2007-09-20 16:32:01 +00:00
|
|
|
/*
|
2011-01-19 13:48:47 +00:00
|
|
|
* This file Copyright (C) Mnemosyne LLC
|
2007-09-20 16:32:01 +00:00
|
|
|
*
|
2010-12-27 19:18:17 +00:00
|
|
|
* This file is licensed by the GPL version 2. Works owned by the
|
2012-12-05 17:29:46 +00:00
|
|
|
* Transmission project are granted a special exemption to clause 2 (b)
|
2008-09-23 19:11:04 +00:00
|
|
|
* so that the bulk of its code can remain under the MIT license.
|
2007-09-20 16:32:01 +00:00
|
|
|
* This exemption does not extend to derived works not owned by
|
|
|
|
|
* the Transmission project.
|
|
|
|
|
*
|
|
|
|
|
* $Id$
|
|
|
|
|
*/
|
|
|
|
|
|
2007-11-09 20:07:52 +00:00
|
|
|
#include <assert.h>
|
2007-09-20 16:32:01 +00:00
|
|
|
#include <errno.h>
|
2012-12-05 17:29:46 +00:00
|
|
|
#include <string.h> /* strcmp (), strlen () */
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2011-03-24 22:45:04 +00:00
|
|
|
#include <event2/buffer.h>
|
2010-12-20 02:07:51 +00:00
|
|
|
#include <event2/event.h>
|
2007-09-20 16:32:01 +00:00
|
|
|
|
|
|
|
|
#include "transmission.h"
|
2007-12-25 05:37:32 +00:00
|
|
|
#include "clients.h"
|
2007-09-20 16:32:01 +00:00
|
|
|
#include "crypto.h"
|
|
|
|
|
#include "handshake.h"
|
2013-01-25 23:34:20 +00:00
|
|
|
#include "log.h"
|
2007-09-20 16:32:01 +00:00
|
|
|
#include "peer-io.h"
|
2008-04-17 03:48:56 +00:00
|
|
|
#include "peer-mgr.h"
|
2009-07-01 14:58:57 +00:00
|
|
|
#include "session.h"
|
2007-12-25 05:37:32 +00:00
|
|
|
#include "torrent.h"
|
2009-05-19 18:38:26 +00:00
|
|
|
#include "tr-dht.h"
|
2007-09-20 16:32:01 +00:00
|
|
|
#include "utils.h"
|
|
|
|
|
|
|
|
|
|
/* enable LibTransmission extension protocol */
|
2008-09-23 19:11:04 +00:00
|
|
|
#define ENABLE_LTEP * /
|
2008-12-02 17:10:54 +00:00
|
|
|
/* fast extensions */
|
|
|
|
|
#define ENABLE_FAST * /
|
2009-05-19 18:38:26 +00:00
|
|
|
/* DHT */
|
|
|
|
|
#define ENABLE_DHT * /
|
2007-09-20 16:32:01 +00:00
|
|
|
|
|
|
|
|
/***
|
|
|
|
|
****
|
|
|
|
|
***/
|
|
|
|
|
|
|
|
|
|
#define HANDSHAKE_NAME "\023BitTorrent protocol"
|
|
|
|
|
|
|
|
|
|
enum
|
|
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
/* BitTorrent Handshake Constants */
|
|
|
|
|
HANDSHAKE_NAME_LEN = 20,
|
|
|
|
|
HANDSHAKE_FLAGS_LEN = 8,
|
|
|
|
|
HANDSHAKE_SIZE = 68,
|
|
|
|
|
INCOMING_HANDSHAKE_LEN = 48,
|
|
|
|
|
|
|
|
|
|
/* Encryption Constants */
|
|
|
|
|
PadA_MAXLEN = 512,
|
|
|
|
|
PadB_MAXLEN = 512,
|
|
|
|
|
PadC_MAXLEN = 512,
|
|
|
|
|
PadD_MAXLEN = 512,
|
|
|
|
|
VC_LENGTH = 8,
|
|
|
|
|
CRYPTO_PROVIDE_PLAINTEXT = 1,
|
|
|
|
|
CRYPTO_PROVIDE_CRYPTO = 2,
|
|
|
|
|
|
|
|
|
|
/* how long to wait before giving up on a handshake */
|
|
|
|
|
HANDSHAKE_TIMEOUT_SEC = 30
|
2007-09-20 16:32:01 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#ifdef ENABLE_LTEP
|
2012-12-05 17:29:46 +00:00
|
|
|
#define HANDSHAKE_HAS_LTEP(bits)(((bits)[5] & 0x10) ? 1 : 0)
|
|
|
|
|
#define HANDSHAKE_SET_LTEP(bits)((bits)[5] |= 0x10)
|
2007-09-20 16:32:01 +00:00
|
|
|
#else
|
2012-12-05 17:29:46 +00:00
|
|
|
#define HANDSHAKE_HAS_LTEP(bits)(0)
|
|
|
|
|
#define HANDSHAKE_SET_LTEP(bits)((void)0)
|
2007-09-20 16:32:01 +00:00
|
|
|
#endif
|
|
|
|
|
|
2009-08-10 20:04:08 +00:00
|
|
|
#ifdef ENABLE_FAST
|
2012-12-05 17:29:46 +00:00
|
|
|
#define HANDSHAKE_HAS_FASTEXT(bits)(((bits)[7] & 0x04) ? 1 : 0)
|
|
|
|
|
#define HANDSHAKE_SET_FASTEXT(bits)((bits)[7] |= 0x04)
|
2009-08-10 20:04:08 +00:00
|
|
|
#else
|
2012-12-05 17:29:46 +00:00
|
|
|
#define HANDSHAKE_HAS_FASTEXT(bits)(0)
|
|
|
|
|
#define HANDSHAKE_SET_FASTEXT(bits)((void)0)
|
2009-08-10 20:04:08 +00:00
|
|
|
#endif
|
2008-12-02 17:10:54 +00:00
|
|
|
|
2009-05-19 18:38:26 +00:00
|
|
|
#ifdef ENABLE_DHT
|
2012-12-05 17:29:46 +00:00
|
|
|
#define HANDSHAKE_HAS_DHT(bits)(((bits)[7] & 0x01) ? 1 : 0)
|
|
|
|
|
#define HANDSHAKE_SET_DHT(bits)((bits)[7] |= 0x01)
|
2009-05-19 18:38:26 +00:00
|
|
|
#else
|
2012-12-05 17:29:46 +00:00
|
|
|
#define HANDSHAKE_HAS_DHT(bits)(0)
|
|
|
|
|
#define HANDSHAKE_SET_DHT(bits)((void)0)
|
2009-08-10 20:04:08 +00:00
|
|
|
#endif
|
2009-05-19 18:38:26 +00:00
|
|
|
|
2007-09-20 16:32:01 +00:00
|
|
|
/* http://www.azureuswiki.com/index.php/Extension_negotiation_protocol
|
|
|
|
|
these macros are to be used if both extended messaging and the
|
|
|
|
|
azureus protocol is supported, they indicate which protocol is preferred */
|
2012-12-05 17:29:46 +00:00
|
|
|
#define HANDSHAKE_GET_EXTPREF(reserved) ((reserved)[5] & 0x03)
|
|
|
|
|
#define HANDSHAKE_SET_EXTPREF(reserved, val)((reserved)[5] |= 0x03 & (val))
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2010-06-30 16:40:19 +00:00
|
|
|
typedef uint8_t handshake_state_t;
|
|
|
|
|
|
2007-09-20 16:32:01 +00:00
|
|
|
struct tr_handshake
|
|
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
bool haveReadAnythingFromPeer;
|
|
|
|
|
bool havePeerID;
|
|
|
|
|
bool haveSentBitTorrentHandshake;
|
|
|
|
|
tr_peerIo * io;
|
|
|
|
|
tr_crypto * crypto;
|
|
|
|
|
tr_session * session;
|
|
|
|
|
uint8_t mySecret[KEY_LEN];
|
|
|
|
|
handshake_state_t state;
|
|
|
|
|
tr_encryption_mode encryptionMode;
|
|
|
|
|
uint16_t pad_c_len;
|
|
|
|
|
uint16_t pad_d_len;
|
|
|
|
|
uint16_t ia_len;
|
|
|
|
|
uint32_t crypto_select;
|
|
|
|
|
uint32_t crypto_provide;
|
|
|
|
|
uint8_t myReq1[SHA_DIGEST_LENGTH];
|
|
|
|
|
handshakeDoneCB doneCB;
|
|
|
|
|
void * doneUserData;
|
|
|
|
|
struct event * timeout_timer;
|
2007-09-20 16:32:01 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
***
|
|
|
|
|
**/
|
|
|
|
|
|
|
|
|
|
enum
|
|
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
/* incoming */
|
|
|
|
|
AWAITING_HANDSHAKE,
|
|
|
|
|
AWAITING_PEER_ID,
|
|
|
|
|
AWAITING_YA,
|
|
|
|
|
AWAITING_PAD_A,
|
|
|
|
|
AWAITING_CRYPTO_PROVIDE,
|
|
|
|
|
AWAITING_PAD_C,
|
|
|
|
|
AWAITING_IA,
|
|
|
|
|
AWAITING_PAYLOAD_STREAM,
|
|
|
|
|
|
|
|
|
|
/* outgoing */
|
|
|
|
|
AWAITING_YB,
|
|
|
|
|
AWAITING_VC,
|
|
|
|
|
AWAITING_CRYPTO_SELECT,
|
|
|
|
|
AWAITING_PAD_D,
|
|
|
|
|
|
|
|
|
|
N_STATES
|
2007-09-20 16:32:01 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
***
|
|
|
|
|
**/
|
|
|
|
|
|
2012-12-05 17:29:46 +00:00
|
|
|
#define dbgmsg(handshake, ...) \
|
2012-12-27 22:03:58 +00:00
|
|
|
do { \
|
2013-01-25 23:34:20 +00:00
|
|
|
if (tr_logGetDeepEnabled ()) \
|
|
|
|
|
tr_logAddDeep (__FILE__, __LINE__, tr_peerIoGetAddrStr (handshake->io), __VA_ARGS__); \
|
2012-12-27 22:03:58 +00:00
|
|
|
} while (0)
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2008-09-23 19:11:04 +00:00
|
|
|
static const char*
|
2012-12-05 17:29:46 +00:00
|
|
|
getStateName (const handshake_state_t state)
|
2007-09-20 16:32:01 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
