From 243f6bf87e9e0645b9de3cf8c39ba443d77735a1 Mon Sep 17 00:00:00 2001 From: wangyu Date: Wed, 19 Jul 2017 06:05:08 +0800 Subject: [PATCH] everything works except anti-replay window --- encryption.cpp | 43 ++++++++++++++++++++++++++-------- main.cpp | 63 ++++++++++++++++++++++++++++++++++++++++++++++---- makefile | 2 +- 3 files changed, 93 insertions(+), 15 deletions(-) diff --git a/encryption.cpp b/encryption.cpp index 3fabfc1..e8619c3 100755 --- a/encryption.cpp +++ b/encryption.cpp @@ -13,11 +13,17 @@ static uint8_t g_key[]={1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16, 0,0,0,0}; static uint8_t buf[65535+100]; +static const int disable_all=0; + +static const int disable_aes=0; int my_encrypt(uint8_t *data,uint8_t *output,int &len,uint8_t * key) { - memcpy(output,data,len); - return 0; + if(disable_all) + { + memcpy(output,data,len); + return 0; + } int ori_len=len; @@ -40,28 +46,47 @@ int my_encrypt(uint8_t *data,uint8_t *output,int &len,uint8_t * key) //memcpy(buf,data,len); //not thread safe - AES_CBC_encrypt_buffer((unsigned char *)output,(unsigned char *)data,len,(unsigned char *)key,(unsigned char *)zero_iv); - //it doesnt allow over lap + if(disable_aes) + { + memcpy(output,data,len); + + } + else + { + AES_CBC_encrypt_buffer((unsigned char *)output,(unsigned char *)data,len,(unsigned char *)key,(unsigned char *)zero_iv); + //it doesnt allow over lap + } + return 0; } int my_decrypt(uint8_t *data,uint8_t *output,int &len,uint8_t * key) { - memcpy(output,data,len); - return 0; - + if(disable_all) + { + memcpy(output,data,len); + return 0; + } uint8_t md5_res[16]; if(len>65535) return -1; if(len<32) return -1; if(len%16 !=0) return -1; - //memcpy(buf,data,len); - AES_CBC_decrypt_buffer((unsigned char *)output,(unsigned char *)data,len,(unsigned char *)key,(unsigned char *)zero_iv); + if(disable_aes) + { + memcpy(output,data,len); + } + else + { + AES_CBC_decrypt_buffer((unsigned char *)output,(unsigned char *)data,len,(unsigned char *)key,(unsigned char *)zero_iv); + } + //printf("%d %d\n",data[len-16-2],data[len-16-1]); //printf("<<%d>>",len); + md5(output,len-16,md5_res); if(memcmp(output+len-16,md5_res,16)!=0) diff --git a/main.cpp b/main.cpp index 3215f7e..17286f4 100755 --- a/main.cpp +++ b/main.cpp @@ -55,7 +55,9 @@ const int handshake_timeout=1000; const int heartbeat_timeout=10000; const int udp_timeout=2000; -const int timer_interval=400; +const int heartbeat_interval=1000; + +const int timer_interval=50; //const uint16_t tcp_window=50000; @@ -74,7 +76,7 @@ const int seq_mode=2; //0 dont increase /1 increase //increase randomly,abo const uint64_t epoll_timer_fd_sn=1; const uint64_t epoll_raw_recv_fd_sn=2; -uint64_t epoll_udp_fd_sn=256; +uint64_t epoll_udp_fd_sn=256; //udp_fd_sn =256,512,768......the lower 8 bit is not used,to avoid confliction const int server_nothing=0; @@ -85,6 +87,7 @@ int server_current_state=server_nothing; long long last_hb_recv_time; long long last_udp_recv_time=0; +int socket_buf_size=1024*1024*4; int udp_fd=-1; int