AMajor/SoftEtherVPN
1
0
Fork 0
mirror of https://github.com/SoftEtherVPN/SoftEtherVPN.git synced 2025-07-08 00:34:57 +03:00
Code Releases Activity

Auto formatting with AStyle

Browse Source
This commit is contained in:
Evengard
2020-05-11 17:18:55 +03:00
parent 1d6a4d3ec8
commit f627b64264
8 changed files with 727 additions and 640 deletions
Download Patch File Download Diff File Expand all files Collapse all files

142
src/Cedar/IPC.c
View File

@ -37,7 +37,7 @@ bool ParseAndExtractMsChapV2InfoFromPassword(IPC_MSCHAP_V2_AUTHINFO *d, char *pa
b4 = StrToBin(t->Token[5]);
if (IsEmptyStr(t->Token[1]) == false && b1->Size == 16 && b2->Size == 16 && b3->Size == 24
&& b4->Size == 8)
&& b4->Size == 8)
{
UINT64 eap_client_ptr = 0;
@ -226,20 +226,20 @@ IPC *NewIPCByParam(CEDAR *cedar, IPC_PARAM *param, UINT *error_code)
}
ipc = NewIPC(cedar, param->ClientName, param->Postfix, param->HubName,
param->UserName, param->Password, error_code, &param->ClientIp,
param->ClientPort, &param->ServerIp, param->ServerPort,
param->ClientHostname, param->CryptName,
param->BridgeMode, param->Mss, NULL, param->ClientCertificate, param->Layer);
param->UserName, param->Password, error_code, &param->ClientIp,
param->ClientPort, &param->ServerIp, param->ServerPort,
param->ClientHostname, param->CryptName,
param->BridgeMode, param->Mss, NULL, param->ClientCertificate, param->Layer);
return ipc;
}
// Start a new IPC connection
IPC *NewIPC(CEDAR *cedar, char *client_name, char *postfix, char *hubname, char *username, char *password,
UINT *error_code, IP *client_ip, UINT client_port, IP *server_ip, UINT server_port,
char *client_hostname, char *crypt_name,
bool bridge_mode, UINT mss, EAP_CLIENT *eap_client, X *client_certificate,
UINT layer)
UINT *error_code, IP *client_ip, UINT client_port, IP *server_ip, UINT server_port,
char *client_hostname, char *crypt_name,
bool bridge_mode, UINT mss, EAP_CLIENT *eap_client, X *client_certificate,
UINT layer)
{
IPC *ipc;
UINT dummy_int = 0;
@ -444,7 +444,7 @@ IPC *NewIPC(CEDAR *cedar, char *client_name, char *postfix, char *hubname, char
}
if (ParseWelcomeFromPack(p, ipc->SessionName, sizeof(ipc->SessionName),
ipc->ConnectionName, sizeof(ipc->ConnectionName), &ipc->Policy) == false)
ipc->ConnectionName, sizeof(ipc->ConnectionName), &ipc->Policy) == false)
{
err = ERR_PROTOCOL_ERROR;
FreePack(p);
@ -591,7 +591,7 @@ void FreeIPC(IPC *ipc)
FreeInterruptManager(ipc->Interrupt);
for (i = 0;i < LIST_NUM(ipc->ArpTable);i++)
for (i = 0; i < LIST_NUM(ipc->ArpTable); i++)
{
IPC_ARP *a = LIST_DATA(ipc->ArpTable, i);
IPCFreeARP(a);
@ -937,7 +937,7 @@ DHCPV4_DATA *IPCSendDhcpRequest(IPC *ipc, IP *dest_ip, UINT tran_id, DHCP_OPTION
}
if (IsTubeConnected(ipc->Sock->RecvTube) == false || IsTubeConnected(ipc->Sock->SendTube) == false ||
(discon_poll_tube != NULL && IsTubeConnected(discon_poll_tube) == false))
(discon_poll_tube != NULL && IsTubeConnected(discon_poll_tube) == false))
{
// Session is disconnected
return NULL;
@ -1007,7 +1007,7 @@ BUF *IPCBuildDhcpRequest(IPC *ipc, IP *dest_ip, UINT tran_id, DHCP_OPTION_LIST *
Copy(((UCHAR *)(ph)) + sizeof(UDPV4_PSEUDO_HEADER), &dhcp, sizeof(dhcp));
Copy(((UCHAR *)(ph)) + sizeof(UDPV4_PSEUDO_HEADER) + sizeof(dhcp) + blank_size, &magic_number, sizeof(UINT));
Copy(((UCHAR *)(ph)) + sizeof(UDPV4_PSEUDO_HEADER) + sizeof(dhcp) + blank_size + sizeof(UINT),
b->Buf, b->Size);
b->Buf, b->Size);
// UDP Header
udp = (UDP_HEADER *)(((UCHAR *)ph) + 12);
@ -1223,7 +1223,7 @@ void IPCProcessArp(IPC *ipc, BLOCK *b)
void IPCAssociateOnArpTable(IPC *ipc, IP *ip, UCHAR *mac_address)
{
IPC_ARP *a;
// Validate arguments
// Validate arguments
if (ipc == NULL || ip == NULL || IsValidUnicastIPAddress4(ip) == false || IsMacUnicast(mac_address) == false)
{
return;
@ -1366,7 +1366,7 @@ void IPCProcessL3EventsEx(IPC *ipc, UINT64 now)
ok = true;
}
else if (ip_dst.addr[0] == 255 && ip_dst.addr[1] == 255 &&
ip_dst.addr[2] == 255 && ip_dst.addr[3] == 255)
