From f93216f369eed462dd82e8f4523538afe4be29ee Mon Sep 17 00:00:00 2001 From: Jeremy Lakeman Date: Fri, 19 Oct 2012 14:56:20 +1030 Subject: [PATCH] Remove dead code --- Android.mk | 6 - Makefile.in | 7 - batman.c | 320 --------------------------------- ciphers.c | 79 --------- client.c | 348 ------------------------------------ dna_identity.c | 176 ------------------- dnawrap.c | 30 ---- main.c | 1 - packetformats.c | 457 ------------------------------------------------ peers.c | 231 ------------------------ responses.c | 128 -------------- serval.h | 121 ------------- server.c | 406 ------------------------------------------ simulate.c | 42 ----- 14 files changed, 2352 deletions(-) mode change 100644 => 100755 Makefile.in delete mode 100644 batman.c delete mode 100644 ciphers.c delete mode 100644 client.c delete mode 100644 dna_identity.c delete mode 100644 dnawrap.c delete mode 100644 peers.c delete mode 100644 responses.c delete mode 100644 simulate.c diff --git a/Android.mk b/Android.mk index df2adf6d..6fde92cd 100644 --- a/Android.mk +++ b/Android.mk @@ -10,11 +10,8 @@ SERVALD_SRC_FILES = \ serval-dna/overlay_payload.c \ serval-dna/overlay_route.c \ serval-dna/overlay_mdp.c \ - serval-dna/batman.c \ serval-dna/crypto.c \ - serval-dna/ciphers.c \ serval-dna/cli.c \ - serval-dna/client.c \ serval-dna/commandline.c \ serval-dna/conf.c \ serval-dna/dataformats.c \ @@ -31,7 +28,6 @@ SERVALD_SRC_FILES = \ serval-dna/overlay_address.c \ serval-dna/performance_timing.c \ serval-dna/packetformats.c \ - serval-dna/peers.c \ serval-dna/randombytes.c \ serval-dna/rhizome.c \ serval-dna/rhizome_bundle.c \ @@ -42,11 +38,9 @@ SERVALD_SRC_FILES = \ serval-dna/rhizome_packetformats.c \ serval-dna/rhizome_direct.c \ serval-dna/rhizome_direct_http.c \ - serval-dna/responses.c \ serval-dna/serval_packetvisualise.c \ serval-dna/server.c \ serval-dna/sha2.c \ - serval-dna/simulate.c \ serval-dna/srandomdev.c \ serval-dna/str.c \ serval-dna/keyring.c \ diff --git a/Makefile.in b/Makefile.in old mode 100644 new mode 100755 index b520ae6d..34337ff0 --- a/Makefile.in +++ b/Makefile.in @@ -3,10 +3,7 @@ include $(NACL_BASE)/nacl.mk SRCS= $(NACL_SOURCES) \ audiodevices.c \ audio_reflector.c \ - batman.c \ - ciphers.c \ cli.c \ - client.c \ codecs.c \ commandline.c \ conf.c \ @@ -14,7 +11,6 @@ SRCS= $(NACL_SOURCES) \ dataformats.c \ directory_client.c \ dna_helper.c \ - dna_identity.c \ encode.c \ fdqueue.c \ fifo.c \ @@ -41,9 +37,7 @@ SRCS= $(NACL_SOURCES) \ overlay_route.c \ packetformats.c \ performance_timing.c \ - peers.c \ randombytes.c \ - responses.c \ rhizome.c \ rhizome_bundle.c \ rhizome_crypto.c \ @@ -57,7 +51,6 @@ SRCS= $(NACL_SOURCES) \ server.c \ sha2.c \ sighandlers.c \ - simulate.c \ sqlite-amalgamation-3070900/sqlite3.c \ srandomdev.c \ str.c \ diff --git a/batman.c b/batman.c deleted file mode 100644 index f02b9f51..00000000 --- a/batman.c +++ /dev/null @@ -1,320 +0,0 @@ -/* -Serval Distributed Numbering Architecture (DNA) -Copyright (C) 2010 Paul Gardner-Stephen - -This program is free software; you can redistribute it and/or -modify it under the terms of the GNU General Public License -as published by the Free Software Foundation; either version 2 -of the License, or (at your option) any later version. - -This program is distributed in the hope that it will be useful, -but WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -GNU General Public License for more details. - -You should have received a copy of the GNU General Public License -along with this program; if not, write to the Free Software -Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. -*/ - -#include -#include -#include -#include -#include -#include -#include "serval.h" - -struct reachable_peer { - unsigned char addr_len; - unsigned char addr[32]; - unsigned char tq_avg; -}; - -#ifndef RTF_UP -/* Keep this in sync with /usr/src/linux/include/linux/route.h */ -#define RTF_UP 0x0001 /* route usable */ -#define RTF_GATEWAY 0x0002 /* destination is a gateway */ -#define RTF_HOST 0x0004 /* host entry (net otherwise) */ -#define RTF_REINSTATE 0x0008 /* reinstate route after tmout */ -#define RTF_DYNAMIC 0x0010 /* created dyn. (by redirect) */ -#define RTF_MODIFIED 0x0020 /* modified dyn. (by redirect) */ -#define RTF_MTU 0x0040 /* specific MTU for this route */ -#ifndef RTF_MSS -#define RTF_MSS RTF_MTU /* Compatibility :-( */ -#endif -#define RTF_WINDOW 0x0080 /* per route window clamping */ -#define RTF_IRTT 0x0100 /* Initial round trip time */ -#define RTF_REJECT 0x0200 /* Reject route */ -#endif - -int readRoutingTable(struct in_addr peers[],int *peer_count,int peer_max){ - char devname[64]; - unsigned long d, g, m; - int flgs, ref, use, metric, mtu, win, ir; - - if (debug&DEBUG_PEERS) DEBUG("Reading routing table"); - - FILE *fp = fopen("/proc/net/route","r"); - if (!fp) return -1; - - if (debug&DEBUG_PEERS) DEBUG("Skipping line"); - if (fscanf(fp, "%*[^\n]\n") < 0) - goto ERROR; - - while(1){ - int r; - if (debug&DEBUG_PEERS) DEBUG("Reading next route"); - r = fscanf(fp, "%63s%lx%lx%X%d%d%d%lx%d%d%d\n", - devname, &d, &g, &flgs, &ref, &use, &metric, &m, - &mtu, &win, &ir); - - if (r != 11) { - if ((r < 0) && feof(fp)) { /* EOF with no (nonspace) chars read. */ - if (debug&DEBUG_PEERS) DEBUG("eof"); - break; - } - ERROR: - fclose(fp); - return WHY("Unable to parse routing table"); - } - - if (!(flgs & RTF_UP)) { /* Skip interfaces that are down. */ - if (debug&DEBUG_PEERS) DEBUGF("Skipping down interface %s",devname); - continue; - } - - if (m!=0xFFFFFFFF){ - /* Netmask indicates a network, so calculate broadcast address */ - d=(d&m)|(0xffffffff^m); - if (debug&DEBUG_PEERS) DEBUGF("Adding broadcast address %08lx",d); - } - - if (*peer_countui32; - if (*peer_count256) return WHY("BATMAN socket path too long"); - strcpy(socket_address.sun_path,socket_path); - - /* Connect the socket */ - if (connect(sock,(struct sockaddr*)&socket_address,sizeof(socket_address))<0) - return WHY("connect() to BATMAN socket failed."); - - char cmd[30]; - snprintf(cmd, sizeof cmd, "d:%c", 1); - cmd[sizeof cmd - 1] = '\0'; - if (write(sock,cmd,30) != 30) { - close(sock); - return WHY("write() command failed to BATMAN socket."); - } - - fds.fd=sock; - fds.events=POLLIN; - - getmore: - - while(notDone) - { - switch (poll(&fds,1,1500)) { - case 1: /* Excellent - we have a response */ break; - case 0: if (debug&DEBUG_PEERS) DEBUGF("BATMAN did not respond to peer enquiry"); - close(sock); - if (tries++<=3) goto askagain; - return WHY("No response from BATMAN."); - default: /* some sort of error, e.g., lost connection */ - close(sock); - return WHY("poll() of BATMAN socket failed."); - } - - res=read(sock,&buf[bytes],16383-bytes); close(sock); - ofs=0; - if (res<1) { - if (bytes) - { - /* Got a partial response, then a dead line. - Should probably ask again unless we have tried too many times. - */ - if (debug&DEBUG_PEERS) DEBUGF("Trying again after cold drop"); - close(sock); - bytes=0; - if (tries++<=3) goto askagain; - else return WHY("failed to read() from BATMAN socket (too many tries)."); - } - return WHY("failed to read() from BATMAN socket."); - } - if (!res) return 0; - if (debug&DEBUG_PEERS) DEBUGF("BATMAN has responded with %d bytes",res); - - if (debug&DEBUG_PEERS) dump("BATMAN says",&buf[bytes],res); - - if (res<80 /*||buf[bytes]!='B' -- turns out we can't rely on this, either */ - ||buf[bytes+res-1]!