diff options
author | Phil <phil.buschmann@tum.de> | 2018-07-02 15:42:34 +0200 |
---|---|---|
committer | Phil <phil.buschmann@tum.de> | 2018-07-02 15:42:34 +0200 |
commit | 6ede545d597509fefcc3d4fd2ef865bc5f57603f (patch) | |
tree | 3839f25c1a4b594a5da56df47b8ef5bd25880c76 | |
parent | db8c5cd31a92cd18450bf9d2d595a8fd314583e0 (diff) | |
parent | bb3371542e3c1fff2c4abb4d2ba3decf925b4352 (diff) | |
download | gnunet-6ede545d597509fefcc3d4fd2ef865bc5f57603f.tar.gz gnunet-6ede545d597509fefcc3d4fd2ef865bc5f57603f.zip |
-Merge branch 'master' of ssh://gnunet.org/gnunet into gsoc2018/rest_api
174 files changed, 6260 insertions, 4504 deletions
diff --git a/.gitignore b/.gitignore index 46dc14a98..0959a9597 100644 --- a/.gitignore +++ b/.gitignore | |||
@@ -41,7 +41,6 @@ INSTALL | |||
41 | confdefs.h | 41 | confdefs.h |
42 | confdefs.c | 42 | confdefs.c |
43 | confdefs.err | 43 | confdefs.err |
44 | guix-env-gillmann.scm | ||
45 | src/namestore/test_namestore_api_zone_to_name | 44 | src/namestore/test_namestore_api_zone_to_name |
46 | src/credential/gnunet-credential | 45 | src/credential/gnunet-credential |
47 | src/credential/gnunet-service-credential | 46 | src/credential/gnunet-service-credential |
diff --git a/Makefile.am b/Makefile.am index 45a693ac9..ad32cf920 100644 --- a/Makefile.am +++ b/Makefile.am | |||
@@ -3,8 +3,11 @@ AM_CPPFLAGS = -I$(top_srcdir)/src/include | |||
3 | 3 | ||
4 | if DOCUMENTATION_ONLY | 4 | if DOCUMENTATION_ONLY |
5 | SUBDIRS = doc | 5 | SUBDIRS = doc |
6 | else | 6 | else |
7 | SUBDIRS = doc m4 src po pkgconfig | 7 | SUBDIRS = m4 src po pkgconfig |
8 | if DOCUMENTATION | ||
9 | SUBDIRS += doc | ||
10 | endif | ||
8 | endif | 11 | endif |
9 | 12 | ||
10 | if !TALER_ONLY | 13 | if !TALER_ONLY |
diff --git a/configure.ac b/configure.ac index fc44dcf5a..c7314d765 100644 --- a/configure.ac +++ b/configure.ac | |||
@@ -208,14 +208,52 @@ AC_PATH_TARGET_TOOL(VAR_IPTABLES_BINARY, iptables, false) | |||
208 | 208 | ||
209 | if test x"$VAR_IPTABLES_BINARY" != x"false" | 209 | if test x"$VAR_IPTABLES_BINARY" != x"false" |
210 | then | 210 | then |
211 | if test -x "/sbin/iptables" | ||
212 | then | ||
213 | VAR_IPTABLES_BINARY="/sbin/iptables" | ||
214 | elif test -x "/usr/sbin/iptables" | ||
215 | then | ||
216 | VAR_IPTABLES_BINARY="/usr/sbin/iptables" | ||
217 | fi | ||
218 | fi | ||
219 | |||
220 | if test x"$VAR_IPTABLES_BINARY" != x"false" | ||
221 | then | ||
211 | AC_DEFINE_UNQUOTED([IPTABLES], "$VAR_IPTABLES_BINARY", [Path to iptables]) | 222 | AC_DEFINE_UNQUOTED([IPTABLES], "$VAR_IPTABLES_BINARY", [Path to iptables]) |
212 | else | 223 | else |
213 | AC_MSG_WARN([warning: 'iptables' not found.]) | 224 | AC_MSG_WARN([warning: 'iptables' not found.]) |
214 | fi | 225 | fi |
215 | 226 | ||
227 | AC_PATH_TARGET_TOOL(VAR_IFCONFIG_BINARY, ifconfig, false) | ||
216 | 228 | ||
217 | AC_CHECK_PROG(VAR_IFCONFIG_BINARY, ifconfig, true, false) | 229 | AC_CHECK_PROG(VAR_IFCONFIG_BINARY, ifconfig, true, false) |
230 | if test x"$VAR_IFCONFIG_BINARY" != x"false" | ||
231 | then | ||
232 | if test -x "/sbin/ifconfig" | ||
233 | then | ||
234 | VAR_IFCONFIG_BINARY="/sbin/ifconfig" | ||
235 | elif test -x "/usr/sbin/ifconfig" | ||
236 | then | ||
237 | VAR_IFCONFIG_BINARY="/usr/sbin/ifconfig" | ||
238 | fi | ||
239 | fi | ||
240 | if test x"$VAR_IFCONFIG_BINARY" != x"false" | ||
241 | then | ||
242 | AC_DEFINE_UNQUOTED([IFCONFIG], "$VAR_IFCONFIG_BINARY", [Path to ifconfig]) | ||
243 | else | ||
218 | AC_MSG_WARN([warning: 'ifconfig' not found.]) | 244 | AC_MSG_WARN([warning: 'ifconfig' not found.]) |
245 | fi | ||
246 | |||
247 | |||
248 | # miniupnpc / upnpc binary is a soft runtime requirement | ||
249 | AC_PATH_TARGET_TOOL(VAR_UPNPC_BINARY, upnpc, false) | ||
250 | |||
251 | if test x"$VAR_UPNPC_BINARY" != x"false" | ||
252 | then | ||
253 | AC_DEFINE_UNQUOTED([UPNPC], "$VAR_UPNPC_BINARY", [Path to upnpc binary]) | ||
254 | else | ||
255 | AC_MSG_WARN([warning: 'upnpc' binary not found.]) | ||
256 | fi | ||
219 | 257 | ||
220 | AC_CHECK_MEMBER(struct tm.tm_gmtoff, | 258 | AC_CHECK_MEMBER(struct tm.tm_gmtoff, |
221 | [AC_DEFINE(HAVE_TM_GMTOFF, 1, | 259 | [AC_DEFINE(HAVE_TM_GMTOFF, 1, |
@@ -639,7 +677,7 @@ AC_CHECK_LIB([kstat],[kstat_open]) | |||
639 | # should the build process be building the documentation? | 677 | # should the build process be building the documentation? |
640 | AC_MSG_CHECKING(whether to build documentation) | 678 | AC_MSG_CHECKING(whether to build documentation) |
641 | AC_ARG_ENABLE([documentation], | 679 | AC_ARG_ENABLE([documentation], |
642 | [AS_HELP_STRING([--enable-documentation], [build the documentation])], | 680 | [AS_HELP_STRING([--disable-documentation], [do not build the documentation])], |
643 | [documentation=${enableval}], | 681 | [documentation=${enableval}], |
644 | [documentation=yes]) | 682 | [documentation=yes]) |
645 | AC_MSG_RESULT($documentation) | 683 | AC_MSG_RESULT($documentation) |
@@ -921,7 +959,7 @@ postgres=false | |||
921 | # even running the check for postgres breaks emscripten ... | 959 | # even running the check for postgres breaks emscripten ... |
922 | if test "$taler_only" != yes; then | 960 | if test "$taler_only" != yes; then |
923 | AX_LIB_POSTGRESQL([9.5]) | 961 | AX_LIB_POSTGRESQL([9.5]) |
924 | if test "$found_postgresql" = "yes"; then | 962 | if test "x$found_postgresql" = "xyes"; then |
925 | CPPFLAGS="$CPPFLAGS $POSTGRESQL_CPPFLAGS" | 963 | CPPFLAGS="$CPPFLAGS $POSTGRESQL_CPPFLAGS" |
926 | AC_CHECK_HEADERS([libpq-fe.h], | 964 | AC_CHECK_HEADERS([libpq-fe.h], |
927 | postgres=true) | 965 | postgres=true) |
@@ -1713,7 +1751,6 @@ src/testing/Makefile | |||
1713 | src/topology/Makefile | 1751 | src/topology/Makefile |
1714 | src/transport/Makefile | 1752 | src/transport/Makefile |
1715 | src/transport/transport.conf | 1753 | src/transport/transport.conf |
1716 | src/tun/Makefile | ||
1717 | src/util/Makefile | 1754 | src/util/Makefile |
1718 | src/util/resolver.conf | 1755 | src/util/resolver.conf |
1719 | src/vpn/Makefile | 1756 | src/vpn/Makefile |
@@ -1736,8 +1773,6 @@ pkgconfig/gnunetdatacache.pc | |||
1736 | pkgconfig/gnunetdatastore.pc | 1773 | pkgconfig/gnunetdatastore.pc |
1737 | pkgconfig/gnunetdht.pc | 1774 | pkgconfig/gnunetdht.pc |
1738 | pkgconfig/gnunetdns.pc | 1775 | pkgconfig/gnunetdns.pc |
1739 | pkgconfig/gnunetdnsparser.pc | ||
1740 | pkgconfig/gnunetdnsstub.pc | ||
1741 | pkgconfig/gnunetdv.pc | 1776 | pkgconfig/gnunetdv.pc |
1742 | pkgconfig/gnunetenv.pc | 1777 | pkgconfig/gnunetenv.pc |
1743 | pkgconfig/gnunetfragmentation.pc | 1778 | pkgconfig/gnunetfragmentation.pc |
@@ -1766,7 +1801,6 @@ pkgconfig/gnunetstatistics.pc | |||
1766 | pkgconfig/gnunettestbed.pc | 1801 | pkgconfig/gnunettestbed.pc |
1767 | pkgconfig/gnunettesting.pc | 1802 | pkgconfig/gnunettesting.pc |
1768 | pkgconfig/gnunettransport.pc | 1803 | pkgconfig/gnunettransport.pc |
1769 | pkgconfig/gnunettun.pc | ||
1770 | pkgconfig/gnunetutil.pc | 1804 | pkgconfig/gnunetutil.pc |
1771 | pkgconfig/gnunetvpn.pc | 1805 | pkgconfig/gnunetvpn.pc |
1772 | ]) | 1806 | ]) |
@@ -1811,6 +1845,10 @@ then | |||
1811 | AC_MSG_NOTICE([WARNING: jansson library not found. json support will not be compiled.]) | 1845 | AC_MSG_NOTICE([WARNING: jansson library not found. json support will not be compiled.]) |
1812 | fi | 1846 | fi |
1813 | 1847 | ||
1848 | # | ||
1849 | # FIXME: `some modules' -> be more specific which exact modules. | ||
1850 | # | ||
1851 | |||
1814 | # warn user if iptables is not found | 1852 | # warn user if iptables is not found |
1815 | if test "$VAR_IPTABLES_BINARY" = "false" | 1853 | if test "$VAR_IPTABLES_BINARY" = "false" |
1816 | then | 1854 | then |
@@ -1823,6 +1861,12 @@ then | |||
1823 | AC_MSG_NOTICE([WARNING: ifconfig not found. some modules may not have full functionality.]) | 1861 | AC_MSG_NOTICE([WARNING: ifconfig not found. some modules may not have full functionality.]) |
1824 | fi | 1862 | fi |
1825 | 1863 | ||
1864 | # warn user if upnpc binary is not found | ||
1865 | if test "$VAR_UPNPC_BINARY" = "false" | ||
1866 | then | ||
1867 | AC_MSG_NOTICE([WARNING: upnpc binary not found. some modules may not have full functionality.]) | ||
1868 | fi | ||
1869 | |||
1826 | #gnutls | 1870 | #gnutls |
1827 | if test x$gnutls != xtrue | 1871 | if test x$gnutls != xtrue |
1828 | then | 1872 | then |
diff --git a/contrib/.gitignore b/contrib/.gitignore index 304706d7e..d6ef469ba 100644 --- a/contrib/.gitignore +++ b/contrib/.gitignore | |||
@@ -2,7 +2,6 @@ gnunet_janitor.py | |||
2 | gnunet_pyexpect.py | 2 | gnunet_pyexpect.py |
3 | pydiffer.py | 3 | pydiffer.py |
4 | terminate.py | 4 | terminate.py |
5 | timeout_watchdog | ||
6 | gnunet_pyexpect.py | 5 | gnunet_pyexpect.py |
7 | gnunet_pyexpect.pyc | 6 | gnunet_pyexpect.pyc |
8 | pydiffer.pyc | 7 | pydiffer.pyc |
diff --git a/contrib/Makefile.am b/contrib/Makefile.am index 158e43998..eec3300b9 100644 --- a/contrib/Makefile.am +++ b/contrib/Makefile.am | |||
@@ -5,17 +5,6 @@ tap32dir = $(pkgdatadir)/openvpn-tap32/tapw32/ | |||
5 | 5 | ||
6 | tap64dir = $(pkgdatadir)/openvpn-tap32/tapw64/ | 6 | tap64dir = $(pkgdatadir)/openvpn-tap32/tapw64/ |
7 | 7 | ||
8 | noinst_PROGRAMS = \ | ||
9 | timeout_watchdog | ||
10 | |||
11 | if !MINGW | ||
12 | timeout_watchdog_SOURCES = \ | ||
13 | timeout_watchdog.c | ||
14 | else | ||
15 | timeout_watchdog_SOURCES = \ | ||
16 | timeout_watchdog_w32.c | ||
17 | endif | ||
18 | |||
19 | noinst_SCRIPTS = \ | 8 | noinst_SCRIPTS = \ |
20 | scripts/terminate.py \ | 9 | scripts/terminate.py \ |
21 | scripts/pydiffer.py \ | 10 | scripts/pydiffer.py \ |
diff --git a/contrib/conf/gnunet/no_autostart_above_core.conf b/contrib/conf/gnunet/no_autostart_above_core.conf index 114ec83a3..245b6a47d 100644 --- a/contrib/conf/gnunet/no_autostart_above_core.conf +++ b/contrib/conf/gnunet/no_autostart_above_core.conf | |||
@@ -88,3 +88,6 @@ START_ON_DEMAND = NO | |||
88 | 88 | ||
89 | [zonemaster-monitor] | 89 | [zonemaster-monitor] |
90 | START_ON_DEMAND = NO | 90 | START_ON_DEMAND = NO |
91 | |||
92 | [zonemaster] | ||
93 | START_ON_DEMAND = NO | ||
diff --git a/contrib/conf/gnunet/no_forcestart.conf b/contrib/conf/gnunet/no_forcestart.conf index a069674e0..de58c6039 100644 --- a/contrib/conf/gnunet/no_forcestart.conf +++ b/contrib/conf/gnunet/no_forcestart.conf | |||
@@ -39,3 +39,19 @@ IMMEDIATE_START = NO | |||
39 | 39 | ||
40 | [zonemaster-monitor] | 40 | [zonemaster-monitor] |
41 | IMMEDIATE_START = NO | 41 | IMMEDIATE_START = NO |
42 | |||
43 | [psyc] | ||
44 | IMMEDIATE_START = NO | ||
45 | |||
46 | [rps] | ||
47 | IMMEDIATE_START = NO | ||
48 | |||
49 | [consensus] | ||
50 | IMMEDIATE_START = NO | ||
51 | |||
52 | [set] | ||
53 | IMMEDIATE_START = NO | ||
54 | |||
55 | [nse] | ||
56 | IMMEDIATE_START = NO | ||
57 | |||
diff --git a/contrib/packages/guix/guix-env-gillmann.scm b/contrib/packages/guix/guix-env-gillmann.scm new file mode 100644 index 000000000..4b977c1bb --- /dev/null +++ b/contrib/packages/guix/guix-env-gillmann.scm | |||
@@ -0,0 +1,151 @@ | |||
1 | ;;; This file is part of GNUnet. | ||
2 | ;;; Copyright (C) 2016, 2017, 2018 GNUnet e.V. | ||
3 | ;;; | ||
4 | ;;; GNUnet is free software; you can redistribute it and/or modify | ||
5 | ;;; it under the terms of the GNU General Public License as published | ||
6 | ;;; by the Free Software Foundation; either version 3, or (at your | ||
7 | ;;; option) any later version. | ||
8 | ;;; | ||
9 | ;;; GNUnet is distributed in the hope that it will be useful, but | ||
10 | ;;; WITHOUT ANY WARRANTY; without even the implied warranty of | ||
11 | ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | ||
12 | ;;; General Public License for more details. | ||
13 | ;;; | ||
14 | ;;; You should have received a copy of the GNU General Public License | ||
15 | ;;; along with GNUnet; see the file COPYING. If not, write to the | ||
16 | ;;; Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, | ||
17 | ;;; Boston, MA 02110-1301, USA. | ||
18 | |||
19 | (use-modules | ||
20 | (ice-9 popen) | ||
21 | (ice-9 match) | ||
22 | (ice-9 rdelim) | ||
23 | (guix packages) | ||
24 | (guix build-system gnu) | ||
25 | (guix gexp) | ||
26 | ((guix build utils) #:select (with-directory-excursion)) | ||
27 | (guix git-download) | ||
28 | (guix utils) ; current-source-directory | ||
29 | (gnu packages) | ||
30 | (gnu packages aidc) | ||
31 | (gnu packages autotools) | ||
32 | (gnu packages backup) | ||
33 | (gnu packages base) | ||
34 | (gnu packages compression) | ||
35 | (gnu packages curl) | ||
36 | (gnu packages databases) | ||
37 | (gnu packages file) | ||
38 | (gnu packages gettext) | ||
39 | (gnu packages glib) | ||
40 | (gnu packages gnome) | ||
41 | (gnu packages gnunet) | ||
42 | (gnu packages gnupg) | ||
