Du kan inte välja fler än 25 ämnen Ämnen måste starta med en bokstav eller siffra, kan innehålla bindestreck ('-') och vara max 35 tecken långa.

snfNETmgr.cpp 48KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773
  1. // snfNETmgr.cpp
  2. //
  3. // (C) Copyright 2006 - 2009 ARM Research Labs, LLC
  4. // See www.armresearch.com for the copyright terms.
  5. //
  6. // See snfNETmgr.hpp for details.
  7. #include <sys/types.h>
  8. #include <sys/stat.h>
  9. #include <ctime>
  10. #include <cstring>
  11. #include <string>
  12. #include <vector>
  13. #include <fstream>
  14. #include <sstream>
  15. #include "snfNETmgr.hpp"
  16. #include "snf_sync.hpp"
  17. #include "mangler.hpp"
  18. #include "base64codec.hpp"
  19. // #include "tcp_watchdog.hpp" No longer using TCPWatchdog -- see below _M
  20. using namespace std;
  21. //// snfNETmgr /////////////////////////////////////////////////////////////////
  22. const ThreadType snfNETmgr::Type("snfNETManager"); // The thread's type.
  23. const ThreadState snfNETmgr::Sleeping("Sleeping"); // Taking a break.
  24. const ThreadState snfNETmgr::SYNC_Connect("Connecting"); // Connecting to SYNC server.
  25. const ThreadState snfNETmgr::SYNC_Read_Challenge("Reading challenge"); // Reading challenge.
  26. const ThreadState snfNETmgr::SYNC_Compute_Response("Computing crypto"); // Computing crypto response.
  27. const ThreadState snfNETmgr::SYNC_Send_Response("Sending crypto"); // Sending crypto response.
  28. const ThreadState snfNETmgr::SYNC_Read_Availabilty("Reading Availability"); // Reading rulebase status.
  29. const ThreadState snfNETmgr::SYNC_Send_GBUdb_Alerts("Sending GBUdb"); // Sending GBUdb alerts.
  30. const ThreadState snfNETmgr::SYNC_Send_Status_Reports("Sending Status"); // Sending status reports.
  31. const ThreadState snfNETmgr::SYNC_Send_Samples("Sending Samples"); // Sending message samples.
  32. const ThreadState snfNETmgr::SYNC_Send_End_Of_Report("Sending End"); // Sending end of client data.
  33. const ThreadState snfNETmgr::SYNC_Read_Server_Response("Reading Server"); // Reading server data.
  34. const ThreadState snfNETmgr::SYNC_Close_Connection("Closing Connection"); // Closing connection.
  35. const ThreadState snfNETmgr::SYNC_Parse_GBUdb_Reflections("Parsing GBUdb"); // Parsing GBUdb reflections.
  36. const ThreadState snfNETmgr::SYNC_Log_Event("Logging SYNC"); // Logging SYNC event.
  37. snfNETmgr::snfNETmgr() : // Starting up the NETmgr
  38. Thread(snfNETmgr::Type, "NET Manager"), // Network manager and Name.
  39. SYNCTimer(30000), // Sync every 30 secs by default.
  40. SyncSecsOverride(-1), // Override is -1 by default.
  41. myLOGmgr(NULL),
  42. isTimeToStop(false),
  43. isConfigured(false) { // On construction, NETmgr
  44. run(); // runs it's thread.
  45. }
  46. snfNETmgr::~snfNETmgr() { // On descruction, NETmgr must
  47. stop(); // Stop it's thread (if not already)
  48. myLOGmgr = NULL; // Clear out the LOGmgr hookup
  49. isConfigured = false; // and the configured flag.
  50. }
  51. void snfNETmgr::stop() { // The stop method...
  52. if(!isTimeToStop) { // only does it's work once:
  53. isTimeToStop = true; // tells it's thread to stop
  54. join(); // and waits for it to shut down.
  55. }
  56. }
  57. void snfNETmgr::myTask() { // Here's the thread task.
  58. Sleeper WaitASecond(1000); // Heartbeat timer.
  59. while(false == isTimeToStop) { // Until it's time to stop,
  60. CurrentThreadState(Sleeping); // post our status,
  61. WaitASecond(); // pause for a second,
  62. if(isConfigured) { // then poll our tasks.
  63. // Do stuff here that requires configuration data.
  64. if(SYNCTimer.isExpired()) { sync(); SYNCTimer.restart(); } // If it's time to sync - do it :-)
  65. }
  66. }
  67. }
  68. void snfNETmgr::linkLOGmgr(snfLOGmgr& L) { // Set the LOGmgr.
  69. myLOGmgr = &L;
  70. }
  71. void snfNETmgr::linkGBUdbmgr(snfGBUdbmgr& G) { // Set the GBUdbmgr.
  72. myGBUdbmgr = &G;
  73. }
  74. // In theory, configure will get called each time the rulebase manager loads
  75. // a new configuration / rulebase. The configure() method updates the bits of
  76. // NETmgr that run background tasks. Live-Data tasks pass their grab()bed
  77. // CFGData object in order to maintain self-consistency.
