X-Git-Url: http://git.silcnet.org/gitweb/?p=silc.git;a=blobdiff_plain;f=lib%2Fsilccore%2Fsilcpacket.c;h=070662f290503847125c13c4ddd06995c72ab4bf;hp=a9ce5639d33f2546a140e67fe25a573f1592e5c3;hb=0f0340b9fbce9704cc7171f8f0104ce9103d2de6;hpb=d60003d3019371d4ce834a6cbfbf41c257f5a5f7 diff --git a/lib/silccore/silcpacket.c b/lib/silccore/silcpacket.c index a9ce5639..070662f2 100644 --- a/lib/silccore/silcpacket.c +++ b/lib/silccore/silcpacket.c @@ -23,469 +23,733 @@ #include "silcincludes.h" -/****************************************************************************** +/* Packet engine */ +struct SilcPacketEngineStruct { + SilcSchedule schedule; /* Application's scheduler */ + SilcRng rng; /* RNG for engine */ + SilcPacketCallbacks *callbacks; /* Packet callbacks */ + void *callback_context; /* Context for callbacks */ + SilcDList streams; /* All streams in engine */ + SilcList packet_pool; /* Free list for received packets */ + SilcMutex lock; /* Engine lock */ + bool local_is_router; +}; + +/* Packet stream */ +struct SilcPacketStreamStruct { + SilcPacketEngine engine; /* Packet engine */ + SilcStream stream; /* Underlaying stream */ + SilcHashTable streamers; /* Valid if streamers exist */ + void *app_context; /* Applicationn context */ + SilcPacketCallbacks *callbacks; /* Callbacks or NULL */ + void *callback_context; + SilcBufferStruct inbuf; /* In buffer */ + SilcBufferStruct outbuf; /* Out buffer */ + SilcUInt32 send_psn; /* Sending sequence */ + SilcCipher send_key; /* Sending key */ + SilcHmac send_hmac; /* Sending HMAC */ + SilcUInt32 receive_psn; /* Receiving sequence */ + SilcCipher receive_key; /* Receiving key */ + SilcHmac receive_hmac; /* Receiving HMAC */ + unsigned char *src_id; /* Source ID */ + unsigned char *dst_id; /* Destination ID */ + unsigned int src_id_len : 6; + unsigned int src_id_type : 2; + unsigned int dst_id_len : 6; + unsigned int dst_id_type : 2; + SilcUInt8 refcnt; /* Reference counter */ +}; + +/* Initial size of stream buffers */ +#define SILC_PACKET_DEFAULT_SIZE 1024 + +/* Header length without source and destination ID's. */ +#define SILC_PACKET_HEADER_LEN 10 + +/* Minimum length of SILC Packet Header. This much is decrypted always + when packet is received to be able to get all the relevant data out + from the header. */ +#define SILC_PACKET_MIN_HEADER_LEN 16 + +/* Maximum padding length */ +#define SILC_PACKET_MAX_PADLEN 128 + +/* Default padding length */ +#define SILC_PACKET_DEFAULT_PADLEN 16 + +/* Minimum packet length */ +#define SILC_PACKET_MIN_LEN (SILC_PACKET_HEADER_LEN + 1) + + +/* Macros */ + +/* Returns true length of the packet. */ +#define SILC_PACKET_LENGTH(__packetdata, __ret_truelen, __ret_paddedlen) \ +do { \ + SILC_GET16_MSB((__ret_truelen), (__packetdata)); \ + (__ret_paddedlen) = (__ret_truelen) + (SilcUInt8)(__packetdata)[4]; \ +} while(0) + +/* Calculates the data length with given header length. This macro + can be used to check whether the data_len with header_len exceeds + SILC_PACKET_MAX_LEN. If it does, this returns the new data_len + so that the SILC_PACKET_MAX_LEN is not exceeded. If the data_len + plus header_len fits SILC_PACKET_MAX_LEN the returned data length + is the data_len given as argument. */ +#define SILC_PACKET_DATALEN(data_len, header_len) \ + ((data_len + header_len) > SILC_PACKET_MAX_LEN ? \ + data_len - ((data_len + header_len) - SILC_PACKET_MAX_LEN) : data_len) + +/* Calculates the length of the padding in the packet. */ +#define SILC_PACKET_PADLEN(__packetlen, __blocklen, __padlen) \ +do { \ + __padlen = (SILC_PACKET_DEFAULT_PADLEN - (__packetlen) % \ + ((__blocklen) ? (__blocklen) : SILC_PACKET_DEFAULT_PADLEN)); \ + if (__padlen < 8) \ + __padlen += ((__blocklen) ? (__blocklen) : SILC_PACKET_DEFAULT_PADLEN); \ +} while(0) + +/* Returns the length of the padding up to the maximum length, which + is 128 bytes.*/ +#define SILC_PACKET_PADLEN_MAX(__packetlen, __blocklen, __padlen) \ +do { \ + __padlen = (SILC_PACKET_MAX_PADLEN - (__packetlen) % \ + ((__blocklen) ? (__blocklen) : SILC_PACKET_DEFAULT_PADLEN)); \ +} while(0) + +static void silc_packet_stream_io(SilcStream stream, SilcStreamStatus status, + void *context); + +/* Receive packet callback */ +#define SILC_PACKET_CALLBACK_PACKET(s, p) \ +do { \ + if ((s)->callbacks && (s)->callbacks->packet_receive) \ + (s)->callbacks->packet_receive((s)->engine, s, p, \ + (s)->callback_context, \ + (s)->app_context); \ + else \ + (s)->engine->callbacks->packet_receive((s)->engine, s, p, \ + (s)->callback_context, \ + (s)->app_context); \ +} while(0) + +/* EOS callback */ +#define SILC_PACKET_CALLBACK_EOS(s) \ +do { \ + if ((s)->callbacks && (s)->callbacks->eos) \ + (s)->callbacks->eos((s)->engine, stream, (s)->callback_context, \ + (s)->app_context); \ + else \ + (s)->engine->callbacks->eos((s)->engine, s, \ + (s)->callback_context, \ + (s)->app_context); \ +} while(0) + +/* Error callback */ +#define SILC_PACKET_CALLBACK_ERROR(s, err) \ +do { \ + if ((s)->callbacks && (s)->callbacks->error) \ + (s)->callbacks->error((s)->engine, s, err, (s)->callback_context, \ + (s)->app_context); \ + else \ + (s)->engine->callbacks->error((s)->engine, s, err, \ + (s)->callback_context, \ + (s)->app_context); \ +} while(0) + +static SilcPacket silc_packet_alloc(SilcPacketEngine engine); +static void silc_packet_read_process(SilcPacketStream stream); + + +/* Allocate new packet engine */ + +SilcPacketEngine +silc_packet_engine_start(SilcSchedule schedule, SilcRng rng, bool router, + SilcPacketCallbacks *callbacks, + void *callback_context) +{ + SilcPacketEngine engine; + SilcPacket packet; + int i; + void *tmp; + + SILC_LOG_DEBUG(("Starting new packet engine")); + + if (!schedule || !callbacks) + return NULL; + if (!callbacks->packet_receive || !callbacks->eos || !callbacks->error) + return NULL; - Packet Sending Routines + engine = silc_calloc(1, sizeof(*engine)); + if (!engine) + return NULL; -******************************************************************************/ + engine->rng = rng; + engine->local_is_router = router; + engine->callbacks = callbacks; + engine->callback_context = callback_context; + engine->streams = silc_dlist_init(); + silc_mutex_alloc(&engine->lock); + + /* Allocate packet free list */ + silc_list_init(engine->packet_pool, struct SilcPacketStruct, next); + for (i = 0; i < 5; i++) { + packet = silc_calloc(1, sizeof(*packet)); + if (!packet) + return NULL; + + tmp = silc_malloc(SILC_PACKET_DEFAULT_SIZE); + if (!tmp) + return NULL; + silc_buffer_set(&packet->buffer, tmp, SILC_PACKET_DEFAULT_SIZE); + + silc_list_add(engine->packet_pool, packet); + } + silc_list_start(engine->packet_pool); -/* Actually sends the packet. This flushes the connections outgoing data - buffer. If data is sent directly to the network this returns the bytes - written, if error occured this returns -1 and if the data could not - be written directly to the network at this time this returns -2, in - which case the data should be queued by the caller and sent at some - later time. If `force_send' is TRUE this attempts to write the data - directly to the network, if FALSE, this returns -2. */ + return engine; +} -int silc_packet_send(SilcSocketConnection sock, bool force_send) +/* Stop packet engine */ + +void silc_packet_engine_stop(SilcPacketEngine engine) { - SILC_LOG_DEBUG(("Sending packet to %s:%d [%s]", sock->hostname, - sock->port, - (sock->type == SILC_SOCKET_TYPE_UNKNOWN ? "Unknown" : - sock->type == SILC_SOCKET_TYPE_CLIENT ? "Client" : - sock->type == SILC_SOCKET_TYPE_SERVER ? "Server" : - "Router"))); - /* Send now if forced to do so */ - if (force_send == TRUE) { - int ret; + SILC_LOG_DEBUG(("Stopping packet engine")); - SILC_LOG_DEBUG(("Forcing packet send, packet sent immediately")); + if (!engine) + return; - /* Write to network */ - ret = silc_socket_write(sock); + /* XXX */ - if (ret == -1) { - SILC_LOG_ERROR(("Error sending packet to %s:%d [%s], dropped: %s", - sock->hostname ? sock->hostname : "", sock->port, - (sock->type == SILC_SOCKET_TYPE_UNKNOWN ? "Unknown" : - sock->type == SILC_SOCKET_TYPE_CLIENT ? "Client" : - sock->type == SILC_SOCKET_TYPE_SERVER ? "Server" : - "Router"), strerror(errno))); - } - if (ret != -2) - return ret; + silc_free(engine); +} - SILC_LOG_DEBUG(("Could not force the send, packet put to queue")); - } +/* Create new packet stream */ + +SilcPacketStream silc_packet_stream_create(SilcPacketEngine engine, + SilcStream stream) +{ + SilcPacketStream ps; + void *tmp; - SILC_LOG_DEBUG(("Packet in queue")); + SILC_LOG_DEBUG(("Creating new packet stream")); + + if (!engine || !stream) + return NULL; + + ps = silc_calloc(1, sizeof(*ps)); + if (!ps) + return NULL; - return -2; + ps->engine = engine; + ps->stream = stream; + ps->refcnt++; + + /* Allocate buffers */ + tmp = silc_malloc(SILC_PACKET_DEFAULT_SIZE); + if (!tmp) + return NULL; + silc_buffer_set(&ps->inbuf, tmp, SILC_PACKET_DEFAULT_SIZE); + tmp = silc_malloc(SILC_PACKET_DEFAULT_SIZE); + if (!tmp) + return NULL; + silc_buffer_set(&ps->outbuf, tmp, SILC_PACKET_DEFAULT_SIZE); + + /* Set IO notifier callback */ + silc_stream_set_notifier(ps->stream, silc_packet_stream_io, ps); + + /* Add to engine */ + silc_mutex_lock(engine->lock); + silc_dlist_add(engine->streams, ps); + silc_mutex_unlock(engine->lock); + + return ps; } -/* Encrypts a packet. This also creates HMAC of the packet before - encryption and adds the HMAC at the end of the buffer. This assumes - that there is enough free space at the end of the buffer to add the - computed HMAC. This is the normal way of encrypting packets, if some - other process of HMAC computing and encryption is needed this function - cannot be used. */ +/* Destroy packet stream */ -void silc_packet_encrypt(SilcCipher cipher, SilcHmac hmac, SilcUInt32 sequence, - SilcBuffer buffer, SilcUInt32 len) +void silc_packet_stream_destroy(SilcPacketStream stream) { + if (!stream) + return; + if (stream->refcnt > 1) + return; - /* Encrypt the data area of the packet. */ - if (cipher) { - SILC_LOG_DEBUG(("Encrypting packet (%d), cipher %s, len %d", - sequence, silc_cipher_get_name(cipher), len)); - silc_cipher_encrypt(cipher, buffer->data, buffer->data, len, NULL); - } + SILC_LOG_DEBUG(("Destroying packet stream %p", stream)); - /* Compute HMAC. This assumes that MAC is computed from the entire - data area thus this uses the length found in buffer, not the length - sent as argument. */ - if (hmac) { - unsigned char mac[32], psn[4]; - SilcUInt32 mac_len; + /* Delete from engine */ + silc_mutex_lock(stream->engine->lock); + silc_dlist_del(stream->engine->streams, stream); + silc_mutex_unlock(stream->engine->lock); - silc_hmac_init(hmac); - SILC_PUT32_MSB(sequence, psn); - silc_hmac_update(hmac, psn, 4); - silc_hmac_update(hmac, buffer->data, buffer->len); - silc_hmac_final(hmac, mac, &mac_len); + /* Clear and free buffers */ + silc_buffer_clear(&stream->inbuf); + silc_buffer_clear(&stream->outbuf); + silc_free(silc_buffer_steal(&stream->inbuf, NULL)); + silc_free(silc_buffer_steal(&stream->outbuf, NULL)); - /* Put MAC and pull the it into the visible data area in the buffer */ - silc_buffer_put_tail(buffer, mac, mac_len); - silc_buffer_pull_tail(buffer, mac_len); - } + /* XXX */ + + silc_free(stream); } -/* Assembles a new packet to be ready for send out. */ -bool silc_packet_assemble(SilcPacketContext *packet, SilcRng rng, - SilcCipher cipher, SilcHmac hmac, - SilcSocketConnection sock, - const unsigned char *data, SilcUInt32 data_len, - const SilcBuffer assembled_packet) +/* Set new packet callbacks for stream */ + +void silc_packet_stream_callbacks(SilcPacketStream stream, + SilcPacketCallbacks *callbacks, + void *callback_context) { - unsigned char tmppad[SILC_PACKET_MAX_PADLEN]; - unsigned int block_len = cipher ? silc_cipher_get_block_len(cipher) : 0; - int i, ret; + stream->callbacks = callbacks; + stream->callback_context = callback_context; +} - SILC_LOG_DEBUG(("Assembling outgoing packet")); +/* Reference packet stream */ - /* Calculate the packet's length and padding length if upper layer - didn't already do it. */ +void silc_packet_stream_ref(SilcPacketStream stream) +{ + stream->refcnt++; +} - /* Get the true length of the packet. This is saved as payload length - into the packet header. This does not include the length of the - padding. */ - if (!packet->truelen) { - data_len = SILC_PACKET_DATALEN(data_len, SILC_PACKET_HEADER_LEN + - packet->src_id_len + packet->dst_id_len); - packet->truelen = data_len + SILC_PACKET_HEADER_LEN + - packet->src_id_len + packet->dst_id_len; - } +/* Unreference packet stream */ - /* Calculate the length of the padding. The padding is calculated from - the data that will be encrypted. */ - if (!packet->padlen) { - if (packet->long_pad) - SILC_PACKET_PADLEN_MAX(packet->truelen, block_len, packet->padlen); - else - SILC_PACKET_PADLEN(packet->truelen, block_len, packet->padlen); - } +void silc_packet_stream_unref(SilcPacketStream stream) +{ + stream->refcnt--; + if (stream->refcnt == 0) + silc_packet_stream_destroy(stream); +} - /* Now prepare the outgoing data buffer for packet sending and start - assembling the packet. */ +/* Set application context for packet stream */ - /* Return pointer to the assembled packet */ - if (!silc_packet_send_prepare(sock, packet->truelen - data_len, - packet->padlen, data_len, hmac, - assembled_packet)) - return FALSE; +void silc_packet_set_context(SilcPacketStream stream, void *app_context) +{ + stream->app_context = app_context; +} - /* Get random padding */ - if (rng) - for (i = 0; i < packet->padlen; i++) tmppad[i] = - silc_rng_get_byte_fast(rng); - else - for (i = 0; i < packet->padlen; i++) tmppad[i] = - silc_rng_global_get_byte_fast(); +/* Return application context from packet stream */ - /* Create the packet. This creates the SILC header, adds padding, and - the actual packet data. */ - ret = - silc_buffer_format(assembled_packet, - SILC_STR_UI_SHORT(packet->truelen), - SILC_STR_UI_CHAR(packet->flags), - SILC_STR_UI_CHAR(packet->type), - SILC_STR_UI_CHAR(packet->padlen), - SILC_STR_UI_CHAR(0), - SILC_STR_UI_CHAR(packet->src_id_len), - SILC_STR_UI_CHAR(packet->dst_id_len), - SILC_STR_UI_CHAR(packet->src_id_type), - SILC_STR_UI_XNSTRING(packet->src_id, - packet->src_id_len), - SILC_STR_UI_CHAR(packet->dst_id_type), - SILC_STR_UI_XNSTRING(packet->dst_id, - packet->dst_id_len), - SILC_STR_UI_XNSTRING(tmppad, packet->padlen), - SILC_STR_UI_XNSTRING(data, data_len), - SILC_STR_END); - if (ret < 0) +void *silc_packet_get_context(SilcPacketStream stream) +{ + return stream->app_context; +} + +/* Set ciphers for packet stream */ + +void silc_packet_set_ciphers(SilcPacketStream stream, SilcCipher send, + SilcCipher receive) +{ + SILC_LOG_DEBUG(("Setting new ciphers to packet stream")); + stream->send_key = send; + stream->receive_key = receive; +} + +/* Return current ciphers from packet stream */ + +bool silc_packet_get_ciphers(SilcPacketStream stream, SilcCipher *send, + SilcCipher *receive) +{ + if (!stream->send_key && !stream->receive_key) return FALSE; - SILC_LOG_HEXDUMP(("Assembled packet, len %d", assembled_packet->len), - assembled_packet->data, assembled_packet->len); + if (send) + *send = stream->send_key; + if (receive) + *receive = stream->receive_key; return TRUE; } -/* Prepare outgoing data buffer for packet sending. This moves the data - area so that new packet may be added into it. If needed this allocates - more space to the buffer. This handles directly the connection's - outgoing buffer in SilcSocketConnection object, and returns the - pointer to that buffer into the `packet'. */ +/* Set HMACs for packet stream */ -bool silc_packet_send_prepare(SilcSocketConnection sock, - SilcUInt32 header_len, - SilcUInt32 pad_len, - SilcUInt32 data_len, - SilcHmac hmac, - const SilcBuffer packet) +void silc_packet_set_hmacs(SilcPacketStream stream, SilcHmac send, + SilcHmac receive) { - SilcUInt32 totlen; - unsigned char *oldptr; - unsigned int mac_len = hmac ? silc_hmac_len(hmac) : 0; + SILC_LOG_DEBUG(("Setting new HMACs to packet stream")); + stream->send_hmac = send; + stream->receive_hmac = receive; +} - if (!packet) +/* Return current HMACs from packet stream */ + +bool silc_packet_get_hmacs(SilcPacketStream stream, SilcHmac *send, + SilcHmac *receive) +{ + if (!stream->send_hmac && !stream->receive_hmac) return FALSE; - totlen = header_len + pad_len + data_len; + if (send) + *send = stream->send_hmac; + if (receive) + *receive = stream->receive_hmac; - /* Prepare the outgoing buffer for packet sending. */ - if (!sock->outbuf) { - /* Allocate new buffer. This is done only once per connection. */ - SILC_LOG_DEBUG(("Allocating outgoing data buffer")); + return TRUE; +} - sock->outbuf = silc_buffer_alloc(totlen > SILC_PACKET_DEFAULT_SIZE ? - totlen : SILC_PACKET_DEFAULT_SIZE); - if (!sock->outbuf) +/* Set SILC IDs to packet stream */ + +bool silc_packet_set_ids(SilcPacketStream stream, + SilcIdType src_id_type, const void *src_id, + SilcIdType dst_id_type, const void *dst_id) +{ + SilcUInt32 len; + + if (!src_id && !dst_id) + return FALSE; + + SILC_LOG_DEBUG(("Setting new IDs to packet stream")); + + if (src_id) { + silc_free(stream->src_id); + stream->src_id = silc_id_id2str(src_id, src_id_type, &len); + if (!stream->src_id) return FALSE; - } else { - if (!SILC_IS_OUTBUF_PENDING(sock)) { - /* Buffer is free for use */ - silc_buffer_clear(sock->outbuf); - } + stream->src_id_type = src_id_type; + stream->src_id_len = len; } - /* Allocate more space if needed */ - if ((sock->outbuf->end - sock->outbuf->tail) < (totlen + mac_len)) { - SILC_LOG_DEBUG(("Reallocating outgoing data buffer")); - sock->outbuf = silc_buffer_realloc(sock->outbuf, - sock->outbuf->truelen + (totlen * 2)); - if (!sock->outbuf) + if (dst_id) { + silc_free(stream->dst_id); + stream->dst_id = silc_id_id2str(dst_id, dst_id_type, &len); + if (!stream->dst_id) return FALSE; + stream->dst_id_type = dst_id_type; + stream->dst_id_len = len; } - /* Pull data area for the new packet, and return pointer to the start of - the data area and save the pointer in to the `packet'. */ - oldptr = silc_buffer_pull_tail(sock->outbuf, totlen + mac_len); - silc_buffer_set(packet, oldptr, totlen + mac_len); - silc_buffer_push_tail(packet, mac_len); - return TRUE; } -/****************************************************************************** - - Packet Reception Routines - -******************************************************************************/ +/* Prepare outgoing data buffer for packet sending. Returns the + pointer to that buffer into the `packet'. */ -static int silc_packet_decrypt(SilcCipher cipher, SilcHmac hmac, - SilcUInt32 sequence, SilcBuffer buffer, - bool normal); -static bool