ip_dst.addr[2] == 255 && ip_dst.addr[3] == 255)
{
ok = true;
}
@ -1404,13 +1404,13 @@ void IPCProcessL3EventsEx(IPC *ipc, UINT64 now)
}
else if (protocol == MAC_PROTO_IPV6)
{
PKT* p = ParsePacketUpToICMPv6(b->Buf, b->Size);
PKT *p = ParsePacketUpToICMPv6(b->Buf, b->Size);
if (p != NULL)
{
IP ip_src, ip_dst;
bool ndtProcessed = false;
UCHAR* data = Clone(p->L3.IPv6Header, p->L3.IPv6Header->PayloadLength + sizeof(IPV6_HEADER));
UCHAR *data = Clone(p->L3.IPv6Header, p->L3.IPv6Header->PayloadLength + sizeof(IPV6_HEADER));
IPv6AddrToIP(&ip_src, &p->IPv6HeaderPacketInfo.IPv6Header->SrcAddress);
IPv6AddrToIP(&ip_dst, &p->IPv6HeaderPacketInfo.IPv6Header->DestAddress);
@ -1602,7 +1602,7 @@ void IPCSendIPv4(IPC *ipc, void *data, UINT size)
UINT i;
// Destination
for (i = 0;i < 6;i++)
for (i = 0; i < 6; i++)
{
dest[i] = 0xff;
}
@ -1668,7 +1668,7 @@ void IPCFlushArpTableEx(IPC *ipc, UINT64 now)
now = Tick64();
}
for (i = 0;i < LIST_NUM(ipc->ArpTable);i++)
for (i = 0; i < LIST_NUM(ipc->ArpTable); i++)
{
IPC_ARP *a = LIST_DATA(ipc->ArpTable, i);
bool b = false;
@ -1695,7 +1695,7 @@ void IPCFlushArpTableEx(IPC *ipc, UINT64 now)
if (o != NULL)
{
for (i = 0;i < LIST_NUM(o);i++)
for (i = 0; i < LIST_NUM(o); i++)
{
IPC_ARP *a = LIST_DATA(o, i);
@ -1759,7 +1759,7 @@ void IPCSendIPv4Unicast(IPC *ipc, void *data, UINT size, IP *next_ip)
arp.SrcIP = IPToUINT(&ipc->ClientIPAddress);
arp.TargetIP = IPToUINT(next_ip);
for (i = 0;i < 6;i++)
for (i = 0; i < 6; i++)
{
tmp[i] = 0xff;
}
@ -1782,7 +1782,7 @@ void IPCSendIPv4Unicast(IPC *ipc, void *data, UINT size, IP *next_ip)
}
// Search the ARP table
IPC_ARP *IPCSearchArpTable(LIST* arpTable, IP *ip)
IPC_ARP *IPCSearchArpTable(LIST *arpTable, IP *ip)
{
IPC_ARP t;
IPC_ARP *a;
@ -1939,19 +1939,22 @@ BLOCK *IPCRecvL2(IPC *ipc)
// IPv6 stuff
// Memory management
void IPCIPv6Init(IPC* ipc)
void IPCIPv6Init(IPC *ipc)
{
ipc->IPv6ReceivedQueue = NewQueue();
// The NDT is basically the same as ARP Table with some slight adjustments
ipc->IPv6NeighborTable = NewList(IPCCmpArpTable);
ipc->IPv6RouterAdvs = NewList(NULL);
ipc->IPv6ClientEUI = 0;
ipc->IPv6ServerEUI = 0;
}
void IPCIPv6Free(IPC* ipc)
void IPCIPv6Free(IPC *ipc)
{
UINT i;
for (i = 0; i < LIST_NUM(ipc->IPv6NeighborTable); i++)
{
IPC_ARP* a = LIST_DATA(ipc->IPv6NeighborTable, i);
IPC_ARP *a = LIST_DATA(ipc->IPv6NeighborTable, i);
IPCFreeARP(a);
}
@ -1959,7 +1962,7 @@ void IPCIPv6Free(IPC* ipc)
for (i = 0; i < LIST_NUM(ipc->IPv6RouterAdvs); i++)
{
IPC_IPV6_ROUTER_ADVERTISEMENT* ra = LIST_DATA(ipc->IPv6RouterAdvs, i);
IPC_IPV6_ROUTER_ADVERTISEMENT *ra = LIST_DATA(ipc->IPv6RouterAdvs, i);
Free(ra);
}
@ -1967,7 +1970,7 @@ void IPCIPv6Free(IPC* ipc)
while (true)
{
BLOCK* b = GetNext(ipc->IPv6ReceivedQueue);
BLOCK *b = GetNext(ipc->IPv6ReceivedQueue);
if (b == NULL)
{
break;
@ -1980,17 +1983,17 @@ void IPCIPv6Free(IPC* ipc)
}
// NDT
void IPCIPv6AssociateOnNDT(IPC* ipc, IP* ip, UCHAR* mac_address)
void IPCIPv6AssociateOnNDT(IPC *ipc, IP *ip, UCHAR *mac_address)
{
IPCIPv6AssociateOnNDTEx(ipc, ip, mac_address, false);
}
void IPCIPv6AssociateOnNDTEx(IPC* ipc, IP* ip, UCHAR* mac_address, bool isNeighborAdv)
void IPCIPv6AssociateOnNDTEx(IPC *ipc, IP *ip, UCHAR *mac_address, bool isNeighborAdv)
{
IPC_ARP* a;
IPC_ARP *a;
UINT addrType = 0;
if (ipc == NULL || ip == NULL ||
IsValidUnicastIPAddress6(ip) == false ||
IsMacUnicast(mac_address) == false)
if (ipc == NULL || ip == NULL ||
IsValidUnicastIPAddress6(ip) == false ||
IsMacUnicast(mac_address) == false)
{
return;
}
@ -1998,7 +2001,7 @@ void IPCIPv6AssociateOnNDTEx(IPC* ipc, IP* ip, UCHAR* mac_address, bool isNeighb
addrType = GetIPAddrType6(ip);
if (addrType != IPV6_ADDR_LOCAL_UNICAST &&
addrType != IPV6_ADDR_GLOBAL_UNICAST)
addrType != IPV6_ADDR_GLOBAL_UNICAST)
{
return;
}
@ -2027,14 +2030,14 @@ void IPCIPv6AssociateOnNDTEx(IPC* ipc, IP* ip, UCHAR* mac_address, bool isNeighb
else
{
Copy(a->MacAddress, mac_address, 6);