43 | (gnu packages gnuzilla) | ||
44 | (gnu packages groff) | ||
45 | (gnu packages gstreamer) | ||
46 | (gnu packages gtk) | ||
47 | (gnu packages guile) | ||
48 | (gnu packages image) | ||
49 | (gnu packages image-viewers) | ||
50 | (gnu packages libidn) | ||
51 | (gnu packages libunistring) | ||
52 | (gnu packages linux) | ||
53 | (gnu packages maths) | ||
54 | (gnu packages multiprecision) | ||
55 | (gnu packages perl) | ||
56 | (gnu packages pkg-config) | ||
57 | (gnu packages pulseaudio) | ||
58 | (gnu packages python) | ||
59 | (gnu packages tex) | ||
60 | (gnu packages texinfo) | ||
61 | (gnu packages tex) | ||
62 | (gnu packages tls) | ||
63 | (gnu packages upnp) | ||
64 | (gnu packages video) | ||
65 | (gnu packages web) | ||
66 | (gnu packages xiph) | ||
67 | ((guix licenses) #:prefix license:)) | ||
68 | |||
69 | (define %source-dir (current-source-directory)) | ||
70 | |||
71 | (define gnunet-dev-env | ||
72 | (let* ((revision "1") | ||
73 | (select? (delay (or (git-predicate | ||
74 | (current-source-directory)) | ||
75 | source-file?)))) | ||
76 | (package | ||
77 | (inherit gnunet) | ||
78 | (name "gnunet") | ||
79 | (version (string-append "git" revision)) | ||
80 | (source | ||
81 | (local-file | ||
82 | (string-append (getcwd)) | ||
83 | #:recursive? #t)) | ||
84 | (inputs | ||
85 | `(("glpk" ,glpk) | ||
86 | ("gnurl" ,gnurl) | ||
87 | ("gstreamer" ,gstreamer) | ||
88 | ("gst-plugins-base" ,gst-plugins-base) | ||
89 | ("gnutls/dane" ,gnutls/dane) | ||
90 | ("iptables" ,iptables) | ||
91 | ("libextractor" ,libextractor) | ||
92 | ("libgcrypt" ,libgcrypt) | ||
93 | ("libidn" ,libidn) | ||
94 | ("libmicrohttpd" ,libmicrohttpd) | ||
95 | ("libltdl" ,libltdl) | ||
96 | ("libunistring" ,libunistring) | ||
97 | ("openssl" ,openssl) | ||
98 | ("opus" ,opus) | ||
99 | ("pulseaudio" ,pulseaudio) | ||
100 | ("sqlite" ,sqlite) | ||
101 | ("postgresql" ,postgresql) | ||
102 | ("mariadb" ,mariadb) | ||
103 | ("zlib" ,zlib) | ||
104 | ("perl" ,perl) | ||
105 | ("python-2" ,python-2) ; tests and gnunet-qr | ||
106 | ("jansson" ,jansson) | ||
107 | ("nss" ,nss) | ||
108 | ("glib" ,glib "bin") | ||
109 | ("gmp" ,gmp) | ||
110 | ("bluez" ,bluez) ; for optional bluetooth feature | ||
111 | ("glib" ,glib) | ||
112 | ;; ("texlive" ,texlive) ;FIXME: minimize. | ||
113 | ("texlive-tiny" ,texlive-tiny) ;; Seems to be enough for _just_ info output. | ||
114 | ("miniupnpc" ,miniupnpc) | ||
115 | ("libogg" ,libogg))) | ||
116 | (native-inputs | ||
117 | `(("pkg-config" ,pkg-config) | ||
118 | ("autoconf" ,autoconf) | ||
119 | ("automake" ,automake) | ||
120 | ("gnu-gettext" ,gnu-gettext) | ||
121 | ("which" ,which) | ||
122 | ("texinfo" ,texinfo-5) ; Debian stable: 5.2 | ||
123 | ("libtool" ,libtool))) | ||
124 | (outputs '("out" "debug")) | ||
125 | (arguments | ||
126 | `(;#:configure-flags | ||
127 | ;;(list (string-append "--with-nssdir=" %output "/lib") | ||
128 | ;;"--enable-gcc-hardening" | ||
129 | ;;"--enable-linker-hardening" | ||
130 | ;;;;"--enable-documentation-only") | ||
131 | ;;;"--enable-logging=verbose" | ||
132 | ;;;"CFLAGS=-ggdb -O0") | ||
133 | #:phases | ||
134 | ;; swap check and install phases and set paths to installed bin | ||
135 | (modify-phases %standard-phases | ||
136 | (add-after 'unpack 'patch-bin-sh | ||
137 | (lambda _ | ||
138 | (for-each (lambda (f) (chmod f #o755)) | ||
139 | (find-files "po" "")) | ||
140 | #t)) | ||
141 | (add-after 'patch-bin-sh 'bootstrap | ||
142 | (lambda _ | ||
143 | (zero? (system* "sh" "bootstrap")))) | ||
144 | ;;(add-before 'build 'chdir | ||
145 | ;; (lambda _ | ||
146 | ;; (chdir "doc/documentation"))) | ||
147 | (delete 'check) | ||
148 | ;; XXX: https://gnunet.org/bugs/view.php?id=4619 | ||
149 | )))))) | ||
150 | |||
151 | gnunet-dev-env | ||
diff --git a/contrib/packages/guix/guix-env-py2.scm b/contrib/packages/guix/guix-env-py2.scm new file mode 100644 index 000000000..6085f96a9 --- /dev/null +++ b/contrib/packages/guix/guix-env-py2.scm | |||
@@ -0,0 +1,158 @@ | |||
1 | ;;; This file is part of GNUnet. | ||
2 | ;;; Copyright (C) 2016, 2017, 2018 GNUnet e.V. | ||
3 | ;;; | ||
4 | ;;; GNUnet is free software; you can redistribute it and/or modify | ||
5 | ;;; it under the terms of the GNU General Public License as published | ||
6 | ;;; by the Free Software Foundation; either version 3, or (at your | ||
7 | ;;; option) any later version. | ||
8 | ;;; | ||
9 | ;;; GNUnet is distributed in the hope that it will be useful, but | ||
10 | ;;; WITHOUT ANY WARRANTY; without even the implied warranty of | ||
11 | ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | ||
12 | ;;; General Public License for more details. | ||
13 | ;;; | ||
14 | ;;; You should have received a copy of the GNU General Public License | ||
15 | ;;; along with GNUnet; see the file COPYING. If not, write to the | ||
16 | ;;; Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, | ||
17 | ;;; Boston, MA 02110-1301, USA. | ||
18 | |||
19 | (use-modules | ||
20 | (ice-9 popen) | ||
21 | (ice-9 match) | ||
22 | (ice-9 rdelim) | ||
23 | (guix packages) | ||
24 | (guix build-system gnu) | ||
25 | (guix gexp) | ||
26 | ((guix build utils) #:select (with-directory-excursion)) | ||
27 | (guix git-download) | ||
28 | (guix utils) ; current-source-directory | ||
29 | (gnu packages) | ||
30 | (gnu packages aidc) | ||
31 | (gnu packages autotools) | ||
32 | (gnu packages backup) | ||
33 | (gnu packages base) | ||
34 | (gnu packages compression) | ||
35 | (gnu packages curl) | ||
36 | (gnu packages databases) | ||
37 | (gnu packages file) | ||
38 | (gnu packages gettext) | ||
39 | (gnu packages glib) | ||
40 | (gnu packages gnome) | ||
41 | (gnu packages gnunet) | ||
42 | (gnu packages gnupg) | ||
43 | (gnu packages gnuzilla) | ||
44 | (gnu packages groff) | ||
45 | (gnu packages gstreamer) | ||
46 | (gnu packages gtk) | ||
47 | (gnu packages guile) | ||
48 | (gnu packages image) | ||
49 | (gnu packages image-viewers) | ||
50 | (gnu packages libidn) | ||
51 | (gnu packages libunistring) | ||
52 | (gnu packages linux) | ||
53 | (gnu packages maths) | ||
54 | (gnu packages multiprecision) | ||
55 | (gnu packages perl) | ||
56 | (gnu packages pkg-config) | ||
57 | (gnu packages pulseaudio) | ||
58 | (gnu packages python) | ||
59 | (gnu packages tex) | ||
60 | (gnu packages texinfo) | ||
61 | (gnu packages tex) | ||
62 | (gnu packages tls) | ||
63 | (gnu packages upnp) | ||
64 | (gnu packages video) | ||
65 | (gnu packages web) | ||
66 | (gnu packages xiph) | ||
67 | ((guix licenses) #:prefix license:)) | ||
68 | |||
69 | (define %source-dir (current-source-directory)) | ||
70 | |||
71 | (define gnunet-dev-env | ||
72 | (let* ((revision "1") | ||
73 | (select? (delay (or (git-predicate | ||
74 | (current-source-directory)) | ||
75 | source-file?)))) | ||
76 | (package | ||
77 | (inherit gnunet) | ||
78 | (name "gnunet") | ||
79 | (version (string-append "git" revision)) | ||
80 | (source | ||
81 | (local-file | ||
82 | (string-append (getcwd)) | ||
83 | #:recursive? #t)) | ||
84 | (inputs | ||
85 | `(("glpk" ,glpk) | ||
86 | ("gnurl" ,gnurl) | ||
87 | ("gstreamer" ,gstreamer) | ||
88 | ("gst-plugins-base" ,gst-plugins-base) | ||
89 | ("gnutls/dane" ,gnutls/dane) | ||
90 | ("libextractor" ,libextractor) | ||
91 | ("libgcrypt" ,libgcrypt) | ||
92 | ("libidn" ,libidn) | ||
93 | ("libmicrohttpd" ,libmicrohttpd) | ||
94 | ("libltdl" ,libltdl) | ||
95 | ("libunistring" ,libunistring) | ||
96 | ("openssl" ,openssl) | ||
97 | ("opus" ,opus) | ||
98 | ("pulseaudio" ,pulseaudio) | ||
99 | ("sqlite" ,sqlite) | ||
100 | ("postgresql" ,postgresql) | ||
101 | ("mysql" ,mysql) | ||
102 | ("zlib" ,zlib) | ||
103 | ("perl" ,perl) | ||
104 | ("python-2" ,python-2) ; tests and gnunet-qr | ||
105 | ("python2-future" ,python2-future) | ||
106 | ("jansson" ,jansson) | ||
107 | ("nss" ,nss) | ||
108 | ("glib" ,glib "bin") | ||
109 | ("gmp" ,gmp) | ||
110 | ("bluez" ,bluez) ; for optional bluetooth feature | ||
111 | ("glib" ,glib) | ||
112 | ;; ("texlive" ,texlive) ;FIXME: minimize. | ||
113 | ("texlive-tiny" ,texlive-tiny) ;; Seems to be enough for _just_ info output. | ||
114 | ("miniupnpc" ,miniupnpc) | ||
115 | ("libogg" ,libogg))) | ||
116 | (native-inputs | ||
117 | `(("pkg-config" ,pkg-config) | ||
118 | ("autoconf" ,autoconf) | ||
119 | ("automake" ,automake) | ||
120 | ("gnu-gettext" ,gnu-gettext) | ||
121 | ("which" ,which) | ||
122 | ("texinfo" ,texinfo-5) ; Debian stable: 5.2 | ||
123 | ("libtool" ,libtool))) | ||
124 | (outputs '("out" "debug")) | ||
125 | (arguments | ||
126 | `(;#:configure-flags | ||
127 | ;;(list (string-append "--with-nssdir=" %output "/lib") | ||
128 | ;;"--enable-gcc-hardening" | ||
129 | ;;"--enable-linker-hardening" | ||
130 | ;;;;"--enable-documentation-only") | ||
131 | ;;;"--enable-logging=verbose" | ||
132 | ;;;"CFLAGS=-ggdb -O0") | ||
133 | #:phases | ||
134 | ;; swap check and install phases and set paths to installed bin | ||
135 | (modify-phases %standard-phases | ||
136 | (add-after 'unpack 'patch-bin-sh | ||
137 | (lambda _ | ||
138 | (for-each (lambda (f) (chmod f #o755)) | ||
139 | (find-files "po" "")) | ||
140 | #t)) | ||
141 | (add-after 'patch-bin-sh 'bootstrap | ||
142 | (lambda _ | ||
143 | (zero? (system* "sh" "bootstrap")))) | ||
144 | ;;(add-before 'build 'chdir | ||
145 | ;; (lambda _ | ||
146 | ;; (chdir "doc/documentation"))) | ||
147 | (delete 'check) | ||
148 | ;; XXX: https://gnunet.org/bugs/view.php?id=4619 | ||
149 | (add-after 'install 'set-path-for-check | ||
150 | (lambda* (#:key outputs #:allow-other-keys) | ||
151 | (let* ((out (assoc-ref outputs "out")) | ||
152 | (bin (string-append out "/bin")) | ||
153 | (lib (string-append out "/lib"))) | ||
154 | (setenv "GNUNET_PREFIX" lib) | ||
155 | (setenv "PATH" (string-append (getenv "PATH") ":" bin)) | ||
156 | (zero? (system* "make" "check"))))))))))) | ||
157 | |||
158 | gnunet-dev-env | ||
diff --git a/doc/documentation/Makefile.am b/doc/documentation/Makefile.am index 12f40f147..b6c666c4d 100644 --- a/doc/documentation/Makefile.am +++ b/doc/documentation/Makefile.am | |||
@@ -114,6 +114,7 @@ gnunet_TEXINFOS = \ | |||
114 | chapters/developer.texi \ | 114 | chapters/developer.texi \ |
115 | chapters/preface.texi \ | 115 | chapters/preface.texi \ |
116 | chapters/philosophy.texi \ | 116 | chapters/philosophy.texi \ |
117 | chapters/installation.texi \ | ||
117 | chapters/user.texi \ | 118 | chapters/user.texi \ |
118 | chapters/vocabulary.texi \ | 119 | chapters/vocabulary.texi \ |
119 | chapters/configuration.texi \ | 120 | chapters/configuration.texi \ |
@@ -143,6 +144,7 @@ DISTCLEANFILES = \ | |||
143 | chapters/terminology.cps \ | 144 | chapters/terminology.cps \ |
144 | chapters/vocabulary.cps \ | 145 | chapters/vocabulary.cps \ |
145 | fdl-1.3.cps \ | 146 | fdl-1.3.cps \ |
147 | agpl-3.0.cps \ | ||
146 | gpl-3.0.cps | 148 | gpl-3.0.cps |
147 | 149 | ||
148 | # if HAVE_EXTENDED_DOCUMENTATION_BUILDING | 150 | # if HAVE_EXTENDED_DOCUMENTATION_BUILDING |
@@ -165,8 +167,8 @@ lego_stack.png: images/lego_stack.svg | |||
165 | # echo "@set EDITION $(PACKAGE_VERSION)" >> $@ | 167 | # echo "@set EDITION $(PACKAGE_VERSION)" >> $@ |
166 | # echo "@set VERSION $(PACKAGE_VERSION)" >> $@ | 168 | # echo "@set VERSION $(PACKAGE_VERSION)" >> $@ |
167 | 169 | ||
168 | # Workaround for makeinfo error. Whcih in turn introduces more | 170 | # Workaround for makeinfo error. Which in turn introduces more |
169 | # date-related 'warnings'. Well. | 171 | # date-related 'warnings' for GNUism. Well. |
170 | version2.texi: | 172 | version2.texi: |
171 | echo "@set UPDATED $(date +'%d %B %Y')" > $@ | 173 | echo "@set UPDATED $(date +'%d %B %Y')" > $@ |
172 | echo "@set UPDATED-MONTH $(date +'%B %Y')" >> $@ | 174 | echo "@set UPDATED-MONTH $(date +'%B %Y')" >> $@ |
diff --git a/doc/documentation/agpl-3.0.texi b/doc/documentation/agpl-3.0.texi new file mode 100644 index 000000000..eabb0c6df --- /dev/null +++ b/doc/documentation/agpl-3.0.texi | |||
@@ -0,0 +1,698 @@ | |||
1 | @c The GNU Affero General Public License. | ||
2 | @center Version 3, 19 November 2007 | ||
3 | |||
4 | @c This file is intended to be included within another document, | ||
5 | @c hence no sectioning command or @node. | ||
6 | |||
7 | @display | ||
8 | Copyright @copyright{} 2007 Free Software Foundation, Inc. @url{https://fsf.org/} | ||
9 | |||
10 | Everyone is permitted to copy and distribute verbatim copies of this | ||
11 | license document, but changing it is not allowed. | ||
12 | @end display | ||
13 | |||
14 | @heading Preamble | ||
15 | |||
16 | The GNU Affero General Public License is a free, copyleft license | ||
17 | for software and other kinds of works, specifically designed to ensure | ||
