mirrors/iodine
1
0
Fork 0
mirror of https://github.com/yarrick/iodine.git synced 2024-11-13 03:43:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

Release 0.4.1 tagged

Browse source
This commit is contained in:
Erik Ekman 2007-11-30 22:11:30 +00:00
parent 4d4da3eb87
commit d27bd67997
34 changed files with 1231 additions and 574 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
CHANGELOG
View file

@ -1,12 +1,22 @@
iodine - IP over DNS is now easy
iodine - http://code.kryo.se/iodine
http://code.kryo.se/iodine
********************************
***********************************
CHANGES:
2007-11-30: 0.4.1 "Tea Online"
- Introduced encoding API
- Switched to new Base32 implementation
- Added Base64 implementation that only uses 63 chars (not used yet)
- Refined 'install' make target and use $(MAKE) for recursive calls
- All received error messages (RCODE field) are echoed
- Top domain limited to 128 chars
- Case preservation check sent after login to decide codec
- Fixed crash on incoming NULL query in server with bad top domain
- /etc/resolv.conf is consulted if no nameserver is given on commandline
- Applied patch from Matthew W. S. Bell (Detach before chroot/dropping priv)
2007-03-25: 0.4.0 "Run Home"
- Added multiuser support (up to 8 users simultaneously)
- Added authentication (password entered as argument or on stdin)

36
Makefile
View file

@ -1,6 +1,11 @@
PREFIX=/usr/local
prefix=/usr/local
sbindir=$(prefix)/sbin
datadir=$(prefix)/share
mandir=$(datadir)/man
INSTALL=/usr/bin/install
DESTDIR=
INSTALL=install
INSTALL_FLAGS=
MKDIR=mkdir
@ -10,26 +15,31 @@ RM=rm
RM_FLAGS=-f
all:
@(cd src; make all)
@(cd src; $(MAKE) all)
install: all
$(MKDIR) $(MKDIR_FLAGS) $(PREFIX)/sbin
$(INSTALL) $(INSTALL_FLAGS) bin/iodine $(PREFIX)/sbin/iodine
$(INSTALL) $(INSTALL_FLAGS) bin/iodined $(PREFIX)/sbin/iodined
$(MKDIR) $(MKDIR_FLAGS) $(PREFIX)/man/man8
$(INSTALL) $(INSTALL_FLAGS) man/iodine.8 $(PREFIX)/man/man8/iodine.8
$(MKDIR) $(MKDIR_FLAGS) $(DESTDIR)$(sbindir)
$(INSTALL) $(INSTALL_FLAGS) bin/iodine $(DESTDIR)$(sbindir)/iodine
chmod 755 $(DESTDIR)$(sbindir)/iodine
$(INSTALL) $(INSTALL_FLAGS) bin/iodined $(DESTDIR)$(sbindir)/iodined
chmod 755 $(DESTDIR)$(sbindir)/iodined
$(MKDIR) $(MKDIR_FLAGS) $(DESTDIR)$(mandir)/man8
$(INSTALL) $(INSTALL_FLAGS) man/iodine.8 $(DESTDIR)$(mandir)/man8/iodine.8
chmod 644 $(DESTDIR)$(mandir)/man8/iodine.8
uninstall:
$(RM) $(RM_FLAGS) $(PREFIX)/sbin/iodine
$(RM) $(RM_FLAGS) $(PREFIX)/sbin/iodined
$(RM) $(RM_FLAGS) $(PREFIX)/man/man8/iodine.8
$(RM) $(RM_FLAGS) $(DESTDIR)$(sbindir)/iodine
$(RM) $(RM_FLAGS) $(DESTDIR)$(sbindir)/iodined
$(RM) $(RM_FLAGS) $(DESTDIR)$(mandir)/man8/iodine.8
test: all
@echo "!! The check library is required for compiling and running the tests"
@echo "!! Get it at http://check.sf.net"
@(cd tests; make all)
clean:
@echo "Cleaning..."
@(cd src; make clean)
@(cd tests; make clean)
@(cd src; $(MAKE) clean)
@(cd tests; $(MAKE) clean)
@rm -rf bin

27
README
View file

@ -1,9 +1,7 @@
iodine - IP over DNS is now easy
iodine - http://code.kryo.se/iodine
http://code.kryo.se/iodine
********************************
***********************************
This is a piece of software that lets you tunnel IPv4 data through a DNS
server. This can be usable in different situations where internet access is
@ -30,13 +28,18 @@ HOW TO USE:
Server side:
To use this tunnel, you need control over a real domain (like mytunnel.com),
and a server with a static public IP number that does not yet run a DNS
server. Then, delegate a subdomain (say, tunnel1.mytunnel.com) to the server.
If you use BIND for the domain, add these lines to the zone file:
and a server with a public IP number (not behind NAT) that does not yet run
a DNS server. Then, delegate a subdomain (say, tunnel1.mytunnel.com) to the
server. If you use BIND for the domain, add these lines to the zone file:
tunnel1host IN A 10.15.213.99
tunnel1 IN NS tunnel1host.mytunnel.com.
Do not use CNAME instead of A above.
If your server has a dynamic IP, use a dynamic dns provider:
tunnel1 IN NS tunnel1host.mydyndnsprovider.com
Now any DNS querys for domains ending with tunnel1.mytunnnel.com will be sent
to your server. Start iodined on the server. The first argument is the tunnel
IP address (like 192.168.99.1) and the second is the assigned domain (in this
@ -60,13 +63,11 @@ either side.
MISC. INFO:
Note that you can have only one client per server at the same time. This is
because of the fragmentation of big packets going upstream, and will be fixed
in future versions.
Try experimenting with the MTU size (-m option) to get maximum bandwidth. It is
set to 1024 by default, which seems to work with most DNS servers. If you have
problems, try setting it to below 512.
problems, try setting it to 220 as this ensures all packets to be < 512 bytes.
Some DNS servers enforce a 512 byte packet limit, and this is probably the case
if you can ping through the tunnel but not login via SSH.
If you have problems, try inspecting the traffic with network monitoring tools
and make sure that the relaying DNS server has not cached the response. A
@ -90,7 +91,7 @@ iptables -t nat -A PREROUTING -i eth0 -p udp --dport 53 -j DNAT --to :5353
PORTABILITY:
iodine has been tested on Linux (arm, ia64, x86, AMD64 and SPARC64), FreeBSD
(ia64, x86), OpenBSD (x86), NetBSD (x86) and MacOS X (10.3, ppc, with
(ia64, x86), OpenBSD (x86), NetBSD (x86) and MacOS X (ppc and x86, with
http://www-user.rhrk.uni-kl.de/~nissler/tuntap/). It should work on other
unix-like systems as well that has TUN/TAP tunneling support (after some
patching). Let us know if you get it to run on other platforms.

6
TODO
View file

@ -1,9 +1,7 @@
iodine - IP over DNS is now easy
iodine - http://code.kryo.se/iodine
http://code.kryo.se/iodine
********************************
***********************************
The TODO list is now located at

13
man/iodine.8
View file

@ -1,5 +1,5 @@
.\" groff -man -Tascii iodine.8
.TH IODINE 8 "FEB 2007" "User Manuals"
.TH IODINE 8 "JUN 2007" "User Manuals"
.SH NAME
iodine, iodined \- tunnel IPv4 over DNS
.SH SYNOPSIS
@ -16,7 +16,9 @@ iodine, iodined \- tunnel IPv4 over DNS
.B ] [-d
.I device
.B ]
.B [
.I nameserver
.B ]
.I topdomain
.B iodined [-v]
@ -93,7 +95,8 @@ You must make sure the dns requests are forwarded to this port yourself.
.B nameserver
The nameserver to use to relay the dns traffic. This can be any relaying
nameserver or the ip number of the server running iodined if reachable.
Normally, you should specify a nameserver from your
This argument is optional, and if not specified a nameserver will be read
from the
.I /etc/resolv.conf
file.
.TP
@ -179,6 +182,12 @@ The normal case is to route all traffic through the DNS tunnel. To do this, firs
add a route to the nameserver you use with the default gateway as gateway. Then
replace the default gateway with the servers IP address within the DNS tunnel,
and configure the server to do NAT.
.TP
.B MTU issues:
Some relaying DNS servers enforce a 512 byte packet limit. All larger packets are
simply dropped. If you can ping through the tunnel but not login via SSH, this is
most likely the case. Set the MTU on the server to 220 to ensure that all packets
are less than 512 bytes. This will however greatly affect performance.
.SH BUGS
File bugs at http://dev.kryo.se/iodine/
.SH AUTHORS

13
src/Makefile
View file

@ -1,8 +1,9 @@
CC = gcc
COMMONOBJS = tun.o dns.o read.o encoding.o login.o base32.o base64.o md5.o common.o
CLIENTOBJS = iodine.o
CLIENT = ../bin/iodine
CLIENTOBJS = iodine.o tun.o dns.o read.o encoding.o login.o base32.o md5.o common.o
SERVEROBJS = iodined.o user.o
SERVER = ../bin/iodined
SERVEROBJS = iodined.o tun.o dns.o read.o encoding.o login.o base32.o md5.o common.o user.o
OS = `uname | tr "a-z" "A-Z"`
ARCH = `uname -m`
@ -15,15 +16,15 @@ all: stateos $(CLIENT) $(SERVER) $(TESTSUITE)
stateos:
@echo OS is $(OS), arch is $(ARCH)
$(CLIENT): $(CLIENTOBJS)
$(CLIENT): $(COMMONOBJS) $(CLIENTOBJS)
@echo LD $@
@mkdir -p ../bin
@$(CC) $(CLIENTOBJS) -o $(CLIENT) $(LDFLAGS)
@$(CC) $(COMMONOBJS) $(CLIENTOBJS) -o $(CLIENT) $(LDFLAGS)
$(SERVER): $(SERVEROBJS)
$(SERVER): $(COMMONOBJS) $(SERVEROBJS)
@echo LD $@
@mkdir -p ../bin
@$(CC) $(SERVEROBJS) -o $(SERVER) $(LDFLAGS)
@$(CC) $(COMMONOBJS) $(SERVEROBJS) -o $(SERVER) $(LDFLAGS)
.c.o:
@echo CC $<