  78. void snfNETmgr::configure(snfCFGData& CFGData) { // Update the configuration.
  79. ScopeMutex CFGDataExchange(ConfigMutex); // Lock the config data during updates.
  80. // Update the internal config data from CFGData while we are locked.
  81. // Internal functions which depend on this data will lock the object,
  82. // grab the bits they depend upon for that pass, and then unlock.
  83. RulebaseFilePath = CFGData.RuleFilePath; // Where we can find our rulebase?
  84. SyncHostName = CFGData.network_sync_host; // Where do we connect to sync?
  85. SyncHostPort = CFGData.network_sync_port; // What port do we use to sync?
  86. HandshakeFilePath = CFGData.paths_workspace_path + ".handshake"; // Where we store our handshake.
  87. UpdateReadyFilePath = CFGData.paths_workspace_path + "UpdateReady.txt"; // Where we put update trigger files.
  88. const int SecsAsms = 1000; // Multiplier - seconds to milliseconds.
  89. SyncSecsConfigured = CFGData.network_sync_secs; // Capture the configured sync time.
  90. if(0 > SyncSecsOverride) { // If the sync timer isn't in override,
  91. if(SYNCTimer.getDuration() != (SyncSecsConfigured * SecsAsms)) { // And the config time is different than
  92. SYNCTimer.setDuration(SyncSecsConfigured * SecsAsms); // the timer's current setting then set
  93. } // the timer to the new value.
  94. } // If we are in override, timer is set.
  95. License = CFGData.node_licenseid; // Capture our node id (license id).
  96. SecurityKey = CFGData.SecurityKey; // Capture our security key.
  97. evolvePad(CFGData.SecurityKey); // Seed our Pad generator with it.
  98. // Safety check before turning this on ;-)
  99. if(
  100. NULL != myLOGmgr &&
  101. NULL != myGBUdbmgr
  102. ) { // If we are properly linked then
  103. isConfigured = true; // at this point we are configured!
  104. }
  105. }
  106. void snfNETmgr::sendSample( // Send a sampled message...
  107. snfCFGData& CFGData, // Use this configuration,
  108. snfScanData& ScanData, // Include this scan data,
  109. const unsigned char* MessageBuffer, // This is the message itself
  110. int MessageLength // and it is this size.
  111. ) {
  112. string TimeStamp; (*myLOGmgr).Timestamp(TimeStamp); // Grab a timestamp.
  113. ostringstream XML; // Make formatting easier with this.
  114. //-- <sample...>
  115. XML << "<sample node=\'" << CFGData.node_licenseid << "\' "
  116. << "time=\'" << TimeStamp << "\' "
  117. << "result=\'" << ScanData.CompositeFinalResult << "\'>" << endl;
  118. //-- <ip...>
  119. XML << "<ip range=\'";
  120. string IPRange;
  121. switch(ScanData.SourceIPRange()) {
  122. case Unknown: { IPRange = "Unknown"; break; } // Unknown - not defined.
  123. case White: { IPRange = "White"; break; } // This is a good guy.
  124. case Normal: { IPRange = "Normal"; break; } // Benefit of the doubt.
  125. case New: { IPRange = "New"; break; } // It is new to us.
  126. case Caution: { IPRange = "Caution"; break; } // This is suspicious.
  127. case Black: { IPRange = "Black"; break; } // This is bad.
  128. case Truncate: { IPRange = "Truncate"; break; } // Don't even bother looking.
  129. }
  130. SocketAddress IP;
  131. IP.setAddress(ScanData.SourceIPRecord().IP);
  132. XML << IPRange << "\' ip=\'" << (string) IP4Address(IP.getAddress()) << "\' t=\'";
  133. string IPType;
  134. switch(ScanData.SourceIPRecord().GBUdbData.Flag()) {
  135. case Good: { IPType = "Good"; break; }
  136. case Bad: { IPType = "Bad"; break; }
  137. case Ugly: { IPType = "Ugly"; break; }
  138. case Ignore: { IPType = "Ignore"; break; }
  139. }
  140. XML << IPType << "\' b=\'" << ScanData.SourceIPRecord().GBUdbData.Bad()
  141. << "\' g=\'" << ScanData.SourceIPRecord().GBUdbData.Good()
  142. << "\'/>" << endl;
  143. //-- <match...> as many as needed
  144. if(0 < ScanData.MatchRecords.size()) { // If we have match records - emit them.
  145. list<snf_match>::iterator iM; // Grab an iterator.
  146. for( // Emit each snf_match entry.
  147. iM = ScanData.MatchRecords.begin();
  148. iM != ScanData.MatchRecords.end();
  149. iM++) {
  150. XML << "<match r=\'" << (*iM).ruleid << "\' "
  151. << "g=\'" << (*iM).symbol << "\' "
  152. << "i=\'" << (*iM).index << "\' "
  153. << "e=\'" << (*iM).endex << "\' "
  154. << "f=\'" << (*iM).flag << "\'/>";
  155. }
  156. }
  157. //-- <msg...>
  158. XML << "<msg size=\'" << ScanData.ScanSize << "'>" << endl; // Starting with the msg element.
  159. to_base64 EncodedMessageData(
  160. reinterpret_cast<const char*>(MessageBuffer), MessageLength); // Encode the message to base64.