silc_packet_check_mac(SilcHmac hmac, - const unsigned char *data, - SilcUInt32 data_len, - const unsigned char *packet_mac, - SilcUInt32 sequence); +static bool silc_packet_send_prepare(SilcPacketStream stream, + SilcUInt32 totlen, + SilcHmac hmac, + const SilcBuffer packet) +{ + unsigned char *oldptr; + unsigned int mac_len = hmac ? silc_hmac_len(hmac) : 0; -/* Receives packet from network and reads the data into connection's - incoming data buffer. If the data was read directly this returns the - read bytes, if error occured this returns -1, if the data could not - be read directly at this time this returns -2 in which case the data - should be read again at some later time, or If EOF occured this returns - 0. */ + totlen += mac_len; -int silc_packet_receive(SilcSocketConnection sock) -{ - int ret; + /* If head is empty, the buffer is free for our use (no pending data) */ + if (!silc_buffer_headlen(&stream->outbuf)) + silc_buffer_reset(&stream->outbuf); - SILC_LOG_DEBUG(("Receiving packet from %s:%d [%s]", sock->hostname, - sock->port, - (sock->type == SILC_SOCKET_TYPE_UNKNOWN ? "Unknown" : - sock->type == SILC_SOCKET_TYPE_CLIENT ? "Client" : - sock->type == SILC_SOCKET_TYPE_SERVER ? "Server" : - "Router"))); + /* Allocate more space if needed */ + if (silc_buffer_taillen(&stream->outbuf) < totlen) { + if (!silc_buffer_realloc(&stream->outbuf, + silc_buffer_truelen(&stream->outbuf) + totlen)) + return FALSE; + } - /* Read some data from connection */ - ret = silc_socket_read(sock); + /* Pull data area for the new packet, and return pointer to the start of + the data area and save the pointer in to the `packet'. MAC is pulled + later after it's computed. */ + oldptr = silc_buffer_pull_tail(&stream->outbuf, totlen - mac_len); + silc_buffer_set(packet, oldptr, totlen); - return ret; + return TRUE; } -/* Processes and decrypts the incmoing data, and calls parser callback - for each received packet that will handle the actual packet parsing. - If more than one packet was received this calls the parser multiple - times. The parser callback will get context SilcPacketParserContext - that includes the packet and the `parser_context' sent to this - function. - - The `local_is_router' indicates whether the caller is router server - in which case the receiving process of a certain packet types may - be special. Normal server and client must set it to FALSE. The - SilcPacketParserContext will indicate also whether the received - packet was normal or special packet. */ - -bool silc_packet_receive_process(SilcSocketConnection sock, - bool local_is_router, - SilcCipher cipher, SilcHmac hmac, - SilcUInt32 sequence, - SilcPacketParserCallback parser, - void *parser_context) + +/* Internal routine to send packet */ + +static bool silc_packet_send_raw(SilcPacketStream stream, + SilcPacketType type, + SilcPacketFlags flags, + SilcIdType src_id_type, + unsigned char *src_id, + SilcUInt32 src_id_len, + SilcIdType dst_id_type, + unsigned char *dst_id, + SilcUInt32 dst_id_len, + const unsigned char *data, + SilcUInt32 data_len, + SilcCipher cipher, + SilcHmac hmac) { - SilcPacketParserContext *parse_ctx; - SilcUInt16 packetlen; - SilcUInt32 paddedlen, mac_len = 0, block_len; - int ret; - bool cont = TRUE; - unsigned char tmp[SILC_PACKET_MIN_HEADER_LEN], *header; - unsigned char iv[SILC_CIPHER_MAX_IV_SIZE]; + unsigned char tmppad[SILC_PACKET_MAX_PADLEN]; + int block_len = (cipher ? silc_cipher_get_block_len(cipher) : 0); + int i, enclen, truelen, padlen; + const SilcBufferStruct packet; - /* Do not process for disconnected connection */ - if (SILC_IS_DISCONNECTING(sock) || SILC_IS_DISCONNECTED(sock)) - return TRUE; + SILC_LOG_DEBUG(("Sending packet %s (%d) flags %d, src %d dst %d," + "data len %d", silc_get_packet_name(type), stream->send_psn, + flags, src_id_type, dst_id_type, data_len)); - if (sock->inbuf->len < SILC_PACKET_MIN_HEADER_LEN) - return TRUE; + /* Get the true length of the packet. This is saved as payload length + into the packet header. This does not include the length of the + padding. */ + data_len = SILC_PACKET_DATALEN(data_len, (SILC_PACKET_HEADER_LEN + + src_id_len + dst_id_len)); + enclen = truelen = (data_len + SILC_PACKET_HEADER_LEN + + src_id_len + dst_id_len); + + /* We automatically figure out the packet structure from the packet + type and flags, and calculate correct length. Private messages with + private keys and channel messages are special packets as their + payload is encrypted already. */ + if ((type == SILC_PACKET_PRIVATE_MESSAGE && + flags & SILC_PACKET_FLAG_PRIVMSG_KEY) || + type == SILC_PACKET_CHANNEL_MESSAGE) { + + /* Padding is calculated from header + IDs */ + SILC_PACKET_PADLEN((SILC_PACKET_HEADER_LEN + + src_id_len + + dst_id_len), block_len, padlen); + + /* Length to encrypt, header + IDs + padding. */ + enclen = SILC_PACKET_HEADER_LEN + src_id_len + dst_id_len + padlen; + } else { - if (hmac) - mac_len = silc_hmac_len(hmac); + /* Padding is calculated from true length of the packet */ + if (flags & SILC_PACKET_FLAG_LONG_PAD) + SILC_PACKET_PADLEN_MAX(truelen, block_len, padlen); + else + SILC_PACKET_PADLEN(truelen, block_len, padlen); + } - /* Parse the packets from the data */ - silc_socket_dup(sock); - while (sock->inbuf->len > 0 && cont) { + /* Remove implementation specific flags */ + flags &= ~(SILC_PACKET_FLAG_LONG_PAD); - if (sock->inbuf->len < SILC_PACKET_MIN_HEADER_LEN) { - SILC_LOG_DEBUG(("Partial packet in queue, waiting for the rest")); - silc_socket_free(sock); - return TRUE; - } + /* Get packet pointer from the outgoing buffer */ + if (!silc_packet_send_prepare(stream, truelen + padlen, hmac, &packet)) + return FALSE; - /* Decrypt first block of the packet to get the length field out */ - if (cipher) { - block_len = silc_cipher_get_block_len(cipher); - memcpy(iv, silc_cipher_get_iv(cipher), block_len); - silc_cipher_decrypt(cipher, sock->inbuf->data, tmp, block_len, iv); - header = tmp; - } else { - block_len = SILC_PACKET_MIN_HEADER_LEN; - header = sock->inbuf->data; - } + /* Get random padding */ + if (stream->engine->rng) + for (i = 0; i < padlen; i++) tmppad[i] = + silc_rng_get_byte_fast(stream->engine->rng); + else + for (i = 0; i < padlen; i++) tmppad[i] = + silc_rng_global_get_byte_fast(); - /* Get