=0x0a||buf[bytes+res-4]!='E') - { - /* Jolly BATMAN on Android sometimes sends us bung packets from time to - time. Sometimes it is fragmenting, other times it is just plain - odd. - If this happens, we should just ask again. - We should also try to reassemble fragments. - - Sometimes we get cold-drops and resumes, too. Yay. - */ - if (buf[bytes+res-4]!='E') { - /* no end marker, so try adding record to the end. */ - if (debug&DEBUG_PEERS) DEBUGF("Data has no end marker, accumulating"); - bytes+=res; - goto getmore; - } - close(sock); - goto askagain; - } - bytes+=res; - - while(ofs=' '&&(ofs -#include -#include -#include -#include "serval.h" - -int sock = -1; -char *outputtemplate = NULL; - -static int dnatimeout = 3000; /* default 3000 ms request timeout */ - -int packetSendFollowup(struct in_addr destination, - unsigned char *packet,int packet_len) -{ - struct sockaddr_in peer_addr; - int r; - - bzero(&peer_addr, sizeof(peer_addr)); - peer_addr.sin_family=AF_INET; - peer_addr.sin_port = htons( PORT_DNA ); - peer_addr.sin_addr.s_addr=destination.s_addr; - - if (!serverMode) { - sock=socket(PF_INET,SOCK_DGRAM,0); - if (sock == -1) { - WHY_perror("socket"); - FATAL("Could not create UDP socket"); - } - r=1; - setsockopt(sock, SOL_SOCKET, SO_BROADCAST, &r, sizeof(r)); - } - - r=sendto(sock,packet,packet_len,0,(struct sockaddr *)&peer_addr,sizeof(peer_addr)); - if (rdnatimeout) - { - this_timeout=dnatimeout/(3*peer_count); - if (this_timeout<10) this_timeout=10; /* 10ms minimum sending interval */ - } - } else - { peer_low=-1; peer_high=-1;} - - while(cumulative_timeout<=dnatimeout) - { - /* If not in serial mode, then send request to everyone immediately. - Make sure we only ask once in parallel mode, since it will always ask everyone */ - if (method==REQ_PARALLEL) sendToPeers(packet,packet_len,method,0,responses); - else if (method!=REQ_SERIAL) - for(i=0;i-1) sendToPeers(packet,packet_len,REQ_SERIAL,i,responses); - - /* Placing the timeout calculation here means that the total timeout is shared among - all peers in a serial request, but round-robining after each time-step. - We adjust this_timeout if there are many peers to allow 3 sends to each peer where possible. - */ - cumulative_timeout+=this_timeout; - timeout_remaining=this_timeout; - - while(1) - { - /* Wait for response */ - int r=getReplyPackets(method,i,batchP,responses,transaction_id,recvaddr,timeout_remaining); - if (r && (debug & DEBUG_DNARESPONSES)) DEBUG("returned on timeout"); - - switch(method) - { - case REQ_PARALLEL: - /* XXX We could stop once all peers have replied. - (need to update the test script if we do that, so that it tests with multiple - peers and so tests that we wait if not all peers have responded) */ - break; - case REQ_FIRSTREPLY: - if (debug&DEBUG_DNARESPONSES) DEBUGF("Returning with first reply (REQ_FIRSTREPLY)"); - if (!r) return 0; - break; - case REQ_SERIAL: - if (!r) { - /* Stop if we have an affirmative response. - XXX - doesn't allow for out of order replies. */ - if (debug&DEBUG_DNARESPONSES) dumpResponses(responses); - rr=responses->last_response; - while (rr) - { - if (rr->checked) break; - if (debug&DEBUG_DNARESPONSES) - DEBUGF("Got a response code 0x%02x, checking if that is what we need",rr->code); - switch (rr->code) - { - case ACTION_OKAY: case ACTION_DATA: - /* bingo */ - if (!batchP) return 0; - break; - } - rr->checked=1; - rr=rr->prev; - } - - /* not what we are after, so clear response and try with next peer */ - clearResponses(responses); - } - break; - } - - /* Wait for the previous timeout to really expire, - (this is for the case where all peers have replied) */ - { - int elapsed_usecs=0; - int cumulative_usecs=cumulative_timeout*1000; - int remaining_usecs; - - gettimeofday(&now,NULL); - elapsed_usecs=(now.tv_sec-time_in.tv_sec)*1000000; - elapsed_usecs+=(now.tv_usec-time_in.tv_usec); - - remaining_usecs=cumulative_usecs-elapsed_usecs; - - if (remaining_usecs<=0) break; - else timeout_remaining=remaining_usecs/1000; - } - - } - } - cumulative_timeout+=this_timeout; - } - if ((debug&DEBUG_DNARESPONSES) && cumulative_timeout>=dnatimeout) - DEBUGF("Request timed out after retries (timeout=%d, elapsed=%d)", - dnatimeout,cumulative_timeout); - - return 0; -} - -/* Some data types can end in @ if they require the address of the sender to be appended for correct local interpretation */ -int fixResponses(struct response_set *responses) -{ - struct response *rr; - - if (debug&DEBUG_DNARESPONSES) DEBUG("Fixing response set"); - - if (!responses) return -1; - - rr=responses->responses; - while(rr) - { - if (debug&DEBUG_DNARESPONSES) - DEBUGF(" len=%d, rr->code=%02x, rr->var_id=%02x", - rr->value_bytes,rr->code,rr->var_id); - if (rr->value_bytes>0&&rr->code==ACTION_DATA&&rr->var_id==VAR_LOCATIONS) - { - if (debug&DEBUG_DNARESPONSES) - DEBUGF(" response='%s'",rr->response); - if (rr->response[rr->value_bytes-1]=='@') - { - /* Append response with IP address of sender */ - char *addr=inet_ntoa(rr->sender); - int alen=strlen(addr); - char *new = malloc(rr->value_bytes+alen+1); - if (debug&DEBUG_DNARESPONSES) - DEBUGF("Fixing LOCATIONS response '%s' received from '%s (0x%08x)'", - rr->response,addr,(unsigned int)rr->sender.s_addr); - if (!new) return -1; - bcopy(rr->response,new,rr->value_bytes); - bcopy(addr,&new[rr->value_bytes],alen+1); - free(rr->response); rr->response=NULL; - rr->response=(unsigned char *)new; - rr->value_len+=alen; - rr->value_bytes+=alen; - new[rr->value_len]=0; /* Make sure it is null terminated */ - if (debug&DEBUG_DNARESPONSES) DEBUGF("Response string now '%s'",rr->response); - } - } - rr=rr->next; - } - return 0; -} - -int getReplyPackets(int method,int peer,int batchP,struct response_set *responses, - unsigned char *transaction_id,struct sockaddr *recvaddr,int timeout) -{ - /* set timeout alarm */ - - /* get packets until timeout, or until we get a packet from the specified peer - if method==REQ_SERIAL. If REQ_SERIAL we also reject packets from other - senders as they must be spoofs. - */ - struct timeval t; - int timeout_secs; - int timeout_usecs; - int to=timeout; - - if (debug&DEBUG_DNARESPONSES) DEBUGF("getReplyPackets(policy=%d)",method); - - /* Work out when the timeout will expire */ - gettimeofday(&t,NULL); - timeout_secs=t.tv_sec; timeout_usecs=t.tv_usec; - if (to>1000) { timeout_secs+=(to/1000); to=to%1000; } - timeout_usecs+=to*1000; if (timeout_usecs>1000000) { timeout_secs++; timeout_usecs-=1000000; } - - while(1) { - unsigned char buffer[16384]; - struct sockaddr sender; - socklen_t recvaddrlen = sizeof(struct sockaddr); - struct pollfd fds; - - if (recvaddr) bzero((void *)recvaddr,sizeof(struct sockaddr)); - fds.fd=sock; fds.events=POLLIN; fds.revents=0; - - while (poll(&fds,1,10 /* wait for 10ms at a time */)==0) - { - gettimeofday(&t,NULL); - if (t.tv_sec>timeout_secs) return 1; - if (t.tv_sec==timeout_secs&&t.tv_usec>=timeout_usecs) return 1; - } - - /* Use this temporary socket address structure if one was not supplied */ - struct sockaddr reply_recvaddr; - int ttl=-1; - if (!recvaddr) recvaddr=&reply_recvaddr; - - ssize_t len = recvwithttl(sock,buffer,sizeof(buffer),&ttl,recvaddr,&recvaddrlen); - if (len == -1) - return WHY("Unable to receive packet."); - - if (recvaddr) { - client_port=((struct sockaddr_in *)recvaddr)->sin_port; - client_addr=((struct sockaddr_in *)recvaddr)->sin_addr; - if (debug&DEBUG_DNARESPONSES) DEBUGF("Received reply from %s (len=%lld)", inet_ntoa(client_addr), (long long) len); - if (debug&DEBUG_DNARESPONSES) dump("recvaddr", (unsigned char *)&sender, recvaddrlen); - if (debug&DEBUG_DNARESPONSES) dump("packet", (unsigned char *)buffer, len); - } - - if (dropPacketP(len)) { - if (debug&DEBUG_DNARESPONSES) DEBUGF("Simulation mode: Dropped packet due to simulated link parameters"); - continue; - } - if (!packetOk(NULL,buffer,len,transaction_id,ttl,recvaddr,recvaddrlen,0)) { - /* Packet passes tests - extract responses and append them to the end of the response list */ - if (extractResponses(client_addr,buffer,len,responses)) - return WHY("Problem extracting response fields from reply packets"); - if (method==REQ_SERIAL||method==REQ_FIRSTREPLY) { - if (!batchP) return 0; - /* In batch mode we need ACTION_DONE to mark end of transmission. - While it gets sent last, out-of-order delivery means we can't rely on - such a nice arrangement. */ - { - /* XXX inefficient for long lists. - XXX can be made better by working backwards from end using double-linked list and - remembering the previous length of the list */ - struct response *r=responses->responses; - while(r) - { - if (r->code==ACTION_DONE) return 0; - r=r->next; - } - } - } - else { - if (debug&DEBUG_DNARESPONSES) DEBUGF("Waiting for more packets, since called with policy %d",method); - } - } else { - if (debug&(DEBUG_PACKETRX|DEBUG_DNARESPONSES)) DEBUG("Ignoring invalid packet"); - } - } -} diff --git a/dna_identity.c b/dna_identity.c deleted file mode 100644 index 550714c3..00000000 --- a/dna_identity.c +++ /dev/null @@ -1,176 +0,0 @@ -/* -Serval Distributed Numbering Architecture (DNA) -Copyright (C) 2010 Paul Gardner-Stephen - -This program is free software; you can redistribute it and/or -modify it under the terms of the GNU General Public License -as published by the Free Software Foundation; either version 2 -of the License, or (at your option) any later version. - -This program is distributed in the hope that it will be useful, -but WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -GNU General Public License for more details. - -You should have received a copy of the GNU General Public License -along with this program; if not, write to the Free Software -Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. -*/ - -/* - This module is responsible for managing the known list of DID:SID:name mappings, - and any signatures that vouch for those mappings. Similarly, we wish to be able - to advertise our mapping and any signatures that vouch for us. - - We have the choice of using the rhizome database, some other persistent storage - or an in-memory structure. It would be nice to have a fall-back for when we don't - have the means to run sqlite. A small in-memory cache will likely be used, - regardless. This initial implementation assumes that we have sqlite and the rhizome - database instance available. - - So what data do we actually need to tell whether we have verified an identity or not? - We need a DID:SID[:name] tuple. - We also need the scope for us to mark a given tuple as verified by ourselves, e.g., - using a Diffie-Hellman type exchange between handsets. - Finally, we want the ability to store any signatures that vouch for the identity of - a given party. -*/ - -#include "serval.h" -#include "rhizome.h" - -/* - Look up the verification data for the first matching DID, NAME and/or SID. - (SIDs really should be unique of course). - If more than one constraint are provided, then the search results are constrained - by all provided values. - - Subsequent results can be found by calling dnacache_lookup_next(); - - The operation of this call is greatly simplified by the single-threaded operation - of DNA, meaning that we don't have to be reentrant, so we can retain a database - cursor and generally make life simple. - - So what kind of results do we need to actually return? - I guess the initial need is for a simple VERIFIED/NOTVERIFIED result, and - perhaps make the list of certifying identities available. Again the - single-threaded nature of DNA makes this much simpler than a reentrant version - would need to be. - - Database schema is: - - "CREATE TABLE IF NOT EXISTS VERIFICATIONS(sid text not null, did text, name text,starttime integer, endtime integer,signature blob);" - -*/ - -/* Cache of verifications. - This really doesn't need to be too large. */ -#define DNA_IDENTITY_CACHE_SIZE 16 -int dna_identity_cache_initialisedP=0; -dna_identity_status dna_identity_cache[DNA_IDENTITY_CACHE_SIZE]; - -int dnacache_lookup_next_slot_to_examine=0; -char *dnacache_lookup_did=NULL; -char *dnacache_lookup_name=NULL; -char *dnacache_lookup_sid=NULL; -int dnacache_lookup_complete=1; -int dnacache_lookup_sidfound=0; - - -dna_identity_status *dnacache_lookup(char *did,char *name,char *sid) -{ - /* Mark all slots as unused initially */ - if (!dna_identity_cache_initialisedP) { - int i; - for(i=0;iinitialisedP) continue; - if (dnacache_lookup_sid&&(strcasecmp(dnacache_lookup_sid,slot->sid))) - continue; - else dnacache_lookup_sidfound=1; - if (dnacache_lookup_did&&(strcasecmp(dnacache_lookup_did,slot->did))) - continue; - if (dnacache_lookup_name&&(strcasecmp(dnacache_lookup_name,slot->name))) - continue; - - if (dnacache_lookup_sid&&dnacache_lookup_sidfound) - /* SIDs are unique, a SID was specified, and a matching record was found, - therefore no database query is required. */ - dnacache_lookup_complete=1; - if (slot->uniqueDidAndName&&dnacache_lookup_did&&dnacache_lookup_name) - /* If the entry is known to be the only such DID/name combination, - then we need look no further */ - dnacache_lookup_complete=1; - - /* Well, we passed all the slots, so it must be us */ - return slot; - } - - WHY("Do database lookup"); - return NULL; -} - -/* - Record/update the verification status of a DID/SID combination. - - If signature is not null, then add this signature to the list of verifications - for the specified DID/SID/NAME combination. NAME may be omitted. - - If revokeVerificationP is non-zero, then all existing verifications for the - specified identity will be revoked. -*/ -int dnacache_update_verification(char *did,char *sid,char *name, - char *signature,int revokeVerificationP) -{ - return WHY("Not implemented"); -} - -/* Sign a verification record ourselves for the specified identity, by creating - and storing signature and adding record to the cache. */ -int dnacache_vouch_for_identity(char *did,char *sid,char *name) -{ - return WHY("Not implemented"); -} - diff --git a/dnawrap.c b/dnawrap.c deleted file mode 100644 index f10b2e99..00000000 --- a/dnawrap.c +++ /dev/null @@ -1,30 +0,0 @@ -/* -Serval Distributed Numbering Architecture (DNA) -Copyright (C) 2010 Paul Gardner-Stephen - -This program is free software; you can redistribute it and/or -modify it under the terms of the GNU General Public License -as published by the Free Software Foundation; either version 2 -of the License, or (at your option) any later version. - -This program is distributed in the hope that it will be useful, -but WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -GNU General Public License for more details. - -You should have received a copy of the GNU General Public License -along with this program; if not, write to the Free Software -Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. -*/ - -#include -#include - -int main(int argc,char **argv) -{ - void *h = dlopen("/data/data/org.servalproject/lib/libdnalib.so",RTLD_LAZY); - int (*dnamain)(int,char **) = dlsym(h,"main"); - if (!dnamain) return fprintf(stderr,"Could not load libdnalib.so\n"); - return (*dnamain)(argc,argv); - -} diff --git a/main.c b/main.c index bd2611a4..041da7aa 100644 --- a/main.c +++ b/main.c @@ -29,7 +29,6 @@ int main(int argc, char **argv) signal(SIGPIPE,sigPipeHandler); signal(SIGIO,sigIoHandler); - memabuseInit(); srandomdev(); server_save_argv(argc, (const char*const*)argv); int status = parseCommandLine(argv[0], argc - 1, (const char*const*)&argv[1]); diff --git a/packetformats.c b/packetformats.c index 0fe8d3be..be8bbb9e 100644 --- a/packetformats.c +++ b/packetformats.c @@ -19,58 +19,12 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. #include "serval.h" -int process_packet(unsigned char *packet, size_t len, - int recvttl,struct sockaddr *sender, size_t sender_len) -{ - //int authenticatedP=0; - char did[128]; - char sid[128]; - unsigned char *transaction_id=&packet[OFS_TRANSIDFIELD]; - - did[0]=0; sid[0]=0; - - /* Get DID or SID */ - if (packetGetID(packet,len,did,sid) == -1) - return WHY("Could not parse DID or SID"); - - /* Check for PIN */ - if (!isFieldZeroP(packet,OFS_PINFIELD,16)) - { - /* Authentication has been attempted. - If it is incorrect, then we need to return with ACTION_DECLINED - */ - if (debug&DEBUG_SECURITY) DEBUG("A PIN has been supplied"); - - /* Can only authenticate by SID, not DID (since DIDs are ambiguous) */ - if (packet[OFS_SIDDIDFIELD]!=1) return WHY("You can only authenticate against a SID"); - - /* XXX check authentication */ - return WHY("Authentication not yet supported"); - } - else - { - /* No attempt at authentication was made */ - //authenticatedP=0; - if (debug&DEBUG_SECURITY) DEBUG("No PIN was supplied"); - } - - if (serverMode) return processRequest(packet,len,sender,sender_len,transaction_id, - recvttl,did,sid); - - return 0; -} - int packetOk(struct overlay_interface *interface, unsigned char *packet, size_t len, unsigned char *transaction_id,int ttl, struct sockaddr *recvaddr, size_t recvaddrlen,int parseP) { if (lenkeypair_count;i++) - if (id->keypairs[i]->type==KEYTYPE_CRYPTOBOX) - { sid=id->keypairs[i]->public_key; break; } - - if (!sid) return WHY("Could not find SID in identity"); - - /* find and copy SID from identity */ - int ofs=OFS_SIDDIDFIELD; - packet[ofs++]=0x01; /* SID */ - bcopy(sid,&packet[ofs],SID_SIZE); - return 0; -} - - -int packetFinalise(unsigned char *packet,int packet_maxlen,int recvttl, - int *packet_len,int cryptoflags) -{ - /* Add any padding bytes and EOT to packet */ - int paddingBytes=rand()&0xf; - int payloadRotation; - - if (paddingBytes) - { - CHECK_PACKET_LEN(2+paddingBytes); - packet[(*packet_len)++]=ACTION_PAD; - packet[(*packet_len)++]=paddingBytes; - while(paddingBytes--) packet[(*packet_len)++]=random()&0xff; - } - - /* tell requester what the ttl was when we received the packet */ - if (recvttl>-1) { - CHECK_PACKET_LEN(2); - packet[(*packet_len)++]=ACTION_RECVTTL; - packet[(*packet_len)++]=recvttl; - } - - /* mark end of packet */ - CHECK_PACKET_LEN(1); - packet[(*packet_len)++]=ACTION_EOT; - - /* Set payload length */ - packet[4]=((*packet_len)>>8)&0xff; - packet[5]=((*packet_len)&0xff); - - /* Work out by how much to rotate the packet payload. - The purpose of the rotation is to make it more difficult to - conduct a known-plaintext attack against any ciphers that we - may later support. - */ - payloadRotation=(*packet_len)-HEADERFIELDS_LEN; - if (payloadRotation>0xff) payloadRotation=0xff; - payloadRotation=random()%payloadRotation; - if (debug&DEBUG_SECURITY) { - DEBUGF("Known Plaintext counter-measure: rotating packet payload by 0x%02x bytes", - payloadRotation); - dump("unrotated packet",packet,*packet_len); - } - - /* Now rotate the payload */ - { - unsigned char temp[256]; - - /*Copy first part of payload to a temporary buffer */ - bcopy(&packet[HEADERFIELDS_LEN],&temp[0],payloadRotation); - /* Copy the main part of the payload left by the rotation factor */ - bcopy(&packet[HEADERFIELDS_LEN+payloadRotation],&packet[HEADERFIELDS_LEN], - (*packet_len)-(HEADERFIELDS_LEN)-payloadRotation); - /* Copy the temporary buffer to the end of the packet to complete the rotation */ - bcopy(&temp[0],&packet[(*packet_len)-payloadRotation],payloadRotation); - } - packet[OFS_ROTATIONFIELD]=payloadRotation; - if (debug&DEBUG_SECURITY) dump("rotated packet",packet,*packet_len); - - if (cryptoflags) return packetEncipher(packet,packet_maxlen,packet_len,cryptoflags); - - return 0; -} - -int extractRequest(unsigned char *packet,int *packet_ofs,int packet_len, - int *itemId,int *instance,unsigned char *value, - int *start_offset,int *bytes,int *flags) -{ - if (*packet_ofs<0||(*packet_ofs)+6>=packet_len) - return WHY("mal-formed request packet (packet too short/bad offset)"); - - *itemId=packet[(*packet_ofs)++]; - - if ((*itemId)&0x80) *instance=packet[(*packet_ofs)++]; else *instance=0; - if (*instance==0xff) *instance=-1; - - *start_offset=packet[(*packet_ofs)++]<<8; - *start_offset|=packet[(*packet_ofs)++]; - - *bytes=packet[(*packet_ofs)++]<<8; - *bytes|=packet[(*packet_ofs)++]; - - *flags=packet[(*packet_ofs)++]; - if (debug&DEBUG_PACKETFORMATS) DEBUGF("Write flags = 0x%02x",*flags); - - if (*packet_ofs<0||(*packet_ofs)+(*bytes)>=packet_len) - { - if (debug&DEBUG_PACKETFORMATS) DEBUGF("Packet offset is %d, length is %d, and asked for %d bytes",*packet_ofs,packet_len,*bytes); - return WHY("mal-formed request packet (too short for claimed data)"); - } - - bcopy(&packet[*packet_ofs],value,*bytes); - (*packet_ofs)+=*bytes; - - return 0; -} - - -int extractResponses(struct in_addr sender,unsigned char *buffer,int len,struct response_set *responses) -{ - int ofs=OFS_PAYLOAD; - - struct response *first_response=NULL; - - while(ofscode=buffer[ofs]; - r->sender=sender; - /* XXX doesn't make sure it is SID instead of DID */ - bcopy(&buffer[HEADERFIELDS_LEN+1],r->sid,SID_SIZE); - - switch(buffer[ofs]) - { - case ACTION_EOT: - if (debug&DEBUG_DNARESPONSES) DEBUGF("Reached response packet EOT"); - case ACTION_DECLINED: case ACTION_OKAY: - case ACTION_CREATEHLR: - r->response_len=0; break; - case ACTION_GET: - /* Followed by variable # to fetch. - XXX If variable number >=0x80 then get instance information */ - r->response_len=1; break; - case ACTION_ERROR: - r->response_len=buffer[++ofs]; - break; - case ACTION_DATA: - /* Extract variable value */ - unpackageVariableSegment(&buffer[ofs+1],len-ofs,WITHDATA,r); - break; - case ACTION_DONE: - r->value_offset=buffer[ofs+1]; - r->response_len=1; - break; - case ACTION_PAD: - /* Skip padding bytes */ - r->response_len=1+buffer[ofs+1]; - break; - case ACTION_WROTE: - /* Extract info about the variable segment that was written. - This uses the same format as the request to write it, but without the data */ - unpackageVariableSegment(&buffer[ofs+1],len-ofs,WITHOUTDATA,r); - r->response=NULL; - break; - case ACTION_RECVTTL: - r->recvttl=buffer[ofs+1]; - r->response_len=1; - /* Attach TTL to other responses from this packet */ - { - struct response *rr=first_response; - while(rr) { - rr->recvttl=r->recvttl; - rr=rr->next; - } - } - break; - case ACTION_SET: - case ACTION_DEL: - case