From e2bc6f4153813cc570ae814c8ddb74628009b488 Mon Sep 17 00:00:00 2001 From: Michal Kubecek Date: Mon, 13 Apr 2015 09:21:39 +0200 Subject: initial checkin Check in contents of upstream 1.4.2 tarball, exclude generated files. --- src/stun/Makefile.am | 15 + src/stun/stun.cxx | 2587 +++++++++++++++++++++++++++++++++++++++++ src/stun/stun.h | 405 +++++++ src/stun/stun_transaction.cpp | 680 +++++++++++ src/stun/stun_transaction.h | 159 +++ src/stun/udp.cxx | 349 ++++++ src/stun/udp.h | 156 +++ 7 files changed, 4351 insertions(+) create mode 100644 src/stun/Makefile.am create mode 100644 src/stun/stun.cxx create mode 100644 src/stun/stun.h create mode 100644 src/stun/stun_transaction.cpp create mode 100644 src/stun/stun_transaction.h create mode 100644 src/stun/udp.cxx create mode 100644 src/stun/udp.h (limited to 'src/stun') diff --git a/src/stun/Makefile.am b/src/stun/Makefile.am new file mode 100644 index 0000000..f52face --- /dev/null +++ b/src/stun/Makefile.am @@ -0,0 +1,15 @@ +AM_CPPFLAGS = \ + -Wall \ + -I$(top_srcdir)/src \ + $(CCRTP_CFLAGS)\ + $(XML2_CFLAGS) + +noinst_LIBRARIES = libstun.a + +libstun_a_SOURCES =\ + stun.cxx\ + stun_transaction.cpp\ + udp.cxx\ + stun.h\ + stun_transaction.h\ + udp.h diff --git a/src/stun/stun.cxx b/src/stun/stun.cxx new file mode 100644 index 0000000..f5e9bc9 --- /dev/null +++ b/src/stun/stun.cxx @@ -0,0 +1,2587 @@ +#include +#include +#include +#include +#include + +#ifdef WIN32 +#include +#include +#include +#include +#else + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#endif + + +#if defined(__sparc__) || defined(WIN32) +#define NOSSL +#endif +#define NOSSL + +#include "udp.h" +#include "stun.h" + +// Twinkle +#include "util.h" +#include "sockets/socket.h" +#include "audits/memman.h" + + +using namespace std; + + +static void +computeHmac(char* hmac, const char* input, int length, const char* key, int keySize); + +static bool +stunParseAtrAddress( char* body, unsigned int hdrLen, StunAtrAddress4& result ) +{ + if ( hdrLen != 8 ) + { + clog << "hdrLen wrong for Address" <= sizeof(result) ) + { + clog << "head on Error too large" << endl; + return false; + } + else + { + memcpy(&result.pad, body, 2); body+=2; + result.pad = ntohs(result.pad); + result.errorClass = *body++; + result.number = *body++; + + result.sizeReason = hdrLen - 4; + memcpy(&result.reason, body, result.sizeReason); + result.reason[result.sizeReason] = 0; + return true; + } +} + +static bool +stunParseAtrUnknown( char* body, unsigned int hdrLen, StunAtrUnknown& result ) +{ + if ( hdrLen >= sizeof(result) ) + { + return false; + } + else + { + if (hdrLen % 4 != 0) return false; + result.numAttributes = hdrLen / 4; + for (int i=0; i= STUN_MAX_STRING ) + { + clog << "String is too large" << endl; + return false; + } + else + { + if (hdrLen % 4 != 0) + { + clog << "Bad length string " << hdrLen << endl; + return false; + } + + result.sizeValue = hdrLen; + memcpy(&result.value, body, hdrLen); + result.value[hdrLen] = 0; + return true; + } +} + + +static bool +stunParseAtrIntegrity( char* body, unsigned int hdrLen, StunAtrIntegrity& result ) +{ + if ( hdrLen != 20) + { + clog << "MessageIntegrity must be 20 bytes" << endl; + return false; + } + else + { + memcpy(&result.hash, body, hdrLen); + return true; + } +} + + +bool +stunParseMessage( char* buf, unsigned int bufLen, StunMessage& msg, bool verbose) +{ + if (verbose) clog << "Received stun message: " << bufLen << " bytes" << endl; + memset(&msg, 0, sizeof(msg)); + + if (sizeof(StunMsgHdr) > bufLen) + { + return false; + } + + memcpy(&msg.msgHdr, buf, sizeof(StunMsgHdr)); + msg.msgHdr.msgType = ntohs(msg.msgHdr.msgType); + msg.msgHdr.msgLength = ntohs(msg.msgHdr.msgLength); + + if (msg.msgHdr.msgLength + sizeof(StunMsgHdr) != bufLen) + { + clog << "Message header length doesn't match message size: " << msg.msgHdr.msgLength << " - " << bufLen << endl; + return false; + } + + char* body = buf + sizeof(StunMsgHdr); + unsigned int size = msg.msgHdr.msgLength; + + //clog << "bytes after header = " << size << endl; + + while ( size > 0 ) + { + // !jf! should check that there are enough bytes left in the buffer + + StunAtrHdr* attr = reinterpret_cast(body); + + unsigned int attrLen = ntohs(attr->length); + int atrType = ntohs(attr->type); + + //if (verbose) clog << "Found attribute type=" << AttrNames[atrType] << " length=" << attrLen << endl; + if ( attrLen+4 > size ) + { + clog << "claims attribute is larger than size of message " <<"(attribute type="<(&ndata), sizeof(UInt16)); + return buf + sizeof(UInt16); +} + +static char* +encode32(char* buf, UInt32 data) +{ + UInt32 ndata = htonl(data); + memcpy(buf, reinterpret_cast(&ndata), sizeof(UInt32)); + return buf + sizeof(UInt32); +} + + +static char* +encode(char* buf, const char* data, unsigned int length) +{ + memcpy(buf, data, length); + return buf + length; +} + + +static char* +encodeAtrAddress4(char* ptr, UInt16 type, const StunAtrAddress4& atr) +{ + ptr = encode16(ptr, type); + ptr = encode16(ptr, 8); + *ptr++ = atr.pad; + *ptr++ = IPv4Family; + ptr = encode16(ptr, atr.ipv4.port); + ptr = encode32(ptr, atr.ipv4.addr); + + return ptr; +} + +static char* +encodeAtrChangeRequest(char* ptr, const StunAtrChangeRequest& atr) +{ + ptr = encode16(ptr, ChangeRequest); + ptr = encode16(ptr, 4); + ptr = encode32(ptr, atr.value); + return ptr; +} + +static char* +encodeAtrError(char* ptr, const StunAtrError& atr) +{ + ptr = encode16(ptr, ErrorCode); + ptr = encode16(ptr, 6 + atr.sizeReason); + ptr = encode16(ptr, atr.pad); + *ptr++ = atr.errorClass; + *ptr++ = atr.number; + ptr = encode(ptr, atr.reason, atr.sizeReason); + return ptr; +} + + +static char* +encodeAtrUnknown(char* ptr, const StunAtrUnknown& atr) +{ + ptr = encode16(ptr, UnknownAttribute); + ptr = encode16(ptr, 2+2*atr.numAttributes); + for (int i=0; i= sizeof(StunMsgHdr)); + char* ptr = buf; + + ptr = encode16(ptr, msg.msgHdr.msgType); + char* lengthp = ptr; + ptr = encode16(ptr, 0); + ptr = encode(ptr, reinterpret_cast(msg.msgHdr.id.octet), sizeof(msg.msgHdr.id)); + + if (verbose) clog << "Encoding stun message: " << endl; + if (msg.hasMappedAddress) + { + if (verbose) clog << "Encoding MappedAddress: " << msg.mappedAddress.ipv4 << endl; + ptr = encodeAtrAddress4 (ptr, MappedAddress, msg.mappedAddress); + } + if (msg.hasResponseAddress) + { + if (verbose) clog << "Encoding ResponseAddress: " << msg.responseAddress.ipv4 << endl; + ptr = encodeAtrAddress4(ptr, ResponseAddress, msg.responseAddress); + } + if (msg.hasChangeRequest) + { + if (verbose) clog << "Encoding ChangeRequest: " << msg.changeRequest.value << endl; + ptr = encodeAtrChangeRequest(ptr, msg.changeRequest); + } + if (msg.hasSourceAddress) + { + if (verbose) clog << "Encoding SourceAddress: " << msg.sourceAddress.ipv4 << endl; + ptr = encodeAtrAddress4(ptr, SourceAddress, msg.sourceAddress); + } + if (msg.hasChangedAddress) + { + if (verbose) clog << "Encoding ChangedAddress: " << msg.changedAddress.ipv4 << endl; + ptr = encodeAtrAddress4(ptr, ChangedAddress, msg.changedAddress); + } + if (msg.hasUsername) + { + if (verbose) clog << "Encoding Username: " << msg.username.value << endl; + ptr = encodeAtrString(ptr, Username, msg.username); + } + if (msg.hasPassword) + { + if (verbose) clog << "Encoding Password: " << msg.password.value << endl; + ptr = encodeAtrString(ptr, Password, msg.password); + } + if (msg.hasErrorCode) + { + if (verbose) clog << "Encoding ErrorCode: class=" + << int(msg.errorCode.errorClass) + << " number=" << int(msg.errorCode.number) + << " reason=" + << msg.errorCode.reason + << endl; + + ptr = encodeAtrError(ptr, msg.errorCode); + } + if (msg.hasUnknownAttributes) + { + if (verbose) clog << "Encoding UnknownAttribute: ???" << endl; + ptr = encodeAtrUnknown(ptr, msg.unknownAttributes); + } + if (msg.hasReflectedFrom) + { + if (verbose) clog << "Encoding ReflectedFrom: " << msg.reflectedFrom.ipv4 << endl; + ptr = encodeAtrAddress4(ptr, ReflectedFrom, msg.reflectedFrom); + } + if (msg.hasXorMappedAddress) + { + if (verbose) clog << "Encoding XorMappedAddress: " << msg.xorMappedAddress.ipv4 << endl; + ptr = encodeAtrAddress4 (ptr, XorMappedAddress, msg.xorMappedAddress); + } + if (msg.xorOnly) + { + if (verbose) clog << "Encoding xorOnly: " << endl; + ptr = encodeXorOnly( ptr ); + } + if (msg.hasServerName) + { + if (verbose) clog << "Encoding ServerName: " << msg.serverName.value << endl; + ptr = encodeAtrString(ptr, ServerName, msg.serverName); + } + if (msg.hasSecondaryAddress) + { + if (verbose) clog << "Encoding SecondaryAddress: " << msg.secondaryAddress.ipv4 << endl; + ptr = encodeAtrAddress4 (ptr, SecondaryAddress, msg.secondaryAddress); + } + + if (password.sizeValue > 0) + { + if (verbose) clog << "HMAC with password: " << password.value << endl; + + StunAtrIntegrity integrity; + computeHmac(integrity.hash, buf, int(ptr-buf) , password.value, password.sizeValue); + ptr = encodeAtrIntegrity(ptr, integrity); + } + if (verbose) clog << endl; + + encode16(lengthp, UInt16(ptr - buf - sizeof(StunMsgHdr))); + return int(ptr - buf); +} + +int +stunRand() +{ + // return 32 bits of random stuff + assert( sizeof(int) == 4 ); + static bool init=false; + if ( !init ) + { + init = true; + + UInt64 tick; + +// Twinkle: removed platform dependent code (except WIN32 code) + +#if defined(WIN32) + volatile unsigned int lowtick=0,hightick=0; + __asm + { + rdtsc + mov lowtick, eax + mov hightick, edx + } + tick = hightick; + tick <<= 32; + tick |= lowtick; +#else + tick = time(NULL); +#endif + int seed = int(tick); +#ifdef WIN32 + srand(seed); +#else + srandom(seed); +#endif + } + +#ifdef WIN32 + assert( RAND_MAX == 0x7fff ); + int r1 = rand(); + int r2 = rand(); + + int ret = (r1<<16) + r2; + + return ret; +#else + return random(); +#endif +} + + +/// return a random number to use as a port +static int +randomPort() +{ + int min=0x4000; + int max=0x7FFF; + + int ret = stunRand(); + ret = ret|min; + ret = ret&max; + + return ret; +} + + +#ifdef NOSSL +static void +computeHmac(char* hmac, const char* input, int length, const char* key, int sizeKey) +{ + strncpy(hmac,"hmac-not-implemented",20); +} +#else +#include + +static void +computeHmac(char* hmac, const char* input, int length, const char* key, int sizeKey) +{ + unsigned int resultSize=0; + HMAC(EVP_sha1(), + key, sizeKey, + reinterpret_cast(input), length, + reinterpret_cast(hmac), &resultSize); + assert(resultSize == 20); +} +#endif + + +static void +toHex(const char* buffer, int bufferSize, char* output) +{ + static char hexmap[] = "0123456789abcdef"; + + const char* p = buffer; + char* r = output; + for (int i=0; i < bufferSize; i++) + { + unsigned char temp = *p++; + + int hi = (temp & 0xf0)>>4; + int low = (temp & 0xf); + + *r++ = hexmap[hi]; + *r++ = hexmap[low]; + } + *r = 0; +} + +void +stunCreateUserName(const StunAddress4& source, StunAtrString* username) +{ + UInt64 time = stunGetSystemTimeSecs(); + time -= (time % 20*60); + //UInt64 hitime = time >> 32; + UInt64 lotime = time & 0xFFFFFFFF; + + char buffer[1024]; + sprintf(buffer, + "%08x:%08x:%08x:", + UInt32(source.addr), + UInt32(stunRand()), + UInt32(lotime)); + assert( strlen(buffer) < 1024 ); + + assert(strlen(buffer) + 41 < STUN_MAX_STRING); + + char hmac[20]; + char key[] = "Jason"; + computeHmac(hmac, buffer, strlen(buffer), key, strlen(key) ); + char hmacHex[41]; + toHex(hmac, 20, hmacHex ); + hmacHex[40] =0; + + strcat(buffer,hmacHex); + + int l = strlen(buffer); + assert( l+1 < STUN_MAX_STRING ); + assert( l%4 == 0 ); + + username->sizeValue = l; + memcpy(username->value,buffer,l); + username->value[l]=0; + + //if (verbose) clog << "computed username=" << username.value << endl; +} + +void +stunCreatePassword(const StunAtrString& username, StunAtrString* password) +{ + char hmac[20]; + char key[] = "Fluffy"; + //char buffer[STUN_MAX_STRING]; + computeHmac(hmac, username.value, strlen(username.value), key, strlen(key)); + toHex(hmac, 20, password->value); + password->sizeValue = 40; + password->value[40]=0; + + //clog << "password=" << password->value << endl; +} + + +UInt64 +stunGetSystemTimeSecs() +{ + UInt64 time=0; +#if defined(WIN32) + SYSTEMTIME t; + // CJ TODO - this probably has bug on wrap around every 24 hours + GetSystemTime( &t ); + time = (t.wHour*60+t.wMinute)*60+t.wSecond; +#else + struct timeval now; + gettimeofday( &now , NULL ); + //assert( now ); + time = now.tv_sec; +#endif + return time; +} + + +ostream& operator<< ( ostream& strm, const UInt128& r ) +{ + strm << int(r.octet[0]); + for ( int i=1; i<16; i++ ) + { + strm << ':' << int(r.octet[i]); + } + + return strm; +} + +ostream& +operator<<( ostream& strm, const StunAddress4& addr) +{ + UInt32 ip = addr.addr; + strm << ((int)(ip>>24)&0xFF) << "."; + strm << ((int)(ip>>16)&0xFF) << "."; + strm << ((int)(ip>> 8)&0xFF) << "."; + strm << ((int)(ip>> 0)&0xFF) ; + + strm << ":" << addr.port; + + return strm; +} + + +// returns true if it scucceeded +bool +stunParseHostName( char* peerName, + UInt32& ip, + UInt16& portVal, + UInt16 defaultPort ) +{ + in_addr sin_addr; + + char host[512]; + strncpy(host,peerName,512); + host[512-1]='\0'; + char* port = NULL; + + int portNum = defaultPort; + + // pull out the port part if present. + char* sep = strchr(host,':'); + + if ( sep == NULL ) + { + portNum = defaultPort; + } + else + { + *sep = '\0'; + port = sep + 1; + // set port part + + char* endPtr=NULL; + + portNum = strtol(port,&endPtr,10); + + if ( endPtr != NULL ) + { + if ( *endPtr != '\0' ) + { + portNum = defaultPort; + } + } + } + + if ( portNum < 1024 ) return false; + if ( portNum >= 0xFFFF ) return false; + + // figure out the host part + struct hostent* h; + +#ifdef WIN32 + assert( strlen(host) >= 1 ); + if ( isdigit( host[0] ) ) + { + // assume it is a ip address + unsigned long a = inet_addr(host); + //cerr << "a=0x" << hex << a << dec << endl; + + ip = ntohl( a ); + } + else + { + // assume it is a host name + h = gethostbyname( host ); + + if ( h == NULL ) + { + int err = getErrno(); + std::cerr << "error was " << err << std::endl; + assert( err != WSANOTINITIALISED ); + + ip = ntohl( 0x7F000001L ); + + return false; + } + else + { + sin_addr = *(struct in_addr*)h->h_addr; + ip = ntohl( sin_addr.s_addr ); + } + } + +#else + h = gethostbyname( host ); + if ( h == NULL ) + { + int err = getErrno(); + std::cerr << "error was " << err << std::endl; + ip = ntohl( 0x7F000001L ); + return false; + } + else + { + sin_addr = *(struct in_addr*)h->h_addr; + ip = ntohl( sin_addr.s_addr ); + } +#endif + + portVal = portNum; + + return true; +} + + +bool +stunParseServerName( char* name, StunAddress4& addr) +{ + assert(name); + + // TODO - put in DNS SRV stuff. + + bool ret = stunParseHostName( name, addr.addr, addr.port, 3478); + if ( ret != true ) + { + addr.port=0xFFFF; + } + return ret; +} + + +static void +stunCreateErrorResponse(StunMessage& response, int cl, int number, const char* msg) +{ + response.msgHdr.msgType = BindErrorResponseMsg; + response.hasErrorCode = true; + response.errorCode.errorClass = cl; + response.errorCode.number = number; + strcpy(response.errorCode.reason, msg); +} + +// Twinkle +StunMessage *stunBuildError(const StunMessage &m, int code, const char *reason) { + StunMessage *err = new StunMessage(); + MEMMAN_NEW(err); + + stunCreateErrorResponse(*err, code / 100, code % 100, reason); + + for ( int i=0; i<16; i++ ) + { + err->msgHdr.id.octet[i] = m.msgHdr.id.octet[i]; + } + + return err; +} + +string stunMsg2Str(const StunMessage &m) { + string s = "STUN "; + + // Message type + if (m.msgHdr.msgType == BindRequestMsg) { + s += "Bind Request"; + } else if (m.msgHdr.msgType == BindResponseMsg) { + s += "Bind Response"; + } else if (m.msgHdr.msgType == BindErrorResponseMsg) { + s += "Bind Error Response"; + } else if (m.msgHdr.msgType == SharedSecretRequestMsg) { + s += "Shared Secret Request"; + } else if (m.msgHdr.msgType == SharedSecretResponseMsg) { + s += "Shared Secret Response"; + } else if (m.msgHdr.msgType == SharedSecretErrorResponseMsg) { + s += "Shared Secret Error Response"; + } + s += "\n"; + + // Message ID + s += "ID = "; + for ( int i=0; i<16; i++ ) { + char buf[3]; + snprintf(buf, 3, "%X", m.msgHdr.id.octet[i]); + s += buf; + } + s += "\n"; + + if (m.hasMappedAddress) { + s += "Mapped Addres = "; + s += h_ip2str(m.mappedAddress.ipv4.addr); + s += ':'; + s += int2str(m.mappedAddress.ipv4.port); + s += "\n"; + } + + + if (m.hasResponseAddress) { + s += "Response Addres = "; + s += h_ip2str(m.responseAddress.ipv4.addr); + s += ':'; + s += int2str(m.responseAddress.ipv4.port); + s += "\n"; + } + + if (m.hasChangeRequest) { + s += "Change Request = "; + bool change_flags = false; + if (m.changeRequest.value & ChangeIpFlag) { + s += "change IP"; + change_flags = true; + } + if (m.changeRequest.value & ChangePortFlag) { + if (change_flags) s += ", "; + s += "change port"; + change_flags = true; + } + if (!change_flags) s += "none"; + s += "\n"; + } + + if (m.hasSourceAddress) { + s += "Source Addres = "; + s += h_ip2str(m.sourceAddress.ipv4.addr); + s += ':'; + s += int2str(m.sourceAddress.ipv4.port); + s += "\n"; + } + + if (m.hasChangedAddress) { + s += "Changed Addres = "; + s += h_ip2str(m.changedAddress.ipv4.addr); + s += ':'; + s += int2str(m.changedAddress.ipv4.port); + s += "\n"; + } + + if (m.hasErrorCode) { + s += "Error Code = "; + s += int2str(m.errorCode.errorClass * 100 + m.errorCode.number); + s += ' '; + s += m.errorCode.reason; + s += "\n"; + } + + return s; +} + +bool stunEqualId(const StunMessage &m1, const StunMessage &m2) { + for ( int i=0; i<16; i++ ) + { + if (m1.msgHdr.id.octet[i] != m2.msgHdr.id.octet[i]) { + return false; + } + } + + return true; +} + +string stunNatType2Str(NatType t) { + switch (t) { + case StunTypeUnknown: + return "Unknow"; + case StunTypeOpen: + return "Open"; + case StunTypeConeNat: + return "Full cone"; + case StunTypeRestrictedNat: + return "Restriced cone"; + case StunTypePortRestrictedNat: + return "Port restricted cone"; + case StunTypeSymNat: + return "Symmetric"; + case StunTypeSymFirewall: + return "Symmetric firewall;"; + case StunTypeBlocked: + return "Blocked."; + case StunTypeFailure: + return "Failed"; + default: + return "NULL"; + } +} +// Twinkle + +#if 0 +static void +stunCreateSharedSecretErrorResponse(StunMessage& response, int cl, int number, const char* msg) +{ + response.msgHdr.msgType = SharedSecretErrorResponseMsg; + response.hasErrorCode = true; + response.errorCode.errorClass = cl; + response.errorCode.number = number; + strcpy(response.errorCode.reason, msg); +} +#endif + +static void +stunCreateSharedSecretResponse(const StunMessage& request, const StunAddress4& source, StunMessage& response) +{ + response.msgHdr.msgType = SharedSecretResponseMsg; + response.msgHdr.id = request.msgHdr.id; + + response.hasUsername = true; + stunCreateUserName( source, &response.username); + + response.hasPassword = true; + stunCreatePassword( response.username, &response.password); +} + + +// This funtion takes a single message sent to a stun server, parses +// and constructs an apropriate repsonse - returns true if message is +// valid +bool +stunServerProcessMsg( char* buf, + unsigned int bufLen, + StunAddress4& from, + StunAddress4& secondary, + StunAddress4& myAddr, + StunAddress4& altAddr, + StunMessage* resp, + StunAddress4* destination, + StunAtrString* hmacPassword, + bool* changePort, + bool* changeIp, + bool verbose) +{ + + // set up information for default response + + memset( resp, 0 , sizeof(*resp) ); + + *changeIp = false; + *changePort = false; + + StunMessage req; + bool ok = stunParseMessage( buf,bufLen, req, verbose); + + if (!ok) // Complete garbage, drop it on the floor + { + if (verbose) clog << "Request did not parse" << endl; + return false; + } + if (verbose) clog << "Request parsed ok" << endl; + + StunAddress4 mapped = req.mappedAddress.ipv4; + StunAddress4 respondTo = req.responseAddress.ipv4; + UInt32 flags = req.changeRequest.value; + + switch (req.msgHdr.msgType) + { + case SharedSecretRequestMsg: + if(verbose) clog << "Received SharedSecretRequestMsg on udp. send error 433." << endl; + // !cj! - should fix so you know if this came over TLS or UDP + stunCreateSharedSecretResponse(req, from, *resp); + //stunCreateSharedSecretErrorResponse(*resp, 4, 33, "this request must be over TLS"); + return true; + + case BindRequestMsg: + if (!req.hasMessageIntegrity) + { + if (verbose) clog << "BindRequest does not contain MessageIntegrity" << endl; + + if (0) // !jf! mustAuthenticate + { + if(verbose) clog << "Received BindRequest with no MessageIntegrity. Sending 401." << endl; + stunCreateErrorResponse(*resp, 4, 1, "Missing MessageIntegrity"); + return true; + } + } + else + { + if (!req.hasUsername) + { + if (verbose) clog << "No UserName. Send 432." << endl; + stunCreateErrorResponse(*resp, 4, 32, "No UserName and contains MessageIntegrity"); + return true; + } + else + { + if (verbose) clog << "Validating username: " << req.username.value << endl; + // !jf! could retrieve associated password from provisioning here + if (strcmp(req.username.value, "test") == 0) + { + if (0) + { + // !jf! if the credentials are stale + stunCreateErrorResponse(*resp, 4, 30, "Stale credentials on BindRequest"); + return true; + } + else + { + if (verbose) clog << "Validating MessageIntegrity" << endl; + // need access to shared secret + + unsigned char hmac[20]; +#ifndef NOSSL + unsigned int hmacSize=20; + + HMAC(EVP_sha1(), + "1234", 4, + reinterpret_cast(buf), bufLen-20-4, + hmac, &hmacSize); + assert(hmacSize == 20); +#endif + + if (memcmp(buf, hmac, 20) != 0) + { + if (verbose) clog << "MessageIntegrity is bad. Sending " << endl; + stunCreateErrorResponse(*resp, 4, 3, "Unknown username. Try test with password 1234"); + return true; + } + + // need to compute this later after message is filled in + resp->hasMessageIntegrity = true; + assert(req.hasUsername); + resp->hasUsername = true; + resp->username = req.username; // copy username in + } + } + else + { + if (verbose) clog << "Invalid username: " << req.username.value << "Send 430." << endl; + } + } + } + + // TODO !jf! should check for unknown attributes here and send 420 listing the + // unknown attributes. + + if ( respondTo.port == 0 ) respondTo = from; + if ( mapped.port == 0 ) mapped = from; + + *changeIp = ( flags & ChangeIpFlag )?true:false; + *changePort = ( flags & ChangePortFlag )?true:false; + + if (verbose) + { + clog << "Request is valid:" << endl; + clog << "\t flags=" << flags << endl; + clog << "\t changeIp=" << *changeIp << endl; + clog << "\t changePort=" << *changePort << endl; + clog << "\t from = " << from << endl; + clog << "\t respond to = " << respondTo << endl; + clog << "\t mapped = " << mapped << endl; + } + + // form the outgoing message + resp->msgHdr.msgType = BindResponseMsg; + for ( int i=0; i<16; i++ ) + { + resp->msgHdr.id.octet[i] = req.msgHdr.id.octet[i]; + } + + if ( req.xorOnly == false ) + { + resp->hasMappedAddress = true; + resp->mappedAddress.ipv4.port = mapped.port; + resp->mappedAddress.ipv4.addr = mapped.addr; + } + + if (1) // do xorMapped address or not + { + resp->hasXorMappedAddress = true; + UInt16 id16 = req.msgHdr.id.octet[7]<<8 + | req.msgHdr.id.octet[6]; + UInt32 id32 = req.msgHdr.id.octet[7]<<24 + | req.msgHdr.id.octet[6]<<16 + | req.msgHdr.id.octet[5]<<8 + | req.msgHdr.id.octet[4];; + resp->xorMappedAddress.ipv4.port = mapped.port^id16; + resp->xorMappedAddress.ipv4.addr = mapped.addr^id32; + } + + resp->hasSourceAddress = true; + resp->sourceAddress.ipv4.port = (*changePort) ? altAddr.port : myAddr.port; + resp->sourceAddress.ipv4.addr = (*changeIp) ? altAddr.addr : myAddr.addr; + + resp->hasChangedAddress = true; + resp->changedAddress.ipv4.port = altAddr.port; + resp->changedAddress.ipv4.addr = altAddr.addr; + + if ( secondary.port != 0 ) + { + resp->hasSecondaryAddress = true; + resp->secondaryAddress.ipv4.port = secondary.port; + resp->secondaryAddress.ipv4.addr = secondary.addr; + } + + if ( req.hasUsername && req.username.sizeValue > 0 ) + { + // copy username in + resp->hasUsername = true; + assert( req.username.sizeValue % 4 == 0 ); + assert( req.username.sizeValue < STUN_MAX_STRING ); + memcpy( resp->username.value, req.username.value, req.username.sizeValue ); + resp->username.sizeValue = req.username.sizeValue; + } + + if (1) // add ServerName + { + resp->hasServerName = true; + const char serverName[] = "Vovida.org " STUN_VERSION; // must pad to mult of 4 + + assert( sizeof(serverName) < STUN_MAX_STRING ); + //cerr << "sizeof serverName is " << sizeof(serverName) << endl; + assert( sizeof(serverName)%4 == 0 ); + memcpy( resp->serverName.value, serverName, sizeof(serverName)); + resp->serverName.sizeValue = sizeof(serverName); + } + + if ( req.hasMessageIntegrity & req.hasUsername ) + { + // this creates the password that will be used in the HMAC when then + // messages is sent + stunCreatePassword( req.username, hmacPassword ); + } + + if (req.hasUsername && (req.username.sizeValue > 64 ) ) + { + UInt32 source; + assert( sizeof(int) == sizeof(UInt32) ); + + sscanf(req.username.value, "%x", &source); + resp->hasReflectedFrom = true; + resp->reflectedFrom.ipv4.port = 0; + resp->reflectedFrom.ipv4.addr = source; + } + + destination->port = respondTo.port; + destination->addr = respondTo.addr; + + return true; + + default: + if (verbose) clog << "Unknown or unsupported request " << endl; + return false; + } + + assert(0); + return false; +} + +bool +stunInitServer(StunServerInfo& info, const StunAddress4& myAddr, const StunAddress4& altAddr, int startMediaPort, bool verbose ) +{ + assert( myAddr.port != 0 ); + assert( altAddr.port!= 0 ); + assert( myAddr.addr != 0 ); + //assert( altAddr.addr != 0 ); + + info.myAddr = myAddr; + info.altAddr = altAddr; + + info.myFd = INVALID_SOCKET; + info.altPortFd = INVALID_SOCKET; + info.altIpFd = INVALID_SOCKET; + info.altIpPortFd = INVALID_SOCKET; + + memset(info.relays, 0, sizeof(info.relays)); + if (startMediaPort > 0) + { + info.relay = true; + + for (int i=0; irelayPort = startMediaPort+i; + relay->fd = 0; + relay->expireTime = 0; + } + } + else + { + info.relay = false; + } + + if ((info.myFd = openPort(myAddr.port, myAddr.addr,verbose)) == INVALID_SOCKET) + { + clog << "Can't open " << myAddr << endl; + stunStopServer(info); + + return false; + } + //if (verbose) clog << "Opened " << myAddr.addr << ":" << myAddr.port << " --> " << info.myFd << endl; + + if ((info.altPortFd = openPort(altAddr.port,myAddr.addr,verbose)) == INVALID_SOCKET) + { + clog << "Can't open " << myAddr << endl; + stunStopServer(info); + return false; + } + //if (verbose) clog << "Opened " << myAddr.addr << ":" << altAddr.port << " --> " << info.altPortFd << endl; + + + info.altIpFd = INVALID_SOCKET; + if ( altAddr.addr != 0 ) + { + if ((info.altIpFd = openPort( myAddr.port, altAddr.addr,verbose)) == INVALID_SOCKET) + { + clog << "Can't open " << altAddr << endl; + stunStopServer(info); + return false; + } + //if (verbose) clog << "Opened " << altAddr.addr << ":" << myAddr.port << " --> " << info.altIpFd << endl;; + } + + info.altIpPortFd = INVALID_SOCKET; + if ( altAddr.addr != 0 ) + { if ((info.altIpPortFd = openPort(altAddr.port, altAddr.addr,verbose)) == INVALID_SOCKET) + { + clog << "Can't open " << altAddr << endl; + stunStopServer(info); + return false; + } + //if (verbose) clog << "Opened " << altAddr.addr << ":" << altAddr.port << " --> " << info.altIpPortFd << endl;; + } + + return true; +} + +void +stunStopServer(StunServerInfo& info) +{ + if (info.myFd > 0) closesocket(info.myFd); + if (info.altPortFd > 0) closesocket(info.altPortFd); + if (info.altIpFd > 0) closesocket(info.altIpFd); + if (info.altIpPortFd > 0) closesocket(info.altIpPortFd); + + if (info.relay) + { + for (int i=0; ifd) + { + closesocket(relay->fd); + relay->fd = 0; + } + } + } +} + + +bool +stunServerProcess(StunServerInfo& info, bool verbose) +{ + char msg[STUN_MAX_MESSAGE_SIZE]; + int msgLen = sizeof(msg); + + bool ok = false; + bool recvAltIp =false; + bool recvAltPort = false; + + fd_set fdSet; +#ifdef WIN32 + unsigned int maxFd=0; +#else + int maxFd=0; +#endif + FD_ZERO(&fdSet); + FD_SET(info.myFd,&fdSet); + if ( info.myFd >= maxFd ) maxFd=info.myFd+1; + FD_SET(info.altPortFd,&fdSet); + if ( info.altPortFd >= maxFd ) maxFd=info.altPortFd+1; + + if ( info.altIpFd != INVALID_SOCKET ) + { + FD_SET(info.altIpFd,&fdSet); + if (info.altIpFd>=maxFd) maxFd=info.altIpFd+1; + } + if ( info.altIpPortFd != INVALID_SOCKET ) + { + FD_SET(info.altIpPortFd,&fdSet); + if (info.altIpPortFd>=maxFd) maxFd=info.altIpPortFd+1; + } + + if (info.relay) + { + for (int i=0; ifd) + { + FD_SET(relay->fd, &fdSet); + if (relay->fd >= maxFd) maxFd=relay->fd+1; + } + } + } + + if ( info.altIpFd != INVALID_SOCKET ) + { + FD_SET(info.altIpFd,&fdSet); + if (info.altIpFd>=maxFd) maxFd=info.altIpFd+1; + } + if ( info.altIpPortFd != INVALID_SOCKET ) + { + FD_SET(info.altIpPortFd,&fdSet); + if (info.altIpPortFd>=maxFd) maxFd=info.altIpPortFd+1; + } + + struct timeval tv; + tv.tv_sec = 0; + tv.tv_usec = 1000; + + int e = select( maxFd, &fdSet, NULL,NULL, &tv ); + if (e < 0) + { + int err = getErrno(); + clog << "Error on select: " << strerror(err) << endl; + } + else if (e >= 0) + { + StunAddress4 from; + + // do the media relaying + if (info.relay) + { + time_t now = time(0); + for (int i=0; ifd) + { + if (FD_ISSET(relay->fd, &fdSet)) + { + char msg[MAX_RTP_MSG_SIZE]; + int msgLen = sizeof(msg); + + StunAddress4 rtpFrom; + ok = getMessage( relay->fd, msg, &msgLen, &rtpFrom.addr, &rtpFrom.port ,verbose); + if (ok) + { + sendMessage(info.myFd, msg, msgLen, relay->destination.addr, relay->destination.port, verbose); + relay->expireTime = now + MEDIA_RELAY_TIMEOUT; + if ( verbose ) clog << "Relay packet on " + << relay->fd + << " from " << rtpFrom + << " -> " << relay->destination + << endl; + } + } + else if (now > relay->expireTime) + { + closesocket(relay->fd); + relay->fd = 0; + } + } + } + } + + + if (FD_ISSET(info.myFd,&fdSet)) + { + if (verbose) clog << "received on A1:P1" << endl; + recvAltIp = false; + recvAltPort = false; + ok = getMessage( info.myFd, msg, &msgLen, &from.addr, &from.port,verbose ); + } + else if (FD_ISSET(info.altPortFd, &fdSet)) + { + if (verbose) clog << "received on A1:P2" << endl; + recvAltIp = false; + recvAltPort = true; + ok = getMessage( info.altPortFd, msg, &msgLen, &from.addr, &from.port,verbose ); + } + else if ( (info.altIpFd!=INVALID_SOCKET) && FD_ISSET(info.altIpFd,&fdSet)) + { + if (verbose) clog << "received on A2:P1" << endl; + recvAltIp = true; + recvAltPort = false; + ok = getMessage( info.altIpFd, msg, &msgLen, &from.addr, &from.port ,verbose); + } + else if ( (info.altIpPortFd!