2 This file is part of GNUnet.
3 Copyright (C) 2010-2013 Christian Grothoff
5 GNUnet is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published
7 by the Free Software Foundation; either version 3, or (at your
8 option) any later version.
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 General Public License for more details.
15 You should have received a copy of the GNU General Public License
16 along with GNUnet; see the file COPYING. If not, write to the
17 Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
18 Boston, MA 02110-1301, USA.
22 * @author Philipp Toelke
23 * @author Christian Grothoff
26 * Standard TCP/IP network structs and IP checksum calculations for TUN interaction
28 * @defgroup tun TUN library
29 * Standard TCP/IP network structs and IP checksum calculations for TUN interaction
32 #ifndef GNUNET_TUN_LIB_H
33 #define GNUNET_TUN_LIB_H
35 #include "gnunet_util_lib.h"
38 /* see http://www.iana.org/assignments/ethernet-numbers */
43 #define ETH_P_IPV4 0x0800
50 #define ETH_P_IPV6 0x86DD
55 * Maximum regex string length for use with #GNUNET_TUN_ipv4toregexsearch.
57 * 8 bytes for IPv4, 4 bytes for port, 1 byte for "4", 2 bytes for "-",
58 * one byte for 0-termination.
60 #define GNUNET_TUN_IPV4_REGEXLEN 16
64 * Maximum regex string length for use with #GNUNET_TUN_ipv6toregexsearch
66 * 32 bytes for IPv4, 4 bytes for port, 1 byte for "4", 2 bytes for "-",
67 * one byte for 0-termination.
69 #define GNUNET_TUN_IPV6_REGEXLEN 40
72 GNUNET_NETWORK_STRUCT_BEGIN
75 * Header from Linux TUN interface.
77 struct GNUNET_TUN_Layer2PacketHeader
80 * Some flags (unused).
82 uint16_t flags GNUNET_PACKED;
85 * Here we get an ETH_P_-number.
87 uint16_t proto GNUNET_PACKED;
92 * Standard IPv4 header.
94 struct GNUNET_TUN_IPv4Header
96 #if __BYTE_ORDER == __LITTLE_ENDIAN
97 unsigned int header_length:4 GNUNET_PACKED;
98 unsigned int version:4 GNUNET_PACKED;
99 #elif __BYTE_ORDER == __BIG_ENDIAN
100 unsigned int version:4 GNUNET_PACKED;
101 unsigned int header_length:4 GNUNET_PACKED;
103 #error byteorder undefined
108 * Length of the packet, including this header.
110 uint16_t total_length GNUNET_PACKED;
113 * Unique random ID for matching up fragments.
115 uint16_t identification GNUNET_PACKED;
117 unsigned int flags:3 GNUNET_PACKED;
119 unsigned int fragmentation_offset:13 GNUNET_PACKED;
122 * How many more hops can this packet be forwarded?
127 * L4-protocol, for example, IPPROTO_UDP or IPPROTO_TCP.
134 uint16_t checksum GNUNET_PACKED;
137 * Origin of the packet.
139 struct in_addr source_address GNUNET_PACKED;
142 * Destination of the packet.
144 struct in_addr destination_address GNUNET_PACKED;
145 } GNUNET_GCC_STRUCT_LAYOUT;
149 * Standard IPv6 header.
151 struct GNUNET_TUN_IPv6Header
153 #if __BYTE_ORDER == __LITTLE_ENDIAN
154 unsigned int traffic_class_h:4 GNUNET_PACKED;
155 unsigned int version:4 GNUNET_PACKED;
156 unsigned int traffic_class_l:4 GNUNET_PACKED;
157 unsigned int flow_label:20 GNUNET_PACKED;
158 #elif __BYTE_ORDER == __BIG_ENDIAN
159 unsigned int version:4 GNUNET_PACKED;
160 unsigned int traffic_class:8 GNUNET_PACKED;
161 unsigned int flow_label:20 GNUNET_PACKED;
163 #error byteorder undefined
166 * Length of the payload, excluding this header.
168 uint16_t payload_length GNUNET_PACKED;
171 * For example, IPPROTO_UDP or IPPROTO_TCP.
176 * How many more hops can this packet be forwarded?
181 * Origin of the packet.
183 struct in6_addr source_address GNUNET_PACKED;
186 * Destination of the packet.