18 | cooperation with the community in the case of network server software. | ||
19 | |||
20 | The licenses for most software and other practical works are | ||
21 | designed to take away your freedom to share and change the works. By | ||
22 | contrast, our General Public Licenses are intended to guarantee your | ||
23 | freedom to share and change all versions of a program--to make sure it | ||
24 | remains free software for all its users. | ||
25 | |||
26 | When we speak of free software, we are referring to freedom, not | ||
27 | price. Our General Public Licenses are designed to make sure that you | ||
28 | have the freedom to distribute copies of free software (and charge for | ||
29 | them if you wish), that you receive source code or can get it if you | ||
30 | want it, that you can change the software or use pieces of it in new | ||
31 | free programs, and that you know you can do these things. | ||
32 | |||
33 | Developers that use our General Public Licenses protect your rights | ||
34 | with two steps: (1) assert copyright on the software, and (2) offer | ||
35 | you this License which gives you legal permission to copy, distribute | ||
36 | and/or modify the software. | ||
37 | |||
38 | A secondary benefit of defending all users' freedom is that | ||
39 | improvements made in alternate versions of the program, if they | ||
40 | receive widespread use, become available for other developers to | ||
41 | incorporate. Many developers of free software are heartened and | ||
42 | encouraged by the resulting cooperation. However, in the case of | ||
43 | software used on network servers, this result may fail to come about. | ||
44 | The GNU General Public License permits making a modified version and | ||
45 | letting the public access it on a server without ever releasing its | ||
46 | source code to the public. | ||
47 | |||
48 | The GNU Affero General Public License is designed specifically to | ||
49 | ensure that, in such cases, the modified source code becomes available | ||
50 | to the community. It requires the operator of a network server to | ||
51 | provide the source code of the modified version running there to the | ||
52 | users of that server. Therefore, public use of a modified version, on | ||
53 | a publicly accessible server, gives the public access to the source | ||
54 | code of the modified version. | ||
55 | |||
56 | An older license, called the Affero General Public License and | ||
57 | published by Affero, was designed to accomplish similar goals. This is | ||
58 | a different license, not a version of the Affero GPL, but Affero has | ||
59 | released a new version of the Affero GPL which permits relicensing under | ||
60 | this license. | ||
61 | |||
62 | The precise terms and conditions for copying, distribution and | ||
63 | modification follow. | ||
64 | |||
65 | @heading TERMS AND CONDITIONS | ||
66 | |||
67 | @enumerate 0 | ||
68 | @item Definitions. | ||
69 | |||
70 | ``This License'' refers to version 3 of the GNU Affero General Public License. | ||
71 | |||
72 | ``Copyright'' also means copyright-like laws that apply to other kinds | ||
73 | of works, such as semiconductor masks. | ||
74 | |||
75 | ``The Program'' refers to any copyrightable work licensed under this | ||
76 | License. Each licensee is addressed as ``you''. ``Licensees'' and | ||
77 | ``recipients'' may be individuals or organizations. | ||
78 | |||
79 | To ``modify'' a work means to copy from or adapt all or part of the work | ||
80 | in a fashion requiring copyright permission, other than the making of | ||
81 | an exact copy. The resulting work is called a ``modified version'' of | ||
82 | the earlier work or a work ``based on'' the earlier work. | ||
83 | |||
84 | A ``covered work'' means either the unmodified Program or a work based | ||
85 | on the Program. | ||
86 | |||
87 | To ``propagate'' a work means to do anything with it that, without | ||
88 | permission, would make you directly or secondarily liable for | ||
89 | infringement under applicable copyright law, except executing it on a | ||
90 | computer or modifying a private copy. Propagation includes copying, | ||
91 | distribution (with or without modification), making available to the | ||
92 | public, and in some countries other activities as well. | ||
93 | |||
94 | To ``convey'' a work means any kind of propagation that enables other | ||
95 | parties to make or receive copies. Mere interaction with a user | ||
96 | through a computer network, with no transfer of a copy, is not | ||
97 | conveying. | ||
98 | |||
99 | An interactive user interface displays ``Appropriate Legal Notices'' to | ||
100 | the extent that it includes a convenient and prominently visible | ||
101 | feature that (1) displays an appropriate copyright notice, and (2) | ||
102 | tells the user that there is no warranty for the work (except to the | ||
103 | extent that warranties are provided), that licensees may convey the | ||
104 | work under this License, and how to view a copy of this License. If | ||
105 | the interface presents a list of user commands or options, such as a | ||
106 | menu, a prominent item in the list meets this criterion. | ||
107 | |||
108 | @item Source Code. | ||
109 | |||
110 | The ``source code'' for a work means the preferred form of the work for | ||
111 | making modifications to it. ``Object code'' means any non-source form | ||
112 | of a work. | ||
113 | |||
114 | A ``Standard Interface'' means an interface that either is an official | ||
115 | standard defined by a recognized standards body, or, in the case of | ||
116 | interfaces specified for a particular programming language, one that | ||
117 | is widely used among developers working in that language. | ||
118 | |||
119 | The ``System Libraries'' of an executable work include anything, other | ||
120 | than the work as a whole, that (a) is included in the normal form of | ||
121 | packaging a Major Component, but which is not part of that Major | ||
122 | Component, and (b) serves only to enable use of the work with that | ||
123 | Major Component, or to implement a Standard Interface for which an | ||
124 | implementation is available to the public in source code form. A | ||
125 | ``Major Component'', in this context, means a major essential component | ||
126 | (kernel, window system, and so on) of the specific operating system | ||
127 | (if any) on which the executable work runs, or a compiler used to | ||
128 | produce the work, or an object code interpreter used to run it. | ||
129 | |||
130 | The ``Corresponding Source'' for a work in object code form means all | ||
131 | the source code needed to generate, install, and (for an executable | ||
132 | work) run the object code and to modify the work, including scripts to | ||
133 | control those activities. However, it does not include the work's | ||
134 | System Libraries, or general-purpose tools or generally available free | ||
135 | programs which are used unmodified in performing those activities but | ||
136 | which are not part of the work. For example, Corresponding Source | ||
137 | includes interface definition files associated with source files for | ||
138 | the work, and the source code for shared libraries and dynamically | ||
139 | linked subprograms that the work is specifically designed to require, | ||
140 | such as by intimate data communication or control flow between those | ||
141 | subprograms and other parts of the work. | ||
142 | |||
143 | The Corresponding Source need not include anything that users can | ||
144 | regenerate automatically from other parts of the Corresponding Source. | ||
145 | |||
146 | The Corresponding Source for a work in source code form is that same | ||
147 | work. | ||
148 | |||
149 | @item Basic Permissions. | ||
150 | |||
151 | All rights granted under this License are granted for the term of | ||
152 | copyright on the Program, and are irrevocable provided the stated | ||
153 | conditions are met. This License explicitly affirms your unlimited | ||
154 | permission to run the unmodified Program. The output from running a | ||
155 | covered work is covered by this License only if the output, given its | ||
156 | content, constitutes a covered work. This License acknowledges your | ||
157 | rights of fair use or other equivalent, as provided by copyright law. | ||
158 | |||
159 | You may make, run and propagate covered works that you do not convey, | ||
160 | without conditions so long as your license otherwise remains in force. | ||
161 | You may convey covered works to others for the sole purpose of having | ||
162 | them make modifications exclusively for you, or provide you with | ||
163 | facilities for running those works, provided that you comply with the | ||
164 | terms of this License in conveying all material for which you do not | ||
165 | control copyright. Those thus making or running the covered works for | ||
166 | you must do so exclusively on your behalf, under your direction and | ||
167 | control, on terms that prohibit them from making any copies of your | ||
168 | copyrighted material outside their relationship with you. | ||
169 | |||
170 | Conveying under any other circumstances is permitted solely under the | ||
171 | conditions stated below. Sublicensing is not allowed; section 10 | ||
172 | makes it unnecessary. | ||
173 | |||
174 | @item Protecting Users' Legal Rights From Anti-Circumvention Law. | ||
175 | |||
176 | No covered work shall be deemed part of an effective technological | ||
177 | measure under any applicable law fulfilling obligations under article | ||
178 | 11 of the WIPO copyright treaty adopted on 20 December 1996, or | ||
179 | similar laws prohibiting or restricting circumvention of such | ||
180 | measures. | ||
181 | |||
182 | When you convey a covered work, you waive any legal power to forbid | ||
183 | circumvention of technological measures to the extent such | ||
184 | circumvention is effected by exercising rights under this License with | ||
185 | respect to the covered work, and you disclaim any intention to limit | ||
186 | operation or modification of the work as a means of enforcing, against | ||
187 | the work's users, your or third parties' legal rights to forbid | ||
188 | circumvention of technological measures. | ||
189 | |||
190 | @item Conveying Verbatim Copies. | ||
191 | |||
192 | You may convey verbatim copies of the Program's source code as you | ||
193 | receive it, in any medium, provided that you conspicuously and | ||
194 | appropriately publish on each copy an appropriate copyright notice; | ||
195 | keep intact all notices stating that this License and any | ||
196 | non-permissive terms added in accord with section 7 apply to the code; | ||
197 | keep intact all notices of the absence of any warranty; and give all | ||
198 | recipients a copy of this License along with the Program. | ||
199 | |||
200 | You may charge any price or no price for each copy that you convey, | ||
201 | and you may offer support or warranty protection for a fee. | ||
202 | |||
203 | @item Conveying Modified Source Versions. | ||
204 | |||
205 | You may convey a work based on the Program, or the modifications to | ||
206 | produce it from the Program, in the form of source code under the | ||
207 | terms of section 4, provided that you also meet all of these | ||
208 | conditions: | ||
209 | |||
210 | @enumerate a | ||
211 | @item | ||
212 | The work must carry prominent notices stating that you modified it, | ||
213 | and giving a relevant date. | ||
214 | |||
215 | @item | ||
216 | The work must carry prominent notices stating that it is released | ||
217 | under this License and any conditions added under section 7. This | ||
218 | requirement modifies the requirement in section 4 to ``keep intact all | ||
219 | notices''. | ||
220 | |||
221 | @item | ||
222 | You must license the entire work, as a whole, under this License to | ||
223 | anyone who comes into possession of a copy. This License will | ||
224 | therefore apply, along with any applicable section 7 additional terms, | ||
225 | to the whole of the work, and all its parts, regardless of how they | ||
226 | are packaged. This License gives no permission to license the work in | ||
227 | any other way, but it does not invalidate such permission if you have | ||
228 | separately received it. | ||
229 | |||
230 | @item | ||
231 | If the work has interactive user interfaces, each must display | ||
232 | Appropriate Legal Notices; however, if the Program has interactive | ||
233 | interfaces that do not display Appropriate Legal Notices, your work | ||
234 | need not make them do so. | ||
235 | @end enumerate | ||
