Mixe for Privacy and Anonymity in the Internet
CALastMixA.cpp
Go to the documentation of this file.
1 /*
2 Copyright (c) 2000, The JAP-Team
3 All rights reserved.
4 Redistribution and use in source and binary forms, with or without modification,
5 are permitted provided that the following conditions are met:
6 
7  - Redistributions of source code must retain the above copyright notice,
8  this list of conditions and the following disclaimer.
9 
10  - Redistributions in binary form must reproduce the above copyright notice,
11  this list of conditions and the following disclaimer in the documentation and/or
12  other materials provided with the distribution.
13 
14  - Neither the name of the University of Technology Dresden, Germany nor the names of its contributors
15  may be used to endorse or promote products derived from this software without specific
16  prior written permission.
17 
18 
19 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ``AS IS'' AND ANY EXPRESS
20 OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
21 AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS
22 BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
23 (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
24 OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
25 IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE
27 */
28 #include "../StdAfx.h"
29 #if !defined ONLY_LOCAL_PROXY || defined INCLUDE_LAST_MIX
30 #include "CALastMixA.hpp"
31 #include "../CALibProxytest.hpp"
32 #include "../CALastMixChannelList.hpp"
33 #include "../CASingleSocketGroup.hpp"
34 #include "../CAPool.hpp"
35 #include "../CACmdLnOptions.hpp"
36 #ifdef HAVE_EPOLL
37 #include "../CASocketGroupEpoll.hpp"
38 #endif
39 #include "../CAControlChannelDispatcher.hpp"
40 #include "../CASymChannelCipherFactory.hpp"
41 #ifdef WITH_INTEGRITY_CHECK
42 #include "../CASymCipherGCM.hpp"
43 #endif
44 
45 
46 #ifdef LOG_CHANNEL
47 //CAMsg::printMsg(LOG_DEBUG,"Channel time log format is as follows: Channel-ID,Channel Start [micros], Channel End [micros], Upload (bytes), Download (bytes), DataAndOpenAndClosePacketsFromUser, DataAndClosePacketsToUser\n");
48 #define MACRO_DO_LOG_CHANNEL(a)\
49  CAMsg::printMsg(LOG_DEBUG,#a ":%u,%Lu,%Lu,%u,%u,%u,%u\n",\
50  pChannelListEntry->channelIn,pChannelListEntry->timeCreated,pQueueEntry->timestamp_proccessing_end,\
51  pChannelListEntry->trafficInFromUser,pChannelListEntry->trafficOutToUser,\
52  pChannelListEntry->packetsDataInFromUser,pChannelListEntry->packetsDataOutToUser);
53 #define MACRO_DO_LOG_CHANNEL_CLOSE_FROM_USER MACRO_DO_LOG_CHANNEL(1)
54 #define MACRO_DO_LOG_CHANNEL_CLOSE_FROM_MIX MACRO_DO_LOG_CHANNEL(2)
55 #endif
56 
57 #define LAST_MIX_SIZE_OF_SYMMETRIC_KEYS 2*KEY_SIZE
58 
59 #ifndef MULTI_THREADED_PACKET_PROCESSING
60 SINT32 CALastMixA::loop()
61  {
62 #ifndef NEW_MIX_TYPE
63  //CASocketList oSocketList;
64 #ifdef DELAY_CHANNELS
65  m_pChannelList->setDelayParameters( CALibProxytest::getOptions()->getDelayChannelUnlimitTraffic(),
66  CALibProxytest::getOptions()->getDelayChannelBucketGrow(),
67  CALibProxytest::getOptions()->getDelayChannelBucketGrowIntervall());
68 #endif
69 #ifdef DELAY_CHANNELS_LATENCY
70  m_pChannelList->setDelayLatencyParameters( CALibProxytest::getOptions()->getDelayChannelLatency());
71 #endif
72 #ifdef HAVE_EPOLL
73  CASocketGroupEpoll* psocketgroupCacheRead=new CASocketGroupEpoll(false);
74  CASocketGroupEpoll* psocketgroupCacheWrite=new CASocketGroupEpoll(true);
75 #else
76  CASocketGroup* psocketgroupCacheRead=new CASocketGroup(false);
77  CASocketGroup* psocketgroupCacheWrite=new CASocketGroup(true);
78 #endif
79  tQueueEntry* pQueueEntry=new tQueueEntry;
80  MIXPACKET* pMixPacket=&pQueueEntry->packet;
81  SINT32 ret;
82  SINT32 countRead;
83  lmChannelListEntry* pChannelListEntry;
84  UINT8* rsaBuff=new UINT8[RSA_SIZE];
85  UINT32 rsaOutLen=RSA_SIZE;
86  UINT8* tmpBuff=new UINT8[MIXPACKET_SIZE];
87  UINT8* ciphertextBuff=new UINT8[DATA_SIZE];
88  UINT8* plaintextBuff=new UINT8[DATA_SIZE - GCM_MAC_SIZE];
89 #ifdef WITH_INTEGRITY_CHECK
90  UINT16 payloadLen;
91  SINT32 retval;
92 #endif
93  bool bAktiv;
94  m_logUploadedPackets=m_logDownloadedPackets=0;
95  set64((UINT64&)m_logUploadedBytes,(UINT32)0);
96  set64((UINT64&)m_logDownloadedBytes,(UINT32)0);
97  CAThread* pLogThread=new CAThread((UINT8*)"CALastMixA - LogLoop");
98  m_bRunLog = true;
99  pLogThread->setMainLoop(lm_loopLog);
100  pLogThread->start(this);
101 
102  #ifdef LOG_CRIME
103  bool bUserSurveillance = false;
104  tQueueEntry* pQueueEntryCrime= new tQueueEntry;
105  #endif
106 #ifdef ANON_DEBUG_MODE
107  bool bIsDebugPacket = false;
108 #endif
109 
110  #ifdef LOG_CHANNEL
111  CAMsg::printMsg(LOG_DEBUG,"Channel time log format is as follows: Channel-ID,Channel Start [micros], Channel End [micros], Upload (bytes), Download (bytes), DataAndOpenPacketsFromUser, DataPacketsToUser\n");
112  #endif
113 
114  while (!m_bRestart)
115  {
116  bAktiv = false;
117  //Step 1a reading from previous Mix --> now in separate thread
118  //Step 1b processing MixPackets from previous mix
119  // processing maximal number of current channels packets
120  if (m_pQueueReadFromMix->getSize() >= sizeof(tQueueEntry))
121  {
122  bAktiv = true;
123  UINT32 channels = m_pChannelList->getSize() + 1;
124  for (UINT32 k = 0; k < channels && m_pQueueReadFromMix->getSize() >= sizeof(tQueueEntry); k++)
125  {
126  ret = sizeof(tQueueEntry);
127  m_pQueueReadFromMix->get((UINT8 *)pQueueEntry, (UINT32 *)&ret);
128 #if defined(LOG_PACKET_TIMES) || defined(LOG_CHANNEL)
129  getcurrentTimeMicros(pQueueEntry->timestamp_proccessing_start);
130 #endif
131 #ifdef LOG_PACKET_TIMES
132  set64(pQueueEntry->timestamp_proccessing_start, pQueueEntry->timestamp_proccessing_start_OP);
133 #endif
134  if (pMixPacket->channel > 0 && pMixPacket->channel < 256)
135  {
136  m_pMuxInControlChannelDispatcher->proccessMixPacket(pMixPacket);
137  continue;
138  }
139  // one packet received
140  m_logUploadedPackets++;
141 #ifdef ANON_DEBUG_MODE
142  if (pMixPacket->flags & CHANNEL_DEBUG)
143  {
144  UINT8 base64Payload[DATA_SIZE << 1];
145  EVP_EncodeBlock(base64Payload, pMixPacket->data, DATA_SIZE); //base64 encoding (without newline!)
146  pMixPacket->flags &= ~CHANNEL_DEBUG;
147  CAMsg::printMsg(LOG_DEBUG, "AN.ON packet debug: %s\n", base64Payload);
148  bIsDebugPacket = true;
149  }
150  else
151  {
152  bIsDebugPacket = false;
153  }
154 #endif
155  pChannelListEntry = m_pChannelList->get(pMixPacket->channel);
156 
157  //check if this packet was marked by the previous mixes for user surveillance
158 #ifdef LOG_CRIME
159  bUserSurveillance = ((pMixPacket->flags & CHANNEL_SIG_CRIME) != 0);
160  pMixPacket->flags &= ~CHANNEL_SIG_CRIME;
161 #endif
162 
163  if (pChannelListEntry == NULL)
164  {
165  if (pMixPacket->flags == CHANNEL_OPEN)
166  {
167 #if defined(ANON_DEBUG_MODE)
168  CAMsg::printMsg(LOG_DEBUG, "New Connection from previous Mix!\n");
169  //keep a copy of whole packet and output it, if something with integrity check went wrong...
170  UINT8 tmpPacketData[DATA_SIZE];
171  memcpy(tmpPacketData, pMixPacket->data, DATA_SIZE);
172 #endif
173 
174 #ifdef _DEBUG
175  CAMsg::printMsg(LOG_DEBUG, "Received a channel open packet for incoming channel: %u\n", pMixPacket->channel);
176 #endif
177 
178  if (m_pRSA->decryptOAEP(pMixPacket->data, rsaBuff, &rsaOutLen) != E_SUCCESS)
179  {
180  CAMsg::printMsg(LOG_ERR, "Error in channel open asym decryption - channel!\n");
181  /* send a close packet signaling the error */
182  getRandom(pMixPacket->data, DATA_SIZE);
183  pMixPacket->flags = CHANNEL_CLOSE;
184 #ifdef LOG_PACKET_TIMES
185  setZero64(pQueueEntry->timestamp_proccessing_start);
186 #endif
187  m_pQueueSendToMix->add(pQueueEntry, sizeof(tQueueEntry));
188  m_logDownloadedPackets++;
189  }
190  else // Asym encryption was successfull
191  {
192 #ifdef REPLAY_DETECTION
193  // replace time(NULL) with the real timestamp ()
194  // packet-timestamp + m_u64ReferenceTime
195  UINT32 stamp = ((UINT32)(rsaBuff[13] << 16) + (UINT32)(rsaBuff[14] << 8) + (UINT32)(rsaBuff[15])) * REPLAY_BASE;
196  if (m_pReplayDB->insert(rsaBuff, stamp + m_u64ReferenceTime) != E_SUCCESS)
197  // if(m_pReplayDB->insert(rsaBuff,time(NULL))!=E_SUCCESS)
198  {
199  CAMsg::printMsg(LOG_INFO, "Replay: Duplicate packet ignored.\n");
200  continue;
201  }
202 #endif
203 #ifdef WITH_INTEGRITY_CHECK
204  CASymCipherGCM *newCipher = new CASymCipherGCM();
205  newCipher->setGCMKeys(rsaBuff, rsaBuff + KEY_SIZE);
206 
207  //Decrypt only the first two bytes to get the payload length
208  UINT16 lengthAndFlagsField = 0;
209  newCipher->decryptMessage(rsaBuff + LAST_MIX_SIZE_OF_SYMMETRIC_KEYS, 2, (UINT8 *)&lengthAndFlagsField, false);
210  payloadLen = ntohs(lengthAndFlagsField);
211  payloadLen &= PAYLOAD_LEN_MASK;
212  if (payloadLen > (PAYLOAD_SIZE - LAST_MIX_SIZE_OF_SYMMETRIC_KEYS - RSA_SIZE - GCM_MAC_SIZE - PAYLOAD_HEADER_SIZE + rsaOutLen))
213  retval = E_UNKNOWN;
214  else
215  {
216  //prepend the asym decrypted sym encrypted part of the Mix packet to the sym only encrypted part of the mix packet
217  memcpy(pMixPacket->data + RSA_SIZE - rsaOutLen + LAST_MIX_SIZE_OF_SYMMETRIC_KEYS, rsaBuff + LAST_MIX_SIZE_OF_SYMMETRIC_KEYS, rsaOutLen - LAST_MIX_SIZE_OF_SYMMETRIC_KEYS);
218  //now decrpyt the whole sym encrypted part
219  retval = newCipher->decryptMessage(pMixPacket->data + RSA_SIZE - rsaOutLen + LAST_MIX_SIZE_OF_SYMMETRIC_KEYS, payloadLen + GCM_MAC_SIZE + PAYLOAD_HEADER_SIZE, pMixPacket->data, true);
220  }
221 #else
222  CASymChannelCipher *newCipher = CASymChannelCipherFactory::createCipher(CALibProxytest::getOptions()->getSymChannelCipherAlgorithm());
223  newCipher->setKeys(rsaBuff, LAST_MIX_SIZE_OF_SYMMETRIC_KEYS);
224  newCipher->crypt1(
225  pMixPacket->data + RSA_SIZE,
226  pMixPacket->data + rsaOutLen - LAST_MIX_SIZE_OF_SYMMETRIC_KEYS,
227  DATA_SIZE - RSA_SIZE);
228  memcpy(pMixPacket->data, rsaBuff + LAST_MIX_SIZE_OF_SYMMETRIC_KEYS,
229  rsaOutLen - LAST_MIX_SIZE_OF_SYMMETRIC_KEYS);
230 #endif
231 
232 #ifdef LOG_PACKET_TIMES
233  getcurrentTimeMicros(pQueueEntry->timestamp_proccessing_end_OP);
234 #endif
235 #ifdef WITH_INTEGRITY_CHECK
236  if (retval != E_SUCCESS)
237  {
238  /* invalid MAC -> send channel close packet with integrity error flag */
239  getRandom(pMixPacket->data, DATA_SIZE);
240  pMixPacket->flags = CHANNEL_CLOSE;
241  pMixPacket->payload.len = htons(INTEGRITY_ERROR_FLAG);
242  pMixPacket->payload.type = 0;
243  newCipher->encryptMessage(pMixPacket->data, 3, ciphertextBuff);
244  memcpy(pMixPacket->data, ciphertextBuff, 3 + GCM_MAC_SIZE);
245  delete newCipher;
246  newCipher = NULL;
247 #ifdef LOG_PACKET_TIMES
248  setZero64(pQueueEntry->timestamp_proccessing_start);
249 #endif
250  m_pQueueSendToMix->add(pQueueEntry, sizeof(tQueueEntry));
251  m_logDownloadedPackets++;
252 #if defined(ANON_DEBUG_MODE)
253  UINT8 tmpPacketBase64[DATA_SIZE << 1];
254  EVP_EncodeBlock(tmpPacketBase64, tmpPacketData, DATA_SIZE);
255  CAMsg::printMsg(LOG_ERR, "Integrity check failed in channel-open packet: %s\n", tmpPacketBase64);
256 #else
257  CAMsg::printMsg(LOG_ERR, "Integrity check failed in channel-open packet!\n");
258 #endif
259  }
260  else
261  {
262 #if defined(ANON_DEBUG_MODE)
263  UINT8 tmpPacketBase64[DATA_SIZE << 1];
264  EVP_EncodeBlock(tmpPacketBase64, tmpPacketData, DATA_SIZE);
265  CAMsg::printMsg(LOG_ERR, "Integrity check ok in channel-open packet: %s\n", tmpPacketBase64);
266 #endif
267 #endif
268 
269  CASocket *tmpSocket = new CASocket;
270  CACacheLoadBalancing *ptmpLB = m_pCacheLB;
271  ret = E_UNKNOWN;
272  if (pMixPacket->payload.type == MIX_PAYLOAD_SOCKS)
273  ptmpLB = m_pSocksLB;
274  else if (pMixPacket->payload.type == MIX_PAYLOAD_VPN)
275  ptmpLB = m_pVPNLB;
276  for (UINT32 count = 0; count < ptmpLB->getElementCount(); count++)
277  {
278  tmpSocket->create();
279  tmpSocket->setRecvBuff(50000);
280  tmpSocket->setSendBuff(5000);
281  ret = tmpSocket->connect(*ptmpLB->get(), LAST_MIX_TO_PROXY_CONNECT_TIMEOUT);
282  if (ret == E_SUCCESS)
283  break;
284  tmpSocket->close();
285  }
286  if (ret != E_SUCCESS)
287  {
288 #if defined(_DEBUG) || defined(DELAY_CHANNELS_LATENCY)
289  CAMsg::printMsg(LOG_DEBUG, "Cannot connect to Squid!\n");
290 #endif
291  delete tmpSocket;
292  tmpSocket = NULL;
293  /* send a close packet signaling the connect error */
294  getRandom(pMixPacket->data, DATA_SIZE);
295  pMixPacket->flags = CHANNEL_CLOSE;
296  pMixPacket->payload.len = 0;
297  pMixPacket->payload.type = CONNECTION_ERROR_FLAG;
298 #ifdef WITH_INTEGRITY_CHECK
299  newCipher->encryptMessage(pMixPacket->data, 3, ciphertextBuff);
300  memcpy(pMixPacket->data, ciphertextBuff, 3 + GCM_MAC_SIZE);
301 #else
302  newCipher->crypt2(pMixPacket->data, pMixPacket->data, DATA_SIZE);
303 #endif
304 #ifdef LOG_PACKET_TIMES
305  setZero64(pQueueEntry->timestamp_proccessing_start);
306 #endif
307  m_pQueueSendToMix->add(pQueueEntry, sizeof(tQueueEntry));
308  m_logDownloadedPackets++;
309  delete newCipher;
310  newCipher = NULL;
311  }
312  else
313  { //connection to proxy successful
314  UINT16 payLen = ntohs(pMixPacket->payload.len);
315 
316  //output payload if packet is marked for user surveillance
317 #ifdef LOG_CRIME
318  time_t timeChannelOpened = time(NULL);
319  bool bIsCrime = false;
320  if (bUserSurveillance)
321  {
322  bIsCrime = true;
323  if (CALibProxytest::getOptions()->isPayloadLogged())
