[openssh.git] / roaming_common.c

/* $OpenBSD: roaming_common.c,v 1.7 2009/12/06 23:53:45 djm Exp $ */
/*
 * Copyright (c) 2004-2009 AppGate Network Security AB
 *
 * Permission to use, copy, modify, and distribute this software for any
 * purpose with or without fee is hereby granted, provided that the above
 * copyright notice and this permission notice appear in all copies.
 *
 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 */

#include "includes.h"

#include <sys/types.h>
#include <sys/socket.h>
#include <sys/uio.h>

#include <errno.h>
#ifdef HAVE_INTTYPES_H
#include <inttypes.h>
#endif
#include <stdarg.h>
#include <string.h>
#include <unistd.h>

#include "atomicio.h"
#include "log.h"
#include "packet.h"
#include "xmalloc.h"
#include "cipher.h"
#include "buffer.h"
#include "roaming.h"

static size_t out_buf_size = 0;
static char *out_buf = NULL;
static size_t out_start;
static size_t out_last;

static u_int64_t write_bytes = 0;
static u_int64_t read_bytes = 0;

int roaming_enabled = 0;
int resume_in_progress = 0;

int
get_snd_buf_size()
{
	int fd = packet_get_connection_out();
	int optval;
	socklen_t optvallen = sizeof(optval);

	if (getsockopt(fd, SOL_SOCKET, SO_SNDBUF, &optval, &optvallen) != 0)
		optval = DEFAULT_ROAMBUF;
	return optval;
}

int
get_recv_buf_size()
{
	int fd = packet_get_connection_in();
	int optval;
	socklen_t optvallen = sizeof(optval);

	if (getsockopt(fd, SOL_SOCKET, SO_RCVBUF, &optval, &optvallen) != 0)
		optval = DEFAULT_ROAMBUF;
	return optval;
}

void
set_out_buffer_size(size_t size)
{
	/*
	 * The buffer size can only be set once and the buffer will live
	 * as long as the session lives.
	 */
	if (out_buf == NULL) {
		out_buf_size = size;
		out_buf = xmalloc(size);
		out_start = 0;
		out_last = 0;
	}
}

u_int64_t
get_recv_bytes(void)
{
	return read_bytes;
}

void
add_recv_bytes(u_int64_t num)
{
	read_bytes += num;
}

u_int64_t
get_sent_bytes(void)
{
	return write_bytes;
}

void
roam_set_bytes(u_int64_t sent, u_int64_t recvd)
{
	read_bytes = recvd;
	write_bytes = sent;
}

static void
buf_append(const char *buf, size_t count)
{
	if (count > out_buf_size) {
		buf += count - out_buf_size;
		count = out_buf_size;
	}
	if (count < out_buf_size - out_last) {
		memcpy(out_buf + out_last, buf, count);
		if (out_start > out_last)
			out_start += count;
		out_last += count;
	} else {
		/* data will wrap */
		size_t chunk = out_buf_size - out_last;
		memcpy(out_buf + out_last, buf, chunk);
		memcpy(out_buf, buf + chunk, count - chunk);
		out_last = count - chunk;
		out_start = out_last + 1;
	}
}

ssize_t
roaming_write(int fd, const void *buf, size_t count, int *cont)
{
	ssize_t ret;

	ret = write(fd, buf, count);
	if (ret > 0 && !resume_in_progress) {
		write_bytes += ret;
		if (out_buf_size > 0)
			buf_append(buf, ret);
	}
	debug3("Wrote %ld bytes for a total of %llu", (long)ret,
	    (unsigned long long)write_bytes);
	if (out_buf_size > 0 &&
	    (ret == 0 || (ret == -1 && errno == EPIPE))) {
		if (wait_for_roaming_reconnect() != 0) {
			ret = 0;
			*cont = 1;
		} else {
			ret = -1;
			errno = EAGAIN;
		}
	}
	return ret;
}

