2007-09-20 16:32:01 +00:00
|
|
|
/*
|
2008-01-01 17:20:20 +00:00
|
|
|
* This file Copyright (C) 2007-2008 Charles Kerr <charles@rebelbase.com>
|
2007-09-20 16:32:01 +00:00
|
|
|
*
|
|
|
|
|
* This file is licensed by the GPL version 2. Works owned by the
|
|
|
|
|
* Transmission project are granted a special exemption to clause 2(b)
|
2008-09-23 19:11:04 +00:00
|
|
|
* so that the bulk of its code can remain under the MIT license.
|
2007-09-20 16:32:01 +00:00
|
|
|
* This exemption does not extend to derived works not owned by
|
|
|
|
|
* the Transmission project.
|
|
|
|
|
*
|
|
|
|
|
* $Id$
|
|
|
|
|
*/
|
|
|
|
|
|
2007-11-09 20:07:52 +00:00
|
|
|
#include <assert.h>
|
2007-09-20 16:32:01 +00:00
|
|
|
#include <errno.h>
|
|
|
|
|
#include <inttypes.h>
|
|
|
|
|
#include <limits.h> /* UCHAR_MAX */
|
|
|
|
|
#include <string.h>
|
|
|
|
|
#include <stdio.h>
|
|
|
|
|
|
|
|
|
|
#include <event.h>
|
|
|
|
|
|
|
|
|
|
#include "transmission.h"
|
|
|
|
|
#include "bencode.h"
|
2007-12-25 05:37:32 +00:00
|
|
|
#include "clients.h"
|
2007-09-20 16:32:01 +00:00
|
|
|
#include "crypto.h"
|
|
|
|
|
#include "handshake.h"
|
|
|
|
|
#include "peer-io.h"
|
2008-04-17 03:48:56 +00:00
|
|
|
#include "peer-mgr.h"
|
2007-12-25 05:37:32 +00:00
|
|
|
#include "torrent.h"
|
2007-09-29 13:47:15 +00:00
|
|
|
#include "trevent.h"
|
2007-09-20 16:32:01 +00:00
|
|
|
#include "utils.h"
|
|
|
|
|
|
|
|
|
|
/* enable LibTransmission extension protocol */
|
2008-09-23 19:11:04 +00:00
|
|
|
#define ENABLE_LTEP * /
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2007-09-21 14:50:29 +00:00
|
|
|
/* enable fast peers extension protocol */
|
2008-01-06 21:56:30 +00:00
|
|
|
/* #define ENABLE_FASTPEER */
|
2007-09-20 16:32:01 +00:00
|
|
|
|
|
|
|
|
/***
|
|
|
|
|
****
|
|
|
|
|
***/
|
|
|
|
|
|
|
|
|
|
#define HANDSHAKE_NAME "\023BitTorrent protocol"
|
|
|
|
|
|
|
|
|
|
enum
|
|
|
|
|
{
|
|
|
|
|
/* BitTorrent Handshake Constants */
|
|
|
|
|
HANDSHAKE_NAME_LEN = 20,
|
|
|
|
|
HANDSHAKE_FLAGS_LEN = 8,
|
|
|
|
|
HANDSHAKE_SIZE = 68,
|
|
|
|
|
PEER_ID_LEN = 20,
|
2008-01-01 00:20:07 +00:00
|
|
|
INCOMING_HANDSHAKE_LEN = 48,
|
2007-09-20 16:32:01 +00:00
|
|
|
|
|
|
|
|
/* Encryption Constants */
|
|
|
|
|
PadA_MAXLEN = 512,
|
|
|
|
|
PadB_MAXLEN = 512,
|
|
|
|
|
PadC_MAXLEN = 512,
|
|
|
|
|
PadD_MAXLEN = 512,
|
|
|
|
|
VC_LENGTH = 8,
|
2007-09-22 00:36:37 +00:00
|
|
|
KEY_LEN = 96,
|
|
|
|
|
CRYPTO_PROVIDE_PLAINTEXT = 1,
|
|
|
|
|
CRYPTO_PROVIDE_CRYPTO = 2
|
2007-09-20 16:32:01 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#ifdef ENABLE_LTEP
|
2008-09-23 19:11:04 +00:00
|
|
|
#define HANDSHAKE_HAS_LTEP( bits ) ( ( ( bits )[5] & 0x10 ) ? 1 : 0 )
|
|
|
|
|
#define HANDSHAKE_SET_LTEP( bits ) ( ( bits )[5] |= 0x10 )
|
2007-09-20 16:32:01 +00:00
|
|
|
#else
|
2008-09-23 19:11:04 +00:00
|
|
|
#define HANDSHAKE_HAS_LTEP( bits ) ( 0 )
|
|
|
|
|
#define HANDSHAKE_SET_LTEP( bits ) ( (void)0 )
|
2007-09-20 16:32:01 +00:00
|
|
|
#endif
|
|
|
|
|
|
2007-09-21 14:50:29 +00:00
|
|
|
#ifdef ENABLE_FASTPEER
|
2008-09-23 19:11:04 +00:00
|
|
|
#define HANDSHAKE_HAS_FASTEXT( bits ) ( ( ( bits )[7] & 0x04 ) ? 1 : 0 )
|
|
|
|
|
#define HANDSHAKE_SET_FASTEXT( bits ) ( ( bits )[7] |= 0x04 )
|
2007-09-21 14:50:29 +00:00
|
|
|
#else
|
2008-09-23 19:11:04 +00:00
|
|
|
#define HANDSHAKE_HAS_FASTEXT( bits ) ( 0 )
|
|
|
|
|
#define HANDSHAKE_SET_FASTEXT( bits ) ( (void)0 )
|
2007-09-21 14:50:29 +00:00
|
|
|
#endif
|
|
|
|
|
|
2007-09-20 16:32:01 +00:00
|
|
|
/* http://www.azureuswiki.com/index.php/Extension_negotiation_protocol
|
|
|
|
|
these macros are to be used if both extended messaging and the
|
|
|
|
|
azureus protocol is supported, they indicate which protocol is preferred */
|
2008-09-23 19:11:04 +00:00
|
|
|
#define HANDSHAKE_GET_EXTPREF( reserved ) ( ( reserved )[5] & 0x03 )
|
|
|
|
|
#define HANDSHAKE_SET_EXTPREF( reserved, val ) ( ( reserved )[5] |= 0x03 &\
|
|
|
|
|
( val ) )
|
2007-09-20 16:32:01 +00:00
|
|
|
|
|
|
|
|
struct tr_handshake
|
|
|
|
|
{
|
2008-09-23 19:11:04 +00:00
|
|
|
unsigned int havePeerID : 1;
|
|
|
|
|
unsigned int haveSentBitTorrentHandshake : 1;
|
|
|
|
|
tr_peerIo * io;
|
|
|
|
|
tr_crypto * crypto;
|
|
|
|
|
struct tr_handle * handle;
|
|
|
|
|
uint8_t myPublicKey[KEY_LEN];
|
|
|
|
|
uint8_t mySecret[KEY_LEN];
|
|
|
|
|
uint8_t state;
|
|
|
|
|
tr_encryption_mode encryptionMode;
|
|
|
|
|
uint16_t pad_c_len;
|
|
|
|
|
uint16_t pad_d_len;
|
|
|
|
|
uint16_t ia_len;
|
|
|
|
|
uint32_t crypto_select;
|
|
|
|
|
uint32_t crypto_provide;
|
|
|
|
|
uint8_t myReq1[SHA_DIGEST_LENGTH];
|
|
|
|
|
uint8_t peer_id[PEER_ID_LEN];
|
|
|
|
|
handshakeDoneCB doneCB;
|
|
|
|
|
void * doneUserData;
|
2007-09-20 16:32:01 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
***
|
|
|
|
|
**/
|
|
|
|
|
|
|
|
|
|
enum
|
|
|
|
|
{
|
|
|
|
|
/* incoming */
|
|
|
|
|
AWAITING_HANDSHAKE,
|
2008-01-01 00:20:07 +00:00
|
|
|
AWAITING_PEER_ID,
|
2007-09-20 16:32:01 +00:00
|
|
|
AWAITING_YA,
|
|
|
|
|
AWAITING_PAD_A,
|
|
|
|
|
AWAITING_CRYPTO_PROVIDE,
|
|
|
|
|
AWAITING_PAD_C,
|
|
|
|
|
AWAITING_IA,
|
2008-10-29 20:18:56 +00:00
|
|
|
AWAITING_PAYLOAD_STREAM,
|
2007-09-20 16:32:01 +00:00
|
|
|
|
|
|
|
|
/* outgoing */
|
|
|
|
|
AWAITING_YB,
|
|
|
|
|
AWAITING_VC,
|
|
|
|
|
AWAITING_CRYPTO_SELECT,
|
|
|
|
|
AWAITING_PAD_D,
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
***
|
|
|
|
|
**/
|
|
|
|
|
|
2008-10-26 15:39:04 +00:00
|
|
|
#define dbgmsg( handshake, ... ) \
|
|
|
|
|
do { \
|
|
|
|
|
if( tr_deepLoggingIsActive( ) ) \
|
|
|
|
|
tr_deepLog( __FILE__, __LINE__, tr_peerIoGetAddrStr( handshake->io ), __VA_ARGS__ ); \
|
|
|
|
|
} while( 0 )
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2008-09-23 19:11:04 +00:00
|
|
|
static const char*
|
|
|
|
|
getStateName( short state )
|
2007-09-20 16:32:01 +00:00
|
|
|
{
|
|
|
|
|
const char * str = "f00!";
|
2008-09-23 19:11:04 +00:00
|
|
|
|
|
|
|
|
switch( state )
|
|
|
|
|
{
|
|
|
|
|
case AWAITING_HANDSHAKE:
|
|
|
|
|
str = "awaiting handshake"; break;
|
|
|
|
|
|
|
|
|
|
case AWAITING_PEER_ID:
|
|
|
|
|
str = "awaiting peer id"; break;
|
|
|
|
|
|
|
|
|
|
case AWAITING_YA:
|
|
|
|
|
str = "awaiting ya"; break;
|
|
|
|
|
|
|
|
|
|
case AWAITING_PAD_A:
|
|
|
|
|
str = "awaiting pad a"; break;
|
|
|
|
|
|
|
|
|
|
case AWAITING_CRYPTO_PROVIDE:
|
|
|
|
|
str = "awaiting crypto_provide"; break;
|
|
|
|
|
|
|
|
|
|
case AWAITING_PAD_C:
|
|
|
|
|
str = "awaiting pad c"; break;