152
src/base32.c
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2006-2007 Bjorn Andersson <flex@kryo.se>
* Copyright (c) 2006-2007 Bjorn Andersson <flex@kryo.se>, Erik Ekman <yarrick@kryo.se>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
@ -18,140 +18,160 @@
#include <stdlib.h>
#include <string.h>
#include "encoding.h"
#include "base32.h"
static const char cb32[] =
"abcdefghijklmnopqrstuvwxyz0123456789";
static unsigned char rev32[128];
static int reverse_init = 0;
static struct encoder base32_encoder =
{
"BASE32",
base32_encode,
base32_decode,
base32_handles_dots,
base32_handles_dots
};
struct encoder
*get_base32_encoder()
{
return &base32_encoder;
}
int
base32_encode(char **buf, size_t *buflen, const void *data, size_t size)
base32_handles_dots()
{
return 0;
}
int
base32_encode(char *buf, size_t *buflen, const void *data, size_t size)
{
size_t newsize;
char *newbuf;
char *s;
char *p;
char *q;
size_t maxsize;
unsigned char *s;
unsigned char *p;
unsigned char *q;
int i;
newsize = 8 * (size / 5 + 1) + 1;
if (newsize > *buflen) {
if ((newbuf = realloc(*buf, newsize)) == NULL) {
free(*buf);
*buf = NULL;
*buflen = 0;
return 0;
}
memset(buf, 0, *buflen);
*buf = newbuf;
*buflen = newsize;
/* how many chars can we encode within the buf */
maxsize = 5 * (*buflen / 8 - 1) - 1;
/* how big will the encoded data be */
newsize = 8 * (size / 5 + 1) + 1;
/* if the buffer is too small, eat some of the data */
if (*buflen < newsize) {
size = maxsize;
}
p = s = *buf;
q = (char*)data;
p = s = (unsigned char *) buf;
q = (unsigned char *)data;
for(i=0;i<size;i+=5) {
p[0] = cb32[(q[0] >> 3)];
p[1] = cb32[((q[0] & 0x07) << 2) | ((q[1] & 0xc0) >> 6)];
p[0] = cb32[((q[0] & 0xf8) >> 3)];
p[1] = cb32[(((q[0] & 0x07) << 2) | ((q[1] & 0xc0) >> 6))];
p[2] = (i+1 < size) ? cb32[((q[1] & 0x3e) >> 1)] : '\0';
p[3] = (i+1 < size) ? cb32[((q[1] & 0x01) << 4) | ((q[2] & 0xf0) >> 4)] : '\0';
p[4] = (i+2 < size) ? cb32[((q[2] & 0x0f) << 1) | ((q[3] & 0x80) >> 7)] : '\0';
p[5] = (i+3 < size) ? cb32[((q[3] & 0x3e) >> 2)] : '\0';
p[6] = (i+3 < size) ? cb32[((q[3] & 0x03) << 3) | ((q[4] & 0xe0) > 5)] : '\0';
p[5] = (i+3 < size) ? cb32[((q[3] & 0x7c) >> 2)] : '\0';
p[6] = (i+3 < size) ? cb32[((q[3] & 0x03) << 3) | ((q[4] & 0xe0) >> 5)] : '\0';
p[7] = (i+4 < size) ? cb32[((q[4] & 0x1f))] : '\0';
q += 5;
p += 8;
}
*p = 0;
return strlen(s);
/* store number of bytes from data that was used */
*buflen = size;
return strlen(buf) - 1;
}
#define DECODE_ERROR 0xffffffff
#define REV32(x) rev32[(int) (x)]
static int
pos(char c)
decode_token(const unsigned char *t, unsigned char *data, size_t len)
{
const char *p;
for (p = cb32; *p; p++)
if (*p == c)
return p - cb32;
return -1;
}
static int
decode_token(const char *t, char *data)
{
int len;
len = strlen(t);
if (len < 2)
return 0;
data[0] = ((pos(t[0]) & 0x1f) << 3) |
((pos(t[1]) & 0x1c) >> 2);
data[0] = ((REV32(t[0]) & 0x1f) << 3) |
((REV32(t[1]) & 0x1c) >> 2);
if (len < 4)
return 1;
data[1] = ((pos(t[1]) & 0x03) << 6) |
((pos(t[2]) & 0x1f) << 1) |
((pos(t[3]) & 0x10) >> 4);
data[1] = ((REV32(t[1]) & 0x03) << 6) |
((REV32(t[2]) & 0x1f) << 1) |
((REV32(t[3]) & 0x10) >> 4);
if (len < 5)
return 2;
data[2] = ((pos(t[3]) & 0x0f) << 4) |
((pos(t[4]) & 0x1e) >> 1);
data[2] = ((REV32(t[3]) & 0x0f) << 4) |
((REV32(t[4]) & 0x1e) >> 1);
if (len < 7)
return 3;
data[3] = ((pos(t[4]) & 0x01) << 7) |
((pos(t[5]) & 0x1f) << 2) |
((pos(t[6]) & 0x18) >> 3);
data[3] = ((REV32(t[4]) & 0x01) << 7) |
((REV32(t[5]) & 0x1f) << 2) |
((REV32(t[6]) & 0x18) >> 3);
if (len < 8)
return 4;
data[4] = ((pos(t[6]) & 0x07) << 5) |
((pos(t[7]) & 0x1f));
data[4] = ((REV32(t[6]) & 0x07) << 5) |
((REV32(t[7]) & 0x1f));
return 5;
}
int
base32_decode(void **buf, size_t *buflen, const char *str)
base32_decode(void *buf, size_t *buflen, const char *str, size_t slen)
{
unsigned char *q;
size_t newsize;
size_t maxsize;
const char *p;
char *newbuf;
unsigned char c;
int len;
newsize = 5 * (strlen(str) / 8 + 1) + 1;
if (newsize > *buflen) {
if ((newbuf = realloc(*buf, newsize)) == NULL) {
free(*buf);
*buf = NULL;
*buflen = 0;
return 0;
}
int i;
*buf = newbuf;
*buflen = newsize;
if (!reverse_init) {
for (i = 0; i < 32; i++) {
c = cb32[i];
rev32[(int) c] = i;
}
reverse_init = 1;
}
/* chars needed to decode slen */
newsize = 5 * (slen / 8 + 1) + 1;
/* encoded chars that fit in buf */
maxsize = 8 * (*buflen / 5 + 1) + 1;
/* if the buffer is too small, eat some of the data */
if (*buflen < newsize) {
slen = maxsize;
}
q = *buf;
q = buf;
for (p = str; *p && strchr(cb32, *p); p += 8) {
len = decode_token(p, (char *) q);
len = decode_token((unsigned char *) p, (unsigned char *) q, slen);
q += len;
slen -= 8;
if (len < 5)
break;
}
*q = '\0';
return q - (unsigned char *) *buf;
return q - (unsigned char *) buf;
}

8
src/base32.h
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2006-2007 Bjorn Andersson <flex@kryo.se>
* Copyright (c) 2006-2007 Bjorn Andersson <flex@kryo.se>, Erik Ekman <yarrick@kryo.se>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
@ -17,7 +17,9 @@
#ifndef __BASE32_H__
#define __BASE32_H__
int base32_encode(char **, size_t *, const void *, size_t);
int base32_decode(void **, size_t *, const char *);
struct encoder *get_base32_encoder(void);
int base32_handles_dots();
int base32_encode(char *, size_t *, const void *, size_t);
int base32_decode(void *, size_t *, const char *, size_t);
#endif