188 struct in6_addr destination_address GNUNET_PACKED;
189 } GNUNET_GCC_STRUCT_LAYOUT;
195 #define GNUNET_TUN_TCP_FLAGS_FIN 1
196 #define GNUNET_TUN_TCP_FLAGS_SYN 2
197 #define GNUNET_TUN_TCP_FLAGS_RST 4
198 #define GNUNET_TUN_TCP_FLAGS_PSH 8
199 #define GNUNET_TUN_TCP_FLAGS_ACK 16
200 #define GNUNET_TUN_TCP_FLAGS_URG 32
201 #define GNUNET_TUN_TCP_FLAGS_ECE 64
202 #define GNUNET_TUN_TCP_FLAGS_CWR 128
207 struct GNUNET_TUN_TcpHeader
210 * Source port (in NBO).
212 uint16_t source_port GNUNET_PACKED;
215 * Destination port (in NBO).
217 uint16_t destination_port GNUNET_PACKED;
222 uint32_t seq GNUNET_PACKED;
225 * Acknowledgement number.
227 uint32_t ack GNUNET_PACKED;
228 #if __BYTE_ORDER == __LITTLE_ENDIAN
230 * Reserved. Must be zero.
232 unsigned int reserved : 4 GNUNET_PACKED;
234 * Number of 32-bit words in TCP header.
236 unsigned int off : 4 GNUNET_PACKED;
237 #elif __BYTE_ORDER == __BIG_ENDIAN
239 * Number of 32-bit words in TCP header.
241 unsigned int off : 4 GNUNET_PACKED;
243 * Reserved. Must be zero.
245 unsigned int reserved : 4 GNUNET_PACKED;
247 #error byteorder undefined
251 * Flags (SYN, FIN, ACK, etc.)
258 uint16_t window_size GNUNET_PACKED;
263 uint16_t crc GNUNET_PACKED;
268 uint16_t urgent_pointer GNUNET_PACKED;
269 } GNUNET_GCC_STRUCT_LAYOUT;
275 struct GNUNET_TUN_UdpHeader
278 * Source port (in NBO).
280 uint16_t source_port GNUNET_PACKED;
283 * Destination port (in NBO).
285 uint16_t destination_port GNUNET_PACKED;
288 * Number of bytes of payload.
290 uint16_t len GNUNET_PACKED;
295 uint16_t crc GNUNET_PACKED;
301 * A few common DNS classes (ok, only one is common, but I list a
302 * couple more to make it clear what we're talking about here).
304 #define GNUNET_TUN_DNS_CLASS_INTERNET 1
305 #define GNUNET_TUN_DNS_CLASS_CHAOS 3
306 #define GNUNET_TUN_DNS_CLASS_HESIOD 4
308 #define GNUNET_TUN_DNS_OPCODE_QUERY 0
309 #define GNUNET_TUN_DNS_OPCODE_INVERSE_QUERY 1
310 #define GNUNET_TUN_DNS_OPCODE_STATUS 2
316 #define GNUNET_TUN_DNS_RETURN_CODE_NO_ERROR 0
317 #define GNUNET_TUN_DNS_RETURN_CODE_FORMAT_ERROR 1
318 #define GNUNET_TUN_DNS_RETURN_CODE_SERVER_FAILURE 2
319 #define GNUNET_TUN_DNS_RETURN_CODE_NAME_ERROR 3
320 #define GNUNET_TUN_DNS_RETURN_CODE_NOT_IMPLEMENTED 4
321 #define GNUNET_TUN_DNS_RETURN_CODE_REFUSED 5
326 #define GNUNET_TUN_DNS_RETURN_CODE_YXDOMAIN 6
327 #define GNUNET_TUN_DNS_RETURN_CODE_YXRRSET 7
328 #define GNUNET_TUN_DNS_RETURN_CODE_NXRRSET 8
329 #define GNUNET_TUN_DNS_RETURN_CODE_NOT_AUTH 9
330 #define GNUNET_TUN_DNS_RETURN_CODE_NOT_ZONE 10
334 * DNS flags (largely RFC 1035 / RFC 2136).
336 struct GNUNET_TUN_DnsFlags
338 #if __BYTE_ORDER == __LITTLE_ENDIAN
340 * Set to 1 if recursion is desired (client -> server)
342 unsigned int recursion_desired : 1 GNUNET_PACKED;
345 * Set to 1 if message is truncated
347 unsigned int message_truncated : 1 GNUNET_PACKED;
350 * Set to 1 if this is an authoritative answer
352 unsigned int authoritative_answer : 1 GNUNET_PACKED;
355 * See GNUNET_TUN_DNS_OPCODE_ defines.
357 unsigned int opcode : 4 GNUNET_PACKED;
360 * query:0, response:1
362 unsigned int query_or_response : 1 GNUNET_PACKED;
365 * See GNUNET_TUN_DNS_RETURN_CODE_ defines.