if (a->Resolved == false)
{
a->Resolved = true;
a->GiveupTime = 0;
while (true)
{
BLOCK* b = GetNext(a->PacketQueue);
BLOCK *b = GetNext(a->PacketQueue);
if (b == NULL)
{
@ -2051,14 +2054,14 @@ void IPCIPv6AssociateOnNDTEx(IPC* ipc, IP* ip, UCHAR* mac_address, bool isNeighb
}
}
void IPCIPv6FlushNDT(IPC* ipc)
void IPCIPv6FlushNDT(IPC *ipc)
{
IPCIPv6FlushNDTEx(ipc, 0);
}
void IPCIPv6FlushNDTEx(IPC* ipc, UINT64 now)
void IPCIPv6FlushNDTEx(IPC *ipc, UINT64 now)
{
UINT i;
LIST* o = NULL;
LIST *o = NULL;
// Validate arguments
if (ipc == NULL)
{
@ -2071,7 +2074,7 @@ void IPCIPv6FlushNDTEx(IPC* ipc, UINT64 now)
for (i = 0; i < LIST_NUM(ipc->IPv6NeighborTable); i++)
{
IPC_ARP* a = LIST_DATA(ipc->IPv6NeighborTable, i);
IPC_ARP *a = LIST_DATA(ipc->IPv6NeighborTable, i);
bool b = false;
if (a->Resolved && a->ExpireTime <= now)
@ -2099,7 +2102,7 @@ void IPCIPv6FlushNDTEx(IPC* ipc, UINT64 now)
{
for (i = 0; i < LIST_NUM(o); i++)
{
IPC_ARP* a = LIST_DATA(o, i);
IPC_ARP *a = LIST_DATA(o, i);
IPCFreeARP(a);
@ -2110,14 +2113,24 @@ void IPCIPv6FlushNDTEx(IPC* ipc, UINT64 now)
}
}
bool IPCIPv6CheckExistingLinkLocal(IPC *ipc, IP *addr)
{
HUB t, *h;
IP_TABLE_ENTRY t, *e;
t.Name = ipc->HubName;
h = Search(ipc->Cedar->HubList, &t);
//h->IpTable
}
// RA
void IPCIPv6AddRouterPrefix(IPC* ipc, ICMPV6_OPTION_LIST* recvPrefix, UCHAR* macAddress, IP* ip)
void IPCIPv6AddRouterPrefix(IPC *ipc, ICMPV6_OPTION_LIST *recvPrefix, UCHAR *macAddress, IP *ip)
{
UINT i;
bool foundPrefix = false;
for (i = 0; i < LIST_NUM(ipc->IPv6RouterAdvs); i++)
{
IPC_IPV6_ROUTER_ADVERTISEMENT* existingRA = LIST_DATA(ipc->IPv6RouterAdvs, i);
IPC_IPV6_ROUTER_ADVERTISEMENT *existingRA = LIST_DATA(ipc->IPv6RouterAdvs, i);
if (Cmp(&recvPrefix->Prefix->Prefix, &existingRA->RoutedPrefix.ipv6_addr, sizeof(IPV6_ADDR)) == 0)
{
foundPrefix = true;
@ -2127,7 +2140,7 @@ void IPCIPv6AddRouterPrefix(IPC* ipc, ICMPV6_OPTION_LIST* recvPrefix, UCHAR* mac
if (!foundPrefix)
{
IPC_IPV6_ROUTER_ADVERTISEMENT* newRA = Malloc(sizeof(IPC_IPV6_ROUTER_ADVERTISEMENT));
IPC_IPV6_ROUTER_ADVERTISEMENT *newRA = Malloc(sizeof(IPC_IPV6_ROUTER_ADVERTISEMENT));
IPv6AddrToIP(&newRA->RoutedPrefix, &recvPrefix->Prefix->Prefix);
IntToSubnetMask6(&newRA->RoutedMask, recvPrefix->Prefix->SubnetLength);
CopyIP(&newRA->RouterAddress, ip);
@ -2137,14 +2150,14 @@ void IPCIPv6AddRouterPrefix(IPC* ipc, ICMPV6_OPTION_LIST* recvPrefix, UCHAR* mac
}
}
bool IPCIPv6CheckUnicastFromRouterPrefix(IPC* ipc, IP* ip, IPC_IPV6_ROUTER_ADVERTISEMENT* matchedRA)
bool IPCIPv6CheckUnicastFromRouterPrefix(IPC *ipc, IP *ip, IPC_IPV6_ROUTER_ADVERTISEMENT *matchedRA)
{
UINT i;
IPC_IPV6_ROUTER_ADVERTISEMENT* matchingRA = NULL;
IPC_IPV6_ROUTER_ADVERTISEMENT *matchingRA = NULL;
bool isInPrefix = false;
for (i = 0; i < LIST_NUM(ipc->IPv6RouterAdvs); i++)
{
IPC_IPV6_ROUTER_ADVERTISEMENT* ra = LIST_DATA(ipc->IPv6RouterAdvs, i);
IPC_IPV6_ROUTER_ADVERTISEMENT *ra = LIST_DATA(ipc->IPv6RouterAdvs, i);
isInPrefix = IsInSameNetwork6(ip, &ra->RoutedPrefix, &ra->RoutedMask);
if (isInPrefix)
{
@ -2162,7 +2175,7 @@ bool IPCIPv6CheckUnicastFromRouterPrefix(IPC* ipc, IP* ip, IPC_IPV6_ROUTER_ADVER
}
// Send router solicitation and then eventually populate the info from Router Advertisements
void IPCIPv6SendRouterSolicitation(IPC* ipc)
void IPCIPv6SendRouterSolicitation(IPC *ipc)
{
IP senderIP;
IP destIP;
@ -2170,7 +2183,7 @@ void IPCIPv6SendRouterSolicitation(IPC* ipc)
IPV6_ADDR linkLocal;
BUF *packet;
Zero(&linkLocal, sizeof(IPV6_ADDR));
// Generate link local from client's EUI
linkLocal.Value[0] = 0xFE;
linkLocal.Value[1] = 0x80;
@ -2202,12 +2215,19 @@ void IPCIPv6SendRouterSolicitation(IPC* ipc)
// The processing should populate the received RAs by itself
IPCProcessL3Events(ipc);
}
// Populating the IPv6 Server EUI for IPV6CP
if (LIST_NUM(ipc->IPv6RouterAdvs) > 0)
{
IPC_IPV6_ROUTER_ADVERTISEMENT *ra = LIST_DATA(ipc->IPv6RouterAdvs, 0);
ipc->IPv6ServerEUI = READ_UINT64(&ra->RouterAddress.ipv6_addr[8]);
