Compare commits

..

37 Commits

Author SHA1 Message Date
Matt
b1748a2fd8 Merge b6c6813d41 into 4623f878e0 2024-06-10 19:17:55 -04:00
yancey
4623f878e0 fix cipher bug 2024-06-10 05:22:12 -04:00
Matt
b6c6813d41 make mingw_cross 2024-04-03 12:44:50 +08:00
mxmkeep
9045264d37 tcp spa: optimize check logic 2024-03-27 22:44:50 +08:00
root
4e6e1e6a97 support TCP SPA feature 2024-03-22 00:51:09 +08:00
Yancey Wang
e42f0e5732 Update README.md 2023-11-15 15:15:46 -05:00
yancey
f49e6adedf remove Dockerfile 2023-11-06 03:19:46 -05:00
yancey
d1a9bcc4fb try to fix linux 6.5 compile 2023-10-07 08:26:10 -04:00
Yancey Wang
bc8bd8c2f8 Merge pull request #475 from gek64/unified
Fix compile errors on FreeBSD/pfSense/OPNsense
2023-09-21 16:35:45 -04:00
gek64
ca16c3a5e6 Merge branch 'wangyu-:unified' into unified 2023-07-27 21:10:28 +08:00
Yancey Wang
7abe19c7d9 Merge pull request #482 from wangyu-/revert-455-unified
Revert "fix CMakeLists.txt"
2023-07-22 17:31:10 -04:00
Yancey Wang
f3f528e866 Revert "fix CMakeLists.txt" 2023-07-22 17:30:56 -04:00
Yancey Wang
ec6fad552b Merge pull request #455 from HiGarfield/unified
fix CMakeLists.txt
2023-07-22 17:09:53 -04:00
yancey
87b878a09e fix stack-use-after-scope reported by sanitizer 2023-07-22 14:31:17 -04:00
yancey
e66eddd1d5 fix mem access problem reported by sanitizer 2023-07-22 14:00:03 -04:00
gek64
ec416515f3 Fix compile errors on freebsd 2023-06-14 16:26:10 +08:00
Yancey Wang
d12e540830 Update CMakeLists.txt 2023-06-04 21:44:44 -04:00
Yancey Wang
e7eecc8ef2 Update ISSUE_TEMPLATE.md 2023-05-10 00:08:00 -04:00
HiGarfield
82ba4f7d1b fix CMakeLists.txt 2023-02-09 01:23:51 +08:00
yancey
e5ecd33ec4 add .clang-format 2023-02-07 07:12:02 -05:00
yancey
9217e0e9e6 fix indent with clang-format 2023-02-07 07:11:49 -05:00
yancey
87b0db8862 add cmake 2023-02-07 07:02:13 -05:00
Yancey Wang
8ceaf27eda Merge pull request #409 from brlin-tw/patch-2
fix typo (stabilization)
2022-01-26 00:59:47 -05:00
Yancey Wang
9f9e8caff6 Merge pull request #408 from brlin-tw/patch-1
fix typo (facktcp -> faketcp)
2022-01-26 00:59:25 -05:00
Yancey Wang
74f3eb90a7 Update README.md 2021-12-09 09:26:32 -05:00
林博仁(Buo-ren, Lin)
38286d5c5b fix typo (stabilization)
Signed-off-by: 林博仁(Buo-ren, Lin) <Buo.Ren.Lin@gmail.com>
2021-09-14 00:54:21 +08:00
林博仁(Buo-ren, Lin)
ec849322d7 fix typo (facktcp -> faketcp)
Signed-off-by: 林博仁(Buo-ren, Lin) <Buo.Ren.Lin@gmail.com>
2021-09-14 00:34:07 +08:00
wangyu
b98a467eed fix source argument is the same as destination 2021-03-11 00:45:26 -05:00
wangyu
25d3323427 fix mp compile; fix tcp option bug 2021-02-17 16:58:32 -05:00
wangyu
b8e9095135 add --fix-gro reminder 2021-01-11 05:58:31 -05:00
wangyu
026f97687a fix packet_header->caplen <= max_data_len in network.cpp 2021-01-09 05:10:12 -05:00
wangyu-
f2f90a9a15 Update ISSUE_TEMPLATE.md 2020-09-20 05:16:05 -04:00
wangyu-
cf23f4d656 Update ISSUE_TEMPLATE.md 2020-09-20 05:12:33 -04:00
wangyu
59819db2dd do not quit when got pcap error 2020-08-27 00:32:07 -04:00
wangyu
cc6ea766c4 update makefile 2020-08-18 03:19:18 -04:00
wangyu
509156fc14 change toochain for arm x86 x64 2020-08-17 19:48:23 -04:00
wangyu
cb9059bf3b update readme.md 2020-08-17 18:26:20 -04:00
30 changed files with 7728 additions and 8946 deletions

4
.clang-format Normal file
View File

@@ -0,0 +1,4 @@
SortIncludes: false
BasedOnStyle: Google
ColumnLimit: 0
IndentWidth: 4

35
CMakeLists.txt Normal file
View File

@@ -0,0 +1,35 @@
#note: experimental
# currently only used for generating `compile_commands.json` for clangd.
# to build this project, it's suggested to use `makefile` instead
cmake_minimum_required(VERSION 3.7)
project(udp2raw)
set(CMAKE_EXPORT_COMPILE_COMMANDS ON)
set(CMAKE_CXX_STANDARD 11)
set(SOURCE_FILES
main.cpp
lib/md5.cpp
lib/pbkdf2-sha1.cpp
lib/pbkdf2-sha256.cpp
encrypt.cpp
log.cpp
network.cpp
common.cpp
connection.cpp
misc.cpp
fd_manager.cpp
client.cpp
server.cpp
lib/aes_faster_c/aes.cpp
lib/aes_faster_c/wrapper.cpp
my_ev.cpp
)
set(CMAKE_CXX_FLAGS "-Wall -Wextra -Wno-unused-variable -Wno-unused-parameter -Wno-missing-field-initializers -O2 -g -fsanitize=address,undefined")
add_executable(udp2raw ${SOURCE_FILES})
target_link_libraries(udp2raw rt)
target_link_libraries(udp2raw pthread)
include_directories(SYSTEM "libev")
include_directories(".")

View File

@@ -1,13 +0,0 @@
FROM alpine:3.6 as builder
WORKDIR /
RUN apk add --no-cache git build-base linux-headers && \
git clone https://github.com/wangyu-/udp2raw-tunnel.git && \
cd udp2raw-tunnel && \
make dynamic
FROM alpine:3.6
RUN apk add --no-cache libstdc++ iptables
COPY --from=builder /udp2raw-tunnel/udp2raw_dynamic /bin/
ENTRYPOINT [ "/bin/udp2raw_dynamic" ]

View File

@@ -1,6 +1 @@
For English speaking user English Only.
https://github.com/wangyu-/UDPspeeder/wiki/Issue-Guide
中文用户请看:
https://github.com/wangyu-/UDPspeeder/wiki/发Issue前请看
(否则Issue可能被忽略或被直接关掉)

View File

@@ -14,7 +14,7 @@ or
[udp2raw wiki](https://github.com/wangyu-/udp2raw-tunnel/wiki) [udp2raw wiki](https://github.com/wangyu-/udp2raw-tunnel/wiki)
[简体中文](/doc/README.zh-cn.md)(内容更丰富) [简体中文](/doc/README.zh-cn.md)
# Support Platforms # Support Platforms
@@ -26,7 +26,7 @@ For Windows and MacOS users, use the udp2raw in [this repo](https://github.com/w
### Send/Receive UDP Packets with ICMP/FakeTCP/UDP headers ### Send/Receive UDP Packets with ICMP/FakeTCP/UDP headers
ICMP/FakeTCP headers help you bypass UDP blocking, UDP QOS or improper UDP NAT behavior on some ISPs. In ICMP header mode,udp2raw works like an ICMP tunnel. ICMP/FakeTCP headers help you bypass UDP blocking, UDP QOS or improper UDP NAT behavior on some ISPs. In ICMP header mode,udp2raw works like an ICMP tunnel.
UDP headers are also supported. In UDP header mode, it behaves just like a normal UDP tunnel, and you can just make use of the other features (such as encryption, anti-replay, or connection stalization). UDP headers are also supported. In UDP header mode, it behaves just like a normal UDP tunnel, and you can just make use of the other features (such as encryption, anti-replay, or connection stabilization).
### Simulated TCP with Real-time/Out-of-Order Delivery ### Simulated TCP with Real-time/Out-of-Order Delivery
In FakeTCP header mode,udp2raw simulates 3-way handshake while establishing a connection,simulates seq and ack_seq while data transferring. It also simulates a few TCP options such as: `MSS`, `sackOk`, `TS`, `TS_ack`, `wscale`. Firewalls will regard FakeTCP as a TCP connection, but its essentially UDP: it supports real-time/out-of-order delivery(just as normal UDP does), no congestion control or re-transmission. So there wont be any TCP over TCP problem when using OpenVPN. In FakeTCP header mode,udp2raw simulates 3-way handshake while establishing a connection,simulates seq and ack_seq while data transferring. It also simulates a few TCP options such as: `MSS`, `sackOk`, `TS`, `TS_ack`, `wscale`. Firewalls will regard FakeTCP as a TCP connection, but its essentially UDP: it supports real-time/out-of-order delivery(just as normal UDP does), no congestion control or re-transmission. So there wont be any TCP over TCP problem when using OpenVPN.
@@ -38,7 +38,7 @@ In FakeTCP header mode,udp2raw simulates 3-way handshake while establishing a co
[Notes on encryption](https://github.com/wangyu-/udp2raw-tunnel/wiki/Notes-on-encryption) [Notes on encryption](https://github.com/wangyu-/udp2raw-tunnel/wiki/Notes-on-encryption)
### Failure Dectection & Stablization (Connection Recovery) ### Failure Dectection & Stabilization (Connection Recovery)
Conection failures are detected by heartbeats. If timed-out, client will automatically change port number and reconnect. If reconnection is successful, the previous connection will be recovered, and all existing UDP conversations will stay vaild. Conection failures are detected by heartbeats. If timed-out, client will automatically change port number and reconnect. If reconnection is successful, the previous connection will be recovered, and all existing UDP conversations will stay vaild.
For example, if you use udp2raw + OpenVPN, OpenVPN won't lose connection after any reconnect, **even if network cable is re-plugged or WiFi access point is changed**. For example, if you use udp2raw + OpenVPN, OpenVPN won't lose connection after any reconnect, **even if network cable is re-plugged or WiFi access point is changed**.
@@ -81,9 +81,9 @@ Assume your UDP is blocked or being QOS-ed or just poorly supported. Assume your
Now,an encrypted raw tunnel has been established between client and server through TCP port 4096. Connecting to UDP port 3333 at the client side is equivalent to connecting to port 7777 at the server side. No UDP traffic will be exposed. Now,an encrypted raw tunnel has been established between client and server through TCP port 4096. Connecting to UDP port 3333 at the client side is equivalent to connecting to port 7777 at the server side. No UDP traffic will be exposed.
### Note ### Note
To run on Android, check [Android_Guide](/doc/android_guide.md) To run on Android, check [Android_Guide](https://github.com/wangyu-/udp2raw/wiki/Android-Guide)
`-a` option automatically adds an iptables rule (or a few iptables rules) for you, udp2raw relys on this iptables rule to work stably. Be aware you dont forget `-a` (its a common mistake). If you dont want udp2raw to add iptables rule automatically, you can add it manually(take a look at `-g` option) and omit `-a`. `-a` option automatically adds an iptables rule (or a few iptables rules) for you, udp2raw relies on this iptables rule to work stably. Be aware you dont forget `-a` (its a common mistake). If you dont want udp2raw to add iptables rule automatically, you can add it manually(take a look at `-g` option) and omit `-a`.
# Advanced Topic # Advanced Topic

