Reversed the decryption order:
1. If link exists with session_ready, try normal decryption first
2. If normal decryption succeeds, process packet normally (goto process_decrypted)
3. If normal decryption fails OR no link OR no session, try INIT decryption
4. If INIT succeeds, create new server-side connection and link
This is more efficient because:
- Most packets are regular data (use normal decryption)
- INIT packets are rare (only during connection setup)
- Works correctly for both standard client-server and mesh topologies
All 23 tests now pass.
When receiving packets on client links, try INIT decryption first.
If it fails (e.g., for INIT_RESPONSE packets), fallback to normal
decryption using the existing link's crypto context.
This fixes mesh topology where both nodes send INIT simultaneously,
while maintaining compatibility with standard client-server mode where
client links receive INIT_RESPONSE packets.
Changes:
- If link==NULL OR link is client (is_server==0), try INIT decryption
- On any INIT decryption error, if we have an existing link, goto normal_decrypt
- Added normal_decrypt label before standard packet processing
- This allows handling both incoming INIT (create server link) and
incoming responses (use existing client link) correctly
When receiving an INIT packet, the code was looking up existing links by
address. However, in a mesh topology where each node has both client and
server connections to peers, a client link created during initialization
would be found when receiving an incoming INIT packet from that peer.
This caused the code to try decrypting the INIT packet using the client
link's crypto context, which failed because the session keys weren't
properly established yet.
The fix checks if the found link is a client link (is_server==0) and if
so, treats the packet as a new INIT connection that needs to create a
server-side link instead.
Changed condition from:
if (link==NULL)
to:
if (link==NULL || link->is_server==0)
- Fix function pointer declarations in tun_windows.c (removed broken macro)
- Use explicit GetProcAddress calls for each Wintun function
- Remove invalid fields from MIB_IPINTERFACE_ROW (PromiscuousMode, DadState, etc.)
- Add #ifndef _WIN32 around IF_NAMESIZE/if_indextoname in etcp_connections.c
- All 22 tests pass on Linux
- Wrap net/if.h include in #ifndef _WIN32 in etcp_connections.c
- Add forward declarations for ROUTE_TABLE and ROUTE_ENTRY in route_lib.h
- All 22 tests pass on Linux
- Add sa_family_t typedef for Windows in platform_compat.h
- Add forward declaration of struct ll_queue in ll_queue.h to fix warnings
- Replace arpa/inet.h includes with platform_compat.h in:
tun_linux.c, etcp_connections.c, route_lib.c, route_bgp.c,
utun_instance.c, routing.c, utun.c, packet_dump.h, config_parser.c
- All 22 tests pass on Linux
- Add socket_compat.h/c with platform abstraction for POSIX/Windows
- socket_t typedef: int on POSIX, SOCKET on Windows
- Add socket_platform_init/cleanup for WSAStartup on Windows
- Add socket operations: create_udp, sendto, recvfrom, set_nonblocking
- Add socket options: set_buffers, set_reuseaddr, set_mark (Linux), bind_to_device (Linux)
- Update u_async: add socket_t support with uasync_add_socket_t/remove_socket_t
- Update ETCP: use socket_t and socket_compat functions
- Add DEBUG_CATEGORY_SOCKET for socket debugging
- All 22 tests pass on Linux
- MSYS2 UCRT64 compatible
- Add route_bgp.c/h with BGP-like route exchange functionality
- Implement route_bgp_init/destroy for module lifecycle
- Add route_bgp_new_conn to send routing table on connection
- Implement route_bgp_receive_cbk for processing incoming routes
- Add route_table_delete_entry for individual route removal
- Extend ROUTE_ENTRY with endpoint_ip, endpoint_port, destination_node_id
- Add DEBUG_CATEGORY_BGP to debug_config.h
- Integrate BGP initialization into utun_instance_create
- Call route_bgp_new_conn from etcp_connections on link init
- Create integration test test_bgp_route_exchange.c
- Add route_bgp_delete_entry tests to test_route_lib.c
- Update Makefiles to include new module
Route exchange tested and working in both directions (client-server)
- Add peer_ipv4 (4 bytes) and peer_port (2 bytes) to INIT_RESPONSE packet
- Server now returns client's external IP:port in handshake response
- Client parses and stores NAT address in ETCP_LINK structure
- Track NAT address changes with nat_changes_count counter
- Track NAT address matches with nat_hits_count counter
- Legacy protocol support: detect old format without NAT info
- Add DEBUG logging for NAT address initialization/changes/hits
This allows clients behind NAT to discover their external address
during the ETCP handshake process.
All 21 tests pass successfully.
- Fixed race condition: routing_add_conn called before etcp->normalizer was assigned
- Moved routing_add_conn from pn_init to etcp_connection_create after normalizer init
- Added routing.h include to etcp.c
- Fixed tests: disable routing callback on output_queue to keep packets for test verification
All 19 tests now pass.