raw_recv_fd; @@ -126,7 +129,9 @@ const int client_ready=3; int client_current_state=client_nothing; int retry_counter; -long long last_state_time; +long long last_state_time=0; + +long long last_hb_sent_time=0; uint16_t ip_id=1; //const int MTU=1440; @@ -226,17 +231,45 @@ void setnonblocking(int sock) { } } - +int set_udp_buf_size(int fd) +{ + if(setsockopt(fd, SOL_SOCKET, SO_SNDBUFFORCE, &socket_buf_size, sizeof(socket_buf_size))<0) + { + printf("SO_SNDBUFFORCE fail\n"); + exit(1); + } + if(setsockopt(fd, SOL_SOCKET, SO_RCVBUFFORCE, &socket_buf_size, sizeof(socket_buf_size))<0) + { + printf("SO_RCVBUFFORCE fail\n"); + exit(1); + } + return 0; +} int init_raw_socket() { + raw_send_fd = socket(AF_INET , SOCK_RAW , IPPROTO_TCP); + + if(raw_send_fd == -1) { perror("Failed to create raw_send_fd"); exit(1); } + + if(setsockopt(raw_send_fd, SOL_SOCKET, SO_SNDBUFFORCE, &socket_buf_size, sizeof(socket_buf_size))<0) + { + printf("SO_SNDBUFFORCE fail\n"); + exit(1); + } //raw_fd = socket(AF_PACKET, SOCK_DGRAM, htons(ETH_P_ALL)); raw_recv_fd= socket(PF_PACKET, SOCK_RAW, htons(ETH_P_IP)); + + if(setsockopt(raw_recv_fd, SOL_SOCKET, SO_RCVBUFFORCE, &socket_buf_size, sizeof(socket_buf_size))<0) + { + printf("SO_RCVBUFFORCE fail\n"); + exit(1); + } //raw_fd=socket(AF_PACKET , SOCK_RAW , htons(ETH_P_IP)); // packet_recv_sd = socket(AF_INET , SOCK_RAW , IPPROTO_TCP); if(raw_recv_fd == -1) { @@ -704,7 +737,7 @@ int client_bind_to_a_new_port() } int fake_tcp_keep_connection_client() //for client { - //printf("timer!"); + if(debug_mode)printf("timer!\n"); //fflush(stdout); begin: if(client_current_state==client_nothing) @@ -774,6 +807,12 @@ int fake_tcp_keep_connection_client() //for client printf("state back to nothing\n"); return 0; } + + if(get_current_time()-last_hb_sent_time\n",session_id); fflush(stdout); @@ -1164,6 +1213,7 @@ int server_raw_recv(iphdr * iph,tcphdr *tcph,char * data,int data_len) remote_addr_in.sin_port = htons(remote_port); remote_addr_in.sin_addr.s_addr = inet_addr(remote_address); udp_fd=socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP); + set_udp_buf_size(udp_fd); printf("created new udp_fd"); int ret = connect(udp_fd, (struct sockaddr *) &remote_addr_in, slen); @@ -1382,6 +1432,8 @@ int client() //g_packet_info.src_port=source_port; udp_fd=socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP); + set_udp_buf_size(udp_fd); + int yes = 1; //setsockopt(udp_fd, SOL_SOCKET, SO_REUSEADDR, &yes, sizeof(yes)); @@ -1605,6 +1657,7 @@ int server() } int main(int argc, char *argv[]) { + g_packet_info.ack_seq=get_true_random_number(); g_packet_info.seq=get_true_random_number(); int i, j, k; diff --git a/makefile b/makefile index 3406177..0e7e2f1 100755 --- a/makefile +++ b/makefile @@ -2,6 +2,6 @@ ccmips=mips-openwrt-linux-g++ all: killall raw||true sleep 1 - g++ main.cpp -o raw -static -lrt -ggdb -I. aes.c md5.c encryption.cpp + g++ main.cpp -o raw -static -lrt -ggdb -I. aes.c md5.c encryption.cpp -O3 # ${ccmips} main.cpp -o rawmips -static -lgcc_eh -lrt