1084
client.cpp

File diff suppressed because it is too large Load Diff

1108
common.cpp

File diff suppressed because it is too large Load Diff

406
common.h
View File

@@ -10,13 +10,13 @@
#define __STDC_FORMAT_MACROS 1 #define __STDC_FORMAT_MACROS 1
#include <inttypes.h> #include <inttypes.h>
#include<stdio.h> #include <stdio.h>
#include<string.h> #include <string.h>
#include<stdlib.h> #include <stdlib.h>
#include<getopt.h> #include <getopt.h>
#include<unistd.h> #include <unistd.h>
#include<errno.h> #include <errno.h>
#include <sys/stat.h> #include <sys/stat.h>
#include <stdlib.h> //for exit(0); #include <stdlib.h> //for exit(0);
#include <errno.h> //For errno - the error number #include <errno.h> //For errno - the error number
@@ -32,7 +32,7 @@
#endif #endif
#if defined(UDP2RAW_MP) #if defined(UDP2RAW_MP)
const int is_udp2raw_mp=1; const int is_udp2raw_mp = 1;
#if !defined(__CYGWIN__) && !defined(__MINGW32__) #if !defined(__CYGWIN__) && !defined(__MINGW32__)
#include <pcap.h> #include <pcap.h>
#else #else
@@ -44,10 +44,9 @@ const int is_udp2raw_mp=1;
#include <libnet.h> #include <libnet.h>
#endif #endif
#else #else
#define UDP2RAW_LINUX #define UDP2RAW_LINUX
const int is_udp2raw_mp=0; const int is_udp2raw_mp = 0;
//#include <linux/if_ether.h> //#include <linux/if_ether.h>
#include <linux/filter.h> #include <linux/filter.h>
#include <linux/if_packet.h> #include <linux/if_packet.h>
@@ -80,8 +79,7 @@ typedef int socklen_t;
#include <netinet/in.h> #include <netinet/in.h>
#endif #endif
#include <unordered_map>
#include<unordered_map>
#include <fstream> #include <fstream>
#include <string> #include <string>
#include <vector> #include <vector>
@@ -100,7 +98,6 @@ using namespace std;
#define UDP2RAW_BIG_ENDIAN 1 #define UDP2RAW_BIG_ENDIAN 1
#endif #endif
#if defined(__BYTE_ORDER) && __BYTE_ORDER == __LITTLE_ENDIAN || \ #if defined(__BYTE_ORDER) && __BYTE_ORDER == __LITTLE_ENDIAN || \
defined(__BYTE_ORDER__) && __BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__ || \ defined(__BYTE_ORDER__) && __BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__ || \
defined(__LITTLE_ENDIAN__) || \ defined(__LITTLE_ENDIAN__) || \
@@ -111,20 +108,18 @@ using namespace std;
#define UDP2RAW_LITTLE_ENDIAN 1 #define UDP2RAW_LITTLE_ENDIAN 1
#endif #endif
#if defined(UDP2RAW_BIG_ENDIAN) &&defined(UDP2RAW_LITTLE_ENDIAN) #if defined(UDP2RAW_BIG_ENDIAN) && defined(UDP2RAW_LITTLE_ENDIAN)
#error "endian detection conflicts" #error "endian detection conflicts"
#endif #endif
#if !defined(UDP2RAW_BIG_ENDIAN) && !defined(UDP2RAW_LITTLE_ENDIAN) #if !defined(UDP2RAW_BIG_ENDIAN) && !defined(UDP2RAW_LITTLE_ENDIAN)
#error "endian detection failed" #error "endian detection failed"
#endif #endif
#if defined(__MINGW32__) #if defined(__MINGW32__)
int inet_pton(int af, const char *src, void *dst); int inet_pton(int af, const char *src, void *dst);
const char *inet_ntop(int af, const void *src, char *dst, socklen_t size); const char *inet_ntop(int af, const void *src, char *dst, socklen_t size);
#define setsockopt(a,b,c,d,e) setsockopt(a,b,c,(const char *)(d),e) #define setsockopt(a, b, c, d, e) setsockopt(a, b, c, (const char *)(d), e)
#endif #endif
char *get_sock_error(); char *get_sock_error();
@@ -132,21 +127,18 @@ int get_sock_errno();
#if defined(__MINGW32__) #if defined(__MINGW32__)
typedef SOCKET my_fd_t; typedef SOCKET my_fd_t;
inline int sock_close(my_fd_t fd) inline int sock_close(my_fd_t fd) {
{
return closesocket(fd); return closesocket(fd);
} }
#else #else
typedef int my_fd_t; typedef int my_fd_t;
inline int sock_close(my_fd_t fd) inline int sock_close(my_fd_t fd) {
{
return close(fd); return close(fd);
} }
#endif #endif
typedef unsigned long long u64_t; // this works on most platform,avoid using the PRId64
typedef unsigned long long u64_t; //this works on most platform,avoid using the PRId64
typedef long long i64_t; typedef long long i64_t;
typedef unsigned int u32_t; typedef unsigned int u32_t;
@@ -165,12 +157,14 @@ typedef u64_t anti_replay_seq_t;
typedef u64_t my_time_t; typedef u64_t my_time_t;
const int max_addr_len=100; const int max_addr_len = 100;
extern int force_socket_buf; extern int force_socket_buf;
extern int g_fix_gro; extern int g_fix_gro;
extern int g_tcp_spa;
/* /*
struct ip_port_t struct ip_port_t
{ {
@@ -183,242 +177,215 @@ struct ip_port_t
typedef u64_t fd64_t; typedef u64_t fd64_t;
u32_t djb2(unsigned char *str,int len); u32_t djb2(unsigned char *str, int len);
u32_t sdbm(unsigned char *str,int len); u32_t sdbm(unsigned char *str, int len);
struct address_t //TODO scope id struct address_t // TODO scope id
{ {
struct hash_function struct hash_function {
{ u32_t operator()(const address_t &key) const {
u32_t operator()(const address_t &key) const return sdbm((unsigned char *)&key.inner, sizeof(key.inner));
{
return sdbm((unsigned char*)&key.inner,sizeof(key.inner));
} }
}; };
union storage_t //sockaddr_storage is too huge, we dont use it. union storage_t // sockaddr_storage is too huge, we dont use it.
{ {
sockaddr_in ipv4; sockaddr_in ipv4;
sockaddr_in6 ipv6; sockaddr_in6 ipv6;
}; };
storage_t inner; storage_t inner;
address_t() address_t() {
{
clear(); clear();
} }
void clear() void clear() {
{ memset(&inner, 0, sizeof(inner));
memset(&inner,0,sizeof(inner));
} }
int from_ip_port(u32_t ip, int port) int from_ip_port(u32_t ip, int port) {
{
clear(); clear();
inner.ipv4.sin_family=AF_INET; inner.ipv4.sin_family = AF_INET;
inner.ipv4.sin_port=htons(port); inner.ipv4.sin_port = htons(port);
inner.ipv4.sin_addr.s_addr=ip; inner.ipv4.sin_addr.s_addr = ip;
return 0; return 0;
} }
int from_ip_port_new(int type, void * ip, int port) int from_ip_port_new(int type, void *ip, int port) {
{
clear(); clear();
if(type==AF_INET) if (type == AF_INET) {
{ inner.ipv4.sin_family = AF_INET;
inner.ipv4.sin_family=AF_INET; inner.ipv4.sin_port = htons(port);
inner.ipv4.sin_port=htons(port); inner.ipv4.sin_addr.s_addr = *((u32_t *)ip);
inner.ipv4.sin_addr.s_addr=*((u32_t *)ip); } else if (type == AF_INET6) {
} inner.ipv6.sin6_family = AF_INET6;
else if(type==AF_INET6) inner.ipv6.sin6_port = htons(port);
{ inner.ipv6.sin6_addr = *((in6_addr *)ip);
inner.ipv6.sin6_family=AF_INET6;
inner.ipv6.sin6_port=htons(port);
inner.ipv6.sin6_addr=*((in6_addr*)ip);
} }
return 0; return 0;
} }
int from_str(char * str); int from_str(char *str);
int from_str_ip_only(char * str); int from_str_ip_only(char *str);
int from_sockaddr(sockaddr *,socklen_t); int from_sockaddr(sockaddr *, socklen_t);
char* get_str(); char *get_str();
void to_str(char *); void to_str(char *);
inline u32_t get_type() inline u32_t get_type() {
{ u32_t ret = ((sockaddr *)&inner)->sa_family;
u32_t ret=((sockaddr*)&inner)->sa_family; assert(ret == AF_INET || ret == AF_INET6);
assert(ret==AF_INET||ret==AF_INET6);
return ret; return ret;
} }
inline u32_t get_len() inline u32_t get_len() {
{ u32_t type = get_type();
u32_t type=get_type(); switch (type) {
switch(type)
{
case AF_INET: case AF_INET:
return sizeof(sockaddr_in); return sizeof(sockaddr_in);
case AF_INET6: case AF_INET6:
return sizeof(sockaddr_in6); return sizeof(sockaddr_in6);
default: default:
assert(0==1); assert(0 == 1);
} }
return -1; return -1;
} }
inline u32_t get_port() inline u32_t get_port() {
{ u32_t type = get_type();
u32_t type=get_type(); switch (type) {
switch(type)
{
case AF_INET: case AF_INET:
return ntohs(inner.ipv4.sin_port); return ntohs(inner.ipv4.sin_port);
case AF_INET6: case AF_INET6:
return ntohs(inner.ipv6.sin6_port); return ntohs(inner.ipv6.sin6_port);
default: default:
assert(0==1); assert(0 == 1);
} }
return -1; return -1;
} }
inline void set_port(int port) inline void set_port(int port) {
{ u32_t type = get_type();
u32_t type=get_type(); switch (type) {
switch(type)
{
case AF_INET: case AF_INET:
inner.ipv4.sin_port=htons(port); inner.ipv4.sin_port = htons(port);
break; break;
case AF_INET6: case AF_INET6:
inner.ipv6.sin6_port=htons(port); inner.ipv6.sin6_port = htons(port);
break; break;
default: default:
assert(0==1); assert(0 == 1);
} }
return ; return;
} }
bool operator == (const address_t &b) const bool operator==(const address_t &b) const {
{ // return this->data==b.data;
//return this->data==b.data; return memcmp(&this->inner, &b.inner, sizeof(this->inner)) == 0;
return memcmp(&this->inner,&b.inner,sizeof(this->inner))==0;
} }
int new_connected_udp_fd(); int new_connected_udp_fd();
char* get_ip(); char *get_ip();
}; };
namespace std { namespace std {
template <> template <>
struct hash<address_t> struct hash<address_t> {
{ std::size_t operator()(const address_t &key) const {
std::size_t operator()(const address_t& key) const // return address_t::hash_function(k);
{ return sdbm((unsigned char *)&key.inner, sizeof(key.inner));
//return address_t::hash_function(k);
return sdbm((unsigned char*)&key.inner,sizeof(key.inner));
} }
}; };
} } // namespace std
union my_ip_t //just a simple version of address_t,stores ip only union my_ip_t // just a simple version of address_t,stores ip only
{ {
u32_t v4; u32_t v4;
in6_addr v6; in6_addr v6;
bool equal (const my_ip_t &b) const; bool equal(const my_ip_t &b) const;
//int from_str(char * str); // int from_str(char * str);
char * get_str1() const; char *get_str1() const;
char * get_str2() const; char *get_str2() const;
int from_address_t(address_t a); int from_address_t(address_t a);
}; };
struct not_copy_able_t struct not_copy_able_t {
{ not_copy_able_t() {
not_copy_able_t()
{
} }
not_copy_able_t(const not_copy_able_t &other) not_copy_able_t(const not_copy_able_t &other) {
{ assert(0 == 1);
assert(0==1);
} }
const not_copy_able_t & operator=(const not_copy_able_t &other) const not_copy_able_t &operator=(const not_copy_able_t &other) {
{ assert(0 == 1);
assert(0==1);
return other; return other;
} }
}; };
const int huge_data_len=65535+100; //a packet with link level header might be larger than 65535 const int huge_data_len = 65535 + 100; // a packet with link level header might be larger than 65535
const int huge_buf_len=huge_data_len+100; const int huge_buf_len = huge_data_len + 100;
const int max_data_len=1800; const int max_data_len = 1800;
const int buf_len=max_data_len+400; const int buf_len = max_data_len + 400;
//const int max_address_len=512; // const int max_address_len=512;
#ifdef UDP2RAW_MP #ifdef UDP2RAW_MP
const int queue_len=200; const int queue_len = 200;
struct queue_t struct queue_t {
{
char data[queue_len][huge_buf_len]; char data[queue_len][huge_buf_len];
int data_len[queue_len]; int data_len[queue_len];
int head=0; int head = 0;
int tail=0; int tail = 0;
void clear() void clear() {
{ head = tail = 0;
head=tail=0;
} }
int empty() int empty() {
{ if (head == tail)
if(head==tail) return 1; return 1;
else return 0; else
return 0;
} }
int full() int full() {
{ if ((tail + 1) % queue_len == head)
if( (tail+1)%queue_len==head ) return 1; return 1;
else return 0; else
return 0;
} }
void peek_front(char * & p,int &len) void peek_front(char *&p, int &len) {
{
assert(!empty()); assert(!empty());
p=data[head]; p = data[head];
len=data_len[head]; len = data_len[head];
} }
void pop_front() void pop_front() {
{
assert(!empty()); assert(!empty());
head++;head%=queue_len; head++;
head %= queue_len;
} }
void push_back(char * p,int len) void push_back(char *p, int len) {
{
assert(!full()); assert(!full());
memcpy(data[tail],p,len); memcpy(data[tail], p, len);
data_len[tail]=len; data_len[tail] = len;
tail++;tail%=queue_len; tail++;
tail %= queue_len;
} }
}; };
int init_ws(); int init_ws();
#endif #endif
u64_t get_current_time(); u64_t get_current_time();
u64_t pack_u64(u32_t a,u32_t b); u64_t pack_u64(u32_t a, u32_t b);
u32_t get_u64_h(u64_t a); u32_t get_u64_h(u64_t a);
u32_t get_u64_l(u64_t a); u32_t get_u64_l(u64_t a);
char * my_ntoa(u32_t ip); char *my_ntoa(u32_t ip);
void init_random_number_fd(); void init_random_number_fd();
u64_t get_true_random_number_64(); u64_t get_true_random_number_64();
@@ -427,126 +394,120 @@ u32_t get_true_random_number_nz();
u64_t ntoh64(u64_t a); u64_t ntoh64(u64_t a);
u64_t hton64(u64_t a); u64_t hton64(u64_t a);
void write_u16(char *,u16_t a);// network order void write_u16(char *, u16_t a); // network order
u16_t read_u16(char *); u16_t read_u16(char *);
void write_u32(char *,u32_t a);// network order void write_u32(char *, u32_t a); // network order
u32_t read_u32(char *); u32_t read_u32(char *);
void write_u64(char *,u64_t a); void write_u64(char *, u64_t a);
u64_t read_u64(char *); u64_t read_u64(char *);
bool larger_than_u16(uint16_t a,uint16_t b); bool larger_than_u16(uint16_t a, uint16_t b);
bool larger_than_u32(u32_t a,u32_t b); bool larger_than_u32(u32_t a, u32_t b);
void setnonblocking(int sock); void setnonblocking(int sock);
int set_buf_size(int fd,int socket_buf_size); int set_buf_size(int fd, int socket_buf_size);
void myexit(int a); void myexit(int a);
unsigned short csum(const unsigned short *ptr,int nbytes); unsigned short csum(const unsigned short *ptr, int nbytes);
unsigned short csum_with_header(char* header,int hlen,const unsigned short *ptr,int nbytes); unsigned short csum_with_header(char *header, int hlen, const unsigned short *ptr, int nbytes);
int numbers_to_char(my_id_t id1,my_id_t id2,my_id_t id3,char * &data,int &len); int numbers_to_char(my_id_t id1, my_id_t id2, my_id_t id3, char *&data, int &len);
int char_to_numbers(const char * data,int len,my_id_t &id1,my_id_t &id2,my_id_t &id3); int char_to_numbers(const char *data, int len, my_id_t &id1, my_id_t &id2, my_id_t &id3);
const int show_none=0; const int show_none = 0;
const int show_command=0x1; const int show_command = 0x1;
const int show_log=0x2; const int show_log = 0x2;
const int show_all=show_command|show_log; const int show_all = show_command | show_log;
int run_command(string command,char * &output,int flag=show_all); int run_command(string command, char *&output, int flag = show_all);
//int run_command_no_log(string command,char * &output); // int run_command_no_log(string command,char * &output);
int read_file(const char * file,string &output); int read_file(const char *file, string &output);
vector<string> string_to_vec(const char * s,const char * sp); vector<string> string_to_vec(const char *s, const char *sp);
vector< vector <string> > string_to_vec2(const char * s); vector<vector<string> > string_to_vec2(const char *s);
string trim(const string& str, char c); string trim(const string &str, char c);
string trim_conf_line(const string& str); string trim_conf_line(const string &str);
vector<string> parse_conf_line(const string& s); vector<string> parse_conf_line(const string &s);
int hex_to_u32_with_endian(const string & a,u32_t &output); int hex_to_u32_with_endian(const string &a, u32_t &output);
int hex_to_u32(const string & a,u32_t &output); int hex_to_u32(const string &a, u32_t &output);
//extern string iptables_pattern; // extern string iptables_pattern;
int create_fifo(char * file); int create_fifo(char *file);
void print_binary_chars(const char * a,int len); void print_binary_chars(const char *a, int len);
template <class key_t> template <class key_t>
struct lru_collector_t:not_copy_able_t struct lru_collector_t : not_copy_able_t {
{ // typedef void* key_t;
//typedef void* key_t; //#define key_t void*
//#define key_t void* struct lru_pair_t {
struct lru_pair_t
{
key_t key; key_t key;
my_time_t ts; my_time_t ts;
}; };
unordered_map<key_t,typename list<lru_pair_t>::iterator> mp; unordered_map<key_t, typename list<lru_pair_t>::iterator> mp;
list<lru_pair_t> q; list<lru_pair_t> q;
int update(key_t key) int update(key_t key) {
{ assert(mp.find(key) != mp.end());
assert(mp.find(key)!=mp.end()); auto it = mp[key];
auto it=mp[key];
q.erase(it); q.erase(it);
my_time_t value=get_current_time(); my_time_t value = get_current_time();
if(!q.empty()) if (!q.empty()) {
{ assert(value >= q.front().ts);
assert(value >=q.front().ts);
} }
lru_pair_t tmp; tmp.key=key; tmp.ts=value; lru_pair_t tmp;
q.push_front( tmp); tmp.key = key;
mp[key]=q.begin(); tmp.ts = value;
q.push_front(tmp);
mp[key] = q.begin();
return 0; return 0;
} }
int new_key(key_t key) int new_key(key_t key) {
{ assert(mp.find(key) == mp.end());
assert(mp.find(key)==mp.end());
my_time_t value=get_current_time(); my_time_t value = get_current_time();
if(!q.empty()) if (!q.empty()) {
{ assert(value >= q.front().ts);
assert(value >=q.front().ts);
} }
lru_pair_t tmp; tmp.key=key; tmp.ts=value; lru_pair_t tmp;
q.push_front( tmp); tmp.key = key;
mp[key]=q.begin(); tmp.ts = value;
q.push_front(tmp);
mp[key] = q.begin();
return 0; return 0;
} }
int size() int size() {
{
return q.size(); return q.size();
} }
int empty() int empty() {
{
return q.empty(); return q.empty();
} }
void clear() void clear() {
{ mp.clear();
mp.clear(); q.clear(); q.clear();
} }
my_time_t ts_of(key_t key) my_time_t ts_of(key_t key) {
{ assert(mp.find(key) != mp.end());
assert(mp.find(key)!=mp.end());
return mp[key]->ts; return mp[key]->ts;
} }
my_time_t peek_back(key_t &key) my_time_t peek_back(key_t &key) {
{
assert(!q.empty()); assert(!q.empty());
auto it=q.end(); it--; auto it = q.end();
key=it->key; it--;
key = it->key;
return it->ts; return it->ts;
} }
void erase(key_t key) void erase(key_t key) {
{ assert(mp.find(key) != mp.end());
assert(mp.find(key)!=mp.end());
q.erase(mp[key]); q.erase(mp[key]);
mp.erase(key); mp.erase(key);
} }
@@ -560,5 +521,4 @@ struct lru_collector_t:not_copy_able_t
}*/ }*/
}; };
#endif /* COMMON_H_ */ #endif /* COMMON_H_ */