=INVALID_SOCKET) && FD_ISSET(info.altIpPortFd, &fdSet)) + { + if (verbose) clog << "received on A2:P2" << endl; + recvAltIp = true; + recvAltPort = true; + ok = getMessage( info.altIpPortFd, msg, &msgLen, &from.addr, &from.port,verbose ); + } + else + { + return true; + } + + int relayPort = 0; + if (info.relay) + { + for (int i=0; idestination.addr == from.addr && + relay->destination.port == from.port) + { + relayPort = relay->relayPort; + relay->expireTime = time(0) + MEDIA_RELAY_TIMEOUT; + break; + } + } + + if (relayPort == 0) + { + for (int i=0; ifd == 0) + { + if ( verbose ) clog << "Open relay port " << relay->relayPort << endl; + + relay->fd = openPort(relay->relayPort, info.myAddr.addr, verbose); + relay->destination.addr = from.addr; + relay->destination.port = from.port; + relay->expireTime = time(0) + MEDIA_RELAY_TIMEOUT; + relayPort = relay->relayPort; + break; + } + } + } + } + + if ( !ok ) + { + if ( verbose ) clog << "Get message did not return a valid message" < 0) && ( count < maxRet) ) + { + struct ifreq* ifr = (struct ifreq *)ptr; + + int si = sizeof(ifr->ifr_name) + sizeof(struct sockaddr); + tl -= si; + ptr += si; + //char* name = ifr->ifr_ifrn.ifrn_name; + //cerr << "name = " << name << endl; + + struct ifreq ifr2; + ifr2 = *ifr; + + e = ioctl(s,SIOCGIFADDR,&ifr2); + if ( e == -1 ) + { + break; + } + + //cerr << "ioctl addr e = " << e << endl; + + struct sockaddr a = ifr2.ifr_addr; + struct sockaddr_in* addr = (struct sockaddr_in*) &a; + + UInt32 ai = ntohl( addr->sin_addr.s_addr ); + if (int((ai>>24)&0xFF) != 127) + { + addresses[count++] = ai; + } + +#if 0 + cerr << "Detected interface " + << int((ai>>24)&0xFF) << "." + << int((ai>>16)&0xFF) << "." + << int((ai>> 8)&0xFF) << "." + << int((ai )&0xFF) << endl; +#endif + } + + closesocket(s); + + return count; +#endif +} + + +void +stunBuildReqSimple( StunMessage* msg, + const StunAtrString& username, + bool changePort, bool changeIp, unsigned int id ) +{ + assert( msg ); + memset( msg , 0 , sizeof(*msg) ); + + msg->msgHdr.msgType = BindRequestMsg; + + for ( int i=0; i<16; i=i+4 ) + { + assert(i+3<16); + int r = stunRand(); + msg->msgHdr.id.octet[i+0]= r>>0; + msg->msgHdr.id.octet[i+1]= r>>8; + msg->msgHdr.id.octet[i+2]= r>>16; + msg->msgHdr.id.octet[i+3]= r>>24; + } + + if ( id != 0 ) + { + msg->msgHdr.id.octet[0] = id; + } + + msg->hasChangeRequest = true; + msg->changeRequest.value =(changeIp?ChangeIpFlag:0) | + (changePort?ChangePortFlag:0); + + if ( username.sizeValue > 0 ) + { + msg->hasUsername = true; + msg->username = username; + } +} + + +static void +stunSendTest( StunSocket myFd, StunAddress4& dest, + const StunAtrString& username, const StunAtrString& password, + int testNum, bool verbose ) +{ + assert( dest.addr != 0 ); + assert( dest.port != 0 ); + + bool changePort=false; + bool changeIP=false; + bool discard=false; + + switch (testNum) + { + case 1: + case 10: + case 11: + break; + case 2: + //changePort=true; + changeIP=true; + break; + case 3: + changePort=true; + break; + case 4: + changeIP=true; + break; + case 5: + discard=true; + break; + default: + cerr << "Test " << testNum <<" is unkown\n"; + assert(0); + } + + StunMessage req; + memset(&req, 0, sizeof(StunMessage)); + + stunBuildReqSimple( &req, username, + changePort , changeIP , + testNum ); + + char buf[STUN_MAX_MESSAGE_SIZE]; + int len = STUN_MAX_MESSAGE_SIZE; + + len = stunEncodeMessage( req, buf, len, password,verbose ); + + if ( verbose ) + { + clog << "About to send msg of len " << len << " to " << dest << endl; + } + + sendMessage( myFd, buf, len, dest.addr, dest.port, verbose ); + + // add some delay so the packets don't get sent too quickly +#ifdef WIN32 // !cj! TODO - should fix this up in windows + clock_t now = clock(); + assert( CLOCKS_PER_SEC == 1000 ); + while ( clock() <= now+10 ) { }; +#else + usleep(10*1000); +#endif + +} + + +void +stunGetUserNameAndPassword( const StunAddress4& dest, + StunAtrString* username, + StunAtrString* password) +{ + // !cj! This is totally bogus - need to make TLS connection to dest and get a + // username and password to use + stunCreateUserName(dest, username); + stunCreatePassword(*username, password); +} + + +void +stunTest( StunAddress4& dest, int testNum, bool verbose, StunAddress4* sAddr ) +{ + assert( dest.addr != 0 ); + assert( dest.port != 0 ); + + int port = randomPort(); + UInt32 interfaceIp=0; + if (sAddr) + { + interfaceIp = sAddr->addr; + if ( sAddr->port != 0 ) + { + port = sAddr->port; + } + } + StunSocket myFd = openPort(port,interfaceIp,verbose); + + StunAtrString username; + StunAtrString password; + + username.sizeValue = 0; + password.sizeValue = 0; + +#ifdef USE_TLS + stunGetUserNameAndPassword( dest, username, password ); +#endif + + stunSendTest( myFd, dest, username, password, testNum, verbose ); + + char msg[STUN_MAX_MESSAGE_SIZE]; + int msgLen = STUN_MAX_MESSAGE_SIZE; + + StunAddress4 from; + getMessage( myFd, + msg, + &msgLen, + &from.addr, + &from.port,verbose ); + + StunMessage resp; + memset(&resp, 0, sizeof(StunMessage)); + + if ( verbose ) clog << "Got a response" << endl; + bool ok = stunParseMessage( msg,msgLen, resp,verbose ); + + if ( verbose ) + { + clog << "\t ok=" << ok << endl; + clog << "\t id=" << resp.msgHdr.id << endl; + clog << "\t mappedAddr=" << resp.mappedAddress.ipv4 << endl; + clog << "\t changedAddr=" << resp.changedAddress.ipv4 << endl; + clog << endl; + } + + if (sAddr) + { + sAddr->port = resp.mappedAddress.ipv4.port; + sAddr->addr = resp.mappedAddress.ipv4.addr; + } +} + + +NatType +stunNatType( StunAddress4& dest, + bool verbose, + bool* preservePort, // if set, is return for if NAT preservers ports or not + bool* hairpin, // if set, is the return for if NAT will hairpin packets + int port, // port to use for the test, 0 to choose random port + StunAddress4* sAddr // NIC to use + ) +{ + assert( dest.addr != 0 ); + assert( dest.port != 0 ); + + if ( hairpin ) + { + *hairpin = false; + } + + if ( port == 0 ) + { + port = randomPort(); + } + UInt32 interfaceIp=0; + if (sAddr) + { + interfaceIp = sAddr->addr; + } + StunSocket myFd1 = openPort(port,interfaceIp,verbose); + StunSocket myFd2 = openPort(port+1,interfaceIp,verbose); + + if ( ( myFd1 == INVALID_SOCKET) || ( myFd2 == INVALID_SOCKET) ) + { + cerr << "Some problem opening port/interface to send on" << endl; + return StunTypeFailure; + } + + assert( myFd1 != INVALID_SOCKET ); + assert( myFd2 != INVALID_SOCKET ); + + bool respTestI=false; + bool isNat=true; + StunAddress4 testIchangedAddr; + StunAddress4 testImappedAddr; + bool respTestI2=false; + bool mappedIpSame = true; + StunAddress4 testI2mappedAddr; + StunAddress4 testI2dest=dest; + bool respTestII=false; + bool respTestIII=false; + + bool respTestHairpin=false; + + memset(&testImappedAddr,0,sizeof(testImappedAddr)); + + StunAtrString username; + StunAtrString password; + + username.sizeValue = 0; + password.sizeValue = 0; + +#ifdef USE_TLS + stunGetUserNameAndPassword( dest, username, password ); +#endif + + //stunSendTest( myFd1, dest, username, password, 1, verbose ); + int count=0; + while ( count < 7 ) + { + struct timeval tv; + fd_set fdSet; +#ifdef WIN32 + unsigned int fdSetSize; +#else + int fdSetSize; +#endif + FD_ZERO(&fdSet); fdSetSize=0; + FD_SET(myFd1,&fdSet); fdSetSize = (myFd1+1>fdSetSize) ? myFd1+1 : fdSetSize; + FD_SET(myFd2,&fdSet); fdSetSize = (myFd2+1>fdSetSize) ? myFd2+1 : fdSetSize; + tv.tv_sec=0; + tv.tv_usec=150*1000; // 150 ms + if ( count == 0 ) tv.tv_usec=0; + + int err = select(fdSetSize, &fdSet, NULL, NULL, &tv); + int e = getErrno(); + if ( err == SOCKET_ERROR ) + { + // error occured + cerr << "Error " << e << " " << strerror(e) << " in select" << endl; + closesocket(myFd1); + closesocket(myFd2); + return StunTypeFailure; + } + else if ( err == 0 ) + { + // timeout occured + count++; + + if ( !respTestI ) + { + stunSendTest( myFd1, dest, username, password, 1 ,verbose ); + } + + if ( (!respTestI2) && respTestI ) + { + // check the address to send to if valid + if ( ( testI2dest.addr != 0 ) && + ( testI2dest.port != 0 ) ) + { + stunSendTest( myFd1, testI2dest, username, password, 10 ,verbose); + } + } + + if ( !respTestII ) + { + stunSendTest( myFd2, dest, username, password, 2 ,verbose ); + } + + if ( !respTestIII ) + { + stunSendTest( myFd2, dest, username, password, 3 ,verbose ); + } + + if ( respTestI && (!respTestHairpin) ) + { + if ( ( testImappedAddr.addr != 0 ) && + ( testImappedAddr.port != 0 ) ) + { + stunSendTest( myFd1, testImappedAddr, username, password, 11 ,verbose ); + } + } + } + else + { + //if (verbose) clog << "-----------------------------------------" << endl; + assert( err>0 ); + // data is avialbe on some fd + + for ( int i=0; i<2; i++) + { + StunSocket myFd; + if ( i==0 ) + { + myFd=myFd1; + } + else + { + myFd=myFd2; + } + + if ( myFd!=INVALID_SOCKET ) + { + if ( FD_ISSET(myFd,&fdSet) ) + { + char msg[STUN_MAX_MESSAGE_SIZE]; + int msgLen = sizeof(msg); + + StunAddress4 from; + + getMessage( myFd, + msg, + &msgLen, + &from.addr, + &from.port,verbose ); + + StunMessage resp; + memset(&resp, 0, sizeof(StunMessage)); + + stunParseMessage( msg,msgLen, resp,verbose ); + + if ( verbose ) + { + clog << "Received message of type " << resp.msgHdr.msgType + << " id=" << (int)(resp.msgHdr.id.octet[0]) << endl; + } + + switch( resp.msgHdr.id.octet[0] ) + { + case 1: + { + if ( !respTestI ) + { + + testIchangedAddr.addr = resp.changedAddress.ipv4.addr; + testIchangedAddr.port = resp.changedAddress.ipv4.port; + testImappedAddr.addr = resp.mappedAddress.ipv4.addr; + testImappedAddr.port = resp.mappedAddress.ipv4.port; + + if ( preservePort ) + { + *preservePort = ( testImappedAddr.port == port ); + } + + testI2dest.addr = resp.changedAddress.ipv4.addr; + + if (sAddr) + { + sAddr->port = testImappedAddr.port; + sAddr->addr = testImappedAddr.addr; + } + + count = 0; + } + respTestI=true; + } + break; + case 2: + { + respTestII=true; + } + break; + case 3: + { + respTestIII=true; + } + break; + case 10: + { + if ( !respTestI2 ) + { + testI2mappedAddr.addr = resp.mappedAddress.ipv4.addr; + testI2mappedAddr.port = resp.mappedAddress.ipv4.port; + + mappedIpSame = false; + if ( (testI2mappedAddr.addr == testImappedAddr.addr ) && + (testI2mappedAddr.port == testImappedAddr.port )) + { + mappedIpSame = true; + } + + + } + respTestI2=true; + } + break; + case 11: + { + + if ( hairpin ) + { + *hairpin = true; + } + respTestHairpin = true; + } + break; + } + } + } + } + } + } + + // see if we can bind to this address + //cerr << "try binding to " << testImappedAddr << endl; + StunSocket s = openPort( 0/*use ephemeral*/, testImappedAddr.addr, false ); + if ( s != INVALID_SOCKET ) + { + closesocket(s); + isNat = false; + //cerr << "binding worked" << endl; + } + else + { + isNat = true; + //cerr << "binding failed" << endl; + } + + closesocket(myFd1); + closesocket(myFd2); + + if (verbose) + { + clog << "test I = " << respTestI << endl; + clog << "test II = " << respTestII << endl; + clog << "test III = " << respTestIII << endl; + clog << "test I(2) = " << respTestI2 << endl; + clog << "is nat = " << isNat <. + * + */ + +// Local Variables: +// mode:c++ +// c-file-style:"ellemtel" +// c-file-offsets:((case-label . +)) +// indent-tabs-mode:nil +// End: + + diff --git a/src/stun/stun.h b/src/stun/stun.h new file mode 100644 index 0000000..1746ce5 --- /dev/null +++ b/src/stun/stun.h @@ -0,0 +1,405 @@ +#ifndef STUN_H +#define STUN_H + +#include +#include +#include + +using namespace std; + +// if you change this version, change in makefile too +#define STUN_VERSION "0.94" + +#define STUN_MAX_STRING 256 +#define STUN_MAX_UNKNOWN_ATTRIBUTES 8 +#define STUN_MAX_MESSAGE_SIZE 2048 + +#define STUN_PORT 3478 + +// define some basic types +typedef unsigned char UInt8; +typedef unsigned short UInt16; +typedef unsigned int UInt32; +#if defined( WIN32 ) +typedef unsigned __int64 UInt64; +#else +typedef unsigned long long UInt64; +#endif +typedef struct { unsigned char octet[16]; } UInt128; + +/// define a structure to hold a stun address +const UInt8 IPv4Family = 0x01; +const UInt8 IPv6Family = 0x02; + +// define flags +const UInt32 ChangeIpFlag = 0x04; +const UInt32 ChangePortFlag = 0x02; + +// define stun attribute +const UInt16 MappedAddress = 0x0001; +const UInt16 ResponseAddress = 0x0002; +const UInt16 ChangeRequest = 