diff options
author | Kirill Volinsky <mataes2007@gmail.com> | 2016-03-12 17:48:57 +0000 |
---|---|---|
committer | Kirill Volinsky <mataes2007@gmail.com> | 2016-03-12 17:48:57 +0000 |
commit | 534db770dbe8c358ea267df20145e9793fb0275a (patch) | |
tree | 66989fb4e5511b4efe5652cf5312ac4f160bfd01 /protocols/Telegram/src/tgl/mtproto-client.c | |
parent | 461f53bf697335fabdc82c6c9143e6020de4f022 (diff) |
tgl inside telegram
git-svn-id: http://svn.miranda-ng.org/main/trunk@16471 1316c22d-e87f-b044-9b9b-93d7a3e3ba9c
Diffstat (limited to 'protocols/Telegram/src/tgl/mtproto-client.c')
-rw-r--r-- | protocols/Telegram/src/tgl/mtproto-client.c | 1489 |
1 files changed, 1489 insertions, 0 deletions
diff --git a/protocols/Telegram/src/tgl/mtproto-client.c b/protocols/Telegram/src/tgl/mtproto-client.c new file mode 100644 index 0000000000..37530b5afb --- /dev/null +++ b/protocols/Telegram/src/tgl/mtproto-client.c @@ -0,0 +1,1489 @@ +/* + This file is part of tgl-library + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + + Copyright Nikolay Durov, Andrey Lopatin 2012-2013 + Vitaly Valtman 2013-2015 +*/ + +#ifdef HAVE_CONFIG_H +#include "config.h" +#endif + +#define _FILE_OFFSET_BITS 64 + +#include <assert.h> +#include <string.h> +#include <stdio.h> +#include <stdlib.h> +#include <signal.h> +#if defined(WIN32) || defined(_WIN32) +#include <io.h> +#include <stdint.h> +#include <winsock2.h> +#include <ws2tcpip.h> +#define WIN32_LEAN_AND_MEAN +#include <windows.h> +#undef WIN32_LEAN_AND_MEAN +#else +#include <unistd.h> +#include <netdb.h> +#include <sys/socket.h> +#include <netinet/in.h> +#include <netinet/tcp.h> +#include <poll.h> +#endif +#include <fcntl.h> +#if defined(__FreeBSD__) || defined(__OpenBSD__) +#include <sys/endian.h> +#endif +#include <sys/types.h> +#include <openssl/rand.h> +#include <openssl/rsa.h> +#include <openssl/pem.h> +#include <openssl/sha.h> + +//#include "telegram.h" +#include "queries.h" +//#include "loop.h" +#include "tgl-structures.h" +#include "tgl-binlog.h" +#include "auto.h" +#include "auto/auto-types.h" +#include "auto/auto-skip.h" +#include "tgl.h" +#include "mtproto-client.h" +#include "tools.h" +#include "tree.h" +#include "updates.h" +#include "mtproto-utils.h" +#include "auto.h" +#include "tgl-methods-in.h" + +#if defined(__FreeBSD__) +#define __builtin_bswap32(x) bswap32(x) +#endif + +#if defined(__OpenBSD__) +#define __builtin_bswap32(x) __swap32gen(x) +#endif + +#define sha1 SHA1 + +#include "mtproto-common.h" + +#define MAX_NET_RES (1L << 16) +//extern int log_level; + +static long long generate_next_msg_id (struct tgl_state *TLS, struct tgl_dc *DC, struct tgl_session *S); +static double get_server_time (struct tgl_dc *DC); + +#if !defined(HAVE___BUILTIN_BSWAP32) && !defined(__FreeBSD__) && !defined(__OpenBSD__) +static inline unsigned __builtin_bswap32(unsigned x) { + return ((x << 24) & 0xff000000 ) | + ((x << 8) & 0x00ff0000 ) | + ((x >> 8) & 0x0000ff00 ) | + ((x >> 24) & 0x000000ff ); +} +#endif + +// for statistic only +static int total_packets_sent; +static long long total_data_sent; + + +static int rpc_execute (struct tgl_state *TLS, struct connection *c, int op, int len); +static int rpc_becomes_ready (struct tgl_state *TLS, struct connection *c); +static int rpc_close (struct tgl_state *TLS, struct connection *c); + +static double get_utime (int clock_id) { + struct timespec T; + tgl_my_clock_gettime (clock_id, &T); + return T.tv_sec + (double) T.tv_nsec * 1e-9; +} + + +#define MAX_RESPONSE_SIZE (1L << 24) + +static RSA *rsa_load_public_key (struct tgl_state *TLS, const char *public_key_name) { +#if defined(_MSC_VER) && _MSC_VER >= 1400 + FILE * f = NULL; + errno_t err = fopen_s(&f, public_key_name, "r"); + if (err != 0) { +#else + FILE *f = fopen (public_key_name, "r"); + if (f == NULL) { +#endif + vlogprintf (E_WARNING, "Couldn't open public key file: %s\n", public_key_name); + return NULL; + } + RSA *res = PEM_read_RSAPublicKey (f, NULL, NULL, NULL); + fclose (f); + if (res == NULL) { + vlogprintf (E_WARNING, "PEM_read_RSAPublicKey returns NULL.\n"); + return NULL; + } + + vlogprintf (E_NOTICE, "public key '%s' loaded successfully\n", public_key_name); + + return res; +} + + + + +/* + * + * UNAUTHORIZED (DH KEY EXCHANGE) PROTOCOL PART + * + */ + +#define ENCRYPT_BUFFER_INTS 16384 +static int encrypt_buffer[ENCRYPT_BUFFER_INTS]; + +#define DECRYPT_BUFFER_INTS 16384 +static int decrypt_buffer[ENCRYPT_BUFFER_INTS]; + +static int encrypt_packet_buffer (struct tgl_state *TLS, struct tgl_dc *DC) { + RSA *key = TLS->rsa_key_loaded[DC->rsa_key_idx]; + return tgl_pad_rsa_encrypt (TLS, (char *) packet_buffer, (packet_ptr - packet_buffer) * 4, (char *) encrypt_buffer, ENCRYPT_BUFFER_INTS * 4, key->n, key->e); +} + +static int encrypt_packet_buffer_aes_unauth (const char server_nonce[16], const char hidden_client_nonce[32]) { + tgl_init_aes_unauth (server_nonce, hidden_client_nonce, AES_ENCRYPT); + return tgl_pad_aes_encrypt ((char *) packet_buffer, (packet_ptr - packet_buffer) * 4, (char *) encrypt_buffer, ENCRYPT_BUFFER_INTS * 4); +} + +// +// Used in unauthorized part of protocol +// +static int rpc_send_packet (struct tgl_state *TLS, struct connection *c) { + static struct { + long long auth_key_id; + long long out_msg_id; + int msg_len; + } unenc_msg_header; + + int len = (packet_ptr - packet_buffer) * 4; + TLS->net_methods->incr_out_packet_num (c); + + struct tgl_dc *DC = TLS->net_methods->get_dc (c); + struct tgl_session *S = TLS->net_methods->get_session (c); + + unenc_msg_header.out_msg_id = generate_next_msg_id (TLS, DC, S); + unenc_msg_header.msg_len = len; + + int total_len = len + 20; + assert (total_len > 0 && !