324  {
325  UINT8 base64Payload[PAYLOAD_SIZE << 1];
326  EVP_EncodeBlock(base64Payload, pMixPacket->payload.data, payLen); //base64 encoding (without newline!)
327  CAMsg::printMsg(LOG_CRIT, "Crime detection: User surveillance, previous mix channel (opened at: %u): %u - Upstream Payload (Base64 encoded): %s\n", timeChannelOpened, pMixPacket->channel, base64Payload);
328  }
329  /*UINT8 *domain = parseDomainFromPayload(pMixPacket->payload.data, payLen);
330 
331  if(domain != NULL || (CALibProxytest::getOptions()->isPayloadLogged()) )
332  {
333  CAMsg::printMsg(LOG_CRIT,"Crime detection: User surveillance, previous mix channel: %u\n", pMixPacket->channel);
334  if(domain != NULL)
335  {
336  CAMsg::printMsg(LOG_CRIT, "Domain: %s\n", domain);
337  delete [] domain;
338  }
339  if(CALibProxytest::getOptions()->isPayloadLogged())
340  {
342  UINT8 tempPayload[PAYLOAD_SIZE+1];
343  memcpy(tempPayload, pMixPacket->payload.data,payLen);
344  tempPayload[payLen]=0;
345  CAMsg::printMsg(LOG_CRIT, "Payload: %s\n",tempPayload);
346  }
347  }*/
348  }
349 #endif
350 
351 #ifdef _DEBUG
352  UINT8 c = pMixPacket->payload.data[30];
353  pMixPacket->payload.data[30] = 0;
354  CAMsg::printMsg(LOG_DEBUG, "Try sending data to Squid: %s\n", pMixPacket->payload.data);
355  pMixPacket->payload.data[30] = c;
356 #endif
357 #ifdef LOG_CRIME
358  if (payLen <= PAYLOAD_SIZE && checkCrime(pMixPacket->payload.data, payLen, true))
359  {
360  bIsCrime = true;
361  UINT8 crimeBuff[PAYLOAD_SIZE + 1];
362  memset(pQueueEntryCrime, 0, sizeof(tQueueEntry));
363  memset(crimeBuff, 0, PAYLOAD_SIZE + 1);
364  memcpy(crimeBuff, pMixPacket->payload.data, payLen);
365  m_pMuxIn->sigCrime(pMixPacket->channel, &(pQueueEntryCrime->packet));
366  m_pQueueSendToMix->add(pQueueEntryCrime, sizeof(tQueueEntry));
367  int log = LOG_ENCRYPTED;
368  UINT32 srcPort = tmpSocket->getLocalPort();
369  if (!CALibProxytest::getOptions()->isEncryptedLogEnabled())
370  log = LOG_CRIT;
371  CAMsg::printMsg(log, "Crime detected -- previous mix channel: "
372  "%u -- Proxy Connection source port: %u -- Content: \n%s\n",
373  pMixPacket->channel, srcPort,
374  (CALibProxytest::getOptions()->isPayloadLogged() ? crimeBuff : (UINT8 *)"<not logged>"));
375  }
376 #endif
377  if (payLen > PAYLOAD_SIZE || tmpSocket->sendTimeOut(pMixPacket->payload.data, payLen, LAST_MIX_TO_PROXY_SEND_TIMEOUT) == SOCKET_ERROR)
378  {
379 #ifdef _DEBUG
380  CAMsg::printMsg(LOG_DEBUG, "Error sending Data to Squid!\n");
381 #endif
382  tmpSocket->close();
383  delete tmpSocket;
384  tmpSocket = NULL;
385  /* send a close packet signaling the connect error */
386  getRandom(pMixPacket->data, DATA_SIZE);
387  pMixPacket->flags = CHANNEL_CLOSE;
388  pMixPacket->payload.len = 0;
389  pMixPacket->payload.type = CONNECTION_ERROR_FLAG;
390 #ifdef WITH_INTEGRITY_CHECK
391  newCipher->encryptMessage(pMixPacket->data, 3, ciphertextBuff);
392  memcpy(pMixPacket->data, ciphertextBuff, 3 + GCM_MAC_SIZE);
393 #else
394  newCipher->crypt2(pMixPacket->data, pMixPacket->data, DATA_SIZE);
395 #endif
396 #ifdef LOG_PACKET_TIMES
397  setZero64(pQueueEntry->timestamp_proccessing_start);
398 #endif
399  m_pQueueSendToMix->add(pQueueEntry, sizeof(tQueueEntry));
400  m_logDownloadedPackets++;
401  delete newCipher;
402  newCipher = NULL;
403 #ifdef LOG_CRIME
404  if (bIsCrime)
405  {
406  int log = LOG_ENCRYPTED;
407  if (!CALibProxytest::getOptions()->isEncryptedLogEnabled())
408  log = LOG_CRIT;
409  CAMsg::printMsg(log, "Crime channel closed -- previous mix channel: %u\n", pMixPacket->channel);
410  }
411 #endif
412  }
413  else
414  {
415  tmpSocket->setNonBlocking(true);
416 #if defined(DELAY_CHANNELS_LATENCY)
417  UINT64 u64temp;
418  getcurrentTimeMillis(u64temp);
419 #endif
420  CAQueue *pQueue = new CAQueue(PAYLOAD_SIZE);
421 #ifdef LASTMIX_CHECK_MEMORY
422  pQueue->logIfSizeGreaterThen(100000);
423 #endif
424  m_pChannelList->add(pMixPacket->channel, tmpSocket, newCipher, pQueue
425 #if defined(LOG_CHANNEL)
426  ,
427  pQueueEntry->timestamp_proccessing_start, payLen
428 #endif
429 #if defined(DELAY_CHANNELS_LATENCY)
430  ,
431  u64temp
432 #endif
433 #ifdef LOG_CRIME
434  ,
435  bIsCrime, (bUserSurveillance && CALibProxytest::getOptions()->isPayloadLogged()), timeChannelOpened
436 #endif
437 #ifdef ANON_DEBUG_MODE
438  ,
439  bIsDebugPacket
440 #endif
441  );
442 #ifdef HAVE_EPOLL
443  psocketgroupCacheRead->add(*tmpSocket, m_pChannelList->get(pMixPacket->channel));
444 #else
445  psocketgroupCacheRead->add(*tmpSocket);
446 #endif
447 #ifdef LOG_PACKET_TIMES
448  getcurrentTimeMicros(pQueueEntry->timestamp_proccessing_end);
449  m_pLogPacketStats->addToTimeingStats(*pQueueEntry, CHANNEL_OPEN, true);
450 #endif
451 #ifdef DATA_RETENTION_LOG
452  pQueueEntry->dataRetentionLogEntry.t_out = htonl(time(NULL));
453  pQueueEntry->dataRetentionLogEntry.entity.last.channelid = htonl(pMixPacket->channel);
454  pQueueEntry->dataRetentionLogEntry.entity.last.port_out = tmpSocket->getLocalPort();
455  pQueueEntry->dataRetentionLogEntry.entity.last.port_out = htons(pQueueEntry->dataRetentionLogEntry.entity.last.port_out);
456  tmpSocket->getLocalIP(pQueueEntry->dataRetentionLogEntry.entity.last.ip_out);
457  m_pDataRetentionLog->log(&pQueueEntry->dataRetentionLogEntry);
458 #endif
459  }
460  }
461 #ifdef WITH_INTEGRITY_CHECK
462  }
463 #endif
464  }// Asym decryption was sucessfull
465  }//pMixPacket->flags==CHANNEL_OPEN
466  }
467  else
468  {//channellist entry !=NULL
469  if(pMixPacket->flags==CHANNEL_CLOSE)
470  {
473  /*
474  psocketgroupCacheRead->remove(*(pChannelListEntry->pSocket));
475  psocketgroupCacheWrite->remove(*(pChannelListEntry->pSocket));
476  pChannelListEntry->pSocket->close();
477  delete pChannelListEntry->pSocket;
478  pChannelListEntry->pSocket = NULL;
479  delete pChannelListEntry->pCipher;
480  pChannelListEntry->pCipher = NULL;
481  delete pChannelListEntry->pQueueSend;
482  pChannelListEntry->pQueueSend = NULL;
483  */
484  pChannelListEntry->pQueueSend->close();
485 #ifdef HAVE_EPOLL
486  psocketgroupCacheWrite->add(*(pChannelListEntry->pSocket),pChannelListEntry);
487 #else
488  psocketgroupCacheWrite->add(*(pChannelListEntry->pSocket));
489 #endif
490  #if defined (LOG_PACKET_TIMES) ||defined (LOG_CHANNEL)
491  getcurrentTimeMicros(pQueueEntry->timestamp_proccessing_end);
492  #endif
493  #if defined (LOG_PACKET_TIMES)
494  set64(pQueueEntry->timestamp_proccessing_end_OP,pQueueEntry->timestamp_proccessing_end);
495  m_pLogPacketStats->addToTimeingStats(*pQueueEntry,CHANNEL_CLOSE,true);
496  #endif
497  #ifdef LOG_CHANNEL
498  pChannelListEntry->packetsDataInFromUser++;
499  MACRO_DO_LOG_CHANNEL_CLOSE_FROM_USER
500  #endif
501  //m_pChannelList->removeChannel(pMixPacket->channel);
502  }
503  else if(pMixPacket->flags==CHANNEL_DATA)
504  {
505 #if defined(ANON_DEBUG_MODE)
506  //keep a copy of whole packet and output it, if something with integrity check went wrong...
507  UINT8 tmpPacket[DATA_SIZE];
508  memcpy(tmpPacket, pMixPacket->data, DATA_SIZE);
509 #endif
510  #ifdef LOG_CHANNEL
511  pChannelListEntry->packetsDataInFromUser++;
512  #endif
513  #ifdef WITH_INTEGRITY_CHECK
514  /* decrypt only the first 2 bytes to get the payload length */
515  UINT16 lengthAndFlagsField=0;
516  pChannelListEntry->pCipher->decryptMessage(pMixPacket->data, 2,(UINT8*) &lengthAndFlagsField, false);
517  payloadLen = ntohs(lengthAndFlagsField);
518  payloadLen &= PAYLOAD_LEN_MASK;
519  if (payloadLen > PAYLOAD_SIZE)
520  retval=E_UNKNOWN;
521  else
522  {
523  retval = pChannelListEntry->pCipher->decryptMessage(pMixPacket->data, payloadLen + 3 + GCM_MAC_SIZE, plaintextBuff, true);
524  }
525  if (retval != E_SUCCESS) {
526 #if defined(ANON_DEBUG_MODE)
527  UINT8 tmpPacketBase64[DATA_SIZE << 1];
528  EVP_EncodeBlock(tmpPacketBase64, tmpPacket, DATA_SIZE);
529  CAMsg::printMsg(LOG_ERR, "Integrity check failed in channel-data packet: %s\n", tmpPacketBase64);
530 #else
531  CAMsg::printMsg(LOG_ERR, "Integrity check failed in channel-data packet!\n");
532 #endif
533  /* invalid MAC -> send channel close packet with integrity error flag */
534  psocketgroupCacheRead->remove(*(pChannelListEntry->pSocket));
535  psocketgroupCacheWrite->remove(*(pChannelListEntry->pSocket));
536  pChannelListEntry->pSocket->close();
537  delete pChannelListEntry->pSocket;
538  pChannelListEntry->pSocket = NULL;
539  delete pChannelListEntry->pQueueSend;
540  pChannelListEntry->pQueueSend = NULL;
541  getRandom(pMixPacket->data, DATA_SIZE);
542  pMixPacket->flags = CHANNEL_CLOSE;
543  pMixPacket->payload.len = htons(INTEGRITY_ERROR_FLAG);
544  pMixPacket->payload.type = 0;
545  pChannelListEntry->pCipher->encryptMessage(pMixPacket->data, 3, ciphertextBuff);
546  memcpy(pMixPacket->data, ciphertextBuff, 3 + GCM_MAC_SIZE);
547  delete pChannelListEntry->pCipher;
548  pChannelListEntry->pCipher = NULL;
549  #ifdef LOG_CHANNEL
550  pChannelListEntry->packetsDataOutToUser++;
551  getcurrentTimeMicros(pQueueEntry->timestamp_proccessing_end);
552  MACRO_DO_LOG_CHANNEL_CLOSE_FROM_MIX
553  #endif
554  m_pChannelList->removeChannel(pMixPacket->channel);
555  #ifdef LOG_PACKET_TIMES
556  setZero64(pQueueEntry->timestamp_proccessing_start);
557  #endif
558  m_pQueueSendToMix->add(pQueueEntry,sizeof(tQueueEntry));
559  m_logDownloadedPackets++;
560  } else {
561  memcpy(pMixPacket->data, plaintextBuff, payloadLen + 3);
562  #else
563  pChannelListEntry->pCipher->crypt1(pMixPacket->data,pMixPacket->data,DATA_SIZE);
564  #endif
565  ret=ntohs(pMixPacket->payload.len);
566  if(ret&NEW_FLOW_CONTROL_FLAG)
567  {
568  //CAMsg::printMsg(LOG_DEBUG,"got send me\n");
569  pChannelListEntry->sendmeCounterDownstream=max(0,pChannelListEntry->sendmeCounterDownstream-FLOW_CONTROL_SENDME_SOFT_LIMIT);
570  }
571  ret&=PAYLOAD_LEN_MASK;
572  if(ret>=0&&ret<=PAYLOAD_SIZE)
573  {
574  #ifdef LOG_CHANNEL
575  pChannelListEntry->trafficInFromUser+=ret;
576  #endif
577  #ifdef LOG_PACKET_TIMES
578  getcurrentTimeMicros(pQueueEntry->timestamp_proccessing_end_OP);
579  #endif
580 
581  //output payload if packet is marked for user surveillance
582  #ifdef LOG_CRIME
583  if(bUserSurveillance)
584  {
585  if(CALibProxytest::getOptions()->isPayloadLogged())
