GNUnet  0.10.x
Data Structures | Macros | Functions | Variables
gnunet-daemon-exit.c File Reference

tool to allow IP traffic exit from the GNUnet cadet to the Internet More...

#include "platform.h"
#include "gnunet_util_lib.h"
#include "gnunet_protocols.h"
#include "gnunet_applications.h"
#include "gnunet_dht_service.h"
#include "gnunet_cadet_service.h"
#include "gnunet_dnsparser_lib.h"
#include "gnunet_dnsstub_lib.h"
#include "gnunet_statistics_service.h"
#include "gnunet_constants.h"
#include "gnunet_signatures.h"
#include "gnunet_tun_lib.h"
#include "gnunet_regex_service.h"
#include "exit.h"
#include "block_dns.h"
Include dependency graph for gnunet-daemon-exit.c:

Go to the source code of this file.

Data Structures

struct  SocketAddress
 Information about an address. More...
 
struct  LocalService
 This struct is saved into the services-hashmap to represent a service this peer is specifically offering an exit for (for a specific domain name). More...
 
struct  RedirectInformation
 Information we use to track a connection (the classical 6-tuple of IP-version, protocol, source-IP, destination-IP, source-port and destinatin-port. More...
 
struct  ChannelState
 This struct is saved into connections_map to allow finding the right channel given an IP packet from TUN. More...
 
struct  DnsResponseMessage
 Message with a DNS response. More...
 

Macros

#define REGEX_MAX_PATH_LEN_IPV4   4
 Maximum path compression length for cadet regex announcing for IPv4 address based regex. More...
 
#define REGEX_MAX_PATH_LEN_IPV6   8
 Maximum path compression length for cadet regex announcing for IPv6 address based regex. More...
 
#define REGEX_REFRESH_FREQUENCY   GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MINUTES, 30)
 How frequently do we re-announce the regex for the exit? More...
 
#define DHT_PUT_FREQUENCY   GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MINUTES, 15)
 How frequently do we re-announce the DNS exit in the DHT? More...
 
#define DNS_ADVERTISEMENT_TIMEOUT   GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_HOURS, 3)
 How long do we typically sign the DNS exit advertisement for? More...
 
#define LOG(kind, ...)   GNUNET_log_from (kind, "exit", __VA_ARGS__);
 Generic logging shorthand. More...
 

Functions

static GNUNET_NETWORK_STRUCT_END void process_dns_result (void *cls, const struct GNUNET_TUN_DnsHeader *dns, size_t r)
 Callback called from DNSSTUB resolver when a resolution succeeded. More...
 
static int check_dns_request (void *cls, const struct DnsResponseMessage *msg)
 Check a request via cadet to perform a DNS query. More...
 
static void handle_dns_request (void *cls, const struct DnsResponseMessage *msg)
 Process a request via cadet to perform a DNS query. More...
 
static void hash_redirect_info (struct GNUNET_HashCode *hash, const struct RedirectInformation *ri)
 Given IP information about a connection, calculate the respective hash we would use for the connections_map. More...
 
static struct ChannelStateget_redirect_state (int af, int protocol, const void *destination_ip, uint16_t destination_port, const void *local_ip, uint16_t local_port, struct GNUNET_HashCode *state_key)
 Get our connection tracking state. More...
 
static int check_tcp_service (void *cls, const struct GNUNET_EXIT_TcpServiceStartMessage *start)
 Check a request via cadet to send a request to a TCP service offered by this system. More...
 
static void prepare_ipv4_packet (const void *payload, size_t payload_length, int protocol, const struct GNUNET_TUN_TcpHeader *tcp_header, const struct SocketAddress *src_address, const struct SocketAddress *dst_address, struct GNUNET_TUN_IPv4Header *pkt4)
 Prepare an IPv4 packet for transmission via the TUN interface. More...
 
static void prepare_ipv6_packet (const void *payload, size_t payload_length, int protocol, const struct GNUNET_TUN_TcpHeader *tcp_header, const struct SocketAddress *src_address, const struct SocketAddress *dst_address, struct GNUNET_TUN_IPv6Header *pkt6)
 Prepare an IPv6 packet for transmission via the TUN interface. More...
 
static void send_tcp_packet_via_tun (const struct SocketAddress *destination_address, const struct SocketAddress *source_address, const struct GNUNET_TUN_TcpHeader *tcp_header, const void *payload, size_t payload_length)
 Send a TCP packet via the TUN interface. More...
 
static void send_icmp_packet_via_tun (const struct SocketAddress *destination_address, const struct SocketAddress *source_address, const struct GNUNET_TUN_IcmpHeader *icmp_header, const void *payload, size_t payload_length)
 Send an ICMP packet via the TUN interface. More...
 
static void setup_fresh_address (int af, uint8_t proto, struct SocketAddress *local_address)
 We need to create a (unique) fresh local address (IP+port). More...
 
static void setup_state_record (struct ChannelState *state)
 We are starting a fresh connection (TCP or UDP) and need to pick a source port and IP address (within the correct range and address family) to associate replies with the connection / correct cadet channel. More...
 
static void send_udp_packet_via_tun (const struct SocketAddress *destination_address, const struct SocketAddress *source_address, const void *payload, size_t payload_length)
 Send a UDP packet via the TUN interface. More...
 
static int check_udp_remote (void *cls, const struct GNUNET_EXIT_UdpInternetMessage *msg)
 Check a request to forward UDP data to the Internet via this peer. More...
 
static void handle_udp_remote (void *cls, const struct GNUNET_EXIT_UdpInternetMessage *msg)
 Process a request to forward UDP data to the Internet via this peer. More...
 
static int check_udp_service (void *cls, const struct GNUNET_EXIT_UdpServiceMessage *msg)
 Check a request via cadet to send a request to a UDP service offered by this system. More...
 
static void handle_udp_service (void *cls, const struct GNUNET_EXIT_UdpServiceMessage *msg)
 Process a request via cadet to send a request to a UDP service offered by this system. More...
 
static void handle_tcp_service (void *cls, const struct GNUNET_EXIT_TcpServiceStartMessage *start)
 Process a request via cadet to send a request to a TCP service offered by this system. More...
 
static int check_tcp_remote (void *cls, const struct GNUNET_EXIT_TcpInternetStartMessage *start)
 Check a request to forward TCP data to the Internet via this peer. More...
 
static void handle_tcp_remote (void *cls, const struct GNUNET_EXIT_TcpInternetStartMessage *start)
 Process a request to forward TCP data to the Internet via this peer. More...
 
static int check_tcp_data (void *cls, const struct GNUNET_EXIT_TcpDataMessage *data)
 Check a request to forward TCP data on an established connection via this peer. More...
 
static void handle_tcp_data (void *cls, const struct GNUNET_EXIT_TcpDataMessage *data)
 Process a request to forward TCP data on an established connection via this peer. More...
 
static void make_up_icmpv4_payload (struct ChannelState *state, struct GNUNET_TUN_IPv4Header *ipp, struct GNUNET_TUN_UdpHeader *udp)
 Synthesize a plausible ICMP payload for an ICMPv4 error response on the given channel. More...
 
static void make_up_icmpv6_payload (struct ChannelState *state, struct GNUNET_TUN_IPv6Header *ipp, struct GNUNET_TUN_UdpHeader *udp)
 Synthesize a plausible ICMP payload for an ICMPv6 error response on the given channel. More...
 
static int check_icmp_remote (void *cls, const struct GNUNET_EXIT_IcmpInternetMessage *msg)
 Check a request to forward ICMP data to the Internet via this peer. More...
 
static void handle_icmp_remote (void *cls, const struct GNUNET_EXIT_IcmpInternetMessage *msg)
 Process a request to forward ICMP data to the Internet via this peer. More...
 
static uint16_t make_up_icmp_service_payload (struct ChannelState *state, char *buf)
 Setup ICMP payload for ICMP error messages. More...
 
static int check_icmp_service (void *cls, const struct GNUNET_EXIT_IcmpServiceMessage *msg)
 Check a request via cadet to send ICMP data to a service offered by this system. More...
 
static void handle_icmp_service (void *cls, const struct GNUNET_EXIT_IcmpServiceMessage *msg)
 Process a request via cadet to send ICMP data to a service offered by this system. More...
 
static int free_service_record (void *cls, const struct GNUNET_HashCode *key, void *value)
 Free memory associated with a service record. More...
 
static void * new_service_channel (void *cls, struct GNUNET_CADET_Channel *channel, const struct GNUNET_PeerIdentity *initiator)
 Callback from CADET for new channels. More...
 
static void clean_channel (void *cls, const struct GNUNET_CADET_Channel *channel)
 Function called by cadet whenever an inbound channel is destroyed. More...
 
static void store_service (int proto, const char *name, uint16_t destination_port, struct LocalService *service)
 Given a service descriptor and a destination port, find the respective service entry. More...
 
static void send_packet_to_cadet_channel (struct ChannelState *s, struct GNUNET_MQ_Envelope *env)
 Send the given packet via the cadet channel. More...
 
static void icmp_from_helper (const struct GNUNET_TUN_IcmpHeader *icmp, size_t pktlen, int af, const void *destination_ip, const void *source_ip)
 Handles an ICMP packet received from the helper. More...
 
static void udp_from_helper (const struct GNUNET_TUN_UdpHeader *udp, size_t pktlen, int af, const void *destination_ip, const void *source_ip)
 Handles an UDP packet received from the helper. More...
 
static void tcp_from_helper (const struct GNUNET_TUN_TcpHeader *tcp, size_t pktlen, int af, const void *destination_ip, const void *source_ip)
 Handles a TCP packet received from the helper. More...
 
static int message_token (void *cls, const struct GNUNET_MessageHeader *message)
 Receive packets from the helper-process. More...
 
static void * new_channel (void *cls, struct GNUNET_CADET_Channel *channel, const struct GNUNET_PeerIdentity *initiator)
 Callback from CADET for new channels. More...
 
static int free_iterate (void *cls, const struct GNUNET_HashCode *hash, void *value)
 Function that frees everything from a hashmap. More...
 
static void dummy_task (void *cls)
 Function scheduled as very last function if the service disabled itself because the helper is not installed properly. More...
 
static void cleanup (void *cls)
 Function scheduled as very last function, cleans up after us. More...
 
static void add_services (int proto, char *cpy, const char *name)
 Add services to the service map. More...
 
static void read_service_conf (void *cls, const char *section)
 Reads the configuration and populates #udp_services and #tcp_services. More...
 
static void do_dht_put (void *cls)
 We are running a DNS exit service, advertise it in the DHT. More...
 
static void dht_put_cont (void *cls)
 Function called when the DHT PUT operation is complete. More...
 
static void parse_ip_options ()
 Figure out which IP versions we should support (and which are supported by the OS) according to our configuration. More...
 
static void advertise_dns_exit ()
 Helper function to open the CADET port for DNS exits and to advertise the DNS exit (if applicable). More...
 
static int setup_exit_helper_args ()
 Initialize exit_argv. More...
 
static void run (void *cls, char *const *args, const char *cfgfile, const struct GNUNET_CONFIGURATION_Handle *cfg_)
 Main function that will be run by the scheduler. More...
 
int main (int argc, char *const *argv)
 The main function. More...
 

Variables

static int global_ret
 Return value from 'main'. More...
 
static struct GNUNET_REGEX_Announcementregex4
 Handle to our regex announcement for IPv4. More...
 
static struct GNUNET_REGEX_Announcementregex6
 Handle to our regex announcement for IPv4. More...
 
static const struct GNUNET_CONFIGURATION_Handlecfg
 The handle to the configuration used throughout the process. More...
 
static struct GNUNET_HELPER_Handlehelper_handle
 The handle to the helper. More...
 
static char * exit_argv [8]
 Arguments to the exit helper. More...
 
static struct in6_addr exit_ipv6addr
 IPv6 address of our TUN interface. More...
 
static unsigned long long ipv6prefix
 IPv6 prefix (0..127) from configuration file. More...
 
static struct in_addr exit_ipv4addr
 IPv4 address of our TUN interface. More...
 
static struct in_addr exit_ipv4mask
 IPv4 netmask of our TUN interface. More...
 
static struct GNUNET_STATISTICS_Handlestats
 Statistics. More...
 
static struct GNUNET_CADET_Handlecadet_handle
 The handle to cadet. More...
 
static struct GNUNET_CONTAINER_MultiHashMapconnections_map
 This hashmaps contains the mapping from peer, service-descriptor, source-port and destination-port to a struct ChannelState. More...
 
static struct GNUNET_CONTAINER_Heapconnections_heap
 Heap so we can quickly find "old" connections. More...
 
static unsigned long long max_connections
 If there are at least this many connections, old ones will be removed. More...
 
static struct GNUNET_CONTAINER_MultiHashMapservices
 This hashmaps saves interesting things about the configured services. More...
 
static struct ChannelStatechannels [UINT16_MAX+1]
 Array of all open DNS requests from channels. More...
 
static struct GNUNET_DNSSTUB_Contextdnsstub
 Handle to the DNS Stub resolver. More...
 
static struct GNUNET_DHT_PutHandledht_put
 Handle for ongoing DHT PUT operations to advertise exit service. More...
 
static struct GNUNET_DHT_Handledht
 Handle to the DHT. More...
 
static struct GNUNET_SCHEDULER_Taskdht_task
 Task for doing DHT PUTs to advertise exit service. More...
 
static struct GNUNET_DNS_Advertisement dns_advertisement
 Advertisement message we put into the DHT to advertise us as a DNS exit. More...
 
static struct GNUNET_HashCode dht_put_key
 Key we store the DNS advertismenet under. More...
 
static struct GNUNET_CRYPTO_EddsaPrivateKeypeer_key
 Private key for this peer. More...
 
static struct GNUNET_CADET_Portdns_port
 Port for DNS exit. More...
 
static struct GNUNET_CADET_Portcadet_port4
 Port for IPv4 exit. More...
 
static struct GNUNET_CADET_Portcadet_port6
 Port for IPv6 exit. More...
 
static int ipv4_exit
 Are we an IPv4-exit? More...
 
static int ipv6_exit
 Are we an IPv6-exit? More...
 
static int ipv4_enabled
 Do we support IPv4 at all on the TUN interface? More...
 
static int ipv6_enabled
 Do we support IPv6 at all on the TUN interface? More...
 

Detailed Description

tool to allow IP traffic exit from the GNUnet cadet to the Internet

Author
Philipp Toelke
Christian Grothoff

TODO:

Design:

Definition in file gnunet-daemon-exit.c.

Macro Definition Documentation

◆ REGEX_MAX_PATH_LEN_IPV4

#define REGEX_MAX_PATH_LEN_IPV4   4

Maximum path compression length for cadet regex announcing for IPv4 address based regex.

Definition at line 58 of file gnunet-daemon-exit.c.

Referenced by run().

◆ REGEX_MAX_PATH_LEN_IPV6

#define REGEX_MAX_PATH_LEN_IPV6   8

Maximum path compression length for cadet regex announcing for IPv6 address based regex.

Definition at line 64 of file gnunet-daemon-exit.c.

Referenced by run().

◆ REGEX_REFRESH_FREQUENCY

#define REGEX_REFRESH_FREQUENCY   GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MINUTES, 30)

How frequently do we re-announce the regex for the exit?

Definition at line 69 of file gnunet-daemon-exit.c.

Referenced by run().

◆ DHT_PUT_FREQUENCY

#define DHT_PUT_FREQUENCY   GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MINUTES, 15)

How frequently do we re-announce the DNS exit in the DHT?

Definition at line 74 of file gnunet-daemon-exit.c.

Referenced by do_dht_put().

◆ DNS_ADVERTISEMENT_TIMEOUT

#define DNS_ADVERTISEMENT_TIMEOUT   GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_HOURS, 3)

How long do we typically sign the DNS exit advertisement for?

Definition at line 79 of file gnunet-daemon-exit.c.

Referenced by do_dht_put().

◆ LOG

#define LOG (   kind,
  ... 
)    GNUNET_log_from (kind, "exit", __VA_ARGS__);

Generic logging shorthand.

Definition at line 85 of file gnunet-daemon-exit.c.

Referenced by clean_channel(), handle_udp_service(), and process_dns_result().

Function Documentation

◆ process_dns_result()

static GNUNET_NETWORK_STRUCT_END void process_dns_result ( void *  cls,
const struct GNUNET_TUN_DnsHeader dns,
size_t  r 
)
static

Callback called from DNSSTUB resolver when a resolution succeeded.

Parameters
clsNULL
dnsthe response itself
rnumber of bytes in dns

Definition at line 465 of file gnunet-daemon-exit.c.

References ChannelState::channel, DnsResponseMessage::dns, ChannelState::dns, env, GNUNET_assert, GNUNET_CADET_get_mq(), GNUNET_ERROR_TYPE_DEBUG, GNUNET_log, GNUNET_memcpy, GNUNET_MESSAGE_TYPE_VPN_DNS_FROM_INTERNET, GNUNET_MQ_msg_extra, GNUNET_MQ_send(), GNUNET_TUN_DnsHeader::id, LOG, and ChannelState::specifics.

Referenced by handle_dns_request().

468 {
469  struct ChannelState *ts;
470  struct GNUNET_MQ_Envelope *env;
471  struct DnsResponseMessage *resp;
472 
474  "Processing DNS result from stub resolver\n");
475  GNUNET_assert (NULL == cls);
476  if (NULL == dns)
477  return;
478  /* Handle case that this is a reply to a request from a CADET DNS channel */
479  ts = channels[dns->id];
480  if (NULL == ts)
481  return;
483  "Got a response from the stub resolver for DNS request received via CADET!\n");
484  channels[dns->id] = NULL;
485  env = GNUNET_MQ_msg_extra (resp,
486  r - sizeof (struct GNUNET_TUN_DnsHeader),
488  GNUNET_memcpy (&resp->dns,
489  dns,
490  r);
491  resp->dns.id = ts->specifics.dns.original_id;
493  env);
494 }
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
struct ChannelState::@13::@15 dns
#define GNUNET_MESSAGE_TYPE_VPN_DNS_FROM_INTERNET
Type of messages containing an DNS reply from a DNS exit service.
#define LOG(kind,...)
Generic logging shorthand.
uint16_t id
Unique identifier for the request/response.
#define GNUNET_MQ_msg_extra(mvar, esize, type)
Allocate an envelope, with extra space allocated after the space needed by the message struct...
Definition: gnunet_mq_lib.h:52
#define GNUNET_memcpy(dst, src, n)
struct GNUNET_CADET_Channel * channel
Cadet channel that is used for this connection.
struct GNUNET_MQ_Envelope * env
Definition: 005.c:1
struct GNUNET_TUN_DnsHeader dns
DNS header.
Message with a DNS response.
#define GNUNET_log(kind,...)
union ChannelState::@13 specifics
This struct is saved into connections_map to allow finding the right channel given an IP packet from ...
void GNUNET_MQ_send(struct GNUNET_MQ_Handle *mq, struct GNUNET_MQ_Envelope *ev)
Send a message with the given message queue.
Definition: mq.c:353
static struct ChannelState * channels[UINT16_MAX+1]
Array of all open DNS requests from channels.
struct GNUNET_MQ_Handle * GNUNET_CADET_get_mq(const struct GNUNET_CADET_Channel *channel)
Obtain the message queue for a connected peer.
Definition: cadet_api.c:1121
Here is the call graph for this function:
Here is the caller graph for this function:

◆ check_dns_request()

static int check_dns_request ( void *  cls,
const struct DnsResponseMessage msg 
)
static

Check a request via cadet to perform a DNS query.

Parameters
clsour struct ChannelState *
msgthe actual message
Returns
GNUNET_OK to keep the connection open, GNUNET_SYSERR to close it (signal serious error)

Definition at line 506 of file gnunet-daemon-exit.c.

References GNUNET_break, GNUNET_break_op, GNUNET_NO, GNUNET_OK, GNUNET_SYSERR, and ChannelState::is_dns.

508 {
509  struct ChannelState *ts = cls;
510 
511  if (NULL == dnsstub)
512  {
513  GNUNET_break (0);
514  return GNUNET_SYSERR;
515  }
516  if (GNUNET_NO == ts->is_dns)
517  {
518  GNUNET_break_op (0);
519  return GNUNET_SYSERR;
520  }
521  return GNUNET_OK;
522 }
#define GNUNET_NO
Definition: gnunet_common.h:81
#define GNUNET_OK
Named constants for return values.
Definition: gnunet_common.h:78
#define GNUNET_break(cond)
Use this for internal assertion violations that are not fatal (can be handled) but should not occur...
static struct GNUNET_DNSSTUB_Context * dnsstub
Handle to the DNS Stub resolver.
#define GNUNET_break_op(cond)
Use this for assertion violations caused by other peers (i.e.
#define GNUNET_SYSERR
Definition: gnunet_common.h:79
int is_dns
GNUNET_NO if this is a channel for TCP/UDP, GNUNET_YES if this is a channel for DNS, GNUNET_SYSERR if the channel is not yet initialized.
This struct is saved into connections_map to allow finding the right channel given an IP packet from ...

◆ handle_dns_request()

static void handle_dns_request ( void *  cls,
const struct DnsResponseMessage msg 
)
static

Process a request via cadet to perform a DNS query.

Parameters
clsour struct ChannelState *
msgthe actual message

Definition at line 532 of file gnunet-daemon-exit.c.

References buf, ChannelState::channel, DnsResponseMessage::dns, ChannelState::dns, GNUNET_ALIGN, GNUNET_break_op, GNUNET_CADET_receive_done(), GNUNET_CRYPTO_QUALITY_WEAK, GNUNET_CRYPTO_random_u32(), GNUNET_DNSSTUB_resolve(), GNUNET_memcpy, GNUNET_SYSERR, GNUNET_YES, DnsResponseMessage::header, GNUNET_TUN_DnsHeader::id, ChannelState::is_dns, process_dns_result(), GNUNET_MessageHeader::size, and ChannelState::specifics.

534 {
535  struct ChannelState *ts = cls;
536  size_t mlen = ntohs (msg->header.size);
537  size_t dlen = mlen - sizeof (struct GNUNET_MessageHeader);
538  char buf[dlen] GNUNET_ALIGN;
539  struct GNUNET_TUN_DnsHeader *dout;
540 
541  if (GNUNET_SYSERR == ts->is_dns)
542  {
543  /* channel is DNS from now on */
544  ts->is_dns = GNUNET_YES;
545  }
546  ts->specifics.dns.original_id = msg->dns.id;
547  if (channels[ts->specifics.dns.my_id] == ts)
548  channels[ts->specifics.dns.my_id] = NULL;
550  UINT16_MAX + 1);
551  channels[ts->specifics.dns.my_id] = ts;
553  &msg->dns,
554  dlen);
555  dout = (struct GNUNET_TUN_DnsHeader *) buf;
556  dout->id = ts->specifics.dns.my_id;
558  buf,
559  dlen,
561  NULL);
562  if (NULL == ts->specifics.dns.rs)
563  {
564  GNUNET_break_op (0);
565  return;
566  }
568 }
uint32_t GNUNET_CRYPTO_random_u32(enum GNUNET_CRYPTO_Quality mode, uint32_t i)
Produce a random value.
struct GNUNET_MessageHeader header
GNUnet header, of type GNUNET_MESSAGE_TYPE_VPN_DNS_FROM_INTERNET.
struct ChannelState::@13::@15 dns
uint16_t size
The length of the struct (in bytes, including the length field itself), in big-endian format...
uint16_t id
Unique identifier for the request/response.
#define GNUNET_memcpy(dst, src, n)
static struct GNUNET_DNSSTUB_Context * dnsstub
Handle to the DNS Stub resolver.
#define GNUNET_break_op(cond)
Use this for assertion violations caused by other peers (i.e.
static char buf[2048]
struct GNUNET_CADET_Channel * channel
Cadet channel that is used for this connection.
struct GNUNET_DNSSTUB_RequestSocket * GNUNET_DNSSTUB_resolve(struct GNUNET_DNSSTUB_Context *ctx, const void *request, size_t request_len, GNUNET_DNSSTUB_ResultCallback rc, void *rc_cls)
Perform DNS resolution using our default IP from init.
Definition: dnsstub.c:533
#define GNUNET_SYSERR
Definition: gnunet_common.h:79
struct GNUNET_TUN_DnsHeader dns
DNS header.
void GNUNET_CADET_receive_done(struct GNUNET_CADET_Channel *channel)
Send an ack on the channel to confirm the processing of a message.
Definition: cadet_api.c:955
#define GNUNET_ALIGN
gcc-ism to force alignment; we use this to align char-arrays that may then be cast to 'struct's...
int is_dns
GNUNET_NO if this is a channel for TCP/UDP, GNUNET_YES if this is a channel for DNS, GNUNET_SYSERR if the channel is not yet initialized.
union ChannelState::@13 specifics
Header for all communications.
This struct is saved into connections_map to allow finding the right channel given an IP packet from ...
#define GNUNET_YES
Definition: gnunet_common.h:80
static struct ChannelState * channels[UINT16_MAX+1]
Array of all open DNS requests from channels.
No good quality of the operation is needed (i.e., random numbers can be pseudo-random).
static GNUNET_NETWORK_STRUCT_END void process_dns_result(void *cls, const struct GNUNET_TUN_DnsHeader *dns, size_t r)
Callback called from DNSSTUB resolver when a resolution succeeded.
Here is the call graph for this function:

◆ hash_redirect_info()

static void hash_redirect_info ( struct GNUNET_HashCode hash,
const struct RedirectInformation ri 
)
static

Given IP information about a connection, calculate the respective hash we would use for the connections_map.