(total_len & 0xfc000003)); + total_len >>= 2; + vlogprintf (E_DEBUG, "writing packet: total_len = %d, len = %d\n", total_len, len); + if (total_len < 0x7f) { + assert (TLS->net_methods->write_out (c, &total_len, 1) == 1); + } else { + total_len = (total_len << 8) | 0x7f; + assert (TLS->net_methods->write_out (c, &total_len, 4) == 4); + } + TLS->net_methods->write_out (c, &unenc_msg_header, 20); + TLS->net_methods->write_out (c, packet_buffer, len); + TLS->net_methods->flush_out (c); + + total_packets_sent ++; + total_data_sent += total_len; + return 1; +} + +static int rpc_send_message (struct tgl_state *TLS, struct connection *c, void *data, int len) { + assert (len > 0 && !(len & 0xfc000003)); + + int total_len = len >> 2; + if (total_len < 0x7f) { + assert (TLS->net_methods->write_out (c, &total_len, 1) == 1); + } else { + total_len = (total_len << 8) | 0x7f; + assert (TLS->net_methods->write_out (c, &total_len, 4) == 4); + } + + TLS->net_methods->incr_out_packet_num (c); + assert (TLS->net_methods->write_out (c, data, len) == len); + TLS->net_methods->flush_out (c); + + total_packets_sent ++; + total_data_sent += total_len; + return 1; +} + +// +// State machine. See description at +// https://core.telegram.org/mtproto/auth_key +// + + +static int check_unauthorized_header (struct tgl_state *TLS) { + long long auth_key_id = fetch_long (); + if (auth_key_id) { + vlogprintf (E_ERROR, "ERROR: auth_key_id should be NULL\n"); + return -1; + } + fetch_long (); // msg_id + int len = fetch_int (); + if (len != 4 * (in_end - in_ptr)) { + vlogprintf (E_ERROR, "ERROR: length mismatch\n"); + return -1; + } + return 0; +} + +/* {{{ REQ_PQ */ +// req_pq#60469778 nonce:int128 = ResPQ +static int send_req_pq_packet (struct tgl_state *TLS, struct connection *c) { + struct tgl_dc *DC = TLS->net_methods->get_dc (c); + assert (DC->state == st_init); + + tglt_secure_random (DC->nonce, 16); + clear_packet (); + out_int (CODE_req_pq); + out_ints ((int *)DC->nonce, 4); + rpc_send_packet (TLS, c); + + DC->state = st_reqpq_sent; + return 1; +} + +// req_pq#60469778 nonce:int128 = ResPQ +static int send_req_pq_temp_packet (struct tgl_state *TLS, struct connection *c) { + struct tgl_dc *DC = TLS->net_methods->get_dc (c); + assert (DC->state == st_authorized); + + tglt_secure_random (DC->nonce, 16); + clear_packet (); + out_int (CODE_req_pq); + out_ints ((int *)DC->nonce, 4); + rpc_send_packet (TLS, c); + + DC->state = st_reqpq_sent_temp; + return 1; +} +/* }}} */ + +/* {{{ REQ DH */ +// req_DH_params#d712e4be nonce:int128 server_nonce:int128 p:string q:string public_key_fingerprint:long encrypted_data:string = Server_DH_Params; +// p_q_inner_data#83c95aec pq:string p:string q:string nonce:int128 server_nonce:int128 new_nonce:int256 = P_Q_inner_data; +// p_q_inner_data_temp#3c6a84d4 pq:string p:string q:string nonce:int128 server_nonce:int128 new_nonce:int256 expires_in:int = P_Q_inner_data; +static void send_req_dh_packet (struct tgl_state *TLS, struct connection *c, BIGNUM *pq, int temp_key) { + struct tgl_dc *DC = TLS->net_methods->get_dc (c); + + BIGNUM *p = BN_new (); + BIGNUM *q = BN_new (); + assert (bn_factorize (pq, p, q) >= 0); + + clear_packet (); + packet_ptr += 5; + out_int (temp_key ? CODE_p_q_inner_data_temp : CODE_p_q_inner_data); + + out_bignum (pq); + out_bignum (p); + out_bignum (q); + + out_ints ((int *) DC->nonce, 4); + out_ints ((int *) DC->server_nonce, 4); + tglt_secure_random (DC->new_nonce, 32); + out_ints ((int *) DC->new_nonce, 8); + if (temp_key) { + out_int (TLS->temp_key_expire_time); + } + sha1 ((unsigned char *) (packet_buffer + 5), (packet_ptr - packet_buffer - 5) * 4, (unsigned char *) packet_buffer); + + int l = encrypt_packet_buffer (TLS, DC); + + clear_packet (); + out_int (CODE_req_DH_params); + out_ints ((int *) DC->nonce, 4); + out_ints ((int *) DC->server_nonce, 4); + out_bignum (p); + out_bignum (q); + + out_long (TLS->rsa_key_fingerprint[DC->rsa_key_idx]); + out_cstring ((char *) encrypt_buffer, l); + + BN_free (p); + BN_free (q); + DC->state = temp_key ? st_reqdh_sent_temp : st_reqdh_sent; + rpc_send_packet (TLS, c); +} +/* }}} */ + +/* {{{ SEND DH PARAMS */ +// set_client_DH_params#f5045f1f nonce:int128 server_nonce:int128 encrypted_data:string = Set_client_DH_params_answer; +// client_DH_inner_data#6643b654 nonce:int128 server_nonce:int128 retry_id:long g_b:string = Client_DH_Inner_Data +static void send_dh_params (struct tgl_state *TLS, struct connection *c, BIGNUM *dh_prime, BIGNUM *g_a, int g, int temp_key) { + struct tgl_dc *DC = TLS->net_methods->get_dc (c); + + clear_packet (); + packet_ptr += 5; + out_int (CODE_client_DH_inner_data); + out_ints ((int *) DC->nonce, 4); + out_ints ((int *) DC->server_nonce, 4); + out_long (0); + + BIGNUM *dh_g = BN_new (); + ensure (BN_set_word (dh_g, g)); + + static unsigned char s_power[256]; + tglt_secure_random (s_power, 256); + BIGNUM *dh_power = BN_bin2bn ((unsigned char *)s_power, 256, 0); + ensure_ptr (dh_power); + + BIGNUM *y = BN_new (); + ensure_ptr (y); + ensure (BN_mod_exp (y, dh_g, dh_power, dh_prime, TLS->BN_ctx)); + out_bignum (y); + BN_free (y); + + BIGNUM *auth_key_num = BN_new (); + ensure (BN_mod_exp (auth_key_num, g_a, dh_power, dh_prime, TLS->BN_ctx)); + int l = BN_num_bytes (auth_key_num); + assert (l >= 250 && l <= 256); + assert (BN_bn2bin (auth_key_num, (unsigned char *)(temp_key ? DC->temp_auth_key : DC->auth_key))); + if (l < 256) { + char *key = temp_key ? DC->temp_auth_key : DC->auth_key; + memmove (key + 256 - l, key, l); + memset (key, 0, 256 - l); + } + + BN_free (dh_power); + BN_free (auth_key_num); + BN_free (dh_g); + + sha1 ((unsigned char *) (packet_buffer + 5), (packet_ptr - packet_buffer - 5) * 4, (unsigned char *) packet_buffer); + + l = encrypt_packet_buffer_aes_unauth (DC->server_nonce, DC->new_nonce); + + clear_packet (); + out_int (CODE_set_client_DH_params); + out_ints ((int *) DC->nonce, 4); + out_ints ((int *) DC->server_nonce, 4); + out_cstring ((char *) encrypt_buffer, l); + + DC->state = temp_key ? st_client_dh_sent_temp : st_client_dh_sent;; + rpc_send_packet (TLS, c); +} +/* }}} */ + +/* {{{ RECV RESPQ */ +// resPQ#05162463 nonce:int128 server_nonce:int128 pq:string server_public_key_fingerprints:Vector long = ResPQ +static int process_respq_answer (struct tgl_state *TLS, struct connection *c, char *packet, int len, int temp_key) { + assert (!