mirror of
https://github.com/servalproject/serval-dna.git
synced 2024-12-20 21:53:12 +00:00
Various fixes and work towards sending MDP frames.
Broadcast and unicast addresses are accepted. Some frame headers are set. Payload is yet to be set, and ciphered &/or signed as required, and queueing is not yet verified.
This commit is contained in:
gardners
parent
c71ddbbd18
commit
30e2540470
@ -398,7 +398,7 @@ int app_mdp_ping(int argc,char **argv,struct command_line_option *o)
|
||||
|
||||
while(1) {
|
||||
/* Now send the ping packets */
|
||||
mdp.packetTypeAndFlags=MDP_TX;
|
||||
mdp.packetTypeAndFlags=MDP_TX|MDP_NOCRYPT|MDP_NOSIGN;
|
||||
/* Set destination to broadcast */
|
||||
for(i=0;i<SID_SIZE;i++) mdp.out.dst.sid[i]=ping_sid[i];
|
||||
/* Set port to well known echo port (from /etc/services) */
|
||||
|
||||
@ -257,9 +257,80 @@ int overlay_mdp_poll()
|
||||
/* Construct MDP packet frame from overlay_mdp_frame structure
|
||||
(need to add return address from bindings list, and copy
|
||||
payload etc). */
|
||||
WHY("Not implemented");
|
||||
overlay_mdp_reply_error(mdp_named_socket,recvaddr_un,recvaddrlen,
|
||||
1,"Sending MDP packets not implemented");
|
||||
{
|
||||
/* Work out if destination is broadcast or not */
|
||||
int i,broadcast=1;
|
||||
for(i=0;i<SID_SIZE;i++) if (mdp->out.dst.sid[i]!=0xff) broadcast=0;
|
||||
|
||||
/* broadcast packets cannot be encrypted, so complain if MDP_NOCRYPT
|
||||
flag is not set. Also, MDP_NOSIGN must also be applied, until
|
||||
NaCl cryptobox keys can be used for signing. */
|
||||
if (broadcast) {
|
||||
printf("flags=0x%x, target=0x%x\n",
|
||||
mdp->packetTypeAndFlags,MDP_NOCRYPT|MDP_NOSIGN);
|
||||
if ((mdp->packetTypeAndFlags&(MDP_NOCRYPT|MDP_NOSIGN))
|
||||
!=(MDP_NOCRYPT|MDP_NOSIGN))
|
||||
return overlay_mdp_reply_error(mdp_named_socket,
|
||||
recvaddr_un,recvaddrlen,5,
|
||||
"Broadcast packets cannot be encrypted "
|
||||
"or signed (signing will be possible in"
|
||||
" a future version).");
|
||||
}
|
||||
|
||||
/* Prepare the overlay frame for dispatch */
|
||||
struct overlay_frame *frame;
|
||||
frame=calloc(sizeof(overlay_frame),1);
|
||||
if (!frame) return WHY("calloc() failed to allocate overlay frame");
|
||||
frame->type=OF_TYPE_DATA;
|
||||
|
||||
/* Work out the disposition of the frame. For now we are only worried
|
||||
about the crypto matters, and not compression that may be applied
|
||||
before encryption (since applying it after is useless as ciphered
|
||||
text should have maximum entropy). */
|
||||
switch(mdp->packetTypeAndFlags&(MDP_NOCRYPT|MDP_NOSIGN)) {
|
||||
case 0: /* crypted and signed (using CryptBox authcryption primitive) */
|
||||
frame->modifiers=OF_CRYPTO_SIGNED|OF_CRYPTO_CIPHERED; break;
|
||||
case MDP_NOSIGN:
|
||||
/* ciphered, but not signed.
|
||||
This means we don't use CryptoBox, but rather a more compact means
|
||||
of representing the ciphered stream segment.