Parameters
hashresulting hash
riinformation about the connection

Definition at line 579 of file gnunet-daemon-exit.c.

References SocketAddress::address, SocketAddress::af, GNUNET_assert, GNUNET_memcpy, SocketAddress::ipv4, SocketAddress::ipv6, RedirectInformation::local_address, SocketAddress::port, SocketAddress::proto, and RedirectInformation::remote_address.

Referenced by get_redirect_state().

581 {
582  char *off;
583 
584  memset (hash,
585  0,
586  sizeof (struct GNUNET_HashCode));
587  /* the GNUnet hashmap only uses the first sizeof(unsigned int) of the hash,
588  so we put the IP address in there (and hope for few collisions) */
589  off = (char*) hash;
590  switch (ri->remote_address.af)
591  {
592  case AF_INET:
593  GNUNET_memcpy (off,
595  sizeof (struct in_addr));
596  off += sizeof (struct in_addr);
597  break;
598  case AF_INET6:
599  GNUNET_memcpy (off,
601  sizeof (struct in6_addr));
602  off += sizeof (struct in_addr);
603  break;
604  default:
605  GNUNET_assert (0);
606  }
607  GNUNET_memcpy (off,
608  &ri->remote_address.port,
609  sizeof (uint16_t));
610  off += sizeof (uint16_t);
611  switch (ri->local_address.af)
612  {
613  case AF_INET:
614  GNUNET_memcpy (off,
616  sizeof (struct in_addr));
617  off += sizeof (struct in_addr);
618  break;
619  case AF_INET6:
620  GNUNET_memcpy (off,
622  sizeof (struct in6_addr));
623  off += sizeof (struct in_addr);
624  break;
625  default:
626  GNUNET_assert (0);
627  }
628  GNUNET_memcpy (off,
629  &ri->local_address.port,
630  sizeof (uint16_t));
631  off += sizeof (uint16_t);
632  GNUNET_memcpy (off,
633  &ri->remote_address.proto,
634  sizeof (uint8_t));
635  /* off += sizeof (uint8_t); */
636 }
struct in6_addr ipv6
Address, if af is AF_INET6.
union SocketAddress::@12 address
Remote address information.
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
struct in_addr ipv4
Address, if af is AF_INET.
#define GNUNET_memcpy(dst, src, n)
struct SocketAddress local_address
Address information we used locally (AF and proto must match "remote_address").
A 512-bit hashcode.
uint8_t proto
IPPROTO_TCP or IPPROTO_UDP;.
struct SocketAddress remote_address
Address information for the other party (equivalent of the arguments one would give to "connect")...
int af
AF_INET or AF_INET6.
uint16_t port
Remote port, in host byte order!
Here is the caller graph for this function:

◆ get_redirect_state()

static struct ChannelState* get_redirect_state ( int  af,
int  protocol,
const void *  destination_ip,
uint16_t  destination_port,
const void *  local_ip,
uint16_t  local_port,
struct GNUNET_HashCode state_key 
)
static

Get our connection tracking state.

Warns if it does not exists, refreshes the timestamp if it does exist.

Parameters
afaddress family
protocolIPPROTO_UDP or IPPROTO_TCP
destination_iptarget IP
destination_porttarget port
local_iplocal IP
local_portlocal port
state_keyset to hash's state if non-NULL
Returns
NULL if we have no tracking information for this tuple

Definition at line 653 of file gnunet-daemon-exit.c.

References SocketAddress::address, SocketAddress::af, GNUNET_CONTAINER_heap_update_cost(), GNUNET_CONTAINER_multihashmap_get(), GNUNET_TIME_absolute_get(), hash_redirect_info(), SocketAddress::ipv4, SocketAddress::ipv6, key, RedirectInformation::local_address, SocketAddress::port, SocketAddress::proto, RedirectInformation::remote_address, ChannelState::specifics, state, and ChannelState::tcp_udp.

Referenced by icmp_from_helper(), setup_state_record(), tcp_from_helper(), and udp_from_helper().

660 {
661  struct RedirectInformation ri;
662  struct GNUNET_HashCode key;
663  struct ChannelState *state;
664 
665  if ( ( (af == AF_INET) && (protocol == IPPROTO_ICMP) ) ||
666  ( (af == AF_INET6) && (protocol == IPPROTO_ICMPV6) ) )
667  {
668  /* ignore ports */
669  destination_port = 0;
670  local_port = 0;
671  }
673  if (af == AF_INET)
674  ri.remote_address.address.ipv4 = *((struct in_addr*) destination_ip);
675  else
676  ri.remote_address.address.ipv6 = * ((struct in6_addr*) destination_ip);
677  ri.remote_address.port = destination_port;
678  ri.remote_address.proto = protocol;
679  ri.local_address.af = af;
680  if (af == AF_INET)
681  ri.local_address.address.ipv4 = *((struct in_addr*) local_ip);
682  else
683  ri.local_address.address.ipv6 = * ((struct in6_addr*) local_ip);
684  ri.local_address.port = local_port;
685  ri.local_address.proto = protocol;
687  &ri);
688  if (NULL != state_key)
689  *state_key = key;
691  &key);
692  if (NULL == state)
693  return NULL;
694  /* Mark this connection as freshly used */
695  if (NULL == state_key)
697  GNUNET_TIME_absolute_get ().abs_value_us);
698  return state;
699 }
void GNUNET_CONTAINER_heap_update_cost(struct GNUNET_CONTAINER_HeapNode *node, GNUNET_CONTAINER_HeapCostType new_cost)
Updates the cost of any node in the tree.
union SocketAddress::@12 address
Remote address information.
uint8_t protocol
IPPROTO_TCP or IPPROTO_UDP once bound.
static void hash_redirect_info(struct GNUNET_HashCode *hash, const struct RedirectInformation *ri)
Given IP information about a connection, calculate the respective hash we would use for the connectio...
struct in_addr ipv4
Address, if af is AF_INET.
struct RedirectInformation ri
Primary redirection information for this connection.
void * GNUNET_CONTAINER_multihashmap_get(const struct GNUNET_CONTAINER_MultiHashMap *map, const struct GNUNET_HashCode *key)
Given a key find a value in the map matching the key.
enum State state
current state of profiling
int af
Addess family used for this channel on the local TUN interface.
A 512-bit hashcode.
struct GNUNET_TIME_Absolute GNUNET_TIME_absolute_get(void)
Get the current time.
Definition: time.c:118
struct GNUNET_HashCode key
The key used in the DHT.
struct SocketAddress remote_address
Address information for the other party (equivalent of the arguments one would give to "connect")...
int af
AF_INET or AF_INET6.
Information we use to track a connection (the classical 6-tuple of IP-version, protocol, source-IP, destination-IP, source-port and destinatin-port.
uint16_t destination_port
Destination port used by the sender on our end; 0 for uninitialized.
union ChannelState::@13 specifics
This struct is saved into connections_map to allow finding the right channel given an IP packet from ...
static struct GNUNET_CONTAINER_MultiHashMap * connections_map
This hashmaps contains the mapping from peer, service-descriptor, source-port and destination-port to...
struct ChannelState::@13::@14 tcp_udp
Here is the call graph for this function:
Here is the caller graph for this function:

◆ check_tcp_service()

static int check_tcp_service ( void *  cls,
const struct GNUNET_EXIT_TcpServiceStartMessage start 
)
static

Check a request via cadet to send a request to a TCP service offered by this system.

Parameters
clsour struct ChannelState *
startthe actual message
Returns
GNUNET_OK to keep the connection open, GNUNET_SYSERR to close it (signal serious error)

Definition at line 713 of file gnunet-daemon-exit.c.

References GNUNET_break_op, GNUNET_OK, GNUNET_SYSERR, GNUNET_YES, ChannelState::is_dns, GNUNET_TUN_TcpHeader::off, ChannelState::specifics, state, GNUNET_EXIT_TcpServiceStartMessage::tcp_header, and ChannelState::tcp_udp.

715 {
716  struct ChannelState *state = cls;
717 
718  if (NULL == state)
719  {
720  GNUNET_break_op (0);
721  return GNUNET_SYSERR;
722  }
723  if (GNUNET_YES == state->is_dns)
724  {
725  GNUNET_break_op (0);
726  return GNUNET_SYSERR;
727  }
728  if (NULL == state->specifics.tcp_udp.serv)
729  {
730  GNUNET_break_op (0);
731  return GNUNET_SYSERR;
732  }
733  if (NULL != state->specifics.tcp_udp.heap_node)
734  {
735  GNUNET_break_op (0);
736  return GNUNET_SYSERR;
737  }
738  if (start->tcp_header.off * 4 < sizeof (struct GNUNET_TUN_TcpHeader))
739  {
740  GNUNET_break_op (0);
741  return GNUNET_SYSERR;
742  }
743  return GNUNET_OK;
744 }
#define GNUNET_OK
Named constants for return values.
Definition: gnunet_common.h:78
struct GNUNET_TUN_TcpHeader tcp_header
Skeleton of the TCP header to send.
Definition: exit.h:53
enum State state
current state of profiling
#define GNUNET_break_op(cond)
Use this for assertion violations caused by other peers (i.e.
#define GNUNET_SYSERR
Definition: gnunet_common.h:79
TCP packet header.
int is_dns
GNUNET_NO if this is a channel for TCP/UDP, GNUNET_YES if this is a channel for DNS, GNUNET_SYSERR if the channel is not yet initialized.
union ChannelState::@13 specifics
This struct is saved into connections_map to allow finding the right channel given an IP packet from ...
#define GNUNET_YES
Definition: gnunet_common.h:80
unsigned int off
Number of 32-bit words in TCP header.
struct ChannelState::@13::@14 tcp_udp

◆ prepare_ipv4_packet()

static void prepare_ipv4_packet ( const void *  payload,
size_t  payload_length,
int  protocol,
const struct GNUNET_TUN_TcpHeader tcp_header,
const struct SocketAddress src_address,
const struct SocketAddress dst_address,
struct GNUNET_TUN_IPv4Header pkt4 
)
static

Prepare an IPv4 packet for transmission via the TUN interface.

Initializes the IP header and calculates checksums (IP+UDP/TCP). For UDP, the UDP header will be fully created, whereas for TCP only the ports and checksum will be filled in. So for TCP, a skeleton TCP header must be part of the provided payload.

Parameters
payloadpayload of the packet (starting with UDP payload or TCP header, depending on protocol)
payload_lengthnumber of bytes in payload
protocolIPPROTO_UDP or IPPROTO_TCP
tcp_headerskeleton of the TCP header, NULL for UDP
src_addresssource address to use (IP and port)
dst_addressdestination address to use (IP and port)
pkt4where to write the assembled packet; must contain enough space for the IP header, UDP/TCP header AND the payload

Definition at line 766 of file gnunet-daemon-exit.c.

References SocketAddress::address, GNUNET_TUN_TcpHeader::destination_port, GNUNET_TUN_UdpHeader::destination_port, GNUNET_assert, GNUNET_break, GNUNET_ERROR_TYPE_DEBUG, GNUNET_log, GNUNET_memcpy, GNUNET_TUN_calculate_tcp4_checksum(), GNUNET_TUN_calculate_udp4_checksum(), GNUNET_TUN_initialize_ipv4_header(), SocketAddress::ipv4, len, GNUNET_TUN_UdpHeader::len, SocketAddress::port, GNUNET_TUN_TcpHeader::source_port, and GNUNET_TUN_UdpHeader::source_port.

Referenced by send_tcp_packet_via_tun(), and send_udp_packet_via_tun().

773 {
774  size_t len;
775 
776  len = payload_length;
777  switch (protocol)
778  {
779  case IPPROTO_UDP:
780  len += sizeof (struct GNUNET_TUN_UdpHeader);
781  break;
782  case IPPROTO_TCP:
783  len += sizeof (struct GNUNET_TUN_TcpHeader);
784  GNUNET_assert (NULL != tcp_header);
785  break;
786  default:
787  GNUNET_break (0);
788  return;
789  }
790  if (len + sizeof (struct GNUNET_TUN_IPv4Header) > UINT16_MAX)
791  {
792  GNUNET_break (0);
793  return;
794  }
795 
797  protocol,
798  len,
799  &src_address->address.ipv4,
800  &dst_address->address.ipv4);
801  switch (protocol)
802  {
803  case IPPROTO_UDP:
804  {
805  struct GNUNET_TUN_UdpHeader *pkt4_udp = (struct GNUNET_TUN_UdpHeader *) &pkt4[1];
806 
807  pkt4_udp->source_port = htons (src_address->port);
808  pkt4_udp->destination_port = htons (dst_address->port);
809  pkt4_udp->len = htons ((uint16_t) payload_length);
811  pkt4_udp,
812  payload,
813  payload_length);
814  GNUNET_memcpy (&pkt4_udp[1],
815  payload,
816  payload_length);
817  }
818  break;
819  case IPPROTO_TCP:
820  {
821  struct GNUNET_TUN_TcpHeader *pkt4_tcp = (struct GNUNET_TUN_TcpHeader *) &pkt4[1];
822 
823  *pkt4_tcp = *tcp_header;
825  "Sending TCP packet from port %u to port %u\n",
826  src_address->port,
827  dst_address->port);
828  pkt4_tcp->source_port = htons (src_address->port);
829  pkt4_tcp->destination_port = htons (dst_address->port);
831  pkt4_tcp,
832  payload,
833  payload_length);
834  GNUNET_memcpy (&pkt4_tcp[1],
835  payload,
836  payload_length);
837  }
838  break;
839  default:
840  GNUNET_assert (0);
841  }
842 }
union SocketAddress::@12 address
Remote address information.
uint8_t protocol
IPPROTO_TCP or IPPROTO_UDP once bound.
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
struct in_addr ipv4
Address, if af is AF_INET.
UDP packet header.
Standard IPv4 header.
void GNUNET_TUN_calculate_udp4_checksum(const struct GNUNET_TUN_IPv4Header *ip, struct GNUNET_TUN_UdpHeader *udp, const void *payload, uint16_t payload_length)
Calculate IPv4 UDP checksum.
Definition: tun.c:183
uint16_t destination_port
Destination port (in NBO).
uint16_t len
Number of bytes of payload.
void GNUNET_TUN_initialize_ipv4_header(struct GNUNET_TUN_IPv4Header *ip, uint8_t protocol, uint16_t payload_length, const struct in_addr *src, const struct in_addr *dst)
Initialize an IPv4 header.
Definition: tun.c:46
#define GNUNET_break(cond)
Use this for internal assertion violations that are not fatal (can be handled) but should not occur...
#define GNUNET_memcpy(dst, src, n)
void GNUNET_TUN_calculate_tcp4_checksum(const struct GNUNET_TUN_IPv4Header *ip, struct GNUNET_TUN_TcpHeader *tcp, const void *payload, uint16_t payload_length)
Calculate IPv4 TCP checksum.
Definition: tun.c:109
uint16_t destination_port
Destination port (in NBO).
TCP packet header.
static unsigned long long payload
How much data are we currently storing in the database?
uint16_t source_port
Source port (in NBO).
uint16_t source_port
Source port (in NBO).
#define GNUNET_log(kind,...)
uint16_t port
Remote port, in host byte order!
uint16_t len
length of data (which is always a uint32_t, but presumably this can be used to specify that fewer byt...
Here is the call graph for this function:
Here is the caller graph for this function:

◆ prepare_ipv6_packet()

static void prepare_ipv6_packet ( const void *  payload,
size_t  payload_length,
int  protocol,
const struct GNUNET_TUN_TcpHeader tcp_header,
const struct SocketAddress src_address,
const struct SocketAddress dst_address,
struct GNUNET_TUN_IPv6Header pkt6 
)
static

Prepare an IPv6 packet for transmission via the TUN interface.

Initializes the IP header and calculates checksums (IP+UDP/TCP). For UDP, the UDP header will be fully created, whereas for TCP only the ports and checksum will be filled in. So for TCP, a skeleton TCP header must be part of the provided payload.

Parameters
payloadpayload of the packet (starting with UDP payload or TCP header, depending on protocol)
payload_lengthnumber of bytes in payload
protocolIPPROTO_UDP or IPPROTO_TCP
tcp_headerskeleton TCP header data to send, NULL for UDP
src_addresssource address to use (IP and port)
dst_addressdestination address to use (IP and port)
pkt6where to write the assembled packet; must contain enough space for the IP header, UDP/TCP header AND the payload

Definition at line 864 of file gnunet-daemon-exit.c.

References SocketAddress::address, GNUNET_TUN_TcpHeader::destination_port, GNUNET_TUN_UdpHeader::destination_port, GNUNET_assert, GNUNET_break, GNUNET_memcpy, GNUNET_TUN_calculate_tcp6_checksum(), GNUNET_TUN_calculate_udp6_checksum(), GNUNET_TUN_initialize_ipv6_header(), SocketAddress::ipv6, len, GNUNET_TUN_UdpHeader::len, SocketAddress::port, GNUNET_TUN_TcpHeader::source_port, and GNUNET_TUN_UdpHeader::source_port.

Referenced by send_tcp_packet_via_tun(), and send_udp_packet_via_tun().

871 {
872  size_t len;
873 
874  len = payload_length;
875  switch (protocol)
876  {
877  case IPPROTO_UDP:
878  len += sizeof (struct GNUNET_TUN_UdpHeader);
879  break;
880  case IPPROTO_TCP:
881  len += sizeof (struct GNUNET_TUN_TcpHeader);
882  break;
883  default:
884  GNUNET_break (0);
885  return;
886  }
887  if (len > UINT16_MAX)
888  {
889  GNUNET_break (0);
890  return;
891  }
892 
894  protocol,
895  len,
896  &src_address->address.ipv6,
897  &dst_address->address.ipv6);
898 
899  switch (protocol)
900  {
901  case IPPROTO_UDP:
902  {
903  struct GNUNET_TUN_UdpHeader *pkt6_udp = (struct GNUNET_TUN_UdpHeader *) &pkt6[1];
904 
905  pkt6_udp->source_port = htons (src_address->port);
906  pkt6_udp->destination_port = htons (dst_address->port);
907  pkt6_udp->len = htons ((uint16_t) payload_length);
909  pkt6_udp,
910  payload,
911  payload_length);
912  GNUNET_memcpy (&pkt6_udp[1],
913  payload,
914  payload_length);
915  }
916  break;
917  case IPPROTO_TCP:
918  {
919  struct GNUNET_TUN_TcpHeader *pkt6_tcp = (struct GNUNET_TUN_TcpHeader *) &pkt6[1];
920 
921  /* GNUNET_memcpy first here as some TCP header fields are initialized this way! */
922  *pkt6_tcp = *tcp_header;
923  pkt6_tcp->source_port = htons (src_address->port);
924  pkt6_tcp->destination_port = htons (dst_address->port);
926  pkt6_tcp,
927  payload,
928  payload_length);
929  GNUNET_memcpy (&pkt6_tcp[1],
930  payload,
931  payload_length);
932  }
933  break;
934  default:
935  GNUNET_assert (0);
936  break;
937  }
938 }
struct in6_addr ipv6
Address, if af is AF_INET6.
union SocketAddress::@12 address
Remote address information.
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
UDP packet header.
uint16_t destination_port
Destination port (in NBO).
uint16_t len
Number of bytes of payload.
void GNUNET_TUN_calculate_tcp6_checksum(const struct GNUNET_TUN_IPv6Header *ip, struct GNUNET_TUN_TcpHeader *tcp, const void *payload, uint16_t payload_length)
Calculate IPv6 TCP checksum.
Definition: tun.c:147
#define GNUNET_break(cond)
Use this for internal assertion violations that are not fatal (can be handled) but should not occur...
void GNUNET_TUN_calculate_udp6_checksum(const struct GNUNET_TUN_IPv6Header *ip, struct GNUNET_TUN_UdpHeader *udp, const void *payload, uint16_t payload_length)
Calculate IPv6 UDP checksum.
Definition: tun.c:222
#define GNUNET_memcpy(dst, src, n)
uint16_t destination_port
Destination port (in NBO).
TCP packet header.
static unsigned long long payload
How much data are we currently storing in the database?
uint16_t source_port
Source port (in NBO).
uint16_t source_port
Source port (in NBO).
uint16_t port
Remote port, in host byte order!
void GNUNET_TUN_initialize_ipv6_header(struct GNUNET_TUN_IPv6Header *ip, uint8_t protocol, uint16_t payload_length, const struct in6_addr *src, const struct in6_addr *dst)
Initialize an IPv6 header.
Definition: tun.c:81
uint16_t len
length of data (which is always a uint32_t, but presumably this can be used to specify that fewer byt...
Here is the call graph for this function:
Here is the caller graph for this function:

◆ send_tcp_packet_via_tun()

static void send_tcp_packet_via_tun ( const struct SocketAddress destination_address,
const struct SocketAddress source_address,
const struct GNUNET_TUN_TcpHeader tcp_header,
const void *  payload,
size_t  payload_length 
)
static

Send a TCP packet via the TUN interface.

Parameters
destination_addressIP and port to use for the TCP packet's destination
source_addressIP and port to use for the TCP packet's source
tcp_headerheader template to use
payloadpayload of the TCP packet
payload_lengthnumber of bytes in payload

Definition at line 951 of file gnunet-daemon-exit.c.

References SocketAddress::af, buf, ETH_P_IPV4, ETH_P_IPV6, GNUNET_TUN_Layer2PacketHeader::flags, gettext_noop, GNUNET_ALIGN, GNUNET_assert, GNUNET_break, GNUNET_ERROR_TYPE_DEBUG, GNUNET_HELPER_send(), GNUNET_log, GNUNET_MAX_MESSAGE_SIZE, GNUNET_MESSAGE_TYPE_VPN_HELPER, GNUNET_NO, GNUNET_STATISTICS_update(), GNUNET_YES, SocketAddress::ipv4, SocketAddress::ipv6, len, prepare_ipv4_packet(), prepare_ipv6_packet(), GNUNET_TUN_Layer2PacketHeader::proto, GNUNET_MessageHeader::size, and GNUNET_MessageHeader::type.

Referenced by handle_tcp_data(), handle_tcp_remote(), and handle_tcp_service().