|
|
|
|
|
|
|
|
|
|
case AWAITING_IA:
|
|
|
|
|
str = "awaiting ia"; break;
|
|
|
|
|
|
|
|
|
|
case AWAITING_YB:
|
|
|
|
|
str = "awaiting yb"; break;
|
|
|
|
|
|
|
|
|
|
case AWAITING_VC:
|
|
|
|
|
str = "awaiting vc"; break;
|
|
|
|
|
|
|
|
|
|
case AWAITING_CRYPTO_SELECT:
|
|
|
|
|
str = "awaiting crypto select"; break;
|
|
|
|
|
|
|
|
|
|
case AWAITING_PAD_D:
|
|
|
|
|
str = "awaiting pad d"; break;
|
2007-09-20 16:32:01 +00:00
|
|
|
}
|
|
|
|
|
return str;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void
|
2008-09-23 19:11:04 +00:00
|
|
|
setState( tr_handshake * handshake,
|
|
|
|
|
short state )
|
2007-09-20 16:32:01 +00:00
|
|
|
{
|
2008-09-23 19:11:04 +00:00
|
|
|
dbgmsg( handshake, "setting to state [%s]", getStateName( state ) );
|
2007-09-20 16:32:01 +00:00
|
|
|
handshake->state = state;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void
|
2008-09-23 19:11:04 +00:00
|
|
|
setReadState( tr_handshake * handshake,
|
|
|
|
|
int state )
|
2007-09-20 16:32:01 +00:00
|
|
|
{
|
|
|
|
|
setState( handshake, state );
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static uint8_t *
|
|
|
|
|
buildHandshakeMessage( tr_handshake * handshake,
|
2008-09-23 19:11:04 +00:00
|
|
|
int * setme_len )
|
2007-09-20 16:32:01 +00:00
|
|
|
{
|
2008-09-23 19:11:04 +00:00
|
|
|
uint8_t * buf = tr_new0( uint8_t, HANDSHAKE_SIZE );
|
|
|
|
|
uint8_t * walk = buf;
|
|
|
|
|
const uint8_t * torrentHash = tr_cryptoGetTorrentHash(
|
|
|
|
|
handshake->crypto );
|
2008-01-07 06:19:34 +00:00
|
|
|
const uint8_t * peerId = tr_getPeerId( );
|
2007-09-20 16:32:01 +00:00
|
|
|
|
|
|
|
|
memcpy( walk, HANDSHAKE_NAME, HANDSHAKE_NAME_LEN );
|
|
|
|
|
walk += HANDSHAKE_NAME_LEN;
|
|
|
|
|
memset( walk, 0, HANDSHAKE_FLAGS_LEN );
|
2007-10-17 18:53:17 +00:00
|
|
|
HANDSHAKE_SET_LTEP( walk );
|
2007-09-28 16:40:21 +00:00
|
|
|
HANDSHAKE_SET_FASTEXT( walk );
|
2007-09-20 16:32:01 +00:00
|
|
|
|
|
|
|
|
walk += HANDSHAKE_FLAGS_LEN;
|
|
|
|
|
memcpy( walk, torrentHash, SHA_DIGEST_LENGTH );
|
|
|
|
|
walk += SHA_DIGEST_LENGTH;
|
2008-01-07 06:19:34 +00:00
|
|
|
memcpy( walk, peerId, PEER_ID_LEN );
|
|
|
|
|
walk += PEER_ID_LEN;
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2008-01-07 06:19:34 +00:00
|
|
|
assert( strlen( ( const char* )peerId ) == PEER_ID_LEN );
|
2008-09-23 19:11:04 +00:00
|
|
|
assert( walk - buf == HANDSHAKE_SIZE );
|
2007-09-20 16:32:01 +00:00
|
|
|
*setme_len = walk - buf;
|
|
|
|
|
return buf;
|
|
|
|
|
}
|
|
|
|
|
|
2008-09-23 19:11:04 +00:00
|
|
|
static int tr_handshakeDone( tr_handshake * handshake,
|
|
|
|
|
int isConnected );
|
2007-09-22 00:53:11 +00:00
|
|
|
|
2007-09-22 03:37:37 +00:00
|
|
|
enum
|
|
|
|
|
{
|
|
|
|
|
HANDSHAKE_OK,
|
|
|
|
|
HANDSHAKE_ENCRYPTION_WRONG,
|
|
|
|
|
HANDSHAKE_BAD_TORRENT,
|
|
|
|
|
HANDSHAKE_PEER_IS_SELF,
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
static int
|
2008-09-23 19:11:04 +00:00
|
|
|
parseHandshake( tr_handshake * handshake,
|
|
|
|
|
struct evbuffer * inbuf )
|
2007-09-22 03:37:37 +00:00
|
|
|
{
|
2007-09-26 03:52:30 +00:00
|
|
|
uint8_t name[HANDSHAKE_NAME_LEN];
|
2007-09-22 03:37:37 +00:00
|
|
|
uint8_t reserved[HANDSHAKE_FLAGS_LEN];
|
|
|
|
|
uint8_t hash[SHA_DIGEST_LENGTH];
|
|
|
|
|
|
2008-09-23 19:11:04 +00:00
|
|
|
dbgmsg( handshake, "payload: need %d, got %d", (int)HANDSHAKE_SIZE,
|
|
|
|
|
(int)EVBUFFER_LENGTH( inbuf ) );
|
2007-09-22 03:37:37 +00:00
|
|
|
|
2008-09-23 19:11:04 +00:00
|
|
|
if( EVBUFFER_LENGTH( inbuf ) < HANDSHAKE_SIZE )
|
2008-09-19 17:03:25 +00:00
|
|
|
return READ_LATER;
|
2007-09-22 03:37:37 +00:00
|
|
|
|
2007-09-26 03:52:30 +00:00
|
|
|
/* confirm the protocol */
|
|
|
|
|
tr_peerIoReadBytes( handshake->io, inbuf, name, HANDSHAKE_NAME_LEN );
|
|
|
|
|
if( memcmp( name, HANDSHAKE_NAME, HANDSHAKE_NAME_LEN ) )
|
2007-09-22 03:37:37 +00:00
|
|
|
return HANDSHAKE_ENCRYPTION_WRONG;
|
|
|
|
|
|
2007-09-26 03:52:30 +00:00
|
|
|
/* read the reserved bytes */
|
2007-09-22 03:37:37 +00:00
|
|
|
tr_peerIoReadBytes( handshake->io, inbuf, reserved, HANDSHAKE_FLAGS_LEN );
|
|
|
|
|
|
|
|
|
|
/* torrent hash */
|
2008-09-23 19:11:04 +00:00
|
|
|
tr_peerIoReadBytes( handshake->io, inbuf, hash, sizeof( hash ) );
|
2007-09-26 03:52:30 +00:00
|
|
|
assert( tr_peerIoHasTorrentHash( handshake->io ) );
|
2008-06-05 16:25:22 +00:00
|
|
|
if( !tr_torrentExists( handshake->handle, hash )
|
2008-09-23 19:11:04 +00:00
|
|
|
|| memcmp( hash, tr_peerIoGetTorrentHash( handshake->io ),
|
|
|
|
|
SHA_DIGEST_LENGTH ) )
|
2008-06-05 16:25:22 +00:00
|
|
|
{
|
2007-09-26 03:52:30 +00:00
|
|
|
dbgmsg( handshake, "peer returned the wrong hash. wtf?" );
|
|
|
|
|
return HANDSHAKE_BAD_TORRENT;
|
2007-09-22 03:37:37 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* peer_id */
|
2008-09-23 19:11:04 +00:00
|
|
|
tr_peerIoReadBytes( handshake->io, inbuf, handshake->peer_id,
|
|
|
|
|
sizeof( handshake->peer_id ) );
|
2007-09-22 03:37:37 +00:00
|
|
|
tr_peerIoSetPeersId( handshake->io, handshake->peer_id );
|
|
|
|
|
|
|
|
|
|
/* peer id */
|
|
|
|
|
handshake->havePeerID = TRUE;
|
2008-09-23 19:11:04 +00:00
|
|
|
dbgmsg( handshake, "peer-id is [%*.*s]", PEER_ID_LEN, PEER_ID_LEN,
|
|
|
|
|
handshake->peer_id );
|
|
|
|
|
if( !memcmp( handshake->peer_id, tr_getPeerId( ), PEER_ID_LEN ) )
|
|
|
|
|
{
|
2007-09-22 03:37:37 +00:00
|
|
|
dbgmsg( handshake, "streuth! we've connected to ourselves." );
|
|
|
|
|
return HANDSHAKE_PEER_IS_SELF;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
2007-10-17 18:53:17 +00:00
|
|
|
*** Extensions
|
2007-09-22 03:37:37 +00:00
|
|
|
**/
|
|
|
|
|
|
2007-10-17 18:53:17 +00:00
|
|
|
if( HANDSHAKE_HAS_LTEP( reserved ) )
|
|
|
|
|
{
|
|
|
|
|
tr_peerIoEnableLTEP( handshake->io, 1 );
|
2008-09-23 19:11:04 +00:00
|
|
|
dbgmsg( handshake, "using ltep" );
|
2007-10-17 18:53:17 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if( HANDSHAKE_HAS_FASTEXT( reserved ) )
|
|
|
|
|
{
|
|
|
|
|
tr_peerIoEnableFEXT( handshake->io, 1 );
|
2008-09-23 19:11:04 +00:00
|
|
|
dbgmsg( handshake, "using fext" );
|
2007-09-22 03:37:37 +00:00
|
|
|
}
|
2008-09-23 19:11:04 +00:00
|
|
|
|
2007-09-22 03:37:37 +00:00
|
|
|
return HANDSHAKE_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2007-09-20 16:32:01 +00:00
|
|
|
/***
|
|
|
|
|
****
|
|
|
|
|
**** OUTGOING CONNECTIONS
|
|
|
|
|
****
|
|
|
|
|
***/
|
|
|
|
|
|
|
|
|
|
/* 1 A->B: Diffie Hellman Ya, PadA */
|
|
|
|
|
static void