}
}
// Data flow
BLOCK* IPCIPv6Recv(IPC* ipc)
BLOCK *IPCIPv6Recv(IPC *ipc)
{
BLOCK* b;
BLOCK *b;
// Validate arguments
if (ipc == NULL)
{
@ -2219,13 +2239,13 @@ BLOCK* IPCIPv6Recv(IPC* ipc)
return b;
}
void IPCIPv6Send(IPC* ipc, void* data, UINT size)
void IPCIPv6Send(IPC *ipc, void *data, UINT size)
{
IP destAddr;
UINT ipv6Type;
UCHAR destMac[6];
IPV6_HEADER* header = data;
IPV6_HEADER *header = data;
IPv6AddrToIP(&destAddr, &header->DestAddress);
if (IsValidUnicastIPAddress6(&destAddr))
@ -2254,7 +2274,7 @@ void IPCIPv6Send(IPC* ipc, void* data, UINT size)
}
}
void IPCIPv6SendWithDestMacAddr(IPC* ipc, void* data, UINT size, UCHAR* dest_mac_addr)
void IPCIPv6SendWithDestMacAddr(IPC *ipc, void *data, UINT size, UCHAR *dest_mac_addr)
{
UCHAR tmp[1514];
// Validate arguments
@ -2279,12 +2299,12 @@ void IPCIPv6SendWithDestMacAddr(IPC* ipc, void* data, UINT size, UCHAR* dest_mac
IPCSendL2(ipc, tmp, size + 14);
}
void IPCIPv6SendUnicast(IPC* ipc, void* data, UINT size, IP* next_ip)
void IPCIPv6SendUnicast(IPC *ipc, void *data, UINT size, IP *next_ip)
{
IPC_ARP* ndtMatch;
UCHAR* destMac = NULL;
IPC_ARP *ndtMatch;
UCHAR *destMac = NULL;
IPC_IPV6_ROUTER_ADVERTISEMENT ra;
IPV6_HEADER* header = data;
IPV6_HEADER *header = data;
IP srcIp;
bool isLocal = false;
// First we need to understand if it is a local packet or we should route it through the router
@ -2346,11 +2366,11 @@ void IPCIPv6SendUnicast(IPC* ipc, void* data, UINT size, IP* next_ip)
/// TODO: check if we need to manage NDT manually from here or the client will
/// TODO: send Neighbor Solicitations by itself and we just proxy them
CHAR tmp[MAX_SIZE];
BLOCK* blk = NewBlock(data, size, 0);
BLOCK *blk = NewBlock(data, size, 0);
InsertQueue(ndtMatch->PacketQueue, blk);
IPToStr6(tmp, MAX_SIZE, next_ip);
Debug("We can't send the packet because we don't have IP %s in NDT! Need to send Neighbor Solicitation first... Saving for later send.\n", tmp);
return;
}
destMac = ndtMatch->MacAddress;

43
src/Cedar/IPC.h
View File

@ -125,9 +125,9 @@ struct IPC
UINT Layer;
// IPv6 stuff
QUEUE* IPv6ReceivedQueue; // IPv6 reception queue
LIST* IPv6NeighborTable; // Neighbor Discovery Table
LIST* IPv6RouterAdvs; // Router offered prefixes
QUEUE *IPv6ReceivedQueue; // IPv6 reception queue
LIST *IPv6NeighborTable; // Neighbor Discovery Table
LIST *IPv6RouterAdvs; // Router offered prefixes
UINT64 IPv6ClientEUI; // The EUI of the client (for the SLAAC autoconf)
UINT64 IPv6ServerEUI; // The EUI of the server (from the RA discovery)
};
@ -152,10 +152,10 @@ struct IPC_IPV6_ROUTER_ADVERTISEMENT
};
IPC *NewIPC(CEDAR *cedar, char *client_name, char *postfix, char *hubname, char *username, char *password,
UINT *error_code, IP *client_ip, UINT client_port, IP *server_ip, UINT server_port,
char *client_hostname, char *crypt_name,
bool bridge_mode, UINT mss, EAP_CLIENT *eap_client, X *client_certificate,
UINT layer);
UINT *error_code, IP *client_ip, UINT client_port, IP *server_ip, UINT server_port,
char *client_hostname, char *crypt_name,
bool bridge_mode, UINT mss, EAP_CLIENT *eap_client, X *client_certificate,
UINT layer);
IPC *NewIPCByParam(CEDAR *cedar, IPC_PARAM *param, UINT *error_code);
IPC *NewIPCBySock(CEDAR *cedar, SOCK *s, void *mac_address);
void FreeIPC(IPC *ipc);
@ -173,7 +173,7 @@ IPC_ARP *IPCNewARP(IP *ip, UCHAR *mac_address);
void IPCFreeARP(IPC_ARP *a);
int IPCCmpArpTable(void *p1, void *p2);
void IPCSendIPv4Unicast(IPC *ipc, void *data, UINT size, IP *next_ip);
IPC_ARP *IPCSearchArpTable(LIST* arpTable, IP *ip);
IPC_ARP *IPCSearchArpTable(LIST *arpTable, IP *ip);
void IPCSendIPv4WithDestMacAddr(IPC *ipc, void *data, UINT size, UCHAR *dest_mac_addr);
void IPCFlushArpTable(IPC *ipc);
void IPCFlushArpTableEx(IPC *ipc, UINT64 now);
@ -195,22 +195,23 @@ void FreeIPCAsync(IPC_ASYNC *a);
// IPv6 stuff
// Memory management
void IPCIPv6Init(IPC* ipc);
void IPCIPv6Free(IPC* ipc);
void IPCIPv6Init(IPC *ipc);