0x0003; +const UInt16 SourceAddress = 0x0004; +const UInt16 ChangedAddress = 0x0005; +const UInt16 Username = 0x0006; +const UInt16 Password = 0x0007; +const UInt16 MessageIntegrity = 0x0008; +const UInt16 ErrorCode = 0x0009; +const UInt16 UnknownAttribute = 0x000A; +const UInt16 ReflectedFrom = 0x000B; +const UInt16 XorMappedAddress = 0x0020; +const UInt16 XorOnly = 0x0021; +const UInt16 ServerName = 0x0022; +const UInt16 SecondaryAddress = 0x0050; // Non standard extention + +// define types for a stun message +const UInt16 BindRequestMsg = 0x0001; +const UInt16 BindResponseMsg = 0x0101; +const UInt16 BindErrorResponseMsg = 0x0111; +const UInt16 SharedSecretRequestMsg = 0x0002; +const UInt16 SharedSecretResponseMsg = 0x0102; +const UInt16 SharedSecretErrorResponseMsg = 0x0112; + +typedef struct +{ + UInt16 msgType; + UInt16 msgLength; + UInt128 id; +} StunMsgHdr; + + +typedef struct +{ + UInt16 type; + UInt16 length; +} StunAtrHdr; + +typedef struct +{ + UInt16 port; + UInt32 addr; +} StunAddress4; + +typedef struct +{ + UInt8 pad; + UInt8 family; + StunAddress4 ipv4; +} StunAtrAddress4; + +typedef struct +{ + UInt32 value; +} StunAtrChangeRequest; + +typedef struct +{ + UInt16 pad; // all 0 + UInt8 errorClass; + UInt8 number; + char reason[STUN_MAX_STRING]; + UInt16 sizeReason; +} StunAtrError; + +typedef struct +{ + UInt16 attrType[STUN_MAX_UNKNOWN_ATTRIBUTES]; + UInt16 numAttributes; +} StunAtrUnknown; + +typedef struct +{ + char value[STUN_MAX_STRING]; + UInt16 sizeValue; +} StunAtrString; + +typedef struct +{ + char hash[20]; +} StunAtrIntegrity; + +typedef enum +{ + HmacUnkown=0, + HmacOK, + HmacBadUserName, + HmacUnkownUserName, + HmacFailed, +} StunHmacStatus; + +typedef struct +{ + StunMsgHdr msgHdr; + + bool hasMappedAddress; + StunAtrAddress4 mappedAddress; + + bool hasResponseAddress; + StunAtrAddress4 responseAddress; + + bool hasChangeRequest; + StunAtrChangeRequest changeRequest; + + bool hasSourceAddress; + StunAtrAddress4 sourceAddress; + + bool hasChangedAddress; + StunAtrAddress4 changedAddress; + + bool hasUsername; + StunAtrString username; + + bool hasPassword; + StunAtrString password; + + bool hasMessageIntegrity; + StunAtrIntegrity messageIntegrity; + + bool hasErrorCode; + StunAtrError errorCode; + + bool hasUnknownAttributes; + StunAtrUnknown unknownAttributes; + + bool hasReflectedFrom; + StunAtrAddress4 reflectedFrom; + + bool hasXorMappedAddress; + StunAtrAddress4 xorMappedAddress; + + bool xorOnly; + + bool hasServerName; + StunAtrString serverName; + + bool hasSecondaryAddress; + StunAtrAddress4 secondaryAddress; +} StunMessage; + + +// Define enum with different types of NAT +typedef enum +{ + StunTypeUnknown=0, + StunTypeOpen, + StunTypeConeNat, + StunTypeRestrictedNat, + StunTypePortRestrictedNat, + StunTypeSymNat, + StunTypeSymFirewall, + StunTypeBlocked, + StunTypeFailure +} NatType; + +#ifdef WIN32 +typedef SOCKET StunSocket; +#else +typedef int StunSocket; +#endif + +#define MAX_MEDIA_RELAYS 500 +#define MAX_RTP_MSG_SIZE 1500 +#define MEDIA_RELAY_TIMEOUT 3*60 + +typedef struct +{ + int relayPort; // media relay port + int fd; // media relay file descriptor + StunAddress4 destination; // NAT IP:port + time_t expireTime; // if no activity after time, close the socket +} StunMediaRelay; + +typedef struct +{ + StunAddress4 myAddr; + StunAddress4 altAddr; + StunSocket myFd; + StunSocket altPortFd; + StunSocket altIpFd; + StunSocket altIpPortFd; + bool relay; // true if media relaying is to be done + StunMediaRelay relays[MAX_MEDIA_RELAYS]; +} StunServerInfo; + +bool +stunParseMessage( char* buf, + unsigned int bufLen, + StunMessage& message, + bool verbose ); + +void +stunBuildReqSimple( StunMessage* msg, + const StunAtrString& username, + bool changePort, bool changeIp, unsigned int id=0 ); + +unsigned int +stunEncodeMessage( const StunMessage& message, + char* buf, + unsigned int bufLen, + const StunAtrString& password, + bool verbose); + +void +stunCreateUserName(const StunAddress4& addr, StunAtrString* username); + +void +stunGetUserNameAndPassword( const StunAddress4& dest, + StunAtrString* username, + StunAtrString* password); + +void +stunCreatePassword(const StunAtrString& username, StunAtrString* password); + +// Twinkle +// Build an error response +StunMessage *stunBuildError(const StunMessage &m, int code, const char *reason); + +// Create a string representation of a STUN message +string stunMsg2Str(const StunMessage &m); + +bool stunEqualId(const StunMessage &m1, const StunMessage &m2); + +string stunNatType2Str(NatType t); +// Twinkle + +int +stunRand(); + +UInt64 +stunGetSystemTimeSecs(); + +/// find the IP address of a the specified stun server - return false is fails parse +bool +stunParseServerName( char* serverName, StunAddress4& stunServerAddr); + +bool +stunParseHostName( char* peerName, + UInt32& ip, + UInt16& portVal, + UInt16 defaultPort ); + +/// return true if all is OK +/// Create a media relay and do the STERN thing if startMediaPort is non-zero +bool +stunInitServer(StunServerInfo& info, + const StunAddress4& myAddr, + const StunAddress4& altAddr, + int startMediaPort, + bool verbose); + +void +stunStopServer(StunServerInfo& info); + +/// return true if all is OK +bool +stunServerProcess(StunServerInfo& info, bool verbose); + +/// returns number of address found - take array or addres +int +stunFindLocalInterfaces(UInt32* addresses, int maxSize ); + +void +stunTest( StunAddress4& dest, int testNum, bool verbose, StunAddress4* srcAddr=0 ); + +NatType +stunNatType( StunAddress4& dest, bool verbose, + bool* preservePort=0, // if set, is return for if NAT preservers ports or not + bool* hairpin=0 , // if set, is the return for if NAT will hairpin packets + int port=0, // port to use for the test, 0 to choose random port + StunAddress4* sAddr=0 // NIC to use + ); + +/// prints a StunAddress +std::ostream& +operator<<( std::ostream& strm, const StunAddress4& addr); + +std::ostream& +operator<< ( std::ostream& strm, const UInt128& ); + + +bool +stunServerProcessMsg( char* buf, + unsigned int bufLen, + StunAddress4& from, + StunAddress4& myAddr, + StunAddress4& altAddr, + StunMessage* resp, + StunAddress4* destination, + StunAtrString* hmacPassword, + bool* changePort, + bool* changeIp, + bool verbose); + +int +stunOpenStunSocket( StunAddress4& dest, + StunAddress4* mappedAddr, + int port=0, + StunAddress4* srcAddr=0, + bool verbose=false ); + +bool +stunOpenStunSocketPair( StunAddress4& dest, StunAddress4* mappedAddr, + int* fd1, int* fd2, + int srcPort=0, StunAddress4* srcAddr=0, + bool verbose=false); + +#endif + + +/* ==================================================================== + * The Vovida Software License, Version 1.0 + * + * Copyright (c) 2000 Vovida Networks, Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. The names "VOCAL", "Vovida Open Communication Application Library", + * and "Vovida Open Communication Application Library (VOCAL)" must + * not be used to endorse or promote products derived from this + * software without prior written permission. For written + * permission, please contact vocal@vovida.org. + * + * 4. Products derived from this software may not be called "VOCAL", nor + * may "VOCAL" appear in their name, without prior written + * permission of Vovida Networks, Inc. + * + * THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESSED OR IMPLIED + * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE AND + * NON-INFRINGEMENT ARE DISCLAIMED. IN NO EVENT SHALL VOVIDA + * NETWORKS, INC. OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT DAMAGES + * IN EXCESS OF $1,000, NOR FOR ANY INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR + * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY + * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE + * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH + * DAMAGE. + * + * ==================================================================== + * + * This software consists of voluntary contributions made by Vovida + * Networks, Inc. and many individuals on behalf of Vovida Networks, + * Inc. For more information on Vovida Networks, Inc., please see + * . + * + */ + +// Local Variables: +// mode:c++ +// c-file-style:"ellemtel" +// c-file-offsets:((case-label . +)) +// indent-tabs-mode:nil +// End: + diff --git a/src/stun/stun_transaction.cpp b/src/stun/stun_transaction.cpp new file mode 100644 index 0000000..9514ba4 --- /dev/null +++ b/src/stun/stun_transaction.cpp @@ -0,0 +1,680 @@ +/* + Copyright (C) 2005-2009 Michel de Boer + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +*/ + +#include +#include "stun_transaction.h" +#include "events.h" +#include "log.h" +#include "phone.h" +#include "sys_settings.h" +#include "transaction_mgr.h" +#include "translator.h" +#include "util.h" +#include "audits/memman.h" + +extern t_transaction_mgr *transaction_mgr; +extern t_event_queue *evq_trans_layer; +extern t_event_queue *evq_trans_mgr; +extern t_event_queue *evq_sender; +extern t_phone *phone; + + +bool get_stun_binding(t_user *user_config, unsigned short src_port, unsigned long &mapped_ip, + unsigned short &mapped_port, int &err_code, string &err_reason) +{ + list destinations = + user_config->get_stun_server().get_h_ip_srv("udp"); + + if (destinations.empty()) { + // Cannot resolve STUN server address. + log_file->write_header("::get_stun_binding", LOG_NORMAL, LOG_CRITICAL); + log_file->write_raw("Failed to resolve: "); + log_file->write_raw(user_config->get_stun_server().encode()); + log_file->write_endl(); + log_file->write_raw("Return internal STUN bind error: 404 Not Found"); + log_file->write_endl(); + log_file->write_footer(); + + err_code = 404; + err_reason = "Not Found"; + return false; + } + + int num_transmissions = 0; + int wait_intval = DUR_STUN_START_INTVAL; + + t_socket_udp sock(src_port); + sock.connect(destinations.front().ipaddr, destinations.front().port); + + // Build STUN request + char buf[STUN_MAX_MESSAGE_SIZE + 1]; + StunMessage req_bind; + StunAtrString stun_null_str; + stun_null_str.sizeValue = 0; + stunBuildReqSimple(&req_bind, stun_null_str, false, false); + char req_msg[STUN_MAX_MESSAGE_SIZE]; + int req_msg_size = stunEncodeMessage(req_bind, req_msg, + STUN_MAX_MESSAGE_SIZE, stun_null_str, false); + + // Send STUN request and retransmit till a response is received. + while (num_transmissions < STUN_MAX_TRANSMISSIONS) { + bool ret; + + try { + sock.send(req_msg, req_msg_size); + } + catch (int err) { + // Socket error (probably ICMP error) + // Failover to next destination + log_file->write_report("Send failed. Failover to next destination.", + "::get_stun_binding"); + + destinations.pop_front(); + if (destinations.empty()) { + log_file->write_report("No next destination for