236 | |||
237 | A compilation of a covered work with other separate and independent | ||
238 | works, which are not by their nature extensions of the covered work, | ||
239 | and which are not combined with it such as to form a larger program, | ||
240 | in or on a volume of a storage or distribution medium, is called an | ||
241 | ``aggregate'' if the compilation and its resulting copyright are not | ||
242 | used to limit the access or legal rights of the compilation's users | ||
243 | beyond what the individual works permit. Inclusion of a covered work | ||
244 | in an aggregate does not cause this License to apply to the other | ||
245 | parts of the aggregate. | ||
246 | |||
247 | @item Conveying Non-Source Forms. | ||
248 | |||
249 | You may convey a covered work in object code form under the terms of | ||
250 | sections 4 and 5, provided that you also convey the machine-readable | ||
251 | Corresponding Source under the terms of this License, in one of these | ||
252 | ways: | ||
253 | |||
254 | @enumerate a | ||
255 | @item | ||
256 | Convey the object code in, or embodied in, a physical product | ||
257 | (including a physical distribution medium), accompanied by the | ||
258 | Corresponding Source fixed on a durable physical medium customarily | ||
259 | used for software interchange. | ||
260 | |||
261 | @item | ||
262 | Convey the object code in, or embodied in, a physical product | ||
263 | (including a physical distribution medium), accompanied by a written | ||
264 | offer, valid for at least three years and valid for as long as you | ||
265 | offer spare parts or customer support for that product model, to give | ||
266 | anyone who possesses the object code either (1) a copy of the | ||
267 | Corresponding Source for all the software in the product that is | ||
268 | covered by this License, on a durable physical medium customarily used | ||
269 | for software interchange, for a price no more than your reasonable | ||
270 | cost of physically performing this conveying of source, or (2) access | ||
271 | to copy the Corresponding Source from a network server at no charge. | ||
272 | |||
273 | @item | ||
274 | Convey individual copies of the object code with a copy of the written | ||
275 | offer to provide the Corresponding Source. This alternative is | ||
276 | allowed only occasionally and noncommercially, and only if you | ||
277 | received the object code with such an offer, in accord with subsection | ||
278 | 6b. | ||
279 | |||
280 | @item | ||
281 | Convey the object code by offering access from a designated place | ||
282 | (gratis or for a charge), and offer equivalent access to the | ||
283 | Corresponding Source in the same way through the same place at no | ||
284 | further charge. You need not require recipients to copy the | ||
285 | Corresponding Source along with the object code. If the place to copy | ||
286 | the object code is a network server, the Corresponding Source may be | ||
287 | on a different server (operated by you or a third party) that supports | ||
288 | equivalent copying facilities, provided you maintain clear directions | ||
289 | next to the object code saying where to find the Corresponding Source. | ||
290 | Regardless of what server hosts the Corresponding Source, you remain | ||
291 | obligated to ensure that it is available for as long as needed to | ||
292 | satisfy these requirements. | ||
293 | |||
294 | @item | ||
295 | Convey the object code using peer-to-peer transmission, provided you | ||
296 | inform other peers where the object code and Corresponding Source of | ||
297 | the work are being offered to the general public at no charge under | ||
298 | subsection 6d. | ||
299 | |||
300 | @end enumerate | ||
301 | |||
302 | A separable portion of the object code, whose source code is excluded | ||
303 | from the Corresponding Source as a System Library, need not be | ||
304 | included in conveying the object code work. | ||
305 | |||
306 | A ``User Product'' is either (1) a ``consumer product'', which means any | ||
307 | tangible personal property which is normally used for personal, | ||
308 | family, or household purposes, or (2) anything designed or sold for | ||
309 | incorporation into a dwelling. In determining whether a product is a | ||
310 | consumer product, doubtful cases shall be resolved in favor of | ||
311 | coverage. For a particular product received by a particular user, | ||
312 | ``normally used'' refers to a typical or common use of that class of | ||
313 | product, regardless of the status of the particular user or of the way | ||
314 | in which the particular user actually uses, or expects or is expected | ||
315 | to use, the product. A product is a consumer product regardless of | ||
316 | whether the product has substantial commercial, industrial or | ||
317 | non-consumer uses, unless such uses represent the only significant | ||
318 | mode of use of the product. | ||
319 | |||
320 | ``Installation Information'' for a User Product means any methods, | ||
321 | procedures, authorization keys, or other information required to | ||
322 | install and execute modified versions of a covered work in that User | ||
323 | Product from a modified version of its Corresponding Source. The | ||
324 | information must suffice to ensure that the continued functioning of | ||
325 | the modified object code is in no case prevented or interfered with | ||
326 | solely because modification has been made. | ||
327 | |||
328 | If you convey an object code work under this section in, or with, or | ||
329 | specifically for use in, a User Product, and the conveying occurs as | ||
330 | part of a transaction in which the right of possession and use of the | ||
331 | User Product is transferred to the recipient in perpetuity or for a | ||
332 | fixed term (regardless of how the transaction is characterized), the | ||
333 | Corresponding Source conveyed under this section must be accompanied | ||
334 | by the Installation Information. But this requirement does not apply | ||
335 | if neither you nor any third party retains the ability to install | ||
336 | modified object code on the User Product (for example, the work has | ||
337 | been installed in ROM). | ||
338 | |||
339 | The requirement to provide Installation Information does not include a | ||
340 | requirement to continue to provide support service, warranty, or | ||
341 | updates for a work that has been modified or installed by the | ||
342 | recipient, or for the User Product in which it has been modified or | ||
343 | installed. Access to a network may be denied when the modification | ||
344 | itself materially and adversely affects the operation of the network | ||
345 | or violates the rules and protocols for communication across the | ||
346 | network. | ||
347 | |||
348 | Corresponding Source conveyed, and Installation Information provided, | ||
349 | in accord with this section must be in a format that is publicly | ||
350 | documented (and with an implementation available to the public in | ||
351 | source code form), and must require no special password or key for | ||
352 | unpacking, reading or copying. | ||
353 | |||
354 | @item Additional Terms. | ||
355 | |||
356 | ``Additional permissions'' are terms that supplement the terms of this | ||
357 | License by making exceptions from one or more of its conditions. | ||
358 | Additional permissions that are applicable to the entire Program shall | ||
359 | be treated as though they were included in this License, to the extent | ||
360 | that they are valid under applicable law. If additional permissions | ||
361 | apply only to part of the Program, that part may be used separately | ||
362 | under those permissions, but the entire Program remains governed by | ||
363 | this License without regard to the additional permissions. | ||
364 | |||
365 | When you convey a copy of a covered work, you may at your option | ||
366 | remove any additional permissions from that copy, or from any part of | ||
367 | it. (Additional permissions may be written to require their own | ||
368 | removal in certain cases when you modify the work.) You may place | ||
369 | additional permissions on material, added by you to a covered work, | ||
370 | for which you have or can give appropriate copyright permission. | ||
371 | |||
372 | Notwithstanding any other provision of this License, for material you | ||
373 | add to a covered work, you may (if authorized by the copyright holders | ||
374 | of that material) supplement the terms of this License with terms: | ||
375 | |||
376 | @enumerate a | ||
377 | @item | ||
378 | Disclaiming warranty or limiting liability differently from the terms | ||
379 | of sections 15 and 16 of this License; or | ||
380 | |||
381 | @item | ||
382 | Requiring preservation of specified reasonable legal notices or author | ||
383 | attributions in that material or in the Appropriate Legal Notices | ||
384 | displayed by works containing it; or | ||
385 | |||
386 | @item | ||
387 | Prohibiting misrepresentation of the origin of that material, or | ||
388 | requiring that modified versions of such material be marked in | ||
389 | reasonable ways as different from the original version; or | ||
390 | |||
391 | @item | ||
392 | Limiting the use for publicity purposes of names of licensors or | ||
393 | authors of the material; or | ||
394 | |||
395 | @item | ||
396 | Declining to grant rights under trademark law for use of some trade | ||
397 | names, trademarks, or service marks; or | ||
398 | |||
399 | @item | ||
400 | Requiring indemnification of licensors and authors of that material by | ||
401 | anyone who conveys the material (or modified versions of it) with | ||
402 | contractual assumptions of liability to the recipient, for any | ||
403 | liability that these contractual assumptions directly impose on those | ||
404 | licensors and authors. | ||
405 | @end enumerate | ||
406 | |||
407 | All other non-permissive additional terms are considered ``further | ||
408 | restrictions'' within the meaning of section 10. If the Program as you | ||
409 | received it, or any part of it, contains a notice stating that it is | ||
410 | governed by this License along with a term that is a further | ||
411 | restriction, you may remove that term. If a license document contains | ||
412 | a further restriction but permits relicensing or conveying under this | ||
413 | License, you may add to a covered work material governed by the terms | ||
414 | of that license document, provided that the further restriction does | ||
415 | not survive such relicensing or conveying. | ||
416 | |||
417 | If you add terms to a covered work in accord with this section, you | ||
418 | must place, in the relevant source files, a statement of the | ||
419 | additional terms that apply to those files, or a notice indicating | ||
420 | where to find the applicable terms. | ||
421 | |||
422 | Additional terms, permissive or non-permissive, may be stated in the | ||
423 | form of a separately written license, or stated as exceptions; the | ||
424 | above requirements apply either way. | ||
425 | |||
426 | @item Termination. | ||
427 | |||
428 | You may not propagate or modify a covered work except as expressly | ||
429 | provided under this License. Any attempt otherwise to propagate or | ||
430 | modify it is void, and will automatically terminate your rights under | ||
431 | this License (including any patent licenses granted under the third | ||
432 | paragraph of section 11). | ||
433 | |||
434 | However, if you cease all violation of this License, then your license | ||
435 | from a particular copyright holder is reinstated (a) provisionally, | ||
436 | unless and until the copyright holder explicitly and finally | ||
437 | terminates your license, and (b) permanently, if the copyright holder | ||
438 | fails to notify you of the violation by some reasonable means prior to | ||
439 | 60 days after the cessation. | ||
440 | |||
441 | Moreover, your license from a particular copyright holder is | ||
442 | reinstated permanently if the copyright holder notifies you of the | ||
443 | violation by some reasonable means, this is the first time you have | ||
444 | received notice of violation of this License (for any work) from that | ||
445 | copyright holder, and you cure the violation prior to 30 days after | ||
446 | your receipt of the notice. | ||
447 | |||
448 | Termination of your rights under this section does not terminate the | ||
449 | licenses of parties who have received copies or rights from you under | ||
450 | this License. If your rights have been terminated and not permanently | ||