void IPCIPv6Free(IPC *ipc);
// NDT
void IPCIPv6AssociateOnNDT(IPC* ipc, IP* ip, UCHAR* mac_address);
void IPCIPv6AssociateOnNDTEx(IPC* ipc, IP* ip, UCHAR* mac_address, bool isNeighborAdv);
void IPCIPv6FlushNDT(IPC* ipc);
void IPCIPv6FlushNDTEx(IPC* ipc, UINT64 now);
void IPCIPv6AssociateOnNDT(IPC *ipc, IP *ip, UCHAR *mac_address);
void IPCIPv6AssociateOnNDTEx(IPC *ipc, IP *ip, UCHAR *mac_address, bool isNeighborAdv);
void IPCIPv6FlushNDT(IPC *ipc);
void IPCIPv6FlushNDTEx(IPC *ipc, UINT64 now);
bool IPCIPv6CheckExistingLinkLocal(IPC *ipc, IP *addr);
// RA
void IPCIPv6AddRouterPrefix(IPC* ipc, ICMPV6_OPTION_LIST* recvPrefix, UCHAR* macAddress, IP* ip);
bool IPCIPv6CheckUnicastFromRouterPrefix(IPC* ipc, IP* ip, IPC_IPV6_ROUTER_ADVERTISEMENT* matchedRA);
void IPCIPv6SendRouterSolicitation(IPC* ipc);
void IPCIPv6AddRouterPrefix(IPC *ipc, ICMPV6_OPTION_LIST *recvPrefix, UCHAR *macAddress, IP *ip);
bool IPCIPv6CheckUnicastFromRouterPrefix(IPC *ipc, IP *ip, IPC_IPV6_ROUTER_ADVERTISEMENT *matchedRA);
void IPCIPv6SendRouterSolicitation(IPC *ipc);
// Data flow
BLOCK* IPCIPv6Recv(IPC* ipc);
void IPCIPv6Send(IPC* ipc, void* data, UINT size);
void IPCIPv6SendWithDestMacAddr(IPC* ipc, void* data, UINT size, UCHAR* dest_mac_addr);
void IPCIPv6SendUnicast(IPC* ipc, void* data, UINT size, IP* next_ip);
BLOCK *IPCIPv6Recv(IPC *ipc);
void IPCIPv6Send(IPC *ipc, void *data, UINT size);
void IPCIPv6SendWithDestMacAddr(IPC *ipc, void *data, UINT size, UCHAR *dest_mac_addr);
void IPCIPv6SendUnicast(IPC *ipc, void *data, UINT size, IP *next_ip);
bool ParseAndExtractMsChapV2InfoFromPassword(IPC_MSCHAP_V2_AUTHINFO *d, char *password);

130
src/Cedar/Proto_PPP.c
View File

@ -53,7 +53,7 @@ void PPPThread(THREAD *thread, void *param)
IPToStr(ipstr1, sizeof(ipstr1), &p->ClientIP);
IPToStr(ipstr2, sizeof(ipstr2), &p->ServerIP);
PPPLog(p, "LP_CONNECTED", p->Postfix, ipstr1, p->ClientHostname, p->ClientPort, ipstr2, p->ServerPort,
p->ClientSoftwareName, p->AdjustMss);
p->ClientSoftwareName, p->AdjustMss);
// We need that so we don't time out on connection immediately
p->LastRecvTime = Tick64();
@ -148,7 +148,7 @@ void PPPThread(THREAD *thread, void *param)
if (!receivedPacketProcessed && p->CurrentPacket != NULL && p->CurrentPacket->IsControl && PPP_CODE_IS_RESPONSE(p->CurrentPacket->Protocol, p->CurrentPacket->Lcp->Code) && !PPP_STATUS_IS_UNAVAILABLE(p->PPPStatus))
{
PPP_PACKET *request = NULL;
// Removing from resend list
// Removing from resend list
for (i = 0; i < LIST_NUM(p->SentReqPacketList); i++)
{
PPP_REQUEST_RESEND *t = LIST_DATA(p->SentReqPacketList, i);
@ -275,14 +275,14 @@ void PPPThread(THREAD *thread, void *param)
// We got to start CHAP when we got no LCP packets from the client on previous iteration
// which means we parsed all the client requests and responses
Debug("Starting PPP Authentication phase MS-CHAP v2\n");
lcp = BuildMSCHAP2ChallengePacket(p);
if (!PPPSendAndRetransmitRequest(p, PPP_PROTOCOL_CHAP, lcp))
{
PPPSetStatus(p, PPP_STATUS_FAIL);
WHERE;
}
PPPSetStatus(p, PPP_STATUS_AUTHENTICATING);
}
@ -334,7 +334,7 @@ void PPPThread(THREAD *thread, void *param)
}
IPCProcessL3Events(p->Ipc);
timeBeforeLoop = Tick64();
while (true)
@ -398,7 +398,7 @@ void PPPThread(THREAD *thread, void *param)
}
tubes[0] = p->TubeRecv;
if (p->PPPStatus == PPP_STATUS_NETWORK_LAYER && p->Ipc != NULL && IsIPCConnected(p->Ipc))
{
r = GetNextIntervalForInterrupt(p->Ipc->Interrupt);
@ -434,7 +434,7 @@ void PPPThread(THREAD *thread, void *param)
// Maximum PPP session time of the user reached inspection
if (p->UserConnectionTick != 0 && p->UserConnectionTimeout != 0 &&
p->UserConnectionTick + p->UserConnectionTimeout <= now)
p->UserConnectionTick + p->UserConnectionTimeout <= now)
{
// User connection time-out occurs
PPPLog(p, "LP_USER_TIMEOUT");
@ -864,7 +864,7 @@ bool PPPProcessLCPResponsePacket(PPP_SESSION *p, PPP_PACKET *pp, PPP_PACKET *req
WHERE;
return false;