packet lenght and full packet length with padding */ - SILC_PACKET_LENGTH(header, packetlen, paddedlen); + /* Create the packet. This creates the SILC header, adds padding, and + the actual packet data. */ + i = silc_buffer_format(&packet, + SILC_STR_UI_SHORT(truelen), + SILC_STR_UI_CHAR(flags), + SILC_STR_UI_CHAR(type), + SILC_STR_UI_CHAR(padlen), + SILC_STR_UI_CHAR(0), + SILC_STR_UI_CHAR(src_id_len), + SILC_STR_UI_CHAR(dst_id_len), + SILC_STR_UI_CHAR(src_id_type), + SILC_STR_UI_XNSTRING(src_id, src_id_len), + SILC_STR_UI_CHAR(dst_id_type), + SILC_STR_UI_XNSTRING(dst_id, dst_id_len), + SILC_STR_UI_XNSTRING(tmppad, padlen), + SILC_STR_UI_XNSTRING(data, data_len), + SILC_STR_END); + if (i < 0) + return FALSE; - /* Sanity checks */ - if (packetlen < SILC_PACKET_MIN_LEN) { - SILC_LOG_ERROR(("Received too short packet")); - memset(header, 0, sizeof(header)); - silc_buffer_clear(sock->inbuf); - silc_socket_free(sock); + SILC_LOG_HEXDUMP(("Assembled packet, len %d", silc_buffer_len(&packet)), + packet.data, silc_buffer_len(&packet)); + + /* Encrypt the packet */ + if (cipher) + if (!silc_cipher_encrypt(cipher, packet.data, packet.data, enclen, NULL)) { + SILC_LOG_ERROR(("Packet encryption failed")); return FALSE; } - if (sock->inbuf->len < paddedlen + mac_len) { - SILC_LOG_DEBUG(("Received partial packet, waiting for the rest " - "(%d bytes)", paddedlen + mac_len - sock->inbuf->len)); - SILC_SET_INBUF_PENDING(sock); - memset(tmp, 0, sizeof(tmp)); - silc_socket_free(sock); - return TRUE; - } + /* Compute HMAC */ + if (hmac) { + unsigned char mac[32], psn[4]; + SilcUInt32 mac_len; - /* Check MAC of the packet */ - if (!silc_packet_check_mac(hmac, sock->inbuf->data, paddedlen, - sock->inbuf->data + paddedlen, sequence)) { - SILC_LOG_WARNING(("Packet MAC check failed %s:%d " - "[%s type %d len %dB blen %dB seq %d] [%s] proto %d", - sock->hostname, sock->port, - silc_get_packet_name(header[3]), - header[3], paddedlen, sock->inbuf->len, sequence, - (sock->type == SILC_SOCKET_TYPE_UNKNOWN ? "Unknown" : - sock->type == SILC_SOCKET_TYPE_CLIENT ? "Client" : - sock->type == SILC_SOCKET_TYPE_SERVER ? "Server" : - "Router"), - sock->protocol ? sock->protocol->protocol->type : -1)); - memset(tmp, 0, sizeof(tmp)); - silc_buffer_clear(sock->inbuf); - silc_socket_free(sock); + /* MAC is computed from the entire encrypted packet data, and put + to the end of the packet. */ + silc_hmac_init(hmac); + SILC_PUT32_MSB(stream->send_psn, psn); + silc_hmac_update(hmac, psn, 4); + silc_hmac_update(hmac, packet.data, silc_buffer_len(&packet)); + silc_hmac_final(hmac, packet.tail, &mac_len); + silc_buffer_pull_tail(&packet, mac_len); + stream->send_psn++; + } + + /* Write the packet to the stream */ + while (silc_buffer_len(&packet) > 0) { + i = silc_stream_write(stream->stream, packet.data, + silc_buffer_len(&packet)); + if (i == 0) { + /* EOS */ + SILC_PACKET_CALLBACK_EOS(stream); + silc_buffer_reset(&stream->outbuf); return FALSE; } - SILC_UNSET_INBUF_PENDING(sock); - parse_ctx = silc_calloc(1, sizeof(*parse_ctx)); - if (!parse_ctx) { - silc_socket_free(sock); + if (i == -2) { + /* Error */ + SILC_PACKET_CALLBACK_ERROR(stream, SILC_PACKET_ERR_WRITE); + silc_buffer_reset(&stream->outbuf); return FALSE; } - parse_ctx->packet = silc_packet_context_alloc(); - parse_ctx->packet->buffer = silc_buffer_alloc_size(paddedlen); - parse_ctx->packet->type = (SilcPacketType)header[3]; - parse_ctx->packet->padlen = (SilcUInt8)header[4]; - parse_ctx->packet->sequence = sequence++; - parse_ctx->sock = sock; - parse_ctx->context = parser_context; - - /* Check whether this is normal or special packet */ - if (local_is_router) { - if (header[3] == SILC_PACKET_PRIVATE_MESSAGE && - (header[2] & SILC_PACKET_FLAG_PRIVMSG_KEY)) - parse_ctx->normal = FALSE; - else if (header[3] != SILC_PACKET_CHANNEL_MESSAGE || - (header[3] == SILC_PACKET_CHANNEL_MESSAGE && - sock->type == SILC_SOCKET_TYPE_ROUTER)) - parse_ctx->normal = TRUE; - } else { - if (header[3] == SILC_PACKET_PRIVATE_MESSAGE && - (header[2] & SILC_PACKET_FLAG_PRIVMSG_KEY)) - parse_ctx->normal = FALSE; - else if (header[3] != SILC_PACKET_CHANNEL_MESSAGE) - parse_ctx->normal = TRUE; + + if (i == -1) { + /* Cannot write now, write later. */ + silc_buffer_pull(&packet, silc_buffer_len(&packet)); + return TRUE; } - SILC_LOG_HEXDUMP(("Incoming packet (%d) len %d", - sequence - 1, paddedlen + mac_len), - sock->inbuf->data, paddedlen + mac_len); + /* Wrote data */ + silc_buffer_pull(&packet, i); + } - /* Put the decrypted part, and rest of the encrypted data, and decrypt */ - silc_buffer_put(parse_ctx->packet->buffer, header, block_len); - silc_buffer_pull(parse_ctx->packet->buffer, block_len); - silc_buffer_put(parse_ctx->packet->buffer, sock->inbuf->data + block_len, - paddedlen - block_len); - if (cipher) { - silc_cipher_set_iv(cipher, iv); - ret = silc_packet_decrypt(cipher, hmac, parse_ctx->packet->sequence, - parse_ctx->packet->buffer, - parse_ctx->normal); - if (ret < 0) { - SILC_LOG_WARNING(("Packet decryption failed %s:%d [%s] [%s]", - sock->hostname, sock->port, - silc_get_packet_name(parse_ctx->packet->type), - (sock->type == SILC_SOCKET_TYPE_UNKNOWN ? "Unknown" : - sock->type == SILC_SOCKET_TYPE_CLIENT ? "Client" : - sock->type == SILC_SOCKET_TYPE_SERVER ? "Server" : - "Router"))); - memset(tmp, 0, sizeof(tmp)); - silc_packet_context_free(parse_ctx->packet); - silc_free(parse_ctx); - silc_socket_free(sock); - return FALSE; + return TRUE; +} + +/* Sends a packet */ + +bool silc_packet_send(SilcPacketStream stream, + SilcPacketType type, SilcPacketFlags flags, + const unsigned char *data, SilcUInt32 data_len) +{ + return silc_packet_send_raw(stream, type, flags, + stream->src_id_type, + stream->src_id, + stream->src_id_len, + stream->dst_id_type, + stream->dst_id, + stream->dst_id_len, + data, data_len, + stream->send_key, + stream->send_hmac); +} + +/* Sends a packet, extended routine */ + +bool silc_packet_send_ext(SilcPacketStream stream, + SilcPacketType type, SilcPacketFlags flags, + SilcIdType src_id_type, void *src_id, + SilcIdType dst_id_type, void *dst_id, + const unsigned char *data, SilcUInt32 data_len, + SilcCipher cipher, SilcHmac hmac) +{ + bool ret; + unsigned char *src_id_data = NULL, *dst_id_data = NULL; + SilcUInt32 src_id_len, dst_id_len; + + /* XXX non-allocating id2str needed! */ + + if (src_id) + src_id_data = silc_id_id2str(src_id, src_id_type, &src_id_len); + if (src_id) + dst_id_data = silc_id_id2str(dst_id, dst_id_type, &dst_id_len); + + ret = silc_packet_send_raw(stream, type, flags, + src_id_type, + src_id_data, + src_id_len, + dst_id_type, + dst_id_data, + dst_id_len, + data, data_len, + cipher, + hmac); + + silc_free(src_id_data); + silc_free(dst_id_data); + + return ret; +} + +/* Our stream IO notifier callback. */ + +static void silc_packet_stream_io(SilcStream stream, SilcStreamStatus status, + void *context) +{ + SilcPacketStream ps = context; + int ret; + + switch (status) { + + case SILC_STREAM_CAN_WRITE: + if (!silc_buffer_headlen(&ps->outbuf)) + return; + + SILC_LOG_DEBUG(("Writing pending data to stream")); + + /* Write pending data to stream */ + silc_buffer_push(&ps->outbuf, silc_buffer_headlen(&ps->outbuf)); + while (silc_buffer_len(&ps->outbuf) > 0) { + ret = silc_stream_write(ps->stream, ps->outbuf.data, + silc_buffer_len(&ps->outbuf)); + if (ret == 0) { + /* EOS */ + SILC_PACKET_CALLBACK_EOS(ps); + silc_buffer_reset(&ps->outbuf); + return; } + + if (ret == -2) { + /* Error */ + SILC_PACKET_CALLBACK_ERROR(ps, SILC_PACKET_ERR_WRITE); + silc_buffer_reset(&ps->outbuf); + return; + } + + if (ret == -1) { + /* Cannot write now, write later. */ + silc_buffer_pull(&ps->outbuf, silc_buffer_len(&ps->outbuf)); + return; + } + + /* Wrote data */ + silc_buffer_pull(&ps->outbuf, ret); } - silc_buffer_push(parse_ctx->packet->buffer, block_len); - SILC_LOG_HEXDUMP(("Fully decrypted packet, len %d", - parse_ctx->packet->buffer->len), - parse_ctx->packet->buffer->data, - parse_ctx->packet->buffer->len); + break; - /* Pull the packet from inbuf thus we'll get the next one - in the inbuf. */ - silc_buffer_pull(sock->inbuf, paddedlen + mac_len); + case SILC_STREAM_CAN_READ: + SILC_LOG_DEBUG(("Reading data from stream")); - /* Call the parser */ - cont = (*parser)(parse_ctx, parser_context); + /* Make sure we have fair amount of free space in inbuf */ + if (silc_buffer_taillen(&ps->inbuf) < SILC_PACKET_DEFAULT_SIZE) + if (!silc_buffer_realloc(&ps->inbuf, silc_buffer_truelen(&ps->inbuf) + + SILC_PACKET_DEFAULT_SIZE * 2)) + return; - /* See if socket disconnected while parsing the packet */ - if (SILC_IS_DISCONNECTING(sock) || SILC_IS_DISCONNECTED(sock)) { - SILC_LOG_DEBUG(("Abandoning packet processing, socket disconnected")); - cont = FALSE; + /* Read data from stream */ + ret = silc_stream_read(ps->stream, &ps->inbuf.tail, + silc_buffer_taillen(&ps->inbuf)); + + if (ret == 0) { + /* EOS */ + SILC_PACKET_CALLBACK_EOS(ps); + silc_buffer_reset(&ps->inbuf); + return; } - memset(tmp, 0, sizeof(tmp)); - } + if (ret == -2) { + /* Error */ + SILC_PACKET_CALLBACK_ERROR(ps, SILC_PACKET_ERR_READ); + silc_buffer_reset(&ps->inbuf); + return; + } - /* Don't clear buffer if pending data is in the buffer */ - if (cont == FALSE && sock->inbuf->len > 0) { - silc_socket_free(sock); - return TRUE; - } + if (ret == -1) { + /* Cannot read now, do it later. */ + silc_buffer_pull(&ps->inbuf, silc_buffer_len(&ps->inbuf)); + return; + } - /* Don't clear buffer if QoS data exists in the buffer */ - if (sock->qos && sock->qos->data_len > 0) { - silc_socket_free(sock); - return TRUE; - } + /* Read some data */ + silc_buffer_pull_tail(&ps->inbuf, ret); - SILC_LOG_DEBUG(("Clearing inbound buffer")); - silc_buffer_clear(sock->inbuf); - silc_socket_free(sock); - return TRUE; + /* Now process the data */ + silc_packet_read_process(ps); + + break; + + default: + break; + } } /* Checks MAC in the packet. Returns TRUE if MAC is Ok. */ @@ -512,7 +776,7 @@ static bool silc_packet_check_mac(SilcHmac hmac, /* Compare the MAC's */ if (memcmp(packet_mac, mac, mac_len)) { - SILC_LOG_ERROR(("MAC failed")); + SILC_LOG_DEBUG(("MAC failed")); return FALSE; } @@ -529,17 +793,13 @@ static int silc_packet_decrypt(SilcCipher cipher, SilcHmac hmac, SilcUInt32 sequence, SilcBuffer buffer, bool normal) { - /* If the packet type is not any special type lets decrypt rest - of the packet here. */ if (normal == TRUE) { if (cipher) { /* Decrypt rest of the packet */ SILC_LOG_DEBUG(("Decrypting the packet")); if (!silc_cipher_decrypt(cipher, buffer->data, buffer->data, - buffer->len, NULL)) { - SILC_LOG_ERROR(("silc_cipher_decrypt failed")); + silc_buffer_len(buffer), NULL)) return -1; - } } return 0; @@ -551,7 +811,7 @@ static int silc_packet_decrypt(SilcCipher cipher, SilcHmac hmac, SILC_LOG_DEBUG(("Decrypting the header")); - /* padding length + src id len + dst id len + header length - 16 + /* Padding length + src id len + dst id len + header length - 16 bytes already decrypted, gives the rest of the encrypted packet */ silc_buffer_push(buffer, block_len); len = (((SilcUInt8)buffer->data[4] + (SilcUInt8)buffer->data[6] + @@ -559,16 +819,14 @@ static int silc_packet_decrypt(SilcCipher cipher, SilcHmac hmac, block_len); silc_buffer_pull(buffer, block_len); - if (len > buffer->len) { + if (len > silc_buffer_len(buffer)) { SILC_LOG_ERROR(("Garbage in header of packet, bad packet length, " "packet dropped")); return -1; } if (!silc_cipher_decrypt(cipher, buffer->data, buffer->data, - len, NULL)) { - SILC_LOG_ERROR(("silc_cipher_decrypt failed")); + len, NULL)) return -1; - } } return 1; @@ -577,206 +835,284 @@ static int silc_packet_decrypt(SilcCipher cipher, SilcHmac hmac, /* Parses the packet. This is called when a whole packet is ready to be parsed. The buffer sent must be already decrypted before calling this - function. The len argument must be the true length of the packet. This - function returns the type of the packet. The data section of the - buffer is parsed, not head or tail sections. */ + function. */ -SilcPacketType silc_packet_parse(SilcPacketContext *ctx, SilcCipher cipher) +static bool silc_packet_parse(SilcPacketStream stream, SilcPacket packet) { - SilcBuffer buffer = ctx->buffer; - SilcUInt8 tmp; + SilcBuffer buffer = &packet->buffer; + SilcUInt8 padlen = (SilcUInt8)buffer->data[4]; + SilcUInt8 src_id_len, dst_id_len, src_id_type, dst_id_type; int len, ret; - SilcUInt8 src_id_len, src_id_type, dst_id_len, dst_id_type, padlen; SILC_LOG_DEBUG(("Parsing