path: root/ptunnel.h

/*	ptunnel.h
	ptunnel is licensed under the BSD license:
	
	Copyright (c) 2004-2011, Daniel Stoedle <daniels@cs.uit.no>,
	Yellow Lemon Software. All rights reserved.
	
	Redistribution and use in source and binary forms, with or without
	modification, are permitted provided that the following conditions are met:

	- Redistributions of source code must retain the above copyright notice,
	  this list of conditions and the following disclaimer.

	- Redistributions in binary form must reproduce the above copyright notice,
	  this list of conditions and the following disclaimer in the documentation
	  and/or other materials provided with the distribution.

	- Neither the name of the Yellow Lemon Software nor the names of its
	  contributors may be used to endorse or promote products derived from this
	  software without specific prior written permission.

	THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
	AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
	ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
	LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
	CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
	POSSIBILITY OF SUCH DAMAGE.
		
	Contacting the author:
	You can get in touch with me, Daniel St�dle (that's the Norwegian letter oe,
	in case your text editor didn't realize), here: <daniels@cs.uit.no>
	
	The official ptunnel website is here:
	<http://www.cs.uit.no/~daniels/PingTunnel/>
	
	Note that the source code is best viewed with tabs set to 4 spaces.
*/

#ifndef PING_TUNNEL_H
	#define PING_TUNNEL_H

//	Includes
#ifndef WIN32
  	#include	<sys/unistd.h>
  	#include	<sys/types.h>
  	#include	<sys/socket.h>
  	#include	<netinet/in.h>
  	#include	<arpa/inet.h>
  	#include	<netdb.h>
	#include	<pthread.h>
	#include	<errno.h>
	#include	<net/ethernet.h>
	#include	<syslog.h>
	#include	<pwd.h>
	#include	<grp.h>
#endif /* !WIN32 */
	#include	<stdarg.h>
	#include	<unistd.h>
  	#include	<stdio.h>
  	#include	<stdlib.h>
  	#include	<string.h>
  	#include	<time.h>
  	#include	<sys/time.h>
  	#include	<signal.h>
  	#include	<stdint.h>
  	#include	<pcap.h>

#ifdef WIN32
	#include    <winsock2.h>
	typedef int socklen_t;
	typedef uint32_t in_addr_t;
	#define ETH_ALEN        6               /* Octets in one ethernet addr   */
	struct ether_header
	{
		u_int8_t  ether_dhost[ETH_ALEN];      /* destination eth addr */
		u_int8_t  ether_shost[ETH_ALEN];      /* source ether addr    */
		u_int16_t ether_type;                 /* packet type ID field */
	};
#endif /* WIN32 */

//	Constants
#define	false		0
#define	true		1
#define	bool		char

enum {
	kOpt_undefined			= 0,		//	Constants for parsing options
	kOpt_set_proxy_addr,
	kOpt_set_mode,
	kOpt_set_password,
	kOpt_set_tcp_port,
	kOpt_set_tcp_dest_addr,
	kOpt_set_tcp_dest_port,
	kOpt_set_verbosity,
	kOpt_set_max_tunnels,
	kOpt_set_non_privileged,
	kOpt_set_pcap_device,
	kOpt_set_log_file,
	kOpt_set_unpriv_user,
	kOpt_set_unpriv_group,
	kOpt_set_root_dir,
	kOpt_set_selinux_context,
	kOpt_daemonize,
	
	kMode_forward			= 0,	//	Ping tunnel's operating mode (client or
	kMode_proxy,					//	proxy)
	
	kMax_tunnels			= 10,/*	Set this constant to the number of concurrent
									connections you wish to handle by default. */
	
	kNo_log					= -1,	//	Different verbosity levels.
	kLog_error				= 0,
	kLog_info,
	kLog_event,
	kLog_verbose,
	kLog_debug,
	kLog_sendrecv,
	
	kMajor_version			= 0,	//	Major (0.xx) and minor (x.70) version
	kMinor_version			= 72,	//	numbers.
	
