source: trunk/src/ocat.h

Last change on this file was 563, checked in by eagle, 2 years ago

OC now is able to load hostnames from /etc/hosts for Tor-version as well. It is off by default for Tor and on for I2P (the latter was already the case before). Option -H toggle this feature. Controller offer the commands 'hosts' and 'hreload' for hosts debugging. Domains names are looked up in hosts file by domain setup_.domain which is '.onion' for Tor and '.b32.i2p' for I2P.

File size: 16.4 KB
Line 
1/* Copyright 2008 Bernhard R. Fischer, Daniel Haslinger.
2 *
3 * This file is part of OnionCat.
4 *
5 * OnionCat is free software: you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation, version 3 of the License.
8 *
9 * OnionCat is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
12 * GNU General Public License for more details.
13 *
14 * You should have received a copy of the GNU General Public License
15 * along with OnionCat. If not, see <http://www.gnu.org/licenses/>.
16 */
17
18#ifndef OCAT_H
19#define OCAT_H
20
21#ifdef HAVE_CONFIG_H
22#include "config.h"
23#endif
24
25#include <stdio.h>
26#include <stdlib.h>
27#include <stdarg.h>
28#include <string.h>
29#include <unistd.h>
30#include <fcntl.h>
31#include <pwd.h>
32#include <errno.h>
33#include <time.h>
34#include <pthread.h>
35#include <signal.h>
36#include <ctype.h>
37#include <syslog.h>
38
39
40#include <sys/time.h>
41#include <sys/select.h>
42#include <sys/ioctl.h>
43#include <sys/stat.h>
44
45#ifdef HAVE_SYS_TYPES_H
46#include <sys/types.h>
47#endif
48#ifdef HAVE_SYS_SOCKET_H
49#include <sys/socket.h>
50#endif
51#ifdef HAVE_ENDIAN_H
52#include <endian.h>
53#elif HAVE_SYS_ENDIAN_H
54#include <sys/endian.h>
55#endif
56#ifdef HAVE_SYS_WAIT_H
57#include <sys/wait.h>
58#endif
59#ifdef HAVE_SYS_ETHERNET_H
60#include <sys/ethernet.h>
61#endif
62#ifdef HAVE_NETINET_IN_H
63#include <netinet/in.h>
64#endif
65#ifdef HAVE_NETINET_IN_SYSTM_H
66#include <netinet/in_systm.h>
67#endif
68#include <arpa/inet.h>
69#ifdef HAVE_NET_IF_H
70#include <net/if.h>
71#endif
72#ifdef HAVE_NETINET_IP_H
73#include <netinet/ip.h>
74#endif
75#ifdef HAVE_NETINET_ICMP6_H
76#include <netinet/icmp6.h>
77#endif
78#ifdef HAVE_NETINET_ETHER_H
79#include <netinet/ether.h>
80#endif
81#ifdef HAVE_NETINET_IF_ETHER_H
82#include <netinet/if_ether.h>
83#endif
84#ifdef HAVE_NETINET_IP6_H
85#include <netinet/ip6.h>
86#endif
87#ifdef HAVE_NETINET_UDP_H
88#include <netinet/udp.h>
89#endif
90#ifdef HAVE_ARPA_NAMESER_H
91#include <arpa/nameser.h>
92#endif
93#ifdef HAVE_NET_ETHERNET_H
94#include <net/ethernet.h>
95#endif
96#ifdef HAVE_LINUX_SOCKIOS_H
97#include <linux/sockios.h>
98#endif
99#ifdef HAVE_LINUX_IF_TUN_H
100#include <linux/if_tun.h>
101#endif
102#ifdef HAVE_NET_IF_TUN_H
103#include <net/if_tun.h>
104#endif
105#ifdef HAVE_NET_TUN_IF_TUN_H
106#include <net/tun/if_tun.h>
107#endif
108
109#ifdef __CYGWIN__
110#include "cygwin/ocat_cygwin.h"
111#endif
112
113#ifndef ETHERTYPE_IP
114#define ETHERTYPE_IP 0x0800
115#endif
116#ifndef ETHERTYPE_IPV6
117#define ETHERTYPE_IPV6 0x86dd
118#endif
119
120#ifndef ETHER_ADDR_LEN
121#ifdef ETHERADDRL
122#define ETHER_ADDR_LEN ETHERADDRL
123#endif
124#endif
125
126// At least on Solaris the Ethernet addresses are defined as struct containing
127// an array of bytes.  This is different from most other OSes which define the
128// addresses directly as array.