failover.", + "::get_stun_binding"); + break; + } + + num_transmissions = 0; + wait_intval = DUR_STUN_START_INTVAL; + sock.connect(destinations.front().ipaddr, destinations.front().port); + continue; + } + + log_file->write_header("::get_stun_binding", LOG_STUN); + log_file->write_raw("Send to: "); + log_file->write_raw(h_ip2str(destinations.front().ipaddr)); + log_file->write_raw(":"); + log_file->write_raw(destinations.front().port); + log_file->write_endl(); + log_file->write_raw(stunMsg2Str(req_bind)); + log_file->write_footer(); + + try { + ret = sock.select_read(wait_intval); + } + catch (int err) { + // Socket error (probably ICMP error) + // Failover to next destination + log_file->write_report("Select failed. Failover to next destination.", + "::get_stun_binding"); + + destinations.pop_front(); + if (destinations.empty()) { + log_file->write_report("No next destination for failover.", + "::get_stun_binding"); + break; + } + + num_transmissions = 0; + wait_intval = DUR_STUN_START_INTVAL; + sock.connect(destinations.front().ipaddr, destinations.front().port); + continue; + } + + if (!ret) { + // Time out + num_transmissions++; + if (wait_intval < DUR_STUN_MAX_INTVAL) { + wait_intval *= 2; + } + continue; + } + + // A message has been received + int resp_msg_size; + try { + resp_msg_size = sock.recv(buf, STUN_MAX_MESSAGE_SIZE + 1); + } + catch (int err) { + // Socket error (probably ICMP error) + // Failover to next destination + log_file->write_report("Recv failed. Failover to next destination.", + "::get_stun_binding"); + + destinations.pop_front(); + if (destinations.empty()) { + log_file->write_report("No next destination for failover.", + "::get_stun_binding"); + break; + } + + num_transmissions = 0; + wait_intval = DUR_STUN_START_INTVAL; + sock.connect(destinations.front().ipaddr, destinations.front().port); + continue; + } + + StunMessage resp_bind; + + if (!stunParseMessage(buf, resp_msg_size, resp_bind, false)) { + log_file->write_report( + "Received faulty STUN message", "::get_stun_binding", + LOG_STUN); + num_transmissions++; + if (wait_intval < DUR_STUN_MAX_INTVAL) { + wait_intval *= 2; + } + continue; + } + + log_file->write_header("::get_stun_binding", LOG_STUN); + log_file->write_raw("Received from: "); + log_file->write_raw(h_ip2str(destinations.front().ipaddr)); + log_file->write_raw(":"); + log_file->write_raw(destinations.front().port); + log_file->write_endl(); + log_file->write_raw(stunMsg2Str(resp_bind)); + log_file->write_footer(); + + // Check if id in msgHdr matches + if (!stunEqualId(resp_bind, req_bind)) { + num_transmissions++; + if (wait_intval < DUR_STUN_MAX_INTVAL) { + wait_intval *= 2; + } + continue; + } + + if (resp_bind.msgHdr.msgType == BindResponseMsg && + resp_bind.hasMappedAddress) { + // Bind response received + mapped_ip = resp_bind.mappedAddress.ipv4.addr; + mapped_port = resp_bind.mappedAddress.ipv4.port; + return true; + } + + if (resp_bind.msgHdr.msgType == BindErrorResponseMsg && + resp_bind.hasErrorCode) + { + // Bind error received + err_code = resp_bind.errorCode.errorClass * 100 + + resp_bind.errorCode.number; + char s[STUN_MAX_STRING + 1]; + strncpy(s, resp_bind.errorCode.reason, STUN_MAX_STRING); + s[STUN_MAX_STRING] = 0; + err_reason = s; + return false; + } + + // A wrong response has been received. + log_file->write_report( + "Invalid STUN response received", "::get_stun_binding", + LOG_NORMAL); + + err_code = 500; + err_reason = "Server Error"; + return false; + } + + // Request timed out + log_file->write_report("STUN request timeout", "::get_stun_binding", + LOG_NORMAL); + + err_code = 408; + err_reason = "Request Timeout"; + return false; +} + +bool stun_discover_nat(t_phone_user *pu, string &err_msg) { + t_user *user_config = pu->get_user_profile(); + + // By default enable STUN. If for some reason we cannot perform + // NAT discovery, then enable STUN. It will not harm, but only + // create non-needed STUN transactions if we are not behind a NAT. + pu->use_stun = true; + pu->use_nat_keepalive = true; + + list destinations = + user_config->get_stun_server().get_h_ip_srv("udp"); + + if (destinations.empty()) { + // Cannot resolve STUN server address. + log_file->write_header("::main", LOG_NORMAL, LOG_CRITICAL); + log_file->write_raw("Failed to resolve: "); + log_file->write_raw(user_config->get_stun_server().encode()); + log_file->write_endl(); + log_file->write_footer(); + + err_msg = TRANSLATE("Cannot resolve STUN server: %1"); + err_msg = replace_first(err_msg, "%1", user_config->get_stun_server().encode()); + return false; + } + + while (!destinations.empty()) { + StunAddress4 stun_ip4; + stun_ip4.addr = destinations.front().ipaddr; + stun_ip4.port = destinations.front().port; + + NatType nat_type = stunNatType(stun_ip4, false); + log_file->write_header("::main"); + log_file->write_raw("STUN NAT type discovery for "); + log_file->write_raw(user_config->get_profile_name()); + log_file->write_endl(); + log_file->write_raw("NAT type: "); + log_file->write_raw(stunNatType2Str(nat_type)); + log_file->write_endl(); + log_file->write_footer(); + + switch (nat_type) { + case StunTypeOpen: + // STUN is not needed. + pu->use_stun = false; + pu->use_nat_keepalive = false; + return true; + case StunTypeSymNat: + err_msg = TRANSLATE("You are behind a symmetric NAT.\nSTUN will not work.\nConfigure a public IP address in the user profile\nand create the following static bindings (UDP) in your NAT."); + err_msg += "\n\n"; + err_msg += TRANSLATE("public IP: %1 --> private IP: %2 (SIP signaling)"); + err_msg = replace_first(err_msg, "%1", int2str(sys_config->get_sip_port())); + err_msg = replace_first(err_msg, "%2", int2str(sys_config->get_sip_port())); + err_msg += "\n"; + err_msg += TRANSLATE("public IP: %1-%2 --> private IP: %3-%4 (RTP/RTCP)"); + err_msg = replace_first(err_msg, "%1", int2str(sys_config->get_rtp_port())); + err_msg = replace_first(err_msg, "%2", int2str(sys_config->get_rtp_port() + 5)); + err_msg = replace_first(err_msg, "%3", int2str(sys_config->get_rtp_port())); + err_msg = replace_first(err_msg, "%4", int2str(sys_config->get_rtp_port() + 5)); + + pu->use_stun = false; + pu->use_nat_keepalive = false; + return false; + case StunTypeSymFirewall: + // STUN is not needed as we are on a pubic IP. + // NAT keep alive is needed however to keep the firewall open. + pu->use_stun = false; + return true; + case StunTypeBlocked: + destinations.pop_front(); + + // The code for NAT type discovery does not handle + // ICMP errors. So if the conclusion is that the network + // connection is blocked, it might be due to a down STUN + // server. Try alternative destination if avaliable. + + if (destinations.empty()) { + err_msg = TRANSLATE("Cannot reach the STUN server: %1"); + err_msg = replace_first(err_msg, "%1", + user_config->get_stun_server().encode()); + err_msg += "\n\n"; + err_msg += TRANSLATE("If you are behind a firewall then you need to open the following UDP ports."); + err_msg += "\n"; + err_msg += TRANSLATE("Port %1 (SIP signaling)"); + err_msg = replace_first(err_msg, "%1", + int2str(sys_config->get_sip_port())); + err_msg += "\n"; + err_msg += TRANSLATE("Ports %1-%2 (RTP/RTCP)"); + err_msg = replace_first(err_msg, "%1", + int2str(sys_config->get_rtp_port())); + err_msg = replace_first(err_msg, "%2", + int2str(sys_config->get_rtp_port() + 5)); + + return false; + } + + log_file->write_report("Failover to next destination.", + "::stun_discover_nat"); + break; + case StunTypeFailure: + destinations.pop_front(); + log_file->write_report("Failover to next destination.", + "::stun_discover_nat"); + break; + default: + // Use STUN. + return true; + } + } + + err_msg = TRANSLATE("NAT type discovery via STUN failed."); + return false; +} + + +// Main function for STUN listener thread for media STUN requests. +void *stun_listen_main(void *arg) { + char buf[STUN_MAX_MESSAGE_SIZE + 1]; + int data_size; + + t_socket_udp *sock = (t_socket_udp *)arg; + + while(true) { + try { + data_size = sock->recv(buf, STUN_MAX_MESSAGE_SIZE + 1); + } catch (int err) { + string msg("Failed to receive STUN response for media.\n"); + msg += get_error_str(err); + log_file->write_report(msg, "::stun_listen_main", + LOG_NORMAL, LOG_CRITICAL); + + // The request will timeout, no need to send a response now. + + return NULL; + } + + StunMessage m; + + if (!stunParseMessage(buf, data_size, m, false)) { + log_file->write_report("Faulty STUN message", "::stun_listen_main"); + continue; + } + + log_file->write_header("::stun_listen_main", LOG_STUN); + log_file->write_raw("Received: "); + log_file->write_raw(stunMsg2Str(m)); + log_file->write_footer(); + + evq_trans_mgr->push_stun_response(&m, 0, 0); + } +} + +////////////////////////////////////////////// +// Base STUN transaction +////////////////////////////////////////////// + +t_mutex t_stun_transaction::mtx_class; +t_tid t_stun_transaction::next_id = 1; + +t_stun_transaction::t_stun_transaction(t_user *user, StunMessage *r, + unsigned short _tuid, const list &dst) +{ + mtx_class.lock(); + id = next_id++; + if (next_id == 65535) next_id = 1; + mtx_class.unlock(); + + state = TS_NULL; + request = new StunMessage(*r); + MEMMAN_NEW(request); + tuid = _tuid; + + dur_req_timeout = DUR_STUN_START_INTVAL; + num_transmissions = 0; + + destinations = dst; + + user_config = user->copy(); +} + +t_stun_transaction::~t_stun_transaction() { + MEMMAN_DELETE(request); + delete request; + MEMMAN_DELETE(user_config); + delete user_config; +} + +t_tid t_stun_transaction::get_id(void) const { + return id; +} + +t_trans_state t_stun_transaction::get_state(void) const { + return state; +} + +void t_stun_transaction::start_timer_req_timeout(void) { + timer_req_timeout = transaction_mgr->start_stun_timer(dur_req_timeout, + STUN_TMR_REQ_TIMEOUT, id); + + // RFC 3489 9.3 + // Double the retransmision interval till a maximum + if (dur_req_timeout < DUR_STUN_MAX_INTVAL) { + dur_req_timeout = 2 * dur_req_timeout; + } +} + +void t_stun_transaction::stop_timer_req_timeout(void) { + if (timer_req_timeout) { + transaction_mgr->stop_timer(timer_req_timeout); + timer_req_timeout = 0; + } +} + +void t_stun_transaction::process_response(StunMessage *r) { + stop_timer_req_timeout(); + evq_trans_layer->push_stun_response(r, tuid, id); + state = TS_TERMINATED; +} + +void t_stun_transaction::process_icmp(const t_icmp_msg &icmp) { + stop_timer_req_timeout(); + + log_file->write_report("Failover to next destination.", + "t_stun_transaction::process_icmp"); + + destinations.pop_front(); + if (destinations.empty()) { + log_file->write_report("No next destination for failover.", + "t_stun_transaction::process_icmp"); + + log_file->write_header("t_stun_transaction::process_icmp", + LOG_NORMAL, LOG_INFO); + log_file->write_raw("ICMP error received.