static const char * const state_strings[N_STATES] =
|
2008-09-23 19:11:04 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
/* AWAITING_HANDSHAKE */ "awaiting handshake",
|
|
|
|
|
/* AWAITING_PEER_ID */ "awaiting peer id",
|
|
|
|
|
/* AWAITING_YA */ "awaiting ya",
|
|
|
|
|
/* AWAITING_PAD_A */ "awaiting pad a",
|
|
|
|
|
/* AWAITING_CRYPTO_PROVIDE */ "awaiting crypto_provide",
|
|
|
|
|
/* AWAITING_PAD_C */ "awaiting pad c",
|
|
|
|
|
/* AWAITING_IA */ "awaiting ia",
|
|
|
|
|
/* AWAITING_PAYLOAD_STREAM */ "awaiting payload stream",
|
|
|
|
|
/* AWAITING_YB */ "awaiting yb",
|
|
|
|
|
/* AWAITING_VC */ "awaiting vc",
|
|
|
|
|
/* AWAITING_CRYPTO_SELECT */ "awaiting crypto select",
|
|
|
|
|
/* AWAITING_PAD_D */ "awaiting pad d"
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
return state<N_STATES ? state_strings[state] : "unknown state";
|
2007-09-20 16:32:01 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void
|
2012-12-05 17:29:46 +00:00
|
|
|
setState (tr_handshake * handshake, handshake_state_t state)
|
2007-09-20 16:32:01 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
dbgmsg (handshake, "setting to state [%s]", getStateName (state));
|
|
|
|
|
handshake->state = state;
|
2007-09-20 16:32:01 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void
|
2012-12-05 17:29:46 +00:00
|
|
|
setReadState (tr_handshake * handshake, handshake_state_t state)
|
2007-09-20 16:32:01 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
setState (handshake, state);
|
2007-09-20 16:32:01 +00:00
|
|
|
}
|
|
|
|
|
|
2009-05-30 21:45:40 +00:00
|
|
|
static void
|
2012-12-05 17:29:46 +00:00
|
|
|
buildHandshakeMessage (tr_handshake * handshake, uint8_t * buf)
|
2007-09-20 16:32:01 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
uint8_t * walk = buf;
|
|
|
|
|
const uint8_t * torrentHash = tr_cryptoGetTorrentHash (handshake->crypto);
|
|
|
|
|
const tr_torrent * tor = tr_torrentFindFromHash (handshake->session, torrentHash);
|
|
|
|
|
const uint8_t * peer_id = tor && *tor->peer_id ? tor->peer_id : tr_getPeerId (handshake->session);
|
|
|
|
|
|
|
|
|
|
memcpy (walk, HANDSHAKE_NAME, HANDSHAKE_NAME_LEN);
|
|
|
|
|
walk += HANDSHAKE_NAME_LEN;
|
|
|
|
|
memset (walk, 0, HANDSHAKE_FLAGS_LEN);
|
|
|
|
|
HANDSHAKE_SET_LTEP (walk);
|
|
|
|
|
HANDSHAKE_SET_FASTEXT (walk);
|
|
|
|
|
|
|
|
|
|
/* Note that this doesn't depend on whether the torrent is private.
|
|
|
|
|
* We don't accept DHT peers for a private torrent,
|
|
|
|
|
* but we participate in the DHT regardless. */
|
|
|
|
|
if (tr_dhtEnabled (handshake->session))
|
|
|
|
|
HANDSHAKE_SET_DHT (walk);
|
|
|
|
|
|
|
|
|
|
walk += HANDSHAKE_FLAGS_LEN;
|
|
|
|
|
memcpy (walk, torrentHash, SHA_DIGEST_LENGTH);
|
|
|
|
|
walk += SHA_DIGEST_LENGTH;
|
|
|
|
|
memcpy (walk, peer_id, PEER_ID_LEN);
|
|
|
|
|
walk += PEER_ID_LEN;
|
|
|
|
|
|
|
|
|
|
assert (walk - buf == HANDSHAKE_SIZE);
|
2007-09-20 16:32:01 +00:00
|
|
|
}
|
|
|
|
|
|
2012-12-05 17:29:46 +00:00
|
|
|
static int tr_handshakeDone (tr_handshake * handshake,
|
|
|
|
|
bool isConnected);
|
2007-09-22 00:53:11 +00:00
|
|
|
|
2007-09-22 03:37:37 +00:00
|
|
|
enum
|
|
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
HANDSHAKE_OK,
|
|
|
|
|
HANDSHAKE_ENCRYPTION_WRONG,
|
|
|
|
|
HANDSHAKE_BAD_TORRENT,
|
|
|
|
|
HANDSHAKE_PEER_IS_SELF,
|
2007-09-22 03:37:37 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
static int
|
2012-12-05 17:29:46 +00:00
|
|
|
parseHandshake (tr_handshake * handshake,
|
|
|
|
|
struct evbuffer * inbuf)
|
2007-09-22 03:37:37 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
uint8_t name[HANDSHAKE_NAME_LEN];
|
|
|
|
|
uint8_t reserved[HANDSHAKE_FLAGS_LEN];
|
|
|
|
|
uint8_t hash[SHA_DIGEST_LENGTH];
|
|
|
|
|
const tr_torrent * tor;
|
|
|
|
|
const uint8_t * tor_peer_id;
|
|
|
|
|
uint8_t peer_id[PEER_ID_LEN];
|
2007-09-22 03:37:37 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
dbgmsg (handshake, "payload: need %d, got %zu",
|
|
|
|
|
HANDSHAKE_SIZE, evbuffer_get_length (inbuf));
|
2007-09-22 03:37:37 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
if (evbuffer_get_length (inbuf) < HANDSHAKE_SIZE)
|
|
|
|
|
return READ_LATER;
|
2007-09-22 03:37:37 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
/* confirm the protocol */
|
|
|
|
|
tr_peerIoReadBytes (handshake->io, inbuf, name, HANDSHAKE_NAME_LEN);
|
|
|
|
|
if (memcmp (name, HANDSHAKE_NAME, HANDSHAKE_NAME_LEN))
|
|
|
|
|
return HANDSHAKE_ENCRYPTION_WRONG;
|
2007-09-22 03:37:37 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
/* read the reserved bytes */
|
|
|
|
|
tr_peerIoReadBytes (handshake->io, inbuf, reserved, HANDSHAKE_FLAGS_LEN);
|
2007-09-22 03:37:37 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
/* torrent hash */
|
|
|
|
|
tr_peerIoReadBytes (handshake->io, inbuf, hash, sizeof (hash));
|
|
|
|
|
assert (tr_peerIoHasTorrentHash (handshake->io));
|
|
|
|
|
if (!tr_torrentExists (handshake->session, hash)
|
|
|
|
|
|| memcmp (hash, tr_peerIoGetTorrentHash (handshake->io), SHA_DIGEST_LENGTH))
|
2008-06-05 16:25:22 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
dbgmsg (handshake, "peer returned the wrong hash. wtf?");
|
|
|
|
|
return HANDSHAKE_BAD_TORRENT;
|
2007-09-22 03:37:37 +00:00
|
|
|
}
|
|
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
/* peer_id */
|
|
|
|
|
tr_peerIoReadBytes (handshake->io, inbuf, peer_id, sizeof (peer_id));
|
|
|
|
|
tr_peerIoSetPeersId (handshake->io, peer_id);
|
2007-09-22 03:37:37 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
/* peer id */
|
|
|
|
|
handshake->havePeerID = true;
|
|
|
|
|
dbgmsg (handshake, "peer-id is [%*.*s]", PEER_ID_LEN, PEER_ID_LEN, peer_id);
|
2008-12-10 05:20:28 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
tor = tr_torrentFindFromHash (handshake->session, hash);
|
|
|
|
|
tor_peer_id = tor ? tor->peer_id : tr_getPeerId (handshake->session);
|
|
|
|
|
if (!memcmp (peer_id, tor_peer_id, PEER_ID_LEN))
|
2008-09-23 19:11:04 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
dbgmsg (handshake, "streuth! we've connected to ourselves.");
|
|
|
|
|
return HANDSHAKE_PEER_IS_SELF;
|
2007-09-22 03:37:37 +00:00
|
|
|
}
|
|
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
/**
|
|
|
|
|
*** Extensions
|
|
|
|
|
**/
|
2008-12-02 17:10:54 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
tr_peerIoEnableDHT (handshake->io, HANDSHAKE_HAS_DHT (reserved));
|
|
|
|
|
tr_peerIoEnableLTEP (handshake->io, HANDSHAKE_HAS_LTEP (reserved));
|
|
|
|
|
tr_peerIoEnableFEXT (handshake->io, HANDSHAKE_HAS_FASTEXT (reserved));
|
2007-10-17 18:53:17 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