451 | reinstated, you do not qualify to receive new licenses for the same | ||
452 | material under section 10. | ||
453 | |||
454 | @item Acceptance Not Required for Having Copies. | ||
455 | |||
456 | You are not required to accept this License in order to receive or run | ||
457 | a copy of the Program. Ancillary propagation of a covered work | ||
458 | occurring solely as a consequence of using peer-to-peer transmission | ||
459 | to receive a copy likewise does not require acceptance. However, | ||
460 | nothing other than this License grants you permission to propagate or | ||
461 | modify any covered work. These actions infringe copyright if you do | ||
462 | not accept this License. Therefore, by modifying or propagating a | ||
463 | covered work, you indicate your acceptance of this License to do so. | ||
464 | |||
465 | @item Automatic Licensing of Downstream Recipients. | ||
466 | |||
467 | Each time you convey a covered work, the recipient automatically | ||
468 | receives a license from the original licensors, to run, modify and | ||
469 | propagate that work, subject to this License. You are not responsible | ||
470 | for enforcing compliance by third parties with this License. | ||
471 | |||
472 | An ``entity transaction'' is a transaction transferring control of an | ||
473 | organization, or substantially all assets of one, or subdividing an | ||
474 | organization, or merging organizations. If propagation of a covered | ||
475 | work results from an entity transaction, each party to that | ||
476 | transaction who receives a copy of the work also receives whatever | ||
477 | licenses to the work the party's predecessor in interest had or could | ||
478 | give under the previous paragraph, plus a right to possession of the | ||
479 | Corresponding Source of the work from the predecessor in interest, if | ||
480 | the predecessor has it or can get it with reasonable efforts. | ||
481 | |||
482 | You may not impose any further restrictions on the exercise of the | ||
483 | rights granted or affirmed under this License. For example, you may | ||
484 | not impose a license fee, royalty, or other charge for exercise of | ||
485 | rights granted under this License, and you may not initiate litigation | ||
486 | (including a cross-claim or counterclaim in a lawsuit) alleging that | ||
487 | any patent claim is infringed by making, using, selling, offering for | ||
488 | sale, or importing the Program or any portion of it. | ||
489 | |||
490 | @item Patents. | ||
491 | |||
492 | A ``contributor'' is a copyright holder who authorizes use under this | ||
493 | License of the Program or a work on which the Program is based. The | ||
494 | work thus licensed is called the contributor's ``contributor version''. | ||
495 | |||
496 | A contributor's ``essential patent claims'' are all patent claims owned | ||
497 | or controlled by the contributor, whether already acquired or | ||
498 | hereafter acquired, that would be infringed by some manner, permitted | ||
499 | by this License, of making, using, or selling its contributor version, | ||
500 | but do not include claims that would be infringed only as a | ||
501 | consequence of further modification of the contributor version. For | ||
502 | purposes of this definition, ``control'' includes the right to grant | ||
503 | patent sublicenses in a manner consistent with the requirements of | ||
504 | this License. | ||
505 | |||
506 | Each contributor grants you a non-exclusive, worldwide, royalty-free | ||
507 | patent license under the contributor's essential patent claims, to | ||
508 | make, use, sell, offer for sale, import and otherwise run, modify and | ||
509 | propagate the contents of its contributor version. | ||
510 | |||
511 | In the following three paragraphs, a ``patent license'' is any express | ||
512 | agreement or commitment, however denominated, not to enforce a patent | ||
513 | (such as an express permission to practice a patent or covenant not to | ||
514 | sue for patent infringement). To ``grant'' such a patent license to a | ||
515 | party means to make such an agreement or commitment not to enforce a | ||
516 | patent against the party. | ||
517 | |||
518 | If you convey a covered work, knowingly relying on a patent license, | ||
519 | and the Corresponding Source of the work is not available for anyone | ||
520 | to copy, free of charge and under the terms of this License, through a | ||
521 | publicly available network server or other readily accessible means, | ||
522 | then you must either (1) cause the Corresponding Source to be so | ||
523 | available, or (2) arrange to deprive yourself of the benefit of the | ||
524 | patent license for this particular work, or (3) arrange, in a manner | ||
525 | consistent with the requirements of this License, to extend the patent | ||
526 | license to downstream recipients. ``Knowingly relying'' means you have | ||
527 | actual knowledge that, but for the patent license, your conveying the | ||
528 | covered work in a country, or your recipient's use of the covered work | ||
529 | in a country, would infringe one or more identifiable patents in that | ||
530 | country that you have reason to believe are valid. | ||
531 | |||
532 | If, pursuant to or in connection with a single transaction or | ||
533 | arrangement, you convey, or propagate by procuring conveyance of, a | ||
534 | covered work, and grant a patent license to some of the parties | ||
535 | receiving the covered work authorizing them to use, propagate, modify | ||
536 | or convey a specific copy of the covered work, then the patent license | ||
537 | you grant is automatically extended to all recipients of the covered | ||
538 | work and works based on it. | ||
539 | |||
540 | A patent license is ``discriminatory'' if it does not include within the | ||
541 | scope of its coverage, prohibits the exercise of, or is conditioned on | ||
542 | the non-exercise of one or more of the rights that are specifically | ||
543 | granted under this License. You may not convey a covered work if you | ||
544 | are a party to an arrangement with a third party that is in the | ||
545 | business of distributing software, under which you make payment to the | ||
546 | third party based on the extent of your activity of conveying the | ||
547 | work, and under which the third party grants, to any of the parties | ||
548 | who would receive the covered work from you, a discriminatory patent | ||
549 | license (a) in connection with copies of the covered work conveyed by | ||
550 | you (or copies made from those copies), or (b) primarily for and in | ||
551 | connection with specific products or compilations that contain the | ||
552 | covered work, unless you entered into that arrangement, or that patent | ||
553 | license was granted, prior to 28 March 2007. | ||
554 | |||
555 | Nothing in this License shall be construed as excluding or limiting | ||
556 | any implied license or other defenses to infringement that may | ||
557 | otherwise be available to you under applicable patent law. | ||
558 | |||
559 | @item No Surrender of Others' Freedom. | ||
560 | |||
561 | If conditions are imposed on you (whether by court order, agreement or | ||
562 | otherwise) that contradict the conditions of this License, they do not | ||
563 | excuse you from the conditions of this License. If you cannot convey | ||
564 | a covered work so as to satisfy simultaneously your obligations under | ||
565 | this License and any other pertinent obligations, then as a | ||
566 | consequence you may not convey it at all. For example, if you agree | ||
567 | to terms that obligate you to collect a royalty for further conveying | ||
568 | from those to whom you convey the Program, the only way you could | ||
569 | satisfy both those terms and this License would be to refrain entirely | ||
570 | from conveying the Program. | ||
571 | |||
572 | @item Remote Network Interaction; Use with the GNU General Public License. | ||
573 | |||
574 | Notwithstanding any other provision of this License, if you modify the | ||
575 | Program, your modified version must prominently offer all users interacting | ||
576 | with it remotely through a computer network (if your version supports such | ||
577 | interaction) an opportunity to receive the Corresponding Source of your | ||
578 | version by providing access to the Corresponding Source from a network | ||
579 | server at no charge, through some standard or customary means of | ||
580 | facilitating copying of software. This Corresponding Source shall include | ||
581 | the Corresponding Source for any work covered by version 3 of the GNU | ||
582 | General Public License that is incorporated pursuant to the following | ||
583 | paragraph. | ||
584 | |||
585 | Notwithstanding any other provision of this License, you have permission to | ||
586 | link or combine any covered work with a work licensed under version 3 of | ||
587 | the GNU General Public License into a single combined work, and to convey | ||
588 | the resulting work. The terms of this License will continue to apply to | ||
589 | the part which is the covered work, but the work with which it is combined | ||
590 | will remain governed by version 3 of the GNU General Public License. | ||
591 | |||
592 | @item Revised Versions of this License. | ||
593 | |||
594 | The Free Software Foundation may publish revised and/or new versions | ||
595 | of the GNU Affero General Public License from time to time. Such new | ||
596 | versions will be similar in spirit to the present version, but may | ||
597 | differ in detail to address new problems or concerns. | ||
598 | |||
599 | Each version is given a distinguishing version number. If the Program | ||
600 | specifies that a certain numbered version of the GNU Affero General Public | ||
601 | License ``or any later version'' applies to it, you have the option of | ||
602 | following the terms and conditions either of that numbered version or | ||
603 | of any later version published by the Free Software Foundation. If | ||
604 | the Program does not specify a version number of the GNU Affero General | ||
605 | Public License, you may choose any version ever published by the Free | ||
606 | Software Foundation. | ||
607 | |||
608 | If the Program specifies that a proxy can decide which future versions | ||
609 | of the GNU Affero General Public License can be used, that proxy's public | ||
610 | statement of acceptance of a version permanently authorizes you to | ||
611 | choose that version for the Program. | ||
612 | |||
613 | Later license versions may give you additional or different | ||
614 | permissions. However, no additional obligations are imposed on any | ||
615 | author or copyright holder as a result of your choosing to follow a | ||
616 | later version. | ||
617 | |||
618 | @item Disclaimer of Warranty. | ||
619 | |||
620 | THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY | ||
621 | APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT | ||
622 | HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM ``AS IS'' WITHOUT | ||
623 | WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT | ||
624 | LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR | ||
625 | A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND | ||
626 | PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE | ||
627 | DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR | ||
628 | CORRECTION. | ||
629 | |||
630 | @item Limitation of Liability. | ||
631 | |||
632 | IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING | ||
633 | WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR | ||
634 | CONVEYS THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, | ||
635 | INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES | ||
636 | ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT | ||
637 | NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR | ||
638 | LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM | ||
639 | TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER | ||
640 | PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. | ||
641 | |||
642 | @item Interpretation of Sections 15 and 16. | ||
643 | |||
644 | If the disclaimer of warranty and limitation of liability provided | ||
645 | above cannot be given local legal effect according to their terms, | ||
646 | reviewing courts shall apply local law that most closely approximates | ||
647 | an absolute waiver of all civil liability in connection with the | ||
648 | Program, unless a warranty or assumption of liability accompanies a | ||
649 | copy of the Program in return for a fee. | ||
650 | |||