	kIP_packet_max_size		= 576,
	kIP_header_size			= 20,	//	In bytes, mind you
	kIP_actual_size			= (kIP_packet_max_size - kIP_header_size) - ((kIP_packet_max_size - kIP_header_size) % 8),
	kICMP_header_size		= 8,	//	Also in bytes
	
	kDefault_buf_size		= 1024,	/*	This constant control the maximum size of
										the payload-portion of the ICMP packets
										we send. Note that this does not include
										the IP or ICMP headers!	*/
	
	kICMP_echo_request		= 8,	//	Type code for echo request and replies
	kICMP_echo_reply		= 0,
	
	kPing_window_size		= 64,	// number of packets we can have in our send/receive ring
	
	/*	Tunnels are automatically closed after one minute of inactivity. Since
		we continously send acknowledgements between the two peers, this mechanism
		won't disconnect "valid" connections.
	*/
	kAutomatic_close_timeout	= 60,	//	Seconds!
	
	kMD5_digest_size		= 16,	//	size of md5 digest in bytes
	
	/*	These constants are used to indicate the protocol state. The protocol
		works as follows:
		- The identifier is used by both the proxy and the forwarder
		to identify the session (and thus the relevant sockets).
		- The seq-no of the ping packet is used in a sliding-window-esque
		way, and to identify the order of data.
		
		The protocol can be in any of the following states:
		kProxy_start		Causes the proxy to open a connection to the given
							host and port, associating the ID with the socket,
							before the data on the socket are transmitted.
		kProxy_data			Indicates that the packet contains data from the proxy.
							Data ordering is indicated by the seq-no, which will start
							at 0. (The proxy and forwarder maintain different seq-nos.)
		kUser_data			This packet contains user data.
		kConnection_close	Indicates that the connection is being closed.
		kProxy_ack and		Acknowledges the packet (and all packets before it) with seq_no = ack.
		kUser_ack			This is used if there are no implicit acknowledgements due to data
							being sent.
		
		Acknowledgements work by the remote peer acknowledging the last
		continuous seq no it has received.
		
		Note: A proxy receiving a kProxy_data packet, or a user receiving a
		kUser_data packet, should ignore it, as it is the host operating system
		actually returning the ping. This is mostly relevant for users, and for
		proxies running in unprivileged mode.
	*/
	kProxy_start			= 0,
	kProto_ack,
	kProto_data,
	kProto_close,
	kProto_authenticate,
	kNum_proto_types,
	
	kUser_flag				= 1 << 30,	//	set when packet comes from a user
	kProxy_flag				= 1 << 31,	//	set when packet comes from the proxy
	kFlag_mask				= kUser_flag | kProxy_flag,
	
	kDNS_port				= 53,
};

#define	kPing_tunnel_magic		0xD5200880
//	Resend packets after this interval (in seconds)
#define	kResend_interval		1.5

/*	ping_tunnel_pkt_t: This data structure represents the header of a ptunnel
	packet, consisting of a magic number, the tunnel's destination IP and port,
	as well as some other fields. Note that the dest IP and port is only valid
	in packets from the client to the proxy.
*/
typedef struct {
	uint32_t	magic,		//	magic number, used to identify ptunnel packets.
				dst_ip,		//	destination IP and port (used by proxy to figure
				dst_port,	//	out where to tunnel to)
				state,		//	current connection state; see constants above.
				ack,		//	sequence number of last packet received from other end
				data_len;	//	length of data buffer
	uint16_t	seq_no,		//	sequence number of this packet
				id_no;		//	id number, used to separate different tunnels from each other
	char		data[0];	//	optional data buffer
} __attribute__ ((packed)) ping_tunnel_pkt_t;


/*	ip_packet_t: This is basically my own definition of the IP packet, which
	of course complies with the official definition ;) See any good book on IP
	(or even the RFC) for info on the contents of this packet.
*/
typedef struct {
	uint8_t			vers_ihl,
					tos;
	uint16_t		pkt_len,
					id,
					flags_frag_offset;
	uint8_t			ttl,
					proto;	// 1 for ICMP
	uint16_t		checksum;
	uint32_t		src_ip,
					dst_ip;
	char			data[0];
} __attribute__ ((packed)) ip_packet_t;


