GNUnet 0.22.2
gnunet-daemon-exit.c
Go to the documentation of this file.
1/*
2 This file is part of GNUnet.
3 Copyright (C) 2010-2013, 2017 Christian Grothoff
4
5 GNUnet is free software: you can redistribute it and/or modify it
6 under the terms of the GNU Affero General Public License as published
7 by the Free Software Foundation, either version 3 of the License,
8 or (at your option) any later version.
9
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Affero General Public License for more details.
14
15 You should have received a copy of the GNU Affero General Public License
16 along with this program. If not, see <http://www.gnu.org/licenses/>.
17
18 SPDX-License-Identifier: AGPL3.0-or-later
19 */
20
37#include "platform.h"
38#include "gnunet_util_lib.h"
39#include "gnunet_protocols.h"
40#include "gnunet_applications.h"
41#include "gnunet_dht_service.h"
42#include "gnunet_cadet_service.h"
43#include "gnunet_statistics_service.h"
44#include "gnunet_signatures.h"
45#include "gnunet_regex_service.h"
46#include "exit.h"
47#include "block_dns.h"
48
49
54#define REGEX_MAX_PATH_LEN_IPV4 4
55
60#define REGEX_MAX_PATH_LEN_IPV6 8
61
65#define REGEX_REFRESH_FREQUENCY GNUNET_TIME_relative_multiply ( \
66 GNUNET_TIME_UNIT_MINUTES, 30)
67
71#define DHT_PUT_FREQUENCY GNUNET_TIME_relative_multiply ( \
72 GNUNET_TIME_UNIT_MINUTES, 15)
73
77#define DNS_ADVERTISEMENT_TIMEOUT GNUNET_TIME_relative_multiply ( \
78 GNUNET_TIME_UNIT_HOURS, 3)
79
80
84#define LOG(kind, ...) \
85 GNUNET_log_from (kind, "exit", __VA_ARGS__);
86
87
91struct SocketAddress
92{
96 int af;
97
101 union
102 {
106 struct in_addr ipv4;
107
111 struct in6_addr ipv6;
112 } address;
113
117 uint8_t proto;
118
122 uint16_t port;
123};
124
125
131struct LocalService
132{
136 struct SocketAddress address;
137
141 struct GNUNET_HashCode descriptor;
142
146 char *name;
147
151 struct GNUNET_CADET_Port *port;
152
156 int16_t is_udp;
157};
158
159
165struct RedirectInformation
166{
171 struct SocketAddress remote_address;
172
178 struct SocketAddress local_address;
179
180 /*
181 Note 1: additional information might be added here in the
182 future to support protocols that require special handling,
183 such as ftp/tftp
184
185 Note 2: we might also sometimes not match on all components
186 of the tuple, to support protocols where things do not always
187 fully map.
188 */
189};
190
191
198struct ChannelState
199{
203 struct GNUNET_CADET_Channel *channel;
204
209 struct GNUNET_PeerIdentity peer;
210
216 int is_dns;
217
218 union
219 {
220 struct
221 {
225 struct GNUNET_CONTAINER_HeapNode *heap_node;
226
230 struct GNUNET_HashCode state_key;
231
235 struct LocalService *serv;
236
240 struct RedirectInformation ri;
241 } tcp_udp;
242
243 struct
244 {
249 struct GNUNET_DNSSTUB_RequestSocket *rs;
250
254 uint16_t original_id;
255
259 uint16_t my_id;
260 } dns;
261 } specifics;
262};
263
264
268static int global_ret;
269
273static struct GNUNET_REGEX_Announcement *regex4;
274
278static struct GNUNET_REGEX_Announcement *regex6;
279
283static const struct GNUNET_CONFIGURATION_Handle *cfg;
284
288static struct GNUNET_HELPER_Handle *helper_handle;
289
293static char *exit_argv[8];
294
298static struct in6_addr exit_ipv6addr;
299
303static unsigned long long ipv6prefix;
304
308static struct in_addr exit_ipv4addr;
309
313static struct in_addr exit_ipv4mask;
314
318static struct GNUNET_STATISTICS_Handle *stats;
319
323static struct GNUNET_CADET_Handle *cadet_handle;
324
329static struct GNUNET_CONTAINER_MultiHashMap *connections_map;
330
334static struct GNUNET_CONTAINER_Heap *connections_heap;
335
339static unsigned long long max_connections;
340
344static struct GNUNET_CONTAINER_MultiHashMap *services;
345
349static struct ChannelState *channels[UINT16_MAX + 1];
350
354static struct GNUNET_DNSSTUB_Context *dnsstub;
355
359static struct GNUNET_DHT_PutHandle *dht_put;
360
364static struct GNUNET_DHT_Handle *dht;
365
369static struct GNUNET_SCHEDULER_Task *dht_task;
370
375static struct GNUNET_DNS_Advertisement dns_advertisement;
376
380static struct GNUNET_HashCode dht_put_key;
381
385static struct GNUNET_CRYPTO_EddsaPrivateKey *peer_key;
386
390static struct GNUNET_CADET_Port *dns_port;
391
395static struct GNUNET_CADET_Port *cadet_port4;
396
400static struct GNUNET_CADET_Port *cadet_port6;
401
405static int ipv4_exit;
406
410static int ipv6_exit;
411
415static int ipv4_enabled;
416
420static int ipv6_enabled;
421
422
423GNUNET_NETWORK_STRUCT_BEGIN
424
428struct DnsResponseMessage
429{
433 struct GNUNET_MessageHeader header;
434
438 struct GNUNET_TUN_DnsHeader dns;
439
440 /* Followed by more DNS payload */
441};
442
443GNUNET_NETWORK_STRUCT_END
444
445
454static void
455process_dns_result (void *cls,
456 const struct GNUNET_TUN_DnsHeader *dns,
457 size_t r)
458{
459 struct ChannelState *ts;
460 struct GNUNET_MQ_Envelope *env;
461 struct DnsResponseMessage *resp;
462
463 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
464 "Processing DNS result from stub resolver\n");
465 GNUNET_assert (NULL == cls);
466 if (NULL == dns)
467 return;
468 /* Handle case that this is a reply to a request from a CADET DNS channel */
469 ts = channels[dns->id];
470 if (NULL == ts)
471 return;
472 LOG (GNUNET_ERROR_TYPE_DEBUG,
473 "Got a response from the stub resolver for DNS request received via CADET!\n");
474 channels[dns->id] = NULL;
475 env = GNUNET_MQ_msg_extra (resp,
476 r - sizeof(struct GNUNET_TUN_DnsHeader),
477 GNUNET_MESSAGE_TYPE_VPN_DNS_FROM_INTERNET);
478 GNUNET_memcpy (&resp->dns,
479 dns,
480 r);
481 resp->dns.id = ts->specifics.dns.original_id;
482 GNUNET_MQ_send (GNUNET_CADET_get_mq (ts->channel),
483 env);
484}
485
486
495static int
496check_dns_request (void *cls,
497 const struct DnsResponseMessage *msg)
498{
499 struct ChannelState *ts = cls;
500
501 if (NULL == dnsstub)
502 {
503 GNUNET_break (0);
504 return GNUNET_SYSERR;
505 }
506 if (GNUNET_NO == ts->is_dns)
507 {
508 GNUNET_break_op (0);
509 return GNUNET_SYSERR;
510 }
511 return GNUNET_OK;
512}
513
514
521static void
522handle_dns_request (void *cls,
523 const struct DnsResponseMessage *msg)
524{
525 struct ChannelState *ts = cls;
526 size_t mlen = ntohs (msg->header.size);
527 size_t dlen = mlen - sizeof(struct GNUNET_MessageHeader);
528 char buf[dlen] GNUNET_ALIGN;
529 struct GNUNET_TUN_DnsHeader *dns_out;
530
531 if (GNUNET_SYSERR == ts->is_dns)
532 {
533 /* channel is DNS from now on */
534 ts->is_dns = GNUNET_YES;
535 }
536 ts->specifics.dns.original_id = msg->dns.id;
537 if (channels[ts->specifics.dns.my_id] == ts)
538 channels[ts->specifics.dns.my_id] = NULL;
539 ts->specifics.dns.my_id = (uint16_t) GNUNET_CRYPTO_random_u32 (
540 GNUNET_CRYPTO_QUALITY_WEAK,
541 UINT16_MAX
542 + 1);
543 channels[ts->specifics.dns.my_id] = ts;
544 GNUNET_memcpy (buf,
545 &msg->dns,
546 dlen);
547 dns_out = (struct GNUNET_TUN_DnsHeader *) buf;
548 dns_out->id = ts->specifics.dns.my_id;
549 ts->specifics.dns.rs = GNUNET_DNSSTUB_resolve (dnsstub,
550 buf,
551 dlen,
552 &process_dns_result,
553 NULL);
554 if (NULL == ts->specifics.dns.rs)
555 {
556 GNUNET_break_op (0);
557 return;
558 }
559 GNUNET_CADET_receive_done (ts->channel);
560}
561
562
570static void
571hash_redirect_info (struct GNUNET_HashCode *hash,
572 const struct RedirectInformation *ri)
573{
574 char *off;
575
576 memset (hash,
577 0,
578 sizeof(struct GNUNET_HashCode));
579 /* the GNUnet hashmap only uses the first sizeof(unsigned int) of the hash,
580 so we put the IP address in there (and hope for few collisions) */
581 off = (char *) hash;
582 switch (ri->remote_address.af)
583 {
584 case AF_INET:
585 GNUNET_memcpy (off,
586 &ri->remote_address.address.ipv4,
587 sizeof(struct in_addr));
588 off += sizeof(struct in_addr);
589 break;
590
591 case AF_INET6:
592 GNUNET_memcpy (off,
593 &ri->remote_address.address.ipv6,
594 sizeof(struct in6_addr));
595 off += sizeof(struct in_addr);
596 break;
597
598 default:
599 GNUNET_assert (0);
600 }
601 GNUNET_memcpy (off,
602 &ri->remote_address.port,
603 sizeof(uint16_t));
604 off += sizeof(uint16_t);
605 switch (ri->local_address.af)
606 {
607 case AF_INET:
608 GNUNET_memcpy (off,
609 &ri->local_address.address.ipv4,
610 sizeof(struct in_addr));
611 off += sizeof(struct in_addr);
612 break;
613
614 case AF_INET6:
615 GNUNET_memcpy (off,
616 &ri->local_address.address.ipv6,
617 sizeof(struct in6_addr));
618 off += sizeof(struct in_addr);
619 break;
620
621 default:
622 GNUNET_assert (0);
623 }
624 GNUNET_memcpy (off,
625 &ri->local_address.port,
626 sizeof(uint16_t));
627 off += sizeof(uint16_t);
628 GNUNET_memcpy (off,
629 &ri->remote_address.proto,
630 sizeof(uint8_t));
631 /* off += sizeof (uint8_t); */
632}
633
634
648static struct ChannelState *
649get_redirect_state (int af,
650 int protocol,
651 const void *destination_ip,
652 uint16_t destination_port,
653 const void *local_ip,
654 uint16_t local_port,
655 struct GNUNET_HashCode *state_key)
656{
657 struct RedirectInformation ri;
658 struct GNUNET_HashCode key;
659 struct ChannelState *state;
660
661 if (((af == AF_INET) && (protocol == IPPROTO_ICMP)) ||
662 ((af == AF_INET6) && (protocol == IPPROTO_ICMPV6)))
663 {
664 /* ignore ports */
665 destination_port = 0;
666 local_port = 0;
667 }
668 ri.remote_address.af = af;
669 if (af == AF_INET)
670 ri.remote_address.address.ipv4 = *((struct in_addr*) destination_ip);
671 else
672 ri.remote_address.address.ipv6 = *((struct in6_addr*) destination_ip);
673 ri.remote_address.port = destination_port;
674 ri.remote_address.proto = protocol;
675 ri.local_address.af = af;
676 if (af == AF_INET)
677 ri.local_address.address.ipv4 = *((struct in_addr*) local_ip);
678 else
679 ri.local_address.address.ipv6 = *((struct in6_addr*) local_ip);
680 ri.local_address.port = local_port;
681 ri.local_address.proto = protocol;
682 hash_redirect_info (&key,
683 &ri);
684 if (NULL != state_key)
685 *state_key = key;
686 state = GNUNET_CONTAINER_multihashmap_get (connections_map,
687 &key);
688 if (NULL == state)
689 return NULL;
690 /* Mark this connection as freshly used */
691 if (NULL == state_key)
692 GNUNET_CONTAINER_heap_update_cost (state->specifics.tcp_udp.heap_node,
693 GNUNET_TIME_absolute_get ().abs_value_us)
694 ;
695 return state;
696}
697
698
708static int
709check_tcp_service (void *cls,
710 const struct GNUNET_EXIT_TcpServiceStartMessage *start)
711{
712 struct ChannelState *state = cls;
713
714 if (NULL == state)
715 {
716 GNUNET_break_op (0);
717 return GNUNET_SYSERR;
718 }
719 if (GNUNET_YES == state->is_dns)
720 {
721 GNUNET_break_op (0);
722 return GNUNET_SYSERR;
723 }
724 if (NULL == state->specifics.tcp_udp.serv)
725 {
726 GNUNET_break_op (0);
727 return GNUNET_SYSERR;
728 }
729 if (NULL != state->specifics.tcp_udp.heap_node)
730 {
731 GNUNET_break_op (0);
732 return GNUNET_SYSERR;
733 }
734 if (start->tcp_header.off * 4 < sizeof(struct GNUNET_TUN_TcpHeader))
735 {
736 GNUNET_break_op (0);
737 return GNUNET_SYSERR;
738 }
739 return GNUNET_OK;
740}
741
742
761static void
762prepare_ipv4_packet (const void *payload,
763 size_t payload_length,
764 int protocol,
765 const struct GNUNET_TUN_TcpHeader *tcp_header,
766 const struct SocketAddress *src_address,
767 const struct SocketAddress *dst_address,
768 struct GNUNET_TUN_IPv4Header *pkt4)
769{
770 size_t len;
771
772 len = payload_length;
773 switch (protocol)
774 {
775 case IPPROTO_UDP:
776 len += sizeof(struct GNUNET_TUN_UdpHeader);
777 break;
778
779 case IPPROTO_TCP:
780 len += sizeof(struct GNUNET_TUN_TcpHeader);
781 GNUNET_assert (NULL != tcp_header);
782 break;
783
784 default:
785 GNUNET_break (0);
786 return;
787 }
788 if (len + sizeof(struct GNUNET_TUN_IPv4Header) > UINT16_MAX)
789 {
790 GNUNET_break (0);
791 return;
792 }
793
794 GNUNET_TUN_initialize_ipv4_header (pkt4,
795 protocol,
796 len,
797 &src_address->address.ipv4,
798 &dst_address->address.ipv4);
799 switch (protocol)
800 {
801 case IPPROTO_UDP:
802 {
803 struct GNUNET_TUN_UdpHeader *pkt4_udp = (struct
804 GNUNET_TUN_UdpHeader *) &pkt4[1];
805
806 pkt4_udp->source_port = htons (src_address->port);
807 pkt4_udp->destination_port = htons (dst_address->port);
808 pkt4_udp->len = htons ((uint16_t) payload_length);
809 GNUNET_TUN_calculate_udp4_checksum (pkt4,
810 pkt4_udp,
811 payload,
812 payload_length);
813 GNUNET_memcpy (&pkt4_udp[1],
814 payload,
815 payload_length);
816 }
817 break;
818
819 case IPPROTO_TCP:
820 {
821 struct GNUNET_TUN_TcpHeader *pkt4_tcp = (struct
822 GNUNET_TUN_TcpHeader *) &pkt4[1];
823
824 *pkt4_tcp = *tcp_header;
825 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
826 "Sending TCP packet from port %u to port %u\n",
827 src_address->port,
828 dst_address->port);
829 pkt4_tcp->source_port = htons (src_address->port);
830 pkt4_tcp->destination_port = htons (dst_address->port);
831 GNUNET_TUN_calculate_tcp4_checksum (pkt4,
832 pkt4_tcp,
833 payload,
834 payload_length);
835 GNUNET_memcpy (&pkt4_tcp[1],
836 payload,
837 payload_length);
838 }
839 break;
840
841 default:
842 GNUNET_assert (0);
843 }
844}
845
846
865static void
866prepare_ipv6_packet (const void *payload,
867 size_t payload_length,
868 int protocol,
869 const struct GNUNET_TUN_TcpHeader *tcp_header,
870 const struct SocketAddress *src_address,
871 const struct SocketAddress *dst_address,
872 struct GNUNET_TUN_IPv6Header *pkt6)
873{
874 size_t len;
875
876 len = payload_length;
877 switch (protocol)
878 {
879 case IPPROTO_UDP:
880 len += sizeof(struct GNUNET_TUN_UdpHeader);
881 break;
882
883 case IPPROTO_TCP:
884 len += sizeof(struct GNUNET_TUN_TcpHeader);
885 break;
886
887 default:
888 GNUNET_break (0);
889 return;
890 }
891 if (len > UINT16_MAX)
892 {
893 GNUNET_break (0);
894 return;
895 }
896
897 GNUNET_TUN_initialize_ipv6_header (pkt6,
898 protocol,
899 len,
900 &src_address->address.ipv6,
901 &dst_address->address.ipv6);
902
903 switch (protocol)
904 {
905 case IPPROTO_UDP:
906 {
907 struct GNUNET_TUN_UdpHeader *pkt6_udp = (struct
908 GNUNET_TUN_UdpHeader *) &pkt6[1];
909
910 pkt6_udp->source_port = htons (src_address->port);
911 pkt6_udp->destination_port = htons (dst_address->port);
912 pkt6_udp->len = htons ((uint16_t) payload_length);
913 GNUNET_TUN_calculate_udp6_checksum (pkt6,
914 pkt6_udp,
915 payload,
916 payload_length);
917 GNUNET_memcpy (&pkt6_udp[1],
918 payload,
919 payload_length);
920 }
921 break;
922
923 case IPPROTO_TCP:
924 {
925 struct GNUNET_TUN_TcpHeader *pkt6_tcp = (struct
926 GNUNET_TUN_TcpHeader *) &pkt6[1];
927
928 /* GNUNET_memcpy first here as some TCP header fields are initialized this way! */
929 *pkt6_tcp = *tcp_header;
930 pkt6_tcp->source_port = htons (src_address->port);
931 pkt6_tcp->destination_port = htons (dst_address->port);
932 GNUNET_TUN_calculate_tcp6_checksum (pkt6,
933 pkt6_tcp,
934 payload,
935 payload_length);
936 GNUNET_memcpy (&pkt6_tcp[1],
937 payload,
938 payload_length);
939 }
940 break;
941
942 default:
943 GNUNET_assert (0);
944 break;
945 }
946}
947
948
958static void
959send_tcp_packet_via_tun (const struct SocketAddress *destination_address,
960 const struct SocketAddress *source_address,
961 const struct GNUNET_TUN_TcpHeader *tcp_header,
962 const void *payload,
963 size_t payload_length)
964{
965 size_t len;
966
967 GNUNET_STATISTICS_update (stats,
968 gettext_noop ("# TCP packets sent via TUN"),
969 1,
970 GNUNET_NO);
971 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
972 "Sending packet with %u bytes TCP payload via TUN\n",
973 (unsigned int) payload_length);
974 len = sizeof(struct GNUNET_MessageHeader) + sizeof(struct
975 GNUNET_TUN_Layer2PacketHeader);
976 switch (source_address->af)
977 {
978 case AF_INET:
979 len += sizeof(struct GNUNET_TUN_IPv4Header);
980 break;
981
982 case AF_INET6:
983 len += sizeof(struct GNUNET_TUN_IPv6Header);
984 break;
985
986 default:
987 GNUNET_break (0);
988 return;
989 }
990 len += sizeof(struct GNUNET_TUN_TcpHeader);
991 len += payload_length;
992 if (len >= GNUNET_MAX_MESSAGE_SIZE)
993 {
994 GNUNET_break (0);
995 return;
996 }
997 {
998 char buf[len] GNUNET_ALIGN;
999 struct GNUNET_MessageHeader *hdr;
1000 struct GNUNET_TUN_Layer2PacketHeader *tun;
1001
1002 hdr = (struct GNUNET_MessageHeader *) buf;
1003 hdr->type = htons (GNUNET_MESSAGE_TYPE_VPN_HELPER);
1004 hdr->size = htons (len);
1005 tun = (struct GNUNET_TUN_Layer2PacketHeader*) &hdr[1];
1006 tun->flags = htons (0);
1007 switch (source_address->af)
1008 {
1009 case AF_INET:
1010 {
1011 struct GNUNET_TUN_IPv4Header *ipv4
1012 = (struct GNUNET_TUN_IPv4Header*) &tun[1];
1013
1014 tun->proto = htons (ETH_P_IPV4);
1015 prepare_ipv4_packet (payload,
1016 payload_length,
1017 IPPROTO_TCP,
1018 tcp_header,
1019 source_address,
1020 destination_address,
1021 ipv4);
1022 }
1023 break;
1024
1025 case AF_INET6:
1026 {
1027 struct GNUNET_TUN_IPv6Header *ipv6
1028 = (struct GNUNET_TUN_IPv6Header*) &tun[1];
1029
1030 tun->proto = htons (ETH_P_IPV6);
1031 prepare_ipv6_packet (payload,
1032 payload_length,
1033 IPPROTO_TCP,
1034 tcp_header,
1035 source_address,
1036 destination_address,
1037 ipv6);
1038 }
1039 break;
1040
1041 default:
1042 GNUNET_assert (0);
1043 break;
1044 }
1045 if (NULL != helper_handle)
1046 (void) GNUNET_HELPER_send (helper_handle,
1047 (const struct GNUNET_MessageHeader*) buf,
1048 GNUNET_YES,
1049 NULL,
1050 NULL);
1051 }
1052}
1053
1054
1064static void
1065send_icmp_packet_via_tun (const struct SocketAddress *destination_address,
1066 const struct SocketAddress *source_address,
1067 const struct GNUNET_TUN_IcmpHeader *icmp_header,
1068 const void *payload, size_t payload_length)
1069{
1070 size_t len;
1071 struct GNUNET_TUN_IcmpHeader *icmp;
1072
1073 GNUNET_STATISTICS_update (stats,
1074 gettext_noop ("# ICMP packets sent via TUN"),
1075 1, GNUNET_NO);
1076 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1077 "Sending packet with %u bytes ICMP payload via TUN\n",
1078 (unsigned int) payload_length);
1079 len = sizeof(struct GNUNET_MessageHeader) + sizeof(struct
1080 GNUNET_TUN_Layer2PacketHeader);
1081 switch (destination_address->af)
1082 {
1083 case AF_INET:
1084 len += sizeof(struct GNUNET_TUN_IPv4Header);
1085 break;
1086
1087 case AF_INET6:
1088 len += sizeof(struct GNUNET_TUN_IPv6Header);
1089 break;
1090
1091 default:
1092 GNUNET_break (0);
1093 return;
1094 }
1095 len += sizeof(struct GNUNET_TUN_IcmpHeader);
1096 len += payload_length;
1097 if (len >= GNUNET_MAX_MESSAGE_SIZE)
1098 {
1099 GNUNET_break (0);
1100 return;
1101 }
1102 {
1103 char buf[len] GNUNET_ALIGN;
1104 struct GNUNET_MessageHeader *hdr;
1105 struct GNUNET_TUN_Layer2PacketHeader *tun;
1106
1107 hdr = (struct GNUNET_MessageHeader *) buf;
1108 hdr->type = htons (GNUNET_MESSAGE_TYPE_VPN_HELPER);
1109 hdr->size = htons (len);
1110 tun = (struct GNUNET_TUN_Layer2PacketHeader*) &hdr[1];
1111 tun->flags = htons (0);
1112 switch (source_address->af)
1113 {
1114 case AF_INET:
1115 {
1116 struct GNUNET_TUN_IPv4Header *ipv4 = (struct
1117 GNUNET_TUN_IPv4Header*) &tun[1];
1118
1119 tun->proto = htons (ETH_P_IPV4);
1120 GNUNET_TUN_initialize_ipv4_header (ipv4,
1121 IPPROTO_ICMP,
1122 sizeof(struct
1123 GNUNET_TUN_IcmpHeader)
1124 + payload_length,
1125 &source_address->address.ipv4,
1126 &destination_address->address.ipv4);
1127 icmp = (struct GNUNET_TUN_IcmpHeader*) &ipv4[1];
1128 }
1129 break;