|
|
|
|
|
sendYa( tr_handshake * handshake )
|
|
|
|
|
{
|
2008-09-23 19:11:04 +00:00
|
|
|
int len;
|
|
|
|
|
const uint8_t * public_key;
|
2007-09-20 16:32:01 +00:00
|
|
|
struct evbuffer * outbuf = evbuffer_new( );
|
2008-09-23 19:11:04 +00:00
|
|
|
uint8_t pad_a[PadA_MAXLEN];
|
2007-09-20 16:32:01 +00:00
|
|
|
|
|
|
|
|
/* add our public key (Ya) */
|
|
|
|
|
public_key = tr_cryptoGetMyPublicKey( handshake->crypto, &len );
|
|
|
|
|
assert( len == KEY_LEN );
|
2008-08-01 16:43:22 +00:00
|
|
|
assert( public_key );
|
2007-09-20 16:32:01 +00:00
|
|
|
evbuffer_add( outbuf, public_key, len );
|
|
|
|
|
|
|
|
|
|
/* add some bullshit padding */
|
2008-08-14 11:11:25 +00:00
|
|
|
len = tr_cryptoRandInt( PadA_MAXLEN );
|
2008-09-23 19:11:04 +00:00
|
|
|
tr_cryptoRandBuf( pad_a, len );
|
2007-09-20 16:32:01 +00:00
|
|
|
evbuffer_add( outbuf, pad_a, len );
|
|
|
|
|
|
|
|
|
|
/* send it */
|
|
|
|
|
setReadState( handshake, AWAITING_YB );
|
2008-11-17 04:00:57 +00:00
|
|
|
tr_peerIoWriteBuf( handshake->io, outbuf, FALSE );
|
2007-09-20 16:32:01 +00:00
|
|
|
|
|
|
|
|
/* cleanup */
|
|
|
|
|
evbuffer_free( outbuf );
|
|
|
|
|
}
|
|
|
|
|
|
2007-09-22 00:53:11 +00:00
|
|
|
static uint32_t
|
2007-11-08 21:20:08 +00:00
|
|
|
getCryptoProvide( const tr_handshake * handshake )
|
2007-09-22 00:53:11 +00:00
|
|
|
{
|
2007-11-08 21:20:08 +00:00
|
|
|
uint32_t provide = 0;
|
2007-09-22 00:53:11 +00:00
|
|
|
|
2007-11-08 21:20:08 +00:00
|
|
|
switch( handshake->encryptionMode )
|
|
|
|
|
{
|
|
|
|
|
case TR_ENCRYPTION_REQUIRED:
|
|
|
|
|
case TR_ENCRYPTION_PREFERRED:
|
|
|
|
|
provide |= CRYPTO_PROVIDE_CRYPTO;
|
|
|
|
|
break;
|
2007-09-22 00:53:11 +00:00
|
|
|
|
2008-08-12 13:51:11 +00:00
|
|
|
case TR_CLEAR_PREFERRED:
|
2007-11-08 21:20:08 +00:00
|
|
|
provide |= CRYPTO_PROVIDE_CRYPTO | CRYPTO_PROVIDE_PLAINTEXT;
|
|
|
|
|
break;
|
|
|
|
|
}
|
2007-09-22 00:53:11 +00:00
|
|
|
|
2007-11-08 21:20:08 +00:00
|
|
|
return provide;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static uint32_t
|
2008-09-23 19:11:04 +00:00
|
|
|
getCryptoSelect( const tr_handshake * handshake,
|
|
|
|
|
uint32_t crypto_provide )
|
2007-11-08 21:20:08 +00:00
|
|
|
{
|
|
|
|
|
uint32_t choices[4];
|
2008-09-23 19:11:04 +00:00
|
|
|
int i, nChoices = 0;
|
2007-11-08 21:20:08 +00:00
|
|
|
|
|
|
|
|
switch( handshake->encryptionMode )
|
|
|
|
|
{
|
|
|
|
|
case TR_ENCRYPTION_REQUIRED:
|
|
|
|
|
choices[nChoices++] = CRYPTO_PROVIDE_CRYPTO;
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case TR_ENCRYPTION_PREFERRED:
|
|
|
|
|
choices[nChoices++] = CRYPTO_PROVIDE_CRYPTO;
|
|
|
|
|
choices[nChoices++] = CRYPTO_PROVIDE_PLAINTEXT;
|
|
|
|
|
break;
|
|
|
|
|
|
2008-08-12 13:51:11 +00:00
|
|
|
case TR_CLEAR_PREFERRED:
|
2007-11-08 21:20:08 +00:00
|
|
|
choices[nChoices++] = CRYPTO_PROVIDE_PLAINTEXT;
|
|
|
|
|
choices[nChoices++] = CRYPTO_PROVIDE_CRYPTO;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
2008-09-23 19:11:04 +00:00
|
|
|
for( i = 0; i < nChoices; ++i )
|
2007-11-08 21:20:08 +00:00
|
|
|
if( crypto_provide & choices[i] )
|
|
|
|
|
return choices[i];
|
|
|
|
|
|
|
|
|
|
return 0;
|
2007-09-22 00:53:11 +00:00
|
|
|
}
|
|
|
|
|
|
2007-09-20 16:32:01 +00:00
|
|
|
static int
|
2008-09-23 19:11:04 +00:00
|
|
|
readYb( tr_handshake * handshake,
|
|
|
|
|
struct evbuffer * inbuf )
|
2007-09-20 16:32:01 +00:00
|
|
|
{
|
2008-09-23 19:11:04 +00:00
|
|
|
int isEncrypted;
|
|
|
|
|
const uint8_t * secret;
|
|
|
|
|
uint8_t yb[KEY_LEN];
|
2007-09-20 16:32:01 +00:00
|
|
|
struct evbuffer * outbuf;
|
2008-09-23 19:11:04 +00:00
|
|
|
size_t needlen = HANDSHAKE_NAME_LEN;
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2008-09-23 19:11:04 +00:00
|
|
|
if( EVBUFFER_LENGTH( inbuf ) < needlen )
|
2008-09-19 17:03:25 +00:00
|
|
|
return READ_LATER;
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2008-09-23 19:11:04 +00:00
|
|
|
isEncrypted = memcmp( EVBUFFER_DATA(
|
|
|
|
|
inbuf ), HANDSHAKE_NAME, HANDSHAKE_NAME_LEN );
|
|
|
|
|
if( isEncrypted )
|
|
|
|
|
{
|
2007-09-20 16:32:01 +00:00
|
|
|
needlen = KEY_LEN;
|
2008-09-23 19:11:04 +00:00
|
|
|
if( EVBUFFER_LENGTH( inbuf ) < needlen )
|
2008-09-19 17:03:25 +00:00
|
|
|
return READ_LATER;
|
2007-09-20 16:32:01 +00:00
|
|
|
}
|
|
|
|
|
|
2008-09-23 19:11:04 +00:00
|
|
|
dbgmsg( handshake, "got a %s handshake",
|
|
|
|
|
( isEncrypted ? "encrypted" : "plaintext" ) );
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2008-09-23 19:11:04 +00:00
|
|
|
tr_peerIoSetEncryption(
|
|
|
|
|
handshake->io, isEncrypted ? PEER_ENCRYPTION_RC4
|
|
|
|
|
: PEER_ENCRYPTION_NONE );
|
|
|
|
|
if( !isEncrypted )
|
|
|
|
|
{
|
2007-09-20 16:32:01 +00:00
|
|
|
setState( handshake, AWAITING_HANDSHAKE );
|
2008-09-19 17:03:25 +00:00
|
|
|
return READ_NOW;
|
2007-09-20 16:32:01 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* compute the secret */
|
|
|
|
|
evbuffer_remove( inbuf, yb, KEY_LEN );
|
|
|
|
|
secret = tr_cryptoComputeSecret( handshake->crypto, yb );
|
|
|
|
|
memcpy( handshake->mySecret, secret, KEY_LEN );
|
|
|
|
|
|
|
|
|
|
/* now send these: HASH('req1', S), HASH('req2', SKEY) xor HASH('req3', S),
|
|
|
|
|
* ENCRYPT(VC, crypto_provide, len(PadC), PadC, len(IA)), ENCRYPT(IA) */
|
|
|
|
|
outbuf = evbuffer_new( );
|
|
|
|
|
|
|
|
|
|
/* HASH('req1', S) */
|
|
|
|
|
{
|
|
|
|
|
uint8_t req1[SHA_DIGEST_LENGTH];
|
|
|
|
|
tr_sha1( req1, "req1", 4, secret, KEY_LEN, NULL );
|
|
|
|
|
evbuffer_add( outbuf, req1, SHA_DIGEST_LENGTH );
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* HASH('req2', SKEY) xor HASH('req3', S) */
|
|
|
|
|
{
|
2008-09-23 19:11:04 +00:00
|
|
|
int i;
|
2007-09-20 16:32:01 +00:00
|
|
|
uint8_t req2[SHA_DIGEST_LENGTH];
|
|
|
|
|
uint8_t req3[SHA_DIGEST_LENGTH];
|
|
|
|
|
uint8_t buf[SHA_DIGEST_LENGTH];
|
2008-09-23 19:11:04 +00:00
|
|
|
tr_sha1( req2, "req2", 4,
|
|
|
|
|
tr_cryptoGetTorrentHash(
|
|
|
|
|
handshake->crypto ), SHA_DIGEST_LENGTH, NULL );
|
2007-09-20 16:32:01 +00:00
|
|
|
tr_sha1( req3, "req3", 4, secret, KEY_LEN, NULL );
|
2008-09-23 19:11:04 +00:00
|
|
|
for( i = 0; i < SHA_DIGEST_LENGTH; ++i )
|
2007-09-20 16:32:01 +00:00
|
|
|
buf[i] = req2[i] ^ req3[i];
|
|
|
|
|
evbuffer_add( outbuf, buf, SHA_DIGEST_LENGTH );
|
|
|
|
|
}
|
2008-09-23 19:11:04 +00:00
|
|
|
|
2007-09-27 14:43:33 +00:00
|
|
|
/* ENCRYPT(VC, crypto_provide, len(PadC), PadC
|
|
|
|
|
* PadC is reserved for future extensions to the handshake...
