2 * netsniff-ng - the packet sniffing beast
3 * Copyright 2011 Daniel Borkmann.
4 * Subject to the GPL, version 2.
15 #include <arpa/inet.h>
18 #include "ct_usermgmt.h"
28 #include "crypto_verify_32.h"
29 #include "crypto_hash_sha512.h"
30 #include "crypto_box_curve25519xsalsa20poly1305.h"
31 #include "crypto_auth_hmacsha512256.h"
33 #define crypto_box_pub_key_size crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES
35 /* Config line format: username;pubkey\n */
39 unsigned char publickey
[crypto_box_pub_key_size
];
40 struct curve25519_proto proto_inf
;
41 struct user_store
*next
;
44 struct sock_map_entry
{
46 struct curve25519_proto
*proto
;
47 struct sock_map_entry
*next
;
50 struct sockaddr_map_entry
{
51 struct sockaddr_storage
*sa
;
53 struct curve25519_proto
*proto
;
54 struct sockaddr_map_entry
*next
;
57 static struct user_store
*store
= NULL
;
58 static struct rwlock store_lock
;
60 static struct hash_table sock_mapper
;
61 static struct rwlock sock_map_lock
;
63 static struct hash_table sockaddr_mapper
;
64 static struct rwlock sockaddr_map_lock
;
66 static unsigned char token
[crypto_auth_hmacsha512256_KEYBYTES
];
68 static void init_sock_mapper(void)
70 rwlock_init(&sock_map_lock
);
72 rwlock_wr_lock(&sock_map_lock
);
74 memset(&sock_mapper
, 0, sizeof(sock_mapper
));
75 init_hash(&sock_mapper
);
77 rwlock_unlock(&sock_map_lock
);
80 static void init_sockaddr_mapper(void)
82 rwlock_init(&sockaddr_map_lock
);
83 rwlock_wr_lock(&sockaddr_map_lock
);
85 memset(&sockaddr_mapper
, 0, sizeof(sockaddr_mapper
));
86 init_hash(&sockaddr_mapper
);
88 rwlock_unlock(&sockaddr_map_lock
);
91 static int cleanup_batch_sock_mapper(void *ptr
)
93 struct sock_map_entry
*next
;
94 struct sock_map_entry
*e
= ptr
;
99 while ((next
= e
->next
)) {
110 static void destroy_sock_mapper(void)
112 rwlock_wr_lock(&sock_map_lock
);
113 for_each_hash(&sock_mapper
, cleanup_batch_sock_mapper
);
114 free_hash(&sock_mapper
);
115 rwlock_unlock(&sock_map_lock
);
117 rwlock_destroy(&sock_map_lock
);
120 static int cleanup_batch_sockaddr_mapper(void *ptr
)
122 struct sockaddr_map_entry
*next
;
123 struct sockaddr_map_entry
*e
= ptr
;
128 while ((next
= e
->next
)) {
138 static void destroy_sockaddr_mapper(void)
140 rwlock_wr_lock(&sockaddr_map_lock
);
141 for_each_hash(&sockaddr_mapper
, cleanup_batch_sockaddr_mapper
);
142 free_hash(&sockaddr_mapper
);
143 rwlock_unlock(&sockaddr_map_lock
);
145 rwlock_destroy(&sockaddr_map_lock
);
148 static struct user_store
*user_store_alloc(void)
150 return xzmalloc(sizeof(struct user_store
));
153 static void user_store_free(struct user_store
*us
)
157 memset(us
, 0, sizeof(struct user_store
));
161 /* already in lock */
162 static int __check_duplicate_username(char *username
, size_t len
)
165 struct user_store
*elem
= store
;
168 if (!memcmp(elem
->username
, username
,
169 strlen(elem
->username
) + 1)) {
179 /* already in lock */
180 static int __check_duplicate_pubkey(unsigned char *pubkey
, size_t len
)
183 struct user_store
*elem
= store
;
186 if (!memcmp(elem
->publickey
, pubkey
,
187 sizeof(elem
->publickey
))) {
203 static int parse_line(char *line
, char *homedir
)
207 enum parse_states s
= PARSE_USERNAME
;
208 struct user_store
*elem
;
209 unsigned char pkey
