2 * curvetun - the cipherspace wormhole creator
3 * Part of the netsniff-ng project
4 * By Daniel Borkmann <daniel@netsniff-ng.org>
5 * Copyright 2011 Daniel Borkmann <dborkma@tik.ee.ethz.ch>,
6 * Copyright 2011 Emmanuel Roullit.
7 * Subject to the GPL, version 2.
9 * This is curvetun, a lightweight, high-speed ECDH multiuser IP tunnel for
10 * Linux that is based on epoll(2). curvetun uses the Linux TUN/TAP interface
11 * and supports {IPv4,IPv6} over {IPv4,IPv6} with UDP or TCP as carrier
12 * protocols. It has an integrated packet forwarding trie, thus multiple
13 * users with different IPs can be handled via a single tunnel device on the
14 * server side and flows are scheduled for processing in a CPU-local manner.
15 * For transmission, packets are being compressed and encrypted by both, the
16 * client and the server side. As an appropriate key management, public-key
17 * cryptography based on elliptic curves are being used and packets are
18 * encrypted by a symmetric stream cipher (Salsa20) and authenticated by a MAC
19 * (Poly1305), where keys have previously been computed with the ECDH key
20 * agreement protocol (Curve25519). Cryptography is based on Daniel J.
21 * Bernsteins Networking and Cryptography library (NaCl).
23 * He used often to say there was only one Road; that it was like a great
24 * river: it's springs were at every doorstep and every path was it's
25 * tributary. "It's a dangerous business, Frodo, going out of your door,"
26 * he used to say. "You step into the Road, and if you don't keep your
27 * feet, there is no telling where you might be swept off to."
29 * -- The Lord of the Rings, Frodo about his uncle Bilbo Baggins,
30 * Chapter 'Three is Company'.
43 #include <sys/types.h>
45 #include <sys/socket.h>
46 #include <sys/ptrace.h>
47 #include <netinet/in.h>
60 #include "write_or_die.h"
61 #include "crypto_verify_32.h"
62 #include "crypto_box_curve25519xsalsa20poly1305.h"
63 #include "crypto_scalarmult_curve25519.h"
64 #include "crypto_auth_hmacsha512256.h"
66 noinline
void *memset(void *__s
, int __c
, size_t __n
);
68 #define CURVETUN_ENTROPY_SOURCE "/dev/random"
80 sig_atomic_t sigint
= 0;
82 static const char *short_options
= "kxc::svhp:t:d:uCS46D";
84 static struct option long_options
[] = {
85 {"client", optional_argument
, 0, 'c'},
86 {"dev", required_argument
, 0, 'd'},
87 {"port", required_argument
, 0, 'p'},
88 {"stun", required_argument
, 0, 't'},
89 {"keygen", no_argument
, 0, 'k'},
90 {"export", no_argument
, 0, 'x'},
91 {"dumpc", no_argument
, 0, 'C'},
92 {"dumps", no_argument
, 0, 'S'},
93 {"server", no_argument
, 0, 's'},
94 {"udp", no_argument
, 0, 'u'},
95 {"ipv4", no_argument
, 0, '4'},
96 {"ipv6", no_argument
, 0, '6'},
97 {"nofork", no_argument
, 0, 'D'},
98 {"version", no_argument
, 0, 'v'},
99 {"help", no_argument
, 0, 'h'},
103 static void signal_handler(int number
)
114 static void header(void)
116 printf("%s%s%s\n", colorize_start(bold
), "curvetun "
117 VERSION_STRING
, colorize_end());
120 static void help(void)
122 printf("\ncurvetun %s, lightweight curve25519-based multiuser IP tunnel\n",
124 printf("http://www.netsniff-ng.org\n\n");
125 printf("Usage: curvetun [options]\n");
126 printf("Options:\n");
127 printf(" -k|--keygen Generate public/private keypair\n");
128 printf(" -x|--export Export your public data for remote servers\n");
129 printf(" -C|--dumpc Dump parsed clients\n");
130 printf(" -S|--dumps Dump parsed servers\n");
131 printf(" -D|--nofork Do not daemonize\n");
132 printf(" -d|--dev <tun> Networking tunnel device, e.g. tun0\n");
133 printf(" -v|--version Print version\n");
134 printf(" -h|--help Print this help\n");
135 printf(" Client settings:\n");
136 printf(" -c|--client[=alias] Client mode, server alias optional\n");
137 printf(" Server settings:\n");
138 printf(" -s|--server Server mode\n");