\n\n"); + log_file->write_raw("Send internal: 500 Server Error\n"); + log_file->write_footer(); + + // No server could be reached, Notify the TU with 500 Server + // Error. + StunMessage *resp = stunBuildError(*request, 500, "Server Error"); + evq_trans_layer->push_stun_response(resp, tuid, id); + MEMMAN_DELETE(resp); + delete resp; + + state = TS_TERMINATED; + return; + } + + // Failover to next destination + evq_sender->push_stun_request(user_config, request, TYPE_STUN_SIP, tuid, id, + destinations.front().ipaddr, destinations.front().port); + num_transmissions = 1; + dur_req_timeout = DUR_STUN_START_INTVAL; + start_timer_req_timeout(); +} + +void t_stun_transaction::timeout(t_stun_timer t) { + // RFC 3489 9.3 + if (num_transmissions < STUN_MAX_TRANSMISSIONS) { + retransmit(); + start_timer_req_timeout(); + return; + } + + // Report timeout to TU + StunMessage *timeout_resp; + timeout_resp = stunBuildError(*request, 408, "Request Timeout"); + log_file->write_report("STUN request timeout", "t_stun_transaction::timeout", + LOG_NORMAL); + + evq_trans_layer->push_stun_response(timeout_resp, tuid, id); + MEMMAN_DELETE(timeout_resp); + delete timeout_resp; + + state = TS_TERMINATED; +} + +bool t_stun_transaction::match(StunMessage *resp) const { + return stunEqualId(*resp, *request); +} + +// An ICMP error matches a transaction when the destination IP address/port +// of the packet that caused the ICMP error equals the destination +// IP address/port of the transaction. Other information of the packet causing +// the ICMP error is not available. +// In theory when multiple transactions are open for the same destination, the +// wrong transaction may process the ICMP error. In practice this should rarely +// happen as the destination will be unreachable for all those transactions. +// If it happens a transaction gets aborted. +bool t_stun_transaction::match(const t_icmp_msg &icmp) const { + return (destinations.front().ipaddr == icmp.ipaddr && + destinations.front().port == icmp.port); +} + +////////////////////////////////////////////// +// SIP STUN transaction +////////////////////////////////////////////// + +void t_sip_stun_trans::retransmit(void) { + // The SIP UDP sender will send out the STUN request. + evq_sender->push_stun_request(user_config, request, TYPE_STUN_SIP, tuid, id, + destinations.front().ipaddr, destinations.front().port); + num_transmissions++; +} + +t_sip_stun_trans::t_sip_stun_trans(t_user *user, StunMessage *r, + unsigned short _tuid, const list &dst) : + t_stun_transaction(user, r, _tuid, dst) +{ + // The SIP UDP sender will send out the STUN request. + evq_sender->push_stun_request(user_config, request, TYPE_STUN_SIP, tuid, id, + destinations.front().ipaddr, destinations.front().port); + num_transmissions++; + start_timer_req_timeout(); + state = TS_PROCEEDING; +} + +////////////////////////////////////////////// +// Media STUN transaction +////////////////////////////////////////////// + +// TODO: this code is not used anymore. Remove? + +void t_media_stun_trans::retransmit(void) { + // Retransmit the STUN request + StunAtrString stun_pass; + stun_pass.sizeValue = 0; + char m[STUN_MAX_MESSAGE_SIZE]; + int msg_size = stunEncodeMessage(*request, m, STUN_MAX_MESSAGE_SIZE, stun_pass, false); + + try { + sock->sendto(destinations.front().ipaddr, destinations.front().port, + m, msg_size); + } catch (int err) { + string msg("Failed to send STUN request for media.\n"); + msg += get_error_str(err); + log_file->write_report(msg, "::t_media_stun_trans::retransmit", + LOG_NORMAL, LOG_CRITICAL); + + StunMessage *resp; + resp = stunBuildError(*request, 500, "Could not send request"); + + evq_trans_layer->push_stun_response(resp, tuid, id); + MEMMAN_DELETE(resp); + delete resp; + + return; + } + + num_transmissions++; +} + +t_media_stun_trans::t_media_stun_trans(t_user *user, StunMessage *r, + unsigned short _tuid, const list &dst, + unsigned short src_port) : + t_stun_transaction(user, r, _tuid, dst) +{ + thr_listen = NULL; + + try { + sock = new t_socket_udp(src_port); + MEMMAN_NEW(sock); + sock->connect(destinations.front().ipaddr, destinations.front().port); + } catch (int err) { + string msg("Failed to create a UDP socket (STUN) on port "); + msg += int2str(src_port); + msg += "\n"; + msg += get_error_str(err); + log_file->write_report(msg, "t_media_stun_trans::t_media_stun_trans", LOG_NORMAL, + LOG_CRITICAL); + delete sock; + sock = NULL; + + StunMessage *resp; + resp = stunBuildError(*request, 500, "Could not create socket"); + + evq_trans_layer->push_stun_response(resp, tuid, id); + MEMMAN_DELETE(resp); + delete resp; + + return; + } + + // Send STUN request + StunAtrString stun_pass; + stun_pass.sizeValue = 0; + char m[STUN_MAX_MESSAGE_SIZE]; + int msg_size = stunEncodeMessage(*r, m, STUN_MAX_MESSAGE_SIZE, stun_pass, false); + + try { + sock->send(m, msg_size); + } catch (int err) { + string msg("Failed to send STUN request for media.\n"); + msg += get_error_str(err); + log_file->write_report(msg, "::t_media_stun_trans::t_media_stun_trans", + LOG_NORMAL, LOG_CRITICAL); + + StunMessage *resp; + resp = stunBuildError(*request, 500, "Failed to send request"); + + evq_trans_layer->push_stun_response(resp, tuid, id); + MEMMAN_DELETE(resp); + delete resp; + + return; + } + + num_transmissions++; + + try { + thr_listen = new t_thread(stun_listen_main, sock); + MEMMAN_NEW(thr_listen); + } catch (int) { + log_file->write_report("Failed to create STUN listener thread.", + "::t_media_stun_trans::t_media_stun_trans", + LOG_NORMAL, LOG_CRITICAL); + delete thr_listen; + thr_listen = NULL; + + StunMessage *resp; + resp = stunBuildError(*request, 500, "Failed to create STUN listen thread"); + + evq_trans_layer->push_stun_response(resp, tuid, id); + MEMMAN_DELETE(resp); + delete resp; + + return; + } + + start_timer_req_timeout(); + state = TS_PROCEEDING; +} + +t_media_stun_trans::~t_media_stun_trans() { + if (sock) { + MEMMAN_DELETE(sock); + delete sock; + } + + if (thr_listen) { + thr_listen->cancel(); + thr_listen->join(); + MEMMAN_DELETE(thr_listen); + delete thr_listen; + } +} + + diff --git a/src/stun/stun_transaction.h b/src/stun/stun_transaction.h new file mode 100644 index 0000000..c06e1c5 --- /dev/null +++ b/src/stun/stun_transaction.h @@ -0,0 +1,159 @@ +/* + Copyright (C) 2005-2009 Michel de Boer + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +*/ + +#ifndef _STUN_TRANSACTION_H +#define _STUN_TRANSACTION_H + +#include "stun.h" +#include "phone_user.h" +#include "protocol.h" +#include "user.h" +#include "transaction.h" +#include "threads/mutex.h" +#include "threads/thread.h" +#include "sockets/socket.h" +#include "sockets/url.h" + +// Create a binding in a NAT. +// Returns true on success. Returns false when the STUN server returned +// an error. Throws an int exception (containing errno) when some +// socket operation fails. +bool get_stun_binding(t_user *user_config, unsigned short src_port, unsigned long &mapped_ip, + unsigned short &mapped_port, int &err_code, string &err_reason); + + +// Discover the type of NAT and determine is STUN should be used or +// wether STUN is useless. +// It sets the use_stun attribute of phone if STUN should be used. +// Return false if STUN cannot be used. err_msg will contain an +// error message that can be displayed to the user. +bool stun_discover_nat(t_phone_user *pu, string &err_msg); + + +////////////////////////////////////////////// +// Base STUN transaction +////////////////////////////////////////////// + +class t_stun_transaction { +private: + static t_mutex mtx_class; // protect static members + static t_tid next_id; // next id to be issued + +protected: + t_tid id; // transaction id + unsigned short tuid; // TU id + t_trans_state state; + + // Timer for retransmissions + unsigned short timer_req_timeout; + + // Duration for the next timer start in msec + unsigned long dur_req_timeout; + + // Number of transmissions of the request + unsigned short num_transmissions; + + // Destinations for the request + list destinations; + + // User profile of user that created this transaction + t_user *user_config; + + void start_timer_req_timeout(void); + void stop_timer_req_timeout(void); + + // Retransmit STUN request + virtual void retransmit(void) = 0; + +public: + StunMessage *request; + + t_tid get_id(void) const; + + // Get state of the transaction + t_trans_state get_state(void) const; + + // The transaction will keep a copy of the request + t_stun_transaction(t_user *user, StunMessage *r, + unsigned short _tuid, const list &dst); + + // All request and response pointers contained by the + // transaction will be deleted. + virtual ~t_stun_transaction(); + + // Process STUN response + virtual void process_response(StunMessage *r); + + // Process ICMP error + virtual void process_icmp(const t_icmp_msg &icmp); + + // Process timeout + virtual void timeout(t_stun_timer t); + + // Match response with transaction + bool match(StunMessage *resp) const; + + // Match ICMP error with transaction + bool match(const t_icmp_msg &icmp) const; +}; + +////////////////////////////////////////////// +// SIP STUN transaction +////////////////////////////////////////////// + +// A SIP STUN transaction is a STUN request to get a binding +// for the SIP port. Such a request must be sent from the SIP port. +// So it must be sent out via the SIP sender thread. + +class t_sip_stun_trans : public t_stun_transaction { +protected: + virtual void retransmit(void); + +public: + // Create transaction and send out STUN request + t_sip_stun_trans(t_user *user, StunMessage *r, + unsigned short _tuid, const list &dst); +}; + +////////////////////////////////////////////// +// Media STUN transaction +////////////////////////////////////////////// + +// TODO: this code is not used anymore. Remove? + +// A media STUN transaction is a STUN request to get a binding +// for a media port. Such a request must be sent from the media +// port. + +class t_media_stun_trans : public t_stun_transaction { +private: + t_socket_udp *sock; // UDP socket for STUN + t_thread *thr_listen; // Listener thread + +protected: + virtual void retransmit(void); + +public: + // Create transaction and send out STUN request + t_media_stun_trans(t_user *user, StunMessage *r, + unsigned short _tuid, const list &dst, + unsigned short src_port); + ~t_media_stun_trans(); +}; + +#endif diff --git a/src/stun/udp.cxx b/src/stun/udp.cxx new file mode 100644 index 0000000..7a75134 --- /dev/null +++ b/src/stun/udp.cxx @@ -0,0 +1,349 @@ +#include +#include +#include +#include +#include +#include +#include + +#ifdef WIN32 + +#include +#include +#include + +#else + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#endif + +#include + +#include "udp.h" + +using