  161. const int SampleLineLength = 64; // 64 bytes per line is good.
  162. for(int i = 0; i < MessageLength;) { // Now we break it into lines
  163. for(int l = 0; l < SampleLineLength && i < MessageLength; l++, i++) { // that are a reasonable length.
  164. XML << EncodedMessageData.at(i); // Emit one character at a time...
  165. } // At the end of a reasonable
  166. XML << endl; // length we terminate the line.
  167. }
  168. XML << "</msg>" << endl; // End of the <msg> element.
  169. //-- done with the sample!
  170. XML << "</sample>" << endl;
  171. // Last thing we do is post the formatted string to the buffer.
  172. const int SampleSafetyLimit = 100000; // 100 Kbyte limit on samples.
  173. ScopeMutex DoNotDisturb(myMutex); // Don't bug me man I'm busy.
  174. if(SampleSafetyLimit < SamplesBuffer.length()) // If the samples buffer is full
  175. SamplesBuffer.clear(); // clear it before adding more.
  176. SamplesBuffer.append(XML.str()); // Append the XML to the buffer.
  177. }
  178. string snfNETmgr::getSamples() { // Synchronized way to get Samples.
  179. ScopeMutex DoNotDisturb(myMutex); // Lock the mutex to protect our work.
  180. string SamplesBatch = SamplesBuffer; // Copy the samples to a new string.
  181. SamplesBuffer.clear(); // Clear the samples buffer.
  182. return SamplesBatch; // Return a batch of Samples.
  183. }
  184. void snfNETmgr::sendReport(const string& S) { // How to send a status report.
  185. const int ReportSafetyLimit = 100000; // 100 Kbytes limit on reports.
  186. ScopeMutex DoNotDisturb(myMutex); // Lock the mutex for a moment.
  187. if(ReportSafetyLimit < ReportsBuffer.length()) // If the reports buffer is full
  188. ReportsBuffer.clear(); // clear it before adding more.
  189. ReportsBuffer.append(S); // Append the report.
  190. }
  191. string snfNETmgr::getReports() { // Synchronized way to get Reports.
  192. ScopeMutex DoNotDisturb(myMutex); // Lock the mutex to protect our work.
  193. string ReportsBatch = ReportsBuffer; // Copy the reports to a new string.
  194. ReportsBuffer.clear(); // Clear the reports buffer.
  195. return ReportsBatch; // Return a batch of Reports.
  196. }
  197. string& snfNETmgr::RulebaseUTC(string& t) { // Gets local rulebase file UTC.
  198. struct stat RulebaseStat; // First we need a stat buffer.
  199. if(0 != stat(RulebaseFilePath.c_str(), &RulebaseStat)) { // If we can't get the stat we
  200. t.append("000000000000"); return t; // will return 000000000000 to
  201. } // make sure we should get the file.
  202. struct tm RulebaseTime; // Allocate a time structure.
  203. RulebaseTime = *(gmtime(&RulebaseStat.st_mtime)); // Copy the file time to it as UTC.
  204. char TimestampBfr[20]; // Timestamp buffer.
  205. sprintf(TimestampBfr,"%04d%02d%02d%02d%02d%02d\0", // Format yyyymmddhhmmss
  206. RulebaseTime.tm_year+1900,
  207. RulebaseTime.tm_mon+1,
  208. RulebaseTime.tm_mday,
  209. RulebaseTime.tm_hour,
  210. RulebaseTime.tm_min,
  211. RulebaseTime.tm_sec
  212. );
  213. t.append(TimestampBfr); // Append the timestamp to t
  214. return t; // and return it to the caller.
  215. }
  216. unsigned long snfNETmgr::ResolveHostIPFromName(const string& N) { // Host name resolution tool.
  217. ScopeMutex OneAtATimePlease(ResolverMutex); // Resolve only one at a time.
  218. unsigned long IP = inet_addr(N.c_str()); // See if it's an IP.
  219. if (INADDR_NONE == IP) { // If it's not an IP resolve it.
  220. hostent* H = gethostbyname(N.c_str()); // Resolve the host.
  221. if (NULL == H) { // If we didn't get a resolution
  222. return INADDR_NONE; // return no address.
  223. } // If we did resolve the address
  224. IP = *((unsigned long*)H->h_addr_list[0]); // get the primary entry.
  225. }
  226. return ntohl(IP); // Return what we got (host order)
  227. }
  228. // The Evolving One Time Pad engine is just slightly better than calling
  229. // rand() with the system time as a seed. However, it does have the advantage
  230. // that in order to guess it's initial state an attacker would need to already
  231. // know the license id and authentication. It also has the advantage that it
  232. // adds small amounts of entropy over time and never really forgets them. For
  233. // example, the exact time between calls to evolvePad is dependent on how long
  234. // it takes to sync which is dependent on how much data there is to report
  235. // which is dependent on the number and size of messages scanned etc... and
  236. // this is also impacted a bit by network performance issues during the sync.