129#ifdef HAVE_ETHER_ADDR_OCTET
130#define ether_dst ether_dhost.ether_addr_octet
131#define ether_src ether_shost.ether_addr_octet
132#else
133#define ether_dst ether_dhost
134#define ether_src ether_shost
135#endif
136
137#define IP6HLEN sizeof(struct ip6_hdr)
138//! Length of an .onion-URL (without ".onion" and '\0')
139#define ONION_URL_LEN 16
140
141#define MAXPEERS 1024
142#ifdef __OpenBSD__
143#define OCAT_UNAME "_tor"
144#elif __FreeBSD__
145#define OCAT_UNAME "_tor"
146#else
147#define OCAT_UNAME "tor"
148#endif
149#define OCAT_UNPRIV_UID 65534
150#define OCAT_UNPRIV_UNAME "(unknown)"
151#define OCAT_URL "http://www.abenteuerland.at/onioncat/"
152#define OCAT_DIR ".ocat"
153//#define OCAT_CONNECT_LOG "connect_log"
154#define PID_FILE "/var/run/ocat.pid"
155#define OCAT_AUTHOR "Bernhard R. Fischer"
156
157//! Maximum frame (packet) size, should be able to keep one maximum size ipv6-packet: 2^16 + 40 + 4
158#define FRAME_SIZE 65580
159
160//! Standard buffer size 1024 bytes
161#define SIZE_1K 1024
162#define SIZE_256 256
163
164#define DEQUEUER_WAKEUP 3
165//! maximum number a packet stays in queue
166#define MAX_QUEUE_DELAY 10
167
168//! Maximum idle time for a peer, after that time the peer is closed.
169#define MAX_IDLE_TIME 180
170//! # of secs after a cleaner wakeup occurs
171#define CLEANER_WAKEUP 10
172//! # of secs after stats output is generated
173#define STAT_WAKEUP 600
174//! keepalive time
175#define KEEPALIVE_TIME 60
176//! select timeout (to avoid endless blocking)
177#define SELECT_TIMEOUT 10
178
179#define LOG_FCONN 0x400
180#define LOG_FERR 0x800
181
182#define E_SOCKS_SOCK -1
183#define E_SOCKS_CONN -2
184#define E_SOCKS_REQ -3
185#define E_SOCKS_RQFAIL -4
186#define E_SOCKS_TERMREQ -5
187
188#define E_FWD_NOPEER -1
189#define E_FWD_NOBUF -2
190
191//#define PEER_CONNECT 0
192#define PEER_ACTIVE 1
193
194#define PEER_INCOMING 0
195#define PEER_OUTGOING 1
196
197#define THREAD_NAME_LEN 11
198//! thread stack size (default stack size on OpenBSD is too small)
199#define THREAD_STACK_SIZE 262144
200
201#define SOCKS_NEW 0
202#define SOCKS_CONNECTING 1
203#define SOCKS_4AREQ_SENT 2
204#define SOCKS_4ARESPONSE 3
205#define SOCKS_DELETE 127
206
207#define SOCKS_MAX_RETRY 3
208
209#define E_RT_NOMEM -1
210#define E_RT_DUP -2
211#define E_RT_ILLNM -3
212#define E_RT_SYNTAX -4
213#define E_RT_NULLPTR -5
214#define E_RT_NOTORGW -6
215#define E_RT_GWSELF -7
216
217#define E_ETH_TRUNC -8
218#define E_ETH_ILLDEST -9
219#define E_ETH_ILLPROTO -10
220#define E_ETH_INTERCEPT -11
221
222//! maximum number of MAC address entries in table
223#define MAX_MAC_ENTRY 128
224//! maximum age of MAC address in table
225#define MAX_MAC_AGE 120
226/*
227//! maximum number of IPv6 routes
228#define MAX_IPV6_ROUTE 1024
229*/
230//! retry-delay if connection to TOR's SOCKS port fails
231#define TOR_SOCKS_CONN_TIMEOUT 30
232//! number of attempts for MIN_RECONNECT_TIME is measured
233#define RECONN_ATTEMPTS 3
234//! RECONN_ATTEMPTS must not be faster than MIN_RECONNECT_TIME
235#define MIN_RECONNECT_TIME 30
236//! define default maximum number of concurrent controller sessions
237#define MAX_DEF_CTRL_SESS 5
238
239#define MFD_SET(f,s,m) {FD_SET(f, s); m = f > m ? f : m;}
240
241//! copy an IPv6 address from b to a
242#define IN6_ADDR_COPY(a,b) *((struct in6_addr*)a)=*(struct in6_addr*)b