return HANDSHAKE_OK;
|
2007-09-22 03:37:37 +00:00
|
|
|
}
|
|
|
|
|
|
2007-09-20 16:32:01 +00:00
|
|
|
/***
|
|
|
|
|
****
|
|
|
|
|
**** OUTGOING CONNECTIONS
|
|
|
|
|
****
|
|
|
|
|
***/
|
|
|
|
|
|
|
|
|
|
/* 1 A->B: Diffie Hellman Ya, PadA */
|
|
|
|
|
static void
|
2012-12-05 17:29:46 +00:00
|
|
|
sendYa (tr_handshake * handshake)
|
2007-09-20 16:32:01 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
int len;
|
|
|
|
|
const uint8_t * public_key;
|
|
|
|
|
char outbuf[ KEY_LEN + PadA_MAXLEN ];
|
|
|
|
|
char *walk = outbuf;
|
|
|
|
|
|
|
|
|
|
/* add our public key (Ya) */
|
|
|
|
|
public_key = tr_cryptoGetMyPublicKey (handshake->crypto, &len);
|
|
|
|
|
assert (len == KEY_LEN);
|
|
|
|
|
assert (public_key);
|
|
|
|
|
memcpy (walk, public_key, len);
|
|
|
|
|
walk += len;
|
|
|
|
|
|
|
|
|
|
/* add some bullshit padding */
|
|
|
|
|
len = tr_cryptoRandInt (PadA_MAXLEN);
|
|
|
|
|
tr_cryptoRandBuf (walk, len);
|
|
|
|
|
walk += len;
|
|
|
|
|
|
|
|
|
|
/* send it */
|
|
|
|
|
setReadState (handshake, AWAITING_YB);
|
|
|
|
|
tr_peerIoWriteBytes (handshake->io, outbuf, walk - outbuf, false);
|
2007-09-20 16:32:01 +00:00
|
|
|
}
|
|
|
|
|
|
2007-09-22 00:53:11 +00:00
|
|
|
static uint32_t
|
2012-12-05 17:29:46 +00:00
|
|
|
getCryptoProvide (const tr_handshake * handshake)
|
2007-09-22 00:53:11 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
uint32_t provide = 0;
|
2007-09-22 00:53:11 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
switch (handshake->encryptionMode)
|
2007-11-08 21:20:08 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
case TR_ENCRYPTION_REQUIRED:
|
|
|
|
|
case TR_ENCRYPTION_PREFERRED:
|
|
|
|
|
provide |= CRYPTO_PROVIDE_CRYPTO;
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case TR_CLEAR_PREFERRED:
|
|
|
|
|
provide |= CRYPTO_PROVIDE_CRYPTO | CRYPTO_PROVIDE_PLAINTEXT;
|
|
|
|
|
break;
|
2007-11-08 21:20:08 +00:00
|
|
|
}
|
2007-09-22 00:53:11 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
return provide;
|
2007-11-08 21:20:08 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static uint32_t
|
2012-12-05 17:29:46 +00:00
|
|
|
getCryptoSelect (const tr_handshake * handshake,
|
|
|
|
|
uint32_t crypto_provide)
|
2007-11-08 21:20:08 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
uint32_t choices[2];
|
|
|
|
|
int i;
|
|
|
|
|
int nChoices = 0;
|
2007-11-08 21:20:08 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
switch (handshake->encryptionMode)
|
2007-11-08 21:20:08 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
case TR_ENCRYPTION_REQUIRED:
|
|
|
|
|
choices[nChoices++] = CRYPTO_PROVIDE_CRYPTO;
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case TR_ENCRYPTION_PREFERRED:
|
|
|
|
|
choices[nChoices++] = CRYPTO_PROVIDE_CRYPTO;
|
|
|
|
|
choices[nChoices++] = CRYPTO_PROVIDE_PLAINTEXT;
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case TR_CLEAR_PREFERRED:
|
|
|
|
|
choices[nChoices++] = CRYPTO_PROVIDE_PLAINTEXT;
|
|
|
|
|
choices[nChoices++] = CRYPTO_PROVIDE_CRYPTO;
|
|
|
|
|
break;
|
2007-11-08 21:20:08 +00:00
|
|
|
}
|
|
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
for (i=0; i<nChoices; ++i)
|
|
|
|
|
if (crypto_provide & choices[i])
|
|
|
|
|
return choices[i];
|
2007-11-08 21:20:08 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
return 0;
|
2007-09-22 00:53:11 +00:00
|
|
|
}
|
|
|
|
|
|
2007-09-20 16:32:01 +00:00
|
|
|
static int
|
2012-12-05 17:29:46 +00:00
|
|
|
readYb (tr_handshake * handshake, struct evbuffer * inbuf)
|
2007-09-20 16:32:01 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
int isEncrypted;
|
|
|
|
|
const uint8_t * secret;
|
|
|
|
|
uint8_t yb[KEY_LEN];
|
|
|
|
|
struct evbuffer * outbuf;
|
|
|
|
|
size_t needlen = HANDSHAKE_NAME_LEN;
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
if (evbuffer_get_length (inbuf) < needlen)
|
|
|
|
|
return READ_LATER;
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
isEncrypted = memcmp (evbuffer_pullup (inbuf, HANDSHAKE_NAME_LEN), HANDSHAKE_NAME, HANDSHAKE_NAME_LEN);
|
|
|
|
|
if (isEncrypted)
|
2008-09-23 19:11:04 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
needlen = KEY_LEN;
|
|
|
|
|
|
|
|
|
|
if (evbuffer_get_length (inbuf) < needlen)
|
|
|
|
|
return READ_LATER;
|
2007-09-20 16:32:01 +00:00
|
|
|
}
|
|
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
dbgmsg (handshake, "got an %s handshake", (isEncrypted ? "encrypted" : "plain"));
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
tr_peerIoSetEncryption (handshake->io, isEncrypted ? PEER_ENCRYPTION_RC4
|
|
|
|
|
: PEER_ENCRYPTION_NONE);
|
|
|
|
|
if (!isEncrypted)
|
2008-09-23 19:11:04 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
setState (handshake, AWAITING_HANDSHAKE);
|
|
|
|
|
return READ_NOW;
|
2007-09-20 16:32:01 +00:00
|
|
|
}
|
|
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
handshake->haveReadAnythingFromPeer = true;
|
2010-04-20 21:54:03 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
/* compute the secret */
|
|
|
|
|
evbuffer_remove (inbuf, yb, KEY_LEN);
|
|
|
|
|
secret = tr_cryptoComputeSecret (handshake->crypto, yb);
|
|
|
|
|
memcpy (handshake->mySecret, secret, KEY_LEN);
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
/* now send these: HASH ('req1', S), HASH ('req2', SKEY) xor HASH ('req3', S),
|
|
|
|
|
* ENCRYPT (VC, crypto_provide, len (PadC), PadC, len (IA)), ENCRYPT (IA) */
|
|
|
|
|
outbuf = evbuffer_new ();
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
/* HASH ('req1', S) */
|
|
|
|
|
{
|
|
|
|
|
uint8_t req1[SHA_DIGEST_LENGTH];
|
|
|
|
|
tr_sha1 (req1, "req1", 4, secret, KEY_LEN, NULL);
|
|
|
|
|
evbuffer_add (outbuf, req1, SHA_DIGEST_LENGTH);
|
|
|
|
|
}
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
/* HASH ('req2', SKEY) xor HASH ('req3', S) */
|
|
|
|
|
{
|
|
|
|
|
int i;
|
|
|
|
|
uint8_t req2[SHA_DIGEST_LENGTH];
|
|
|
|
|
uint8_t req3[SHA_DIGEST_LENGTH];
|
|
|
|
|
uint8_t buf[SHA_DIGEST_LENGTH];
|
2008-09-23 19:11:04 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
tr_sha1 (req2, "req2", 4, tr_cryptoGetTorrentHash (handshake->crypto), SHA_DIGEST_LENGTH, NULL);
|
|
|
|
|
tr_sha1 (req3, "req3", 4, secret, KEY_LEN, NULL);
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
for (i=0; i<SHA_DIGEST_LENGTH; ++i)
|
|
|
|
|
buf[i] = req2[i] ^ req3[i];
|
2008-09-23 19:11:04 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
evbuffer_add (outbuf, buf, SHA_DIGEST_LENGTH);
|
|
|
|
|
}
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
/* ENCRYPT (VC, crypto_provide, len (PadC), PadC
|
|
|
|
|
* PadC is reserved for future extensions to the handshake...