/*	icmp_echo_packet_t: This is the definition of a standard ICMP header. The
	ptunnel packets are constructed as follows:
	[    ip header (20 bytes)   ]
	[   icmp header (8 bytes)   ]
	[ ptunnel header (28 bytes) ]
	
	We actually only create the ICMP and ptunnel headers, the IP header is
	taken care of by the OS.
*/
typedef struct {
	uint8_t			type,
					code;
	uint16_t		checksum,
					identifier,
					seq;
	char			data[0];
} __attribute__ ((packed)) icmp_echo_packet_t;


/*	pt_thread_info_t: A simple (very simple, in fact) structure that allows us
	to pass an arbitrary number of params to the threads we create. Currently,
	that's just one single parameter: The socket which the thread should listen
	to.
*/
typedef struct {
	int			sock;
} pt_thread_info_t;


/*	forward_desc_t: Describes a piece of that needs to be forwarded. This
	structure is used for receiving data from the network, and for subsequent
	forwarding over TCP:
	
	1. Client sends data to proxy over ICMP
	2. Proxy receives the data, and puts it into a forward_desc_t
	3. The proxy starts send()-ing the data over the TCP socket to the destination,
	   decreasing forward_desc_t->remaining with the number of bytes transferred.
	4. Once remaining reaches 0, the forward_desc_t is removed from the receive
	   ring.
	
	The same procedure is followed in proxy-to-client communication. Just replace
	proxy with client and vice versa in the list above.
*/
typedef struct {
	int			seq_no,		//	ping_tunnel_pkt_t seq_no
				length,		//	length of data
				remaining;	//	amount of data not yet transferred
	char		data[0];
} forward_desc_t;


/*	icmp_desc_t: This structure is used to track the ICMP packets sent by either
	the client or proxy. The last_resend variable is used to prevent resending
	the packet too often. Once the packet is acknowledged by the remote end,
	it will be removed from the send-ring, freeing up space for more outgoing
	ICMP packets.
*/
typedef struct {
	int					pkt_len;		// total length of ICMP packet, including ICMP header and ptunnel data.
	double				last_resend;
	int					resend_count;
	uint16_t			seq_no,
						icmp_id;
	icmp_echo_packet_t	*pkt;
} icmp_desc_t;


/*	challenge_t: This structure contains the pseudo-random challenge used for
	authentication.
*/
typedef struct challenge_t {
	uint32_t			sec,		//	tv_sec as returned by gettimeofday
						usec_rnd,	//	tv_usec as returned by gettimeofday + random value
						random[6];	//	random values
} __attribute__ ((packed)) challenge_t;


/*	xfer_stats_t: Various transfer statistics, such as bytes sent and received,
	number of ping packets sent/received, etc.
*/
typedef struct xfer_stats_t {
	double				bytes_in,
						bytes_out;
	uint32_t			icmp_in,
						icmp_out,
						icmp_resent,
						icmp_ack_out;
} xfer_stats_t;


/*	proxy_desc_t: This massive structure describes a tunnel instance.
*/
typedef struct proxy_desc_t {
	int					sock,			//	ICMP or UDP socket
						bytes,			//	number of bytes in receive buffer
						should_remove;	//	set to true once this instance should be removed
	char				*buf;			//	data buffer, used to receive ping and pong packets
	uint16_t			id_no,
						my_seq,
						ping_seq,
						next_remote_seq,
						pkt_type,
						remote_ack_val,
						icmp_id;
	int					recv_idx,		//	first available slot in recv ring
						recv_xfer_idx,	//	current slot in recv ring being transferred
						send_idx,		//	first available slot in send ring
						send_first_ack,	//	first packet in send ring not yet acked
						recv_wait_send,	//	number of items in recv ring awaiting send
						send_wait_ack,	//	number of items in send ring awaiting ack
						next_resend_start,
						authenticated;
	challenge_t			*challenge;		//	Contains the challenge, if used.
	uint32_t			state,			//	Protocol state
						type_flag,		//	Either kProxy_flag or kUser_flag
						dst_ip,			//	IP and port to which data should be forwarded.
						dst_port;
	struct sockaddr_in	dest_addr;		//	Same as above
	double				last_ack,		//	Time when last ack packet was sent.
						last_activity;	//	Time when a packet was last received.
	icmp_desc_t			send_ring[kPing_window_size];
	forward_desc_t		*recv_ring[kPing_window_size];
	xfer_stats_t		xfer;
	struct proxy_desc_t	*next;
} proxy_desc_t;