367 unsigned int return_code : 4 GNUNET_PACKED;
372 unsigned int checking_disabled : 1 GNUNET_PACKED;
375 * Response has been cryptographically verified, RFC 4035.
377 unsigned int authenticated_data : 1 GNUNET_PACKED;
382 unsigned int zero : 1 GNUNET_PACKED;
385 * Set to 1 if recursion is available (server -> client)
387 unsigned int recursion_available : 1 GNUNET_PACKED;
388 #elif __BYTE_ORDER == __BIG_ENDIAN
391 * query:0, response:1
393 unsigned int query_or_response : 1 GNUNET_PACKED;
396 * See GNUNET_TUN_DNS_OPCODE_ defines.
398 unsigned int opcode : 4 GNUNET_PACKED;
401 * Set to 1 if this is an authoritative answer
403 unsigned int authoritative_answer : 1 GNUNET_PACKED;
406 * Set to 1 if message is truncated
408 unsigned int message_truncated : 1 GNUNET_PACKED;
411 * Set to 1 if recursion is desired (client -> server)
413 unsigned int recursion_desired : 1 GNUNET_PACKED;
417 * Set to 1 if recursion is available (server -> client)
419 unsigned int recursion_available : 1 GNUNET_PACKED;
424 unsigned int zero : 1 GNUNET_PACKED;
427 * Response has been cryptographically verified, RFC 4035.
429 unsigned int authenticated_data : 1 GNUNET_PACKED;
434 unsigned int checking_disabled : 1 GNUNET_PACKED;
437 * See GNUNET_TUN_DNS_RETURN_CODE_ defines.
439 unsigned int return_code : 4 GNUNET_PACKED;
441 #error byteorder undefined
444 } GNUNET_GCC_STRUCT_LAYOUT;
451 struct GNUNET_TUN_DnsHeader
454 * Unique identifier for the request/response.
456 uint16_t id GNUNET_PACKED;
461 struct GNUNET_TUN_DnsFlags flags;
466 uint16_t query_count GNUNET_PACKED;
471 uint16_t answer_rcount GNUNET_PACKED;
474 * Number of authoritative answers.
476 uint16_t authority_rcount GNUNET_PACKED;
479 * Number of additional records.
481 uint16_t additional_rcount GNUNET_PACKED;
486 * Payload of DNS SOA record (header).
488 struct GNUNET_TUN_DnsSoaRecord
491 * The version number of the original copy of the zone. (NBO)
493 uint32_t serial GNUNET_PACKED;
496 * Time interval before the zone should be refreshed. (NBO)
498 uint32_t refresh GNUNET_PACKED;
501 * Time interval that should elapse before a failed refresh should
504 uint32_t retry GNUNET_PACKED;
507 * Time value that specifies the upper limit on the time interval
508 * that can elapse before the zone is no longer authoritative. (NBO)
510 uint32_t expire GNUNET_PACKED;
513 * The bit minimum TTL field that should be exported with any RR
514 * from this zone. (NBO)
516 uint32_t minimum GNUNET_PACKED;
521 * Payload of DNS SRV record (header).
523 struct GNUNET_TUN_DnsSrvRecord
527 * Preference for this entry (lower value is higher preference). Clients
528 * will contact hosts from the lowest-priority group first and fall back
529 * to higher priorities if the low-priority entries are unavailable. (NBO)
531 uint16_t prio GNUNET_PACKED;
534 * Relative weight for records with the same priority. Clients will use
535 * the hosts of the same (lowest) priority with a probability proportional
536 * to the weight given. (NBO)
538 uint16_t weight GNUNET_PACKED;
541 * TCP or UDP port of the service. (NBO)
543 uint16_t port GNUNET_PACKED;
545 /* followed by 'target' name */
550 * Payload of DNS CERT record.
552 struct GNUNET_TUN_DnsCertRecord
570 /* Followed by the certificate */
575 * Payload of DNSSEC TLSA record.
576 * http://datatracker.ietf.org/doc/draft-ietf-dane-protocol/
578 struct GNUNET_TUN_DnsTlsaRecord
586 * 3: domain-issued cert
592 * What part will be matched against the cert
593 * presented by server
594 * 0: Full cert (in binary)
595 * 1: Full cert (in DER)
600 * Matching type (of selected content)
605 uint8_t matching_type;
608 * followed by certificate association data
609 * The "certificate association data" to be matched.
610 * These bytes are either raw data (that is, the full certificate or
611 * its SubjectPublicKeyInfo, depending on the selector) for matching
612 * type 0, or the hash of the raw data for matching types 1 and 2.
613 * The data refers to the certificate in the association, not to the
614 * TLS ASN.1 Certificate object.