|
|
|
|
|
* standard practice at this time is for it to be zero-length */
|
2007-09-20 16:32:01 +00:00
|
|
|
{
|
|
|
|
|
uint8_t vc[VC_LENGTH] = { 0, 0, 0, 0, 0, 0, 0, 0 };
|
|
|
|
|
|
|
|
|
|
tr_cryptoEncryptInit( handshake->crypto );
|
2007-09-27 14:43:33 +00:00
|
|
|
tr_peerIoSetEncryption( handshake->io, PEER_ENCRYPTION_RC4 );
|
2008-09-23 19:11:04 +00:00
|
|
|
|
|
|
|
|
tr_peerIoWriteBytes( handshake->io, outbuf, vc, VC_LENGTH );
|
|
|
|
|
tr_peerIoWriteUint32( handshake->io, outbuf,
|
|
|
|
|
getCryptoProvide( handshake ) );
|
2007-09-27 14:43:33 +00:00
|
|
|
tr_peerIoWriteUint16( handshake->io, outbuf, 0 );
|
2007-09-20 16:32:01 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* ENCRYPT len(IA)), ENCRYPT(IA) */
|
|
|
|
|
{
|
2008-09-23 19:11:04 +00:00
|
|
|
int msglen;
|
2007-10-17 18:53:17 +00:00
|
|
|
uint8_t * msg = buildHandshakeMessage( handshake, &msglen );
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2007-09-27 14:43:33 +00:00
|
|
|
tr_peerIoWriteUint16( handshake->io, outbuf, msglen );
|
|
|
|
|
tr_peerIoWriteBytes( handshake->io, outbuf, msg, msglen );
|
2007-09-20 16:32:01 +00:00
|
|
|
|
|
|
|
|
handshake->haveSentBitTorrentHandshake = 1;
|
|
|
|
|
tr_free( msg );
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* send it */
|
|
|
|
|
tr_cryptoDecryptInit( handshake->crypto );
|
|
|
|
|
setReadState( handshake, AWAITING_VC );
|
2008-11-17 04:00:57 +00:00
|
|
|
tr_peerIoWriteBuf( handshake->io, outbuf, FALSE );
|
2007-09-20 16:32:01 +00:00
|
|
|
|
|
|
|
|
/* cleanup */
|
|
|
|
|
evbuffer_free( outbuf );
|
2008-09-19 17:03:25 +00:00
|
|
|
return READ_LATER;
|
2007-09-20 16:32:01 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int
|
2008-09-23 19:11:04 +00:00
|
|
|
readVC( tr_handshake * handshake,
|
|
|
|
|
struct evbuffer * inbuf )
|
2007-09-20 16:32:01 +00:00
|
|
|
{
|
|
|
|
|
const uint8_t key[VC_LENGTH] = { 0, 0, 0, 0, 0, 0, 0, 0 };
|
2008-09-23 19:11:04 +00:00
|
|
|
const int key_len = VC_LENGTH;
|
|
|
|
|
uint8_t tmp[VC_LENGTH];
|
2007-09-20 16:32:01 +00:00
|
|
|
|
|
|
|
|
/* note: this works w/o having to `unwind' the buffer if
|
|
|
|
|
* we read too much, but it is pretty brute-force.
|
|
|
|
|
* it would be nice to make this cleaner. */
|
2008-09-23 19:11:04 +00:00
|
|
|
for( ; ; )
|
2007-09-20 16:32:01 +00:00
|
|
|
{
|
2008-09-23 19:11:04 +00:00
|
|
|
if( EVBUFFER_LENGTH( inbuf ) < VC_LENGTH )
|
|
|
|
|
{
|
2007-09-20 16:32:01 +00:00
|
|
|
dbgmsg( handshake, "not enough bytes... returning read_more" );
|
2008-09-19 17:03:25 +00:00
|
|
|
return READ_LATER;
|
2007-09-20 16:32:01 +00:00
|
|
|
}
|
|
|
|
|
|
2008-09-23 19:11:04 +00:00
|
|
|
memcpy( tmp, EVBUFFER_DATA( inbuf ), key_len );
|
2007-09-20 16:32:01 +00:00
|
|
|
tr_cryptoDecryptInit( handshake->crypto );
|
|
|
|
|
tr_cryptoDecrypt( handshake->crypto, key_len, tmp, tmp );
|
|
|
|
|
if( !memcmp( tmp, key, key_len ) )
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
evbuffer_drain( inbuf, 1 );
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
dbgmsg( handshake, "got it!" );
|
|
|
|
|
evbuffer_drain( inbuf, key_len );
|
|
|
|
|
setState( handshake, AWAITING_CRYPTO_SELECT );
|
2008-09-19 17:03:25 +00:00
|
|
|
return READ_NOW;
|
2007-09-20 16:32:01 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int
|
2008-09-23 19:11:04 +00:00
|
|
|
readCryptoSelect( tr_handshake * handshake,
|
|
|
|
|
struct evbuffer * inbuf )
|
2007-09-20 16:32:01 +00:00
|
|
|
{
|
2008-09-23 19:11:04 +00:00
|
|
|
uint32_t crypto_select;
|
|
|
|
|
uint16_t pad_d_len;
|
|
|
|
|
const size_t needlen = sizeof( uint32_t ) + sizeof( uint16_t );
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2008-09-23 19:11:04 +00:00
|
|
|
if( EVBUFFER_LENGTH( inbuf ) < needlen )
|
2008-09-19 17:03:25 +00:00
|
|
|
return READ_LATER;
|
2007-09-20 16:32:01 +00:00
|
|
|
|
|
|
|
|
tr_peerIoReadUint32( handshake->io, inbuf, &crypto_select );
|
|
|
|
|
handshake->crypto_select = crypto_select;
|
|
|
|
|
dbgmsg( handshake, "crypto select is %d", (int)crypto_select );
|
2008-09-23 19:11:04 +00:00
|
|
|
if( !( crypto_select & getCryptoProvide( handshake ) ) )
|
2007-09-22 00:53:11 +00:00
|
|
|
{
|
2008-09-23 19:11:04 +00:00
|
|
|
dbgmsg( handshake,
|
|
|
|
|
"peer selected an encryption option we didn't provide" );
|
2008-09-19 17:03:25 +00:00
|
|
|
return tr_handshakeDone( handshake, FALSE );
|
2007-09-22 00:53:11 +00:00
|
|
|
}
|
2007-09-20 16:32:01 +00:00
|
|
|
|
|
|
|
|
tr_peerIoReadUint16( handshake->io, inbuf, &pad_d_len );
|
|
|
|
|
dbgmsg( handshake, "pad_d_len is %d", (int)pad_d_len );
|
2008-01-14 16:17:02 +00:00
|
|
|
|
|
|
|
|
if( pad_d_len > 512 )
|
|
|
|
|
{
|
|
|
|
|
dbgmsg( handshake, "encryption handshake: pad_d_len is too long" );
|
2008-09-19 17:03:25 +00:00
|
|
|
return tr_handshakeDone( handshake, FALSE );
|
2008-01-14 16:17:02 +00:00
|
|
|
}
|
|
|
|
|
|
2007-09-20 16:32:01 +00:00
|
|
|
handshake->pad_d_len = pad_d_len;
|
|
|
|
|
|
|
|
|
|
setState( handshake, AWAITING_PAD_D );
|
2008-09-19 17:03:25 +00:00
|
|
|
return READ_NOW;
|
2007-09-20 16:32:01 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int
|
2008-09-23 19:11:04 +00:00
|
|
|
readPadD( tr_handshake * handshake,
|
|
|
|
|
struct evbuffer * inbuf )
|
2007-09-20 16:32:01 +00:00
|
|
|
{
|
|
|
|
|
const size_t needlen = handshake->pad_d_len;
|
2008-09-23 19:11:04 +00:00
|
|
|
uint8_t * tmp;
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2008-09-23 19:11:04 +00:00
|
|
|
dbgmsg( handshake, "pad d: need %d, got %d", (int)needlen,
|
|
|
|
|
(int)EVBUFFER_LENGTH(
|
|
|
|
|
inbuf ) );
|
|
|
|
|
if( EVBUFFER_LENGTH( inbuf ) < needlen )
|
2008-09-19 17:03:25 +00:00
|
|
|
return READ_LATER;
|
2007-09-20 16:32:01 +00:00
|
|
|
|
|
|
|
|
tmp = tr_new( uint8_t, needlen );
|
|
|
|
|
tr_peerIoReadBytes( handshake->io, inbuf, tmp, needlen );
|
|
|
|
|
tr_free( tmp );
|
|
|
|
|
|
|
|
|
|
tr_peerIoSetEncryption( handshake->io,
|
2007-09-22 00:36:37 +00:00
|
|
|
handshake->crypto_select );
|
2007-09-20 16:32:01 +00:00
|
|
|
|
|
|
|
|
setState( handshake, AWAITING_HANDSHAKE );
|
2008-09-19 17:03:25 +00:00
|
|
|
return READ_NOW;
|
2007-09-20 16:32:01 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/***
|
|
|
|
|
****
|
|
|
|
|
**** INCOMING CONNECTIONS
|
|
|
|
|
****
|
|
|
|
|
***/
|
|
|
|
|
|
|
|
|
|
static int
|
2008-09-23 19:11:04 +00:00
|
|
|
readHandshake( tr_handshake * handshake,
|
|
|
|
|
struct evbuffer * inbuf )
|
2007-09-20 16:32:01 +00:00
|
|
|
{
|
2008-09-23 19:11:04 +00:00
|
|
|
uint8_t pstrlen;
|
2007-09-20 16:32:01 +00:00
|
|
|
uint8_t * pstr;
|
2008-09-23 19:11:04 +00:00
|
|
|
uint8_t reserved[HANDSHAKE_FLAGS_LEN];
|
|
|
|
|
uint8_t hash[SHA_DIGEST_LENGTH];
|
2007-09-22 03:37:37 +00:00
|
|
|
|
2008-09-23 19:11:04 +00:00
|
|
|
dbgmsg( handshake, "payload: need %d, got %d",
|
|
|
|
|
(int)INCOMING_HANDSHAKE_LEN, (int)EVBUFFER_LENGTH(
|
|
|
|
|
inbuf ) );
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2008-09-23 19:11:04 +00:00
|
|
|
if( EVBUFFER_LENGTH( inbuf ) < INCOMING_HANDSHAKE_LEN )
|
2008-09-19 17:03:25 +00:00
|
|
|
return READ_LATER;
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2008-09-23 19:11:04 +00:00
|
|
|
pstrlen = EVBUFFER_DATA( inbuf )[0]; /* peek, don't read. We may be
|
2007-09-20 16:32:01 +00:00
|
|
|
handing inbuf to AWAITING_YA */
|
|
|
|
|
