tunsafe-clang15/wireguard.h
2018-08-08 13:53:31 +02:00

133 lines
3.3 KiB
C++

// SPDX-License-Identifier: AGPL-1.0-only
// Copyright (C) 2018 Ludvig Strigeus <info@tunsafe.com>. All Rights Reserved.
#pragma once
#include "tunsafe_types.h"
#include "wireguard_proto.h"
struct ProcessorStats {
// Number of bytes sent/received over the physical UDP connections
int64 udp_bytes_in, udp_bytes_out;
int64 udp_packets_in, udp_packets_out;
// Number of bytes sent/received over the TUN interface
int64 tun_bytes_in, tun_bytes_out;
int64 tun_packets_in, tun_packets_out;
uint64 last_complete_handskake_timestamp;
int64 compression_hdr_saved_in, compression_hdr_saved_out;
int64 compression_wg_saved_in, compression_wg_saved_out;
};
class ProcessorDelegate {
public:
virtual void OnConnected(in_addr_t my_ip) = 0;
virtual void OnDisconnected() = 0;
};
enum InternetBlockState {
kBlockInternet_Off,
kBlockInternet_Route,
kBlockInternet_Firewall,
kBlockInternet_Both,
// An unspecified value that uses either route or firewall
kBlockInternet_DefaultOn = 254,
kBlockInternet_Default = 255,
};
class WireguardProcessor {
public:
WireguardProcessor(UdpInterface *udp, TunInterface *tun, ProcessorDelegate *procdel);
~WireguardProcessor();
void SetListenPort(int listen_port) {
listen_port_ = listen_port;
}
bool SetTunAddress(const WgCidrAddr &addr);
bool AddDnsServer(const IpAddr &sin);
void SetMtu(int mtu) {
if (mtu >= 576 && mtu <= 10000)
mtu_ = mtu;
}
void SetAddRoutesMode(bool mode) {
add_routes_mode_ = mode;
}
void SetDnsBlocking(bool dns_blocking) {
dns_blocking_ = dns_blocking;
}
void SetInternetBlocking(InternetBlockState internet_blocking) {
internet_blocking_ = internet_blocking;
}
void SetHeaderObfuscation(const char *key) {
dev_.SetHeaderObfuscation(key);
}
void HandleTunPacket(Packet *packet);
void HandleUdpPacket(Packet *packet, bool overload);
void SecondLoop();
ProcessorStats GetStats();
void ResetStats();
bool Start();
WgDevice &dev() { return dev_; }
TunInterface::PrePostCommands &prepost() { return pre_post_; }
private:
void DoWriteUdpPacket(Packet *packet);
void WritePacketToUdp(WgPeer *peer, Packet *packet);
void SendHandshakeInitiation(WgPeer *peer);
void SendHandshakeInitiationAndResetRetries(WgPeer *peer);
void SendKeepalive(WgPeer *peer);
void SendQueuedPackets(WgPeer *peer);
void HandleHandshakeInitiationPacket(Packet *packet);
void HandleHandshakeResponsePacket(Packet *packet);
void HandleHandshakeCookiePacket(Packet *packet);
void HandleDataPacket(Packet *packet);
void HandleAuthenticatedDataPacket(WgKeypair *keypair, Packet *packet, uint8 *data, size_t data_size);
void HandleShortHeaderFormatPacket(uint32 tag, Packet *packet);
bool CheckIncomingHandshakeRateLimit(Packet *packet, bool overload);
bool HandleIcmpv6NeighborSolicitation(const byte *data, size_t data_size);
void SetupCompressionHeader(WgPacketCompressionVer01 *c);
int listen_port_;
ProcessorDelegate *procdel_;
TunInterface *tun_;
UdpInterface *udp_;
int mtu_;
ProcessorStats stats_;
bool dns_blocking_;
uint8 internet_blocking_;
bool add_routes_mode_;
bool network_discovery_spoofing_;
uint8 network_discovery_mac_[6];
WgDevice dev_;
WgCidrAddr tun_addr_;
WgCidrAddr tun6_addr_;
IpAddr dns_addr_, dns6_addr_;
TunInterface::PrePostCommands pre_post_;
};