  237. // Sensitivity to this entropy has millisecond resolution. This is a cross-
  238. // platform solution that depends only on our own code ;-)
  239. void snfNETmgr::evolvePad(string Entropy) { // Add entropy and evolve.
  240. ScopeMutex OneAtATimePlease(PadMutex); // Protect the one time pad.
  241. myLOGmgr->Timestamp(Entropy); // Time matters ;-)
  242. int x; // We want to capture this.
  243. for(int a = 0; a < Entropy.length(); a++) { // Add the entropy to our generator.
  244. x = PadGenerator.Encrypt(Entropy.at(a));
  245. }
  246. msclock rt = myLOGmgr->RunningTime(); // Get the elapsed running time so far.
  247. unsigned char* rtb = reinterpret_cast<unsigned char*>(&rt); // Convert that long long into bytes.
  248. for(int a = 0; a < sizeof(msclock); a++) { // Encrypt those bytes one by one
  249. PadGenerator.Encrypt(rtb[a]); // to add more entropy.
  250. }
  251. }
  252. // To get a pad of any length you like, use the OneTimePad()
  253. // Note that we don't assign a value to x before using it! If we get lucky,
  254. // we will get some random value from ram as additional entropy ;-) If we end
  255. // up starting with zero, that's ok too.
  256. PadBuffer snfNETmgr::OneTimePad(int Len) { // Get Len bytes of one time pad.
  257. PadBuffer B; // Start with a buffer.
  258. B.reserve(Len); // Reserve Len bytes.
  259. unsigned char x; // Get an unsigned char, unknown value.
  260. for(int a = 0; a < Len; a++) { // Create Len bytes of pad by evolving
  261. B.push_back(x = PadGenerator.Encrypt(x)); // x through itself and copying the
  262. } // data into the buffer.
  263. return B; // Return the result.
  264. }
  265. // Handshake tries to return the current stored handshake. If it can't then it
  266. // returns a new handshake based on data from the pad generator.
  267. PadBuffer snfNETmgr::Handshake() { // What is the current handshake?
  268. if(CurrentHandshake.size() != SNFHandshakeSize) { // If we don't have one make one!
  269. CurrentHandshake = OneTimePad(SNFHandshakeSize); // Set up a default handshake to use
  270. try { // if we can't remember the real one.
  271. ifstream HSF(HandshakeFilePath.c_str(), ios::binary); // Open the handshake file.
  272. char* bfr = reinterpret_cast<char*>(&CurrentHandshake[0]); // Manufacture a proper pointer.
  273. HSF.read(bfr, SNFHandshakeSize); // Read the data (overwrite the HSB).
  274. HSF.close(); // Close the file.
  275. } catch(...) { } // Ignore any errors.
  276. }
  277. return CurrentHandshake; // Return the buffer.
  278. }
  279. PadBuffer& snfNETmgr::Handshake(PadBuffer& NewHandshake) { // Store a new handshake.
  280. CurrentHandshake = NewHandshake; // Grab the new handshake
  281. try { // then try to store it...
  282. ofstream HSF(HandshakeFilePath.c_str(), ios::binary | ios::trunc); // Open the handshake file.
  283. char* bfr = reinterpret_cast<char*>(&NewHandshake[0]); // Access the raw buffer.
  284. HSF.write(bfr, NewHandshake.size()); // Replace the old handshake
  285. HSF.close(); // close the file.
  286. } catch(...) {} // Ignore errors.
  287. return NewHandshake; // Return what we were given.
  288. }
  289. void snfNETmgr::postUpdateTrigger(string& updateUTC) { // Post an update trigger file.
  290. try { // Safely post an update trigger.
  291. ofstream HSF(UpdateReadyFilePath.c_str(), ios::binary | ios::trunc); // Open/create the trigger file.
  292. char* bfr = reinterpret_cast<char*>(&updateUTC[0]); // Access the raw UTC buffer.
  293. HSF.write(bfr, updateUTC.size()); // Write the update timestamp.
  294. HSF.close(); // close the file.
  295. } catch(...) {} // Ignore errors.
  296. }
  297. // Utility to read a line from a non-blocking TCPHost & check the timeout.
  298. const int MaxReadLineLength = 1024; // How long a line can be.
  299. string readLineTimeout(TCPHost& S, Timeout& T) { // Read a line from S until T.
  300. Sleeper WaitForMoreData(50); // How long to wait when no data.
  301. string LineBuffer = ""; // Buffer for the line.
  302. while( // Keep going as long as:
  303. false == T.isExpired() && // our timeout has not expired AND
  304. MaxReadLineLength > LineBuffer.length() // we haven't reached our limit.
  305. ) {
  306. char c = 0; // One byte at a time
  307. if(1 == S.receive(&c, sizeof(c))) { // Read from the TCPHost.
  308. LineBuffer.push_back(c); // Push the byte onto the string.
  309. if('\n' == c) break; // If it was a newline we're done!