243
244#define IPV4_KEY 0
245#define IPV6_KEY 1
246
247#define SOCKADDR_SIZE(x) (((struct sockaddr*) x)->sa_family == AF_INET ? sizeof(struct sockaddr_in) : ((struct sockaddr*) x)->sa_family == AF_INET6 ? sizeof(struct sockaddr_in6) : 0)
248
249#define VERSION_STRING_LEN 256
250
251#define MAX_DEF_CTRL 6
252
253#define NTYPE_TOR 0
254#define NTYPE_I2P 1
255
256#ifndef SYSCONFDIR
257#define SYSCONFDIR "/etc"
258#endif
259
260// this macro returns a constains string if a buffer points to NULL.
261#define SSTR(x) (x != NULL ? x : "(nil)")
262
263// Solaris and the Windows OpenVPN tunnel driver do not send a 4 byte tunnel
264// header thus we adjust reads and writes.
265#if defined(__sun__) || defined(__CYGWIN__)
266#define BUF_OFF 4
267#else
268#define BUF_OFF 0
269#endif
270
271
272struct OcatSetup
273{
274   //! frame header of local OS in network byte order
275   //! it is initialized in ocattun.c
276   uint32_t fhd_key[2];
277   int fhd_key_len;
278   //! TCP port of SOCKS port of local Tor proxy
279   //uint16_t tor_socks_port;
280   //! reload port of OnionCat listening for connections
281   //uint16_t ocat_listen_port;
282   //! virtual port of OnionCat hidden service
283   uint16_t ocat_dest_port;
284   //! local port of controller interface
285   uint16_t ocat_ctrl_port;
286   //! file descriptors of TUN device (usually tunfd[0] == tunfd[1])
287   int tunfd[2];
288   int debug_level;
289   //! user name to change uid to
290   char *usrname;
291   char onion_url[SIZE_256];
292   struct in6_addr ocat_addr;
293   //! flag to create connection log
294   int create_clog;
295   //! flag to not change uid to unprivileged user
296   int runasroot;
297   int controller;
298   char *ocat_dir;
299   //! name of tunnel charcter device
300   char *tun_dev;
301   //! tunnel interface name
302   char tunname[SIZE_256];
303   int ipv4_enable;
304   struct in_addr ocat_addr4;
305   int ocat_addr4_mask;
306   char *config_file;
307   int config_read;
308   int config_failed;
309   int use_tap;
310   //! local OnionCat MAC address
311   uint8_t ocat_hwaddr[ETHER_ADDR_LEN];
312   char *pid_file;
313   int create_pid_file;
314   char *logfn;
315   FILE *logf;
316   int use_syslog;
317   int daemon;
318#ifdef CONNECT_ROOT_PEERS
319   //! hardcoded permanent peers
320#define ROOT_PEERS 1
321   struct in6_addr root_peer[ROOT_PEERS];
322#endif
323   time_t uptime;
324   char *frandn;
325   //! destination socket address of Tor's SOCKS port
326   union
327   {
328      struct sockaddr_in *socks_dst;
329      struct sockaddr_in6 *socks_dst6;
330   };
331   //! local listening socket address for incoming connections
332   struct sockaddr **oc_listen;
333   int *oc_listen_fd;
334   int oc_listen_cnt;
335   int rand_addr;
336   char version[VERSION_STRING_LEN];
337   int sizeof_setup;
338   int sig_term, term_req;
339   pthread_mutex_t mutex;
340   //! listening sockets for controller interface
341   struct sockaddr **ctrl_listen;
342   int *ctrl_listen_fd;
343   int ctrl_listen_cnt;
344   //! communication pipe for socks "selected" connector
345   int socksfd[2];
346   int net_type;
347   int max_ctrl, ctrl_active;
348   //! pipe filedescriptors for pid deletion process
349   int pid_fd[2];
350   int sig_usr1, clear_stats;
351   /*! Define if OC connection should be used uni- or bidirectional.
