X-Git-Url: http://git.silcnet.org/gitweb/?a=blobdiff_plain;f=lib%2Fsilccore%2Fsilcpacket.c;h=bea26e774325834672e75954eea541a102513517;hb=40f8443d8d3a6577336ee66d18e04d9ac4d956bb;hp=2e7b9cbf006b1929687356a2d6a001e1ee591f60;hpb=62cb7719f63ea3d3b7620533f5797dc7546b215a;p=silc.git diff --git a/lib/silccore/silcpacket.c b/lib/silccore/silcpacket.c index 2e7b9cbf..bea26e77 100644 --- a/lib/silccore/silcpacket.c +++ b/lib/silccore/silcpacket.c @@ -1,10 +1,10 @@ /* - silcpacket.c + silcpacket.c Author: Pekka Riikonen - Copyright (C) 1997 - 2001 Pekka Riikonen + Copyright (C) 1997 - 2005 Pekka Riikonen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -21,737 +21,1360 @@ */ /* $Id$ */ -#include "silcincludes.h" +#include "silc.h" + +/************************** Types and definitions ***************************/ + +/* Packet engine */ +struct SilcPacketEngineStruct { + SilcRng rng; /* RNG for engine */ + SilcPacketCallbacks *callbacks; /* Packet callbacks */ + void *callback_context; /* Context for callbacks */ + SilcList streams; /* All streams in engine */ + SilcList packet_pool; /* Free list for received packets */ + SilcMutex lock; /* Engine lock */ + SilcBool local_is_router; +}; + +/* Packet procesor context */ +typedef struct SilcPacketProcessStruct { + SilcInt32 priority; /* Priority */ + SilcPacketType *types; /* Packets to process */ + SilcPacketCallbacks *callbacks; /* Callbacks or NULL */ + void *callback_context; +} *SilcPacketProcess; + +/* Packet stream */ +struct SilcPacketStreamStruct { + struct SilcPacketStreamStruct *next; + SilcPacketEngine engine; /* Packet engine */ + SilcStream stream; /* Underlaying stream */ + SilcMutex lock; /* Stream lock */ + SilcDList process; /* Packet processors, it set */ + SilcHashTable streamers; /* Valid if streamers exist */ + void *stream_context; /* Stream context */ + SilcBufferStruct inbuf; /* In buffer */ + SilcBufferStruct outbuf; /* Out buffer */ + SilcUInt32 send_psn; /* Sending sequence */ + SilcCipher send_key; /* Sending key */ + SilcHmac send_hmac; /* Sending HMAC */ + SilcUInt32 receive_psn; /* Receiving sequence */ + SilcCipher receive_key; /* Receiving key */ + SilcHmac receive_hmac; /* Receiving HMAC */ + unsigned char *src_id; /* Source ID */ + unsigned char *dst_id; /* Destination ID */ + unsigned int src_id_len : 6; + unsigned int src_id_type : 2; + unsigned int dst_id_len : 6; + unsigned int dst_id_type : 2; + SilcUInt8 refcnt; /* Reference counter */ + unsigned int is_router : 1; /* Set if router stream */ + unsigned int destroyed : 1; /* Set if destroyed */ +}; + +/* Initial size of stream buffers */ +#define SILC_PACKET_DEFAULT_SIZE 1024 + +/* Header length without source and destination ID's. */ +#define SILC_PACKET_HEADER_LEN 10 + +/* Minimum length of SILC Packet Header. This much is decrypted always + when packet is received to be able to get all the relevant data out + from the header. */ +#define SILC_PACKET_MIN_HEADER_LEN 16 + +/* Maximum padding length */ +#define SILC_PACKET_MAX_PADLEN 128 + +/* Default padding length */ +#define SILC_PACKET_DEFAULT_PADLEN 16 + +/* Minimum packet length */ +#define SILC_PACKET_MIN_LEN (SILC_PACKET_HEADER_LEN + 1) + + +/* Macros */ + +/* Returns true length of the packet. */ +#define SILC_PACKET_LENGTH(__packetdata, __ret_truelen, __ret_paddedlen) \ +do { \ + SILC_GET16_MSB((__ret_truelen), (__packetdata)); \ + (__ret_paddedlen) = (__ret_truelen) + (SilcUInt8)(__packetdata)[4]; \ +} while(0) + +/* Calculates the data length with given header length. This macro + can be used to check whether the data_len with header_len exceeds + SILC_PACKET_MAX_LEN. If it does, this returns the new data_len + so that the SILC_PACKET_MAX_LEN is not exceeded. If the data_len + plus header_len fits SILC_PACKET_MAX_LEN the returned data length + is the data_len given as argument. */ +#define SILC_PACKET_DATALEN(data_len, header_len) \ + ((data_len + header_len) > SILC_PACKET_MAX_LEN ? \ + data_len - ((data_len + header_len) - SILC_PACKET_MAX_LEN) : data_len) + +/* Calculates the length of the padding in the packet. */ +#define SILC_PACKET_PADLEN(__packetlen, __blocklen, __padlen) \ +do { \ + __padlen = (SILC_PACKET_DEFAULT_PADLEN - (__packetlen) % \ + ((__blocklen) ? (__blocklen) : SILC_PACKET_DEFAULT_PADLEN)); \ + if (__padlen < 8) \ + __padlen += ((__blocklen) ? (__blocklen) : SILC_PACKET_DEFAULT_PADLEN); \ +} while(0) + +/* Returns the length of the padding up to the maximum length, which + is 128 bytes.*/ +#define SILC_PACKET_PADLEN_MAX(__packetlen, __blocklen, __padlen) \ +do { \ + __padlen = (SILC_PACKET_MAX_PADLEN - (__packetlen) % \ + ((__blocklen) ? (__blocklen) : SILC_PACKET_DEFAULT_PADLEN)); \ +} while(0) + +/* EOS callback */ +#define SILC_PACKET_CALLBACK_EOS(s) \ +do { \ + (s)->engine->callbacks->eos((s)->engine, s, \ + (s)->engine->callback_context, \ + (s)->stream_context); \ +} while(0) + +/* Error callback */ +#define SILC_PACKET_CALLBACK_ERROR(s, err) \ +do { \ + (s)->engine->callbacks->error((s)->engine, s, err, \ + (s)->engine->callback_context, \ + (s)->stream_context); \ +} while(0) + + +/************************ Static utility functions **************************/ + +static void silc_packet_read_process(SilcPacketStream stream); + +/* Our stream IO notifier callback. */ + +static void silc_packet_stream_io(SilcStream stream, SilcStreamStatus status, + void *context) +{ + SilcPacketStream ps = context; + int ret; -/****************************************************************************** + silc_mutex_lock(ps->lock); - Packet Sending Routines + if (ps->destroyed) { + silc_mutex_unlock(ps->lock); + return; + } -******************************************************************************/ + switch (status) { -/* Actually sends the packet. This flushes the connections outgoing data - buffer. If data is sent directly to the network this returns the bytes - written, if error occured this returns -1 and if the data could not - be written directly to the network at this time this returns -2, in - which case the data should be queued by the caller and sent at some - later time. If `force_send' is TRUE this attempts to write the data - directly to the network, if FALSE, this returns -2. */ + case SILC_STREAM_CAN_WRITE: + if (!silc_buffer_headlen(&ps->outbuf)) { + silc_mutex_unlock(ps->lock); + return; + } -int silc_packet_send(SilcSocketConnection sock, bool force_send) -{ - SILC_LOG_DEBUG(("Sending packet to %s:%d [%s]", sock->hostname, - sock->port, - (sock->type == SILC_SOCKET_TYPE_UNKNOWN ? "Unknown" : - sock->type == SILC_SOCKET_TYPE_CLIENT ? "Client" : - sock->type == SILC_SOCKET_TYPE_SERVER ? "Server" : - "Router"))); + SILC_LOG_DEBUG(("Writing pending data to stream")); + + /* Write pending data to stream */ + while (silc_buffer_len(&ps->outbuf) > 0) { + ret = silc_stream_write(ps->stream, ps->outbuf.data, + silc_buffer_len(&ps->outbuf)); + if (ret == 0) { + /* EOS */ + silc_buffer_reset(&ps->outbuf); + silc_mutex_unlock(ps->lock); + SILC_PACKET_CALLBACK_EOS(ps); + return; + } + + if (ret == -2) { + /* Error */ + silc_buffer_reset(&ps->outbuf); + silc_mutex_unlock(ps->lock); + SILC_PACKET_CALLBACK_ERROR(ps, SILC_PACKET_ERR_WRITE); + return; + } + + if (ret == -1) { + /* Cannot write now, write later. */ + silc_mutex_unlock(ps->lock); + return; + } + + /* Wrote data */ + silc_buffer_pull(&ps->outbuf, ret); + } + + silc_buffer_reset(&ps->outbuf); + + silc_mutex_unlock(ps->lock); + break; + + case SILC_STREAM_CAN_READ: + /* Packet receiving can only happen in one thread, so locking is not + required in packet receiving procedure. */ + silc_mutex_unlock(ps->lock); - /* Send now if forced to do so */ - if (force_send == TRUE) { - int ret; + SILC_LOG_DEBUG(("Reading data from stream")); - SILC_LOG_DEBUG(("Forcing packet send, packet sent immediately")); + /* Make sure we have fair amount of free space in inbuf */ + if (silc_buffer_taillen(&ps->inbuf) < SILC_PACKET_DEFAULT_SIZE) + if (!silc_buffer_realloc(&ps->inbuf, silc_buffer_truelen(&ps->inbuf) + + SILC_PACKET_DEFAULT_SIZE * 2)) + return; - /* Write to network */ - ret = silc_socket_write(sock); + /* Read data from stream */ + ret = silc_stream_read(ps->stream, ps->inbuf.tail, + silc_buffer_taillen(&ps->inbuf)); + + if (ret == 0) { + /* EOS */ + silc_buffer_reset(&ps->inbuf); + SILC_PACKET_CALLBACK_EOS(ps); + return; + } + + if (ret == -2) { + /* Error */ + silc_buffer_reset(&ps->inbuf); + SILC_PACKET_CALLBACK_ERROR(ps, SILC_PACKET_ERR_READ); + return; + } if (ret == -1) { - SILC_LOG_ERROR(("Error sending packet, dropped")); + /* Cannot read now, do it later. */ + silc_buffer_pull(&ps->inbuf, silc_buffer_len(&ps->inbuf)); + return; } - if (ret != -2) - return ret; - SILC_LOG_DEBUG(("Could not force the send, packet put to queue")); - } + /* Read some data */ + silc_buffer_pull_tail(&ps->inbuf, ret); + + /* Now process the data */ + silc_packet_read_process(ps); - SILC_LOG_DEBUG(("Packet in queue")); + break; - return -2; + default: + silc_mutex_unlock(ps->lock); + break; + } } -/* Encrypts a packet. This also creates HMAC of the packet before - encryption and adds the HMAC at the end of the buffer. This assumes - that there is enough free space at the end of the buffer to add the - computed HMAC. This is the normal way of encrypting packets, if some - other process of HMAC computing and encryption is needed this function - cannot be used. */ +/* Allocate packet */ -void silc_packet_encrypt(SilcCipher cipher, SilcHmac hmac, uint32 sequence, - SilcBuffer buffer, uint32 len) +static SilcPacket silc_packet_alloc(SilcPacketEngine engine) { - unsigned char mac[32]; - uint32 mac_len; + SilcPacket packet; - /* Compute HMAC. This assumes that HMAC is created from the entire - data area thus this uses the length found in buffer, not the length - sent as argument. */ - if (hmac) { - unsigned char psn[4]; + SILC_LOG_DEBUG(("Packet pool count %d", + silc_list_count(engine->packet_pool))); - silc_hmac_init(hmac); - SILC_PUT32_MSB(sequence, psn); - silc_hmac_update(hmac, psn, 4); - silc_hmac_update(hmac, buffer->data, buffer->len); - silc_hmac_final(hmac, mac, &mac_len); - silc_buffer_put_tail(buffer, mac, mac_len); - memset(mac, 0, sizeof(mac)); + silc_mutex_lock(engine->lock); + + /* Get packet from freelist or allocate new one. */ + packet = silc_list_get(engine->packet_pool); + if (!packet) { + void *tmp; + + silc_mutex_unlock(engine->lock); + + packet = silc_calloc(1, sizeof(*packet)); + if (!packet) + return NULL; + + SILC_LOG_DEBUG(("Allocating new packet %p", packet)); + + tmp = silc_malloc(SILC_PACKET_DEFAULT_SIZE); + if (!tmp) { + silc_free(packet); + return NULL; + } + silc_buffer_set(&packet->buffer, tmp, SILC_PACKET_DEFAULT_SIZE); + silc_buffer_reset(&packet->buffer); + + return packet; } - /* Encrypt the data area of the packet. */ - if (cipher) { - SILC_LOG_DEBUG(("Encrypting packet, cipher %s, len %d", - cipher->cipher->name, len)); - silc_cipher_encrypt(cipher, buffer->data, buffer->data, len, cipher->iv); + SILC_LOG_DEBUG(("Get packet %p", packet)); + + /* Delete from freelist */ + silc_list_del(engine->packet_pool, packet); + + silc_mutex_unlock(engine->lock); + + return packet; +} + + +/******************************** Packet API ********************************/ + +/* Allocate new packet engine */ + +SilcPacketEngine +silc_packet_engine_start(SilcRng rng, SilcBool router, + SilcPacketCallbacks *callbacks, + void *callback_context) +{ + SilcPacketEngine engine; + SilcPacket packet; + int i; + void *tmp; + + SILC_LOG_DEBUG(("Starting new packet engine")); + + if (!callbacks) + return NULL; + if (!callbacks->packet_receive || !callbacks->eos || !callbacks->error) + return NULL; + + engine = silc_calloc(1, sizeof(*engine)); + if (!engine) + return NULL; + + engine->rng = rng; + engine->local_is_router = router; + engine->callbacks = callbacks; + engine->callback_context = callback_context; + silc_list_init(engine->streams, struct SilcPacketStreamStruct, next); + silc_mutex_alloc(&engine->lock); + + /* Allocate packet free list */ + silc_list_init(engine->packet_pool, struct SilcPacketStruct, next); + for (i = 0; i < 5; i++) { + packet = silc_calloc(1, sizeof(*packet)); + if (!packet) + return NULL; + + tmp = silc_malloc(SILC_PACKET_DEFAULT_SIZE); + if (!tmp) + return NULL; + silc_buffer_set(&packet->buffer, tmp, SILC_PACKET_DEFAULT_SIZE); + silc_buffer_reset(&packet->buffer); + + silc_list_add(engine->packet_pool, packet); } + silc_list_start(engine->packet_pool); - /* Pull the HMAC into the visible data area in the buffer */ - if (hmac) - silc_buffer_pull_tail(buffer, mac_len); + return engine; } -/* Assembles a new packet to be ready for send out. The buffer sent as - argument must include the data to be sent and it must not be encrypted. - The packet also must have enough free space so that the SILC header - and padding maybe added to the packet. The packet is encrypted after - this function has returned. +/* Stop packet engine */ - The buffer sent as argument should be something like following: +void silc_packet_engine_stop(SilcPacketEngine engine) +{ - -------------------------------------------- - | head | data | tail | - -------------------------------------------- - ^ ^ - 58 bytes x bytes + SILC_LOG_DEBUG(("Stopping packet engine")); - So that the SILC header and 1 - 16 bytes of padding can fit to - the buffer. After assembly the buffer might look like this: + if (!engine) + return; - -------------------------------------------- - | data | | - -------------------------------------------- - ^ ^ - Start of assembled packet + /* XXX */ - Packet construct is as follows: + silc_free(engine); +} - n bytes SILC Header - 2 bytes Payload length - 1 byte Flags - 1 byte Packet type - 1 byte Padding length - 1 byte RESERVED - 1 bytes Source ID Length - 1 bytes Destination ID Length - 1 byte Source ID Type - n bytes Source ID - 1 byte Destination ID Type - n bytes Destination ID +/* Create new packet stream */ - 1 - 16 bytes Padding +SilcPacketStream silc_packet_stream_create(SilcPacketEngine engine, + SilcSchedule schedule, + SilcStream stream) +{ + SilcPacketStream ps; + void *tmp; - n bytes Data payload + SILC_LOG_DEBUG(("Creating new packet stream")); - All fields in the packet will be authenticated by MAC. The MAC is - not computed here, it must be computed separately before encrypting - the packet. + if (!engine || !stream) + return NULL; -*/ + ps = silc_calloc(1, sizeof(*ps)); + if (!ps) + return NULL; -void silc_packet_assemble(SilcPacketContext *ctx, SilcCipher cipher) + ps->engine = engine; + ps->stream = stream; + ps->refcnt++; + + /* Allocate buffers */ + tmp = silc_malloc(SILC_PACKET_DEFAULT_SIZE); + if (!tmp) + return