338
src/base64.c Normal file
View file

@ -0,0 +1,338 @@
/*
* Copyright (c) 2006-2007 Bjorn Andersson <flex@kryo.se>, Erik Ekman <yarrick@kryo.se>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include "encoding.h"
#include "common.h"
#include "base64.h"
static const char cb64[] =
"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ-0123456789.";
static unsigned char rev64[128];
static int reverse_init = 0;
#define REV64(x) rev64[(int) (x)]
#define MODE (cb64[62])
#define P62 (cb64[62])
#define P63 (cb64[63])
static struct encoder base64_encoder =
{
"BASE64",
base64_encode,
base64_decode,
base64_handles_dots,
base64_handles_dots
};
struct encoder
*get_base64_encoder()
{
return &base64_encoder;
}
int
base64_handles_dots()
{
return 0;
}
static void
findesc(int *count, unsigned char *esc, char c1, char c2, char c3, char c4)
{
int min1 = 0;
int min2 = 0;
int num1 = 0xFF; /* a very big number */
int num2 = 0xFE; /* a nearly as big number */
int i;
/* check if no more escapes needed */
if (count[62] == 0 && count[63] == 0) {
esc[0] = MODE;
esc[1] = MODE;
return;
}
for (i = 0; i < 62; i++) {
if (i == c1 || i == c2 || i == c3 || i == c4) {
continue;
}
if (count[i] < num1) {
min2 = min1;
num2 = num1;
min1 = i;
num1 = count[i];
} else if (count[i] < num2) {
min2 = i;
num2 = count[i];
}
}
esc[0] = cb64[min1];
esc[1] = cb64[min2];
}
static void
escape_chars(char *buf, size_t buflen)
{
int counter[64];
int escapes;
int reset;
int i;
unsigned char temp[4096];
unsigned char *r;
unsigned char *w;
unsigned char *e;
unsigned char esc[2];
memset(counter, 0, sizeof(counter));
esc[0] = P62;
esc[1] = P63;
/* first, find the number of times each token is used */
r = (unsigned char *) buf;
w = temp;
while (*r) {
counter[REV64(*r)]++;
*w++ = *r++;
}
/* check if work needed */
if (counter[62] == 0 && counter[63] == 0)
return;
r = temp;
w = (unsigned char *) buf;
reset = 1;
escapes = 0;
/* check a block for esc chars */
while (*r) {
if (reset == 0 && escapes == 0 && (
r[0] == esc[0] || r[1] == esc[0] ||r[2] == esc[0] ||r[2] == esc[0] ||
r[0] == esc[1] || r[1] == esc[1] ||r[2] == esc[1] ||r[2] == esc[1])) {
/* last set of escape chars were unused.
* if we reset last escape switch then maybe we dont have to switch now */
/* change the latest escape switch to 999 (RESET) */
e[1] = MODE;
e[2] = MODE;
/* store default esc chars */
esc[0] = P62;
esc[1] = P63;
reset = 1;
}
/* these two if blocks can not be combined because a block can contain both
* char 9 and/or . and the current escape chars. */
if (r[0] == esc[0] || r[1] == esc[0] ||r[2] == esc[0] ||r[2] == esc[0] ||
r[0] == esc[1] || r[1] == esc[1] ||r[2] == esc[1] ||r[2] == esc[1]) {
/* switch escape chars */
escapes = 0;
reset = 0;
/* find 2 suitable escape chars */
findesc(counter, esc, REV64(r[0]), REV64(r[1]), REV64(r[2]), REV64(r[3]));
/* store escape switch position */
e = w;
/* write new escape chars */
*w++ = MODE;
*w++ = esc[0];
*w++ = esc[1];
}
/* update counter on remaining chars */
for (i = 0; i < 4; i++) {
if (r[i])
counter[REV64(r[i])]--;
}
/* do the escaping */
for (i = 0; i < 4; i++) {
if (r[i] == P62) {
r[i] = esc[0];
escapes++;
} else if (r[i] == P63) {
r[i] = esc[1];
escapes++;
}
}
/* copy back to buf */
*w++ = *r++;
*w++ = *r++;
*w++ = *r++;
*w++ = *r++;
}
}
int
base64_encode(char *buf, size_t *buflen, const void *data, size_t size)
{
size_t newsize;
size_t maxsize;
unsigned char c;
unsigned char *s;
unsigned char *p;
unsigned char *q;
int i;
memset(buf, 0, *buflen);
if (!reverse_init) {
for (i = 0; i < 64; i++) {
c = cb64[i];
rev64[(int) c] = i;
}
reverse_init = 1;
}
/* how many chars can we encode within the buf */
maxsize = 3 * (*buflen / 4 - 1) - 1;
/* how big will the encoded data be */
newsize = 4 * (size / 3 + 1) + 1;
/* if the buffer is too small, eat some of the data */
if (*buflen < newsize) {
size = maxsize;
}
p = s = (unsigned char *) buf;
q = (unsigned char *)data;
for(i=0;i<size;i+=3) {
p[0] = cb64[((q[0] & 0xfc) >> 2)];
p[1] = cb64[(((q[0] & 0x03) << 4) | ((q[1] & 0xf0) >> 4))];
p[2] = (i+1 < size) ? cb64[((q[1] & 0x0f) << 2 ) | ((q[2] & 0xc0) >> 6)] : '\0';
p[3] = (i+2 < size) ? cb64[(q[2] & 0x3f)] : '\0';
q += 3;
p += 4;
}
*p = 0;
escape_chars(buf, *buflen);
/* store number of bytes from data that was used */
*buflen = size;
return strlen(buf) - 1;
}
#define DECODE_ERROR 0xffffffff
static int
decode_token(const unsigned char *t, unsigned char *data, size_t len)
{
if (len < 2)
return 0;
data[0] = ((REV64(t[0]) & 0x3f) << 2) |
((REV64(t[1]) & 0x30) >> 4);
if (len < 3)
return 1;
data[1] = ((REV64(t[1]) & 0x0f) << 4) |
((REV64(t[2]) & 0x3c) >> 2);
if (len < 4)
return 2;
data[2] = ((REV64(t[2]) & 0x03) << 6) |
(REV64(t[3]) & 0x3f);
return 3;
}
int
base64_decode(void *buf, size_t *buflen, const char *str, size_t slen)
{
unsigned char *q;
size_t newsize;
size_t maxsize;
const char *p;
unsigned char c;
unsigned char block[4];
unsigned char prot62;
unsigned char prot63;
int len;
int i;
if (!reverse_init) {
for (i = 0; i < 64; i++) {
c = cb64[i];
rev64[(int) c] = i;
}
reverse_init = 1;
}
/* chars needed to decode slen */
newsize = 3 * (slen / 4 + 1) + 1;
/* encoded chars that fit in buf */
maxsize = 4 * (*buflen / 3 + 1) + 1;
/* if the buffer is too small, eat some of the data */
if (*buflen < newsize) {
slen = maxsize;
}
prot62 = P62;
prot63 = P63;
q = buf;
for (p = str; *p; p += 4) {
/* handle escape instructions */
if (*p == MODE) {
p++;
if (p[0] == MODE && p[1] == MODE) {
/* reset escape chars */
prot62 = P62;
prot63 = P63;
p += 2;
} else {
prot62 = *p++;
prot63 = *p++;
}
}
/* since the str is const, we unescape in another buf */
for (i = 0; i < 4; i++) {
block[i] = p[i];
if (prot62 == block[i]) {
block[i] = P62;
} else if (prot63 == block[i]) {
block[i] = P63;
}
}
len = decode_token(block, (unsigned char *) q, slen);
q += len;
slen -= 4;
if (len < 3)
break;
}
*q = '\0';
return q - (unsigned char *) buf;
}

25
src/base64.h Normal file
View file

@ -0,0 +1,25 @@
/*
* Copyright (c) 2006-2007 Bjorn Andersson <flex@kryo.se>, Erik Ekman <yarrick@kryo.se>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
#ifndef __BASE64_H__
#define __BASE64_H__
struct encoder *get_base64_encoder(void);
int base64_handles_dots();
int base64_encode(char *, size_t *, const void *, size_t);
int base64_decode(void *, size_t *, const char *, size_t);
#endif

35
src/common.c
View file

@ -29,6 +29,7 @@
#include <unistd.h>
#include <string.h>
#include <ctype.h>
#include <termios.h>
#include "common.h"
@ -71,13 +72,11 @@ close_dns(int fd)
void
do_chroot(char *newroot)
{
if (newroot) {
if (chroot(newroot) != 0 || chdir("/") != 0)
err(1, "%s", newroot);
if (chroot(newroot) != 0 || chdir("/") != 0)
err(1, "%s", newroot);
seteuid(geteuid());
setuid(getuid());
}
seteuid(geteuid());
setuid(getuid());
}
void
@ -88,3 +87,27 @@ do_detach()
umask(0);
alarm(0);
}
void
read_password(char *buf, size_t len)
{
struct termios old;
struct termios tp;
char pwd[80];
tcgetattr(0, &tp);
old = tp;
tp.c_lflag &= (~ECHO);
tcsetattr(0, TCSANOW, &tp);
printf("Enter password: ");
fflush(stdout);
scanf("%79s", pwd);
printf("\n");
tcsetattr(0, TCSANOW, &old);
strncpy(buf, pwd, len);
buf[len-1] = '\0';
}

14
src/common.h
View file

@ -17,6 +17,7 @@
#ifndef __COMMON_H__
#define __COMMON_H__
#include <arpa/inet.h>
#include <sys/types.h>
#include <sys/socket.h>
@ -27,15 +28,18 @@
#define MAX(a,b) ((a)>(b)?(a):(b))
#endif
#define QUERY_NAME_SIZE 256
struct packet
{
int len;
int offset;
char data[64*1024];
int len; /* Total packet length */
int sentlen; /* Length of chunk currently transmitted */
int offset; /* Current offset */
char data[64*1024]; /* The data */
};
struct query {
char name[258];
char name[QUERY_NAME_SIZE];
short type;
short id;
struct sockaddr from;
@ -48,4 +52,6 @@ void close_dns(int);
void do_chroot(char *);
void do_detach();
void read_password(char*, size_t);
#endif

61
src/dns.c
View file

@ -61,7 +61,7 @@ dns_encode(char *buf, size_t buflen, struct query *q, qr_t qr, char *data, size_
name = 0xc000 | ((p - buf) & 0x3fff);
putname(&p, 256, q->name);
putname(&p, sizeof(q->name), q->name);
putshort(&p, q->type);
putshort(&p, C_IN);
@ -78,7 +78,7 @@ dns_encode(char *buf, size_t buflen, struct query *q, qr_t qr, char *data, size_
header->qdcount = htons(1);
header->arcount = htons(1);
putname(&p, 256, data);
putname(&p, datalen, data);
putshort(&p, q->type);
putshort(&p, C_IN);
@ -101,11 +101,11 @@ dns_encode(char *buf, size_t buflen, struct query *q, qr_t qr, char *data, size_
int
dns_decode(char *buf, size_t buflen, struct query *q, qr_t qr, char *packet, size_t packetlen)
{
char name[QUERY_NAME_SIZE];
char rdata[4*1024];
HEADER *header;
short qdcount;
short ancount;
char name[255];
uint32_t ttl;
short class;
short type;
@ -137,7 +137,29 @@ dns_decode(char *buf, size_t buflen, struct query *q, qr_t qr, char *packet, siz
switch (qr) {
case QR_ANSWER:
if(qdcount != 1 || ancount != 1) {
warnx("no query or answer in answer");
switch (header->rcode) {
case REFUSED:
warnx("Got REFUSED as reply");
break;
case NOTIMP:
warnx("Got NOTIMP as reply");
break;
case NXDOMAIN:
warnx("Got NXDOMAIN as reply");
break;
case SERVFAIL:
warnx("Got SERVFAIL as reply");
break;
case NOERROR:
default:
warnx("no query or answer in answer");
break;
}
return -1;
}
@ -167,8 +189,8 @@ dns_decode(char *buf, size_t buflen, struct query *q, qr_t qr, char *packet, siz
return -1;
}
readname(packet, packetlen, &data, name, sizeof(name) -1);
name[256] = 0;
readname(packet, packetlen, &data, name, sizeof(name) - 1);
name[sizeof(name)-1] = '\0';
readshort(packet, &data, &type);
readshort(packet, &data, &class);
@ -177,7 +199,8 @@ dns_decode(char *buf, size_t buflen, struct query *q, qr_t qr, char *packet, siz
break;
}
strncpy(q->name, name, 257);
strncpy(q->name, name, sizeof(q->name));
q->name[sizeof(q->name) - 1] = '\0';
q->type = type;
q->id = id;
@ -188,27 +211,3 @@ dns_decode(char *buf, size_t buflen, struct query *q, qr_t qr, char *packet, siz
return rv;
}
int
dns_build_hostname(char *buf, size_t buflen,
const char *data, const size_t datalen,
const char *topdomain)
{
int consumed;
int avail;
char *b;
avail = MIN(0xFF, buflen) - strlen(topdomain) - 2;
memset(buf, 0, buflen);
b = buf;
consumed = encode_data(data, datalen, avail, b);
b += strlen(buf);
if (*b != '.')
*b++ = '.';
strncpy(b, topdomain, strlen(topdomain)+1);
return consumed;
}

2
src/dns.h
View file

@ -24,8 +24,6 @@ typedef enum {
QR_ANSWER = 1
} qr_t;
int dns_build_hostname(char *, size_t, const char *, const size_t, const char *);
int dns_encode(char *, size_t, struct query *, qr_t, char *, size_t);
int dns_decode(char *, size_t, struct query *, qr_t, char *, size_t);