|
|
|
|
|
* standard practice at this time is for it to be zero-length */
|
|
|
|
|
{
|
|
|
|
|
uint8_t vc[VC_LENGTH] = { 0, 0, 0, 0, 0, 0, 0, 0 };
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
tr_peerIoWriteBuf (handshake->io, outbuf, false);
|
|
|
|
|
tr_cryptoEncryptInit (handshake->crypto);
|
|
|
|
|
tr_peerIoSetEncryption (handshake->io, PEER_ENCRYPTION_RC4);
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
evbuffer_add (outbuf, vc, VC_LENGTH);
|
|
|
|
|
evbuffer_add_uint32 (outbuf, getCryptoProvide (handshake));
|
|
|
|
|
evbuffer_add_uint16 (outbuf, 0);
|
|
|
|
|
}
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
/* ENCRYPT len (IA)), ENCRYPT (IA) */
|
|
|
|
|
{
|
|
|
|
|
uint8_t msg[HANDSHAKE_SIZE];
|
|
|
|
|
buildHandshakeMessage (handshake, msg);
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
evbuffer_add_uint16 (outbuf, sizeof (msg));
|
|
|
|
|
evbuffer_add (outbuf, msg, sizeof (msg));
|
|
|
|
|
|
|
|
|
|
handshake->haveSentBitTorrentHandshake = 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* send it */
|
|
|
|
|
tr_cryptoDecryptInit (handshake->crypto);
|
|
|
|
|
setReadState (handshake, AWAITING_VC);
|
|
|
|
|
tr_peerIoWriteBuf (handshake->io, outbuf, false);
|
|
|
|
|
|
|
|
|
|
/* cleanup */
|
|
|
|
|
evbuffer_free (outbuf);
|
|
|
|
|
return READ_LATER;
|
2007-09-20 16:32:01 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int
|
2012-12-27 22:03:58 +00:00
|
|
|
readVC (tr_handshake * handshake,
|
2012-12-05 17:29:46 +00:00
|
|
|
struct evbuffer * inbuf)
|
2007-09-20 16:32:01 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
uint8_t tmp[VC_LENGTH];
|
|
|
|
|
const int key_len = VC_LENGTH;
|
|
|
|
|
const uint8_t key[VC_LENGTH] = { 0, 0, 0, 0, 0, 0, 0, 0 };
|
|
|
|
|
|
|
|
|
|
/* note: this works w/o having to `unwind' the buffer if
|
|
|
|
|
* we read too much, but it is pretty brute-force.
|
|
|
|
|
* it would be nice to make this cleaner. */
|
|
|
|
|
for (;;)
|
2007-09-20 16:32:01 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
if (evbuffer_get_length (inbuf) < VC_LENGTH)
|
2008-09-23 19:11:04 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
dbgmsg (handshake, "not enough bytes... returning read_more");
|
|
|
|
|
return READ_LATER;
|
2007-09-20 16:32:01 +00:00
|
|
|
}
|
|
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
memcpy (tmp, evbuffer_pullup (inbuf, key_len), key_len);
|
|
|
|
|
tr_cryptoDecryptInit (handshake->crypto);
|
|
|
|
|
tr_cryptoDecrypt (handshake->crypto, key_len, tmp, tmp);
|
|
|
|
|
if (!memcmp (tmp, key, key_len))
|
|
|
|
|
break;
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
evbuffer_drain (inbuf, 1);
|
2007-09-20 16:32:01 +00:00
|
|
|
}
|
|
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
dbgmsg (handshake, "got it!");
|
|
|
|
|
evbuffer_drain (inbuf, key_len);
|
|
|
|
|
setState (handshake, AWAITING_CRYPTO_SELECT);
|
|
|
|
|
return READ_NOW;
|
2007-09-20 16:32:01 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int
|
2012-12-27 22:03:58 +00:00
|
|
|
readCryptoSelect (tr_handshake * handshake,
|
2012-12-05 17:29:46 +00:00
|
|
|
struct evbuffer * inbuf)
|
2007-09-20 16:32:01 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
uint16_t pad_d_len;
|
|
|
|
|
uint32_t crypto_select;
|
|
|
|
|
static const size_t needlen = sizeof (uint32_t) + sizeof (uint16_t);
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
if (evbuffer_get_length (inbuf) < needlen)
|
|
|
|
|
return READ_LATER;
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
tr_peerIoReadUint32 (handshake->io, inbuf, &crypto_select);
|
|
|
|
|
handshake->crypto_select = crypto_select;
|
|
|
|
|
dbgmsg (handshake, "crypto select is %d", (int)crypto_select);
|
|
|
|
|
if (!(crypto_select & getCryptoProvide (handshake)))
|
2007-09-22 00:53:11 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
dbgmsg (handshake, "peer selected an encryption option we didn't offer");
|
|
|
|
|
return tr_handshakeDone (handshake, false);
|
2007-09-22 00:53:11 +00:00
|
|
|
}
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
tr_peerIoReadUint16 (handshake->io, inbuf, &pad_d_len);
|
|
|
|
|
dbgmsg (handshake, "pad_d_len is %d", (int)pad_d_len);
|
2008-01-14 16:17:02 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
if (pad_d_len > 512)
|
2008-01-14 16:17:02 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
dbgmsg (handshake, "encryption handshake: pad_d_len is too long");
|
|
|
|
|
return tr_handshakeDone (handshake, false);
|
2008-01-14 16:17:02 +00:00
|
|
|
}
|
|
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
handshake->pad_d_len = pad_d_len;
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
setState (handshake, AWAITING_PAD_D);
|
|
|
|
|
return READ_NOW;
|
2007-09-20 16:32:01 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int
|
2012-12-27 22:03:58 +00:00
|
|
|
readPadD (tr_handshake * handshake,
|
2012-12-05 17:29:46 +00:00
|
|
|
struct evbuffer * inbuf)
|
2007-09-20 16:32:01 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
const size_t needlen = handshake->pad_d_len;
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
dbgmsg (handshake, "pad d: need %zu, got %zu",
|
|
|
|
|
needlen, evbuffer_get_length (inbuf));
|
|
|
|
|
if (evbuffer_get_length (inbuf) < needlen)
|
|
|
|
|
return READ_LATER;
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
tr_peerIoDrain (handshake->io, inbuf, needlen);
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
tr_peerIoSetEncryption (handshake->io, handshake->crypto_select);
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
setState (handshake, AWAITING_HANDSHAKE);
|
|
|
|
|
return READ_NOW;
|
2007-09-20 16:32:01 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/***
|
|
|
|
|
****
|
|
|
|
|
**** INCOMING CONNECTIONS
|
|
|
|
|
****
|
|
|
|
|
***/
|
|
|
|
|
|
|
|
|
|
static int
|
2012-12-27 22:03:58 +00:00
|
|
|
readHandshake (tr_handshake * handshake,
|
2012-12-05 17:29:46 +00:00
|
|
|
struct evbuffer * inbuf)
|
2007-09-20 16:32:01 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
uint8_t pstrlen;
|
|
|
|
|
uint8_t pstr[20];
|
|
|
|
|
uint8_t reserved[HANDSHAKE_FLAGS_LEN];
|
|
|
|
|
uint8_t hash[SHA_DIGEST_LENGTH];
|
2007-09-22 03:37:37 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
dbgmsg (handshake, "payload: need %d, got %zu",
|
|
|
|
|
INCOMING_HANDSHAKE_LEN, evbuffer_get_length (inbuf));
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
if (evbuffer_get_length (inbuf) < INCOMING_HANDSHAKE_LEN)
|
|
|
|
|
return READ_LATER;
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
handshake->haveReadAnythingFromPeer = true;
|
2010-04-20 21:54:03 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
pstrlen = evbuffer_pullup (inbuf, 1)[0]; /* peek, don't read. We may be
|
|
|
|
|
handing inbuf to AWAITING_YA */
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
if (pstrlen == 19) /* unencrypted */
|
2007-09-20 16:32:01 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
tr_peerIoSetEncryption (handshake->io, PEER_ENCRYPTION_NONE);
|
2007-09-26 03:52:30 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
if (handshake->encryptionMode == TR_ENCRYPTION_REQUIRED)
|
2007-09-26 03:52:30 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
dbgmsg (handshake, "peer is unencrypted, and we're disallowing that");
|
|
|
|
|
return tr_handshakeDone (handshake, false);
|
2007-09-26 03:52:30 +00:00
|
|
|
}
|
2007-09-20 16:32:01 +00:00
|
|
|
}
|
2012-12-27 22:03:58 +00:00
|
|
|
else /* encrypted or corrupt */
|
2007-09-20 16:32:01 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
tr_peerIoSetEncryption (handshake->io, PEER_ENCRYPTION_RC4);
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
if (tr_peerIoIsIncoming (handshake->io))
|
2007-09-20 16:32:01 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
dbgmsg (handshake, "I think peer is sending us an encrypted handshake...");
|
|
|
|
|
setState (handshake, AWAITING_YA);
|
|
|
|
|
return READ_NOW;
|
2007-09-20 16:32:01 +00:00
|
|
|
}
|
|
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
tr_cryptoDecrypt (handshake->crypto, 1, &pstrlen, &pstrlen);
|
|
|
|
|
|
|
|
|
|
if (pstrlen != 19)
|
2007-09-20 16:32:01 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
dbgmsg (handshake, "I think peer has sent us a corrupt handshake...");
|
|
|
|
|
return tr_handshakeDone (handshake, false);
|
2007-09-20 16:32:01 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