ACTION_XFER: - default: - free(r); - if (debug&(DEBUG_DNARESPONSES|DEBUG_PACKETFORMATS)) DEBUGF("Encountered unimplemented response code 0x%02x @ 0x%x",buffer[ofs],ofs); - fixResponses(responses); - return WHY("Encountered unimplemented response type"); - } - ofs++; - if (r->response_len) { - /* extract bytes of response */ - unsigned char *rr; - if (r->response) rr=r->response; else rr=&buffer[ofs]; - r->response=malloc(r->response_len+1); - if (!r->response) exit(WHY("malloc() failed.")); - bcopy(&rr[0],r->response,r->response_len); - r->response[r->response_len]=0; - ofs+=r->response_len; - } - - /* Work out peer ID */ - r->sender=sender; - for(r->peer_id=0;r->peer_idpeer_id++) - { - if (sender.s_addr==peers[r->peer_id].s_addr) break; - } - if (r->peer_id>peer_count) r->peer_id=-1; - - /* Link new response into chain */ - if (debug&DEBUG_DNARESPONSES) DEBUGF("Linking response into response set"); - r->prev=responses->last_response; - if (responses->last_response) - responses->last_response->next=r; - else - responses->responses=r; - responses->last_response=r; - responses->response_count++; - - if (!first_response) first_response=r; - - responseFromPeer(responses,r->peer_id); - - if (debug&DEBUG_DNARESPONSES) dumpResponses(responses); - } - - fixResponses(responses); - return 0; -} - -int packageVariableSegment(unsigned char *data,int *dlen, - struct response *h, - int offset,int buffer_size) -{ - int bytes; - int dlen_in=*dlen; - - if ((buffer_size-(*dlen))<8) return WHY("Insufficient buffer space for packageVariableSegment()"); - - /* Figure out how many bytes we need to package */ - bytes=buffer_size-(*dlen)-8; - if ((h->value_len-offset)value_len-offset; - if (bytes<0) bytes=0; - if (debug&DEBUG_PACKETFORMATS) DEBUGF("Packaging %d bytes of variable",bytes); - - /* Describe variable */ - - /* Variable id and instance # (if required) */ - data[(*dlen)++]=h->var_id; - if (h->var_id&0x80) data[(*dlen)++]=h->var_instance; - - /* Variable length */ - data[(*dlen)++]=h->value_len>>8; - data[(*dlen)++]=h->value_len&0xff; - - /* Start offset in this segment */ - data[(*dlen)++]=(offset>>8)&0xff; - data[(*dlen)++]=offset&0xff; - - /* Number of bytes in this segment */ - data[(*dlen)++]=(bytes>>8)&0xff; - data[(*dlen)++]=bytes&0xff; - if (debug&DEBUG_PACKETFORMATS) DEBUGF("Packaging %d bytes",bytes); - - /* Package the variable value itself (or part thereof) */ - bcopy(&h->response[offset],&data[*dlen],bytes); - (*dlen)+=bytes; - - if (debug&DEBUG_PACKETFORMATS) dump("Variable segment octets",&data[dlen_in],(*dlen)-dlen_in); - - return 0; -} - -int unpackageVariableSegment(unsigned char *data,int dlen,int flags,struct response *r) -{ - r->response_len=0; - if (dlen<7) return WHY("unpackageVariableSegment() fed insufficient data"); - - r->var_id=data[r->response_len++]; - if (r->var_id&0x80) r->var_instance=data[r->response_len++]; else r->var_instance=0; - if (r->var_instance==0xff) r->var_instance=-1; - - r->value_len=data[r->response_len++]<<8; - r->value_len|=data[r->response_len++]; - - r->value_offset=data[r->response_len++]<<8; - r->value_offset|=data[r->response_len++]; - - r->value_bytes=data[r->response_len++]<<8; - r->value_bytes|=data[r->response_len++]; - - r->response=&data[r->response_len]; - - r->response_len+=r->value_bytes; - - if (flags!=WITHOUTDATA) - if (r->response_len>dlen) - return WHY("unpackageVariableSegment() fed insufficient or corrupt data"); - - return 0; -} diff --git a/peers.c b/peers.c deleted file mode 100644 index 8bfaa6a1..00000000 --- a/peers.c +++ /dev/null @@ -1,231 +0,0 @@ -/* -Serval Distributed Numbering Architecture (DNA) -Copyright (C) 2010 Paul Gardner-Stephen - -This program is free software; you can redistribute it and/or -modify it under the terms of the GNU General Public License -as published by the Free Software Foundation; either version 2 -of the License, or (at your option) any later version. - -This program is distributed in the hope that it will be useful, -but WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -GNU General Public License for more details. - -You should have received a copy of the GNU General Public License -along with this program; if not, write to the Free Software -Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. -*/ - -#include -#include -#include -#include -#include "serval.h" - -char *batman_socket=NULL; -char *batman_peerfile=NULL; - -int peer_count=0; -struct in_addr peers[MAX_PEERS]; - -struct in_addr nominated_peers[256]; -int nom_peer_count=0; - -int additionalPeer(char *peer) -{ - struct in_addr pa; - - if (nom_peer_count>255) return WHY("Too many peers. You can only nominate 255 peers in this version."); - - pa.s_addr=inet_addr(peer); - if (pa.s_addr==INADDR_NONE) return WHY("Invalid peer address specified."); - nominated_peers[nom_peer_count++]=pa; - - return 0; -} - -int getBroadcastAddresses(struct in_addr peers[],int *peer_count,int peer_max){ - /* The Android ndk doesn't have ifaddrs.h, so we have to use the netlink interface. - However, netlink is only available on Linux, so for BSD systems, e.g., Mac, we - need to use the ifaddrs method. - - Also, ifaddrs will work on non-linux systems which is considered critical. - */ -#ifdef HAVE_LINUX_NETLINK_H - - // Ask for the address information. - struct { - struct nlmsghdr netlinkHeader; - struct ifaddrmsg msg; - }addrRequest; - char buff[16384]; - int netsock; - size_t bytesRead; - struct nlmsghdr *hdr; - - if (debug&DEBUG_PEERS) DEBUG("Reading broadcast addresses (linux style)"); - - netsock = socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE); - - memset(&addrRequest, 0, sizeof(addrRequest)); - - addrRequest.netlinkHeader.nlmsg_flags = NLM_F_REQUEST | NLM_F_ROOT; - addrRequest.netlinkHeader.nlmsg_type = RTM_GETADDR; - addrRequest.netlinkHeader.nlmsg_len = NLMSG_ALIGN(NLMSG_LENGTH(sizeof(addrRequest))); - addrRequest.msg.ifa_family = AF_INET; - addrRequest.msg.ifa_index = 0; // All interfaces. - - while (send(netsock, &addrRequest, addrRequest.netlinkHeader.nlmsg_len, 0)==EINTR); - - while(1){ - while((bytesRead = recv(netsock, buff, sizeof(buff), 0))==EINTR); - if (bytesRead<=0) break; - - for (hdr = (struct nlmsghdr*)buff; - NLMSG_OK(hdr, (size_t)bytesRead); - hdr = NLMSG_NEXT(hdr, bytesRead)) { - - switch (hdr->nlmsg_type) { - case NLMSG_DONE: - return 0; - case NLMSG_ERROR: - return -1; - case RTM_NEWADDR: - { - struct ifaddrmsg* address = (struct ifaddrmsg*)(NLMSG_DATA(hdr)); - struct rtattr* rta = IFA_RTA(address); - size_t ifaPayloadLength = IFA_PAYLOAD(hdr); - - while (RTA_OK(rta, ifaPayloadLength)) { - if (rta->rta_type == IFA_BROADCAST && address->ifa_family == AF_INET) { - struct in_addr *addr=(struct in_addr *)RTA_DATA(rta); - peers[(*peer_count)++].s_addr=addr->s_addr; - } - rta = RTA_NEXT(rta, ifaPayloadLength); - } - } - break; - } - } - } -#else -#ifdef HAVE_IFADDRS_H - struct ifaddrs *ifaddr,*ifa; - int family; - - if (debug&DEBUG_PEERS) DEBUG("Reading broadcast addresses (posix style)"); - - if (getifaddrs(&ifaddr) == -1) { - return WHY_perror("getifaddr"); - } - - for (ifa=ifaddr;ifa!