139 printf(" -p|--port <num> Port number (mandatory)\n");
140 printf(" -t|--stun <server> Show public IP/Port mapping via STUN\n");
141 printf(" -u|--udp Use UDP as carrier instead of TCP\n");
142 printf(" -4|--ipv4 Tunnel devices are IPv4\n");
143 printf(" -6|--ipv6 Tunnel devices are IPv6\n");
144 printf(" (default: same as carrier protocol)\n");
146 printf("Example:\n");
147 printf(" See README.curvetun for a configuration example.\n");
148 printf(" curvetun --keygen\n");
149 printf(" curvetun --export\n");
150 printf(" curvetun --server -4 -u --port 6666 --stun stunserver.org\n");
151 printf(" curvetun --client=ethz\n");
154 printf(" There is no default port specified, so that you are forced\n");
155 printf(" to select your own! For client/server status messages see syslog!\n");
157 printf("Secret ingredient: 7647-14-5\n");
159 printf("Please report bugs to <bugs@netsniff-ng.org>\n");
160 printf("Copyright (C) 2011 Daniel Borkmann <dborkma@tik.ee.ethz.ch>,\n");
161 printf("License: GNU GPL version 2\n");
162 printf("This is free software: you are free to change and redistribute it.\n");
163 printf("There is NO WARRANTY, to the extent permitted by law.\n\n");
168 static void version(void)
170 printf("\ncurvetun %s, lightweight curve25519-based multiuser IP tunnel\n",
172 printf("Build: %s\n", BUILD_STRING
);
173 printf("http://www.netsniff-ng.org\n\n");
174 printf("Please report bugs to <bugs@netsniff-ng.org>\n");
175 printf("Copyright (C) 2011 Daniel Borkmann <dborkma@tik.ee.ethz.ch>,\n");
176 printf("License: GNU GPL version 2\n");
177 printf("This is free software: you are free to change and redistribute it.\n");
178 printf("There is NO WARRANTY, to the extent permitted by law.\n\n");
183 static void check_file_or_die(char *home
, char *file
, int maybeempty
)
188 memset(path
, 0, sizeof(path
));
189 slprintf(path
, sizeof(path
), "%s/%s", home
, file
);
192 panic("No such file %s! Type --help for further information\n",
195 if (!S_ISREG(st
.st_mode
))
196 panic("%s is not a regular file!\n", path
);
198 if ((st
.st_mode
& ~S_IFREG
) != (S_IRUSR
| S_IWUSR
))
199 panic("You have set too many permissions on %s (%o)!\n",
202 if (maybeempty
== 0 && st
.st_size
== 0)
203 panic("%s is empty!\n", path
);
206 static void check_config_exists_or_die(char *home
)
209 panic("No home dir specified!\n");
210 check_file_or_die(home
, FILE_CLIENTS
, 1);
211 check_file_or_die(home
, FILE_SERVERS
, 1);
212 check_file_or_die(home
, FILE_PRIVKEY
, 0);
213 check_file_or_die(home
, FILE_PUBKEY
, 0);
214 check_file_or_die(home
, FILE_USERNAM
, 0);
217 static char *fetch_home_dir(void)
219 char *home
= getenv("HOME");
221 panic("No HOME defined!\n");
225 static void write_username(char *home
)
228 char path
[PATH_MAX
], *eof
;
231 memset(path
, 0, sizeof(path
));
232 slprintf(path
, sizeof(path
), "%s/%s", home
, FILE_USERNAM
);
234 printf("Username: [%s] ", getenv("USER"));
237 memset(user
, 0, sizeof(user
));
238 eof
= fgets(user
, sizeof(user
), stdin
);
239 user
[sizeof(user
) - 1] = 0;
240 user
[strlen(user
) - 1] = 0; /* omit last \n */
242 if (strlen(user
) == 0)
243 strlcpy(user
, getenv("USER"), sizeof(user
));
245 fd
= open(path
, O_WRONLY
| O_CREAT
| O_TRUNC
, S_IRUSR
| S_IWUSR
);
247 panic("Cannot open your username file!\n");
248 ret
= write(fd
, user
, strlen(user
));
249 if (ret
!= strlen(user
))
250 panic("Could not write username!\n");
253 info("Username written to %s!\n", path
);
256 static void create_curvedir(char *home
)
261 memset(path
, 0, sizeof(path
));
262 slprintf(path
, sizeof(path
), "%s/%s", home
, ".curvetun/");
265 ret
= mkdir(path
, S_IRWXU
);
266 if (ret
< 0 && errno
!= EEXIST
)
267 panic("Cannot create curvetun dir!\n");
269 info("curvetun directory %s created!\n", path
);
271 /* We also create empty files for clients and servers! */