651 | @end enumerate | ||
652 | |||
653 | @heading END OF TERMS AND CONDITIONS | ||
654 | |||
655 | @heading How to Apply These Terms to Your New Programs | ||
656 | |||
657 | If you develop a new program, and you want it to be of the greatest | ||
658 | possible use to the public, the best way to achieve this is to make it | ||
659 | free software which everyone can redistribute and change under these | ||
660 | terms. | ||
661 | |||
662 | To do so, attach the following notices to the program. It is safest | ||
663 | to attach them to the start of each source file to most effectively | ||
664 | state the exclusion of warranty; and each file should have at least | ||
665 | the ``copyright'' line and a pointer to where the full notice is found. | ||
666 | |||
667 | @smallexample | ||
668 | @var{one line to give the program's name and a brief idea of what it does.} | ||
669 | Copyright (C) @var{year} @var{name of author} | ||
670 | |||
671 | This program is free software: you can redistribute it and/or modify | ||
672 | it under the terms of the GNU Affero General Public License as published by | ||
673 | the Free Software Foundation, either version 3 of the License, or (at | ||
674 | your option) any later version. | ||
675 | |||
676 | This program is distributed in the hope that it will be useful, but | ||
677 | WITHOUT ANY WARRANTY; without even the implied warranty of | ||
678 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | ||
679 | Affero General Public License for more details. | ||
680 | |||
681 | You should have received a copy of the GNU Affero General Public License | ||
682 | along with this program. If not, see @url{https://www.gnu.org/licenses/}. | ||
683 | @end smallexample | ||
684 | |||
685 | Also add information on how to contact you by electronic and paper mail. | ||
686 | |||
687 | If your software can interact with users remotely through a computer | ||
688 | network, you should also make sure that it provides a way for users to | ||
689 | get its source. For example, if your program is a web application, its | ||
690 | interface could display a ``Source'' link that leads users to an archive | ||
691 | of the code. There are many ways you could offer source, and different | ||
692 | solutions will be better for different programs; see section 13 for the | ||
693 | specific requirements. | ||
694 | |||
695 | You should also get your employer (if you work as a programmer) or school, | ||
696 | if any, to sign a ``copyright disclaimer'' for the program, if necessary. | ||
697 | For more information on this, and how to apply and follow the GNU AGPL, see | ||
698 | @url{https://www.gnu.org/licenses/}. | ||
diff --git a/doc/documentation/chapters/contributing.texi b/doc/documentation/chapters/contributing.texi index 745acca77..dc87de3d6 100644 --- a/doc/documentation/chapters/contributing.texi +++ b/doc/documentation/chapters/contributing.texi | |||
@@ -11,12 +11,14 @@ | |||
11 | @node Contributing to GNUnet | 11 | @node Contributing to GNUnet |
12 | @section Contributing to GNUnet | 12 | @section Contributing to GNUnet |
13 | 13 | ||
14 | @cindex licenses | ||
15 | @cindex licenses of contributions | ||
14 | @node Licenses of contributions | 16 | @node Licenses of contributions |
15 | @section Licenses of contributions | 17 | @section Licenses of contributions |
16 | 18 | ||
17 | GNUnet is a @uref{https://www.gnu.org/, GNU} package. | 19 | GNUnet is a @uref{https://www.gnu.org/, GNU} package. |
18 | All code contributions must thus be put under the | 20 | All code contributions must thus be put under the |
19 | @uref{https://www.gnu.org/copyleft/gpl.html, GNU Public License (GPL)}. | 21 | @uref{https://www.gnu.org/licenses/agpl.html, GNU Affero Public License (AGPL)}. |
20 | All documentation should be put under FSF approved licenses | 22 | All documentation should be put under FSF approved licenses |
21 | (see @uref{https://www.gnu.org/copyleft/fdl.html, fdl}). | 23 | (see @uref{https://www.gnu.org/copyleft/fdl.html, fdl}). |
22 | 24 | ||
@@ -40,7 +42,7 @@ rights, and in particular is allowed to dual-license the code. You | |||
40 | retain non-exclusive rights to your contributions, so you can also | 42 | retain non-exclusive rights to your contributions, so you can also |
41 | share your contributions freely with other projects. | 43 | share your contributions freely with other projects. |
42 | 44 | ||
43 | GNUnet e.V. will publish all accepted contributions under the GPLv3 | 45 | GNUnet e.V. will publish all accepted contributions under the AGPLv3 |
44 | or any later version. The association may decide to publish | 46 | or any later version. The association may decide to publish |
45 | contributions under additional licenses (dual-licensing). | 47 | contributions under additional licenses (dual-licensing). |
46 | 48 | ||
diff --git a/doc/documentation/chapters/developer.texi b/doc/documentation/chapters/developer.texi index 22b175a3f..1f74a8163 100644 --- a/doc/documentation/chapters/developer.texi +++ b/doc/documentation/chapters/developer.texi | |||
@@ -352,7 +352,7 @@ The DHT and other components of GNUnet | |||
352 | store information in units called 'blocks'. Each block has a type and the | 352 | store information in units called 'blocks'. Each block has a type and the |
353 | type defines a particular format and how that binary format is to be | 353 | type defines a particular format and how that binary format is to be |
354 | linked to a hash code (the key for the DHT and for databases). The block | 354 | linked to a hash code (the key for the DHT and for databases). The block |
355 | library is a wapper around block plugins which provide the necessary | 355 | library is a wrapper around block plugins which provide the necessary |
356 | functions for each block type. | 356 | functions for each block type. |
357 | @item @file{statistics/} --- statistics service | 357 | @item @file{statistics/} --- statistics service |
358 | The statistics service enables associating | 358 | The statistics service enables associating |
@@ -400,7 +400,7 @@ external service to test the local configuration. | |||
400 | Some transports (UDP and WLAN, mostly) have restrictions on the maximum | 400 | Some transports (UDP and WLAN, mostly) have restrictions on the maximum |
401 | transfer unit (MTU) for packets. The fragmentation library can be used to | 401 | transfer unit (MTU) for packets. The fragmentation library can be used to |
402 | break larger packets into chunks of at most 1k and transmit the resulting | 402 | break larger packets into chunks of at most 1k and transmit the resulting |
403 | fragments reliabily (with acknowledgement, retransmission, timeouts, | 403 | fragments reliably (with acknowledgment, retransmission, timeouts, |
404 | etc.). | 404 | etc.). |
405 | @item @file{transport/} --- transport service | 405 | @item @file{transport/} --- transport service |
406 | The transport service is responsible for managing the | 406 | The transport service is responsible for managing the |
@@ -425,8 +425,8 @@ the foundation for the testbed service | |||
425 | @item @file{testbed/} --- testbed service | 425 | @item @file{testbed/} --- testbed service |
426 | The testbed service is used for creating small or large scale deployments | 426 | The testbed service is used for creating small or large scale deployments |
427 | of GNUnet peers for evaluation of protocols. | 427 | of GNUnet peers for evaluation of protocols. |
428 | It facilitates peer depolyments on multiple | 428 | It facilitates peer deployments on multiple |
429 | hosts (for example, in a cluster) and establishing varous network | 429 | hosts (for example, in a cluster) and establishing various network |
430 | topologies (both underlay and overlay). | 430 | topologies (both underlay and overlay). |
431 | @item @file{nse/} --- Network Size Estimation | 431 | @item @file{nse/} --- Network Size Estimation |
432 | The network size estimation (NSE) service | 432 | The network size estimation (NSE) service |
@@ -1038,7 +1038,7 @@ if (0 == bar && x != y) | |||
1038 | @end example | 1038 | @end example |
1039 | 1039 | ||
1040 | @noindent | 1040 | @noindent |
1041 | Note that splitting the @code{if} statement above is debateable as the | 1041 | Note that splitting the @code{if} statement above is debatable as the |
1042 | @code{return x} is a very trivial statement. However, once the logic after | 1042 | @code{return x} is a very trivial statement. However, once the logic after |
1043 | the branch becomes more complicated (and is still identical), the "or" | 1043 | the branch becomes more complicated (and is still identical), the "or" |
1044 | formulation should be used for sure. | 1044 | formulation should be used for sure. |
@@ -1173,12 +1173,12 @@ for building applications under UNIX-like systems. Furthermore we | |||
1173 | assume that the build environment is sane and that you are aware of | 1173 | assume that the build environment is sane and that you are aware of |
1174 | any implications actions in this process could have. | 1174 | any implications actions in this process could have. |
1175 | Instructions here can be seen as notes for developers (an extension to | 1175 | Instructions here can be seen as notes for developers (an extension to |
1176 | the 'HACKING' section in README) as well as package mantainers. | 1176 | the 'HACKING' section in README) as well as package maintainers. |
1177 | @b{Users should rely on the available binary packages.} | 1177 | @b{Users should rely on the available binary packages.} |
1178 | We will use Debian as an example Operating System environment. Substitute | 1178 | We will use Debian as an example Operating System environment. Substitute |
1179 | accordingly with your own Ooperating System environment. | 1179 | accordingly with your own Operating System environment. |
1180 | 1180 | ||
1181 | For the full list of depenendencies, consult the appropriate, up-to-date | 1181 | For the full list of dependencies, consult the appropriate, up-to-date |
1182 | section in the @file{README} file. | 1182 | section in the @file{README} file. |
1183 | 1183 | ||
1184 | First, we need to build or install (depending on your OS) the following | 1184 | First, we need to build or install (depending on your OS) the following |
@@ -1442,7 +1442,7 @@ $ gnunet-gns-proxy-setup-ca | |||
1442 | @end example | 1442 | @end example |
1443 | 1443 | ||
1444 | @noindent | 1444 | @noindent |
1445 | The first generates the default zones, wheras the second setups the GNS | 1445 | The first generates the default zones, whereas the second setups the GNS |
1446 | Certificate Authority with the user's browser. Now, to activate GNS in the | 1446 | Certificate Authority with the user's browser. Now, to activate GNS in the |
1447 | normal DNS resolution process, you need to edit your | 1447 | normal DNS resolution process, you need to edit your |
1448 | @file{/etc/nsswitch.conf} where you should find a line like this: | 1448 | @file{/etc/nsswitch.conf} where you should find a line like this: |
@@ -1536,7 +1536,7 @@ This range can be customised with the function | |||
1536 | similar to @code{GNUNET_TESTING_system_create()} except that it take 2 | 1536 | similar to @code{GNUNET_TESTING_system_create()} except that it take 2 |
1537 | additional parameters --- the start and end of the port range to use. | 1537 | additional parameters --- the start and end of the port range to use. |
1538 | 1538 | ||
1539 | A TESTING system is destroyed with the funciton | 1539 | A TESTING system is destroyed with the function |
1540 | @code{GNUNET_TESTING_system_destory()}. This function takes the handle of | 1540 | @code{GNUNET_TESTING_system_destory()}. This function takes the handle of |
1541 | the system and a flag to remove the files created in the directory used | 1541 | the system and a flag to remove the files created in the directory used |
1542 | to generate configurations. | 1542 | to generate configurations. |
@@ -1545,7 +1545,7 @@ A peer is created with the function | |||
1545 | @code{GNUNET_TESTING_peer_configure()}. This functions takes the system | 1545 | @code{GNUNET_TESTING_peer_configure()}. This functions takes the system |
1546 | handle, a configuration template from which the configuration for the peer | 1546 | handle, a configuration template from which the configuration for the peer |
1547 | is auto-generated and the index from where the hostkey for the peer has to | 1547 | is auto-generated and the index from where the hostkey for the peer has to |
1548 | be copied from. When successfull, this function returs a handle to the | 1548 | be copied from. When successful, this function returns a handle to the |
