2019-03-28 00:30:25 +00:00
|
|
|
package tuntap
|
2017-12-29 04:16:20 +00:00
|
|
|
|
|
|
|
// This manages the tun driver to send/recv packets to/from applications
|
|
|
|
|
2019-04-22 23:04:22 +00:00
|
|
|
// TODO: Crypto-key routing support
|
2019-04-22 22:12:13 +00:00
|
|
|
// TODO: Set MTU of session properly
|
2019-04-22 23:04:22 +00:00
|
|
|
// TODO: Reject packets that exceed session MTU with ICMPv6 for PMTU Discovery
|
|
|
|
// TODO: Connection timeouts (call Conn.Close() when we want to time out)
|
2019-04-28 16:14:09 +00:00
|
|
|
// TODO: Don't block in reader on writes that are pending searches
|
2019-04-22 22:12:13 +00:00
|
|
|
|
2018-06-12 22:50:08 +00:00
|
|
|
import (
|
2021-05-08 15:39:07 +00:00
|
|
|
"crypto/ed25519"
|
2018-11-10 15:46:10 +00:00
|
|
|
"errors"
|
2019-04-22 01:56:12 +00:00
|
|
|
"fmt"
|
2019-01-14 14:25:52 +00:00
|
|
|
"net"
|
2019-08-28 18:31:04 +00:00
|
|
|
|
2019-08-25 23:53:11 +00:00
|
|
|
//"sync"
|
2018-07-07 11:08:52 +00:00
|
|
|
|
2019-08-25 23:08:43 +00:00
|
|
|
"github.com/Arceliar/phony"
|
2019-03-28 00:30:25 +00:00
|
|
|
"github.com/gologme/log"
|
2019-11-22 16:43:50 +00:00
|
|
|
"golang.zx2c4.com/wireguard/tun"
|
2018-12-08 01:56:04 +00:00
|
|
|
|
2018-12-15 02:49:18 +00:00
|
|
|
"github.com/yggdrasil-network/yggdrasil-go/src/address"
|
2019-03-28 00:30:25 +00:00
|
|
|
"github.com/yggdrasil-network/yggdrasil-go/src/config"
|
2018-12-08 01:56:04 +00:00
|
|
|
"github.com/yggdrasil-network/yggdrasil-go/src/defaults"
|
2020-01-05 17:27:54 +00:00
|
|
|
"github.com/yggdrasil-network/yggdrasil-go/src/types"
|
2020-02-01 19:58:08 +00:00
|
|
|
"github.com/yggdrasil-network/yggdrasil-go/src/yggdrasil"
|
2018-06-12 22:50:08 +00:00
|
|
|
)
|
2017-12-29 04:16:20 +00:00
|
|
|
|
2020-01-05 17:27:54 +00:00
|
|
|
type MTU = types.MTU
|
|
|
|
|
2019-11-22 16:43:50 +00:00
|
|
|
// TunAdapter represents a running TUN interface and extends the
|
|
|
|
// yggdrasil.Adapter type. In order to use the TUN adapter with Yggdrasil, you
|
|
|
|
// should pass this object to the yggdrasil.SetRouterAdapter() function before
|
|
|
|
// calling yggdrasil.Start().
|
2019-03-28 00:30:25 +00:00
|
|
|
type TunAdapter struct {
|
2019-11-21 00:02:39 +00:00
|
|
|
core *yggdrasil.Core
|
2021-05-08 15:39:07 +00:00
|
|
|
store keyStore
|
2019-08-25 23:53:11 +00:00
|
|
|
config *config.NodeState
|
|
|
|
log *log.Logger
|
|
|
|
addr address.Address
|
|
|
|
subnet address.Subnet
|
2020-01-05 17:27:54 +00:00
|
|
|
mtu MTU
|
2019-11-22 16:43:50 +00:00
|
|
|
iface tun.Device
|
2019-08-25 23:53:11 +00:00
|
|
|
phony.Inbox // Currently only used for _handlePacket from the reader, TODO: all the stuff that currently needs a mutex below
|
|
|
|
//mutex sync.RWMutex // Protects the below
|
2021-05-15 20:55:47 +00:00
|
|
|
isOpen bool
|
|
|
|
gatekeeper func(pubkey ed25519.PublicKey, initiator bool) bool
|
|
|
|
}
|
|
|
|
|
|
|
|
func (tun *TunAdapter) SetSessionGatekeeper(gatekeeper func(pubkey ed25519.PublicKey, initiator bool) bool) {
|
|
|
|
phony.Block(tun, func() {
|
|
|
|
tun.gatekeeper = gatekeeper
|
|
|
|
})
|
2017-12-29 04:16:20 +00:00
|
|
|
}
|
|
|
|
|
2018-06-12 21:45:53 +00:00
|
|
|
// Gets the maximum supported MTU for the platform based on the defaults in
|
2018-07-07 11:08:52 +00:00
|
|
|
// defaults.GetDefaults().