evbuffer_drain (inbuf, 1);
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
/* pstr (BitTorrent) */
|
|
|
|
|
assert (pstrlen == 19);
|
|
|
|
|
tr_peerIoReadBytes (handshake->io, inbuf, pstr, pstrlen);
|
|
|
|
|
pstr[pstrlen] = '\0';
|
|
|
|
|
if (memcmp (pstr, "BitTorrent protocol", 19))
|
|
|
|
|
return tr_handshakeDone (handshake, false);
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
/* reserved bytes */
|
|
|
|
|
tr_peerIoReadBytes (handshake->io, inbuf, reserved, sizeof (reserved));
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
/**
|
|
|
|
|
*** Extensions
|
|
|
|
|
**/
|
2008-01-01 00:20:07 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
tr_peerIoEnableDHT (handshake->io, HANDSHAKE_HAS_DHT (reserved));
|
|
|
|
|
tr_peerIoEnableLTEP (handshake->io, HANDSHAKE_HAS_LTEP (reserved));
|
|
|
|
|
tr_peerIoEnableFEXT (handshake->io, HANDSHAKE_HAS_FASTEXT (reserved));
|
2008-12-02 17:10:54 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
/* torrent hash */
|
|
|
|
|
tr_peerIoReadBytes (handshake->io, inbuf, hash, sizeof (hash));
|
|
|
|
|
if (tr_peerIoIsIncoming (handshake->io))
|
2007-09-20 16:32:01 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
if (!tr_torrentExists (handshake->session, hash))
|
2007-09-20 16:32:01 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
dbgmsg (handshake, "peer is trying to connect to us for a torrent we don't have.");
|
|
|
|
|
return tr_handshakeDone (handshake, false);
|
2007-09-20 16:32:01 +00:00
|
|
|
}
|
2012-12-27 22:03:58 +00:00
|
|
|
else
|
2007-09-20 16:32:01 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
assert (!tr_peerIoHasTorrentHash (handshake->io));
|
|
|
|
|
tr_peerIoSetTorrentHash (handshake->io, hash);
|
2007-09-20 16:32:01 +00:00
|
|
|
}
|
|
|
|
|
}
|
2012-12-27 22:03:58 +00:00
|
|
|
else /* outgoing */
|
2007-09-20 16:32:01 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
assert (tr_peerIoHasTorrentHash (handshake->io));
|
|
|
|
|
|
|
|
|
|
if (memcmp (hash, tr_peerIoGetTorrentHash (handshake->io), SHA_DIGEST_LENGTH))
|
2007-09-20 16:32:01 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
dbgmsg (handshake, "peer returned the wrong hash. wtf?");
|
|
|
|
|
return tr_handshakeDone (handshake, false);
|
2007-09-20 16:32:01 +00:00
|
|
|
}
|
|
|
|
|
}
|
2008-09-23 19:11:04 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
/**
|
|
|
|
|
*** If it's an incoming message, we need to send a response handshake
|
|
|
|
|
**/
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
if (!handshake->haveSentBitTorrentHandshake)
|
2007-09-20 16:32:01 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
uint8_t msg[HANDSHAKE_SIZE];
|
|
|
|
|
buildHandshakeMessage (handshake, msg);
|
|
|
|
|
tr_peerIoWriteBytes (handshake->io, msg, sizeof (msg), false);
|
|
|
|
|
handshake->haveSentBitTorrentHandshake = 1;
|
2007-09-20 16:32:01 +00:00
|
|
|
}
|
|
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
setReadState (handshake, AWAITING_PEER_ID);
|
|
|
|
|
return READ_NOW;
|
2008-01-01 00:20:07 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int
|
2012-12-05 17:29:46 +00:00
|
|
|
readPeerId (tr_handshake * handshake,
|
|
|
|
|
struct evbuffer * inbuf)
|
2008-01-01 00:20:07 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
bool peerIsGood;
|
|
|
|
|
char client[128];
|
|
|
|
|
tr_torrent * tor;
|
|
|
|
|
const uint8_t * tor_peer_id;
|
|
|
|
|
uint8_t peer_id[PEER_ID_LEN];
|
2008-01-01 00:20:07 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
if (evbuffer_get_length (inbuf) < PEER_ID_LEN)
|
|
|
|
|
return READ_LATER;
|
2008-01-01 00:20:07 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
/* peer id */
|
|
|
|
|
tr_peerIoReadBytes (handshake->io, inbuf, peer_id, PEER_ID_LEN);
|
|
|
|
|
tr_peerIoSetPeersId (handshake->io, peer_id);
|
|
|
|
|
handshake->havePeerID = true;
|
|
|
|
|
tr_clientForId (client, sizeof (client), peer_id);
|
|
|
|
|
dbgmsg (handshake, "peer-id is [%s] ... isIncoming is %d", client,
|
|
|
|
|
tr_peerIoIsIncoming (handshake->io));
|
|
|
|
|
|
|
|
|
|
/* if we've somehow connected to ourselves, don't keep the connection */
|
|
|
|
|
tor = tr_torrentFindFromHash (handshake->session, tr_peerIoGetTorrentHash (handshake->io));
|
|
|
|
|
tor_peer_id = tor ? tor->peer_id : tr_getPeerId (handshake->session);
|
|
|
|
|
peerIsGood = memcmp (peer_id, tor_peer_id, PEER_ID_LEN) != 0;
|
|
|
|
|
dbgmsg (handshake, "isPeerGood == %d", (int)peerIsGood);
|
|
|
|
|
return tr_handshakeDone (handshake, peerIsGood);
|
2007-09-20 16:32:01 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int
|
2012-12-27 22:03:58 +00:00
|
|
|
readYa (tr_handshake * handshake,
|
2012-12-05 17:29:46 +00:00
|
|
|
struct evbuffer * inbuf)
|
2007-09-20 16:32:01 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
uint8_t ya[KEY_LEN];
|
|
|
|
|
uint8_t * walk, outbuf[KEY_LEN + PadB_MAXLEN];
|
|
|
|
|
const uint8_t * myKey;
|
|
|
|
|
const uint8_t * secret;
|
|
|
|
|
int len;
|
|
|
|
|
|
|
|
|
|
dbgmsg (handshake, "in readYa... need %d, have %zu",
|
|
|
|
|
KEY_LEN, evbuffer_get_length (inbuf));
|
|
|
|
|
if (evbuffer_get_length (inbuf) < KEY_LEN)
|
|
|
|
|
return READ_LATER;
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
/* read the incoming peer's public key */
|
|
|
|
|
evbuffer_remove (inbuf, ya, KEY_LEN);
|
|
|
|
|
secret = tr_cryptoComputeSecret (handshake->crypto, ya);
|
|
|
|
|
memcpy (handshake->mySecret, secret, KEY_LEN);
|
|
|
|
|
tr_sha1 (handshake->myReq1, "req1", 4, secret, KEY_LEN, NULL);
|
|
|
|
|
|
|
|
|
|
/* send our public key to the peer */
|
|
|
|
|
dbgmsg (handshake, "sending B->A: Diffie Hellman Yb, PadB");
|
|
|
|
|
walk = outbuf;
|
|
|
|
|
myKey = tr_cryptoGetMyPublicKey (handshake->crypto, &len);
|
|
|
|
|
memcpy (walk, myKey, len);
|
|
|
|
|
walk += len;
|
|
|
|
|
len = tr_cryptoRandInt (PadB_MAXLEN);
|
|
|
|
|
tr_cryptoRandBuf (walk, len);
|
|
|
|
|
walk += len;
|
|
|
|
|
|
|
|
|
|
setReadState (handshake, AWAITING_PAD_A);
|
|
|
|
|
tr_peerIoWriteBytes (handshake->io, outbuf, walk - outbuf, false);
|
|
|
|
|
return READ_NOW;
|
2007-09-20 16:32:01 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int
|
2012-12-05 17:29:46 +00:00
|
|
|
readPadA (tr_handshake * handshake, struct evbuffer * inbuf)
|
2007-09-20 16:32:01 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
/* resynchronizing on HASH ('req1',S) */
|
|
|
|
|
struct evbuffer_ptr ptr = evbuffer_search (inbuf, (const char*)handshake->myReq1, SHA_DIGEST_LENGTH, NULL);
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
if (ptr.pos != -1) /* match */
|
2008-09-23 19:11:04 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
evbuffer_drain (inbuf, ptr.pos);
|
|
|
|
|
dbgmsg (handshake, "found it... looking setting to awaiting_crypto_provide");
|
|
|
|
|
setState (handshake, AWAITING_CRYPTO_PROVIDE);
|
|
|
|
|
return READ_NOW;
|
2007-09-20 16:32:01 +00:00
|
|
|
}
|
2012-12-27 22:03:58 +00:00
|
|
|
else
|
2008-09-23 19:11:04 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
const size_t len = evbuffer_get_length (inbuf);
|
|
|
|
|
if (len > SHA_DIGEST_LENGTH)
|
|
|
|
|
evbuffer_drain (inbuf, len - SHA_DIGEST_LENGTH);
|
|
|
|
|
return READ_LATER;
|
2007-09-20 16:32:01 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int
|
2012-12-27 22:03:58 +00:00
|
|
|
readCryptoProvide (tr_handshake * handshake,
|
2012-12-05 17:29:46 +00:00
|
|
|
struct evbuffer * inbuf)
|
2007-09-20 16:32:01 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
/* HASH ('req2', SKEY) xor HASH ('req3', S), ENCRYPT (VC, crypto_provide, len (PadC)) */
|
|
|
|
|
|
|
|
|
|
int i;
|
|
|
|
|
uint8_t vc_in[VC_LENGTH];
|
|
|
|
|
uint8_t req2[SHA_DIGEST_LENGTH];
|
|
|
|
|
uint8_t req3[SHA_DIGEST_LENGTH];
|
|
|
|
|
uint8_t obfuscatedTorrentHash[SHA_DIGEST_LENGTH];
|
|
|
|
|
uint16_t padc_len = 0;
|
|
|
|
|
uint32_t crypto_provide = 0;
|
|
|
|
|
tr_torrent * tor;
|
|
|
|
|
const size_t needlen = SHA_DIGEST_LENGTH /* HASH ('req1',s) */
|
|
|
|
|
+ SHA_DIGEST_LENGTH /* HASH ('req2', SKEY) xor HASH ('req3', S) */
|
|
|
|
|
+ VC_LENGTH
|
|
|
|
|
+ sizeof (crypto_provide)
|
|
|
|
|
+ sizeof (padc_len);
|
|
|
|
|
|
|
|
|
|
if (evbuffer_get_length (inbuf) < needlen)
|
|
|
|
|
return READ_LATER;
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
/* TODO: confirm they sent HASH ('req1',S) here? */
|
|
|
|
|
evbuffer_drain (inbuf, SHA_DIGEST_LENGTH);
|
|
|
|
|
|
|
|
|
|
/* This next piece is HASH ('req2', SKEY) xor HASH ('req3', S) ...