956 {
957  size_t len;
958 
960  gettext_noop ("# TCP packets sent via TUN"),
961  1,
962  GNUNET_NO);
964  "Sending packet with %u bytes TCP payload via TUN\n",
965  (unsigned int) payload_length);
966  len = sizeof (struct GNUNET_MessageHeader) + sizeof (struct GNUNET_TUN_Layer2PacketHeader);
967  switch (source_address->af)
968  {
969  case AF_INET:
970  len += sizeof (struct GNUNET_TUN_IPv4Header);
971  break;
972  case AF_INET6:
973  len += sizeof (struct GNUNET_TUN_IPv6Header);
974  break;
975  default:
976  GNUNET_break (0);
977  return;
978  }
979  len += sizeof (struct GNUNET_TUN_TcpHeader);
980  len += payload_length;
981  if (len >= GNUNET_MAX_MESSAGE_SIZE)
982  {
983  GNUNET_break (0);
984  return;
985  }
986  {
987  char buf[len] GNUNET_ALIGN;
988  struct GNUNET_MessageHeader *hdr;
989  struct GNUNET_TUN_Layer2PacketHeader *tun;
990 
991  hdr = (struct GNUNET_MessageHeader *) buf;
992  hdr->type = htons (GNUNET_MESSAGE_TYPE_VPN_HELPER);
993  hdr->size = htons (len);
994  tun = (struct GNUNET_TUN_Layer2PacketHeader*) &hdr[1];
995  tun->flags = htons (0);
996  switch (source_address->af)
997  {
998  case AF_INET:
999  {
1000  struct GNUNET_TUN_IPv4Header *ipv4
1001  = (struct GNUNET_TUN_IPv4Header*) &tun[1];
1002 
1003  tun->proto = htons (ETH_P_IPV4);
1005  payload_length,
1006  IPPROTO_TCP,
1007  tcp_header,
1008  source_address,
1009  destination_address,
1010  ipv4);
1011  }
1012  break;
1013  case AF_INET6:
1014  {
1015  struct GNUNET_TUN_IPv6Header *ipv6
1016  = (struct GNUNET_TUN_IPv6Header*) &tun[1];
1017 
1018  tun->proto = htons (ETH_P_IPV6);
1021  IPPROTO_TCP,
1022  tcp_header,
1023  source_address,
1024  destination_address,
1025  ipv6);
1026  }
1027  break;
1028  default:
1029  GNUNET_assert (0);
1030  break;
1031  }
1032  if (NULL != helper_handle)
1034  (const struct GNUNET_MessageHeader*) buf,
1035  GNUNET_YES,
1036  NULL,
1037  NULL);
1038  }
1039 }
static struct GNUNET_HELPER_Handle * helper_handle
The handle to the helper.
uint16_t proto
Here we get an ETH_P_-number.
static int ipv4
Option -4: IPv4 requested.
Definition: gnunet-vpn.c:61
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
static void prepare_ipv6_packet(const void *payload, size_t payload_length, int protocol, const struct GNUNET_TUN_TcpHeader *tcp_header, const struct SocketAddress *src_address, const struct SocketAddress *dst_address, struct GNUNET_TUN_IPv6Header *pkt6)
Prepare an IPv6 packet for transmission via the TUN interface.
#define ETH_P_IPV6
Number for IPv6.
#define GNUNET_NO
Definition: gnunet_common.h:81
Standard IPv4 header.
uint16_t flags
Some flags (unused).
uint16_t size
The length of the struct (in bytes, including the length field itself), in big-endian format...
void GNUNET_STATISTICS_update(struct GNUNET_STATISTICS_Handle *handle, const char *name, int64_t delta, int make_persistent)
Set statistic value for the peer.
#define GNUNET_break(cond)
Use this for internal assertion violations that are not fatal (can be handled) but should not occur...
static void prepare_ipv4_packet(const void *payload, size_t payload_length, int protocol, const struct GNUNET_TUN_TcpHeader *tcp_header, const struct SocketAddress *src_address, const struct SocketAddress *dst_address, struct GNUNET_TUN_IPv4Header *pkt4)
Prepare an IPv4 packet for transmission via the TUN interface.
uint16_t type
The type of the message (GNUNET_MESSAGE_TYPE_XXXX), in big-endian format.
static char buf[2048]
Header from Linux TUN interface.
TCP packet header.
static unsigned long long payload
How much data are we currently storing in the database?
#define GNUNET_MAX_MESSAGE_SIZE
Largest supported message (to be precise, one byte more than the largest possible message...
Standard IPv6 header.
int af
AF_INET or AF_INET6.
#define GNUNET_ALIGN
gcc-ism to force alignment; we use this to align char-arrays that may then be cast to &#39;struct&#39;s...
static struct GNUNET_STATISTICS_Handle * stats
Statistics.
struct GNUNET_HELPER_SendHandle * GNUNET_HELPER_send(struct GNUNET_HELPER_Handle *h, const struct GNUNET_MessageHeader *msg, int can_drop, GNUNET_HELPER_Continuation cont, void *cont_cls)
Send an message to the helper.
Definition: helper.c:660
#define GNUNET_log(kind,...)
uint16_t payload_length
Length of the payload, excluding this header.
Header for all communications.
#define GNUNET_YES
Definition: gnunet_common.h:80
#define ETH_P_IPV4
Number for IPv4.
#define GNUNET_MESSAGE_TYPE_VPN_HELPER
Type of messages between the gnunet-vpn-helper and the daemon.
uint16_t len
length of data (which is always a uint32_t, but presumably this can be used to specify that fewer byt...
#define gettext_noop(String)
Definition: gettext.h:69
static int ipv6
Option -6: IPv6 requested.
Definition: gnunet-vpn.c:66
Here is the call graph for this function:
Here is the caller graph for this function:

◆ send_icmp_packet_via_tun()

static void send_icmp_packet_via_tun ( const struct SocketAddress destination_address,
const struct SocketAddress source_address,
const struct GNUNET_TUN_IcmpHeader icmp_header,
const void *  payload,
size_t  payload_length 
)
static

Send an ICMP packet via the TUN interface.

Parameters
destination_addressIP to use for the ICMP packet's destination
source_addressIP to use for the ICMP packet's source
icmp_headerICMP header to send
payloadpayload of the ICMP packet (does NOT include ICMP header)
payload_lengthnumber of bytes of data in payload

Definition at line 1052 of file gnunet-daemon-exit.c.

References SocketAddress::address, SocketAddress::af, buf, ETH_P_IPV4, ETH_P_IPV6, GNUNET_TUN_Layer2PacketHeader::flags, gettext_noop, GNUNET_ALIGN, GNUNET_assert, GNUNET_break, GNUNET_ERROR_TYPE_DEBUG, GNUNET_HELPER_send(), GNUNET_log, GNUNET_MAX_MESSAGE_SIZE, GNUNET_memcpy, GNUNET_MESSAGE_TYPE_VPN_HELPER, GNUNET_NO, GNUNET_STATISTICS_update(), GNUNET_TUN_calculate_icmp_checksum(), GNUNET_TUN_initialize_ipv4_header(), GNUNET_TUN_initialize_ipv6_header(), GNUNET_YES, SocketAddress::ipv4, SocketAddress::ipv6, len, GNUNET_TUN_Layer2PacketHeader::proto, GNUNET_MessageHeader::size, and GNUNET_MessageHeader::type.

Referenced by handle_icmp_remote(), and handle_icmp_service().

1056 {
1057  size_t len;
1058  struct GNUNET_TUN_IcmpHeader *icmp;
1059 
1061  gettext_noop ("# ICMP packets sent via TUN"),
1062  1, GNUNET_NO);
1064  "Sending packet with %u bytes ICMP payload via TUN\n",
1065  (unsigned int) payload_length);
1066  len = sizeof (struct GNUNET_MessageHeader) + sizeof (struct GNUNET_TUN_Layer2PacketHeader);
1067  switch (destination_address->af)
1068  {
1069  case AF_INET:
1070  len += sizeof (struct GNUNET_TUN_IPv4Header);
1071  break;
1072  case AF_INET6:
1073  len += sizeof (struct GNUNET_TUN_IPv6Header);
1074  break;
1075  default:
1076  GNUNET_break (0);
1077  return;
1078  }
1079  len += sizeof (struct GNUNET_TUN_IcmpHeader);
1080  len += payload_length;
1081  if (len >= GNUNET_MAX_MESSAGE_SIZE)
1082  {
1083  GNUNET_break (0);
1084  return;
1085  }
1086  {
1087  char buf[len] GNUNET_ALIGN;
1088  struct GNUNET_MessageHeader *hdr;
1089  struct GNUNET_TUN_Layer2PacketHeader *tun;
1090 
1091  hdr= (struct GNUNET_MessageHeader *) buf;
1092  hdr->type = htons (GNUNET_MESSAGE_TYPE_VPN_HELPER);
1093  hdr->size = htons (len);
1094  tun = (struct GNUNET_TUN_Layer2PacketHeader*) &hdr[1];
1095  tun->flags = htons (0);
1096  switch (source_address->af)
1097  {
1098  case AF_INET:
1099  {
1100  struct GNUNET_TUN_IPv4Header * ipv4 = (struct GNUNET_TUN_IPv4Header*) &tun[1];
1101 
1102  tun->proto = htons (ETH_P_IPV4);
1104  IPPROTO_ICMP,
1105  sizeof (struct GNUNET_TUN_IcmpHeader) + payload_length,
1106  &source_address->address.ipv4,
1107  &destination_address->address.ipv4);
1108  icmp = (struct GNUNET_TUN_IcmpHeader*) &ipv4[1];
1109  }
1110  break;
1111  case AF_INET6:
1112  {
1113  struct GNUNET_TUN_IPv6Header * ipv6 = (struct GNUNET_TUN_IPv6Header*) &tun[1];
1114 
1115  tun->proto = htons (ETH_P_IPV6);
1117  IPPROTO_ICMPV6,
1118  sizeof (struct GNUNET_TUN_IcmpHeader) + payload_length,
1119  &source_address->address.ipv6,
1120  &destination_address->address.ipv6);
1121  icmp = (struct GNUNET_TUN_IcmpHeader*) &ipv6[1];
1122  }
1123  break;
1124  default:
1125  GNUNET_assert (0);
1126  break;
1127  }
1128  *icmp = *icmp_header;
1129  GNUNET_memcpy (&icmp[1],
1130  payload,
1131  payload_length);
1133  payload,
1134  payload_length);
1135  if (NULL != helper_handle)
1137  (const struct GNUNET_MessageHeader*) buf,
1138  GNUNET_YES,
1139  NULL, NULL);
1140  }
1141 }
static struct GNUNET_HELPER_Handle * helper_handle
The handle to the helper.
struct in6_addr ipv6
Address, if af is AF_INET6.
uint16_t proto
Here we get an ETH_P_-number.
union SocketAddress::@12 address
Remote address information.
static int ipv4
Option -4: IPv4 requested.
Definition: gnunet-vpn.c:61
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
struct in_addr ipv4
Address, if af is AF_INET.
#define ETH_P_IPV6
Number for IPv6.
#define GNUNET_NO
Definition: gnunet_common.h:81
Standard IPv4 header.
uint16_t flags
Some flags (unused).
uint16_t size
The length of the struct (in bytes, including the length field itself), in big-endian format...
void GNUNET_STATISTICS_update(struct GNUNET_STATISTICS_Handle *handle, const char *name, int64_t delta, int make_persistent)
Set statistic value for the peer.
void GNUNET_TUN_initialize_ipv4_header(struct GNUNET_TUN_IPv4Header *ip, uint8_t protocol, uint16_t payload_length, const struct in_addr *src, const struct in_addr *dst)
Initialize an IPv4 header.
Definition: tun.c:46
#define GNUNET_break(cond)
Use this for internal assertion violations that are not fatal (can be handled) but should not occur...
uint16_t type
The type of the message (GNUNET_MESSAGE_TYPE_XXXX), in big-endian format.
#define GNUNET_memcpy(dst, src, n)
static char buf[2048]
Header from Linux TUN interface.
void GNUNET_TUN_calculate_icmp_checksum(struct GNUNET_TUN_IcmpHeader *icmp, const void *payload, uint16_t payload_length)
Calculate ICMP checksum.
Definition: tun.c:260
static unsigned long long payload
How much data are we currently storing in the database?
#define GNUNET_MAX_MESSAGE_SIZE
Largest supported message (to be precise, one byte more than the largest possible message...
Standard IPv6 header.
int af
AF_INET or AF_INET6.
#define GNUNET_ALIGN
gcc-ism to force alignment; we use this to align char-arrays that may then be cast to &#39;struct&#39;s...
static struct GNUNET_STATISTICS_Handle * stats
Statistics.
struct GNUNET_HELPER_SendHandle * GNUNET_HELPER_send(struct GNUNET_HELPER_Handle *h, const struct GNUNET_MessageHeader *msg, int can_drop, GNUNET_HELPER_Continuation cont, void *cont_cls)
Send an message to the helper.
Definition: helper.c:660
#define GNUNET_log(kind,...)
uint16_t payload_length
Length of the payload, excluding this header.
Header for all communications.
#define GNUNET_YES
Definition: gnunet_common.h:80
void GNUNET_TUN_initialize_ipv6_header(struct GNUNET_TUN_IPv6Header *ip, uint8_t protocol, uint16_t payload_length, const struct in6_addr *src, const struct in6_addr *dst)
Initialize an IPv6 header.
Definition: tun.c:81
#define ETH_P_IPV4
Number for IPv4.
#define GNUNET_MESSAGE_TYPE_VPN_HELPER
Type of messages between the gnunet-vpn-helper and the daemon.
uint16_t len
length of data (which is always a uint32_t, but presumably this can be used to specify that fewer byt...
#define gettext_noop(String)
Definition: gettext.h:69
static int ipv6
Option -6: IPv6 requested.
Definition: gnunet-vpn.c:66
Here is the call graph for this function:
Here is the caller graph for this function:

◆ setup_fresh_address()

static void setup_fresh_address ( int  af,
uint8_t  proto,
struct SocketAddress local_address 
)
static

We need to create a (unique) fresh local address (IP+port).

Fill one in.

Parameters
afdesired address family
protodesired protocol (IPPROTO_UDP or IPPROTO_TCP)
local_addressaddress to initialize

Definition at line 1153 of file gnunet-daemon-exit.c.

References SocketAddress::address, SocketAddress::af, exit_ipv4addr, exit_ipv4mask, exit_ipv6addr, GNUNET_assert, GNUNET_CRYPTO_QUALITY_WEAK, GNUNET_CRYPTO_random_u32(), GNUNET_memcmp, SocketAddress::ipv4, SocketAddress::ipv6, ipv6prefix, SocketAddress::port, and SocketAddress::proto.

Referenced by setup_state_record().

1156 {
1157  local_address->af = af;
1158  local_address->proto = (uint8_t) proto;
1159  /* default "local" port range is often 32768--61000,
1160  so we pick a random value in that range */
1161  if ( ( (af == AF_INET) && (proto == IPPROTO_ICMP) ) ||
1162  ( (af == AF_INET6) && (proto == IPPROTO_ICMPV6) ) )
1163  local_address->port = 0;
1164  else
1165  local_address->port
1167  28232);
1168  switch (af)
1169  {
1170  case AF_INET:
1171  {
1172  struct in_addr addr;
1173  struct in_addr mask;
1174  struct in_addr rnd;
1175 
1176  addr = exit_ipv4addr;
1177  mask = exit_ipv4mask;
1178  if (0 == ~mask.s_addr)
1179  {
1180  /* only one valid IP anyway */
1181  local_address->address.ipv4 = addr;
1182  return;
1183  }
1184  /* Given 192.168.0.1/255.255.0.0, we want a mask
1185  of '192.168.255.255', thus: */
1186  mask.s_addr = addr.s_addr | ~mask.s_addr;
1187  /* Pick random IPv4 address within the subnet, except 'addr' or 'mask' itself */
1188  do
1189  {
1191  UINT32_MAX);
1192  local_address->address.ipv4.s_addr = (addr.s_addr | rnd.s_addr) & mask.s_addr;
1193  }
1194  while ( (local_address->address.ipv4.s_addr == addr.s_addr) ||
1195  (local_address->address.ipv4.s_addr == mask.s_addr) );
1196  }
1197  break;
1198  case AF_INET6:
1199  {
1200  struct in6_addr addr;
1201  struct in6_addr mask;
1202  struct in6_addr rnd;
1203  int i;
1204 
1205  addr = exit_ipv6addr;
1206  GNUNET_assert (ipv6prefix < 128);
1207  if (ipv6prefix == 127)
1208  {
1209  /* only one valid IP anyway */
1210  local_address->address.ipv6 = addr;
1211  return;
1212  }
1213  /* Given ABCD::/96, we want a mask of 'ABCD::FFFF:FFFF,
1214  thus: */
1215  mask = addr;
1216  for (i=127;i>=ipv6prefix;i--)
1217  mask.s6_addr[i / 8] |= (1 << (i % 8));
1218 
1219  /* Pick random IPv6 address within the subnet, except 'addr' or 'mask' itself */
1220  do
1221  {
1222  for (i=0;i<16;i++)
1223  {
1224  rnd.s6_addr[i] = (unsigned char) GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_WEAK,
1225  256);
1226  local_address->address.ipv6.s6_addr[i]
1227  = (addr.s6_addr[i] | rnd.s6_addr[i]) & mask.s6_addr[i];
1228  }
1229  }
1230  while ( (0 == GNUNET_memcmp (&local_address->address.ipv6,
1231  &addr)) ||
1232  (0 == GNUNET_memcmp (&local_address->address.ipv6,
1233  &mask)) );
1234  }
1235  break;
1236  default:
1237  GNUNET_assert (0);
1238  }
1239 }
static struct in_addr exit_ipv4mask
IPv4 netmask of our TUN interface.
struct in6_addr ipv6
Address, if af is AF_INET6.
static struct in6_addr exit_ipv6addr
IPv6 address of our TUN interface.
union SocketAddress::@12 address
Remote address information.
static uint8_t proto
Protocol to use.
Definition: gnunet-nat.c:60
uint32_t GNUNET_CRYPTO_random_u32(enum GNUNET_CRYPTO_Quality mode, uint32_t i)
Produce a random value.
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
struct in_addr ipv4
Address, if af is AF_INET.
static unsigned long long ipv6prefix
IPv6 prefix (0..127) from configuration file.
static struct in_addr exit_ipv4addr
IPv4 address of our TUN interface.
uint8_t proto
IPPROTO_TCP or IPPROTO_UDP;.
#define GNUNET_memcmp(a, b)
Compare memory in a and b, where both must be of the same pointer type.
int af
AF_INET or AF_INET6.
uint16_t port
Remote port, in host byte order!
No good quality of the operation is needed (i.e., random numbers can be pseudo-random).
Here is the call graph for this function:
Here is the caller graph for this function:

◆ setup_state_record()

static void setup_state_record ( struct ChannelState state)
static

We are starting a fresh connection (TCP or UDP) and need to pick a source port and IP address (within the correct range and address family) to associate replies with the connection / correct cadet channel.

This function generates a "fresh" source IP and source port number for a connection After picking a good source address, this function sets up the state in the 'connections_map' and 'connections_heap' to allow finding the state when needed later. The function also makes sure that we remain within memory limits by cleaning up 'old' states.

Parameters
stateskeleton state to setup a record for; should 'state->specifics.tcp_udp.ri.remote_address' filled in so that this code can determine which AF/protocol is going to be used (the 'channel' should also already be set); after calling this function, heap_node and the local_address will be also initialized (heap_node != NULL can be used to test if a state has been fully setup).

Definition at line 1264 of file gnunet-daemon-exit.c.

References buf, ChannelState::channel, get_redirect_state(), GNUNET_assert, GNUNET_CADET_channel_destroy(), GNUNET_CONTAINER_heap_get_size(), GNUNET_CONTAINER_heap_insert(), GNUNET_CONTAINER_heap_remove_root(), GNUNET_CONTAINER_multihashmap_put(), GNUNET_CONTAINER_multihashmap_remove(), GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY, GNUNET_ERROR_TYPE_DEBUG, GNUNET_free, GNUNET_log, GNUNET_OK, GNUNET_TIME_absolute_get(), key, max_connections, setup_fresh_address(), ChannelState::specifics, and ChannelState::tcp_udp.

Referenced by handle_icmp_remote(), handle_icmp_service(), handle_tcp_remote(), handle_tcp_service(), handle_udp_remote(), and handle_udp_service().

1265 {
1266  struct GNUNET_HashCode key;
1267  struct ChannelState *s;
1268 
1269  /* generate fresh, unique address */
1270  do
1271  {
1272  if (NULL == state->specifics.tcp_udp.serv)
1273  setup_fresh_address (state->specifics.tcp_udp.ri.remote_address.af,
1274  state->specifics.tcp_udp.ri.remote_address.proto,
1275  &state->specifics.tcp_udp.ri.local_address);
1276  else
1277  setup_fresh_address (state->specifics.tcp_udp.serv->address.af,
1278  state->specifics.tcp_udp.serv->address.proto,
1279  &state->specifics.tcp_udp.ri.local_address);
1280  } while (NULL !=
1281  get_redirect_state (state->specifics.tcp_udp.ri.remote_address.af,
1282  state->specifics.tcp_udp.ri.remote_address.proto,
1283  &state->specifics.tcp_udp.ri.remote_address.address,
1284  state->specifics.tcp_udp.ri.remote_address.port,
1285  &state->specifics.tcp_udp.ri.local_address.address,
1286  state->specifics.tcp_udp.ri.local_address.port,
1287  &key));
1288  {
1289  char buf[INET6_ADDRSTRLEN];
1291  "Picked local address %s:%u for new connection\n",
1292  inet_ntop (state->specifics.tcp_udp.ri.local_address.af,
1293  &state->specifics.tcp_udp.ri.local_address.address,
1294  buf,
1295  sizeof (buf)),
1296  (unsigned int) state->specifics.tcp_udp.ri.local_address.port);
1297  }
1298  state->specifics.tcp_udp.state_key = key;
1301  &key, state,
1303  state->specifics.tcp_udp.heap_node
1305  state,
1306  GNUNET_TIME_absolute_get ().abs_value_us);
1308  {
1310  GNUNET_assert (state != s);
1311  s->specifics.tcp_udp.heap_node = NULL;
1315  &s->specifics.tcp_udp.state_key,
1316  s));
1317  GNUNET_free (s);
1318  }
1319 }
static void setup_fresh_address(int af, uint8_t proto, struct SocketAddress *local_address)
We need to create a (unique) fresh local address (IP+port).
struct GNUNET_CONTAINER_HeapNode * GNUNET_CONTAINER_heap_insert(struct GNUNET_CONTAINER_Heap *heap, void *element, GNUNET_CONTAINER_HeapCostType cost)
Inserts a new element into the heap.
static unsigned long long max_connections
If there are at least this many connections, old ones will be removed.
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
#define GNUNET_OK
Named constants for return values.
Definition: gnunet_common.h:78
static char buf[2048]
int GNUNET_CONTAINER_multihashmap_remove(struct GNUNET_CONTAINER_MultiHashMap *map, const struct GNUNET_HashCode *key, const void *value)
Remove the given key-value pair from the map.
A 512-bit hashcode.
struct GNUNET_TIME_Absolute GNUNET_TIME_absolute_get(void)
Get the current time.
Definition: time.c:118
struct GNUNET_CADET_Channel * channel
Cadet channel that is used for this connection.
unsigned int GNUNET_CONTAINER_heap_get_size(const struct GNUNET_CONTAINER_Heap *heap)
Get the current size of the heap.
static struct ChannelState * get_redirect_state(int af, int protocol, const void *destination_ip, uint16_t destination_port, const void *local_ip, uint16_t local_port, struct GNUNET_HashCode *state_key)
Get our connection tracking state.
There must only be one value per key; storing a value should fail if a value under the same key alrea...
struct GNUNET_HashCode key
The key used in the DHT.
int GNUNET_CONTAINER_multihashmap_put(struct GNUNET_CONTAINER_MultiHashMap *map, const struct GNUNET_HashCode *key, void *value, enum GNUNET_CONTAINER_MultiHashMapOption opt)
Store a key-value pair in the map.
static struct GNUNET_CONTAINER_Heap * connections_heap
Heap so we can quickly find "old" connections.
#define GNUNET_log(kind,...)
void * GNUNET_CONTAINER_heap_remove_root(struct GNUNET_CONTAINER_Heap *heap)
Remove root of the heap.
union ChannelState::@13 specifics
This struct is saved into connections_map to allow finding the right channel given an IP packet from ...
static struct GNUNET_CONTAINER_MultiHashMap * connections_map
This hashmaps contains the mapping from peer, service-descriptor, source-port and destination-port to...
struct ChannelState::@13::@14 tcp_udp
void GNUNET_CADET_channel_destroy(struct GNUNET_CADET_Channel *channel)
Destroy an existing channel.
Definition: cadet_api.c:905
#define GNUNET_free(ptr)
Wrapper around free.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ send_udp_packet_via_tun()

static void send_udp_packet_via_tun ( const struct SocketAddress destination_address,
const struct SocketAddress source_address,
const void *  payload,
size_t  payload_length 
)
static

Send a UDP packet via the TUN interface.

Parameters
destination_addressIP and port to use for the UDP packet's destination
source_addressIP and port to use for the UDP packet's source
payloadpayload of the UDP packet (does NOT include UDP header)
payload_lengthnumber of bytes of data in payload

Definition at line 1331 of file gnunet-daemon-exit.c.

References SocketAddress::af, buf, ETH_P_IPV4, ETH_P_IPV6, GNUNET_TUN_Layer2PacketHeader::flags, gettext_noop, GNUNET_ALIGN, GNUNET_assert, GNUNET_break, GNUNET_ERROR_TYPE_DEBUG, GNUNET_HELPER_send(), GNUNET_log, GNUNET_MAX_MESSAGE_SIZE, GNUNET_MESSAGE_TYPE_VPN_HELPER, GNUNET_NO, GNUNET_STATISTICS_update(), GNUNET_YES, SocketAddress::ipv4, SocketAddress::ipv6, len, prepare_ipv4_packet(), prepare_ipv6_packet(), GNUNET_TUN_Layer2PacketHeader::proto, GNUNET_MessageHeader::size, and GNUNET_MessageHeader::type.