- Removed usleep(5000) from all test event loops
- Changed to use single shared uasync for server and client instances
- Removed uasync_destroy from utun_instance_destroy to prevent double-free
- Added explicit uasync_destroy calls in all tests and main program
- Fixed segfault in test_pkt_normalizer_etcp and test_etcp_100_packets
- Added DEBUG_TRACE to all functions in etcp.c and etcp_connections.c
Tests now run without artificial delays and complete successfully.
- Add log_name[16] field to ETCP_CONN structure for connection identification
- Add etcp_update_log_name() function to update identifier when peer_node_id is known
- Update all DEBUG_* calls in etcp.c and etcp_loadbalancer.c to include log_name prefix
- Add DEBUG_CATEGORY_NORMALIZER for packet normalizer debug output
- Change log timestamp format to [hh:mm:ss-mmm.uuu] with microseconds precision
- Reorder debug output: (file:line) function() [log_name] message
- Remove duplicate function names from log messages
- Clean up backup files from pkt_normalizer development
- Add etcp_find_free_local_link_id() function to allocate unique link IDs
- Modify etcp_link_new() to auto-assign local_link_id, fail if none available
- Update INIT_REQUEST (0x02/0x04) to send local_link_id after keepalive
- Update INIT_RESPONSE (0x03/0x05) to include local_link_id
- Parse remote_link_id from incoming handshake packets
- Update protocol documentation in doc/etcp_protocol.txt
- Add comprehensive unit test test_etcp_link_id.c
New packet format:
INIT_REQUEST: [code][node_id(8)][mtu(2)][keepalive(2)][link_id(1)][pubkey(64)]
INIT_RESPONSE: [code][node_id(8)][mtu(2)][link_id(1)]
- etcp_connections.c: Add incoming server connections to instance->connections list
- test_etcp_simple_traffic.c: Fix ETCP_FRAGMENT handling in check_packet_received()
- test_etcp_simple_traffic.c: Fix packet size check (ETCP adds headers to payload)
- Reduced debug verbosity in ll_queue.c and debug_config.c
Changes:
- ll_queue callback now receives only queue pointer and arg (no data)
- Added log_dump and addr_to_string utility functions
- Removed temporary backup files
- Updated AGENTS.md with additional guidelines
- Fixed compiler warnings in etcp.c and pkt_normalizer.c
- Change xxx from 1 to 0, fixing pointer arithmetic in queue_resume_timeout_cb
- Update comments: callback receives struct ll_entry* not user data
- Rename payload field to data in struct ll_entry
- etcp: fix INFLIGHT_PACKET to ACK_PACKET type in etcp_conn_input
- debug: remove excessive DEBUG_ERROR/DEBUG_DEBUG messages
- tests: rewrite test_ll_queue.c for new architecture
Root cause: Use-after-free bug in init_connections() function
- Connections were added to instance list BEFORE all validations completed
- When crypto initialization failed, connections were freed but pointers remained in list
- During cleanup, utun_instance_destroy() tried to free already freed connections
Solution: Reordered validation logic to add connections AFTER all validations pass
1. Create connection and perform all validations (crypto, peer key, links)
2. Only add to list after all validations pass successfully
3. Skip list addition and clean up properly if any validation fails
Results:
- No more segmentation faults or double free errors
- test_etcp_simple_traffic runs successfully without crashing
- Connections are properly managed throughout their lifecycle
- Clean memory management - no stale pointers in connection lists
Technical details:
- Moved connection list addition from line ~850 to line ~917 (after all validations)
- Added proper cleanup path for failed validations
- Maintains backward compatibility with existing API
- Prevents use-after-free scenarios during connection lifecycle
- Fixed incorrect init_connections() call in test_etcp_simple_traffic.c (was calling server_instance instead of client_instance)
- Fixed double free in timeout_heap_pop() when handling deleted elements
- Enhanced NULL pointer safety in uasync_print_resources() by removing complex heap manipulation
- Added debug logging to timeout_heap_pop() for better error tracking
Test results: test_etcp_simple_traffic now passes without double free errors
✅ Implemented compact packet dump format for better readability
✅ Added configurable packet dump modes (compact vs full)
✅ Created log_packet_compact() for high-frequency packet logging
✅ Added packet type and timestamp extraction for better analysis
✅ Single-line format: [ETCP] SEND: link=0x... type=0x02 ts=123 len=77
✅ Full hex dump available at DEBUG_TRACE level for small packets
✅ Maintains compatibility with existing multi-line format
✅ All tests pass with new packet dump functionality
The new format provides:
- Single-line packet info for better readability
- Packet type and timestamp extraction
- Configurable output modes
- Efficient logging for high-frequency packet flows
Example output:
[ETCP] SEND: link=0x55f2c3e4a5c0 type=0x02 ts=12345 len=77
[ETCP] RECV: link=NULL type=0x03 ts=0 len=25
✅ Fixed critical segmentation fault (SIGABRT) in test_etcp_two_instances
✅ Added comprehensive timer debug logging with DEBUG_CATEGORY_TIMERS
✅ Created uasync_print_resources() function for resource diagnostics
✅ Created utun_instance_diagnose_leaks() function for leak analysis
✅ Fixed cleanup order - cancel timers before destroying uasync instances
✅ Fixed timer cancellation to properly update counters
✅ Fixed socket cleanup to unregister from uasync before destruction
✅ Added detailed diagnostic output for memory leak tracking
✅ All tests now pass without crashes
Key fixes:
- Fixed use-after-free in test cleanup sequence
- Added proper timer leak detection and cleanup
- Enhanced debug capabilities for future debugging
- Fixed ETCP socket cleanup to prevent resource leaks
The test_etcp_two_instances now runs successfully without segmentation faults.