  310. } else { // If we didn't get any data
  311. WaitForMoreData(); // pause before our next run.
  312. }
  313. }
  314. return LineBuffer; // Always return our buffer.
  315. }
  316. // Utility to write data to a non-blocking TCPHost & check the timeout.
  317. // Some networks can only handle small packets and fragmentation can be a
  318. // problem. Also, on Win* especially, sending small chunks is _MUCH_ more
  319. // reliable than trying to send large buffers all at once. SO - here we break
  320. // down our sending operations into medium sized chunks of data. The underlying
  321. // os can reorganize these chunks as needed for the outgouing stream. If the OS
  322. // needs us to slow down (doesn't send full chunks) then we introduce a small
  323. // delay between chunks to give the channel more time.
  324. const int MaxSendChunkSize = 512; // Size of one chunk in a write.
  325. void sendDataTimeout(TCPHost& S, Timeout& T, char* Bfr, int Len) { // Send and keep track of time.
  326. Sleeper WaitForMoreRoom(15); // Wait to send more data.
  327. int Remaining = Len; // This is how much we have left.
  328. while( // For as long as:
  329. false == T.isExpired() && // We still have time left AND
  330. 0 < Remaining // We still have data left
  331. ) {
  332. int ThisChunkSize = Remaining; // Hope to send it all in one chunk
  333. if(MaxSendChunkSize < ThisChunkSize) ThisChunkSize = MaxSendChunkSize; // but break it down as needed.
  334. int SentThisTime = S.transmit(Bfr, ThisChunkSize); // Send the data. How much went?
  335. Remaining -= SentThisTime; // Calculate how much is left.
  336. Bfr += SentThisTime; // Move our pointer (old school!)
  337. if(ThisChunkSize > SentThisTime) WaitForMoreRoom(); // If some of this chunk didn't go
  338. } // the pause before the next chunk.
  339. }
  340. void sendDataTimeout(TCPHost& S, Timeout& T, string& D) { // Send a string and keep track
  341. sendDataTimeout(S, T, const_cast<char*>(D.c_str()), D.length()); // of time. (Polymorphism is fun)
  342. }
  343. void snfNETmgr::sync() { // Synchronize with central command.
  344. // Keep these things in scope. This is how we roll.
  345. string HostName;
  346. int HostPort;
  347. string Secret;
  348. string Node;
  349. // Grab our configuration data (marchng orders).
  350. if(!isConfigured) return; // If we're not configured, don't!
  351. else {
  352. ScopeMutex GettingConfig(ConfigMutex); // Temporarily lock our config.
  353. HostName = SyncHostName; // We will connect to this host.
  354. HostPort = SyncHostPort; // We will connect to this port.
  355. Secret = SecurityKey; // Get the security key.
  356. Node = License; // Get the Node ID.
  357. }
  358. try { // Lots can go wrong so catch it :-)
  359. // 20080326 _M Blocking sockets tend to lock up so I've refactored this
  360. // code to use non-blocking sockets. This is actually part of the previous
  361. // refactor (TCPWatchdog see below) since without the watchdog there is no
  362. // way to get out of a blocking socket if it's dead.
  363. // 20080325 _M TCPWatchdog is a brute. It doesn't pay attention to thread
  364. // states. A weird bug showed up where the SYNC session seemed to hang and
  365. // the TCPWatchdog was left alive. In the process of hunting down this bug
  366. // I decided to remove the TCPWatchdog and put appropriate timeout checking
  367. // in each of the comms loops instead. So, from now on:
  368. // if(SessionDog.isExpired()) throw SyncFailed("Out Of Time");
  369. const int SyncSessionTimeout = 2 * SYNCTimer.getDuration(); // Timeout is twice poll time.
  370. Timeout SessionDog(SyncSessionTimeout); // Give this long for a session.
  371. // Connect to the sync host.
  372. CurrentThreadState(SYNC_Connect);
  373. SocketAddress SyncHostAddress; // We'll need an address.
  374. SyncHostAddress.setPort(HostPort); // Set the port.
  375. SyncHostAddress.setAddress(ResolveHostIPFromName(HostName)); // Resolve and set the IP.
  376. TCPHost SyncServer(SyncHostAddress); // Set up a host connection.
  377. SyncServer.makeNonBlocking(); // Make the connection non-blocking.
  378. PollTimer WaitForOpen(10, 340); // Expand 10ms to 340ms between tries.
  379. while(!SessionDog.isExpired()) { // Wait & Watch for a good connection.
  380. try { SyncServer.open(); } // Try opening the connection.
  381. catch(exception& e) { // If we get an exception then
  382. string ConnectFailMessage = "snfNETmgr::sync().open() "; // format a useful message about
  383. ConnectFailMessage.append(e.what()); // the error and then throw
  384. throw SyncFailed(ConnectFailMessage); // a SyncFailed exception.
  385. }
  386. if(SyncServer.isOpen()) break; // When successful, let's Go!
  387. else WaitForOpen.pause(); // When not yet successful, pause
  388. } // then try again if we have time.
  389. if(!SyncServer.isOpen()) throw SyncFailed("Connect Timed Out"); // Check our connection.