586  {
587  UINT8 base64Payload[PAYLOAD_SIZE<<1];
588  EVP_EncodeBlock(base64Payload,pMixPacket->payload.data,ret);//base64 encoding (without newline!)
589  CAMsg::printMsg(LOG_CRIT,"Crime detection: User surveillance, previous mix channel (opened at: %u): %u - Upstream Payload (Base64 encoded): %s\n", pChannelListEntry->timeChannelOpened,pMixPacket->channel,base64Payload);
590  pChannelListEntry->bLogPayload=true;
591  }
592 /* UINT8 *domain = parseDomainFromPayload(pMixPacket->payload.data, ret);
593 
594  if(domain != NULL || (CALibProxytest::getOptions()->isPayloadLogged()) )
595  {
596  CAMsg::printMsg(LOG_CRIT,"Crime detection: User surveillance, previous mix channel: %u\n", pMixPacket->channel);
597  if(domain != NULL)
598  {
599  CAMsg::printMsg(LOG_CRIT, "Domain: %s\n", domain);
600  delete [] domain;
601  }
602  if(CALibProxytest::getOptions()->isPayloadLogged())
603  {
605  UINT8 tempPayload[PAYLOAD_SIZE+1];
606  memcpy(tempPayload, pMixPacket->payload.data,ret);
607  tempPayload[ret]=0;
608  CAMsg::printMsg(LOG_CRIT, "Payload: %s\n",tempPayload);
609  }
610  }
611  */ }
612  else if(checkCrime(pMixPacket->payload.data, ret,false)) // Note: false --> it make no sense to check for URL/Domain in DataPackets
613  {
614  UINT8 crimeBuff[PAYLOAD_SIZE+1];
615  memset(pQueueEntryCrime,0,sizeof(tQueueEntry));
616  memset(crimeBuff,0,PAYLOAD_SIZE+1);
617  memcpy(crimeBuff,pMixPacket->payload.data, ret);
618  m_pMuxIn->sigCrime(pMixPacket->channel, &(pQueueEntryCrime->packet));
619  m_pQueueSendToMix->add(pQueueEntryCrime,sizeof(tQueueEntry));
620  int log=LOG_ENCRYPTED;
621  if(!CALibProxytest::getOptions()->isEncryptedLogEnabled())
622  log=LOG_CRIT;
623  CAMsg::printMsg(log,"Crime detected -- previous mix channel: "
624  "%u -- Content: \n%s\n", pMixPacket->channel,
625  (CALibProxytest::getOptions()->isPayloadLogged() ? crimeBuff : (UINT8 *)"<not logged>"));
626  }
627 
628  #endif
629 
630  ret=pChannelListEntry->pQueueSend->add(pMixPacket->payload.data,ret);
631  }
632  else
633  ret=SOCKET_ERROR;
634  if(ret==SOCKET_ERROR)
635  {
636  psocketgroupCacheRead->remove(*(pChannelListEntry->pSocket));
637  psocketgroupCacheWrite->remove(*(pChannelListEntry->pSocket));
638  pChannelListEntry->pSocket->close();
639  delete pChannelListEntry->pSocket;
640  pChannelListEntry->pSocket = NULL;
641  delete pChannelListEntry->pQueueSend;
642  pChannelListEntry->pQueueSend = NULL;
643  /* send a close packet signaling the connect error */
644  getRandom(pMixPacket->data, DATA_SIZE);
645  pMixPacket->flags = CHANNEL_CLOSE;
646  pMixPacket->payload.len = 0;
647  pMixPacket->payload.type = 0;
648  #ifdef WITH_INTEGRITY_CHECK
649  pChannelListEntry->pCipher->encryptMessage(pMixPacket->data, 3, ciphertextBuff);
650  memcpy(pMixPacket->data, ciphertextBuff, 3 + GCM_MAC_SIZE);
651  #endif
652  delete pChannelListEntry->pCipher;
653  pChannelListEntry->pCipher = NULL;
654  #ifdef LOG_CHANNEL
655  pChannelListEntry->packetsDataOutToUser++;
656  getcurrentTimeMicros(pQueueEntry->timestamp_proccessing_end);
657  MACRO_DO_LOG_CHANNEL_CLOSE_FROM_MIX
658  #endif
659  m_pChannelList->removeChannel(pMixPacket->channel);
660  #ifdef LOG_PACKET_TIMES
661  setZero64(pQueueEntry->timestamp_proccessing_start);
662  #endif
663  m_pQueueSendToMix->add(pQueueEntry,sizeof(tQueueEntry));
664  m_logDownloadedPackets++;
665  }
666  else
667  {
668  //count this packet as Upstream packet...
669  pChannelListEntry->sendmeCounterUpstream++;
670  if(pChannelListEntry->sendmeCounterUpstream>=FLOW_CONTROL_SENDME_SOFT_LIMIT) //we need to sent the SENDME ack down to the client...
671  {
672  getRandom(pMixPacket->data, DATA_SIZE);
673  pMixPacket->flags = CHANNEL_DATA;
674  pMixPacket->payload.len = htons(NEW_FLOW_CONTROL_FLAG); //signal the SENDME
675  pMixPacket->payload.type = 0;
676  #ifdef WITH_INTEGRITY_CHECK
677  pChannelListEntry->pCipher->encryptMessage(pMixPacket->data, 3, ciphertextBuff);
678  memcpy(pMixPacket->data, ciphertextBuff, 3 + GCM_MAC_SIZE);
679  #else
680  pChannelListEntry->pCipher->crypt2(pMixPacket->data,pMixPacket->data,DATA_SIZE);
681  #endif
682  #ifdef LOG_CHANNEL
683  pChannelListEntry->packetsDataOutToUser++;
684  getcurrentTimeMicros(pQueueEntry->timestamp_proccessing_end);
685  MACRO_DO_LOG_CHANNEL_CLOSE_FROM_MIX
686  #endif
687  #ifdef LOG_PACKET_TIMES
688  setZero64(pQueueEntry->timestamp_proccessing_start);
689  #endif
690  //CAMsg::printMsg(LOG_DEBUG,"sent send me\n");
691  m_pQueueSendToMix->add(pQueueEntry,sizeof(tQueueEntry));
692  m_logDownloadedPackets++;
693  pChannelListEntry->sendmeCounterUpstream-=FLOW_CONTROL_SENDME_SOFT_LIMIT;
694  }
695 #ifdef HAVE_EPOLL
696  psocketgroupCacheWrite->add(*(pChannelListEntry->pSocket),pChannelListEntry);
697 #else
698  psocketgroupCacheWrite->add(*(pChannelListEntry->pSocket));
699 #endif
700  #ifdef LOG_PACKET_TIMES
701  getcurrentTimeMicros(pQueueEntry->timestamp_proccessing_end);
702  m_pLogPacketStats->addToTimeingStats(*pQueueEntry,CHANNEL_DATA,true);
703  #endif
704  }
705 #ifdef WITH_INTEGRITY_CHECK
706  }
707 #endif
708  }
709  }
710  }
711  }
712 //end Step 1
713 
714 //Step 2 Sending to Cache...
715  countRead=psocketgroupCacheWrite->select(0);
716  if(countRead>0)
717  {
718  bAktiv=true;
719 #ifdef HAVE_EPOLL
720  pChannelListEntry=(lmChannelListEntry*)psocketgroupCacheWrite->getFirstSignaledSocketData();
721  while(pChannelListEntry!=NULL)
722  {
723 #else
724  pChannelListEntry=m_pChannelList->getFirstSocket();
725  while(pChannelListEntry!=NULL&&countRead>0)
726  {
727  if(psocketgroupCacheWrite->isSignaled(*(pChannelListEntry->pSocket)))
728  {
729  countRead--;
730 #endif
731  SINT32 len=MIXPACKET_SIZE;
732  ret=pChannelListEntry->pQueueSend->peek(tmpBuff,(UINT32*)&len);
733  len=pChannelListEntry->pSocket->send(tmpBuff,len);
734 #ifdef _DEBUG
735  CAMsg::printMsg(LOG_DEBUG, "Channel %u: Wrote %i bytes to proxy\n", pChannelListEntry->channelIn, len);
736 #endif
737  if(len>=0)
738  {
739  add64((UINT64&)m_logUploadedBytes,len);
740  pChannelListEntry->pQueueSend->remove((UINT32*)&len);
741  if(pChannelListEntry->pQueueSend->isEmpty())
742  {
743  if(pChannelListEntry->pQueueSend->isClosed()) //channel was closed by user // Queue: EMPTY + CLOSED
744  {
745  psocketgroupCacheRead->remove(*(pChannelListEntry->pSocket));
746  psocketgroupCacheWrite->remove(*(pChannelListEntry->pSocket));
747  pChannelListEntry->pSocket->close();
748  delete pChannelListEntry->pSocket;
749  pChannelListEntry->pSocket = NULL;
750  delete pChannelListEntry->pCipher;
751  pChannelListEntry->pCipher = NULL;
752  delete pChannelListEntry->pQueueSend;
753  pChannelListEntry->pQueueSend = NULL;
754  m_pChannelList->removeChannel(pChannelListEntry->channelIn);
755  }
756  else //Queue: EMPTY+!CLOSED
757  {//nothing more to write at the moment...
758  psocketgroupCacheWrite->remove(*(pChannelListEntry->pSocket));
759  }
760  }
761  }
762  else
763  {
764  if(len==SOCKET_ERROR)
765  { //do something if send error
766  psocketgroupCacheRead->remove(*(pChannelListEntry->pSocket));
767  psocketgroupCacheWrite->remove(*(pChannelListEntry->pSocket));
768  pChannelListEntry->pSocket->close();
769  delete pChannelListEntry->pSocket;
770  pChannelListEntry->pSocket = NULL;
771  /* send a close packet signaling the connect error */
772  getRandom(pMixPacket->data, DATA_SIZE);
773  pMixPacket->flags = CHANNEL_CLOSE;
774  pMixPacket->payload.len = 0;
775  pMixPacket->payload.type = 0;
776  #ifdef WITH_INTEGRITY_CHECK
777  pChannelListEntry->pCipher->encryptMessage(pMixPacket->data, 3, ciphertextBuff);
778  memcpy(pMixPacket->data, ciphertextBuff, 3 + GCM_MAC_SIZE);
779  #endif
780  delete pChannelListEntry->pCipher;
781  pChannelListEntry->pCipher = NULL;
782  delete pChannelListEntry->pQueueSend;
783  pChannelListEntry->pQueueSend = NULL;
784  pMixPacket->channel=pChannelListEntry->channelIn;
785  #ifdef LOG_PACKET_TIMES
786  setZero64(pQueueEntry->timestamp_proccessing_start);
787  #endif
788  m_pQueueSendToMix->add(pQueueEntry,sizeof(tQueueEntry));
789  m_logDownloadedPackets++;
790  #ifdef LOG_CHANNEL
791  pChannelListEntry->packetsDataOutToUser++;
792  #endif
793  #ifdef LOG_CHANNEL
794  getcurrentTimeMicros(pQueueEntry->timestamp_proccessing_end);
795  MACRO_DO_LOG_CHANNEL_CLOSE_FROM_MIX
796  #endif
797  m_pChannelList->removeChannel(pChannelListEntry->channelIn);
798  }
799  }
800 #ifdef HAVE_EPOLL
801  pChannelListEntry=(lmChannelListEntry*)psocketgroupCacheWrite->getNextSignaledSocketData();
802 #else
803  }
804  pChannelListEntry=m_pChannelList->getNextSocket();
805 #endif
806  }
807  }
808 //End Step 2
809 
810 //Step 3 Reading from Cache....