incoming packet")); - /* Check the length of the buffer */ - if (buffer->len < SILC_PACKET_MIN_LEN) { - SILC_LOG_ERROR(("Bad packet length: %d, packet dropped", buffer->len)); - return SILC_PACKET_NONE; - } - - /* Parse the buffer. This parses the SILC header of the packet. */ + /* Parse the buffer. This parses the SILC header of the packet. */ len = silc_buffer_unformat(buffer, - SILC_STR_UI_SHORT(&ctx->truelen), - SILC_STR_UI_CHAR(&ctx->flags), - SILC_STR_UI_CHAR(&ctx->type), - SILC_STR_UI_CHAR(&padlen), - SILC_STR_UI_CHAR(&tmp), + SILC_STR_OFFSET(6), SILC_STR_UI_CHAR(&src_id_len), SILC_STR_UI_CHAR(&dst_id_len), SILC_STR_UI_CHAR(&src_id_type), SILC_STR_END); - if (len == -1 || tmp != 0) - return SILC_PACKET_NONE; + if (len == -1) { + SILC_LOG_ERROR(("Malformed packet header, packet dropped")); + return FALSE; + } if (src_id_len > SILC_PACKET_MAX_ID_LEN || dst_id_len > SILC_PACKET_MAX_ID_LEN) { SILC_LOG_ERROR(("Bad ID lengths in packet (%d and %d)", - src_id_len, dst_id_len)); - return SILC_PACKET_NONE; + packet->src_id_len, packet->dst_id_len)); + return FALSE; } - silc_buffer_pull(buffer, len); ret = silc_buffer_unformat(buffer, - SILC_STR_UI_XNSTRING_ALLOC(&ctx->src_id, - src_id_len), + SILC_STR_OFFSET(len), + SILC_STR_UI_XNSTRING(&packet->src_id, + src_id_len), SILC_STR_UI_CHAR(&dst_id_type), - SILC_STR_UI_XNSTRING_ALLOC(&ctx->dst_id, - dst_id_len), - SILC_STR_UI_XNSTRING(NULL, padlen), + SILC_STR_UI_XNSTRING(&packet->dst_id, + dst_id_len), + SILC_STR_OFFSET(padlen), SILC_STR_END); - if (ret == -1) - return SILC_PACKET_NONE; + if (ret == -1) { + SILC_LOG_ERROR(("Malformed packet header, packet dropped")); + return FALSE; + } - if (src_id_type > SILC_ID_CHANNEL || dst_id_type > SILC_ID_CHANNEL) { + if (src_id_type > SILC_ID_CHANNEL || + dst_id_type > SILC_ID_CHANNEL) { SILC_LOG_ERROR(("Bad ID types in packet (%d and %d)", - src_id_type, dst_id_type)); - return SILC_PACKET_NONE; + src_id_type, dst_id_type)); + return FALSE; } - ctx->src_id_len = src_id_len; - ctx->dst_id_len = dst_id_len; - ctx->src_id_type = src_id_type; - ctx->dst_id_type = dst_id_type; - ctx->padlen = padlen; - - silc_buffer_push(buffer, len); + packet->src_id_len = src_id_len; + packet->dst_id_len = dst_id_len; + packet->src_id_type = src_id_type; + packet->dst_id_type = dst_id_type; - SILC_LOG_HEXDUMP(("parsed packet, len %d", ctx->buffer->len), - ctx->buffer->data, ctx->buffer->len); + SILC_LOG_HEXDUMP(("Parsed packet, len %d", silc_buffer_len(buffer)), + buffer->data, silc_buffer_len(buffer)); - /* Pull SILC header and padding from packet */ + /* Pull SILC header and padding from packet to get the data payload */ silc_buffer_pull(buffer, SILC_PACKET_HEADER_LEN + - ctx->src_id_len + ctx->dst_id_len + ctx->padlen); + packet->src_id_len + packet->dst_id_len + padlen); - SILC_LOG_DEBUG(("Incoming packet type: %d", ctx->type)); + SILC_LOG_DEBUG(("Incoming packet type: %d", packet->type)); - return ctx->type; + return TRUE; } -/* Perform special SILC Packet header parsing. This is required to some - packet types that have the data payload encrypted with different key - than the header area plus padding of the packet. Hence, this parses - the header in a way that it does not take the data area into account - and parses the header and padding area only. */ +/* Process incoming data and parse packets. */ -SilcPacketType silc_packet_parse_special(SilcPacketContext *ctx, - SilcCipher cipher) +static void silc_packet_read_process(SilcPacketStream stream) { - SilcBuffer buffer = ctx->buffer; - SilcUInt8 tmp; - int len, ret; - SilcUInt8 src_id_len, src_id_type, dst_id_len, dst_id_type, padlen; + SilcPacket packet; + SilcUInt16 packetlen; + SilcUInt32 paddedlen, mac_len, block_len; + unsigned char tmp[SILC_PACKET_MIN_HEADER_LEN], *header; + unsigned char iv[SILC_CIPHER_MAX_IV_SIZE]; + bool normal = TRUE; + int ret; - SILC_LOG_DEBUG(("Parsing incoming packet")); + /* Parse the packets from the data */ + while (silc_buffer_len(&stream->inbuf) > 0) { - /* Check the length of the buffer */ - if (buffer->len < SILC_PACKET_MIN_LEN) { - SILC_LOG_ERROR(("Bad packet length: %d, packet dropped", buffer->len)); - return SILC_PACKET_NONE; - } + if (silc_buffer_len(&stream->inbuf) < SILC_PACKET_MIN_HEADER_LEN) { + SILC_LOG_DEBUG(("Partial packet in queue, waiting for the rest")); + return; + } - /* Parse the buffer. This parses the SILC header of the packet. */ - len = silc_buffer_unformat(buffer, - SILC_STR_UI_SHORT(&ctx->truelen), - SILC_STR_UI_CHAR(&ctx->flags), - SILC_STR_UI_CHAR(&ctx->type), - SILC_STR_UI_CHAR(&padlen), - SILC_STR_UI_CHAR(&tmp), - SILC_STR_UI_CHAR(&src_id_len), - SILC_STR_UI_CHAR(&dst_id_len), - SILC_STR_UI_CHAR(&src_id_type), - SILC_STR_END); - if (len == -1 || tmp != 0) { - SILC_LOG_ERROR(("Malformed packet header, packet dropped")); - return SILC_PACKET_NONE; - } + if (stream->receive_hmac) + mac_len = silc_hmac_len(stream->receive_hmac); + else + mac_len = 0; - if (src_id_len > SILC_PACKET_MAX_ID_LEN || - dst_id_len > SILC_PACKET_MAX_ID_LEN) { - SILC_LOG_ERROR(("Bad ID lengths in packet (%d and %d)", - src_id_len, dst_id_len)); - return SILC_PACKET_NONE; - } + /* Decrypt first block of the packet to get the length field out */ + if (stream->receive_key) { + block_len = silc_cipher_get_block_len(stream->receive_key); + memcpy(iv, silc_cipher_get_iv(stream->receive_key), block_len); + silc_cipher_decrypt(stream->receive_key, stream->inbuf.data, + tmp, block_len, iv); + header = tmp; + } else { + block_len = SILC_PACKET_MIN_HEADER_LEN; + header = stream->inbuf.data; + } - silc_buffer_pull(buffer, len); - ret = silc_buffer_unformat(buffer, - SILC_STR_UI_XNSTRING_ALLOC(&ctx->src_id, - src_id_len), - SILC_STR_UI_CHAR(&dst_id_type), - SILC_STR_UI_XNSTRING_ALLOC(&ctx->dst_id, - dst_id_len), - SILC_STR_UI_XNSTRING(NULL, padlen), - SILC_STR_END); - if (ret == -1) { - SILC_LOG_ERROR(("Malformed packet header, packet dropped")); - return SILC_PACKET_NONE; - } + /* Get packet length and full packet length with padding */ + SILC_PACKET_LENGTH(header, packetlen, paddedlen); - if (src_id_type > SILC_ID_CHANNEL || dst_id_type > SILC_ID_CHANNEL) { - SILC_LOG_ERROR(("Bad ID types in packet (%d and %d)", - src_id_type, dst_id_type)); - return