File diff suppressed because it is too large Load Diff

View File

@@ -16,9 +16,9 @@ extern int disable_anti_replay;
#include "network.h" #include "network.h"
#include "misc.h" #include "misc.h"
const int disable_conv_clear=0;//a udp connection in the multiplexer is called conversation in this program,conv for short. const int disable_conv_clear = 0; // a udp connection in the multiplexer is called conversation in this program,conv for short.
struct anti_replay_t //its for anti replay attack,similar to openvpn/ipsec 's anti replay window struct anti_replay_t // its for anti replay attack,similar to openvpn/ipsec 's anti replay window
{ {
u64_t max_packet_received; u64_t max_packet_received;
char window[anti_replay_window_size]; char window[anti_replay_window_size];
@@ -28,7 +28,7 @@ struct anti_replay_t //its for anti replay attack,similar to openvpn/ipsec 's a
void re_init(); void re_init();
int is_vaild(u64_t seq); int is_vaild(u64_t seq);
};//anti_replay; }; // anti_replay;
void server_clear_function(u64_t u64); void server_clear_function(u64_t u64);
@@ -37,234 +37,198 @@ void server_clear_function(u64_t u64);
template <class T> template <class T>
struct conv_manager_t // manage the udp connections struct conv_manager_t // manage the udp connections
{ {
//typedef hash_map map; // typedef hash_map map;
unordered_map<T,u32_t> data_to_conv; //conv and u64 are both supposed to be uniq unordered_map<T, u32_t> data_to_conv; // conv and u64 are both supposed to be uniq
unordered_map<u32_t,T> conv_to_data; unordered_map<u32_t, T> conv_to_data;
lru_collector_t<u32_t> lru; lru_collector_t<u32_t> lru;
//unordered_map<u32_t,u64_t> conv_last_active_time; // unordered_map<u32_t,u64_t> conv_last_active_time;
//unordered_map<u32_t,u64_t>::iterator clear_it; // unordered_map<u32_t,u64_t>::iterator clear_it;
void (*additional_clear_function)(T data) =0; void (*additional_clear_function)(T data) = 0;
long long last_clear_time; long long last_clear_time;
conv_manager_t() conv_manager_t() {
{ // clear_it=conv_last_active_time.begin();
//clear_it=conv_last_active_time.begin(); long long last_clear_time = 0;
long long last_clear_time=0; additional_clear_function = 0;
additional_clear_function=0;
} }
~conv_manager_t() ~conv_manager_t() {
{
clear(); clear();
} }
int get_size() int get_size() {
{
return conv_to_data.size(); return conv_to_data.size();
} }
void reserve() void reserve() {
{
data_to_conv.reserve(10007); data_to_conv.reserve(10007);
conv_to_data.reserve(10007); conv_to_data.reserve(10007);
//conv_last_active_time.reserve(10007); // conv_last_active_time.reserve(10007);
lru.mp.reserve(10007); lru.mp.reserve(10007);
} }
void clear() void clear() {
{ if (disable_conv_clear) return;
if(disable_conv_clear) return ;
if(additional_clear_function!=0) if (additional_clear_function != 0) {
{ for (auto it = conv_to_data.begin(); it != conv_to_data.end(); it++) {
for(auto it=conv_to_data.begin();it!=conv_to_data.end();it++) // int fd=int((it->second<<32u)>>32u);
{ additional_clear_function(it->second);
//int fd=int((it->second<<32u)>>32u);
additional_clear_function( it->second);
} }
} }
data_to_conv.clear(); data_to_conv.clear();
conv_to_data.clear(); conv_to_data.clear();
lru.clear(); lru.clear();
//conv_last_active_time.clear(); // conv_last_active_time.clear();
//clear_it=conv_last_active_time.begin();
// clear_it=conv_last_active_time.begin();
} }
u32_t get_new_conv() u32_t get_new_conv() {
{ u32_t conv = get_true_random_number_nz();
u32_t conv=get_true_random_number_nz(); while (conv_to_data.find(conv) != conv_to_data.end()) {
while(conv_to_data.find(conv)!=conv_to_data.end()) conv = get_true_random_number_nz();
{
conv=get_true_random_number_nz();
} }
return conv; return conv;
} }
int is_conv_used(u32_t conv) int is_conv_used(u32_t conv) {
{ return conv_to_data.find(conv) != conv_to_data.end();
return conv_to_data.find(conv)!=conv_to_data.end();
} }
int is_data_used(T data) int is_data_used(T data) {
{ return data_to_conv.find(data) != data_to_conv.end();
return data_to_conv.find(data)!=data_to_conv.end();
} }
u32_t find_conv_by_data(T data) u32_t find_conv_by_data(T data) {
{
return data_to_conv[data]; return data_to_conv[data];
} }
T find_data_by_conv(u32_t conv) T find_data_by_conv(u32_t conv) {
{
return conv_to_data[conv]; return conv_to_data[conv];
} }
int update_active_time(u32_t conv) int update_active_time(u32_t conv) {
{ // return conv_last_active_time[conv]=get_current_time();
//return conv_last_active_time[conv]=get_current_time();
lru.update(conv); lru.update(conv);
return 0; return 0;
} }
int insert_conv(u32_t conv,T data) int insert_conv(u32_t conv, T data) {
{ data_to_conv[data] = conv;
data_to_conv[data]=conv; conv_to_data[conv] = data;
conv_to_data[conv]=data; // conv_last_active_time[conv]=get_current_time();
//conv_last_active_time[conv]=get_current_time();
lru.new_key(conv); lru.new_key(conv);
return 0; return 0;
} }
int erase_conv(u32_t conv) int erase_conv(u32_t conv) {
{ if (disable_conv_clear) return 0;
if(disable_conv_clear) return 0; T data = conv_to_data[conv];
T data=conv_to_data[conv]; if (additional_clear_function != 0) {
if(additional_clear_function!=0)
{
additional_clear_function(data); additional_clear_function(data);
} }
conv_to_data.erase(conv); conv_to_data.erase(conv);
data_to_conv.erase(data); data_to_conv.erase(data);
//conv_last_active_time.erase(conv); // conv_last_active_time.erase(conv);
lru.erase(conv); lru.erase(conv);
return 0; return 0;
} }
int clear_inactive(char * info=0) int clear_inactive(char *info = 0) {
{ if (get_current_time() - last_clear_time > conv_clear_interval) {
if(get_current_time()-last_clear_time>conv_clear_interval) last_clear_time = get_current_time();
{
last_clear_time=get_current_time();
return clear_inactive0(info); return clear_inactive0(info);
} }
return 0; return 0;
} }
int clear_inactive0(char * info) int clear_inactive0(char *info) {
{ if (disable_conv_clear) return 0;
if(disable_conv_clear) return 0;
unordered_map<u32_t, u64_t>::iterator it;
unordered_map<u32_t, u64_t>::iterator old_it;
unordered_map<u32_t,u64_t>::iterator it; // map<uint32_t,uint64_t>::iterator it;
unordered_map<u32_t,u64_t>::iterator old_it; int cnt = 0;
// it=clear_it;
int size = lru.size();
int num_to_clean = size / conv_clear_ratio + conv_clear_min; // clear 1/10 each time,to avoid latency glitch
//map<uint32_t,uint64_t>::iterator it; num_to_clean = min(num_to_clean, size);
int cnt=0;
//it=clear_it;
int size=lru.size();
int num_to_clean=size/conv_clear_ratio+conv_clear_min; //clear 1/10 each time,to avoid latency glitch
num_to_clean=min(num_to_clean,size); my_time_t current_time = get_current_time();
for (;;) {
my_time_t current_time=get_current_time(); if (cnt >= num_to_clean) break;
for(;;) if (lru.empty()) break;
{
if(cnt>=num_to_clean) break;
if(lru.empty()) break;
u32_t conv; u32_t conv;
my_time_t ts=lru.peek_back(conv); my_time_t ts = lru.peek_back(conv);
if(current_time- ts < conv_timeout) break; if (current_time - ts < conv_timeout) break;
erase_conv(conv); erase_conv(conv);
if(info==0) if (info == 0) {
{ mylog(log_info, "conv %x cleared\n", conv);
mylog(log_info,"conv %x cleared\n",conv); } else {
} mylog(log_info, "[%s]conv %x cleared\n", info, conv);
else
{
mylog(log_info,"[%s]conv %x cleared\n",info,conv);
} }
cnt++; cnt++;
} }
return 0; return 0;
} }
/* /*
conv_manager_t(); conv_manager_t();
~conv_manager_t(); ~conv_manager_t();
int get_size(); int get_size();
void reserve(); void reserve();
void clear(); void clear();
u32_t get_new_conv(); u32_t get_new_conv();
int is_conv_used(u32_t conv); int is_conv_used(u32_t conv);
int is_u64_used(T u64); int is_u64_used(T u64);
u32_t find_conv_by_u64(T u64); u32_t find_conv_by_u64(T u64);
T find_u64_by_conv(u32_t conv); T find_u64_by_conv(u32_t conv);
int update_active_time(u32_t conv); int update_active_time(u32_t conv);
int insert_conv(u32_t conv,T u64); int insert_conv(u32_t conv,T u64);
int erase_conv(u32_t conv); int erase_conv(u32_t conv);
int clear_inactive(char * ip_port=0); int clear_inactive(char * ip_port=0);
int clear_inactive0(char * ip_port);*/ int clear_inactive0(char * ip_port);*/
};//g_conv_manager; }; // g_conv_manager;
struct blob_t:not_copy_able_t //used in conn_info_t. struct blob_t : not_copy_able_t // used in conn_info_t.
{ {
union tmp_union_t//conv_manager_t is here to avoid copying when a connection is recovered union tmp_union_t // conv_manager_t is here to avoid copying when a connection is recovered
{ {
conv_manager_t<address_t> c; conv_manager_t<address_t> c;
conv_manager_t<u64_t> s; conv_manager_t<u64_t> s;
//avoid templates here and there, avoid pointer and type cast // avoid templates here and there, avoid pointer and type cast
tmp_union_t() tmp_union_t() {
{ if (program_mode == client_mode) {
if(program_mode==client_mode) new (&c) conv_manager_t<address_t>();
{ } else {
new( &c ) conv_manager_t<address_t>(); assert(program_mode == server_mode);
} new (&s) conv_manager_t<u64_t>();
else
{
assert(program_mode==server_mode);
new( &s ) conv_manager_t<u64_t>();
} }
} }
~tmp_union_t() ~tmp_union_t() {
{ if (program_mode == client_mode) {
if(program_mode==client_mode)
{
c.~conv_manager_t<address_t>(); c.~conv_manager_t<address_t>();
} } else {
else assert(program_mode == server_mode);
{
assert(program_mode==server_mode);
s.~conv_manager_t<u64_t>(); s.~conv_manager_t<u64_t>();
} }
} }
}conv_manager; } conv_manager;
anti_replay_t anti_replay;//anti_replay_t is here bc its huge,its allocation is delayed. anti_replay_t anti_replay; // anti_replay_t is here bc its huge,its allocation is delayed.
}; };
struct conn_info_t //stores info for a raw connection.for client ,there is only one connection,for server there can be thousand of connection since server can struct conn_info_t // stores info for a raw connection.for client ,there is only one connection,for server there can be thousand of connection since server can
//handle multiple clients // handle multiple clients
{ {
current_state_t state; current_state_t state;
raw_info_t raw_info; raw_info_t raw_info;
u64_t last_state_time; u64_t last_state_time;
u64_t last_hb_sent_time; //client re-use this for retry u64_t last_hb_sent_time; // client re-use this for retry
u64_t last_hb_recv_time; u64_t last_hb_recv_time;
//long long last_resent_time; // long long last_resent_time;
my_id_t my_id; my_id_t my_id;
my_id_t oppsite_id; my_id_t oppsite_id;
fd64_t timer_fd64; fd64_t timer_fd64;
fd64_t udp_fd64; fd64_t udp_fd64;
@@ -276,37 +240,36 @@ struct conn_info_t //stores info for a raw connection.for client ,there is o
uint8_t oppsite_roller; uint8_t oppsite_roller;
u64_t last_oppsite_roller_time; u64_t last_oppsite_roller_time;
// ip_port_t ip_port; // ip_port_t ip_port;
/* /*
const uint32_t &ip=raw_info.recv_info.src_ip; const uint32_t &ip=raw_info.recv_info.src_ip;
const uint16_t &port=raw_info.recv_info.src_port; const uint16_t &port=raw_info.recv_info.src_port;
*/ */
void recover(const conn_info_t &conn_info); void recover(const conn_info_t &conn_info);
void re_init(); void re_init();
conn_info_t(); conn_info_t();
void prepare(); void prepare();
conn_info_t(const conn_info_t&b); conn_info_t(const conn_info_t &b);
conn_info_t& operator=(const conn_info_t& b); conn_info_t &operator=(const conn_info_t &b);
~conn_info_t(); ~conn_info_t();
};//g_conn_info; }; // g_conn_info;
struct conn_manager_t //manager for connections. for client,we dont need conn_manager since there is only one connection.for server we use one conn_manager for all connections struct conn_manager_t // manager for connections. for client,we dont need conn_manager since there is only one connection.for server we use one conn_manager for all connections
{ {
u32_t ready_num; u32_t ready_num;
//unordered_map<int,conn_info_t *> udp_fd_mp; //a bit dirty to used pointer,but can void unordered_map search // unordered_map<int,conn_info_t *> udp_fd_mp; //a bit dirty to used pointer,but can void unordered_map search
//unordered_map<int,conn_info_t *> timer_fd_mp;//we can use pointer here since unordered_map.rehash() uses shallow copy // unordered_map<int,conn_info_t *> timer_fd_mp;//we can use pointer here since unordered_map.rehash() uses shallow copy
unordered_map<my_id_t,conn_info_t *> const_id_mp; unordered_map<my_id_t, conn_info_t *> const_id_mp;
unordered_map<address_t,conn_info_t*> mp; //put it at end so that it de-consturcts first unordered_map<address_t, conn_info_t *> mp; // put it at end so that it de-consturcts first
//lru_collector_t<address_t> lru; // lru_collector_t<address_t> lru;
unordered_map<address_t,conn_info_t*>::iterator clear_it; unordered_map<address_t, conn_info_t *>::iterator clear_it;
long long last_clear_time; long long last_clear_time;
@@ -322,30 +285,29 @@ struct conn_manager_t //manager for connections. for client,we dont need conn_m
mp[u64]; mp[u64];
return 0; return 0;
}*/ }*/
conn_info_t *& find_insert_p(address_t addr); //be aware,the adress may change after rehash //not true? conn_info_t *&find_insert_p(address_t addr); // be aware,the adress may change after rehash //not true?
conn_info_t & find_insert(address_t addr) ; //be aware,the adress may change after rehash conn_info_t &find_insert(address_t addr); // be aware,the adress may change after rehash
int erase(unordered_map<address_t,conn_info_t*>::iterator erase_it);
int clear_inactive();
int clear_inactive0();
int erase(unordered_map<address_t, conn_info_t *>::iterator erase_it);
int clear_inactive();
int clear_inactive0();
}; };
extern conn_manager_t conn_manager; extern conn_manager_t conn_manager;
void server_clear_function(u64_t u64); void server_clear_function(u64_t u64);
int send_bare(raw_info_t &raw_info,const char* data,int len);//send function with encryption but no anti replay,this is used when client and server verifys each other int send_bare(raw_info_t &raw_info, const char *data, int len); // send function with encryption but no anti replay,this is used when client and server verifys each other
//you have to design the protocol carefully, so that you wont be affect by relay attack // you have to design the protocol carefully, so that you wont be affect by relay attack
//int reserved_parse_bare(const char *input,int input_len,char* & data,int & len); // a sub function used in recv_bare // int reserved_parse_bare(const char *input,int input_len,char* & data,int & len); // a sub function used in recv_bare
int recv_bare(raw_info_t &raw_info,char* & data,int & len);//recv function with encryption but no anti replay,this is used when client and server verifys each other int recv_bare(raw_info_t &raw_info, char *&data, int &len); // recv function with encryption but no anti replay,this is used when client and server verifys each other
//you have to design the protocol carefully, so that you wont be affect by relay attack // you have to design the protocol carefully, so that you wont be affect by relay attack
int send_handshake(raw_info_t &raw_info,my_id_t id1,my_id_t id2,my_id_t id3);// a warp for send_bare for sending handshake(this is not tcp handshake) easily int send_handshake(raw_info_t &raw_info, my_id_t id1, my_id_t id2, my_id_t id3); // a warp for send_bare for sending handshake(this is not tcp handshake) easily
int send_safer(conn_info_t &conn_info,char type,const char* data,int len); //safer transfer function with anti-replay,when mutually verification is done. int send_safer(conn_info_t &conn_info, char type, const char *data, int len); // safer transfer function with anti-replay,when mutually verification is done.
int send_data_safer(conn_info_t &conn_info,const char* data,int len,u32_t conv_num);//a wrap for send_safer for transfer data. int send_data_safer(conn_info_t &conn_info, const char *data, int len, u32_t conv_num); // a wrap for send_safer for transfer data.
//int reserved_parse_safer(conn_info_t &conn_info,const char * input,int input_len,char &type,char* &data,int &len);//subfunction for recv_safer,allow overlap // int reserved_parse_safer(conn_info_t &conn_info,const char * input,int input_len,char &type,char* &data,int &len);//subfunction for recv_safer,allow overlap
//int recv_safer(conn_info_t &conn_info,char &type,char* &data,int &len);///safer transfer function with anti-replay,when mutually verification is done. // int recv_safer(conn_info_t &conn_info,char &type,char* &data,int &len);///safer transfer function with anti-replay,when mutually verification is done.
int recv_safer_multi(conn_info_t &conn_info,vector<char> &type_arr,vector<string> &data_arr);//new api for handle gro int recv_safer_multi(conn_info_t &conn_info, vector<char> &type_arr, vector<string> &data_arr); // new api for handle gro
#endif /* CONNECTION_H_ */ #endif /* CONNECTION_H_ */

View File

@@ -161,7 +161,7 @@ other options:
如果要最大的安全性建议用aes128cbc+hmac_sha1。如果要运行在路由器上建议用xor+simple可以节省CPU。但是注意xor+simple只能骗过防火墙的包检测不能防止真正的攻击者。 如果要最大的安全性建议用aes128cbc+hmac_sha1。如果要运行在路由器上建议用xor+simple可以节省CPU。但是注意xor+simple只能骗过防火墙的包检测不能防止真正的攻击者。
### `--seq-mode` ### `--seq-mode`
facktcp模式并没有模拟tcp的全部。所以理论上有办法把faketcp和真正的tcp流量区分开来虽然大部分ISP不太可能做这种程度的包检测。seq-mode可以改变一些seq ack的行为。如果遇到了连接问题可以尝试更改。在我这边的移动线路用3种模式都没问题。 faketcp模式并没有模拟tcp的全部。所以理论上有办法把faketcp和真正的tcp流量区分开来虽然大部分ISP不太可能做这种程度的包检测。seq-mode可以改变一些seq ack的行为。如果遇到了连接问题可以尝试更改。在我这边的移动线路用3种模式都没问题。
### `--keep-rule` ### `--keep-rule`
定期主动检查iptables如果udp2raw添加的iptables规则丢了就重新添加。在一些iptables可能会被其他程序清空的情况下(比如梅林固件和openwrt的路由器)格外有用。 定期主动检查iptables如果udp2raw添加的iptables规则丢了就重新添加。在一些iptables可能会被其他程序清空的情况下(比如梅林固件和openwrt的路由器)格外有用。