Referenced by handle_udp_remote(), and handle_udp_service().

1334 {
1335  size_t len;
1336 
1338  gettext_noop ("# UDP packets sent via TUN"),
1339  1, GNUNET_NO);
1341  "Sending packet with %u bytes UDP payload via TUN\n",
1342  (unsigned int) payload_length);
1343  len = sizeof (struct GNUNET_MessageHeader) + sizeof (struct GNUNET_TUN_Layer2PacketHeader);
1344  switch (source_address->af)
1345  {
1346  case AF_INET:
1347  len += sizeof (struct GNUNET_TUN_IPv4Header);
1348  break;
1349  case AF_INET6:
1350  len += sizeof (struct GNUNET_TUN_IPv6Header);
1351  break;
1352  default:
1353  GNUNET_break (0);
1354  return;
1355  }
1356  len += sizeof (struct GNUNET_TUN_UdpHeader);
1357  len += payload_length;
1358  if (len >= GNUNET_MAX_MESSAGE_SIZE)
1359  {
1360  GNUNET_break (0);
1361  return;
1362  }
1363  {
1364  char buf[len] GNUNET_ALIGN;
1365  struct GNUNET_MessageHeader *hdr;
1366  struct GNUNET_TUN_Layer2PacketHeader *tun;
1367 
1368  hdr= (struct GNUNET_MessageHeader *) buf;
1369  hdr->type = htons (GNUNET_MESSAGE_TYPE_VPN_HELPER);
1370  hdr->size = htons (len);
1371  tun = (struct GNUNET_TUN_Layer2PacketHeader*) &hdr[1];
1372  tun->flags = htons (0);
1373  switch (source_address->af)
1374  {
1375  case AF_INET:
1376  {
1377  struct GNUNET_TUN_IPv4Header * ipv4 = (struct GNUNET_TUN_IPv4Header*) &tun[1];
1378 
1379  tun->proto = htons (ETH_P_IPV4);
1381  payload_length,
1382  IPPROTO_UDP,
1383  NULL,
1384  source_address,
1385  destination_address,
1386  ipv4);
1387  }
1388  break;
1389  case AF_INET6:
1390  {
1391  struct GNUNET_TUN_IPv6Header * ipv6 = (struct GNUNET_TUN_IPv6Header*) &tun[1];
1392 
1393  tun->proto = htons (ETH_P_IPV6);
1396  IPPROTO_UDP,
1397  NULL,
1398  source_address,
1399  destination_address,
1400  ipv6);
1401  }
1402  break;
1403  default:
1404  GNUNET_assert (0);
1405  break;
1406  }
1407  if (NULL != helper_handle)
1409  (const struct GNUNET_MessageHeader*) buf,
1410  GNUNET_YES,
1411  NULL, NULL);
1412  }
1413 }
static struct GNUNET_HELPER_Handle * helper_handle
The handle to the helper.
uint16_t proto
Here we get an ETH_P_-number.
static int ipv4
Option -4: IPv4 requested.
Definition: gnunet-vpn.c:61
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
static void prepare_ipv6_packet(const void *payload, size_t payload_length, int protocol, const struct GNUNET_TUN_TcpHeader *tcp_header, const struct SocketAddress *src_address, const struct SocketAddress *dst_address, struct GNUNET_TUN_IPv6Header *pkt6)
Prepare an IPv6 packet for transmission via the TUN interface.
UDP packet header.
#define ETH_P_IPV6
Number for IPv6.
#define GNUNET_NO
Definition: gnunet_common.h:81
Standard IPv4 header.
uint16_t flags
Some flags (unused).
uint16_t size
The length of the struct (in bytes, including the length field itself), in big-endian format...
void GNUNET_STATISTICS_update(struct GNUNET_STATISTICS_Handle *handle, const char *name, int64_t delta, int make_persistent)
Set statistic value for the peer.
#define GNUNET_break(cond)
Use this for internal assertion violations that are not fatal (can be handled) but should not occur...
static void prepare_ipv4_packet(const void *payload, size_t payload_length, int protocol, const struct GNUNET_TUN_TcpHeader *tcp_header, const struct SocketAddress *src_address, const struct SocketAddress *dst_address, struct GNUNET_TUN_IPv4Header *pkt4)
Prepare an IPv4 packet for transmission via the TUN interface.
uint16_t type
The type of the message (GNUNET_MESSAGE_TYPE_XXXX), in big-endian format.
static char buf[2048]
Header from Linux TUN interface.
static unsigned long long payload
How much data are we currently storing in the database?
#define GNUNET_MAX_MESSAGE_SIZE
Largest supported message (to be precise, one byte more than the largest possible message...
Standard IPv6 header.
int af
AF_INET or AF_INET6.
#define GNUNET_ALIGN
gcc-ism to force alignment; we use this to align char-arrays that may then be cast to &#39;struct&#39;s...
static struct GNUNET_STATISTICS_Handle * stats
Statistics.
struct GNUNET_HELPER_SendHandle * GNUNET_HELPER_send(struct GNUNET_HELPER_Handle *h, const struct GNUNET_MessageHeader *msg, int can_drop, GNUNET_HELPER_Continuation cont, void *cont_cls)
Send an message to the helper.
Definition: helper.c:660
#define GNUNET_log(kind,...)
uint16_t payload_length
Length of the payload, excluding this header.
Header for all communications.
#define GNUNET_YES
Definition: gnunet_common.h:80
#define ETH_P_IPV4
Number for IPv4.
#define GNUNET_MESSAGE_TYPE_VPN_HELPER
Type of messages between the gnunet-vpn-helper and the daemon.
uint16_t len
length of data (which is always a uint32_t, but presumably this can be used to specify that fewer byt...
#define gettext_noop(String)
Definition: gettext.h:69
static int ipv6
Option -6: IPv6 requested.
Definition: gnunet-vpn.c:66
Here is the call graph for this function:
Here is the caller graph for this function:

◆ check_udp_remote()

static int check_udp_remote ( void *  cls,
const struct GNUNET_EXIT_UdpInternetMessage msg 
)
static

Check a request to forward UDP data to the Internet via this peer.

Parameters
clsour struct ChannelState *
msgthe actual message
Returns
GNUNET_OK to keep the connection open, GNUNET_SYSERR to close it (signal serious error)

Definition at line 1425 of file gnunet-daemon-exit.c.

References GNUNET_break_op, GNUNET_OK, GNUNET_SYSERR, GNUNET_YES, ChannelState::is_dns, and state.

1427 {
1428  struct ChannelState *state = cls;
1429 
1430  if (GNUNET_YES == state->is_dns)
1431  {
1432  GNUNET_break_op (0);
1433  return GNUNET_SYSERR;
1434  }
1435  return GNUNET_OK;
1436 }
#define GNUNET_OK
Named constants for return values.
Definition: gnunet_common.h:78
enum State state
current state of profiling
#define GNUNET_break_op(cond)
Use this for assertion violations caused by other peers (i.e.
#define GNUNET_SYSERR
Definition: gnunet_common.h:79
int is_dns
GNUNET_NO if this is a channel for TCP/UDP, GNUNET_YES if this is a channel for DNS, GNUNET_SYSERR if the channel is not yet initialized.
This struct is saved into connections_map to allow finding the right channel given an IP packet from ...
#define GNUNET_YES
Definition: gnunet_common.h:80

◆ handle_udp_remote()

static void handle_udp_remote ( void *  cls,
const struct GNUNET_EXIT_UdpInternetMessage msg 
)
static

Process a request to forward UDP data to the Internet via this peer.

Parameters
clsour struct ChannelState *
msgthe actual message

Definition at line 1446 of file gnunet-daemon-exit.c.

References SocketAddress::af, GNUNET_EXIT_UdpInternetMessage::af, buf, ChannelState::channel, GNUNET_EXIT_UdpInternetMessage::destination_port, gettext_noop, GNUNET_break_op, GNUNET_CADET_receive_done(), GNUNET_ERROR_TYPE_DEBUG, GNUNET_i2s(), GNUNET_log, GNUNET_NO, GNUNET_STATISTICS_update(), GNUNET_SYSERR, GNUNET_EXIT_UdpInternetMessage::header, ipv4_exit, ipv6_exit, ChannelState::is_dns, payload, ChannelState::peer, send_udp_packet_via_tun(), setup_state_record(), GNUNET_MessageHeader::size, GNUNET_EXIT_UdpInternetMessage::source_port, ChannelState::specifics, state, and ChannelState::tcp_udp.

1448 {
1449  struct ChannelState *state = cls;
1450  uint16_t pkt_len = ntohs (msg->header.size) - sizeof (struct GNUNET_EXIT_UdpInternetMessage);
1451  const struct in_addr *v4;
1452  const struct in6_addr *v6;
1453  const void *payload;
1454  int af;
1455 
1456  if (GNUNET_SYSERR == state->is_dns)
1457  {
1458  /* channel is UDP/TCP from now on */
1459  state->is_dns = GNUNET_NO;
1460  }
1462  gettext_noop ("# Bytes received from CADET"),
1463  pkt_len, GNUNET_NO);
1465  gettext_noop ("# UDP IP-exit requests received via cadet"),
1466  1, GNUNET_NO);
1467  af = (int) ntohl (msg->af);
1468  state->specifics.tcp_udp.ri.remote_address.af = af;
1469  switch (af)
1470  {
1471  case AF_INET:
1472  if (pkt_len < sizeof (struct in_addr))
1473  {
1474  GNUNET_break_op (0);
1475  return;
1476  }
1477  if (! ipv4_exit)
1478  {
1479  GNUNET_break_op (0);
1480  return;
1481  }
1482  v4 = (const struct in_addr*) &msg[1];
1483  payload = &v4[1];
1484  pkt_len -= sizeof (struct in_addr);
1485  state->specifics.tcp_udp.ri.remote_address.address.ipv4 = *v4;
1486  break;
1487  case AF_INET6:
1488  if (pkt_len < sizeof (struct in6_addr))
1489  {
1490  GNUNET_break_op (0);
1491  return;
1492  }
1493  if (! ipv6_exit)
1494  {
1495  GNUNET_break_op (0);
1496  return;
1497  }
1498  v6 = (const struct in6_addr*) &msg[1];
1499  payload = &v6[1];
1500  pkt_len -= sizeof (struct in6_addr);
1501  state->specifics.tcp_udp.ri.remote_address.address.ipv6 = *v6;
1502  break;
1503  default:
1504  GNUNET_break_op (0);
1505  return;
1506  }
1507  {
1508  char buf[INET6_ADDRSTRLEN];
1510  "Received data from %s for forwarding to UDP %s:%u\n",
1511  GNUNET_i2s (&state->peer),
1512  inet_ntop (af,
1513  &state->specifics.tcp_udp.ri.remote_address.address,
1514  buf, sizeof (buf)),
1515  (unsigned int) ntohs (msg->destination_port));
1516  }
1517  state->specifics.tcp_udp.ri.remote_address.proto = IPPROTO_UDP;
1518  state->specifics.tcp_udp.ri.remote_address.port = msg->destination_port;
1519  if (NULL == state->specifics.tcp_udp.heap_node)
1520  setup_state_record (state);
1521  if (0 != ntohs (msg->source_port))
1522  state->specifics.tcp_udp.ri.local_address.port = msg->source_port;
1523  send_udp_packet_via_tun (&state->specifics.tcp_udp.ri.remote_address,
1524  &state->specifics.tcp_udp.ri.local_address,
1525  payload,
1526  pkt_len);
1528 }
#define GNUNET_NO
Definition: gnunet_common.h:81
uint16_t size
The length of the struct (in bytes, including the length field itself), in big-endian format...
void GNUNET_STATISTICS_update(struct GNUNET_STATISTICS_Handle *handle, const char *name, int64_t delta, int make_persistent)
Set statistic value for the peer.
static int ipv6_exit
Are we an IPv6-exit?
static void setup_state_record(struct ChannelState *state)
We are starting a fresh connection (TCP or UDP) and need to pick a source port and IP address (within...
int32_t af
Address family, AF_INET or AF_INET6, in network byte order.
Definition: exit.h:155
enum State state
current state of profiling
#define GNUNET_break_op(cond)
Use this for assertion violations caused by other peers (i.e.
uint16_t destination_port
Destination port to use for the UDP request.
Definition: exit.h:165
static char buf[2048]
struct GNUNET_CADET_Channel * channel
Cadet channel that is used for this connection.
static int ipv4_exit
Are we an IPv4-exit?
#define GNUNET_SYSERR
Definition: gnunet_common.h:79
static unsigned long long payload
How much data are we currently storing in the database?
void GNUNET_CADET_receive_done(struct GNUNET_CADET_Channel *channel)
Send an ack on the channel to confirm the processing of a message.
Definition: cadet_api.c:955
struct GNUNET_MessageHeader header
Type is GNUNET_MESSAGE_TYPE_VPN_UDP_TO_INTERNET.
Definition: exit.h:150
static struct GNUNET_STATISTICS_Handle * stats
Statistics.
#define GNUNET_log(kind,...)
int is_dns
GNUNET_NO if this is a channel for TCP/UDP, GNUNET_YES if this is a channel for DNS, GNUNET_SYSERR if the channel is not yet initialized.
union ChannelState::@13 specifics
This struct is saved into connections_map to allow finding the right channel given an IP packet from ...
struct ChannelState::@13::@14 tcp_udp
uint16_t source_port
Source port to use for the UDP request (0 to use a random port).
Definition: exit.h:160
struct GNUNET_PeerIdentity peer
Who is the other end of this channel.
const char * GNUNET_i2s(const struct GNUNET_PeerIdentity *pid)
Convert a peer identity to a string (for printing debug messages).
static void send_udp_packet_via_tun(const struct SocketAddress *destination_address, const struct SocketAddress *source_address, const void *payload, size_t payload_length)
Send a UDP packet via the TUN interface.
Message send via cadet to an exit daemon to forward UDP data to the Internet.
Definition: exit.h:145
#define gettext_noop(String)
Definition: gettext.h:69
Here is the call graph for this function:

◆ check_udp_service()

static int check_udp_service ( void *  cls,
const struct GNUNET_EXIT_UdpServiceMessage msg 
)
static

Check a request via cadet to send a request to a UDP service offered by this system.

Parameters
clsour struct ChannelState *
msgthe actual message
Returns
GNUNET_OK to keep the connection open, GNUNET_SYSERR to close it (signal serious error)

Definition at line 1541 of file gnunet-daemon-exit.c.

References GNUNET_break_op, GNUNET_OK, GNUNET_SYSERR, ChannelState::specifics, state, and ChannelState::tcp_udp.

1543 {
1544  struct ChannelState *state = cls;
1545 
1546  if (NULL == state->specifics.tcp_udp.serv)
1547  {
1548  GNUNET_break_op (0);
1549  return GNUNET_SYSERR;
1550  }
1551  return GNUNET_OK;
1552 }
#define GNUNET_OK
Named constants for return values.
Definition: gnunet_common.h:78
enum State state
current state of profiling
#define GNUNET_break_op(cond)
Use this for assertion violations caused by other peers (i.e.
#define GNUNET_SYSERR
Definition: gnunet_common.h:79
union ChannelState::@13 specifics
This struct is saved into connections_map to allow finding the right channel given an IP packet from ...
struct ChannelState::@13::@14 tcp_udp

◆ handle_udp_service()

static void handle_udp_service ( void *  cls,
const struct GNUNET_EXIT_UdpServiceMessage msg 
)
static

Process a request via cadet to send a request to a UDP service offered by this system.

Parameters
clsour struct ChannelState *
msgthe actual message

Definition at line 1563 of file gnunet-daemon-exit.c.

References ChannelState::channel, GNUNET_EXIT_UdpServiceMessage::destination_port, gettext_noop, GNUNET_CADET_receive_done(), GNUNET_ERROR_TYPE_DEBUG, GNUNET_h2s(), GNUNET_i2s(), GNUNET_NO, GNUNET_STATISTICS_update(), GNUNET_EXIT_UdpServiceMessage::header, LOG, ChannelState::peer, send_udp_packet_via_tun(), setup_state_record(), GNUNET_MessageHeader::size, GNUNET_EXIT_UdpServiceMessage::source_port, ChannelState::specifics, state, and ChannelState::tcp_udp.

1565 {
1566  struct ChannelState *state = cls;
1567  uint16_t pkt_len = ntohs (msg->header.size) - sizeof (struct GNUNET_EXIT_UdpServiceMessage);
1568 
1570  gettext_noop ("# Bytes received from CADET"),
1571  pkt_len, GNUNET_NO);
1573  gettext_noop ("# UDP service requests received via cadet"),
1574  1, GNUNET_NO);
1576  "Received data from %s for forwarding to UDP service %s on port %u\n",
1577  GNUNET_i2s (&state->peer),
1578  GNUNET_h2s (&state->specifics.tcp_udp.serv->descriptor),
1579  (unsigned int) ntohs (msg->destination_port));
1580  setup_state_record (state);
1581  if (0 != ntohs (msg->source_port))
1582  state->specifics.tcp_udp.ri.local_address.port = msg->source_port;
1583  send_udp_packet_via_tun (&state->specifics.tcp_udp.ri.remote_address,
1584  &state->specifics.tcp_udp.ri.local_address,
1585  &msg[1],
1586  pkt_len);
1588 }
#define GNUNET_NO
Definition: gnunet_common.h:81
const char * GNUNET_h2s(const struct GNUNET_HashCode *hc)
Convert a hash value to a string (for printing debug messages).
uint16_t size
The length of the struct (in bytes, including the length field itself), in big-endian format...
void GNUNET_STATISTICS_update(struct GNUNET_STATISTICS_Handle *handle, const char *name, int64_t delta, int make_persistent)
Set statistic value for the peer.
struct GNUNET_MessageHeader header
Type is GNUNET_MESSAGE_TYPE_VPN_UDP_TO_SERVICE.
Definition: exit.h:125
#define LOG(kind,...)
Generic logging shorthand.
static void setup_state_record(struct ChannelState *state)
We are starting a fresh connection (TCP or UDP) and need to pick a source port and IP address (within...
enum State state
current state of profiling
struct GNUNET_CADET_Channel * channel
Cadet channel that is used for this connection.
Message send via cadet to an exit daemon to send UDP data to a local service.
Definition: exit.h:120
void GNUNET_CADET_receive_done(struct GNUNET_CADET_Channel *channel)
Send an ack on the channel to confirm the processing of a message.
Definition: cadet_api.c:955
static struct GNUNET_STATISTICS_Handle * stats
Statistics.
union ChannelState::@13 specifics
This struct is saved into connections_map to allow finding the right channel given an IP packet from ...
struct ChannelState::@13::@14 tcp_udp
struct GNUNET_PeerIdentity peer
Who is the other end of this channel.
const char * GNUNET_i2s(const struct GNUNET_PeerIdentity *pid)
Convert a peer identity to a string (for printing debug messages).
uint16_t source_port
Source port to use for the UDP request (0 to use a random port).
Definition: exit.h:130
static void send_udp_packet_via_tun(const struct SocketAddress *destination_address, const struct SocketAddress *source_address, const void *payload, size_t payload_length)
Send a UDP packet via the TUN interface.
#define gettext_noop(String)
Definition: gettext.h:69
uint16_t destination_port
Destination port to use for the UDP request.
Definition: exit.h:135
Here is the call graph for this function:

◆ handle_tcp_service()

static void handle_tcp_service ( void *  cls,
const struct GNUNET_EXIT_TcpServiceStartMessage start 
)
static

Process a request via cadet to send a request to a TCP service offered by this system.

Parameters
clsour struct ChannelState *
startthe actual message
Returns
GNUNET_OK to keep the connection open, GNUNET_SYSERR to close it (signal serious error)

Definition at line 1601 of file gnunet-daemon-exit.c.

References ChannelState::channel, GNUNET_TUN_TcpHeader::destination_port, gettext_noop, GNUNET_break_op, GNUNET_CADET_receive_done(), GNUNET_ERROR_TYPE_DEBUG, GNUNET_h2s(), GNUNET_i2s(), GNUNET_log, GNUNET_NO, GNUNET_STATISTICS_update(), GNUNET_SYSERR, GNUNET_EXIT_TcpServiceStartMessage::header, ChannelState::is_dns, ChannelState::peer, GNUNET_EXIT_TcpServiceStartMessage::reserved, send_tcp_packet_via_tun(), setup_state_record(), GNUNET_MessageHeader::size, ChannelState::specifics, state, GNUNET_EXIT_TcpServiceStartMessage::tcp_header, and ChannelState::tcp_udp.

1603 {
1604  struct ChannelState *state = cls;
1605  uint16_t pkt_len = ntohs (start->header.size) - sizeof (struct GNUNET_EXIT_TcpServiceStartMessage);
1606 
1607  if (GNUNET_SYSERR == state->is_dns)
1608  {
1609  /* channel is UDP/TCP from now on */
1610  state->is_dns = GNUNET_NO;
1611  }
1613  gettext_noop ("# TCP service creation requests received via cadet"),
1614  1,
1615  GNUNET_NO);
1617  gettext_noop ("# Bytes received from CADET"),
1618  pkt_len,
1619  GNUNET_NO);
1620  GNUNET_break_op (ntohl (start->reserved) == 0);
1621  /* setup fresh connection */
1623  "Received data from %s for forwarding to TCP service %s on port %u\n",
1624  GNUNET_i2s (&state->peer),
1625  GNUNET_h2s (&state->specifics.tcp_udp.serv->descriptor),
1626  (unsigned int) ntohs (start->tcp_header.destination_port));
1627  setup_state_record (state);
1628  send_tcp_packet_via_tun (&state->specifics.tcp_udp.ri.remote_address,
1629  &state->specifics.tcp_udp.ri.local_address,
1630  &start->tcp_header,
1631  &start[1],
1632  pkt_len);
1634 }
#define GNUNET_NO
Definition: gnunet_common.h:81
const char * GNUNET_h2s(const struct GNUNET_HashCode *hc)
Convert a hash value to a string (for printing debug messages).
uint16_t size
The length of the struct (in bytes, including the length field itself), in big-endian format...
void GNUNET_STATISTICS_update(struct GNUNET_STATISTICS_Handle *handle, const char *name, int64_t delta, int make_persistent)
Set statistic value for the peer.
struct GNUNET_TUN_TcpHeader tcp_header
Skeleton of the TCP header to send.
Definition: exit.h:53
static void setup_state_record(struct ChannelState *state)
We are starting a fresh connection (TCP or UDP) and need to pick a source port and IP address (within...
enum State state
current state of profiling
#define GNUNET_break_op(cond)
Use this for assertion violations caused by other peers (i.e.
uint32_t reserved
Always 0.
Definition: exit.h:47
uint16_t destination_port
Destination port (in NBO).
struct GNUNET_CADET_Channel * channel
Cadet channel that is used for this connection.
#define GNUNET_SYSERR
Definition: gnunet_common.h:79
void GNUNET_CADET_receive_done(struct GNUNET_CADET_Channel *channel)
Send an ack on the channel to confirm the processing of a message.
Definition: cadet_api.c:955
static struct GNUNET_STATISTICS_Handle * stats
Statistics.
#define GNUNET_log(kind,...)
static void send_tcp_packet_via_tun(const struct SocketAddress *destination_address, const struct SocketAddress *source_address, const struct GNUNET_TUN_TcpHeader *tcp_header, const void *payload, size_t payload_length)
Send a TCP packet via the TUN interface.
int is_dns
GNUNET_NO if this is a channel for TCP/UDP, GNUNET_YES if this is a channel for DNS, GNUNET_SYSERR if the channel is not yet initialized.
union ChannelState::@13 specifics
This struct is saved into connections_map to allow finding the right channel given an IP packet from ...
struct ChannelState::@13::@14 tcp_udp
struct GNUNET_MessageHeader header
Type is GNUNET_MESSAGE_TYPE_VPN_TCP_TO_SERVICE_START.
Definition: exit.h:42
Message send via cadet to an exit daemon to initiate forwarding of TCP data to a local service...
Definition: exit.h:37
struct GNUNET_PeerIdentity peer
Who is the other end of this channel.
const char * GNUNET_i2s(const struct GNUNET_PeerIdentity *pid)
Convert a peer identity to a string (for printing debug messages).
#define gettext_noop(String)
Definition: gettext.h:69
Here is the call graph for this function:

◆ check_tcp_remote()

static int check_tcp_remote ( void *  cls,
const struct GNUNET_EXIT_TcpInternetStartMessage start 
)
static

Check a request to forward TCP data to the Internet via this peer.

