stun

simple point to point tunnel
git clone git://git.2f30.org/stun
Log | Files | Refs | README

commit d5cd6406f8799e37a39afd79ab5ee90eeb70a240
parent 1681468b80bca10e20b57d795598298d1149ac56
Author: sin <sin@2f30.org>
Date:   Tue, 12 Apr 2016 11:41:05 +0100

factor out auth code

Diffstat:
MMakefile | 4++--
Aauth.c | 69+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Mstun.c | 60------------------------------------------------------------
Mstun.h | 4++++
4 files changed, 75 insertions(+), 62 deletions(-)

diff --git a/Makefile b/Makefile @@ -1,9 +1,9 @@ include config.mk -DISTFILES = Makefile README WHATSNEW UNLICENSE arg.h \ +DISTFILES = Makefile README WHATSNEW UNLICENSE arg.h auth.c \ config.mk crypto.c dev_bsd.c dev_linux.c log.c \ net.c stun.8 stun.c stun.h util.c -OBJ = $(EXTRAOBJ) crypto.o log.o net.o stun.o util.o +OBJ = $(EXTRAOBJ) auth.o crypto.o log.o net.o stun.o util.o BIN = stun all: $(BIN) diff --git a/auth.c b/auth.c @@ -0,0 +1,69 @@ +#include <poll.h> +#include <stdint.h> +#include <stdlib.h> + +#if defined(__linux__) +#include <bsd/stdlib.h> +#endif + +#include "stun.h" + +int +challenge(int netfd) +{ + unsigned char buf[sizeof(uint64_t)]; + struct pollfd pfd[1]; + uint64_t n, reply; + int ret; + + arc4random_buf(&n, sizeof(uint64_t)); + pack64(buf, n); + if (writenet(netfd, buf, sizeof(uint64_t)) <= 0) + return -1; + + pfd[0].fd = netfd; + pfd[0].events = POLLIN; + ret = poll(pfd, 1, RCVTIMEO); + if (ret < 0) { + logwarn("poll failed"); + return -1; + } else if (ret == 0) { + logwarn("challenge-response timed out"); + return -1; + } + + if (pfd[0].revents & (POLLIN | POLLHUP)) { + ret = readnet(netfd, buf, sizeof(uint64_t)); + if (ret <= 0) { + return -1; + } else if (ret == BADPKT) { + logwarn("bad packet"); + return -1; + } + reply = unpack64(buf); + if (n + 1 == reply) + return 0; + } + return -1; +} + +int +response(int netfd) +{ + unsigned char buf[sizeof(uint64_t)]; + uint64_t reply; + int ret; + + ret = readnet(netfd, buf, sizeof(uint64_t)); + if (ret <= 0) { + return -1; + } else if (ret == BADPKT) { + logwarn("bad packet"); + return -1; + } + reply = unpack64(buf); + pack64(buf, reply + 1); + if (writenet(netfd, buf, sizeof(uint64_t)) <= 0) + return -1; + return 0; +} diff --git a/stun.c b/stun.c @@ -75,66 +75,6 @@ int foreground; int sflag; int -challenge(int netfd) -{ - unsigned char buf[sizeof(uint64_t)]; - struct pollfd pfd[1]; - uint64_t n, reply; - int ret; - - arc4random_buf(&n, sizeof(uint64_t)); - pack64(buf, n); - if (writenet(netfd, buf, sizeof(uint64_t)) <= 0) - return -1; - - pfd[0].fd = netfd; - pfd[0].events = POLLIN; - ret = poll(pfd, 1, RCVTIMEO); - if (ret < 0) { - logwarn("poll failed"); - return -1; - } else if (ret == 0) { - logwarn("challenge-response timed out"); - return -1; - } - - if (pfd[0].revents & (POLLIN | POLLHUP)) { - ret = readnet(netfd, buf, sizeof(uint64_t)); - if (ret <= 0) { - return -1; - } else if (ret == BADPKT) { - logwarn("bad packet"); - return -1; - } - reply = unpack64(buf); - if (n + 1 == reply) - return 0; - } - return -1; -} - -int -response(int netfd) -{ - unsigned char buf[sizeof(uint64_t)]; - uint64_t reply; - int ret; - - ret = readnet(netfd, buf, sizeof(uint64_t)); - if (ret <= 0) { - return -1; - } else if (ret == BADPKT) { - logwarn("bad packet"); - return -1; - } - reply = unpack64(buf); - pack64(buf, reply + 1); - if (writenet(netfd, buf, sizeof(uint64_t)) <= 0) - return -1; - return 0; -} - -int tunnel(int netfd, int devfd) { unsigned char buf[MAXPAYLOADLEN]; diff --git a/stun.h b/stun.h @@ -20,6 +20,10 @@ extern int debug; extern int foreground; extern char *cipher; +/* auth.c */ +int challenge(int); +int response(int); + /* crypto.c */ void cryptoinit(char *); size_t cryptononcelen(void);