|
|
|
|
|
* we can get the first half of that (the obufscatedTorrentHash)
|
|
|
|
|
* by building the latter and xor'ing it with what the peer sent us */
|
|
|
|
|
dbgmsg (handshake, "reading obfuscated torrent hash...");
|
|
|
|
|
evbuffer_remove (inbuf, req2, SHA_DIGEST_LENGTH);
|
|
|
|
|
tr_sha1 (req3, "req3", 4, handshake->mySecret, KEY_LEN, NULL);
|
|
|
|
|
for (i=0; i<SHA_DIGEST_LENGTH; ++i)
|
|
|
|
|
obfuscatedTorrentHash[i] = req2[i] ^ req3[i];
|
|
|
|
|
if ((tor = tr_torrentFindFromObfuscatedHash (handshake->session, obfuscatedTorrentHash)))
|
2008-04-17 03:48:56 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
const bool clientIsSeed = tr_torrentIsSeed (tor);
|
|
|
|
|
const bool peerIsSeed = tr_peerMgrPeerIsSeed (tor, tr_peerIoGetAddress (handshake->io, NULL));
|
|
|
|
|
dbgmsg (handshake, "got INCOMING connection's encrypted handshake for torrent [%s]", tr_torrentName (tor));
|
|
|
|
|
tr_peerIoSetTorrentHash (handshake->io, tor->info.hash);
|
2009-01-07 22:06:40 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
if (clientIsSeed && peerIsSeed)
|
2008-04-17 03:48:56 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
dbgmsg (handshake, "another seed tried to reconnect to us!");
|
|
|
|
|
return tr_handshakeDone (handshake, false);
|
2008-04-17 03:48:56 +00:00
|
|
|
}
|
|
|
|
|
}
|
2012-12-27 22:03:58 +00:00
|
|
|
else
|
2008-04-17 03:48:56 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
dbgmsg (handshake, "can't find that torrent...");
|
|
|
|
|
return tr_handshakeDone (handshake, false);
|
2007-09-26 03:52:30 +00:00
|
|
|
}
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
/* next part: ENCRYPT (VC, crypto_provide, len (PadC), */
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
tr_cryptoDecryptInit (handshake->crypto);
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
tr_peerIoReadBytes (handshake->io, inbuf, vc_in, VC_LENGTH);
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
tr_peerIoReadUint32 (handshake->io, inbuf, &crypto_provide);
|
|
|
|
|
handshake->crypto_provide = crypto_provide;
|
|
|
|
|
dbgmsg (handshake, "crypto_provide is %d", (int)crypto_provide);
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
tr_peerIoReadUint16 (handshake->io, inbuf, &padc_len);
|
|
|
|
|
dbgmsg (handshake, "padc is %d", (int)padc_len);
|
|
|
|
|
handshake->pad_c_len = padc_len;
|
|
|
|
|
setState (handshake, AWAITING_PAD_C);
|
|
|
|
|
return READ_NOW;
|
2007-09-20 16:32:01 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int
|
2012-12-27 22:03:58 +00:00
|
|
|
readPadC (tr_handshake * handshake,
|
2012-12-05 17:29:46 +00:00
|
|
|
struct evbuffer * inbuf)
|
2007-09-20 16:32:01 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
char * padc;
|
|
|
|
|
uint16_t ia_len;
|
|
|
|
|
const size_t needlen = handshake->pad_c_len + sizeof (uint16_t);
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
if (evbuffer_get_length (inbuf) < needlen)
|
|
|
|
|
return READ_LATER;
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
/* read the throwaway padc */
|
|
|
|
|
padc = tr_new (char, handshake->pad_c_len);
|
|
|
|
|
tr_peerIoReadBytes (handshake->io, inbuf, padc, handshake->pad_c_len);
|
|
|
|
|
tr_free (padc);
|
|
|
|
|
|
|
|
|
|
/* read ia_len */
|
|
|
|
|
tr_peerIoReadUint16 (handshake->io, inbuf, &ia_len);
|
|
|
|
|
dbgmsg (handshake, "ia_len is %d", (int)ia_len);
|
|
|
|
|
handshake->ia_len = ia_len;
|
|
|
|
|
setState (handshake, AWAITING_IA);
|
|
|
|
|
return READ_NOW;
|
2007-09-20 16:32:01 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int
|
2012-12-27 22:03:58 +00:00
|
|
|
readIA (tr_handshake * handshake,
|
2012-12-05 17:29:46 +00:00
|
|
|
struct evbuffer * inbuf)
|
2007-09-20 16:32:01 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
const size_t needlen = handshake->ia_len;
|
|
|
|
|
struct evbuffer * outbuf;
|
|
|
|
|
uint32_t crypto_select;
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
dbgmsg (handshake, "reading IA... have %zu, need %zu",
|
|
|
|
|
evbuffer_get_length (inbuf), needlen);
|
|
|
|
|
if (evbuffer_get_length (inbuf) < needlen)
|
|
|
|
|
return READ_LATER;
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
/**
|
|
|
|
|
*** B->A: ENCRYPT (VC, crypto_select, len (padD), padD), ENCRYPT2 (Payload Stream)
|
|
|
|
|
**/
|
2007-09-26 03:52:30 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
tr_cryptoEncryptInit (handshake->crypto);
|
|
|
|
|
outbuf = evbuffer_new ();
|
2007-09-26 03:52:30 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
{
|
2007-09-22 03:37:37 +00:00
|
|
|
/* send VC */
|
2012-12-27 22:03:58 +00:00
|
|
|
uint8_t vc[VC_LENGTH];
|
|
|
|
|
memset (vc, 0, VC_LENGTH);
|
|
|
|
|
evbuffer_add (outbuf, vc, VC_LENGTH);
|
|
|
|
|
dbgmsg (handshake, "sending vc");
|
|
|
|
|
}
|
2007-09-22 03:37:37 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
/* send crypto_select */
|
|
|
|
|
crypto_select = getCryptoSelect (handshake, handshake->crypto_provide);
|
|
|
|
|
if (crypto_select)
|
2008-09-23 19:11:04 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
dbgmsg (handshake, "selecting crypto mode '%d'", (int)crypto_select);
|
|
|
|
|
evbuffer_add_uint32 (outbuf, crypto_select);
|
2008-09-23 19:11:04 +00:00
|
|
|
}
|
2012-12-27 22:03:58 +00:00
|
|
|
else
|
2008-09-23 19:11:04 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
dbgmsg (handshake, "peer didn't offer an encryption mode we like.");
|
|
|
|
|
evbuffer_free (outbuf);
|
|
|
|
|
return tr_handshakeDone (handshake, false);
|
2007-09-22 03:37:37 +00:00
|
|
|
}
|
|
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
dbgmsg (handshake, "sending pad d");
|
|
|
|
|
/* ENCRYPT (VC, crypto_provide, len (PadD), PadD
|
|
|
|
|
* PadD is reserved for future extensions to the handshake...