Parameters
clsour struct ChannelState *
startthe actual message
Returns
GNUNET_OK to keep the connection open, GNUNET_SYSERR to close it (signal serious error)

Definition at line 1646 of file gnunet-daemon-exit.c.

References GNUNET_break_op, GNUNET_OK, GNUNET_SYSERR, GNUNET_YES, ChannelState::is_dns, GNUNET_TUN_TcpHeader::off, ChannelState::specifics, state, GNUNET_EXIT_TcpInternetStartMessage::tcp_header, and ChannelState::tcp_udp.

1648 {
1649  struct ChannelState *state = cls;
1650 
1651  if (NULL == state)
1652  {
1653  GNUNET_break_op (0);
1654  return GNUNET_SYSERR;
1655  }
1656  if (GNUNET_YES == state->is_dns)
1657  {
1658  GNUNET_break_op (0);
1659  return GNUNET_SYSERR;
1660  }
1661  if ( (NULL != state->specifics.tcp_udp.serv) ||
1662  (NULL != state->specifics.tcp_udp.heap_node) )
1663  {
1664  GNUNET_break_op (0);
1665  return GNUNET_SYSERR;
1666  }
1667  if (start->tcp_header.off * 4 < sizeof (struct GNUNET_TUN_TcpHeader))
1668  {
1669  GNUNET_break_op (0);
1670  return GNUNET_SYSERR;
1671  }
1672  return GNUNET_OK;
1673 }
#define GNUNET_OK
Named constants for return values.
Definition: gnunet_common.h:78
enum State state
current state of profiling
struct GNUNET_TUN_TcpHeader tcp_header
Skeleton of the TCP header to send.
Definition: exit.h:79
#define GNUNET_break_op(cond)
Use this for assertion violations caused by other peers (i.e.
#define GNUNET_SYSERR
Definition: gnunet_common.h:79
TCP packet header.
int is_dns
GNUNET_NO if this is a channel for TCP/UDP, GNUNET_YES if this is a channel for DNS, GNUNET_SYSERR if the channel is not yet initialized.
union ChannelState::@13 specifics
This struct is saved into connections_map to allow finding the right channel given an IP packet from ...
#define GNUNET_YES
Definition: gnunet_common.h:80
unsigned int off
Number of 32-bit words in TCP header.
struct ChannelState::@13::@14 tcp_udp

◆ handle_tcp_remote()

static void handle_tcp_remote ( void *  cls,
const struct GNUNET_EXIT_TcpInternetStartMessage start 
)
static

Process a request to forward TCP data to the Internet via this peer.

Parameters
clsour struct ChannelState *
startthe actual message

Definition at line 1683 of file gnunet-daemon-exit.c.

References GNUNET_EXIT_TcpInternetStartMessage::af, SocketAddress::af, buf, ChannelState::channel, GNUNET_TUN_TcpHeader::destination_port, gettext_noop, GNUNET_break_op, GNUNET_CADET_receive_done(), GNUNET_ERROR_TYPE_DEBUG, GNUNET_i2s(), GNUNET_log, GNUNET_NO, GNUNET_STATISTICS_update(), GNUNET_SYSERR, GNUNET_EXIT_TcpInternetStartMessage::header, ipv4_exit, ipv6_exit, ChannelState::is_dns, payload, ChannelState::peer, send_tcp_packet_via_tun(), setup_state_record(), GNUNET_MessageHeader::size, ChannelState::specifics, state, GNUNET_EXIT_TcpInternetStartMessage::tcp_header, and ChannelState::tcp_udp.

1685 {
1686  struct ChannelState *state = cls;
1687  uint16_t pkt_len = ntohs (start->header.size) - sizeof (struct GNUNET_EXIT_TcpInternetStartMessage);
1688  const struct in_addr *v4;
1689  const struct in6_addr *v6;
1690  const void *payload;
1691  int af;
1692 
1693  if (GNUNET_SYSERR == state->is_dns)
1694  {
1695  /* channel is UDP/TCP from now on */
1696  state->is_dns = GNUNET_NO;
1697  }
1699  gettext_noop ("# Bytes received from CADET"),
1700  pkt_len, GNUNET_NO);
1702  gettext_noop ("# TCP IP-exit creation requests received via cadet"),
1703  1, GNUNET_NO);
1704  af = (int) ntohl (start->af);
1705  state->specifics.tcp_udp.ri.remote_address.af = af;
1706  switch (af)
1707  {
1708  case AF_INET:
1709  if (pkt_len < sizeof (struct in_addr))
1710  {
1711  GNUNET_break_op (0);
1712  return;
1713  }
1714  if (! ipv4_exit)
1715  {
1716  GNUNET_break_op (0);
1717  return;
1718  }
1719  v4 = (const struct in_addr*) &start[1];
1720  payload = &v4[1];
1721  pkt_len -= sizeof (struct in_addr);
1722  state->specifics.tcp_udp.ri.remote_address.address.ipv4 = *v4;
1723  break;
1724  case AF_INET6:
1725  if (pkt_len < sizeof (struct in6_addr))
1726  {
1727  GNUNET_break_op (0);
1728  return;
1729  }
1730  if (! ipv6_exit)
1731  {
1732  GNUNET_break_op (0);
1733  return;
1734  }
1735  v6 = (const struct in6_addr*) &start[1];
1736  payload = &v6[1];
1737  pkt_len -= sizeof (struct in6_addr);
1738  state->specifics.tcp_udp.ri.remote_address.address.ipv6 = *v6;
1739  break;
1740  default:
1741  GNUNET_break_op (0);
1742  return;
1743  }
1744  {
1745  char buf[INET6_ADDRSTRLEN];
1747  "Received payload from %s for existing TCP stream to %s:%u\n",
1748  GNUNET_i2s (&state->peer),
1749  inet_ntop (af,
1750  &state->specifics.tcp_udp.ri.remote_address.address,
1751  buf, sizeof (buf)),
1752  (unsigned int) ntohs (start->tcp_header.destination_port));
1753  }
1754  state->specifics.tcp_udp.ri.remote_address.proto = IPPROTO_TCP;
1755  state->specifics.tcp_udp.ri.remote_address.port = ntohs (start->tcp_header.destination_port);
1756  setup_state_record (state);
1757  send_tcp_packet_via_tun (&state->specifics.tcp_udp.ri.remote_address,
1758  &state->specifics.tcp_udp.ri.local_address,
1759  &start->tcp_header,
1760  payload,
1761  pkt_len);
1763 }
#define GNUNET_NO
Definition: gnunet_common.h:81
int32_t af
Address family, AF_INET or AF_INET6, in network byte order.
Definition: exit.h:73
uint16_t size
The length of the struct (in bytes, including the length field itself), in big-endian format...
void GNUNET_STATISTICS_update(struct GNUNET_STATISTICS_Handle *handle, const char *name, int64_t delta, int make_persistent)
Set statistic value for the peer.
static int ipv6_exit
Are we an IPv6-exit?
static void setup_state_record(struct ChannelState *state)
We are starting a fresh connection (TCP or UDP) and need to pick a source port and IP address (within...
enum State state
current state of profiling
struct GNUNET_TUN_TcpHeader tcp_header
Skeleton of the TCP header to send.
Definition: exit.h:79
#define GNUNET_break_op(cond)
Use this for assertion violations caused by other peers (i.e.
static char buf[2048]
uint16_t destination_port
Destination port (in NBO).
struct GNUNET_CADET_Channel * channel
Cadet channel that is used for this connection.
static int ipv4_exit
Are we an IPv4-exit?
#define GNUNET_SYSERR
Definition: gnunet_common.h:79
static unsigned long long payload
How much data are we currently storing in the database?
void GNUNET_CADET_receive_done(struct GNUNET_CADET_Channel *channel)
Send an ack on the channel to confirm the processing of a message.
Definition: cadet_api.c:955
static struct GNUNET_STATISTICS_Handle * stats
Statistics.
struct GNUNET_MessageHeader header
Type is GNUNET_MESSAGE_TYPE_VPN_TCP_TO_INTERNET_START.
Definition: exit.h:68
#define GNUNET_log(kind,...)
static void send_tcp_packet_via_tun(const struct SocketAddress *destination_address, const struct SocketAddress *source_address, const struct GNUNET_TUN_TcpHeader *tcp_header, const void *payload, size_t payload_length)
Send a TCP packet via the TUN interface.
Message send via cadet to an exit daemon to initiate forwarding of TCP data to the Internet...
Definition: exit.h:63
int is_dns
GNUNET_NO if this is a channel for TCP/UDP, GNUNET_YES if this is a channel for DNS, GNUNET_SYSERR if the channel is not yet initialized.
union ChannelState::@13 specifics
This struct is saved into connections_map to allow finding the right channel given an IP packet from ...
struct ChannelState::@13::@14 tcp_udp
struct GNUNET_PeerIdentity peer
Who is the other end of this channel.
const char * GNUNET_i2s(const struct GNUNET_PeerIdentity *pid)
Convert a peer identity to a string (for printing debug messages).
#define gettext_noop(String)
Definition: gettext.h:69
Here is the call graph for this function:

◆ check_tcp_data()

static int check_tcp_data ( void *  cls,
const struct GNUNET_EXIT_TcpDataMessage data 
)
static

Check a request to forward TCP data on an established connection via this peer.

Parameters
clsour struct ChannelState *
messagethe actual message
Returns
GNUNET_OK to keep the connection open, GNUNET_SYSERR to close it (signal serious error)

Definition at line 1776 of file gnunet-daemon-exit.c.

References gettext_noop, GNUNET_break_op, GNUNET_NO, GNUNET_OK, GNUNET_STATISTICS_update(), GNUNET_SYSERR, GNUNET_YES, ChannelState::is_dns, GNUNET_TUN_TcpHeader::off, ChannelState::specifics, state, GNUNET_EXIT_TcpDataMessage::tcp_header, and ChannelState::tcp_udp.

1778 {
1779  struct ChannelState *state = cls;
1780 
1781  if ( (NULL == state) ||
1782  (NULL == state->specifics.tcp_udp.heap_node) )
1783  {
1784  /* connection should have been up! */
1786  gettext_noop ("# TCP DATA requests dropped (no session)"),
1787  1, GNUNET_NO);
1788  GNUNET_break_op (0);
1789  return GNUNET_SYSERR;
1790  }
1791  if (data->tcp_header.off * 4 < sizeof (struct GNUNET_TUN_TcpHeader))
1792  {
1793  GNUNET_break_op (0);
1794  return GNUNET_SYSERR;
1795  }
1796  if (GNUNET_YES == state->is_dns)
1797  {
1798  GNUNET_break_op (0);
1799  return GNUNET_SYSERR;
1800  }
1801  return GNUNET_OK;
1802 }
#define GNUNET_NO
Definition: gnunet_common.h:81
#define GNUNET_OK
Named constants for return values.
Definition: gnunet_common.h:78
struct GNUNET_TUN_TcpHeader tcp_header
Skeleton of the TCP header to send.
Definition: exit.h:110
void GNUNET_STATISTICS_update(struct GNUNET_STATISTICS_Handle *handle, const char *name, int64_t delta, int make_persistent)
Set statistic value for the peer.
enum State state
current state of profiling
#define GNUNET_break_op(cond)
Use this for assertion violations caused by other peers (i.e.
#define GNUNET_SYSERR
Definition: gnunet_common.h:79
TCP packet header.
static struct GNUNET_STATISTICS_Handle * stats
Statistics.
int is_dns
GNUNET_NO if this is a channel for TCP/UDP, GNUNET_YES if this is a channel for DNS, GNUNET_SYSERR if the channel is not yet initialized.
union ChannelState::@13 specifics
This struct is saved into connections_map to allow finding the right channel given an IP packet from ...
#define GNUNET_YES
Definition: gnunet_common.h:80
unsigned int off
Number of 32-bit words in TCP header.
struct ChannelState::@13::@14 tcp_udp
#define gettext_noop(String)
Definition: gettext.h:69
Here is the call graph for this function:

◆ handle_tcp_data()

static void handle_tcp_data ( void *  cls,
const struct GNUNET_EXIT_TcpDataMessage data 
)
static

Process a request to forward TCP data on an established connection via this peer.

Parameters
clsour struct ChannelState *
messagethe actual message

Definition at line 1813 of file gnunet-daemon-exit.c.

References buf, ChannelState::channel, gettext_noop, GNUNET_break_op, GNUNET_CADET_receive_done(), GNUNET_ERROR_TYPE_DEBUG, GNUNET_i2s(), GNUNET_log, GNUNET_NO, GNUNET_STATISTICS_update(), GNUNET_SYSERR, GNUNET_EXIT_TcpDataMessage::header, ChannelState::is_dns, ChannelState::peer, GNUNET_EXIT_TcpDataMessage::reserved, send_tcp_packet_via_tun(), GNUNET_MessageHeader::size, ChannelState::specifics, state, GNUNET_EXIT_TcpDataMessage::tcp_header, and ChannelState::tcp_udp.

1815 {
1816  struct ChannelState *state = cls;
1817  uint16_t pkt_len = ntohs (data->header.size) - sizeof (struct GNUNET_EXIT_TcpDataMessage);
1818 
1820  gettext_noop ("# Bytes received from CADET"),
1821  pkt_len, GNUNET_NO);
1823  gettext_noop ("# TCP data requests received via cadet"),
1824  1, GNUNET_NO);
1825  if (GNUNET_SYSERR == state->is_dns)
1826  {
1827  /* channel is UDP/TCP from now on */
1828  state->is_dns = GNUNET_NO;
1829  }
1830 
1831  GNUNET_break_op (ntohl (data->reserved) == 0);
1832  {
1833  char buf[INET6_ADDRSTRLEN];
1835  "Received additional %u bytes of data from %s for TCP stream to %s:%u\n",
1836  pkt_len,
1837  GNUNET_i2s (&state->peer),
1838  inet_ntop (state->specifics.tcp_udp.ri.remote_address.af,
1839  &state->specifics.tcp_udp.ri.remote_address.address,
1840  buf, sizeof (buf)),
1841  (unsigned int) state->specifics.tcp_udp.ri.remote_address.port);
1842  }
1843 
1844  send_tcp_packet_via_tun (&state->specifics.tcp_udp.ri.remote_address,
1845  &state->specifics.tcp_udp.ri.local_address,
1846  &data->tcp_header,
1847  &data[1], pkt_len);
1849 }
#define GNUNET_NO
Definition: gnunet_common.h:81
struct GNUNET_TUN_TcpHeader tcp_header
Skeleton of the TCP header to send.
Definition: exit.h:110
uint16_t size
The length of the struct (in bytes, including the length field itself), in big-endian format...
void GNUNET_STATISTICS_update(struct GNUNET_STATISTICS_Handle *handle, const char *name, int64_t delta, int make_persistent)
Set statistic value for the peer.
enum State state
current state of profiling
#define GNUNET_break_op(cond)
Use this for assertion violations caused by other peers (i.e.
static char buf[2048]
struct GNUNET_CADET_Channel * channel
Cadet channel that is used for this connection.
#define GNUNET_SYSERR
Definition: gnunet_common.h:79
void GNUNET_CADET_receive_done(struct GNUNET_CADET_Channel *channel)
Send an ack on the channel to confirm the processing of a message.
Definition: cadet_api.c:955
static struct GNUNET_STATISTICS_Handle * stats
Statistics.
#define GNUNET_log(kind,...)
static void send_tcp_packet_via_tun(const struct SocketAddress *destination_address, const struct SocketAddress *source_address, const struct GNUNET_TUN_TcpHeader *tcp_header, const void *payload, size_t payload_length)
Send a TCP packet via the TUN interface.
int is_dns
GNUNET_NO if this is a channel for TCP/UDP, GNUNET_YES if this is a channel for DNS, GNUNET_SYSERR if the channel is not yet initialized.
union ChannelState::@13 specifics
struct GNUNET_MessageHeader header
Type is #GNUNET_MESSAGE_TYPE_VPN_TCP_DATA.
Definition: exit.h:99
This struct is saved into connections_map to allow finding the right channel given an IP packet from ...
struct ChannelState::@13::@14 tcp_udp
struct GNUNET_PeerIdentity peer
Who is the other end of this channel.
Message send via cadet between VPN and entry and an exit daemon to transmit TCP data between the VPN ...
Definition: exit.h:94
uint32_t reserved
Always 0.
Definition: exit.h:104
const char * GNUNET_i2s(const struct GNUNET_PeerIdentity *pid)
Convert a peer identity to a string (for printing debug messages).
#define gettext_noop(String)
Definition: gettext.h:69
Here is the call graph for this function:

◆ make_up_icmpv4_payload()

static void make_up_icmpv4_payload ( struct ChannelState state,
struct GNUNET_TUN_IPv4Header ipp,
struct GNUNET_TUN_UdpHeader udp 
)
static

Synthesize a plausible ICMP payload for an ICMPv4 error response on the given channel.

Parameters
statechannel information
ippIPv6 header to fill in (ICMP payload)
udp"UDP" header to fill in (ICMP payload); might actually also be the first 8 bytes of the TCP header

Definition at line 1862 of file gnunet-daemon-exit.c.

References GNUNET_TUN_UdpHeader::crc, GNUNET_TUN_UdpHeader::destination_port, GNUNET_TUN_initialize_ipv4_header(), GNUNET_TUN_UdpHeader::len, GNUNET_TUN_UdpHeader::source_port, ChannelState::specifics, and ChannelState::tcp_udp.

Referenced by handle_icmp_remote(), and make_up_icmp_service_payload().

1865 {
1867  state->specifics.tcp_udp.ri.remote_address.proto,
1868  sizeof (struct GNUNET_TUN_TcpHeader),
1869  &state->specifics.tcp_udp.ri.remote_address.address.ipv4,
1870  &state->specifics.tcp_udp.ri.local_address.address.ipv4);
1871  udp->source_port = htons (state->specifics.tcp_udp.ri.remote_address.port);
1872  udp->destination_port = htons (state->specifics.tcp_udp.ri.local_address.port);
1873  udp->len = htons (0);
1874  udp->crc = htons (0);
1875 }
uint16_t destination_port
Destination port (in NBO).
uint16_t len
Number of bytes of payload.
void GNUNET_TUN_initialize_ipv4_header(struct GNUNET_TUN_IPv4Header *ip, uint8_t protocol, uint16_t payload_length, const struct in_addr *src, const struct in_addr *dst)
Initialize an IPv4 header.
Definition: tun.c:46
TCP packet header.
uint16_t crc
Checksum.
uint16_t source_port
Source port (in NBO).
union ChannelState::@13 specifics
struct ChannelState::@13::@14 tcp_udp
Here is the call graph for this function:
Here is the caller graph for this function:

◆ make_up_icmpv6_payload()

static void make_up_icmpv6_payload ( struct ChannelState state,
struct GNUNET_TUN_IPv6Header ipp,
struct GNUNET_TUN_UdpHeader udp 
)
static

Synthesize a plausible ICMP payload for an ICMPv6 error response on the given channel.

Parameters
statechannel information
ippIPv6 header to fill in (ICMP payload)
udp"UDP" header to fill in (ICMP payload); might actually also be the first 8 bytes of the TCP header

Definition at line 1888 of file gnunet-daemon-exit.c.

References GNUNET_TUN_UdpHeader::crc, GNUNET_TUN_UdpHeader::destination_port, GNUNET_TUN_initialize_ipv6_header(), GNUNET_TUN_UdpHeader::len, GNUNET_TUN_UdpHeader::source_port, ChannelState::specifics, and ChannelState::tcp_udp.

Referenced by handle_icmp_remote(), and make_up_icmp_service_payload().

1891 {
1893  state->specifics.tcp_udp.ri.remote_address.proto,
1894  sizeof (struct GNUNET_TUN_TcpHeader),
1895  &state->specifics.tcp_udp.ri.remote_address.address.ipv6,
1896  &state->specifics.tcp_udp.ri.local_address.address.ipv6);
1897  udp->source_port = htons (state->specifics.tcp_udp.ri.remote_address.port);
1898  udp->destination_port = htons (state->specifics.tcp_udp.ri.local_address.port);
1899  udp->len = htons (0);
1900  udp->crc = htons (0);
1901 }
uint16_t destination_port
Destination port (in NBO).
uint16_t len
Number of bytes of payload.
TCP packet header.
uint16_t crc
Checksum.
uint16_t source_port
Source port (in NBO).
union ChannelState::@13 specifics
struct ChannelState::@13::@14 tcp_udp
void GNUNET_TUN_initialize_ipv6_header(struct GNUNET_TUN_IPv6Header *ip, uint8_t protocol, uint16_t payload_length, const struct in6_addr *src, const struct in6_addr *dst)
Initialize an IPv6 header.
Definition: tun.c:81
Here is the call graph for this function:
Here is the caller graph for this function:

◆ check_icmp_remote()

static int check_icmp_remote ( void *  cls,
const struct GNUNET_EXIT_IcmpInternetMessage msg 
)
static

Check a request to forward ICMP data to the Internet via this peer.

Parameters
clsour struct ChannelState *
msgthe actual message
Returns
GNUNET_OK to keep the connection open, GNUNET_SYSERR to close it (signal serious error)

Definition at line 1913 of file gnunet-daemon-exit.c.

References GNUNET_break_op, GNUNET_OK, GNUNET_SYSERR, GNUNET_YES, ChannelState::is_dns, and state.

1915 {
1916  struct ChannelState *state = cls;
1917 
1918  if (GNUNET_YES == state->is_dns)
1919  {
1920  GNUNET_break_op (0);
1921  return GNUNET_SYSERR;
1922  }
1923  return GNUNET_OK;
1924 }
#define GNUNET_OK
Named constants for return values.
Definition: gnunet_common.h:78
enum State state
current state of profiling
#define GNUNET_break_op(cond)
Use this for assertion violations caused by other peers (i.e.
#define GNUNET_SYSERR
Definition: gnunet_common.h:79
int is_dns
GNUNET_NO if this is a channel for TCP/UDP, GNUNET_YES if this is a channel for DNS, GNUNET_SYSERR if the channel is not yet initialized.
This struct is saved into connections_map to allow finding the right channel given an IP packet from ...
#define GNUNET_YES
Definition: gnunet_common.h:80

◆ handle_icmp_remote()

static void handle_icmp_remote ( void *  cls,
const struct GNUNET_EXIT_IcmpInternetMessage msg 
)
static

Process a request to forward ICMP data to the Internet via this peer.

Parameters
clsour struct ChannelState *
msgthe actual message

Definition at line 1934 of file gnunet-daemon-exit.c.

References SocketAddress::af, GNUNET_EXIT_IcmpInternetMessage::af, buf, ChannelState::channel, gettext_noop, GNUNET_assert, GNUNET_break_op, GNUNET_CADET_receive_done(), GNUNET_ERROR_TYPE_DEBUG, GNUNET_i2s(), GNUNET_log, GNUNET_NO, GNUNET_STATISTICS_update(), GNUNET_SYSERR, GNUNET_TUN_ICMPTYPE6_DESTINATION_UNREACHABLE, GNUNET_TUN_ICMPTYPE6_ECHO_REPLY, GNUNET_TUN_ICMPTYPE6_ECHO_REQUEST, GNUNET_TUN_ICMPTYPE6_PACKET_TOO_BIG, GNUNET_TUN_ICMPTYPE6_PARAMETER_PROBLEM, GNUNET_TUN_ICMPTYPE6_TIME_EXCEEDED, GNUNET_TUN_ICMPTYPE_DESTINATION_UNREACHABLE, GNUNET_TUN_ICMPTYPE_ECHO_REPLY, GNUNET_TUN_ICMPTYPE_ECHO_REQUEST, GNUNET_TUN_ICMPTYPE_SOURCE_QUENCH, GNUNET_TUN_ICMPTYPE_TIME_EXCEEDED, GNUNET_EXIT_IcmpInternetMessage::header, GNUNET_EXIT_IcmpInternetMessage::icmp_header, ipv4_exit, ipv6_exit, ChannelState::is_dns, make_up_icmpv4_payload(), make_up_icmpv6_payload(), payload, ChannelState::peer, send_icmp_packet_via_tun(), setup_state_record(), GNUNET_MessageHeader::size, ChannelState::specifics, state, ChannelState::tcp_udp, GNUNET_TUN_IcmpHeader::type, and udp.