352      Bidirectional has a faster setup time but unidirectional is more safe in
353      respect to security because both ends are verfied. */
354   int unidirectional;
355   int hosts_lookup;
356   const char *domain;     //!< domain name appended to network host name
357   struct in6_addr oc_vdns;
358};
359
360#ifdef PACKET_QUEUE
361typedef struct PacketQueue
362{
363   struct PacketQueue *next;
364   struct in6_addr addr;
365   int psize;
366   time_t time;
367   void *data;
368} PacketQueue_t;
369#endif
370
371typedef struct SocksHdr
372{
373   char ver;
374   char cmd;
375   uint16_t port;
376   struct in_addr addr;
377} __attribute__((packed)) SocksHdr_t;
378
379typedef struct Socks5Hdr
380{
381   char ver;
382   char cmd;
383   char rsv;
384   char atyp;
385   char addr;
386} __attribute__((packed)) Socks5Hdr_t;
387
388typedef struct OcatPeer
389{
390   struct OcatPeer *next;  //!< pointer to next peer in list
391   struct in6_addr addr;   //!< remote address of peer
392   int tcpfd;              //!< remote file descriptor
393   time_t time;            //!< timestamp of latest packet
394   time_t sdelay;          //!< connection setup delay
395   time_t otime;           //!< opening time
396   int state;              //!< status of peer
397   int dir;                //!< direction this session was opened
398   unsigned long out;      //!< bytes output
399   unsigned long in;       //!< bytes input
400   uint32_t *tunhdr;       //!< pointer to local tun frame header
401   char *fragbuf;          //!< pointer to (de)frag buffer
402   char _fragbuf[FRAME_SIZE]; //!< (de)frag buffer
403   int fraglen;            //!< current frag buffer size
404   pthread_mutex_t mutex;  //!< mutex for thread locking
405   int perm;               //!< keep peer permanently open
406   time_t last_io;         //!< timestamp when last I/O packet measurement started
407   unsigned inm;
408   unsigned outm;
409} OcatPeer_t;
410
411typedef struct OcatThread
412{
413   struct OcatThread *next;
414   pthread_t handle;
415   pthread_attr_t attr;
416   int detached;
417   int id;
418   char name[THREAD_NAME_LEN];
419   void *(*entry)(void*);
420   void *parm;
421} OcatThread_t;
422
423typedef struct SocksQueue
424{
425   struct SocksQueue *next;
426   struct in6_addr addr;
427   int state;
428   int perm;
429   int fd;
430   time_t restart_time;
431   time_t connect_time;
432   int retry;
433} SocksQueue_t;
434
435//! IPv4 routing table entry
436typedef struct IPv4Route
437{
438   struct IPv4Route *next[2];    //!< pointer to next routes in binary tree
439   uint32_t dest;
440   uint32_t netmask;
441   struct in6_addr gw;
442} IPv4Route_t;
443
444//! IPv6 routing table entry
445typedef struct IPv6Route
446{
447   struct in6_addr dest;
448   int prefixlen;
449   struct in6_addr gw;
450} IPv6Route_t;
451
452//! IPv6 pseudo header used for checksum calculation
453struct ip6_psh
454{
455   struct in6_addr src;
456   struct in6_addr dst;
457   uint32_t len;
458   char _pad[3];
459   uint8_t nxt;