(len & 3)); + in_ptr = (int *)packet; + in_end = in_ptr + (len / 4); + if (check_unauthorized_header (TLS) < 0) { + return -1; + } + + int *in_save = in_ptr; + if (skip_type_any (TYPE_TO_PARAM (res_p_q)) < 0 || in_ptr != in_end) { + vlogprintf (E_ERROR, "can not parse req_p_q answer\n"); + return -1; + } + in_ptr = in_save; + + struct tgl_dc *DC = TLS->net_methods->get_dc (c); + + assert (fetch_int() == CODE_res_p_q); + + static int tmp[4]; + fetch_ints (tmp, 4); + if (memcmp (tmp, DC->nonce, 16)) { + vlogprintf (E_ERROR, "nonce mismatch\n"); + return -1; + } + fetch_ints (DC->server_nonce, 4); + + BIGNUM *pq = BN_new (); + assert (fetch_bignum (pq) >= 0); + + assert (fetch_int () == CODE_vector); + int fingerprints_num = fetch_int (); + assert (fingerprints_num >= 0); + DC->rsa_key_idx = -1; + + int i; + for (i = 0; i < fingerprints_num; i++) { + int j; + long long fprint = fetch_long (); + for (j = 0; j < TLS->rsa_key_num; j++) { + if (TLS->rsa_key_loaded[j]) { + if (fprint == TLS->rsa_key_fingerprint[j]) { + DC->rsa_key_idx = j; + break; + } + } + } + } + assert (in_ptr == in_end); + if (DC->rsa_key_idx == -1) { + vlogprintf (E_ERROR, "fatal: don't have any matching keys\n"); + return -1; + } + + send_req_dh_packet (TLS, c, pq, temp_key); + + BN_free (pq); + return 1; +} +/* }}} */ + +/* {{{ RECV DH */ +// server_DH_params_fail#79cb045d nonce:int128 server_nonce:int128 new_nonce_hash:int128 = Server_DH_Params; +// server_DH_params_ok#d0e8075c nonce:int128 server_nonce:int128 encrypted_answer:string = Server_DH_Params; +// server_DH_inner_data#b5890dba nonce:int128 server_nonce:int128 g:int dh_prime:string g_a:string server_time:int = Server_DH_inner_data; +static int process_dh_answer (struct tgl_state *TLS, struct connection *c, char *packet, int len, int temp_key) { + assert (!(len & 3)); + in_ptr = (int *)packet; + in_end = in_ptr + (len / 4); + if (check_unauthorized_header (TLS) < 0) { + return -1; + } + + int *in_save = in_ptr; + if (skip_type_any (TYPE_TO_PARAM (server_d_h_params)) < 0 || in_ptr != in_end) { + vlogprintf (E_ERROR, "can not parse server_DH_params answer\n"); + return -1; + } + in_ptr = in_save; + + struct tgl_dc *DC = TLS->net_methods->get_dc (c); + + unsigned op = fetch_int (); + assert (op == CODE_server__d_h_params_ok || op == CODE_server__d_h_params_fail); + + int tmp[4]; + fetch_ints (tmp, 4); + if (memcmp (tmp, DC->nonce, 16)) { + vlogprintf (E_ERROR, "nonce mismatch\n"); + return -1; + } + assert (!memcmp (tmp, DC->nonce, 16)); + fetch_ints (tmp, 4); + if (memcmp (tmp, DC->server_nonce, 16)) { + vlogprintf (E_ERROR, "nonce mismatch\n"); + return -1; + } + assert (!memcmp (tmp, DC->server_nonce, 16)); + + if (op == CODE_server__d_h_params_fail) { + vlogprintf (E_ERROR, "DH params fail\n"); + return -1; + } + + tgl_init_aes_unauth (DC->server_nonce, DC->new_nonce, AES_DECRYPT); + + int l = prefetch_strlen (); + assert (l >= 0); + if (!l) { + vlogprintf (E_ERROR, "non-empty encrypted part expected\n"); + return -1; + } + l = tgl_pad_aes_decrypt (fetch_str (l), l, (char *) decrypt_buffer, DECRYPT_BUFFER_INTS * 4 - 16); + assert (in_ptr == in_end); + + in_ptr = decrypt_buffer + 5; + in_end = decrypt_buffer + (l >> 2); + if (skip_type_any (TYPE_TO_PARAM (server_d_h_inner_data)) < 0) { + vlogprintf (E_ERROR, "can not parse server_DH_inner_data answer\n"); + return -1; + } + in_ptr = decrypt_buffer + 5; + + assert (fetch_int () == (int)CODE_server_DH_inner_data); + fetch_ints (tmp, 4); + if (memcmp (tmp, DC->nonce, 16)) { + vlogprintf (E_ERROR, "nonce mismatch\n"); + return -1; + } + assert (!memcmp (tmp, DC->nonce, 16)); + fetch_ints (tmp, 4); + if (memcmp (tmp, DC->server_nonce, 16)) { + vlogprintf (E_ERROR, "nonce mismatch\n"); + return -1; + } + assert (!memcmp (tmp, DC->server_nonce, 16)); + int g = fetch_int (); + + BIGNUM *dh_prime = BN_new (); + BIGNUM *g_a = BN_new (); + assert (fetch_bignum (dh_prime) > 0); + assert (fetch_bignum (g_a) > 0); + + if (tglmp_check_DH_params (TLS, dh_prime, g) < 0) { + vlogprintf (E_ERROR, "bad DH params\n"); + return -1; + } + if (tglmp_check_g_a (TLS, dh_prime, g_a) < 0) { + vlogprintf (E_ERROR, "bad dh_prime\n"); + return -1; + } + + int server_time = fetch_int (); + assert (in_ptr <= in_end); + + static char sha1_buffer[20]; + sha1 ((unsigned char *) decrypt_buffer + 20, (in_ptr - decrypt_buffer - 5) * 4, (unsigned char *) sha1_buffer); + if (memcmp (decrypt_buffer, sha1_buffer, 20)) { + vlogprintf (E_ERROR, "bad encrypted message SHA1\n"); + return -1; + } + if ((char *) in_end - (char *) in_ptr >= 16) { + vlogprintf (E_ERROR, "too much padding\n"); + return -1; + } + + DC->server_time_delta = server_time - get_utime (CLOCK_REALTIME); + DC->server_time_udelta = server_time - get_utime (CLOCK_MONOTONIC); + + send_dh_params (TLS, c, dh_prime, g_a, g, temp_key); + + BN_free (dh_prime); + BN_free (g_a); + + return 1; +} +/* }}} */ + +static void create_temp_auth_key (struct tgl_state *TLS, struct connection *c) { + assert (TLS->enable_pfs); + send_req_pq_temp_packet (TLS, c); +} + +int tglmp_encrypt_inner_temp (struct tgl_state *TLS, struct connection *c, int *msg, int msg_ints, int useful, void *data, long long msg_id); +static long long msg_id_override; +static void mpc_on_get_config (struct tgl_state *TLS, void *extra, int success); +static void bind_temp_auth_key (struct tgl_state *TLS, struct connection *c); + +/* {{{ RECV AUTH COMPLETE */ + +// dh_gen_ok#3bcbf734 nonce:int128 server_nonce:int128 new_nonce_hash1:int128 = Set_client_DH_params_answer; +// dh_gen_retry#46dc1fb9 nonce:int128 server_nonce:int128 new_nonce_hash2:int128 = Set_client_DH_params_answer; +// dh_gen_fail#a69dae02 nonce:int128 server_nonce:int128 new_nonce_hash3:int128 = Set_client_DH_params_answer; +static int process_auth_complete (struct tgl_state *TLS, struct connection *c, char *packet, int len, int temp_key) { + struct tgl_dc *DC = TLS->net_methods->get_dc (c); + + assert (!