251
src/encoding.c
View file

@ -14,207 +14,80 @@
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
#include <stdio.h>
#include <strings.h>
#include <string.h>
#include "encoding.h"
/* For FreeBSD */
#ifndef MIN
#define MIN(a,b) ((a)<(b)?(a):(b))
#endif
#define SPACING 63
#define ENC_CHUNK 8
#define RAW_CHUNK 5
static const char base32[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ98765-";
static const char padder[] = " 1234";
static char reverse32[128];
static int reverse_init = 0;
/* Eat 5 bytes from src, write 8 bytes to dest */
static void
encode_chunk(char *dest, const char *src)
{
unsigned char c;
*dest++ = base32[(*src & 0xF8) >> 3]; /* 1111 1000 first byte */
c = (*src++ & 0x07) << 2; /* 0000 0111 first byte */
c |= ((*src & 0xC0) >> 6); /* 1100 0000 second byte */
*dest++ = base32[(int) c];
*dest++ = base32[(*src & 0x3E) >> 1]; /* 0011 1110 second byte */
c = (*src++ & 0x01) << 4; /* 0000 0001 second byte */
c |= ((*src & 0xF0) >> 4); /* 1111 0000 third byte */
*dest++ = base32[(int) c];
c = (*src++ & 0x0F) << 1; /* 0000 1111 third byte */
c |= ((*src & 0x80) >> 7); /* 1000 0000 fourth byte */
*dest++ = base32[(int) c];
*dest++ = base32[(*src & 0x7C) >> 2]; /* 0111 1100 fourth byte */
c = (*src++ & 0x03) << 3; /* 0000 0011 fourth byte */
c |= ((*src & 0xE0) >> 5); /* 1110 0000 fifth byte */
*dest++ = base32[(int) c];
*dest++ = base32[*src++ & 0x1F]; /* 0001 1111 fifth byte */
}
/* Eat 8 bytes from src, write 5 bytes to dest */
static void
decode_chunk(char *dest, char *src)
{
unsigned char c;
int i;
if (!reverse_init) {
for (i = 0; i < 32; i++) {
c = base32[i];
reverse32[(int) c] = i;
}
reverse_init = 1;
}
c = reverse32[(int) *src++] << 3; /* Take bits 11111 from byte 1 */
c |= (reverse32[(int) *src] & 0x1C) >> 2; /* Take bits 11100 from byte 2 */
*dest++ = c;
c = (reverse32[(int) *src++] & 0x3) << 6; /* Take bits 00011 from byte 2 */
c |= reverse32[(int) *src++] << 1; /* Take bits 11111 from byte 3 */
c |= (reverse32[(int) *src] & 0x10) >> 4; /* Take bits 10000 from byte 4 */
*dest++ = c;
c = (reverse32[(int) *src++] & 0xF) << 4; /* Take bits 01111 from byte 4 */
c |= (reverse32[(int) *src] & 0x1E) >> 1; /* Take bits 11110 from byte 5 */
*dest++ = c;
c = reverse32[(int) *src++] << 7; /* Take bits 00001 from byte 5 */
c |= reverse32[(int) *src++] << 2; /* Take bits 11111 from byte 6 */
c |= (reverse32[(int) *src] & 0x18) >> 3; /* Take bits 11000 from byte 7 */
*dest++ = c;
c = (reverse32[(int) *src++] & 0x7) << 5; /* Take bits 00111 from byte 7 */
c |= reverse32[(int) *src++]; /* Take bits 11111 from byte 8 */
*dest++ = c;
}
int
encode_data(const char *buf, const size_t len, int space, char *dest)
unpack_data(char *buf, size_t buflen, char *data, size_t datalen, struct encoder *enc)
{
int final;
int write;
int realwrite;
int chunks;
int leftovers;
int i;
char encoded[255];
char padding[5];
const char *dp;
char *pp;
char *ep;
space -= space / SPACING;
chunks = (space - 1) / ENC_CHUNK;
while ((chunks + 1) * ENC_CHUNK + 1 > space) {
chunks--;
}
write = RAW_CHUNK * chunks;
write = MIN(write, len); /* do not use more bytes than is available; */
final = (write == len); /* is this the last block? */
chunks = write / RAW_CHUNK;
leftovers = write % RAW_CHUNK;
memset(encoded, 0, sizeof(encoded));
ep = encoded;
dp = buf;
for (i = 0; i < chunks; i++) {
encode_chunk(ep, dp);
ep += ENC_CHUNK;
dp += RAW_CHUNK;
}
realwrite = ENC_CHUNK * chunks;
memset(padding, 0, sizeof(padding));
pp = padding;
if (leftovers) {
pp += RAW_CHUNK - leftovers;
memcpy(pp, dp, leftovers);
pp = padding;
*ep++ = padder[leftovers];
encode_chunk(ep, pp);
realwrite += ENC_CHUNK + 1; /* plus padding character */
}
ep = encoded;
if (len > 0) {
for (i = 1; i <= realwrite; i++) {
if (i % SPACING == 0) {
*dest++ = '.';
}
*dest++ = *ep++;
}
}
return write;
if (!enc->eats_dots())
datalen = inline_undotify(data, datalen);
return enc->decode(buf, &buflen, data, datalen);
}
int
decode_data(char *dest, int size, const char *src, char *srcend)
int
inline_dotify(char *buf, size_t buflen)
{
int len;
int i;
int chunks;
int padded;
char encoded[255];
char padding[5];
int enclen;
char *pp;
char *ep;
unsigned dots;
unsigned pos;
unsigned total;
char *reader, *writer;
memset(encoded, 0, sizeof(encoded));
memset(dest, 0, size);
total = strlen(buf);
dots = total / 62;
/* First byte is not encoded */
*dest++ = *src++;
len = 1;
writer = buf;
writer += total;
writer += dots;
ep = encoded;
enclen = 0;
while(enclen < sizeof(encoded) && src < srcend) {
if(*src == '.') {
src++;
total += dots;
if (strlen(buf) + dots > buflen) {
writer = buf;
writer += buflen;
total = buflen;
}
reader = writer - dots;
pos = (unsigned) (reader - buf) + 1;
while (dots) {
if (pos % 62 == 0) {
*writer-- = '.';
dots--;
}
*writer-- = *reader--;
pos--;
}
/* return new length of string */
return total;
}
int
inline_undotify(char *buf, size_t len)
{
unsigned pos;
unsigned dots;
char *reader, *writer;
writer = buf;
reader = writer;
pos = 0;
dots = 0;
while (pos < len) {
if (*reader == '.') {
reader++;
pos++;
dots++;
continue;
}
*ep++ = *src++;
enclen++;
*writer++ = *reader++;
pos++;
}
chunks = enclen / 8;
padded = enclen % 8;
ep = encoded;
for (i = 0; i < chunks-1; i++) {
decode_chunk(dest, ep);
dest += RAW_CHUNK;
ep += ENC_CHUNK;
len += RAW_CHUNK;
}
/* Read last chunk */
if (padded) {
pp = padding;
padded = *ep++ - '0';
decode_chunk(pp, ep);
pp += RAW_CHUNK - padded;
memcpy(dest, pp, padded);
len += padded;
} else {
decode_chunk(dest, ep);
len += RAW_CHUNK;
}
return len;
/* return new length of string */
return len - dots;
}

14
src/encoding.h
View file

@ -17,7 +17,17 @@
#ifndef _ENCODING_H_
#define _ENCODING_H_
int encode_data(const char *, const size_t, int, char *);
int decode_data(char *, int, const char *, char *);
struct encoder {
char name[8];
int (*encode) (char *, size_t *, const void *, size_t);
int (*decode) (void *, size_t *, const char *, size_t);
int (*places_dots) (void);
int (*eats_dots) (void);
};
int unpack_data(char *, size_t, char *, size_t, struct encoder *);
int inline_dotify(char *, size_t);
int inline_undotify(char *, size_t);
#endif /* _ENCODING_H_ */