811 
812  countRead=psocketgroupCacheRead->select(0);
813 #ifdef DELAY_CHANNELS_LATENCY
814  UINT64 current_time_millis;
815  getcurrentTimeMillis(current_time_millis);
816 #endif
817  if(countRead>0&&m_pQueueSendToMix->getSizeLookFree()<MAX_MIXIN_SEND_QUEUE_SIZE)
818  {
819 #ifdef HAVE_EPOLL
820  pChannelListEntry=(lmChannelListEntry*)psocketgroupCacheRead->getFirstSignaledSocketData();
821  while(pChannelListEntry!=NULL)
822  {
823 #else
824  pChannelListEntry=m_pChannelList->getFirstSocket();
825  while(pChannelListEntry!=NULL&&countRead>0)
826  {
827  if(psocketgroupCacheRead->isSignaled(*(pChannelListEntry->pSocket)))
828  {
829  countRead--;
830 #endif
831  //UINT32 bucketSize;
832  if((pChannelListEntry->sendmeCounterDownstream<FLOW_CONTROL_SENDME_HARD_LIMIT)
833  #ifdef DELAY_CHANNELS
834  && ( pChannelListEntry->delayBucket>0)
835  #endif
836  #ifdef DELAY_CHANNELS_LATENCY
837  &&(isGreater64(current_time_millis,pChannelListEntry->timeLatency))
838  #endif
839  )
840  {
841  #ifndef DELAY_CHANNELS
842  ret=pChannelListEntry->pSocket->receive(pMixPacket->payload.data,PAYLOAD_SIZE);
843  #else
844  UINT32 readLen=
845  min(
846  pChannelListEntry->delayBucket,
847  PAYLOAD_SIZE);
848  ret=pChannelListEntry->pSocket->receive(pMixPacket->payload.data,readLen);
849  #endif
850  #ifdef LOG_PACKET_TIMES
851  getcurrentTimeMicros(pQueueEntry->timestamp_proccessing_start);
852  set64(pQueueEntry->timestamp_proccessing_start_OP,pQueueEntry->timestamp_proccessing_start);
853  #endif
854  bAktiv=true;
855  if(ret==SOCKET_ERROR||ret==0)
856  {
857  psocketgroupCacheRead->remove(*(pChannelListEntry->pSocket));
858  psocketgroupCacheWrite->remove(*(pChannelListEntry->pSocket));
859  pChannelListEntry->pSocket->close();
860  delete pChannelListEntry->pSocket;
861  pChannelListEntry->pSocket = NULL;
862  /* send a close packet signaling the connect error */
863  getRandom(pMixPacket->data, DATA_SIZE);
864  pMixPacket->flags = CHANNEL_CLOSE;
865  pMixPacket->payload.len = 0;
866  pMixPacket->payload.type = 0;
867  #ifdef WITH_INTEGRITY_CHECK
868  pChannelListEntry->pCipher->encryptMessage(pMixPacket->data, 3, ciphertextBuff);
869  memcpy(pMixPacket->data, ciphertextBuff, 3 + GCM_MAC_SIZE);
870  #endif
871  delete pChannelListEntry->pCipher;
872  pChannelListEntry->pCipher = NULL;
873  delete pChannelListEntry->pQueueSend;
874  pChannelListEntry->pQueueSend = NULL;
875  pMixPacket->channel=pChannelListEntry->channelIn;
876  #ifdef LOG_PACKET_TIMES
877  getcurrentTimeMicros(pQueueEntry->timestamp_proccessing_end_OP);
878  #endif
879  m_pQueueSendToMix->add(pQueueEntry,sizeof(tQueueEntry));
880  m_logDownloadedPackets++;
881  #ifdef LOG_CHANNEL
882  pChannelListEntry->packetsDataOutToUser++;
883  #endif
884  #ifdef LOG_CHANNEL
885  getcurrentTimeMicros(pQueueEntry->timestamp_proccessing_end);
886  MACRO_DO_LOG_CHANNEL_CLOSE_FROM_MIX
887  #endif
888  m_pChannelList->removeChannel(pChannelListEntry->channelIn);
889  }
890  else
891  {
892  add64((UINT64&)m_logDownloadedBytes,ret);
893  #if defined(LOG_CHANNEL)
894  pChannelListEntry->trafficOutToUser+=ret;
895  #endif
896  #ifdef DELAY_CHANNELS
897  m_pChannelList->reduceDelayBuckets(pChannelListEntry->delayBucketID, ret);
898  #endif
899  pMixPacket->channel=pChannelListEntry->channelIn;
900  pMixPacket->flags=CHANNEL_DATA;
901  pMixPacket->payload.type=0;
902  pMixPacket->payload.len=htons((UINT16)ret);
903  if (ret < PAYLOAD_SIZE)
904  {
905  getRandom(pMixPacket->payload.data+ret, PAYLOAD_SIZE-ret);
906  }
907  //#endif
908  #ifdef LOG_CRIME
909  if(pChannelListEntry->bLogPayload)
910  {
911  UINT8 base64Payload[PAYLOAD_SIZE<<1];
912  EVP_EncodeBlock(base64Payload,pMixPacket->payload.data,ret);//base64 encoding (without newline!)
913  CAMsg::printMsg(LOG_CRIT,"Crime detection: User surveillance, previous mix channel (opened at: %u): %u - Downstream Payload (Base64 encoded): %s\n", pChannelListEntry->timeChannelOpened,pChannelListEntry->channelIn,base64Payload);
914  }
915  #endif //LOG_CRIME
916  #ifdef WITH_INTEGRITY_CHECK
917  pChannelListEntry->pCipher->encryptMessage(pMixPacket->data, ret + 3, ciphertextBuff);
918  memcpy(pMixPacket->data, ciphertextBuff, ret + 3 + GCM_MAC_SIZE);
919  getRandom(pMixPacket->data + ret + 3 + GCM_MAC_SIZE, DATA_SIZE - ret - 3 - GCM_MAC_SIZE);
920  #else
921  pChannelListEntry->pCipher->crypt2(pMixPacket->data,pMixPacket->data,DATA_SIZE);
922  #endif
923  #ifdef LOG_PACKET_TIMES
924  getcurrentTimeMicros(pQueueEntry->timestamp_proccessing_end_OP);
925  #endif
926 #ifdef ANON_DEBUG_MODE
927  if (pChannelListEntry->bDebug )
928  {
929  pMixPacket->flags |= CHANNEL_DEBUG;
930  UINT8 tmpPacketBase64[DATA_SIZE << 1];
931  EVP_EncodeBlock(tmpPacketBase64, pMixPacket->data, DATA_SIZE);
932  CAMsg::printMsg(LOG_ERR, "Put AN.ON debug packet into send queue: %s\n", tmpPacketBase64);
933  }
934 #endif
935 
936  m_pQueueSendToMix->add(pQueueEntry, sizeof(tQueueEntry));
937  m_logDownloadedPackets++;
938  #if defined(LOG_CHANNEL)
939  pChannelListEntry->packetsDataOutToUser++;
940  #endif
941  pChannelListEntry->sendmeCounterDownstream++;
942  }
943  }
944 #ifdef HAVE_EPOLL
945  pChannelListEntry=(lmChannelListEntry*)psocketgroupCacheRead->getNextSignaledSocketData();
946 #else
947  }
948  pChannelListEntry=m_pChannelList->getNextSocket();
949 #endif
950  }
951  }
952 //end Step 3
953 
954 //Step 4 Writing to previous Mix
955 // Now in a separate Thread!
956 //
957 //end step 4
958 #ifndef FAST_PROCESSING
959  if(!bAktiv)
960  msSleep(1);
961 #endif
962  }
963 
964 
965 
966 
967 //ERR:
968  CAMsg::printMsg(LOG_CRIT,"CALastMixA - loop() - Seems that we are restarting now!!\n");
969  m_bRunLog=false;
970  clean();
971 #ifdef LOG_CRIME
972  delete pQueueEntryCrime;
973  pQueueEntryCrime = NULL;
974 #endif
975  delete []tmpBuff;
976  tmpBuff = NULL;
977  delete []rsaBuff;
978  rsaBuff = NULL;
979  delete []ciphertextBuff;
980  ciphertextBuff = NULL;
981  delete []plaintextBuff;
982  plaintextBuff = NULL;
983  delete pQueueEntry;
984  pQueueEntry = NULL;
985  pLogThread->join();
986  delete pLogThread;
987  pLogThread = NULL;
988  delete psocketgroupCacheWrite;
989  psocketgroupCacheWrite = NULL;
990  delete psocketgroupCacheRead;
991  psocketgroupCacheRead = NULL;
992 #endif
993  CAMsg::printMsg(LOG_CRIT, "CALastMixA - loop() - finished!!\n");
994  return E_UNKNOWN;
995  }
996 
997 
998 
999 
1000 #else //MULTI_THREAD_PACKET_PROCESSING
1001 
1002 struct lm_packet_proccessing_loop_args_t
1003  {
1004  CALastMixA* pLastMix;
1005  CAQueue* pIncomingPacketQueue;
1006  };
1007 typedef struct lm_packet_proccessing_loop_args_t tPacketProcessingLoopArgs;
1008 
1009 
1010 SINT32 CALastMixA::loop()
1011  {
1012  //Create x threads. each thread is responsilbe for a certain subset of channels...
1013  UINT32 numThreads = 10;
1014  CAQueue**pIncomingPacketQueues= new CAQueue*[numThreads];
1015  CAThreadPool* pPacketProcessingThreads = new CAThreadPool(numThreads, numThreads, true);
1016  for (UINT32 i = 0; i < numThreads; i++)
1017  {
1018  pIncomingPacketQueues[i]= new CAQueue();
1019  tPacketProcessingLoopArgs* pPacketProcessingArgs = new tPacketProcessingLoopArgs;
1020  pPacketProcessingArgs->pLastMix = this;
1021  pPacketProcessingArgs->pIncomingPacketQueue = pIncomingPacketQueues[i];
1022  pPacketProcessingThreads->addRequest(lm_loopPacketProcessing, pPacketProcessingArgs);
1023 
1024  }
1025  tQueueEntry* pQueueEntry=new tQueueEntry;
1026  MIXPACKET* pMixPacket=&(pQueueEntry->packet);
1027 
1028  while(!m_bRestart)
1029  {
1030  UINT32 ret=sizeof(tQueueEntry);
1031  m_pQueueReadFromMix->get((UINT8*)pQueueEntry,(UINT32*)&ret);
1032  #if defined(LOG_PACKET_TIMES) ||defined(LOG_CHANNEL)
1033  getcurrentTimeMicros(pQueueEntry->timestamp_proccessing_start);
1034  #endif
1035  #ifdef LOG_PACKET_TIMES
1036  set64(pQueueEntry->timestamp_proccessing_start,pQueueEntry->timestamp_proccessing_start_OP);
1037  #endif
1038  if(pMixPacket->channel>0&&pMixPacket->channel<256)
1039  {
1040  m_pMuxInControlChannelDispatcher->proccessMixPacket(pMixPacket);
1041  continue;
1042  }
1043  // one packet received
1044  m_logUploadedPackets++;
1045  //dispatch it to the right processing thread
1046  //we use a simple mod operation as hash function, becuase the channel numbers are uniform random...
1047  pIncomingPacketQueues[pMixPacket->channel%numThreads]->add(pQueueEntry, ret);
1048  }
1049 
1050 //ERR:
1051  CAMsg::printMsg(LOG_CRIT,"Seems that we are restarting now!!\n");
1052  pPacketProcessingThreads->destroy(true);
1053  delete pPacketProcessingThreads;
1054 
1056 
1057  m_bRunLog=false;
1058  clean();
1059 
1060  delete pQueueEntry;
1061  pQueueEntry = NULL;
1062  return E_UNKNOWN;
1063  }
1064 
1065 
1066 THREAD_RETURN lm_loopPacketProcessing(void *params)
1067  {
1068  CALastMixA* pMix = static_cast<tPacketProcessingLoopArgs*>(params)->pLastMix;
1069  CAQueue* pIncomingPacketsQueue = static_cast<tPacketProcessingLoopArgs*>(params)->pIncomingPacketQueue;
1070  CALastMixChannelList* pChannelList=new CALastMixChannelList();
1071 #ifndef NEW_MIX_TYPE
1072  //CASocketList oSocketList;
1073 #ifdef DELAY_CHANNELS
1074  pChannelList->setDelayParameters( CALibProxytest::getOptions()->getDelayChannelUnlimitTraffic(),
1075  CALibProxytest::getOptions()->getDelayChannelBucketGrow(),
1076  CALibProxytest::getOptions()->getDelayChannelBucketGrowIntervall());
1077 #endif
1078 #ifdef DELAY_CHANNELS_LATENCY
1079  pChannelList->setDelayLatencyParameters( CALibProxytest::getOptions()->getDelayChannelLatency());
1080 #endif
1081 #ifdef HAVE_EPOLL
1082  CASocketGroupEpoll* psocketgroupCacheRead=new CASocketGroupEpoll(false);
1083  CASocketGroupEpoll* psocketgroupCacheWrite=new CASocketGroupEpoll(true);
1084 #else
1085  CASocketGroup* psocketgroupCacheRead=new CASocketGroup(false);
1086  CASocketGroup* psocketgroupCacheWrite=new CASocketGroup(true);
1087 #endif
1088  tQueueEntry* pQueueEntry=new tQueueEntry;
1089  MIXPACKET* pMixPacket=&pQueueEntry->packet;
1090  SINT32 ret;
1091  SINT32 countRead;
1092  lmChannelListEntry* pChannelListEntry;
1093  UINT8* rsaBuff=new UINT8[RSA_SIZE];
1094  UINT32 rsaOutLen=RSA_SIZE;
1095  UINT8* tmpBuff=new UINT8[MIXPACKET_SIZE];
1096  UINT8* ciphertextBuff=new UINT8[DATA_SIZE];
1097  UINT8* plaintextBuff=new UINT8[DATA_SIZE - GCM_MAC_SIZE];
1098 #ifdef WITH_INTEGRITY_CHECK
1099  UINT16 payloadLen;
1100  SINT32 retval;
1101 #endif
1102  bool bAktiv;
1103 // m_logUploadedPackets=m_logDownloadedPackets=0;
1104 // set64((UINT64&)m_logUploadedBytes,(UINT32)0);
1105 // set64((UINT64&)m_logDownloadedBytes,(UINT32)0);
1106 /* CAThread* pLogThread=new CAThread((UINT8*)"CALastMixA - LogLoop");
1107  pLogThread->setMainLoop(lm_loopLog);
1108  pLogThread->start(this);
1109 */
1110  #ifdef LOG_CRIME
1111  bool bUserSurveillance = false;
1112  tQueueEntry* pQueueEntryCrime = new tQueueEntry;
1113  #endif
1114 #ifdef ANON_DEBUG_MODE
1115  bool bIsDebugPacket = false;
1116 #endif
1117 
1118  #ifdef LOG_CHANNEL
1119  CAMsg::printMsg(LOG_DEBUG,"Channel time log format is as follows: Channel-ID,Channel Start [micros], Channel End [micros], Upload (bytes), Download (bytes), DataAndOpenPacketsFromUser, DataPacketsToUser\n");
1120  #endif
1121 
1122  while(!pMix->m_bRestart)
1123  {
1124  bAktiv=false;
1125 //Step 1a reading from previous Mix --> now in separate thread
1126 //Step 1b processing MixPackets from previous mix
1127 // processing maximal number of current channels packets
1128  if(pIncomingPacketsQueue->getSize()>=sizeof(tQueueEntry))
1129  {
1130  bAktiv=true;
1131  UINT32 channels=pChannelList->getSize()+1;
1132  for(UINT32 k=0;k<channels&&pIncomingPacketsQueue->getSize()>=sizeof(tQueueEntry);k++)
1133  {
1134  ret=sizeof(tQueueEntry);
1135  pIncomingPacketsQueue->get((UINT8*)pQueueEntry,(UINT32*)&ret);
1136  #if defined(LOG_PACKET_TIMES) ||defined(LOG_CHANNEL)
1137  getcurrentTimeMicros(pQueueEntry->timestamp_proccessing_start);
1138  #endif
1139  #ifdef LOG_PACKET_TIMES
1140  set64(pQueueEntry->timestamp_proccessing_start,pQueueEntry->timestamp_proccessing_start_OP);
1141  #endif
1142 #ifdef ANON_DEBUG_MODE
1143  if (pMixPacket->flags&CHANNEL_DEBUG)
1144  {
1145  UINT8 base64Payload[DATA_SIZE << 1];
1146  EVP_EncodeBlock(base64Payload, pMixPacket->data,DATA_SIZE);//base64 encoding (without newline!)
1147  pMixPacket->flags &= ~CHANNEL_DEBUG;
1148  CAMsg::printMsg(LOG_DEBUG, "AN.ON packet debug: %s\n",base64Payload);
1149  bIsDebugPacket = true;
1150  }
1151  else
1152  {
1153  bIsDebugPacket = false;
1154  }
1155 #endif
1156  pChannelListEntry=pChannelList->get(pMixPacket->channel);
1157 
1158  //check if this packet was marked by the previous mixes for user surveillance
1159  #ifdef LOG_CRIME
1160  bUserSurveillance = ((pMixPacket->flags & CHANNEL_SIG_CRIME) != 0);
1161  pMixPacket->flags &= ~CHANNEL_SIG_CRIME;
1162  #endif
1163 
1164  if(pChannelListEntry==NULL)
1165  {
1166  if(pMixPacket->flags==CHANNEL_OPEN)
1167  {
1168  #if defined(ANON_DEBUG_MODE)
1169  CAMsg::printMsg(LOG_DEBUG,"New Connection from previous Mix!\n");
1170  //keep a copy of whole packet and output it, if something with integrity check went wrong...