}
if (opt->DataSize == sizeof(USHORT) && *((USHORT*)(opt->Data)) == Endian16(PPP_LCP_AUTH_EAP))
if (opt->DataSize == sizeof(USHORT) && *((USHORT *)(opt->Data)) == Endian16(PPP_LCP_AUTH_EAP))
{
// Try to request MS-CHAPv2 then
if (!isAccepted)
@ -877,7 +877,7 @@ bool PPPProcessLCPResponsePacket(PPP_SESSION *p, PPP_PACKET *pp, PPP_PACKET *req
ms_chap_v2_code[2] = PPP_CHAP_ALG_MS_CHAP_V2;
Copy(&offer, ms_chap_v2_code, sizeof(ms_chap_v2_code));
Debug("NACK proto with code = 0x%x, cypher = 0x%x, offered cypher = 0x%x\n", pp->Lcp->Code, *((USHORT*)(opt->Data)), offer);
Debug("NACK proto with code = 0x%x, cypher = 0x%x, offered cypher = 0x%x\n", pp->Lcp->Code, *((USHORT *)(opt->Data)), offer);
Debug("Request MSCHAPv2\n");
Add(c->OptionList, NewPPPOption(PPP_LCP_OPTION_AUTH, &ms_chap_v2_code, sizeof(ms_chap_v2_code)));
if (!PPPSendAndRetransmitRequest(p, PPP_PROTOCOL_LCP, c))
@ -903,7 +903,7 @@ bool PPPProcessLCPResponsePacket(PPP_SESSION *p, PPP_PACKET *pp, PPP_PACKET *req
PPP_LCP *c = NewPPPLCP(PPP_LCP_CODE_REQ, 0);
USHORT proto = Endian16(PPP_LCP_AUTH_PAP);
Copy(&offer, t->Data, t->DataSize > sizeof(UINT64) ? sizeof(UINT64) : t->DataSize);
Debug("NACK proto with code = 0x%x, cypher = 0x%x, offered cypher = 0x%x\n", pp->Lcp->Code, *((USHORT*)(opt->Data)), offer);
Debug("NACK proto with code = 0x%x, cypher = 0x%x, offered cypher = 0x%x\n", pp->Lcp->Code, *((USHORT *)(opt->Data)), offer);
Debug("Request PAP\n");
Add(c->OptionList, NewPPPOption(PPP_LCP_OPTION_AUTH, &proto, sizeof(USHORT)));
if (!PPPSendAndRetransmitRequest(p, PPP_PROTOCOL_LCP, c))
@ -919,16 +919,16 @@ bool PPPProcessLCPResponsePacket(PPP_SESSION *p, PPP_PACKET *pp, PPP_PACKET *req
Debug("Setting BEFORE_AUTH from ACK on LCP response parse on CHAP accept\n");
PPPSetStatus(p, PPP_STATUS_BEFORE_AUTH);
}
}
else if (opt->DataSize == sizeof(USHORT) && *((USHORT*)(opt->Data)) == Endian16(PPP_LCP_AUTH_PAP))
else if (opt->DataSize == sizeof(USHORT) && *((USHORT *)(opt->Data)) == Endian16(PPP_LCP_AUTH_PAP))
{
// We couldn't agree on auth proto, failing connection
if (!isAccepted)
{
UINT64 offer = 0;
Copy(&offer, t->Data, t->DataSize > sizeof(UINT64) ? sizeof(UINT64) : t->DataSize);
Debug("NACK proto with code = 0x%x, cypher = 0x%x, offered cypher = 0x%x\n", pp->Lcp->Code, *((USHORT*)(opt->Data)), offer);
Debug("NACK proto with code = 0x%x, cypher = 0x%x, offered cypher = 0x%x\n", pp->Lcp->Code, *((USHORT *)(opt->Data)), offer);
Debug("Couldn't agree on auth protocol!\n");
PPPLog(p, "LP_PAP_MSCHAPV2_REJECTED");
PPPSetStatus(p, PPP_STATUS_FAIL);
@ -994,7 +994,7 @@ bool PPPProcessCHAPResponsePacket(PPP_SESSION *p, PPP_PACKET *pp, PPP_PACKET *re
BinToStr(hex, sizeof(hex), p->MsChapV2_ServerResponse, 20);
Format(ret_str, sizeof(ret_str),
"S=%s", hex);
"S=%s", hex);
WriteBuf(lcp_ret_data, ret_str, StrLen(ret_str));
@ -1032,7 +1032,7 @@ bool PPPProcessCHAPResponsePacket(PPP_SESSION *p, PPP_PACKET *pp, PPP_PACKET *re
BinToStr(hex, sizeof(hex), p->MsChapV2_ServerChallenge, 16);
Format(ret_str, sizeof(ret_str),
"E=%u R=0 C=%s V=3", p->MsChapV2_ErrorCode, hex);
"E=%u R=0 C=%s V=3", p->MsChapV2_ErrorCode, hex);
WriteBuf(lcp_ret_data, ret_str, StrLen(ret_str));
@ -1086,11 +1086,11 @@ bool PPPProcessIPCPResponsePacket(PPP_SESSION *p, PPP_PACKET *pp, PPP_PACKET *re
PPPRejectUnsupportedPacketEx(p, pp, true);
return false;
}
// We're dealing either with ACK or NACK
addr = IPToUINT(&addrStruct);
IPToStr(addrStr, MAX_SIZE, &addrStruct);
if (isAccepted)
{
Debug("Accepted server IP address of %s\n", addrStr);
@ -1156,7 +1156,7 @@ bool PPPProcessEAPResponsePacket(PPP_SESSION *p, PPP_PACKET *pp, PPP_PACKET *req
PPPSetStatus(p, PPP_STATUS_BEFORE_AUTH);
break;
case PPP_EAP_TYPE_NOTIFICATION:
// Basically this is just an acknoweldgment that the notification was accepted by the client. Nothing to do here...
// Basically this is just an acknoweldgment that the notification was accepted by the client. Nothing to do here...