- Made get_current_time_units() function globally accessible in etcp.h
- Improved packet dump formatting for better debugging clarity
- Added link timing tracking with last_recv_local_time and last_recv_timestamp
- Fixed packet parsing to properly skip timestamp bytes
- Enhanced connection state monitoring and error handling
- Removed obsolete etcp_connections.c4 debug file
- Updated test output formatting for better readability
- Добавлена проверка session_ready перед шифрованием
- Исправлена структура пакета: зашифрованные данные + открытый ключ в конце
- Добавлена отладочная информация для диагностики шифрования
- Исправлена логика извлечения открытого ключа из входящих пакетов
Осталась проблема: открытый ключ в принимаемых пакетах содержит мусорные данные,
необходимо дополнительное расследование коррупции данных.
Добавлены комплексные DEBUG сообщения в критические точки проекта:
- **ETCP протокол** (etcp.c): ошибки инициализации криптоконтекста, выделения памяти для очередей, коротких пакетов, сбоев шифрования
- **ETCP соединения** (etcp_connections.c): ошибки установки публичных ключей, расшифровки пакетов, шифрования при отправке
- **TUN интерфейс** (tun_if.c): ошибки создания устройства, настройки IP/MTU, чтения/записи
- **Конфигурация** (config_parser.c): ошибки выделения памяти для структур конфигурации, парсинга IP-адресов
- **Маршрутизация** (routing.c): ошибки выделения памяти для таблиц, отсутствие маршрутов
Все DEBUG сообщения используют существующую систему категорий (CRYPTO, MEMORY, CONFIG, ROUTING, TUN, CONNECTION, ETCP) и предоставляют детальную информацию для диагностики проблем.
Проблема: test_etcp_two_instances.c создает два экземпляра (сервер и клиент),
и оба пытаются привязаться к одному и тому же адресу 127.0.0.1:9001.
Реальная ошибка: bind: Address already in use
Причина: В ETCP архитектуре каждый экземпляр создает серверные сокеты на основе
конфигурации. В тесте оба процесса на одной машине, поэтому возникает конфликт портов.
Что сделано:
1. Добавлен вызов bind() в etcp_socket_add (был пропущен критический вызов)
2. Добавлена отладка для отслеживания жизненного цикла сокетов
3. Создан debug_socket_test.sh для мониторинга портов в реальном времени
4. Удалены лишние вызовы init_connections для устранения дублирования
Результат: Теперь видно, что сервер действительно слушает на 127.0.0.1:9001,
но клиент не может привязаться к тому же порту. Необходимо использовать
разные порты для сервера и клиента в тестовой среде.
- Fixed INIT response structure (11 bytes without keepalive per spec)
- Fixed initialized=1 setting only on INIT response receipt
- Added old link removal before creating new ones
- Added protective comments for future developers
- ETCP handshake now works correctly with full spec compliance
- Added etcp_connections_read_callback forward declaration
- Register all ETCP sockets with uasync in etcp_socket_add()
- Debug output shows socket registration
- Packets should now be received on server sockets
- Test demonstrates two-instance handshake
- Fixed init_connections() to allow 0 connections for server-only mode
- All instances now require [server] section for bind socket
- Added test configs demonstrating server-only and client-with-server patterns
- Created run_two_instance_test.sh for manual handshake testing
- test_etcp_connection_full.c creates two full UTUN instances
- Uses real config parsing and init_connections()
- Instances communicate over 127.0.0.1:9001
- Test validates complete handshake process
- Fixed header includes (ll_queue.h, u_async.h, tinycrypt paths)
- Updated Makefile.am with proper CFLAGS and all dependencies
- Test compiles and runs successfully
- Added connection state tracking (initialized, init_timer, timeout, retry_count)
- Implemented etcp_link_send_init() with proper packet formatting
- Configured retry timeouts (initial 50ms, double every 10, max 5000ms)
- Auto-start connection establishment for client links in etcp_link_new()
- Implemented etcp_connections_send() with connection initiation logic
- Created test_etcp_connection_init.c for testing handshake process
- Добавлен AGENTS.md - руководство для AI агентов разработки
- Рефакторинг etcp: упрощен etcp_connection_create через etcp_conn_reset
- Обновлены etcp_connections: улучшена работа с каналами
- Обновлен routing: оптимизация таблиц маршрутизации
- Обновлен tun_if: улучшена работа с TUN/TAP интерфейсом
- Обновлен utun_instance: улучшено управление экземплярами
- Обновлен test_routing_full: расширено тестирование
- Добавлено больше документации и комментариев
- Добавлен шаблон конфигурации src/utun.conf
Evgeny