739
encrypt.cpp Executable file → Normal file
View File

@@ -10,115 +10,124 @@
#include "common.h" #include "common.h"
#include "log.h" #include "log.h"
//static uint64_t seq=1; // static uint64_t seq=1;
static int8_t zero_iv[]={0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 0,0,0,0};//this prog use zero iv,you should make sure first block of data contains a random/nonce data static int8_t zero_iv[] = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; // this prog use zero iv,you should make sure first block of data contains a random/nonce data
/**** /****
* security of zero_iv + nonce first data block * security of zero_iv + nonce first data block
* https://crypto.stackexchange.com/questions/5421/using-cbc-with-a-fixed-iv-and-a-random-first-plaintext-block * https://crypto.stackexchange.com/questions/5421/using-cbc-with-a-fixed-iv-and-a-random-first-plaintext-block
****/ ****/
char normal_key[16 + 100];//generated from key_string by md5. reserved for compatiblity char normal_key[16 + 100]; // generated from key_string by md5. reserved for compatiblity
const int hmac_key_len=64;//generate 512bit long keys, use first n chars when needed const int hmac_key_len = 64; // generate 512bit long keys, use first n chars when needed
const int cipher_key_len=64; const int cipher_key_len = 64;
unsigned char hmac_key_encrypt[hmac_key_len + 100]; //key for hmac unsigned char hmac_key_encrypt[hmac_key_len + 100]; // key for hmac
unsigned char hmac_key_decrypt[hmac_key_len + 100]; //key for hmac unsigned char hmac_key_decrypt[hmac_key_len + 100]; // key for hmac
unsigned char cipher_key_encrypt[cipher_key_len + 100]; //key for aes etc. unsigned char cipher_key_encrypt[cipher_key_len + 100]; // key for aes etc.
unsigned char cipher_key_decrypt[cipher_key_len + 100]; //key for aes etc. unsigned char cipher_key_decrypt[cipher_key_len + 100]; // key for aes etc.
char gro_xor[256+100];//dirty fix for gro char gro_xor[256 + 100]; // dirty fix for gro
unordered_map<int, const char *> auth_mode_tostring = {{auth_none, "none"}, {auth_md5, "md5"}, {auth_crc32, "crc32"},{auth_simple,"simple"},{auth_hmac_sha1,"hmac_sha1"},}; unordered_map<int, const char *> auth_mode_tostring = {
{auth_none, "none"},
{auth_md5, "md5"},
{auth_crc32, "crc32"},
{auth_simple, "simple"},
{auth_hmac_sha1, "hmac_sha1"},
};
unordered_map<int, const char *> cipher_mode_tostring={{cipher_none,"none"},{cipher_aes128cfb,"aes128cfb"},{cipher_aes128cbc,"aes128cbc"},{cipher_xor,"xor"},}; unordered_map<int, const char *> cipher_mode_tostring = {
//TODO aes-gcm {cipher_none, "none"},
{cipher_aes128cfb, "aes128cfb"},
{cipher_aes128cbc, "aes128cbc"},
{cipher_xor, "xor"},
};
// TODO aes-gcm
auth_mode_t auth_mode=auth_md5; auth_mode_t auth_mode = auth_md5;
cipher_mode_t cipher_mode=cipher_aes128cbc; cipher_mode_t cipher_mode = cipher_aes128cbc;
int is_hmac_used=0; int is_hmac_used = 0;
int aes128cfb_old=0; int aes128cfb_old = 0;
//TODO key negotiation and forward secrecy // TODO key negotiation and forward secrecy
int my_init_keys(const char * user_passwd,int is_client) int my_init_keys(const char *user_passwd, int is_client) {
{ char tmp[1000] = "";
char tmp[1000]=""; int len = strlen(user_passwd);
int len=strlen(user_passwd);
strcat(tmp,user_passwd); strcat(tmp, user_passwd);
strcat(tmp,"key1"); strcat(tmp, "key1");
md5((uint8_t*)tmp,strlen(tmp),(uint8_t*)normal_key); md5((uint8_t *)tmp, strlen(tmp), (uint8_t *)normal_key);
if (auth_mode == auth_hmac_sha1)
is_hmac_used = 1;
if (is_hmac_used || g_fix_gro || 1) {
unsigned char salt[400] = "";
char salt_text[400] = "udp2raw_salt1";
md5((uint8_t *)(salt_text), strlen(salt_text), salt); // TODO different salt per session
if(auth_mode==auth_hmac_sha1) unsigned char pbkdf2_output1[400] = "";
is_hmac_used=1; PKCS5_PBKDF2_HMAC_SHA256((uint8_t *)user_passwd, len, salt, 16, 10000, 32, pbkdf2_output1); // TODO argon2 ?
if(is_hmac_used||g_fix_gro||1)
{
unsigned char salt[400]="";
char salt_text[400]="udp2raw_salt1";
md5((uint8_t*)(salt_text),strlen(salt_text),salt); //TODO different salt per session
unsigned char pbkdf2_output1[400]=""; // unsigned char pbkdf2_output2[400]="";
PKCS5_PBKDF2_HMAC_SHA256((uint8_t*)user_passwd,len,salt,16,10000, 32,pbkdf2_output1); //TODO argon2 ? // PKCS5_PBKDF2_HMAC_SHA256(pbkdf2_output1,32,0,0,1, hmac_key_len*2+cipher_key_len*2,pbkdf2_output2); //stretch it
//unsigned char pbkdf2_output2[400]=""; const char *info_hmac_encrypt = "hmac_key server-->client";
//PKCS5_PBKDF2_HMAC_SHA256(pbkdf2_output1,32,0,0,1, hmac_key_len*2+cipher_key_len*2,pbkdf2_output2); //stretch it const char *info_hmac_decrypt = "hmac_key client-->server";
const char *info_cipher_encrypt = "cipher_key server-->client";
const char *info_cipher_decrypt = "cipher_key client-->server";
const char *info_hmac_encrypt="hmac_key server-->client"; if (is_client) {
const char *info_hmac_decrypt="hmac_key client-->server";
const char *info_cipher_encrypt="cipher_key server-->client";
const char *info_cipher_decrypt="cipher_key client-->server";
if(is_client)
{
const char *tmp; const char *tmp;
tmp=info_hmac_encrypt; info_hmac_encrypt=info_hmac_decrypt;info_hmac_decrypt=tmp; tmp = info_hmac_encrypt;
tmp=info_cipher_encrypt; info_cipher_encrypt=info_cipher_decrypt;info_cipher_decrypt=tmp; info_hmac_encrypt = info_hmac_decrypt;
} info_hmac_decrypt = tmp;
else tmp = info_cipher_encrypt;
{ info_cipher_encrypt = info_cipher_decrypt;
//nop info_cipher_decrypt = tmp;
} else {
// nop
} }
assert( hkdf_sha256_expand( pbkdf2_output1,32, (unsigned char *)info_cipher_encrypt,strlen(info_cipher_encrypt), cipher_key_encrypt, cipher_key_len ) ==0); assert(hkdf_sha256_expand(pbkdf2_output1, 32, (unsigned char *)info_cipher_encrypt, strlen(info_cipher_encrypt), cipher_key_encrypt, cipher_key_len) == 0);
assert( hkdf_sha256_expand( pbkdf2_output1,32, (unsigned char *)info_cipher_decrypt,strlen(info_cipher_decrypt), cipher_key_decrypt, cipher_key_len ) ==0); assert(hkdf_sha256_expand(pbkdf2_output1, 32, (unsigned char *)info_cipher_decrypt, strlen(info_cipher_decrypt), cipher_key_decrypt, cipher_key_len) == 0);
assert( hkdf_sha256_expand( pbkdf2_output1,32, (unsigned char *)info_hmac_encrypt,strlen(info_hmac_encrypt), hmac_key_encrypt, hmac_key_len ) ==0); assert(hkdf_sha256_expand(pbkdf2_output1, 32, (unsigned char *)info_hmac_encrypt, strlen(info_hmac_encrypt), hmac_key_encrypt, hmac_key_len) == 0);
assert( hkdf_sha256_expand( pbkdf2_output1,32, (unsigned char *)info_hmac_decrypt,strlen(info_hmac_decrypt), hmac_key_decrypt, hmac_key_len ) ==0); assert(hkdf_sha256_expand(pbkdf2_output1, 32, (unsigned char *)info_hmac_decrypt, strlen(info_hmac_decrypt), hmac_key_decrypt, hmac_key_len) == 0);
const char *gro_info="gro"; const char *gro_info = "gro";
assert( hkdf_sha256_expand( pbkdf2_output1,32, (unsigned char *)gro_info,strlen(gro_info), (unsigned char *)gro_xor, 256 ) ==0); assert(hkdf_sha256_expand(pbkdf2_output1, 32, (unsigned char *)gro_info, strlen(gro_info), (unsigned char *)gro_xor, 256) == 0);
} }
print_binary_chars(normal_key,16); print_binary_chars(normal_key, 16);
print_binary_chars((char *)hmac_key_encrypt,hmac_key_len); print_binary_chars((char *)hmac_key_encrypt, hmac_key_len);
print_binary_chars((char *)hmac_key_decrypt,hmac_key_len); print_binary_chars((char *)hmac_key_decrypt, hmac_key_len);
print_binary_chars((char *)cipher_key_encrypt,cipher_key_len); print_binary_chars((char *)cipher_key_encrypt, cipher_key_len);
print_binary_chars((char *)cipher_key_decrypt,cipher_key_len); print_binary_chars((char *)cipher_key_decrypt, cipher_key_len);
return 0; return 0;
} }
/* /*
* this function comes from http://www.hackersdelight.org/hdcodetxt/crc.c.txt * this function comes from http://www.hackersdelight.org/hdcodetxt/crc.c.txt
*/ */
unsigned int crc32h(unsigned char *message,int len) { unsigned int crc32h(unsigned char *message, int len) {
int i, crc; int i, crc;
unsigned int byte, c; unsigned int byte, c;
const unsigned int g0 = 0xEDB88320, g1 = g0>>1, const unsigned int g0 = 0xEDB88320, g1 = g0 >> 1,
g2 = g0>>2, g3 = g0>>3, g4 = g0>>4, g5 = g0>>5, g2 = g0 >> 2, g3 = g0 >> 3, g4 = g0 >> 4, g5 = g0 >> 5,
g6 = (g0>>6)^g0, g7 = ((g0>>6)^g0)>>1; g6 = (g0 >> 6) ^ g0, g7 = ((g0 >> 6) ^ g0) >> 1;
i = 0; i = 0;
crc = 0xFFFFFFFF; crc = 0xFFFFFFFF;
while (i!=len) { // Get next byte. while (i != len) { // Get next byte.
byte = message[i]; byte = message[i];
crc = crc ^ byte; crc = crc ^ byte;
c = ((crc<<31>>31) & g7) ^ ((crc<<30>>31) & g6) ^ c = ((crc << 31 >> 31) & g7) ^ ((crc << 30 >> 31) & g6) ^
((crc<<29>>31) & g5) ^ ((crc<<28>>31) & g4) ^ ((crc << 29 >> 31) & g5) ^ ((crc << 28 >> 31) & g4) ^
((crc<<27>>31) & g3) ^ ((crc<<26>>31) & g2) ^ ((crc << 27 >> 31) & g3) ^ ((crc << 26 >> 31) & g2) ^
((crc<<25>>31) & g1) ^ ((crc<<24>>31) & g0); ((crc << 25 >> 31) & g1) ^ ((crc << 24 >> 31) & g0);
crc = ((unsigned)crc >> 8) ^ c; crc = ((unsigned)crc >> 8) ^ c;
i = i + 1; i = i + 1;
} }
@@ -137,433 +146,443 @@ unsigned int crc32h(unsigned char *message,int len) {
return ; return ;
}*/ }*/
void simple_hash(unsigned char *str,int len,unsigned char res[8]) //djb2+ sdbm void simple_hash(unsigned char *str, int len, unsigned char res[8]) // djb2+ sdbm
{ {
u32_t hash = 5381; u32_t hash = 5381;
u32_t hash2 = 0; u32_t hash2 = 0;
int c; int c;
int i=0; int i = 0;
while(c = *str++,i++!=len) while (c = *str++, i++ != len) {
{
// hash = ((hash << 5) + hash) + c; /* hash * 33 + c */ // hash = ((hash << 5) + hash) + c; /* hash * 33 + c */
hash = ((hash << 5) + hash)^c; /* (hash * 33) ^ c */ hash = ((hash << 5) + hash) ^ c; /* (hash * 33) ^ c */
hash2 = c + (hash2 << 6) + (hash2 << 16) - hash2; hash2 = c + (hash2 << 6) + (hash2 << 16) - hash2;
} }
hash=htonl(hash); hash = htonl(hash);
hash2=htonl(hash2); hash2 = htonl(hash2);
memcpy(res,&hash,sizeof(hash)); memcpy(res, &hash, sizeof(hash));
memcpy(res+sizeof(hash),&hash2,sizeof(hash2)); memcpy(res + sizeof(hash), &hash2, sizeof(hash2));
} }
int auth_md5_cal(const char *data,char * output,int &len) int auth_md5_cal(const char *data, char *output, int &len) {
{ memcpy(output, data, len); // TODO inefficient code
memcpy(output,data,len);//TODO inefficient code md5((unsigned char *)output, len, (unsigned char *)(output + len));
md5((unsigned char *)output,len,(unsigned char *)(output+len)); len += 16;
len+=16;
return 0; return 0;
} }
int auth_hmac_sha1_cal(const char *data,char * output,int &len) int auth_hmac_sha1_cal(const char *data, char *output, int &len) {
{ mylog(log_trace, "auth_hmac_sha1_cal() is called\n");
mylog(log_trace,"auth_hmac_sha1_cal() is called\n"); memcpy(output, data, len); // TODO inefficient code
memcpy(output,data,len);//TODO inefficient code sha1_hmac(hmac_key_encrypt, 20, (const unsigned char *)data, len, (unsigned char *)(output + len));
sha1_hmac(hmac_key_encrypt, 20, (const unsigned char *)data, len,(unsigned char *)(output+len)); // use key len of 20 instead of hmac_key_len, "extra length would not significantly increase the function strength" (rfc2104)
//use key len of 20 instead of hmac_key_len, "extra length would not significantly increase the function strength" (rfc2104) len += 20;
len+=20;
return 0; return 0;
} }
int auth_hmac_sha1_verify(const char *data,int &len) int auth_hmac_sha1_verify(const char *data, int &len) {
{ mylog(log_trace, "auth_hmac_sha1_verify() is called\n");
mylog(log_trace,"auth_hmac_sha1_verify() is called\n"); if (len < 20) {
if(len<20) mylog(log_trace, "auth_hmac_sha1_verify len<20\n");
{
mylog(log_trace,"auth_hmac_sha1_verify len<20\n");
return -1; return -1;
} }
char res[20]; char res[20];
sha1_hmac(hmac_key_decrypt, 20, (const unsigned char *)data, len-20,(unsigned char *)(res)); sha1_hmac(hmac_key_decrypt, 20, (const unsigned char *)data, len - 20, (unsigned char *)(res));
if(memcmp(res,data+len-20,20)!=0) if (memcmp(res, data + len - 20, 20) != 0) {
{ mylog(log_trace, "auth_hmac_sha1 check failed\n");
mylog(log_trace,"auth_hmac_sha1 check failed\n");
return -2; return -2;
} }
len-=20; len -= 20;
return 0; return 0;
} }
int auth_crc32_cal(const char *data,char * output,int &len) int auth_crc32_cal(const char *data, char *output, int &len) {
{ memcpy(output, data, len); // TODO inefficient code
memcpy(output,data,len);//TODO inefficient code unsigned int ret = crc32h((unsigned char *)output, len);
unsigned int ret=crc32h((unsigned char *)output,len); unsigned int ret_n = htonl(ret);
unsigned int ret_n=htonl(ret); memcpy(output + len, &ret_n, sizeof(unsigned int));
memcpy(output+len,&ret_n,sizeof(unsigned int)); len += sizeof(unsigned int);
len+=sizeof(unsigned int);
return 0; return 0;
} }
int auth_simple_cal(const char *data,char * output,int &len) int auth_simple_cal(const char *data, char *output, int &len) {
{ // char res[4];
//char res[4]; memcpy(output, data, len); // TODO inefficient code
memcpy(output,data,len);//TODO inefficient code simple_hash((unsigned char *)output, len, (unsigned char *)(output + len));
simple_hash((unsigned char *)output,len,(unsigned char *)(output+len)); len += 8;
len+=8;
return 0; return 0;
} }
int auth_simple_verify(const char *data,int &len) int auth_simple_verify(const char *data, int &len) {
{ if (len < 8) return -1;
if(len<8) return -1;
unsigned char res[8]; unsigned char res[8];
len-=8; len -= 8;
simple_hash((unsigned char *)data,len,res); simple_hash((unsigned char *)data, len, res);
if(memcmp(res,data+len,8)!=0) if (memcmp(res, data + len, 8) != 0)
return -1; return -1;
return 0; return 0;
} }
int auth_none_cal(const char *data, char *output, int &len) {
int auth_none_cal(const char *data,char * output,int &len) memcpy(output, data, len);
{
memcpy(output,data,len);
return 0; return 0;
} }
int auth_md5_verify(const char *data,int &len) int auth_md5_verify(const char *data, int &len) {
{ if (len < 16) {
if(len<16) mylog(log_trace, "auth_md5_verify len<16\n");
{
mylog(log_trace,"auth_md5_verify len<16\n");
return -1; return -1;
} }
char md5_res[16]; char md5_res[16];
md5((unsigned char *)data,len-16,(unsigned char *)md5_res); md5((unsigned char *)data, len - 16, (unsigned char *)md5_res);
if(memcmp(md5_res,data+len-16,16)!=0) if (memcmp(md5_res, data + len - 16, 16) != 0) {
{ mylog(log_trace, "auth_md5_verify md5 check failed\n");
mylog(log_trace,"auth_md5_verify md5 check failed\n");
return -2; return -2;
} }
len-=16; len -= 16;
return 0; return 0;
} }
int auth_none_verify(const char *data,int &len) int auth_none_verify(const char *data, int &len) {
{
return 0; return 0;
} }
int cipher_xor_encrypt(const char * data, char *output,int &len, char *key) { int cipher_xor_encrypt(const char *data, char *output, int &len, char *key) {
int i, j; int i, j;
for (i = 0, j = 0; i < len; i++, j++) { for (i = 0, j = 0; i < len; i++, j++) {
if(j==16) j=0; if (j == 16) j = 0;
output[i] = data[i]^key[j]; output[i] = data[i] ^ key[j];
} }
return 0; return 0;
} }
int cipher_xor_decrypt(const char * data, char *output,int &len, char *key) { int cipher_xor_decrypt(const char *data, char *output, int &len, char *key) {
int i, j; int i, j;
//char tmp[buf_len]; // char tmp[buf_len];
//len=len/16*16+1; // len=len/16*16+1;
//AES128_CBC_decrypt_buffer((uint8_t *)tmp, (uint8_t *)input, len, (uint8_t *)key, (uint8_t *)iv); // AES128_CBC_decrypt_buffer((uint8_t *)tmp, (uint8_t *)input, len, (uint8_t *)key, (uint8_t *)iv);
//for(i=0;i<len;i++) // for(i=0;i<len;i++)
//input[i]=tmp[i]; // input[i]=tmp[i];
for (i = 0, j = 0; i < len; i++, j++) { for (i = 0, j = 0; i < len; i++, j++) {
if(j==16) j=0; if (j == 16) j = 0;
output[i] = data[i]^key[j]; output[i] = data[i] ^ key[j];
} }
return 0; return 0;
} }
int padding(char *data ,int &data_len,int padding_num) int padding(char *data, int &data_len, int padding_num) {
{ int old_len = data_len;
int old_len=data_len; data_len += 1;
data_len+=1; if (data_len % padding_num != 0) {
if(data_len%padding_num!=0) data_len = (data_len / padding_num) * padding_num + padding_num;
{
data_len= (data_len/padding_num)*padding_num+padding_num;
} }
unsigned char * p= (unsigned char *)&data[data_len-1]; unsigned char *p = (unsigned char *)&data[data_len - 1];
*p= (data_len-old_len); *p = (data_len - old_len);
return 0; return 0;
} }
int de_padding(const char *data ,int &data_len,int padding_num) int de_padding(const char *data, int &data_len, int padding_num) {
{ if (data_len == 0) return -1;
if(data_len==0) return -1; if ((uint8_t)data[data_len - 1] > padding_num) return -1;
if((uint8_t)data[data_len-1] >padding_num) return -1; data_len -= (uint8_t)data[data_len - 1];
data_len-=(uint8_t)data[data_len-1]; if (data_len < 0) {
if(data_len<0)
{
return -1; return -1;
} }
return 0; return 0;
} }
void aes_ecb_encrypt(const char *data,char *output) void aes_ecb_encrypt(const char *data, char *output) {
{ static int first_time = 1;
static int first_time=1; char *key = (char *)cipher_key_encrypt;
char *key=(char*)cipher_key_encrypt; if (aes_key_optimize) {
if(aes_key_optimize) if (first_time == 0)
{ key = 0;
if(first_time==0) key=0; else
else first_time=0; first_time = 0;
} }
AES_ECB_encrypt_buffer((uint8_t*)data,(uint8_t*)key,(uint8_t*)output); AES_ECB_encrypt_buffer((uint8_t *)data, (uint8_t *)key, (uint8_t *)output);
} }
void aes_ecb_encrypt1(char *data) void aes_ecb_encrypt1(char *data) {
{
char buf[16]; char buf[16];
memcpy(buf,data,16); memcpy(buf, data, 16);
aes_ecb_encrypt(buf,data); aes_ecb_encrypt(buf, data);
} }
void aes_ecb_decrypt(const char *data,char *output) void aes_ecb_decrypt(const char *data, char *output) {
{ static int first_time = 1;
static int first_time=1; char *key = (char *)cipher_key_decrypt;
char *key=(char*)cipher_key_decrypt; if (aes_key_optimize) {
if(aes_key_optimize) if (first_time == 0)
{ key = 0;
if(first_time==0) key=0; else
else first_time=0; first_time = 0;
} }
AES_ECB_decrypt_buffer((uint8_t*)data,(uint8_t*)key,(uint8_t*)output); AES_ECB_decrypt_buffer((uint8_t *)data, (uint8_t *)key, (uint8_t *)output);
} }
void aes_ecb_decrypt1(char *data) void aes_ecb_decrypt1(char *data) {
{
char buf[16]; char buf[16];
memcpy(buf,data,16); memcpy(buf, data, 16);
aes_ecb_decrypt(buf,data); aes_ecb_decrypt(buf, data);
} }
int cipher_aes128cbc_encrypt(const char *data,char *output,int &len,char * key) int cipher_aes128cbc_encrypt(const char *data, char *output, int &len, char *key) {
{ static int first_time = 1;
static int first_time=1;
char buf[buf_len]; char buf[buf_len];
memcpy(buf,data,len);//TODO inefficient code memcpy(buf, data, len); // TODO inefficient code
if(padding(buf,len,16)<0) return -1; if (padding(buf, len, 16) < 0) return -1;
if(aes_key_optimize) if (aes_key_optimize) {
{ if (first_time == 0)
if(first_time==0) key=0; key = 0;
else first_time=0; else
first_time = 0;
} }
AES_CBC_encrypt_buffer((unsigned char *)output,(unsigned char *)buf,len,(unsigned char *)key,(unsigned char *)zero_iv); AES_CBC_encrypt_buffer((unsigned char *)output, (unsigned char *)buf, len, (unsigned char *)key, (unsigned char *)zero_iv);
return 0; return 0;
} }
int cipher_aes128cfb_encrypt(const char *data,char *output,int &len,char * key) int cipher_aes128cfb_encrypt(const char *data, char *output, int &len, char *key) {
{ static int first_time = 1;
static int first_time=1; assert(len >= 16);
assert(len>=16);
char buf[buf_len]; char buf[buf_len];
memcpy(buf,data,len);//TODO inefficient code memcpy(buf, data, len); // TODO inefficient code
if(aes_key_optimize) if (aes_key_optimize) {
{ if (first_time == 0)
if(first_time==0) key=0; key = 0;
else first_time=0; else
first_time = 0;
} }
if(!aes128cfb_old) if (!aes128cfb_old) {
{ aes_ecb_encrypt(data, buf); // encrypt the first block
aes_ecb_encrypt(data,buf); //encrypt the first block
} }
AES_CFB_encrypt_buffer((unsigned char *)output,(unsigned char *)buf,len,(unsigned char *)key,(unsigned char *)zero_iv); AES_CFB_encrypt_buffer((unsigned char *)output, (unsigned char *)buf, len, (unsigned char *)key, (unsigned char *)zero_iv);
return 0; return 0;
} }
int auth_crc32_verify(const char *data,int &len) int auth_crc32_verify(const char *data, int &len) {
{ if (len < int(sizeof(unsigned int))) {
if(len<int(sizeof(unsigned int))) mylog(log_debug, "auth_crc32_verify len<%d\n", int(sizeof(unsigned int)));
{
mylog(log_debug,"auth_crc32_verify len<%d\n",int(sizeof(unsigned int)));
return -1; return -1;
} }
unsigned int ret=crc32h((unsigned char *)data,len-sizeof(unsigned int)); unsigned int ret = crc32h((unsigned char *)data, len - sizeof(unsigned int));
unsigned int ret_n=htonl(ret); unsigned int ret_n = htonl(ret);
if(memcmp(data+len-sizeof(unsigned int),&ret_n,sizeof(unsigned int))!=0) if (memcmp(data + len - sizeof(unsigned int), &ret_n, sizeof(unsigned int)) != 0) {
{ mylog(log_debug, "auth_crc32_verify memcmp fail\n");
mylog(log_debug,"auth_crc32_verify memcmp fail\n");
return -1; return -1;
} }
len-=sizeof(unsigned int); len -= sizeof(unsigned int);
return 0; return 0;
} }
int cipher_none_encrypt(const char *data,char *output,int &len,char * key) int cipher_none_encrypt(const char *data, char *output, int &len, char *key) {
{ memcpy(output, data, len);
memcpy(output,data,len);
return 0; return 0;
} }
int cipher_aes128cbc_decrypt(const char *data,char *output,int &len,char * key) int cipher_aes128cbc_decrypt(const char *data, char *output, int &len, char *key) {
{ static int first_time = 1;
static int first_time=1; if (len % 16 != 0) {
if(len%16 !=0) {mylog(log_debug,"len%%16!=0\n");return -1;} mylog(log_debug, "len%%16!=0\n");
if(aes_key_optimize)
{
if(first_time==0) key=0;
else first_time=0;
}
AES_CBC_decrypt_buffer((unsigned char *)output,(unsigned char *)data,len,(unsigned char *)key,(unsigned char *)zero_iv);
if(de_padding(output,len,16)<0) return -1;
return 0;
}
int cipher_aes128cfb_decrypt(const char *data,char *output,int &len,char * key)
{
static int first_time=1;
if(len<16) return -1;
if(aes_key_optimize)
{
if(first_time==0) key=0;
else first_time=0;
}
AES_CFB_decrypt_buffer((unsigned char *)output,(unsigned char *)data,len,(unsigned char *)key,(unsigned char *)zero_iv);
if(!aes128cfb_old)
aes_ecb_decrypt1(output); //decrypt the first block
//if(de_padding(output,len,16)<0) return -1;
return 0;
}
int cipher_none_decrypt(const char *data,char *output,int &len,char * key)
{
memcpy(output,data,len);
return 0;
}
int auth_cal(const char *data,char * output,int &len)
{
mylog(log_trace,"auth:%d\n",auth_mode);
switch(auth_mode)
{
case auth_crc32:return auth_crc32_cal(data, output, len);
case auth_md5:return auth_md5_cal(data, output, len);
case auth_simple:return auth_simple_cal(data, output, len);
case auth_none:return auth_none_cal(data, output, len);
case auth_hmac_sha1:return auth_hmac_sha1_cal(data,output,len);
//default: return auth_md5_cal(data,output,len);//default;
default: assert(0==1);
}
return -1; return -1;
}
int auth_verify(const char *data,int &len)
{
mylog(log_trace,"auth:%d\n",auth_mode);
switch(auth_mode)
{
case auth_crc32:return auth_crc32_verify(data, len);
case auth_md5:return auth_md5_verify(data, len);
case auth_simple:return auth_simple_verify(data, len);
case auth_none:return auth_none_verify(data, len);
case auth_hmac_sha1:return auth_hmac_sha1_verify(data,len);
//default: return auth_md5_verify(data,len);//default
default: assert(0==1);
} }
return -1; if (aes_key_optimize) {
if (first_time == 0)
key = 0;
else
first_time = 0;
}
AES_CBC_decrypt_buffer((unsigned char *)output, (unsigned char *)data, len, (unsigned char *)key, (unsigned char *)zero_iv);
if (de_padding(output, len, 16) < 0) return -1;
return 0;
} }
int cipher_encrypt(const char *data,char *output,int &len,char * key) int cipher_aes128cfb_decrypt(const char *data, char *output, int &len, char *key) {
{ static int first_time = 1;
mylog(log_trace,"cipher:%d\n",cipher_mode); if (len < 16) return -1;
switch(cipher_mode)
{ if (aes_key_optimize) {
case cipher_aes128cbc:return cipher_aes128cbc_encrypt(data,output,len, key); if (first_time == 0)
case cipher_aes128cfb:return cipher_aes128cfb_encrypt(data,output,len, key); key = 0;
case cipher_xor:return cipher_xor_encrypt(data,output,len, key); else
case cipher_none:return cipher_none_encrypt(data,output,len, key); first_time = 0;
//default:return cipher_aes128cbc_encrypt(data,output,len, key); }
default: assert(0==1);
AES_CFB_decrypt_buffer((unsigned char *)output, (unsigned char *)data, len, (unsigned char *)key, (unsigned char *)zero_iv);
if (!aes128cfb_old)
aes_ecb_decrypt1(output); // decrypt the first block
// if(de_padding(output,len,16)<0) return -1;
return 0;
}
int cipher_none_decrypt(const char *data, char *output, int &len, char *key) {
memcpy(output, data, len);
return 0;
}
int auth_cal(const char *data, char *output, int &len) {
mylog(log_trace, "auth:%d\n", auth_mode);
switch (auth_mode) {
case auth_crc32:
return auth_crc32_cal(data, output, len);
case auth_md5:
return auth_md5_cal(data, output, len);
case auth_simple:
return auth_simple_cal(data, output, len);
case auth_none:
return auth_none_cal(data, output, len);
case auth_hmac_sha1:
return auth_hmac_sha1_cal(data, output, len);
// default: return auth_md5_cal(data,output,len);//default;
default:
assert(0 == 1);
} }
return -1; return -1;
} }
int cipher_decrypt(const char *data,char *output,int &len,char * key) int auth_verify(const char *data, int &len) {
{ mylog(log_trace, "auth:%d\n", auth_mode);
mylog(log_trace,"cipher:%d\n",cipher_mode); switch (auth_mode) {
switch(cipher_mode) case auth_crc32:
{ return auth_crc32_verify(data, len);
case cipher_aes128cbc:return cipher_aes128cbc_decrypt(data,output,len, key); case auth_md5:
case cipher_aes128cfb:return cipher_aes128cfb_decrypt(data,output,len, key); return auth_md5_verify(data, len);
case cipher_xor:return cipher_xor_decrypt(data,output,len, key); case auth_simple:
case cipher_none:return cipher_none_decrypt(data,output,len, key); return auth_simple_verify(data, len);
case auth_none:
return auth_none_verify(data, len);
case auth_hmac_sha1:
return auth_hmac_sha1_verify(data, len);
// default: return auth_md5_verify(data,len);//default
default:
assert(0 == 1);
}
return -1;
}
int cipher_encrypt(const char *data, char *output, int &len, char *key) {
mylog(log_trace, "cipher:%d\n", cipher_mode);
switch (cipher_mode) {
case cipher_aes128cbc:
return cipher_aes128cbc_encrypt(data, output, len, key);
case cipher_aes128cfb:
return cipher_aes128cfb_encrypt(data, output, len, key);
case cipher_xor:
return cipher_xor_encrypt(data, output, len, key);
case cipher_none:
return cipher_none_encrypt(data, output, len, key);
// default:return cipher_aes128cbc_encrypt(data,output,len, key);
default:
assert(0 == 1);
}
return -1;
}
int cipher_decrypt(const char *data, char *output, int &len, char *key) {
mylog(log_trace, "cipher:%d\n", cipher_mode);
switch (cipher_mode) {
case cipher_aes128cbc:
return cipher_aes128cbc_decrypt(data, output, len, key);
case cipher_aes128cfb:
return cipher_aes128cfb_decrypt(data, output, len, key);
case cipher_xor:
return cipher_xor_decrypt(data, output, len, key);
case cipher_none:
return cipher_none_decrypt(data, output, len, key);
// default: return cipher_aes128cbc_decrypt(data,output,len,key); // default: return cipher_aes128cbc_decrypt(data,output,len,key);
default: assert(0==1); default:
assert(0 == 1);
} }
return -1; return -1;
} }
int encrypt_AE(const char *data,char *output,int &len /*,char * key*/) int encrypt_AE(const char *data, char *output, int &len /*,char * key*/) {
{ mylog(log_trace, "encrypt_AE is called\n");
mylog(log_trace,"encrypt_AE is called\n");
char buf[buf_len]; char buf[buf_len];
char buf2[buf_len]; char buf2[buf_len];
memcpy(buf,data,len); memcpy(buf, data, len);
if(cipher_encrypt(buf,buf2,len,(char *)cipher_key_encrypt) !=0) {mylog(log_debug,"cipher_encrypt failed ");return -1;} if (cipher_encrypt(buf, buf2, len, (char *)cipher_key_encrypt) != 0) {
if(auth_cal(buf2,output,len)!=0) {mylog(log_debug,"auth_cal failed ");return -1;} mylog(log_debug, "cipher_encrypt failed ");
return -1;
}
if (auth_cal(buf2, output, len) != 0) {
mylog(log_debug, "auth_cal failed ");
return -1;
}
//printf("%d %x %x\n",len,(int)(output[0]),(int)(output[1])); // printf("%d %x %x\n",len,(int)(output[0]),(int)(output[1]));
//print_binary_chars(output,len); // print_binary_chars(output,len);
//use encrypt-then-MAC scheme // use encrypt-then-MAC scheme
return 0; return 0;
} }
int decrypt_AE(const char *data,char *output,int &len /*,char * key*/) int decrypt_AE(const char *data, char *output, int &len /*,char * key*/) {
{ mylog(log_trace, "decrypt_AE is called\n");
mylog(log_trace,"decrypt_AE is called\n"); // printf("%d %x %x\n",len,(int)(data[0]),(int)(data[1]));
//printf("%d %x %x\n",len,(int)(data[0]),(int)(data[1])); // print_binary_chars(data,len);
//print_binary_chars(data,len);
if(auth_verify(data,len)!=0) {mylog(log_debug,"auth_verify failed\n");return -1;} if (auth_verify(data, len) != 0) {
if(cipher_decrypt(data,output,len,(char *)cipher_key_decrypt) !=0) {mylog(log_debug,"cipher_decrypt failed \n"); return -1;} mylog(log_debug, "auth_verify failed\n");
return -1;
}
if (cipher_decrypt(data, output, len, (char *)cipher_key_decrypt) != 0) {
mylog(log_debug, "cipher_decrypt failed \n");
return -1;
}
return 0; return 0;
} }
int my_encrypt(const char *data,char *output,int &len /*,char * key*/) int my_encrypt(const char *data, char *output, int &len /*,char * key*/) {
{ if (len < 0) {
if(len<0) {mylog(log_trace,"len<0");return -1;} mylog(log_trace, "len<0");
if(len>max_data_len) {mylog(log_warn,"len>max_data_len");return -1;} return -1;
}
if(is_hmac_used) if (len > max_data_len) {
return encrypt_AE(data,output,len); mylog(log_warn, "len>max_data_len");
return -1;
}
if (is_hmac_used)
return encrypt_AE(data, output, len);
char buf[buf_len]; char buf[buf_len];
char buf2[buf_len]; char buf2[buf_len];
memcpy(buf,data,len); memcpy(buf, data, len);
if(auth_cal(buf,buf2,len)!=0) {mylog(log_debug,"auth_cal failed ");return -1;} if (auth_cal(buf, buf2, len) != 0) {
if(cipher_encrypt(buf2,output,len,normal_key) !=0) {mylog(log_debug,"cipher_encrypt failed ");return -1;} mylog(log_debug, "auth_cal failed ");
return -1;
}
if (cipher_encrypt(buf2, output, len, normal_key) != 0) {
mylog(log_debug, "cipher_encrypt failed ");
return -1;
}
return 0; return 0;
} }
int my_decrypt(const char *data,char *output,int &len /*,char * key*/) int my_decrypt(const char *data, char *output, int &len /*,char * key*/) {
{ if (len < 0) return -1;
if(len<0) return -1; if (len > max_data_len) {
if(len>max_data_len) {mylog(log_warn,"len>max_data_len");return -1;} mylog(log_warn, "len>max_data_len");
return -1;
}
if(is_hmac_used) if (is_hmac_used)
return decrypt_AE(data,output,len); return decrypt_AE(data, output, len);
if(cipher_decrypt(data,output,len,normal_key) !=0) {mylog(log_debug,"cipher_decrypt failed \n"); return -1;} if (cipher_decrypt(data, output, len, normal_key) != 0) {
if(auth_verify(output,len)!=0) {mylog(log_debug,"auth_verify failed\n");return -1;} mylog(log_debug, "cipher_decrypt failed \n");
return -1;
}
if (auth_verify(output, len) != 0) {
mylog(log_debug, "auth_verify failed\n");
return -1;
}
return 0; return 0;
} }
int encrypt_AEAD(uint8_t *data, uint8_t *output, int &len, uint8_t *key, uint8_t *header, int hlen) {
int encrypt_AEAD(uint8_t *data,uint8_t *output,int &len,uint8_t * key,uint8_t *header,int hlen) // TODO
{
//TODO
return -1; return -1;
} }
int decrypt_AEAD(uint8_t *data,uint8_t *output,int &len,uint8_t * key,uint8_t *header,int hlen) int decrypt_AEAD(uint8_t *data, uint8_t *output, int &len, uint8_t *key, uint8_t *header, int hlen) {
{ // TODO
//TODO
return -1; return -1;
} }