break;
case PPP_EAP_TYPE_NAK:
/// TODO: implement alternative EAP protocol selection based on received NAK
@ -1265,12 +1265,12 @@ bool PPPProcessLCPRequestPacket(PPP_SESSION *p, PPP_PACKET *pp)
{
case PPP_LCP_OPTION_AUTH:
t->IsSupported = true;
if (t->DataSize == sizeof(USHORT) && *((USHORT*)t->Data) == PPP_LCP_AUTH_EAP && p->AuthProtocol == PPP_UNSPECIFIED)
if (t->DataSize == sizeof(USHORT) && *((USHORT *)t->Data) == PPP_LCP_AUTH_EAP && p->AuthProtocol == PPP_UNSPECIFIED)
{
t->IsAccepted = true;
NegotiatedAuthProto = PPP_PROTOCOL_EAP;
}
else if (t->DataSize == sizeof(USHORT) && *((USHORT*)t->Data) == PPP_LCP_AUTH_PAP && p->AuthProtocol == PPP_UNSPECIFIED)
else if (t->DataSize == sizeof(USHORT) && *((USHORT *)t->Data) == PPP_LCP_AUTH_PAP && p->AuthProtocol == PPP_UNSPECIFIED)
{
t->IsAccepted = true;
NegotiatedAuthProto = PPP_PROTOCOL_PAP;
@ -1338,7 +1338,7 @@ bool PPPProcessLCPRequestPacket(PPP_SESSION *p, PPP_PACKET *pp)
{
return false;
}
if (NegotiatedAuthProto != PPP_UNSPECIFIED)
{
if (p->AuthProtocol == PPP_UNSPECIFIED)
@ -1346,7 +1346,7 @@ bool PPPProcessLCPRequestPacket(PPP_SESSION *p, PPP_PACKET *pp)
p->AuthProtocol = NegotiatedAuthProto;
PPPSetStatus(p, PPP_STATUS_BEFORE_AUTH);
Debug("Setting BEFORE_AUTH from REQ on LCP request parse\n");
}
}
}
if (NegotiatedMRU != PPP_UNSPECIFIED)
{
@ -1362,9 +1362,9 @@ bool PPPProcessPAPRequestPacket(PPP_SESSION *p, PPP_PACKET *pp)
{
PPP_LCP *lcp = NewPPPLCP(PPP_PAP_CODE_NAK, pp->Lcp->Id);
PPP_PACKET *ret = ZeroMalloc(sizeof(PPP_PACKET));
Debug("Got a PAP request before we're ready for AUTH procedure!\n");
ret->IsControl = true;
ret->Protocol = PPP_PROTOCOL_PAP;
ret->Lcp = lcp;
@ -1453,9 +1453,9 @@ bool PPPProcessPAPRequestPacket(PPP_SESSION *p, PPP_PACKET *pp)
UINT error_code;
ipc = NewIPC(p->Cedar, p->ClientSoftwareName, p->Postfix, hub, id, password,
&error_code, &p->ClientIP, p->ClientPort, &p->ServerIP, p->ServerPort,
p->ClientHostname, p->CryptName, false, p->AdjustMss, NULL, NULL,
IPC_LAYER_3);
&error_code, &p->ClientIP, p->ClientPort, &p->ServerIP, p->ServerPort,
p->ClientHostname, p->CryptName, false, p->AdjustMss, NULL, NULL,
IPC_LAYER_3);
if (ipc != NULL)
{
@ -1637,9 +1637,9 @@ bool PPPProcessIPCPRequestPacket(PPP_SESSION *p, PPP_PACKET *pp)
IPToStr32(wins2_str, sizeof(wins2_str), cao.WinsServer2);
PPPLog(p, "LP_DHCP_INFORM_OK",
subnet_str, defgw_str, cao.DomainName,
dns1_str, dns2_str, wins1_str, wins2_str,
server_ip_str);
subnet_str, defgw_str, cao.DomainName,
dns1_str, dns2_str, wins1_str, wins2_str,
server_ip_str);
}
}
else
@ -1690,8 +1690,8 @@ bool PPPProcessIPCPRequestPacket(PPP_SESSION *p, PPP_PACKET *pp)
t = 1;
}
p->DhcpRenewInterval = (UINT64)t * (UINT64)1000;
p->DhcpNextRenewTime = Tick64() + p->DhcpRenewInterval;
p->DhcpRenewInterval = (UINT64)t * (UINT64)1000;
p->DhcpNextRenewTime = Tick64() + p->DhcpRenewInterval;
if (true)
{
@ -1710,9 +1710,9 @@ bool PPPProcessIPCPRequestPacket(PPP_SESSION *p, PPP_PACKET *pp)
IPToStr32(wins2_str, sizeof(wins2_str), cao.WinsServer2);
PPPLog(p, "LP_DHCP_REQUEST_OK",
client_ip_str, subnet_str, defgw_str, cao.DomainName,
dns1_str, dns2_str, wins1_str, wins2_str,
server_ip_str, cao.LeaseTime);
client_ip_str, subnet_str, defgw_str, cao.DomainName,
dns1_str, dns2_str, wins1_str, wins2_str,
server_ip_str, cao.LeaseTime);
}
}
else
@ -1728,7 +1728,7 @@ bool PPPProcessIPCPRequestPacket(PPP_SESSION *p, PPP_PACKET *pp)
// If we already have a configured IP data - send it along
if (IsValidUnicastIPAddressUINT4(p->ClientAddressOption.ClientAddress) &&
p->ClientAddressOption.SubnetMask != 0 && ok)
p->ClientAddressOption.SubnetMask != 0 && ok)
{
// Success to determine the address
UINTToIP(&subnet, p->ClientAddressOption.SubnetMask);
@ -1760,7 +1760,7 @@ bool PPPProcessIPCPRequestPacket(PPP_SESSION *p, PPP_PACKET *pp)
IPToStr(wins2_str, sizeof(wins2_str), &res.WinsServer2);
PPPLog(p, "LP_SET_IPV4_PARAM", client_ip_str, subnet_str,
defgw_str, dns1_str, dns2_str, wins1_str, wins2_str);
defgw_str, dns1_str, dns2_str, wins1_str, wins2_str);
}
/*// Backporting static configuration received from client - let him use whatever he wants,
@ -1808,7 +1808,7 @@ bool PPPProcessIPCPRequestPacket(PPP_SESSION *p, PPP_PACKET *pp)
PPPSetIPOptionToLCP(&res, pp->Lcp, true);
}
if (PPPRejectLCPOptionsEx(p, pp, processed))
{
Debug("Rejected IPCP options ID = 0x%x\n", pp->Lcp->Id);
@ -2186,7 +2186,7 @@ PPP_PACKET *PPPGetNextPacket(PPP_SESSION *p)
}
ret = PPPRecvPacket(p, true);
if (ret != NULL && ret->IsControl && ret->Lcp != NULL)
{
PPP_DELAYED_PACKET *firstRelated = NULL;
@ -2308,10 +2308,10 @@ int PPPDelayedPacketsComparator(const void *a, const void *b)
char PPPRelatedPacketComparator(PPP_PACKET *a, PPP_PACKET *b)
{
if (a->IsControl && b->IsControl &&
a->Lcp != NULL && b->Lcp != NULL &&
a->Protocol == b->Protocol &&
PPP_CODE_IS_REQUEST(a->Protocol, a->Lcp->Code) == PPP_CODE_IS_REQUEST(b->Protocol, b->Lcp->Code) &&
PPP_CODE_IS_RESPONSE(a->Protocol, a->Lcp->Code) == PPP_CODE_IS_RESPONSE(b->Protocol, b->Lcp->Code))
a->Lcp != NULL && b->Lcp != NULL &&
a->Protocol == b->Protocol &&
PPP_CODE_IS_REQUEST(a->Protocol, a->Lcp->Code) == PPP_CODE_IS_REQUEST(b->Protocol, b->Lcp->Code) &&
PPP_CODE_IS_RESPONSE(a->Protocol, a->Lcp->Code) == PPP_CODE_IS_RESPONSE(b->Protocol, b->Lcp->Code))
{
// The packet is related!