1171  UINT8 tmpPacketData[DATA_SIZE];
1172  memcpy(tmpPacketData,pMixPacket->data,DATA_SIZE);
1173  #endif
1174 
1175  #ifdef _DEBUG
1176  CAMsg::printMsg(LOG_DEBUG,"Received a channel open packet for incoming channel: %u\n",pMixPacket->channel);
1177  #endif
1178 
1179  SINT32 retAsymDecryption=pMix->m_pRSA->decryptOAEP(pMixPacket->data,rsaBuff,&rsaOutLen);
1180  #ifdef _DEBUG
1181  if(retAsymDecryption==E_UNKNOWN)
1182  {
1183  CAMsg::printMsg(LOG_DEBUG,"Error in channel open asym decryption - channel!\n");
1184  }
1185  #endif
1186  #ifdef REPLAY_DETECTION
1187  // replace time(NULL) with the real timestamp ()
1188  // packet-timestamp + m_u64ReferenceTime
1189  UINT32 stamp=((UINT32)(rsaBuff[13]<<16)+(UINT32)(rsaBuff[14]<<8)+(UINT32)(rsaBuff[15]))*REPLAY_BASE;
1190  if(m_pReplayDB->insert(rsaBuff,stamp+m_u64ReferenceTime)!=E_SUCCESS)
1191 // if(m_pReplayDB->insert(rsaBuff,time(NULL))!=E_SUCCESS)
1192  {
1193  CAMsg::printMsg(LOG_INFO,"Replay: Duplicate packet ignored.\n");
1194  continue;
1195  }
1196  #endif
1197  #ifdef WITH_INTEGRITY_CHECK
1198  CASymCipherGCM* newCipher = new CASymCipherGCM();
1199  newCipher->setGCMKeys(rsaBuff, rsaBuff + KEY_SIZE);
1200 
1201  //Decrypt only the first two bytes to get the payload length
1202  UINT16 lengthAndFlagsField=0;
1203  newCipher->decryptMessage(rsaBuff + LAST_MIX_SIZE_OF_SYMMETRIC_KEYS, 2,(UINT8*) &lengthAndFlagsField, false);
1204  payloadLen = ntohs(lengthAndFlagsField);
1205  payloadLen &= PAYLOAD_LEN_MASK;
1206  if (payloadLen > (PAYLOAD_SIZE-LAST_MIX_SIZE_OF_SYMMETRIC_KEYS-RSA_SIZE-GCM_MAC_SIZE - PAYLOAD_HEADER_SIZE+rsaOutLen))
1207  retval=E_UNKNOWN;
1208  else
1209  {
1210  //prepend the asym decrypted sym encrypted part of the Mix packet to the sym only encrypted part of the mix packet
1211  memcpy(pMixPacket->data+RSA_SIZE-rsaOutLen+LAST_MIX_SIZE_OF_SYMMETRIC_KEYS,rsaBuff + LAST_MIX_SIZE_OF_SYMMETRIC_KEYS,rsaOutLen-LAST_MIX_SIZE_OF_SYMMETRIC_KEYS);
1212  //now decrpyt the whole sym encrypted part
1213  retval = newCipher->decryptMessage(pMixPacket->data +RSA_SIZE-rsaOutLen+LAST_MIX_SIZE_OF_SYMMETRIC_KEYS, payloadLen+ GCM_MAC_SIZE + PAYLOAD_HEADER_SIZE , pMixPacket->data, true);
1214  }
1215  #else
1216  CASymChannelCipher* newCipher = CASymChannelCipherFactory::createCipher(CALibProxytest::getOptions()->getSymChannelCipherAlgorithm());
1217  newCipher->setKeys(rsaBuff,LAST_MIX_SIZE_OF_SYMMETRIC_KEYS);
1218  newCipher->crypt1(
1219  pMixPacket->data+RSA_SIZE,
1220  pMixPacket->data+rsaOutLen-LAST_MIX_SIZE_OF_SYMMETRIC_KEYS,
1221  DATA_SIZE-RSA_SIZE);
1222  memcpy( pMixPacket->data,rsaBuff+LAST_MIX_SIZE_OF_SYMMETRIC_KEYS,
1223  rsaOutLen-LAST_MIX_SIZE_OF_SYMMETRIC_KEYS);
1224  #endif
1225 
1226  #ifdef LOG_PACKET_TIMES
1227  getcurrentTimeMicros(pQueueEntry->timestamp_proccessing_end_OP);
1228  #endif
1229  #ifdef WITH_INTEGRITY_CHECK
1230  if (retval != E_SUCCESS)
1231  {
1232  /* invalid MAC -> send channel close packet with integrity error flag */
1233  getRandom(pMixPacket->data, DATA_SIZE);
1234  pMixPacket->flags = CHANNEL_CLOSE;
1235  pMixPacket->payload.len = htons(INTEGRITY_ERROR_FLAG);
1236  pMixPacket->payload.type = 0;
1237  newCipher->encryptMessage(pMixPacket->data, 3, ciphertextBuff);
1238  memcpy(pMixPacket->data, ciphertextBuff, 3 + GCM_MAC_SIZE);
1239  delete newCipher;
1240  newCipher = NULL;
1241  #ifdef LOG_PACKET_TIMES
1242  setZero64(pQueueEntry->timestamp_proccessing_start);
1243  #endif
1244  pMix->m_pQueueSendToMix->add(pQueueEntry,sizeof(tQueueEntry));
1245  #if defined(ANON_DEBUG_MODE)
1246  UINT8 tmpPacketBase64[DATA_SIZE<<1];
1247  EVP_EncodeBlock(tmpPacketBase64,tmpPacketData,DATA_SIZE);
1248  CAMsg::printMsg(LOG_ERR, "Integrity check failed in channel-open packet: %s\n",tmpPacketBase64);
1249  #else
1250  CAMsg::printMsg(LOG_ERR, "Integrity check failed in channel-open packet!\n");
1251  #endif
1252 
1253  } else {
1254  #if defined(ANON_DEBUG_MODE)
1255  UINT8 tmpPacketBase64[DATA_SIZE<<1];
1256  EVP_EncodeBlock(tmpPacketBase64,tmpPacketData,DATA_SIZE);
1257  CAMsg::printMsg(LOG_ERR, "Integrity check ok in channel-open packet: %s\n",tmpPacketBase64);
1258  #endif
1259  #endif
1260 
1261  CASocket* tmpSocket=new CASocket;
1262  CACacheLoadBalancing* ptmpLB=pMix->m_pCacheLB;
1263  ret=E_UNKNOWN;
1264  if(pMixPacket->payload.type==MIX_PAYLOAD_SOCKS)
1265  ptmpLB=pMix->m_pSocksLB;
1266  else if (pMixPacket->payload.type == MIX_PAYLOAD_VPN)
1267  ptmpLB = pMix->m_pVPNLB;
1268  for(UINT32 count=0;count<ptmpLB->getElementCount();count++)
1269  {
1270  tmpSocket->create();
1271  tmpSocket->setRecvBuff(50000);
1272  tmpSocket->setSendBuff(5000);
1273  ret=tmpSocket->connect(*ptmpLB->get(),LAST_MIX_TO_PROXY_CONNECT_TIMEOUT);
1274  if(ret==E_SUCCESS)
1275  break;
1276  tmpSocket->close();
1277  }
1278  if(ret!=E_SUCCESS)
1279  {
1280  #if defined (_DEBUG) || defined (DELAY_CHANNELS_LATENCY)
1281  CAMsg::printMsg(LOG_DEBUG,"Cannot connect to Squid!\n");
1282  #endif
1283  delete tmpSocket;
1284  tmpSocket = NULL;
1285  /* send a close packet signaling the connect error */
1286  getRandom(pMixPacket->data, DATA_SIZE);
1287  pMixPacket->flags = CHANNEL_CLOSE;
1288  pMixPacket->payload.len = 0;
1289  pMixPacket->payload.type = CONNECTION_ERROR_FLAG;
1290  #ifdef WITH_INTEGRITY_CHECK
1291  newCipher->encryptMessage(pMixPacket->data, 3, ciphertextBuff);
1292  memcpy(pMixPacket->data, ciphertextBuff, 3 + GCM_MAC_SIZE);
1293  #else
1294  newCipher->crypt2(pMixPacket->data, pMixPacket->data, DATA_SIZE);
1295  #endif
1296  #ifdef LOG_PACKET_TIMES
1297  setZero64(pQueueEntry->timestamp_proccessing_start);
1298  #endif
1299  pMix->m_pQueueSendToMix->add(pQueueEntry,sizeof(tQueueEntry));
1300  delete newCipher;
1301  newCipher = NULL;
1302  }
1303  else
1304  { //connection to proxy successful
1305  UINT16 payLen=ntohs(pMixPacket->payload.len);
1306 
1307  //output payload if packet is marked for user surveillance
1308  #ifdef LOG_CRIME
1309  time_t timeChannelOpened= time(NULL);
1310  if(bUserSurveillance)
1311  {
1312  if(CALibProxytest::getOptions()->isPayloadLogged())
1313  {
1314  UINT8 base64Payload[PAYLOAD_SIZE<<1];
1315  EVP_EncodeBlock(base64Payload,pMixPacket->payload.data,payLen);//base64 encoding (without newline!)
1316  CAMsg::printMsg(LOG_CRIT,"Crime detection: User surveillance, previous mix channel (opened at: %u): %u - Upstream Payload (Base64 encoded): %s\n", timeChannelOpened,pMixPacket->channel,base64Payload);
1317  }
1318  /*UINT8 *domain = parseDomainFromPayload(pMixPacket->payload.data, payLen);
1319 
1320  if(domain != NULL || (CALibProxytest::getOptions()->isPayloadLogged()) )
1321  {
1322  CAMsg::printMsg(LOG_CRIT,"Crime detection: User surveillance, previous mix channel: %u\n", pMixPacket->channel);
1323  if(domain != NULL)
1324  {
1325  CAMsg::printMsg(LOG_CRIT, "Domain: %s\n", domain);
1326  delete [] domain;
1327  }
1328  if(CALibProxytest::getOptions()->isPayloadLogged())
1329  {
1331  UINT8 tempPayload[PAYLOAD_SIZE+1];
1332  memcpy(tempPayload, pMixPacket->payload.data,payLen);
1333  tempPayload[payLen]=0;
1334  CAMsg::printMsg(LOG_CRIT, "Payload: %s\n",tempPayload);
1335  }
1336  }*/
1337  }
1338  #endif
1339 
1340  #ifdef _DEBUG
1341  UINT8 c=pMixPacket->payload.data[30];
1342  pMixPacket->payload.data[30]=0;
1343  CAMsg::printMsg(LOG_DEBUG,"Try sending data to Squid: %s\n",pMixPacket->payload.data);
1344  pMixPacket->payload.data[30]=c;
1345  #endif
1346  #ifdef LOG_CRIME
1347  if(payLen<=PAYLOAD_SIZE&&checkCrime(pMixPacket->payload.data,payLen,true))
1348  {
1349  UINT8 crimeBuff[PAYLOAD_SIZE+1];
1350  memset(pQueueEntryCrime,0,sizeof(tQueueEntry));
1351  memset(crimeBuff,0,PAYLOAD_SIZE+1);
1352  memcpy(crimeBuff,pMixPacket->payload.data,payLen);
1353  m_pMuxIn->sigCrime(pMixPacket->channel,pQueueEntryCrime->packet);
1354  m_pQueueSendToMix->add(pQueueEntryCrime,sizeof(tQueueEntry));
1355  int log=LOG_ENCRYPTED;
1356  UINT32 srcPort = tmpSocket->getLocalPort();
1357  if(!CALibProxytest::getOptions()->isEncryptedLogEnabled())
1358  log=LOG_CRIT;
1359  CAMsg::printMsg(log,"Crime detected -- previous mix channel: "
1360  "%u -- Proxy Connection source port: %u -- Content: \n%s\n", pMixPacket->channel,srcPort,
1361  (CALibProxytest::getOptions()->isPayloadLogged() ? crimeBuff : (UINT8 *)"<not logged>"));
1362  }
1363  #endif
1364  if(payLen>PAYLOAD_SIZE||tmpSocket->sendTimeOut(pMixPacket->payload.data,payLen,LAST_MIX_TO_PROXY_SEND_TIMEOUT)==SOCKET_ERROR)
1365  {
1366  #ifdef _DEBUG
1367  CAMsg::printMsg(LOG_DEBUG,"Error sending Data to Squid!\n");
1368  #endif
1369  tmpSocket->close();
1370  delete tmpSocket;
1371  tmpSocket = NULL;
1372  /* send a close packet signaling the connect error */
1373  getRandom(pMixPacket->data, DATA_SIZE);
1374  pMixPacket->flags = CHANNEL_CLOSE;
1375  pMixPacket->payload.len = 0;
1376  pMixPacket->payload.type = CONNECTION_ERROR_FLAG;
1377  #ifdef WITH_INTEGRITY_CHECK
1378  newCipher->encryptMessage(pMixPacket->data, 3, ciphertextBuff);
1379  memcpy(pMixPacket->data, ciphertextBuff, 3 + GCM_MAC_SIZE);
1380  #else
1381  newCipher->crypt2(pMixPacket->data, pMixPacket->data, DATA_SIZE);
1382  #endif
1383  #ifdef LOG_PACKET_TIMES
1384  setZero64(pQueueEntry->timestamp_proccessing_start);
1385  #endif
1386  pMix->m_pQueueSendToMix->add(pQueueEntry,sizeof(tQueueEntry));
1387  delete newCipher;
1388  newCipher = NULL;
1389  }
1390  else
1391  {
1392  tmpSocket->setNonBlocking(true);
1393  #if defined (DELAY_CHANNELS_LATENCY)
1394  UINT64 u64temp;
1395  getcurrentTimeMillis(u64temp);
1396  #endif
1397  CAQueue* pQueue=new CAQueue(PAYLOAD_SIZE);
1398  #ifdef LASTMIX_CHECK_MEMORY
1399  pQueue->logIfSizeGreaterThen(100000);
1400  #endif
1401  pChannelList->add(pMixPacket->channel,tmpSocket,newCipher,pQueue
1402  #if defined (LOG_CHANNEL)
1403  ,pQueueEntry->timestamp_proccessing_start,payLen
1404  #endif
1405  #if defined (DELAY_CHANNELS_LATENCY)
1406  ,u64temp
1407  #endif
1408  #ifdef LOG_CRIME
1409  ,(bUserSurveillance&&CALibProxytest::getOptions()->isPayloadLogged()),timeChannelOpened
1410  #endif
1411  #ifdef ANON_DEBUG_MODE
1412 ,bIsDebugPacket
1413 #endif
1414  );
1415 #ifdef HAVE_EPOLL
1416  psocketgroupCacheRead->add(*tmpSocket,pChannelList->get(pMixPacket->channel));
1417 #else
1418  psocketgroupCacheRead->add(*tmpSocket);
1419 #endif
1420  #ifdef LOG_PACKET_TIMES
1421  getcurrentTimeMicros(pQueueEntry->timestamp_proccessing_end);
1422  m_pLogPacketStats->addToTimeingStats(*pQueueEntry,CHANNEL_OPEN,true);
1423  #endif
1424  #ifdef DATA_RETENTION_LOG
1425  pQueueEntry->dataRetentionLogEntry.t_out=htonl(time(NULL));
1426  pQueueEntry->dataRetentionLogEntry.entity.last.channelid=htonl(pMixPacket->channel);
1427  pQueueEntry->dataRetentionLogEntry.entity.last.port_out=tmpSocket->getLocalPort();
1428  pQueueEntry->dataRetentionLogEntry.entity.last.port_out=htons(pQueueEntry->dataRetentionLogEntry.entity.last.port_out);
1429  tmpSocket->getLocalIP(pQueueEntry->dataRetentionLogEntry.entity.last.ip_out);
1430  m_pDataRetentionLog->log(&pQueueEntry->dataRetentionLogEntry);
1431  #endif
1432 
1433  }
1434  }
1435 #ifdef WITH_INTEGRITY_CHECK
1436  }
1437 #endif
1438  }
1439  }
1440  else
1441  {//channellist entry !=NULL
1442  if(pMixPacket->flags==CHANNEL_CLOSE)
1443  {
1446  /*
1447  psocketgroupCacheRead->remove(*(pChannelListEntry->pSocket));
1448  psocketgroupCacheWrite->remove(*(pChannelListEntry->pSocket));
1449  pChannelListEntry->pSocket->close();
1450  delete pChannelListEntry->pSocket;
1451  pChannelListEntry->pSocket = NULL;
1452  delete pChannelListEntry->pCipher;
1453  pChannelListEntry->pCipher = NULL;
1454  delete pChannelListEntry->pQueueSend;
1455  pChannelListEntry->pQueueSend = NULL;
1456  */
1457  pChannelListEntry->pQueueSend->close();
1458 #ifdef HAVE_EPOLL
1459  psocketgroupCacheWrite->add(*(pChannelListEntry->pSocket),pChannelListEntry);
1460 #else
1461  psocketgroupCacheWrite->add(*(pChannelListEntry->pSocket));
1462 #endif
1463  #if defined (LOG_PACKET_TIMES) ||defined (LOG_CHANNEL)
1464  getcurrentTimeMicros(pQueueEntry->timestamp_proccessing_end);
1465  #endif
1466  #if defined (LOG_PACKET_TIMES)
1467  set64(pQueueEntry->timestamp_proccessing_end_OP,pQueueEntry->timestamp_proccessing_end);
1468  m_pLogPacketStats->addToTimeingStats(*pQueueEntry,CHANNEL_CLOSE,true);
1469  #endif
1470  #ifdef LOG_CHANNEL
1471  pChannelListEntry->packetsDataInFromUser++;
1472  MACRO_DO_LOG_CHANNEL_CLOSE_FROM_USER
1473  #endif
1474  //m_pChannelList->removeChannel(pMixPacket->channel);
1475  }
1476  else if(pMixPacket->flags==CHANNEL_DATA)
1477  {
1478 #if defined(ANON_DEBUG_MODE)
1479  //keep a copy of whole packet and output it, if something with integrity check went wrong...