325
src/iodine.c
View file

@ -23,6 +23,7 @@
#include <netdb.h>
#include <netinet/in.h>
#include <sys/types.h>
#include <sys/time.h>
#include <sys/socket.h>
#include <fcntl.h>
#include <err.h>
@ -35,6 +36,8 @@
#endif
#include "common.h"
#include "encoding.h"
#include "base32.h"
#include "dns.h"
#include "login.h"
#include "tun.h"
@ -42,23 +45,37 @@
static void send_ping(int fd);
static void send_chunk(int fd);
static int build_hostname(char *buf, size_t buflen,
const char *data, const size_t datalen,
const char *topdomain, struct encoder *encoder);
int running = 1;
char password[33];
static int running = 1;
static char password[33];
struct sockaddr_in peer;
static struct sockaddr_in nameserv;
static char *topdomain;
uint16_t rand_seed;
static uint16_t rand_seed;
/* Current IP packet */
static char activepacket[4096];
static struct packet packet;
/* My userid at the server */
static char userid;
static int lastlen;
static int packetpos;
static int packetlen;
/* DNS id for next packet */
static uint16_t chunkid;
/* Base32 encoder used for non-data packets */
static struct encoder *b32;
/* The encoder used for data packets
* Defaults to Base32, can be changed after handshake */
static struct encoder *dataenc;
/* result of case preservation check done after login */
static int case_preserved;
static void
sighandler(int sig)
{
@ -66,57 +83,96 @@ sighandler(int sig)
}
static void
send_packet(int fd, char cmd, const char *data, const size_t datalen)
send_query(int fd, char *hostname)
{
char packet[4096];
struct query q;
char buf[4096];
size_t len;
q.id = ++chunkid;
q.type = T_NULL;
len = dns_encode(packet, sizeof(packet), &q, QR_QUERY, hostname, strlen(hostname));
sendto(fd, packet, len, 0, (struct sockaddr*)&nameserv, sizeof(nameserv));
}
static void
send_packet(int fd, char cmd, const char *data, const size_t datalen)
{
char buf[4096];
buf[0] = cmd;
len = dns_build_hostname(buf + 1, sizeof(buf) - 1, data, datalen, topdomain);
len = dns_encode(packet, sizeof(packet), &q, QR_QUERY, buf, strlen(buf));
build_hostname(buf + 1, sizeof(buf) - 1, data, datalen, topdomain, b32);
send_query(fd, buf);
}
sendto(fd, packet, len, 0, (struct sockaddr*)&peer, sizeof(peer));
static int
build_hostname(char *buf, size_t buflen,
const char *data, const size_t datalen,
const char *topdomain, struct encoder *encoder)
{
int encsize;
size_t space;
char *b;
space = MIN(0xFF, buflen) - strlen(topdomain) - 2;
if (!encoder->places_dots())
space -= (space / 62); /* space for dots */
memset(buf, 0, buflen);
encsize = encoder->encode(buf, &space, data, datalen);
if (!encoder->places_dots())
inline_dotify(buf, buflen);
b = buf;
b += strlen(buf);
if (*b != '.')
*b++ = '.';
strncpy(b, topdomain, strlen(topdomain)+1);
return space;
}
int
is_sending()
{
return (packetlen != 0);
return (packet.len != 0);
}
int
read_dns(int fd, char *buf, int buflen)
{
struct sockaddr_in from;
char packet[64*1024];
char data[64*1024];
socklen_t addrlen;
struct query q;
int rv;
int r;
addrlen = sizeof(struct sockaddr);
if ((r = recvfrom(fd, packet, sizeof(packet), 0,
(struct sockaddr*)&from, &addrlen)) == -1) {
if ((r = recvfrom(fd, data, sizeof(data), 0,
(struct sockaddr*)&from, &addrlen)) == -1) {
warn("recvfrom");
return 0;
}
rv = dns_decode(buf, buflen, &q, QR_ANSWER, packet, r);
rv = dns_decode(buf, buflen, &q, QR_ANSWER, data, r);
if (is_sending() && chunkid == q.id) {
/* Got ACK on sent packet */
packetpos += lastlen;
if (packetpos == packetlen) {
packet.offset += packet.sentlen;
if (packet.offset == packet.len) {
/* Packet completed */
packetpos = 0;
packetlen = 0;
lastlen = 0;
packet.offset = 0;
packet.len = 0;
packet.sentlen = 0;
} else {
/* More to send */
send_chunk(fd);
@ -142,10 +198,10 @@ tunnel_tun(int tun_fd, int dns_fd)
inlen = read;
compress2((uint8_t*)out, &outlen, (uint8_t*)in, inlen, 9);
memcpy(activepacket, out, MIN(outlen, sizeof(activepacket)));
lastlen = 0;
packetpos = 0;
packetlen = outlen;
memcpy(packet.data, out, MIN(outlen, sizeof(packet.data)));
packet.sentlen = 0;
packet.offset = 0;
packet.len = outlen;
send_chunk(dns_fd);
@ -224,33 +280,26 @@ static void
send_chunk(int fd)
{
char hex[] = "0123456789ABCDEF";
char packet[4096];
struct query q;
char buf[4096];
int avail;
int code;
char *p;
int len;
q.id = ++chunkid;
q.type = T_NULL;
p = packet.data;
p += packet.offset;
avail = packet.len - packet.offset;
p = activepacket;
p += packetpos;
avail = packetlen - packetpos;
packet.sentlen = build_hostname(buf + 1, sizeof(buf) - 1, p, avail, topdomain, dataenc);
lastlen = dns_build_hostname(buf + 1, sizeof(buf) - 1, p, avail, topdomain);
if (lastlen == avail)
if (packet.sentlen == avail)
code = 1;
else
code = 0;
code |= (userid << 1);
buf[0] = hex[code];
len = dns_encode(packet, sizeof(packet), &q, QR_QUERY, buf, strlen(buf));
sendto(fd, packet, len, 0, (struct sockaddr*)&peer, sizeof(peer));
send_query(fd, buf);
}
void
@ -276,9 +325,9 @@ send_ping(int fd)
char data[3];
if (is_sending()) {
lastlen = 0;
packetpos = 0;
packetlen = 0;
packet.sentlen = 0;
packet.offset = 0;
packet.len = 0;
}
data[0] = userid;
@ -308,6 +357,15 @@ send_version(int fd, uint32_t version)
send_packet(fd, 'V', data, sizeof(data));
}
void
send_case_check(int fd)
{
char buf[512] = "zZaAbBcCdDeEfFgGhHiIjJkKlLmMnNoOpPqQrRsStTuUvVwWxXyY123-4560789.";
strncat(buf, topdomain, 512 - strlen(buf));
send_query(fd, buf);
}
static int
handshake(int dns_fd)
{
@ -339,15 +397,15 @@ handshake(int dns_fd)
read = read_dns(dns_fd, in, sizeof(in));
if(read < 0) {
perror("read");
warn("handshake read");
continue;
}
if (read >= 9) {
payload = (((in[4] & 0xff) << 24) |
((in[5] & 0xff) << 16) |
((in[6] & 0xff) << 8) |
((in[7] & 0xff)));
((in[5] & 0xff) << 16) |
((in[6] & 0xff) << 8) |
((in[7] & 0xff)));
if (strncmp("VACK", in, 4) == 0) {
seed = payload;
@ -405,7 +463,7 @@ perform_login:
client[64] = 0;
if (tun_setip(client) == 0 &&
tun_setmtu(mtu) == 0) {
return 0;
goto perform_case_check;
} else {
warnx("Received handshake with bad data");
}
@ -417,23 +475,98 @@ perform_login:
printf("Retrying login...\n");
}
errx(1, "couldn't login to server");
/* NOTREACHED */
return 1;
perform_case_check:
case_preserved = 0;
for (i=0; running && i<5 ;i++) {
tv.tv_sec = i + 1;
tv.tv_usec = 0;
send_case_check(dns_fd);
FD_ZERO(&fds);
FD_SET(dns_fd, &fds);
r = select(dns_fd + 1, &fds, NULL, NULL, &tv);
if(r > 0) {
read = read_dns(dns_fd, in, sizeof(in));
if(read <= 0) {
warn("read");
continue;
}
if (read > 0) {
if (in[0] == 'z' || in[0] == 'Z') {
if (read < (26 * 2)) {
printf("Received short case reply...\n");
} else {
int k;
case_preserved = 1;
for (k = 0; k < 26 && case_preserved; k += 2) {
if (in[k] == in[k+1]) {
/* test string: zZaAbBcCdD... */
case_preserved = 0;
}
}
return 0;
}
} else {
printf("Received bad case check reply\n");
}
}
}
printf("Retrying case check...\n");
}
printf("No reply on case check, continuing\n");
return 0;
}
static char *
get_resolvconf_addr()
{
static char addr[16];
char buf[80];
char *rv;
FILE *fp;
rv = NULL;
if ((fp = fopen("/etc/resolv.conf", "r")) == NULL)
err(1, "/etc/resolve.conf");
while (feof(fp) == 0) {
fgets(buf, sizeof(buf), fp);
if (sscanf(buf, "nameserver %15s", addr) == 1) {
rv = addr;
break;
}
}
fclose(fp);
return rv;
}
static void
set_target(const char *host)
static void
set_nameserver(const char *cp)
{
struct hostent *h;
struct in_addr addr;
h = gethostbyname(host);
if (!h)
err(1, "couldn't resolve name %s", host);
if (inet_aton(cp, &addr) != 1)
errx(1, "error parsing nameserver address: '%s'", cp);
memset(&peer, 0, sizeof(peer));
peer.sin_family = AF_INET;
peer.sin_port = htons(53);
peer.sin_addr = *((struct in_addr *) h->h_addr);
memset(&nameserv, 0, sizeof(nameserv));
nameserv.sin_family = AF_INET;
nameserv.sin_port = htons(53);
nameserv.sin_addr = addr;
}
static void
@ -441,7 +574,7 @@ usage() {
extern char *__progname;
printf("Usage: %s [-v] [-h] [-f] [-u user] [-t chrootdir] [-d device] "
"nameserver topdomain\n", __progname);
"[nameserver] topdomain\n", __progname);
exit(2);
}
@ -451,7 +584,7 @@ help() {
printf("iodine IP over DNS tunneling client\n");
printf("Usage: %s [-v] [-h] [-f] [-u user] [-t chrootdir] [-d device] "
"[-P password] nameserver topdomain\n", __progname);
"[-P password] [nameserver] topdomain\n", __progname);
printf(" -v to print version info and exit\n");
printf(" -h to print this help and exit\n");
printf(" -f to keep running in foreground\n");
@ -459,7 +592,7 @@ help() {
printf(" -t dir to chroot to directory dir\n");
printf(" -d device to set tunnel device name\n");
printf(" -P password used for authentication (max 32 chars will be used)\n");
printf("nameserver is the IP number of the relaying nameserver\n");
printf("nameserver is the IP number of the relaying nameserver, if absent /etc/resolv.conf is used\n");
printf("topdomain is the FQDN that is delegated to the tunnel endpoint.\n");
exit(0);
@ -469,7 +602,7 @@ static void
version() {
printf("iodine IP over DNS tunneling client\n");
printf("version: 0.4.0 from 2007-03-25\n");
printf("version: 0.4.1 from 2007-11-30\n");
exit(0);
}
@ -477,6 +610,7 @@ version() {
int
main(int argc, char **argv)
{
char *nameserv_addr;
struct passwd *pw;
char *username;
int foreground;
@ -492,6 +626,9 @@ main(int argc, char **argv)
newroot = NULL;
device = NULL;
chunkid = 0;
b32 = get_base32_encoder();
dataenc = get_base32_encoder();
while ((choice = getopt(argc, argv, "vfhu:t:d:P:")) != -1) {
switch(choice) {
@ -514,8 +651,11 @@ main(int argc, char **argv)
device = optarg;
break;
case 'P':
strncpy(password, optarg, 32);
password[32] = 0;
strncpy(password, optarg, sizeof(password));
password[sizeof(password)-1] = 0;
/* XXX: find better way of cleaning up ps(1) */
memset(optarg, 0, strlen(optarg));
break;
default:
usage();
@ -524,37 +664,48 @@ main(int argc, char **argv)
}
if (geteuid() != 0) {
printf("Run as root and you'll be happy.\n");
warnx("Run as root and you'll be happy.\n");
usage();
}
argc -= optind;
argv += optind;
if (argc != 2)
switch (argc) {
case 1:
nameserv_addr = get_resolvconf_addr();
topdomain = strdup(argv[0]);
break;
case 2:
nameserv_addr = argv[0];
topdomain = strdup(argv[1]);
break;
default:
usage();
/* NOTREACHED */
}
topdomain = strdup(argv[1]);
set_nameserver(nameserv_addr);
if(username) {
pw = getpwnam(username);
if (!pw) {
printf("User %s does not exist!\n", username);
if (strlen(topdomain) > 128 || topdomain[0] == '.') {
warnx("Use a topdomain max 128 chars long. Do not start it with a dot.\n");
usage();
}
if (username != NULL) {
if ((pw = getpwnam(username)) == NULL) {
warnx("User %s does not exist!\n", username);
usage();
}
}
if (strlen(password) == 0) {
printf("Enter password on stdin:\n");
scanf("%32s", password);
password[32] = 0;
}
if (strlen(password) == 0)
read_password(password, sizeof(password));
if ((tun_fd = open_tun(device)) == -1)
goto cleanup1;
if ((dns_fd = open_dns(0, INADDR_ANY)) == -1)
goto cleanup2;
set_target(argv[0]);
signal(SIGINT, sighandler);
signal(SIGTERM, sighandler);
@ -562,21 +713,21 @@ main(int argc, char **argv)
if(handshake(dns_fd))
goto cleanup2;
printf("Sending queries for %s to %s\n", argv[1], argv[0]);
printf("Sending queries for %s to %s\n", topdomain, nameserv_addr);
do_chroot(newroot);
if (foreground == 0)
do_detach();
if (newroot != NULL)
do_chroot(newroot);
if (username) {
if (username != NULL) {
if (setgid(pw->pw_gid) < 0 || setuid(pw->pw_uid) < 0) {
printf("Could not switch to user %s!\n", username);
warnx("Could not switch to user %s!\n", username);
usage();
}
}
if (!foreground) {
do_detach();
}
tunnel(tun_fd, dns_fd);
cleanup2:

165
src/iodined.c
View file

@ -21,6 +21,7 @@
#include <signal.h>
#include <unistd.h>
#include <sys/types.h>
#include <sys/time.h>
#include <sys/socket.h>
#include <fcntl.h>
#include <err.h>
@ -34,20 +35,20 @@
#include "common.h"
#include "dns.h"
#include "encoding.h"
#include "base32.h"
#include "user.h"
#include "login.h"
#include "tun.h"
#include "encoding.h"
#include "version.h"
int running = 1;
static int running = 1;
static char *topdomain;
static char password[33];
static struct encoder *b32;
char *topdomain;
char password[33];
int my_mtu;
in_addr_t my_ip;
static int my_mtu;
static in_addr_t my_ip;
static int read_dns(int, struct query *, char *, int);
static void write_dns(int, struct query *, char *, int);
@ -133,6 +134,7 @@ tunnel_dns(int tun_fd, int dns_fd)
char logindata[16];
char out[64*1024];
char in[64*1024];
char unpacked[64*1024];
char *tmp[2];
int userid;
int touser;
@ -145,37 +147,37 @@ tunnel_dns(int tun_fd, int dns_fd)
return 0;
if(in[0] == 'V' || in[0] == 'v') {
read = unpack_data(unpacked, sizeof(unpacked), &(in[1]), read - 1, b32);
/* Version greeting, compare and send ack/nak */
if (read > 4) {
/* Received V + 32bits version */
version = (((unpacked[0] & 0xff) << 24) |
((unpacked[1] & 0xff) << 16) |
((unpacked[2] & 0xff) << 8) |
((unpacked[3] & 0xff)));
}
version = (((in[1] & 0xff) << 24) |
((in[2] & 0xff) << 16) |
((in[3] & 0xff) << 8) |
((in[4] & 0xff)));
if (version == VERSION) {
userid = find_available_user();
if (userid >= 0) {
users[userid].seed = rand();
memcpy(&(users[userid].host), &(dummy.q.from), dummy.q.fromlen);
memcpy(&(users[userid].q), &(dummy.q), sizeof(struct query));
users[userid].addrlen = dummy.q.fromlen;
send_version_response(dns_fd, VERSION_ACK, users[userid].seed, &users[userid]);
users[userid].q.id = 0;
} else {
/* No space for another user */
send_version_response(dns_fd, VERSION_FULL, USERS, &dummy);
}
if (version == VERSION) {
userid = find_available_user();
if (userid >= 0) {
users[userid].seed = rand();
memcpy(&(users[userid].host), &(dummy.q.from), dummy.q.fromlen);
memcpy(&(users[userid].q), &(dummy.q), sizeof(struct query));
users[userid].addrlen = dummy.q.fromlen;
users[userid].encoder = get_base32_encoder();
send_version_response(dns_fd, VERSION_ACK, users[userid].seed, &users[userid]);
users[userid].q.id = 0;
} else {
send_version_response(dns_fd, VERSION_NACK, VERSION, &dummy);
/* No space for another user */
send_version_response(dns_fd, VERSION_FULL, USERS, &dummy);
}
} else {
send_version_response(dns_fd, VERSION_NACK, VERSION, &dummy);
}
} else if(in[0] == 'L' || in[0] == 'l') {
read = unpack_data(unpacked, sizeof(unpacked), &(in[1]), read - 1, b32);
/* Login phase, handle auth */
userid = in[1];
userid = unpacked[0];
if (userid < 0 || userid >= USERS) {
write_dns(dns_fd, &(dummy.q), "BADIP", 5);
return 0; /* illegal id */
@ -187,7 +189,7 @@ tunnel_dns(int tun_fd, int dns_fd)
memcmp(&(users[userid].host), &(dummy.q.from), dummy.q.fromlen) != 0) {
write_dns(dns_fd, &(dummy.q), "BADIP", 5);
} else {
if (read >= 18 && (memcmp(logindata, in+2, 16) == 0)) {
if (read >= 18 && (memcmp(logindata, unpacked+1, 16) == 0)) {
/* Login ok, send ip/mtu info */
tempip.s_addr = my_ip;
@ -208,14 +210,21 @@ tunnel_dns(int tun_fd, int dns_fd)
}
}
} else if(in[0] == 'P' || in[0] == 'p') {
read = unpack_data(unpacked, sizeof(unpacked), &(in[1]), read - 1, b32);
/* Ping packet, store userid */
userid = in[1];
userid = unpacked[0];
if (userid < 0 || userid >= USERS) {
write_dns(dns_fd, &(dummy.q), "BADIP", 5);
return 0; /* illegal id */
}
memcpy(&(users[userid].q), &(dummy.q), sizeof(struct query));
users[userid].last_pkt = time(NULL);
} else if(in[0] == 'Z' || in[0] == 'z') {
/* Case conservation check */
/* Reply with received hostname as data */
write_dns(dns_fd, &(dummy.q), in, read);
return 0;
} else if((in[0] >= '0' && in[0] <= '9')
|| (in[0] >= 'a' && in[0] <= 'f')
|| (in[0] >= 'A' && in[0] <= 'F')) {
@ -237,12 +246,16 @@ tunnel_dns(int tun_fd, int dns_fd)
memcmp(&(users[userid].host), &(dummy.q.from), dummy.q.fromlen) != 0) {
write_dns(dns_fd, &(dummy.q), "BADIP", 5);
} else {
/* decode with this users encoding */
read = unpack_data(unpacked, sizeof(unpacked), &(in[1]), read - 1,
users[userid].encoder);
users[userid].last_pkt = time(NULL);
memcpy(&(users[userid].q), &(dummy.q), sizeof(struct query));
users[userid].addrlen = dummy.q.fromlen;
memcpy(users[userid].inpacket.data + users[userid].inpacket.offset, in + 1, read - 1);
users[userid].inpacket.len += read - 1;
users[userid].inpacket.offset += read - 1;
memcpy(users[userid].inpacket.data + users[userid].inpacket.offset, unpacked, read);
users[userid].inpacket.len += read;
users[userid].inpacket.offset += read;
if (code & 1) {
outlen = sizeof(out);
@ -351,12 +364,17 @@ read_dns(int fd, struct query *q, char *buf, int buflen)
if (r > 0) {
dns_decode(buf, buflen, q, QR_QUERY, packet, r);
domain = strstr(q->name, topdomain);
rv = decode_data(buf, buflen, q->name, domain);
q->fromlen = addrlen;
memcpy((struct sockaddr*)&q->from, (struct sockaddr*)&from, addrlen);
} else if (r < 0) {
if (domain) {
rv = (int) (domain - q->name);
memcpy(buf, q->name, MIN(rv, buflen));
q->fromlen = addrlen;
memcpy((struct sockaddr*)&q->from, (struct sockaddr*)&from, addrlen);
} else {
rv = 0;
}
} else if (r < 0) {
/* Error */
perror("recvfrom");
warn("read dns");
rv = 0;
}
@ -410,24 +428,24 @@ help() {
static void
version() {
printf("iodine IP over DNS tunneling server\n");
printf("version: 0.4.0 from 2007-03-25\n");
printf("version: 0.4.1 from 2007-11-30\n");
exit(0);
}
int
main(int argc, char **argv)
{
int choice;
int tun_fd;
int dnsd_fd;
char *newroot;
char *username;
char *device;
int foreground;
int mtu;
struct passwd *pw;
in_addr_t listen_ip;
struct passwd *pw;
int foreground;
char *username;
char *newroot;
char *device;
int dnsd_fd;
int tun_fd;
int choice;
int port;
int mtu;
username = NULL;
newroot = NULL;
@ -437,7 +455,9 @@ main(int argc, char **argv)
listen_ip = INADDR_ANY;
port = 53;
memset(password, 0, 33);
b32 = get_base32_encoder();
memset(password, 0, sizeof(password));
srand(time(NULL));
while ((choice = getopt(argc, argv, "vfhu:t:d:m:l:p:P:")) != -1) {
@ -474,8 +494,11 @@ main(int argc, char **argv)
}
break;
case 'P':
strncpy(password, optarg, 32);
password[32] = 0;
strncpy(password, optarg, sizeof(password));
password[sizeof(password)-1] = 0;
/* XXX: find better way of cleaning up ps(1) */
memset(optarg, 0, strlen(optarg));
break;
default:
usage();
@ -487,7 +510,7 @@ main(int argc, char **argv)
argv += optind;
if (geteuid() != 0) {
printf("Run as root and you'll be happy.\n");
warnx("Run as root and you'll be happy.\n");
usage();
}
@ -495,30 +518,30 @@ main(int argc, char **argv)
usage();
topdomain = strdup(argv[1]);
if (strlen(topdomain) > 128 || topdomain[0] == '.') {
warnx("Use a topdomain max 128 chars long. Do not start it with a dot.\n");
usage();
}
if (username) {
pw = getpwnam(username);
if (!pw) {
printf("User %s does not exist!\n", username);
if (username != NULL) {
if ((pw = getpwnam(username)) == NULL) {
warnx("User %s does not exist!\n", username);
usage();
}
}
if (mtu == 0) {
printf("Bad MTU given.\n");
warnx("Bad MTU given.\n");
usage();
}
if (listen_ip == INADDR_NONE) {
printf("Bad IP address to listen on.\n");
warnx("Bad IP address to listen on.\n");
usage();
}
if (strlen(password) == 0) {
printf("Enter password on stdin:\n");
scanf("%32s", password);
password[32] = 0;
}
if (strlen(password) == 0)
read_password(password, sizeof(password));
if ((tun_fd = open_tun(device)) == -1)
goto cleanup0;
@ -531,22 +554,22 @@ main(int argc, char **argv)
my_mtu = mtu;
init_users(my_ip);
printf("Listening to dns for domain %s\n", argv[1]);
printf("Listening to dns for domain %s\n", topdomain);
do_chroot(newroot);
if (foreground == 0)
do_detach();
if (newroot != NULL)
do_chroot(newroot);
signal(SIGINT, sigint);
if (username) {
if (username != NULL) {
if (setgid(pw->pw_gid) < 0 || setuid(pw->pw_uid) < 0) {
printf("Could not switch to user %s!\n", username);
warnx("Could not switch to user %s!\n", username);
usage();
}
}
if (!foreground) {
do_detach();
}
tunnel(tun_fd, dnsd_fd);
cleanup2:

1
src/login.c
View file

@ -47,5 +47,6 @@ login_calculate(char *buf, int buflen, char *pass, int seed)
md5_init(&ctx);
md5_append(&ctx, temp, 32);
md5_finish(&ctx, (unsigned char *) buf);
}

22
src/tun.c
View file

@ -58,7 +58,9 @@ open_tun(const char *tun_device)
if (tun_device != NULL) {
strncpy(ifreq.ifr_name, tun_device, IFNAMSIZ);
ifreq.ifr_name[IFNAMSIZ-1] = '\0';
strncpy(if_name, tun_device, sizeof(if_name));
if_name[sizeof(if_name)-1] = '\0';
if (ioctl(tun_fd, TUNSETIFF, (void *) &ifreq) != -1) {
printf("Opened %s\n", ifreq.ifr_name);
@ -102,6 +104,7 @@ open_tun(const char *tun_device)
if (tun_device != NULL) {
snprintf(tun_name, sizeof(tun_name), "/dev/%s", tun_device);
strncpy(if_name, tun_device, sizeof(if_name));
if_name[sizeof(if_name)-1] = '\0';
if ((tun_fd = open(tun_name, O_RDWR)) < 0) {
warn("open_tun: %s: %s", tun_name, strerror(errno));
@ -140,7 +143,7 @@ close_tun(int tun_fd)
}
int
write_tun(int tun_fd, char *data, int len)
write_tun(int tun_fd, char *data, size_t len)
{
#if defined (FREEBSD) || defined (DARWIN) || defined(NETBSD)
data += 4;
@ -166,8 +169,8 @@ write_tun(int tun_fd, char *data, int len)
return 0;
}
int
read_tun(int tun_fd, char *buf, int len)
ssize_t
read_tun(int tun_fd, char *buf, size_t len)
{
#if defined (FREEBSD) || defined (DARWIN) || defined(NETBSD)
/* FreeBSD/Darwin/NetBSD has no header */
@ -181,6 +184,9 @@ int
tun_setip(const char *ip)
{
char cmdline[512];
#ifndef LINUX
int r;
#endif
if (inet_addr(ip) != INADDR_NONE) {
snprintf(cmdline, sizeof(cmdline),
@ -191,8 +197,6 @@ tun_setip(const char *ip)
printf("Setting IP of %s to %s\n", if_name, ip);
#ifndef LINUX
int r;
r = system(cmdline);
if(r != 0) {
return r;
@ -212,20 +216,20 @@ tun_setip(const char *ip)
}
int
tun_setmtu(const int mtu)
tun_setmtu(const size_t mtu)
{
char cmdline[512];
if (mtu > 200 && mtu < 1500) {
snprintf(cmdline, sizeof(cmdline),
"/sbin/ifconfig %s mtu %d",
"/sbin/ifconfig %s mtu %u",
if_name,
mtu);
printf("Setting MTU of %s to %d\n", if_name, mtu);
printf("Setting MTU of %s to %u\n", if_name, mtu);
return system(cmdline);
} else {
warn("MTU out of range: %d\n", mtu);
warn("MTU out of range: %u\n", mtu);
}
return 1;

6
src/tun.h
View file

@ -19,9 +19,9 @@
int open_tun(const char *);
void close_tun(int);
int write_tun(int, char *, int);
int read_tun(int, char *, int);
int write_tun(int, char *, size_t);
ssize_t read_tun(int, char *, size_t);
int tun_setip(const char *);
int tun_setmtu(const int);
int tun_setmtu(const size_t);
#endif /* _TUN_H_ */

12
src/user.c
View file

@ -14,15 +14,23 @@
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
#include <string.h>
#include <stdio.h>
#include <stdint.h>
#include <time.h>
#include <stdlib.h>
#include <string.h>
#include <signal.h>
#include <unistd.h>
#include <netdb.h>
#include <netinet/in.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <fcntl.h>
#include <err.h>
#include <arpa/inet.h>
#include <netinet/in.h>
#include "common.h"
#include "encoding.h"
#include "user.h"
struct user users[USERS];

1
src/user.h
View file

@ -30,6 +30,7 @@ struct user {
struct query q;
struct packet inpacket;
struct packet outpacket;
struct encoder *encoder;
};
extern struct user users[USERS];

2
src/version.h
View file

@ -19,7 +19,7 @@
/* This is the version of the network protocol
It is usually equal to the latest iodine version number */
#define VERSION 0x00000400
#define VERSION 0x00000402
#endif /* _VERSION_H_ */

4
tests/Makefile
View file

@ -1,7 +1,7 @@
CC = gcc
TEST = test
OBJS = test.o base32.o read.o dns.o encoding.o login.o user.o
SRCOBJS = ../src/base32.o ../src/read.o ../src/dns.o ../src/encoding.o ../src/login.o ../src/md5.o ../src/user.o
OBJS = test.o base32.o base64.o read.o dns.o encoding.o login.o user.o
SRCOBJS = ../src/base32.o ../src/base64.o ../src/read.o ../src/dns.o ../src/encoding.o ../src/login.o ../src/md5.o ../src/user.o
OS = `uname | tr "a-z" "A-Z"`

27
tests/base32.c
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2006 Bjorn Andersson <flex@kryo.se>, Erik Ekman <yarrick@kryo.se>
* Copyright (c) 2006-2007 Bjorn Andersson <flex@kryo.se>, Erik Ekman <yarrick@kryo.se>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
@ -20,14 +20,16 @@
#include <string.h>
#include <errno.h>
#include "encoding.h"
#include "base32.h"
#include "test.h"
struct touple
static struct tuple
{
char *a;
char *b;
} testpairs[] = {
{ "iodinetestingtesting", "nfxwi0lomv0gk21unfxgo3dfon0gs1th" },
{ "abc123", "mfrggmjsgm" },
{ NULL, NULL }
};
@ -35,46 +37,37 @@ struct touple
START_TEST(test_base32_encode)
{
size_t len;
char *buf;
char buf[4096];
int val;
int i;
len = 0;
buf = NULL;
for (i = 0; testpairs[i].a != NULL; i++) {
val = base32_encode(&buf, &len, testpairs[i].a, strlen(testpairs[i].a));
len = sizeof(buf);
val = base32_encode(buf, &len, testpairs[i].a, strlen(testpairs[i].a));
fail_unless(val > 0, strerror(errno));
fail_unless(buf != NULL, "buf == NULL");
fail_unless(strcmp(buf, testpairs[i].b) == 0,
va_str("'%s' != '%s'", buf, testpairs[i].b));
}
free(buf);
}
END_TEST
START_TEST(test_base32_decode)
{
size_t len;
void *buf;
char buf[4096];
int val;
int i;
len = 0;
buf = NULL;
for (i = 0; testpairs[i].a != NULL; i++) {
val = base32_decode(&buf, &len, testpairs[i].b);
len = sizeof(buf);
val = base32_decode(buf, &len, testpairs[i].b, strlen(testpairs[i].b));
fail_unless(val > 0, strerror(errno));
fail_unless(buf != NULL, "buf == NULL");
fail_unless(strcmp(buf, testpairs[i].a) == 0,
va_str("'%s' != '%s'", buf, testpairs[i].a));
}
free(buf);
}
END_TEST

112
tests/base64.c Normal file
View file

@ -0,0 +1,112 @@
/*
* Copyright (c) 2006-2007 Bjorn Andersson <flex@kryo.se>, Erik Ekman <yarrick@kryo.se>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
#include <check.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include "encoding.h"
#include "base64.h"
#include "test.h"
static struct tuple
{
char *a;
char *b;
} testpairs[] = {
{ "iodinetestingtesting", "Aw8KAw4LDgvZDgLUz2rLC2rPBMC" },
{ "abc123", "ywjJmtiZ" },
{
"\xFF\xEF\x7C\xEF\xAE\x78\xDF\x6D\x74\xCF\x2C\x70\xBE\xEB\x6C\xAE\xAA\x68"
"\x9E\x69\x64\x8E\x28\x60\x7D\xE7\x5C\x6D\xA6\x58\x5D\x65\x54\x4D\x24\x50"
"\x3C\xE3\x4C\x2C\xA2\x48\x1C\x61\x44\x0C\x20\x40\x3F\x3F\x3C\xEF\xAE\x78"
"\xDF\x6D\x74\xCF\x2C\x70\xBE\xEB\x6C\xAE\xAA\x68\x9E\x69\x64\x8E\x28\x60"
"\x7D\xE7\x5C\x6D\xA6\x58\x5D\x65\x54\x4D\x24\x50\x3C\xE3\x4C\x2C\xA2\x48"
"\x1C\x61\x44\x0C\x20\x40\xFF\xEF\x7C\xEF\xAE\x78\xDF\x6D\x74\xCF\x2C\x70"
"\xBE\xEB\x6C\xAE\xAA\x68\x9E\x69\x64\x8E\x28\x60\x7D\xE7\x5C\x6D\xA6\x58"
"\x5D\x65\x54\x4D\x24\x50\x3C\xE3\x4C\x2C\xA2\x48\x1C\x61\x44\x0C\x20\x40",
"9abba876543210-ZYXWVUTSRQPONMLKJIHGFEDCBAzyxwvutsrqponmlkjihgfe999dcbapZ"
"776543210-ZYXWVUTSRQPONMLKJIHGFEDCBAzyxwvutsrqponmlkjihgfedcba9abba87654"
"3210-ZYXWVUTSRQPONMLKJIHGFEDCBAzyxwvutsrqponmlkjihgfe999dcba"
},
{
"\xFF\xEF\x7C\xEF\xAE\x78\xDF\x6D\x74\xCF\x2C\x70\xBE\xEB\x6C\xAE\xAA\x68"
"\x9E\x69\x64\x8E\x28\x60\x7D\xE7\x5C\x6D\xA6\x58\x5D\x65\x54\x4D\x24\x50"
"\x3C\xE3\x4C\x2C\xA2\x48\x1C\x61\x44\x0C\x20\x40\x3F\x3F\x3C\xEF\xAE\x78"
"\xDF\x6D\x74\xCF\x2C\x70\xBE\xEB\x6C\xAE\xA1\x61\x91\x61\x61\x81\x28\x60"
"\x7D\xE7\x5C\x6D\xA6\x58\x5D\x65\x54\x4D\x24\x50\x3C\xE3\x4C\x2C\xA2\x48"
"\x1C\x61\x44\x0C\x20\x40\xFF\xEF\x7C\xEF\xAE\x78\xDF\x6D\x74\xCF\x2C\x70"
"\xBE\xEB\x6C\xAE\xA1\x61\x91\x61\x61\x81\x28\x60\x7D\xE7\x5C\x6D\xA6\x58"
"\x5D\x65\x54\x4D\x24\x50\x3C\xE3\x4C\x2C\xA2\x48\x1C\x61\x44\x0C\x20\x40",
"9IJJI876543210-ZYXWVUTSRQPONMLK9LMJIHGFEDCBAzyxwvutsrqponmlkjihgfedcbapZ"
"776543210-ZYXWVUTSRQfHKwfHGsHGFEDCBAzyxwvutsrqponmlkjihgfedcbaML87654321"
"0-ZYXWVUTSRQfHKwfHGsHGFEDCBAzyxwvutsrqponmlkjihgfedcba"
},
{ NULL, NULL }
};
START_TEST(test_base64_encode)
{
size_t len;
char buf[4096];
int val;
int i;
for (i = 0; testpairs[i].a != NULL; i++) {
len = sizeof(buf);
val = base64_encode(buf, &len, testpairs[i].a, strlen(testpairs[i].a));
fail_unless(val > 0, strerror(errno));
fail_unless(strcmp(buf, testpairs[i].b) == 0,
va_str("'%s' != '%s'", buf, testpairs[i].b));
}
}
END_TEST
START_TEST(test_base64_decode)
{
size_t len;
char buf[4096];
int val;
int i;
for (i = 0; testpairs[i].a != NULL; i++) {
len = sizeof(buf);
val = base64_decode(buf, &len, testpairs[i].b, strlen(testpairs[i].b));
fail_unless(val > 0, strerror(errno));
fail_unless(buf != NULL, "buf == NULL");
fail_unless(strcmp(buf, testpairs[i].a) == 0,
va_str("'%s' != '%s'", buf, testpairs[i].a));
}
}
END_TEST
TCase *
test_base64_create_tests()
{
TCase *tc;
tc = tcase_create("Base64");
tcase_add_test(tc, test_base64_encode);
tcase_add_test(tc, test_base64_decode);
return tc;
}