44
encrypt.h Executable file → Normal file
View File

@@ -1,33 +1,35 @@
#ifndef UDP2RAW_ENCRYPTION_H_ #ifndef UDP2RAW_ENCRYPTION_H_
#define UDP2RAW_ENCRYPTION_H_ #define UDP2RAW_ENCRYPTION_H_
//#include "aes.h" //#include "aes.h"
//#include "md5.h" //#include "md5.h"
#include "common.h" #include "common.h"
// using namespace std;
// extern char key[16];
//using namespace std; const int aes_key_optimize = 1; // if enabled,once you used a key for aes,you cant change it anymore
//extern char key[16];
const int aes_key_optimize=1; //if enabled,once you used a key for aes,you cant change it anymore
extern int aes128cfb_old; extern int aes128cfb_old;
int my_init_keys(const char *,int); int my_init_keys(const char *, int);
int my_encrypt(const char *data,char *output,int &len); int my_encrypt(const char *data, char *output, int &len);
int my_decrypt(const char *data,char *output,int &len); int my_decrypt(const char *data, char *output, int &len);
unsigned short csum(const unsigned short *ptr, int nbytes);
unsigned short csum(const unsigned short *ptr,int nbytes) ; enum auth_mode_t { auth_none = 0,
auth_md5,
auth_crc32,
enum auth_mode_t {auth_none=0,auth_md5,auth_crc32,auth_simple,auth_hmac_sha1,auth_end}; auth_simple,
auth_hmac_sha1,
auth_end };
enum cipher_mode_t {cipher_none=0,cipher_aes128cbc,cipher_xor,cipher_aes128cfb,cipher_end};
enum cipher_mode_t { cipher_none = 0,
cipher_aes128cbc,
cipher_xor,
cipher_aes128cfb,
cipher_end };
extern auth_mode_t auth_mode; extern auth_mode_t auth_mode;
extern cipher_mode_t cipher_mode; extern cipher_mode_t cipher_mode;
@@ -35,13 +37,13 @@ extern cipher_mode_t cipher_mode;
extern unordered_map<int, const char *> auth_mode_tostring; extern unordered_map<int, const char *> auth_mode_tostring;
extern unordered_map<int, const char *> cipher_mode_tostring; extern unordered_map<int, const char *> cipher_mode_tostring;
extern char gro_xor[256+100]; extern char gro_xor[256 + 100];
int cipher_decrypt(const char *data,char *output,int &len,char * key);//internal interface ,exposed for test only int cipher_decrypt(const char *data, char *output, int &len, char *key); // internal interface ,exposed for test only
int cipher_encrypt(const char *data,char *output,int &len,char * key);//internal interface ,exposed for test only int cipher_encrypt(const char *data, char *output, int &len, char *key); // internal interface ,exposed for test only
void aes_ecb_encrypt(const char *data,char *output); void aes_ecb_encrypt(const char *data, char *output);
void aes_ecb_decrypt(const char *data,char *output); void aes_ecb_decrypt(const char *data, char *output);
void aes_ecb_encrypt1(char *data); void aes_ecb_encrypt1(char *data);
void aes_ecb_decrypt1(char *data); void aes_ecb_decrypt1(char *data);

View File

@@ -5,60 +5,49 @@
* Author: root * Author: root
*/ */
#include "fd_manager.h" #include "fd_manager.h"
int fd_manager_t::fd_exist(int fd) int fd_manager_t::fd_exist(int fd) {
{ return fd_to_fd64_mp.find(fd) != fd_to_fd64_mp.end();
return fd_to_fd64_mp.find(fd)!=fd_to_fd64_mp.end();
} }
int fd_manager_t::exist(fd64_t fd64) int fd_manager_t::exist(fd64_t fd64) {
{ return fd64_to_fd_mp.find(fd64) != fd64_to_fd_mp.end();
return fd64_to_fd_mp.find(fd64)!=fd64_to_fd_mp.end();
} }
int fd_manager_t::to_fd(fd64_t fd64) int fd_manager_t::to_fd(fd64_t fd64) {
{
assert(exist(fd64)); assert(exist(fd64));
return fd64_to_fd_mp[fd64]; return fd64_to_fd_mp[fd64];
} }
void fd_manager_t::fd64_close(fd64_t fd64) void fd_manager_t::fd64_close(fd64_t fd64) {
{
assert(exist(fd64)); assert(exist(fd64));
int fd=fd64_to_fd_mp[fd64]; int fd = fd64_to_fd_mp[fd64];
fd64_to_fd_mp.erase(fd64); fd64_to_fd_mp.erase(fd64);
fd_to_fd64_mp.erase(fd); fd_to_fd64_mp.erase(fd);
if(exist_info(fd64)) if (exist_info(fd64)) {
{
fd_info_mp.erase(fd64); fd_info_mp.erase(fd64);
} }
//assert(close(fd)==0); // assert(close(fd)==0);
sock_close(fd); sock_close(fd);
} }
void fd_manager_t::reserve(int n) void fd_manager_t::reserve(int n) {
{
fd_to_fd64_mp.reserve(n); fd_to_fd64_mp.reserve(n);
fd64_to_fd_mp.reserve(n); fd64_to_fd_mp.reserve(n);
fd_info_mp.reserve(n); fd_info_mp.reserve(n);
} }
u64_t fd_manager_t::create(int fd) u64_t fd_manager_t::create(int fd) {
{
assert(!fd_exist(fd)); assert(!fd_exist(fd));
fd64_t fd64=counter++; fd64_t fd64 = counter++;
fd_to_fd64_mp[fd]=fd64; fd_to_fd64_mp[fd] = fd64;
fd64_to_fd_mp[fd64]=fd; fd64_to_fd_mp[fd64] = fd;
return fd64; return fd64;
} }
fd_manager_t::fd_manager_t() fd_manager_t::fd_manager_t() {
{ counter = u32_t(-1);
counter=u32_t(-1); counter += 100;
counter+=100;
reserve(10007); reserve(10007);
} }
fd_info_t & fd_manager_t::get_info(fd64_t fd64) fd_info_t& fd_manager_t::get_info(fd64_t fd64) {
{
assert(exist(fd64)); assert(exist(fd64));
return fd_info_mp[fd64]; return fd_info_mp[fd64];
} }
int fd_manager_t::exist_info(fd64_t fd64) int fd_manager_t::exist_info(fd64_t fd64) {
{ return fd_info_mp.find(fd64) != fd_info_mp.end();
return fd_info_mp.find(fd64)!=fd_info_mp.end();
} }