if (a->Lcp->Id < b->Lcp->Id)
@ -2636,21 +2636,21 @@ bool PPPParseMSCHAP2ResponsePacket(PPP_SESSION *p, PPP_PACKET *pp)
// Convert the MS-CHAPv2 data to a password string
BinToStr(server_challenge_hex, sizeof(server_challenge_hex),
p->MsChapV2_ServerChallenge, sizeof(p->MsChapV2_ServerChallenge));
p->MsChapV2_ServerChallenge, sizeof(p->MsChapV2_ServerChallenge));
BinToStr(client_challenge_hex, sizeof(client_challenge_hex),
p->MsChapV2_ClientChallenge, sizeof(p->MsChapV2_ClientChallenge));
p->MsChapV2_ClientChallenge, sizeof(p->MsChapV2_ClientChallenge));
BinToStr(client_response_hex, sizeof(client_response_hex),
p->MsChapV2_ClientResponse, sizeof(p->MsChapV2_ClientResponse));
p->MsChapV2_ClientResponse, sizeof(p->MsChapV2_ClientResponse));
BinToStr(eap_client_hex, sizeof(eap_client_hex),
&eap_client_ptr, 8);
&eap_client_ptr, 8);
Format(password, sizeof(password), "%s%s:%s:%s:%s:%s",
IPC_PASSWORD_MSCHAPV2_TAG,
username_tmp,
server_challenge_hex,
client_challenge_hex,
client_response_hex,
eap_client_hex);
IPC_PASSWORD_MSCHAPV2_TAG,
username_tmp,
server_challenge_hex,
client_challenge_hex,
client_response_hex,
eap_client_hex);
if (p->MsChapV2_UseDoubleMsChapV2 && p->EapClient == NULL)
{
@ -2673,9 +2673,9 @@ bool PPPParseMSCHAP2ResponsePacket(PPP_SESSION *p, PPP_PACKET *pp)
{
Debug("MSCHAPv2 creating IPC\n");
ipc = NewIPC(p->Cedar, p->ClientSoftwareName, p->Postfix, hub, id, password,
&error_code, &p->ClientIP, p->ClientPort, &p->ServerIP, p->ServerPort,
p->ClientHostname, p->CryptName, false, p->AdjustMss, p->EapClient, NULL,
+ IPC_LAYER_3);
&error_code, &p->ClientIP, p->ClientPort, &p->ServerIP, p->ServerPort,
p->ClientHostname, p->CryptName, false, p->AdjustMss, p->EapClient, NULL,
+ IPC_LAYER_3);
if (ipc != NULL)
{
@ -2953,7 +2953,7 @@ bool PPPSetIPAddressValueToLCP(PPP_LCP *c, UINT type, IP *ip, bool only_modify)
{
PPP_OPTION *opt2 = NewPPPOption(type, &ui, 4);
UCHAR ipstr[MAX_SIZE];
opt2->IsAccepted = true;
opt2->IsSupported = true;
Copy(opt2->AltData, opt2->Data, opt2->DataSize);
@ -3082,9 +3082,9 @@ bool PPPProcessEAPTlsResponse(PPP_SESSION *p, PPP_EAP *eap_packet, UINT eapTlsSi
PPPParseUsername(p->Cedar, p->Eap_Identity, &d);
ipc = NewIPC(p->Cedar, p->ClientSoftwareName, p->Postfix, d.HubName, d.UserName, "",
&error_code, &p->ClientIP, p->ClientPort, &p->ServerIP, p->ServerPort,
p->ClientHostname, p->CryptName, false, p->AdjustMss, NULL, p->Eap_TlsCtx.ClientCert.X,
IPC_LAYER_3);
&error_code, &p->ClientIP, p->ClientPort, &p->ServerIP, p->ServerPort,
p->ClientHostname, p->CryptName, false, p->AdjustMss, NULL, p->Eap_TlsCtx.ClientCert.X,
IPC_LAYER_3);
if (ipc != NULL)
{
@ -3415,7 +3415,7 @@ void FreePPPSession(PPP_SESSION *p)
Free(t);
}
ReleaseList(p->SentReqPacketList);
for (i = 0; i < LIST_NUM(p->DelayedPackets); i++)
@ -3425,7 +3425,7 @@ void FreePPPSession(PPP_SESSION *p)
Free(t);
}
ReleaseList(p->DelayedPackets);
if (p->CurrentPacket != NULL)
@ -3684,7 +3684,7 @@ void GenerateNtPasswordHash(UCHAR *dst, char *password)
tmp = ZeroMalloc(tmp_size);
for (i = 0;i < len;i++)
for (i = 0; i < len; i++)
{
tmp[i * 2] = password[i];
}
@ -3852,7 +3852,7 @@ char *MsChapV2DoBruteForce(IPC_MSCHAP_V2_AUTHINFO *d, LIST *password_list)
return NULL;
}
for (i = 0;i < LIST_NUM(password_list);i++)
for (i = 0; i < LIST_NUM(password_list); i++)
{
char *s = LIST_DATA(password_list, i);
char tmp[MAX_SIZE];
@ -3864,7 +3864,7 @@ char *MsChapV2DoBruteForce(IPC_MSCHAP_V2_AUTHINFO *d, LIST *password_list)
len = StrLen(tmp);
max = Power(2, MIN(len, 9));
for (j = 0;j < max;j++)
for (j = 0; j < max; j++)
{
SetStrCaseAccordingToBits(tmp, j);
if (MsChapV2VerityPassword(d, tmp))

2
src/Cedar/Proto_PPP.h
View File

@ -311,7 +311,7 @@ struct PPP_SESSION
PPP_EAP_TLS_CONTEXT Eap_TlsCtx; // Context information for EAP TLS. May be possibly reused for EAP TTLS?
LIST *SentReqPacketList; // Sent requests list
PPP_PACKET *CurrentPacket;
LIST *DelayedPackets;