  390. if(SessionDog.isExpired()) throw SyncFailed("Out Of Time"); // Check our session time.
  391. // Start communicating.
  392. string LineBuffer = ""; // Input Line Buffer.
  393. // Read challenge
  394. CurrentThreadState(SYNC_Read_Challenge);
  395. LineBuffer = readLineTimeout(SyncServer, SessionDog); // Read the challenge line.
  396. snf_sync Challenge(LineBuffer.c_str(), LineBuffer.length()); // Interpret what we read.
  397. if( // Check that it's good...
  398. Challenge.bad() || // A complete packet was read
  399. 0 >= Challenge.snf_sync_challenge_txt.length() // and the challenge is present.
  400. ) throw SyncFailed("sync() Challenge.bad()"); // If not then throw.
  401. if(SessionDog.isExpired()) throw SyncFailed("Out Of Time"); // Check our session time.
  402. // Write response
  403. CurrentThreadState(SYNC_Compute_Response);
  404. from_base64 DecodedChallenge(Challenge.snf_sync_challenge_txt); // Decode the challenge.
  405. //--- Prepare the secret.
  406. MANGLER ResponseGenerator; // Grab a mangler.
  407. for(int i = 0; i < Secret.length(); i++) // Fill it with the
  408. ResponseGenerator.Encrypt(Secret.at(i)); // security key.
  409. const int ManglerKeyExpansionCount = 1024; // Loop this many to randomize.
  410. for(int x = 0, i = 0; i < ManglerKeyExpansionCount; i++) // For the required number of loops,
  411. x = ResponseGenerator.Encrypt(x); // have Mangler chase it's tail.
  412. //--- Absorb the challenge.
  413. for(int i = 0; i < DecodedChallenge.size(); i++) // Evolve through the challenge.
  414. ResponseGenerator.Encrypt(DecodedChallenge.at(i));
  415. /*** We now have half of the key for this session ***/
  416. //--- Encrypt our Pad.
  417. PadBuffer NewPad = OneTimePad(); // Grab a new Pad (default size).
  418. base64buffer ResponseBin; // With the key now established,
  419. for(int i = 0; i < NewPad.size(); i++) // encrypt the one time pad for
  420. ResponseBin.push_back( // transfer.
  421. ResponseGenerator.Encrypt(NewPad[i]));
  422. //--- Encrypt our Handshake.
  423. PadBuffer CurrentHandshake = Handshake(); // Recall the secret handshake.
  424. for(int i = 0; i < CurrentHandshake.size(); i++) // Encrypt that into the stream.
  425. ResponseBin.push_back(
  426. ResponseGenerator.Encrypt(CurrentHandshake[i]));
  427. //--- Encrypt our Signature.
  428. for(int x = 0, i = 0; i < SNFSignatureSize; i++) // Generate a hash by having Mangler
  429. ResponseBin.push_back( // chase it's tail for the appropriate
  430. x = ResponseGenerator.Encrypt(x)); // number of bytes.
  431. //--- Encode our response as base64 and send it.
  432. to_base64 ResponseTxt(ResponseBin); // Encode the cyphertext as base64.
  433. string ResponseTxtString; // Create a handy string and place
  434. ResponseTxtString.assign(ResponseTxt.begin(), ResponseTxt.end()); // the base 64 text into it.
  435. string ResponseMsg; // Build an appropriate response
  436. ResponseMsg.append("<snf><sync><response nodeid=\'"); // identifying this node
  437. ResponseMsg.append(Node); // with the license id
  438. ResponseMsg.append("\' text=\'"); // and providing an appropriately
  439. ResponseMsg.append(ResponseTxtString); // mangled response string
  440. ResponseMsg.append("\'/></sync></snf>\n"); // for authentication.
  441. CurrentThreadState(SYNC_Send_Response);
  442. sendDataTimeout(SyncServer, SessionDog, ResponseMsg); // Send the response.
  443. if(SessionDog.isExpired()) throw SyncFailed("Out Of Time"); // Check our session time.
  444. // Read rulebase info or error
  445. CurrentThreadState(SYNC_Read_Availabilty);
  446. LineBuffer = readLineTimeout(SyncServer, SessionDog); // Read the rulebase status line.
  447. snf_sync RulebaseResponse(LineBuffer.c_str(), LineBuffer.length()); // Interpret what we read.
  448. if( // Check that it's good...
  449. RulebaseResponse.bad() // A complete packet was read.
  450. ) throw SyncFailed("sync() Response.bad()"); // If not then throw.
  451. if(0 < RulebaseResponse.snf_sync_error_message.length()) { // If the response was an error
  452. PadBuffer NewNullHandshake; // then we will assume we are out
  453. NewNullHandshake.assign(SNFHandshakeSize, 0); // of sync with the server so we
  454. Handshake(NewNullHandshake); // will set the NULL handshake and
  455. throw SyncFailed("sync() Response error message"); // fail this sync attempt.
  456. }
  457. if(SessionDog.isExpired()) throw SyncFailed("Out Of Time"); // Check our session time.
