2 GoVPN -- simple secure free software virtual private network daemon
3 Copyright (C) 2014-2017 Sergey Matveev <stargrave@stargrave.org>
5 This program is free software: you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation, either version 3 of the License, or
8 (at your option) any later version.
10 This program is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 GNU General Public License for more details.
15 You should have received a copy of the GNU General Public License
16 along with this program. If not, see <http://www.gnu.org/licenses/>.
24 "github.com/Sirupsen/logrus"
25 "github.com/pkg/errors"
27 "cypherpunks.ru/govpn"
30 type udpSender struct {
35 func (c udpSender) Write(data []byte) (int, error) {
36 return c.conn.WriteToUDP(data, c.addr)
39 // TODO move to udpSender (?)
40 // buffers for UDP parallel processing
41 var udpBufs = make(chan []byte, 1<<8)
43 func (s *Server) startUDP() {
44 bind, err := net.ResolveUDPAddr("udp", s.configuration.BindAddress)
46 s.Error <- errors.Wrap(err, "net.ResolveUDPAddr")
49 conn, err := net.ListenUDP("udp", bind)
51 s.Error <- errors.Wrapf(err, "net.ListenUDP %q", bind.String())
55 fields := logrus.Fields{
56 "func": logFuncPrefix + "Server.startUDP",
57 "bind": bind.String(),
64 s.configuration.LogFields(),
66 udpBufs <- make([]byte, govpn.MTUMax)
69 var raddr *net.UDPAddr
74 var hs *govpn.Handshake
77 var peerID *govpn.PeerID
78 var conf *govpn.PeerConf
80 s.logger.WithFields(fields).Debug("Wait for UDP buffer")
82 n, raddr, err = conn.ReadFromUDP(buf)
88 ).WithError(err).Debug("Receive failure")
92 loopFields := logrus.Fields{"addr": addr}
98 ).Debug("Got UDP buffer, check if peer exists")
100 ps, exists = s.peers[addr]
101 s.peersLock.RUnlock()
107 ).Debug("Already known peer, PktProcess")
108 go func(peer *govpn.Peer, tap *govpn.TAP, buf []byte, n int) {
109 peer.PktProcess(buf[:n], tap, true)
111 }(ps.peer, ps.tap, buf, n)
115 logrus.WithFields(fields).WithFields(loopFields).Debug("New peer")
117 hs, exists = s.handshakes[addr]
124 ).Debug("No handshake yet, try to figure peer ID")
125 peerID, err = s.idsCache.Find(buf[:n])
133 ).WithError(err).Debug("Couldn't lookup for peer in ids")
144 ).Debug("Identity unknown")
149 loopFields["peer_id"] = peerID.String()
150 s.logger.WithFields(fields).WithFields(loopFields).Debug("Found peer ID")
151 conf = s.confs.Get(*peerID)
160 s.configuration.LogFields(),
161 ).Error("Peer try to connect, but not configured")
170 ).Debug("Got configuration, perform handshake")
171 hs = govpn.NewHandshake(
173 udpSender{conn: conn, addr: raddr},
176 _, err := hs.Server(buf[:n])
183 ).WithError(err).WithFields(
185 ).Error("Can't create new peer: handshake failed")
194 ).Info("Hashshake started, continue next packet")
197 s.handshakes[addr] = hs
206 ).Debug("Already go handshake, finish it")
207 peer, err := hs.Server(buf[:n])
213 ).WithError(err).WithFields(
215 ).Error("Can't create new peer: handshake failed")
226 ).Error("Couldn't continue handshake")
239 ).Info("Handshake completed")
243 delete(s.handshakes, addr)
247 udpBufs <- make([]byte, govpn.MTUMax)
248 udpBufs <- make([]byte, govpn.MTUMax)
250 s.peersByIDLock.RLock()
251 addrPrev, exists = s.peersByID[*peer.ID]
252 s.peersByIDLock.RUnlock()
259 ).Debug("Peer already exists")
261 s.peers[addrPrev].terminator <- struct{}{}
264 tap: s.peers[addrPrev].tap,
265 terminator: make(chan struct{}),
267 peer.Protocol = govpn.ProtocolUDP
269 go func(peer *govpn.Peer, tap *govpn.TAP, terminator chan struct{}) {
270 govpn.PeerTapProcessor(peer, tap, terminator)
273 }(psNew.peer, psNew.tap, psNew.terminator)
275 s.peersByIDLock.Lock()
277 delete(s.peers, addrPrev)
278 delete(s.knownPeers, addrPrev)
279 s.peers[addr] = psNew
280 s.knownPeers[addr] = &peer
281 s.peersByID[*peer.ID] = addr
283 s.peersByIDLock.Unlock()
294 ).Debug("Rehandshake completed")
296 go func(addr string, peer *govpn.Peer) {
301 ).Debug("Peer do not already exists")
302 tap, err := s.callUp(peer, govpn.ProtocolUDP)
312 ).WithError(err).Error("TAP failed")
318 terminator: make(chan struct{}),
320 peer.Protocol = govpn.ProtocolUDP
321 go func(peer *govpn.Peer, tap *govpn.TAP, terminator chan struct{}) {
322 govpn.PeerTapProcessor(peer, tap, terminator)
325 }(psNew.peer, psNew.tap, psNew.terminator)
327 s.peersByIDLock.Lock()
329 s.peers[addr] = psNew
330 s.knownPeers[addr] = &peer
331 s.peersByID[*peer.ID] = addr
333 s.peersByIDLock.Unlock()
343 ).Info("Peer initialized")