NULL; + silc_buffer_set(&ps->inbuf, tmp, SILC_PACKET_DEFAULT_SIZE); + silc_buffer_reset(&ps->inbuf); + tmp = silc_malloc(SILC_PACKET_DEFAULT_SIZE); + if (!tmp) + return NULL; + silc_buffer_set(&ps->outbuf, tmp, SILC_PACKET_DEFAULT_SIZE); + silc_buffer_reset(&ps->outbuf); + + /* Initialize packet procesors list */ + ps->process = silc_dlist_init(); + + /* Set IO notifier callback */ + silc_stream_set_notifier(ps->stream, schedule, silc_packet_stream_io, ps); + + silc_mutex_alloc(&ps->lock); + + /* Add to engine */ + silc_mutex_lock(engine->lock); + silc_list_add(engine->streams, ps); + silc_mutex_unlock(engine->lock); + + return ps; +} + +/* Destroy packet stream */ + +void silc_packet_stream_destroy(SilcPacketStream stream) { - unsigned char tmppad[SILC_PACKET_MAX_PADLEN]; - int block_len = cipher ? silc_cipher_get_block_len(cipher) : 0; + if (!stream) + return; + + if (stream->refcnt > 1) { + stream->destroyed = TRUE; + return; + } + + SILC_LOG_DEBUG(("Destroying packet stream %p", stream)); + + /* Delete from engine */ + silc_mutex_lock(stream->engine->lock); + silc_list_del(stream->engine->streams, stream); + silc_mutex_unlock(stream->engine->lock); + + /* Clear and free buffers */ + silc_buffer_clear(&stream->inbuf); + silc_buffer_clear(&stream->outbuf); + silc_free(silc_buffer_steal(&stream->inbuf, NULL)); + silc_free(silc_buffer_steal(&stream->outbuf, NULL)); + + silc_dlist_uninit(stream->process); + + /* XXX */ + + silc_free(stream); +} + +/* Marks as router stream */ + +void silc_packet_stream_set_router(SilcPacketStream stream) +{ + stream->is_router = TRUE; +} + +/* Links `callbacks' to `stream' for specified packet types */ + +SilcBool silc_packet_stream_link(SilcPacketStream stream, + SilcPacketCallbacks *callbacks, + void *callback_context, + int priority, ...) +{ + va_list ap; + SilcPacketProcess p, e; + SilcInt32 packet_type; int i; - SILC_LOG_DEBUG(("Assembling outgoing packet")); - - /* Get the true length of the packet. This is saved as payload length - into the packet header. This does not include the length of the - padding. */ - if (!ctx->truelen) - ctx->truelen = ctx->buffer->len + SILC_PACKET_HEADER_LEN + - ctx->src_id_len + ctx->dst_id_len; - - /* Calculate the length of the padding. The padding is calculated from - the data that will be encrypted. */ - if (!ctx->padlen) { - if (ctx->long_pad) - ctx->padlen = SILC_PACKET_PADLEN_MAX(ctx->truelen); - else - ctx->padlen = SILC_PACKET_PADLEN(ctx->truelen, block_len); + SILC_LOG_DEBUG(("Linking callbacks %p to stream %p", callbacks, stream)); + + if (!callbacks) + return FALSE; + if (!callbacks->packet_receive) + return FALSE; + + p = silc_calloc(1, sizeof(*p)); + if (!p) + return FALSE; + + p->priority = priority; + p->callbacks = callbacks; + p->callback_context = callback_context; + + silc_mutex_lock(stream->lock); + + if (!stream->process) { + stream->process = silc_dlist_init(); + if (!stream->process) + return FALSE; } - /* Put the start of the data section to the right place. */ - silc_buffer_push(ctx->buffer, SILC_PACKET_HEADER_LEN + - ctx->src_id_len + ctx->dst_id_len + ctx->padlen); + /* According to priority set the procesor to correct position. First + entry has the highest priority */ + silc_dlist_start(stream->process); + while ((e = silc_dlist_get(stream->process)) != SILC_LIST_END) { + if (p->priority > e->priority) { + silc_dlist_insert(stream->process, p); + break; + } + } + if (!e) + silc_dlist_add(stream->process, p); - /* Get random padding */ -#if 1 - for (i = 0; i < ctx->padlen; i++) tmppad[i] = silc_rng_global_get_byte(); -#else - /* XXX: For testing - to be removed */ - memset(tmppad, 65, sizeof(tmppad)); -#endif - - /* Create the packet. This creates the SILC header and adds padding, - rest of the buffer remains as it is. */ - silc_buffer_format(ctx->buffer, - SILC_STR_UI_SHORT(ctx->truelen), - SILC_STR_UI_CHAR(ctx->flags), - SILC_STR_UI_CHAR(ctx->type), - SILC_STR_UI_CHAR(ctx->padlen), - SILC_STR_UI_CHAR(0), - SILC_STR_UI_CHAR(ctx->src_id_len), - SILC_STR_UI_CHAR(ctx->dst_id_len), - SILC_STR_UI_CHAR(ctx->src_id_type), - SILC_STR_UI_XNSTRING(ctx->src_id, ctx->src_id_len), - SILC_STR_UI_CHAR(ctx->dst_id_type), - SILC_STR_UI_XNSTRING(ctx->dst_id, ctx->dst_id_len), - SILC_STR_UI_XNSTRING(tmppad, ctx->padlen), - SILC_STR_END); - - SILC_LOG_HEXDUMP(("Assembled packet, len %d", ctx->buffer->len), - ctx->buffer->data, ctx->buffer->len); - - SILC_LOG_DEBUG(("Outgoing packet assembled")); -} - -/* Prepare outgoing data buffer for packet sending. This moves the data - area so that new packet may be added into it. If needed this allocates - more space to the buffer. This handles directly the connection's - outgoing buffer in SilcSocketConnection object. */ - -void silc_packet_send_prepare(SilcSocketConnection sock, - uint32 header_len, - uint32 padlen, - uint32 data_len) -{ - int totlen, oldlen; - - totlen = header_len + padlen + data_len; - - /* Prepare the outgoing buffer for packet sending. */ - if (!sock->outbuf) { - /* Allocate new buffer. This is done only once per connection. */ - SILC_LOG_DEBUG(("Allocating outgoing data buffer")); - - if (totlen > SILC_PACKET_DEFAULT_SIZE) - sock->outbuf = silc_buffer_alloc(totlen); - else - sock->outbuf = silc_buffer_alloc(SILC_PACKET_DEFAULT_SIZE); - silc_buffer_pull_tail(sock->outbuf, totlen); - silc_buffer_pull(sock->outbuf, header_len + padlen); - } else { - if (SILC_IS_OUTBUF_PENDING(sock)) { - /* There is some pending data in the buffer. */ - - /* Allocate more space if needed */ - if ((sock->outbuf->end - sock->outbuf->tail) < - (totlen + 20)) { - SILC_LOG_DEBUG(("Reallocating outgoing data buffer")); - sock->outbuf = silc_buffer_realloc(sock->outbuf, - sock->outbuf->truelen + - (totlen * 2)); - } + silc_mutex_unlock(stream->lock); - oldlen = sock->outbuf->len; - silc_buffer_pull_tail(sock->outbuf, totlen); - silc_buffer_pull(sock->outbuf, header_len + padlen + oldlen); - } else { - /* Buffer is free for use */ - silc_buffer_clear(sock->outbuf); - - /* Allocate more space if needed */ - if ((sock->outbuf->end - sock->outbuf->tail) < (totlen + 20)) { - SILC_LOG_DEBUG(("Reallocating outgoing data buffer")); - sock->outbuf = silc_buffer_realloc(sock->outbuf, - sock->outbuf->truelen + - (totlen * 2)); - } + /* Get packet types to process */ + va_start(ap, priority); + i = 1; + while (1) { + packet_type = va_arg(ap, SilcInt32); + + if (packet_type == SILC_PACKET_ANY) + break; + + if (packet_type == -1) + break; + + p->types = silc_realloc(p->types, sizeof(*p->types) * (i + 1)); + if (!p->types) + return FALSE; + + p->types[i - 1] = (SilcPacketType)packet_type; + i++; + } + if (p->types) + p->types[i - 1] = 0; + va_end(ap); + + silc_packet_stream_ref(stream); - silc_buffer_pull_tail(sock->outbuf, totlen); - silc_buffer_pull(sock->outbuf, header_len + padlen); + return TRUE; +} + +/* Unlinks `callbacks' from `stream'. */ + +void silc_packet_stream_unlink(SilcPacketStream stream, + SilcPacketCallbacks *callbacks, + void *callback_context) +{ + SilcPacketProcess p; + + SILC_LOG_DEBUG(("Unlinking callbacks %p from stream %p", + callbacks, stream)); + + silc_mutex_lock(stream->lock); + + silc_dlist_start(stream->process); + while ((p = silc_dlist_get(stream->process)) != SILC_LIST_END) + if (p->callbacks == callbacks && + p->callback_context == callback_context) { + silc_dlist_del(stream->process, p); + silc_free(p); + break; } + + if (!silc_dlist_count(stream->process)) { + silc_dlist_uninit(stream->process); + stream->process = NULL; } + + silc_mutex_unlock(stream->lock); + + silc_packet_stream_unref(stream); } -/****************************************************************************** +/* Reference packet stream */ - Packet Reception Routines +void silc_packet_stream_ref(SilcPacketStream stream) +{ + silc_mutex_lock(stream->lock); + stream->refcnt++; + silc_mutex_unlock(stream->lock); +} -******************************************************************************/ +/* Unreference packet stream */ -static int silc_packet_decrypt(SilcCipher cipher, SilcHmac hmac, - uint32 sequence, SilcBuffer buffer, - bool normal); +void silc_packet_stream_unref(SilcPacketStream stream) +{ + silc_mutex_lock(stream->lock); + stream->refcnt--; + silc_mutex_unlock(stream->lock); + if (stream->refcnt == 0) + silc_packet_stream_destroy(stream); +} -/* Receives packet from network and reads the data into connection's - incoming data buffer. If the data was read directly this returns the - read bytes, if error occured this returns -1, if the data could not - be read directly at this time this returns -2 in which case the data - should be read again at some later time, or If EOF occured this returns - 0. */ +/* Return engine */ -int silc_packet_receive(SilcSocketConnection sock) +SilcPacketEngine silc_packet_get_engine(SilcPacketStream stream) { - int ret; + return stream->engine; +} - SILC_LOG_DEBUG(("Receiving packet from %s:%d [%s]", sock->hostname, - sock->port, - (sock->type == SILC_SOCKET_TYPE_UNKNOWN ? "Unknown" : - sock->type == SILC_SOCKET_TYPE_CLIENT ? "Client" : - sock->type == SILC_SOCKET_TYPE_SERVER ? "Server" : - "Router"))); - - /* Read some data from connection */ - ret = silc_socket_read(sock); - - return ret; -} - -/* Processes and decrypts the incmoing data, and calls parser callback - for each received packet that will handle the actual packet parsing. - If more than one packet was received this calls the parser multiple - times. The parser callback will get context SilcPacketParserContext - that includes the packet and the `parser_context' sent to this - function. - - The `local_is_router' indicates whether the caller is router server - in which case the receiving process of a certain packet types may - be special. Normal server and client must set it to FALSE. The - SilcPacketParserContext will indicate also whether the received - packet was normal or special packet. */ - -void silc_packet_receive_process(SilcSocketConnection sock, - bool local_is_router, - SilcCipher cipher, SilcHmac hmac, - uint32 sequence, - SilcPacketParserCallback parser, - void *parser_context) -{ - SilcPacketParserContext *parse_ctx; - int packetlen, paddedlen, mac_len = 0; - int block_len = cipher ? silc_cipher_get_block_len(cipher) : 0; - - if (sock->inbuf->len < SILC_PACKET_MIN_HEADER_LEN) - return; +/* Set application context for packet stream */ - if (hmac) - mac_len = silc_hmac_len(hmac); +void silc_packet_set_context(SilcPacketStream stream, void *stream_context) +{ + stream->stream_context = stream_context; +} - /* Parse the packets from the data */ - while (sock->inbuf->len > 0) { +/* Return application context from packet stream */ - /* Decrypt first 16 bytes of the packet */ - if (!SILC_IS_INBUF_PENDING(sock) && cipher) - silc_cipher_decrypt(cipher, sock->inbuf->data, sock->inbuf->data, - SILC_PACKET_MIN_HEADER_LEN, cipher->iv); +void *silc_packet_get_context(SilcPacketStream stream) +{ + return stream->stream_context; +} - /* Get packet lenght and full packet length with padding */ - SILC_PACKET_LENGTH(sock->inbuf, packetlen, paddedlen); +/* Return underlaying stream */ - /* Sanity checks */ - if (packetlen < SILC_PACKET_MIN_LEN) { - SILC_LOG_DEBUG(("Received invalid packet, dropped")); - silc_buffer_clear(sock->inbuf); - return; - } +SilcStream silc_packet_stream_get_stream(SilcPacketStream stream) +{ + return stream->stream; +} - if (sock->inbuf->len < paddedlen + mac_len) { - SILC_LOG_DEBUG(("Received partial packet, waiting for the rest" - "(%d < %d)", sock->inbuf->len, paddedlen + mac_len)); - SILC_SET_INBUF_PENDING(sock); - return; - } +/* Set ciphers for packet stream */ - SILC_UNSET_INBUF_PENDING(sock); - parse_ctx = silc_calloc(1, sizeof(*parse_ctx)); - parse_ctx->packet = silc_packet_context_alloc(); - parse_ctx->packet->buffer = silc_buffer_alloc(paddedlen + mac_len); - parse_ctx->packet->padlen = sock->inbuf->data[4]; - parse_ctx->packet->sequence = sequence++; - parse_ctx->sock = sock; - parse_ctx->context = parser_context; - - silc_buffer_pull_tail(parse_ctx->packet->buffer, - SILC_BUFFER_END(parse_ctx->packet->buffer)); - silc_buffer_put(parse_ctx->packet->buffer, sock->inbuf->data, - paddedlen + mac_len); - - SILC_LOG_HEXDUMP(("Incoming packet (%d) (%d bytes decrypted), len %d", - sequence - 1, block_len, paddedlen + mac_len), - sock->inbuf->data, paddedlen + mac_len); - - /* Check whether this is normal or special packet */ - if (local_is_router) { - if (sock->inbuf->data[3] == SILC_PACKET_PRIVATE_MESSAGE && - (sock->inbuf->data[2] & SILC_PACKET_FLAG_PRIVMSG_KEY)) - parse_ctx->normal = FALSE; - else if (sock->inbuf->data[3] != SILC_PACKET_CHANNEL_MESSAGE || - (sock->inbuf->data[3] == SILC_PACKET_CHANNEL_MESSAGE && - sock->type == SILC_SOCKET_TYPE_ROUTER)) - parse_ctx->normal = TRUE; - } else { - if (sock->inbuf->data[3] == SILC_PACKET_PRIVATE_MESSAGE && - (sock->inbuf->data[2] & SILC_PACKET_FLAG_PRIVMSG_KEY)) - parse_ctx->normal = FALSE; - else if (sock->inbuf->data[3] != SILC_PACKET_CHANNEL_MESSAGE) - parse_ctx->normal = TRUE; - } +void silc_packet_set_ciphers(SilcPacketStream stream, SilcCipher send, + SilcCipher receive) +{ + SILC_LOG_DEBUG(("Setting new ciphers to packet stream")); + stream->send_key = send; + stream->receive_key = receive; +} - /* Decrypt rest of the packet */ - if (cipher) - silc_packet_decrypt(cipher, hmac, parse_ctx->packet->sequence, - parse_ctx->packet->buffer, parse_ctx->normal); +/* Return current ciphers from packet stream */ - /* Call the parser */ - if (parser) - (*parser)(parse_ctx, parser_context); +SilcBool silc_packet_get_ciphers(SilcPacketStream stream, SilcCipher *send, + SilcCipher *receive) +{ + if (!stream->send_key && !stream->receive_key) + return FALSE; - /* Pull the packet from inbuf thus we'll get the next one - in the inbuf. */ - silc_buffer_pull(sock->inbuf, paddedlen + mac_len); - } + if (send) + *send = stream->send_key; + if (receive) + *receive = stream->receive_key; - SILC_LOG_DEBUG(("Clearing inbound buffer")); - silc_buffer_clear(sock->inbuf); + return TRUE; } -/* Checks MAC in the packet. Returns TRUE if MAC is Ok. This is called - after packet has been totally decrypted and parsed. */ +/* Set HMACs for packet stream */ -static int silc_packet_check_mac(SilcHmac hmac, SilcBuffer buffer, - uint32 sequence) +void silc_packet_set_hmacs(SilcPacketStream stream, SilcHmac send, + SilcHmac receive) { - /* Check MAC */ - if (hmac) { - unsigned char mac[32], psn[4]; - uint32 mac_len; - - SILC_LOG_DEBUG(("Verifying MAC")); + SILC_LOG_DEBUG(("Setting new HMACs to packet stream")); + stream->send_hmac = send; + stream->receive_hmac = receive; +} - /* Compute HMAC of packet */ +/* Return current HMACs from packet