search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
added listing of curves, keygen curve spec
[netsniff-ng.git] / src / curvetun.c
blobeeca0a73f7ef4ffc35b14cc9729d42179c91ba72
1 /*
2 * curvetun - the cipherspace wormhole creator
3 * Part of the netsniff-ng project
4 * By Daniel Borkmann <daniel@netsniff-ng.org>
5 * Copyright 2011 Daniel Borkmann <dborkma@tik.ee.ethz.ch>,
6 * Swiss federal institute of technology (ETH Zurich)
7 * Subject to the GPL.
8 */
9
10 #include <stdio.h>
11 #include <stdlib.h>
12 #include <fcntl.h>
13 #include <string.h>
14 #include <ctype.h>
15 #include <getopt.h>
16 #include <errno.h>
17 #include <stdbool.h>
18
19 #include "xmalloc.h"
20 #include "netdev.h"
21 #include "version.h"
22 #include "stun.h"
23 #include "die.h"
24 #include "strlcpy.h"
25 #include "signals.h"
26 #include "tundev.h"
27 #include "curves.h"
28
29 enum working_mode {
30 MODE_UNKNOW,
31 MODE_KEYGEN,
32 MODE_CLIENT,
33 MODE_SERVER,
34 };
35
36 enum client_mode {
37 MODE_SINGLE,
38 MODE_ALL_RROBIN,
39 MODE_ALL_RANDOM,
40 MODE_ALL_LATENCY,
41 };
42
43 static sig_atomic_t sigint = 0;
44
45 static const char *short_options = "k:c:m:svhp:t:l";
46
47 static struct option long_options[] = {
48 {"client", optional_argument, 0, 'c'},
49 {"mode", required_argument, 0, 'm'},
50 {"port", required_argument, 0, 'p'},
51 {"stun", required_argument, 0, 't'},
52 {"keygen", optional_argument, 0, 'k'},
53 {"server", no_argument, 0, 's'},
54 {"list-curves", no_argument, 0, 'l'},
55 {"version", no_argument, 0, 'v'},
56 {"help", no_argument, 0, 'h'},
57 {0, 0, 0, 0}
58 };
59
60 static void signal_handler(int number)
61 {
62 switch (number) {
63 case SIGINT:
64 sigint = 1;
65 break;
66 case SIGHUP:
67 break;
68 default:
69 break;
70 }
71 }
72
73 static void header(void)
74 {
75 printf("%s%s%s\n", colorize_start(bold), "curvetun "
76 VERSION_STRING, colorize_end());
77 }
78
79 static void help(void)
80 {
81 printf("\ncurvetun %s, ``Elliptic Curve Crypto''-based IP-tunnel\n",
82 VERSION_STRING);
83 printf("http://www.netsniff-ng.org\n\n");
84 printf("Usage: curvetun [options]\n");
85 printf("Options:\n");
86 printf(" -k|--keygen[=curve] Generate public/private keypair\n");
87 printf(" Default curve: 'secp256r1/nistp256'\n");
88 printf(" -l|--list-curves Show available curves\n");
89 printf(" Client settings:\n");
90 printf(" -c|--client[=alias] Client mode, server alias optional\n");
91 printf(" -m|--mode <mode> Working mode, if no alias specified\n");
92 printf(" `--- latency Select server with lowest latency\n");
93 printf(" `-- rrobin Select servers in round robin\n");
94 printf(" `- random Select servers randomly (default)\n");
95 printf(" Server settings:\n");
96 printf(" -s|--server Server mode\n");
97 printf(" -p|--port <num> Port number (mandatory)\n");
98 printf(" -t|--stun <server> Show public IP/Port mapping via STUN\n");
99 printf(" Misc:\n");
100 printf(" -v|--version Print version\n");
101 printf(" -h|--help Print this help\n");
102 printf("\n");
103 printf("Example:\n");
104 printf(" Keygen: curvetun --keygen=secp384r1/nistp384\n");
105 printf(" Server: curvetun --server --port 6666 --stun stun.ekiga.net\n");
106 printf(" Client: curvetun --client --mode random\n");
107 printf(" Where both participants have the following files specified:\n");
108 printf(" ~/.curvetun/clients - Participants the server accepts\n");
109 printf(" line-format: username:pubkey\n");
110 printf(" ~/.curvetun/servers - Possible servers the client can connect to\n");
111 printf(" line-format: alias:serverip|servername:port:pubkey\n");
112 printf(" ~/.curvetun/priv.key - Your private key\n");
113 printf(" ~/.curvetun/pub.key - Your public key\n");