1936 {
1937  struct ChannelState *state = cls;
1938  uint16_t pkt_len = ntohs (msg->header.size) - sizeof (struct GNUNET_EXIT_IcmpInternetMessage);
1939  const struct in_addr *v4;
1940  const struct in6_addr *v6;
1941  const void *payload;
1942  char buf[sizeof (struct GNUNET_TUN_IPv6Header) + 8] GNUNET_ALIGN;
1943  int af;
1944 
1945  if (GNUNET_SYSERR == state->is_dns)
1946  {
1947  /* channel is UDP/TCP from now on */
1948  state->is_dns = GNUNET_NO;
1949  }
1951  gettext_noop ("# Bytes received from CADET"),
1952  pkt_len, GNUNET_NO);
1954  gettext_noop ("# ICMP IP-exit requests received via cadet"),
1955  1, GNUNET_NO);
1956 
1957  af = (int) ntohl (msg->af);
1958  if ( (NULL != state->specifics.tcp_udp.heap_node) &&
1959  (af != state->specifics.tcp_udp.ri.remote_address.af) )
1960  {
1961  /* other peer switched AF on this channel; not allowed */
1962  GNUNET_break_op (0);
1963  return;
1964  }
1965 
1966  switch (af)
1967  {
1968  case AF_INET:
1969  if (pkt_len < sizeof (struct in_addr))
1970  {
1971  GNUNET_break_op (0);
1972  return;
1973  }
1974  if (! ipv4_exit)
1975  {
1976  GNUNET_break_op (0);
1977  return;
1978  }
1979  v4 = (const struct in_addr*) &msg[1];
1980  payload = &v4[1];
1981  pkt_len -= sizeof (struct in_addr);
1982  state->specifics.tcp_udp.ri.remote_address.address.ipv4 = *v4;
1983  if (NULL == state->specifics.tcp_udp.heap_node)
1984  {
1985  state->specifics.tcp_udp.ri.remote_address.af = af;
1986  state->specifics.tcp_udp.ri.remote_address.proto = IPPROTO_ICMP;
1987  setup_state_record (state);
1988  }
1989  /* check that ICMP type is something we want to support
1990  and possibly make up payload! */
1991  switch (msg->icmp_header.type)
1992  {
1995  break;
1999  if (0 != pkt_len)
2000  {
2001  GNUNET_break_op (0);
2002  return;
2003  }
2004  /* make up payload */
2005  {
2006  struct GNUNET_TUN_IPv4Header *ipp = (struct GNUNET_TUN_IPv4Header *) buf;
2007  struct GNUNET_TUN_UdpHeader *udp = (struct GNUNET_TUN_UdpHeader *) &ipp[1];
2008 
2009  GNUNET_assert (8 == sizeof (struct GNUNET_TUN_UdpHeader));
2010  pkt_len = sizeof (struct GNUNET_TUN_IPv4Header) + 8;
2011  make_up_icmpv4_payload (state,
2012  ipp,
2013  udp);
2014  payload = ipp;
2015  }
2016  break;
2017  default:
2018  GNUNET_break_op (0);
2020  gettext_noop ("# ICMPv4 packets dropped (type not allowed)"),
2021  1, GNUNET_NO);
2022  return;
2023  }
2024  /* end AF_INET */
2025  break;
2026  case AF_INET6:
2027  if (pkt_len < sizeof (struct in6_addr))
2028  {
2029  GNUNET_break_op (0);
2030  return;
2031  }
2032  if (! ipv6_exit)
2033  {
2034  GNUNET_break_op (0);
2035  return;
2036  }
2037  v6 = (const struct in6_addr*) &msg[1];
2038  payload = &v6[1];
2039  pkt_len -= sizeof (struct in6_addr);
2040  state->specifics.tcp_udp.ri.remote_address.address.ipv6 = *v6;
2041  if (NULL == state->specifics.tcp_udp.heap_node)
2042  {
2043  state->specifics.tcp_udp.ri.remote_address.af = af;
2044  state->specifics.tcp_udp.ri.remote_address.proto = IPPROTO_ICMPV6;
2045  setup_state_record (state);
2046  }
2047  /* check that ICMP type is something we want to support
2048  and possibly make up payload! */
2049  switch (msg->icmp_header.type)
2050  {
2053  break;
2058  if (0 != pkt_len)
2059  {
2060  GNUNET_break_op (0);
2061  return;
2062  }
2063  /* make up payload */
2064  {
2065  struct GNUNET_TUN_IPv6Header *ipp = (struct GNUNET_TUN_IPv6Header *) buf;
2066  struct GNUNET_TUN_UdpHeader *udp = (struct GNUNET_TUN_UdpHeader *) &ipp[1];
2067 
2068  GNUNET_assert (8 == sizeof (struct GNUNET_TUN_UdpHeader));
2069  pkt_len = sizeof (struct GNUNET_TUN_IPv6Header) + 8;
2070  make_up_icmpv6_payload (state,
2071  ipp,
2072  udp);
2073  payload = ipp;
2074  }
2075  break;
2076  default:
2077  GNUNET_break_op (0);
2079  gettext_noop ("# ICMPv6 packets dropped (type not allowed)"),
2080  1, GNUNET_NO);
2081  return;
2082  }
2083  /* end AF_INET6 */
2084  break;
2085  default:
2086  /* bad AF */
2087  GNUNET_break_op (0);
2088  return;
2089  }
2090 
2091  {
2092  char buf[INET6_ADDRSTRLEN];
2094  "Received ICMP data from %s for forwarding to %s\n",
2095  GNUNET_i2s (&state->peer),
2096  inet_ntop (af,
2097  &state->specifics.tcp_udp.ri.remote_address.address,
2098  buf, sizeof (buf)));
2099  }
2100  send_icmp_packet_via_tun (&state->specifics.tcp_udp.ri.remote_address,
2101  &state->specifics.tcp_udp.ri.local_address,
2102  &msg->icmp_header,
2103  payload, pkt_len);
2105 }
static int udp
Option -u: UDP requested.
Definition: gnunet-vpn.c:76
#define GNUNET_TUN_ICMPTYPE_TIME_EXCEEDED
int32_t af
Address family, AF_INET or AF_INET6, in network byte order.
Definition: exit.h:249
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
UDP packet header.
#define GNUNET_NO
Definition: gnunet_common.h:81
Standard IPv4 header.
uint16_t size
The length of the struct (in bytes, including the length field itself), in big-endian format...
void GNUNET_STATISTICS_update(struct GNUNET_STATISTICS_Handle *handle, const char *name, int64_t delta, int make_persistent)
Set statistic value for the peer.
#define GNUNET_TUN_ICMPTYPE_SOURCE_QUENCH
static int ipv6_exit
Are we an IPv6-exit?
static void make_up_icmpv6_payload(struct ChannelState *state, struct GNUNET_TUN_IPv6Header *ipp, struct GNUNET_TUN_UdpHeader *udp)
Synthesize a plausible ICMP payload for an ICMPv6 error response on the given channel.
static void setup_state_record(struct ChannelState *state)
We are starting a fresh connection (TCP or UDP) and need to pick a source port and IP address (within...
#define GNUNET_TUN_ICMPTYPE6_DESTINATION_UNREACHABLE
#define GNUNET_TUN_ICMPTYPE6_TIME_EXCEEDED
#define GNUNET_TUN_ICMPTYPE6_ECHO_REPLY
enum State state
current state of profiling
#define GNUNET_break_op(cond)
Use this for assertion violations caused by other peers (i.e.
#define GNUNET_TUN_ICMPTYPE6_PACKET_TOO_BIG
Message send via cadet to an exit daemon to forward ICMP data to the Internet.
Definition: exit.h:236
static char buf[2048]
struct GNUNET_CADET_Channel * channel
Cadet channel that is used for this connection.
static void send_icmp_packet_via_tun(const struct SocketAddress *destination_address, const struct SocketAddress *source_address, const struct GNUNET_TUN_IcmpHeader *icmp_header, const void *payload, size_t payload_length)
Send an ICMP packet via the TUN interface.
static int ipv4_exit
Are we an IPv4-exit?
#define GNUNET_SYSERR
Definition: gnunet_common.h:79
#define GNUNET_TUN_ICMPTYPE_DESTINATION_UNREACHABLE
static unsigned long long payload
How much data are we currently storing in the database?
Standard IPv6 header.
#define GNUNET_TUN_ICMPTYPE_ECHO_REQUEST
#define GNUNET_TUN_ICMPTYPE6_PARAMETER_PROBLEM
#define GNUNET_TUN_ICMPTYPE6_ECHO_REQUEST
void GNUNET_CADET_receive_done(struct GNUNET_CADET_Channel *channel)
Send an ack on the channel to confirm the processing of a message.
Definition: cadet_api.c:955
static void make_up_icmpv4_payload(struct ChannelState *state, struct GNUNET_TUN_IPv4Header *ipp, struct GNUNET_TUN_UdpHeader *udp)
Synthesize a plausible ICMP payload for an ICMPv4 error response on the given channel.
#define GNUNET_ALIGN
gcc-ism to force alignment; we use this to align char-arrays that may then be cast to &#39;struct&#39;s...
static struct GNUNET_STATISTICS_Handle * stats
Statistics.
#define GNUNET_log(kind,...)
int is_dns
GNUNET_NO if this is a channel for TCP/UDP, GNUNET_YES if this is a channel for DNS, GNUNET_SYSERR if the channel is not yet initialized.
union ChannelState::@13 specifics
This struct is saved into connections_map to allow finding the right channel given an IP packet from ...
struct ChannelState::@13::@14 tcp_udp
#define GNUNET_TUN_ICMPTYPE_ECHO_REPLY
struct GNUNET_PeerIdentity peer
Who is the other end of this channel.
const char * GNUNET_i2s(const struct GNUNET_PeerIdentity *pid)
Convert a peer identity to a string (for printing debug messages).
struct GNUNET_TUN_IcmpHeader icmp_header
ICMP header to use.
Definition: exit.h:255
#define gettext_noop(String)
Definition: gettext.h:69
struct GNUNET_MessageHeader header
Type is GNUNET_MESSAGE_TYPE_VPN_ICMP_TO_INTERNET.
Definition: exit.h:241
Here is the call graph for this function:

◆ make_up_icmp_service_payload()

static uint16_t make_up_icmp_service_payload ( struct ChannelState state,
char *  buf 
)
static

Setup ICMP payload for ICMP error messages.

Called for both IPv4 and IPv6 addresses.

Parameters
statecontext for creating the IP Packet
bufwhere to create the payload, has at least sizeof (struct GNUNET_TUN_IPv6Header) + 8 bytes
Returns
number of bytes of payload we created in buf

Definition at line 2118 of file gnunet-daemon-exit.c.

References GNUNET_assert, GNUNET_break, SocketAddress::ipv4, SocketAddress::ipv6, make_up_icmpv4_payload(), make_up_icmpv6_payload(), ChannelState::specifics, ChannelState::tcp_udp, and udp.

Referenced by handle_icmp_service().

2120 {
2121  switch (state->specifics.tcp_udp.serv->address.af)
2122  {
2123  case AF_INET:
2124  {
2125  struct GNUNET_TUN_IPv4Header *ipv4;
2126  struct GNUNET_TUN_UdpHeader *udp;
2127 
2128  ipv4 = (struct GNUNET_TUN_IPv4Header *)buf;
2129  udp = (struct GNUNET_TUN_UdpHeader *) &ipv4[1];
2130  make_up_icmpv4_payload (state,
2131  ipv4,
2132  udp);
2133  GNUNET_assert (8 == sizeof (struct GNUNET_TUN_UdpHeader));
2134  return sizeof (struct GNUNET_TUN_IPv4Header) + 8;
2135  }
2136  break;
2137  case AF_INET6:
2138  {
2139  struct GNUNET_TUN_IPv6Header *ipv6;
2140  struct GNUNET_TUN_UdpHeader *udp;
2141 
2142  ipv6 = (struct GNUNET_TUN_IPv6Header *)buf;
2143  udp = (struct GNUNET_TUN_UdpHeader *) &ipv6[1];
2144  make_up_icmpv6_payload (state,
2145  ipv6,
2146  udp);
2147  GNUNET_assert (8 == sizeof (struct GNUNET_TUN_UdpHeader));
2148  return sizeof (struct GNUNET_TUN_IPv6Header) + 8;
2149  }
2150  break;
2151  default:
2152  GNUNET_break (0);
2153  }
2154  return 0;
2155 }
static int udp
Option -u: UDP requested.
Definition: gnunet-vpn.c:76
static int ipv4
Option -4: IPv4 requested.
Definition: gnunet-vpn.c:61
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
UDP packet header.
Standard IPv4 header.
static void make_up_icmpv6_payload(struct ChannelState *state, struct GNUNET_TUN_IPv6Header *ipp, struct GNUNET_TUN_UdpHeader *udp)
Synthesize a plausible ICMP payload for an ICMPv6 error response on the given channel.
#define GNUNET_break(cond)
Use this for internal assertion violations that are not fatal (can be handled) but should not occur...
static char buf[2048]
Standard IPv6 header.
static void make_up_icmpv4_payload(struct ChannelState *state, struct GNUNET_TUN_IPv4Header *ipp, struct GNUNET_TUN_UdpHeader *udp)
Synthesize a plausible ICMP payload for an ICMPv4 error response on the given channel.
union ChannelState::@13 specifics
struct ChannelState::@13::@14 tcp_udp
static int ipv6
Option -6: IPv6 requested.
Definition: gnunet-vpn.c:66
Here is the call graph for this function:
Here is the caller graph for this function:

◆ check_icmp_service()

static int check_icmp_service ( void *  cls,
const struct GNUNET_EXIT_IcmpServiceMessage msg 
)
static

Check a request via cadet to send ICMP data to a service offered by this system.

Parameters
clsour struct ChannelState *
msgthe actual message
Returns
GNUNET_OK to keep the connection open, GNUNET_SYSERR to close it (signal serious error)

Definition at line 2168 of file gnunet-daemon-exit.c.

References GNUNET_break_op, GNUNET_OK, GNUNET_SYSERR, GNUNET_YES, ChannelState::is_dns, ChannelState::specifics, state, and ChannelState::tcp_udp.

2170 {
2171  struct ChannelState *state = cls;
2172 
2173  if (GNUNET_YES == state->is_dns)
2174  {
2175  GNUNET_break_op (0);
2176  return GNUNET_SYSERR;
2177  }
2178  if (NULL == state->specifics.tcp_udp.serv)
2179  {
2180  GNUNET_break_op (0);
2181  return GNUNET_SYSERR;
2182  }
2183  return GNUNET_OK;
2184 }
#define GNUNET_OK
Named constants for return values.
Definition: gnunet_common.h:78
enum State state
current state of profiling
#define GNUNET_break_op(cond)
Use this for assertion violations caused by other peers (i.e.
#define GNUNET_SYSERR
Definition: gnunet_common.h:79
int is_dns
GNUNET_NO if this is a channel for TCP/UDP, GNUNET_YES if this is a channel for DNS, GNUNET_SYSERR if the channel is not yet initialized.
union ChannelState::@13 specifics
This struct is saved into connections_map to allow finding the right channel given an IP packet from ...
#define GNUNET_YES
Definition: gnunet_common.h:80
struct ChannelState::@13::@14 tcp_udp

◆ handle_icmp_service()

static void handle_icmp_service ( void *  cls,
const struct GNUNET_EXIT_IcmpServiceMessage msg 
)
static

Process a request via cadet to send ICMP data to a service offered by this system.

Parameters
clsour struct ChannelState *
msgthe actual message

Definition at line 2195 of file gnunet-daemon-exit.c.

References GNUNET_EXIT_IcmpServiceMessage::af, buf, ChannelState::channel, gettext_noop, GNUNET_break_op, GNUNET_CADET_receive_done(), GNUNET_ERROR_TYPE_DEBUG, GNUNET_h2s(), GNUNET_i2s(), GNUNET_log, GNUNET_NO, GNUNET_STATISTICS_update(), GNUNET_TUN_ICMPTYPE6_DESTINATION_UNREACHABLE, GNUNET_TUN_ICMPTYPE6_ECHO_REPLY, GNUNET_TUN_ICMPTYPE6_ECHO_REQUEST, GNUNET_TUN_ICMPTYPE6_PACKET_TOO_BIG, GNUNET_TUN_ICMPTYPE6_PARAMETER_PROBLEM, GNUNET_TUN_ICMPTYPE6_TIME_EXCEEDED, GNUNET_TUN_ICMPTYPE_DESTINATION_UNREACHABLE, GNUNET_TUN_ICMPTYPE_ECHO_REPLY, GNUNET_TUN_ICMPTYPE_ECHO_REQUEST, GNUNET_TUN_ICMPTYPE_SOURCE_QUENCH, GNUNET_TUN_ICMPTYPE_TIME_EXCEEDED, GNUNET_EXIT_IcmpServiceMessage::header, GNUNET_EXIT_IcmpServiceMessage::icmp_header, make_up_icmp_service_payload(), payload, ChannelState::peer, send_icmp_packet_via_tun(), setup_state_record(), GNUNET_MessageHeader::size, ChannelState::specifics, state, ChannelState::tcp_udp, and GNUNET_TUN_IcmpHeader::type.

2197 {
2198  struct ChannelState *state = cls;
2199  uint16_t pkt_len = ntohs (msg->header.size) - sizeof (struct GNUNET_EXIT_IcmpServiceMessage);
2200  struct GNUNET_TUN_IcmpHeader icmp;
2201  char buf[sizeof (struct GNUNET_TUN_IPv6Header) + 8] GNUNET_ALIGN;
2202  const void *payload;
2203 
2205  gettext_noop ("# Bytes received from CADET"),
2206  pkt_len, GNUNET_NO);
2208  gettext_noop ("# ICMP service requests received via cadet"),
2209  1, GNUNET_NO);
2210  /* check that we got at least a valid header */
2212  "Received data from %s for forwarding to ICMP service %s\n",
2213  GNUNET_i2s (&state->peer),
2214  GNUNET_h2s (&state->specifics.tcp_udp.serv->descriptor));
2215  icmp = msg->icmp_header;
2216  payload = &msg[1];
2217  state->specifics.tcp_udp.ri.remote_address
2218  = state->specifics.tcp_udp.serv->address;
2219  setup_state_record (state);
2220 
2221  /* check that ICMP type is something we want to support,
2222  perform ICMP PT if needed ans possibly make up payload */
2223  switch (msg->af)
2224  {
2225  case AF_INET:
2226  switch (msg->icmp_header.type)
2227  {
2229  if (state->specifics.tcp_udp.serv->address.af == AF_INET6)
2230  icmp.type = GNUNET_TUN_ICMPTYPE6_ECHO_REPLY;
2231  break;
2233  if (state->specifics.tcp_udp.serv->address.af == AF_INET6)
2235  break;
2237  if (state->specifics.tcp_udp.serv->address.af == AF_INET6)
2239  if (0 != pkt_len)
2240  {
2241  GNUNET_break_op (0);
2242  return;
2243  }
2244  payload = buf;
2245  pkt_len = make_up_icmp_service_payload (state, buf);
2246  break;
2248  if (state->specifics.tcp_udp.serv->address.af == AF_INET6)
2250  if (0 != pkt_len)
2251  {
2252  GNUNET_break_op (0);
2253  return;
2254  }
2255  payload = buf;
2256  pkt_len = make_up_icmp_service_payload (state, buf);
2257  break;
2259  if (state->specifics.tcp_udp.serv->address.af == AF_INET6)
2260  {
2262  gettext_noop ("# ICMPv4 packets dropped (impossible PT to v6)"),
2263  1, GNUNET_NO);
2264  return;
2265  }
2266  if (0 != pkt_len)
2267  {
2268  GNUNET_break_op (0);
2269  return;
2270  }
2271  payload = buf;
2272  pkt_len = make_up_icmp_service_payload (state, buf);
2273  break;
2274  default:
2275  GNUNET_break_op (0);
2277  gettext_noop ("# ICMPv4 packets dropped (type not allowed)"),
2278  1, GNUNET_NO);
2279  return;
2280  }
2281  /* end of AF_INET */
2282  break;
2283  case AF_INET6:
2284  switch (msg->icmp_header.type)
2285  {
2287  if (state->specifics.tcp_udp.serv->address.af == AF_INET)
2288  icmp.type = GNUNET_TUN_ICMPTYPE_ECHO_REPLY;
2289  break;
2291  if (state->specifics.tcp_udp.serv->address.af == AF_INET)
2293  break;
2295  if (state->specifics.tcp_udp.serv->address.af == AF_INET)
2297  if (0 != pkt_len)
2298  {
2299  GNUNET_break_op (0);
2300  return;
2301  }
2302  payload = buf;
2303  pkt_len = make_up_icmp_service_payload (state, buf);
2304  break;
2306  if (state->specifics.tcp_udp.serv->address.af == AF_INET)
2308  if (0 != pkt_len)
2309  {
2310  GNUNET_break_op (0);
2311  return;
2312  }
2313  payload = buf;
2314  pkt_len = make_up_icmp_service_payload (state, buf);
2315  break;
2318  if (state->specifics.tcp_udp.serv->address.af == AF_INET)
2319  {
2321  gettext_noop ("# ICMPv6 packets dropped (impossible PT to v4)"),
2322  1, GNUNET_NO);
2323  return;
2324  }
2325  if (0 != pkt_len)
2326  {
2327  GNUNET_break_op (0);
2328  return;
2329  }
2330  payload = buf;
2331  pkt_len = make_up_icmp_service_payload (state, buf);
2332  break;
2333  default:
2334  GNUNET_break_op (0);
2336  gettext_noop ("# ICMPv6 packets dropped (type not allowed)"),
2337  1, GNUNET_NO);
2338  return;
2339  }
2340  /* end of AF_INET6 */
2341  break;
2342  default:
2343  GNUNET_break_op (0);
2344  return;
2345  }
2346 
2347  send_icmp_packet_via_tun (&state->specifics.tcp_udp.ri.remote_address,
2348  &state->specifics.tcp_udp.ri.local_address,
2349  &icmp,
2350  payload,
2351  pkt_len);
2353 }
static uint16_t make_up_icmp_service_payload(struct ChannelState *state, char *buf)
Setup ICMP payload for ICMP error messages.
#define GNUNET_TUN_ICMPTYPE_TIME_EXCEEDED
#define GNUNET_NO
Definition: gnunet_common.h:81
const char * GNUNET_h2s(const struct GNUNET_HashCode *hc)
Convert a hash value to a string (for printing debug messages).
uint16_t size
The length of the struct (in bytes, including the length field itself), in big-endian format...
void GNUNET_STATISTICS_update(struct GNUNET_STATISTICS_Handle *handle, const char *name, int64_t delta, int make_persistent)
Set statistic value for the peer.
#define GNUNET_TUN_ICMPTYPE_SOURCE_QUENCH
static void setup_state_record(struct ChannelState *state)
We are starting a fresh connection (TCP or UDP) and need to pick a source port and IP address (within...
Message send via cadet to an exit daemon to send ICMP data to a local service.
Definition: exit.h:205
#define GNUNET_TUN_ICMPTYPE6_DESTINATION_UNREACHABLE
#define GNUNET_TUN_ICMPTYPE6_TIME_EXCEEDED
#define GNUNET_TUN_ICMPTYPE6_ECHO_REPLY
enum State state
current state of profiling
#define GNUNET_break_op(cond)
Use this for assertion violations caused by other peers (i.e.
#define GNUNET_TUN_ICMPTYPE6_PACKET_TOO_BIG
static char buf[2048]
struct GNUNET_CADET_Channel * channel
Cadet channel that is used for this connection.
static void send_icmp_packet_via_tun(const struct SocketAddress *destination_address, const struct SocketAddress *source_address, const struct GNUNET_TUN_IcmpHeader *icmp_header, const void *payload, size_t payload_length)
Send an ICMP packet via the TUN interface.
#define GNUNET_TUN_ICMPTYPE_DESTINATION_UNREACHABLE
static unsigned long long payload
How much data are we currently storing in the database?
Standard IPv6 header.
#define GNUNET_TUN_ICMPTYPE_ECHO_REQUEST
#define GNUNET_TUN_ICMPTYPE6_PARAMETER_PROBLEM
#define GNUNET_TUN_ICMPTYPE6_ECHO_REQUEST
void GNUNET_CADET_receive_done(struct GNUNET_CADET_Channel *channel)
Send an ack on the channel to confirm the processing of a message.
Definition: cadet_api.c:955
#define GNUNET_ALIGN
gcc-ism to force alignment; we use this to align char-arrays that may then be cast to &#39;struct&#39;s...
static struct GNUNET_STATISTICS_Handle * stats
Statistics.
#define GNUNET_log(kind,...)
int32_t af
Address family, AF_INET or AF_INET6, in network byte order.
Definition: exit.h:218
union ChannelState::@13 specifics
This struct is saved into connections_map to allow finding the right channel given an IP packet from ...
struct ChannelState::@13::@14 tcp_udp
#define GNUNET_TUN_ICMPTYPE_ECHO_REPLY
struct GNUNET_PeerIdentity peer
Who is the other end of this channel.
struct GNUNET_TUN_IcmpHeader icmp_header
ICMP header to use.
Definition: exit.h:223
const char * GNUNET_i2s(const struct GNUNET_PeerIdentity *pid)
Convert a peer identity to a string (for printing debug messages).
struct GNUNET_MessageHeader header
Type is GNUNET_MESSAGE_TYPE_VPN_ICMP_TO_SERVICE.
Definition: exit.h:210
#define gettext_noop(String)
Definition: gettext.h:69
Here is the call graph for this function:

◆ free_service_record()

static int free_service_record ( void *  cls,
const struct GNUNET_HashCode key,
void *  value 
)
static

Free memory associated with a service record.