|
|
|
|
|
if( pstrlen == 19 ) /* unencrypted */
|
|
|
|
|
{
|
|
|
|
|
tr_peerIoSetEncryption( handshake->io, PEER_ENCRYPTION_NONE );
|
2007-09-26 03:52:30 +00:00
|
|
|
|
2007-11-08 21:20:08 +00:00
|
|
|
if( handshake->encryptionMode == TR_ENCRYPTION_REQUIRED )
|
2007-09-26 03:52:30 +00:00
|
|
|
{
|
2008-09-23 19:11:04 +00:00
|
|
|
dbgmsg( handshake,
|
|
|
|
|
"peer is unencrypted, and we're disallowing that" );
|
2008-09-19 17:03:25 +00:00
|
|
|
return tr_handshakeDone( handshake, FALSE );
|
2007-09-26 03:52:30 +00:00
|
|
|
}
|
2007-09-20 16:32:01 +00:00
|
|
|
}
|
|
|
|
|
else /* encrypted or corrupt */
|
|
|
|
|
{
|
|
|
|
|
tr_peerIoSetEncryption( handshake->io, PEER_ENCRYPTION_RC4 );
|
|
|
|
|
|
|
|
|
|
if( tr_peerIoIsIncoming( handshake->io ) )
|
|
|
|
|
{
|
2008-09-23 19:11:04 +00:00
|
|
|
dbgmsg( handshake,
|
|
|
|
|
"I think peer is sending us an encrypted handshake..." );
|
2007-09-20 16:32:01 +00:00
|
|
|
setState( handshake, AWAITING_YA );
|
2008-09-19 17:03:25 +00:00
|
|
|
return READ_NOW;
|
2007-09-20 16:32:01 +00:00
|
|
|
}
|
|
|
|
|
tr_cryptoDecrypt( handshake->crypto, 1, &pstrlen, &pstrlen );
|
|
|
|
|
|
|
|
|
|
if( pstrlen != 19 )
|
|
|
|
|
{
|
2008-09-23 19:11:04 +00:00
|
|
|
dbgmsg( handshake,
|
|
|
|
|
"I think peer has sent us a corrupt handshake..." );
|
2008-09-19 17:03:25 +00:00
|
|
|
return tr_handshakeDone( handshake, FALSE );
|
2007-09-20 16:32:01 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
evbuffer_drain( inbuf, 1 );
|
|
|
|
|
|
|
|
|
|
/* pstr (BitTorrent) */
|
2008-09-23 19:11:04 +00:00
|
|
|
pstr = tr_new( uint8_t, pstrlen + 1 );
|
2007-09-20 16:32:01 +00:00
|
|
|
tr_peerIoReadBytes( handshake->io, inbuf, pstr, pstrlen );
|
|
|
|
|
pstr[pstrlen] = '\0';
|
2008-09-23 19:11:04 +00:00
|
|
|
if( strcmp( (char*)pstr, "BitTorrent protocol" ) )
|
|
|
|
|
{
|
2007-09-20 16:32:01 +00:00
|
|
|
tr_free( pstr );
|
2008-09-19 17:03:25 +00:00
|
|
|
return tr_handshakeDone( handshake, FALSE );
|
2007-09-20 16:32:01 +00:00
|
|
|
}
|
|
|
|
|
tr_free( pstr );
|
|
|
|
|
|
|
|
|
|
/* reserved bytes */
|
2008-09-23 19:11:04 +00:00
|
|
|
tr_peerIoReadBytes( handshake->io, inbuf, reserved, sizeof( reserved ) );
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2008-01-01 00:20:07 +00:00
|
|
|
/**
|
|
|
|
|
*** Extension negotiation
|
|
|
|
|
**/
|
|
|
|
|
|
|
|
|
|
if( HANDSHAKE_HAS_LTEP( reserved ) )
|
|
|
|
|
{
|
|
|
|
|
tr_peerIoEnableLTEP( handshake->io, 1 );
|
2008-09-23 19:11:04 +00:00
|
|
|
dbgmsg( handshake, "using ltep" );
|
2008-01-01 00:20:07 +00:00
|
|
|
}
|
|
|
|
|
if( HANDSHAKE_HAS_FASTEXT( reserved ) )
|
|
|
|
|
{
|
|
|
|
|
tr_peerIoEnableFEXT( handshake->io, 1 );
|
2008-09-23 19:11:04 +00:00
|
|
|
dbgmsg( handshake, "using fext" );
|
2008-01-01 00:20:07 +00:00
|
|
|
}
|
|
|
|
|
|
2007-09-20 16:32:01 +00:00
|
|
|
/* torrent hash */
|
2008-09-23 19:11:04 +00:00
|
|
|
tr_peerIoReadBytes( handshake->io, inbuf, hash, sizeof( hash ) );
|
2007-09-20 16:32:01 +00:00
|
|
|
if( tr_peerIoIsIncoming( handshake->io ) )
|
|
|
|
|
{
|
|
|
|
|
if( !tr_torrentExists( handshake->handle, hash ) )
|
|
|
|
|
{
|
2008-09-23 19:11:04 +00:00
|
|
|
dbgmsg(
|
|
|
|
|
handshake,
|
|
|
|
|
"peer is trying to connect to us for a torrent we don't have." );
|
2008-09-19 17:03:25 +00:00
|
|
|
return tr_handshakeDone( handshake, FALSE );
|
2007-09-20 16:32:01 +00:00
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
assert( !tr_peerIoHasTorrentHash( handshake->io ) );
|
|
|
|
|
tr_peerIoSetTorrentHash( handshake->io, hash );
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else /* outgoing */
|
|
|
|
|
{
|
|
|
|
|
assert( tr_peerIoHasTorrentHash( handshake->io ) );
|
2008-09-23 19:11:04 +00:00
|
|
|
if( memcmp( hash, tr_peerIoGetTorrentHash( handshake->io ),
|
|
|
|
|
SHA_DIGEST_LENGTH ) )
|
2007-09-20 16:32:01 +00:00
|
|
|
{
|
|
|
|
|
dbgmsg( handshake, "peer returned the wrong hash. wtf?" );
|
2008-09-19 17:03:25 +00:00
|
|
|
return tr_handshakeDone( handshake, FALSE );
|
2007-09-20 16:32:01 +00:00
|
|
|
}
|
|
|
|
|
}
|
2008-09-23 19:11:04 +00:00
|
|
|
|
2007-09-20 16:32:01 +00:00
|
|
|
/**
|
2008-09-23 19:11:04 +00:00
|
|
|
*** If this is an incoming message, then we need to send a response
|
|
|
|
|
***handshake
|
2007-09-20 16:32:01 +00:00
|
|
|
**/
|
|
|
|
|
|
|
|
|
|
if( !handshake->haveSentBitTorrentHandshake )
|
|
|
|
|
{
|
2008-09-23 19:11:04 +00:00
|
|
|
int msgSize;
|
2007-10-17 18:53:17 +00:00
|
|
|
uint8_t * msg = buildHandshakeMessage( handshake, &msgSize );
|
2008-11-17 04:00:57 +00:00
|
|
|
tr_peerIoWrite( handshake->io, msg, msgSize, FALSE );
|
2007-09-20 16:32:01 +00:00
|
|
|
tr_free( msg );
|
|
|
|
|
handshake->haveSentBitTorrentHandshake = 1;
|
|
|
|
|
}
|
|
|
|
|
|
2008-01-01 00:20:07 +00:00
|
|
|
setReadState( handshake, AWAITING_PEER_ID );
|
2008-09-19 17:03:25 +00:00
|
|
|
return READ_NOW;
|
2008-01-01 00:20:07 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int
|
2008-09-23 19:11:04 +00:00
|
|
|
readPeerId( tr_handshake * handshake,
|
|
|
|
|
struct evbuffer * inbuf )
|
2008-01-01 00:20:07 +00:00
|
|
|
{
|
2008-09-23 19:11:04 +00:00
|
|
|
int peerIsGood;
|
2008-04-29 16:57:16 +00:00
|
|
|
char client[128];
|
2008-01-01 00:20:07 +00:00
|
|
|
|
2008-09-23 19:11:04 +00:00
|
|
|
if( EVBUFFER_LENGTH( inbuf ) < PEER_ID_LEN )
|
2008-09-19 17:03:25 +00:00
|
|
|
return READ_LATER;
|
2008-01-01 00:20:07 +00:00
|
|
|
|
|
|
|
|
/* peer id */
|
2008-09-23 19:11:04 +00:00
|
|
|
tr_peerIoReadBytes( handshake->io, inbuf, handshake->peer_id,
|
|
|
|
|
PEER_ID_LEN );
|
2008-01-01 00:20:07 +00:00
|
|
|
tr_peerIoSetPeersId( handshake->io, handshake->peer_id );
|
|
|
|
|
handshake->havePeerID = TRUE;
|
2008-04-29 16:57:16 +00:00
|
|
|
tr_clientForId( client, sizeof( client ), handshake->peer_id );
|
2008-09-23 19:11:04 +00:00
|
|
|
dbgmsg( handshake, "peer-id is [%s] ... isIncoming is %d", client,
|
|
|
|
|
tr_peerIoIsIncoming(
|
|
|
|
|
handshake->io ) );
|
2008-01-01 00:20:07 +00:00
|
|
|
|
|
|
|
|
/* if we've somehow connected to ourselves, don't keep the connection */
|
2008-09-23 19:11:04 +00:00
|
|
|
peerIsGood =
|
|
|
|
|
memcmp( handshake->peer_id, tr_getPeerId( ), PEER_ID_LEN ) ? 1 : 0;
|
2008-01-01 00:20:07 +00:00
|
|
|
dbgmsg( handshake, "isPeerGood == %d", peerIsGood );
|
2008-09-19 17:03:25 +00:00
|
|
|
return tr_handshakeDone( handshake, peerIsGood );
|
2007-09-20 16:32:01 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int
|
2008-09-23 19:11:04 +00:00
|
|
|
readYa( tr_handshake * handshake,
|
|
|
|
|
struct evbuffer * inbuf )
|
2007-09-20 16:32:01 +00:00
|
|
|
{
|
2008-09-23 19:11:04 +00:00
|
|
|
uint8_t ya[KEY_LEN];
|
|
|
|
|
uint8_t * walk, outbuf[KEY_LEN + PadB_MAXLEN];
|
2007-09-20 16:32:01 +00:00
|
|
|
const uint8_t *myKey, *secret;
|
2008-09-23 19:11:04 +00:00
|
|
|
int len;
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2008-09-23 19:11:04 +00:00
|
|
|
dbgmsg( handshake, "in readYa... need %d, have %d", (int)KEY_LEN,
|
|
|
|
|
(int)EVBUFFER_LENGTH(
|
|
|
|
|
inbuf ) );
|
2007-09-20 16:32:01 +00:00
|
|
|
if( EVBUFFER_LENGTH( inbuf ) < KEY_LEN )
|
2008-09-19 17:03:25 +00:00
|
|
|
return READ_LATER;
|
2007-09-20 16:32:01 +00:00
|
|
|
|
|
|
|
|
/* read the incoming peer's public key */
|
|
|
|
|
evbuffer_remove( inbuf, ya, KEY_LEN );
|
|
|
|
|