(len & 3)); + in_ptr = (int *)packet; + in_end = in_ptr + (len / 4); + if (check_unauthorized_header (TLS) < 0) { + return -1; + } + + int *in_save = in_ptr; + if (skip_type_any (TYPE_TO_PARAM (set_client_d_h_params_answer)) < 0 || in_ptr != in_end) { + vlogprintf (E_ERROR, "can not parse server_DH_params answer\n"); + return -1; + } + in_ptr = in_save; + + unsigned op = fetch_int (); + assert (op == CODE_dh_gen_ok || op == CODE_dh_gen_retry || op == CODE_dh_gen_fail); + + int tmp[4]; + fetch_ints (tmp, 4); + if (memcmp (DC->nonce, tmp, 16)) { + vlogprintf (E_ERROR, "nonce mismatch\n"); + return -1; + } + fetch_ints (tmp, 4); + if (memcmp (DC->server_nonce, tmp, 16)) { + vlogprintf (E_ERROR, "nonce mismatch\n"); + return -1; + } + if (op != CODE_dh_gen_ok) { + vlogprintf (E_ERROR, "something bad. Retry regen\n"); + return -1; + } + + fetch_ints (tmp, 4); + + static unsigned char th[44], sha1_buffer[20]; + memcpy (th, DC->new_nonce, 32); + th[32] = 1; + if (!temp_key) { + sha1 ((unsigned char *)DC->auth_key, 256, sha1_buffer); + } else { + sha1 ((unsigned char *)DC->temp_auth_key, 256, sha1_buffer); + } + memcpy (th + 33, sha1_buffer, 8); + sha1 (th, 41, sha1_buffer); + if (memcmp (tmp, sha1_buffer + 4, 16)) { + vlogprintf (E_ERROR, "hash mismatch\n"); + return -1; + } + + if (!temp_key) { + bl_do_set_auth_key (TLS, DC->id, (unsigned char *)DC->auth_key); + sha1 ((unsigned char *)DC->auth_key, 256, sha1_buffer); + } else { + sha1 ((unsigned char *)DC->temp_auth_key, 256, sha1_buffer); + DC->temp_auth_key_id = *(long long *)(sha1_buffer + 12); + } + + DC->server_salt = *(long long *)DC->server_nonce ^ *(long long *)DC->new_nonce; + + DC->state = st_authorized; + + vlogprintf (E_DEBUG, "Auth success\n"); + if (temp_key) { + bind_temp_auth_key (TLS, c); + } else { + DC->flags |= 1; + if (TLS->enable_pfs) { + create_temp_auth_key (TLS, c); + } else { + DC->temp_auth_key_id = DC->auth_key_id; + memcpy (DC->temp_auth_key, DC->auth_key, 256); + DC->flags |= 2; + if (!(DC->flags & 4)) { + tgl_do_help_get_config_dc (TLS, DC, mpc_on_get_config, DC); + } + } + } + + return 1; +} +/* }}} */ + +static void bind_temp_auth_key (struct tgl_state *TLS, struct connection *c) { + struct tgl_dc *DC = TLS->net_methods->get_dc (c); + if (DC->temp_auth_key_bind_query_id) { + tglq_query_delete (TLS, DC->temp_auth_key_bind_query_id); + } + struct tgl_session *S = TLS->net_methods->get_session (c); + long long msg_id = generate_next_msg_id (TLS, DC, S); + + clear_packet (); + out_int (CODE_bind_auth_key_inner); + long long rand; + tglt_secure_random (&rand, 8); + out_long (rand); + out_long (DC->temp_auth_key_id); + out_long (DC->auth_key_id); + + if (!S->session_id) { + tglt_secure_random (&S->session_id, 8); + } + out_long (S->session_id); + int expires = (int)time (0) + DC->server_time_delta + TLS->temp_key_expire_time; + out_int (expires); + + static int data[1000]; + int len = tglmp_encrypt_inner_temp (TLS, c, packet_buffer, packet_ptr - packet_buffer, 0, data, msg_id); + msg_id_override = msg_id; + DC->temp_auth_key_bind_query_id = msg_id; + tgl_do_send_bind_temp_key (TLS, DC, rand, expires, (void *)data, len, msg_id); + msg_id_override = 0; +} + +/* + * + * AUTHORIZED (MAIN) PROTOCOL PART + * + */ + +static struct encrypted_message enc_msg; + +static double get_server_time (struct tgl_dc *DC) { + //if (!DC->server_time_udelta) { + // DC->server_time_udelta = get_utime (CLOCK_REALTIME) - get_utime (CLOCK_MONOTONIC); + //} + return get_utime (CLOCK_MONOTONIC) + DC->server_time_udelta; +} + +static long long generate_next_msg_id (struct tgl_state *TLS, struct tgl_dc *DC, struct tgl_session *S) { + long long next_id = (long long) (get_server_time (DC) * (1LL << 32)) & -4; + if (next_id <= S->last_msg_id) { + next_id = S->last_msg_id += 4; + } else { + S->last_msg_id = next_id; + } + return next_id; +} + +static void init_enc_msg (struct tgl_state *TLS, struct tgl_session *S, int useful) { + struct tgl_dc *DC = S->dc; + assert (DC->state == st_authorized); + assert (DC->temp_auth_key_id); + vlogprintf (E_DEBUG, "temp_auth_key_id = 0x%016llx, auth_key_id = 0x%016llx\n", DC->temp_auth_key_id, DC->auth_key_id); + enc_msg.auth_key_id = DC->temp_auth_key_id; + enc_msg.server_salt = DC->server_salt; + if (!S->session_id) { + tglt_secure_random (&S->session_id, 8); + } + enc_msg.session_id = S->session_id; + enc_msg.msg_id = msg_id_override ? msg_id_override : generate_next_msg_id (TLS, DC, S); + enc_msg.seq_no = S->seq_no; + if (useful) { + enc_msg.seq_no |= 1; + } + S->seq_no += 2; +}; + +static void init_enc_msg_inner_temp (struct tgl_dc *DC, long long msg_id) { + enc_msg.auth_key_id = DC->auth_key_id; + tglt_secure_random (&enc_msg.server_salt, 8); + tglt_secure_random (&enc_msg.session_id, 8); + enc_msg.msg_id = msg_id; + enc_msg.seq_no = 0; +}; + + +static int aes_encrypt_message (struct tgl_state *TLS, char *key, struct encrypted_message *enc) { + unsigned char sha1_buffer[20]; + const int MINSZ = offsetof (struct encrypted_message, message); + const int UNENCSZ = offsetof (struct encrypted_message, server_salt); + + int enc_len = (MINSZ - UNENCSZ) + enc->msg_len; + assert (enc->msg_len >= 0 && enc->msg_len <= MAX_MESSAGE_INTS * 4 - 16 && !