|
||||
*/
|
||||
frame->modifiers=OF_CRYPTO_CIPHERED; break;
|
||||
case MDP_NOCRYPT:
|
||||
/* clear text, but signed (need to think about how to implement this
|
||||
while NaCl cannot sign using CryptoBox keys. We could use a
|
||||
CryptoSign key, and allow queries as to the authenticity of said key
|
||||
via authcrypted channel between the parties. */
|
||||
frame->modifiers=OF_CRYPTO_SIGNED; break;
|
||||
case MDP_NOSIGN|MDP_NOCRYPT: /* clear text and no signature */
|
||||
frame->modifiers=0; break;
|
||||
}
|
||||
frame->ttl=64; /* normal TTL (XXX allow setting this would be a good idea) */
|
||||
/* set source to ourselves
|
||||
XXX should eventually honour binding, which should allow choosing which
|
||||
local identity. This will be required for openbts integration/SIP:MSIP
|
||||
gateways etc. */
|
||||
overlay_frame_set_me_as_source(frame);
|
||||
|
||||
/* Set destination address */
|
||||
if (broadcast)
|
||||
overlay_frame_set_broadcast_as_destination(frame);
|
||||
else{
|
||||
bcopy(&mdp->out.dst.sid[0],frame->destination,SID_SIZE);
|
||||
frame->destination_address_status=OA_RESOLVED;
|
||||
}
|
||||
|
||||
if (overlay_payload_enqueue(OQ_ORDINARY,frame))
|
||||
{
|
||||
if (frame) op_free(frame);
|
||||
return WHY("Error enqueuing frame");
|
||||
}
|
||||
|
||||
WHY("Not implemented");
|
||||
overlay_mdp_reply_error(mdp_named_socket,recvaddr_un,recvaddrlen,
|
||||
1,"Sending MDP packets not implemented");
|
||||
op_free(frame);
|
||||
}
|
||||
break;
|
||||
case MDP_BIND: /* Bind to port */
|
||||
return overlay_mdp_process_bind_request(mdp_named_socket,mdp,
|
||||
@ -297,7 +368,7 @@ int overlay_mdp_dispatch(overlay_mdp_frame *mdp,int flags,int timeout_ms)
|
||||
|
||||
/* Minimise frame length to save work and prevent accidental disclosure of
|
||||
memory contents. */
|
||||
switch(mdp->packetTypeAndFlags)
|
||||
switch(mdp->packetTypeAndFlags&MDP_TYPE_MASK)
|
||||
{
|
||||
case MDP_TX: len=4+sizeof(mdp->out)+mdp->out.payload_length; break;
|
||||
case MDP_RX: len=4+sizeof(mdp->in)+mdp->out.payload_length; break;
|
||||
|
||||
@ -225,6 +225,15 @@ int overlay_frame_set_neighbour_as_destination(overlay_frame *f,overlay_neighbou
|
||||
return 0;
|
||||
}
|
||||
|
||||
int overlay_frame_set_broadcast_as_destination(overlay_frame *f)
|
||||
{
|
||||
overlay_broadcast_generate_address(f->destination);
|
||||
f->destination_address_status=OA_RESOLVED;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
unsigned char *overlay_get_my_sid()
|
||||
{
|
||||
|
||||
|
||||
10
serval.h
10
serval.h
@ -732,8 +732,10 @@ extern unsigned char *overlay_local_identities[OVERLAY_MAX_LOCAL_IDENTITIES];
|
||||
#define OF_CRYPTO_BITS 0x0c
|
||||
#define OF_CRYPTO_NONE 0x00
|
||||
#define OF_CRYPTO_CIPHERED 0x04 /* Encrypted frame */
|
||||
#define OF_CRYPTO_SIGNED 0x08 /* Encrypted and Digitally signed frame */
|
||||
#define OF_CRYPTO_PARANOID 0x0c /* Encrypted and digitally signed frame, with final destination address also encrypted. */
|
||||
#define OF_CRYPTO_SIGNED 0x08 /* signed frame */
|
||||
/* The following was previously considered, but is not being implemented at this
|
||||
time.
|
||||
#define OF_CRYPTO_PARANOID 0x0c Encrypted and digitally signed frame, with final destination address also encrypted. */
|
||||
|
||||
/* Data compression */
|
||||
#define OF_COMPRESS_BITS 0x03
|
||||
@ -869,6 +871,8 @@ unsigned char *overlay_get_my_sid();
|
||||
int overlay_frame_set_me_as_source(overlay_frame *f);
|
||||
int overlay_frame_set_neighbour_as_source(overlay_frame *f,overlay_neighbour *n);
|
||||
int overlay_frame_set_neighbour_as_destination(overlay_frame *f,overlay_neighbour *n);
|
||||
int overlay_frame_set_broadcast_as_destination(overlay_frame *f);
|
||||
int overlay_broadcast_generate_address(unsigned char *a);
|
||||
int overlay_update_sequence_number();
|
||||
int packetEncipher(unsigned char *packet,int maxlen,int *len,int cryptoflags);
|
||||
int overlayServerMode();
|
||||
@ -993,6 +997,8 @@ typedef struct sockaddr_mdp {
|
||||
#define MDP_TYPE_MASK 0xff
|
||||
#define MDP_FLAG_MASK 0xff00
|
||||
#define MDP_FORCE 0x0100
|
||||
#define MDP_NOCRYPT 0x0200
|
||||
#define MDP_NOSIGN 0x0400
|
||||
#define MDP_TX 1
|
||||
typedef struct overlay_mdp_outgoing_frame {
|
||||
sockaddr_mdp dst;
|
||||
|
||||
Loading…
Reference in New Issue
Block a user