secret = tr_cryptoComputeSecret( handshake->crypto, ya );
|
|
|
|
|
memcpy( handshake->mySecret, secret, KEY_LEN );
|
|
|
|
|
tr_sha1( handshake->myReq1, "req1", 4, secret, KEY_LEN, NULL );
|
|
|
|
|
|
2008-08-14 11:11:25 +00:00
|
|
|
dbgmsg( handshake, "sending B->A: Diffie Hellman Yb, PadB" );
|
2007-09-20 16:32:01 +00:00
|
|
|
/* send our public key to the peer */
|
|
|
|
|
walk = outbuf;
|
|
|
|
|
myKey = tr_cryptoGetMyPublicKey( handshake->crypto, &len );
|
|
|
|
|
memcpy( walk, myKey, len );
|
2007-09-26 03:52:30 +00:00
|
|
|
walk += len;
|
2008-08-14 11:11:25 +00:00
|
|
|
len = tr_cryptoRandInt( PadB_MAXLEN );
|
|
|
|
|
tr_cryptoRandBuf( walk, len );
|
|
|
|
|
walk += len;
|
2007-09-20 16:32:01 +00:00
|
|
|
|
|
|
|
|
setReadState( handshake, AWAITING_PAD_A );
|
2008-11-17 04:00:57 +00:00
|
|
|
tr_peerIoWrite( handshake->io, outbuf, walk - outbuf, FALSE );
|
2008-09-19 17:03:25 +00:00
|
|
|
return READ_NOW;
|
2007-09-20 16:32:01 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int
|
2008-09-23 19:11:04 +00:00
|
|
|
readPadA( tr_handshake * handshake,
|
|
|
|
|
struct evbuffer * inbuf )
|
2007-09-20 16:32:01 +00:00
|
|
|
{
|
|
|
|
|
uint8_t * pch;
|
|
|
|
|
|
2008-09-23 19:11:04 +00:00
|
|
|
dbgmsg(
|
|
|
|
|
handshake,
|
|
|
|
|
"looking to get past pad a... & resync on hash('req',S) ... have %d bytes",
|
|
|
|
|
(int)EVBUFFER_LENGTH( inbuf ) );
|
2007-09-20 16:32:01 +00:00
|
|
|
/**
|
|
|
|
|
*** Resynchronizing on HASH('req1',S)
|
|
|
|
|
**/
|
|
|
|
|
|
2008-09-23 19:11:04 +00:00
|
|
|
pch = memchr( EVBUFFER_DATA( inbuf ),
|
|
|
|
|
handshake->myReq1[0],
|
|
|
|
|
EVBUFFER_LENGTH( inbuf ) );
|
|
|
|
|
if( pch == NULL )
|
|
|
|
|
{
|
|
|
|
|
dbgmsg( handshake, "no luck so far.. draining %d bytes",
|
|
|
|
|
(int)EVBUFFER_LENGTH(
|
|
|
|
|
inbuf ) );
|
|
|
|
|
evbuffer_drain( inbuf, EVBUFFER_LENGTH( inbuf ) );
|
2008-09-19 17:03:25 +00:00
|
|
|
return READ_LATER;
|
2007-09-20 16:32:01 +00:00
|
|
|
}
|
2008-09-23 19:11:04 +00:00
|
|
|
dbgmsg( handshake, "looking for hash('req',S) ... draining %d bytes",
|
|
|
|
|
(int)( pch - EVBUFFER_DATA( inbuf ) ) );
|
|
|
|
|
evbuffer_drain( inbuf, pch - EVBUFFER_DATA( inbuf ) );
|
|
|
|
|
if( EVBUFFER_LENGTH( inbuf ) < SHA_DIGEST_LENGTH )
|
2008-09-19 17:03:25 +00:00
|
|
|
return READ_LATER;
|
2008-09-23 19:11:04 +00:00
|
|
|
if( memcmp( EVBUFFER_DATA( inbuf ), handshake->myReq1,
|
|
|
|
|
SHA_DIGEST_LENGTH ) )
|
|
|
|
|
{
|
2007-09-26 03:52:30 +00:00
|
|
|
dbgmsg( handshake, "draining one more byte" );
|
2007-09-20 16:32:01 +00:00
|
|
|
evbuffer_drain( inbuf, 1 );
|
2008-09-19 17:03:25 +00:00
|
|
|
return READ_NOW;
|
2007-09-20 16:32:01 +00:00
|
|
|
}
|
|
|
|
|
|
2008-09-23 19:11:04 +00:00
|
|
|
dbgmsg( handshake,
|
|
|
|
|
"found it... looking setting to awaiting_crypto_provide" );
|
2007-09-20 16:32:01 +00:00
|
|
|
setState( handshake, AWAITING_CRYPTO_PROVIDE );
|
2008-09-19 17:03:25 +00:00
|
|
|
return READ_NOW;
|
2007-09-20 16:32:01 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int
|
2008-09-23 19:11:04 +00:00
|
|
|
readCryptoProvide( tr_handshake * handshake,
|
|
|
|
|
struct evbuffer * inbuf )
|
2007-09-20 16:32:01 +00:00
|
|
|
{
|
2008-09-23 19:11:04 +00:00
|
|
|
/* HASH('req2', SKEY) xor HASH('req3', S), ENCRYPT(VC, crypto_provide,
|
|
|
|
|
len(PadC)) */
|
|
|
|
|
|
|
|
|
|
int i;
|
|
|
|
|
uint8_t vc_in[VC_LENGTH];
|
|
|
|
|
uint8_t req2[SHA_DIGEST_LENGTH];
|
|
|
|
|
uint8_t req3[SHA_DIGEST_LENGTH];
|
|
|
|
|
uint8_t obfuscatedTorrentHash[SHA_DIGEST_LENGTH];
|
|
|
|
|
uint16_t padc_len = 0;
|
|
|
|
|
uint32_t crypto_provide = 0;
|
2007-10-02 16:59:56 +00:00
|
|
|
const size_t needlen = SHA_DIGEST_LENGTH /* HASH('req1',s) */
|
2008-09-23 19:11:04 +00:00
|
|
|
+ SHA_DIGEST_LENGTH /* HASH('req2', SKEY) xor
|
|
|
|
|
HASH('req3', S) */
|
|
|
|
|
+ VC_LENGTH
|
|
|
|
|
+ sizeof( crypto_provide )
|
|
|
|
|
+ sizeof( padc_len );
|
2007-09-20 16:32:01 +00:00
|
|
|
tr_torrent * tor = NULL;
|
|
|
|
|
|
2008-09-23 19:11:04 +00:00
|
|
|
if( EVBUFFER_LENGTH( inbuf ) < needlen )
|
2008-09-19 17:03:25 +00:00
|
|
|
return READ_LATER;
|
2007-09-20 16:32:01 +00:00
|
|
|
|
|
|
|
|
/* TODO: confirm they sent HASH('req1',S) here? */
|
|
|
|
|
evbuffer_drain( inbuf, SHA_DIGEST_LENGTH );
|
|
|
|
|
|
|
|
|
|
/* This next piece is HASH('req2', SKEY) xor HASH('req3', S) ...
|
|
|
|
|
* we can get the first half of that (the obufscatedTorrentHash)
|
|
|
|
|
* by building the latter and xor'ing it with what the peer sent us */
|
2007-10-19 00:02:37 +00:00
|
|
|
dbgmsg( handshake, "reading obfuscated torrent hash..." );
|
2007-09-20 16:32:01 +00:00
|
|
|
evbuffer_remove( inbuf, req2, SHA_DIGEST_LENGTH );
|
|
|
|
|
tr_sha1( req3, "req3", 4, handshake->mySecret, KEY_LEN, NULL );
|
2008-09-23 19:11:04 +00:00
|
|
|
for( i = 0; i < SHA_DIGEST_LENGTH; ++i )
|
2007-09-20 16:32:01 +00:00
|
|
|
obfuscatedTorrentHash[i] = req2[i] ^ req3[i];
|
2008-09-23 19:11:04 +00:00
|
|
|
if( ( tor =
|
|
|
|
|
tr_torrentFindFromObfuscatedHash( handshake->handle,
|
|
|
|
|
obfuscatedTorrentHash ) ) )
|
2008-04-17 03:48:56 +00:00
|
|
|
{
|
2008-09-23 19:11:04 +00:00
|
|
|
dbgmsg(
|
|
|
|
|
handshake,
|
|
|
|
|
"got INCOMING connection's encrypted handshake for torrent [%s]",
|
|
|
|
|
tor->info.name );
|
2007-09-26 03:52:30 +00:00
|
|
|
tr_peerIoSetTorrentHash( handshake->io, tor->info.hash );
|
2008-09-23 19:11:04 +00:00
|
|
|
if( !tr_torrentAllowsPex( tor )
|
|
|
|
|
&& tr_peerMgrPeerIsSeed( handshake->handle->peerMgr,
|
2008-04-17 03:48:56 +00:00
|
|
|
tor->info.hash,
|
2008-09-23 19:11:04 +00:00
|
|
|
tr_peerIoGetAddress( handshake->io, NULL ) ) )
|
2008-04-17 03:48:56 +00:00
|
|
|
{
|
|
|
|
|
dbgmsg( handshake, "a peer has tried to reconnect to us!" );
|
2008-09-19 17:03:25 +00:00
|
|
|
return tr_handshakeDone( handshake, FALSE );
|
2008-04-17 03:48:56 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
2007-09-26 03:52:30 +00:00
|
|
|
dbgmsg( handshake, "can't find that torrent..." );
|
2008-09-19 17:03:25 +00:00
|
|
|
return tr_handshakeDone( handshake, FALSE );
|
2007-09-26 03:52:30 +00:00
|
|
|
}
|
2007-09-20 16:32:01 +00:00
|
|
|
|
|
|
|
|
/* next part: ENCRYPT(VC, crypto_provide, len(PadC), */
|
|
|
|
|
|
|
|
|
|
tr_cryptoDecryptInit( handshake->crypto );
|
|
|
|
|
|
|
|
|
|
tr_peerIoReadBytes( handshake->io, inbuf, vc_in, VC_LENGTH );
|
|
|
|
|
|
|
|
|
|
tr_peerIoReadUint32( handshake->io, inbuf, &crypto_provide );
|
2007-09-22 03:37:37 +00:00
|
|
|
handshake->crypto_provide = crypto_provide;
|
2007-10-19 00:02:37 +00:00
|
|
|
dbgmsg( handshake, "crypto_provide is %d", (int)crypto_provide );
|
2007-09-20 16:32:01 +00:00
|
|
|
|
|
|
|
|
tr_peerIoReadUint16( handshake->io, inbuf, &padc_len );
|
2007-10-19 00:02:37 +00:00
|
|
|
dbgmsg( handshake, "padc is %d", (int)padc_len );
|
2007-09-20 16:32:01 +00:00
|
|
|
handshake->pad_c_len = padc_len;
|
|
|
|
|
setState( handshake, AWAITING_PAD_C );
|
2008-09-19 17:03:25 +00:00
|
|
|
return READ_NOW;
|
2007-09-20 16:32:01 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int
|
2008-09-23 19:11:04 +00:00
|
|
|
readPadC( tr_handshake * handshake,
|
|
|
|
|
struct evbuffer * inbuf )
|
2007-09-20 16:32:01 +00:00
|
|
|
{
|
2008-09-23 19:11:04 +00:00
|
|
|
uint16_t ia_len;
|
|
|
|
|
const size_t needlen = handshake->pad_c_len + sizeof( uint16_t );