stream */ - memset(mac, 0, sizeof(mac)); - silc_hmac_init(hmac); - SILC_PUT32_MSB(sequence, psn); - silc_hmac_update(hmac, psn, 4); - silc_hmac_update(hmac, buffer->data, buffer->len); - silc_hmac_final(hmac, mac, &mac_len); +SilcBool silc_packet_get_hmacs(SilcPacketStream stream, SilcHmac *send, + SilcHmac *receive) +{ + if (!stream->send_hmac && !stream->receive_hmac) + return FALSE; + + if (send) + *send = stream->send_hmac; + if (receive) + *receive = stream->receive_hmac; + + return TRUE; +} - /* Compare the HMAC's (buffer->tail has the packet's HMAC) */ - if (memcmp(mac, buffer->tail, mac_len)) { - SILC_LOG_ERROR(("MAC failed")); +/* Set SILC IDs to packet stream */ + +SilcBool silc_packet_set_ids(SilcPacketStream stream, + SilcIdType src_id_type, const void *src_id, + SilcIdType dst_id_type, const void *dst_id) +{ + SilcUInt32 len; + unsigned char tmp[32]; + + if (!src_id && !dst_id) + return FALSE; + + SILC_LOG_DEBUG(("Setting new IDs to packet stream")); + + if (src_id) { + silc_free(stream->src_id); + if (!silc_id_id2str(src_id, src_id_type, tmp, sizeof(tmp), &len)) return FALSE; - } - - SILC_LOG_DEBUG(("MAC is Ok")); - memset(mac, 0, sizeof(mac)); + stream->src_id = silc_memdup(tmp, len); + if (!stream->src_id) + return FALSE; + stream->src_id_type = src_id_type; + stream->src_id_len = len; + } + + if (dst_id) { + silc_free(stream->dst_id); + if (!silc_id_id2str(dst_id, dst_id_type, tmp, sizeof(tmp), &len)) + return FALSE; + stream->dst_id = silc_memdup(tmp, len); + if (!stream->dst_id) + return FALSE; + stream->dst_id_type = dst_id_type; + stream->dst_id_len = len; } - + return TRUE; } -/* Decrypts rest of the packet (after decrypting just the SILC header). - After calling this function the packet is ready to be parsed by calling - silc_packet_parse. If everything goes without errors this returns TRUE, - if packet is malformed this returns FALSE. */ +/* Free packet */ -static int silc_packet_decrypt_rest(SilcCipher cipher, SilcHmac hmac, - SilcBuffer buffer) +void silc_packet_free(SilcPacket packet) { - if (cipher) { + SilcPacketStream stream = packet->stream; - /* Pull MAC from packet before decryption */ - if (hmac) { - if ((buffer->len - silc_hmac_len(hmac)) > SILC_PACKET_MIN_LEN) { - silc_buffer_push_tail(buffer, silc_hmac_len(hmac)); - } else { - SILC_LOG_DEBUG(("Bad MAC length in packet, packet dropped")); - return FALSE; - } - } + SILC_LOG_DEBUG(("Freeing packet %p", packet)); + +#if defined(SILC_DEBUG) + /* Check for double free */ + assert(packet->stream != NULL); +#endif /* SILC_DEBUG */ + + silc_mutex_lock(stream->engine->lock); + + packet->stream = NULL; + packet->src_id = packet->dst_id = NULL; + silc_buffer_reset(&packet->buffer); + + /* Put the packet back to freelist */ + silc_list_add(stream->engine->packet_pool, packet); + + silc_mutex_unlock(stream->engine->lock); +} - SILC_LOG_DEBUG(("Decrypting rest of the packet")); +/* Creates streamer */ - /* Decrypt rest of the packet */ - silc_buffer_pull(buffer, SILC_PACKET_MIN_HEADER_LEN); - silc_cipher_decrypt(cipher, buffer->data, buffer->data, buffer->len, - cipher->iv); - silc_buffer_push(buffer, SILC_PACKET_MIN_HEADER_LEN); +SilcStream silc_packet_streamer_create(SilcPacketStream stream, + SilcPacketType packet_type, + SilcPacketFlags packet_flags) +{ + /* XXX TODO */ + return NULL; +} + +/* Destroyes streamer */ - SILC_LOG_HEXDUMP(("Fully decrypted packet, len %d", buffer->len), - buffer->data, buffer->len); +void silc_packet_streamer_destroy(SilcStream stream) +{ + +} + + +/****************************** Packet Sending ******************************/ + +/* Prepare outgoing data buffer for packet sending. Returns the + pointer to that buffer into the `packet'. */ + +static SilcBool silc_packet_send_prepare(SilcPacketStream stream, + SilcUInt32 totlen, + SilcHmac hmac, + SilcBuffer packet) +{ + unsigned char *oldptr; + unsigned int mac_len = hmac ? silc_hmac_len(hmac) : 0; + + totlen += mac_len; + + /* Allocate more space if needed */ + if (silc_buffer_taillen(&stream->outbuf) < totlen) { + if (!silc_buffer_realloc(&stream->outbuf, + silc_buffer_truelen(&stream->outbuf) + totlen)) + return FALSE; } + /* Pull data area for the new packet, and return pointer to the start of + the data area and save the pointer in to the `packet'. MAC is pulled + later after it's computed. */ + oldptr = silc_buffer_pull_tail(&stream->outbuf, totlen); + silc_buffer_set(packet, oldptr, totlen); + silc_buffer_push_tail(packet, mac_len); + return TRUE; } -/* Decrypts rest of the SILC Packet header that has been decrypted partly - already. This decrypts the padding of the packet also. After calling - this function the packet is ready to be parsed by calling function - silc_packet_parse. This is used in special packet reception (protocol - defines the way of decrypting special packets). */ - -static int silc_packet_decrypt_rest_special(SilcCipher cipher, - SilcHmac hmac, - SilcBuffer buffer) +/* Internal routine to send packet */ + +static SilcBool silc_packet_send_raw(SilcPacketStream stream, + SilcPacketType type, + SilcPacketFlags flags, + SilcIdType src_id_type, + unsigned char *src_id, + SilcUInt32 src_id_len, + SilcIdType dst_id_type, + unsigned char *dst_id, + SilcUInt32 dst_id_len, + const unsigned char *data, + SilcUInt32 data_len, + SilcCipher cipher, + SilcHmac hmac) { - /* Decrypt rest of the header plus padding */ - if (cipher) { - uint16 len; + unsigned char tmppad[SILC_PACKET_MAX_PADLEN]; + int block_len = (cipher ? silc_cipher_get_block_len(cipher) : 0); + int i, enclen, truelen, padlen; + SilcBufferStruct packet; - /* Pull MAC from packet before decryption */ - if (hmac) { - if ((buffer->len - silc_hmac_len(hmac)) > SILC_PACKET_MIN_LEN) { - silc_buffer_push_tail(buffer, silc_hmac_len(hmac)); - } else { - SILC_LOG_DEBUG(("Bad MAC length in packet, packet dropped")); - return FALSE; - } + SILC_LOG_DEBUG(("Sending packet %s (%d) flags %d, src %d dst %d," + "data len %d", silc_get_packet_name(type), stream->send_psn, + flags, src_id_type, dst_id_type, data_len)); + + /* Get the true length of the packet. This is saved as payload length + into the packet header. This does not include the length of the + padding. */ + data_len = SILC_PACKET_DATALEN(data_len, (SILC_PACKET_HEADER_LEN + + src_id_len + dst_id_len)); + enclen = truelen = (data_len + SILC_PACKET_HEADER_LEN + + src_id_len + dst_id_len); + + /* We automatically figure out the packet structure from the packet + type and flags, and calculate correct length. Private messages with + private keys and channel messages are special packets as their + payload is encrypted already. */ + if ((type == SILC_PACKET_PRIVATE_MESSAGE && + flags & SILC_PACKET_FLAG_PRIVMSG_KEY) || + type == SILC_PACKET_CHANNEL_MESSAGE) { + + /* Padding is calculated from header + IDs */ + SILC_PACKET_PADLEN((SILC_PACKET_HEADER_LEN + + src_id_len + + dst_id_len), block_len, padlen); + + /* Length to encrypt, header + IDs + padding. */ + enclen = SILC_PACKET_HEADER_LEN + src_id_len + dst_id_len + padlen; + } else { + + /* Padding is calculated from true length of the packet */ + if (flags & SILC_PACKET_FLAG_LONG_PAD) + SILC_PACKET_PADLEN_MAX(truelen, block_len, padlen); + else + SILC_PACKET_PADLEN(truelen, block_len, padlen); + + enclen += padlen; + } + + /* Remove implementation specific flags */ + flags &= ~(SILC_PACKET_FLAG_LONG_PAD); + + /* Get random padding */ + for (i = 0; i < padlen; i++) tmppad[i] = + silc_rng_get_byte_fast(stream->engine->rng); + + silc_mutex_lock(stream->lock); + + /* Get packet pointer from the outgoing buffer */ + if (!silc_packet_send_prepare(stream, truelen + padlen, hmac, &packet)) { + silc_mutex_unlock(stream->lock); + return FALSE; + } + + /* Create the packet. This creates the SILC header, adds padding, and + the actual packet data. */ + i = silc_buffer_format(&packet, + SILC_STR_UI_SHORT(truelen), + SILC_STR_UI_CHAR(flags), + SILC_STR_UI_CHAR(type), + SILC_STR_UI_CHAR(padlen), + SILC_STR_UI_CHAR(0), + SILC_STR_UI_CHAR(src_id_len), + SILC_STR_UI_CHAR(dst_id_len), + SILC_STR_UI_CHAR(src_id_type), + SILC_STR_UI_XNSTRING(src_id, src_id_len), + SILC_STR_UI_CHAR(dst_id_type), + SILC_STR_UI_XNSTRING(dst_id, dst_id_len), + SILC_STR_UI_XNSTRING(tmppad, padlen), + SILC_STR_UI_XNSTRING(data, data_len), + SILC_STR_END); + if (i < 0) { + silc_mutex_unlock(stream->lock); + return FALSE; + } + + SILC_LOG_HEXDUMP(("Assembled packet, len %d", silc_buffer_len(&packet)), + packet.data, silc_buffer_len(&packet)); + + /* Encrypt the packet */ + if (cipher) + if (!silc_cipher_encrypt(cipher, packet.data, packet.data, + enclen, NULL)) { + SILC_LOG_ERROR(("Packet encryption failed")); + silc_mutex_unlock(stream->lock); + return FALSE; } - - SILC_LOG_DEBUG(("Decrypting rest of the header")); - - /* padding length + src id len + dst id len + header length - 16 - bytes already decrypted, gives the rest of the encrypted packet */ - len = (((uint8)buffer->data[4] + (uint8)buffer->data[6] + - (uint8)buffer->data[7] + SILC_PACKET_HEADER_LEN) - - SILC_PACKET_MIN_HEADER_LEN); - - silc_buffer_pull(buffer, SILC_PACKET_MIN_HEADER_LEN); - if (len > buffer->len) { - SILC_LOG_DEBUG(("Garbage in header of packet, bad packet length, " - "packet dropped")); + + /* Compute HMAC */ + if (hmac) { + unsigned char psn[4]; + SilcUInt32 mac_len; + + /* MAC is computed from the entire encrypted packet data, and put + to the end of the packet. */ + silc_hmac_init(hmac); + SILC_PUT32_MSB(stream->send_psn, psn); + silc_hmac_update(hmac, psn, 4); + silc_hmac_update(hmac, packet.data, silc_buffer_len(&packet)); + silc_hmac_final(hmac, packet.tail, &mac_len); + silc_buffer_pull_tail(&packet, mac_len); + stream->send_psn++; + } + + /* Write the packet to the stream */ + while (silc_buffer_len(&stream->outbuf) > 0) { + i = silc_stream_write(stream->stream, stream->outbuf.data, + silc_buffer_len(&stream->outbuf)); + if (i == 0) { + /* EOS */ + silc_buffer_reset(&stream->outbuf); + silc_mutex_unlock(stream->lock); + SILC_PACKET_CALLBACK_EOS(stream); + return FALSE; + } + + if (i == -2) { + /* Error */ + silc_buffer_reset(&stream->outbuf); + silc_mutex_unlock(stream->lock); + SILC_PACKET_CALLBACK_ERROR(stream, SILC_PACKET_ERR_WRITE); return FALSE; } - silc_cipher_decrypt(cipher, buffer->data, buffer->data, len, cipher->iv); - silc_buffer_push(buffer, SILC_PACKET_MIN_HEADER_LEN); - SILC_LOG_HEXDUMP(("packet, len %d", buffer->len), - buffer->data, buffer->len); + + if (i == -1) { + /* Cannot write now, write later. */ + silc_mutex_unlock(stream->lock); + return TRUE; + } + + /* Wrote data */ + silc_buffer_pull(&stream->outbuf, i); } + silc_buffer_reset(&stream->outbuf); + silc_mutex_unlock(stream->lock); return TRUE; } -/* Decrypts a packet. This assumes that typical SILC packet is the - packet to be decrypted and thus checks for normal and special SILC - packets and can handle both of them. This also computes and checks - the HMAC of the packet. If any other special or customized decryption - processing is required this function cannot be used. This returns - -1 on error, 0 when packet is normal packet and 1 when the packet - is special and requires special processing. +/* Sends a packet */ - The `check_packet' is a callback funtion that this function will - call. The callback relates to the checking whether the packet is - normal packet or special packet and how it should be processed. If - the callback return TRUE the packet is normal and FALSE if the packet - is special and requires special procesing. */ - -static int silc_packet_decrypt(SilcCipher cipher, SilcHmac hmac, - uint32 sequence, SilcBuffer buffer, - bool normal) +SilcBool silc_packet_send(SilcPacketStream stream, + SilcPacketType type, SilcPacketFlags flags, + const unsigned char *data, SilcUInt32 data_len) { - /* If the packet type is not any special type lets decrypt rest - of the packet here. */ - if (normal == TRUE) { - /* Normal packet, decrypt rest of the packet */ - if (!silc_packet_decrypt_rest(cipher, hmac, buffer)) - return -1; + return silc_packet_send_raw(stream, type, flags, + stream->src_id_type, + stream->src_id, + stream->src_id_len, + stream->dst_id_type, + stream->dst_id, + stream->dst_id_len, + data, data_len, + stream->send_key, + stream->send_hmac); +} - /* Check MAC */ - if (!silc_packet_check_mac(hmac, buffer, sequence)) - return -1; +/* Sends a packet, extended routine */ - return 0; - } else { - /* Packet requires special handling, decrypt rest of the header. - This only decrypts. */ - if (!silc_packet_decrypt_rest_special(cipher, hmac, buffer)) - return -1; +SilcBool silc_packet_send_ext(SilcPacketStream stream, + SilcPacketType type, SilcPacketFlags flags, + SilcIdType src_id_type, void *src_id, + SilcIdType dst_id_type, void *dst_id, + const unsigned char *data, SilcUInt32 data_len, + SilcCipher cipher, SilcHmac hmac) +{ + unsigned char src_id_data[32], dst_id_data[32]; + SilcUInt32 src_id_len, dst_id_len; - /* Check MAC */ - if (!silc_packet_check_mac(hmac, buffer, sequence)) - return -1; + if (src_id) + if (!silc_id_id2str(src_id, src_id_type, src_id_data, + sizeof(src_id_data), &src_id_len)) + return FALSE; + if (dst_id) + if (!silc_id_id2str(dst_id, dst_id_type, dst_id_data, + sizeof(dst_id_data), &dst_id_len)) + return FALSE; - return 1; - } + return silc_packet_send_raw(stream, type, flags, + src_id_type, + src_id_data, + src_id_len, + dst_id_type, + dst_id_data, + dst_id_len, + data, data_len, + cipher, + hmac); } -/* Parses the packet. This is called when a whole packet is ready to be - parsed. The buffer sent must be already decrypted before calling this - function. The len argument must be the true length of the packet. This - function returns the type of the packet. The data section of the - buffer is parsed, not head or tail sections. */ -SilcPacketType silc_packet_parse(SilcPacketContext *ctx, SilcCipher cipher) +/***************************** Packet Receiving *****************************/ + +/* Checks MAC in the packet. Returns TRUE if MAC is Ok. */ + +static SilcBool silc_packet_check_mac(SilcHmac hmac, + const unsigned char *data, + SilcUInt32 data_len, + const unsigned char *packet_mac, + SilcUInt32 sequence) { - SilcBuffer buffer = ctx->buffer; - uint8 tmp; - int len, ret; + /* Check MAC */ + if (hmac) { + unsigned char mac[32], psn[4]; + SilcUInt32 mac_len; - SILC_LOG_DEBUG(("Parsing incoming packet")); + SILC_LOG_DEBUG(("Verifying MAC")); - /* Check the length of the buffer */ - if (buffer->len < SILC_PACKET_MIN_LEN) { - SILC_LOG_ERROR(("Bad packet length: %d, packet dropped", buffer->len)); - return SILC_PACKET_NONE; - } + /* Compute HMAC of packet */ + silc_hmac_init(hmac); + SILC_PUT32_MSB(sequence, psn); + silc_hmac_update(hmac, psn, 