View File

@@ -12,16 +12,15 @@
//#include "packet.h" //#include "packet.h"
#include "connection.h" #include "connection.h"
struct fd_info_t struct fd_info_t {
{ // ip_port_t ip_port;
//ip_port_t ip_port;
conn_info_t *p_conn_info; conn_info_t *p_conn_info;
}; };
struct fd_manager_t //conver fd to a uniq 64bit number,avoid fd value conflict caused by close and re-create struct fd_manager_t // conver fd to a uniq 64bit number,avoid fd value conflict caused by close and re-create
//this class is not strictly necessary,it just makes epoll fd handling easier // this class is not strictly necessary,it just makes epoll fd handling easier
{ {
fd_info_t & get_info(fd64_t fd64); fd_info_t &get_info(fd64_t fd64);
int exist_info(fd64_t); int exist_info(fd64_t);
int exist(fd64_t fd64); int exist(fd64_t fd64);
int to_fd(fd64_t); int to_fd(fd64_t);
@@ -29,14 +28,15 @@ struct fd_manager_t //conver fd to a uniq 64bit number,avoid fd value conflict
void reserve(int n); void reserve(int n);
u64_t create(int fd); u64_t create(int fd);
fd_manager_t(); fd_manager_t();
private:
private:
u64_t counter; u64_t counter;
unordered_map<int,fd64_t> fd_to_fd64_mp; unordered_map<int, fd64_t> fd_to_fd64_mp;
unordered_map<fd64_t,int> fd64_to_fd_mp; unordered_map<fd64_t, int> fd64_to_fd_mp;
unordered_map<fd64_t,fd_info_t> fd_info_mp; unordered_map<fd64_t, fd_info_t> fd_info_mp;
int fd_exist(int fd); int fd_exist(int fd);
//void remove_fd(int fd); // void remove_fd(int fd);
//fd64_t fd_to_fd64(int fd); // fd64_t fd_to_fd64(int fd);
}; };
extern fd_manager_t fd_manager; extern fd_manager_t fd_manager;

1
git_version.h Normal file
View File

@@ -0,0 +1 @@
const char *gitversion = "e42f0e573221c5e0146c02fd5d71f32aa93c7221";

53
log.cpp Executable file → Normal file
View File

@@ -1,16 +1,14 @@
#include "log.h" #include "log.h"
#include "misc.h" #include "misc.h"
int log_level=log_info; int log_level = log_info;
int enable_log_position=0; int enable_log_position = 0;
int enable_log_color=1; int enable_log_color = 1;
void log0(const char * file,const char * function,int line,int level,const char* str, ...) {
if(level>log_level) return ;
if(level>log_trace||level<0) return ;
void log0(const char* file, const char* function, int line, int level, const char* str, ...) {
if (level > log_level) return;
if (level > log_trace || level < 0) return;
time_t timer; time_t timer;
char buffer[100]; char buffer[100];
@@ -19,44 +17,41 @@ void log0(const char * file,const char * function,int line,int level,const char*
time(&timer); time(&timer);
tm_info = localtime(&timer); tm_info = localtime(&timer);
if(enable_log_color) if (enable_log_color)
printf("%s",log_color[level]); printf("%s", log_color[level]);
strftime(buffer, 100, "%Y-%m-%d %H:%M:%S", tm_info); strftime(buffer, 100, "%Y-%m-%d %H:%M:%S", tm_info);
printf("[%s][%s]",buffer,log_text[level]); printf("[%s][%s]", buffer, log_text[level]);
if(enable_log_position)printf("[%s,func:%s,line:%d]",file,function,line); if (enable_log_position) printf("[%s,func:%s,line:%d]", file, function, line);
va_list vlist; va_list vlist;
va_start(vlist, str); va_start(vlist, str);
vfprintf(stdout, str, vlist); vfprintf(stdout, str, vlist);
va_end(vlist); va_end(vlist);
if(enable_log_color) if (enable_log_color)
printf("%s",RESET); printf("%s", RESET);
//printf("\n"); // printf("\n");
//if(enable_log_color) // if(enable_log_color)
//printf(log_color[level]); // printf(log_color[level]);
fflush(stdout); fflush(stdout);
if(log_level==log_fatal) if (log_level == log_fatal) {
{ about_to_exit = 1;
about_to_exit=1;
} }
} }
void log_bare(int level,const char* str, ...) void log_bare(int level, const char* str, ...) {
{ if (level > log_level) return;
if(level>log_level) return ; if (level > log_trace || level < 0) return;
if(level>log_trace||level<0) return ; if (enable_log_color)
if(enable_log_color) printf("%s", log_color[level]);
printf("%s",log_color[level]);
va_list vlist; va_list vlist;
va_start(vlist, str); va_start(vlist, str);
vfprintf(stdout, str, vlist); vfprintf(stdout, str, vlist);
va_end(vlist); va_end(vlist);
if(enable_log_color) if (enable_log_color)
printf("%s",RESET); printf("%s", RESET);
fflush(stdout); fflush(stdout);
} }

35
log.h Executable file → Normal file
View File

@@ -2,13 +2,10 @@
#ifndef UDP2RAW_LOG_MYLOG_H_ #ifndef UDP2RAW_LOG_MYLOG_H_
#define UDP2RAW_LOG_MYLOG_H_ #define UDP2RAW_LOG_MYLOG_H_
#include "common.h" #include "common.h"
using namespace std; using namespace std;
#define RED "\x1B[31m" #define RED "\x1B[31m"
#define GRN "\x1B[32m" #define GRN "\x1B[32m"
#define YEL "\x1B[33m" #define YEL "\x1B[33m"
@@ -18,37 +15,33 @@ using namespace std;
#define WHT "\x1B[37m" #define WHT "\x1B[37m"
#define RESET "\x1B[0m" #define RESET "\x1B[0m"
const int log_never = 0;
const int log_fatal = 1;
const int log_error = 2;
const int log_warn = 3;
const int log_info = 4;
const int log_debug = 5;
const int log_trace = 6;
const int log_end = 7;
const int log_never=0; const char log_text[][20] = {"NEVER", "FATAL", "ERROR", "WARN", "INFO", "DEBUG", "TRACE", ""};
const int log_fatal=1; const char log_color[][20] = {RED, RED, RED, YEL, GRN, MAG, ""};
const int log_error=2;
const int log_warn=3;
const int log_info=4;
const int log_debug=5;
const int log_trace=6;
const int log_end=7;
const char log_text[][20]={"NEVER","FATAL","ERROR","WARN","INFO","DEBUG","TRACE",""};
const char log_color[][20]={RED,RED,RED,YEL,GRN,MAG,""};
extern int log_level; extern int log_level;
extern int enable_log_position; extern int enable_log_position;
extern int enable_log_color; extern int enable_log_color;
#ifdef MY_DEBUG #ifdef MY_DEBUG
#define mylog(__first_argu__dummy_abcde__,...) printf(__VA_ARGS__) #define mylog(__first_argu__dummy_abcde__, ...) printf(__VA_ARGS__)
#else #else
#define mylog(...) log0(__FILE__,__FUNCTION__,__LINE__,__VA_ARGS__) #define mylog(...) log0(__FILE__, __FUNCTION__, __LINE__, __VA_ARGS__)
#endif #endif
//#define mylog(__first_argu__dummy_abcde__,...) {;} //#define mylog(__first_argu__dummy_abcde__,...) {;}
void log0(const char * file,const char * function,int line,int level,const char* str, ...); void log0(const char* file, const char* function, int line, int level, const char* str, ...);
void log_bare(int level,const char* str, ...);
void log_bare(int level, const char* str, ...);
#endif #endif

74
main.cpp Executable file → Normal file
View File

@@ -7,19 +7,16 @@
#include "encrypt.h" #include "encrypt.h"
#include "fd_manager.h" #include "fd_manager.h"
void sigpipe_cb(struct ev_loop *l, ev_signal *w, int revents) void sigpipe_cb(struct ev_loop *l, ev_signal *w, int revents) {
{
mylog(log_info, "got sigpipe, ignored"); mylog(log_info, "got sigpipe, ignored");
} }
void sigterm_cb(struct ev_loop *l, ev_signal *w, int revents) void sigterm_cb(struct ev_loop *l, ev_signal *w, int revents) {
{
mylog(log_info, "got sigterm, exit"); mylog(log_info, "got sigterm, exit");
myexit(0); myexit(0);
} }
void sigint_cb(struct ev_loop *l, ev_signal *w, int revents) void sigint_cb(struct ev_loop *l, ev_signal *w, int revents) {
{
mylog(log_info, "got sigint, exit"); mylog(log_info, "got sigint, exit");
myexit(0); myexit(0);
} }
@@ -27,42 +24,38 @@ void sigint_cb(struct ev_loop *l, ev_signal *w, int revents)
int client_event_loop(); int client_event_loop();
int server_event_loop(); int server_event_loop();
int main(int argc, char *argv[]) int main(int argc, char *argv[]) {
{ assert(sizeof(unsigned short) == 2);
assert(sizeof(unsigned short)==2); assert(sizeof(unsigned int) == 4);
assert(sizeof(unsigned int)==4); assert(sizeof(unsigned long long) == 8);
assert(sizeof(unsigned long long)==8);
#ifdef UDP2RAW_MP #ifdef UDP2RAW_MP
init_ws(); init_ws();
#endif #endif
dup2(1, 2);//redirect stderr to stdout dup2(1, 2); // redirect stderr to stdout
#if defined(__MINGW32__) #if defined(__MINGW32__)
enable_log_color=0; enable_log_color = 0;
#endif #endif
pre_process_arg(argc,argv); pre_process_arg(argc, argv);
if(program_mode==client_mode)
{
struct ev_loop* loop=ev_default_loop(0);
#if !defined(__MINGW32__)
ev_signal signal_watcher_sigpipe; ev_signal signal_watcher_sigpipe;
ev_signal signal_watcher_sigterm;
ev_signal signal_watcher_sigint;
if (program_mode == client_mode) {
struct ev_loop *loop = ev_default_loop(0);
#if !defined(__MINGW32__)
ev_signal_init(&signal_watcher_sigpipe, sigpipe_cb, SIGPIPE); ev_signal_init(&signal_watcher_sigpipe, sigpipe_cb, SIGPIPE);
ev_signal_start(loop, &signal_watcher_sigpipe); ev_signal_start(loop, &signal_watcher_sigpipe);
#endif #endif
ev_signal signal_watcher_sigterm;
ev_signal_init(&signal_watcher_sigterm, sigterm_cb, SIGTERM); ev_signal_init(&signal_watcher_sigterm, sigterm_cb, SIGTERM);
ev_signal_start(loop, &signal_watcher_sigterm); ev_signal_start(loop, &signal_watcher_sigterm);
ev_signal signal_watcher_sigint;
ev_signal_init(&signal_watcher_sigint, sigint_cb, SIGINT); ev_signal_init(&signal_watcher_sigint, sigint_cb, SIGINT);
ev_signal_start(loop, &signal_watcher_sigint); ev_signal_start(loop, &signal_watcher_sigint);
} } else {
else
{
#ifdef UDP2RAW_LINUX #ifdef UDP2RAW_LINUX
signal(SIGINT, signal_handler); signal(SIGINT, signal_handler);
signal(SIGHUP, signal_handler); signal(SIGHUP, signal_handler);
@@ -70,31 +63,27 @@ int main(int argc, char *argv[])
signal(SIGTERM, signal_handler); signal(SIGTERM, signal_handler);
signal(SIGQUIT, signal_handler); signal(SIGQUIT, signal_handler);
#else #else
mylog(log_fatal,"server mode not supported in multi-platform version\n"); mylog(log_fatal, "server mode not supported in multi-platform version\n");
myexit(-1); myexit(-1);
#endif #endif
} }
#if !defined(__MINGW32__) #if !defined(__MINGW32__)
if(geteuid() != 0) if (geteuid() != 0) {
{ mylog(log_warn, "root check failed, it seems like you are using a non-root account. we can try to continue, but it may fail. If you want to run udp2raw as non-root, you have to add iptables rule manually, and grant udp2raw CAP_NET_RAW capability, check README.md in repo for more info.\n");
mylog(log_warn,"root check failed, it seems like you are using a non-root account. we can try to continue, but it may fail. If you want to run udp2raw as non-root, you have to add iptables rule manually, and grant udp2raw CAP_NET_RAW capability, check README.md in repo for more info.\n"); } else {
} mylog(log_warn, "you can run udp2raw with non-root account for better security. check README.md in repo for more info.\n");
else
{
mylog(log_warn,"you can run udp2raw with non-root account for better security. check README.md in repo for more info.\n");
} }
#endif #endif
mylog(log_info,"remote_ip=[%s], make sure this is a vaild IP address\n",remote_addr.get_ip()); mylog(log_info, "remote_ip=[%s], make sure this is a vaild IP address\n", remote_addr.get_ip());
//init_random_number_fd(); // init_random_number_fd();
srand(get_true_random_number_nz()); srand(get_true_random_number_nz());
const_id=get_true_random_number_nz(); const_id = get_true_random_number_nz();
mylog(log_info,"const_id:%x\n",const_id); mylog(log_info, "const_id:%x\n", const_id);
my_init_keys(key_string,program_mode==client_mode?1:0); my_init_keys(key_string, program_mode == client_mode ? 1 : 0);
iptables_rule(); iptables_rule();
@@ -102,16 +91,13 @@ int main(int argc, char *argv[])
init_raw_socket(); init_raw_socket();
#endif #endif
if(program_mode==client_mode) if (program_mode == client_mode) {
{
client_event_loop(); client_event_loop();
} } else {
else
{
#ifdef UDP2RAW_LINUX #ifdef UDP2RAW_LINUX
server_event_loop(); server_event_loop();
#else #else
mylog(log_fatal,"server mode not supported in multi-platform version\n"); mylog(log_fatal, "server mode not supported in multi-platform version\n");
myexit(-1); myexit(-1);
#endif #endif
} }

View File

@@ -2,9 +2,11 @@ cc_cross=/home/wangyu/Desktop/arm-2014.05/bin/arm-none-linux-gnueabi-g++
cc_local=g++ cc_local=g++
cc_mips24kc_be=/toolchains/lede-sdk-17.01.2-ar71xx-generic_gcc-5.4.0_musl-1.1.16.Linux-x86_64/staging_dir/toolchain-mips_24kc_gcc-5.4.0_musl-1.1.16/bin/mips-openwrt-linux-musl-g++ cc_mips24kc_be=/toolchains/lede-sdk-17.01.2-ar71xx-generic_gcc-5.4.0_musl-1.1.16.Linux-x86_64/staging_dir/toolchain-mips_24kc_gcc-5.4.0_musl-1.1.16/bin/mips-openwrt-linux-musl-g++
cc_mips24kc_le=/toolchains/lede-sdk-17.01.2-ramips-mt7621_gcc-5.4.0_musl-1.1.16.Linux-x86_64/staging_dir/toolchain-mipsel_24kc_gcc-5.4.0_musl-1.1.16/bin/mipsel-openwrt-linux-musl-g++ cc_mips24kc_le=/toolchains/lede-sdk-17.01.2-ramips-mt7621_gcc-5.4.0_musl-1.1.16.Linux-x86_64/staging_dir/toolchain-mipsel_24kc_gcc-5.4.0_musl-1.1.16/bin/mipsel-openwrt-linux-musl-g++
cc_arm= /toolchains/arm-2014.05/bin/arm-none-linux-gnueabi-g++ cc_arm= /toolchains/lede-sdk-17.01.2-bcm53xx_gcc-5.4.0_musl-1.1.16_eabi.Linux-x86_64/staging_dir/toolchain-arm_cortex-a9_gcc-5.4.0_musl-1.1.16_eabi/bin/arm-openwrt-linux-c++
cc_mingw_cross=i686-w64-mingw32-g++-posix cc_mingw_cross=i686-w64-mingw32-g++-posix
cc_mac_cross=o64-clang++ -stdlib=libc++ cc_mac_cross=o64-clang++ -stdlib=libc++
cc_x86=/toolchains/lede-sdk-17.01.2-x86-generic_gcc-5.4.0_musl-1.1.16.Linux-x86_64/staging_dir/toolchain-i386_pentium4_gcc-5.4.0_musl-1.1.16/bin/i486-openwrt-linux-c++
cc_amd64=/toolchains/lede-sdk-17.01.2-x86-64_gcc-5.4.0_musl-1.1.16.Linux-x86_64/staging_dir/toolchain-x86_64_gcc-5.4.0_musl-1.1.16/bin/x86_64-openwrt-linux-c++
#cc_bcm2708=/home/wangyu/raspberry/tools/arm-bcm2708/gcc-linaro-arm-linux-gnueabihf-raspbian/bin/arm-linux-gnueabihf-g++ #cc_bcm2708=/home/wangyu/raspberry/tools/arm-bcm2708/gcc-linaro-arm-linux-gnueabihf-raspbian/bin/arm-linux-gnueabihf-g++
@@ -36,7 +38,7 @@ all:git_version
#dynamic link #dynamic link
dynamic: git_version dynamic: git_version
${cc_local} -o ${NAME}_$@ -I. ${SOURCES} ${FLAGS} -lrt -O3 ${cc_local} -o ${NAME}_$@ -I. ${SOURCES} ${FLAGS} -lrt -O2
#targes for general cross compile #targes for general cross compile
@@ -55,7 +57,7 @@ fast: git_version
${cc_local} -o ${NAME} -I. ${SOURCES} ${FLAGS} -lrt -ggdb ${cc_local} -o ${NAME} -I. ${SOURCES} ${FLAGS} -lrt -ggdb
debug: git_version debug: git_version
rm -f ${NAME} rm -f ${NAME}
${cc_local} -o ${NAME} -I. ${SOURCES} ${FLAGS} -lrt -Wformat-nonliteral -D MY_DEBUG ${cc_local} -o ${NAME} -I. ${SOURCES} ${FLAGS} -lrt -Wformat-nonliteral -D MY_DEBUG -ggdb
debug2: git_version debug2: git_version
rm -f ${NAME} rm -f ${NAME}
${cc_local} -o ${NAME} -I. ${SOURCES} ${FLAGS} -lrt -Wformat-nonliteral -ggdb -fsanitize=address ${cc_local} -o ${NAME} -I. ${SOURCES} ${FLAGS} -lrt -Wformat-nonliteral -ggdb -fsanitize=address
@@ -63,25 +65,25 @@ debug2: git_version
#targets only for 'make release' #targets only for 'make release'
mips24kc_be: git_version mips24kc_be: git_version
${cc_mips24kc_be} -o ${NAME}_$@ -I. ${SOURCES} ${FLAGS} -lrt -lgcc_eh -static -O3 ${cc_mips24kc_be} -o ${NAME}_$@ -I. ${SOURCES} ${FLAGS} -lrt -lgcc_eh -static -O2
mips24kc_be_asm_aes: git_version mips24kc_be_asm_aes: git_version
${cc_mips24kc_be} -o ${NAME}_$@ -I. ${SOURCES_AES_ACC} ${FLAGS} -lrt -lgcc_eh -static -O3 lib/aes_acc/asm/mips_be.S ${cc_mips24kc_be} -o ${NAME}_$@ -I. ${SOURCES_AES_ACC} ${FLAGS} -lrt -lgcc_eh -static -O2 lib/aes_acc/asm/mips_be.S
mips24kc_le: git_version mips24kc_le: git_version
${cc_mips24kc_le} -o ${NAME}_$@ -I. ${SOURCES} ${FLAGS} -lrt -lgcc_eh -static -O3 ${cc_mips24kc_le} -o ${NAME}_$@ -I. ${SOURCES} ${FLAGS} -lrt -lgcc_eh -static -O2
mips24kc_le_asm_aes: git_version mips24kc_le_asm_aes: git_version
${cc_mips24kc_le} -o ${NAME}_$@ -I. ${SOURCES_AES_ACC} ${FLAGS} -lrt -lgcc_eh -static -O3 lib/aes_acc/asm/mips.S ${cc_mips24kc_le} -o ${NAME}_$@ -I. ${SOURCES_AES_ACC} ${FLAGS} -lrt -lgcc_eh -static -O2 lib/aes_acc/asm/mips.S
amd64:git_version amd64:git_version
${cc_local} -o ${NAME}_$@ -I. ${SOURCES} ${FLAGS} -lrt -static -O3 ${cc_amd64} -o ${NAME}_$@ -I. ${SOURCES} ${FLAGS} -lrt -static -O2 -lgcc_eh -ggdb
amd64_hw_aes:git_version amd64_hw_aes:git_version
${cc_local} -o ${NAME}_$@ -I. ${SOURCES_AES_ACC} ${FLAGS} -lrt -static -O3 lib/aes_acc/asm/x64.S ${cc_amd64} -o ${NAME}_$@ -I. ${SOURCES_AES_ACC} ${FLAGS} -lrt -static -O2 lib/aes_acc/asm/x64.S -lgcc_eh -ggdb
x86:git_version x86:git_version
${cc_local} -o ${NAME}_$@ -I. ${SOURCES} ${FLAGS} -lrt -static -O3 -m32 ${cc_x86} -o ${NAME}_$@ -I. ${SOURCES} ${FLAGS} -lrt -static -O2 -lgcc_eh -ggdb
x86_asm_aes:git_version x86_asm_aes:git_version
${cc_local} -o ${NAME}_$@ -I. ${SOURCES_AES_ACC} ${FLAGS} -lrt -static -O3 -m32 lib/aes_acc/asm/x86.S ${cc_x86} -o ${NAME}_$@ -I. ${SOURCES_AES_ACC} ${FLAGS} -lrt -static -O2 lib/aes_acc/asm/x86.S -lgcc_eh -ggdb
arm:git_version arm:git_version
${cc_arm} -o ${NAME}_$@ -I. ${SOURCES} ${FLAGS} -lrt -static -O3 ${cc_arm} -o ${NAME}_$@ -I. ${SOURCES} ${FLAGS} -lrt -static -O2 -lgcc_eh
arm_asm_aes:git_version arm_asm_aes:git_version
${cc_arm} -o ${NAME}_$@ -I. ${SOURCES_AES_ACC} ${FLAGS} -lrt -static -O3 lib/aes_acc/asm/arm.S ${cc_arm} -o ${NAME}_$@ -I. ${SOURCES_AES_ACC} ${FLAGS} -lrt -static -O2 lib/aes_acc/asm/arm.S -lgcc_eh
release: ${TARGETS} release: ${TARGETS}
cp git_version.h version.txt cp git_version.h version.txt
@@ -89,22 +91,22 @@ release: ${TARGETS}
#targets for multi-platform version (native compile) #targets for multi-platform version (native compile)
cygwin:git_version cygwin:git_version
${cc_local} -o ${NAME}_$@ -I. ${SOURCES} pcap_wrapper.cpp ${FLAGS} -lrt -ggdb -static -O2 -D_GNU_SOURCE ${cc_local} -o ${NAME}_$@ -I. ${SOURCES} pcap_wrapper.cpp ${FLAGS} -lrt -ggdb -static -O2 -D_GNU_SOURCE ${MP}
mingw:git_version mingw:git_version
${cc_local} -o ${NAME}_$@ -I. ${SOURCES} pcap_wrapper.cpp ${FLAGS} -ggdb -static -O2 -lws2_32 ${cc_local} -o ${NAME}_$@ -I. ${SOURCES} pcap_wrapper.cpp ${FLAGS} -ggdb -static -O2 -lws2_32 ${MP}
mingw_wepoll:git_version mingw_wepoll:git_version
${cc_local} -o ${NAME}_$@ -I. ${SOURCES0} pcap_wrapper.cpp ${FLAGS} -ggdb -static -O2 -DNO_LIBEV_EMBED -D_WIN32 -lev -lws2_32 ${cc_local} -o ${NAME}_$@ -I. ${SOURCES0} pcap_wrapper.cpp ${FLAGS} -ggdb -static -O2 -DNO_LIBEV_EMBED -D_WIN32 -lev -lws2_32 ${MP}
linux:git_version linux:git_version
${cc_local} -o ${NAME}_$@ -I. ${SOURCES} ${PCAP} ${FLAGS} -lrt -ggdb -static -O2 ${cc_local} -o ${NAME}_$@ -I. ${SOURCES} ${PCAP} ${FLAGS} -lrt -ggdb -static -O2 ${MP}
freebsd:git_version freebsd:git_version
${cc_local} -o ${NAME}_$@ -I. ${SOURCES} ${PCAP} ${FLAGS} -lrt -ggdb -static -O2 ${cc_local} -o ${NAME}_$@ -I. ${SOURCES} ${PCAP} ${FLAGS} -lrt -ggdb -static -libverbs -O2 ${MP}
mac:git_version mac:git_version
${cc_local} -o ${NAME}_$@ -I. ${SOURCES} ${PCAP} ${FLAGS} -ggdb -O2 ${cc_local} -o ${NAME}_$@ -I. ${SOURCES} ${PCAP} ${FLAGS} -ggdb -O2 ${MP}
#targets for multi-platform version (cross compile) #targets for multi-platform version (cross compile)