|
|
|
|
|
* standard practice at this time is for it to be zero-length */
|
|
|
|
|
{
|
|
|
|
|
const uint16_t len = 0;
|
|
|
|
|
evbuffer_add_uint16 (outbuf, len);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* maybe de-encrypt our connection */
|
|
|
|
|
if (crypto_select == CRYPTO_PROVIDE_PLAINTEXT)
|
2007-09-22 03:37:37 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
tr_peerIoWriteBuf (handshake->io, outbuf, false);
|
|
|
|
|
tr_peerIoSetEncryption (handshake->io, PEER_ENCRYPTION_NONE);
|
2007-09-22 03:37:37 +00:00
|
|
|
}
|
|
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
dbgmsg (handshake, "sending handshake");
|
|
|
|
|
/* send our handshake */
|
|
|
|
|
{
|
|
|
|
|
uint8_t msg[HANDSHAKE_SIZE];
|
|
|
|
|
buildHandshakeMessage (handshake, msg);
|
2009-05-30 21:45:40 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
evbuffer_add (outbuf, msg, sizeof (msg));
|
|
|
|
|
handshake->haveSentBitTorrentHandshake = 1;
|
|
|
|
|
}
|
2007-09-22 03:37:37 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
/* send it out */
|
|
|
|
|
tr_peerIoWriteBuf (handshake->io, outbuf, false);
|
|
|
|
|
evbuffer_free (outbuf);
|
2007-09-22 03:37:37 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
/* now await the handshake */
|
|
|
|
|
setState (handshake, AWAITING_PAYLOAD_STREAM);
|
|
|
|
|
return READ_NOW;
|
2008-10-29 20:18:56 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int
|
2012-12-05 17:29:46 +00:00
|
|
|
readPayloadStream (tr_handshake * handshake,
|
|
|
|
|
struct evbuffer * inbuf)
|
2008-10-29 20:18:56 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
int i;
|
|
|
|
|
const size_t needlen = HANDSHAKE_SIZE;
|
2008-10-29 20:18:56 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
dbgmsg (handshake, "reading payload stream... have %zu, need %zu",
|
|
|
|
|
evbuffer_get_length (inbuf), needlen);
|
|
|
|
|
if (evbuffer_get_length (inbuf) < needlen)
|
|
|
|
|
return READ_LATER;
|
2008-10-29 20:18:56 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
/* parse the handshake ... */
|
|
|
|
|
i = parseHandshake (handshake, inbuf);
|
|
|
|
|
dbgmsg (handshake, "parseHandshake returned %d", i);
|
|
|
|
|
if (i != HANDSHAKE_OK)
|
|
|
|
|
return tr_handshakeDone (handshake, false);
|
2008-10-29 20:18:56 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
/* we've completed the BT handshake... pass the work on to peer-msgs */
|
|
|
|
|
return tr_handshakeDone (handshake, true);
|
2007-09-20 16:32:01 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/***
|
|
|
|
|
****
|
|
|
|
|
****
|
|
|
|
|
****
|
|
|
|
|
***/
|
|
|
|
|
|
|
|
|
|
static ReadState
|
2012-12-05 17:29:46 +00:00
|
|
|
canRead (struct tr_peerIo * io, void * arg, size_t * piece)
|
2007-09-20 16:32:01 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
ReadState ret;
|
|
|
|
|
tr_handshake * handshake = arg;
|
|
|
|
|
struct evbuffer * inbuf = tr_peerIoGetReadBuffer (io);
|
|
|
|
|
bool readyForMore = true;
|
2008-09-23 19:11:04 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
assert (tr_isPeerIo (io));
|
2009-10-10 17:37:34 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
/* no piece data in handshake */
|
|
|
|
|
*piece = 0;
|
2008-11-25 21:35:17 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
dbgmsg (handshake, "handling canRead; state is [%s]",
|
|
|
|
|
getStateName (handshake->state));
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
while (readyForMore)
|
2007-09-20 16:32:01 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
switch (handshake->state)
|
2008-10-29 19:30:17 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
case AWAITING_HANDSHAKE:
|
|
|
|
|
ret = readHandshake (handshake, inbuf);
|
|
|
|
|
break;
|
2008-09-23 19:11:04 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
case AWAITING_PEER_ID:
|
|
|
|
|
ret = readPeerId (handshake, inbuf);
|
|
|
|
|
break;
|
2008-09-23 19:11:04 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
case AWAITING_YA:
|
|
|
|
|
ret = readYa (handshake, inbuf);
|
|
|
|
|
break;
|
2008-09-23 19:11:04 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
case AWAITING_PAD_A:
|
|
|
|
|
ret = readPadA (handshake, inbuf);
|
|
|
|
|
break;
|
2008-09-23 19:11:04 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
case AWAITING_CRYPTO_PROVIDE:
|
|
|
|
|
ret = readCryptoProvide (handshake, inbuf);
|
|
|
|
|
break;
|
2008-09-23 19:11:04 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
case AWAITING_PAD_C:
|
|
|
|
|
ret = readPadC (handshake, inbuf);
|
|
|
|
|
break;
|
2008-09-23 19:11:04 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
case AWAITING_IA:
|
|
|
|
|
ret = readIA (handshake, inbuf);
|
|
|
|
|
break;
|
2008-09-23 19:11:04 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
case AWAITING_PAYLOAD_STREAM:
|
|
|
|
|
ret = readPayloadStream (handshake, inbuf);
|
|
|
|
|
break;
|
2008-10-29 20:18:56 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
case AWAITING_YB:
|
|
|
|
|
ret = readYb (handshake, inbuf);
|
|
|
|
|
break;
|
2008-09-23 19:11:04 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
case AWAITING_VC:
|
|
|
|
|
ret = readVC (handshake, inbuf);
|
|
|
|
|
break;
|
2008-09-23 19:11:04 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
case AWAITING_CRYPTO_SELECT:
|
|
|
|
|
ret = readCryptoSelect (handshake, inbuf);
|
|
|
|
|
break;
|
2008-09-23 19:11:04 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
case AWAITING_PAD_D:
|
|
|
|
|
ret = readPadD (handshake, inbuf);
|
|
|
|
|
break;
|
2008-09-23 19:11:04 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
default:
|
|
|
|
|
assert (0);
|
2008-10-29 19:30:17 +00:00
|
|
|
}
|
|
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
if (ret != READ_NOW)
|
|
|
|
|
readyForMore = false;
|
|
|
|
|
else if (handshake->state == AWAITING_PAD_C)
|
|
|
|
|
readyForMore = evbuffer_get_length (inbuf) >= handshake->pad_c_len;
|
|
|
|
|
else if (handshake->state == AWAITING_PAD_D)
|
|
|
|
|
readyForMore = evbuffer_get_length (inbuf) >= handshake->pad_d_len;
|
|
|
|
|
else if (handshake->state == AWAITING_IA)
|
|
|
|
|
readyForMore = evbuffer_get_length (inbuf) >= handshake->ia_len;
|
2007-09-20 16:32:01 +00:00
|
|
|
}
|
|
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
return ret;
|
2007-09-20 16:32:01 +00:00
|
|
|
}
|
|
|
|
|
|
2011-03-22 15:19:54 +00:00
|
|
|
static bool
|
2012-12-05 17:29:46 +00:00
|
|
|
fireDoneFunc (tr_handshake * handshake, bool isConnected)
|
2007-09-20 16:32:01 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
const uint8_t * peer_id = isConnected && handshake->havePeerID
|
|
|
|
|
? tr_peerIoGetPeersId (handshake->io)
|
|
|
|
|
: NULL;
|
|
|
|
|
const bool success = (*handshake->doneCB)(handshake,
|
|
|
|
|
handshake->io,
|
|
|
|
|
handshake->haveReadAnythingFromPeer,
|
|
|
|
|
isConnected,
|
|
|
|
|
peer_id,
|
|
|
|
|
handshake->doneUserData);
|
|
|
|
|
|
|
|
|
|
return success;
|
2007-09-20 16:32:01 +00:00
|
|
|
}
|
|
|
|
|
|
2009-01-06 00:24:44 +00:00
|
|
|
static void
|
2012-12-05 17:29:46 +00:00
|
|
|
tr_handshakeFree (tr_handshake * handshake)
|
2008-12-20 22:19:34 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
if (handshake->io)
|
|
|
|
|
tr_peerIoUnref (handshake->io); /* balanced by the ref in tr_handshakeNew */
|
2008-12-20 22:19:34 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
event_free (handshake->timeout_timer);
|
|
|
|
|
tr_free (handshake);
|
2008-12-20 22:19:34 +00:00
|
|
|
}
|
|
|
|
|
|
2008-09-19 17:03:25 +00:00
|
|
|
static int
|
2012-12-05 17:29:46 +00:00
|
|
|
tr_handshakeDone (tr_handshake * handshake, bool isOK)