namespace std; + + +StunSocket +openPort( unsigned short port, unsigned int interfaceIp, bool verbose ) +{ + StunSocket fd; + + fd = socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP); + if ( fd == INVALID_SOCKET ) + { + int err = getErrno(); + cerr << "Could not create a UDP socket:" << err << endl; + return INVALID_SOCKET; + } + + struct sockaddr_in addr; + memset((char*) &(addr),0, sizeof((addr))); + addr.sin_family = AF_INET; + addr.sin_addr.s_addr = htonl(INADDR_ANY); + addr.sin_port = htons(port); + + if ( (interfaceIp != 0) && + ( interfaceIp != 0x100007f ) ) + { + addr.sin_addr.s_addr = htonl(interfaceIp); + if (verbose ) + { + clog << "Binding to interface " + << hex << "0x" << htonl(interfaceIp) << dec << endl; + } + } + + if ( bind( fd,(struct sockaddr*)&addr, sizeof(addr)) != 0 ) + { + int e = getErrno(); + + switch (e) + { + case 0: + { + cerr << "Could not bind socket" << endl; + return INVALID_SOCKET; + } + case EADDRINUSE: + { + cerr << "Port " << port << " for receiving UDP is in use" << endl; + return INVALID_SOCKET; + } + break; + case EADDRNOTAVAIL: + { + if ( verbose ) + { + cerr << "Cannot assign requested address" << endl; + } + return INVALID_SOCKET; + } + break; + default: + { + cerr << "Could not bind UDP receive port" + << "Error=" << e << " " << strerror(e) << endl; + return INVALID_SOCKET; + } + break; + } + } + if ( verbose ) + { + clog << "Opened port " << port << " with fd " << fd << endl; + } + + assert( fd != INVALID_SOCKET ); + + return fd; +} + + +bool +getMessage( StunSocket fd, char* buf, int* len, + unsigned int* srcIp, unsigned short* srcPort, + bool verbose) +{ + assert( fd != INVALID_SOCKET ); + + int originalSize = *len; + assert( originalSize > 0 ); + + struct sockaddr_in from; + int fromLen = sizeof(from); + + *len = recvfrom(fd, + buf, + originalSize, + 0, + (struct sockaddr *)&from, + (socklen_t*)&fromLen); + + if ( *len == SOCKET_ERROR ) + { + int err = getErrno(); + + switch (err) + { + case ENOTSOCK: + cerr << "Error fd not a socket" << endl; + break; + case ECONNRESET: + cerr << "Error connection reset - host not reachable" << endl; + break; + + default: + cerr << "StunSocket Error=" << err << endl; + } + + return false; + } + + if ( *len < 0 ) + { + clog << "socket closed? negative len" << endl; + return false; + } + + if ( *len == 0 ) + { + clog << "socket closed? zero len" << endl; + return false; + } + + *srcPort = ntohs(from.sin_port); + *srcIp = ntohl(from.sin_addr.s_addr); + + if ( (*len)+1 >= originalSize ) + { + if (verbose) + { + clog << "Received a message that was too large" << endl; + } + return false; + } + buf[*len]=0; + + return true; +} + + +bool +sendMessage( StunSocket fd, char* buf, int l, + unsigned int dstIp, unsigned short dstPort, + bool verbose) +{ + assert( fd != INVALID_SOCKET ); + + int s; + if ( dstPort == 0 ) + { + // sending on a connected port + assert( dstIp == 0 ); + + s = send(fd,buf,l,0); + } + else + { + assert( dstIp != 0 ); + assert( dstPort != 0 ); + + struct sockaddr_in to; + int toLen = sizeof(to); + memset(&to,0,toLen); + + to.sin_family = AF_INET; + to.sin_port = htons(dstPort); + to.sin_addr.s_addr = htonl(dstIp); + + s = sendto(fd, buf, l, 0,(sockaddr*)&to, toLen); + } + + if ( s == SOCKET_ERROR ) + { + int e = getErrno(); + switch (e) + { + case ECONNREFUSED: + case EHOSTDOWN: + case EHOSTUNREACH: + { + // quietly ignore this + } + break; + case EAFNOSUPPORT: + { + cerr << "err EAFNOSUPPORT in send" << endl; + } + break; + default: + { + cerr << "err " << e << " " << strerror(e) << " in send" << endl; + } + } + return false; + } + + if ( s == 0 ) + { + cerr << "no data sent in send" << endl; + return false; + } + + if ( s != l ) + { + if (verbose) + { + cerr << "only " << s << " out of " << l << " bytes sent" << endl; + } + return false; + } + + return true; +} + + +void +initNetwork() +{ +#ifdef WIN32 + WORD wVersionRequested = MAKEWORD( 2, 2 ); + WSADATA wsaData; + int err; + + err = WSAStartup( wVersionRequested, &wsaData ); + if ( err != 0 ) + { + // could not find a usable WinSock DLL + cerr << "Could not load winsock" << endl; + assert(0); // is this is failing, try a different version that 2.2, 1.0 or later will likely work + exit(1); + } + + /* Confirm that the WinSock DLL supports 2.2.*/ + /* Note that if the DLL supports versions greater */ + /* than 2.2 in addition to 2.2, it will still return */ + /* 2.2 in wVersion since that is the version we */ + /* requested. */ + + if ( LOBYTE( wsaData.wVersion ) != 2 || + HIBYTE( wsaData.wVersion ) != 2 ) + { + /* Tell the user that we could not find a usable */ + /* WinSock DLL. */ + WSACleanup( ); + cerr << "Bad winsock verion" << endl; + assert(0); // is this is failing, try a different version that 2.2, 1.0 or later will likely work + exit(1); + } +#endif +} + + +/* ==================================================================== + * The Vovida Software License, Version 1.0 + * + * Copyright (c) 2000 Vovida Networks, Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. The names "VOCAL", "Vovida Open Communication Application Library", + * and "Vovida Open Communication Application Library (VOCAL)" must + * not be used to endorse or promote products derived from this + * software without prior written permission. For written + * permission, please contact vocal@vovida.org. + * + * 4. Products derived from this software may not be called "VOCAL", nor + * may "VOCAL" appear in their name, without prior written + * permission of Vovida Networks, Inc. + * + * THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESSED OR IMPLIED + * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE AND + * NON-INFRINGEMENT ARE DISCLAIMED. IN NO EVENT SHALL VOVIDA + * NETWORKS, INC. OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT DAMAGES + * IN EXCESS OF $1,000, NOR FOR ANY INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR + * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY + * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE + * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH + * DAMAGE. + * + * ==================================================================== + * + * This software consists of voluntary contributions made by Vovida + * Networks, Inc. and many individuals on behalf of Vovida Networks, + * Inc. For more information on Vovida Networks, Inc., please see + * . + * + */ + +// Local Variables: +// mode:c++ +// c-file-style:"ellemtel" +// c-file-offsets:((case-label . +)) +// indent-tabs-mode:nil +// End: diff --git a/src/stun/udp.h b/src/stun/udp.h new file mode 100644 index 0000000..13f8353 --- /dev/null +++ b/src/stun/udp.h @@ -0,0 +1,156 @@ +#ifndef udp_h +#define udp_h + + +#ifdef __MACH__ +typedef int socklen_t; +#endif + +#include + +#ifdef WIN32 + +#include +#include + +typedef int socklen_t; +typedef SOCKET StunSocket; + +#define EWOULDBLOCK WSAEWOULDBLOCK +#define EINPROGRESS WSAEINPROGRESS +#define EALREADY WSAEALREADY +#define ENOTSOCK WSAENOTSOCK +#define EDESTADDRREQ WSAEDESTADDRREQ +#define EMSGSIZE WSAEMSGSIZE +#define EPROTOTYPE WSAEPROTOTYPE +#define ENOPROTOOPT WSAENOPROTOOPT +#define EPROTONOSUPPORT WSAEPROTONOSUPPORT +#define ESOCKTNOSUPPORT WSAESOCKTNOSUPPORT +#define EOPNOTSUPP WSAEOPNOTSUPP +#define EPFNOSUPPORT WSAEPFNOSUPPORT +#define EAFNOSUPPORT WSAEAFNOSUPPORT +#define EADDRINUSE WSAEADDRINUSE +#define EADDRNOTAVAIL WSAEADDRNOTAVAIL +#define ENETDOWN WSAENETDOWN +#define ENETUNREACH WSAENETUNREACH +#define ENETRESET WSAENETRESET +#define ECONNABORTED WSAECONNABORTED +#define ECONNRESET WSAECONNRESET +#define ENOBUFS WSAENOBUFS +#define EISCONN WSAEISCONN +#define ENOTCONN WSAENOTCONN +#define ESHUTDOWN WSAESHUTDOWN +#define ETOOMANYREFS WSAETOOMANYREFS +#define ETIMEDOUT WSAETIMEDOUT +#define ECONNREFUSED WSAECONNREFUSED +#define ELOOP WSAELOOP +#define EHOSTDOWN WSAEHOSTDOWN +#define EHOSTUNREACH WSAEHOSTUNREACH +#define EPROCLIM WSAEPROCLIM +#define EUSERS WSAEUSERS +#define EDQUOT WSAEDQUOT +#define ESTALE WSAESTALE +#define EREMOTE WSAEREMOTE + +typedef LONGLONG Int64; +inline int getErrno() { return WSAGetLastError(); } + +#else + +typedef int StunSocket; +static const StunSocket INVALID_SOCKET = -1; +static const int SOCKET_ERROR = -1; + +inline int closesocket( StunSocket fd ) { return close(fd); }; + +inline int getErrno() { return errno; } + +#define WSANOTINITIALISED EPROTONOSUPPORT + +#endif + +/// Open a UDP socket to receive on the given port - if port is 0, pick a a +/// port, if interfaceIp!=0 then use ONLY the interface specified instead of +/// all of them +StunSocket +openPort( unsigned short port, unsigned int interfaceIp, + bool verbose); + + +/// recive a UDP message +bool +getMessage( StunSocket fd, char* buf, int* len, + unsigned int* srcIp, unsigned short* srcPort, + bool verbose); + + +/// send a UDP message +bool +sendMessage( StunSocket fd, char* msg, int len, + unsigned int dstIp, unsigned short dstPort, + bool verbose); + + +/// set up network - does nothing in unix but needed for windows +void +initNetwork(); + + +/* ==================================================================== + * The Vovida Software License, Version 1.0 + * + * Copyright (c) 2000 Vovida Networks, Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. The names "VOCAL", "Vovida Open Communication Application Library", + * and "Vovida Open Communication Application Library (VOCAL)" must + * not be used to endorse or promote products derived from this + * software without prior written permission. For written + * permission, please contact vocal@vovida.org. + * + * 4. Products derived from this software may not be called "VOCAL", nor + * may "VOCAL" appear in their name, without prior written + * permission of Vovida Networks, Inc. + * + * THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESSED OR IMPLIED + * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE AND + * NON-INFRINGEMENT ARE DISCLAIMED. IN NO EVENT SHALL VOVIDA + * NETWORKS, INC. OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT DAMAGES + * IN EXCESS OF $1,000, NOR FOR ANY INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR + * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY + * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE + * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH + * DAMAGE. + * + * ==================================================================== + * + * This software consists of voluntary contributions made by Vovida + * Networks, Inc. and many individuals on behalf of Vovida Networks, + * Inc. For more information on Vovida Networks, Inc., please see + * . + * + */ + +// Local Variables: +// mode:c++ +// c-file-style:"ellemtel" +// c-file-offsets:((case-label . +)) +// indent-tabs-mode:nil +// End: + +#endif -- cgit v1.2.3