(enc->msg_len & 3)); + sha1 ((unsigned char *) &enc->server_salt, enc_len, sha1_buffer); + vlogprintf (E_DEBUG, "sending message with sha1 %08x\n", *(int *)sha1_buffer); + memcpy (enc->msg_key, sha1_buffer + 4, 16); + tgl_init_aes_auth (key, enc->msg_key, AES_ENCRYPT); + return tgl_pad_aes_encrypt ((char *) &enc->server_salt, enc_len, (char *) &enc->server_salt, MAX_MESSAGE_INTS * 4 + (MINSZ - UNENCSZ)); +} + +long long tglmp_encrypt_send_message (struct tgl_state *TLS, struct connection *c, int *msg, int msg_ints, int flags) { + struct tgl_dc *DC = TLS->net_methods->get_dc (c); + struct tgl_session *S = TLS->net_methods->get_session (c); + assert (S); + if (!(DC->flags & 4) && !(flags & 2)) { + return generate_next_msg_id (TLS, DC, S); + } + + const int UNENCSZ = offsetof (struct encrypted_message, server_salt); + if (msg_ints <= 0 || msg_ints > MAX_MESSAGE_INTS - 4) { + return -1; + } + if (msg) { + memcpy (enc_msg.message, msg, msg_ints * 4); + enc_msg.msg_len = msg_ints * 4; + } else { + if ((enc_msg.msg_len & 0x80000003) || enc_msg.msg_len > MAX_MESSAGE_INTS * 4 - 16) { + return -1; + } + } + init_enc_msg (TLS, S, flags & 1); + + int l = aes_encrypt_message (TLS, DC->temp_auth_key, &enc_msg); + assert (l > 0); + rpc_send_message (TLS, c, &enc_msg, l + UNENCSZ); + + return S->last_msg_id; +} + +int tglmp_encrypt_inner_temp (struct tgl_state *TLS, struct connection *c, int *msg, int msg_ints, int useful, void *data, long long msg_id) { + struct tgl_dc *DC = TLS->net_methods->get_dc (c); + struct tgl_session *S = TLS->net_methods->get_session (c); + assert (S); + + const int UNENCSZ = offsetof (struct encrypted_message, server_salt); + if (msg_ints <= 0 || msg_ints > MAX_MESSAGE_INTS - 4) { + return -1; + } + memcpy (enc_msg.message, msg, msg_ints * 4); + enc_msg.msg_len = msg_ints * 4; + + init_enc_msg_inner_temp (DC, msg_id); + + int l = aes_encrypt_message (TLS, DC->auth_key, &enc_msg); + assert (l > 0); + //rpc_send_message (c, &enc_msg, l + UNENCSZ); + memcpy (data, &enc_msg, l + UNENCSZ); + + return l + UNENCSZ; +} + +static int rpc_execute_answer (struct tgl_state *TLS, struct connection *c, long long msg_id); + +static int work_container (struct tgl_state *TLS, struct connection *c, long long msg_id) { + vlogprintf (E_DEBUG, "work_container: msg_id = %"_PRINTF_INT64_"d\n", msg_id); + assert (fetch_int () == CODE_msg_container); + int n = fetch_int (); + int i; + for (i = 0; i < n; i++) { + long long id = fetch_long (); + //int seqno = fetch_int (); + fetch_int (); // seq_no + if (id & 1) { + tgln_insert_msg_id (TLS, TLS->net_methods->get_session (c), id); + } + int bytes = fetch_int (); + int *t = in_end; + in_end = in_ptr + (bytes / 4); + int r = rpc_execute_answer (TLS, c, id); + if (r < 0) { return -1; } + assert (in_ptr == in_end); + in_end = t; + } + return 0; +} + +static int work_new_session_created (struct tgl_state *TLS, struct connection *c, long long msg_id) { + vlogprintf (E_DEBUG, "work_new_session_created: msg_id = %"_PRINTF_INT64_"d\n", msg_id); + assert (fetch_int () == (int)CODE_new_session_created); + fetch_long (); // first message id + fetch_long (); // unique_id + TLS->net_methods->get_dc (c)->server_salt = fetch_long (); + if (TLS->started && !(TLS->locks & TGL_LOCK_DIFF) && (TLS->DC_working->flags & TGLDCF_LOGGED_IN)) { + tgl_do_get_difference (TLS, 0, 0, 0); + } + return 0; +} + +static int work_msgs_ack (struct tgl_state *TLS, struct connection *c, long long msg_id) { + vlogprintf (E_DEBUG, "work_msgs_ack: msg_id = %"_PRINTF_INT64_"d\n", msg_id); + assert (fetch_int () == CODE_msgs_ack); + assert (fetch_int () == CODE_vector); + int n = fetch_int (); + int i; + for (i = 0; i < n; i++) { + long long id = fetch_long (); + vlogprintf (E_DEBUG + 1, "ack for %"_PRINTF_INT64_"d\n", id); + tglq_query_ack (TLS, id); + } + return 0; +} + +static int work_rpc_result (struct tgl_state *TLS, struct connection *c, long long msg_id) { + vlogprintf (E_DEBUG, "work_rpc_result: msg_id = %"_PRINTF_INT64_"d\n", msg_id); + assert (fetch_int () == (int)CODE_rpc_result); + long long id = fetch_long (); + int op = prefetch_int (); + if (op == CODE_rpc_error) { + return tglq_query_error (TLS, id); + } else { + return tglq_query_result (TLS, id); + } +} + +#define MAX_PACKED_SIZE (1 << 24) +static int work_packed (struct tgl_state *TLS, struct connection *c, long long msg_id) { + assert (fetch_int () == CODE_gzip_packed); + static int in_gzip; + static int buf[MAX_PACKED_SIZE >> 2]; + assert (!in_gzip); + in_gzip = 1; + + int l = prefetch_strlen (); + char *s = fetch_str (l); + + int total_out = tgl_inflate (s, l, buf, MAX_PACKED_SIZE); + int *end = in_ptr; + int *eend = in_end; + //assert (total_out % 4 == 0); + in_ptr = buf; + in_end = in_ptr + total_out / 4; + int r = rpc_execute_answer (TLS, c, msg_id); + in_ptr = end; + in_end = eend; + in_gzip = 0; + return r; +} + +static int work_bad_server_salt (struct tgl_state *TLS, struct connection *c, long long msg_id) { + assert (fetch_int () == (int)CODE_bad_server_salt); + long long id = fetch_long (); + tglq_query_restart (TLS, id); + fetch_int (); // seq_no + fetch_int (); // error_code + long long new_server_salt = fetch_long (); + TLS->net_methods->get_dc (c)->server_salt = new_server_salt; + return 0; +} + +static int work_pong (struct tgl_state *TLS, struct connection *c, long long msg_id) { + assert (fetch_int () == CODE_pong); + fetch_long (); // msg_id + fetch_long (); // ping_id + return 0; +} + +static int work_detailed_info (struct tgl_state *TLS, struct connection *c, long long msg_id) { + assert (fetch_int () == CODE_msg_detailed_info); + fetch_long (); // msg_id + fetch_long (); // answer_msg_id + fetch_int (); // bytes + fetch_int (); // status + return 0; +} + +static int work_new_detailed_info (struct tgl_state *TLS, struct connection *c, long long msg_id) { + assert (fetch_int () == (int)CODE_msg_new_detailed_info); + fetch_long (); // answer_msg_id + fetch_int (); // bytes + fetch_int (); // status + return 0; +} + +static int work_bad_msg_notification (struct tgl_state *TLS, struct connection *c, long long msg_id) { + assert (fetch_int () == (int)CODE_bad_msg_notification); + long long m1 = fetch_long (); + int s = fetch_int (); + int e = fetch_int (); + vlogprintf (E_NOTICE, "bad_msg_notification: msg_id = %"_PRINTF_INT64_"d, seq = %d, error = %d\n", m1, s, e); + switch (e) { + // Too low msg id + case 16: + tglq_regen_query (TLS, m1); + break; + // Too high msg id + case 17: + tglq_regen_query (TLS, m1); + break; + default: + vlogprintf (E_NOTICE, "bad_msg_notification: msg_id = %"_PRINTF_INT64_"d, seq = %d, error = %d\n", m1, s, e); + break; + } + + return -1; +} + +static int rpc_execute_answer (struct tgl_state *TLS, struct connection *c, long long msg_id) { + int op = prefetch_int (); + switch (op) { + case CODE_msg_container: + return work_container (TLS, c, msg_id); + case CODE_new_session_created: + return work_new_session_created (TLS, c, msg_id); + case CODE_msgs_ack: + return work_msgs_ack (TLS, c, msg_id); + case CODE_rpc_result: + return work_rpc_result (TLS, c, msg_id); + case CODE_update_short: + case CODE_updates: + case CODE_update_short_message: + case CODE_update_short_chat_message: + case CODE_updates_too_long: + tglu_work_any_updates (TLS); + return 0; + case CODE_gzip_packed: + return work_packed (TLS, c, msg_id); + case CODE_bad_server_salt: + return work_bad_server_salt (TLS, c, msg_id); + case CODE_pong: + return work_pong (TLS, c, msg_id); + case CODE_msg_detailed_info: + return work_detailed_info (TLS, c, msg_id); + case CODE_msg_new_detailed_info: + return work_new_detailed_info (TLS, c, msg_id); + case CODE_bad_msg_notification: + return work_bad_msg_notification (TLS, c, msg_id); + } + vlogprintf (E_WARNING, "Unknown message: %08x\n", op); + in_ptr = in_end; // Will not fail due to assertion in_ptr == in_end + return 0; +} + +static struct mtproto_methods mtproto_methods; +void tgls_free_session (struct tgl_state *TLS, struct tgl_session *S); +/* +static char *get_ipv6 (struct tgl_state *TLS, int num) { + static char res[1<< 10]; + if (TLS->test_mode) { + switch (num) { + case 1: + strcpy (res, TG_SERVER_TEST_IPV6_1); + break; + case 2: + strcpy (res, TG_SERVER_TEST_IPV6_2); + break; + case 3: + strcpy (res, TG_SERVER_TEST_IPV6_3); + break; + default: + assert (0); + } + } else { + switch (num) { + case 1: + strcpy (res, TG_SERVER_IPV6_1); + break; + case 2: + strcpy (res, TG_SERVER_IPV6_2); + break; + case 3: + strcpy (res, TG_SERVER_IPV6_3); + break; + case 4: + strcpy (res, TG_SERVER_IPV6_4); + break; + case 5: + strcpy (res, TG_SERVER_IPV6_5); + break; + default: + assert (0); + } + } + return res; +} +*/ + +static void create_session_connect (struct tgl_state *TLS, struct tgl_session *S) { + struct tgl_dc *DC = S->dc; + + if (TLS->ipv6_enabled) { + S->c = TLS->net_methods->create_connection (TLS, DC->options[1]->ip, DC->options[1]->port, S, DC, &mtproto_methods); + } else { + S->c = TLS->net_methods->create_connection (TLS, DC->options[0]->ip, DC->options[0]->port, S, DC, &mtproto_methods); + } +} + +static void fail_connection (struct tgl_state *TLS, struct connection *c) { + struct tgl_session *S = TLS->net_methods->get_session (c); + TLS->net_methods->free (c); + create_session_connect (TLS, S); +} + +static void fail_session (struct tgl_state *TLS, struct tgl_session *S) { + vlogprintf (E_NOTICE, "failing session %"_PRINTF_INT64_"d\n", S->session_id); + struct tgl_dc *DC = S->dc; + tgls_free_session (TLS, S); + DC->sessions[0] = NULL; + tglmp_dc_create_session (TLS, DC); +} + +static int process_rpc_message (struct tgl_state *TLS, struct connection *c, struct encrypted_message *enc, int len) { + const int MINSZ = offsetof (struct encrypted_message, message); + const int UNENCSZ = offsetof (struct encrypted_message, server_salt); + vlogprintf (E_DEBUG, "process_rpc_message(), len=%d\n", len); + if (len < MINSZ || (len & 15) != (UNENCSZ & 15)) { + vlogprintf (E_WARNING, "Incorrect packet from server. Closing connection\n"); + fail_connection (TLS, c); + return -1; + } + assert (len >= MINSZ && (len & 15) == (UNENCSZ & 15)); + struct tgl_dc *DC = TLS->net_methods->get_dc (c); + if (enc->auth_key_id != DC->temp_auth_key_id && enc->auth_key_id != DC->auth_key_id) { + vlogprintf (E_WARNING, "received msg from dc %d with auth_key_id %"_PRINTF_INT64_"d (perm_auth_key_id %"_PRINTF_INT64_"d temp_auth_key_id %"_PRINTF_INT64_"d). Dropping\n", + DC->id, enc->auth_key_id, DC->auth_key_id, DC->temp_auth_key_id); + return 0; + } + if (enc->auth_key_id == DC->temp_auth_key_id) { + assert (enc->auth_key_id == DC->temp_auth_key_id); + assert (DC->temp_auth_key_id); + tgl_init_aes_auth (DC->temp_auth_key + 8, enc->msg_key, AES_DECRYPT); + } else { + assert (enc->auth_key_id == DC->auth_key_id); + assert (DC->auth_key_id); + tgl_init_aes_auth (DC->auth_key + 8, enc->msg_key, AES_DECRYPT); + } + + int l = tgl_pad_aes_decrypt ((char *)&enc->server_salt, len - UNENCSZ, (char *)&enc->server_salt, len - UNENCSZ); + assert (l == len - UNENCSZ); + + if (!(!(enc->msg_len & 3) && enc->msg_len > 0 && enc->msg_len <= len - MINSZ && len - MINSZ - enc->msg_len <= 12)) { + vlogprintf (E_WARNING, "Incorrect packet from server. Closing connection\n"); + fail_connection (TLS, c); + return -1; + } + assert (!