1480  UINT8 tmpPacket[DATA_SIZE];
1481  memcpy(tmpPacket, pMixPacket->data, DATA_SIZE);
1482 #endif
1483  #ifdef LOG_CHANNEL
1484  pChannelListEntry->packetsDataInFromUser++;
1485  #endif
1486  #ifdef WITH_INTEGRITY_CHECK
1487  /* decrypt only the first 2 bytes to get the payload length */
1488  UINT16 lengthAndFlagsField=0;
1489  pChannelListEntry->pCipher->decryptMessage(pMixPacket->data, 2,(UINT8*) &lengthAndFlagsField, false);
1490  payloadLen = ntohs(lengthAndFlagsField);
1491  payloadLen &= PAYLOAD_LEN_MASK;
1492  if (payloadLen > PAYLOAD_SIZE)
1493  retval=E_UNKNOWN;
1494  else
1495  {
1496  retval = pChannelListEntry->pCipher->decryptMessage(pMixPacket->data, payloadLen + 3 + GCM_MAC_SIZE, plaintextBuff, true);
1497  }
1498  if (retval != E_SUCCESS) {
1499 #if defined(ANON_DEBUG_MODE)
1500  UINT8 tmpPacketBase64[DATA_SIZE << 1];
1501  EVP_EncodeBlock(tmpPacketBase64, tmpPacket, DATA_SIZE);
1502  CAMsg::printMsg(LOG_ERR, "Integrity check failed in channel-data packet: %s\n", tmpPacketBase64);
1503 #else
1504  CAMsg::printMsg(LOG_ERR, "Integrity check failed in channel-data packet!\n");
1505 #endif
1506  /* invalid MAC -> send channel close packet with integrity error flag */
1507  psocketgroupCacheRead->remove(*(pChannelListEntry->pSocket));
1508  psocketgroupCacheWrite->remove(*(pChannelListEntry->pSocket));
1509  pChannelListEntry->pSocket->close();
1510  delete pChannelListEntry->pSocket;
1511  pChannelListEntry->pSocket = NULL;
1512  delete pChannelListEntry->pQueueSend;
1513  pChannelListEntry->pQueueSend = NULL;
1514  getRandom(pMixPacket->data, DATA_SIZE);
1515  pMixPacket->flags = CHANNEL_CLOSE;
1516  pMixPacket->payload.len = htons(INTEGRITY_ERROR_FLAG);
1517  pMixPacket->payload.type = 0;
1518  pChannelListEntry->pCipher->encryptMessage(pMixPacket->data, 3, ciphertextBuff);
1519  memcpy(pMixPacket->data, ciphertextBuff, 3 + GCM_MAC_SIZE);
1520  delete pChannelListEntry->pCipher;
1521  pChannelListEntry->pCipher = NULL;
1522  #ifdef LOG_CHANNEL
1523  pChannelListEntry->packetsDataOutToUser++;
1524  getcurrentTimeMicros(pQueueEntry->timestamp_proccessing_end);
1525  MACRO_DO_LOG_CHANNEL_CLOSE_FROM_MIX
1526  #endif
1527  pChannelList->removeChannel(pMixPacket->channel);
1528  #ifdef LOG_PACKET_TIMES
1529  setZero64(pQueueEntry->timestamp_proccessing_start);
1530  #endif
1531  pMix->m_pQueueSendToMix->add(pQueueEntry,sizeof(tQueueEntry));
1532  } else {
1533  memcpy(pMixPacket->data, plaintextBuff, payloadLen + 3);
1534  #else
1535  pChannelListEntry->pCipher->crypt1(pMixPacket->data,pMixPacket->data,DATA_SIZE);
1536  #endif
1537  ret=ntohs(pMixPacket->payload.len);
1538  if(ret&NEW_FLOW_CONTROL_FLAG)
1539  {
1540  //CAMsg::printMsg(LOG_DEBUG,"got send me\n");
1541  pChannelListEntry->sendmeCounterDownstream=max(0,pChannelListEntry->sendmeCounterDownstream-FLOW_CONTROL_SENDME_SOFT_LIMIT);
1542  }
1543  ret&=PAYLOAD_LEN_MASK;
1544  if(ret>=0&&ret<=PAYLOAD_SIZE)
1545  {
1546  #ifdef LOG_CHANNEL
1547  pChannelListEntry->trafficInFromUser+=ret;
1548  #endif
1549  #ifdef LOG_PACKET_TIMES
1550  getcurrentTimeMicros(pQueueEntry->timestamp_proccessing_end_OP);
1551  #endif
1552 
1553  //output payload if packet is marked for user surveillance
1554  #ifdef LOG_CRIME
1555  if(bUserSurveillance)
1556  {
1557  if(CALibProxytest::getOptions()->isPayloadLogged())
1558  {
1559  UINT8 base64Payload[PAYLOAD_SIZE<<1];
1560  EVP_EncodeBlock(base64Payload,pMixPacket->payload.data,ret);//base64 encoding (without newline!)
1561  CAMsg::printMsg(LOG_CRIT,"Crime detection: User surveillance, previous mix channel (opened at: %u): %u - Upstream Payload (Base64 encoded): %s\n", pChannelListEntry->timeChannelOpened,pMixPacket->channel,base64Payload);
1562  pChannelListEntry->bLogPayload=true;
1563  }
1564 /* UINT8 *domain = parseDomainFromPayload(pMixPacket->payload.data, ret);
1565 
1566  if(domain != NULL || (CALibProxytest::getOptions()->isPayloadLogged()) )
1567  {
1568  CAMsg::printMsg(LOG_CRIT,"Crime detection: User surveillance, previous mix channel: %u\n", pMixPacket->channel);
1569  if(domain != NULL)
1570  {
1571  CAMsg::printMsg(LOG_CRIT, "Domain: %s\n", domain);
1572  delete [] domain;
1573  }
1574  if(CALibProxytest::getOptions()->isPayloadLogged())
1575  {
1577  UINT8 tempPayload[PAYLOAD_SIZE+1];
1578  memcpy(tempPayload, pMixPacket->payload.data,ret);
1579  tempPayload[ret]=0;
1580  CAMsg::printMsg(LOG_CRIT, "Payload: %s\n",tempPayload);
1581  }
1582  }
1583  */ }
1584  else if(checkCrime(pMixPacket->payload.data, ret,false)) // Note: false --> it make no sense to check for URL/Domain in DataPackets
1585  {
1586  UINT8 crimeBuff[PAYLOAD_SIZE+1];
1587 
1588  memset(pQueueEntryCrime,0,sizeof(tQueueEntry));
1589  memset(crimeBuff,0,PAYLOAD_SIZE+1);
1590  memcpy(crimeBuff,pMixPacket->payload.data, ret);
1591  m_pMuxIn->sigCrime(pMixPacket->channel, pQueueEntryCrime->packet);
1592  m_pQueueSendToMix->add(pQueueEntryCrime,sizeof(tQueueEntry));
1593  int log=LOG_ENCRYPTED;
1594  if(!CALibProxytest::getOptions()->isEncryptedLogEnabled())
1595  log=LOG_CRIT;
1596  CAMsg::printMsg(log,"Crime detected -- previous mix channel: "
1597  "%u -- Content: \n%s\n", pMixPacket->channel,
1598  (CALibProxytest::getOptions()->isPayloadLogged() ? crimeBuff : (UINT8 *)"<not logged>"));
1599  }
1600 
1601  #endif
1602 
1603  ret=pChannelListEntry->pQueueSend->add(pMixPacket->payload.data,ret);
1604  }
1605  else
1606  ret=SOCKET_ERROR;
1607  if(ret==SOCKET_ERROR)
1608  {
1609  psocketgroupCacheRead->remove(*(pChannelListEntry->pSocket));
1610  psocketgroupCacheWrite->remove(*(pChannelListEntry->pSocket));
1611  pChannelListEntry->pSocket->close();
1612  delete pChannelListEntry->pSocket;
1613  pChannelListEntry->pSocket = NULL;
1614  delete pChannelListEntry->pQueueSend;
1615  pChannelListEntry->pQueueSend = NULL;
1616  /* send a close packet signaling the connect error */
1617  getRandom(pMixPacket->data, DATA_SIZE);
1618  pMixPacket->flags = CHANNEL_CLOSE;
1619  pMixPacket->payload.len = 0;
1620  pMixPacket->payload.type = 0;
1621  #ifdef WITH_INTEGRITY_CHECK
1622  pChannelListEntry->pCipher->encryptMessage(pMixPacket->data, 3, ciphertextBuff);
1623  memcpy(pMixPacket->data, ciphertextBuff, 3 + GCM_MAC_SIZE);
1624  #endif
1625  delete pChannelListEntry->pCipher;
1626  pChannelListEntry->pCipher = NULL;
1627  #ifdef LOG_CHANNEL
1628  pChannelListEntry->packetsDataOutToUser++;
1629  getcurrentTimeMicros(pQueueEntry->timestamp_proccessing_end);
1630  MACRO_DO_LOG_CHANNEL_CLOSE_FROM_MIX
1631  #endif
1632  pChannelList->removeChannel(pMixPacket->channel);
1633  #ifdef LOG_PACKET_TIMES
1634  setZero64(pQueueEntry->timestamp_proccessing_start);
1635  #endif
1636  pMix->m_pQueueSendToMix->add(pQueueEntry,sizeof(tQueueEntry));
1637  }
1638  else
1639  {
1640  //count this packet as Upstream packet...
1641  pChannelListEntry->sendmeCounterUpstream++;
1642  if(pChannelListEntry->sendmeCounterUpstream>=FLOW_CONTROL_SENDME_SOFT_LIMIT) //we need to sent the SENDME ack down to the client...
1643  {
1644  getRandom(pMixPacket->data, DATA_SIZE);
1645  pMixPacket->flags = CHANNEL_DATA;
1646  pMixPacket->payload.len = htons(NEW_FLOW_CONTROL_FLAG); //signal the SENDME
1647  pMixPacket->payload.type = 0;
1648  #ifdef WITH_INTEGRITY_CHECK
1649  pChannelListEntry->pCipher->encryptMessage(pMixPacket->data, 3, ciphertextBuff);
1650  memcpy(pMixPacket->data, ciphertextBuff, 3 + GCM_MAC_SIZE);
1651  #else
1652  pChannelListEntry->pCipher->crypt2(pMixPacket->data,pMixPacket->data,DATA_SIZE);
1653  #endif
1654  #ifdef LOG_CHANNEL
1655  pChannelListEntry->packetsDataOutToUser++;
1656  getcurrentTimeMicros(pQueueEntry->timestamp_proccessing_end);
1657  MACRO_DO_LOG_CHANNEL_CLOSE_FROM_MIX
1658  #endif
1659  #ifdef LOG_PACKET_TIMES
1660  setZero64(pQueueEntry->timestamp_proccessing_start);
1661  #endif
1662  //CAMsg::printMsg(LOG_DEBUG,"sent send me\n");
1663  pMix->m_pQueueSendToMix->add(pQueueEntry,sizeof(tQueueEntry));
1664  pChannelListEntry->sendmeCounterUpstream-=FLOW_CONTROL_SENDME_SOFT_LIMIT;
1665  }
1666 #ifdef HAVE_EPOLL
1667  psocketgroupCacheWrite->add(*(pChannelListEntry->pSocket),pChannelListEntry);
1668 #else
1669  psocketgroupCacheWrite->add(*(pChannelListEntry->pSocket));
1670 #endif
1671  #ifdef LOG_PACKET_TIMES
1672  getcurrentTimeMicros(pQueueEntry->timestamp_proccessing_end);
1673  m_pLogPacketStats->addToTimeingStats(*pQueueEntry,CHANNEL_DATA,true);
1674  #endif
1675  }
1676 #ifdef WITH_INTEGRITY_CHECK
1677  }
1678 #endif
1679  }
1680  }
1681  }
1682  }
1683 //end Step 1
1684 
1685 //Step 2 Sending to Cache...