1130
1131 case AF_INET6:
1132 {
1133 struct GNUNET_TUN_IPv6Header *ipv6 = (struct
1134 GNUNET_TUN_IPv6Header*) &tun[1];
1135
1136 tun->proto = htons (ETH_P_IPV6);
1137 GNUNET_TUN_initialize_ipv6_header (ipv6,
1138 IPPROTO_ICMPV6,
1139 sizeof(struct
1140 GNUNET_TUN_IcmpHeader)
1141 + payload_length,
1142 &source_address->address.ipv6,
1143 &destination_address->address.ipv6);
1144 icmp = (struct GNUNET_TUN_IcmpHeader*) &ipv6[1];
1145 }
1146 break;
1147
1148 default:
1149 GNUNET_assert (0);
1150 break;
1151 }
1152 *icmp = *icmp_header;
1153 GNUNET_memcpy (&icmp[1],
1154 payload,
1155 payload_length);
1156 GNUNET_TUN_calculate_icmp_checksum (icmp,
1157 payload,
1158 payload_length);
1159 if (NULL != helper_handle)
1160 (void) GNUNET_HELPER_send (helper_handle,
1161 (const struct GNUNET_MessageHeader*) buf,
1162 GNUNET_YES,
1163 NULL, NULL);
1164 }
1165}
1166
1167
1176static void
1177setup_fresh_address (int af,
1178 uint8_t proto,
1179 struct SocketAddress *local_address)
1180{
1181 local_address->af = af;
1182 local_address->proto = (uint8_t) proto;
1183 /* default "local" port range is often 32768--61000,
1184 so we pick a random value in that range */
1185 if (((af == AF_INET) && (proto == IPPROTO_ICMP)) ||
1186 ((af == AF_INET6) && (proto == IPPROTO_ICMPV6)))
1187 local_address->port = 0;
1188 else
1189 local_address->port
1190 = (uint16_t) 32768 + GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_WEAK,
1191 28232);
1192 switch (af)
1193 {
1194 case AF_INET:
1195 {
1196 struct in_addr addr;
1197 struct in_addr mask;
1198 struct in_addr rnd;
1199
1200 addr = exit_ipv4addr;
1201 mask = exit_ipv4mask;
1202 if (0 == ~mask.s_addr)
1203 {
1204 /* only one valid IP anyway */
1205 local_address->address.ipv4 = addr;
1206 return;
1207 }
1208 /* Given 192.168.0.1/255.255.0.0, we want a mask
1209 of '192.168.255.255', thus: */
1210 mask.s_addr = addr.s_addr | ~mask.s_addr;
1211 /* Pick random IPv4 address within the subnet, except 'addr' or 'mask' itself */
1212 do
1213 {
1214 rnd.s_addr = GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_WEAK,
1215 UINT32_MAX);
1216 local_address->address.ipv4.s_addr = (addr.s_addr | rnd.s_addr)
1217 & mask.s_addr;
1218 }
1219 while ((local_address->address.ipv4.s_addr == addr.s_addr) ||
1220 (local_address->address.ipv4.s_addr == mask.s_addr));
1221 }
1222 break;
1223
1224 case AF_INET6:
1225 {
1226 struct in6_addr addr;
1227 struct in6_addr mask;
1228 struct in6_addr rnd;
1229 int i;
1230
1231 addr = exit_ipv6addr;
1232 GNUNET_assert (ipv6prefix < 128);
1233 if (ipv6prefix == 127)
1234 {
1235 /* only one valid IP anyway */
1236 local_address->address.ipv6 = addr;
1237 return;
1238 }
1239 /* Given ABCD::/96, we want a mask of 'ABCD::FFFF:FFFF,
1240 thus: */
1241 mask = addr;
1242 for (i = 127; i >= ipv6prefix; i--)
1243 mask.s6_addr[i / 8] |= (1 << (i % 8));
1244
1245 /* Pick random IPv6 address within the subnet, except 'addr' or 'mask' itself */
1246 do
1247 {
1248 for (i = 0; i < 16; i++)
1249 {
1250 rnd.s6_addr[i] = (unsigned char) GNUNET_CRYPTO_random_u32 (
1251 GNUNET_CRYPTO_QUALITY_WEAK,
1252 256);
1253 local_address->address.ipv6.s6_addr[i]
1254 = (addr.s6_addr[i] | rnd.s6_addr[i]) & mask.s6_addr[i];
1255 }
1256 }
1257 while ((0 == GNUNET_memcmp (&local_address->address.ipv6,
1258 &addr)) ||
1259 (0 == GNUNET_memcmp (&local_address->address.ipv6,
1260 &mask)));
1261 }
1262 break;
1263
1264 default:
1265 GNUNET_assert (0);
1266 }
1267}
1268
1269
1291static void
1292setup_state_record (struct ChannelState *state)
1293{
1294 struct GNUNET_HashCode key;
1295 struct ChannelState *s;
1296
1297 /* generate fresh, unique address */
1298 do
1299 {
1300 if (NULL == state->specifics.tcp_udp.serv)
1301 setup_fresh_address (state->specifics.tcp_udp.ri.remote_address.af,
1302 state->specifics.tcp_udp.ri.remote_address.proto,
1303 &state->specifics.tcp_udp.ri.local_address);
1304 else
1305 setup_fresh_address (state->specifics.tcp_udp.serv->address.af,
1306 state->specifics.tcp_udp.serv->address.proto,
1307 &state->specifics.tcp_udp.ri.local_address);
1308 }
1309 while (NULL !=
1310 get_redirect_state (state->specifics.tcp_udp.ri.remote_address.af,
1311 state->specifics.tcp_udp.ri.remote_address.proto,
1312 &state->specifics.tcp_udp.ri.remote_address.address
1313 ,
1314 state->specifics.tcp_udp.ri.remote_address.port,
1315 &state->specifics.tcp_udp.ri.local_address.address,
1316 state->specifics.tcp_udp.ri.local_address.port,
1317 &key));
1318 {
1319 char buf[INET6_ADDRSTRLEN];
1320 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1321 "Picked local address %s:%u for new connection\n",
1322 inet_ntop (state->specifics.tcp_udp.ri.local_address.af,
1323 &state->specifics.tcp_udp.ri.local_address.address,
1324 buf,
1325 sizeof(buf)),
1326 (unsigned int) state->specifics.tcp_udp.ri.local_address.port);
1327 }
1328 state->specifics.tcp_udp.state_key = key;
1329 GNUNET_assert (GNUNET_OK ==
1330 GNUNET_CONTAINER_multihashmap_put (connections_map,
1331 &key, state,
1332 GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY));
1333 state->specifics.tcp_udp.heap_node
1334 = GNUNET_CONTAINER_heap_insert (connections_heap,
1335 state,
1336 GNUNET_TIME_absolute_get ().abs_value_us);
1337 while (GNUNET_CONTAINER_heap_get_size (connections_heap) > max_connections)
1338 {
1339 s = GNUNET_CONTAINER_heap_remove_root (connections_heap);
1340 GNUNET_assert (state != s);
1341 s->specifics.tcp_udp.heap_node = NULL;
1342 GNUNET_CADET_channel_destroy (s->channel);
1343 GNUNET_assert (GNUNET_OK ==
1344 GNUNET_CONTAINER_multihashmap_remove (connections_map,
1345 &s->specifics.tcp_udp.
1346 state_key,
1347 s));
1348 GNUNET_free (s);
1349 }
1350}
1351
1352
1361static void
1362send_udp_packet_via_tun (const struct SocketAddress *destination_address,
1363 const struct SocketAddress *source_address,
1364 const void *payload, size_t payload_length)
1365{
1366 size_t len;
1367
1368 GNUNET_STATISTICS_update (stats,
1369 gettext_noop ("# UDP packets sent via TUN"),
1370 1, GNUNET_NO);
1371 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1372 "Sending packet with %u bytes UDP payload via TUN\n",
1373 (unsigned int) payload_length);
1374 len = sizeof(struct GNUNET_MessageHeader) + sizeof(struct
1375 GNUNET_TUN_Layer2PacketHeader);
1376 switch (source_address->af)
1377 {
1378 case AF_INET:
1379 len += sizeof(struct GNUNET_TUN_IPv4Header);
1380 break;
1381
1382 case AF_INET6:
1383 len += sizeof(struct GNUNET_TUN_IPv6Header);
1384 break;
1385
1386 default:
1387 GNUNET_break (0);
1388 return;
1389 }
1390 len += sizeof(struct GNUNET_TUN_UdpHeader);
1391 len += payload_length;
1392 if (len >= GNUNET_MAX_MESSAGE_SIZE)
1393 {
1394 GNUNET_break (0);
1395 return;
1396 }
1397 {
1398 char buf[len] GNUNET_ALIGN;
1399 struct GNUNET_MessageHeader *hdr;
1400 struct GNUNET_TUN_Layer2PacketHeader *tun;
1401
1402 hdr = (struct GNUNET_MessageHeader *) buf;
1403 hdr->type = htons (GNUNET_MESSAGE_TYPE_VPN_HELPER);
1404 hdr->size = htons (len);
1405 tun = (struct GNUNET_TUN_Layer2PacketHeader*) &hdr[1];
1406 tun->flags = htons (0);
1407 switch (source_address->af)
1408 {
1409 case AF_INET:
1410 {
1411 struct GNUNET_TUN_IPv4Header *ipv4 = (struct
1412 GNUNET_TUN_IPv4Header*) &tun[1];
1413
1414 tun->proto = htons (ETH_P_IPV4);
1415 prepare_ipv4_packet (payload,
1416 payload_length,
1417 IPPROTO_UDP,
1418 NULL,
1419 source_address,
1420 destination_address,
1421 ipv4);
1422 }
1423 break;
1424
1425 case AF_INET6:
1426 {
1427 struct GNUNET_TUN_IPv6Header *ipv6 = (struct
1428 GNUNET_TUN_IPv6Header*) &tun[1];
1429
1430 tun->proto = htons (ETH_P_IPV6);
1431 prepare_ipv6_packet (payload,
1432 payload_length,
1433 IPPROTO_UDP,
1434 NULL,
1435 source_address,
1436 destination_address,
1437 ipv6);
1438 }
1439 break;
1440
1441 default:
1442 GNUNET_assert (0);
1443 break;
1444 }
1445 if (NULL != helper_handle)
1446 (void) GNUNET_HELPER_send (helper_handle,
1447 (const struct GNUNET_MessageHeader*) buf,
1448 GNUNET_YES,
1449 NULL, NULL);
1450 }
1451}
1452
1453
1462static int
1463check_udp_remote (void *cls,
1464 const struct GNUNET_EXIT_UdpInternetMessage *msg)
1465{
1466 struct ChannelState *state = cls;
1467
1468 if (GNUNET_YES == state->is_dns)
1469 {
1470 GNUNET_break_op (0);
1471 return GNUNET_SYSERR;
1472 }
1473 return GNUNET_OK;
1474}
1475
1476
1483static void
1484handle_udp_remote (void *cls,
1485 const struct GNUNET_EXIT_UdpInternetMessage *msg)
1486{
1487 struct ChannelState *state = cls;
1488 uint16_t pkt_len = ntohs (msg->header.size) - sizeof(struct
1489 GNUNET_EXIT_UdpInternetMessage);
1490 const struct in_addr *v4;
1491 const struct in6_addr *v6;
1492 const void *payload;
1493 int af;
1494
1495 if (GNUNET_SYSERR == state->is_dns)
1496 {
1497 /* channel is UDP/TCP from now on */
1498 state->is_dns = GNUNET_NO;
1499 }
1500 GNUNET_STATISTICS_update (stats,
1501 gettext_noop ("# Bytes received from CADET"),
1502 pkt_len, GNUNET_NO);
1503 GNUNET_STATISTICS_update (stats,
1504 gettext_noop (
1505 "# UDP IP-exit requests received via cadet"),
1506 1, GNUNET_NO);
1507 af = (int) ntohl (msg->af);
1508 state->specifics.tcp_udp.ri.remote_address.af = af;
1509 switch (af)
1510 {
1511 case AF_INET:
1512 if (pkt_len < sizeof(struct in_addr))
1513 {
1514 GNUNET_break_op (0);
1515 return;
1516 }
1517 if (! ipv4_exit)
1518 {
1519 GNUNET_break_op (0);
1520 return;
1521 }
1522 v4 = (const struct in_addr*) &msg[1];
1523 payload = &v4[1];
1524 pkt_len -= sizeof(struct in_addr);
1525 state->specifics.tcp_udp.ri.remote_address.address.ipv4 = *v4;
1526 break;
1527
1528 case AF_INET6:
1529 if (pkt_len < sizeof(struct in6_addr))
1530 {
1531 GNUNET_break_op (0);
1532 return;
1533 }
1534 if (! ipv6_exit)
1535 {
1536 GNUNET_break_op (0);
1537 return;
1538 }
1539 v6 = (const struct in6_addr*) &msg[1];
1540 payload = &v6[1];
1541 pkt_len -= sizeof(struct in6_addr);
1542 state->specifics.tcp_udp.ri.remote_address.address.ipv6 = *v6;
1543 break;
1544
1545 default:
1546 GNUNET_break_op (0);
1547 return;
1548 }
1549 {
1550 char buf[INET6_ADDRSTRLEN];
1551 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1552 "Received data from %s for forwarding to UDP %s:%u\n",
1553 GNUNET_i2s (&state->peer),
1554 inet_ntop (af,
1555 &state->specifics.tcp_udp.ri.remote_address.address,
1556 buf, sizeof(buf)),
1557 (unsigned int) ntohs (msg->destination_port));
1558 }
1559 state->specifics.tcp_udp.ri.remote_address.proto = IPPROTO_UDP;
1560 state->specifics.tcp_udp.ri.remote_address.port = msg->destination_port;
1561 if (NULL == state->specifics.tcp_udp.heap_node)
1562 setup_state_record (state);
1563 if (0 != ntohs (msg->source_port))
1564 state->specifics.tcp_udp.ri.local_address.port = msg->source_port;
1565 send_udp_packet_via_tun (&state->specifics.tcp_udp.ri.remote_address,
1566 &state->specifics.tcp_udp.ri.local_address,
1567 payload,
1568 pkt_len);
1569 GNUNET_CADET_receive_done (state->channel);
1570}
1571
1572
1582static int
1583check_udp_service (void *cls,
1584 const struct GNUNET_EXIT_UdpServiceMessage *msg)
1585{
1586 struct ChannelState *state = cls;
1587
1588 if (NULL == state->specifics.tcp_udp.serv)
1589 {
1590 GNUNET_break_op (0);
1591 return GNUNET_SYSERR;
1592 }
1593 return GNUNET_OK;
1594}
1595
1596
1604static void
1605handle_udp_service (void *cls,
1606 const struct GNUNET_EXIT_UdpServiceMessage *msg)
1607{
1608 struct ChannelState *state = cls;
1609 uint16_t pkt_len = ntohs (msg->header.size) - sizeof(struct
1610 GNUNET_EXIT_UdpServiceMessage);
1611
1612 GNUNET_STATISTICS_update (stats,
1613 gettext_noop ("# Bytes received from CADET"),
1614 pkt_len, GNUNET_NO);
1615 GNUNET_STATISTICS_update (stats,
1616 gettext_noop (
1617 "# UDP service requests received via cadet"),
1618 1, GNUNET_NO);
1619 LOG (GNUNET_ERROR_TYPE_DEBUG,
1620 "Received data from %s for forwarding to UDP service %s on port %u\n",
1621 GNUNET_i2s (&state->peer),
1622 GNUNET_h2s (&state->specifics.tcp_udp.serv->descriptor),
1623 (unsigned int) ntohs (msg->destination_port));
1624 setup_state_record (state);
1625 if (0 != ntohs (msg->source_port))
1626 state->specifics.tcp_udp.ri.local_address.port = msg->source_port;
1627 send_udp_packet_via_tun (&state->specifics.tcp_udp.ri.remote_address,
1628 &state->specifics.tcp_udp.ri.local_address,
1629 &msg[1],
1630 pkt_len);
1631 GNUNET_CADET_receive_done (state->channel);
1632}
1633
1634
1644static void
1645handle_tcp_service (void *cls,
1646 const struct GNUNET_EXIT_TcpServiceStartMessage *start)
1647{
1648 struct ChannelState *state = cls;
1649 uint16_t pkt_len = ntohs (start->header.size) - sizeof(struct
1650 GNUNET_EXIT_TcpServiceStartMessage);
1651
1652 if (GNUNET_SYSERR == state->is_dns)
1653 {
1654 /* channel is UDP/TCP from now on */
1655 state->is_dns = GNUNET_NO;
1656 }
1657 GNUNET_STATISTICS_update (stats,
1658 gettext_noop (
1659 "# TCP service creation requests received via cadet"),
1660 1,
1661 GNUNET_NO);
1662 GNUNET_STATISTICS_update (stats,
1663 gettext_noop ("# Bytes received from CADET"),
1664 pkt_len,
1665 GNUNET_NO);
1666 GNUNET_break_op (ntohl (start->reserved) == 0);
1667 /* setup fresh connection */
1668 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1669 "Received data from %s for forwarding to TCP service %s on port %u\n",
1670 GNUNET_i2s (&state->peer),
1671 GNUNET_h2s (&state->specifics.tcp_udp.serv->descriptor),
1672 (unsigned int) ntohs (start->tcp_header.destination_port));
1673 setup_state_record (state);
1674 send_tcp_packet_via_tun (&state->specifics.tcp_udp.ri.remote_address,
1675 &state->specifics.tcp_udp.ri.local_address,
1676 &start->tcp_header,
1677 &start[1],
1678 pkt_len);
1679 GNUNET_CADET_receive_done (state->channel);
1680}
1681
1682
1691static int
1692check_tcp_remote (void *cls,
1693 const struct GNUNET_EXIT_TcpInternetStartMessage *start)
1694{
1695 struct ChannelState *state = cls;
1696
1697 if (NULL == state)
1698 {
1699 GNUNET_break_op (0);
1700 return GNUNET_SYSERR;
1701 }
1702 if (GNUNET_YES == state->is_dns)
1703 {
1704 GNUNET_break_op (0);
1705 return GNUNET_SYSERR;
1706 }
1707 if ((NULL != state->specifics.tcp_udp.serv) ||
1708 (NULL != state->specifics.tcp_udp.heap_node))
1709 {
1710 GNUNET_break_op (0);
1711 return GNUNET_SYSERR;
1712 }
1713 if (start->tcp_header.off * 4 < sizeof(struct GNUNET_TUN_TcpHeader))
1714 {
1715 GNUNET_break_op (0);
1716 return GNUNET_SYSERR;
1717 }
1718 return GNUNET_OK;
1719}
1720
1721
1728static void
1729handle_tcp_remote (void *cls,
1730 const struct GNUNET_EXIT_TcpInternetStartMessage *start)
1731{
1732 struct ChannelState *state = cls;
1733 uint16_t pkt_len = ntohs (start->header.size) - sizeof(struct
1734 GNUNET_EXIT_TcpInternetStartMessage);
1735 const struct in_addr *v4;
1736 const struct in6_addr *v6;
1737 const void *payload;
1738 int af;
1739
1740 if (GNUNET_SYSERR == state->is_dns)
1741 {
1742 /* channel is UDP/TCP from now on */
1743 state->is_dns = GNUNET_NO;
1744 }
1745 GNUNET_STATISTICS_update (stats,
1746 gettext_noop ("# Bytes received from CADET"),
1747 pkt_len, GNUNET_NO);
1748 GNUNET_STATISTICS_update (stats,
1749 gettext_noop (
1750 "# TCP IP-exit creation requests received via cadet"),
1751 1, GNUNET_NO);
1752 af = (int) ntohl (start->af);
1753 state->specifics.tcp_udp.ri.remote_address.af = af;
1754 switch (af)
1755 {
1756 case AF_INET:
1757 if (pkt_len < sizeof(struct in_addr))
1758 {
1759 GNUNET_break_op (0);
1760 return;
1761 }
1762 if (! ipv4_exit)
1763 {
1764 GNUNET_break_op (0);
1765 return;
1766 }
1767 v4 = (const struct in_addr*) &start[1];
1768 payload = &v4[1];
1769 pkt_len -= sizeof(struct in_addr);
1770 state->specifics.tcp_udp.ri.remote_address.address.ipv4 = *v4;
1771 break;
1772
1773 case AF_INET6:
1774 if (pkt_len < sizeof(struct in6_addr))
1775 {
1776 GNUNET_break_op (0);
1777 return;
1778 }
1779 if (! ipv6_exit)
1780 {
1781 GNUNET_break_op (0);
1782 return;
1783 }
1784 v6 = (const struct in6_addr*) &start[1];
1785 payload = &v6[1];
1786 pkt_len -= sizeof(struct in6_addr);
1787 state->specifics.tcp_udp.ri.remote_address.address.ipv6 = *v6;
1788 break;
1789
1790 default:
1791 GNUNET_break_op (0);
1792 return;
1793 }
1794 {
1795 char buf[INET6_ADDRSTRLEN];
1796 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1797 "Received payload from %s for existing TCP stream to %s:%u\n",
1798 GNUNET_i2s (&state->peer),
1799 inet_ntop (af,
1800 &state->specifics.tcp_udp.ri.remote_address.address,
1801 buf, sizeof(buf)),
1802 (unsigned int) ntohs (start->tcp_header.destination_port));
1803 }
1804 state->specifics.tcp_udp.ri.remote_address.proto = IPPROTO_TCP;
1805 state->specifics.tcp_udp.ri.remote_address.port = ntohs (
1806 start->tcp_header.destination_port);
1807 setup_state_record (state);
1808 send_tcp_packet_via_tun (&state->specifics.tcp_udp.ri.remote_address,
1809 &state->specifics.tcp_udp.ri.local_address,
1810 &start->tcp_header,
1811 payload,
1812 pkt_len);
1813 GNUNET_CADET_receive_done (state->channel);
1814}
1815
1816
1826static int
1827check_tcp_data (void *cls,
1828 const struct GNUNET_EXIT_TcpDataMessage *data)
1829{
1830 struct ChannelState *state = cls;
1831
1832 if ((NULL == state) ||
1833 (NULL == state->specifics.tcp_udp.heap_node))
1834 {
1835 /* connection should have been up! */
1836 GNUNET_STATISTICS_update (stats,
1837 gettext_noop (
1838 "# TCP DATA requests dropped (no session)"),
1839 1, GNUNET_NO);
1840 GNUNET_break_op (0);
1841 return GNUNET_SYSERR;
1842 }
1843 if (data->tcp_header.off * 4 < sizeof(struct GNUNET_TUN_TcpHeader))
1844 {
1845 GNUNET_break_op (0);
1846 return GNUNET_SYSERR;
1847 }
1848 if (GNUNET_YES == state->is_dns)
1849 {
1850 GNUNET_break_op (0);
1851 return GNUNET_SYSERR;
1852 }
1853 return GNUNET_OK;
1854}
1855
1856
1864static void
1865handle_tcp_data (void *cls,
1866 const struct GNUNET_EXIT_TcpDataMessage *data)
1867{
1868 struct ChannelState *state = cls;
1869 uint16_t pkt_len = ntohs (data->header.size) - sizeof(struct
1870 GNUNET_EXIT_TcpDataMessage);
1871
1872 GNUNET_STATISTICS_update (stats,
1873 gettext_noop ("# Bytes received from CADET"),
1874 pkt_len, GNUNET_NO);
1875 GNUNET_STATISTICS_update (stats,
1876 gettext_noop (
1877 "# TCP data requests received via cadet"),
1878 1, GNUNET_NO);
1879 if (GNUNET_SYSERR == state->is_dns)
1880 {
1881 /* channel is UDP/TCP from now on */
1882 state->is_dns = GNUNET_NO;
1883 }
1884
1885 GNUNET_break_op (ntohl (data->reserved) == 0);
1886 {
1887 char buf[INET6_ADDRSTRLEN];
1888 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1889 "Received additional %u bytes of data from %s for TCP stream to %s:%u\n",
1890 pkt_len,
1891 GNUNET_i2s (&state->peer),
1892 inet_ntop (state->specifics.tcp_udp.ri.remote_address.af,
1893 &state->specifics.tcp_udp.ri.remote_address.address,
1894 buf, sizeof(buf)),
1895 (unsigned int) state->specifics.tcp_udp.ri.remote_address.port);
1896 }
1897
1898 send_tcp_packet_via_tun (&state->specifics.tcp_udp.ri.remote_address,
1899 &state->specifics.tcp_udp.ri.local_address,
1900 &data->tcp_header,
1901 &data[1], pkt_len);
1902 GNUNET_CADET_receive_done (state->channel);
1903}
1904
1905
1915static void
1916make_up_icmpv4_payload (struct ChannelState *state,
1917 struct GNUNET_TUN_IPv4Header *ipp,
1918 struct GNUNET_TUN_UdpHeader *udp)
1919{
1920 GNUNET_TUN_initialize_ipv4_header (ipp,
1921 state->specifics.tcp_udp.ri.remote_address.