=NULL;ifa=ifa->ifa_next) { - family=ifa->ifa_addr->sa_family; - switch(family) { - case AF_INET: - /* Add our local address and computed broadcast address to the list of peers. - XXX - ifa->ifa_broadaddr should give us the broadcast address, but doesn't seem to - on mac osx. So we have resorted computing the normal (ceiling) broadcast address. - */ - peers[(*peer_count)++].s_addr=((struct sockaddr_in *)ifa->ifa_addr)->sin_addr.s_addr; - { - unsigned int local=(((struct sockaddr_in *)(ifa->ifa_addr))->sin_addr.s_addr); - unsigned int netmask=(((struct sockaddr_in *)(ifa->ifa_netmask))->sin_addr.s_addr); - peers[(*peer_count)++].s_addr=local|~netmask; - } - break; - } - } -#else - if (debug&DEBUG_PEERS) DEBUG("Don't know how to read broadcast addresses :("); -#endif -#endif - return 0; -} - -int getPeerList() -{ - /* Generate the list of known peers. - If using BATMAN layer 3, this needs to be the list of exact IP addresses of the peers, - as we cannot reliably broadcast. - Once BATMAN Advanced is available, we will be able to do that. - In the mean time, we need to query BATMANd to find the known list of peers. This is not - quite as easy as we might wish. - */ - int i; - - peer_count=0; - - /* Add user specified peers */ - for(i=0;iresponse_count); - r = responses->responses; - while(r) { - DEBUGF(" response code 0x%02x", r->code); - if (r->next && r->next->prev != r) - DEBUG(" !! response chain is broken"); - r = r->next; - } - return 0; -} - -int clearResponse(struct response **response) -{ - while(*response) - { - struct response *r=*response; - *response=(*response)->next; - if (r->response) free(r->response); - r->response=NULL; - free(r); - } - return 0; -} - -int eraseLastResponse(struct response_set *responses) -{ - if (!responses) return -1; - if (responses->last_response) - { - struct response *newtail; - if (responses->last_response->prev) responses->last_response->prev->next=NULL; - newtail=responses->last_response->prev; - if (responses->responses==responses->last_response) responses->responses=NULL; - clearResponse(&responses->last_response); - responses->last_response=newtail; - responses->response_count--; - } - return 0; -} - -int responseFromPeer(struct response_set *responses,int peerId) -{ - int byte; - int bit; - - if (peerId<0||peerId>=peer_count) return -1; - if (!responses) return -1; - if (!responses->reply_bitmask) - { - responses->reply_bitmask=calloc(1,(peer_count>>3)+(peer_count&7)?1:0); - if (!responses->reply_bitmask) return -1; - } - - byte=peerId>>3; - bit=peerId&7; - - responses->reply_bitmask[byte]|=1<reply_bitmask) return 0; - - if (peerId<0||peerId>=peer_count) return 0; - - byte=peerId>>3; - bit=peerId&7; - - return responses->reply_bitmask[byte]&(1<responses; - while(r) - { - struct response *rr=r; - r=r->next; - free(rr); - } - - if (responses->reply_bitmask) free(responses->reply_bitmask); - responses->reply_bitmask=NULL; - - responses->last_response=NULL; - responses->responses=NULL; - responses->response_count=0; - return 0; -} diff --git a/serval.h b/serval.h index 746e2a4a..b3d2c493 100644 --- a/serval.h +++ b/serval.h @@ -452,13 +452,7 @@ int strn_is_did(const char *did, size_t *lenp); int str_is_uri(const char *uri); int stowSid(unsigned char *packet, int ofs, const char *sid); -int stowDid(unsigned char *packet,int *ofs,char *did); -int isFieldZeroP(unsigned char *packet,int start,int count); void srandomdev(); -int respondSimple(keyring_identity *id, - int action,unsigned char *action_text,int action_len, - unsigned char *transaction_id,int recvttl, - struct sockaddr *recvaddr,int cryptoFlags); time_ms_t gettime_ms(); time_ms_t sleep_ms(time_ms_t milliseconds); int server_pid(); @@ -474,87 +468,11 @@ void insertTransactionInCache(unsigned char *transaction_id); int packetOk(struct overlay_interface *interface,unsigned char *packet, size_t len, unsigned char *transaction_id, int recvttl, struct sockaddr *recvaddr, size_t recvaddrlen,int parseP); -int process_packet(unsigned char *packet, size_t len, int recvttl,struct sockaddr *sender, size_t sender_len); -int packetMakeHeader(unsigned char *packet,int packet_maxlen,int *packet_len,unsigned char *transaction_id,int cryptoflags); -int packetSetDid(unsigned char *packet,int packet_maxlen,int *packet_len,char *did); -int packetSetSidFromId(unsigned char *packet,int packet_maxlen,int *packet_len, - keyring_identity *id); -int packetFinalise(unsigned char *packet,int packet_maxlen,int recvttl, - int *packet_len,int cryptoflags); -int packetGetID(unsigned char *packet,int len,char *did,char *sid); -int getPeerList(); -struct response { - int code; - unsigned char sid[SID_SIZE]; - struct in_addr sender; - int recvttl; - unsigned char *response; - int response_len; - int var_id; - int var_instance; - int value_len; - int value_offset; - int value_bytes; - struct response *next,*prev; - - /* who sent it? */ - unsigned short peer_id; - /* have we checked it to see if it allows us to stop requesting? */ - unsigned char checked; -}; - -struct response_set { - struct response *responses; - struct response *last_response; - int response_count; - - /* Bit mask of peers who have replied */ - unsigned char *reply_bitmask; -}; - -int clearResponse(struct response **response); -int clearResponses(struct response_set *responses); -int fixResponses(struct response_set *responses); -int dumpResponses(struct response_set *responses); -int eraseLastResponse(struct response_set *responses); -int responseFromPeerP(struct response_set *responses,int peerId); -int responseFromPeer(struct response_set *responses,int peerId); -int extractResponses(struct in_addr sender,unsigned char *buffer,int len,struct response_set *responses); - -int sendToPeers(unsigned char *packet,int packet_len,int method,int peerId,struct response_set *responses); -int getReplyPackets(int method,int peer,int batchP,struct response_set *responses, - unsigned char *transaction_id,struct sockaddr *recvaddr,int timeout); -int packageVariableSegment(unsigned char *data, int *dlen, struct response *h, int offset, int buffer_size); -int unpackageVariableSegment(unsigned char *data, int dlen, int flags, struct response *r); - -int packetDecipher(unsigned char *packet,int len,int cipher); -int safeZeroField(unsigned char *packet,int start,int count); -int extractSid(const unsigned char *packet,int *ofs, char *sid); -int extractDid(unsigned char *packet,int *ofs,char *did); -int processRequest(unsigned char *packet,int len,struct sockaddr *sender,int sender_len, - unsigned char *transaction_id,int recvttl,char *did,char *sid); - -int extractRequest(unsigned char *packet,int *packet_ofs,int packet_len, - int *itemId,int *instance,unsigned char *value, - int *start_offset,int *max_offset,int *flags); -int dropPacketP(size_t packet_len); -int additionalPeer(char *peer); -int readRoutingTable(struct in_addr peers[],int *peer_count,int peer_max); -int readBatmanPeerFile(char *file_path,struct in_addr peers[],int *peer_count,int peer_max); -int getBatmanPeerList(char *socket_path,struct in_addr peers[],int *peer_count,int peer_max); -int asteriskObtainGateway(char *requestor_sid,char *did,char *uri_out); -int packetOkDNA(unsigned char *packet,int len,unsigned char *transaction_id, - int recvttl,struct sockaddr *recvaddr, size_t recvaddrlen,int parseP); int overlay_forward_payload(struct overlay_frame *f); int packetOkOverlay(struct overlay_interface *interface,unsigned char *packet, size_t len, unsigned char *transaction_id,int recvttl, struct sockaddr *recvaddr, size_t recvaddrlen,int parseP); -int prepareGateway(char *gatewayspec); -int packetSendRequest(int method,unsigned