ssize_t
roaming_read(int fd, void *buf, size_t count, int *cont)
{
	ssize_t ret = read(fd, buf, count);
	if (ret > 0) {
		if (!resume_in_progress) {
			read_bytes += ret;
		}
	} else if (out_buf_size > 0 &&
	    (ret == 0 || (ret == -1 && (errno == ECONNRESET
	    || errno == ECONNABORTED || errno == ETIMEDOUT
	    || errno == EHOSTUNREACH)))) {
		debug("roaming_read failed for %d  ret=%ld  errno=%d",
		    fd, (long)ret, errno);
		ret = 0;
		if (wait_for_roaming_reconnect() == 0)
			*cont = 1;
	}
	return ret;
}

size_t
roaming_atomicio(ssize_t(*f)(int, void*, size_t), int fd, void *buf,
    size_t count)
{
	size_t ret = atomicio(f, fd, buf, count);

	if (f == vwrite && ret > 0 && !resume_in_progress) {
		write_bytes += ret;
	} else if (f == read && ret > 0 && !resume_in_progress) {
		read_bytes += ret;
	}
	return ret;
}

void
resend_bytes(int fd, u_int64_t *offset)
{
	size_t available, needed;

	if (out_start < out_last)
		available = out_last - out_start;
	else
		available = out_buf_size;
	needed = write_bytes - *offset;
	debug3("resend_bytes: resend %lu bytes from %llu",
	    (unsigned long)needed, (unsigned long long)*offset);
	if (needed > available)
		fatal("Needed to resend more data than in the cache");
	if (out_last < needed) {
		int chunkend = needed - out_last;
		atomicio(vwrite, fd, out_buf + out_buf_size - chunkend,
		    chunkend);
		atomicio(vwrite, fd, out_buf, out_last);
	} else {
		atomicio(vwrite, fd, out_buf + (out_last - needed), needed);
	}
}

/*
 * Caclulate a new key after a reconnect
 */
void
calculate_new_key(u_int64_t *key, u_int64_t cookie, u_int64_t challenge)
{
	const EVP_MD *md = EVP_sha1();
	EVP_MD_CTX ctx;
	char hash[EVP_MAX_MD_SIZE];
	Buffer b;

	buffer_init(&b);
	buffer_put_int64(&b, *key);
	buffer_put_int64(&b, cookie);
	buffer_put_int64(&b, challenge);

	EVP_DigestInit(&ctx, md);
	EVP_DigestUpdate(&ctx, buffer_ptr(&b), buffer_len(&b));
	EVP_DigestFinal(&ctx, hash, NULL);

