Startseite Erkunden Hilfe
Anmelden
yosoyhendrix
/
badvpn
1
0
Fork 0
Dateien Issues 0 Pull-Requests 0 Wiki
Struktur: 07268f0270
Branches Tags
badvpn
/
protocol
/
scproto.h

scproto.h 8.1 KB
Verlauf Originalformat

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266 
  1. /**
    2. 

  2.  * @file scproto.h
    3. 

  3.  * @author Ambroz Bizjak <ambrop7@gmail.com>
    4. 

  4.  * 
    5. 

  5.  * @section LICENSE
    6. 

  6.  * 
    7. 

  7.  * Redistribution and use in source and binary forms, with or without
    8. 

  8.  * modification, are permitted provided that the following conditions are met:
    9. 

  9.  * 1. Redistributions of source code must retain the above copyright
    10. 

  10.  *    notice, this list of conditions and the following disclaimer.
    11. 

  11.  * 2. Redistributions in binary form must reproduce the above copyright
    12. 

  12.  *    notice, this list of conditions and the following disclaimer in the
    13. 

  13.  *    documentation and/or other materials provided with the distribution.
    14. 

  14.  * 3. Neither the name of the author nor the
    15. 

  15.  *    names of its contributors may be used to endorse or promote products
    16. 

  16.  *    derived from this software without specific prior written permission.
    17. 

  17.  * 
    18. 

  18.  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
    19. 

  19.  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
    20. 

  20.  * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
    21. 

  21.  * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
    22. 

  22.  * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
    23. 

  23.  * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
    24. 

  24.  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
    25. 

  25.  * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
    26. 

  26.  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
    27. 

  27.  * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
    28. 

  28.  * 
    29. 

  29.  * @section DESCRIPTION
    30. 

  30.  * 
    31. 

  31.  * Definitions for SCProto, the protocol that the clients communicate in
    32. 

  32.  * with the server.
    33. 

  33.  * 
    34. 

  34.  * All multi-byte integers in structs are little-endian, unless stated otherwise.
    35. 

  35.  * 
    36. 

  36.  * A SCProto packet consists of:
    37. 

  37.  *   - a header (struct {@link sc_header}) which contains the type of the
    38. 

  38.  *     packet
    39. 

  39.  *   - the payload
    40. 

  40.  * 
    41. 

  41.  * It goes roughly like that:
    42. 

  42.  * 
    43. 

  43.  * When the client connects to the server, it sends a "clienthello" packet
    44. 

  44.  * to the server. The packet contains the protocol version the client is using.
    45. 

  45.  * When the server receives the "clienthello" packet, it checks the version.
    46. 

  46.  * If it doesn't match, it disconnects the client. Otherwise the server sends
    47. 

  47.  * the client a "serverhello" packet to the client. That packet contains
    48. 

  48.  * the ID of the client and possibly its IPv4 address as the server sees it
    49. 

  49.  * (zero if not applicable).
    50. 

  50.  * 
    51. 

  51.  * The server than proceeds to synchronize the peers' knowledge of each other.
    52. 

  52.  * It does that by sending a "newclient" messages to a client to inform it of
    53. 

  53.  * another peer, and "endclient" messages to inform it that a peer is gone.
    54. 

  54.  * Each client, upon receiving a "newclient" message, MUST sent a corresponding
    55. 

  55.  * "acceptpeer" message, before sending any messages to the new peer.
    56. 

  56.  * The server forwards messages between synchronized peers to allow them to
    57. 

  57.  * communicate. A peer sends a message to another peer by sending the "outmsg"
    58. 

  58.  * packet to the server, and the server delivers a message to a peer by sending
    59. 

  59.  * it the "inmsg" packet.
    60. 

  60.  * 
    61. 

  61.  * The message service is reliable; messages from one client to another are
    62. 

  62.  * expected to arrive unmodified and in the same order. There is, however,
    63. 

  63.  * no flow control. This means that messages can not be used for bulk transfers
    64. 

  64.  * between the clients (and they are not). If the server runs out of buffer for
    65. 

  65.  * messages from one client to another, it will stop forwarding messages, and
    66. 

  66.  * will reset knowledge of the two clients after some delay. Similarly, if one
    67. 

  67.  * of the clients runs out of buffer locally, it will send the "resetpeer"
    68. 

  68.  * packet to make the server reset knowledge.
    69. 

  69.  * 
    70. 

  70.  * The messages transport either:
    71. 

  71.  * 
    72. 

  72.  * - If the relevant "newclient" packets do not contain the
    73. 

  73.  *   SCID_NEWCLIENT_FLAG_SSL flag, then plaintext MsgProto messages.
    74. 

  74.  * 
    75. 