(enc->msg_len & 3) && enc->msg_len > 0 && enc->msg_len <= len - MINSZ && len - MINSZ - enc->msg_len <= 12); + + struct tgl_session *S = TLS->net_methods->get_session (c); + if (!S || S->session_id != enc->session_id) { + vlogprintf (E_WARNING, "Message to bad session. Drop.\n"); + return 0; + } + + static unsigned char sha1_buffer[20]; + sha1 ((void *)&enc->server_salt, enc->msg_len + (MINSZ - UNENCSZ), sha1_buffer); + if (memcmp (&enc->msg_key, sha1_buffer + 4, 16)) { + vlogprintf (E_WARNING, "Incorrect packet from server. Closing connection\n"); + fail_connection (TLS, c); + return -1; + } + assert (!memcmp (&enc->msg_key, sha1_buffer + 4, 16)); + + int this_server_time = enc->msg_id >> 32LL; + if (!S->received_messages) { + DC->server_time_delta = this_server_time - get_utime (CLOCK_REALTIME); + if (DC->server_time_udelta) { + vlogprintf (E_WARNING, "adjusting CLOCK_MONOTONIC delta to %lf\n", + DC->server_time_udelta - this_server_time + get_utime (CLOCK_MONOTONIC)); + } + DC->server_time_udelta = this_server_time - get_utime (CLOCK_MONOTONIC); + } + + double st = get_server_time (DC); + if (this_server_time < st - 300 || this_server_time > st + 30) { + vlogprintf (E_WARNING, "bad msg time: salt = %"_PRINTF_INT64_"d, session_id = %"_PRINTF_INT64_"d, msg_id = %"_PRINTF_INT64_"d, seq_no = %d, st = %lf, now = %lf\n", enc->server_salt, enc->session_id, enc->msg_id, enc->seq_no, st, get_utime (CLOCK_REALTIME)); + fail_session (TLS, S); + return -1; + } + S->received_messages ++; + + if (DC->server_salt != enc->server_salt) { + DC->server_salt = enc->server_salt; + } + + assert (this_server_time >= st - 300 && this_server_time <= st + 30); + //assert (enc->msg_id > server_last_msg_id && (enc->msg_id & 3) == 1); + vlogprintf (E_DEBUG, "received mesage id %016llx\n", enc->msg_id); + //server_last_msg_id = enc->msg_id; + + //*(long long *)(longpoll_query + 3) = *(long long *)((char *)(&enc->msg_id) + 0x3c); + //*(long long *)(longpoll_query + 5) = *(long long *)((char *)(&enc->msg_id) + 0x3c); + + assert (l >= (MINSZ - UNENCSZ) + 8); + //assert (enc->message[0] == CODE_rpc_result && *(long long *)(enc->message + 1) == client_last_msg_id); + + in_ptr = enc->message; + in_end = in_ptr + (enc->msg_len / 4); + + if (enc->msg_id & 1) { + tgln_insert_msg_id (TLS, S, enc->msg_id); + } + assert (S->session_id == enc->session_id); + + if (rpc_execute_answer (TLS, c, enc->msg_id) < 0) { + fail_session (TLS, S); + return -1; + } + assert (in_ptr == in_end); + return 0; +} + + +static int rpc_execute (struct tgl_state *TLS, struct connection *c, int op, int len) { + struct tgl_dc *DC = TLS->net_methods->get_dc (c); + + if (len >= MAX_RESPONSE_SIZE/* - 12*/ || len < 0/*12*/) { + vlogprintf (E_WARNING, "answer too long (%d bytes), skipping\n", len); + return 0; + } + + int Response_len = len; + + static char Response[MAX_RESPONSE_SIZE]; + vlogprintf (E_DEBUG, "Response_len = %d\n", Response_len); + assert (TLS->net_methods->read_in (c, Response, Response_len) == Response_len); + +#if !defined(WIN32) || !defined(_WIN32) + setsockopt(c->fd, IPPROTO_TCP, TCP_QUICKACK, (int[]) { 0 }, 4); +#endif +#if !defined(__MACH__) && !defined(__FreeBSD__) && !defined(__OpenBSD__) && !defined (__CYGWIN__) +// setsockopt (c->fd, IPPROTO_TCP, TCP_QUICKACK, (int[]){0}, 4); +#endif + int o = DC->state; + //if (DC->flags & 1) { o = st_authorized;} + if (o != st_authorized) { + vlogprintf (E_DEBUG, "%s: state = %d\n", __func__, o); + } + switch (o) { + case st_reqpq_sent: + process_respq_answer (TLS, c, Response/* + 8*/, Response_len/* - 12*/, 0); + return 0; + case st_reqdh_sent: + process_dh_answer (TLS, c, Response/* + 8*/, Response_len/* - 12*/, 0); + return 0; + case st_client_dh_sent: + process_auth_complete (TLS, c, Response/* + 8*/, Response_len/* - 12*/, 0); + return 0; + case st_reqpq_sent_temp: + process_respq_answer (TLS, c, Response/* + 8*/, Response_len/* - 12*/, 1); + return 0; + case st_reqdh_sent_temp: + process_dh_answer (TLS, c, Response/* + 8*/, Response_len/* - 12*/, 1); + return 0; + case st_client_dh_sent_temp: + process_auth_complete (TLS, c, Response/* + 8*/, Response_len/* - 12*/, 1); + return 0; + case st_authorized: + if (op < 0 && op >= -999) { + vlogprintf (E_WARNING, "Server error %d\n", op); + } else { + return process_rpc_message (TLS, c, (void *)(Response/* + 8*/), Response_len/* - 12*/); + } + return 0; + default: + vlogprintf (E_ERROR, "fatal: cannot receive answer in state %d\n", DC->state); + exit (2); + } + + return 0; +} + + +static int tc_close (struct tgl_state *TLS, struct connection *c, int who) { + vlogprintf (E_DEBUG, "outbound rpc connection from dc #%d : closing by %d\n", TLS->net_methods->get_dc(c)->id, who); + return 0; +} + +static void mpc_on_get_config (struct tgl_state *TLS, void *extra, int success) { + assert (success); + struct tgl_dc *DC = extra; + DC->flags |= 4; +} + +static int tc_becomes_ready (struct tgl_state *TLS, struct connection *c) { + vlogprintf (E_NOTICE, "outbound rpc connection from dc #%d becomed ready\n", TLS->net_methods->get_dc(c)->id); + //char byte = 0xef; + //assert (TLS->net_methods->write_out (c, &byte, 1) == 1); + //TLS->net_methods->flush_out (c); + + struct tgl_dc *DC = TLS->net_methods->get_dc (c); + if (DC->flags & 1) { DC->state = st_authorized; } + int o = DC->state; + if (o == st_authorized && !TLS->enable_pfs) { + DC->temp_auth_key_id = DC->auth_key_id; + memcpy (DC->temp_auth_key, DC->auth_key, 256); + DC->flags |= 2; + } + switch (o) { + case st_init: + send_req_pq_packet (TLS, c); + break; + case st_authorized: + if (!(DC->flags & 2)) { + assert (TLS->enable_pfs); + if (!DC->temp_auth_key_id) { + assert (!DC->temp_auth_key_id); + create_temp_auth_key (TLS, c); + } else { + bind_temp_auth_key (TLS, c); + } + } else if (!