1567
misc.cpp

File diff suppressed because it is too large Load Diff

132
misc.h
View File

@@ -8,7 +8,6 @@
#ifndef MISC_H_ #ifndef MISC_H_
#define MISC_H_ #define MISC_H_
#include "common.h" #include "common.h"
#include "log.h" #include "log.h"
#include "network.h" #include "network.h"
@@ -26,128 +25,131 @@ extern int enable_dns_resolve;
extern int ttl_value; extern int ttl_value;
const u32_t max_handshake_conn_num = 10000;
const u32_t max_ready_conn_num = 1000;
const u32_t anti_replay_window_size = 4000;
const int max_conv_num = 10000;
const u32_t max_handshake_conn_num=10000; const u32_t client_handshake_timeout = 5000; // unit ms
const u32_t max_ready_conn_num=1000; const u32_t client_retry_interval = 1000; // ms
const u32_t anti_replay_window_size=4000;
const int max_conv_num=10000;
const u32_t client_handshake_timeout=5000;//unit ms const u32_t server_handshake_timeout = client_handshake_timeout + 5000; // this should be longer than clients. client retry initially ,server retry passtively
const u32_t client_retry_interval=1000;//ms
const u32_t server_handshake_timeout=client_handshake_timeout+5000;// this should be longer than clients. client retry initially ,server retry passtively const int conv_clear_ratio = 30; // conv grabage collecter check 1/30 of all conv one time
const int conn_clear_ratio = 50;
const int conv_clear_min = 1;
const int conn_clear_min = 1;
const int conv_clear_ratio=30; //conv grabage collecter check 1/30 of all conv one time const u32_t conv_clear_interval = 1000; // ms
const int conn_clear_ratio=50; const u32_t conn_clear_interval = 1000; // ms
const int conv_clear_min=1;
const int conn_clear_min=1;
const u32_t conv_clear_interval=1000;//ms const i32_t max_fail_time = 0; // disable
const u32_t conn_clear_interval=1000;//ms
const u32_t heartbeat_interval = 600; // ms
const i32_t max_fail_time=0;//disable const u32_t timer_interval = 400; // ms. this should be smaller than heartbeat_interval and retry interval;
const u32_t heartbeat_interval=600;//ms const uint32_t conv_timeout = 180000; // ms. 120 second
// const u32_t conv_timeout=30000; //for test
const u32_t timer_interval=400;//ms. this should be smaller than heartbeat_interval and retry interval; const u32_t client_conn_timeout = 10000; // ms.
const u32_t client_conn_uplink_timeout = client_conn_timeout + 2000; // ms
const uint32_t conv_timeout=180000; //ms. 120 second const uint32_t server_conn_timeout = conv_timeout + 60000; // ms. this should be 60s+ longer than conv_timeout,so that conv_manager can destruct convs gradually,to avoid latency glicth
//const u32_t conv_timeout=30000; //for test // const u32_t server_conn_timeout=conv_timeout+10000;//for test
const u32_t client_conn_timeout=10000;//ms. const u32_t iptables_rule_keep_interval = 20; // unit: second;
const u32_t client_conn_uplink_timeout=client_conn_timeout+2000;//ms
const uint32_t server_conn_timeout=conv_timeout+60000;//ms. this should be 60s+ longer than conv_timeout,so that conv_manager can destruct convs gradually,to avoid latency glicth enum server_current_state_t { server_idle = 0,
//const u32_t server_conn_timeout=conv_timeout+10000;//for test server_handshake1,
server_ready }; // server state machine
enum client_current_state_t { client_idle = 0,
client_tcp_handshake,
client_handshake1,
client_handshake2,
client_ready,
client_tcp_handshake_dummy }; // client state machine
const u32_t iptables_rule_keep_interval=20;//unit: second; enum raw_mode_t { mode_faketcp = 0,
mode_udp,
mode_icmp,
mode_end };
enum program_mode_t { unset_mode = 0,
client_mode,
server_mode };
enum server_current_state_t {server_idle=0,server_handshake1,server_ready}; //server state machine union current_state_t {
enum client_current_state_t {client_idle=0,client_tcp_handshake,client_handshake1,client_handshake2,client_ready,client_tcp_handshake_dummy};//client state machine
enum raw_mode_t{mode_faketcp=0,mode_udp,mode_icmp,mode_end};
enum program_mode_t {unset_mode=0,client_mode,server_mode};
union current_state_t
{
server_current_state_t server_current_state; server_current_state_t server_current_state;
client_current_state_t client_current_state; client_current_state_t client_current_state;
}; };
//extern char remote_address[max_address_len]; // extern char remote_address[max_address_len];
//extern char local_ip[100], remote_ip[100],source_ip[100];//local_ip is for -l option,remote_ip for -r option,source for --source-ip // extern char local_ip[100], remote_ip[100],source_ip[100];//local_ip is for -l option,remote_ip for -r option,source for --source-ip
//extern u32_t local_ip_uint32,remote_ip_uint32,source_ip_uint32;//convert from last line. // extern u32_t local_ip_uint32,remote_ip_uint32,source_ip_uint32;//convert from last line.
//extern int local_port , remote_port,source_port;//similiar to local_ip remote_ip,buf for port.source_port=0 indicates --source-port is not enabled // extern int local_port , remote_port,source_port;//similiar to local_ip remote_ip,buf for port.source_port=0 indicates --source-port is not enabled
extern address_t local_addr,remote_addr,source_addr; extern address_t local_addr, remote_addr, source_addr;
extern my_ip_t bind_addr; extern my_ip_t bind_addr;
extern int bind_addr_used; extern int bind_addr_used;
extern int force_source_ip; //if --source-ip is enabled extern int force_source_ip; // if --source-ip is enabled
extern int force_source_port; extern int force_source_port;
extern int source_port; extern int source_port;
extern my_id_t const_id;//an id used for connection recovery,its generated randomly,it never change since its generated extern my_id_t const_id; // an id used for connection recovery,its generated randomly,it never change since its generated
extern int udp_fd; //for client only. client use this fd to listen and handle udp connection extern int udp_fd; // for client only. client use this fd to listen and handle udp connection
extern int bind_fd; //bind only,never send or recv. its just a dummy fd for bind,so that other program wont occupy the same port extern int bind_fd; // bind only,never send or recv. its just a dummy fd for bind,so that other program wont occupy the same port
extern int epollfd; //fd for epoll extern int epollfd; // fd for epoll
extern int timer_fd; //the general timer fd for client and server.for server this is not the only timer find,every connection has a timer fd. extern int timer_fd; // the general timer fd for client and server.for server this is not the only timer find,every connection has a timer fd.
extern int fail_time_counter;//determine if the max_fail_time is reached extern int fail_time_counter; // determine if the max_fail_time is reached
extern int epoll_trigger_counter;//for debug only extern int epoll_trigger_counter; // for debug only
extern int debug_flag;//for debug only extern int debug_flag; // for debug only
extern int simple_rule; // deprecated.
extern int simple_rule; //deprecated. extern int keep_rule; // whether to monitor the iptables rule periodly,re-add if losted
extern int keep_rule; //whether to monitor the iptables rule periodly,re-add if losted extern int auto_add_iptables_rule; // if -a is set
extern int auto_add_iptables_rule;//if -a is set extern int generate_iptables_rule; // if -g is set
extern int generate_iptables_rule;//if -g is set extern int generate_iptables_rule_add; // if --gen-add is set
extern int generate_iptables_rule_add;// if --gen-add is set
extern int retry_on_error; extern int retry_on_error;
const int retry_on_error_interval=10; const int retry_on_error_interval = 10;
extern int debug_resend; // debug only extern int debug_resend; // debug only
extern char key_string[1000];// -k option extern char key_string[1000]; // -k option
extern char fifo_file[1000]; extern char fifo_file[1000];
extern raw_mode_t raw_mode; extern raw_mode_t raw_mode;
extern u32_t raw_ip_version; extern u32_t raw_ip_version;
extern program_mode_t program_mode; extern program_mode_t program_mode;
extern unordered_map<int, const char*> raw_mode_tostring ; extern unordered_map<int, const char *> raw_mode_tostring;
extern int about_to_exit; extern int about_to_exit;
extern int socket_buf_size; extern int socket_buf_size;
extern pthread_t keep_thread; extern pthread_t keep_thread;
extern int keep_thread_running; extern int keep_thread_running;
int process_lower_level_arg(); int process_lower_level_arg();
void print_help(); void print_help();
void iptables_rule(); void iptables_rule();
void pre_process_arg(int argc, char *argv[]);//mainly for load conf file; void pre_process_arg(int argc, char *argv[]); // mainly for load conf file;
int unit_test(); int unit_test();
int set_timer(int epollfd,int &timer_fd); int set_timer(int epollfd, int &timer_fd);
int set_timer_server(int epollfd,int &timer_fd,fd64_t &fd64); int set_timer_server(int epollfd, int &timer_fd, fd64_t &fd64);
int handle_lower_level(raw_info_t &raw_info); int handle_lower_level(raw_info_t &raw_info);
int add_iptables_rule(const char *); int add_iptables_rule(const char *);
int clear_iptables_rule(); int clear_iptables_rule();
int iptables_gen_add(const char * s,u32_t const_id); int iptables_gen_add(const char *s, u32_t const_id);
int iptables_rule_init(const char * s,u32_t const_id,int keep); int iptables_rule_init(const char *s, u32_t const_id, int keep);
int keep_iptables_rule(); int keep_iptables_rule();
void signal_handler(int sig); void signal_handler(int sig);
#endif /* MISC_H_ */ #endif /* MISC_H_ */

View File

@@ -2,4 +2,3 @@
#include "my_ev_common.h" #include "my_ev_common.h"
#include "ev.h" #include "ev.h"

View File

@@ -1,6 +1,8 @@
#define EV_STANDALONE 1 #define EV_STANDALONE 1
#define EV_COMMON void *data; unsigned long long u64; #define EV_COMMON \
void *data; \
unsigned long long u64;
#define EV_COMPAT3 0 #define EV_COMPAT3 0
//#include <wepoll.h> //#include <wepoll.h>
@@ -8,11 +10,10 @@
//#define EV_USE_SELECT 1 //#define EV_USE_SELECT 1
//#define EV_SELECT_IS_WINSOCKET 1 //#define EV_SELECT_IS_WINSOCKET 1
# define EV_FD_TO_WIN32_HANDLE(fd) (fd) #define EV_FD_TO_WIN32_HANDLE(fd) (fd)
# define EV_WIN32_HANDLE_TO_FD(handle) (handle) #define EV_WIN32_HANDLE_TO_FD(handle) (handle)
# define EV_WIN32_CLOSE_FD(fd) closesocket (fd) #define EV_WIN32_CLOSE_FD(fd) closesocket(fd)
# define FD_SETSIZE 4096 #define FD_SETSIZE 4096
#endif #endif
//#define EV_VERIFY 2 //#define EV_VERIFY 2