  458. // Update Handshake
  459. for(int x = 0, i = 0; i < ManglerKeyExpansionCount; i++) // For the required number of loops,
  460. x = ResponseGenerator.Encrypt(x); // have Mangler chase it's tail.
  461. PadBuffer NewHandshake; // Grab a new handshake buffer.
  462. for(int x = 0, i = 0; i < SNFHandshakeSize; i++) // Create the new handshake as a
  463. NewHandshake.push_back( // mangler hash of the current
  464. x = ResponseGenerator.Encrypt(x)); // key state (proper length of course).
  465. Handshake(NewHandshake); // Save our new handshake to disk.
  466. // Interpret Rulebase Response
  467. myLOGmgr->updateAvailableUTC(RulebaseResponse.snf_sync_rulebase_utc); // Store the latest update UTC.
  468. if(myLOGmgr->isUpdateAvailable()) { // If a new update is read then
  469. postUpdateTrigger(RulebaseResponse.snf_sync_rulebase_utc); // create an update trigger file.
  470. }
  471. // Write our Client reports (multi-line)
  472. CurrentThreadState(SYNC_Send_GBUdb_Alerts);
  473. string ClientReport;
  474. ClientReport.append("<snf><sync><client>\n");
  475. sendDataTimeout(SyncServer, SessionDog, ClientReport);
  476. ClientReport = "";
  477. if(SessionDog.isExpired()) throw SyncFailed("Out Of Time"); // Check our session time.
  478. // Insert our GBUdb Alerts.
  479. list<GBUdbAlert> Alerts; // Make a list of GBUdb Alerts.
  480. myGBUdbmgr->GetAlertsForSync(Alerts); // Get them from our GBUdb.
  481. list<GBUdbAlert>::iterator iA;
  482. for(iA = Alerts.begin(); iA != Alerts.end(); iA++) { // Convert each alert in our list
  483. ClientReport.append((*iA).toXML()); // into XML, follow it up
  484. ClientReport.append("\n"); // with a new line, and send it
  485. }
  486. sendDataTimeout(SyncServer, SessionDog, ClientReport); // Send the Client report data.
  487. ClientReport = ""; // Clear the buffer.
  488. if(SessionDog.isExpired()) throw SyncFailed("Out Of Time"); // Check our session time.
  489. // Send Status Reports - one line at a time.
  490. CurrentThreadState(SYNC_Send_Status_Reports);
  491. /**
  492. *** Instead of splitting up the reports by line we will try sending them
  493. *** all at once using the new sendDataTimeout() function.
  494. ***
  495. if(0 < ReportsBuffer.length()) { // If we have reports - send them.
  496. string DataToSend = getReports(); // Grab a copy and clear the buffer.
  497. int Cursor = 0; // We need a cursor and a length
  498. int Length = 0; // to help us feed this line by line.
  499. while(Cursor < DataToSend.length()) { // While we have more data...
  500. Length = DataToSend.find_first_of('\n', Cursor); // Find the end of the first line.
  501. if(string::npos == Length) break; // If we can't then we're done.
  502. Length = (Length + 1) - Cursor; // If we can, convert that to length.
  503. SyncServer.transmit( // Get and send the line using the
  504. DataToSend.substr(Cursor, Length).c_str(), // substring function.
  505. Length
  506. );
  507. Cursor = Cursor + Length; // Move the cursor for the next line.
  508. if(SessionDog.isExpired()) throw SyncFailed("Out Of Time"); // Check our session time.
  509. }
  510. }
  511. **/
  512. if(0 < ReportsBuffer.length()) { // If we have reports to send
  513. string DataToSend = getReports(); // get (and clear) the reports and
  514. sendDataTimeout(SyncServer, SessionDog, DataToSend); // send them (mindful of timeout).
  515. }
  516. if(SessionDog.isExpired()) throw SyncFailed("Out Of Time"); // Check our session time.
  517. // Send Samples - one line at a time.
  518. CurrentThreadState(SYNC_Send_Samples);
  519. /***
  520. if(0 < SamplesBuffer.length()) {
  521. string DataToSend = getSamples();
  522. int Cursor = 0; // We need a cursor and a length
  523. int Length = 0; // to help us feed this line by line.
  524. while(Cursor < DataToSend.length()) { // While we have more data...
  525. Length = DataToSend.find_first_of('\n', Cursor); // Find the end of the first line.
  526. if(string::npos == Length) break; // If we can't then we're done.
  527. Length = (Length + 1) - Cursor; // If we can, convert that to length.
  528. SyncServer.transmit( // Get and send the line using the
  529. DataToSend.substr(Cursor, Length).c_str(), // substring function.
  530. Length
  531. );
  532. Cursor = Cursor + Length; // Move the cursor for the next line.
  533. if(SessionDog.isExpired()) throw SyncFailed("Out Of Time"); // Check our session time.
  534. }
  535. }
  536. ***/
  537. if(0 < SamplesBuffer.length()) { // If we have samples to send
  538. string DataToSend = getSamples(); // get (and clear) the samples and
  539. sendDataTimeout(SyncServer, SessionDog, DataToSend); // send them (mindful of timeout).