1549 | peer which can be used to start and stop it and to obtain the identity of | 1549 | peer which can be used to start and stop it and to obtain the identity of |
1550 | the peer. If unsuccessful, a NULL pointer is returned with an error | 1550 | the peer. If unsuccessful, a NULL pointer is returned with an error |
1551 | message. This function handles the generated configuration to have | 1551 | message. This function handles the generated configuration to have |
@@ -1579,7 +1579,7 @@ to the handle to the peer to stop. The callback function is called with | |||
1579 | the given closure when the peer is stopped. Using this function | 1579 | the given closure when the peer is stopped. Using this function |
1580 | eliminates blocking while waiting for the peer to terminate. | 1580 | eliminates blocking while waiting for the peer to terminate. |
1581 | 1581 | ||
1582 | An asynchronous peer stop can be cancelled by calling the function | 1582 | An asynchronous peer stop can be canceled by calling the function |
1583 | @code{GNUNET_TESTING_peer_stop_async_cancel()}. Note that calling this | 1583 | @code{GNUNET_TESTING_peer_stop_async_cancel()}. Note that calling this |
1584 | function does not prevent the peer from terminating if the termination | 1584 | function does not prevent the peer from terminating if the termination |
1585 | signal has already been sent to it. It does, however, cancels the | 1585 | signal has already been sent to it. It does, however, cancels the |
@@ -1660,12 +1660,12 @@ simply load the plugin directly. | |||
1660 | To help avoid performance regressions, GNUnet uses Gauger. Gauger is a | 1660 | To help avoid performance regressions, GNUnet uses Gauger. Gauger is a |
1661 | simple logging tool that allows remote hosts to send performance data to | 1661 | simple logging tool that allows remote hosts to send performance data to |
1662 | a central server, where this data can be analyzed and visualized. Gauger | 1662 | a central server, where this data can be analyzed and visualized. Gauger |
1663 | shows graphs of the repository revisions and the performace data recorded | 1663 | shows graphs of the repository revisions and the performance data recorded |
1664 | for each revision, so sudden performance peaks or drops can be identified | 1664 | for each revision, so sudden performance peaks or drops can be identified |
1665 | and linked to a specific revision number. | 1665 | and linked to a specific revision number. |
1666 | 1666 | ||
1667 | In the case of GNUnet, the buildbots log the performance data obtained | 1667 | In the case of GNUnet, the buildbots log the performance data obtained |
1668 | during the tests after each build. The data can be accesed on GNUnet's | 1668 | during the tests after each build. The data can be accessed on GNUnet's |
1669 | Gauger page. | 1669 | Gauger page. |
1670 | 1670 | ||
1671 | The menu on the left allows to select either the results of just one | 1671 | The menu on the left allows to select either the results of just one |
@@ -1678,7 +1678,7 @@ performance evolution across all hosts. | |||
1678 | Using Gauger in GNUnet and having the performance of a module tracked over | 1678 | Using Gauger in GNUnet and having the performance of a module tracked over |
1679 | time is very easy. First of course, the testcase must generate some | 1679 | time is very easy. First of course, the testcase must generate some |
1680 | consistent metric, which makes sense to have logged. Highly volatile or | 1680 | consistent metric, which makes sense to have logged. Highly volatile or |
1681 | random dependant metrics probably are not ideal candidates for meaningful | 1681 | random dependent metrics probably are not ideal candidates for meaningful |
1682 | regression detection. | 1682 | regression detection. |
1683 | 1683 | ||
1684 | To start logging any value, just include @code{gauger.h} in your testcase | 1684 | To start logging any value, just include @code{gauger.h} in your testcase |
@@ -1890,7 +1890,7 @@ random links are to be given | |||
1890 | 1890 | ||
1891 | @item @code{GNUNET_TESTBED_TOPOLOGY_SCALE_FREE}: Connects peers in a | 1891 | @item @code{GNUNET_TESTBED_TOPOLOGY_SCALE_FREE}: Connects peers in a |
1892 | topology where peer connectivity follows power law - new peers are | 1892 | topology where peer connectivity follows power law - new peers are |
1893 | connected with high probabililty to well connected peers. | 1893 | connected with high probability to well connected peers. |
1894 | @footnote{See Emergence of Scaling in Random Networks. Science 286, | 1894 | @footnote{See Emergence of Scaling in Random Networks. Science 286, |
1895 | 509-512, 1999 | 1895 | 509-512, 1999 |
1896 | (@uref{https://gnunet.org/git/bibliography.git/plain/docs/emergence_of_scaling_in_random_networks__barabasi_albert_science_286__1999.pdf, pdf})} | 1896 | (@uref{https://gnunet.org/git/bibliography.git/plain/docs/emergence_of_scaling_in_random_networks__barabasi_albert_science_286__1999.pdf, pdf})} |
@@ -1931,7 +1931,7 @@ ignored for the rest of the topologies. | |||
1931 | Topology @code{SCALE_FREE} requires the options | 1931 | Topology @code{SCALE_FREE} requires the options |
1932 | @code{SCALE_FREE_TOPOLOGY_CAP} to be set to the maximum number of peers | 1932 | @code{SCALE_FREE_TOPOLOGY_CAP} to be set to the maximum number of peers |
1933 | which can connect to a peer and @code{SCALE_FREE_TOPOLOGY_M} to be set to | 1933 | which can connect to a peer and @code{SCALE_FREE_TOPOLOGY_M} to be set to |
1934 | how many peers a peer should be atleast connected to. | 1934 | how many peers a peer should be at least connected to. |
1935 | 1935 | ||
1936 | Similarly, the topology @code{FROM_FILE} requires the option | 1936 | Similarly, the topology @code{FROM_FILE} requires the option |
1937 | @code{OVERLAY_TOPOLOGY_FILE} to contain the path of the file containing | 1937 | @code{OVERLAY_TOPOLOGY_FILE} to contain the path of the file containing |
@@ -1977,7 +1977,7 @@ A topology file describes how peers are to be connected. It should adhere | |||
1977 | to the following format for testbed to parse it correctly. | 1977 | to the following format for testbed to parse it correctly. |
1978 | 1978 | ||
1979 | Each line should begin with the target peer id. This should be followed by | 1979 | Each line should begin with the target peer id. This should be followed by |
1980 | a colon(`:') and origin peer ids seperated by `|'. All spaces except for | 1980 | a colon(`:') and origin peer ids separated by `|'. All spaces except for |
1981 | newline characters are ignored. The API will then try to connect each | 1981 | newline characters are ignored. The API will then try to connect each |
1982 | origin peer to the target peer. | 1982 | origin peer to the target peer. |
1983 | 1983 | ||
@@ -2003,9 +2003,9 @@ deemed as crossed after all the peers waiting on it are notified. | |||
2003 | The barriers API provides the following functions: | 2003 | The barriers API provides the following functions: |
2004 | @itemize @bullet | 2004 | @itemize @bullet |
2005 | @item @strong{@code{GNUNET_TESTBED_barrier_init()}:} function to | 2005 | @item @strong{@code{GNUNET_TESTBED_barrier_init()}:} function to |
2006 | initialse a barrier in the experiment | 2006 | initialize a barrier in the experiment |
2007 | @item @strong{@code{GNUNET_TESTBED_barrier_cancel()}:} function to cancel | 2007 | @item @strong{@code{GNUNET_TESTBED_barrier_cancel()}:} function to cancel |
2008 | a barrier which has been initialised before | 2008 | a barrier which has been initialized before |
2009 | @item @strong{@code{GNUNET_TESTBED_barrier_wait()}:} function to signal | 2009 | @item @strong{@code{GNUNET_TESTBED_barrier_wait()}:} function to signal |
2010 | barrier service that the caller has reached a barrier and is waiting for | 2010 | barrier service that the caller has reached a barrier and is waiting for |
2011 | it to be crossed | 2011 | it to be crossed |
@@ -2122,7 +2122,7 @@ the large-scale deployment. We provide you a set of scripts you can use | |||
2122 | to deploy GNUnet on a set of nodes and manage your installation. | 2122 | to deploy GNUnet on a set of nodes and manage your installation. |
2123 | 2123 | ||
2124 | Please also check @uref{https://gnunet.org/installation-fedora8-svn} and | 2124 | Please also check @uref{https://gnunet.org/installation-fedora8-svn} and |
2125 | @uref{https://gnunet.org/installation-fedora12-svn} to find detailled | 2125 | @uref{https://gnunet.org/installation-fedora12-svn} to find detailed |
2126 | instructions how to install GNUnet on a PlanetLab node. | 2126 | instructions how to install GNUnet on a PlanetLab node. |
2127 | 2127 | ||
2128 | 2128 | ||
@@ -2148,7 +2148,7 @@ image, installing the buildslave software is quite some pain. For our | |||
2148 | PlanetLab testbed we figured out how to install the buildslave software | 2148 | PlanetLab testbed we figured out how to install the buildslave software |
2149 | best. | 2149 | best. |
2150 | 2150 | ||
2151 | @c This is a vvery terrible way to suggest installing software. | 2151 | @c This is a very terrible way to suggest installing software. |
2152 | @c FIXME: Is there an official, safer way instead of blind-piping a | 2152 | @c FIXME: Is there an official, safer way instead of blind-piping a |
2153 | @c script? | 2153 | @c script? |
2154 | @c FIXME: Use newer pypi URLs below. | 2154 | @c FIXME: Use newer pypi URLs below. |
@@ -2354,7 +2354,7 @@ for new developers): | |||
2354 | @item CPS-style scheduling (scheduler.c) | 2354 | @item CPS-style scheduling (scheduler.c) |
2355 | @item Program initialization (program.c) | 2355 | @item Program initialization (program.c) |
2356 | @item Networking (network.c, client.c, server*.c, service.c) | 2356 | @item Networking (network.c, client.c, server*.c, service.c) |
2357 | @item message queueing (mq.c) | 2357 | @item message queuing (mq.c) |
2358 | @item bandwidth calculations (bandwidth.c) | 2358 | @item bandwidth calculations (bandwidth.c) |
2359 | @item Other OS-related (os*.c, plugin.c, signal.c) | 2359 | @item Other OS-related (os*.c, plugin.c, signal.c) |
2360 | @item Pseudonym management (pseudonym.c) | 2360 | @item Pseudonym management (pseudonym.c) |
@@ -2425,7 +2425,7 @@ level to "loglevel". Thus it is possible to run some processes | |||
2425 | with -L DEBUG, for example, and others with -L ERROR to enable specific | 2425 | with -L DEBUG, for example, and others with -L ERROR to enable specific |
2426 | settings to diagnose problems with a particular process. | 2426 | settings to diagnose problems with a particular process. |
2427 | @item Configuration files. Because GNUnet | 2427 | @item Configuration files. Because GNUnet |
2428 | service and deamon processes are usually launched by gnunet-arm, it is not | 2428 | service and daemon processes are usually launched by gnunet-arm, it is not |
2429 | possible to pass different custom command line options directly to every | 2429 | possible to pass different custom command line options directly to every |
2430 | one of them. The options passed to @code{gnunet-arm} only affect | 2430 | one of them. The options passed to @code{gnunet-arm} only affect |
2431 | gnunet-arm and not the rest of GNUnet. However, one can specify a | 2431 | gnunet-arm and not the rest of GNUnet. However, one can specify a |
@@ -2717,7 +2717,7 @@ will have | |||
2717 | no effect. Other messages (ERROR, WARNING, INFO, etc) will be included. | 2717 | no effect. Other messages (ERROR, WARNING, INFO, etc) will be included. |
2718 | @item If @code{--enable-logging} is set to @code{verbose}, or | 2718 | @item If @code{--enable-logging} is set to @code{verbose}, or |
2719 | @code{veryverbose} the binary will contain DEBUG messages (still, it will | 2719 | @code{veryverbose} the binary will contain DEBUG messages (still, it will |
2720 | be neccessary to run with @command{-L DEBUG} or set the DEBUG config option | 2720 | be necessary to run with @command{-L DEBUG} or set the DEBUG config option |
2721 | to show | 2721 | to show |
2722 | them). | 2722 | them). |
2723 | @end itemize | 2723 | @end itemize |
@@ -2728,7 +2728,7 @@ If you are a developer: | |||
2728 | @item please make sure that you @code{./configure | 2728 | @item please make sure that you @code{./configure |
2729 | --enable-logging=@{verbose,veryverbose@}}, so you can see DEBUG messages. | 2729 | --enable-logging=@{verbose,veryverbose@}}, so you can see DEBUG messages. |
2730 | @item please remove the @code{#if} statements around @code{GNUNET_log | 2730 | @item please remove the @code{#if} statements around @code{GNUNET_log |