4); + silc_hmac_update(hmac, data, data_len); + silc_hmac_final(hmac, mac, &mac_len); - /* Parse the buffer. This parses the SILC header of the packet. */ - len = silc_buffer_unformat(buffer, - SILC_STR_UI_SHORT(&ctx->truelen), - SILC_STR_UI_CHAR(&ctx->flags), - SILC_STR_UI_CHAR(&ctx->type), - SILC_STR_UI_CHAR(&ctx->padlen), - SILC_STR_UI_CHAR(&tmp), - SILC_STR_UI_CHAR(&ctx->src_id_len), - SILC_STR_UI_CHAR(&ctx->dst_id_len), - SILC_STR_UI_CHAR(&ctx->src_id_type), - SILC_STR_END); - if (len == -1 || tmp != 0) - return SILC_PACKET_NONE; + /* Compare the MAC's */ + if (memcmp(packet_mac, mac, mac_len)) { + SILC_LOG_DEBUG(("MAC failed")); + return FALSE; + } - if (ctx->src_id_len > SILC_PACKET_MAX_ID_LEN || - ctx->dst_id_len > SILC_PACKET_MAX_ID_LEN) { - SILC_LOG_ERROR(("Bad ID lengths in packet (%d and %d)", - ctx->src_id_len, ctx->dst_id_len)); - return SILC_PACKET_NONE; + SILC_LOG_DEBUG(("MAC is Ok")); } - silc_buffer_pull(buffer, len); - ret = silc_buffer_unformat(buffer, - SILC_STR_UI_XNSTRING_ALLOC(&ctx->src_id, - ctx->src_id_len), - SILC_STR_UI_CHAR(&ctx->dst_id_type), - SILC_STR_UI_XNSTRING_ALLOC(&ctx->dst_id, - ctx->dst_id_len), - SILC_STR_UI_XNSTRING(NULL, ctx->padlen), - SILC_STR_END); - if (ret == -1) - return SILC_PACKET_NONE; - - silc_buffer_push(buffer, len); + return TRUE; +} - SILC_LOG_HEXDUMP(("parsed packet, len %d", ctx->buffer->len), - ctx->buffer->data, ctx->buffer->len); +/* Decrypts SILC packet. Handles both normal and special packet decryption. + Return 0 when packet is normal and 1 when it it special, -1 on error. */ - /* Pull SILC header and padding from packet */ - silc_buffer_pull(buffer, SILC_PACKET_HEADER_LEN + - ctx->src_id_len + ctx->dst_id_len + ctx->padlen); +static int silc_packet_decrypt(SilcCipher cipher, SilcHmac hmac, + SilcUInt32 sequence, SilcBuffer buffer, + SilcBool normal) +{ + if (normal == TRUE) { + if (cipher) { + /* Decrypt rest of the packet */ + SILC_LOG_DEBUG(("Decrypting the packet")); + if (!silc_cipher_decrypt(cipher, buffer->data, buffer->data, + silc_buffer_len(buffer), NULL)) + return -1; + } + return 0; - SILC_LOG_DEBUG(("Incoming packet type: %d", ctx->type)); + } else { + /* Decrypt rest of the header plus padding */ + if (cipher) { + SilcUInt16 len; + SilcUInt32 block_len = silc_cipher_get_block_len(cipher); + + SILC_LOG_DEBUG(("Decrypting the header")); + + /* Padding length + src id len + dst id len + header length - 16 + bytes already decrypted, gives the rest of the encrypted packet */ + silc_buffer_push(buffer, block_len); + len = (((SilcUInt8)buffer->data[4] + (SilcUInt8)buffer->data[6] + + (SilcUInt8)buffer->data[7] + SILC_PACKET_HEADER_LEN) - + block_len); + silc_buffer_pull(buffer, block_len); + + if (len > silc_buffer_len(buffer)) { + SILC_LOG_ERROR(("Garbage in header of packet, bad packet length, " + "packet dropped")); + return -1; + } + if (!silc_cipher_decrypt(cipher, buffer->data, buffer->data, + len, NULL)) + return -1; + } - return ctx->type; + return 1; + } } -/* Perform special SILC Packet header parsing. This is required to some - packet types that have the data payload encrypted with different key - than the header area plus padding of the packet. Hence, this parses - the header in a way that it does not take the data area into account - and parses the header and padding area only. */ +/* Parses the packet. This is called when a whole packet is ready to be + parsed. The buffer sent must be already decrypted before calling this + function. */ -SilcPacketType silc_packet_parse_special(SilcPacketContext *ctx, - SilcCipher cipher) +static SilcBool silc_packet_parse(SilcPacket packet) { - SilcBuffer buffer = ctx->buffer; - uint8 tmp; + SilcBuffer buffer = &packet->buffer; + SilcUInt8 padlen = (SilcUInt8)buffer->data[4]; + SilcUInt8 src_id_len, dst_id_len, src_id_type, dst_id_type; int len, ret; SILC_LOG_DEBUG(("Parsing incoming packet")); - /* Check the length of the buffer */ - if (buffer->len < SILC_PACKET_MIN_LEN) { - SILC_LOG_ERROR(("Bad packet length: %d, packet dropped", buffer->len)); - return SILC_PACKET_NONE; - } - - /* Parse the buffer. This parses the SILC header of the packet. */ - len = silc_buffer_unformat(buffer, - SILC_STR_UI_SHORT(&ctx->truelen), - SILC_STR_UI_CHAR(&ctx->flags), - SILC_STR_UI_CHAR(&ctx->type), - SILC_STR_UI_CHAR(&ctx->padlen), - SILC_STR_UI_CHAR(&tmp), - SILC_STR_UI_CHAR(&ctx->src_id_len), - SILC_STR_UI_CHAR(&ctx->dst_id_len), - SILC_STR_UI_CHAR(&ctx->src_id_type), + /* Parse the buffer. This parses the SILC header of the packet. */ + len = silc_buffer_unformat(buffer, + SILC_STR_OFFSET(6), + SILC_STR_UI_CHAR(&src_id_len), + SILC_STR_UI_CHAR(&dst_id_len), + SILC_STR_UI_CHAR(&src_id_type), SILC_STR_END); - if (len == -1 || tmp != 0) { + if (len == -1) { SILC_LOG_ERROR(("Malformed packet header, packet dropped")); - return SILC_PACKET_NONE; + return FALSE; } - if (ctx->src_id_len > SILC_PACKET_MAX_ID_LEN || - ctx->dst_id_len > SILC_PACKET_MAX_ID_LEN) { + if (src_id_len > SILC_PACKET_MAX_ID_LEN || + dst_id_len > SILC_PACKET_MAX_ID_LEN) { SILC_LOG_ERROR(("Bad ID lengths in packet (%d and %d)", - ctx->src_id_len, ctx->dst_id_len)); - return SILC_PACKET_NONE; + packet->src_id_len, packet->dst_id_len)); + return FALSE; } - silc_buffer_pull(buffer, len); - ret = silc_buffer_unformat(buffer, - SILC_STR_UI_XNSTRING_ALLOC(&ctx->src_id, - ctx->src_id_len), - SILC_STR_UI_CHAR(&ctx->dst_id_type), - SILC_STR_UI_XNSTRING_ALLOC(&ctx->dst_id, - ctx->dst_id_len), - SILC_STR_UI_XNSTRING(NULL, ctx->padlen), + ret = silc_buffer_unformat(buffer, + SILC_STR_OFFSET(len), + SILC_STR_UI_XNSTRING(&packet->src_id, + src_id_len), + SILC_STR_UI_CHAR(&dst_id_type), + SILC_STR_UI_XNSTRING(&packet->dst_id, + dst_id_len), + SILC_STR_OFFSET(padlen), SILC_STR_END); if (ret == -1) { SILC_LOG_ERROR(("Malformed packet header, packet dropped")); - return SILC_PACKET_NONE; + return FALSE; } - silc_buffer_push(buffer, len); + if (src_id_type > SILC_ID_CHANNEL || + dst_id_type > SILC_ID_CHANNEL) { + SILC_LOG_ERROR(("Bad ID types in packet (%d and %d)", + src_id_type, dst_id_type)); + return FALSE; + } - SILC_LOG_HEXDUMP(("parsed packet, len %d", ctx->buffer->len), - ctx->buffer->data, ctx->buffer->len); + packet->src_id_len = src_id_len; + packet->dst_id_len = dst_id_len; + packet->src_id_type = src_id_type; + packet->dst_id_type = dst_id_type; - /* Pull SILC header and padding from packet */ + SILC_LOG_HEXDUMP(("Parsed packet, len %d", silc_buffer_len(buffer)), + buffer->data, silc_buffer_len(buffer)); + + /* Pull SILC header and padding from packet to get the data payload */ silc_buffer_pull(buffer, SILC_PACKET_HEADER_LEN + - ctx->src_id_len + ctx->dst_id_len + ctx->padlen); + packet->src_id_len + packet->dst_id_len + padlen); - SILC_LOG_DEBUG(("Incoming packet type: %d", ctx->type)); + SILC_LOG_DEBUG(("Incoming packet type: %d (%s)", packet->type, + silc_get_packet_name(packet->type))); - return ctx->type; + return TRUE; } -/* Allocate packet context */ +/* Dispatch packet to application */ -SilcPacketContext *silc_packet_context_alloc(void) +static void silc_packet_dispatch(SilcPacket packet) { - SilcPacketContext *ctx = silc_calloc(1, sizeof(*ctx)); - ctx->users++; - return ctx; -} + SilcPacketStream stream = packet->stream; + SilcPacketProcess p; + SilcBool default_sent = FALSE; + SilcPacketType *pt; + + /* Parse the packet */ + if (!silc_packet_parse(packet)) { + SILC_PACKET_CALLBACK_ERROR(stream, SILC_PACKET_ERR_MALFORMED); + silc_packet_free(packet); + return; + } -/* Increse the reference count of the packet context. */ + /* Dispatch packet to all packet processors that want it */ -SilcPacketContext *silc_packet_context_dup(SilcPacketContext *ctx) -{ - ctx->users++; - SILC_LOG_DEBUG(("Packet context %p refcnt %d->%d", ctx, ctx->users - 1, - ctx->users)); - return ctx; + if (!stream->process) { + /* Send to default processor as no others exist */ + SILC_LOG_DEBUG(("Dispatching packet to default callbacks")); + if (!stream->engine->callbacks-> + packet_receive(stream->engine, stream, packet, + stream->engine->callback_context, + stream->stream_context)) + silc_packet_free(packet); + return; + } + + silc_dlist_start(stream->process); + while ((p = silc_dlist_get(stream->process)) != SILC_LIST_END) { + + /* If priority is 0 or less, we send to default processor first + because default processor has 0 priority */ + if (!default_sent && p->priority <= 0) { + SILC_LOG_DEBUG(("Dispatching packet to default callbacks")); + default_sent = TRUE; + if (stream->engine->callbacks-> + packet_receive(stream->engine, stream, packet, + stream->engine->callback_context, + stream->stream_context)) { + return; + } + } + + /* Send to processor */ + if (!p->types) { + /* Send all packet types */ + SILC_LOG_DEBUG(("Dispatching packet to %p callbacks", p->callbacks)); + if (p->callbacks->packet_receive(stream->engine, stream, packet, + p->callback_context, + stream->stream_context)) + return; + } else { + /* Send specific types */ + for (pt = p->types; *pt; pt++) + if (*pt == packet->type) { + SILC_LOG_DEBUG(("Dispatching packet to %p callbacks", + p->callbacks)); + if (p->callbacks->packet_receive(stream->engine, stream, packet, + p->callback_context, + stream->stream_context)) + return; + break; + } + } + } + + if (!default_sent) { + /* Send to default processor as it has not been sent yet */ + SILC_LOG_DEBUG(("Dispatching packet to default callbacks")); + if (stream->engine->callbacks-> + packet_receive(stream->engine, stream, packet, + stream->engine->callback_context, + stream->stream_context)) + return; + } + + /* If we got here, no one wanted the packet, so drop it */ + silc_packet_free(packet); } -/* Decrese the reference count of the packet context and free it only if - it is zero. */ +/* Process incoming data and parse packets. */ -void silc_packet_context_free(SilcPacketContext *ctx) +static void silc_packet_read_process(SilcPacketStream stream) { - ctx->users--; - SILC_LOG_DEBUG(("Packet context %p refcnt %d->%d", ctx, ctx->users + 1, - ctx->users)); - if (ctx->users < 1) - { - if (ctx->buffer) - silc_buffer_free(ctx->buffer); - if (ctx->src_id) - silc_free(ctx->src_id); - if (ctx->dst_id) - silc_free(ctx->dst_id); - silc_free(ctx); + SilcPacket packet; + SilcUInt16 packetlen; + SilcUInt32 paddedlen, mac_len, block_len; + unsigned char tmp[SILC_PACKET_MIN_HEADER_LEN], *header; + unsigned char iv[SILC_CIPHER_MAX_IV_SIZE]; + SilcBool normal = TRUE; + int ret; + + /* Parse the packets from the data */ + while (silc_buffer_len(&stream->inbuf) > 0) { + + if (silc_buffer_len(&stream->inbuf) < SILC_PACKET_MIN_HEADER_LEN) { + SILC_LOG_DEBUG(("Partial packet in queue, waiting for the rest")); + return; + } + + if (stream->receive_hmac) + mac_len = silc_hmac_len(stream->receive_hmac); + else + mac_len = 0; + + /* Decrypt first block of the packet to get the length field out */ + if (stream->receive_key) { + block_len = silc_cipher_get_block_len(stream->receive_key); + memcpy(iv, silc_cipher_get_iv(stream->receive_key), block_len); + silc_cipher_decrypt(stream->receive_key, stream->inbuf.data, + tmp, block_len, iv); + header = tmp; + } else { + block_len = SILC_PACKET_MIN_HEADER_LEN; + header = stream->inbuf.data; + } + + /* Get packet length and full packet length with padding */ + SILC_PACKET_LENGTH(header, packetlen, paddedlen); + + /* Sanity checks */ + if (packetlen < SILC_PACKET_MIN_LEN) { + SILC_LOG_ERROR(("Received too short packet")); + SILC_PACKET_CALLBACK_ERROR(stream, SILC_PACKET_ERR_MALFORMED); + memset(tmp, 0, sizeof(tmp)); + silc_buffer_reset(&stream->inbuf); + return; + } + + if (silc_buffer_len(&stream->inbuf) < paddedlen + mac_len) { + SILC_LOG_DEBUG(("Received partial packet, waiting for the rest " + "(%d bytes)", + paddedlen + mac_len - silc_buffer_len(&stream->inbuf))); + memset(tmp, 0, sizeof(tmp)); + return; + } + + /* Check MAC of the packet */ + if (!silc_packet_check_mac(stream->receive_hmac, stream->inbuf.data, + paddedlen, stream->inbuf.data + paddedlen, + stream->receive_psn)) { + SILC_PACKET_CALLBACK_ERROR(stream, SILC_PACKET_ERR_MAC_FAILED); + memset(tmp, 0, sizeof(tmp)); + silc_buffer_reset(&stream->inbuf); + return; } + + /* Get packet */ + packet = silc_packet_alloc(stream->engine); + if (!packet) { + SILC_PACKET_CALLBACK_ERROR(stream, SILC_PACKET_ERR_NO_MEMORY); + memset(tmp, 0, sizeof(tmp)); + silc_buffer_reset(&stream->inbuf); + return; + } + + /* Allocate more space to packet buffer, if needed */ + if (silc_buffer_truelen(&packet->buffer) < paddedlen) { + if (!silc_buffer_realloc(&packet->buffer, + silc_buffer_truelen(&packet->buffer) + + (paddedlen - + silc_buffer_truelen(&packet->buffer)))) { + SILC_PACKET_CALLBACK_ERROR(stream, SILC_PACKET_ERR_NO_MEMORY); + silc_packet_free(packet); + memset(tmp, 0, sizeof(tmp)); + silc_buffer_reset(&stream->inbuf); + return; + } + } + + /* Parse packet header */ + packet->flags = (SilcPacketFlags)header[2]; + packet->type = (SilcPacketType)header[3]; + + if (stream->engine->local_is_router) { + if (packet->type == SILC_PACKET_PRIVATE_MESSAGE && + (packet->flags & SILC_PACKET_FLAG_PRIVMSG_KEY)) + normal = FALSE; + else if (packet->type != SILC_PACKET_CHANNEL_MESSAGE || + (packet->type == SILC_PACKET_CHANNEL_MESSAGE && + stream->is_router == TRUE)) + normal = TRUE; + } else { + if (packet->type == SILC_PACKET_PRIVATE_MESSAGE && + (packet->flags & SILC_PACKET_FLAG_PRIVMSG_KEY)) + normal = FALSE; + else if (packet->type != SILC_PACKET_CHANNEL_MESSAGE) + normal = TRUE; + } + + SILC_LOG_HEXDUMP(("Incoming packet (%d) len %d", + stream->receive_psn, paddedlen + mac_len), + stream->inbuf.data, paddedlen + mac_len); + + /* Put the decrypted part, and rest of the encrypted data, and decrypt */ + silc_buffer_pull_tail(&packet->buffer, paddedlen); + silc_buffer_put(&packet->buffer, header, block_len); + silc_buffer_pull(&packet->buffer, block_len); + silc_buffer_put(&packet->buffer, stream->inbuf.data + block_len, + paddedlen - block_len); + if (stream->receive_key) { + silc_cipher_set_iv(stream->receive_key, iv); + ret = silc_packet_decrypt(stream->receive_key, stream->receive_hmac, + stream->receive_psn, &packet->buffer, normal); + if (ret < 0) { + SILC_PACKET_CALLBACK_ERROR(stream, SILC_PACKET_ERR_DECRYPTION_FAILED); + silc_packet_free(packet); + memset(tmp, 0, sizeof(tmp)); + return; + } + + stream->receive_psn++; + } + silc_buffer_push(&packet->buffer, block_len); + + /* Pull the packet from inbuf thus we'll get the next one in the inbuf. */ + silc_buffer_pull(&stream->inbuf, paddedlen + mac_len); + + /* Dispatch the packet to application */ + packet->stream = stream; + silc_packet_dispatch(packet); + } + + silc_buffer_reset(&stream->inbuf); }