1922 proto,
1923 sizeof(struct GNUNET_TUN_TcpHeader),
1924 &state->specifics.tcp_udp.ri.remote_address
1925 .address.ipv4,
1926 &state->specifics.tcp_udp.ri.local_address.
1927 address.ipv4);
1928 udp->source_port = htons (state->specifics.tcp_udp.ri.remote_address.port);
1929 udp->destination_port = htons (
1930 state->specifics.tcp_udp.ri.local_address.port);
1931 udp->len = htons (0);
1932 udp->crc = htons (0);
1933}
1934
1935
1945static void
1946make_up_icmpv6_payload (struct ChannelState *state,
1947 struct GNUNET_TUN_IPv6Header *ipp,
1948 struct GNUNET_TUN_UdpHeader *udp)
1949{
1950 GNUNET_TUN_initialize_ipv6_header (ipp,
1951 state->specifics.tcp_udp.ri.remote_address.
1952 proto,
1953 sizeof(struct GNUNET_TUN_TcpHeader),
1954 &state->specifics.tcp_udp.ri.remote_address
1955 .address.ipv6,
1956 &state->specifics.tcp_udp.ri.local_address.
1957 address.ipv6);
1958 udp->source_port = htons (state->specifics.tcp_udp.ri.remote_address.port);
1959 udp->destination_port = htons (
1960 state->specifics.tcp_udp.ri.local_address.port);
1961 udp->len = htons (0);
1962 udp->crc = htons (0);
1963}
1964
1965
1974static int
1975check_icmp_remote (void *cls,
1976 const struct GNUNET_EXIT_IcmpInternetMessage *msg)
1977{
1978 struct ChannelState *state = cls;
1979
1980 if (GNUNET_YES == state->is_dns)
1981 {
1982 GNUNET_break_op (0);
1983 return GNUNET_SYSERR;
1984 }
1985 return GNUNET_OK;
1986}
1987
1988
1995static void
1996handle_icmp_remote (void *cls,
1997 const struct GNUNET_EXIT_IcmpInternetMessage *msg)
1998{
1999 struct ChannelState *state = cls;
2000 uint16_t pkt_len = ntohs (msg->header.size) - sizeof(struct
2001 GNUNET_EXIT_IcmpInternetMessage);
2002 const struct in_addr *v4;
2003 const struct in6_addr *v6;
2004 const void *payload;
2005 char buf[sizeof(struct GNUNET_TUN_IPv6Header) + 8] GNUNET_ALIGN;
2006 int af;
2007
2008 if (GNUNET_SYSERR == state->is_dns)
2009 {
2010 /* channel is UDP/TCP from now on */
2011 state->is_dns = GNUNET_NO;
2012 }
2013 GNUNET_STATISTICS_update (stats,
2014 gettext_noop ("# Bytes received from CADET"),
2015 pkt_len, GNUNET_NO);
2016 GNUNET_STATISTICS_update (stats,
2017 gettext_noop (
2018 "# ICMP IP-exit requests received via cadet"),
2019 1, GNUNET_NO);
2020
2021 af = (int) ntohl (msg->af);
2022 if ((NULL != state->specifics.tcp_udp.heap_node) &&
2023 (af != state->specifics.tcp_udp.ri.remote_address.af))
2024 {
2025 /* other peer switched AF on this channel; not allowed */
2026 GNUNET_break_op (0);
2027 return;
2028 }
2029
2030 switch (af)
2031 {
2032 case AF_INET:
2033 if (pkt_len < sizeof(struct in_addr))
2034 {
2035 GNUNET_break_op (0);
2036 return;
2037 }
2038 if (! ipv4_exit)
2039 {
2040 GNUNET_break_op (0);
2041 return;
2042 }
2043 v4 = (const struct in_addr*) &msg[1];
2044 payload = &v4[1];
2045 pkt_len -= sizeof(struct in_addr);
2046 state->specifics.tcp_udp.ri.remote_address.address.ipv4 = *v4;
2047 if (NULL == state->specifics.tcp_udp.heap_node)
2048 {
2049 state->specifics.tcp_udp.ri.remote_address.af = af;
2050 state->specifics.tcp_udp.ri.remote_address.proto = IPPROTO_ICMP;
2051 setup_state_record (state);
2052 }
2053 /* check that ICMP type is something we want to support
2054 and possibly make up payload! */
2055 switch (msg->icmp_header.type)
2056 {
2057 case GNUNET_TUN_ICMPTYPE_ECHO_REPLY:
2058 case GNUNET_TUN_ICMPTYPE_ECHO_REQUEST:
2059 break;
2060
2061 case GNUNET_TUN_ICMPTYPE_DESTINATION_UNREACHABLE:
2062 case GNUNET_TUN_ICMPTYPE_SOURCE_QUENCH:
2063 case GNUNET_TUN_ICMPTYPE_TIME_EXCEEDED:
2064 if (0 != pkt_len)
2065 {
2066 GNUNET_break_op (0);
2067 return;
2068 }
2069 /* make up payload */
2070 {
2071 struct GNUNET_TUN_IPv4Header *ipp = (struct
2072 GNUNET_TUN_IPv4Header *) buf;
2073 struct GNUNET_TUN_UdpHeader *udp = (struct
2074 GNUNET_TUN_UdpHeader *) &ipp[1];
2075
2076 GNUNET_assert (8 == sizeof(struct GNUNET_TUN_UdpHeader));
2077 pkt_len = sizeof(struct GNUNET_TUN_IPv4Header) + 8;
2078 make_up_icmpv4_payload (state,
2079 ipp,
2080 udp);
2081 payload = ipp;
2082 }
2083 break;
2084
2085 default:
2086 GNUNET_break_op (0);
2087 GNUNET_STATISTICS_update (stats,
2088 gettext_noop (
2089 "# ICMPv4 packets dropped (type not allowed)")
2090 ,
2091 1, GNUNET_NO);
2092 return;
2093 }
2094 /* end AF_INET */
2095 break;
2096
2097 case AF_INET6:
2098 if (pkt_len < sizeof(struct in6_addr))
2099 {
2100 GNUNET_break_op (0);
2101 return;
2102 }
2103 if (! ipv6_exit)
2104 {
2105 GNUNET_break_op (0);
2106 return;
2107 }
2108 v6 = (const struct in6_addr*) &msg[1];
2109 payload = &v6[1];
2110 pkt_len -= sizeof(struct in6_addr);
2111 state->specifics.tcp_udp.ri.remote_address.address.ipv6 = *v6;
2112 if (NULL == state->specifics.tcp_udp.heap_node)
2113 {
2114 state->specifics.tcp_udp.ri.remote_address.af = af;
2115 state->specifics.tcp_udp.ri.remote_address.proto = IPPROTO_ICMPV6;
2116 setup_state_record (state);
2117 }
2118 /* check that ICMP type is something we want to support
2119 and possibly make up payload! */
2120 switch (msg->icmp_header.type)
2121 {
2122 case GNUNET_TUN_ICMPTYPE6_ECHO_REPLY:
2123 case GNUNET_TUN_ICMPTYPE6_ECHO_REQUEST:
2124 break;
2125
2126 case GNUNET_TUN_ICMPTYPE6_DESTINATION_UNREACHABLE:
2127 case GNUNET_TUN_ICMPTYPE6_PACKET_TOO_BIG:
2128 case GNUNET_TUN_ICMPTYPE6_TIME_EXCEEDED:
2129 case GNUNET_TUN_ICMPTYPE6_PARAMETER_PROBLEM:
2130 if (0 != pkt_len)
2131 {
2132 GNUNET_break_op (0);
2133 return;
2134 }
2135 /* make up payload */
2136 {
2137 struct GNUNET_TUN_IPv6Header *ipp = (struct
2138 GNUNET_TUN_IPv6Header *) buf;
2139 struct GNUNET_TUN_UdpHeader *udp = (struct
2140 GNUNET_TUN_UdpHeader *) &ipp[1];
2141
2142 GNUNET_assert (8 == sizeof(struct GNUNET_TUN_UdpHeader));
2143 pkt_len = sizeof(struct GNUNET_TUN_IPv6Header) + 8;
2144 make_up_icmpv6_payload (state,
2145 ipp,
2146 udp);
2147 payload = ipp;
2148 }
2149 break;
2150
2151 default:
2152 GNUNET_break_op (0);
2153 GNUNET_STATISTICS_update (stats,
2154 gettext_noop (
2155 "# ICMPv6 packets dropped (type not allowed)")
2156 ,
2157 1, GNUNET_NO);
2158 return;
2159 }
2160 /* end AF_INET6 */
2161 break;
2162
2163 default:
2164 /* bad AF */
2165 GNUNET_break_op (0);
2166 return;
2167 }
2168
2169 {
2170 char buf_tmp[INET6_ADDRSTRLEN];
2171 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2172 "Received ICMP data from %s for forwarding to %s\n",
2173 GNUNET_i2s (&state->peer),
2174 inet_ntop (af,
2175 &state->specifics.tcp_udp.ri.remote_address.address,
2176 buf_tmp, sizeof(buf_tmp)));
2177 }
2178 send_icmp_packet_via_tun (&state->specifics.tcp_udp.ri.remote_address,
2179 &state->specifics.tcp_udp.ri.local_address,
2180 &msg->icmp_header,
2181 payload, pkt_len);
2182 GNUNET_CADET_receive_done (state->channel);
2183}
2184
2185
2195static uint16_t
2196make_up_icmp_service_payload (struct ChannelState *state,
2197 char *buf)
2198{
2199 switch (state->specifics.tcp_udp.serv->address.af)
2200 {
2201 case AF_INET:
2202 {
2203 struct GNUNET_TUN_IPv4Header *ipv4;
2204 struct GNUNET_TUN_UdpHeader *udp;
2205
2206 ipv4 = (struct GNUNET_TUN_IPv4Header *) buf;
2207 udp = (struct GNUNET_TUN_UdpHeader *) &ipv4[1];
2208 make_up_icmpv4_payload (state,
2209 ipv4,
2210 udp);
2211 GNUNET_assert (8 == sizeof(struct GNUNET_TUN_UdpHeader));
2212 return sizeof(struct GNUNET_TUN_IPv4Header) + 8;
2213 }
2214 break;
2215
2216 case AF_INET6:
2217 {
2218 struct GNUNET_TUN_IPv6Header *ipv6;
2219 struct GNUNET_TUN_UdpHeader *udp;
2220
2221 ipv6 = (struct GNUNET_TUN_IPv6Header *) buf;
2222 udp = (struct GNUNET_TUN_UdpHeader *) &ipv6[1];
2223 make_up_icmpv6_payload (state,
2224 ipv6,
2225 udp);
2226 GNUNET_assert (8 == sizeof(struct GNUNET_TUN_UdpHeader));
2227 return sizeof(struct GNUNET_TUN_IPv6Header) + 8;
2228 }
2229 break;
2230
2231 default:
2232 GNUNET_break (0);
2233 }
2234 return 0;
2235}
2236
2237
2247static int
2248check_icmp_service (void *cls,
2249 const struct GNUNET_EXIT_IcmpServiceMessage *msg)
2250{
2251 struct ChannelState *state = cls;
2252
2253 if (GNUNET_YES == state->is_dns)
2254 {
2255 GNUNET_break_op (0);
2256 return GNUNET_SYSERR;
2257 }
2258 if (NULL == state->specifics.tcp_udp.serv)
2259 {
2260 GNUNET_break_op (0);
2261 return GNUNET_SYSERR;
2262 }
2263 return GNUNET_OK;
2264}
2265
2266
2274static void
2275handle_icmp_service (void *cls,
2276 const struct GNUNET_EXIT_IcmpServiceMessage *msg)
2277{
2278 struct ChannelState *state = cls;
2279 uint16_t pkt_len = ntohs (msg->header.size) - sizeof(struct
2280 GNUNET_EXIT_IcmpServiceMessage);
2281 struct GNUNET_TUN_IcmpHeader icmp;
2282 char buf[sizeof(struct GNUNET_TUN_IPv6Header) + 8] GNUNET_ALIGN;
2283 const void *payload;
2284
2285 GNUNET_STATISTICS_update (stats,
2286 gettext_noop ("# Bytes received from CADET"),
2287 pkt_len, GNUNET_NO);
2288 GNUNET_STATISTICS_update (stats,
2289 gettext_noop (
2290 "# ICMP service requests received via cadet"),
2291 1, GNUNET_NO);
2292 /* check that we got at least a valid header */
2293 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2294 "Received data from %s for forwarding to ICMP service %s\n",
2295 GNUNET_i2s (&state->peer),
2296 GNUNET_h2s (&state->specifics.tcp_udp.serv->descriptor));
2297 icmp = msg->icmp_header;
2298 payload = &msg[1];
2299 state->specifics.tcp_udp.ri.remote_address
2300 = state->specifics.tcp_udp.serv->address;
2301 setup_state_record (state);
2302
2303 /* check that ICMP type is something we want to support,
2304 perform ICMP PT if needed and possibly make up payload */
2305 switch (msg->af)
2306 {
2307 case AF_INET:
2308 switch (msg->icmp_header.type)
2309 {
2310 case GNUNET_TUN_ICMPTYPE_ECHO_REPLY:
2311 if (state->specifics.tcp_udp.serv->address.af == AF_INET6)
2312 icmp.type = GNUNET_TUN_ICMPTYPE6_ECHO_REPLY;
2313 break;
2314
2315 case GNUNET_TUN_ICMPTYPE_ECHO_REQUEST:
2316 if (state->specifics.tcp_udp.serv->address.af == AF_INET6)
2317 icmp.type = GNUNET_TUN_ICMPTYPE6_ECHO_REQUEST;
2318 break;
2319
2320 case GNUNET_TUN_ICMPTYPE_DESTINATION_UNREACHABLE:
2321 if (state->specifics.tcp_udp.serv->address.af == AF_INET6)
2322 icmp.type = GNUNET_TUN_ICMPTYPE6_DESTINATION_UNREACHABLE;
2323 if (0 != pkt_len)
2324 {
2325 GNUNET_break_op (0);
2326 return;
2327 }
2328 payload = buf;
2329 pkt_len = make_up_icmp_service_payload (state, buf);
2330 break;
2331
2332 case GNUNET_TUN_ICMPTYPE_TIME_EXCEEDED:
2333 if (state->specifics.tcp_udp.serv->address.af == AF_INET6)
2334 icmp.type = GNUNET_TUN_ICMPTYPE6_TIME_EXCEEDED;
2335 if (0 != pkt_len)
2336 {
2337 GNUNET_break_op (0);
2338 return;
2339 }
2340 payload = buf;
2341 pkt_len = make_up_icmp_service_payload (state, buf);
2342 break;
2343
2344 case GNUNET_TUN_ICMPTYPE_SOURCE_QUENCH:
2345 if (state->specifics.tcp_udp.serv->address.af == AF_INET6)
2346 {
2347 GNUNET_STATISTICS_update (stats,
2348 gettext_noop (
2349 "# ICMPv4 packets dropped (impossible PT to v6)"),
2350 1, GNUNET_NO);
2351 return;
2352 }
2353 if (0 != pkt_len)
2354 {
2355 GNUNET_break_op (0);
2356 return;
2357 }
2358 payload = buf;
2359 pkt_len = make_up_icmp_service_payload (state, buf);
2360 break;
2361
2362 default:
2363 GNUNET_break_op (0);
2364 GNUNET_STATISTICS_update (stats,
2365 gettext_noop (
2366 "# ICMPv4 packets dropped (type not allowed)")
2367 ,
2368 1, GNUNET_NO);
2369 return;
2370 }
2371 /* end of AF_INET */
2372 break;
2373
2374 case AF_INET6:
2375 switch (msg->icmp_header.type)
2376 {
2377 case GNUNET_TUN_ICMPTYPE6_ECHO_REPLY:
2378 if (state->specifics.tcp_udp.serv->address.af == AF_INET)
2379 icmp.type = GNUNET_TUN_ICMPTYPE_ECHO_REPLY;
2380 break;
2381
2382 case GNUNET_TUN_ICMPTYPE6_ECHO_REQUEST:
2383 if (state->specifics.tcp_udp.serv->address.af == AF_INET)
2384 icmp.type = GNUNET_TUN_ICMPTYPE_ECHO_REQUEST;
2385 break;
2386
2387 case GNUNET_TUN_ICMPTYPE6_DESTINATION_UNREACHABLE:
2388 if (state->specifics.tcp_udp.serv->address.af == AF_INET)
2389 icmp.type = GNUNET_TUN_ICMPTYPE_DESTINATION_UNREACHABLE;
2390 if (0 != pkt_len)
2391 {
2392 GNUNET_break_op (0);
2393 return;
2394 }
2395 payload = buf;
2396 pkt_len = make_up_icmp_service_payload (state, buf);
2397 break;
2398
2399 case GNUNET_TUN_ICMPTYPE6_TIME_EXCEEDED:
2400 if (state->specifics.tcp_udp.serv->address.af == AF_INET)
2401 icmp.type = GNUNET_TUN_ICMPTYPE_TIME_EXCEEDED;
2402 if (0 != pkt_len)
2403 {
2404 GNUNET_break_op (0);
2405 return;
2406 }
2407 payload = buf;
2408 pkt_len = make_up_icmp_service_payload (state, buf);
2409 break;
2410
2411 case GNUNET_TUN_ICMPTYPE6_PACKET_TOO_BIG:
2412 case GNUNET_TUN_ICMPTYPE6_PARAMETER_PROBLEM:
2413 if (state->specifics.tcp_udp.serv->address.af == AF_INET)
2414 {
2415 GNUNET_STATISTICS_update (stats,
2416 gettext_noop (
2417 "# ICMPv6 packets dropped (impossible PT to v4)"),
2418 1, GNUNET_NO);
2419 return;
2420 }
2421 if (0 != pkt_len)
2422 {
2423 GNUNET_break_op (0);
2424 return;
2425 }
2426 payload = buf;
2427 pkt_len = make_up_icmp_service_payload (state, buf);
2428 break;
2429
2430 default:
2431 GNUNET_break_op (0);
2432 GNUNET_STATISTICS_update (stats,
2433 gettext_noop (
2434 "# ICMPv6 packets dropped (type not allowed)")
2435 ,
2436 1, GNUNET_NO);
2437 return;
2438 }
2439 /* end of AF_INET6 */
2440 break;
2441
2442 default:
2443 GNUNET_break_op (0);
2444 return;
2445 }
2446
2447 send_icmp_packet_via_tun (&state->specifics.tcp_udp.ri.remote_address,
2448 &state->specifics.tcp_udp.ri.local_address,
2449 &icmp,
2450 payload,
2451 pkt_len);
2452 GNUNET_CADET_receive_done (state->channel);
2453}
2454
2455
2464static int
2465free_service_record (void *cls,
2466 const struct GNUNET_HashCode *key,
2467 void *value)
2468{
2469 struct LocalService *service = value;
2470
2471 GNUNET_assert (GNUNET_YES ==
2472 GNUNET_CONTAINER_multihashmap_remove (services,
2473 key,
2474 service));
2475 GNUNET_CADET_close_port (service->port);
2476 GNUNET_free (service->name);
2477 GNUNET_free (service);
2478 return GNUNET_OK;
2479}
2480
2481
2490static void *
2491new_service_channel (void *cls,
2492 struct GNUNET_CADET_Channel *channel,
2493 const struct GNUNET_PeerIdentity *initiator)
2494{
2495 struct LocalService *ls = cls;
2496 struct ChannelState *s = GNUNET_new (struct ChannelState);
2497
2498 s->peer = *initiator;
2499 GNUNET_STATISTICS_update (stats,
2500 gettext_noop ("# Inbound CADET channels created"),
2501 1,
2502 GNUNET_NO);
2503 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2504 "Received inbound channel from `%s'\n",
2505 GNUNET_i2s (initiator));
2506 s->channel = channel;
2507 s->specifics.tcp_udp.serv = ls;
2508 s->specifics.tcp_udp.ri.remote_address = ls->address;
2509 return s;
2510}
2511
2512
2520static void
2521clean_channel (void *cls,
2522 const struct GNUNET_CADET_Channel *channel)
2523{
2524 struct ChannelState *s = cls;
2525
2526 LOG (GNUNET_ERROR_TYPE_DEBUG,
2527 "Channel destroyed\n");
2528 if (GNUNET_SYSERR == s->is_dns)
2529 {
2530 GNUNET_free (s);
2531 return;
2532 }
2533 if (GNUNET_YES == s->is_dns)
2534 {
2535 if (channels[s->specifics.dns.my_id] == s)
2536 channels[s->specifics.dns.my_id] = NULL;
2537 }
2538 else
2539 {
2540 if (NULL != s->specifics.tcp_udp.heap_node)
2541 {
2542 GNUNET_assert (GNUNET_YES ==
2543 GNUNET_CONTAINER_multihashmap_remove (connections_map,
2544 &s->specifics.tcp_udp
2545 .state_key,
2546 s));
2547 GNUNET_CONTAINER_heap_remove_node (s->specifics.tcp_udp.heap_node);
2548 s->specifics.tcp_udp.heap_node = NULL;
2549 }
2550 }
2551 GNUNET_free (s);
2552}
2553
2554
2564static void
2565store_service (int proto,
2566 const char *name,
2567 uint16_t destination_port,
2568 struct LocalService *service)
2569{
2570 struct GNUNET_MQ_MessageHandler handlers[] = {
2571 GNUNET_MQ_hd_var_size (icmp_service,
2572 GNUNET_MESSAGE_TYPE_VPN_ICMP_TO_SERVICE,
2573 struct GNUNET_EXIT_IcmpServiceMessage,
2574 service),
2575 GNUNET_MQ_hd_var_size (udp_service,
2576 GNUNET_MESSAGE_TYPE_VPN_UDP_TO_SERVICE,
2577 struct GNUNET_EXIT_UdpServiceMessage,
2578 service),
2579 GNUNET_MQ_hd_var_size (tcp_service,
2580 GNUNET_MESSAGE_TYPE_VPN_TCP_TO_SERVICE_START,
2581 struct GNUNET_EXIT_TcpServiceStartMessage,
2582 service),
2583 GNUNET_MQ_hd_var_size (tcp_data,
2584 GNUNET_MESSAGE_TYPE_VPN_TCP_DATA_TO_EXIT,
2585 struct GNUNET_EXIT_TcpDataMessage,
2586 service),
2587 GNUNET_MQ_handler_end ()
2588 };
2589
2590 struct GNUNET_HashCode cadet_port;
2591
2592 service->name = GNUNET_strdup (name);
2593 GNUNET_TUN_service_name_to_hash (name,
2594 &service->descriptor);
2595 GNUNET_TUN_compute_service_cadet_port (&service->descriptor,
2596 destination_port,
2597 &cadet_port);
2598 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2599 "Opening CADET port %s for SERVICE exit %s on port %u\n",
2600 GNUNET_h2s (&cadet_port),
2601 name,
2602 (unsigned int) destination_port);
2603 service->port = GNUNET_CADET_open_port (cadet_handle,
2604 &cadet_port,
2605 &new_service_channel,
2606 service,
2607 NULL,
2608 &clean_channel,
2609 handlers);
2610 service->is_udp = (IPPROTO_UDP == proto);
2611 if (GNUNET_OK !=
2612 GNUNET_CONTAINER_multihashmap_put (services,
2613 &cadet_port,
2614 service,
2615 GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY))
2616 {
2617 GNUNET_CADET_close_port (service->port);
2618 GNUNET_free (service->name);
2619 GNUNET_free (service);
2620 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
2621 _ ("Got duplicate service records for `%s:%u'\n"),
2622 name,
2623 (unsigned int) destination_port);
2624 }
2625}
2626
2627
2634static void
2635send_packet_to_cadet_channel (struct ChannelState *s,
2636 struct GNUNET_MQ_Envelope *env)
2637{
2638 GNUNET_assert (NULL != s);
2639 GNUNET_STATISTICS_update (stats,
2640 gettext_noop (
2641 "# Messages transmitted via cadet channels"),
2642 1,
2643 GNUNET_NO);
2644 GNUNET_MQ_send (GNUNET_CADET_get_mq (s->channel),
2645 env);
2646}
2647
2648
2660static void
2661icmp_from_helper (const struct GNUNET_TUN_IcmpHeader *icmp,
2662 size_t pktlen,
2663 int af,
2664 const void *destination_ip,