|
2007-09-20 16:32:01 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
bool success;
|
2008-09-19 17:03:25 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
dbgmsg (handshake, "handshakeDone: %s", isOK ? "connected" : "aborting");
|
|
|
|
|
tr_peerIoSetIOFuncs (handshake->io, NULL, NULL, NULL, NULL);
|
2007-09-29 13:47:15 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
success = fireDoneFunc (handshake, isOK);
|
2007-09-29 13:47:15 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
tr_handshakeFree (handshake);
|
2009-01-06 00:24:44 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
return success ? READ_LATER : READ_ERR;
|
2007-09-20 16:32:01 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void
|
2012-12-05 17:29:46 +00:00
|
|
|
tr_handshakeAbort (tr_handshake * handshake)
|
2007-09-20 16:32:01 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
if (handshake != NULL)
|
|
|
|
|
tr_handshakeDone (handshake, false);
|
2007-09-20 16:32:01 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void
|
2012-12-05 17:29:46 +00:00
|
|
|
gotError (tr_peerIo * io,
|
2008-12-16 22:08:17 +00:00
|
|
|
short what,
|
2012-12-05 17:29:46 +00:00
|
|
|
void * vhandshake)
|
2007-09-20 16:32:01 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
int errcode = errno;
|
|
|
|
|
tr_handshake * handshake = vhandshake;
|
|
|
|
|
|
|
|
|
|
if (io->utp_socket && !io->isIncoming && handshake->state == AWAITING_YB)
|
|
|
|
|
{
|
|
|
|
|
/* This peer probably doesn't speak uTP. */
|
|
|
|
|
|
|
|
|
|
tr_torrent *tor;
|
|
|
|
|
|
|
|
|
|
if (tr_peerIoHasTorrentHash (io))
|
|
|
|
|
tor = tr_torrentFindFromHash (handshake->session, tr_peerIoGetTorrentHash (io));
|
|
|
|
|
else
|
|
|
|
|
tor = NULL;
|
|
|
|
|
|
|
|
|
|
/* Don't mark a peer as non-uTP unless it's really a connect failure. */
|
|
|
|
|
if ((errcode == ETIMEDOUT || errcode == ECONNREFUSED) && tr_isTorrent(tor))
|
|
|
|
|
tr_peerMgrSetUtpFailed (tor, tr_peerIoGetAddress (io, NULL), true);
|
|
|
|
|
|
|
|
|
|
if (!tr_peerIoReconnect (handshake->io))
|
|
|
|
|
{
|
|
|
|
|
uint8_t msg[HANDSHAKE_SIZE];
|
|
|
|
|
buildHandshakeMessage (handshake, msg);
|
|
|
|
|
handshake->haveSentBitTorrentHandshake = 1;
|
|
|
|
|
setReadState (handshake, AWAITING_HANDSHAKE);
|
|
|
|
|
tr_peerIoWriteBytes (handshake->io, msg, sizeof (msg), false);
|
2011-02-18 00:43:34 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
/* if the error happened while we were sending a public key, we might
|
|
|
|
|
* have encountered a peer that doesn't do encryption... reconnect and
|
|
|
|
|
* try a plaintext handshake */
|
|
|
|
|
if (((handshake->state == AWAITING_YB) || (handshake->state == AWAITING_VC))
|
2012-12-05 17:29:46 +00:00
|
|
|
&& (handshake->encryptionMode != TR_ENCRYPTION_REQUIRED)
|
|
|
|
|
&& (!tr_peerIoReconnect (handshake->io)))
|
2007-09-20 16:32:01 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
uint8_t msg[HANDSHAKE_SIZE];
|
2009-05-30 21:45:40 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
dbgmsg (handshake, "handshake failed, trying plaintext...");
|
|
|
|
|
buildHandshakeMessage (handshake, msg);
|
|
|
|
|
handshake->haveSentBitTorrentHandshake = 1;
|
|
|
|
|
setReadState (handshake, AWAITING_HANDSHAKE);
|
|
|
|
|
tr_peerIoWriteBytes (handshake->io, msg, sizeof (msg), false);
|
2007-09-20 16:32:01 +00:00
|
|
|
}
|
2012-12-27 22:03:58 +00:00
|
|
|
else
|
2007-09-20 16:32:01 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
dbgmsg (handshake, "libevent got an error what==%d, errno=%d (%s)",
|
|
|
|
|
(int)what, errno, tr_strerror (errno));
|
|
|
|
|
tr_handshakeDone (handshake, false);
|
2007-09-20 16:32:01 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
***
|
|
|
|
|
**/
|
|
|
|
|
|
2009-06-15 02:22:41 +00:00
|
|
|
static void
|
2012-12-05 17:29:46 +00:00
|
|
|
handshakeTimeout (int foo UNUSED, short bar UNUSED, void * handshake)
|
2009-02-12 20:43:07 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
tr_handshakeAbort (handshake);
|
2009-02-12 20:43:07 +00:00
|
|
|
}
|
|
|
|
|
|
2007-09-20 16:32:01 +00:00
|
|
|
tr_handshake*
|
2012-12-05 17:29:46 +00:00
|
|
|
tr_handshakeNew (tr_peerIo * io,
|
2010-12-24 08:58:41 +00:00
|
|
|
tr_encryption_mode encryptionMode,
|
|
|
|
|
handshakeDoneCB doneCB,
|
2012-12-05 17:29:46 +00:00
|
|
|
void * doneUserData)
|
2007-09-20 16:32:01 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
tr_handshake * handshake;
|
|
|
|
|
tr_session * session = tr_peerIoGetSession (io);
|
|
|
|
|
|
|
|
|
|
handshake = tr_new0 (tr_handshake, 1);
|
|
|
|
|
handshake->io = io;
|
|
|
|
|
handshake->crypto = tr_peerIoGetCrypto (io);
|
|
|
|
|
handshake->encryptionMode = encryptionMode;
|
|
|
|
|
handshake->doneCB = doneCB;
|
|
|
|
|
handshake->doneUserData = doneUserData;
|
|
|
|
|
handshake->session = session;
|
|
|
|
|
handshake->timeout_timer = evtimer_new (session->event_base, handshakeTimeout, handshake);
|
|
|
|
|
tr_timerAdd (handshake->timeout_timer, HANDSHAKE_TIMEOUT_SEC, 0);
|
|
|
|
|
|
|
|
|
|
tr_peerIoRef (io); /* balanced by the unref in tr_handshakeFree */
|
|
|
|
|
tr_peerIoSetIOFuncs (handshake->io, canRead, NULL, gotError, handshake);
|
|
|
|
|
tr_peerIoSetEncryption (io, PEER_ENCRYPTION_NONE);
|
|
|
|
|
|
|
|
|
|
if (tr_peerIoIsIncoming (handshake->io))
|
|
|
|
|
{
|
|
|
|
|
setReadState (handshake, AWAITING_HANDSHAKE);
|
|
|
|
|
}
|
|
|
|
|
else if (encryptionMode != TR_CLEAR_PREFERRED)
|
|
|
|
|
{
|
|
|
|
|
sendYa (handshake);
|
|
|
|
|
}
|
|
|
|
|
else
|
2008-09-23 19:11:04 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
uint8_t msg[HANDSHAKE_SIZE];
|
|
|
|
|
buildHandshakeMessage (handshake, msg);
|
2009-05-30 21:45:40 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
handshake->haveSentBitTorrentHandshake = 1;
|
|
|
|
|
setReadState (handshake, AWAITING_HANDSHAKE);
|
|
|
|
|
tr_peerIoWriteBytes (handshake->io, msg, sizeof (msg), false);
|
2007-11-08 21:20:08 +00:00
|
|
|
}
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
return handshake;
|
2007-09-20 16:32:01 +00:00
|
|
|
}
|
|
|
|
|
|
2008-09-17 19:44:24 +00:00
|
|
|
struct tr_peerIo*
|
2012-12-05 17:29:46 +00:00
|
|
|
tr_handshakeGetIO (tr_handshake * handshake)
|
2008-09-17 19:44:24 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
assert (handshake != NULL);
|
|
|
|
|
assert (handshake->io != NULL);
|
2008-09-17 19:44:24 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
return handshake->io;
|
2008-09-17 19:44:24 +00:00
|
|
|
}
|
|
|
|
|
|
2008-12-20 22:19:34 +00:00
|
|
|
struct tr_peerIo*
|
2012-12-05 17:29:46 +00:00
|
|
|
tr_handshakeStealIO (tr_handshake * handshake)
|
2008-12-20 22:19:34 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
struct tr_peerIo * io;
|
2008-12-20 22:19:34 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
assert (handshake != NULL);
|
|
|
|
|
assert (handshake->io != NULL);
|
2008-12-20 22:19:34 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
io = handshake->io;
|
|
|
|
|
handshake->io = NULL;
|
|
|
|
|
return io;
|
2008-12-20 22:19:34 +00:00
|
|
|
}
|
|
|
|
|
|
2008-12-02 03:41:58 +00:00
|
|
|
const tr_address *
|
2012-12-05 17:29:46 +00:00
|
|
|
tr_handshakeGetAddr (const struct tr_handshake * handshake,
|
|
|
|
|
tr_port * port)
|
2007-09-20 16:32:01 +00:00
|
|
|
{
|
2012-12-27 22:03:58 +00:00
|
|
|
assert (handshake != NULL);
|
|
|
|
|
assert (handshake->io != NULL);
|
2007-09-20 16:32:01 +00:00
|
|
|
|
2012-12-27 22:03:58 +00:00
|
|
|
return tr_peerIoGetAddress (handshake->io, port);
|
2007-09-20 16:32:01 +00:00
|
|
|
}
|
2008-09-23 19:11:04 +00:00
|
|
|
|