	buffer_clear(&b);
	buffer_append(&b, hash, EVP_MD_size(md));
	*key = buffer_get_int64(&b);
	buffer_free(&b);
}
Commit	Line	Data
e657a401	1	/* $OpenBSD: roaming_common.c,v 1.7 2009/12/06 23:53:45 djm Exp $ */
d0137ef8	2	/*
	3	* Copyright (c) 2004-2009 AppGate Network Security AB
	4	*
	5	* Permission to use, copy, modify, and distribute this software for any
	6	* purpose with or without fee is hereby granted, provided that the above
	7	* copyright notice and this permission notice appear in all copies.
	8	*
	9	* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
	10	* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
	11	* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
	12	* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
	13	* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
	14	* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
	15	* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
	16	*/
	17
e85016d4	18	#include "includes.h"
e85016d4	19
d0137ef8	20	#include <sys/types.h>
	21	#include <sys/socket.h>
	22	#include <sys/uio.h>
	23
	24	#include <errno.h>
e85016d4	25	#ifdef HAVE_INTTYPES_H
d0137ef8	26	#include <inttypes.h>
e85016d4	27	#endif
d0137ef8	28	#include <stdarg.h>
e3fe98a2	29	#include <string.h>
d0137ef8	30	#include <unistd.h>
	31
	32	#include "atomicio.h"
	33	#include "log.h"
	34	#include "packet.h"
	35	#include "xmalloc.h"
	36	#include "cipher.h"
	37	#include "buffer.h"
	38	#include "roaming.h"
	39
e3fe98a2	40	static size_t out_buf_size = 0;
	41	static char *out_buf = NULL;
	42	static size_t out_start;
	43	static size_t out_last;
	44
d0137ef8	45	static u_int64_t write_bytes = 0;
	46	static u_int64_t read_bytes = 0;
	47
e3fe98a2	48	int roaming_enabled = 0;
d0137ef8	49	int resume_in_progress = 0;
d0137ef8	50
e3fe98a2	51	int
	52	get_snd_buf_size()
	53	{
	54	int fd = packet_get_connection_out();
e657a401	55	int optval;
e657a401	56	socklen_t optvallen = sizeof(optval);
e3fe98a2	57
e3fe98a2	58	if (getsockopt(fd, SOL_SOCKET, SO_SNDBUF, &optval, &optvallen) != 0)
	59	optval = DEFAULT_ROAMBUF;
	60	return optval;
	61	}
	62
	63	int
	64	get_recv_buf_size()
	65	{
	66	int fd = packet_get_connection_in();
e657a401	67	int optval;
e657a401	68	socklen_t optvallen = sizeof(optval);
e3fe98a2	69
e3fe98a2	70	if (getsockopt(fd, SOL_SOCKET, SO_RCVBUF, &optval, &optvallen) != 0)
	71	optval = DEFAULT_ROAMBUF;
	72	return optval;
	73	}
	74
	75	void
	76	set_out_buffer_size(size_t size)
	77	{
	78	/*
	79	* The buffer size can only be set once and the buffer will live
	80	* as long as the session lives.
	81	*/
	82	if (out_buf == NULL) {
	83	out_buf_size = size;
	84	out_buf = xmalloc(size);
	85	out_start = 0;
	86	out_last = 0;
	87	}
	88	}
	89
d0137ef8	90	u_int64_t
	91	get_recv_bytes(void)
	92	{
	93	return read_bytes;
	94	}
	95
	96	void
	97	add_recv_bytes(u_int64_t num)
	98	{
	99	read_bytes += num;
	100	}
	101
	102	u_int64_t
	103	get_sent_bytes(void)
	104	{
	105	return write_bytes;
	106	}
	107
	108	void
ac692f84	109	roam_set_bytes(u_int64_t sent, u_int64_t recvd)
d0137ef8	110	{
ac692f84	111	read_bytes = recvd;
d0137ef8	112	write_bytes = sent;
	113	}
	114
e3fe98a2	115	static void
	116	buf_append(const char *buf, size_t count)
	117	{
	118	if (count > out_buf_size) {
	119	buf += count - out_buf_size;
	120	count = out_buf_size;
	121	}
	122	if (count < out_buf_size - out_last) {
	123	memcpy(out_buf + out_last, buf, count);
	124	if (out_start > out_last)
	125	out_start += count;