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2008-09-23 19:11:04 +00:00
|
|
|
if( EVBUFFER_LENGTH( inbuf ) < needlen )
|
2008-09-19 17:03:25 +00:00
|
|
|
return READ_LATER;
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2007-09-26 03:52:30 +00:00
|
|
|
evbuffer_drain( inbuf, handshake->pad_c_len );
|
2007-09-20 16:32:01 +00:00
|
|
|
|
|
|
|
|
tr_peerIoReadUint16( handshake->io, inbuf, &ia_len );
|
|
|
|
|
dbgmsg( handshake, "ia_len is %d", (int)ia_len );
|
|
|
|
|
handshake->ia_len = ia_len;
|
|
|
|
|
setState( handshake, AWAITING_IA );
|
2008-09-19 17:03:25 +00:00
|
|
|
return READ_NOW;
|
2007-09-20 16:32:01 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int
|
2008-09-23 19:11:04 +00:00
|
|
|
readIA( tr_handshake * handshake,
|
|
|
|
|
struct evbuffer * inbuf )
|
2007-09-20 16:32:01 +00:00
|
|
|
{
|
2008-10-29 20:18:56 +00:00
|
|
|
const size_t needlen = handshake->ia_len;
|
2007-11-01 18:41:13 +00:00
|
|
|
struct evbuffer * outbuf;
|
2008-09-23 19:11:04 +00:00
|
|
|
uint32_t crypto_select;
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2008-09-23 19:11:04 +00:00
|
|
|
dbgmsg( handshake, "reading IA... have %d, need %d",
|
|
|
|
|
(int)EVBUFFER_LENGTH(
|
|
|
|
|
inbuf ), (int)needlen );
|
|
|
|
|
if( EVBUFFER_LENGTH( inbuf ) < needlen )
|
2008-09-19 17:03:25 +00:00
|
|
|
return READ_LATER;
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2007-09-26 03:52:30 +00:00
|
|
|
/**
|
2008-09-23 19:11:04 +00:00
|
|
|
*** B->A: ENCRYPT(VC, crypto_select, len(padD), padD), ENCRYPT2(Payload
|
|
|
|
|
***Stream)
|
2007-09-26 03:52:30 +00:00
|
|
|
**/
|
|
|
|
|
|
|
|
|
|
tr_cryptoEncryptInit( handshake->crypto );
|
2007-11-01 18:41:13 +00:00
|
|
|
outbuf = evbuffer_new( );
|
2007-09-26 03:52:30 +00:00
|
|
|
|
2008-09-23 19:11:04 +00:00
|
|
|
dbgmsg( handshake, "sending vc" );
|
2007-09-22 03:37:37 +00:00
|
|
|
/* send VC */
|
|
|
|
|
{
|
|
|
|
|
uint8_t vc[VC_LENGTH];
|
|
|
|
|
memset( vc, 0, VC_LENGTH );
|
|
|
|
|
tr_peerIoWriteBytes( handshake->io, outbuf, vc, VC_LENGTH );
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* send crypto_select */
|
2007-11-08 21:20:08 +00:00
|
|
|
crypto_select = getCryptoSelect( handshake, handshake->crypto_provide );
|
2008-09-23 19:11:04 +00:00
|
|
|
if( crypto_select )
|
|
|
|
|
{
|
2007-11-08 21:20:08 +00:00
|
|
|
dbgmsg( handshake, "selecting crypto mode '%d'", (int)crypto_select );
|
2007-09-22 03:37:37 +00:00
|
|
|
tr_peerIoWriteUint32( handshake->io, outbuf, crypto_select );
|
2008-09-23 19:11:04 +00:00
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
2007-11-08 21:20:08 +00:00
|
|
|
dbgmsg( handshake, "peer didn't offer an encryption mode we like." );
|
|
|
|
|
evbuffer_free( outbuf );
|
2008-09-19 17:03:25 +00:00
|
|
|
return tr_handshakeDone( handshake, FALSE );
|
2007-09-22 03:37:37 +00:00
|
|
|
}
|
|
|
|
|
|
2008-09-23 19:11:04 +00:00
|
|
|
dbgmsg( handshake, "sending pad d" );
|
2007-09-27 14:43:33 +00:00
|
|
|
/* ENCRYPT(VC, crypto_provide, len(PadC), PadC
|
|
|
|
|
* PadD is reserved for future extensions to the handshake...
|
|
|
|
|
* standard practice at this time is for it to be zero-length */
|
2007-09-22 03:37:37 +00:00
|
|
|
{
|
2007-09-27 14:43:33 +00:00
|
|
|
const int len = 0;
|
2007-09-22 03:37:37 +00:00
|
|
|
tr_peerIoWriteUint16( handshake->io, outbuf, len );
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* maybe de-encrypt our connection */
|
|
|
|
|
if( crypto_select == CRYPTO_PROVIDE_PLAINTEXT )
|
|
|
|
|
tr_peerIoSetEncryption( handshake->io, PEER_ENCRYPTION_NONE );
|
|
|
|
|
|
2008-09-23 19:11:04 +00:00
|
|
|
dbgmsg( handshake, "sending handshake" );
|
2007-09-22 03:37:37 +00:00
|
|
|
/* send our handshake */
|
|
|
|
|
{
|
2008-09-23 19:11:04 +00:00
|
|
|
int msgSize;
|
2007-10-17 18:53:17 +00:00
|
|
|
uint8_t * msg = buildHandshakeMessage( handshake, &msgSize );
|
2007-09-22 03:37:37 +00:00
|
|
|
tr_peerIoWriteBytes( handshake->io, outbuf, msg, msgSize );
|
|
|
|
|
handshake->haveSentBitTorrentHandshake = 1;
|
2007-10-17 18:53:17 +00:00
|
|
|
tr_free( msg );
|
2007-09-22 03:37:37 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* send it out */
|
2008-11-17 04:00:57 +00:00
|
|
|
tr_peerIoWriteBuf( handshake->io, outbuf, FALSE );
|
2007-09-22 03:37:37 +00:00
|
|
|
evbuffer_free( outbuf );
|
|
|
|
|
|
2008-10-29 20:18:56 +00:00
|
|
|
/* now await the handshake */
|
|
|
|
|
setState( handshake, AWAITING_PAYLOAD_STREAM );
|
|
|
|
|
return READ_NOW;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int
|
|
|
|
|
readPayloadStream( tr_handshake * handshake,
|
|
|
|
|
struct evbuffer * inbuf )
|
|
|
|
|
{
|
|
|
|
|
int i;
|
|
|
|
|
const size_t needlen = HANDSHAKE_SIZE;
|
|
|
|
|
|
|
|
|
|
dbgmsg( handshake, "reading payload stream... have %d, need %d",
|
|
|
|
|
(int)EVBUFFER_LENGTH( inbuf ), (int)needlen );
|
|
|
|
|
if( EVBUFFER_LENGTH( inbuf ) < needlen )
|
|
|
|
|
return READ_LATER;
|
|
|
|
|
|
|
|
|
|
/* parse the handshake ... */
|
|
|
|
|
i = parseHandshake( handshake, inbuf );
|
|
|
|
|
dbgmsg( handshake, "parseHandshake returned %d", i );
|
|
|
|
|
if( i != HANDSHAKE_OK )
|
|
|
|
|
return tr_handshakeDone( handshake, FALSE );
|
|
|
|
|
|
2007-09-22 03:37:37 +00:00
|
|
|
/* we've completed the BT handshake... pass the work on to peer-msgs */
|
2008-09-19 17:03:25 +00:00
|
|
|
return tr_handshakeDone( handshake, TRUE );
|
2007-09-20 16:32:01 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/***
|
|
|
|
|
****
|
|
|
|
|
****
|
|
|
|
|
****
|
|
|
|
|
***/
|
|
|
|
|
|
|
|
|
|
static ReadState
|
2008-09-23 19:11:04 +00:00
|
|
|
canRead( struct bufferevent * evin,
|
|
|
|
|
void * arg )
|
2007-09-20 16:32:01 +00:00
|
|
|
{
|
2008-09-23 19:11:04 +00:00
|
|
|
tr_handshake * handshake = (tr_handshake *) arg;
|
2007-09-20 16:32:01 +00:00
|
|
|
struct evbuffer * inbuf = EVBUFFER_INPUT ( evin );
|
2008-09-23 19:11:04 +00:00
|
|
|
ReadState ret;
|
2008-10-29 19:30:17 +00:00
|
|
|
int readyForMore = TRUE;
|
2008-09-23 19:11:04 +00:00
|
|
|
|
|
|
|
|
dbgmsg( handshake, "handling canRead; state is [%s]",
|
|
|
|
|
getStateName( handshake->state ) );
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2008-10-29 19:30:17 +00:00
|
|
|
while( readyForMore )
|
2007-09-20 16:32:01 +00:00
|
|
|
{
|
2008-10-29 19:30:17 +00:00
|
|
|
switch( handshake->state )
|
|
|
|
|
{
|
|
|
|
|
case AWAITING_HANDSHAKE:
|
|
|
|
|
ret = readHandshake ( handshake, inbuf ); break;
|
2008-09-23 19:11:04 +00:00
|
|
|
|
2008-10-29 19:30:17 +00:00
|
|
|
case AWAITING_PEER_ID:
|
|
|
|
|
ret = readPeerId ( handshake, inbuf ); break;
|
2008-09-23 19:11:04 +00:00
|
|
|
|
2008-10-29 19:30:17 +00:00
|
|
|
case AWAITING_YA:
|
|
|
|
|
ret = readYa ( handshake, inbuf ); break;
|
2008-09-23 19:11:04 +00:00
|
|
|
|
2008-10-29 19:30:17 +00:00
|
|
|
case AWAITING_PAD_A:
|
|
|
|
|
ret = readPadA ( handshake, inbuf ); break;
|
2008-09-23 19:11:04 +00:00
|
|
|
|
2008-10-29 19:30:17 +00:00
|
|
|
case AWAITING_CRYPTO_PROVIDE:
|
|
|
|
|
ret = readCryptoProvide( handshake, inbuf ); break;
|
2008-09-23 19:11:04 +00:00
|
|
|
|
2008-10-29 19:30:17 +00:00
|
|
|
case AWAITING_PAD_C:
|
|
|
|
|
ret = readPadC ( handshake, inbuf ); break;
|
2008-09-23 19:11:04 +00:00
|
|
|
|
2008-10-29 19:30:17 +00:00
|
|
|
case AWAITING_IA:
|
|
|
|
|
ret = readIA ( handshake, inbuf ); break;
|
2008-09-23 19:11:04 +00:00