char *packet,int packet_len,int batchP, - unsigned char *transaction_id,struct sockaddr *recvaddr, - struct response_set *responses); -int readArpTable(struct in_addr peers[],int *peer_count,int peer_max); int overlay_frame_process(struct overlay_interface *interface, struct overlay_frame *f); int overlay_frame_resolve_addresses(struct overlay_frame *f); @@ -564,7 +482,6 @@ int overlay_frame_resolve_addresses(struct overlay_frame *f); #define alloca_tohex_sas(sas) alloca_tohex((sas), SAS_SIZE) time_ms_t overlay_time_until_next_tick(); -int overlay_rx_messages(); int overlay_add_selfannouncement(); int overlay_frame_append_payload(overlay_interface *interface, struct overlay_frame *p, struct subscriber *next_hop, struct overlay_buffer *b); @@ -613,9 +530,7 @@ typedef struct overlay_node { int overlay_route_saw_selfannounce_ack(struct overlay_frame *f, time_ms_t now); int overlay_route_saw_selfannounce(struct overlay_frame *f, time_ms_t now); overlay_node *overlay_route_find_node(const unsigned char *sid,int prefixLen,int createP); -unsigned int overlay_route_hash_sid(const unsigned char *sid); -int packetEncipher(unsigned char *packet,int maxlen,int *len,int cryptoflags); int overlayServerMode(); int overlay_payload_enqueue(struct overlay_frame *p); int overlay_route_record_link( time_ms_t now,unsigned char *to, @@ -637,44 +552,8 @@ int serval_packetvisualise(XPRINTF xpf, const char *message, const unsigned char int rhizome_fetching_get_fds(struct pollfd *fds,int *fdcount,int fdmax); int rhizome_opendb(); -typedef struct dna_identity_status { - char sid[SID_STRLEN]; - char did[64+1]; - char name[255+1]; - - int initialisedP; - time_t startofvalidity; - time_t endofvalidity; - int verifier_count; - /* Dynamically allocate these so that we don't waste a memory - (well, if we are talking about running on a feature phone, 4KB per entry - (16*256 bytes) is best avoided if we can.) */ - unsigned char *verifiers[MAX_SIGNATURES]; - int verificationStatus; - - /* Set if we know that there are no duplicates of this DID/name - combination, as it allows us to avoid a database lookup. */ - int uniqueDidAndName; -} dna_identity_status; - int parseCommandLine(const char *argv0, int argc, const char *const *argv); -dna_identity_status *dnacache_lookup(char *did,char *name,char *sid); -dna_identity_status *dnacache_lookup_next(); -int dnacache_update_verification(char *did,char *sid,char *name, - char *signature,int revokeVerificationP); -int dnacache_vouch_for_identity(char *did,char *sid,char *name); - -#undef DEBUG_MEM_ABUSE -#ifdef DEBUG_MEM_ABUSE -int memabuseInit(); -int _memabuseCheck(const char *func,const char *file,const int line); -#define memabuseCheck() _memabuseCheck(__FUNCTION__,__FILE__,__LINE__) -#else -#define memabuseInit() /* */ -#define memabuseCheck() /* */ -#endif - int form_serval_instance_path(char * buf, size_t bufsiz, const char *path); int create_serval_instance_dir(); diff --git a/server.c b/server.c index e9631845..086e6ec5 100644 --- a/server.c +++ b/server.c @@ -41,16 +41,9 @@ int servalShutdown = 0; static int server_getpid = 0; -char *instrumentation_file=NULL; -FILE *i_f=NULL; - -struct in_addr client_addr; -int client_port; - void signal_handler(int signal); void crash_handler(int signal); int getKeyring(char *s); -int createServerSocket(); /** Return the PID of the currently running server process, return 0 if there is none. */ @@ -126,15 +119,6 @@ int server(char *backing_file) sigaction(SIGINT, &sig, NULL); sigaction(SIGQUIT, &sig, NULL); - if (!overlayMode) - { - /* Create a simple socket for listening on if we are not in overlay mesh mode. */ - createServerSocket(); - - /* Get backing store for keyring (overlay sets it up itself) */ - getKeyring(backing_file); - } - /* Record PID to advertise that the server is now running */ char filename[1024]; if (!FORM_SERVAL_INSTANCE_PATH(filename, PIDFILE_NAME)) @@ -379,8 +363,6 @@ void crash_handler(int signal) dump_stack(); BACKTRACE; if (serverRespawnOnCrash) { - if (sock>-1) - close(sock); int i; for(i=0;i-1) @@ -424,391 +406,3 @@ int getKeyring(char *backing_file) return 0; } - -int processRequest(unsigned char *packet,int len, - struct sockaddr *sender,int sender_len, - unsigned char *transaction_id,int recvttl, char *did,char *sid) -{ - /* Find HLR entry by DID or SID, unless creating */ - int prev_pofs=0; - int pofs=OFS_PAYLOAD; - - while (pofs < len) { - if (debug & DEBUG_DNARESPONSES) - DEBUGF("len=%d, pofs=%d, pofs_prev=%d",len,pofs,prev_pofs); - /* Avoid infinite loops */ - if (pofs<=prev_pofs) break; - prev_pofs=pofs; - - if (debug & DEBUG_DNARESPONSES) - DEBUGF("action code 0x%02x @ packet offset 0x%x", packet[pofs], pofs); - switch (packet[pofs]) { - case ACTION_CREATEHLR: { - /* Creating an HLR requires an initial DID number and definitely no SID - - you can't choose a SID. */ - if (debug & DEBUG_DNARESPONSES) - DEBUGF("Creating a new HLR record. did='%s', sid='%s'",did,sid); - if (!did[0] || sid[0]) - return respondSimple(NULL, ACTION_DECLINED, NULL, 0, transaction_id, recvttl, sender, CRYPT_CIPHERED|CRYPT_SIGNED); - if (debug & DEBUG_DNARESPONSES) - DEBUG("Verified that create request supplies DID but not SID"); - /* Creating an identity is nice and easy now with the new keyring */ - keyring_identity *id=keyring_create_identity(keyring,keyring->contexts[0], ""); - if (id) - keyring_set_did(id, did, "Mr. Smith"); - if (id==NULL||keyring_commit(keyring)) - return respondSimple(NULL, ACTION_DECLINED, NULL, 0, transaction_id, recvttl, sender, CRYPT_CIPHERED|CRYPT_SIGNED); - else - return respondSimple(id, ACTION_OKAY, NULL, 0, transaction_id, recvttl, sender, CRYPT_CIPHERED|CRYPT_SIGNED); - pofs += 1; - pofs += 1 + SID_SIZE; - } - break; - case ACTION_PAD: /* Skip padding */ - pofs++; - pofs+=1+packet[pofs]; - break; - case ACTION_EOT: /* EOT */ - pofs=len; - break; - case ACTION_STATS: { - /* short16 variable id, - int32 value */ - pofs++; - short field=packet[pofs+1]+(packet[pofs]<<8); - int value=packet[pofs+5]+(packet[pofs+4]<<8)+(packet[pofs+3]<<16)+(packet[pofs+2]<<24); - pofs+=6; - if (instrumentation_file) - { - if (!i_f) { if (strcmp(instrumentation_file,"-")) i_f=fopen(instrumentation_file,"a"); else i_f=stdout; } - if (i_f) fprintf(i_f,"%ld:%02x%02x%02x%02x:%d:%d\n",(long)time(0),sender->sa_data[0],sender->sa_data[1],sender->sa_data[2],sender->sa_data[3],field,value); - if (i_f) fflush(i_f); - } - } - break; - case ACTION_SET: - WHY("You can only set keyring variables locally"); - return respondSimple(NULL,ACTION_ERROR, - (unsigned char *)"Would be insecure", - 0,transaction_id,recvttl, - sender,CRYPT_CIPHERED|CRYPT_SIGNED); - break; - case ACTION_GET: { - /* Limit transfer size to MAX_DATA_BYTES, plus an allowance for variable packing. */ - unsigned char data[MAX_DATA_BYTES+16]; - int dlen=0; - int sendDone=0; - - if (debug&DEBUG_DNARESPONSES) - dump("Request bytes", &packet[pofs], 8); - - pofs++; - int var_id=packet[pofs]; - int instance=-1; - if (var_id&0x80) instance=packet[++pofs]; - if (instance==0xff) instance=-1; - pofs++; - int offset=(packet[pofs]<<8)+packet[pofs+1]; pofs+=2; - keyring_identity *responding_id=NULL; - - pofs+=2; - - if (debug&DEBUG_DNARESPONSES) { - DEBUGF("Processing ACTION_GET (var_id=%02x, instance=%02x, pofs=0x%x, len=%d)",var_id,instance,pofs,len); - DEBUGF("Looking for identities with sid=%s