2665 const void *source_ip)
2666{
2667 struct ChannelState *state;
2668 struct GNUNET_MQ_Envelope *env;
2669 struct GNUNET_EXIT_IcmpToVPNMessage *i2v;
2670 const struct GNUNET_TUN_IPv4Header *ipv4;
2671 const struct GNUNET_TUN_IPv6Header *ipv6;
2672 const struct GNUNET_TUN_UdpHeader *udp;
2673 uint16_t source_port;
2674 uint16_t destination_port;
2675 uint8_t protocol;
2676
2677 {
2678 char sbuf[INET6_ADDRSTRLEN];
2679 char dbuf[INET6_ADDRSTRLEN];
2680 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2681 "Received ICMP packet going from %s to %s\n",
2682 inet_ntop (af,
2683 source_ip,
2684 sbuf, sizeof(sbuf)),
2685 inet_ntop (af,
2686 destination_ip,
2687 dbuf, sizeof(dbuf)));
2688 }
2689
2690 if (pktlen < sizeof(struct GNUNET_TUN_IcmpHeader))
2691 {
2692 /* blame kernel */
2693 GNUNET_break (0);
2694 return;
2695 }
2696
2697 /* Find out if this is an ICMP packet in response to an existing
2698 TCP/UDP packet and if so, figure out ports / protocol of the
2699 existing session from the IP data in the ICMP payload */
2700 source_port = 0;
2701 destination_port = 0;
2702 switch (af)
2703 {
2704 case AF_INET:
2705 protocol = IPPROTO_ICMP;
2706 switch (icmp->type)
2707 {
2708 case GNUNET_TUN_ICMPTYPE_ECHO_REPLY:
2709 case GNUNET_TUN_ICMPTYPE_ECHO_REQUEST:
2710 break;
2711
2712 case GNUNET_TUN_ICMPTYPE_DESTINATION_UNREACHABLE:
2713 case GNUNET_TUN_ICMPTYPE_SOURCE_QUENCH:
2714 case GNUNET_TUN_ICMPTYPE_TIME_EXCEEDED:
2715 if (pktlen <
2716 sizeof(struct GNUNET_TUN_IcmpHeader)
2717 + sizeof(struct GNUNET_TUN_IPv4Header) + 8)
2718 {
2719 /* blame kernel */
2720 GNUNET_break (0);
2721 return;
2722 }
2723 ipv4 = (const struct GNUNET_TUN_IPv4Header *) &icmp[1];
2724 protocol = ipv4->protocol;
2725 /* could be TCP or UDP, but both have the ports in the right
2726 place, so that doesn't matter here */
2727 udp = (const struct GNUNET_TUN_UdpHeader *) &ipv4[1];
2728 /* swap ports, as they are from the original message */
2729 destination_port = ntohs (udp->source_port);
2730 source_port = ntohs (udp->destination_port);
2731 /* throw away ICMP payload, won't be useful for the other side anyway */
2732 pktlen = sizeof(struct GNUNET_TUN_IcmpHeader);
2733 break;
2734
2735 default:
2736 GNUNET_STATISTICS_update (stats,
2737 gettext_noop (
2738 "# ICMPv4 packets dropped (type not allowed)")
2739 ,
2740 1, GNUNET_NO);
2741 return;
2742 }
2743 break;
2744
2745 case AF_INET6:
2746 protocol = IPPROTO_ICMPV6;
2747 switch (icmp->type)
2748 {
2749 case GNUNET_TUN_ICMPTYPE6_DESTINATION_UNREACHABLE:
2750 case GNUNET_TUN_ICMPTYPE6_PACKET_TOO_BIG:
2751 case GNUNET_TUN_ICMPTYPE6_TIME_EXCEEDED:
2752 case GNUNET_TUN_ICMPTYPE6_PARAMETER_PROBLEM:
2753 if (pktlen <
2754 sizeof(struct GNUNET_TUN_IcmpHeader)
2755 + sizeof(struct GNUNET_TUN_IPv6Header) + 8)
2756 {
2757 /* blame kernel */
2758 GNUNET_break (0);
2759 return;
2760 }
2761 ipv6 = (const struct GNUNET_TUN_IPv6Header *) &icmp[1];
2762 protocol = ipv6->next_header;
2763 /* could be TCP or UDP, but both have the ports in the right
2764 place, so that doesn't matter here */
2765 udp = (const struct GNUNET_TUN_UdpHeader *) &ipv6[1];
2766 /* swap ports, as they are from the original message */
2767 destination_port = ntohs (udp->source_port);
2768 source_port = ntohs (udp->destination_port);
2769 /* throw away ICMP payload, won't be useful for the other side anyway */
2770 pktlen = sizeof(struct GNUNET_TUN_IcmpHeader);
2771 break;
2772
2773 case GNUNET_TUN_ICMPTYPE6_ECHO_REQUEST:
2774 case GNUNET_TUN_ICMPTYPE6_ECHO_REPLY:
2775 break;
2776
2777 default:
2778 GNUNET_STATISTICS_update (stats,
2779 gettext_noop (
2780 "# ICMPv6 packets dropped (type not allowed)")
2781 ,
2782 1, GNUNET_NO);
2783 return;
2784 }
2785 break;
2786
2787 default:
2788 GNUNET_assert (0);
2789 }
2790 switch (protocol)
2791 {
2792 case IPPROTO_ICMP:
2793 state = get_redirect_state (af,
2794 IPPROTO_ICMP,
2795 source_ip,
2796 0,
2797 destination_ip,
2798 0,
2799 NULL);
2800 break;
2801
2802 case IPPROTO_ICMPV6:
2803 state = get_redirect_state (af,
2804 IPPROTO_ICMPV6,
2805 source_ip,
2806 0,
2807 destination_ip,
2808 0,
2809 NULL);
2810 break;
2811
2812 case IPPROTO_UDP:
2813 state = get_redirect_state (af,
2814 IPPROTO_UDP,
2815 source_ip,
2816 source_port,
2817 destination_ip,
2818 destination_port,
2819 NULL);
2820 break;
2821
2822 case IPPROTO_TCP:
2823 state = get_redirect_state (af,
2824 IPPROTO_TCP,
2825 source_ip,
2826 source_port,
2827 destination_ip,
2828 destination_port,
2829 NULL);
2830 break;
2831
2832 default:
2833 GNUNET_STATISTICS_update (stats,
2834 gettext_noop (
2835 "# ICMP packets dropped (not allowed)"),
2836 1,
2837 GNUNET_NO);
2838 return;
2839 }
2840 if (NULL == state)
2841 {
2842 GNUNET_log (GNUNET_ERROR_TYPE_INFO,
2843 _ (
2844 "ICMP Packet dropped, have no matching connection information\n"));
2845 return;
2846 }
2847 env = GNUNET_MQ_msg_extra (i2v,
2848 pktlen - sizeof(struct GNUNET_TUN_IcmpHeader),
2849 GNUNET_MESSAGE_TYPE_VPN_ICMP_TO_VPN);
2850 i2v->af = htonl (af);
2851 GNUNET_memcpy (&i2v->icmp_header,
2852 icmp,
2853 pktlen);
2854 send_packet_to_cadet_channel (state,
2855 env);
2856}
2857
2858
2870static void
2871udp_from_helper (const struct GNUNET_TUN_UdpHeader *udp,
2872 size_t pktlen,
2873 int af,
2874 const void *destination_ip,
2875 const void *source_ip)
2876{
2877 struct ChannelState *state;
2878 struct GNUNET_MQ_Envelope *env;
2879 struct GNUNET_EXIT_UdpReplyMessage *urm;
2880
2881 {
2882 char sbuf[INET6_ADDRSTRLEN];
2883 char dbuf[INET6_ADDRSTRLEN];
2884
2885 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2886 "Received UDP packet going from %s:%u to %s:%u\n",
2887 inet_ntop (af,
2888 source_ip,
2889 sbuf, sizeof(sbuf)),
2890 (unsigned int) ntohs (udp->source_port),
2891 inet_ntop (af,
2892 destination_ip,
2893 dbuf, sizeof(dbuf)),
2894 (unsigned int) ntohs (udp->destination_port));
2895 }
2896
2897 if (pktlen < sizeof(struct GNUNET_TUN_UdpHeader))
2898 {
2899 /* blame kernel */
2900 GNUNET_break (0);
2901 return;
2902 }
2903 if (pktlen != ntohs (udp->len))
2904 {
2905 /* blame kernel */
2906 GNUNET_break (0);
2907 return;
2908 }
2909 state = get_redirect_state (af,
2910 IPPROTO_UDP,
2911 source_ip,
2912 ntohs (udp->source_port),
2913 destination_ip,
2914 ntohs (udp->destination_port),
2915 NULL);
2916 if (NULL == state)
2917 {
2918 GNUNET_log (GNUNET_ERROR_TYPE_INFO,
2919 _ (
2920 "UDP Packet dropped, have no matching connection information\n"));
2921 return;
2922 }
2923 env = GNUNET_MQ_msg_extra (urm,
2924 pktlen - sizeof(struct GNUNET_TUN_UdpHeader),
2925 GNUNET_MESSAGE_TYPE_VPN_UDP_REPLY);
2926 urm->source_port = htons (0);
2927 urm->destination_port = htons (0);
2928 GNUNET_memcpy (&urm[1],
2929 &udp[1],
2930 pktlen - sizeof(struct GNUNET_TUN_UdpHeader));
2931 send_packet_to_cadet_channel (state,
2932 env);
2933}
2934
2935
2947static void
2948tcp_from_helper (const struct GNUNET_TUN_TcpHeader *tcp,
2949 size_t pktlen,
2950 int af,
2951 const void *destination_ip,
2952 const void *source_ip)
2953{
2954 struct ChannelState *state;
2955 char buf[pktlen] GNUNET_ALIGN;
2956 struct GNUNET_TUN_TcpHeader *mtcp;
2957 struct GNUNET_EXIT_TcpDataMessage *tdm;
2958 struct GNUNET_MQ_Envelope *env;
2959 size_t mlen;
2960
2961 {
2962 char sbuf[INET6_ADDRSTRLEN];
2963 char dbuf[INET6_ADDRSTRLEN];
2964 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2965 "Received TCP packet with %u bytes going from %s:%u to %s:%u\n",
2966 (unsigned int) (pktlen - sizeof(struct GNUNET_TUN_TcpHeader)),
2967 inet_ntop (af,
2968 source_ip,
2969 sbuf, sizeof(sbuf)),
2970 (unsigned int) ntohs (tcp->source_port),
2971 inet_ntop (af,
2972 destination_ip,
2973 dbuf, sizeof(dbuf)),
2974 (unsigned int) ntohs (tcp->destination_port));
2975 }
2976
2977 if (pktlen < sizeof(struct GNUNET_TUN_TcpHeader))
2978 {
2979 /* blame kernel */
2980 GNUNET_break (0);
2981 return;
2982 }
2983 state = get_redirect_state (af,
2984 IPPROTO_TCP,
2985 source_ip,
2986 ntohs (tcp->source_port),
2987 destination_ip,
2988 ntohs (tcp->destination_port),
2989 NULL);
2990 if (NULL == state)
2991 {
2992 GNUNET_log (GNUNET_ERROR_TYPE_INFO,
2993 _ (
2994 "TCP Packet dropped, have no matching connection information\n"));
2995
2996 return;
2997 }
2998 /* mug port numbers and crc to avoid information leakage;
2999 sender will need to lookup the correct values anyway */
3000 GNUNET_memcpy (buf, tcp, pktlen);
3001 mtcp = (struct GNUNET_TUN_TcpHeader *) buf;
3002 mtcp->source_port = 0;
3003 mtcp->destination_port = 0;
3004 mtcp->crc = 0;
3005
3006 mlen = sizeof(struct GNUNET_EXIT_TcpDataMessage) + (pktlen - sizeof(struct
3007 GNUNET_TUN_TcpHeader));
3008 if (mlen >= GNUNET_MAX_MESSAGE_SIZE)
3009 {
3010 GNUNET_break (0);
3011 return;
3012 }
3013 env = GNUNET_MQ_msg_extra (tdm,
3014 pktlen - sizeof(struct GNUNET_TUN_TcpHeader),
3015 GNUNET_MESSAGE_TYPE_VPN_TCP_DATA_TO_VPN);
3016 tdm->reserved = htonl (0);
3017 GNUNET_memcpy (&tdm->tcp_header,
3018 buf,
3019 pktlen);
3020 send_packet_to_cadet_channel (state,
3021 env);
3022}
3023
3024
3031static int
3032message_token (void *cls GNUNET_UNUSED,
3033 const struct GNUNET_MessageHeader *message)
3034{
3035 const struct GNUNET_TUN_Layer2PacketHeader *pkt_tun;
3036 size_t size;
3037
3038 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
3039 "Got %u-byte message of type %u from gnunet-helper-exit\n",
3040 ntohs (message->size),
3041 ntohs (message->type));
3042 GNUNET_STATISTICS_update (stats,
3043 gettext_noop ("# Packets received from TUN"),
3044 1, GNUNET_NO);
3045 if (ntohs (message->type) != GNUNET_MESSAGE_TYPE_VPN_HELPER)
3046 {
3047 GNUNET_break (0);
3048 return GNUNET_OK;
3049 }
3050 size = ntohs (message->size);
3051 if (size < sizeof(struct GNUNET_TUN_Layer2PacketHeader) + sizeof(struct
3052 GNUNET_MessageHeader))
3053 {
3054 GNUNET_break (0);
3055 return GNUNET_OK;
3056 }
3057 GNUNET_STATISTICS_update (stats,
3058 gettext_noop ("# Bytes received from TUN"),
3059 size, GNUNET_NO);
3060 pkt_tun = (const struct GNUNET_TUN_Layer2PacketHeader *) &message[1];
3061 size -= sizeof(struct GNUNET_TUN_Layer2PacketHeader) + sizeof(struct
3062 GNUNET_MessageHeader);
3063 switch (ntohs (pkt_tun->proto))
3064 {
3065 case ETH_P_IPV4:
3066 {
3067 const struct GNUNET_TUN_IPv4Header *pkt4;
3068
3069 if (size < sizeof(struct GNUNET_TUN_IPv4Header))
3070 {
3071 /* Kernel to blame? */
3072 GNUNET_break (0);
3073 return GNUNET_OK;
3074 }
3075 pkt4 = (const struct GNUNET_TUN_IPv4Header *) &pkt_tun[1];
3076 if (size != ntohs (pkt4->total_length))
3077 {
3078 /* Kernel to blame? */
3079 GNUNET_break (0);
3080 return GNUNET_OK;
3081 }
3082 if (pkt4->header_length * 4 != sizeof(struct GNUNET_TUN_IPv4Header))
3083 {
3084 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
3085 _ ("IPv4 packet options received. Ignored.\n"));
3086 return GNUNET_OK;
3087 }
3088
3089 size -= sizeof(struct GNUNET_TUN_IPv4Header);
3090 switch (pkt4->protocol)
3091 {
3092 case IPPROTO_UDP:
3093 udp_from_helper ((const struct GNUNET_TUN_UdpHeader *) &pkt4[1], size,
3094 AF_INET,
3095 &pkt4->destination_address,
3096 &pkt4->source_address);
3097 break;
3098
3099 case IPPROTO_TCP:
3100 tcp_from_helper ((const struct GNUNET_TUN_TcpHeader *) &pkt4[1], size,
3101 AF_INET,
3102 &pkt4->destination_address,
3103 &pkt4->source_address);
3104 break;
3105
3106 case IPPROTO_ICMP:
3107 icmp_from_helper ((const struct GNUNET_TUN_IcmpHeader *) &pkt4[1], size,
3108 AF_INET,
3109 &pkt4->destination_address,
3110 &pkt4->source_address);
3111 break;
3112
3113 default:
3114 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
3115 _ (
3116 "IPv4 packet with unsupported next header %u received. Ignored.\n"),
3117 (int) pkt4->protocol);
3118 return GNUNET_OK;
3119 }
3120 }
3121 break;
3122
3123 case ETH_P_IPV6:
3124 {
3125 const struct GNUNET_TUN_IPv6Header *pkt6;
3126
3127 if (size < sizeof(struct GNUNET_TUN_IPv6Header))
3128 {
3129 /* Kernel to blame? */
3130 GNUNET_break (0);
3131 return GNUNET_OK;
3132 }
3133 pkt6 = (struct GNUNET_TUN_IPv6Header *) &pkt_tun[1];
3134 if (size != ntohs (pkt6->payload_length) + sizeof(struct
3135 GNUNET_TUN_IPv6Header))
3136 {
3137 /* Kernel to blame? */
3138 GNUNET_break (0);
3139 return GNUNET_OK;
3140 }
3141 size -= sizeof(struct GNUNET_TUN_IPv6Header);
3142 switch (pkt6->next_header)
3143 {
3144 case IPPROTO_UDP:
3145 udp_from_helper ((const struct GNUNET_TUN_UdpHeader *) &pkt6[1], size,
3146 AF_INET6,
3147 &pkt6->destination_address,
3148 &pkt6->source_address);
3149 break;
3150
3151 case IPPROTO_TCP:
3152 tcp_from_helper ((const struct GNUNET_TUN_TcpHeader *) &pkt6[1], size,
3153 AF_INET6,
3154 &pkt6->destination_address,
3155 &pkt6->source_address);
3156 break;
3157
3158 case IPPROTO_ICMPV6:
3159 icmp_from_helper ((const struct GNUNET_TUN_IcmpHeader *) &pkt6[1], size,
3160 AF_INET6,
3161 &pkt6->destination_address,
3162 &pkt6->source_address);
3163 break;
3164
3165 default:
3166 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
3167 _ (
3168 "IPv6 packet with unsupported next header %d received. Ignored.\n"),
3169 pkt6->next_header);
3170 return GNUNET_OK;
3171 }
3172 }
3173 break;
3174
3175 default:
3176 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
3177 _ ("Packet from unknown protocol %u received. Ignored.\n"),
3178 ntohs (pkt_tun->proto));
3179 break;
3180 }
3181 return GNUNET_OK;
3182}
3183
3184
3193static void *
3194new_channel (void *cls,
3195 struct GNUNET_CADET_Channel *channel,
3196 const struct GNUNET_PeerIdentity *initiator)
3197{
3198 struct ChannelState *s = GNUNET_new (struct ChannelState);
3199
3200 s->is_dns = GNUNET_SYSERR;
3201 s->peer = *initiator;
3202 GNUNET_STATISTICS_update (stats,
3203 gettext_noop ("# Inbound CADET channels created"),
3204 1,
3205 GNUNET_NO);
3206 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
3207 "Received inbound channel from `%s'\n",
3208 GNUNET_i2s (initiator));
3209 s->channel = channel;
3210 return s;
3211}
3212
3213
3221static int
3222free_iterate (void *cls,
3223 const struct GNUNET_HashCode *hash,
3224 void *value)
3225{
3226 GNUNET_free (value);
3227 return GNUNET_YES;
3228}
3229
3230
3239static void
3240dummy_task (void *cls)
3241{
3242 /* just terminate */
3243}
3244
3245
3251static void
3252cleanup (void *cls)
3253{
3254 unsigned int i;
3255
3256 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
3257 "Exit service is shutting down now\n");
3258
3259 if (NULL != helper_handle)
3260 {
3261 GNUNET_HELPER_stop (helper_handle, GNUNET_NO);
3262 helper_handle = NULL;
3263 }
3264 if (NULL != regex4)
3265 {
3266 GNUNET_REGEX_announce_cancel (regex4);
3267 regex4 = NULL;
3268 }
3269 if (NULL != regex6)
3270 {
3271 GNUNET_REGEX_announce_cancel (regex6);
3272 regex6 = NULL;
3273 }
3274 if (NULL != services)
3275 {
3276 GNUNET_CONTAINER_multihashmap_iterate (services,
3277 &free_service_record,
3278 NULL);
3279 GNUNET_CONTAINER_multihashmap_destroy (services);
3280 }
3281 if (NULL != dns_port)
3282 {
3283 GNUNET_CADET_close_port (dns_port);
3284 dns_port = NULL;
3285 }
3286 if (NULL != cadet_port4)
3287 {
3288 GNUNET_CADET_close_port (cadet_port4);
3289 cadet_port4 = NULL;
3290 }
3291 if (NULL != cadet_port6)
3292 {
3293 GNUNET_CADET_close_port (cadet_port6);
3294 cadet_port6 = NULL;
3295 }
3296 if (NULL != cadet_handle)
3297 {
3298 GNUNET_CADET_disconnect (cadet_handle);
3299 cadet_handle = NULL;
3300 }
3301 if (NULL != connections_map)
3302 {
3303 GNUNET_CONTAINER_multihashmap_iterate (connections_map,
3304 &free_iterate,
3305 NULL);
3306 GNUNET_CONTAINER_multihashmap_destroy (connections_map);
3307 connections_map = NULL;
3308 }
3309 if (NULL != connections_heap)
3310 {
3311 GNUNET_CONTAINER_heap_destroy (connections_heap);
3312 connections_heap = NULL;
3313 }
3314 if (NULL != dnsstub)
3315 {
3316 GNUNET_DNSSTUB_stop (dnsstub);
3317 dnsstub = NULL;
3318 }
3319 if (NULL != peer_key)
3320 {
3321 GNUNET_free (peer_key);
3322 peer_key = NULL;
3323 }
3324 if (NULL != dht_task)
3325 {
3326 GNUNET_SCHEDULER_cancel (dht_task);
3327 dht_task = NULL;
3328 }
3329 if (NULL != dht_put)
3330 {
3331 GNUNET_DHT_put_cancel (dht_put);
3332 dht_put = NULL;
3333 }
3334 if (NULL != dht)
3335 {
3336 GNUNET_DHT_disconnect (dht);
3337 dht = NULL;
3338 }
3339 if (NULL != stats)
3340 {
3341 GNUNET_STATISTICS_destroy (stats,
3342 GNUNET_NO);
3343 stats = NULL;
3344 }
3345 for (i = 0; i < 8; i++)
3346 GNUNET_free (exit_argv[i]);
3347}
3348
3349
3357static void
3358add_services (int proto,
3359 char *cpy,
3360 const char *name)
3361{
3362 char *redirect;
3363 char *hostname;
3364 char *hostport;
3365 struct LocalService *serv;
3366 char *n;
3367 size_t slen;
3368 int local_port;
3369 int remote_port;
3370
3371 slen = strlen (name);
3372 GNUNET_assert (slen >= 8);
3373 n = GNUNET_strndup (name, slen - 8 /* remove .gnunet. */);
3374
3375 for (redirect = strtok (cpy, " ;"); redirect != NULL;
3376 redirect = strtok (NULL, " ;"))
3377 {
3378 if (NULL == (hostname = strstr (redirect, ":")))
3379 {
3380 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
3381 _ (
3382 "Option `%s' for domain `%s' is not formatted correctly!\n")
3383 ,
3384 redirect,
3385 name);
3386 continue;
3387 }
3388 hostname[0] = '\0';
3389 hostname++;
3390 if (NULL == (hostport = strstr (hostname, ":")))
3391 {
3392 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
3393 _ (
3394 "Option `%s' for domain `%s' is not formatted correctly!\n")
3395 ,
3396 redirect,
3397 name);
3398 continue;
3399 }
3400 hostport[0] = '\0';
3401 hostport++;
3402
3403 local_port = atoi (redirect);
3404 remote_port = atoi (hostport);
3405
3406 if (! ((local_port > 0) && (local_port < 65536)))
3407 {
3408 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
3409 _ ("`%s' is not a valid port number (for domain `%s')!"),
3410 redirect,
3411 name);
3412 continue;
3413 }
3414 if (! ((remote_port > 0) && (remote_port < 65536)))