/*	pqueue_elem_t: An queue element in the pqueue structure (below).
*/
typedef struct pqueue_elem_t {
	int						bytes;		// size of data buffer
	struct pqueue_elem_t	*next;		// next queue element (if any)
	char					data[0];	// data (duh!)
} pqueue_elem_t;


/*	pqueue_t: A simple queue strucutre.
*/
typedef struct {
	pqueue_elem_t	*head,
					*tail;
	int				elems;
} pqueue_t;

/*	pcap_info_t: Structure to hold information related to packet capturing.
*/
typedef struct {
	pcap_t				*pcap_desc;
	struct bpf_program	fp;		//	Compiled filter program
	uint32_t			netp,
						netmask;
	char				*pcap_err_buf,	//	Buffers for error and packet info
						*pcap_data_buf;
	pqueue_t			pkt_q;			//	Queue of packets to process
} pcap_info_t;


//	Prototypes (sorry about the long lines..)
	void		usage(char *exec_name);
	void*		pt_proxy(void *args);
	void		pcap_packet_handler(u_char *refcon, const struct pcap_pkthdr *hdr, const u_char* pkt);
	void		handle_packet(char *buf, int bytes, int is_pcap, struct sockaddr_in *addr, int icmp_sock);
	
	proxy_desc_t*	create_and_insert_proxy_desc(uint16_t id_no, uint16_t icmp_id, int sock, struct sockaddr_in *addr, uint32_t dst_ip, uint32_t dst_port, uint32_t init_state, uint32_t type);
	void		remove_proxy_desc(proxy_desc_t *cur, proxy_desc_t *prev);
	
	void		pt_forwarder(void);
	
	void		print_statistics(xfer_stats_t *xfer, int is_continuous);
	int			queue_packet(int icmp_sock, uint8_t type, char *buf, int num_bytes, uint16_t id_no, uint16_t icmp_id, uint16_t *seq, icmp_desc_t ring[], int *insert_idx, int *await_send, uint32_t ip, uint32_t port, uint32_t state, struct sockaddr_in *dest_addr, uint16_t next_expected_seq, int *first_ack, uint16_t *ping_seq);
	uint32_t	send_packets(forward_desc_t *ring[], int *xfer_idx, int *await_send, int *sock);
	void		handle_data(icmp_echo_packet_t *pkt, int total_len, forward_desc_t *ring[], int *await_send, int *insert_idx, uint16_t *next_expected_seq);
	void		handle_ack(uint16_t seq_no, icmp_desc_t ring[], int *packets_awaiting_ack, int one_ack_only, int insert_idx, int *first_ack, uint16_t *remote_ack, int is_pcap);
	forward_desc_t*	create_fwd_desc(uint16_t seq_no, uint32_t data_len, char *data);
	void		init_ip_packet(ip_packet_t *packet, uint16_t id, uint16_t frag_offset, uint16_t pkt_len, uint8_t ttl, uint32_t src_ip, uint32_t dst_ip, bool is_last_frag, bool dont_frag);
	uint16_t	calc_ip_checksum(ip_packet_t *pkt);
	uint16_t	calc_icmp_checksum(uint16_t *data, int bytes);
	
	challenge_t*	generate_challenge(void);
	void			generate_response(challenge_t *challenge);
	int				validate_challenge(challenge_t *local, challenge_t *remote);
	
	void		send_termination_msg(proxy_desc_t *cur, int icmp_sock);
	
	char*	f_inet_ntoa(uint32_t ip);
	void	pt_log(int level, char *fmt, ...);
	double	time_as_double(void);
#endif