272 memset(path
, 0, sizeof(path
));
273 slprintf(path
, sizeof(path
), "%s/%s", home
, FILE_CLIENTS
);
275 fd
= open(path
, O_WRONLY
| O_CREAT
, S_IRUSR
| S_IWUSR
);
277 panic("Cannot open clients file!\n");
280 info("Empty client file written to %s!\n", path
);
282 memset(path
, 0, sizeof(path
));
283 slprintf(path
, sizeof(path
), "%s/%s", home
, FILE_SERVERS
);
285 fd
= open(path
, O_WRONLY
| O_CREAT
, S_IRUSR
| S_IWUSR
);
287 panic("Cannot open servers file!\n");
290 info("Empty server file written to %s!\n", path
);
293 static void create_keypair(char *home
)
297 unsigned char publickey
[crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES
] = { 0 };
298 unsigned char secretkey
[crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES
] = { 0 };
300 const char * errstr
= NULL
;
303 info("Reading from %s (this may take a while) ...\n", CURVETUN_ENTROPY_SOURCE
);
305 fd
= open_or_die(CURVETUN_ENTROPY_SOURCE
, O_RDONLY
);
306 ret
= read_exact(fd
, secretkey
, sizeof(secretkey
), 0);
307 if (ret
!= sizeof(secretkey
)) {
309 errstr
= "Cannot read from "CURVETUN_ENTROPY_SOURCE
"!\n";
314 crypto_scalarmult_curve25519_base(publickey
, secretkey
);
316 memset(path
, 0, sizeof(path
));
317 slprintf(path
, sizeof(path
), "%s/%s", home
, FILE_PUBKEY
);
319 fd
= open(path
, O_WRONLY
| O_CREAT
| O_TRUNC
, S_IRUSR
| S_IWUSR
);
322 errstr
= "Cannot open pubkey file!\n";
325 ret
= write(fd
, publickey
, sizeof(publickey
));
326 if (ret
!= sizeof(publickey
)) {
328 errstr
= "Cannot write public key!\n";
333 info("Public key written to %s!\n", path
);
335 memset(path
, 0, sizeof(path
));
336 slprintf(path
, sizeof(path
), "%s/%s", home
, FILE_PRIVKEY
);
338 fd
= open(path
, O_WRONLY
| O_CREAT
| O_TRUNC
, S_IRUSR
| S_IWUSR
);
341 errstr
= "Cannot open privkey file!\n";
345 ret
= write(fd
, secretkey
, sizeof(secretkey
));
346 if (ret
!= sizeof(secretkey
)) {
348 errstr
= "Cannot write private key!\n";
354 memset(publickey
, 0, sizeof(publickey
));
355 memset(secretkey
, 0, sizeof(secretkey
));
357 panic("%s: %s", errstr
, strerror(errno
));
359 info("Private key written to %s!\n", path
);
362 static void check_config_keypair_or_die(char *home
)
367 const char * errstr
= NULL
;
368 unsigned char publickey
[crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES
];
369 unsigned char publicres
[crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES
];
370 unsigned char secretkey
[crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES
];
373 memset(path
, 0, sizeof(path
));
374 slprintf(path
, sizeof(path
), "%s/%s", home
, FILE_PRIVKEY
);
376 fd
= open(path
, O_RDONLY
);
379 errstr
= "Cannot open privkey file!\n";
382 ret
= read(fd
, secretkey
, sizeof(secretkey
));
383 if (ret
!= sizeof(secretkey
)) {
385 errstr
= "Cannot read private key!\n";
390 memset(path
, 0, sizeof(path
));
391 slprintf(path
, sizeof(path
), "%s/%s", home
, FILE_PUBKEY
);
393 fd
= open(path
, O_RDONLY
);
396 errstr
= "Cannot open pubkey file!\n";
399 ret
= read(fd
, publickey
, sizeof(publickey
));
400 if (ret
!= sizeof(publickey
)) {
402 errstr
= "Cannot read public key!\n";
406 crypto_scalarmult_curve25519_base(publicres
, secretkey
);
407 err
= crypto_verify_32(publicres
, publickey
);
410 errstr
= "WARNING: your keypair is corrupted!!! You need to "
411 "generate new keys!!!\n";
416 memset(publickey
, 0, sizeof(publickey
));
417 memset(publicres
, 0, sizeof(publicres
));
418 memset(secretkey
, 0, sizeof(secretkey
));
420 panic("%s: %s\n", errstr
, strerror(errno
));
423 static int main_keygen(char *home
)
425 create_curvedir(home
);
426 write_username(home
);
427 create_keypair(home
);
428 check_config_keypair_or_die(home
);
432 static int main_export(char *home
)
436 char path
[PATH_MAX
], tmp
[64];
438 check_config_exists_or_die(home
);
439 check_config_keypair_or_die(home
);