3415 {
3416 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
3417 _ ("`%s' is not a valid port number (for domain `%s')!"),
3418 hostport,
3419 name);
3420 continue;
3421 }
3422
3423 serv = GNUNET_new (struct LocalService);
3424 serv->address.proto = proto;
3425 serv->address.port = remote_port;
3426 if (0 == strcmp ("localhost4",
3427 hostname))
3428 {
3429 const char *ip4addr = exit_argv[5];
3430
3431 serv->address.af = AF_INET;
3432 GNUNET_assert (1 == inet_pton (AF_INET,
3433 ip4addr,
3434 &serv->address.address.ipv4));
3435 }
3436 else if (0 == strcmp ("localhost6",
3437 hostname))
3438 {
3439 const char *ip6addr = exit_argv[3];
3440
3441 serv->address.af = AF_INET6;
3442 GNUNET_assert (1 == inet_pton (AF_INET6,
3443 ip6addr,
3444 &serv->address.address.ipv6));
3445 }
3446 else
3447 {
3448 struct addrinfo *res;
3449 int ret;
3450
3451 ret = getaddrinfo (hostname,
3452 NULL,
3453 NULL,
3454 &res);
3455 if ((0 != ret) || (NULL == res))
3456 {
3457 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
3458 _ (
3459 "No addresses found for hostname `%s' of service `%s'!\n")
3460 ,
3461 hostname,
3462 n);
3463 GNUNET_free (serv);
3464 continue;
3465 }
3466
3467 serv->address.af = res->ai_family;
3468 switch (res->ai_family)
3469 {
3470 case AF_INET:
3471 if (! ipv4_enabled)
3472 {
3473 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
3474 _ (
3475 "Service `%s' configured for IPv4, but IPv4 is disabled!\n"),
3476 n);
3477 freeaddrinfo (res);
3478 GNUNET_free (serv);
3479 continue;
3480 }
3481 serv->address.address.ipv4
3482 = ((struct sockaddr_in *) res->ai_addr)->sin_addr;
3483 break;
3484
3485 case AF_INET6:
3486 if (! ipv6_enabled)
3487 {
3488 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
3489 _ (
3490 "Service `%s' configured for IPv4, but IPv4 is disabled!\n"),
3491 n);
3492 freeaddrinfo (res);
3493 GNUNET_free (serv);
3494 continue;
3495 }
3496 serv->address.address.ipv6
3497 = ((struct sockaddr_in6 *) res->ai_addr)->sin6_addr;
3498 break;
3499
3500 default:
3501 freeaddrinfo (res);
3502 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
3503 _ (
3504 "No IP addresses found for hostname `%s' of service `%s'!\n"),
3505 hostname,
3506 n);
3507 GNUNET_free (serv);
3508 continue;
3509 }
3510 freeaddrinfo (res);
3511 }
3512 store_service (proto,
3513 n,
3514 local_port,
3515 serv);
3516 }
3517 GNUNET_free (n);
3518}
3519
3520
3527static void
3528read_service_conf (void *cls,
3529 const char *section)
3530{
3531 char *cpy;
3532
3533 if ((strlen (section) < 8) ||
3534 (0 != strcmp (".gnunet.", section + (strlen (section) - 8))))
3535 return;
3536 if (GNUNET_OK ==
3537 GNUNET_CONFIGURATION_get_value_string (cfg,
3538 section,
3539 "UDP_REDIRECTS",
3540 &cpy))
3541 {
3542 add_services (IPPROTO_UDP,
3543 cpy,
3544 section);
3545 GNUNET_free (cpy);
3546 }
3547 if (GNUNET_OK ==
3548 GNUNET_CONFIGURATION_get_value_string (cfg,
3549 section,
3550 "TCP_REDIRECTS",
3551 &cpy))
3552 {
3553 add_services (IPPROTO_TCP,
3554 cpy,
3555 section);
3556 GNUNET_free (cpy);
3557 }
3558}
3559
3560
3567static void
3568do_dht_put (void *cls);
3569
3570
3577static void
3578dht_put_cont (void *cls)
3579{
3580 dht_put = NULL;
3581}
3582
3583
3590static void
3591do_dht_put (void *cls)
3592{
3593 struct GNUNET_TIME_Absolute expiration;
3594
3595 dht_task = GNUNET_SCHEDULER_add_delayed (DHT_PUT_FREQUENCY,
3596 &do_dht_put,
3597 NULL);
3598 expiration = GNUNET_TIME_absolute_ntoh (dns_advertisement.expiration_time);
3599 if (GNUNET_TIME_absolute_get_remaining (expiration).rel_value_us <
3600 GNUNET_TIME_UNIT_HOURS.rel_value_us)
3601 {
3602 /* refresh advertisement */
3603 expiration = GNUNET_TIME_relative_to_absolute (DNS_ADVERTISEMENT_TIMEOUT);
3604 dns_advertisement.expiration_time = GNUNET_TIME_absolute_hton (expiration);
3605 GNUNET_assert (GNUNET_OK ==
3606 GNUNET_CRYPTO_eddsa_sign_ (peer_key,
3607 &dns_advertisement.purpose,
3608 &dns_advertisement.signature));
3609 }
3610 if (NULL != dht_put)
3611 GNUNET_DHT_put_cancel (dht_put);
3612 dht_put = GNUNET_DHT_put (dht,
3613 &dht_put_key,
3614 1 /* replication */,
3615 GNUNET_DHT_RO_NONE,
3616 GNUNET_BLOCK_TYPE_DNS,
3617 sizeof(struct GNUNET_DNS_Advertisement),
3618 &dns_advertisement,
3619 expiration,
3620 &dht_put_cont,
3621 NULL);
3622}
3623
3624
3629static void
3630parse_ip_options ()
3631{
3632 ipv4_exit = GNUNET_CONFIGURATION_get_value_yesno (cfg,
3633 "exit",
3634 "EXIT_IPV4");
3635 ipv6_exit = GNUNET_CONFIGURATION_get_value_yesno (cfg,
3636 "exit",
3637 "EXIT_IPV6");
3638 ipv4_enabled = GNUNET_CONFIGURATION_get_value_yesno (cfg,
3639 "exit",
3640 "ENABLE_IPV4");
3641 ipv6_enabled = GNUNET_CONFIGURATION_get_value_yesno (cfg,
3642 "exit",
3643 "ENABLE_IPV6");
3644 if ((ipv4_exit || ipv4_enabled) &&
3645 (GNUNET_OK != GNUNET_NETWORK_test_pf (PF_INET)) )
3646 {
3647 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
3648 _ (
3649 "This system does not support IPv4, will disable IPv4 functions despite them being enabled in the configuration\n"));
3650 ipv4_exit = GNUNET_NO;
3651 ipv4_enabled = GNUNET_NO;
3652 }
3653 if ((ipv6_exit || ipv6_enabled) &&
3654 (GNUNET_OK != GNUNET_NETWORK_test_pf (PF_INET6)) )
3655 {
3656 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
3657 _ (
3658 "This system does not support IPv6, will disable IPv6 functions despite them being enabled in the configuration\n"));
3659 ipv6_exit = GNUNET_NO;
3660 ipv6_enabled = GNUNET_NO;
3661 }
3662 if (ipv4_exit && (! ipv4_enabled))
3663 {
3664 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
3665 _ (
3666 "Cannot enable IPv4 exit but disable IPv4 on TUN interface, will use ENABLE_IPv4=YES\n"));
3667 ipv4_enabled = GNUNET_YES;
3668 }
3669 if (ipv6_exit && (! ipv6_enabled))
3670 {
3671 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
3672 _ (
3673 "Cannot enable IPv6 exit but disable IPv6 on TUN interface, will use ENABLE_IPv6=YES\n"));
3674 ipv6_enabled = GNUNET_YES;
3675 }
3676}
3677
3678
3683static void
3684advertise_dns_exit ()
3685{
3686 struct GNUNET_MQ_MessageHandler handlers[] = {
3687 GNUNET_MQ_hd_var_size (dns_request,
3688 GNUNET_MESSAGE_TYPE_VPN_DNS_TO_INTERNET,
3689 struct DnsResponseMessage,
3690 NULL),
3691 GNUNET_MQ_handler_end ()
3692 };
3693 char *dns_exit;
3694 struct GNUNET_HashCode port;
3695
3696 if (GNUNET_YES !=
3697 GNUNET_CONFIGURATION_get_value_yesno (cfg,
3698 "exit",
3699 "EXIT_DNS"))
3700 return;
3701 GNUNET_assert (NULL != (dnsstub = GNUNET_DNSSTUB_start (128)));
3702 dns_exit = NULL;
3703 /* TODO: support using multiple DNS resolvers */
3704 if ((GNUNET_OK !=
3705 GNUNET_CONFIGURATION_get_value_string (cfg,
3706 "exit",
3707 "DNS_RESOLVER",
3708 &dns_exit)) ||
3709 (GNUNET_OK !=
3710 GNUNET_DNSSTUB_add_dns_ip (dnsstub,
3711 dns_exit)))
3712 {
3713 GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR,
3714 "dns",
3715 "DNS_RESOLVER",
3716 _ ("need a valid IPv4 or IPv6 address\n"));
3717 GNUNET_free (dns_exit);
3718 return;
3719 }
3720 /* open port */
3721 GNUNET_CRYPTO_hash (GNUNET_APPLICATION_PORT_INTERNET_RESOLVER,
3722 strlen (GNUNET_APPLICATION_PORT_INTERNET_RESOLVER),
3723 &port);
3724 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
3725 "Opening CADET port %s for DNS exit service\n",
3726 GNUNET_h2s (&port));
3727 dns_port = GNUNET_CADET_open_port (cadet_handle,
3728 &port,
3729 &new_channel,
3730 NULL,
3731 NULL,
3732 &clean_channel,
3733 handlers);
3734 /* advertise exit */
3735 dht = GNUNET_DHT_connect (cfg,
3736 1);
3737 peer_key = GNUNET_CRYPTO_eddsa_key_create_from_configuration (cfg);
3738 GNUNET_CRYPTO_eddsa_key_get_public (peer_key,
3739 &dns_advertisement.peer.public_key);
3740 dns_advertisement.purpose.size = htonl (sizeof(struct
3741 GNUNET_DNS_Advertisement)
3742 - sizeof(struct
3743 GNUNET_CRYPTO_EddsaSignature)
3744 );
3745 dns_advertisement.purpose.purpose = htonl (
3746 GNUNET_SIGNATURE_PURPOSE_DNS_RECORD);
3747 GNUNET_CRYPTO_hash ("dns",
3748 strlen ("dns"),
3749 &dht_put_key);
3750 dht_task = GNUNET_SCHEDULER_add_now (&do_dht_put,
3751 NULL);
3752 GNUNET_free (dns_exit);
3753}
3754
3755
3761static int
3762setup_exit_helper_args ()
3763{
3764 char *exit_ifname;
3765 char *tun_ifname;
3766 char *ipv6addr;
3767 char *ipv6prefix_s;
3768 char *ipv4addr;
3769 char *ipv4mask;
3770
3771 exit_argv[0] = GNUNET_strdup ("exit-gnunet");
3772 if (GNUNET_SYSERR ==
3773 GNUNET_CONFIGURATION_get_value_string (cfg,
3774 "exit",
3775 "TUN_IFNAME",
3776 &tun_ifname))
3777 {
3778 GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
3779 "EXIT",
3780 "TUN_IFNAME");
3781 return GNUNET_SYSERR;
3782 }
3783 exit_argv[1] = tun_ifname;
3784 if (ipv4_enabled)
3785 {
3786 if (GNUNET_SYSERR ==
3787 GNUNET_CONFIGURATION_get_value_string (cfg,
3788 "exit",
3789 "EXIT_IFNAME",
3790 &exit_ifname))
3791 {
3792 GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
3793 "EXIT",
3794 "EXIT_IFNAME");
3795 return GNUNET_SYSERR;
3796 }
3797 exit_argv[2] = exit_ifname;
3798 }
3799 else
3800 {
3801 exit_argv[2] = GNUNET_strdup ("-");
3802 }
3803
3804 if (GNUNET_YES == ipv6_enabled)
3805 {
3806 ipv6addr = NULL;
3807 if (((GNUNET_SYSERR ==
3808 GNUNET_CONFIGURATION_get_value_string (cfg,
3809 "exit",
3810 "IPV6ADDR",
3811 &ipv6addr)) ||
3812 (1 != inet_pton (AF_INET6,
3813 ipv6addr,
3814 &exit_ipv6addr))))
3815 {
3816 GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
3817 "EXIT",
3818 "IPV6ADDR");
3819 GNUNET_free (ipv6addr);
3820 return GNUNET_SYSERR;
3821 }
3822 exit_argv[3] = ipv6addr;
3823 if (GNUNET_SYSERR ==
3824 GNUNET_CONFIGURATION_get_value_string (cfg,
3825 "exit",
3826 "IPV6PREFIX",
3827 &ipv6prefix_s))
3828 {
3829 GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
3830 "EXIT",
3831 "IPV6PREFIX");
3832 return GNUNET_SYSERR;
3833 }
3834 exit_argv[4] = ipv6prefix_s;
3835 if ((GNUNET_OK !=
3836 GNUNET_CONFIGURATION_get_value_number (cfg,
3837 "exit",
3838 "IPV6PREFIX",
3839 &ipv6prefix)) ||
3840 (ipv6prefix >= 127))
3841 {
3842 GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR,
3843 "EXIT",
3844 "IPV6PREFIX",
3845 _ ("Must be a number"));
3846 return GNUNET_SYSERR;
3847 }
3848 }
3849 else
3850 {
3851 /* IPv6 explicitly disabled */
3852 exit_argv[3] = GNUNET_strdup ("-");
3853 exit_argv[4] = GNUNET_strdup ("-");
3854 }
3855 if (GNUNET_YES == ipv4_enabled)
3856 {
3857 ipv4addr = NULL;
3858 if (((GNUNET_SYSERR ==
3859 GNUNET_CONFIGURATION_get_value_string (cfg,
3860 "exit",
3861 "IPV4ADDR",
3862 &ipv4addr)) ||
3863 (1 != inet_pton (AF_INET,
3864 ipv4addr,
3865 &exit_ipv4addr))))
3866 {
3867 GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
3868 "EXIT",
3869 "IPV4ADDR");
3870 GNUNET_free (ipv4addr);
3871 return GNUNET_SYSERR;
3872 }
3873 exit_argv[5] = ipv4addr;
3874 ipv4mask = NULL;
3875 if (((GNUNET_SYSERR ==
3876 GNUNET_CONFIGURATION_get_value_string (cfg,
3877 "exit",
3878 "IPV4MASK",
3879 &ipv4mask)) ||
3880 (1 != inet_pton (AF_INET,
3881 ipv4mask,
3882 &exit_ipv4mask))))
3883 {
3884 GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
3885 "EXIT",
3886 "IPV4MASK");
3887 GNUNET_free (ipv4mask);
3888 return GNUNET_SYSERR;
3889 }
3890 exit_argv[6] = ipv4mask;
3891 }
3892 else
3893 {
3894 /* IPv4 explicitly disabled */
3895 exit_argv[5] = GNUNET_strdup ("-");
3896 exit_argv[6] = GNUNET_strdup ("-");
3897 }
3898 exit_argv[7] = NULL;
3899 return GNUNET_OK;
3900}
3901
3902
3911static void
3912run (void *cls,
3913 char *const *args,
3914 const char *cfgfile,
3915 const struct GNUNET_CONFIGURATION_Handle *cfg_)
3916{
3917 struct GNUNET_MQ_MessageHandler handlers[] = {
3918 GNUNET_MQ_hd_var_size (icmp_remote,
3919 GNUNET_MESSAGE_TYPE_VPN_ICMP_TO_INTERNET,
3920 struct GNUNET_EXIT_IcmpInternetMessage,
3921 NULL),
3922 GNUNET_MQ_hd_var_size (udp_remote,
3923 GNUNET_MESSAGE_TYPE_VPN_UDP_TO_INTERNET,
3924 struct GNUNET_EXIT_UdpInternetMessage,
3925 NULL),
3926 GNUNET_MQ_hd_var_size (tcp_remote,
3927 GNUNET_MESSAGE_TYPE_VPN_TCP_TO_INTERNET_START,
3928 struct GNUNET_EXIT_TcpInternetStartMessage,
3929 NULL),
3930 GNUNET_MQ_hd_var_size (tcp_data,
3931 GNUNET_MESSAGE_TYPE_VPN_TCP_DATA_TO_EXIT,
3932 struct GNUNET_EXIT_TcpDataMessage,
3933 NULL),
3934 GNUNET_MQ_handler_end ()
3935 };
3936 struct GNUNET_HashCode port;
3937 char *policy;
3938 char *binary;
3939 char *regex;
3940 char *prefixed_regex;
3941
3942 cfg = cfg_;
3943 if (GNUNET_OK !=
3944 GNUNET_CONFIGURATION_get_value_number (cfg,
3945 "exit",
3946 "MAX_CONNECTIONS",
3947 &max_connections))
3948 max_connections = 1024;
3949 parse_ip_options ();
3950 binary = GNUNET_OS_get_suid_binary_path (GNUNET_OS_project_data_gnunet (),
3951 cfg,
3952 "gnunet-helper-exit");
3953 if ((ipv4_exit) || (ipv6_exit))
3954 {
3955 if (GNUNET_YES !=
3956 GNUNET_OS_check_helper_binary (binary,
3957 GNUNET_YES,
3958 "gnunet-vpn - - - 169.1.3.7 255.255.255.0"))
3959 // no nat, ipv4 only
3960 {
3961 GNUNET_free (binary);
3962 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
3963 _ (
3964 "`%s' is not SUID or the path is invalid, EXIT will not work\n"),
3965 "gnunet-helper-exit");
3966 GNUNET_SCHEDULER_add_shutdown (&dummy_task,
3967 NULL);
3968 global_ret = 1;
3969 return;
3970 }
3971 }
3972 if (! (ipv4_enabled || ipv6_enabled))
3973 {
3974 GNUNET_free (binary);
3975 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
3976 _ ("No useful service enabled. Exiting.\n"));
3977 GNUNET_SCHEDULER_shutdown ();
3978 return;
3979 }
3980
3981 GNUNET_SCHEDULER_add_shutdown (&cleanup,
3982 NULL);
3983 stats = GNUNET_STATISTICS_create ("exit",
3984 cfg);
3985 cadet_handle = GNUNET_CADET_connect (cfg);
3986 if (NULL == cadet_handle)
3987 {
3988 GNUNET_free (binary);
3989 GNUNET_SCHEDULER_shutdown ();
3990 return;
3991 }
3992 advertise_dns_exit ();
3993 if (GNUNET_OK !=
3994 setup_exit_helper_args ())
3995 {
3996 GNUNET_free (binary);
3997 GNUNET_SCHEDULER_shutdown ();
3998 return;
3999 }
4000
4001 services = GNUNET_CONTAINER_multihashmap_create (65536,
4002 GNUNET_NO);
4003 connections_map = GNUNET_CONTAINER_multihashmap_create (65536,
4004 GNUNET_NO);
4005 connections_heap = GNUNET_CONTAINER_heap_create (
4006 GNUNET_CONTAINER_HEAP_ORDER_MIN);
4007 GNUNET_CONFIGURATION_iterate_sections (cfg,
4008 &read_service_conf,
4009 NULL);
4010
4011 /* Cadet handle acquired, now open ports and announce regular
4012 expressions matching our exit */
4013 if ((GNUNET_YES == ipv4_enabled) &&
4014 (GNUNET_YES == ipv4_exit))
4015 {
4016 GNUNET_CRYPTO_hash (GNUNET_APPLICATION_PORT_IPV4_GATEWAY,
4017 strlen (GNUNET_APPLICATION_PORT_IPV4_GATEWAY),
4018 &port);
4019 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
4020 "Opening CADET port %s for IPv4 gateway service\n",
4021 GNUNET_h2s (&port));
4022 cadet_port4 = GNUNET_CADET_open_port (cadet_handle,
4023 &port,
4024 &new_channel,
4025 NULL,
4026 NULL,
4027 &clean_channel,
4028 handlers);
4029 policy = NULL;
4030 if (GNUNET_OK !=
4031 GNUNET_CONFIGURATION_get_value_string (cfg,
4032 "exit",
4033 "EXIT_RANGE_IPV4_POLICY",
4034 &policy))
4035 regex = NULL;
4036 else
4037 regex = GNUNET_REGEX_ipv4policy2regex (policy);
4038 GNUNET_free (policy);
4039 if (NULL != regex)
4040 {
4041 (void) GNUNET_asprintf (&prefixed_regex,
4042 "%s%s",
4043 GNUNET_APPLICATION_TYPE_EXIT_REGEX_PREFIX,
4044 regex);
4045 regex4 = GNUNET_REGEX_announce (cfg,
4046 prefixed_regex,
4047 REGEX_REFRESH_FREQUENCY,
4048 REGEX_MAX_PATH_LEN_IPV4);
4049 GNUNET_free (regex);
4050 GNUNET_free (prefixed_regex);
4051 }
4052 }
4053
4054 if ((GNUNET_YES == ipv6_enabled) && (GNUNET_YES == ipv6_exit))
4055 {
4056 GNUNET_CRYPTO_hash (GNUNET_APPLICATION_PORT_IPV6_GATEWAY,
4057 strlen (GNUNET_APPLICATION_PORT_IPV6_GATEWAY),
4058 &port);
4059 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
4060 "Opening CADET port %s for IPv6 gateway service\n",
4061 GNUNET_h2s (&port));
4062 cadet_port6 = GNUNET_CADET_open_port (cadet_handle,
4063 &port,
4064 &new_channel,
4065 NULL,
4066 NULL,
4067 &clean_channel,
4068 handlers);
4069 policy = NULL;
4070 if (GNUNET_OK !=
4071 GNUNET_CONFIGURATION_get_value_string (cfg,
4072 "exit",
4073 "EXIT_RANGE_IPV6_POLICY",
4074 &policy))
4075 regex = NULL;
4076 else
4077 regex = GNUNET_REGEX_ipv6policy2regex (policy);
4078 GNUNET_free (policy);
4079 if (NULL != regex)
4080 {
4081 (void) GNUNET_asprintf (&prefixed_regex,
4082 "%s%s",
4083 GNUNET_APPLICATION_TYPE_EXIT_REGEX_PREFIX,
4084 regex);
4085 regex6 = GNUNET_REGEX_announce (cfg,
4086 prefixed_regex,
4087 REGEX_REFRESH_FREQUENCY,
4088 REGEX_MAX_PATH_LEN_IPV6);
4089 GNUNET_free (regex);
4090 GNUNET_free (prefixed_regex);
4091 }
4092 }
4093 helper_handle = GNUNET_HELPER_start (GNUNET_OS_project_data_gnunet (),
4094 GNUNET_NO,
4095 binary,
4096 exit_argv,
4097 &message_token,
4098 NULL,
4099 NULL);
4100 GNUNET_free (binary);
4101}
4102
4103
4111int
4112main (int argc,
4113 char *const *argv)
4114{
4115 static const struct GNUNET_GETOPT_CommandLineOption options[] = {
4116 GNUNET_GETOPT_OPTION_END
4117 };
4118
4119 return (GNUNET_OK ==
4120 GNUNET_PROGRAM_run (GNUNET_OS_project_data_gnunet (),
4121 argc,
4122 argv,
4123 "gnunet-daemon-exit",
4124 gettext_noop (
4125 "Daemon to run to provide an IP exit node for the VPN"),
4126 options,
4127 &run,
4128 NULL)) ? global_ret : 1;
4129}
4130
4131
4132/* end of gnunet-daemon-exit.c */
GNUNET_GETOPT_OPTION_END
struct GNUNET_GETOPT_CommandLineOption GNUNET_GETOPT_OPTION_END
Definition: 002.c:13
options
struct GNUNET_GETOPT_CommandLineOption options[]
Definition: 002.c:5
handlers
struct GNUNET_MQ_MessageHandlers handlers[]
Definition: 003.c:1
msg
struct GNUNET_MessageHeader * msg
Definition: 005.c:2
env
struct GNUNET_MQ_Envelope * env
Definition: 005.c:1
block_dns.h
DNS network structs.
exit.h
format for cadet messages exchanged between VPN service and exit daemon
gettext_noop
#define gettext_noop(String)
Definition: gettext.h:74
start
static int start
Set if we are to start default services (including ARM).