  540. }
  541. if(SessionDog.isExpired()) throw SyncFailed("Out Of Time"); // Check our session time.
  542. // Terminate the client messages.
  543. CurrentThreadState(SYNC_Send_End_Of_Report);
  544. ClientReport.append("</client></sync></snf>\n");
  545. sendDataTimeout(SyncServer, SessionDog, ClientReport); // Send the Client report.
  546. if(SessionDog.isExpired()) throw SyncFailed("Out Of Time"); // Check our session time.
  547. // Read the Server response (multi-line)
  548. CurrentThreadState(SYNC_Read_Server_Response);
  549. string ServerResponse;
  550. string ResponseLine;
  551. while(string::npos == ResponseLine.find("</snf>\n")) { // Until we find the ending...
  552. ResponseLine = readLineTimeout(SyncServer, SessionDog); // Read a line.
  553. if(0 >= ResponseLine.length()) { // If we get an empty line
  554. throw SyncFailed("sync() server response empty line"); // then it's an error.
  555. }
  556. ServerResponse.append(ResponseLine); // Append the line.
  557. if(SessionDog.isExpired()) throw SyncFailed("Out Of Time"); // Check our session time.
  558. }
  559. snf_sync ServerMessages(
  560. ServerResponse.c_str(), ServerResponse.length()); // Interpret what we read.
  561. if( // Check that it's good...
  562. ServerMessages.bad() // A complete packet was read.
  563. ) throw SyncFailed("sync() ServerMessages.bad()"); // If not then throw.
  564. // At this point we should have a good Server response.
  565. CurrentThreadState(SYNC_Close_Connection);
  566. SyncServer.close(); // Close the connection.
  567. evolvePad(Challenge.snf_sync_challenge_txt); // Use this event for more entropy.
  568. // Import any GBUdb reflections.
  569. CurrentThreadState(SYNC_Parse_GBUdb_Reflections);
  570. if(0 < ServerMessages.ServerGBUAlertHandler.AlertList.size()) { // If we have received reflections
  571. myGBUdbmgr->ProcessReflections( // then process them through our
  572. ServerMessages.ServerGBUAlertHandler.AlertList // GBUdb.
  573. );
  574. }
  575. /*** On Sync Override set sync timer to override time. If no override
  576. **** then be sure to reset the timer to the current CFG value if it
  577. **** is not already there. Also, if sync override is not engaged then
  578. **** be sure the overrid flag is set to -1 indicating it is off.
  579. **** Configure() code assumes we are handling the override sync timer
  580. **** functions this way.
  581. ***/
  582. // Assign the SyncSecsOverride with the value we retrieved. It will
  583. // either be a seconds value, or a -1 indicating it was absent from
  584. // the server message.
  585. SyncSecsOverride = ServerMessages.snf_sync_server_resync_secs; // What was the SyncOverride?
  586. const int SecsAsms = 1000; // Multiplier - seconds to milliseconds.
  587. if(0 > SyncSecsOverride) { // If the sync timer IS NOT in override,
  588. if(SYNCTimer.getDuration() != (SyncSecsConfigured * SecsAsms)) { // And the config time is different than
  589. SYNCTimer.setDuration(SyncSecsConfigured * SecsAsms); // the timer's current setting then set
  590. } // the timer to the new value.
  591. } else { // If the sync timer IS in override now,
  592. if(SYNCTimer.getDuration() != (SyncSecsOverride * SecsAsms)) { // and the override is different than the
  593. SYNCTimer.setDuration(SyncSecsOverride * SecsAsms); // current setting then override the setting
  594. } // with the new value.
  595. }
  596. // All done
  597. CurrentThreadState(SYNC_Log_Event);
  598. (*myLOGmgr).RecordSyncEvent(); // Finished that -- so log the event.
  599. }
  600. catch (exception& e) { // SYNC Failed and we know more.
  601. const int snf_UNKNOWN_ERROR = 99; // Report an error (unknown code)
  602. string ERROR_SYNC_FAILEDmsg = CurrentThreadState().Name; // Format a useful state message.
  603. ERROR_SYNC_FAILEDmsg.append(": ");
  604. ERROR_SYNC_FAILEDmsg.append(e.what());
  605. (*myLOGmgr).logThisError( // Log the error (if possible)
  606. "SNF_NETWORK", snf_UNKNOWN_ERROR, ERROR_SYNC_FAILEDmsg
  607. );
  608. }
  609. catch (...) { // SYNC Failed if we're here.
  610. const int snf_UNKNOWN_ERROR = 99; // Report an error (unknown code)
  611. string ERROR_SYNC_FAILEDmsg = CurrentThreadState().Name; // Format a useful state message.
  612. ERROR_SYNC_FAILEDmsg.append(": Panic!");
  613. (*myLOGmgr).logThisError( // Log the error (if possible)
  614. "SNF_NETWORK", snf_UNKNOWN_ERROR, ERROR_SYNC_FAILEDmsg
  615. );
  616. }
  617. }