460} __attribute__((packed));
461
462typedef struct MACTable
463{
464   uint16_t family;
465   union
466   {
467      struct in6_addr in6addr;
468      struct in_addr inaddr;
469   };
470   uint8_t hwaddr[ETHER_ADDR_LEN];
471   time_t age;
472} MACTable_t;
473
474typedef struct ndp6
475{
476   struct ether_header eth;
477   struct ip6_hdr ip6;
478   union
479   {
480      struct icmp6_hdr icmp6;
481      struct nd_neighbor_solicit ndp_sol;
482      struct nd_neighbor_advert ndp_adv;
483   };
484   //struct nd_opt_hdr ndp_opt;
485} __attribute__((packed)) ndp6_t;
486
487struct sockaddr_str
488{
489   sa_family_t sstr_family;
490   uint16_t sstr_port; 
491   char sstr_addr[INET6_ADDRSTRLEN];
492};
493
494/*
495// next header value for ocat internal use (RFC3692)
496#define OCAT_NEXT_HEADER 254
497
498typedef struct OcatHdr
499{
500   uint16_t oh_plen;
501   uint8_t oh_nxt;
502//   struct ip6_hdrctl oh_ip6hdrctl;
503//   char oh_srcid[10];
504} OcatHdr_t;
505
506
507#define OCAT_CTL_SRC 1
508#define OCAT_CTL_EREQ 2
509#define OCAT_CTL_ERES 3
510
511typedef struct OcatCtrlHdr
512{
513   uint8_t oct_type;
514   char oct_srcid[10];
515} OcatCtrlHdr_t;
516*/
517
518
519#ifndef WITHOUT_TUN
520#ifdef __sun__
521#define TUN_DEV "/dev/tun"
522#elif __linux__
523#define TUN_DEV "/dev/net/tun"
524#else
525#define TUN_DEV "/dev/tun0"
526#endif
527extern char *tun_dev_;
528#else
529#define TUN_DEV "STDIO"
530#endif
531
532extern pthread_mutex_t thread_mutex_;
533extern OcatThread_t *octh_;
534
535/* ocat.c */
536
537
538/* ocatlog.c */
539int open_connect_log(const char*);
540void log_msg(int, const char *, ...);
541#ifdef DEBUG
542#define log_debug(x...) log_msg(LOG_DEBUG, ## x)
543#else
544#define log_debug(x...)
545#endif
546
547/* ocatv6conv.c */
548char *ipv6tonion(const struct in6_addr *, char *);
549int oniontipv6(const char *, struct in6_addr *);
550int oniontipv4(const char *, struct in_addr *, int);
551int has_tor_prefix(const struct in6_addr *);
552void rand_onion(char *);
553const char *inet_ntops(const struct sockaddr *, struct sockaddr_str *);
554/*
555#define IN6_HAS_TOR_PREFIX(a) ((((__const uint32_t *) (a))[0] == ((__const uint32_t*)(TOR_PREFIX))[0]) \
556      && (((__const uint16_t*)(a))[2] == ((__const uint16_t*)(TOR_PREFIX))[2]))
557      */
558
559/* ocattun.c */
560#ifndef WITHOUT_TUN
561int tun_alloc(char *, int, struct in6_addr);
562#endif
563
564/* ocatroute.c */
565extern int sockfd_[2];
566void init_peers(void);
567void *socket_receiver(void *);
568void packet_forwarder(void);
569#ifdef PACKET_QUEUE
570void *packet_dequeuer(void *);
571#endif
572void *socket_acceptor(void *);
573void *socket_cleaner(void *);
574void *ocat_controller(void *);
575void *ctrl_handler(void *);
576int insert_peer(int, const SocksQueue_t *, time_t);
577int run_listeners(struct sockaddr **, int *, int, int (*)(int));
578int send_keepalive(OcatPeer_t *);
579void set_select_timeout(struct timeval *);
580void set_nonblock(int);
581void set_tunheader(char *, uint32_t);
582uint32_t get_tunheader(char *);