616 * The data is represented as a string of hex chars
622 * Payload of GNS VPN record
624 struct GNUNET_TUN_GnsVpnRecord
627 * The peer to contact
629 struct GNUNET_PeerIdentity peer;
632 * The protocol to use
636 /* followed by the servicename */
643 struct GNUNET_TUN_DnsQueryLine
646 * Desired type (GNUNET_DNSPARSER_TYPE_XXX). (NBO)
648 uint16_t type GNUNET_PACKED;
651 * Desired class (usually GNUNET_TUN_DNS_CLASS_INTERNET). (NBO)
653 uint16_t dns_traffic_class GNUNET_PACKED;
658 * General DNS record prefix.
660 struct GNUNET_TUN_DnsRecordLine
663 * Record type (GNUNET_DNSPARSER_TYPE_XXX). (NBO)
665 uint16_t type GNUNET_PACKED;
668 * Record class (usually GNUNET_TUN_DNS_CLASS_INTERNET). (NBO)
670 uint16_t dns_traffic_class GNUNET_PACKED;
673 * Expiration for the record (in seconds). (NBO)
675 uint32_t ttl GNUNET_PACKED;
678 * Number of bytes of data that follow. (NBO)
680 uint16_t data_len GNUNET_PACKED;
684 #define GNUNET_TUN_ICMPTYPE_ECHO_REPLY 0
685 #define GNUNET_TUN_ICMPTYPE_DESTINATION_UNREACHABLE 3
686 #define GNUNET_TUN_ICMPTYPE_SOURCE_QUENCH 4
687 #define GNUNET_TUN_ICMPTYPE_REDIRECT_MESSAGE 5
688 #define GNUNET_TUN_ICMPTYPE_ECHO_REQUEST 8
689 #define GNUNET_TUN_ICMPTYPE_ROUTER_ADVERTISEMENT 9
690 #define GNUNET_TUN_ICMPTYPE_ROUTER_SOLICITATION 10
691 #define GNUNET_TUN_ICMPTYPE_TIME_EXCEEDED 11
693 #define GNUNET_TUN_ICMPTYPE6_DESTINATION_UNREACHABLE 1
694 #define GNUNET_TUN_ICMPTYPE6_PACKET_TOO_BIG 2
695 #define GNUNET_TUN_ICMPTYPE6_TIME_EXCEEDED 3
696 #define GNUNET_TUN_ICMPTYPE6_PARAMETER_PROBLEM 4
697 #define GNUNET_TUN_ICMPTYPE6_ECHO_REQUEST 128
698 #define GNUNET_TUN_ICMPTYPE6_ECHO_REPLY 129
704 struct GNUNET_TUN_IcmpHeader
708 uint16_t crc GNUNET_PACKED;
713 * ICMP Echo (request/reply)
717 uint16_t identifier GNUNET_PACKED;
718 uint16_t sequence_number GNUNET_PACKED;
722 * ICMP Destination Unreachable (RFC 1191)
726 uint16_t empty GNUNET_PACKED;
727 uint16_t next_hop_mtu GNUNET_PACKED;
728 /* followed by original IP header + first 8 bytes of original IP datagram */
729 } destination_unreachable;
734 struct in_addr redirect_gateway_address GNUNET_PACKED;
737 * MTU for packets that are too big (IPv6).
739 uint32_t packet_too_big_mtu GNUNET_PACKED;
746 GNUNET_NETWORK_STRUCT_END
750 * Initialize an IPv4 header.
752 * @param ip header to initialize
753 * @param protocol protocol to use (i.e. IPPROTO_UDP)
754 * @param payload_length number of bytes of payload that follow (excluding IPv4 header)
755 * @param src source IP address to use
756 * @param dst destination IP address to use
759 GNUNET_TUN_initialize_ipv4_header (struct GNUNET_TUN_IPv4Header *ip,
761 uint16_t payload_length,
762 const struct in_addr *src,
763 const struct in_addr *dst);
767 * Initialize an IPv6 header.
769 * @param ip header to initialize
770 * @param protocol protocol to use (i.e. IPPROTO_UDP)
771 * @param payload_length number of bytes of payload that follow (excluding IPv4 header)
772 * @param src source IP address to use
773 * @param dst destination IP address to use
776 GNUNET_TUN_initialize_ipv6_header (struct GNUNET_TUN_IPv6Header *ip,
778 uint16_t payload_length,
779 const struct in6_addr *src,
780 const struct in6_addr *dst);
783 * Calculate IPv4 TCP checksum.