[crypto_box_pub_key_size
];
211 elem
= user_store_alloc();
214 str
= strtok(line
, ";");
215 for (; str
!= NULL
;) {
218 if (__check_duplicate_username(str
, strlen(str
) + 1))
220 strlcpy(elem
->username
, str
, sizeof(elem
->username
));
224 if (!curve25519_pubkey_hexparse_32(pkey
, sizeof(pkey
),
227 if (__check_duplicate_pubkey(pkey
, sizeof(pkey
)))
229 memcpy(elem
->publickey
, pkey
, sizeof(elem
->publickey
));
230 ret
= curve25519_proto_init(&elem
->proto_inf
,
232 sizeof(elem
->publickey
),
244 str
= strtok(NULL
, ";");
248 return s
== PARSE_DONE
? 0 : -EIO
;
251 void parse_userfile_and_generate_user_store_or_die(char *homedir
)
254 char path
[PATH_MAX
], buff
[512];
255 int line
= 1, ret
, fd
;
257 memset(path
, 0, sizeof(path
));
258 slprintf(path
, sizeof(path
), "%s/%s", homedir
, FILE_CLIENTS
);
260 rwlock_init(&store_lock
);
261 rwlock_wr_lock(&store_lock
);
263 fp
= fopen(path
, "r");
265 panic("Cannot open client file!\n");
267 memset(buff
, 0, sizeof(buff
));
268 while (fgets(buff
, sizeof(buff
), fp
) != NULL
) {
269 buff
[sizeof(buff
) - 1] = 0;
270 /* A comment. Skip this line */
271 if (buff
[0] == '#' || buff
[0] == '\n') {
272 memset(buff
, 0, sizeof(buff
));
277 ret
= parse_line(buff
, homedir
);
279 panic("Cannot parse line %d from clients!\n", line
);
281 memset(buff
, 0, sizeof(buff
));
287 panic("No registered clients found!\n");
289 rwlock_unlock(&store_lock
);
292 init_sockaddr_mapper();
295 * Pubkey is also used as a hmac of the initial packet to check
296 * the integrity of the packet, so that we know if it's just random
297 * garbage or a 'valid' packet. Again, just for the integrity!
300 memset(path
, 0, sizeof(path
));
301 slprintf(path
, sizeof(path
), "%s/%s", homedir
, FILE_PUBKEY
);
303 fd
= open_or_die(path
, O_RDONLY
);
304 ret
= read(fd
, token
, sizeof(token
));
305 if (ret
!= crypto_auth_hmacsha512256_KEYBYTES
)
306 panic("Cannot read public key!\n");
310 void dump_user_store(void)
313 struct user_store
*elem
;
315 rwlock_rd_lock(&store_lock
);
319 printf("%s -> ", elem
->username
);
320 for (i
= 0; i
< sizeof(elem
->publickey
); ++i
)
321 if (i
== (sizeof(elem
->publickey
) - 1))
322 printf("%02x\n", (unsigned char)
325 printf("%02x:", (unsigned char)
330 rwlock_unlock(&store_lock
);
333 void destroy_user_store(void)
335 struct user_store
*elem
, *nelem
= NULL
;
337 rwlock_wr_lock(&store_lock
);
343 user_store_free(elem
);
346 rwlock_unlock(&store_lock
);
348 rwlock_destroy(&store_lock
);
350 destroy_sock_mapper();
351 destroy_sockaddr_mapper();
354 int username_msg(char *username
, size_t len
, char *dst
, size_t dlen
)
359 unsigned char h
[crypto_hash_sha512_BYTES
];
360 struct username_struct
*us
= (struct username_struct
*) dst
;
364 if (dlen
< sizeof(struct username_struct
))
368 uname
= xzmalloc(uname_len
);
370 fd
= open_or_die("/dev/random", O_RDONLY
);
371 ret
= read_exact(fd
, &salt
, sizeof(salt
), 0);
372 if (ret
!= sizeof(salt
))
373 panic("Cannot read from /dev/random!\n");
376 slprintf(uname
, uname_len
, "%s%u", username
, salt
);
377 crypto_hash_sha512(h
, (unsigned char *) uname
, strlen(uname
));
379 us
->salt
= htonl(salt
);
380 memcpy(us
->hash
, h
, sizeof(us
->hash
));
386 enum is_user_enum
username_msg_is_user(char *src
, size_t slen
, char *username