|
2020-01-05 17:27:54 +00:00
|
|
|
func getSupportedMTU(mtu MTU) MTU {
|
2019-11-19 14:20:11 +00:00
|
|
|
if mtu < 1280 {
|
|
|
|
return 1280
|
|
|
|
}
|
2019-11-22 16:43:50 +00:00
|
|
|
if mtu > MaximumMTU() {
|
|
|
|
return MaximumMTU()
|
2018-03-03 11:47:14 +00:00
|
|
|
}
|
|
|
|
return mtu
|
|
|
|
}
|
|
|
|
|
2019-03-29 18:18:31 +00:00
|
|
|
// Name returns the name of the adapter, e.g. "tun0". On Windows, this may
|
|
|
|
// return a canonical adapter name instead.
|
2019-03-28 00:30:25 +00:00
|
|
|
func (tun *TunAdapter) Name() string {
|
2019-11-22 16:43:50 +00:00
|
|
|
if name, err := tun.iface.Name(); err == nil {
|
|
|
|
return name
|
|
|
|
}
|
|
|
|
return ""
|
2019-03-28 00:30:25 +00:00
|
|
|
}
|
|
|
|
|
2019-03-29 18:18:31 +00:00
|
|
|
// MTU gets the adapter's MTU. This can range between 1280 and 65535, although
|
|
|
|
// the maximum value is determined by your platform. The returned value will
|
|
|
|
// never exceed that of MaximumMTU().
|
2020-01-05 17:27:54 +00:00
|
|
|
func (tun *TunAdapter) MTU() MTU {
|
2019-11-22 16:43:50 +00:00
|
|
|
return getSupportedMTU(tun.mtu)
|
2019-03-28 00:30:25 +00:00
|
|
|
}
|
|
|
|
|
2019-11-22 16:43:50 +00:00
|
|
|
// DefaultName gets the default TUN interface name for your platform.
|
2019-03-29 18:05:17 +00:00
|
|
|
func DefaultName() string {
|
|
|
|
return defaults.GetDefaults().DefaultIfName
|
|
|
|
}
|
|
|
|
|
2019-11-22 16:43:50 +00:00
|
|
|
// DefaultMTU gets the default TUN interface MTU for your platform. This can
|
2019-03-29 18:18:31 +00:00
|
|
|
// be as high as MaximumMTU(), depending on platform, but is never lower than 1280.
|
2020-01-05 17:27:54 +00:00
|
|
|
func DefaultMTU() MTU {
|
2019-11-22 16:43:50 +00:00
|
|
|
return defaults.GetDefaults().DefaultIfMTU
|
2019-03-29 18:05:17 +00:00
|
|
|
}
|
|
|
|
|
2019-11-22 16:43:50 +00:00
|
|
|
// MaximumMTU returns the maximum supported TUN interface MTU for your
|
2019-03-29 18:18:31 +00:00
|
|
|
// platform. This can be as high as 65535, depending on platform, but is never
|
|
|
|
// lower than 1280.
|
2020-01-05 17:27:54 +00:00
|
|
|
func MaximumMTU() MTU {
|
2019-11-22 16:43:50 +00:00
|
|
|
return defaults.GetDefaults().MaximumIfMTU
|
2019-03-29 18:05:17 +00:00
|
|
|
}
|
|
|
|
|
2019-11-22 16:43:50 +00:00
|
|
|
// Init initialises the TUN module. You must have acquired a Listener from
|
2019-04-20 15:32:27 +00:00
|
|
|
// the Yggdrasil core before this point and it must not be in use elsewhere.