	126	out_last += count;
	127	} else {
	128	/* data will wrap */
	129	size_t chunk = out_buf_size - out_last;
	130	memcpy(out_buf + out_last, buf, chunk);
	131	memcpy(out_buf, buf + chunk, count - chunk);
	132	out_last = count - chunk;
	133	out_start = out_last + 1;
	134	}
	135	}
	136
d0137ef8	137	ssize_t
	138	roaming_write(int fd, const void buf, size_t count, int cont)
	139	{
	140	ssize_t ret;
	141
	142	ret = write(fd, buf, count);
	143	if (ret > 0 && !resume_in_progress) {
	144	write_bytes += ret;
e3fe98a2	145	if (out_buf_size > 0)
e3fe98a2	146	buf_append(buf, ret);
d0137ef8	147	}
ac692f84	148	debug3("Wrote %ld bytes for a total of %llu", (long)ret,
ac692f84	149	(unsigned long long)write_bytes);
60751dff	150	if (out_buf_size > 0 &&
	151	(ret == 0 \|\| (ret == -1 && errno == EPIPE))) {
	152	if (wait_for_roaming_reconnect() != 0) {
	153	ret = 0;
	154	*cont = 1;
	155	} else {
	156	ret = -1;
	157	errno = EAGAIN;
	158	}
	159	}
d0137ef8	160	return ret;
	161	}
	162
	163	ssize_t
	164	roaming_read(int fd, void buf, size_t count, int cont)
	165	{
	166	ssize_t ret = read(fd, buf, count);
	167	if (ret > 0) {
	168	if (!resume_in_progress) {
	169	read_bytes += ret;
	170	}
60751dff	171	} else if (out_buf_size > 0 &&
	172	(ret == 0 \|\| (ret == -1 && (errno == ECONNRESET
	173	\|\| errno == ECONNABORTED \|\| errno == ETIMEDOUT
	174	\|\| errno == EHOSTUNREACH)))) {
	175	debug("roaming_read failed for %d ret=%ld errno=%d",
	176	fd, (long)ret, errno);
	177	ret = 0;
	178	if (wait_for_roaming_reconnect() == 0)
	179	*cont = 1;
d0137ef8	180	}
	181	return ret;
	182	}
	183
ac692f84	184	size_t
	185	roaming_atomicio(ssize_t(f)(int, void, size_t), int fd, void *buf,
	186	size_t count)
d0137ef8	187	{
ac692f84	188	size_t ret = atomicio(f, fd, buf, count);
d0137ef8	189
ac692f84	190	if (f == vwrite && ret > 0 && !resume_in_progress) {
d0137ef8	191	write_bytes += ret;
	192	} else if (f == read && ret > 0 && !resume_in_progress) {
	193	read_bytes += ret;
	194	}
	195	return ret;
	196	}
e3fe98a2	197
	198	void
	199	resend_bytes(int fd, u_int64_t *offset)
	200	{
	201	size_t available, needed;
	202
	203	if (out_start < out_last)
	204	available = out_last - out_start;
	205	else
	206	available = out_buf_size;
	207	needed = write_bytes - *offset;
	208	debug3("resend_bytes: resend %lu bytes from %llu",
	209	(unsigned long)needed, (unsigned long long)*offset);
	210	if (needed > available)
	211	fatal("Needed to resend more data than in the cache");
	212	if (out_last < needed) {
	213	int chunkend = needed - out_last;
	214	atomicio(vwrite, fd, out_buf + out_buf_size - chunkend,
	215	chunkend);
	216	atomicio(vwrite, fd, out_buf, out_last);
	217	} else {
	218	atomicio(vwrite, fd, out_buf + (out_last - needed), needed);
	219	}
	220	}
60751dff	221
	222	/*
	223	* Caclulate a new key after a reconnect
	224	*/
	225	void
	226	calculate_new_key(u_int64_t *key, u_int64_t cookie, u_int64_t challenge)
	227	{
	228	const EVP_MD *md = EVP_sha1();
	229	EVP_MD_CTX ctx;
	230	char hash[EVP_MAX_MD_SIZE];
	231	Buffer b;
	232
	233	buffer_init(&b);
	234	buffer_put_int64(&b, *key);
	235	buffer_put_int64(&b, cookie);
	236	buffer_put_int64(&b, challenge);
	237
	238	EVP_DigestInit(&ctx, md);
	239	EVP_DigestUpdate(&ctx, buffer_ptr(&b), buffer_len(&b));
	240	EVP_DigestFinal(&ctx, hash, NULL);
	241
	242	buffer_clear(&b);
	243	buffer_append(&b, hash, EVP_MD_size(md));
	244	*key = buffer_get_int64(&b);
	245	buffer_free(&b);
	246	}