,
392 struct username_struct
*us
= (struct username_struct
*) src
;
393 unsigned char h
[crypto_hash_sha512_BYTES
];
395 if (slen
< sizeof(struct username_struct
)) {
397 return USERNAMES_ERR
;
401 uname
= xzmalloc(uname_len
);
403 salt
= ntohl(us
->salt
);
405 slprintf(uname
, uname_len
, "%s%u", username
, salt
);
406 crypto_hash_sha512(h
, (unsigned char *) uname
, strlen(uname
));
409 if (!crypto_verify_32(&h
[0], &us
->hash
[0]) &&
410 !crypto_verify_32(&h
[32], &us
->hash
[32]))
416 static int register_user_by_socket(int fd
, struct curve25519_proto
*proto
)
419 struct sock_map_entry
*entry
;
421 rwlock_wr_lock(&sock_map_lock
);
423 entry
= xzmalloc(sizeof(*entry
));
425 entry
->proto
= proto
;
427 pos
= insert_hash(entry
->fd
, entry
, &sock_mapper
);
429 entry
->next
= (*pos
);
433 rwlock_unlock(&sock_map_lock
);
438 static int register_user_by_sockaddr(struct sockaddr_storage
*sa
,
440 struct curve25519_proto
*proto
)
443 struct sockaddr_map_entry
*entry
;
444 unsigned int hash
= hash_name((char *) sa
, sa_len
);
446 rwlock_wr_lock(&sockaddr_map_lock
);
448 entry
= xzmalloc(sizeof(*entry
));
449 entry
->sa
= xmemdupz(sa
, sa_len
);
450 entry
->sa_len
= sa_len
;
451 entry
->proto
= proto
;
453 pos
= insert_hash(hash
, entry
, &sockaddr_mapper
);
455 entry
->next
= (*pos
);
459 rwlock_unlock(&sockaddr_map_lock
);
464 int try_register_user_by_socket(struct curve25519_struct
*c
,
465 char *src
, size_t slen
, int sock
, int log
)
469 size_t real_len
= 132;
471 struct user_store
*elem
;
472 enum is_user_enum err
;
473 unsigned char auth
[crypto_auth_hmacsha512256_BYTES
];
474 struct taia arrival_taia
;
476 /* assert(132 == clen + sizeof(auth)); */
478 * Check hmac first, if malicious, drop immediately before we
479 * investigate more efforts.
484 taia_now(&arrival_taia
);
486 memcpy(auth
, src
, sizeof(auth
));
489 real_len
-= sizeof(auth
);
491 if (crypto_auth_hmacsha512256_verify(auth
, (unsigned char *) src
,
493 syslog(LOG_ERR
, "Bad packet hmac for id %d! Dropping!\n", sock
);
497 syslog(LOG_INFO
, "Good packet hmac for id %d!\n", sock
);
500 rwlock_rd_lock(&store_lock
);
504 clen
= curve25519_decode(c
, &elem
->proto_inf
,
505 (unsigned char *) src
, real_len
,
506 (unsigned char **) &cbuff
,
513 cbuff
+= crypto_box_zerobytes
;
514 clen
-= crypto_box_zerobytes
;
517 syslog(LOG_INFO
, "Packet decoded successfully for id %d!\n", sock
);
519 err
= username_msg_is_user(cbuff
, clen
, elem
->username
,
520 strlen(elem
->username
) + 1);
521 if (err
== USERNAMES_OK
) {
523 syslog(LOG_INFO
, "Found user %s for id %d! Registering ...\n",
524 elem
->username
, sock
);
525 ret
= register_user_by_socket(sock
, &elem
->proto_inf
);
532 rwlock_unlock(&store_lock
);
535 syslog(LOG_ERR
, "User not found! Dropping connection!\n");
540 int try_register_user_by_sockaddr(struct curve25519_struct
*c
,
541 char *src
, size_t slen
,
542 struct sockaddr_storage
*sa
,
543 size_t sa_len
, int log
)
547 struct user_store
*elem
;
549 size_t real_len
= 132;
550 enum is_user_enum err
;
551 unsigned char auth
[crypto_auth_hmacsha512256_BYTES
];
552 struct taia arrival_taia
;
554 /* assert(132 == clen + sizeof(auth)); */
556 * Check hmac first, if malicious, drop immediately before we
557 * investigate more efforts.