  75.  * - If the relevant "newclient" packets do contain the SCID_NEWCLIENT_FLAG_SSL
    76. 

  76.  *   flag, then SSL, broken down into packets, PacketProto inside SSL, and finally
    77. 

  77.  *   MsgProto inside PacketProto. The master peer (one with higher ID) acts as an
    78. 

  78.  *   SSL server, and the other acts as an SSL client. The peers must identify with
    79. 

  79.  *   the same certificate they used when connecting to the server, and each peer
    80. 

  80.  *   must byte-compare the other's certificate agains the one provided to it by
    81. 

  81.  *   by the server in the relevent "newclient" message.
    82. 

  82.  */
    83. 

  83. 

  84. #ifndef BADVPN_PROTOCOL_SCPROTO_H
    85. 

  85. #define BADVPN_PROTOCOL_SCPROTO_H
    86. 

  86. 

  87. #include <stdint.h>
    88. 

  88. 

  89. #include <misc/packed.h>
    90. 

  90. 

  91. #define SC_VERSION 29
    92. 

  92. #define SC_OLDVERSION_NOSSL 27
    93. 

  93. #define SC_OLDVERSION_BROKENCERT 26
    94. 

  94. 

  95. #define SC_KEEPALIVE_INTERVAL 10000
    96. 

  96. 

  97. /**
    98. 

  98.  * SCProto packet header.
    99. 

  99.  * Follows up to SC_MAX_PAYLOAD bytes of payload.
    100. 

  100.  */
    101. 

  101. B_START_PACKED
    102. 

  102. struct sc_header {
    103. 

  103.     /**
    104. 

  104.      * Message type.
    105. 

  105.      */
    106. 

  106.     uint8_t type;
    107. 

  107. } B_PACKED;
    108. 

  108. B_END_PACKED
    109. 

  109. 

  110. #define SC_MAX_PAYLOAD 2000
    111. 

  111. #define SC_MAX_ENC (sizeof(struct sc_header) + SC_MAX_PAYLOAD)
    112. 

  112. 

  113. typedef uint16_t peerid_t;
    114. 

  114. 

  115. #define SCID_KEEPALIVE 0
    116. 

  116. #define SCID_CLIENTHELLO 1
    117. 

  117. #define SCID_SERVERHELLO 2
    118. 

  118. #define SCID_NEWCLIENT 3
    119. 

  119. #define SCID_ENDCLIENT 4
    120. 

  120. #define SCID_OUTMSG 5
    121. 

  121. #define SCID_INMSG 6
    122. 

  122. #define SCID_RESETPEER 7
    123. 

  123. #define SCID_ACCEPTPEER 8
    124. 

  124. 

  125. /**
    126. 

  126.  * "clienthello" client packet payload.
    127. 

  127.  * Packet type is SCID_CLIENTHELLO.
    128. 

  128.  */
    129. 

  129. B_START_PACKED
    130. 

  130. struct sc_client_hello {
    131. 

  131.     /**
    132. 

  132.      * Protocol version the client is using.
    133. 

  133.      */
    134. 

  134.     uint16_t version;
    135. 

  135. } B_PACKED;
    136. 

  136. B_END_PACKED
    137. 

  137. 

  138. /**
    139. 

  139.  * "serverhello" server packet payload.
    140. 

  140.  * Packet type is SCID_SERVERHELLO.
    141. 

  141.  */
    142. 

  142. B_START_PACKED
    143. 

  143. struct sc_server_hello {
    144. 

  144.     /**
    145. 

  145.      * Flags. Not used yet.
    146. 

  146.      */
    147. 

  147.     uint16_t flags;
    148. 

  148.     
    149. 

  149.     /**
    150. 

  150.      * Peer ID of the client.
    151. 

  151.      */
    152. 

  152.     peerid_t id;
    153. 

  153.     
    154. 

  154.     /**
    155. 

  155.      * IPv4 address of the client as seen by the server
    156. 

  156.      * (network byte order). Zero if not applicable.
    157. 

  157.      */
    158. 

  158.     uint32_t clientAddr;
    159. 

  159. } B_PACKED;
    160. 

  160. B_END_PACKED
    161. 

  161. 

  162. /**
    163. 

  163.  * "newclient" server packet payload.
    164. 

  164.  * Packet type is SCID_NEWCLIENT.
    165. 

  165.  * If the server is using TLS, follows up to SCID_NEWCLIENT_MAX_CERT_LEN
    166. 

  166.  * bytes of the new client's certificate (encoded in DER).
    167. 

  167.  */
    168. 

  168. B_START_PACKED
    169. 

  169. struct sc_server_newclient {
    170. 

  170.     /**
    171. 

  171.      * ID of the new peer.
    172. 

  172.      */
    173. 

  173.     peerid_t id;
    174. 