File diff suppressed because it is too large Load Diff

207
network.h
View File

@@ -14,7 +14,7 @@ extern int use_tcp_dummy_socket;
extern int seq_mode; extern int seq_mode;
extern int max_seq_mode; extern int max_seq_mode;
extern int filter_port; extern int filter_port;
//extern u32_t bind_address_uint32; // extern u32_t bind_address_uint32;
extern int disable_bpf_filter; extern int disable_bpf_filter;
extern int lower_level; extern int lower_level;
@@ -34,7 +34,7 @@ extern int g_packet_buf_cnt;
extern queue_t my_queue; extern queue_t my_queue;
extern ev_async async_watcher; extern ev_async async_watcher;
extern struct ev_loop* g_default_loop; extern struct ev_loop *g_default_loop;
extern pthread_mutex_t queue_mutex; extern pthread_mutex_t queue_mutex;
extern int use_pcap_mutex; extern int use_pcap_mutex;
@@ -47,8 +47,7 @@ extern int send_with_pcap;
extern int pcap_header_captured; extern int pcap_header_captured;
extern int pcap_header_buf[buf_len]; extern int pcap_header_buf[buf_len];
struct icmphdr struct icmphdr {
{
uint8_t type; uint8_t type;
uint8_t code; uint8_t code;
uint16_t check_sum; uint16_t check_sum;
@@ -57,14 +56,13 @@ struct icmphdr
}; };
#endif #endif
struct my_iphdr struct my_iphdr {
{
#ifdef UDP2RAW_LITTLE_ENDIAN #ifdef UDP2RAW_LITTLE_ENDIAN
unsigned char ihl:4; unsigned char ihl : 4;
unsigned char version:4; unsigned char version : 4;
#else #else
unsigned char version:4; unsigned char version : 4;
unsigned char ihl:4; unsigned char ihl : 4;
#endif #endif
u_int8_t tos; u_int8_t tos;
u_int16_t tot_len; u_int16_t tot_len;
@@ -76,13 +74,10 @@ struct my_iphdr
u_int32_t saddr; u_int32_t saddr;
u_int32_t daddr; u_int32_t daddr;
/*The options start here. */ /*The options start here. */
}; };
struct my_udphdr {
struct my_udphdr /*__extension__*/ union {
{
/*__extension__*/ union
{
struct struct
{ {
u_int16_t uh_sport; /* source port */ u_int16_t uh_sport; /* source port */
@@ -100,31 +95,28 @@ struct my_udphdr
}; };
}; };
struct my_tcphdr {
struct my_tcphdr /*__extension__*/ union {
{
/*__extension__*/ union
{
struct struct
{ {
u_int16_t th_sport; /* source port */ u_int16_t th_sport; /* source port */
u_int16_t th_dport; /* destination port */ u_int16_t th_dport; /* destination port */
u_int32_t th_seq; /* sequence number */ u_int32_t th_seq; /* sequence number */
u_int32_t th_ack; /* acknowledgement number */ u_int32_t th_ack; /* acknowledgement number */
# ifdef UDP2RAW_LITTLE_ENDIAN #ifdef UDP2RAW_LITTLE_ENDIAN
u_int8_t th_x2:4; /* (unused) */ u_int8_t th_x2 : 4; /* (unused) */
u_int8_t tc_off:4; /* data offset */ u_int8_t tc_off : 4; /* data offset */
# else #else
u_int8_t th_off:4; /* data offset */ u_int8_t th_off : 4; /* data offset */
u_int8_t th_x2:4; /* (unused) */ u_int8_t th_x2 : 4; /* (unused) */
# endif #endif
u_int8_t th_flags; u_int8_t th_flags;
# define TH_FIN 0x01 #define TH_FIN 0x01
# define TH_SYN 0x02 #define TH_SYN 0x02
# define TH_RST 0x04 #define TH_RST 0x04
# define TH_PUSH 0x08 #define TH_PUSH 0x08
# define TH_ACK 0x10 #define TH_ACK 0x10
# define TH_URG 0x20 #define TH_URG 0x20
u_int16_t th_win; /* window */ u_int16_t th_win; /* window */
u_int16_t th_sum; /* checksum */ u_int16_t th_sum; /* checksum */
u_int16_t th_urp; /* urgent pointer */ u_int16_t th_urp; /* urgent pointer */
@@ -135,27 +127,27 @@ struct my_tcphdr
u_int16_t dest; u_int16_t dest;
u_int32_t seq; u_int32_t seq;
u_int32_t ack_seq; u_int32_t ack_seq;
# ifdef UDP2RAW_LITTLE_ENDIAN #ifdef UDP2RAW_LITTLE_ENDIAN
u_int16_t res1:4; u_int16_t res1 : 4;
u_int16_t doff:4; u_int16_t doff : 4;
u_int16_t fin:1; u_int16_t fin : 1;
u_int16_t syn:1; u_int16_t syn : 1;
u_int16_t rst:1; u_int16_t rst : 1;
u_int16_t psh:1; u_int16_t psh : 1;
u_int16_t ack:1; u_int16_t ack : 1;
u_int16_t urg:1; u_int16_t urg : 1;
u_int16_t res2:2; u_int16_t res2 : 2;
# else #else
u_int16_t doff:4; u_int16_t doff : 4;
u_int16_t res1:4; u_int16_t res1 : 4;
u_int16_t res2:2; u_int16_t res2 : 2;
u_int16_t urg:1; u_int16_t urg : 1;
u_int16_t ack:1; u_int16_t ack : 1;
u_int16_t psh:1; u_int16_t psh : 1;
u_int16_t rst:1; u_int16_t rst : 1;
u_int16_t syn:1; u_int16_t syn : 1;
u_int16_t fin:1; u_int16_t fin : 1;
# endif #endif
u_int16_t window; u_int16_t window;
u_int16_t check; u_int16_t check;
u_int16_t urg_ptr; u_int16_t urg_ptr;
@@ -163,18 +155,17 @@ struct my_tcphdr
}; };
}; };
struct my_ip6hdr struct my_ip6hdr {
{ #ifdef UDP2RAW_LITTLE_ENDIAN
# ifdef UDP2RAW_LITTLE_ENDIAN uint8_t traffic_class_high : 4;
uint8_t traffic_class_high:4; uint8_t version : 4;
uint8_t version:4; uint8_t flow_label_high : 4;
uint8_t flow_label_high:4; uint8_t traffic_class_low : 4;
uint8_t traffic_class_low:4;
#else #else
uint8_t version:4; uint8_t version : 4;
uint8_t traffic_class_high:4; uint8_t traffic_class_high : 4;
uint8_t traffic_class_low:4; uint8_t traffic_class_low : 4;
uint8_t flow_label_high:4; uint8_t flow_label_high : 4;
#endif #endif
u_int16_t flow_label_low; u_int16_t flow_label_low;
u_int16_t payload_len; u_int16_t payload_len;
@@ -183,10 +174,9 @@ struct my_ip6hdr
struct in6_addr src; struct in6_addr src;
struct in6_addr dst; struct in6_addr dst;
}; };
struct my_icmphdr struct my_icmphdr {
{
uint8_t type; uint8_t type;
uint8_t code; uint8_t code;
uint16_t check_sum; uint16_t check_sum;
@@ -211,57 +201,53 @@ struct pseudo_header6 {
u_int8_t next_header; u_int8_t next_header;
}; };
struct packet_info_t //todo change this to union struct packet_info_t // todo change this to union
{ {
uint8_t protocol; uint8_t protocol;
// u32_t src_ip;
//u32_t src_ip; // u32_t dst_ip;
//u32_t dst_ip;
my_ip_t new_src_ip; my_ip_t new_src_ip;
my_ip_t new_dst_ip; my_ip_t new_dst_ip;
uint16_t src_port; uint16_t src_port;
uint16_t dst_port; uint16_t dst_port;
//tcp_part: // tcp_part:
bool syn,ack,psh,rst; bool syn, ack, psh, rst;
u32_t seq,ack_seq; u32_t seq, ack_seq;
u32_t ack_seq_counter; u32_t ack_seq_counter;
u32_t ts,ts_ack; u32_t ts, ts_ack;
uint16_t my_icmp_seq; uint16_t my_icmp_seq;
bool has_ts; bool has_ts;
i32_t data_len;
#ifdef UDP2RAW_LINUX #ifdef UDP2RAW_LINUX
sockaddr_ll addr_ll; sockaddr_ll addr_ll;
#endif #endif
i32_t data_len;
packet_info_t(); packet_info_t();
}; };
struct raw_info_t struct raw_info_t {
{
packet_info_t send_info; packet_info_t send_info;
packet_info_t recv_info; packet_info_t recv_info;
//int last_send_len; // int last_send_len;
//int last_recv_len; // int last_recv_len;
bool peek=0; bool peek = 0;
//bool csum=1; // bool csum=1;
u32_t reserved_send_seq; u32_t reserved_send_seq;
//uint32_t first_seq,first_ack_seq; // uint32_t first_seq,first_ack_seq;
int rst_received=0; int rst_received = 0;
bool disabled=0; bool disabled = 0;
};//g_raw_info;
}; // g_raw_info;
int init_raw_socket(); int init_raw_socket();
@@ -270,56 +256,55 @@ void init_filter(int port);
void remove_filter(); void remove_filter();
#ifdef UDP2RAW_LINUX #ifdef UDP2RAW_LINUX
int init_ifindex(const char * if_name,int fd,int &index); int init_ifindex(const char *if_name, int fd, int &index);
#endif #endif
#ifdef UDP2RAW_MP #ifdef UDP2RAW_MP
int init_ifindex(const char * if_name,int &index); int init_ifindex(const char *if_name, int &index);
#endif #endif
int find_lower_level_info(u32_t ip,u32_t &dest_ip,string &if_name,string &hw); int find_lower_level_info(u32_t ip, u32_t &dest_ip, string &if_name, string &hw);
int get_src_adress(u32_t &ip,u32_t remote_ip_uint32,int remote_port); //a trick to get src adress for a dest adress,so that we can use the src address in raw socket as source ip int get_src_adress(u32_t &ip, u32_t remote_ip_uint32, int remote_port); // a trick to get src adress for a dest adress,so that we can use the src address in raw socket as source ip
int get_src_adress2(address_t &output_addr,address_t remote_addr); int get_src_adress2(address_t &output_addr, address_t remote_addr);
int try_to_list_and_bind(int & bind_fd,u32_t local_ip_uint32,int port); //try to bind to a port,may fail. int try_to_list_and_bind(int &bind_fd, u32_t local_ip_uint32, int port); // try to bind to a port,may fail.
int try_to_list_and_bind2(int &fd,address_t address); int try_to_list_and_bind2(int &fd, address_t address);
int client_bind_to_a_new_port(int & bind_fd,u32_t local_ip_uint32);//find a free port and bind to it. int client_bind_to_a_new_port(int &bind_fd, u32_t local_ip_uint32); // find a free port and bind to it.
int client_bind_to_a_new_port2(int &fd,const address_t& address); int client_bind_to_a_new_port2(int &fd, const address_t &address);
int discard_raw_packet(); int discard_raw_packet();
int pre_recv_raw_packet(); int pre_recv_raw_packet();
int send_raw_ip(raw_info_t &raw_info,const char * payload,int payloadlen); int send_raw_ip(raw_info_t &raw_info, const char *payload, int payloadlen);
int peek_raw(raw_info_t &peek_info); int peek_raw(raw_info_t &peek_info);
int recv_raw_ip(raw_info_t &raw_info,char * &payload,int &payloadlen); int recv_raw_ip(raw_info_t &raw_info, char *&payload, int &payloadlen);
int send_raw_icmp(raw_info_t &raw_info, const char * payload, int payloadlen); int send_raw_icmp(raw_info_t &raw_info, const char *payload, int payloadlen);
int send_raw_udp(raw_info_t &raw_info, const char * payload, int payloadlen); int send_raw_udp(raw_info_t &raw_info, const char *payload, int payloadlen);
int send_raw_tcp(raw_info_t &raw_info,const char * payload, int payloadlen); int send_raw_tcp(raw_info_t &raw_info, const char *payload, int payloadlen);
int recv_raw_icmp(raw_info_t &raw_info, char *&payload, int &payloadlen); int recv_raw_icmp(raw_info_t &raw_info, char *&payload, int &payloadlen);
int recv_raw_udp(raw_info_t &raw_info, char *&payload, int &payloadlen); int recv_raw_udp(raw_info_t &raw_info, char *&payload, int &payloadlen);
int recv_raw_tcp(raw_info_t &raw_info,char * &payload,int &payloadlen); int recv_raw_tcp(raw_info_t &raw_info, char *&payload, int &payloadlen);
//int send_raw(raw_info_t &raw_info,const char * payload,int payloadlen); // int send_raw(raw_info_t &raw_info,const char * payload,int payloadlen);
//int recv_raw(raw_info_t &raw_info,char * &payload,int &payloadlen); // int recv_raw(raw_info_t &raw_info,char * &payload,int &payloadlen);
int send_raw0(raw_info_t &raw_info,const char * payload,int payloadlen); int send_raw0(raw_info_t &raw_info, const char *payload, int payloadlen);
int recv_raw0(raw_info_t &raw_info,char * &payload,int &payloadlen); int recv_raw0(raw_info_t &raw_info, char *&payload, int &payloadlen);
int after_send_raw0(raw_info_t &raw_info); int after_send_raw0(raw_info_t &raw_info);
int after_recv_raw0(raw_info_t &raw_info); int after_recv_raw0(raw_info_t &raw_info);
#endif /* NETWORK_H_ */ #endif /* NETWORK_H_ */

View File

@@ -2,56 +2,53 @@
#include <pcap_wrapper.h> #include <pcap_wrapper.h>
#include <assert.h> #include <assert.h>
#include <stdio.h> #include <stdio.h>
int (*pcap_loop )(pcap_t *, int, pcap_handler, u_char *); int (*pcap_loop)(pcap_t *, int, pcap_handler, u_char *);
int (*pcap_breakloop )(pcap_t *); int (*pcap_breakloop)(pcap_t *);
pcap_t* (*pcap_create)(const char *, char *); pcap_t *(*pcap_create)(const char *, char *);
int (*pcap_set_snaplen) (pcap_t *, int)=0; int (*pcap_set_snaplen)(pcap_t *, int) = 0;
int (*pcap_set_promisc) (pcap_t *, int)=0; int (*pcap_set_promisc)(pcap_t *, int) = 0;
int (*pcap_can_set_rfmon) (pcap_t *)=0; int (*pcap_can_set_rfmon)(pcap_t *) = 0;
int (*pcap_set_rfmon )(pcap_t *, int)=0; int (*pcap_set_rfmon)(pcap_t *, int) = 0;
int (*pcap_set_timeout)(pcap_t *, int)=0; int (*pcap_set_timeout)(pcap_t *, int) = 0;
int (*pcap_set_buffer_size)(pcap_t *, int)=0; int (*pcap_set_buffer_size)(pcap_t *, int) = 0;
int (*pcap_activate)(pcap_t *)=0; int (*pcap_activate)(pcap_t *) = 0;
int (*pcap_setfilter)(pcap_t *, struct bpf_program *)=0; int (*pcap_setfilter)(pcap_t *, struct bpf_program *) = 0;
int (*pcap_setdirection)(pcap_t *, pcap_direction_t)=0; int (*pcap_setdirection)(pcap_t *, pcap_direction_t) = 0;
int (*pcap_datalink)(pcap_t *)=0; int (*pcap_datalink)(pcap_t *) = 0;
void (*pcap_freecode)(struct bpf_program *)=0; void (*pcap_freecode)(struct bpf_program *) = 0;
int (*pcap_compile)(pcap_t *, struct bpf_program *, const char *, int, int (*pcap_compile)(pcap_t *, struct bpf_program *, const char *, int,
bpf_u_int32)=0; bpf_u_int32) = 0;
char* (*pcap_geterr)(pcap_t *)=0; char *(*pcap_geterr)(pcap_t *) = 0;
int (*pcap_sendpacket)(pcap_t *, const u_char *, int)=0; int (*pcap_sendpacket)(pcap_t *, const u_char *, int) = 0;
char* (*pcap_lookupdev)(char *)=0; char *(*pcap_lookupdev)(char *) = 0;
int (*pcap_findalldevs)(pcap_if_t **, char *)=0; int (*pcap_findalldevs)(pcap_if_t **, char *) = 0;
struct init_pcap_t struct init_pcap_t {
{ init_pcap_t() {
init_pcap_t()
{
init_pcap(); init_pcap();
} }
}do_it; } do_it;
static void init_npcap_dll_path() static void init_npcap_dll_path() {
{ BOOL(WINAPI * SetDllDirectory)
BOOL(WINAPI *SetDllDirectory)(LPCTSTR); (LPCTSTR);
char sysdir_name[512]; char sysdir_name[512];
int len; int len;
SetDllDirectory = (BOOL(WINAPI *)(LPCTSTR)) GetProcAddress(GetModuleHandle("kernel32.dll"), "SetDllDirectoryA"); SetDllDirectory = (BOOL(WINAPI *)(LPCTSTR))GetProcAddress(GetModuleHandle("kernel32.dll"), "SetDllDirectoryA");
if (SetDllDirectory == NULL) { if (SetDllDirectory == NULL) {
printf("Error in SetDllDirectory\n"); printf("Error in SetDllDirectory\n");
} } else {
else {
len = GetSystemDirectory(sysdir_name, 480); // be safe len = GetSystemDirectory(sysdir_name, 480); // be safe
if (!len) if (!len)
printf("Error in GetSystemDirectory (%d)\n", (int)GetLastError()); printf("Error in GetSystemDirectory (%d)\n", (int)GetLastError());
@@ -61,28 +58,26 @@ static void init_npcap_dll_path()
} }
} }
#define EXPORT_FUN(XXX) do{ XXX= (__typeof__(XXX)) GetProcAddress(wpcap, #XXX); }while(0) #define EXPORT_FUN(XXX) \
int init_pcap() do { \
{ XXX = (__typeof__(XXX))GetProcAddress(wpcap, #XXX); \
HMODULE wpcap=LoadLibrary("wpcap.dll"); } while (0)
if(wpcap!=0) int init_pcap() {
{ HMODULE wpcap = LoadLibrary("wpcap.dll");
if (wpcap != 0) {
printf("using system32/wpcap.dll\n"); printf("using system32/wpcap.dll\n");
} } else {
else
{
init_npcap_dll_path(); init_npcap_dll_path();
//SetDllDirectory("C:\\Windows\\System32\\Npcap\\"); // SetDllDirectory("C:\\Windows\\System32\\Npcap\\");
wpcap=LoadLibrary("wpcap.dll"); wpcap = LoadLibrary("wpcap.dll");
if(wpcap!=0) if (wpcap != 0)
printf("using system32/npcap/wpcap.dll\n"); printf("using system32/npcap/wpcap.dll\n");
} }
if(wpcap==0) if (wpcap == 0) {
{
printf("cant not open wpcap.dll, make sure winpcap/npcap is installed\n"); printf("cant not open wpcap.dll, make sure winpcap/npcap is installed\n");
exit(-1); exit(-1);
} }
assert(wpcap!=0); assert(wpcap != 0);
EXPORT_FUN(pcap_loop); EXPORT_FUN(pcap_loop);
EXPORT_FUN(pcap_breakloop); EXPORT_FUN(pcap_breakloop);
@@ -121,5 +116,4 @@ int init_pcap()
//pcap_loop = (__typeof__(pcap_loop))GetProcAddress(wpcap, "pcap_loop"); //pcap_loop = (__typeof__(pcap_loop))GetProcAddress(wpcap, "pcap_loop");
*/ */
return 0; return 0;
} }

View File

@@ -1,19 +1,17 @@
#pragma once #pragma once
//#ifdef __cplusplus //#ifdef __cplusplus
//extern "C" { // extern "C" {
//#endif //#endif
//#include <sys/time.h> //#include <sys/time.h>
//#include <stdint.h> //#include <stdint.h>
struct bpf_program struct bpf_program {
{
char a[4096]; char a[4096];
}; };
struct pcap_t struct pcap_t {
{
char a[4096]; char a[4096];
}; };
@@ -36,7 +34,6 @@ typedef enum {
PCAP_D_OUT PCAP_D_OUT
} pcap_direction_t; } pcap_direction_t;
struct pcap_addr { struct pcap_addr {
struct pcap_addr *next; struct pcap_addr *next;
struct sockaddr *addr; /* address */ struct sockaddr *addr; /* address */
@@ -56,11 +53,8 @@ struct pcap_if {
typedef struct pcap_if pcap_if_t; typedef struct pcap_if pcap_if_t;
typedef struct pcap_addr pcap_addr_t; typedef struct pcap_addr pcap_addr_t;
typedef unsigned char u_char; typedef unsigned char u_char;
#define PCAP_ERRBUF_SIZE 256 #define PCAP_ERRBUF_SIZE 256
#define DLT_NULL 0 /* BSD loopback encapsulation */ #define DLT_NULL 0 /* BSD loopback encapsulation */
@@ -81,16 +75,16 @@ typedef unsigned char u_char;
typedef void (*pcap_handler)(u_char *, const struct pcap_pkthdr *, typedef void (*pcap_handler)(u_char *, const struct pcap_pkthdr *,
const u_char *); const u_char *);
extern int (*pcap_loop )(pcap_t *, int, pcap_handler, u_char *); extern int (*pcap_loop)(pcap_t *, int, pcap_handler, u_char *);
extern int (*pcap_breakloop )(pcap_t *); extern int (*pcap_breakloop)(pcap_t *);
extern pcap_t* (*pcap_create)(const char *, char *); extern pcap_t *(*pcap_create)(const char *, char *);
extern int (*pcap_set_snaplen) (pcap_t *, int); extern int (*pcap_set_snaplen)(pcap_t *, int);
extern int (*pcap_set_promisc) (pcap_t *, int); extern int (*pcap_set_promisc)(pcap_t *, int);
extern int (*pcap_can_set_rfmon) (pcap_t *); extern int (*pcap_can_set_rfmon)(pcap_t *);
extern int (*pcap_set_rfmon )(pcap_t *, int); extern int (*pcap_set_rfmon)(pcap_t *, int);
extern int (*pcap_set_timeout)(pcap_t *, int); extern int (*pcap_set_timeout)(pcap_t *, int);
extern int (*pcap_set_buffer_size)(pcap_t *, int); extern int (*pcap_set_buffer_size)(pcap_t *, int);
extern int (*pcap_activate)(pcap_t *); extern int (*pcap_activate)(pcap_t *);
@@ -105,23 +99,19 @@ extern void (*pcap_freecode)(struct bpf_program *);
extern int (*pcap_compile)(pcap_t *, struct bpf_program *, const char *, int, extern int (*pcap_compile)(pcap_t *, struct bpf_program *, const char *, int,
bpf_u_int32); bpf_u_int32);
extern char* (*pcap_geterr)(pcap_t *); extern char *(*pcap_geterr)(pcap_t *);
extern int (*pcap_sendpacket)(pcap_t *, const u_char *, int); extern int (*pcap_sendpacket)(pcap_t *, const u_char *, int);
extern char* (*pcap_lookupdev)(char *); extern char *(*pcap_lookupdev)(char *);
extern int (*pcap_findalldevs)(pcap_if_t **, char *); extern int (*pcap_findalldevs)(pcap_if_t **, char *);
inline int pcap_set_immediate_mode(pcap_t *,int) inline int pcap_set_immediate_mode(pcap_t *, int) {
{
return 0; return 0;
} }
//#ifdef __cplusplus //#ifdef __cplusplus
//} //}
//#endif //#endif
int init_pcap(); int init_pcap();

File diff suppressed because it is too large Load Diff

BIN
udp2raw Executable file

Binary file not shown.