|
2021-05-08 16:52:22 +00:00
|
|
|
func (tun *TunAdapter) Init(core *yggdrasil.Core, config *config.NodeState, log *log.Logger, options interface{}) error {
|
2019-11-21 00:02:39 +00:00
|
|
|
tun.core = core
|
2021-05-08 15:39:07 +00:00
|
|
|
tun.store.init(tun)
|
2019-04-20 15:32:27 +00:00
|
|
|
tun.config = config
|
|
|
|
tun.log = log
|
2021-05-10 21:06:38 +00:00
|
|
|
if err := tun.core.SetOutOfBandHandler(tun.oobHandler); err != nil {
|
|
|
|
return fmt.Errorf("tun.core.SetOutOfBandHander: %w", err)
|
|
|
|
}
|
2019-10-23 09:44:58 +00:00
|
|
|
return nil
|
2017-12-29 04:16:20 +00:00
|
|
|
}
|
|
|
|
|
2019-11-22 16:43:50 +00:00
|
|
|
// Start the setup process for the TUN adapter. If successful, starts the
|
2019-08-25 23:53:11 +00:00
|
|
|
// reader actor to handle packets on that interface.
|
2019-04-20 15:32:27 +00:00
|
|
|
func (tun *TunAdapter) Start() error {
|
2019-08-25 23:53:11 +00:00
|
|
|
var err error
|
2019-08-28 00:43:54 +00:00
|
|
|
phony.Block(tun, func() {
|
2019-08-25 23:53:11 +00:00
|
|
|
err = tun._start()
|
|
|
|
})
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
func (tun *TunAdapter) _start() error {
|
2019-10-24 22:37:39 +00:00
|
|
|
if tun.isOpen {
|
2019-11-22 16:43:50 +00:00
|
|
|
return errors.New("TUN module is already started")
|
2019-10-24 22:37:39 +00:00
|
|
|
}
|
2019-07-27 14:00:09 +00:00
|
|
|
current := tun.config.GetCurrent()
|
2021-05-08 15:39:07 +00:00
|
|
|
if tun.config == nil {
|
2019-11-22 16:43:50 +00:00
|
|
|
return errors.New("no configuration available to TUN")
|
2019-03-28 00:30:25 +00:00
|
|
|
}
|
2021-05-08 16:52:22 +00:00
|
|
|
sk := tun.core.PrivateKey()
|
|
|
|
pk := sk.Public().(ed25519.PublicKey)
|
|
|
|
tun.addr = *address.AddrForKey(pk)
|
|
|
|
tun.subnet = *address.SubnetForKey(pk)
|
2019-04-22 01:56:12 +00:00
|
|
|
addr := fmt.Sprintf("%s/%d", net.IP(tun.addr[:]).String(), 8*len(address.GetPrefix())-1)
|
2019-11-20 22:11:52 +00:00
|
|
|
if current.IfName == "none" || current.IfName == "dummy" {
|
2019-11-22 16:43:50 +00:00
|
|
|
tun.log.Debugln("Not starting TUN as ifname is none or dummy")
|
2021-05-15 21:44:56 +00:00
|
|
|
go func() {
|
|
|
|
bs := make([]byte, tun.core.PacketConn.MTU())
|
|
|
|
for {
|
|
|
|
// Dump traffic to nowhere
|
|
|
|
if _, _, err := tun.core.PacketConn.ReadFrom(bs); err != nil {
|
|
|
|
return
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}()
|
2019-01-02 18:05:54 +00:00
|
|
|
return nil
|
2018-05-27 21:35:30 +00:00
|
|
|
}
|
2021-05-09 16:27:37 +00:00
|
|
|
mtu := current.IfMTU
|
2021-05-16 18:01:54 +00:00
|
|
|
if tun.maxSessionMTU() < mtu {
|
|
|
|
mtu = tun.maxSessionMTU()
|
2021-05-09 16:27:37 +00:00
|
|
|
}
|
|
|
|
if err := tun.setup(current.IfName, addr, mtu); err != nil {
|
2019-11-20 22:11:52 +00:00
|
|
|
return err
|
|
|
|
}
|
2021-05-09 16:27:37 +00:00
|
|
|
if tun.MTU() != mtu {
|
2019-11-22 16:43:50 +00:00
|
|
|
tun.log.Warnf("Warning: Interface MTU %d automatically adjusted to %d (supported range is 1280-%d)", current.IfMTU, tun.MTU(), MaximumMTU())
|
2019-11-20 22:11:52 +00:00
|
|
|
}
|
2018-12-16 23:01:59 +00:00
|
|
|
tun.isOpen = true
|
2021-05-08 16:35:04 +00:00
|
|
|
go tun.read()
|
|
|
|
go tun.write()
|
2018-05-27 21:35:30 +00:00
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2019-10-23 09:44:58 +00:00
|
|
|
// IsStarted returns true if the module has been started.
