CHECK_TIMEOUT));
m_TerminationTimer.async_wait (std::bind (&NTCPServer::HandleTerminationTimer,
this, std::placeholders::_1));
}
void NTCPServer::HandleTerminationTimer (const boost::system::error_code& ecode)
{
if (ecode != boost::asio::error::operation_aborted)
2017-05-29 01:28:16 -04:00
{
auto ts = i2p::util::GetSecondsSinceEpoch ();
// established
for (auto& it: m_NTCPSessions)
2017-05-29 01:28:16 -04:00
if (it.second->IsTerminationTimeoutExpired (ts))
{
auto session = it.second;
2019-04-08 22:22:42 +03:00
// Terminate modifies m_NTCPSession, so we postpone it
2017-05-29 01:28:16 -04:00
m_Service.post ([session] {
LogPrint (eLogDebug, "NTCP: No activity for ", session->GetTerminationTimeout (), " seconds");
session->Terminate ();
2017-05-29 01:28:16 -04:00
});
}
// pending
for (auto it = m_PendingIncomingSessions.begin (); it != m_PendingIncomingSessions.end ();)
{
if ((*it)->IsEstablished () || (*it)->IsTerminated ())
it = m_PendingIncomingSessions.erase (it); // established or terminated
else if ((*it)->IsTerminationTimeoutExpired (ts))
{
2017-05-29 01:28:16 -04:00
(*it)->Terminate ();
it = m_PendingIncomingSessions.erase (it); // expired
2017-05-29 01:28:16 -04:00
}
else
it++;
}
2017-05-29 01:28:16 -04:00
ScheduleTermination ();
}
}
}
}