Parameters
clsunused
keyservice descriptor
valueservice record to free
Returns
GNUNET_OK

Definition at line 2365 of file gnunet-daemon-exit.c.

References GNUNET_assert, GNUNET_CADET_close_port(), GNUNET_CONTAINER_multihashmap_remove(), GNUNET_free, GNUNET_free_non_null, GNUNET_OK, GNUNET_YES, LocalService::name, LocalService::port, service, and value.

Referenced by cleanup().

2368 {
2369  struct LocalService *service = value;
2370 
2373  key,
2374  service));
2375  GNUNET_CADET_close_port (service->port);
2376  GNUNET_free_non_null (service->name);
2377  GNUNET_free (service);
2378  return GNUNET_OK;
2379 }
static struct GNUNET_SERVICE_Handle * service
Handle to our service instance.
char * name
DNS name of the service.
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
This struct is saved into the services-hashmap to represent a service this peer is specifically offer...
#define GNUNET_OK
Named constants for return values.
Definition: gnunet_common.h:78
#define GNUNET_free_non_null(ptr)
Free the memory pointed to by ptr if ptr is not NULL.
struct GNUNET_CADET_Port * port
Open port with CADET.
static char * value
Value of the record to add/remove.
static struct GNUNET_CONTAINER_MultiHashMap * services
This hashmaps saves interesting things about the configured services.
int GNUNET_CONTAINER_multihashmap_remove(struct GNUNET_CONTAINER_MultiHashMap *map, const struct GNUNET_HashCode *key, const void *value)
Remove the given key-value pair from the map.
void GNUNET_CADET_close_port(struct GNUNET_CADET_Port *p)
Close a port opened with GNUNET_CADET_open_port().
Definition: cadet_api.c:876
#define GNUNET_YES
Definition: gnunet_common.h:80
#define GNUNET_free(ptr)
Wrapper around free.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ new_service_channel()

static void* new_service_channel ( void *  cls,
struct GNUNET_CADET_Channel channel,
const struct GNUNET_PeerIdentity initiator 
)
static

Callback from CADET for new channels.

Parameters
clsclosure
channelnew handle to the channel
initiatorpeer that started the channel
Returns
initial channel context for the channel

Definition at line 2391 of file gnunet-daemon-exit.c.

References LocalService::address, ChannelState::channel, gettext_noop, GNUNET_ERROR_TYPE_DEBUG, GNUNET_i2s(), GNUNET_log, GNUNET_new, GNUNET_NO, GNUNET_STATISTICS_update(), ls, ChannelState::peer, ChannelState::specifics, and ChannelState::tcp_udp.

Referenced by store_service().

2394 {
2395  struct LocalService *ls = cls;
2396  struct ChannelState *s = GNUNET_new (struct ChannelState);
2397 
2398  s->peer = *initiator;
2400  gettext_noop ("# Inbound CADET channels created"),
2401  1,
2402  GNUNET_NO);
2404  "Received inbound channel from `%s'\n",
2405  GNUNET_i2s (initiator));
2406  s->channel = channel;
2407  s->specifics.tcp_udp.serv = ls;
2408  s->specifics.tcp_udp.ri.remote_address = ls->address;
2409  return s;
2410 }
This struct is saved into the services-hashmap to represent a service this peer is specifically offer...
#define GNUNET_NO
Definition: gnunet_common.h:81
#define GNUNET_new(type)
Allocate a struct or union of the given type.
void GNUNET_STATISTICS_update(struct GNUNET_STATISTICS_Handle *handle, const char *name, int64_t delta, int make_persistent)
Set statistic value for the peer.
struct GNUNET_CADET_Channel * channel
Cadet channel that is used for this connection.
struct SocketAddress address
Remote address to use for the service.
static struct GNUNET_NETWORK_Handle * ls
Listen socket for STUN processing.
Definition: gnunet-nat.c:85
static struct GNUNET_STATISTICS_Handle * stats
Statistics.
#define GNUNET_log(kind,...)
union ChannelState::@13 specifics
This struct is saved into connections_map to allow finding the right channel given an IP packet from ...
struct ChannelState::@13::@14 tcp_udp
struct GNUNET_PeerIdentity peer
Who is the other end of this channel.
const char * GNUNET_i2s(const struct GNUNET_PeerIdentity *pid)
Convert a peer identity to a string (for printing debug messages).
#define gettext_noop(String)
Definition: gettext.h:69
Here is the call graph for this function:
Here is the caller graph for this function:

◆ clean_channel()

static void clean_channel ( void *  cls,
const struct GNUNET_CADET_Channel channel 
)
static

Function called by cadet whenever an inbound channel is destroyed.

Should clean up any associated state.

Parameters
clsour struct ChannelState *
channelconnection to the other end (henceforth invalid)

Definition at line 2421 of file gnunet-daemon-exit.c.

References ChannelState::dns, GNUNET_assert, GNUNET_CONTAINER_heap_remove_node(), GNUNET_CONTAINER_multihashmap_remove(), GNUNET_ERROR_TYPE_DEBUG, GNUNET_free, GNUNET_SYSERR, GNUNET_YES, ChannelState::is_dns, LOG, ChannelState::specifics, and ChannelState::tcp_udp.

Referenced by advertise_dns_exit(), run(), and store_service().

2423 {
2424  struct ChannelState *s = cls;
2425 
2427  "Channel destroyed\n");
2428  if (GNUNET_SYSERR == s->is_dns)
2429  {
2430  GNUNET_free (s);
2431  return;
2432  }
2433  if (GNUNET_YES == s->is_dns)
2434  {
2435  if (channels[s->specifics.dns.my_id] == s)
2436  channels[s->specifics.dns.my_id] = NULL;
2437  }
2438  else
2439  {
2440  if (NULL != s->specifics.tcp_udp.heap_node)
2441  {
2444  &s->specifics.tcp_udp.state_key,
2445  s));
2447  s->specifics.tcp_udp.heap_node = NULL;
2448  }
2449  }
2450  GNUNET_free (s);
2451 }
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
struct ChannelState::@13::@15 dns
#define LOG(kind,...)
Generic logging shorthand.
int GNUNET_CONTAINER_multihashmap_remove(struct GNUNET_CONTAINER_MultiHashMap *map, const struct GNUNET_HashCode *key, const void *value)
Remove the given key-value pair from the map.
#define GNUNET_SYSERR
Definition: gnunet_common.h:79
int is_dns
GNUNET_NO if this is a channel for TCP/UDP, GNUNET_YES if this is a channel for DNS, GNUNET_SYSERR if the channel is not yet initialized.
union ChannelState::@13 specifics
This struct is saved into connections_map to allow finding the right channel given an IP packet from ...
#define GNUNET_YES
Definition: gnunet_common.h:80
static struct GNUNET_CONTAINER_MultiHashMap * connections_map
This hashmaps contains the mapping from peer, service-descriptor, source-port and destination-port to...
static struct ChannelState * channels[UINT16_MAX+1]
Array of all open DNS requests from channels.
struct ChannelState::@13::@14 tcp_udp
void * GNUNET_CONTAINER_heap_remove_node(struct GNUNET_CONTAINER_HeapNode *node)
Removes a node from the heap.
#define GNUNET_free(ptr)
Wrapper around free.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ store_service()

static void store_service ( int  proto,
const char *  name,
uint16_t  destination_port,
struct LocalService service 
)
static

Given a service descriptor and a destination port, find the respective service entry.

Parameters
protoIPPROTO_TCP or IPPROTO_UDP
namename of the service
destination_portdestination port
serviceservice information record to store (service->name will be set).

Definition at line 2464 of file gnunet-daemon-exit.c.

References _, clean_channel(), LocalService::descriptor, GNUNET_CADET_close_port(), GNUNET_CADET_open_port(), GNUNET_CONTAINER_multihashmap_put(), GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY, GNUNET_ERROR_TYPE_DEBUG, GNUNET_ERROR_TYPE_WARNING, GNUNET_free, GNUNET_free_non_null, GNUNET_h2s(), GNUNET_log, GNUNET_MESSAGE_TYPE_VPN_ICMP_TO_SERVICE, GNUNET_MESSAGE_TYPE_VPN_TCP_DATA_TO_EXIT, GNUNET_MESSAGE_TYPE_VPN_TCP_TO_SERVICE_START, GNUNET_MESSAGE_TYPE_VPN_UDP_TO_SERVICE, GNUNET_MQ_handler_end, GNUNET_MQ_hd_var_size, GNUNET_OK, GNUNET_strdup, GNUNET_TUN_compute_service_cadet_port(), GNUNET_TUN_service_name_to_hash(), LocalService::is_udp, LocalService::name, new_service_channel(), LocalService::port, and SocketAddress::proto.

Referenced by add_services().

2468 {
2469  struct GNUNET_MQ_MessageHandler handlers[] = {
2470  GNUNET_MQ_hd_var_size (icmp_service,
2473  service),
2474  GNUNET_MQ_hd_var_size (udp_service,
2477  service),
2478  GNUNET_MQ_hd_var_size (tcp_service,
2481  service),
2482  GNUNET_MQ_hd_var_size (tcp_data,
2485  service),
2487  };
2488 
2489  struct GNUNET_HashCode cadet_port;
2490 
2491  service->name = GNUNET_strdup (name);
2493  &service->descriptor);
2495  destination_port,
2496  &cadet_port);
2498  "Opening CADET port %s for SERVICE exit %s on port %u\n",
2500  name,
2501  (unsigned int) destination_port);
2503  &cadet_port,
2505  service,
2506  NULL,
2507  &clean_channel,
2508  handlers);
2509  service->is_udp = (IPPROTO_UDP == proto);
2510  if (GNUNET_OK !=
2512  &cadet_port,
2513  service,
2515  {
2516  GNUNET_CADET_close_port (service->port);
2517  GNUNET_free_non_null (service->name);
2518  GNUNET_free (service);
2520  _("Got duplicate service records for `%s:%u'\n"),
2521  name,
2522  (unsigned int) destination_port);
2523  }
2524 }
static struct GNUNET_CADET_Handle * cadet_handle
The handle to cadet.
char * name
DNS name of the service.
#define GNUNET_MESSAGE_TYPE_VPN_ICMP_TO_SERVICE
Type of messages containing an ICMP packet for a service.
static uint8_t proto
Protocol to use.
Definition: gnunet-nat.c:60
#define GNUNET_MESSAGE_TYPE_VPN_UDP_TO_SERVICE
Type of messages containing an UDP packet for a service.
#define GNUNET_MESSAGE_TYPE_VPN_TCP_TO_SERVICE_START
Type of messages containing an TCP packet for a service.
#define GNUNET_OK
Named constants for return values.
Definition: gnunet_common.h:78
const char * GNUNET_h2s(const struct GNUNET_HashCode *hc)
Convert a hash value to a string (for printing debug messages).
#define GNUNET_free_non_null(ptr)
Free the memory pointed to by ptr if ptr is not NULL.
#define GNUNET_strdup(a)
Wrapper around GNUNET_xstrdup_.
struct GNUNET_CADET_Port * port
Open port with CADET.
#define _(String)
GNU gettext support macro.
Definition: platform.h:208
#define GNUNET_MESSAGE_TYPE_VPN_TCP_DATA_TO_EXIT
Type of messages containing an TCP packet of an established connection.
Message send via cadet to an exit daemon to send ICMP data to a local service.
Definition: exit.h:205
struct GNUNET_CADET_Port * GNUNET_CADET_open_port(struct GNUNET_CADET_Handle *h, const struct GNUNET_HashCode *port, GNUNET_CADET_ConnectEventHandler connects, void *connects_cls, GNUNET_CADET_WindowSizeEventHandler window_changes, GNUNET_CADET_DisconnectEventHandler disconnects, const struct GNUNET_MQ_MessageHandler *handlers)
Open a port to receive incomming MQ-based channels.
Definition: cadet_api.c:1011
static struct GNUNET_CADET_MessageHandler handlers[]
Handlers, for diverse services.
static struct GNUNET_CONTAINER_MultiHashMap * services
This hashmaps saves interesting things about the configured services.
#define GNUNET_MQ_hd_var_size(name, code, str, ctx)
int16_t is_udp
GNUNET_YES if this is a UDP service, otherwise TCP.
void GNUNET_TUN_service_name_to_hash(const char *service_name, struct GNUNET_HashCode *hc)
Hash the service name of a hosted service to the hash code that is used to identify the service on th...
Definition: regex.c:804
static void * new_service_channel(void *cls, struct GNUNET_CADET_Channel *channel, const struct GNUNET_PeerIdentity *initiator)
Callback from CADET for new channels.
A 512-bit hashcode.
Message handler for a specific message type.
void GNUNET_TUN_compute_service_cadet_port(const struct GNUNET_HashCode *desc, uint16_t ip_port, struct GNUNET_HashCode *cadet_port)
Compute the CADET port given a service descriptor (returned from GNUNET_TUN_service_name_to_hash) and...
Definition: regex.c:823
There must only be one value per key; storing a value should fail if a value under the same key alrea...
const char * name
int GNUNET_CONTAINER_multihashmap_put(struct GNUNET_CONTAINER_MultiHashMap *map, const struct GNUNET_HashCode *key, void *value, enum GNUNET_CONTAINER_MultiHashMapOption opt)
Store a key-value pair in the map.
Message send via cadet to an exit daemon to send UDP data to a local service.
Definition: exit.h:120
struct GNUNET_HashCode descriptor
Descriptor for the service (CADET port).
#define GNUNET_log(kind,...)
static struct GNUNET_CADET_Port * cadet_port
Listen port for incoming requests.
void GNUNET_CADET_close_port(struct GNUNET_CADET_Port *p)
Close a port opened with GNUNET_CADET_open_port().
Definition: cadet_api.c:876
Message send via cadet to an exit daemon to initiate forwarding of TCP data to a local service...
Definition: exit.h:37
Message send via cadet between VPN and entry and an exit daemon to transmit TCP data between the VPN ...
Definition: exit.h:94
static void clean_channel(void *cls, const struct GNUNET_CADET_Channel *channel)
Function called by cadet whenever an inbound channel is destroyed.
#define GNUNET_MQ_handler_end()
End-marker for the handlers array.
#define GNUNET_free(ptr)
Wrapper around free.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ send_packet_to_cadet_channel()

static void send_packet_to_cadet_channel ( struct ChannelState s,
struct GNUNET_MQ_Envelope env 
)
static

Send the given packet via the cadet channel.

Parameters
schannel destination
envmessage to queue

Definition at line 2534 of file gnunet-daemon-exit.c.

References ChannelState::channel, gettext_noop, GNUNET_assert, GNUNET_CADET_get_mq(), GNUNET_MQ_send(), GNUNET_NO, and GNUNET_STATISTICS_update().

Referenced by icmp_from_helper(), tcp_from_helper(), and udp_from_helper().

2536 {
2537  GNUNET_assert (NULL != s);
2539  gettext_noop ("# Messages transmitted via cadet channels"),
2540  1,
2541  GNUNET_NO);
2543  env);
2544 }
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
#define GNUNET_NO
Definition: gnunet_common.h:81
void GNUNET_STATISTICS_update(struct GNUNET_STATISTICS_Handle *handle, const char *name, int64_t delta, int make_persistent)
Set statistic value for the peer.
struct GNUNET_CADET_Channel * channel
Cadet channel that is used for this connection.
static struct GNUNET_STATISTICS_Handle * stats
Statistics.
void GNUNET_MQ_send(struct GNUNET_MQ_Handle *mq, struct GNUNET_MQ_Envelope *ev)
Send a message with the given message queue.
Definition: mq.c:353
#define gettext_noop(String)
Definition: gettext.h:69
struct GNUNET_MQ_Handle * GNUNET_CADET_get_mq(const struct GNUNET_CADET_Channel *channel)
Obtain the message queue for a connected peer.
Definition: cadet_api.c:1121
Here is the call graph for this function:
Here is the caller graph for this function:

◆ icmp_from_helper()

static void icmp_from_helper ( const struct GNUNET_TUN_IcmpHeader icmp,
size_t  pktlen,
int  af,
const void *  destination_ip,
const void *  source_ip 
)
static

Handles an ICMP packet received from the helper.

Parameters
icmpA pointer to the Packet
pktlennumber of bytes in icmp
afaddress family (AFINET or AF_INET6)
destination_ipdestination IP-address of the IP packet (should be our local address)
source_iporiginal source IP-address of the IP packet (should be the original destination address)

Definition at line 2559 of file gnunet-daemon-exit.c.

References _, GNUNET_EXIT_IcmpToVPNMessage::af, GNUNET_TUN_UdpHeader::destination_port, env, get_redirect_state(), gettext_noop, GNUNET_assert, GNUNET_break, GNUNET_ERROR_TYPE_DEBUG, GNUNET_ERROR_TYPE_INFO, GNUNET_log, GNUNET_memcpy, GNUNET_MESSAGE_TYPE_VPN_ICMP_TO_VPN, GNUNET_MQ_msg_extra, GNUNET_NO, GNUNET_STATISTICS_update(), GNUNET_TUN_ICMPTYPE6_DESTINATION_UNREACHABLE, GNUNET_TUN_ICMPTYPE6_ECHO_REPLY, GNUNET_TUN_ICMPTYPE6_ECHO_REQUEST, GNUNET_TUN_ICMPTYPE6_PACKET_TOO_BIG, GNUNET_TUN_ICMPTYPE6_PARAMETER_PROBLEM, GNUNET_TUN_ICMPTYPE6_TIME_EXCEEDED, GNUNET_TUN_ICMPTYPE_DESTINATION_UNREACHABLE, GNUNET_TUN_ICMPTYPE_ECHO_REPLY, GNUNET_TUN_ICMPTYPE_ECHO_REQUEST, GNUNET_TUN_ICMPTYPE_SOURCE_QUENCH, GNUNET_TUN_ICMPTYPE_TIME_EXCEEDED, GNUNET_EXIT_IcmpToVPNMessage::icmp_header, SocketAddress::ipv4, SocketAddress::ipv6, GNUNET_TUN_IPv6Header::next_header, GNUNET_TUN_IPv4Header::protocol, send_packet_to_cadet_channel(), GNUNET_TUN_UdpHeader::source_port, state, GNUNET_TUN_IcmpHeader::type, and udp.

Referenced by message_token().

2564 {
2565  struct ChannelState *state;
2566  struct GNUNET_MQ_Envelope *env;
2567  struct GNUNET_EXIT_IcmpToVPNMessage *i2v;
2568  const struct GNUNET_TUN_IPv4Header *ipv4;
2569  const struct GNUNET_TUN_IPv6Header *ipv6;
2570  const struct GNUNET_TUN_UdpHeader *udp;
2571  uint16_t source_port;
2572  uint16_t destination_port;
2573  uint8_t protocol;
2574 
2575  {
2576  char sbuf[INET6_ADDRSTRLEN];
2577  char dbuf[INET6_ADDRSTRLEN];
2579  "Received ICMP packet going from %s to %s\n",
2580  inet_ntop (af,
2581  source_ip,
2582  sbuf, sizeof (sbuf)),
2583  inet_ntop (af,
2584  destination_ip,
2585  dbuf, sizeof (dbuf)));
2586  }
2587  if (pktlen < sizeof (struct GNUNET_TUN_IcmpHeader))
2588  {
2589  /* blame kernel */
2590  GNUNET_break (0);
2591  return;
2592  }
2593 
2594  /* Find out if this is an ICMP packet in response to an existing
2595  TCP/UDP packet and if so, figure out ports / protocol of the
2596  existing session from the IP data in the ICMP payload */
2597  source_port = 0;
2598  destination_port = 0;
2599  switch (af)
2600  {
2601  case AF_INET:
2602  protocol = IPPROTO_ICMP;
2603  switch (icmp->type)
2604  {
2607  break;
2611  if (pktlen <
2612  sizeof (struct GNUNET_TUN_IcmpHeader) +
2613  sizeof (struct GNUNET_TUN_IPv4Header) + 8)
2614  {
2615  /* blame kernel */
2616  GNUNET_break (0);
2617  return;
2618  }
2619  ipv4 = (const struct GNUNET_TUN_IPv4Header *) &icmp[1];
2620  protocol = ipv4->protocol;
2621  /* could be TCP or UDP, but both have the ports in the right
2622  place, so that doesn't matter here */
2623  udp = (const struct GNUNET_TUN_UdpHeader *) &ipv4[1];
2624  /* swap ports, as they are from the original message */
2625  destination_port = ntohs (udp->source_port);
2626  source_port = ntohs (udp->destination_port);
2627  /* throw away ICMP payload, won't be useful for the other side anyway */
2628  pktlen = sizeof (struct GNUNET_TUN_IcmpHeader);
2629  break;
2630  default:
2632  gettext_noop ("# ICMPv4 packets dropped (type not allowed)"),
2633  1, GNUNET_NO);
2634  return;
2635  }
2636  break;
2637  case AF_INET6:
2638  protocol = IPPROTO_ICMPV6;
2639  switch (icmp->type)
2640  {
2645  if (pktlen <
2646  sizeof (struct GNUNET_TUN_IcmpHeader) +
2647  sizeof (struct GNUNET_TUN_IPv6Header) + 8)
2648  {
2649  /* blame kernel */
2650  GNUNET_break (0);
2651  return;
2652  }
2653  ipv6 = (const struct GNUNET_TUN_IPv6Header *) &icmp[1];
2654  protocol = ipv6->next_header;
2655  /* could be TCP or UDP, but both have the ports in the right
2656  place, so that doesn't matter here */
2657  udp = (const struct GNUNET_TUN_UdpHeader *) &ipv6[1];
2658  /* swap ports, as they are from the original message */
2659  destination_port = ntohs (udp->source_port);
2660  source_port = ntohs (udp->destination_port);
2661  /* throw away ICMP payload, won't be useful for the other side anyway */
2662  pktlen = sizeof (struct GNUNET_TUN_IcmpHeader);
2663  break;
2666  break;
2667  default:
2669  gettext_noop ("# ICMPv6 packets dropped (type not allowed)"),
2670  1, GNUNET_NO);
2671  return;
2672  }
2673  break;
2674  default:
2675  GNUNET_assert (0);
2676  }
2677  switch (protocol)
2678  {
2679  case IPPROTO_ICMP:
2680  state = get_redirect_state (af,
2681  IPPROTO_ICMP,
2682  source_ip,
2683  0,
2684  destination_ip,
2685  0,
2686  NULL);
2687  break;
2688  case IPPROTO_ICMPV6:
2689  state = get_redirect_state (af,
2690  IPPROTO_ICMPV6,
2691  source_ip,
2692  0,
2693  destination_ip,
2694  0,
2695  NULL);
2696  break;
2697  case IPPROTO_UDP:
2698  state = get_redirect_state (af,
2699  IPPROTO_UDP,
2700  source_ip,
2701  source_port,
2702  destination_ip,
2703  destination_port,
2704  NULL);
2705  break;
2706  case IPPROTO_TCP:
2707  state = get_redirect_state (af,
2708  IPPROTO_TCP,
2709  source_ip,
2710  source_port,
2711  destination_ip,
2712  destination_port,
2713  NULL);
2714  break;
2715  default:
2717  gettext_noop ("# ICMP packets dropped (not allowed)"),
2718  1,
2719  GNUNET_NO);
2720  return;
2721  }
2722  if (NULL == state)
2723  {
2725  _("ICMP Packet dropped, have no matching connection information\n"));
2726  return;
2727  }
2728  env = GNUNET_MQ_msg_extra (i2v,
2729  pktlen - sizeof (struct GNUNET_TUN_IcmpHeader),
2731  i2v->af = htonl (af);
2732  GNUNET_memcpy (&i2v->icmp_header,
2733  icmp,
2734  pktlen);
2736  env);
2737 }
static int udp
Option -u: UDP requested.
Definition: gnunet-vpn.c:76
#define GNUNET_TUN_ICMPTYPE_TIME_EXCEEDED
static int ipv4
Option -4: IPv4 requested.
Definition: gnunet-vpn.c:61
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
UDP packet header.
struct GNUNET_TUN_IcmpHeader icmp_header
ICMP header to use.
Definition: exit.h:287
#define GNUNET_NO
Definition: gnunet_common.h:81
Standard IPv4 header.
uint16_t destination_port
Destination port (in NBO).
void GNUNET_STATISTICS_update(struct GNUNET_STATISTICS_Handle *handle, const char *name, int64_t delta, int make_persistent)
Set statistic value for the peer.
#define GNUNET_TUN_ICMPTYPE_SOURCE_QUENCH
#define GNUNET_break(cond)
Use this for internal assertion violations that are not fatal (can be handled) but should not occur...
#define _(String)
GNU gettext support macro.
Definition: platform.h:208
#define GNUNET_TUN_ICMPTYPE6_DESTINATION_UNREACHABLE
#define GNUNET_TUN_ICMPTYPE6_TIME_EXCEEDED
#define GNUNET_MQ_msg_extra(mvar, esize, type)
Allocate an envelope, with extra space allocated after the space needed by the message struct...
Definition: gnunet_mq_lib.h:52
#define GNUNET_TUN_ICMPTYPE6_ECHO_REPLY
enum State state
current state of profiling
#define GNUNET_memcpy(dst, src, n)
#define GNUNET_TUN_ICMPTYPE6_PACKET_TOO_BIG
int32_t af
Address family, AF_INET or AF_INET6, in network byte order.
Definition: exit.h:282
uint8_t next_header
For example, IPPROTO_UDP or IPPROTO_TCP.
static struct ChannelState * get_redirect_state(int af, int protocol, const void *destination_ip, uint16_t destination_port, const void *local_ip, uint16_t local_port, struct GNUNET_HashCode *state_key)
Get our connection tracking state.
#define GNUNET_TUN_ICMPTYPE_DESTINATION_UNREACHABLE
struct GNUNET_MQ_Envelope * env
Definition: 005.c:1
Message send via cadet to the vpn service to send ICMP data to the VPN&#39;s TUN interface.
Definition: exit.h:271
Standard IPv6 header.
#define GNUNET_TUN_ICMPTYPE_ECHO_REQUEST
#define GNUNET_TUN_ICMPTYPE6_PARAMETER_PROBLEM
uint8_t protocol
L4-protocol, for example, IPPROTO_UDP or IPPROTO_TCP.
uint16_t source_port
Source port (in NBO).
static void send_packet_to_cadet_channel(struct ChannelState *s, struct GNUNET_MQ_Envelope *env)
Send the given packet via the cadet channel.
#define GNUNET_TUN_ICMPTYPE6_ECHO_REQUEST
#define GNUNET_MESSAGE_TYPE_VPN_ICMP_TO_VPN
Type of messages containing an ICMP packet for the VPN.
static struct GNUNET_STATISTICS_Handle * stats
Statistics.
#define GNUNET_log(kind,...)
This struct is saved into connections_map to allow finding the right channel given an IP packet from ...
#define GNUNET_TUN_ICMPTYPE_ECHO_REPLY
#define gettext_noop(String)
Definition: gettext.h:69
static int ipv6
Option -6: IPv6 requested.
Definition: gnunet-vpn.c:66
Here is the call graph for this function:
Here is the caller graph for this function:

◆ udp_from_helper()

static void udp_from_helper ( const struct GNUNET_TUN_UdpHeader udp,
size_t  pktlen,
int  af,
const void *  destination_ip,
const void *  source_ip 
)
static

Handles an UDP packet received from the helper.

Parameters
udpA pointer to the Packet
pktlennumber of bytes in 'udp'
afaddress family (AFINET or AF_INET6)
destination_ipdestination IP-address of the IP packet (should be our local address)
source_iporiginal source IP-address of the IP packet (should be the original destination address)

Definition at line 2752 of file gnunet-daemon-exit.c.

References _, GNUNET_EXIT_UdpReplyMessage::destination_port, GNUNET_TUN_UdpHeader::destination_port, env, get_redirect_state(), GNUNET_break, GNUNET_ERROR_TYPE_DEBUG, GNUNET_ERROR_TYPE_INFO, GNUNET_log, GNUNET_memcpy, GNUNET_MESSAGE_TYPE_VPN_UDP_REPLY, GNUNET_MQ_msg_extra, GNUNET_TUN_UdpHeader::len, send_packet_to_cadet_channel(), GNUNET_EXIT_UdpReplyMessage::source_port, GNUNET_TUN_UdpHeader::source_port, and state.

Referenced by message_token().

2757 {
2758  struct ChannelState *state;
2759  struct GNUNET_MQ_Envelope *env;
2760  struct GNUNET_EXIT_UdpReplyMessage *urm;
2761 
2762  {
2763  char sbuf[INET6_ADDRSTRLEN];
2764  char dbuf[INET6_ADDRSTRLEN];
2765 
2767  "Received UDP packet going from %s:%u to %s:%u\n",
2768  inet_ntop (af,
2769  source_ip,
2770  sbuf, sizeof (sbuf)),
2771  (unsigned int) ntohs (udp->source_port),
2772  inet_ntop (af,
2773  destination_ip,
2774  dbuf, sizeof (dbuf)),
2775  (unsigned int) ntohs (udp->destination_port));
2776  }
2777  if (pktlen < sizeof (struct GNUNET_TUN_UdpHeader))
2778  {
2779  /* blame kernel */
2780  GNUNET_break (0);
2781  return;
2782  }
2783  if (pktlen != ntohs (udp->len))
2784  {
2785  /* blame kernel */
2786  GNUNET_break (0);
2787  return;
2788  }
2789  state = get_redirect_state (af,
2790  IPPROTO_UDP,
2791  source_ip,
2792  ntohs (udp->source_port),
2793  destination_ip,
2794  ntohs (udp->destination_port),
2795  NULL);
2796  if (NULL == state)
2797  {
2799  _("UDP Packet dropped, have no matching connection information\n"));
2800  return;
2801  }
2802  env = GNUNET_MQ_msg_extra (urm,
2803  pktlen - sizeof (struct GNUNET_TUN_UdpHeader),
2805  urm->source_port = htons (0);
2806  urm->destination_port = htons (0);
2807  GNUNET_memcpy (&urm[1],
2808  &udp[1],
2809  pktlen - sizeof (struct GNUNET_TUN_UdpHeader));
2811  env);
2812 }
UDP packet header.
uint16_t destination_port
Destination port (in NBO).
uint16_t len
Number of bytes of payload.
#define GNUNET_break(cond)
Use this for internal assertion violations that are not fatal (can be handled) but should not occur...
#define _(String)
GNU gettext support macro.
Definition: platform.h:208
#define GNUNET_MQ_msg_extra(mvar, esize, type)
Allocate an envelope, with extra space allocated after the space needed by the message struct...
Definition: gnunet_mq_lib.h:52
enum State state
current state of profiling
#define GNUNET_memcpy(dst, src, n)
#define GNUNET_MESSAGE_TYPE_VPN_UDP_REPLY
Type of messages containing an UDP packet from a remote host.
Message send from exit daemon back to the UDP entry point (used for both Internet and Service exit re...
Definition: exit.h:178
uint16_t source_port
Source port to use for the UDP reply (0 to use the same port as for the original request).
Definition: exit.h:189
static struct ChannelState * get_redirect_state(int af, int protocol, const void *destination_ip, uint16_t destination_port, const void *local_ip, uint16_t local_port, struct GNUNET_HashCode *state_key)
Get our connection tracking state.
struct GNUNET_MQ_Envelope * env
Definition: 005.c:1
uint16_t source_port
Source port (in NBO).
static void send_packet_to_cadet_channel(struct ChannelState *s, struct GNUNET_MQ_Envelope *env)
Send the given packet via the cadet channel.
#define GNUNET_log(kind,...)
uint16_t destination_port
Destination port to use for the UDP reply (0 to use the same port as for the original request)...
Definition: exit.h:195
This struct is saved into connections_map to allow finding the right channel given an IP packet from ...
Here is the call graph for this function:
Here is the caller graph for this function:

◆ tcp_from_helper()

static void tcp_from_helper ( const struct GNUNET_TUN_TcpHeader tcp,
size_t  pktlen,
int  af,
const void *  destination_ip,
const void *  source_ip 
)
static

Handles a TCP packet received from the helper.

Parameters
tcpA pointer to the Packet
pktlenthe length of the packet, including its TCP header
afaddress family (AFINET or AF_INET6)
destination_ipdestination IP-address of the IP packet (should be our local address)
source_iporiginal source IP-address of the IP packet (should be the original destination address)

Definition at line 2827 of file gnunet-daemon-exit.c.

References _, buf, GNUNET_TUN_TcpHeader::crc, GNUNET_TUN_TcpHeader::destination_port, env, get_redirect_state(), GNUNET_ALIGN, GNUNET_break, GNUNET_ERROR_TYPE_DEBUG, GNUNET_ERROR_TYPE_INFO, GNUNET_log, GNUNET_MAX_MESSAGE_SIZE, GNUNET_memcpy, GNUNET_MESSAGE_TYPE_VPN_TCP_DATA_TO_VPN, GNUNET_MQ_msg_extra, GNUNET_EXIT_TcpDataMessage::reserved, send_packet_to_cadet_channel(), GNUNET_TUN_TcpHeader::source_port, state, and GNUNET_EXIT_TcpDataMessage::tcp_header.

Referenced by message_token().

2832 {
2833  struct ChannelState *state;
2834  char buf[pktlen] GNUNET_ALIGN;
2835  struct GNUNET_TUN_TcpHeader *mtcp;
2836  struct GNUNET_EXIT_TcpDataMessage *tdm;
2837  struct GNUNET_MQ_Envelope *env;
2838  size_t mlen;
2839 
2840  {
2841  char sbuf[INET6_ADDRSTRLEN];
2842  char dbuf[INET6_ADDRSTRLEN];
2844  "Received TCP packet with %u bytes going from %s:%u to %s:%u\n",
2845  (unsigned int) (pktlen - sizeof (struct GNUNET_TUN_TcpHeader)),
2846  inet_ntop (af,
2847  source_ip,
2848  sbuf, sizeof (sbuf)),
2849  (unsigned int) ntohs (tcp->source_port),
2850  inet_ntop (af,
2851  destination_ip,
2852  dbuf, sizeof (dbuf)),
2853  (unsigned int) ntohs (tcp->destination_port));
2854  }
2855  if (pktlen < sizeof (struct GNUNET_TUN_TcpHeader))
2856  {
2857  /* blame kernel */
2858  GNUNET_break (0);
2859  return;
2860  }
2861  state = get_redirect_state (af,
2862  IPPROTO_TCP,
2863  source_ip,
2864  ntohs (tcp->source_port),
2865  destination_ip,
2866  ntohs (tcp->destination_port),
2867  NULL);
2868  if (NULL == state)
2869  {
2871  _("TCP Packet dropped, have no matching connection information\n"));
2872 
2873  return;
2874  }
2875  /* mug port numbers and crc to avoid information leakage;
2876  sender will need to lookup the correct values anyway */
2877  GNUNET_memcpy (buf, tcp, pktlen);
2878  mtcp = (struct GNUNET_TUN_TcpHeader *) buf;
2879  mtcp->source_port = 0;
2880  mtcp->destination_port = 0;
2881  mtcp->crc = 0;
2882 
2883  mlen = sizeof (struct GNUNET_EXIT_TcpDataMessage) + (pktlen - sizeof (struct GNUNET_TUN_TcpHeader));
2884  if (mlen >= GNUNET_MAX_MESSAGE_SIZE)
2885  {
2886  GNUNET_break (0);
2887  return;
2888  }
2889  env = GNUNET_MQ_msg_extra (tdm,
2890  pktlen - sizeof (struct GNUNET_TUN_TcpHeader),
2892  tdm->reserved = htonl (0);
2893  GNUNET_memcpy (&tdm->tcp_header,
2894  buf,
2895  pktlen);
2897  env);
2898 }
struct GNUNET_TUN_TcpHeader tcp_header
Skeleton of the TCP header to send.
Definition: exit.h:110
#define GNUNET_break(cond)
Use this for internal assertion violations that are not fatal (can be handled) but should not occur...
#define _(String)
GNU gettext support macro.
Definition: platform.h:208
#define GNUNET_MQ_msg_extra(mvar, esize, type)
Allocate an envelope, with extra space allocated after the space needed by the message struct...
Definition: gnunet_mq_lib.h:52
enum State state
current state of profiling
#define GNUNET_memcpy(dst, src, n)
#define GNUNET_MESSAGE_TYPE_VPN_TCP_DATA_TO_VPN
Type of messages containing an TCP packet of an established connection.
static char buf[2048]
uint16_t destination_port
Destination port (in NBO).
static struct ChannelState * get_redirect_state(int af, int protocol, const void *destination_ip, uint16_t destination_port, const void *local_ip, uint16_t local_port, struct GNUNET_HashCode *state_key)
Get our connection tracking state.
struct GNUNET_MQ_Envelope * env
Definition: 005.c:1
TCP packet header.
#define GNUNET_MAX_MESSAGE_SIZE
Largest supported message (to be precise, one byte more than the largest possible message...
static void send_packet_to_cadet_channel(struct ChannelState *s, struct GNUNET_MQ_Envelope *env)
Send the given packet via the cadet channel.
#define GNUNET_ALIGN
gcc-ism to force alignment; we use this to align char-arrays that may then be cast to &#39;struct&#39;s...
uint16_t source_port
Source port (in NBO).
#define GNUNET_log(kind,...)
This struct is saved into connections_map to allow finding the right channel given an IP packet from ...
Message send via cadet between VPN and entry and an exit daemon to transmit TCP data between the VPN ...
Definition: exit.h:94
uint32_t reserved
Always 0.
Definition: exit.h:104
uint16_t crc
Checksum.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ message_token()

static int message_token ( void *  cls,
const struct GNUNET_MessageHeader message 
)
static

Receive packets from the helper-process.

Parameters
clsunused
messagemessage received from helper

Definition at line 2908 of file gnunet-daemon-exit.c.

References _, ETH_P_IPV4, ETH_P_IPV6, gettext_noop, GNUNET_break, GNUNET_ERROR_TYPE_DEBUG, GNUNET_ERROR_TYPE_WARNING, GNUNET_log, GNUNET_MESSAGE_TYPE_VPN_HELPER, GNUNET_NO, GNUNET_OK, GNUNET_STATISTICS_update(), GNUNET_TUN_IPv4Header::header_length, icmp_from_helper(), GNUNET_TUN_IPv6Header::next_header, GNUNET_TUN_IPv6Header::payload_length, GNUNET_TUN_Layer2PacketHeader::proto, GNUNET_TUN_IPv4Header::protocol, size, GNUNET_MessageHeader::size, tcp_from_helper(), GNUNET_TUN_IPv4Header::total_length, GNUNET_MessageHeader::type, and udp_from_helper().

Referenced by run().

2910 {
2911  const struct GNUNET_TUN_Layer2PacketHeader *pkt_tun;
2912  size_t size;
2913 
2915  "Got %u-byte message of type %u from gnunet-helper-exit\n",
2916  ntohs (message->size),
2917  ntohs (message->type));
2919  gettext_noop ("# Packets received from TUN"),
2920  1, GNUNET_NO);
2921  if (ntohs (message->type) != GNUNET_MESSAGE_TYPE_VPN_HELPER)
2922  {
2923  GNUNET_break (0);
2924  return GNUNET_OK;
2925  }
2926  size = ntohs (message->size);
2927  if (size < sizeof (struct GNUNET_TUN_Layer2PacketHeader) + sizeof (struct GNUNET_MessageHeader))
2928  {
2929  GNUNET_break (0);
2930  return GNUNET_OK;
2931  }
2933  gettext_noop ("# Bytes received from TUN"),
2934  size, GNUNET_NO);
2935  pkt_tun = (const struct GNUNET_TUN_Layer2PacketHeader *) &message[1];
2936  size -= sizeof (struct GNUNET_TUN_Layer2PacketHeader) + sizeof (struct GNUNET_MessageHeader);
2937  switch (ntohs (pkt_tun->proto))
2938  {
2939  case ETH_P_IPV4:
2940  {
2941  const struct GNUNET_TUN_IPv4Header *pkt4;
2942 
2943  if (size < sizeof (struct GNUNET_TUN_IPv4Header))
2944  {
2945  /* Kernel to blame? */
2946  GNUNET_break (0);
2947  return GNUNET_OK;
2948  }
2949  pkt4 = (const struct GNUNET_TUN_IPv4Header *) &pkt_tun[1];
2950  if (size != ntohs (pkt4->total_length))
2951  {
2952  /* Kernel to blame? */
2953  GNUNET_break (0);
2954  return GNUNET_OK;
2955  }
2956  if (pkt4->header_length * 4 != sizeof (struct GNUNET_TUN_IPv4Header))
2957  {
2959  _("IPv4 packet options received. Ignored.\n"));
2960  return GNUNET_OK;
2961  }
2962 
2963  size -= sizeof (struct GNUNET_TUN_IPv4Header);
2964  switch (pkt4->protocol)
2965  {
2966  case IPPROTO_UDP:
2967  udp_from_helper ((const struct GNUNET_TUN_UdpHeader *) &pkt4[1], size,
2968  AF_INET,
2969  &pkt4->destination_address,
2970  &pkt4->source_address);
2971  break;
2972  case IPPROTO_TCP:
2973  tcp_from_helper ((const struct GNUNET_TUN_TcpHeader *) &pkt4[1], size,
2974  AF_INET,
2975  &pkt4->destination_address,
2976  &pkt4->source_address);
2977  break;
2978  case IPPROTO_ICMP:
2979  icmp_from_helper ((const struct GNUNET_TUN_IcmpHeader *) &pkt4[1], size,
2980  AF_INET,
2981  &pkt4->destination_address,
2982  &pkt4->source_address);
2983  break;
2984  default:
2986  _("IPv4 packet with unsupported next header %u received. Ignored.\n"),
2987  (int) pkt4->protocol);
2988  return GNUNET_OK;
2989  }
2990  }
2991  break;
2992  case ETH_P_IPV6:
2993  {
2994  const struct GNUNET_TUN_IPv6Header *pkt6;
2995 
2996  if (size < sizeof (struct GNUNET_TUN_IPv6Header))
2997  {
2998  /* Kernel to blame? */
2999  GNUNET_break (0);
3000  return GNUNET_OK;
3001  }
3002  pkt6 = (struct GNUNET_TUN_IPv6Header *) &pkt_tun[1];
3003  if (size != ntohs (pkt6->payload_length) + sizeof (struct GNUNET_TUN_IPv6Header))
3004  {
3005  /* Kernel to blame? */
3006  GNUNET_break (0);
3007  return GNUNET_OK;
3008  }
3009  size -= sizeof (struct GNUNET_TUN_IPv6Header);
3010  switch (pkt6->next_header)
3011  {
3012  case IPPROTO_UDP:
3013  udp_from_helper ((const struct GNUNET_TUN_UdpHeader *) &pkt6[1], size,
3014  AF_INET6,
3015  &pkt6->destination_address,
3016  &pkt6->source_address);
3017  break;
3018  case IPPROTO_TCP:
3019  tcp_from_helper ((const struct GNUNET_TUN_TcpHeader *) &pkt6[1], size,
3020  AF_INET6,
3021  &pkt6->destination_address,
3022  &pkt6->source_address);
3023  break;
3024  case IPPROTO_ICMPV6:
3025  icmp_from_helper ((const struct GNUNET_TUN_IcmpHeader *) &pkt6[1], size,
3026  AF_INET6,
3027  &pkt6->destination_address,
3028  &pkt6->source_address);
3029  break;
3030  default:
3032  _("IPv6 packet with unsupported next header %d received. Ignored.\n"),
3033  pkt6->next_header);
3034  return GNUNET_OK;
3035  }
3036  }
3037  break;
3038  default:
3040  _("Packet from unknown protocol %u received. Ignored.\n"),
3041  ntohs (pkt_tun->proto));
3042  break;
3043  }
3044  return GNUNET_OK;
3045 }
unsigned int header_length
uint16_t proto
Here we get an ETH_P_-number.
static void tcp_from_helper(const struct GNUNET_TUN_TcpHeader *tcp, size_t pktlen, int af, const void *destination_ip, const void *source_ip)
Handles a TCP packet received from the helper.
UDP packet header.
#define ETH_P_IPV6
Number for IPv6.
#define GNUNET_NO
Definition: gnunet_common.h:81
#define GNUNET_OK
Named constants for return values.
Definition: gnunet_common.h:78
Standard IPv4 header.
uint16_t size
The length of the struct (in bytes, including the length field itself), in big-endian format...
static void udp_from_helper(const struct GNUNET_TUN_UdpHeader *udp, size_t pktlen, int af, const void *destination_ip, const void *source_ip)
Handles an UDP packet received from the helper.
void GNUNET_STATISTICS_update(struct GNUNET_STATISTICS_Handle *handle, const char *name, int64_t delta, int make_persistent)
Set statistic value for the peer.
#define GNUNET_break(cond)
Use this for internal assertion violations that are not fatal (can be handled) but should not occur...
#define _(String)
GNU gettext support macro.
Definition: platform.h:208
uint16_t type
The type of the message (GNUNET_MESSAGE_TYPE_XXXX), in big-endian format.
Header from Linux TUN interface.
uint8_t next_header
For example, IPPROTO_UDP or IPPROTO_TCP.
static void icmp_from_helper(const struct GNUNET_TUN_IcmpHeader *icmp, size_t pktlen, int af, const void *destination_ip, const void *source_ip)
Handles an ICMP packet received from the helper.
static unsigned int size
Size of the "table".
Definition: peer.c:67
TCP packet header.
Standard IPv6 header.
uint8_t protocol
L4-protocol, for example, IPPROTO_UDP or IPPROTO_TCP.
static struct GNUNET_STATISTICS_Handle * stats
Statistics.
#define GNUNET_log(kind,...)
uint16_t payload_length
Length of the payload, excluding this header.
Header for all communications.
uint16_t total_length
Length of the packet, including this header.
#define ETH_P_IPV4
Number for IPv4.
#define GNUNET_MESSAGE_TYPE_VPN_HELPER
Type of messages between the gnunet-vpn-helper and the daemon.
#define gettext_noop(String)
Definition: gettext.h:69
Here is the call graph for this function:
Here is the caller graph for this function:

◆ new_channel()

static void* new_channel ( void *  cls,
struct GNUNET_CADET_Channel channel,
const struct GNUNET_PeerIdentity initiator 
)
static

Callback from CADET for new channels.

Parameters
clsclosure
channelnew handle to the channel
initiatorpeer that started the channel
Returns
initial channel context for the channel

Definition at line 3057 of file gnunet-daemon-exit.c.

References ChannelState::channel, gettext_noop, GNUNET_ERROR_TYPE_DEBUG, GNUNET_i2s(), GNUNET_log, GNUNET_new, GNUNET_NO, GNUNET_STATISTICS_update(), GNUNET_SYSERR, ChannelState::is_dns, and ChannelState::peer.

Referenced by advertise_dns_exit(), and run().

3060 {
3061  struct ChannelState *s = GNUNET_new (struct ChannelState);
3062 
3063  s->is_dns = GNUNET_SYSERR;
3064  s->peer = *initiator;
3066  gettext_noop ("# Inbound CADET channels created"),
3067  1,
3068  GNUNET_NO);
3070  "Received inbound channel from `%s'\n",
3071  GNUNET_i2s (initiator));
3072  s->channel = channel;
3073  return s;
3074 }
#define GNUNET_NO
Definition: gnunet_common.h:81
#define GNUNET_new(type)
Allocate a struct or union of the given type.
void GNUNET_STATISTICS_update(struct GNUNET_STATISTICS_Handle *handle, const char *name, int64_t delta, int make_persistent)
Set statistic value for the peer.
struct GNUNET_CADET_Channel * channel
Cadet channel that is used for this connection.
#define GNUNET_SYSERR
Definition: gnunet_common.h:79
static struct GNUNET_STATISTICS_Handle * stats
Statistics.