  174.     
    175. 

  175.     /**
    176. 

  176.      * Flags. Possible flags:
    177. 

  177.      *   - SCID_NEWCLIENT_FLAG_RELAY_SERVER
    178. 

  178.      *     You can relay frames to other peers through this peer.
    179. 

  179.      *   - SCID_NEWCLIENT_FLAG_RELAY_CLIENT
    180. 

  180.      *     You must allow this peer to relay frames to other peers through you.
    181. 

  181.      *   - SCID_NEWCLIENT_FLAG_SSL
    182. 

  182.      *     SSL must be used to talk to this peer through messages.
    183. 

  183.      */
    184. 

  184.     uint16_t flags;
    185. 

  185. } B_PACKED;
    186. 

  186. B_END_PACKED
    187. 

  187. 

  188. #define SCID_NEWCLIENT_FLAG_RELAY_SERVER 1
    189. 

  189. #define SCID_NEWCLIENT_FLAG_RELAY_CLIENT 2
    190. 

  190. #define SCID_NEWCLIENT_FLAG_SSL 4
    191. 

  191. 

  192. #define SCID_NEWCLIENT_MAX_CERT_LEN (SC_MAX_PAYLOAD - sizeof(struct sc_server_newclient))
    193. 

  193. 

  194. /**
    195. 

  195.  * "endclient" server packet payload.
    196. 

  196.  * Packet type is SCID_ENDCLIENT.
    197. 

  197.  */
    198. 

  198. B_START_PACKED
    199. 

  199. struct sc_server_endclient {
    200. 

  200.     /**
    201. 

  201.      * ID of the removed peer.
    202. 

  202.      */
    203. 

  203.     peerid_t id;
    204. 

  204. } B_PACKED;
    205. 

  205. B_END_PACKED
    206. 

  206. 

  207. /**
    208. 

  208.  * "outmsg" client packet header.
    209. 

  209.  * Packet type is SCID_OUTMSG.
    210. 

  210.  * Follows up to SC_MAX_MSGLEN bytes of message payload.
    211. 

  211.  */
    212. 

  212. B_START_PACKED
    213. 

  213. struct sc_client_outmsg {
    214. 

  214.     /**
    215. 

  215.      * ID of the destionation peer.
    216. 

  216.      */
    217. 

  217.     peerid_t clientid;
    218. 

  218. } B_PACKED;
    219. 

  219. B_END_PACKED
    220. 

  220. 

  221. /**
    222. 

  222.  * "inmsg" server packet payload.
    223. 

  223.  * Packet type is SCID_INMSG.
    224. 

  224.  * Follows up to SC_MAX_MSGLEN bytes of message payload.
    225. 

  225.  */
    226. 

  226. B_START_PACKED
    227. 

  227. struct sc_server_inmsg {
    228. 

  228.     /**
    229. 

  229.      * ID of the source peer.
    230. 

  230.      */
    231. 

  231.     peerid_t clientid;
    232. 

  232. } B_PACKED;
    233. 

  233. B_END_PACKED
    234. 

  234. 

  235. #define _SC_MAX_OUTMSGLEN (SC_MAX_PAYLOAD - sizeof(struct sc_client_outmsg))
    236. 

  236. #define _SC_MAX_INMSGLEN (SC_MAX_PAYLOAD - sizeof(struct sc_server_inmsg))
    237. 

  237. 

  238. #define SC_MAX_MSGLEN (_SC_MAX_OUTMSGLEN < _SC_MAX_INMSGLEN ? _SC_MAX_OUTMSGLEN : _SC_MAX_INMSGLEN)
    239. 

  239. 

  240. /**
    241. 

  241.  * "resetpeer" client packet header.
    242. 

  242.  * Packet type is SCID_RESETPEER.
    243. 

  243.  */
    244. 

  244. B_START_PACKED
    245. 

  245. struct sc_client_resetpeer {
    246. 

  246.     /**
    247. 

  247.      * ID of the peer to reset.
    248. 

  248.      */
    249. 

  249.     peerid_t clientid;
    250. 

  250. } B_PACKED;
    251. 

  251. B_END_PACKED
    252. 

  252. 

  253. /**
    254. 

  254.  * "acceptpeer" client packet payload.
    255. 

  255.  * Packet type is SCID_ACCEPTPEER.
    256. 

  256.  */
    257. 

  257. B_START_PACKED
    258. 

  258. struct sc_client_acceptpeer {
    259. 

  259.     /**
    260. 

  260.      * ID of the peer to accept.
    261. 

  261.      */
    262. 

  262.     peerid_t clientid;
    263. 

  263. } B_PACKED;
    264. 

  264. B_END_PACKED
    265. 

  265. 

  266. #endif
    267.