did='%s'", (sid&&sid[0])?sid:"null",did?did:"null"); - } - - /* Keyring only has DIDs in it for now. Location is implied, so we allow that */ - switch (var_id) { - case VAR_DIDS: - case VAR_LOCATIONS: - break; - default: - return respondSimple(NULL,ACTION_ERROR, - (unsigned char *)"Unsupported variable", - 0,transaction_id,recvttl, - sender,CRYPT_CIPHERED|CRYPT_SIGNED); - } - - { - int cn=0,in=0,kp=0; - int found=0; - int count=0; - while(cncontext_count) { - found=0; - if (sid&&sid[0]) { - unsigned char packedSid[SID_SIZE]; - stowSid(packedSid,0,sid); - found=keyring_find_sid(keyring,&cn,&in,&kp,packedSid); - } else { - found=keyring_find_did(keyring,&cn,&in,&kp,did); - } - - struct response r; - unsigned char packedDid[64]; - - if (found&&(instance==-1||instance==count)) { - /* We have a matching identity/DID, now see what variable - they want. - VAR_DIDS and VAR_LOCATIONS are the only ones we support - with the new keyring file format for now. */ - r.var_id=var_id; - r.var_instance=instance; - switch(var_id) { - case VAR_DIDS: - /* We need to pack the DID before sending off */ - r.value_len=0; - stowDid(packedDid,&r.value_len, - (char *)keyring->contexts[cn]->identities[in] - ->keypairs[kp]->private_key); - r.response=packedDid; - break; - case VAR_LOCATIONS: - r.response=(unsigned char *)"4000@"; - r.value_len=strlen((char *)r.response); - break; - } - - /* For multiple packet responses, we want to tag only the - last one with DONE, so we queue up the most recently generated - packet, and only dispatch it when we are about to produce - another. Then at the end of the loop, if we have a packet - waiting we simply mark that with with DONE, and everything - falls into place. */ - if (sendDone>0) - /* Send previous packet */ - respondSimple(responding_id,ACTION_DATA,data,dlen, - transaction_id,recvttl,sender, - CRYPT_CIPHERED|CRYPT_SIGNED); - /* Prepare new packet */ - dlen=0; - if (packageVariableSegment(data,&dlen,&r,offset, MAX_DATA_BYTES+16)) - return WHY("packageVariableSegment() failed."); - responding_id = keyring->contexts[cn]->identities[in]; - - /* Remember that we need to send this new packet */ - sendDone++; - - count++; - } - - /* look for next record. - Here the placing of DONE at the end of the response stream - becomes challenging, as we may be responding as multiple - identities. This means we have to DONE after each identity. */ - int lastin=in,lastcn=cn; - kp++; - keyring_sanitise_position(keyring,&cn,&in,&kp); - if (lastin!=in||lastcn!=cn) { - /* moved off last identity, so send waiting packet if there is - one. */ - if (sendDone) { - data[dlen++]=ACTION_DONE; - data[dlen++]=sendDone&0xff; - respondSimple(responding_id,ACTION_DATA,data,dlen, - transaction_id, - recvttl,sender,CRYPT_CIPHERED|CRYPT_SIGNED); - } - sendDone=0; - } - } - } - - /* Now, see if we have a final queued packet which needs marking with - DONE and then sending. */ - if (sendDone) { - data[dlen++]=ACTION_DONE; - data[dlen++]=sendDone&0xff; - respondSimple(responding_id,ACTION_DATA,data,dlen,transaction_id, - recvttl,sender,CRYPT_CIPHERED|CRYPT_SIGNED); - } - - if (gatewayspec&&(var_id==VAR_LOCATIONS)&&did&&strlen(did)) - { - /* We are a gateway, so offer connection via the gateway as well */ - unsigned char data[MAX_DATA_BYTES+16]; - int dlen=0; - struct response fake; - unsigned char uri[1024]; - - /* We use asterisk to provide the gateway service, - so we need to create a temporary extension in extensions.conf, - ask asterisk to re-read extensions.conf, and then make sure it has - a functional SIP gateway. - */ - if (!asteriskObtainGateway(sid,did,(char *)uri)) - { - - fake.value_len=strlen((char *)uri); - fake.var_id=var_id; - fake.response=uri; - - if (packageVariableSegment(data,&dlen,&fake,offset,MAX_DATA_BYTES+16)) - return WHY("packageVariableSegment() of gateway URI failed."); - - WHY("Gateway claims to be 1st identity, when it should probably have its own identity"); - respondSimple(keyring->contexts[0]->identities[0], - ACTION_DATA,data,dlen, - transaction_id,recvttl,sender, - CRYPT_CIPHERED|CRYPT_SIGNED); - } - else - { - /* Should we indicate the gateway is not available? */ - } - } - - } - break; - default: - if (debug & DEBUG_PACKETFORMATS) { - DEBUGF("Asked to perform unsipported action at Packet offset = 0x%x", pofs); - dump("Packet", packet, len); - } - return WHY("unsupported action"); - } - } - - return 0; -} - -int respondSimple(keyring_identity *id, - int action,unsigned char *action_text,int action_len, - unsigned char *transaction_id,int recvttl, - struct sockaddr *recvaddr,int cryptoFlags) -{ - unsigned char packet[8000]; - int pl=0; - int *packet_len=&pl; - int packet_maxlen=8000; - int i; - - /* XXX Complain about invalid crypto flags. - XXX We don't do anything with the crypto flags right now - XXX Other packet sending routines need this as well. */ - if (!cryptoFlags) return WHY("Crypto-flags not set."); - - /* ACTION_ERROR is associated with an error message. - For syntactic simplicity, we do not require the respondSimple() call to provide - the length of the error message. */ - if (action==ACTION_ERROR) { - action_len=strlen((char *)action_text); - /* Make sure the error text isn't too long. - IF it is, trim it, as we still need to communicate the error */ - if (action_len>255) action_len=255; - } - - /* Prepare the request packet */ - if (packetMakeHeader(packet,8000,packet_len,transaction_id,cryptoFlags)) - return WHY("packetMakeHeader() failed."); - if (id) - { if (packetSetSidFromId(packet,8000,packet_len,id)) - return WHY("invalid SID in reply"); } - else - { if (packetSetDid(packet,8000,packet_len,"")) - return WHY("Could not set empty DID in reply"); } - - CHECK_PACKET_LEN(1+1+action_len); - packet[(*packet_len)++]=action; - if (action==ACTION_ERROR) packet[(*packet_len)++]=action_len; - for(i=0;i0) { - WARN("Memory corruption in first 64KB of RAM detected"); - DEBUGF(" Changed bytes exist in range 0x%04x - 0x%04x",firstAddr,lastAddr); - dump("Changed memory content",&zero[firstAddr],lastAddr-firstAddr+1); - dump("Initial memory content",&groundzero[firstAddr],lastAddr-firstAddr+1); - sleep(1); - } else { - DEBUGF("All's well at %s() %s:%d",func,file,line); - } - - return 0; -} -#endif diff --git a/simulate.c b/simulate.c deleted file mode 100644 index 971528b7..00000000 --- a/simulate.c +++ /dev/null @@ -1,42 +0,0 @@ -/* -Serval Distributed Numbering Architecture (DNA) -Copyright (C) 2010 Paul Gardner-Stephen - -This program is free software; you can redistribute it and/or -modify it under the terms of the GNU General Public License -as published by the Free Software Foundation; either version 2 -of the License, or (at your option) any later version. - -This program is distributed in the hope that it will be useful, -but WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -GNU General Public License for more details. - -You should have received a copy of the GNU General Public License -along with this program; if not, write to the Free Software -Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. -*/ - -#include "serval.h" - -double simulatedBER=0; - -/* - We use this function to simulate a lossy link so that we can easily bench-test the - retransmission protocols. - */ -int dropPacketP(size_t packet_len) -{ - size_t i; - int b; - - long berThreshold=0x7fffffff*simulatedBER; - - if (!simulatedBER) return 0; - - for(i=0;i