583
584/* ocatthread.c */
585const OcatThread_t *init_ocat_thread(const char *);
586int run_ocat_thread(const char *, void *(*)(void*), void*);
587const OcatThread_t *get_thread(void);
588int set_thread_name(const char *);
589int join_threads(void);
590void detach_thread(void);
591void print_threads(FILE *);
592int term_req(void);
593void set_term_req(void);
594
595/* ocatcompat.c */
596#ifndef HAVE_STRLCAT
597size_t strlcat(char*, const char*, size_t);
598#endif
599#ifndef HAVE_STRLCPY
600size_t strlcpy(char*, const char*, size_t);
601#endif
602
603/* ocatpeer.c */
604OcatPeer_t *get_first_peer(void);
605OcatPeer_t **get_first_peer_ptr(void);
606int lock_peers(void);
607int unlock_peers(void);
608int lock_peer(OcatPeer_t *);
609int unlock_peer(OcatPeer_t *);
610OcatPeer_t *search_peer(const struct in6_addr *);
611OcatPeer_t *get_empty_peer(void);
612void delete_peer(OcatPeer_t *);
613
614/* ocatsetup.c */
615#define CNF(x) setup_.x
616extern struct OcatSetup setup_;
617void print_setup_struct(FILE *);
618void init_setup(void);
619void post_init_setup(void);
620void lock_setup(void);
621void unlock_setup(void);
622
623/* ocatipv4route.c */
624struct in6_addr *ipv4_lookup_route(uint32_t);
625int parse_route(const char *);
626void print_routes(FILE *);
627
628/* ocateth.c */
629int eth_check(char *, int);
630int mac_set(const struct in6_addr *, uint8_t *);
631void print_mac_tbl(FILE *);
632void mac_cleanup(void);
633char *mac_hw2str(const uint8_t *, char *);
634int ndp_solicit(const struct in6_addr *, const struct in6_addr *);
635#ifndef HAVE_ETHER_NTOA_R
636char *ether_ntoa_r(const struct ether_addr *, char *);
637#endif
638uint16_t checksum(const uint16_t *, int);
639void free_ckbuf(uint16_t *);
640uint16_t *malloc_ckbuf(const struct in6_addr *, const struct in6_addr *, uint16_t, uint8_t, const void *);
641
642/* ocatsocks.c */
643void socks_queue(struct in6_addr, int);
644void print_socks_queue(FILE *);
645void sig_socks_connector(void);
646void *socks_connector_sel(void *);
647
648/* ocatlibe.c */
649void oe_close(int);
650int oe_remtr(char *);
651int strsockaddr(const char *, struct sockaddr *);
652void add_local_listeners(void);
653void add_listener(const char *);
654void delete_listeners(struct sockaddr **, int *, int);
655int fdprintf(int, const char *, va_list);
656
657/* ocatipv6route.c */
658struct in6_addr *ipv6_lookup_route(const struct in6_addr *);
659void ipv6_print_routes(FILE *);
660int ipv6_parse_route(const char *);
661
662#ifdef __CYGWIN__
663/* ocat_wintuntap.c */
664int win_open_tun(char *, int);
665int win_close_tun(void);
666int win_read_tun(char *, int);
667int win_write_tun(const char *, int);
668#define tun_read(x,y,z) win_read_tun(y,z)
669#define tun_write(x,y,z) win_write_tun(y,z)
670#else
671#define tun_read(x,y,z) read(x,y,z)
672#define tun_write(x,y,z) write(x,y,z)
673#endif
674
675/* ocatresolv.c */
676int check_dns(const struct ip6_hdr *, int);
677
678#endif
679
Note: See TracBrowser for help on using the repository browser.