35
tests/dns.c
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2006 Bjorn Andersson <flex@kryo.se>, Erik Ekman <yarrick@kryo.se>
* Copyright (c) 2006-2007 Bjorn Andersson <flex@kryo.se>, Erik Ekman <yarrick@kryo.se>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
@ -28,17 +28,17 @@
#include "common.h"
#include "dns.h"
#include "encoding.h"
#include "base32.h"
#include "test.h"
static void dump_packet(char *, size_t);
static char queryPacket[] =
"\x05\x39\x01\x00\x00\x01\x00\x00\x00\x00\x00\x01\x32\x41\x4A\x42\x43"
"\x55\x59\x54\x43\x50\x45\x42\x39\x47\x51\x39\x4C\x54\x45\x42\x55\x58"
"\x47\x49\x44\x55\x4E\x42\x53\x53\x41\x36\x44\x46\x4F\x4E\x39\x43\x41"
"\x5A\x44\x42\x32\x41\x41\x41\x41\x41\x36\x44\x42\x04\x6B\x72\x79\x6F"
"\x02\x73\x65\x00\x00\x0A\x00\x01\x00\x00\x29\x10\x00\x00\x00\x80\x00"
"\x00\x00";
"\x05\x39\x01\x00\x00\x01\x00\x00\x00\x00\x00\x01\x2D\x41\x6A\x62\x63"
"\x75\x79\x74\x63\x70\x65\x62\x30\x67\x71\x30\x6C\x74\x65\x62\x75\x78"
"\x67\x69\x64\x75\x6E\x62\x73\x73\x61\x33\x64\x66\x6F\x6E\x30\x63\x61"
"\x7A\x64\x62\x6F\x72\x71\x71\x04\x6B\x72\x79\x6F\x02\x73\x65\x00\x00"
"\x0A\x00\x01\x00\x00\x29\x10\x00\x00\x00\x80\x00\x00\x00";
static char answerPacket[] =
"\x05\x39\x84\x00\x00\x01\x00\x01\x00\x00\x00\x00\x05\x73\x69\x6C\x6C"
@ -51,16 +51,16 @@ static char answerPacket[] =
static char *msgData = "this is the message to be delivered";
static char *topdomain = "kryo.se";
static char *queryData = "HELLO this is the test data";
static char *recData = "AHELLO this is the test data"; /* The A flag is added */
static char *innerData = "HELLO this is the test data";
START_TEST(test_encode_query)
{
char buf[512];
char resolv[512];
struct query q;
struct encoder *enc;
char *d;
int len;
size_t len;
int ret;
len = sizeof(buf);
@ -70,9 +70,10 @@ START_TEST(test_encode_query)
q.type = T_NULL;
q.id = 1337;
d = resolv;
enc = get_base32_encoder();
*d++ = 'A';
encode_data(queryData, strlen(queryData), 100, d);
enc->encode(d, &len, innerData, strlen(innerData));
d = resolv + strlen(resolv);
if (*d != '.') {
*d++ = '.';
@ -96,20 +97,22 @@ START_TEST(test_decode_query)
char buf[512];
char *domain;
struct query q;
int len;
int ret;
struct encoder *enc;
size_t len;
memset(&q, 0, sizeof(struct query));
memset(&buf, 0, sizeof(buf));
q.id = 0;
len = sizeof(queryPacket) - 1;
enc = get_base32_encoder();
dns_decode(buf, sizeof(buf), &q, QR_QUERY, queryPacket, len);
domain = strstr(q.name, topdomain);
ret = decode_data(buf, sizeof(buf), q.name, domain);
len = sizeof(buf);
unpack_data(buf, len, &(q.name[1]), (int) (domain - q.name) - 1, enc);
fail_unless(strncmp(buf, recData, ret) == 0, "Did not extract expected host: '%s'", buf);
fail_unless(strlen(buf) == strlen(recData), va_str("Bad host length: %d, expected %d", strlen(q.name), strlen(recData)));
fail_unless(strncmp(buf, innerData, strlen(innerData)) == 0, "Did not extract expected host: '%s'", buf);
fail_unless(strlen(buf) == strlen(innerData), va_str("Bad host length: %d, expected %d: '%s'", strlen(buf), strlen(innerData), buf));
}
END_TEST

65
tests/encoding.c
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2006 Bjorn Andersson <flex@kryo.se>, Erik Ekman <yarrick@kryo.se>
* Copyright (c) 2006-2007 Bjorn Andersson <flex@kryo.se>, Erik Ekman <yarrick@kryo.se>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
@ -22,24 +22,56 @@
#include "encoding.h"
#include "test.h"
START_TEST(test_encoding_base32)
struct tuple
{
char temp[256];
char *start = "HELLOTEST";
char *out = "1HELLOTEST";
char end[256];
char *tempend;
int codedlength;
char *a;
char *b;
} dottests[] = {
{ "aaaaaaaaaaaaaabaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
"aaaaaaaaaaaaaabaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.a"},
{ "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa."},
{ "abc123", "abc123" },
{ NULL, NULL }
};
memset(temp, 0, sizeof(temp));
memset(end, 0, sizeof(end));
START_TEST(test_inline_dotify)
{
unsigned i;
char temp[1024];
char *b;
codedlength = encode_data(start, strlen(start), sizeof(temp) - 1, temp + 1);
temp[0] = '1';
tempend = temp + strlen(temp);
decode_data(end, sizeof(end), temp, tempend);
i = 0;
while (dottests[i].a) {
memset(temp, 0, sizeof(temp));
strcpy(temp, dottests[i].a);
b = temp;
inline_dotify(b, sizeof(temp));
fail_unless(strcmp(out, end) == 0, NULL);
fail_unless(strcmp(dottests[i].b, temp) == 0,
va_str("'%s' != '%s'", temp, dottests[i].b));
i++;
}
}
END_TEST
START_TEST(test_inline_undotify)
{
unsigned i;
char temp[1024];
char *b;
i = 0;
while (dottests[i].a) {
memset(temp, 0, sizeof(temp));
strcpy(temp, dottests[i].b);
b = temp;
inline_undotify(b, sizeof(temp));
fail_unless(strcmp(dottests[i].a, temp) == 0,
va_str("'%s' != '%s'", temp, dottests[i].a));
i++;
}
}
END_TEST
@ -49,7 +81,8 @@ test_encoding_create_tests()
TCase *tc;
tc = tcase_create("Encoding");
tcase_add_test(tc, test_encoding_base32);
tcase_add_test(tc, test_inline_dotify);
tcase_add_test(tc, test_inline_undotify);
return tc;
}

2
tests/login.c
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2006 Bjorn Andersson <flex@kryo.se>, Erik Ekman <yarrick@kryo.se>
* Copyright (c) 2006-2007 Bjorn Andersson <flex@kryo.se>, Erik Ekman <yarrick@kryo.se>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above

2
tests/read.c
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2006 Bjorn Andersson <flex@kryo.se>, Erik Ekman <yarrick@kryo.se>
* Copyright (c) 2006-2007 Bjorn Andersson <flex@kryo.se>, Erik Ekman <yarrick@kryo.se>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above

5
tests/test.c
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2006 Bjorn Andersson <flex@kryo.se>, Erik Ekman <yarrick@kryo.se>
* Copyright (c) 2006-2007 Bjorn Andersson <flex@kryo.se>, Erik Ekman <yarrick@kryo.se>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
@ -49,6 +49,9 @@ main()
test = test_base32_create_tests();
suite_add_tcase(iodine, test);
test = test_base64_create_tests();
suite_add_tcase(iodine, test);
test = test_dns_create_tests();
suite_add_tcase(iodine, test);

3
tests/test.h
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2006 Bjorn Andersson <flex@kryo.se>, Erik Ekman <yarrick@kryo.se>
* Copyright (c) 2006-2007 Bjorn Andersson <flex@kryo.se>, Erik Ekman <yarrick@kryo.se>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
@ -18,6 +18,7 @@
#define __TEST_H__
TCase *test_base32_create_tests();
TCase *test_base64_create_tests();
TCase *test_dns_create_tests();
TCase *test_encoding_create_tests();
TCase *test_read_create_tests();

3
tests/user.c
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2006 Bjorn Andersson <flex@kryo.se>, Erik Ekman <yarrick@kryo.se>
* Copyright (c) 2006-2007 Bjorn Andersson <flex@kryo.se>, Erik Ekman <yarrick@kryo.se>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
@ -23,6 +23,7 @@
#include <netinet/in.h>
#include "common.h"
#include "encoding.h"
#include "user.h"
#include "test.h"