114 printf(" ~/.curvetun/username - Your username\n");
115 printf("\n");
116 printf("Note:\n");
117 printf(" There is no default port specified, so that users are forced\n");
118 printf(" to select their own!\n");
119 printf(" Elliptic Curve Crypto powered by Bertram Poettering's SECCURE\n");
120 printf("\n");
121 printf("Please report bugs to <bugs@netsniff-ng.org>\n");
122 printf("Copyright (C) 2011 Daniel Borkmann <dborkma@tik.ee.ethz.ch>,\n");
123 printf("Swiss federal institute of technology (ETH Zurich)\n");
124 printf("License: GNU GPL version 2\n");
125 printf("This is free software: you are free to change and redistribute it.\n");
126 printf("There is NO WARRANTY, to the extent permitted by law.\n\n");
127
128 die();
129 }
130
131 static void version(void)
132 {
133 printf("\ncurvetun %s, ``Elliptic Curve Crypto''-based IP-tunnel\n",
134 VERSION_STRING);
135 printf("http://www.netsniff-ng.org\n\n");
136 printf("Please report bugs to <bugs@netsniff-ng.org>\n");
137 printf("Copyright (C) 2011 Daniel Borkmann <dborkma@tik.ee.ethz.ch>,\n");
138 printf("Swiss federal institute of technology (ETH Zurich)\n");
139 printf("License: GNU GPL version 2\n");
140 printf("This is free software: you are free to change and redistribute it.\n");
141 printf("There is NO WARRANTY, to the extent permitted by law.\n\n");
142
143 die();
144 }
145
146 int main_keygen(char *curve)
147 {
148 if (!curve)
149 panic("No curve supplied for keygen!\n");
150 if (!curve_by_name(curve))
151 panic("No such curve available!\n");
152 info("Using curve %s!\n", curve);
153
154 info("keygen\n");
155 return 0;
156 }
157
158 int main_client(enum client_mode cmode)
159 {
160 info("client\n");
161 return 0;
162 }
163
164 int main_server(int port)
165 {
166 info("server\n");
167 return 0;
168 }
169
170 int main(int argc, char **argv)
171 {
172 int c, opt_index;
173 uint16_t port, stun_port = 3478; /* Future: via --stun */
174 char *stun = NULL, *curve = NULL;
175 enum working_mode wmode = MODE_UNKNOW;
176 enum client_mode cmode = MODE_ALL_RANDOM;
177
178 while ((c = getopt_long(argc, argv, short_options, long_options,
179 &opt_index)) != EOF) {
180 switch (c) {
181 case 'h':
182 help();
183 break;
184 case 'v':
185 version();
186 break;
187 case 'c':
188 wmode = MODE_CLIENT;
189 break;
190 case 'm':
191 cmode = MODE_ALL_RANDOM;
192 break;
193 case 'k':
194 wmode = MODE_KEYGEN;
195 if (optarg)
196 curve = xstrdup(optarg);
197 else
198 curve = xstrdup("secp256r1/nistp256");
199 break;
200 case 's':
201 wmode = MODE_SERVER;
202 break;
203 case 't':
204 stun = xstrdup(optarg);
205 break;
206 case 'p':
207 port = atoi(optarg);
208 break;
209 case 'l':
210 curve_list();
211 die();
212 break;
213 case '?':
214 switch (optopt) {
215 case 'm':
216 case 't':
217 case 'p':
218 panic("Option -%c requires an argument!\n",
219 optopt);
220 default:
221 if (isprint(optopt))
222 whine("Unknown option character "
223 "`0x%X\'!\n", optopt);
224 die();
225 }
226 default:
227 break;
228 }
229 }
230
231 if (argc < 2)
232 help();
233
234 register_signal(SIGINT, signal_handler);
235 register_signal(SIGHUP, signal_handler);
236 register_signal(SIGSEGV, muntrace_handler);
237
238 header();
239
240 switch (wmode) {
241 case MODE_KEYGEN:
242 main_keygen(curve);
243 xfree(curve);
244 break;
245 case MODE_CLIENT:
246 main_client(cmode);
247 break;
248 case MODE_SERVER:
249 if (port == 0)
250 panic("No port specified!\n");
251 if (stun) {
252 print_stun_probe(stun, stun_port, port);
253 xfree(stun);
254 }
255 main_server(port);
256 break;
257 default:
258 panic("Either select keygen, client or server mode!\n");
259 }
260
261 return 0;
262 }
263
netsniff-ng toolkit, the packet sniffing beast, staging tree