|
|
|
|
func (tun *TunAdapter) IsStarted() bool {
|
2019-10-24 22:37:39 +00:00
|
|
|
var isOpen bool
|
|
|
|
phony.Block(tun, func() {
|
|
|
|
isOpen = tun.isOpen
|
|
|
|
})
|
|
|
|
return isOpen
|
2019-10-23 09:44:58 +00:00
|
|
|
}
|
|
|
|
|
2019-11-22 16:43:50 +00:00
|
|
|
// Start the setup process for the TUN adapter. If successful, starts the
|
2019-07-06 10:52:30 +00:00
|
|
|
// read/write goroutines to handle packets on that interface.
|
|
|
|
func (tun *TunAdapter) Stop() error {
|
2019-08-25 23:53:11 +00:00
|
|
|
var err error
|
2019-08-28 00:43:54 +00:00
|
|
|
phony.Block(tun, func() {
|
2019-08-25 23:53:11 +00:00
|
|
|
err = tun._stop()
|
|
|
|
})
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
func (tun *TunAdapter) _stop() error {
|
2019-07-06 10:52:30 +00:00
|
|
|
tun.isOpen = false
|
2019-11-22 16:43:50 +00:00
|
|
|
// by TUN, e.g. readers/writers, sessions
|
2019-09-01 18:06:25 +00:00
|
|
|
if tun.iface != nil {
|
|
|
|
// Just in case we failed to start up the iface for some reason, this can apparently happen on Windows
|
|
|
|
tun.iface.Close()
|
|
|
|
}
|
2019-07-06 10:52:30 +00:00
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2021-05-08 16:32:57 +00:00
|
|
|
func (tun *TunAdapter) oobHandler(fromKey, toKey ed25519.PublicKey, data []byte) {
|
|
|
|
if len(data) != 1+ed25519.SignatureSize {
|
|
|
|
return
|
|
|
|
}
|
|
|
|
sig := data[1:]
|
|
|
|
switch data[0] {
|
|
|
|
case typeKeyLookup:
|
|
|
|
snet := *address.SubnetForKey(toKey)
|
|
|
|
if snet == tun.subnet && ed25519.Verify(fromKey, toKey[:], sig) {
|
|
|
|
// This is looking for at least our subnet (possibly our address)
|
|
|
|
// Send a response
|
|
|
|
tun.sendKeyResponse(fromKey)
|
|
|
|
}
|
|
|
|
case typeKeyResponse:
|
|
|
|
// TODO keep a list of something to match against...
|
|
|
|
// Ignore the response if it doesn't match anything of interest...
|
|
|
|
if ed25519.Verify(fromKey, toKey[:], sig) {
|
|
|
|
tun.store.update(fromKey)
|
2019-04-20 15:32:27 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2021-05-08 15:39:07 +00:00
|
|
|
func (tun *TunAdapter) sendKeyLookup(partial ed25519.PublicKey) {
|
2021-05-08 16:52:22 +00:00
|
|
|
sig := ed25519.Sign(tun.core.PrivateKey(), partial[:])
|
2021-05-08 16:32:57 +00:00
|
|
|
bs := append([]byte{typeKeyLookup}, sig...)
|
|
|
|
tun.core.SendOutOfBand(partial, bs)
|
2021-05-08 15:39:07 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
func (tun *TunAdapter) sendKeyResponse(dest ed25519.PublicKey) {
|
2021-05-08 16:52:22 +00:00
|
|
|
sig := ed25519.Sign(tun.core.PrivateKey(), dest[:])
|
2021-05-08 16:32:57 +00:00
|
|
|
bs := append([]byte{typeKeyResponse}, sig...)
|
|
|
|
tun.core.SendOutOfBand(dest, bs)
|
2021-05-08 15:39:07 +00:00
|
|
|
}
|
2021-05-16 18:01:54 +00:00
|
|
|
|
|
|
|
func (tun *TunAdapter) maxSessionMTU() MTU {
|
|
|
|
const sessionTypeOverhead = 1
|
|
|
|
return MTU(tun.core.MTU() - sessionTypeOverhead)
|
|
|
|
}
|