SILC_PACKET_NONE; + /* Sanity checks */ + if (packetlen < SILC_PACKET_MIN_LEN) { + SILC_LOG_ERROR(("Received too short packet")); + SILC_PACKET_CALLBACK_ERROR(stream, SILC_PACKET_ERR_MALFORMED); + memset(tmp, 0, sizeof(tmp)); + silc_buffer_reset(&stream->inbuf); + return; + } + + if (silc_buffer_len(&stream->inbuf) < paddedlen + mac_len) { + SILC_LOG_DEBUG(("Received partial packet, waiting for the rest " + "(%d bytes)", + paddedlen + mac_len - silc_buffer_len(&stream->inbuf))); + memset(tmp, 0, sizeof(tmp)); +/* silc_buffer_reset(&stream->inbuf); */ + return; + } + + /* Check MAC of the packet */ + if (!silc_packet_check_mac(stream->receive_hmac, stream->inbuf.data, + paddedlen, stream->inbuf.data + paddedlen, + stream->receive_psn)) { + SILC_PACKET_CALLBACK_ERROR(stream, SILC_PACKET_ERR_MAC_FAILED); + memset(tmp, 0, sizeof(tmp)); + silc_buffer_reset(&stream->inbuf); + return; + } + + /* Get packet */ + packet = silc_packet_alloc(stream->engine); + if (!packet) { + SILC_PACKET_CALLBACK_ERROR(stream, SILC_PACKET_ERR_NO_MEMORY); + memset(tmp, 0, sizeof(tmp)); + silc_buffer_reset(&stream->inbuf); + return; + } + + /* Allocate more space to packet buffer, if needed */ + if (silc_buffer_len(&packet->buffer) < paddedlen) { + if (!silc_buffer_realloc(&packet->buffer, + silc_buffer_truelen(&packet->buffer) + + (paddedlen - + silc_buffer_truelen(&packet->buffer)))) { + SILC_PACKET_CALLBACK_ERROR(stream, SILC_PACKET_ERR_NO_MEMORY); + memset(tmp, 0, sizeof(tmp)); + silc_buffer_reset(&stream->inbuf); + return; + } + } + + /* Parse packet header */ + packet->flags = (SilcPacketFlags)header[2]; + packet->type = (SilcPacketType)header[3]; + + if (stream->engine->local_is_router) { + if (packet->type == SILC_PACKET_PRIVATE_MESSAGE && + (packet->flags & SILC_PACKET_FLAG_PRIVMSG_KEY)) + normal = FALSE; + else if (packet->type != SILC_PACKET_CHANNEL_MESSAGE || + (packet->type == SILC_PACKET_CHANNEL_MESSAGE && + stream->engine->local_is_router == TRUE)) + normal = TRUE; + } else { + if (packet->type == SILC_PACKET_PRIVATE_MESSAGE && + (packet->flags & SILC_PACKET_FLAG_PRIVMSG_KEY)) + normal = FALSE; + else if (packet->type != SILC_PACKET_CHANNEL_MESSAGE) + normal = TRUE; + } + + SILC_LOG_HEXDUMP(("Incoming packet (%d) len %d", + stream->receive_psn, paddedlen + mac_len), + stream->inbuf.data, paddedlen + mac_len); + + /* Put the decrypted part, and rest of the encrypted data, and decrypt */ + silc_buffer_put(&packet->buffer, header, block_len); + silc_buffer_pull(&packet->buffer, block_len); + silc_buffer_put(&packet->buffer, stream->inbuf.data + block_len, + paddedlen - block_len); + if (stream->receive_key) { + silc_cipher_set_iv(stream->receive_key, iv); + ret = silc_packet_decrypt(stream->receive_key, stream->receive_hmac, + stream->receive_psn, &packet->buffer, normal); + if (ret < 0) { + SILC_PACKET_CALLBACK_ERROR(stream, SILC_PACKET_ERR_DECRYPTION_FAILED); + memset(tmp, 0, sizeof(tmp)); + return; + } + + stream->receive_psn++; + } + silc_buffer_push(&packet->buffer, block_len); + + /* Parse the packet */ + if (!silc_packet_parse(stream, packet)) { + SILC_PACKET_CALLBACK_ERROR(stream, SILC_PACKET_ERR_MALFORMED); + memset(tmp, 0, sizeof(tmp)); + return; + } + + /* Send the packet to application */ + SILC_PACKET_CALLBACK_PACKET(stream, packet); + + /* Pull the packet from inbuf thus we'll get the next one in the inbuf. */ + silc_buffer_pull(&stream->inbuf, paddedlen + mac_len); } - ctx->src_id_len = src_id_len; - ctx->dst_id_len = dst_id_len; - ctx->src_id_type = src_id_type; - ctx->dst_id_type = dst_id_type; - ctx->padlen = padlen; + SILC_LOG_DEBUG(("Resetting inbound buffer")); + silc_buffer_reset(&stream->inbuf); +} + +/* Allocate packet */ - silc_buffer_push(buffer, len); +SilcPacket silc_packet_alloc(SilcPacketEngine engine) +{ + SilcPacket packet; + + SILC_LOG_DEBUG(("Packet pool count %d", + silc_list_count(engine->packet_pool))); + + silc_mutex_lock(engine->lock); + + /* Get packet from freelist or allocate new one. */ + packet = silc_list_get(engine->packet_pool); + if (!packet) { + silc_mutex_unlock(engine->lock); + packet = silc_calloc(1, sizeof(*packet)); + if (!packet) + return NULL; + SILC_LOG_DEBUG(("Allocating new packet %p", packet)); + return packet; + } - SILC_LOG_HEXDUMP(("parsed packet, len %d", ctx->buffer->len), - ctx->buffer->data, ctx->buffer->len); + SILC_LOG_DEBUG(("Get packet %p", packet)); - /* Pull SILC header and padding from packet */ - silc_buffer_pull(buffer, SILC_PACKET_HEADER_LEN + - ctx->src_id_len + ctx->dst_id_len + ctx->padlen); + /* Delete from freelist */ + silc_list_del(engine->packet_pool, packet); - SILC_LOG_DEBUG(("Incoming packet type: %d", ctx->type)); + silc_mutex_unlock(engine->lock); - return ctx->type; + return packet; } -/* Allocate packet context */ +/* Free packet */ -SilcPacketContext *silc_packet_context_alloc(void) +void silc_packet_free(SilcPacketEngine engine, SilcPacket packet) { - SilcPacketContext *ctx = silc_calloc(1, sizeof(*ctx)); - if (!ctx) - return NULL; - ctx->users++; - return ctx; + SILC_LOG_DEBUG(("Freeing packet %p", packet)); + + silc_buffer_reset(&packet->buffer); + + /* Put the packet back to freelist */ + silc_mutex_lock(engine->lock); + silc_list_add(engine->packet_pool, packet); + silc_mutex_unlock(engine->lock); } -/* Increse the reference count of the packet context. */ +/* Creates streamer */ -SilcPacketContext *silc_packet_context_dup(SilcPacketContext *ctx) +SilcStream silc_packet_streamer_create(SilcPacketStream stream, + SilcPacketType packet_type, + SilcPacketFlags packet_flags) { - ctx->users++; - SILC_LOG_DEBUG(("Packet context %p refcnt %d->%d", ctx, ctx->users - 1, - ctx->users)); - return ctx; + /* XXX TODO */ + return NULL; } -/* Decrese the reference count of the packet context and free it only if - it is zero. */ +/* Destroyes streamer */ -void silc_packet_context_free(SilcPacketContext *ctx) +void silc_packet_streamer_destroy(SilcStream stream) { - ctx->users--; - SILC_LOG_DEBUG(("Packet context %p refcnt %d->%d", ctx, ctx->users + 1, - ctx->users)); - if (ctx->users < 1) - { - if (ctx->buffer) - silc_buffer_free(ctx->buffer); - if (ctx->src_id) - silc_free(ctx->src_id); - if (ctx->dst_id) - silc_free(ctx->dst_id); - silc_free(ctx); - } + }