785 * @param ip ipv4 header fully initialized
786 * @param tcp TCP header (initialized except for CRC)
787 * @param payload the TCP payload
788 * @param payload_length number of bytes of TCP @a payload
791 GNUNET_TUN_calculate_tcp4_checksum (const struct GNUNET_TUN_IPv4Header *ip,
792 struct GNUNET_TUN_TcpHeader *tcp,
794 uint16_t payload_length);
797 * Calculate IPv6 TCP checksum.
799 * @param ip ipv6 header fully initialized
800 * @param tcp TCP header (initialized except for CRC)
801 * @param payload the TCP payload
802 * @param payload_length number of bytes of TCP payload
805 GNUNET_TUN_calculate_tcp6_checksum (const struct GNUNET_TUN_IPv6Header *ip,
806 struct GNUNET_TUN_TcpHeader *tcp,
808 uint16_t payload_length);
811 * Calculate IPv4 UDP checksum.
813 * @param ip ipv4 header fully initialized
814 * @param udp UDP header (initialized except for CRC)
815 * @param payload the UDP payload
816 * @param payload_length number of bytes of UDP @a payload
819 GNUNET_TUN_calculate_udp4_checksum (const struct GNUNET_TUN_IPv4Header *ip,
820 struct GNUNET_TUN_UdpHeader *udp,
822 uint16_t payload_length);
826 * Calculate IPv6 UDP checksum.
828 * @param ip ipv6 header fully initialized
829 * @param udp UDP header (initialized except for CRC)
830 * @param payload the UDP payload
831 * @param payload_length number of bytes of @a payload
834 GNUNET_TUN_calculate_udp6_checksum (const struct GNUNET_TUN_IPv6Header *ip,
835 struct GNUNET_TUN_UdpHeader *udp,
837 uint16_t payload_length);
841 * Calculate ICMP checksum.
843 * @param icmp IMCP header (initialized except for CRC)
844 * @param payload the ICMP payload
845 * @param payload_length number of bytes of @a payload
848 GNUNET_TUN_calculate_icmp_checksum (struct GNUNET_TUN_IcmpHeader *icmp,
850 uint16_t payload_length);
854 * Create a regex in @a rxstr from the given @a ip and @a port.
856 * @param ip IPv4 representation.
857 * @param port destination port
858 * @param rxstr generated regex, must be at least #GNUNET_TUN_IPV4_REGEXLEN
862 GNUNET_TUN_ipv4toregexsearch (const struct in_addr *ip,
868 * Create a regex in @a rxstr from the given @a ipv6 and @a port.
870 * @param ipv6 IPv6 representation.
871 * @param port destination port
872 * @param rxstr generated regex, must be at least #GNUNET_TUN_IPV6_REGEXLEN
876 GNUNET_TUN_ipv6toregexsearch (const struct in6_addr *ipv6,
882 * Convert an exit policy to a regular expression. The exit policy
883 * specifies a set of subnets this peer is willing to serve as an
884 * exit for; the resulting regular expression will match the
885 * IPv6 address strings as returned by #GNUNET_TUN_ipv6toregexsearch.
887 * @param policy exit policy specification
888 * @return regular expression, NULL on error
891 GNUNET_TUN_ipv6policy2regex (const char *policy);
895 * Convert an exit policy to a regular expression. The exit policy
896 * specifies a set of subnets this peer is willing to serve as an
897 * exit for; the resulting regular expression will match the
898 * IPv4 address strings as returned by #GNUNET_TUN_ipv4toregexsearch.
900 * @param policy exit policy specification
901 * @return regular expression, NULL on error
904 GNUNET_TUN_ipv4policy2regex (const char *policy);
908 * Hash the service name of a hosted service to the
909 * hash code that is used to identify the service on
912 * @param service_name a string
913 * @param[out] hc corresponding hash
916 GNUNET_TUN_service_name_to_hash (const char *service_name,
917 struct GNUNET_HashCode *hc);
921 * Check if two sockaddrs are equal.
923 * @param sa one address
924 * @param sb another address
925 * @param include_port also check ports
926 * @return #GNUNET_YES if they are equal
929 GNUNET_TUN_sockaddr_cmp (const struct sockaddr *sa,
930 const struct sockaddr *sb,
935 * Compute the CADET port given a service descriptor
936 * (returned from #GNUNET_TUN_service_name_to_hash) and
937 * a TCP/UDP port @a ip_port.
939 * @param desc service shared secret
940 * @param ip_port TCP/UDP port, use 0 for ICMP
941 * @param[out] cadet_port CADET port to use
944 GNUNET_TUN_compute_service_cadet_port (const struct GNUNET_HashCode *desc,
946 struct GNUNET_HashCode *cadet_port);
950 /** @} */ /* end of group */