Definition: gnunet-arm.c:38
ret
static int ret
Final status code.
Definition: gnunet-arm.c:93
port
static uint16_t port
Port number.
Definition: gnunet-bcd.c:146
address
static char * address
GNS address for this phone.
Definition: gnunet-conversation.c:225
check_udp_remote
static int check_udp_remote(void *cls, const struct GNUNET_EXIT_UdpInternetMessage *msg)
Check a request to forward UDP data to the Internet via this peer.
Definition: gnunet-daemon-exit.c:1463
check_dns_request
static int check_dns_request(void *cls, const struct DnsResponseMessage *msg)
Check a request via cadet to perform a DNS query.
Definition: gnunet-daemon-exit.c:496
udp_from_helper
static void udp_from_helper(const struct GNUNET_TUN_UdpHeader *udp, size_t pktlen, int af, const void *destination_ip, const void *source_ip)
Handles an UDP packet received from the helper.
Definition: gnunet-daemon-exit.c:2871
dht
static struct GNUNET_DHT_Handle * dht
Handle to the DHT.
Definition: gnunet-daemon-exit.c:364
send_udp_packet_via_tun
static void send_udp_packet_via_tun(const struct SocketAddress *destination_address, const struct SocketAddress *source_address, const void *payload, size_t payload_length)
Send a UDP packet via the TUN interface.
Definition: gnunet-daemon-exit.c:1362
ipv6_enabled
static int ipv6_enabled
Do we support IPv6 at all on the TUN interface?
Definition: gnunet-daemon-exit.c:420
check_udp_service
static int check_udp_service(void *cls, const struct GNUNET_EXIT_UdpServiceMessage *msg)
Check a request via cadet to send a request to a UDP service offered by this system.
Definition: gnunet-daemon-exit.c:1583
make_up_icmpv4_payload
static void make_up_icmpv4_payload(struct ChannelState *state, struct GNUNET_TUN_IPv4Header *ipp, struct GNUNET_TUN_UdpHeader *udp)
Synthesize a plausible ICMP payload for an ICMPv4 error response on the given channel.
Definition: gnunet-daemon-exit.c:1916
clean_channel
static void clean_channel(void *cls, const struct GNUNET_CADET_Channel *channel)
Function called by cadet whenever an inbound channel is destroyed.
Definition: gnunet-daemon-exit.c:2521
regex4
static struct GNUNET_REGEX_Announcement * regex4
Handle to our regex announcement for IPv4.
Definition: gnunet-daemon-exit.c:273
send_packet_to_cadet_channel
static void send_packet_to_cadet_channel(struct ChannelState *s, struct GNUNET_MQ_Envelope *env)
Send the given packet via the cadet channel.
Definition: gnunet-daemon-exit.c:2635
ipv4_enabled
static int ipv4_enabled
Do we support IPv4 at all on the TUN interface?
Definition: gnunet-daemon-exit.c:415
check_tcp_service
static int check_tcp_service(void *cls, const struct GNUNET_EXIT_TcpServiceStartMessage *start)
Check a request via cadet to send a request to a TCP service offered by this system.
Definition: gnunet-daemon-exit.c:709
send_tcp_packet_via_tun
static void send_tcp_packet_via_tun(const struct SocketAddress *destination_address, const struct SocketAddress *source_address, const struct GNUNET_TUN_TcpHeader *tcp_header, const void *payload, size_t payload_length)
Send a TCP packet via the TUN interface.
Definition: gnunet-daemon-exit.c:959
services
static struct GNUNET_CONTAINER_MultiHashMap * services
This hashmaps saves interesting things about the configured services.
Definition: gnunet-daemon-exit.c:344
REGEX_MAX_PATH_LEN_IPV4
#define REGEX_MAX_PATH_LEN_IPV4
Maximum path compression length for cadet regex announcing for IPv4 address based regex.
Definition: gnunet-daemon-exit.c:54
DNS_ADVERTISEMENT_TIMEOUT
#define DNS_ADVERTISEMENT_TIMEOUT
How long do we typically sign the DNS exit advertisement for?
Definition: gnunet-daemon-exit.c:77
channels
static struct ChannelState * channels[UINT16_MAX+1]
Array of all open DNS requests from channels.
Definition: gnunet-daemon-exit.c:349
ipv6prefix
static unsigned long long ipv6prefix
IPv6 prefix (0..127) from configuration file.
Definition: gnunet-daemon-exit.c:303
REGEX_REFRESH_FREQUENCY
#define REGEX_REFRESH_FREQUENCY
How frequently do we re-announce the regex for the exit?
Definition: gnunet-daemon-exit.c:65
exit_ipv6addr
static struct in6_addr exit_ipv6addr
IPv6 address of our TUN interface.
Definition: gnunet-daemon-exit.c:298
get_redirect_state
static struct ChannelState * get_redirect_state(int af, int protocol, const void *destination_ip, uint16_t destination_port, const void *local_ip, uint16_t local_port, struct GNUNET_HashCode *state_key)
Get our connection tracking state.
Definition: gnunet-daemon-exit.c:649
handle_icmp_service
static void handle_icmp_service(void *cls, const struct GNUNET_EXIT_IcmpServiceMessage *msg)
Process a request via cadet to send ICMP data to a service offered by this system.
Definition: gnunet-daemon-exit.c:2275
setup_fresh_address
static void setup_fresh_address(int af, uint8_t proto, struct SocketAddress *local_address)
We need to create a (unique) fresh local address (IP+port).
Definition: gnunet-daemon-exit.c:1177
max_connections
static unsigned long long max_connections
If there are at least this many connections, old ones will be removed.
Definition: gnunet-daemon-exit.c:339
global_ret
static int global_ret
Return value from 'main'.
Definition: gnunet-daemon-exit.c:268
run
static void run(void *cls, char *const *args, const char *cfgfile, const struct GNUNET_CONFIGURATION_Handle *cfg_)
Main function that will be run by the scheduler.
Definition: gnunet-daemon-exit.c:3912
stats
static struct GNUNET_STATISTICS_Handle * stats
Statistics.
Definition: gnunet-daemon-exit.c:318
setup_exit_helper_args
static int setup_exit_helper_args()
Initialize exit_argv.
Definition: gnunet-daemon-exit.c:3762
cfg
static const struct GNUNET_CONFIGURATION_Handle * cfg
The handle to the configuration used throughout the process.
Definition: gnunet-daemon-exit.c:283
dns_advertisement
static struct GNUNET_DNS_Advertisement dns_advertisement
Advertisement message we put into the DHT to advertise us as a DNS exit.
Definition: gnunet-daemon-exit.c:375
new_service_channel
static void * new_service_channel(void *cls, struct GNUNET_CADET_Channel *channel, const struct GNUNET_PeerIdentity *initiator)
Callback from CADET for new channels.
Definition: gnunet-daemon-exit.c:2491
cleanup
static void cleanup(void *cls)
Function scheduled as very last function, cleans up after us.
Definition: gnunet-daemon-exit.c:3252
prepare_ipv6_packet
static void prepare_ipv6_packet(const void *payload, size_t payload_length, int protocol, const struct GNUNET_TUN_TcpHeader *tcp_header, const struct SocketAddress *src_address, const struct SocketAddress *dst_address, struct GNUNET_TUN_IPv6Header *pkt6)
Prepare an IPv6 packet for transmission via the TUN interface.
Definition: gnunet-daemon-exit.c:866
dnsstub
static struct GNUNET_DNSSTUB_Context * dnsstub
Handle to the DNS Stub resolver.
Definition: gnunet-daemon-exit.c:354
send_icmp_packet_via_tun
static void send_icmp_packet_via_tun(const struct SocketAddress *destination_address, const struct SocketAddress *source_address, const struct GNUNET_TUN_IcmpHeader *icmp_header, const void *payload, size_t payload_length)
Send an ICMP packet via the TUN interface.
Definition: gnunet-daemon-exit.c:1065
dht_put_cont
static void dht_put_cont(void *cls)
Function called when the DHT PUT operation is complete.
Definition: gnunet-daemon-exit.c:3578
check_icmp_service
static int check_icmp_service(void *cls, const struct GNUNET_EXIT_IcmpServiceMessage *msg)
Check a request via cadet to send ICMP data to a service offered by this system.
Definition: gnunet-daemon-exit.c:2248
store_service
static void store_service(int proto, const char *name, uint16_t destination_port, struct LocalService *service)
Given a service descriptor and a destination port, find the respective service entry.
Definition: gnunet-daemon-exit.c:2565
connections_map
static struct GNUNET_CONTAINER_MultiHashMap * connections_map
This hashmaps contains the mapping from peer, service-descriptor, source-port and destination-port to...
Definition: gnunet-daemon-exit.c:329
ipv6_exit
static int ipv6_exit
Are we an IPv6-exit?
Definition: gnunet-daemon-exit.c:410
icmp_from_helper
static void icmp_from_helper(const struct GNUNET_TUN_IcmpHeader *icmp, size_t pktlen, int af, const void *destination_ip, const void *source_ip)
Handles an ICMP packet received from the helper.
Definition: gnunet-daemon-exit.c:2661
add_services
static void add_services(int proto, char *cpy, const char *name)
Add services to the service map.
Definition: gnunet-daemon-exit.c:3358
connections_heap
static struct GNUNET_CONTAINER_Heap * connections_heap
Heap so we can quickly find "old" connections.
Definition: gnunet-daemon-exit.c:334
tcp_from_helper
static void tcp_from_helper(const struct GNUNET_TUN_TcpHeader *tcp, size_t pktlen, int af, const void *destination_ip, const void *source_ip)
Handles a TCP packet received from the helper.
Definition: gnunet-daemon-exit.c:2948
prepare_ipv4_packet
static void prepare_ipv4_packet(const void *payload, size_t payload_length, int protocol, const struct GNUNET_TUN_TcpHeader *tcp_header, const struct SocketAddress *src_address, const struct SocketAddress *dst_address, struct GNUNET_TUN_IPv4Header *pkt4)
Prepare an IPv4 packet for transmission via the TUN interface.
Definition: gnunet-daemon-exit.c:762
dht_put
static struct GNUNET_DHT_PutHandle * dht_put
Handle for ongoing DHT PUT operations to advertise exit service.
Definition: gnunet-daemon-exit.c:359
REGEX_MAX_PATH_LEN_IPV6
#define REGEX_MAX_PATH_LEN_IPV6
Maximum path compression length for cadet regex announcing for IPv6 address based regex.
Definition: gnunet-daemon-exit.c:60
hash_redirect_info
static void hash_redirect_info(struct GNUNET_HashCode *hash, const struct RedirectInformation *ri)
Given IP information about a connection, calculate the respective hash we would use for the connectio...
Definition: gnunet-daemon-exit.c:571
handle_tcp_service
static void handle_tcp_service(void *cls, const struct GNUNET_EXIT_TcpServiceStartMessage *start)
Process a request via cadet to send a request to a TCP service offered by this system.
Definition: gnunet-daemon-exit.c:1645
make_up_icmp_service_payload
static uint16_t make_up_icmp_service_payload(struct ChannelState *state, char *buf)
Setup ICMP payload for ICMP error messages.
Definition: gnunet-daemon-exit.c:2196
regex6
static struct GNUNET_REGEX_Announcement * regex6
Handle to our regex announcement for IPv4.
Definition: gnunet-daemon-exit.c:278
handle_tcp_remote
static void handle_tcp_remote(void *cls, const struct GNUNET_EXIT_TcpInternetStartMessage *start)
Process a request to forward TCP data to the Internet via this peer.
Definition: gnunet-daemon-exit.c:1729
cadet_handle
static struct GNUNET_CADET_Handle * cadet_handle
The handle to cadet.
Definition: gnunet-daemon-exit.c:323
dummy_task
static void dummy_task(void *cls)
Function scheduled as very last function if the service disabled itself because the helper is not ins...
Definition: gnunet-daemon-exit.c:3240
do_dht_put
static void do_dht_put(void *cls)
We are running a DNS exit service, advertise it in the DHT.
Definition: gnunet-daemon-exit.c:3591
message_token
static int message_token(void *cls, const struct GNUNET_MessageHeader *message)
Receive packets from the helper-process.
Definition: gnunet-daemon-exit.c:3032
handle_icmp_remote
static void handle_icmp_remote(void *cls, const struct GNUNET_EXIT_IcmpInternetMessage *msg)
Process a request to forward ICMP data to the Internet via this peer.
Definition: gnunet-daemon-exit.c:1996
handle_udp_service
static void handle_udp_service(void *cls, const struct GNUNET_EXIT_UdpServiceMessage *msg)
Process a request via cadet to send a request to a UDP service offered by this system.
Definition: gnunet-daemon-exit.c:1605
handle_tcp_data
static void handle_tcp_data(void *cls, const struct GNUNET_EXIT_TcpDataMessage *data)
Process a request to forward TCP data on an established connection via this peer.
Definition: gnunet-daemon-exit.c:1865
exit_argv
static char * exit_argv[8]
Arguments to the exit helper.
Definition: gnunet-daemon-exit.c:293
read_service_conf
static void read_service_conf(void *cls, const char *section)
Reads the configuration and populates #udp_services and #tcp_services.
Definition: gnunet-daemon-exit.c:3528
cadet_port4
static struct GNUNET_CADET_Port * cadet_port4
Port for IPv4 exit.
Definition: gnunet-daemon-exit.c:395
process_dns_result
static GNUNET_NETWORK_STRUCT_END void process_dns_result(void *cls, const struct GNUNET_TUN_DnsHeader *dns, size_t r)
Callback called from DNSSTUB resolver when a resolution succeeded.
Definition: gnunet-daemon-exit.c:455
exit_ipv4mask
static struct in_addr exit_ipv4mask
IPv4 netmask of our TUN interface.
Definition: gnunet-daemon-exit.c:313
parse_ip_options
static void parse_ip_options()
Figure out which IP versions we should support (and which are supported by the OS) according to our c...
Definition: gnunet-daemon-exit.c:3630
exit_ipv4addr
static struct in_addr exit_ipv4addr
IPv4 address of our TUN interface.
Definition: gnunet-daemon-exit.c:308
free_service_record
static int free_service_record(void *cls, const struct GNUNET_HashCode *key, void *value)
Free memory associated with a service record.
Definition: gnunet-daemon-exit.c:2465
dht_put_key
static struct GNUNET_HashCode dht_put_key
Key we store the DNS advertismenet under.
Definition: gnunet-daemon-exit.c:380
peer_key
static struct GNUNET_CRYPTO_EddsaPrivateKey * peer_key
Private key for this peer.
Definition: gnunet-daemon-exit.c:385
new_channel
static void * new_channel(void *cls, struct GNUNET_CADET_Channel *channel, const struct GNUNET_PeerIdentity *initiator)
Callback from CADET for new channels.
Definition: gnunet-daemon-exit.c:3194
LOG
#define LOG(kind,...)
Generic logging shorthand.
Definition: gnunet-daemon-exit.c:84
check_tcp_data
static int check_tcp_data(void *cls, const struct GNUNET_EXIT_TcpDataMessage *data)
Check a request to forward TCP data on an established connection via this peer.
Definition: gnunet-daemon-exit.c:1827
main
int main(int argc, char *const *argv)
The main function.
Definition: gnunet-daemon-exit.c:4112
DHT_PUT_FREQUENCY
#define DHT_PUT_FREQUENCY
How frequently do we re-announce the DNS exit in the DHT?
Definition: gnunet-daemon-exit.c:71
check_icmp_remote
static int check_icmp_remote(void *cls, const struct GNUNET_EXIT_IcmpInternetMessage *msg)
Check a request to forward ICMP data to the Internet via this peer.
Definition: gnunet-daemon-exit.c:1975
handle_udp_remote
static void handle_udp_remote(void *cls, const struct GNUNET_EXIT_UdpInternetMessage *msg)
Process a request to forward UDP data to the Internet via this peer.
Definition: gnunet-daemon-exit.c:1484
setup_state_record
static void setup_state_record(struct ChannelState *state)
We are starting a fresh connection (TCP or UDP) and need to pick a source port and IP address (within...
Definition: gnunet-daemon-exit.c:1292
dns_port
static struct GNUNET_CADET_Port * dns_port
Port for DNS exit.
Definition: gnunet-daemon-exit.c:390
helper_handle
static struct GNUNET_HELPER_Handle * helper_handle
The handle to the helper.
Definition: gnunet-daemon-exit.c:288
ipv4_exit
static int ipv4_exit
Are we an IPv4-exit?
Definition: gnunet-daemon-exit.c:405
free_iterate
static int free_iterate(void *cls, const struct GNUNET_HashCode *hash, void *value)
Function that frees everything from a hashmap.
Definition: gnunet-daemon-exit.c:3222
advertise_dns_exit
static void advertise_dns_exit()
Helper function to open the CADET port for DNS exits and to advertise the DNS exit (if applicable).
Definition: gnunet-daemon-exit.c:3684
cadet_port6
static struct GNUNET_CADET_Port * cadet_port6
Port for IPv6 exit.
Definition: gnunet-daemon-exit.c:400
dht_task
static struct GNUNET_SCHEDULER_Task * dht_task
Task for doing DHT PUTs to advertise exit service.
Definition: gnunet-daemon-exit.c:369
check_tcp_remote
static int check_tcp_remote(void *cls, const struct GNUNET_EXIT_TcpInternetStartMessage *start)
Check a request to forward TCP data to the Internet via this peer.
Definition: gnunet-daemon-exit.c:1692
make_up_icmpv6_payload
static void make_up_icmpv6_payload(struct ChannelState *state, struct GNUNET_TUN_IPv6Header *ipp, struct GNUNET_TUN_UdpHeader *udp)
Synthesize a plausible ICMP payload for an ICMPv6 error response on the given channel.
Definition: gnunet-daemon-exit.c:1946
handle_dns_request
static void handle_dns_request(void *cls, const struct DnsResponseMessage *msg)
Process a request via cadet to perform a DNS query.
Definition: gnunet-daemon-exit.c:522
data
static char * data
The data to insert into the dht.
Definition: gnunet-dht-put.c:88
key
struct GNUNET_HashCode key
The key used in the DHT.
Definition: gnunet-dht-put.c:37
expiration
static struct GNUNET_TIME_Relative expiration
User supplied expiration value.
Definition: gnunet-dht-put.c:47
name
static char * name
Name (label) of the records to list.
Definition: gnunet-namecache.c:48
res
static char * res
Currently read line or NULL on EOF.
Definition: gnunet-namestore-zonefile.c:76
value
static char * value
Value of the record to add/remove.
Definition: gnunet-namestore.c:271
proto
static uint8_t proto
Protocol to use.
Definition: gnunet-nat-auto.c:86
ls
static struct GNUNET_NETWORK_Handle * ls
Listen socket for STUN processing.
Definition: gnunet-nat.c:85
state
enum State state
current state of profiling
Definition: gnunet-regex-profiler.c:245
service
static struct GNUNET_SERVICE_Handle * service
Handle to our service instance.
Definition: gnunet-service-arm.c:274
payload
static unsigned long long payload
How much data are we currently storing in the database?
Definition: gnunet-service-datastore.c:183
cadet_port
static struct GNUNET_CADET_Port * cadet_port
Listen port for incoming requests.
Definition: gnunet-service-fs_cadet_server.c:123
remote_port
static unsigned long long remote_port
Remote host's port.
Definition: gnunet-statistics.c:85
ipv4
static int ipv4
Option -4: IPv4 requested.
Definition: gnunet-vpn.c:60
udp
static int udp
Option -u: UDP requested.
Definition: gnunet-vpn.c:75
ipv6
static int ipv6
Option -6: IPv6 requested.
Definition: gnunet-vpn.c:65
tcp
static int tcp
Option -t: TCP requested.
Definition: gnunet-vpn.c:70
gnunet_applications.h
Constants for network applications operating on top of the CADET service.
gnunet_cadet_service.h
CADET service; establish channels to distant peers.
gnunet_dht_service.h
API to the DHT service.
gnunet_protocols.h
Constants for network protocols.
gnunet_regex_service.h
API to access regex service to advertise capabilities via regex and discover respective peers using m...
gnunet_statistics_service.h
API to create, modify and access statistics.
gnunet_util_lib.h
GNUNET_MAX_MESSAGE_SIZE
#define GNUNET_MAX_MESSAGE_SIZE
Largest supported message (to be precise, one byte more than the largest possible message,...
Definition: gnunet_util_lib.h:52
GNUNET_APPLICATION_TYPE_EXIT_REGEX_PREFIX
#define GNUNET_APPLICATION_TYPE_EXIT_REGEX_PREFIX
Internet exit regex prefix.
Definition: gnunet_applications.h:87
GNUNET_APPLICATION_PORT_INTERNET_RESOLVER
#define GNUNET_APPLICATION_PORT_INTERNET_RESOLVER
Internet DNS resolution (external DNS gateway).
Definition: gnunet_applications.h:71
GNUNET_APPLICATION_PORT_IPV4_GATEWAY
#define GNUNET_APPLICATION_PORT_IPV4_GATEWAY
Internet IPv4 gateway (any TCP/UDP/ICMP).