1686  countRead=psocketgroupCacheWrite->select(0);
1687  if(countRead>0)
1688  {
1689  bAktiv=true;
1690 #ifdef HAVE_EPOLL
1691  pChannelListEntry=(lmChannelListEntry*)psocketgroupCacheWrite->getFirstSignaledSocketData();
1692  while(pChannelListEntry!=NULL)
1693  {
1694 #else
1695  pChannelListEntry=pChannelList->getFirstSocket();
1696  while(pChannelListEntry!=NULL&&countRead>0)
1697  {
1698  if(psocketgroupCacheWrite->isSignaled(*(pChannelListEntry->pSocket)))
1699  {
1700  countRead--;
1701 #endif
1702  SINT32 len=MIXPACKET_SIZE;
1703  ret=pChannelListEntry->pQueueSend->peek(tmpBuff,(UINT32*)&len);
1704  len=pChannelListEntry->pSocket->send(tmpBuff,len);
1705 #ifdef _DEBUG
1706  CAMsg::printMsg(LOG_DEBUG, "Channel %u: Wrote %i bytes to proxy\n", pChannelListEntry->channelIn, len);
1707 #endif
1708  if(len>=0)
1709  {
1710  pChannelListEntry->pQueueSend->remove((UINT32*)&len);
1711  if(pChannelListEntry->pQueueSend->isEmpty())
1712  {
1713  if(pChannelListEntry->pQueueSend->isClosed()) //channel was closed by user // Queue: EMPTY + CLOSED
1714  {
1715  psocketgroupCacheRead->remove(*(pChannelListEntry->pSocket));
1716  psocketgroupCacheWrite->remove(*(pChannelListEntry->pSocket));
1717  pChannelListEntry->pSocket->close();
1718  delete pChannelListEntry->pSocket;
1719  pChannelListEntry->pSocket = NULL;
1720  delete pChannelListEntry->pCipher;
1721  pChannelListEntry->pCipher = NULL;
1722  delete pChannelListEntry->pQueueSend;
1723  pChannelListEntry->pQueueSend = NULL;
1724  pChannelList->removeChannel(pChannelListEntry->channelIn);
1725  }
1726  else //Queue: EMPTY+!CLOSED
1727  {//nothing more to write at the moment...
1728  psocketgroupCacheWrite->remove(*(pChannelListEntry->pSocket));
1729  }
1730  }
1731  }
1732  else
1733  {
1734  if(len==SOCKET_ERROR)
1735  { //do something if send error
1736  psocketgroupCacheRead->remove(*(pChannelListEntry->pSocket));
1737  psocketgroupCacheWrite->remove(*(pChannelListEntry->pSocket));
1738  pChannelListEntry->pSocket->close();
1739  delete pChannelListEntry->pSocket;
1740  pChannelListEntry->pSocket = NULL;
1741  /* send a close packet signaling the connect error */
1742  getRandom(pMixPacket->data, DATA_SIZE);
1743  pMixPacket->flags = CHANNEL_CLOSE;
1744  pMixPacket->payload.len = 0;
1745  pMixPacket->payload.type = 0;
1746  #ifdef WITH_INTEGRITY_CHECK
1747  pChannelListEntry->pCipher->encryptMessage(pMixPacket->data, 3, ciphertextBuff);
1748  memcpy(pMixPacket->data, ciphertextBuff, 3 + GCM_MAC_SIZE);
1749  #endif
1750  delete pChannelListEntry->pCipher;
1751  pChannelListEntry->pCipher = NULL;
1752  delete pChannelListEntry->pQueueSend;
1753  pChannelListEntry->pQueueSend = NULL;
1754  pMixPacket->channel=pChannelListEntry->channelIn;
1755  #ifdef LOG_PACKET_TIMES
1756  setZero64(pQueueEntry->timestamp_proccessing_start);
1757  #endif
1758  pMix->m_pQueueSendToMix->add(pQueueEntry,sizeof(tQueueEntry));
1759  #ifdef LOG_CHANNEL
1760  pChannelListEntry->packetsDataOutToUser++;
1761  #endif
1762  #ifdef LOG_CHANNEL
1763  getcurrentTimeMicros(pQueueEntry->timestamp_proccessing_end);
1764  MACRO_DO_LOG_CHANNEL_CLOSE_FROM_MIX
1765  #endif
1766  pChannelList->removeChannel(pChannelListEntry->channelIn);
1767  }
1768  }
1769 #ifdef HAVE_EPOLL
1770  pChannelListEntry=(lmChannelListEntry*)psocketgroupCacheWrite->getNextSignaledSocketData();
1771 #else
1772  }
1773  pChannelListEntry=pChannelList->getNextSocket();
1774 #endif
1775  }
1776  }
1777 //End Step 2
1778 
1779 //Step 3 Reading from Cache....
1780 
1781  countRead=psocketgroupCacheRead->select(0);
1782 #ifdef DELAY_CHANNELS_LATENCY
1783  UINT64 current_time_millis;
1784  getcurrentTimeMillis(current_time_millis);
1785 #endif
1786  if(countRead>0&&pMix->m_pQueueSendToMix->getSizeLookFree()<MAX_MIXIN_SEND_QUEUE_SIZE)
1787  {
1788 #ifdef HAVE_EPOLL
1789  pChannelListEntry=(lmChannelListEntry*)psocketgroupCacheRead->getFirstSignaledSocketData();
1790  while(pChannelListEntry!=NULL)
1791  {
1792 #else
1793  pChannelListEntry=pChannelList->getFirstSocket();
1794  while(pChannelListEntry!=NULL&&countRead>0)
1795  {
1796  if(psocketgroupCacheRead->isSignaled(*(pChannelListEntry->pSocket)))
1797  {
1798  countRead--;
1799 #endif
1800  //UINT32 bucketSize;
1801  if((pChannelListEntry->sendmeCounterDownstream<FLOW_CONTROL_SENDME_HARD_LIMIT)
1802  #ifdef DELAY_CHANNELS
1803  && ( pChannelListEntry->delayBucket>0)
1804  #endif
1805  #ifdef DELAY_CHANNELS_LATENCY
1806  &&(isGreater64(current_time_millis,pChannelListEntry->timeLatency))
1807  #endif
1808  )
1809  {
1810  #ifndef DELAY_CHANNELS
1811  ret=pChannelListEntry->pSocket->receive(pMixPacket->payload.data,PAYLOAD_SIZE);
1812  #else
1813  UINT32 readLen=
1814  min(
1815  pChannelListEntry->delayBucket,
1816  PAYLOAD_SIZE);
1817  ret=pChannelListEntry->pSocket->receive(pMixPacket->payload.data,readLen);
1818  #endif
1819  #ifdef LOG_PACKET_TIMES
1820  getcurrentTimeMicros(pQueueEntry->timestamp_proccessing_start);
1821  set64(pQueueEntry->timestamp_proccessing_start_OP,pQueueEntry->timestamp_proccessing_start);
1822  #endif
1823  bAktiv=true;
1824  if(ret==SOCKET_ERROR||ret==0)
1825  {
1826  psocketgroupCacheRead->remove(*(pChannelListEntry->pSocket));
1827  psocketgroupCacheWrite->remove(*(pChannelListEntry->pSocket));
1828  pChannelListEntry->pSocket->close();
1829  delete pChannelListEntry->pSocket;
1830  pChannelListEntry->pSocket = NULL;
1831  /* send a close packet signaling the connect error */
1832  getRandom(pMixPacket->data, DATA_SIZE);
1833  pMixPacket->flags = CHANNEL_CLOSE;
1834  pMixPacket->payload.len = 0;
1835  pMixPacket->payload.type = 0;
1836  #ifdef WITH_INTEGRITY_CHECK
1837  pChannelListEntry->pCipher->encryptMessage(pMixPacket->data, 3, ciphertextBuff);
1838  memcpy(pMixPacket->data, ciphertextBuff, 3 + GCM_MAC_SIZE);
1839  #endif
1840  delete pChannelListEntry->pCipher;
1841  pChannelListEntry->pCipher = NULL;
1842  delete pChannelListEntry->pQueueSend;
1843  pChannelListEntry->pQueueSend = NULL;
1844  pMixPacket->channel=pChannelListEntry->channelIn;
1845  #ifdef LOG_PACKET_TIMES
1846  getcurrentTimeMicros(pQueueEntry->timestamp_proccessing_end_OP);
1847  #endif
1848  pMix->m_pQueueSendToMix->add(pQueueEntry,sizeof(tQueueEntry));
1849  #ifdef LOG_CHANNEL
1850  pChannelListEntry->packetsDataOutToUser++;
1851  #endif
1852  #ifdef LOG_CHANNEL
1853  getcurrentTimeMicros(pQueueEntry->timestamp_proccessing_end);
1854  MACRO_DO_LOG_CHANNEL_CLOSE_FROM_MIX
1855  #endif
1856  pChannelList->removeChannel(pChannelListEntry->channelIn);
1857  }
1858  else
1859  {
1860  //add64((UINT64&)m_logDownloadedBytes,ret);
1861  #if defined(LOG_CHANNEL)
1862  pChannelListEntry->trafficOutToUser+=ret;
1863  #endif
1864  #ifdef DELAY_CHANNELS
1865  pChannelList->reduceDelayBuckets(pChannelListEntry->delayBucketID, ret);
1866  #endif
1867  pMixPacket->channel=pChannelListEntry->channelIn;
1868  pMixPacket->flags=CHANNEL_DATA;
1869  pMixPacket->payload.type=0;
1870  pMixPacket->payload.len=htons((UINT16)ret);
1871  if (ret < DATA_SIZE)
1872  {
1873  getRandom(pMixPacket->data+ret, DATA_SIZE-ret);
1874  }
1875 
1876  //#endif
1877  #ifdef LOG_CRIME
1878  if(pChannelListEntry->bLogPayload)
1879  {
1880  UINT8 base64Payload[PAYLOAD_SIZE<<1];
1881  EVP_EncodeBlock(base64Payload,pMixPacket->payload.data,ret);//base64 encoding (without newline!)
1882  CAMsg::printMsg(LOG_CRIT,"Crime detection: User surveillance, previous mix channel (opened at: %u): %u - Downstream Payload (Base64 encoded): %s\n", pChannelListEntry->timeChannelOpened,pChannelListEntry->channelIn,base64Payload);
1883  }
1884  #endif //LOG_CRIME
1885  #ifdef WITH_INTEGRITY_CHECK
1886  pChannelListEntry->pCipher->encryptMessage(pMixPacket->data, ret + 3, ciphertextBuff);
1887  memcpy(pMixPacket->data, ciphertextBuff, ret + 3 + GCM_MAC_SIZE);
1888  getRandom(pMixPacket->data + ret + 3 + GCM_MAC_SIZE, DATA_SIZE - ret - 3 - GCM_MAC_SIZE);
1889  #else
1890  pChannelListEntry->pCipher->crypt2(pMixPacket->data,pMixPacket->data,DATA_SIZE);
1891  #endif
1892  #ifdef LOG_PACKET_TIMES
1893  getcurrentTimeMicros(pQueueEntry->timestamp_proccessing_end_OP);
1894  #endif
1895 #ifdef ANON_DEBUG_MODE
1896  if (pChannelListEntry->bDebug )
1897  {
1898  pMixPacket->flags |= CHANNEL_DEBUG;
1899  UINT8 tmpPacketBase64[DATA_SIZE << 1];
1900  EVP_EncodeBlock(tmpPacketBase64, pMixPacket->data, DATA_SIZE);
1901  CAMsg::printMsg(LOG_ERR, "Put AN.ON debug packet into send queue: %s\n", tmpPacketBase64);
1902  }
1903 #endif
1904 
1905  pMix->m_pQueueSendToMix->add(pQueueEntry, sizeof(tQueueEntry));
1906  #if defined(LOG_CHANNEL)
1907  pChannelListEntry->packetsDataOutToUser++;
1908  #endif
1909  pChannelListEntry->sendmeCounterDownstream++;
1910  }
1911  }
1912 #ifdef HAVE_EPOLL
1913  pChannelListEntry=(lmChannelListEntry*)psocketgroupCacheRead->getNextSignaledSocketData();
1914 #else
1915  }
1916  pChannelListEntry=pChannelList->getNextSocket();
1917 #endif
1918  }
1919  }
1920 //end Step 3
1921 
1922 //Step 4 Writing to previous Mix
1923 // Now in a separate Thread!
1924 //
1925 //end step 4
1926 #ifndef FAST_PROCESSING
1927  if(!bAktiv)
1928  msSleep(1);
1929 #endif
1930  }
1931 
1932 
1933 
1934 
1935 //ERR:
1936  CAMsg::printMsg(LOG_CRIT,"Seems that we are restarting now!!\n");
1937 #ifdef LOG_CRIME
1938  delete pQueueEntryCrime;
1939  pQueueEntryCrime = NULL;
1940 #endif
1941  delete []tmpBuff;
1942  tmpBuff = NULL;
1943  delete []rsaBuff;
1944  rsaBuff = NULL;
1945  delete []ciphertextBuff;
1946  ciphertextBuff = NULL;
1947  delete []plaintextBuff;
1948  plaintextBuff = NULL;
1949  delete pQueueEntry;
1950  pQueueEntry = NULL;
1951  delete psocketgroupCacheWrite;
1952  psocketgroupCacheWrite = NULL;
1953  delete psocketgroupCacheRead;
1954  psocketgroupCacheRead = NULL;
1955 #endif
1956  THREAD_RETURN_SUCCESS;
1957  }
1958 
1959 
1960 
1961 #endif
1962 
1963 #endif //ONLY_LOCAL_PROXY
RSA_SIZE
#define RSA_SIZE
Definition: CAASymCipher.hpp:44
LAST_MIX_SIZE_OF_SYMMETRIC_KEYS
#define LAST_MIX_SIZE_OF_SYMMETRIC_KEYS
Definition: CALastMixA.cpp:57
REPLAY_BASE
#define REPLAY_BASE
Definition: CAMixWithReplayDB.hpp:37
LOG_ENCRYPTED
#define LOG_ENCRYPTED
Definition: CAMsg.hpp:46
KEY_SIZE
#define KEY_SIZE
Definition: CASymCipher.hpp:31
getcurrentTimeMillis
SINT32 getcurrentTimeMillis(UINT64 &u64Time)
Gets the current Systemtime in milli seconds.
Definition: CAUtil.cpp:252
getcurrentTimeMicros
SINT32 getcurrentTimeMicros(UINT64 &u64Time)
Gets the current Systemtime in micros seconds.
Definition: CAUtil.cpp:280
getRandom
SINT32 getRandom(UINT32 *val)
Gets 32 random bits.
Definition: CAUtil.cpp:346
msSleep
SINT32 msSleep(UINT32 ms)
Sleeps ms milliseconds.