(DC->flags & 4)) { + tgl_do_help_get_config_dc (TLS, DC, mpc_on_get_config, DC); + } + break; + default: + vlogprintf (E_DEBUG, "c_state = %d\n", DC->state); + DC->state = st_init; // previous connection was reset + send_req_pq_packet (TLS, c); + break; + } + return 0; +} + +static int rpc_becomes_ready (struct tgl_state *TLS, struct connection *c) { + return tc_becomes_ready (TLS, c); +} + +static int rpc_close (struct tgl_state *TLS, struct connection *c) { + return tc_close (TLS, c, 0); +} + + +#define RANDSEED_PASSWORD_FILENAME NULL +#define RANDSEED_PASSWORD_LENGTH 0 +void tglmp_on_start (struct tgl_state *TLS) { + tgl_prng_seed (TLS, RANDSEED_PASSWORD_FILENAME, RANDSEED_PASSWORD_LENGTH); + + int i; + int ok = 0; + for (i = 0; i < TLS->rsa_key_num; i++) { + char *key = TLS->rsa_key_list[i]; + RSA *res = rsa_load_public_key (TLS, key); + if (!res) { + vlogprintf (E_WARNING, "Can not load key %s\n", key); + TLS->rsa_key_loaded[i] = NULL; + } else { + ok = 1; + TLS->rsa_key_loaded[i] = res; + TLS->rsa_key_fingerprint[i] = tgl_do_compute_rsa_key_fingerprint (res); + } + } + + if (!ok) { + vlogprintf (E_ERROR, "No public keys found\n"); + exit (1); + } +} + +void tgl_dc_authorize (struct tgl_state *TLS, struct tgl_dc *DC) { + //c_state = 0; + if (!DC->sessions[0]) { + tglmp_dc_create_session (TLS, DC); + } + vlogprintf (E_DEBUG, "Starting authorization for DC #%d\n", DC->id); + //net_loop (0, auth_ok); +} + +#define long_cmp(a,b) ((a) > (b) ? 1 : (a) == (b) ? 0 : -1) +DEFINE_TREE(long,long long,long_cmp,0) + +static int send_all_acks (struct tgl_state *TLS, struct tgl_session *S) { + clear_packet (); + out_int (CODE_msgs_ack); + out_int (CODE_vector); + out_int (tree_count_long (S->ack_tree)); + while (S->ack_tree) { + long long x = tree_get_min_long (S->ack_tree); + out_long (x); + S->ack_tree = tree_delete_long (S->ack_tree, x); + } + tglmp_encrypt_send_message (TLS, S->c, packet_buffer, packet_ptr - packet_buffer, 0); + return 0; +} + +static void send_all_acks_gateway (struct tgl_state *TLS, void *arg) { + send_all_acks (TLS, arg); +} + + +void tgln_insert_msg_id (struct tgl_state *TLS, struct tgl_session *S, long long id) { + if (!S->ack_tree) { + TLS->timer_methods->insert (S->ev, ACK_TIMEOUT); + } + if (!tree_lookup_long (S->ack_tree, id)) { + S->ack_tree = tree_insert_long (S->ack_tree, id, lrand48 ()); + } +} + +//extern struct tgl_dc *DC_list[]; + + +static void regen_temp_key_gw (struct tgl_state *TLS, void *arg) { + tglmp_regenerate_temp_auth_key (TLS, arg); +} + +struct tgl_dc *tglmp_alloc_dc (struct tgl_state *TLS, int flags, int id, char *ip, int port) { + //assert (!TLS->DC_list[id]); + + if (!TLS->DC_list[id]) { + struct tgl_dc *DC = talloc0 (sizeof (*DC)); + DC->id = id; + TLS->DC_list[id] = DC; + if (id > TLS->max_dc_num) { + TLS->max_dc_num = id; + } + DC->ev = TLS->timer_methods->alloc (TLS, regen_temp_key_gw, DC); + TLS->timer_methods->insert (DC->ev, 0); + } + + struct tgl_dc *DC = TLS->DC_list[id]; + + struct tgl_dc_option *O = DC->options[flags & 3]; + + struct tgl_dc_option *O2 = O; + while (O2) { + if (!strcmp (O2->ip, ip)) { + tfree_str (ip); + return DC; + } + O2 = O2->next; + } + + struct tgl_dc_option *T = talloc (sizeof (*T)); + T->ip = ip; + T->port = port; + T->next = O; + DC->options[flags & 3] = T; + + + return DC; +} + +static struct mtproto_methods mtproto_methods = { + .execute = rpc_execute, + .ready = rpc_becomes_ready, + .close = rpc_close +}; + +void tglmp_dc_create_session (struct tgl_state *TLS, struct tgl_dc *DC) { + struct tgl_session *S = talloc0 (sizeof (*S)); + assert (RAND_pseudo_bytes ((unsigned char *) &S->session_id, 8) >= 0); + S->dc = DC; + //S->c = TLS->net_methods->create_connection (TLS, DC->ip, DC->port, S, DC, &mtproto_methods); + + create_session_connect (TLS, S); + S->ev = TLS->timer_methods->alloc (TLS, send_all_acks_gateway, S); + assert (!DC->sessions[0]); + DC->sessions[0] = S; +} + +void tgl_do_send_ping (struct tgl_state *TLS, struct connection *c) { + int x[3]; + x[0] = CODE_ping; + *(long long *)(x + 1) = lrand48 () * (1ll << 32) + lrand48 (); + tglmp_encrypt_send_message (TLS, c, x, 3, 0); +} + +void tgl_dc_iterator (struct tgl_state *TLS, void (*iterator)(struct tgl_dc *DC)) { + int i; + for (i = 0; i <= TLS->max_dc_num; i++) { + iterator (TLS->DC_list[i]); + } +} + +void tgl_dc_iterator_ex (struct tgl_state *TLS, void (*iterator)(struct tgl_dc *DC, void *extra), void *extra) { + int i; + for (i = 0; i <= TLS->max_dc_num; i++) { + iterator (TLS->DC_list[i], extra); + } +} + + +void tglmp_regenerate_temp_auth_key (struct tgl_state *TLS, struct tgl_dc *DC) { + DC->flags &= ~6; + DC->temp_auth_key_id = 0; + memset (DC->temp_auth_key, 0, 256); + + if (!DC->sessions[0]) { + tgl_dc_authorize (TLS, DC); + return; + } + + + struct tgl_session *S = DC->sessions[0]; + tglt_secure_random (&S->session_id, 8); + S->seq_no = 0; + + TLS->timer_methods->remove (S->ev); + S->ack_tree = tree_clear_long (S->ack_tree); + + if (DC->state != st_authorized) { + return; + } + + if (S->c) { + create_temp_auth_key (TLS, S->c); + } +} + +void tgls_free_session (struct tgl_state *TLS, struct tgl_session *S) { + S->ack_tree = tree_clear_long (S->ack_tree); + if (S->ev) { TLS->timer_methods->free (S->ev); } + if (S->c) { + TLS->net_methods->free (S->c); + } + tfree (S, sizeof (*S)); +} + +void tgls_free_dc (struct tgl_state *TLS, struct tgl_dc *DC) { + //if (DC->ip) { tfree_str (DC->ip); } + + struct tgl_session *S = DC->sessions[0]; + if (S) { tgls_free_session (TLS, S); } + + if (DC->ev) { TLS->timer_methods->free (DC->ev); } + tfree (DC, sizeof (*DC)); +} + +void tgls_free_pubkey (struct tgl_state *TLS) { + int i; + for (i = 0; i < TLS->rsa_key_num; i++) { + if (TLS->rsa_key_loaded[i]) { + RSA_free (TLS->rsa_key_loaded[i]); + TLS->rsa_key_loaded[i] = NULL; + } + } +} |