Definition: gnunet_applications.h:76
GNUNET_APPLICATION_PORT_IPV6_GATEWAY
#define GNUNET_APPLICATION_PORT_IPV6_GATEWAY
Internet IPv6 gateway (any TCP/UDP/ICMP).
Definition: gnunet_applications.h:81
GNUNET_CADET_connect
struct GNUNET_CADET_Handle * GNUNET_CADET_connect(const struct GNUNET_CONFIGURATION_Handle *cfg)
Connect to the MQ-based cadet service.
Definition: cadet_api.c:897
GNUNET_CADET_receive_done
void GNUNET_CADET_receive_done(struct GNUNET_CADET_Channel *channel)
Indicate readiness to receive the next message on a channel.
Definition: cadet_api.c:875
GNUNET_CADET_channel_destroy
void GNUNET_CADET_channel_destroy(struct GNUNET_CADET_Channel *channel)
Destroy an existing channel.
Definition: cadet_api.c:833
GNUNET_CADET_get_mq
struct GNUNET_MQ_Handle * GNUNET_CADET_get_mq(const struct GNUNET_CADET_Channel *channel)
Obtain the message queue for a connected channel.
Definition: cadet_api.c:1081
GNUNET_CADET_open_port
struct GNUNET_CADET_Port * GNUNET_CADET_open_port(struct GNUNET_CADET_Handle *h, const struct GNUNET_HashCode *port, GNUNET_CADET_ConnectEventHandler connects, void *connects_cls, GNUNET_CADET_WindowSizeEventHandler window_changes, GNUNET_CADET_DisconnectEventHandler disconnects, const struct GNUNET_MQ_MessageHandler *handlers)
Open a port to receive incoming MQ-based channels.
Definition: cadet_api.c:966
GNUNET_CADET_disconnect
void GNUNET_CADET_disconnect(struct GNUNET_CADET_Handle *handle)
Disconnect from the cadet service.
Definition: cadet_api.c:777
GNUNET_CADET_close_port
void GNUNET_CADET_close_port(struct GNUNET_CADET_Port *p)
Close a port opened with GNUNET_CADET_open_port.
Definition: cadet_api.c:804
GNUNET_CONFIGURATION_get_value_number
enum GNUNET_GenericReturnValue GNUNET_CONFIGURATION_get_value_number(const struct GNUNET_CONFIGURATION_Handle *cfg, const char *section, const char *option, unsigned long long *number)
Get a configuration value that should be a number.
Definition: configuration.c:1691
GNUNET_CONFIGURATION_iterate_sections
void GNUNET_CONFIGURATION_iterate_sections(const struct GNUNET_CONFIGURATION_Handle *cfg, GNUNET_CONFIGURATION_SectionIterator iter, void *iter_cls)
Iterate over all sections in the configuration.
Definition: configuration.c:1469
GNUNET_CONFIGURATION_get_value_yesno
enum GNUNET_GenericReturnValue GNUNET_CONFIGURATION_get_value_yesno(const struct GNUNET_CONFIGURATION_Handle *cfg, const char *section, const char *option)
Get a configuration value that should be in a set of "YES" or "NO".
Definition: configuration.c:2133
GNUNET_CONFIGURATION_get_value_string
enum GNUNET_GenericReturnValue GNUNET_CONFIGURATION_get_value_string(const struct GNUNET_CONFIGURATION_Handle *cfg, const char *section, const char *option, char **value)
Get a configuration value that should be a string.
Definition: configuration.c:1798
GNUNET_CRYPTO_eddsa_key_get_public
void GNUNET_CRYPTO_eddsa_key_get_public(const struct GNUNET_CRYPTO_EddsaPrivateKey *priv, struct GNUNET_CRYPTO_EddsaPublicKey *pub)
Extract the public key for the given private key.
Definition: crypto_ecc.c:201
GNUNET_CRYPTO_eddsa_sign_
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_eddsa_sign_(const struct GNUNET_CRYPTO_EddsaPrivateKey *priv, const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose, struct GNUNET_CRYPTO_EddsaSignature *sig)
EdDSA sign a given block.
Definition: crypto_ecc.c:625
GNUNET_CRYPTO_random_u32
uint32_t GNUNET_CRYPTO_random_u32(enum GNUNET_CRYPTO_Quality mode, uint32_t i)
Produce a random value.
Definition: crypto_random.c:178
GNUNET_CRYPTO_eddsa_key_create_from_configuration
struct GNUNET_CRYPTO_EddsaPrivateKey * GNUNET_CRYPTO_eddsa_key_create_from_configuration(const struct GNUNET_CONFIGURATION_Handle *cfg)
Create a new private key by reading our peer's key from the file specified in the configuration.
Definition: crypto_ecc_setup.c:247
GNUNET_CRYPTO_QUALITY_WEAK
@ GNUNET_CRYPTO_QUALITY_WEAK
No good quality of the operation is needed (i.e., random numbers can be pseudo-random).
Definition: gnunet_crypto_lib.h:91
GNUNET_DHT_put_cancel
void GNUNET_DHT_put_cancel(struct GNUNET_DHT_PutHandle *ph)
Cancels a DHT PUT operation.
Definition: dht_api.c:1144
GNUNET_DHT_put
struct GNUNET_DHT_PutHandle * GNUNET_DHT_put(struct GNUNET_DHT_Handle *handle, const struct GNUNET_HashCode *key, uint32_t desired_replication_level, enum GNUNET_DHT_RouteOption options, enum GNUNET_BLOCK_Type type, size_t size, const void *data, struct GNUNET_TIME_Absolute exp, GNUNET_SCHEDULER_TaskCallback cont, void *cont_cls)
Perform a PUT operation storing data in the DHT.
Definition: dht_api.c:1081
GNUNET_DHT_connect
struct GNUNET_DHT_Handle * GNUNET_DHT_connect(const struct GNUNET_CONFIGURATION_Handle *cfg, unsigned int ht_len)
Initialize the connection with the DHT service.
Definition: dht_api.c:1030
GNUNET_DHT_disconnect
void GNUNET_DHT_disconnect(struct GNUNET_DHT_Handle *handle)
Shutdown connection with the DHT service.
Definition: dht_api.c:1053
GNUNET_DHT_RO_NONE
@ GNUNET_DHT_RO_NONE
Default.
Definition: gnunet_dht_service.h:93
GNUNET_DNSSTUB_start
struct GNUNET_DNSSTUB_Context * GNUNET_DNSSTUB_start(unsigned int num_sockets)
Start a DNS stub resolver.
Definition: dnsstub.c:586
GNUNET_DNSSTUB_add_dns_ip
int GNUNET_DNSSTUB_add_dns_ip(struct GNUNET_DNSSTUB_Context *ctx, const char *dns_ip)
Add nameserver for use by the DNSSTUB.
Definition: dnsstub.c:613
GNUNET_DNSSTUB_stop
void GNUNET_DNSSTUB_stop(struct GNUNET_DNSSTUB_Context *ctx)
Cleanup DNSSTUB resolver.
Definition: dnsstub.c:705
GNUNET_DNSSTUB_resolve
struct GNUNET_DNSSTUB_RequestSocket * GNUNET_DNSSTUB_resolve(struct GNUNET_DNSSTUB_Context *ctx, const void *request, size_t request_len, GNUNET_DNSSTUB_ResultCallback rc, void *rc_cls)
Perform DNS resolution using our default IP from init.
Definition: dnsstub.c:526
GNUNET_CRYPTO_hash
void GNUNET_CRYPTO_hash(const void *block, size_t size, struct GNUNET_HashCode *ret)
Compute hash of a given block.
Definition: crypto_hash.c:41
GNUNET_CONTAINER_multihashmap_iterate
int GNUNET_CONTAINER_multihashmap_iterate(struct GNUNET_CONTAINER_MultiHashMap *map, GNUNET_CONTAINER_MultiHashMapIteratorCallback it, void *it_cls)
Iterate over all entries in the map.
Definition: container_multihashmap.c:309
GNUNET_CONTAINER_multihashmap_get
void * GNUNET_CONTAINER_multihashmap_get(const struct GNUNET_CONTAINER_MultiHashMap *map, const struct GNUNET_HashCode *key)
Given a key find a value in the map matching the key.
Definition: container_multihashmap.c:281
GNUNET_CONTAINER_multihashmap_remove
enum GNUNET_GenericReturnValue GNUNET_CONTAINER_multihashmap_remove(struct GNUNET_CONTAINER_MultiHashMap *map, const struct GNUNET_HashCode *key, const void *value)
Remove the given key-value pair from the map.
Definition: container_multihashmap.c:406
GNUNET_CONTAINER_multihashmap_put
enum GNUNET_GenericReturnValue GNUNET_CONTAINER_multihashmap_put(struct GNUNET_CONTAINER_MultiHashMap *map, const struct GNUNET_HashCode *key, void *value, enum GNUNET_CONTAINER_MultiHashMapOption opt)
Store a key-value pair in the map.
Definition: container_multihashmap.c:710
GNUNET_CONTAINER_multihashmap_destroy
void GNUNET_CONTAINER_multihashmap_destroy(struct GNUNET_CONTAINER_MultiHashMap *map)
Destroy a hash map.
Definition: container_multihashmap.c:215
GNUNET_CONTAINER_multihashmap_create
struct GNUNET_CONTAINER_MultiHashMap * GNUNET_CONTAINER_multihashmap_create(unsigned int len, int do_not_copy_keys)
Create a multi hash map.
Definition: container_multihashmap.c:180
GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY
@ GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY
There must only be one value per key; storing a value should fail if a value under the same key alrea...
Definition: gnunet_container_lib.h:378
GNUNET_CONTAINER_heap_remove_node
void * GNUNET_CONTAINER_heap_remove_node(struct GNUNET_CONTAINER_HeapNode *node)
Removes a node from the heap.
Definition: container_heap.c:460
GNUNET_CONTAINER_heap_remove_root
void * GNUNET_CONTAINER_heap_remove_root(struct GNUNET_CONTAINER_Heap *heap)
Remove root of the heap.
Definition: container_heap.c:344
GNUNET_CONTAINER_heap_update_cost
void GNUNET_CONTAINER_heap_update_cost(struct GNUNET_CONTAINER_HeapNode *node, GNUNET_CONTAINER_HeapCostType new_cost)
Updates the cost of any node in the tree.
Definition: container_heap.c:485
GNUNET_CONTAINER_heap_insert
struct GNUNET_CONTAINER_HeapNode * GNUNET_CONTAINER_heap_insert(struct GNUNET_CONTAINER_Heap *heap, void *element, GNUNET_CONTAINER_HeapCostType cost)
Inserts a new element into the heap.
Definition: container_heap.c:317
GNUNET_CONTAINER_heap_get_size
unsigned int GNUNET_CONTAINER_heap_get_size(const struct GNUNET_CONTAINER_Heap *heap)
Get the current size of the heap.
Definition: container_heap.c:186
GNUNET_CONTAINER_heap_create
struct GNUNET_CONTAINER_Heap * GNUNET_CONTAINER_heap_create(enum GNUNET_CONTAINER_HeapOrder order)
Create a new heap.
Definition: container_heap.c:134
GNUNET_CONTAINER_heap_destroy
void GNUNET_CONTAINER_heap_destroy(struct GNUNET_CONTAINER_Heap *heap)
Destroys the heap.
Definition: container_heap.c:145
GNUNET_CONTAINER_HEAP_ORDER_MIN
@ GNUNET_CONTAINER_HEAP_ORDER_MIN
Heap with the minimum cost at the root.
Definition: gnunet_container_lib.h:2155
GNUNET_HELPER_send
struct GNUNET_HELPER_SendHandle * GNUNET_HELPER_send(struct GNUNET_HELPER_Handle *h, const struct GNUNET_MessageHeader *msg, bool can_drop, GNUNET_HELPER_Continuation cont, void *cont_cls)
Send an message to the helper.
Definition: helper.c:615
GNUNET_HELPER_start
struct GNUNET_HELPER_Handle * GNUNET_HELPER_start(const struct GNUNET_OS_ProjectData *pd, int with_control_pipe, const char *binary_name, char *const binary_argv[], GNUNET_MessageTokenizerCallback cb, GNUNET_HELPER_ExceptionCallback exp_cb, void *cb_cls)
Starts a helper and begins reading from it.
Definition: helper.c:460
GNUNET_HELPER_stop
void GNUNET_HELPER_stop(struct GNUNET_HELPER_Handle *h, int soft_kill)
Kills the helper, closes the pipe, frees the handle and calls wait() on the helper process.
Definition: helper.c:538
GNUNET_NETWORK_STRUCT_BEGIN
#define GNUNET_NETWORK_STRUCT_BEGIN
Define as empty, GNUNET_PACKED should suffice, but this won't work on W32.
Definition: gnunet_common.h:269
GNUNET_MessageHeader::type
uint16_t type
The type of the message (GNUNET_MESSAGE_TYPE_XXXX), in big-endian format.
Definition: gnunet_common.h:330
GNUNET_log
#define GNUNET_log(kind,...)
Definition: gnunet_common.h:548
GNUNET_NETWORK_STRUCT_END
#define GNUNET_NETWORK_STRUCT_END
Define as empty, GNUNET_PACKED should suffice, but this won't work on W32;.
Definition: gnunet_common.h:274
GNUNET_memcmp
#define GNUNET_memcmp(a, b)
Compare memory in a and b, where both must be of the same pointer type.
Definition: gnunet_common.h:1246
GNUNET_ALIGN
#define GNUNET_ALIGN
gcc-ism to force alignment; we use this to align char-arrays that may then be cast to 'struct's.
Definition: gnunet_common.h:253
GNUNET_UNUSED
#define GNUNET_UNUSED
gcc-ism to document unused arguments
Definition: gnunet_common.h:259
GNUNET_memcpy
#define GNUNET_memcpy(dst, src, n)
Call memcpy() but check for n being 0 first.
Definition: gnunet_common.h:1316
GNUNET_MessageHeader::size
uint16_t size
The length of the struct (in bytes, including the length field itself), in big-endian format.
Definition: gnunet_common.h:325
GNUNET_OK
@ GNUNET_OK
Definition: gnunet_common.h:111
GNUNET_YES
@ GNUNET_YES
Definition: gnunet_common.h:113
GNUNET_NO
@ GNUNET_NO
Definition: gnunet_common.h:110
GNUNET_SYSERR
@ GNUNET_SYSERR
Definition: gnunet_common.h:109
GNUNET_break_op
#define GNUNET_break_op(cond)
Use this for assertion violations caused by other peers (i.e.
Definition: gnunet_common.h:1063
GNUNET_i2s
const char * GNUNET_i2s(const struct GNUNET_PeerIdentity *pid)
Convert a peer identity to a string (for printing debug messages).
Definition: common_logging.c:1316
GNUNET_assert
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
Definition: gnunet_common.h:956
GNUNET_break
#define GNUNET_break(cond)
Use this for internal assertion violations that are not fatal (can be handled) but should not occur.
Definition: gnunet_common.h:1041
GNUNET_h2s
const char * GNUNET_h2s(const struct GNUNET_HashCode *hc)
Convert a hash value to a string (for printing debug messages).
Definition: common_logging.c:1166
GNUNET_log_config_invalid
void GNUNET_log_config_invalid(enum GNUNET_ErrorType kind, const char *section, const char *option, const char *required)
Log error message about invalid configuration option value.
Definition: common_logging.c:1465
GNUNET_log_config_missing
void GNUNET_log_config_missing(enum GNUNET_ErrorType kind, const char *section, const char *option)
Log error message about missing configuration option.
Definition: common_logging.c:1451
GNUNET_ERROR_TYPE_WARNING
@ GNUNET_ERROR_TYPE_WARNING
Definition: gnunet_common.h:415
GNUNET_ERROR_TYPE_ERROR
@ GNUNET_ERROR_TYPE_ERROR
Definition: gnunet_common.h:414
GNUNET_ERROR_TYPE_DEBUG
@ GNUNET_ERROR_TYPE_DEBUG
Definition: gnunet_common.h:421
GNUNET_ERROR_TYPE_INFO
@ GNUNET_ERROR_TYPE_INFO
Definition: gnunet_common.h:420
GNUNET_asprintf
int int GNUNET_asprintf(char **buf, const char *format,...) __attribute__((format(printf
Like asprintf, just portable.
GNUNET_strdup
#define GNUNET_strdup(a)
Wrapper around GNUNET_xstrdup_.
Definition: gnunet_common.h:1425
GNUNET_strndup
#define GNUNET_strndup(a, length)
Wrapper around GNUNET_xstrndup_.
Definition: gnunet_common.h:1437
GNUNET_new
#define GNUNET_new(type)
Allocate a struct or union of the given type.
Definition: gnunet_common.h:1236
GNUNET_free
#define GNUNET_free(ptr)
Wrapper around free.
Definition: gnunet_common.h:1411
GNUNET_MQ_send
void GNUNET_MQ_send(struct GNUNET_MQ_Handle *mq, struct GNUNET_MQ_Envelope *ev)
Send a message with the given message queue.
Definition: mq.c:305
GNUNET_MQ_handler_end
#define GNUNET_MQ_handler_end()
End-marker for the handlers array.
Definition: gnunet_mq_lib.h:531
GNUNET_MQ_msg_extra
#define GNUNET_MQ_msg_extra(mvar, esize, type)
Allocate an envelope, with extra space allocated after the space needed by the message struct.
Definition: gnunet_mq_lib.h:61
GNUNET_MQ_hd_var_size
#define GNUNET_MQ_hd_var_size(name, code, str, ctx)
Definition: gnunet_mq_lib.h:617
GNUNET_NETWORK_test_pf
enum GNUNET_GenericReturnValue GNUNET_NETWORK_test_pf(int pf)
Test if the given protocol family is supported by this system.
Definition: network.c:79
GNUNET_OS_project_data_gnunet
const struct GNUNET_OS_ProjectData * GNUNET_OS_project_data_gnunet(void)
Return default project data used by 'libgnunetutil' for GNUnet.
Definition: os_installation.c:82
GNUNET_OS_check_helper_binary
enum GNUNET_GenericReturnValue GNUNET_OS_check_helper_binary(const char *binary, bool check_suid, const char *params)
Check whether an executable exists and possibly if the suid bit is set on the file.
Definition: os_installation.c:758
GNUNET_OS_get_suid_binary_path
char * GNUNET_OS_get_suid_binary_path(const struct GNUNET_OS_ProjectData *pd, const struct GNUNET_CONFIGURATION_Handle *cfg, const char *progname)
Given the name of a helper, service or daemon binary construct the full path to the binary using the ...
Definition: os_installation.c:712
GNUNET_PROGRAM_run
enum GNUNET_GenericReturnValue GNUNET_PROGRAM_run(const struct GNUNET_OS_ProjectData *pd, int argc, char *const *argv, const char *binaryName, const char *binaryHelp, const struct GNUNET_GETOPT_CommandLineOption *options, GNUNET_PROGRAM_Main task, void *task_cls)
Run a standard GNUnet command startup sequence (initialize loggers and configuration,...
Definition: program.c:407
GNUNET_MESSAGE_TYPE_VPN_UDP_REPLY
#define GNUNET_MESSAGE_TYPE_VPN_UDP_REPLY
Type of messages containing an UDP packet from a remote host.
Definition: gnunet_protocols.h:811
GNUNET_MESSAGE_TYPE_VPN_HELPER
#define GNUNET_MESSAGE_TYPE_VPN_HELPER
Type of messages between the gnunet-vpn-helper and the daemon.
Definition: gnunet_protocols.h:751
GNUNET_MESSAGE_TYPE_VPN_TCP_DATA_TO_EXIT
#define GNUNET_MESSAGE_TYPE_VPN_TCP_DATA_TO_EXIT
Type of messages containing an TCP packet of an established connection.
Definition: gnunet_protocols.h:791
GNUNET_MESSAGE_TYPE_VPN_ICMP_TO_SERVICE
#define GNUNET_MESSAGE_TYPE_VPN_ICMP_TO_SERVICE
Type of messages containing an ICMP packet for a service.
Definition: gnunet_protocols.h:756
GNUNET_MESSAGE_TYPE_VPN_TCP_TO_INTERNET_START
#define GNUNET_MESSAGE_TYPE_VPN_TCP_TO_INTERNET_START
Type of messages containing an TCP packet for the Internet.
Definition: gnunet_protocols.h:786
GNUNET_MESSAGE_TYPE_VPN_TCP_TO_SERVICE_START
#define GNUNET_MESSAGE_TYPE_VPN_TCP_TO_SERVICE_START
Type of messages containing an TCP packet for a service.
Definition: gnunet_protocols.h:781
GNUNET_MESSAGE_TYPE_VPN_UDP_TO_SERVICE
#define GNUNET_MESSAGE_TYPE_VPN_UDP_TO_SERVICE
Type of messages containing an UDP packet for a service.
Definition: gnunet_protocols.h:801
GNUNET_MESSAGE_TYPE_VPN_DNS_TO_INTERNET
#define GNUNET_MESSAGE_TYPE_VPN_DNS_TO_INTERNET
Type of messages containing an DNS request for a DNS exit service.
Definition: gnunet_protocols.h:771
GNUNET_MESSAGE_TYPE_VPN_DNS_FROM_INTERNET
#define GNUNET_MESSAGE_TYPE_VPN_DNS_FROM_INTERNET
Type of messages containing an DNS reply from a DNS exit service.
Definition: gnunet_protocols.h:776
GNUNET_MESSAGE_TYPE_VPN_ICMP_TO_INTERNET
#define GNUNET_MESSAGE_TYPE_VPN_ICMP_TO_INTERNET
Type of messages containing an ICMP packet for the Internet.
Definition: gnunet_protocols.h:761
GNUNET_MESSAGE_TYPE_VPN_TCP_DATA_TO_VPN
#define GNUNET_MESSAGE_TYPE_VPN_TCP_DATA_TO_VPN
Type of messages containing an TCP packet of an established connection.
Definition: gnunet_protocols.h:796
GNUNET_MESSAGE_TYPE_VPN_UDP_TO_INTERNET
#define GNUNET_MESSAGE_TYPE_VPN_UDP_TO_INTERNET
Type of messages containing an UDP packet for the Internet.
Definition: gnunet_protocols.h:806
GNUNET_MESSAGE_TYPE_VPN_ICMP_TO_VPN
#define GNUNET_MESSAGE_TYPE_VPN_ICMP_TO_VPN
Type of messages containing an ICMP packet for the VPN.
Definition: gnunet_protocols.h:766
GNUNET_REGEX_ipv6policy2regex
char * GNUNET_REGEX_ipv6policy2regex(const char *policy)
Convert an exit policy to a regular expression.
Definition: regex.c:725
GNUNET_REGEX_announce_cancel
void GNUNET_REGEX_announce_cancel(struct GNUNET_REGEX_Announcement *a)
Stop announcing the regex specified by the given handle.
Definition: regex_api_announce.c:173
GNUNET_REGEX_announce
struct GNUNET_REGEX_Announcement * GNUNET_REGEX_announce(const struct GNUNET_CONFIGURATION_Handle *cfg, const char *regex, struct GNUNET_TIME_Relative refresh_delay, uint16_t compression)
Announce this peer under the given regular expression.
Definition: regex_api_announce.c:139
GNUNET_REGEX_ipv4policy2regex
char * GNUNET_REGEX_ipv4policy2regex(const char *policy)
Convert an exit policy to a regular expression.
Definition: regex.c:682
GNUNET_SCHEDULER_shutdown
void GNUNET_SCHEDULER_shutdown(void)
Request the shutdown of a scheduler.
Definition: scheduler.c:567
GNUNET_SCHEDULER_add_shutdown
struct GNUNET_SCHEDULER_Task * GNUNET_SCHEDULER_add_shutdown(GNUNET_SCHEDULER_TaskCallback task, void *task_cls)
Schedule a new task to be run on shutdown, that is when a CTRL-C signal is received,...