Definition: CAUtil.cpp:406
setZero64
void setZero64(UINT64 &op1)
Definition: CAUtil.hpp:355
add64
void add64(UINT64 &op1, UINT32 op2)
Definition: CAUtil.hpp:375
isGreater64
bool isGreater64(UINT64 &op1, UINT64 &op2)
Definition: CAUtil.hpp:416
set64
void set64(UINT64 &op1, UINT32 op2)
Definition: CAUtil.hpp:321
MAX_MIXIN_SEND_QUEUE_SIZE
#define MAX_MIXIN_SEND_QUEUE_SIZE
Definition: StdAfx.h:228
LAST_MIX_TO_PROXY_SEND_TIMEOUT
#define LAST_MIX_TO_PROXY_SEND_TIMEOUT
Definition: StdAfx.h:200
THREAD_RETURN
#define THREAD_RETURN
Definition: StdAfx.h:540
LAST_MIX_TO_PROXY_CONNECT_TIMEOUT
#define LAST_MIX_TO_PROXY_CONNECT_TIMEOUT
Definition: StdAfx.h:198
SOCKET_ERROR
#define SOCKET_ERROR
Definition: StdAfx.h:464
THREAD_RETURN_SUCCESS
#define THREAD_RETURN_SUCCESS
Definition: StdAfx.h:542
FLOW_CONTROL_SENDME_HARD_LIMIT
#define FLOW_CONTROL_SENDME_HARD_LIMIT
Definition: StdAfx.h:222
min
#define min(a, b)
Definition: StdAfx.h:649
FLOW_CONTROL_SENDME_SOFT_LIMIT
#define FLOW_CONTROL_SENDME_SOFT_LIMIT
Definition: StdAfx.h:223
max
#define max(a, b)
Definition: StdAfx.h:654
UINT16
unsigned short UINT16
Definition: basetypedefs.h:133
SINT32
signed int SINT32
Definition: basetypedefs.h:132
UINT8
unsigned char UINT8
Definition: basetypedefs.h:135
UINT32
unsigned int UINT32
Definition: basetypedefs.h:131
CAASymCipher::decryptOAEP
SINT32 decryptOAEP(const UINT8 *from, UINT8 *to, UINT32 *len)
Decrypts one OAEP encoded block which is stored in from.
Definition: CAASymCipher.cpp:103
CACacheLoadBalancing
This class stores Addresses off different Cache-Proxies.
Definition: CACacheLoadBalancing.hpp:46
CACacheLoadBalancing::get
CASocketAddrINet * get()
Gets the 'next' Address according to the Load-Balancing algorithm.
Definition: CACacheLoadBalancing.hpp:84
CAControlChannelDispatcher::proccessMixPacket
bool proccessMixPacket(const MIXPACKET *pPacket)
Definition: CAControlChannelDispatcher.cpp:68
CADatabase::insert
SINT32 insert(UINT8 key[16], UINT64 timestamp)
Inserts this key in the replay DB.
Definition: CADatabase.cpp:93
CALastMixA::loop
SINT32 loop()
Definition: CALastMixA.cpp:60
CALastMixChannelList::get
lmChannelListEntry * get(HCHANNEL channelIn)
Definition: CALastMixChannelList.hpp:135
CALastMixChannelList::add
SINT32 add(HCHANNEL id, CASocket *pSocket, CASymChannelCipher *pCipher, CAQueue *pQueue)
Definition: CALastMixChannelList.cpp:93
CALastMixChannelList::getFirstSocket
lmChannelListEntry * getFirstSocket()
Definition: CALastMixChannelList.hpp:178
CALastMixChannelList::getNextSocket
lmChannelListEntry * getNextSocket()
Definition: CALastMixChannelList.hpp:187
CALastMixChannelList::removeChannel
SINT32 removeChannel(HCHANNEL channelIn)
Definition: CALastMixChannelList.cpp:195
CALastMix::m_bRunLog
volatile bool m_bRunLog
Definition: CALastMix.hpp:189
CALastMix::m_logDownloadedPackets
volatile UINT32 m_logDownloadedPackets
Definition: CALastMix.hpp:192
CALastMix::m_pQueueSendToMix
CAQueue * m_pQueueSendToMix
Definition: CALastMix.hpp:153
CALastMix::m_logDownloadedBytes
volatile UINT64 m_logDownloadedBytes
Definition: CALastMix.hpp:193
CALastMix::m_logUploadedBytes
volatile UINT64 m_logUploadedBytes
Definition: CALastMix.hpp:191
CALastMix::m_pVPNLB
CACacheLoadBalancing * m_pVPNLB
Definition: CALastMix.hpp:160
CALastMix::m_pRSA
CAASymCipher * m_pRSA
Definition: CALastMix.hpp:161
CALastMix::m_pChannelList
CALastMixChannelList * m_pChannelList
Definition: CALastMix.hpp:166
CALastMix::m_pQueueReadFromMix
CAQueue * m_pQueueReadFromMix
Definition: CALastMix.hpp:154
CALastMix::m_pCacheLB
CACacheLoadBalancing * m_pCacheLB
Definition: CALastMix.hpp:158
CALastMix::lm_loopLog
friend THREAD_RETURN lm_loopLog(void *)
Definition: CALastMix.cpp:591
CALastMix::m_logUploadedPackets
volatile UINT32 m_logUploadedPackets
Definition: CALastMix.hpp:190
CALastMix::m_pMuxIn
CAMuxSocket * m_pMuxIn
Definition: CALastMix.hpp:152
CALastMix::m_bRestart
volatile bool m_bRestart
Definition: CALastMix.hpp:151
CALastMix::clean
SINT32 clean()
Definition: CALastMix.cpp:1031
CALastMix::m_pSocksLB
CACacheLoadBalancing * m_pSocksLB
Definition: CALastMix.hpp:159
CALibProxytest::getOptions
static CACmdLnOptions * getOptions()
Definition: CALibProxytest.hpp:11
CAMix::m_pMuxInControlChannelDispatcher
CAControlChannelDispatcher * m_pMuxInControlChannelDispatcher
Definition: CAMix.hpp:196
CAMixWithReplayDB::m_pReplayDB
CADatabase * m_pReplayDB
Definition: CAMixWithReplayDB.hpp:52
CAMsg::printMsg
static SINT32 printMsg(UINT32 typ, const char *format,...)
Writes a given message to the log.
Definition: CAMsg.cpp:251
CAQueue
This is a simple FIFO-Queue.
Definition: CAQueue.hpp:50
CAQueue::add
SINT32 add(const void *buff, UINT32 size)
Adds data to the Queue.
Definition: CAQueue.cpp:76
CAQueue::get
SINT32 get(UINT8 *pbuff, UINT32 *psize)
Gets up to psize number of bytes from the Queue.
Definition: CAQueue.cpp:148
CAQueue::peek
SINT32 peek(UINT8 *pbuff, UINT32 *psize)
Peeks data from the Queue.
Definition: CAQueue.cpp:258
CAQueue::close
SINT32 close()
Closes the Queue (for writing).
Definition: CAQueue.hpp:77
CAQueue::remove
SINT32 remove(UINT32 *psize)
Removes data from the Queue.
Definition: CAQueue.cpp:302
CAQueue::getSize
UINT32 getSize()
Returns the size of stored data in byte.
Definition: CAQueue.hpp:101
CAQueue::isClosed
bool isClosed()
Returns true, if the Queue is closed.
Definition: CAQueue.hpp:134
CAQueue::isEmpty
bool isEmpty()
Returns true, if the Queue is empty.
Definition: CAQueue.hpp:125
CAQueue::getSizeLookFree
UINT32 getSizeLookFree()
Returns the size of stored data in byte.
Definition: CAQueue.hpp:116
CASocketGroupEpoll::remove
SINT32 remove(CASocket &s)
Definition: CASocketGroupEpoll.hpp:100
CASocketGroupEpoll::isSignaled
bool isSignaled(CASocket &s)
Definition: CASocketGroupEpoll.hpp:155
CASocketGroupEpoll::add
SINT32 add(CASocket &s)
Adds the socket s to the socket group.
Definition: CASocketGroupEpoll.hpp:50
CASocket::receive
virtual SINT32 receive(UINT8 *buff, UINT32 len)
Will receive some bytes from the socket.
Definition: CASocket.cpp:645
CASocket::send
virtual SINT32 send(const UINT8 *buff, UINT32 len)
Sends some data over the network.
Definition: CASocket.cpp:400
CASocket::setRecvBuff
virtual SINT32 setRecvBuff(UINT32 r)
Definition: CASocket.cpp:846
CASocket::sendTimeOut
virtual SINT32 sendTimeOut(const UINT8 *buff, UINT32 len, UINT32 msTimeOut)
Sends some data over the network.
Definition: CASocket.cpp:442
CASocket::setNonBlocking
virtual SINT32 setNonBlocking(bool b)
Definition: CASocket.cpp:947
CASocket::setSendBuff
virtual SINT32 setSendBuff(SINT32 r)
Returns < 0 on error, otherwise the new sendbuffersize (which may be less than r)
Definition: CASocket.cpp:862
CASocket::create
virtual SINT32 create()
Definition: CASocket.cpp:73
CASocket::getLocalIP
virtual SINT32 getLocalIP(UINT8 r_Ip[4])
LERNGRUPPE Returns the source address of the socket.
Definition: CASocket.cpp:801
CASocket::close
virtual SINT32 close()
Definition: CASocket.cpp:351
CASocket::connect
virtual SINT32 connect(const CASocketAddr &psa)
Definition: CASocket.hpp:64
CASocket::getLocalPort
virtual SINT32 getLocalPort()
Definition: CASocket.cpp:811
CASymChannelCipherFactory::createCipher
static CASymChannelCipher * createCipher(SYMCHANNELCIPHER_ALGORITHM alg)
Definition: CASymChannelCipherFactory.hpp:49
CASymChannelCipher::crypt2
virtual SINT32 crypt2(const UINT8 *in, UINT8 *out, UINT32 len)=0
CASymChannelCipher::crypt1
virtual SINT32 crypt1(const UINT8 *in, UINT8 *out, UINT32 len)=0
CASymCipherGCM
This class could be used for encryption/decryption of data (streams) with AES using 128bit GCM mode.
Definition: CASymCipherGCM.hpp:42
CASymCipherGCM::setGCMKeys
void setGCMKeys(UINT8 *keyRecv, UINT8 *keySend)
Definition: CASymCipherGCM.hpp:95
CASymCipherGCM::encryptMessage
SINT32 encryptMessage(const UINT8 *in, UINT32 inlen, UINT8 *out)
Definition: CASymCipherGCM.hpp:136
CASymCipherGCM::decryptMessage
SINT32 decryptMessage(const UINT8 *in, UINT32 inlen, UINT8 *out, bool integrityCheck)
Definition: CASymCipherGCM.hpp:156
CAThread::start
SINT32 start(void *param, bool bDaemon=false, bool bSilent=false)
Starts the execution of the main function of this thread.
Definition: CAThread.cpp:115
CAThread::setMainLoop
SINT32 setMainLoop(THREAD_MAIN_TYP fnc)
Sets the main function which will be executed within this thread.
Definition: CAThread.hpp:148
CAThread::join
SINT32 join()
Waits for the main function to finish execution.
Definition: CAThread.cpp:187
CAThreadPool
This class bla bla.
Definition: CAThreadPool.hpp:32
CAThreadPool::destroy
SINT32 destroy(bool bWaitForFinish)
Definition: CAThreadPool.cpp:99
CAThreadPool::addRequest
SINT32 addRequest(THREAD_MAIN_TYP, void *args)
Adds a new request (task) to this threadpool.
Definition: CAThreadPool.cpp:51
E_SUCCESS
const SINT32 E_SUCCESS
Definition: errorcodes.hpp:2
E_UNKNOWN
#define E_UNKNOWN
Definition: errorcodes.hpp:3
pMix
CAMix * pMix
Definition: proxytest.cpp:75
__UINT64__t_
Definition: basetypedefs.h:143
t_MixPacket
Definition: typedefs.hpp:116
t_MixPacket::channel
HCHANNEL channel
Definition: typedefs.hpp:117
t_MixPacket::payload
struct t_MixPacketPayload payload
Definition: typedefs.hpp:122
t_MixPacket::data
UINT8 data[DATA_SIZE]
Definition: typedefs.hpp:121
t_MixPacket::flags
UINT16 flags
Definition: typedefs.hpp:118
t_MixPacketPayload::data
UINT8 data[PAYLOAD_SIZE]
Definition: typedefs.hpp:113
t_MixPacketPayload::type
UINT8 type
Definition: typedefs.hpp:112
t_MixPacketPayload::len
UINT16 len
Definition: typedefs.hpp:111
t_lastmixchannellist
Definition: CALastMixChannelList.hpp:46
t_lastmixchannellist::pCipher
CASymChannelCipher * pCipher
Definition: CALastMixChannelList.hpp:53
t_lastmixchannellist::sendmeCounterDownstream
SINT32 sendmeCounterDownstream
Definition: CALastMixChannelList.hpp:57
t_lastmixchannellist::pSocket
CASocket * pSocket
Definition: CALastMixChannelList.hpp:55
t_lastmixchannellist::pQueueSend
CAQueue * pQueueSend
Definition: CALastMixChannelList.hpp:56
t_lastmixchannellist::channelIn
HCHANNEL channelIn
Definition: CALastMixChannelList.hpp:49
t_lastmixchannellist::sendmeCounterUpstream
SINT32 sendmeCounterUpstream
Definition: CALastMixChannelList.hpp:58
t_queue_entry
Definition: typedefs.hpp:169
t_queue_entry::packet
MIXPACKET packet
Definition: typedefs.hpp:170
CHANNEL_DATA
#define CHANNEL_DATA
Definition: typedefs.hpp:42
MIXPACKET_SIZE
#define MIXPACKET_SIZE
Definition: typedefs.hpp:40
CHANNEL_DEBUG
#define CHANNEL_DEBUG
Definition: typedefs.hpp:51
PAYLOAD_SIZE
#define PAYLOAD_SIZE
Definition: typedefs.hpp:73
MIX_PAYLOAD_SOCKS
#define MIX_PAYLOAD_SOCKS
Definition: typedefs.hpp:36
MIX_PAYLOAD_VPN
#define MIX_PAYLOAD_VPN
Definition: typedefs.hpp:37
GCM_MAC_SIZE
#define GCM_MAC_SIZE
Definition: typedefs.hpp:78
CHANNEL_CLOSE
#define CHANNEL_CLOSE
Definition: typedefs.hpp:47
NEW_FLOW_CONTROL_FLAG
#define NEW_FLOW_CONTROL_FLAG
Definition: typedefs.hpp:63
tQueueEntry
struct t_queue_entry tQueueEntry
Definition: typedefs.hpp:188
PAYLOAD_LEN_MASK
#define PAYLOAD_LEN_MASK
Definition: typedefs.hpp:79
len
UINT16 len
Definition: typedefs.hpp:0
CHANNEL_SIG_CRIME
#define CHANNEL_SIG_CRIME
Definition: typedefs.hpp:58
PAYLOAD_HEADER_SIZE
#define PAYLOAD_HEADER_SIZE
Definition: typedefs.hpp:76
CHANNEL_OPEN
#define CHANNEL_OPEN
Definition: typedefs.hpp:43
DATA_SIZE
#define DATA_SIZE
Definition: typedefs.hpp:69
CONNECTION_ERROR_FLAG
#define CONNECTION_ERROR_FLAG
Definition: typedefs.hpp:67
INTEGRITY_ERROR_FLAG
#define INTEGRITY_ERROR_FLAG
Definition: typedefs.hpp:65
Generated on Sat Jul 22 2023 00:20:08 for Mixe for Privacy and Anonymity in the Internet by doxygen 1.9.1