|
|
|
|
2008-10-29 20:18:56 +00:00
|
|
|
case AWAITING_PAYLOAD_STREAM:
|
|
|
|
|
ret = readPayloadStream( handshake, inbuf ); break;
|
|
|
|
|
|
2008-10-29 19:30:17 +00:00
|
|
|
case AWAITING_YB:
|
|
|
|
|
ret = readYb ( handshake, inbuf ); break;
|
2008-09-23 19:11:04 +00:00
|
|
|
|
2008-10-29 19:30:17 +00:00
|
|
|
case AWAITING_VC:
|
|
|
|
|
ret = readVC ( handshake, inbuf ); break;
|
2008-09-23 19:11:04 +00:00
|
|
|
|
2008-10-29 19:30:17 +00:00
|
|
|
case AWAITING_CRYPTO_SELECT:
|
|
|
|
|
ret = readCryptoSelect ( handshake, inbuf ); break;
|
2008-09-23 19:11:04 +00:00
|
|
|
|
2008-10-29 19:30:17 +00:00
|
|
|
case AWAITING_PAD_D:
|
|
|
|
|
ret = readPadD ( handshake, inbuf ); break;
|
2008-09-23 19:11:04 +00:00
|
|
|
|
2008-10-29 19:30:17 +00:00
|
|
|
default:
|
|
|
|
|
assert( 0 );
|
|
|
|
|
}
|
|
|
|
|
|
2008-10-29 20:06:44 +00:00
|
|
|
if( ret != READ_NOW )
|
|
|
|
|
readyForMore = FALSE;
|
|
|
|
|
else if( handshake->state == AWAITING_PAD_C )
|
|
|
|
|
readyForMore = EVBUFFER_LENGTH( inbuf ) >= handshake->pad_c_len;
|
|
|
|
|
else if( handshake->state == AWAITING_PAD_D )
|
|
|
|
|
readyForMore = EVBUFFER_LENGTH( inbuf ) >= handshake->pad_d_len;
|
|
|
|
|
else if( handshake->state == AWAITING_IA )
|
|
|
|
|
readyForMore = EVBUFFER_LENGTH( inbuf ) >= handshake->ia_len;
|
2007-09-20 16:32:01 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
|
|
|
|
|
2008-09-19 17:03:25 +00:00
|
|
|
static int
|
2008-09-23 19:11:04 +00:00
|
|
|
fireDoneFunc( tr_handshake * handshake,
|
|
|
|
|
int isConnected )
|
2007-09-20 16:32:01 +00:00
|
|
|
{
|
|
|
|
|
const uint8_t * peer_id = isConnected && handshake->havePeerID
|
2008-09-23 19:11:04 +00:00
|
|
|
? handshake->peer_id
|
|
|
|
|
: NULL;
|
|
|
|
|
const int success = ( *handshake->doneCB )( handshake,
|
|
|
|
|
handshake->io,
|
|
|
|
|
isConnected,
|
|
|
|
|
peer_id,
|
|
|
|
|
handshake->
|
|
|
|
|
doneUserData );
|
|
|
|
|
|
2008-09-19 17:03:25 +00:00
|
|
|
return success;
|
2007-09-20 16:32:01 +00:00
|
|
|
}
|
|
|
|
|
|
2008-09-19 17:03:25 +00:00
|
|
|
static int
|
2008-09-23 19:11:04 +00:00
|
|
|
tr_handshakeDone( tr_handshake * handshake,
|
|
|
|
|
int isOK )
|
2007-09-20 16:32:01 +00:00
|
|
|
{
|
2008-09-19 17:03:25 +00:00
|
|
|
int success;
|
|
|
|
|
|
2007-09-20 16:32:01 +00:00
|
|
|
dbgmsg( handshake, "handshakeDone: %s", isOK ? "connected" : "aborting" );
|
2007-12-01 23:08:34 +00:00
|
|
|
tr_peerIoSetIOFuncs( handshake->io, NULL, NULL, NULL, NULL );
|
2007-09-29 13:47:15 +00:00
|
|
|
|
2008-09-19 17:03:25 +00:00
|
|
|
success = fireDoneFunc( handshake, isOK );
|
2007-09-29 13:47:15 +00:00
|
|
|
|
2007-09-20 16:32:01 +00:00
|
|
|
tr_free( handshake );
|
2008-09-19 17:03:25 +00:00
|
|
|
|
|
|
|
|
return success ? READ_LATER : READ_ERR;
|
2007-09-20 16:32:01 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void
|
|
|
|
|
tr_handshakeAbort( tr_handshake * handshake )
|
|
|
|
|
{
|
|
|
|
|
tr_handshakeDone( handshake, FALSE );
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void
|
2008-09-23 19:11:04 +00:00
|
|
|
gotError( struct bufferevent * evbuf UNUSED,
|
|
|
|
|
short what,
|
|
|
|
|
void * arg )
|
2007-09-20 16:32:01 +00:00
|
|
|
{
|
|
|
|
|
tr_handshake * handshake = (tr_handshake *) arg;
|
|
|
|
|
|
|
|
|
|
/* if the error happened while we were sending a public key, we might
|
|
|
|
|
* have encountered a peer that doesn't do encryption... reconnect and
|
|
|
|
|
* try a plaintext handshake */
|
2008-09-23 19:11:04 +00:00
|
|
|
if( ( ( handshake->state == AWAITING_YB )
|
|
|
|
|
|| ( handshake->state == AWAITING_VC ) )
|
|
|
|
|
&& ( handshake->encryptionMode != TR_ENCRYPTION_REQUIRED )
|
|
|
|
|
&& ( !tr_peerIoReconnect( handshake->io ) ) )
|
2007-09-20 16:32:01 +00:00
|
|
|
{
|
2008-09-23 19:11:04 +00:00
|
|
|
int msgSize;
|
2007-10-27 21:29:41 +00:00
|
|
|
uint8_t * msg;
|
|
|
|
|
dbgmsg( handshake, "handshake failed, trying plaintext..." );
|
|
|
|
|
msg = buildHandshakeMessage( handshake, &msgSize );
|
2007-10-22 23:31:03 +00:00
|
|
|
handshake->haveSentBitTorrentHandshake = 1;
|
2007-09-20 16:32:01 +00:00
|
|
|
setReadState( handshake, AWAITING_HANDSHAKE );
|
2008-11-17 04:00:57 +00:00
|
|
|
tr_peerIoWrite( handshake->io, msg, msgSize, FALSE );
|
2007-09-20 16:32:01 +00:00
|
|
|
tr_free( msg );
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
2007-10-11 03:36:09 +00:00
|
|
|
dbgmsg( handshake, "libevent got an error what==%d, errno=%d (%s)",
|
2008-09-23 19:11:04 +00:00
|
|
|
(int)what, errno, tr_strerror( errno ) );
|
2007-09-20 16:32:01 +00:00
|
|
|
tr_handshakeDone( handshake, FALSE );
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
***
|
|
|
|
|
**/
|
|
|
|
|
|
|
|
|
|
tr_handshake*
|
2008-09-23 19:11:04 +00:00
|
|
|
tr_handshakeNew( tr_peerIo * io,
|
|
|
|
|
tr_encryption_mode encryptionMode,
|
|
|
|
|
handshakeDoneCB doneCB,
|
|
|
|
|
void * doneUserData )
|
2007-09-20 16:32:01 +00:00
|
|
|
{
|
|
|
|
|
tr_handshake * handshake;
|
|
|
|
|
|
2008-11-24 21:59:00 +00:00
|
|
|
tr_peerIoSetBandwidth( io, TR_UP, NULL );
|
|
|
|
|
tr_peerIoSetBandwidth( io, TR_DOWN, NULL );
|
|
|
|
|
|
2007-09-20 16:32:01 +00:00
|
|
|
handshake = tr_new0( tr_handshake, 1 );
|
|
|
|
|
handshake->io = io;
|
|
|
|
|
handshake->crypto = tr_peerIoGetCrypto( io );
|
2007-11-08 21:20:08 +00:00
|
|
|
handshake->encryptionMode = encryptionMode;
|
2007-09-20 16:32:01 +00:00
|
|
|
handshake->doneCB = doneCB;
|
|
|
|
|
handshake->doneUserData = doneUserData;
|
2008-09-17 19:44:24 +00:00
|
|
|
handshake->handle = tr_peerIoGetSession( io );
|
2008-01-19 00:28:52 +00:00
|
|
|
tr_peerIoSetTimeoutSecs( io, 15 );
|
2008-09-23 19:11:04 +00:00
|
|
|
|
2007-12-01 23:08:34 +00:00
|
|
|
tr_peerIoSetIOFuncs( handshake->io, canRead, NULL, gotError, handshake );
|
2007-09-29 14:55:30 +00:00
|
|
|
|
|
|
|
|
if( tr_peerIoIsIncoming( handshake->io ) )
|
|
|
|
|
setReadState( handshake, AWAITING_HANDSHAKE );
|
2008-08-12 13:51:11 +00:00
|
|
|
else if( encryptionMode != TR_CLEAR_PREFERRED )
|
2007-09-29 14:55:30 +00:00
|
|
|
sendYa( handshake );
|
2008-09-23 19:11:04 +00:00
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
int msgSize;
|
2007-11-08 21:20:08 +00:00
|
|
|
uint8_t * msg = buildHandshakeMessage( handshake, &msgSize );
|
|
|
|
|
handshake->haveSentBitTorrentHandshake = 1;
|
|
|
|
|
setReadState( handshake, AWAITING_HANDSHAKE );
|
2008-11-17 04:00:57 +00:00
|
|
|
tr_peerIoWrite( handshake->io, msg, msgSize, FALSE );
|
2007-11-08 21:20:08 +00:00
|
|
|
tr_free( msg );
|
|
|
|
|
}
|
2007-09-20 16:32:01 +00:00
|
|
|
|
|
|
|
|
return handshake;
|
|
|
|
|
}
|
|
|
|
|
|
2008-09-17 19:44:24 +00:00
|
|
|
struct tr_peerIo*
|
|
|
|
|
tr_handshakeGetIO( tr_handshake * handshake )
|
|
|
|
|
{
|
|
|
|
|
assert( handshake );
|
|
|
|
|
assert( handshake->io );
|
|
|
|
|
|
|
|
|
|
return handshake->io;
|
|
|
|
|
}
|
|
|
|
|
|
2007-09-20 16:32:01 +00:00
|
|
|
const struct in_addr *
|
2008-09-23 19:11:04 +00:00
|
|
|
tr_handshakeGetAddr( const struct tr_handshake * handshake,
|
|
|
|
|
uint16_t * port )
|
2007-09-20 16:32:01 +00:00
|
|
|
{
|
2008-08-01 16:43:22 +00:00
|
|
|
assert( handshake );
|
|
|
|
|
assert( handshake->io );
|
2007-09-20 16:32:01 +00:00
|
|
|
|
|
|
|
|
return tr_peerIoGetAddress( handshake->io, port );
|
|
|
|
|
}
|
2008-09-23 19:11:04 +00:00
|
|
|
|