Definition: scheduler.c:1339
GNUNET_SCHEDULER_cancel
void * GNUNET_SCHEDULER_cancel(struct GNUNET_SCHEDULER_Task *task)
Cancel the task with the specified identifier.
Definition: scheduler.c:980
GNUNET_SCHEDULER_add_now
struct GNUNET_SCHEDULER_Task * GNUNET_SCHEDULER_add_now(GNUNET_SCHEDULER_TaskCallback task, void *task_cls)
Schedule a new task to be run as soon as possible.
Definition: scheduler.c:1304
GNUNET_SCHEDULER_add_delayed
struct GNUNET_SCHEDULER_Task * GNUNET_SCHEDULER_add_delayed(struct GNUNET_TIME_Relative delay, GNUNET_SCHEDULER_TaskCallback task, void *task_cls)
Schedule a new task to be run with a specified delay.
Definition: scheduler.c:1277
GNUNET_STATISTICS_create
struct GNUNET_STATISTICS_Handle * GNUNET_STATISTICS_create(const char *subsystem, const struct GNUNET_CONFIGURATION_Handle *cfg)
Get handle for the statistics service.
Definition: statistics_api.c:889
GNUNET_STATISTICS_update
void GNUNET_STATISTICS_update(struct GNUNET_STATISTICS_Handle *handle, const char *name, int64_t delta, int make_persistent)
Set statistic value for the peer.
Definition: statistics_api.c:1324
GNUNET_STATISTICS_destroy
void GNUNET_STATISTICS_destroy(struct GNUNET_STATISTICS_Handle *h, int sync_first)
Destroy a handle (free all state associated with it).
Definition: statistics_api.c:916
GNUNET_TIME_UNIT_HOURS
#define GNUNET_TIME_UNIT_HOURS
One hour.
Definition: gnunet_time_lib.h:166
GNUNET_TIME_absolute_get_remaining
struct GNUNET_TIME_Relative GNUNET_TIME_absolute_get_remaining(struct GNUNET_TIME_Absolute future)
Given a timestamp in the future, how much time remains until then?
Definition: time.c:406
GNUNET_TIME_absolute_get
struct GNUNET_TIME_Absolute GNUNET_TIME_absolute_get(void)
Get the current time.
Definition: time.c:111
GNUNET_TIME_absolute_ntoh
struct GNUNET_TIME_Absolute GNUNET_TIME_absolute_ntoh(struct GNUNET_TIME_AbsoluteNBO a)
Convert absolute time from network byte order.
Definition: time.c:741
GNUNET_TIME_relative_to_absolute
struct GNUNET_TIME_Absolute GNUNET_TIME_relative_to_absolute(struct GNUNET_TIME_Relative rel)
Convert relative time to an absolute time in the future.
Definition: time.c:316
GNUNET_TIME_absolute_hton
struct GNUNET_TIME_AbsoluteNBO GNUNET_TIME_absolute_hton(struct GNUNET_TIME_Absolute a)
Convert absolute time to network byte order.
Definition: time.c:640
GNUNET_TUN_initialize_ipv6_header
void GNUNET_TUN_initialize_ipv6_header(struct GNUNET_TUN_IPv6Header *ip, uint8_t protocol, uint16_t payload_length, const struct in6_addr *src, const struct in6_addr *dst)
Initialize an IPv6 header.
Definition: tun.c:115
GNUNET_TUN_calculate_udp4_checksum
void GNUNET_TUN_calculate_udp4_checksum(const struct GNUNET_TUN_IPv4Header *ip, struct GNUNET_TUN_UdpHeader *udp, const void *payload, uint16_t payload_length)
Calculate IPv4 UDP checksum.
Definition: tun.c:193
GNUNET_TUN_initialize_ipv4_header
GNUNET_NETWORK_STRUCT_END void GNUNET_TUN_initialize_ipv4_header(struct GNUNET_TUN_IPv4Header *ip, uint8_t protocol, uint16_t payload_length, const struct in_addr *src, const struct in_addr *dst)
Initialize an IPv4 header.
Definition: tun.c:80
GNUNET_TUN_ICMPTYPE6_PARAMETER_PROBLEM
#define GNUNET_TUN_ICMPTYPE6_PARAMETER_PROBLEM
Definition: gnunet_tun_lib.h:720
GNUNET_TUN_calculate_icmp_checksum
void GNUNET_TUN_calculate_icmp_checksum(struct GNUNET_TUN_IcmpHeader *icmp, const void *payload, uint16_t payload_length)
Calculate ICMP checksum.
Definition: tun.c:255
GNUNET_TUN_ICMPTYPE6_ECHO_REQUEST
#define GNUNET_TUN_ICMPTYPE6_ECHO_REQUEST
Definition: gnunet_tun_lib.h:721
GNUNET_TUN_ICMPTYPE_TIME_EXCEEDED
#define GNUNET_TUN_ICMPTYPE_TIME_EXCEEDED
Definition: gnunet_tun_lib.h:715
GNUNET_TUN_ICMPTYPE6_ECHO_REPLY
#define GNUNET_TUN_ICMPTYPE6_ECHO_REPLY
Definition: gnunet_tun_lib.h:722
ETH_P_IPV6
#define ETH_P_IPV6
Number for IPv6.
Definition: gnunet_tun_lib.h:57
GNUNET_TUN_compute_service_cadet_port
void GNUNET_TUN_compute_service_cadet_port(const struct GNUNET_HashCode *desc, uint16_t ip_port, struct GNUNET_HashCode *cadet_port)
Compute the CADET port given a service descriptor (returned from GNUNET_TUN_service_name_to_hash) and...
Definition: tun.c:57
ETH_P_IPV4
#define ETH_P_IPV4
Number for IPv4.
Definition: gnunet_tun_lib.h:50
GNUNET_TUN_ICMPTYPE6_TIME_EXCEEDED
#define GNUNET_TUN_ICMPTYPE6_TIME_EXCEEDED
Definition: gnunet_tun_lib.h:719
GNUNET_TUN_calculate_tcp6_checksum
void GNUNET_TUN_calculate_tcp6_checksum(const struct GNUNET_TUN_IPv6Header *ip, struct GNUNET_TUN_TcpHeader *tcp, const void *payload, uint16_t payload_length)
Calculate IPv6 TCP checksum.
Definition: tun.c:165
GNUNET_TUN_service_name_to_hash
void GNUNET_TUN_service_name_to_hash(const char *service_name, struct GNUNET_HashCode *hc)
Hash the service name of a hosted service to the hash code that is used to identify the service on th...
Definition: tun.c:38
GNUNET_TUN_ICMPTYPE6_DESTINATION_UNREACHABLE
#define GNUNET_TUN_ICMPTYPE6_DESTINATION_UNREACHABLE
Definition: gnunet_tun_lib.h:717
GNUNET_TUN_ICMPTYPE_SOURCE_QUENCH
#define GNUNET_TUN_ICMPTYPE_SOURCE_QUENCH
Definition: gnunet_tun_lib.h:710
GNUNET_TUN_calculate_tcp4_checksum
void GNUNET_TUN_calculate_tcp4_checksum(const struct GNUNET_TUN_IPv4Header *ip, struct GNUNET_TUN_TcpHeader *tcp, const void *payload, uint16_t payload_length)
Calculate IPv4 TCP checksum.
Definition: tun.c:135
GNUNET_TUN_ICMPTYPE_DESTINATION_UNREACHABLE
#define GNUNET_TUN_ICMPTYPE_DESTINATION_UNREACHABLE
Definition: gnunet_tun_lib.h:709
GNUNET_TUN_ICMPTYPE_ECHO_REQUEST
#define GNUNET_TUN_ICMPTYPE_ECHO_REQUEST
Definition: gnunet_tun_lib.h:712
GNUNET_TUN_ICMPTYPE6_PACKET_TOO_BIG
#define GNUNET_TUN_ICMPTYPE6_PACKET_TOO_BIG
Definition: gnunet_tun_lib.h:718
GNUNET_TUN_ICMPTYPE_ECHO_REPLY
#define GNUNET_TUN_ICMPTYPE_ECHO_REPLY
Definition: gnunet_tun_lib.h:708
GNUNET_TUN_calculate_udp6_checksum
void GNUNET_TUN_calculate_udp6_checksum(const struct GNUNET_TUN_IPv6Header *ip, struct GNUNET_TUN_UdpHeader *udp, const void *payload, uint16_t payload_length)
Calculate IPv6 UDP checksum.
Definition: tun.c:224
size
static unsigned int size
Size of the "table".
Definition: peer.c:68
_
#define _(String)
GNU gettext support macro.
Definition: platform.h:178
GNUNET_BLOCK_TYPE_DNS
@ GNUNET_BLOCK_TYPE_DNS
Block for storing DNS exit service advertisements.
Definition: gnunet_dht_block_types.h:91
GNUNET_SIGNATURE_PURPOSE_DNS_RECORD
#define GNUNET_SIGNATURE_PURPOSE_DNS_RECORD
Signature on a GNUNET_DNS_Advertisement.
Definition: gnunet_signatures.h:100
ChannelState
This struct is saved into connections_map to allow finding the right channel given an IP packet from ...
Definition: gnunet-daemon-exit.c:199
ChannelState::serv
struct LocalService * serv
Associated service record, or NULL for no service.
Definition: gnunet-daemon-exit.c:235
ChannelState::my_id
uint16_t my_id
DNS request ID that we used for forwarding.
Definition: gnunet-daemon-exit.c:259
ChannelState::state_key
struct GNUNET_HashCode state_key
Key this state has in the connections_map.
Definition: gnunet-daemon-exit.c:230
ChannelState::tcp_udp
struct ChannelState::@46::@47 tcp_udp
ChannelState::destination_ip
union ChannelState::@71 destination_ip
Destination IP address used by the source on our end (this is the IP that we pick freely within the V...
ChannelState::rs
struct GNUNET_DNSSTUB_RequestSocket * rs
Socket we are using to transmit this request (must match if we receive a response).
Definition: gnunet-daemon-exit.c:249
ChannelState::af
int af
Address family used for this channel on the local TUN interface.
Definition: gnunet-service-vpn.c:238
ChannelState::channel
struct GNUNET_CADET_Channel * channel
Cadet channel that is used for this connection.
Definition: gnunet-daemon-exit.c:203
ChannelState::peer
struct GNUNET_PeerIdentity peer
Who is the other end of this channel.
Definition: gnunet-daemon-exit.c:209
ChannelState::is_dns
int is_dns
GNUNET_NO if this is a channel for TCP/UDP, GNUNET_YES if this is a channel for DNS,...
Definition: gnunet-daemon-exit.c:216
ChannelState::dns
struct ChannelState::@46::@48 dns
ChannelState::heap_node
struct GNUNET_CONTAINER_HeapNode * heap_node
Heap node for this state in the connections_heap.
Definition: gnunet-daemon-exit.c:225
ChannelState::protocol
uint8_t protocol
IPPROTO_TCP or IPPROTO_UDP once bound.
Definition: gnunet-service-vpn.c:254
ChannelState::destination_port
uint16_t destination_port
Destination port used by the sender on our end; 0 for uninitialized.
Definition: gnunet-service-vpn.c:297
ChannelState::original_id
uint16_t original_id
Original DNS request ID as used by the client.
Definition: gnunet-daemon-exit.c:254
ChannelState::ri
struct RedirectInformation ri
Primary redirection information for this connection.
Definition: gnunet-daemon-exit.c:240
ChannelState::specifics
union ChannelState::@46 specifics
DnsResponseMessage
Message with a DNS response.
Definition: gnunet-daemon-exit.c:429
DnsResponseMessage::header
struct GNUNET_MessageHeader header
GNUnet header, of type GNUNET_MESSAGE_TYPE_VPN_DNS_FROM_INTERNET.
Definition: gnunet-daemon-exit.c:433
DnsResponseMessage::dns
struct GNUNET_TUN_DnsHeader dns
DNS header.
Definition: gnunet-daemon-exit.c:438
GNUNET_CADET_Channel
Opaque handle to a channel.
Definition: cadet.h:116
GNUNET_CADET_Handle
Opaque handle to the service.
Definition: cadet_api.c:39
GNUNET_CADET_Port
Opaque handle to a port.
Definition: cadet_api.c:80
GNUNET_CONFIGURATION_Handle
configuration data
Definition: configuration.c:149
GNUNET_CONTAINER_HeapNode
Node in the heap.
Definition: container_heap.c:41
GNUNET_CONTAINER_Heap
Handle to a node in a heap.
Definition: container_heap.c:83
GNUNET_CONTAINER_MultiHashMap
Internal representation of the hash map.
Definition: container_multihashmap.c:107
GNUNET_CRYPTO_EccSignaturePurpose::size
uint32_t size
How many bytes does this signature sign? (including this purpose header); in network byte order (!...
Definition: gnunet_crypto_lib.h:147
GNUNET_CRYPTO_EccSignaturePurpose::purpose
uint32_t purpose
What does this signature vouch for? This must contain a GNUNET_SIGNATURE_PURPOSE_XXX constant (from g...
Definition: gnunet_crypto_lib.h:155
GNUNET_CRYPTO_EddsaPrivateKey
Private ECC key encoded for transmission.
Definition: gnunet_crypto_lib.h:278
GNUNET_CRYPTO_EddsaSignature
an ECC signature using EdDSA.
Definition: gnunet_crypto_lib.h:164
GNUNET_DHT_Handle
Connection to the DHT service.
Definition: dht_api.c:235
GNUNET_DHT_PutHandle
Handle to a PUT request.
Definition: dht_api.c:43
GNUNET_DNSSTUB_Context
Handle to the stub resolver.
Definition: dnsstub.c:125
GNUNET_DNSSTUB_RequestSocket
UDP socket we are using for sending DNS requests to the Internet.
Definition: dnsstub.c:46
GNUNET_DNS_Advertisement
This is the structure describing an DNS exit service.
Definition: block_dns.h:45
GNUNET_DNS_Advertisement::peer
struct GNUNET_PeerIdentity peer
The peer providing this service.
Definition: block_dns.h:65
GNUNET_DNS_Advertisement::expiration_time
struct GNUNET_TIME_AbsoluteNBO expiration_time
When does this signature expire?
Definition: block_dns.h:60
GNUNET_DNS_Advertisement::signature
struct GNUNET_CRYPTO_EddsaSignature signature
Signature of the peer affirming that it is offering the service.
Definition: block_dns.h:49
GNUNET_DNS_Advertisement::purpose
struct GNUNET_CRYPTO_EccSignaturePurpose purpose
Beginning of signed portion of the record, signs everything until the end of the struct.
Definition: block_dns.h:55
GNUNET_EXIT_IcmpInternetMessage
Message send via cadet to an exit daemon to forward ICMP data to the Internet.
Definition: exit.h:237
GNUNET_EXIT_IcmpServiceMessage
Message send via cadet to an exit daemon to send ICMP data to a local service.
Definition: exit.h:206
GNUNET_EXIT_IcmpToVPNMessage
Message send via cadet to the vpn service to send ICMP data to the VPN's TUN interface.
Definition: exit.h:272
GNUNET_EXIT_IcmpToVPNMessage::icmp_header
struct GNUNET_TUN_IcmpHeader icmp_header
ICMP header to use.
Definition: exit.h:287
GNUNET_EXIT_IcmpToVPNMessage::af
int32_t af
Address family, AF_INET or AF_INET6, in network byte order.
Definition: exit.h:282
GNUNET_EXIT_TcpDataMessage
Message send via cadet between VPN and entry and an exit daemon to transmit TCP data between the VPN ...
Definition: exit.h:95
GNUNET_EXIT_TcpDataMessage::reserved
uint32_t reserved
Always 0.
Definition: exit.h:104
GNUNET_EXIT_TcpDataMessage::tcp_header
struct GNUNET_TUN_TcpHeader tcp_header
Skeleton of the TCP header to send.
Definition: exit.h:110
GNUNET_EXIT_TcpInternetStartMessage
Message send via cadet to an exit daemon to initiate forwarding of TCP data to the Internet.
Definition: exit.h:64
GNUNET_EXIT_TcpServiceStartMessage
Message send via cadet to an exit daemon to initiate forwarding of TCP data to a local service.
Definition: exit.h:38
GNUNET_EXIT_UdpInternetMessage
Message send via cadet to an exit daemon to forward UDP data to the Internet.
Definition: exit.h:146
GNUNET_EXIT_UdpReplyMessage
Message send from exit daemon back to the UDP entry point (used for both Internet and Service exit re...
Definition: exit.h:179
GNUNET_EXIT_UdpReplyMessage::source_port
uint16_t source_port
Source port to use for the UDP reply (0 to use the same port as for the original request).
Definition: exit.h:189
GNUNET_EXIT_UdpReplyMessage::destination_port
uint16_t destination_port
Destination port to use for the UDP reply (0 to use the same port as for the original request).
Definition: exit.h:195
GNUNET_EXIT_UdpServiceMessage
Message send via cadet to an exit daemon to send UDP data to a local service.
Definition: exit.h:121
GNUNET_GETOPT_CommandLineOption
Definition of a command line option.
Definition: gnunet_getopt_lib.h:110
GNUNET_HELPER_Handle
The handle to a helper process.
Definition: helper.c:77
GNUNET_HashCode
A 512-bit hashcode.
Definition: gnunet_common.h:284
GNUNET_MQ_Envelope
Definition: mq.c:34
GNUNET_MQ_MessageHandler
Message handler for a specific message type.
Definition: gnunet_mq_lib.h:491
GNUNET_MessageHeader
Header for all communications.
Definition: gnunet_common.h:320
GNUNET_PeerIdentity
The identity of the host (wraps the signing key of the peer).
Definition: gnunet_crypto_lib.h:229
GNUNET_PeerIdentity::public_key
struct GNUNET_CRYPTO_EddsaPublicKey public_key
Definition: gnunet_crypto_lib.h:230
GNUNET_REGEX_Announcement
Handle to store cached data about a regex announce.
Definition: regex_api_announce.c:38
GNUNET_SCHEDULER_Task
Entry in list of pending tasks.
Definition: scheduler.c:136
GNUNET_STATISTICS_Handle
Handle for the service.
Definition: statistics_api.c:178
GNUNET_TIME_Absolute
Time for absolute times used by GNUnet, in microseconds.
Definition: gnunet_time_lib.h:54
GNUNET_TUN_DnsHeader
DNS header.
Definition: gnunet_tun_lib.h:456
GNUNET_TUN_DnsHeader::id
uint16_t id
Unique identifier for the request/response.
Definition: gnunet_tun_lib.h:460
GNUNET_TUN_IPv4Header
Standard IPv4 header.
Definition: gnunet_tun_lib.h:103
GNUNET_TUN_IPv4Header::total_length
uint16_t total_length
Length of the packet, including this header.
Definition: gnunet_tun_lib.h:118
GNUNET_TUN_IPv4Header::protocol
uint8_t protocol
L4-protocol, for example, IPPROTO_UDP or IPPROTO_TCP.
Definition: gnunet_tun_lib.h:137
GNUNET_TUN_IPv4Header::source_address
struct in_addr source_address
Origin of the packet.
Definition: gnunet_tun_lib.h:147
GNUNET_TUN_IPv4Header::destination_address
struct in_addr destination_address
Destination of the packet.
Definition: gnunet_tun_lib.h:152
GNUNET_TUN_IPv4Header::header_length
unsigned int header_length
Definition: gnunet_tun_lib.h:105
GNUNET_TUN_IPv6Header
Standard IPv6 header.
Definition: gnunet_tun_lib.h:160
GNUNET_TUN_IPv6Header::source_address
struct in6_addr source_address
Origin of the packet.
Definition: gnunet_tun_lib.h:191
GNUNET_TUN_IPv6Header::next_header
uint8_t next_header
For example, IPPROTO_UDP or IPPROTO_TCP.
Definition: gnunet_tun_lib.h:181
GNUNET_TUN_IPv6Header::destination_address
struct in6_addr destination_address
Destination of the packet.
Definition: gnunet_tun_lib.h:196
GNUNET_TUN_IPv6Header::payload_length
uint16_t payload_length
Length of the payload, excluding this header.
Definition: gnunet_tun_lib.h:176
GNUNET_TUN_IcmpHeader
ICMP header.
Definition: gnunet_tun_lib.h:729
GNUNET_TUN_IcmpHeader::type
uint8_t type
Definition: gnunet_tun_lib.h:730
GNUNET_TUN_Layer2PacketHeader
Header from Linux TUN interface.
Definition: gnunet_tun_lib.h:86
GNUNET_TUN_Layer2PacketHeader::proto
uint16_t proto
Here we get an ETH_P_-number.
Definition: gnunet_tun_lib.h:95
GNUNET_TUN_Layer2PacketHeader::flags
uint16_t flags
Some flags (unused).
Definition: gnunet_tun_lib.h:90
GNUNET_TUN_TcpHeader
TCP packet header.
Definition: gnunet_tun_lib.h:216
GNUNET_TUN_TcpHeader::source_port
uint16_t source_port
Source port (in NBO).
Definition: gnunet_tun_lib.h:220
GNUNET_TUN_TcpHeader::crc
uint16_t crc
Checksum.
Definition: gnunet_tun_lib.h:271
GNUNET_TUN_TcpHeader::destination_port
uint16_t destination_port
Destination port (in NBO).
Definition: gnunet_tun_lib.h:225
GNUNET_TUN_UdpHeader
UDP packet header.
Definition: gnunet_tun_lib.h:284
GNUNET_TUN_UdpHeader::len
uint16_t len
Number of bytes of payload.
Definition: gnunet_tun_lib.h:298
GNUNET_TUN_UdpHeader::destination_port
uint16_t destination_port
Destination port (in NBO).
Definition: gnunet_tun_lib.h:293
GNUNET_TUN_UdpHeader::source_port
uint16_t source_port
Source port (in NBO).
Definition: gnunet_tun_lib.h:288
LocalService
This struct is saved into the services-hashmap to represent a service this peer is specifically offer...
Definition: gnunet-daemon-exit.c:132
LocalService::is_udp
int16_t is_udp
GNUNET_YES if this is a UDP service, otherwise TCP.
Definition: gnunet-daemon-exit.c:156
LocalService::port
struct GNUNET_CADET_Port * port
Open port with CADET.
Definition: gnunet-daemon-exit.c:151
LocalService::address
struct SocketAddress address
Remote address to use for the service.
Definition: gnunet-daemon-exit.c:136
LocalService::descriptor
struct GNUNET_HashCode descriptor
Descriptor for the service (CADET port).
Definition: gnunet-daemon-exit.c:141
LocalService::name
char * name
DNS name of the service.
Definition: gnunet-daemon-exit.c:146
RedirectInformation
Information we use to track a connection (the classical 6-tuple of IP-version, protocol,...
Definition: gnunet-daemon-exit.c:166
RedirectInformation::local_address
struct SocketAddress local_address
Address information we used locally (AF and proto must match "remote_address").
Definition: gnunet-daemon-exit.c:178
RedirectInformation::remote_address
struct SocketAddress remote_address
Address information for the other party (equivalent of the arguments one would give to "connect").
Definition: gnunet-daemon-exit.c:171
SocketAddress
Information about an address.
Definition: gnunet-daemon-exit.c:92
SocketAddress::af
int af
AF_INET or AF_INET6.
Definition: gnunet-daemon-exit.c:96
SocketAddress::address
union SocketAddress::@45 address
Remote address information.
SocketAddress::proto
uint8_t proto
IPPROTO_TCP or IPPROTO_UDP;.
Definition: gnunet-daemon-exit.c:117
SocketAddress::ipv4
struct in_addr ipv4
Address, if af is AF_INET.
Definition: gnunet-daemon-exit.c:106
SocketAddress::port
uint16_t port
Remote port, in host byte order!
Definition: gnunet-daemon-exit.c:122
SocketAddress::ipv6
struct in6_addr ipv6
Address, if af is AF_INET6.
Definition: gnunet-daemon-exit.c:111