441 printf("Your exported public information:\n\n");
443 memset(path
, 0, sizeof(path
));
444 slprintf(path
, sizeof(path
), "%s/%s", home
, FILE_USERNAM
);
446 fd
= open_or_die(path
, O_RDONLY
);
447 while ((ret
= read(fd
, tmp
, sizeof(tmp
))) > 0) {
448 ret
= write(STDOUT_FILENO
, tmp
, ret
);
454 memset(path
, 0, sizeof(path
));
455 slprintf(path
, sizeof(path
), "%s/%s", home
, FILE_PUBKEY
);
457 fd
= open_or_die(path
, O_RDONLY
);
458 ret
= read(fd
, tmp
, sizeof(tmp
));
459 if (ret
!= crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES
)
460 panic("Cannot read public key!\n");
461 for (i
= 0; i
< ret
; ++i
)
463 printf("%02x\n\n", (unsigned char) tmp
[i
]);
465 printf("%02x:", (unsigned char) tmp
[i
]);
472 static int main_dumpc(char *home
)
474 check_config_exists_or_die(home
);
475 check_config_keypair_or_die(home
);
477 printf("Your clients:\n\n");
479 parse_userfile_and_generate_user_store_or_die(home
);
481 destroy_user_store();
488 static int main_dumps(char *home
)
490 check_config_exists_or_die(home
);
491 check_config_keypair_or_die(home
);
493 printf("Your servers:\n\n");
495 parse_userfile_and_generate_serv_store_or_die(home
);
497 destroy_serv_store();
504 static void daemonize(const char *lockfile
)
507 mode_t lperm
= S_IRWXU
| S_IRGRP
| S_IXGRP
; /* 0750 */
514 panic("Cannot daemonize: %s", strerror(errno
));
519 lfp
= open(lockfile
, O_RDWR
| O_CREAT
| O_EXCL
, 0640);
521 syslog_panic("Cannot create lockfile at %s! "
522 "curvetun server already running?\n",
525 slprintf(pidstr
, sizeof(pidstr
), "%u", getpid());
526 if (write(lfp
, pidstr
, strlen(pidstr
)) <= 0)
527 syslog_panic("Could not write pid to pidfile %s",
533 static int main_client(char *home
, char *dev
, char *alias
, int daemon
)
538 check_config_exists_or_die(home
);
539 check_config_keypair_or_die(home
);
541 parse_userfile_and_generate_serv_store_or_die(home
);
542 get_serv_store_entry_by_alias(alias
, alias
? strlen(alias
) + 1 : 0,
544 if (!host
|| !port
|| udp
< 0)
545 panic("Did not find alias/entry in configuration!\n");
546 printf("Using [%s] -> %s:%s via %s as endpoint!\n",
547 alias
? : "default", host
, port
, udp
? "udp" : "tcp");
551 ret
= client_main(home
, dev
, host
, port
, udp
);
552 destroy_serv_store();
557 static int main_server(char *home
, char *dev
, char *port
, int udp
,
558 int ipv4
, int daemon
)
562 check_config_exists_or_die(home
);
563 check_config_keypair_or_die(home
);
566 ret
= server_main(home
, dev
, port
, udp
, ipv4
);
572 int main(int argc
, char **argv
)
574 int ret
= 0, c
, opt_index
, udp
= 0, ipv4
= -1, daemon
= 1;
575 char *port
= NULL
, *stun
= NULL
, *dev
= NULL
, *home
= NULL
, *alias
=NULL
;
576 enum working_mode wmode
= MODE_UNKNOW
;
578 if (getuid() != geteuid())
580 if (getenv("LD_PRELOAD"))
581 panic("curvetun cannot be preloaded!\n");
582 if (ptrace(PTRACE_TRACEME
, 0, 1, 0) < 0)
583 panic("curvetun cannot be ptraced!\n");
585 home
= fetch_home_dir();
587 while ((c
= getopt_long(argc
, argv
, short_options
, long_options
,
588 &opt_index
)) != EOF
) {
610 alias
= xstrdup(optarg
);
614 dev
= xstrdup(optarg
);
635 stun
= xstrdup(optarg
);
638 port
= xstrdup(optarg
);
646 panic("Option -%c requires an argument!\n",
650 whine("Unknown option character "
651 "`0x%X\'!\n", optopt
);
662 register_signal(SIGINT
, signal_handler
);
663 register_signal(SIGHUP
, signal_handler
);
664 register_signal(SIGTERM
, signal_handler
);
665 register_signal(SIGPIPE
, signal_handler
);
668 curve25519_selftest();
672 ret
= main_keygen(home
);
675 ret
= main_export(home
);
678 ret
= main_dumpc(home
);
681 ret
= main_dumps(home
);
684 ret
= main_client(home
, dev
, alias
, daemon
);
688 panic("No port specified!\n");
690 print_stun_probe(stun
, 3478, strtoul(port
, NULL
, 10));
691 ret
= main_server(home
, dev
, port
, udp
, ipv4
, daemon
);