562 taia_now(&arrival_taia
);
564 memcpy(auth
, src
, sizeof(auth
));
567 real_len
-= sizeof(auth
);
569 if (crypto_auth_hmacsha512256_verify(auth
, (unsigned char *) src
,
571 syslog(LOG_ERR
, "Got bad packet hmac! Dropping!\n");
575 syslog(LOG_INFO
, "Got good packet hmac!\n");
578 rwlock_rd_lock(&store_lock
);
582 clen
= curve25519_decode(c
, &elem
->proto_inf
,
583 (unsigned char *) src
, real_len
,
584 (unsigned char **) &cbuff
,
591 cbuff
+= crypto_box_zerobytes
;
592 clen
-= crypto_box_zerobytes
;
595 syslog(LOG_INFO
, "Packet decoded successfully!\n");
597 err
= username_msg_is_user(cbuff
, clen
, elem
->username
,
598 strlen(elem
->username
) + 1);
599 if (err
== USERNAMES_OK
) {
601 syslog(LOG_INFO
, "Found user %s! Registering ...\n",
603 ret
= register_user_by_sockaddr(sa
, sa_len
,
611 rwlock_unlock(&store_lock
);
614 syslog(LOG_ERR
, "User not found! Dropping connection!\n");
619 int get_user_by_socket(int fd
, struct curve25519_proto
**proto
)
622 struct sock_map_entry
*entry
;
626 rwlock_rd_lock(&sock_map_lock
);
628 entry
= lookup_hash(fd
, &sock_mapper
);
629 while (entry
&& fd
!= entry
->fd
)
631 if (entry
&& fd
== entry
->fd
) {
632 (*proto
) = entry
->proto
;
639 rwlock_unlock(&sock_map_lock
);
644 int get_user_by_sockaddr(struct sockaddr_storage
*sa
, size_t sa_len
,
645 struct curve25519_proto
**proto
)
648 struct sockaddr_map_entry
*entry
;
649 unsigned int hash
= hash_name((char *) sa
, sa_len
);
653 rwlock_rd_lock(&sockaddr_map_lock
);
655 entry
= lookup_hash(hash
, &sockaddr_mapper
);
656 while (entry
&& entry
->sa_len
== sa_len
&&
657 memcmp(sa
, entry
->sa
, entry
->sa_len
))
659 if (entry
&& entry
->sa_len
== sa_len
&&
660 !memcmp(sa
, entry
->sa
, entry
->sa_len
)) {
661 (*proto
) = entry
->proto
;
668 rwlock_unlock(&sockaddr_map_lock
);
673 static struct sock_map_entry
*socket_to_sock_map_entry(int fd
)
675 struct sock_map_entry
*entry
, *ret
= NULL
;
679 rwlock_rd_lock(&sock_map_lock
);
681 entry
= lookup_hash(fd
, &sock_mapper
);
682 while (entry
&& fd
!= entry
->fd
)
684 if (entry
&& fd
== entry
->fd
)
689 rwlock_unlock(&sock_map_lock
);
694 void remove_user_by_socket(int fd
)
696 struct sock_map_entry
*pos
;
697 struct sock_map_entry
*entry
= socket_to_sock_map_entry(fd
);
702 rwlock_wr_lock(&sock_map_lock
);
704 pos
= remove_hash(entry
->fd
, entry
, entry
->next
, &sock_mapper
);
705 while (pos
&& pos
->next
&& pos
->next
!= entry
)
707 if (pos
&& pos
->next
&& pos
->next
== entry
)
708 pos
->next
= entry
->next
;
710 memset(entry
->proto
->enonce
, 0, sizeof(entry
->proto
->enonce
));
711 memset(entry
->proto
->dnonce
, 0, sizeof(entry
->proto
->dnonce
));
718 rwlock_unlock(&sock_map_lock
);
721 static struct sockaddr_map_entry
*
722 sockaddr_to_sockaddr_map_entry(struct sockaddr_storage
*sa
, size_t sa_len
)
724 struct sockaddr_map_entry
*entry
, *ret
= NULL
;
725 unsigned int hash
= hash_name((char *) sa
, sa_len
);
729 rwlock_rd_lock(&sockaddr_map_lock
);
731 entry
= lookup_hash(hash
, &sockaddr_mapper
);
732 while (entry
&& entry
->sa_len
== sa_len
&&
733 memcmp(sa
, entry
->sa
, entry
->sa_len
))
735 if (entry
&& entry
->sa_len
== sa_len
&&
736 !memcmp(sa
, entry
->sa
, entry
->sa_len
))
741 rwlock_unlock(&sockaddr_map_lock
);
746 void remove_user_by_sockaddr(struct sockaddr_storage
*sa
, size_t sa_len
)
748 struct sockaddr_map_entry
*pos
;
749 struct sockaddr_map_entry
*entry
;
750 unsigned int hash
= hash_name((char *) sa
, sa_len
);
752 entry
= sockaddr_to_sockaddr_map_entry(sa
, sa_len
);
756 rwlock_wr_lock(&sockaddr_map_lock
);
758 pos
= remove_hash(hash
, entry
, entry
->next
, &sockaddr_mapper
);
759 while (pos
&& pos
->next
&& pos
->next
!= entry
)
761 if (pos
&& pos
->next
&& pos
->next
== entry
)
762 pos
->next
= entry
->next
;
764 memset(entry
->proto
->enonce
, 0, sizeof(entry
->proto
->enonce
));
765 memset(entry
->proto
->dnonce
, 0, sizeof(entry
->proto
->dnonce
));
773 rwlock_unlock(&sockaddr_map_lock
);