2731 | (GNUNET_ERROR_TYPE_DEBUG, ...)} lines, to improve the readibility of your | 2731 | (GNUNET_ERROR_TYPE_DEBUG, ...)} lines, to improve the readability of your |
2732 | code. | 2732 | code. |
2733 | @end itemize | 2733 | @end itemize |
2734 | 2734 | ||
@@ -2741,7 +2741,7 @@ A suitable configuration could be: | |||
2741 | $ export GNUNET_FORCE_LOG="^YOUR_SUBSYSTEM$;;;;DEBUG/;;;;WARNING" | 2741 | $ export GNUNET_FORCE_LOG="^YOUR_SUBSYSTEM$;;;;DEBUG/;;;;WARNING" |
2742 | @end example | 2742 | @end example |
2743 | 2743 | ||
2744 | Which will behave almost like enabling DEBUG in that subsytem before the | 2744 | Which will behave almost like enabling DEBUG in that subsystem before the |
2745 | change. Of course you can adapt it to your particular needs, this is only | 2745 | change. Of course you can adapt it to your particular needs, this is only |
2746 | a quick example. | 2746 | a quick example. |
2747 | 2747 | ||
@@ -2952,7 +2952,7 @@ function, which is set to @code{NULL} in most cases, and the last | |||
2952 | parameter is the expected size of the message of this type, usually we | 2952 | parameter is the expected size of the message of this type, usually we |
2953 | set it to 0 to accept variable size, for special cases the exact size of | 2953 | set it to 0 to accept variable size, for special cases the exact size of |
2954 | the specified message also can be set. In addition, the terminator sign | 2954 | the specified message also can be set. In addition, the terminator sign |
2955 | depicted as @code{@{NULL, NULL, 0, 0@}} is set in the last aera. | 2955 | depicted as @code{@{NULL, NULL, 0, 0@}} is set in the last area. |
2956 | 2956 | ||
2957 | @c *********************************************************************** | 2957 | @c *********************************************************************** |
2958 | @node Server - Process request message | 2958 | @node Server - Process request message |
@@ -3002,7 +3002,7 @@ understand the request message, and the processing of this request would | |||
3002 | be terminated. | 3002 | be terminated. |
3003 | 3003 | ||
3004 | In comparison to the aforementioned situation, when the argument is equal | 3004 | In comparison to the aforementioned situation, when the argument is equal |
3005 | to @code{GNUNET_OK}, the service would continue to process the requst | 3005 | to @code{GNUNET_OK}, the service would continue to process the request |
3006 | message. | 3006 | message. |
3007 | 3007 | ||
3008 | @c *********************************************************************** | 3008 | @c *********************************************************************** |
@@ -3151,7 +3151,7 @@ GNUnet uses SHA-512 for computing one-way hash codes. The API provides | |||
3151 | functions to compute a hash over a block in memory or over a file on disk. | 3151 | functions to compute a hash over a block in memory or over a file on disk. |
3152 | 3152 | ||
3153 | The crypto API also provides functions for randomizing a block of memory, | 3153 | The crypto API also provides functions for randomizing a block of memory, |
3154 | obtaining a single random number and for generating a permuation of the | 3154 | obtaining a single random number and for generating a permutation of the |
3155 | numbers 0 to n-1. Random number generation distinguishes between WEAK and | 3155 | numbers 0 to n-1. Random number generation distinguishes between WEAK and |
3156 | STRONG random number quality; WEAK random numbers are pseudo-random | 3156 | STRONG random number quality; WEAK random numbers are pseudo-random |
3157 | whereas STRONG random numbers use entropy gathered from the operating | 3157 | whereas STRONG random numbers use entropy gathered from the operating |
@@ -3230,7 +3230,7 @@ message. | |||
3230 | 3230 | ||
3231 | Consider the following simple message, with the body consisting of a | 3231 | Consider the following simple message, with the body consisting of a |
3232 | single number value. | 3232 | single number value. |
3233 | @c why the empy code function? | 3233 | @c why the empty code function? |
3234 | @code{} | 3234 | @code{} |
3235 | 3235 | ||
3236 | @example | 3236 | @example |
@@ -3505,7 +3505,7 @@ or in some other transient data structure and thus having the hash map | |||
3505 | keep a pointer to @code{key} would not work. Only the key inside of | 3505 | keep a pointer to @code{key} would not work. Only the key inside of |
3506 | @code{val} has the same lifetime as the entry in the map (this must of | 3506 | @code{val} has the same lifetime as the entry in the map (this must of |
3507 | course be checked as well). Naturally, @code{val->key} must be | 3507 | course be checked as well). Naturally, @code{val->key} must be |
3508 | intiialized before the @code{put} call. Once all @code{put} calls have | 3508 | initialized before the @code{put} call. Once all @code{put} calls have |
3509 | been converted and double-checked, you can change the call to create the | 3509 | been converted and double-checked, you can change the call to create the |
3510 | hash map from | 3510 | hash map from |
3511 | 3511 | ||
@@ -3893,7 +3893,7 @@ The goal of transport-level address validation is to minimize the chances | |||
3893 | of a successful man-in-the-middle attack against GNUnet peers on the | 3893 | of a successful man-in-the-middle attack against GNUnet peers on the |
3894 | transport level. Such an attack would not allow the adversary to decrypt | 3894 | transport level. Such an attack would not allow the adversary to decrypt |
3895 | the P2P transmissions, but a successful attacker could at least measure | 3895 | the P2P transmissions, but a successful attacker could at least measure |
3896 | traffic volumes and latencies (raising the adversaries capablities by | 3896 | traffic volumes and latencies (raising the adversaries capabilities by |
3897 | those of a global passive adversary in the worst case). The scenarios we | 3897 | those of a global passive adversary in the worst case). The scenarios we |
3898 | are concerned about is an attacker, Mallory, giving a @code{HELLO} to | 3898 | are concerned about is an attacker, Mallory, giving a @code{HELLO} to |
3899 | Alice that claims to be for Bob, but contains Mallory's IP address | 3899 | Alice that claims to be for Bob, but contains Mallory's IP address |
@@ -4019,7 +4019,7 @@ connected peers, but they are sent about other knowns peers within the | |||
4019 | to each other about their appropriate other neighbors. They also gossip | 4019 | to each other about their appropriate other neighbors. They also gossip |
4020 | about the newly connected peer to previously | 4020 | about the newly connected peer to previously |
4021 | connected neighbors. In order to keep the routing tables up to date, | 4021 | connected neighbors. In order to keep the routing tables up to date, |
4022 | disconnect notifications are propogated as gossip as well (because | 4022 | disconnect notifications are propagated as gossip as well (because |
4023 | disconnects may not be sent/received, timeouts are also used remove | 4023 | disconnects may not be sent/received, timeouts are also used remove |
4024 | stagnant routing table entries). | 4024 | stagnant routing table entries). |
4025 | 4025 | ||
@@ -4210,7 +4210,7 @@ to send and receive messages. | |||
4210 | 4210 | ||
4211 | We have measured the performance of the UDP, TCP and SMTP transport layer | 4211 | We have measured the performance of the UDP, TCP and SMTP transport layer |
4212 | directly and when used from an application using the GNUnet core. | 4212 | directly and when used from an application using the GNUnet core. |
4213 | Measureing just the transport layer gives the better view of the actual | 4213 | Measuring just the transport layer gives the better view of the actual |
4214 | overhead of the protocol, whereas evaluating the transport from the | 4214 | overhead of the protocol, whereas evaluating the transport from the |
4215 | application puts the overhead into perspective from a practical point of | 4215 | application puts the overhead into perspective from a practical point of |
4216 | view. | 4216 | view. |
@@ -4230,7 +4230,7 @@ wire have no impact on the timings. n messages were sent sequentially over | |||
4230 | the transport layer, sending message i+1 after the i-th message was | 4230 | the transport layer, sending message i+1 after the i-th message was |
4231 | received. All messages were sent over the same connection and the time to | 4231 | received. All messages were sent over the same connection and the time to |
4232 | establish the connection was not taken into account since this overhead is | 4232 | establish the connection was not taken into account since this overhead is |
4233 | miniscule in practice --- as long as a connection is used for a | 4233 | minuscule in practice --- as long as a connection is used for a |
4234 | significant number of messages. | 4234 | significant number of messages. |
4235 | 4235 | ||
4236 | @multitable @columnfractions .20 .15 .15 .15 .15 .15 | 4236 | @multitable @columnfractions .20 .15 .15 .15 .15 .15 |
@@ -4261,9 +4261,9 @@ given time-bounds. For this benchmark we report the message loss after | |||
4261 | allowing t time for sending m messages. If messages were not sent (or | 4261 | allowing t time for sending m messages. If messages were not sent (or |
4262 | received) after an overall timeout of t, they were considered lost. The | 4262 | received) after an overall timeout of t, they were considered lost. The |
4263 | benchmark was performed using two Xeon 2 GHZ machines running RedHat 8.0 | 4263 | benchmark was performed using two Xeon 2 GHZ machines running RedHat 8.0 |
4264 | with sendmail. The machines were connected with a direct 100 MBit ethernet | 4264 | with sendmail. The machines were connected with a direct 100 MBit Ethernet |
4265 | connection.@ Figures udp1200, tcp1200 and smtp-MTUs show that the | 4265 | connection.@ Figures udp1200, tcp1200 and smtp-MTUs show that the |
4266 | throughput for messages of size 1,200 octects is 2,343 kbps, 3,310 kbps | 4266 | throughput for messages of size 1,200 octets is 2,343 kbps, 3,310 kbps |
4267 | and 6 kbps for UDP, TCP and SMTP respectively. The high per-message | 4267 | and 6 kbps for UDP, TCP and SMTP respectively. The high per-message |
4268 | overhead of SMTP can be improved by increasing the MTU, for example, an | 4268 | overhead of SMTP can be improved by increasing the MTU, for example, an |
4269 | MTU of 12,000 octets improves the throughput to 13 kbps as figure | 4269 | MTU of 12,000 octets improves the throughput to 13 kbps as figure |
@@ -4308,7 +4308,7 @@ installed). | |||
4308 | For instructions about how to install the libraries you should | 4308 | For instructions about how to install the libraries you should |
4309 | check out the BlueZ site | 4309 | check out the BlueZ site |
4310 | (@uref{http://www.bluez.org/, http://www.bluez.org}). If you don't know if | 4310 | (@uref{http://www.bluez.org/, http://www.bluez.org}). If you don't know if |
4311 | you have the necesarry libraries, don't worry, just run the GNUnet | 4311 | you have the necessary libraries, don't worry, just run the GNUnet |
4312 | configure script and you will be able to see a notification at the end | 4312 | configure script and you will be able to see a notification at the end |
4313 | which will warn you if you don't have the necessary libraries. | 4313 | which will warn you if you don't have the necessary libraries. |
4314 | 4314 | ||
@@ -4336,7 +4336,7 @@ helper binary used on GNU/Linux: | |||
4336 | 4336 | ||
4337 | @itemize @bullet | 4337 | @itemize @bullet |
4338 | @item it verifies if the name corresponds to a Bluetooth interface name | 4338 | @item it verifies if the name corresponds to a Bluetooth interface name |
4339 | @item it verifies if the iterface is up (if it is not, it tries to bring | 4339 | @item it verifies if the interface is up (if it is not, it tries to bring |
4340 | it up) | 4340 | it up) |
4341 | @item it tries to enable the page and inquiry scan in order to make the | 4341 | @item it tries to enable the page and inquiry scan in order to make the |
4342 | device discoverable and to accept incoming connection requests | 4342 | device discoverable and to accept incoming connection requests |
@@ -4377,12 +4377,12 @@ Bluetooth address has the form 00:00:00:00:00:00 it means that there is | |||
4377 | something wrong with the D-Bus daemon or with the Bluetooth daemon. Use | 4377 | something wrong with the D-Bus daemon or with the Bluetooth daemon. Use |
4378 | @code{bluetoothd} tool to see the logs | 4378 | @code{bluetoothd} tool to see the logs |
4379 | 4379 | ||
4380 | @item @code{sdptool} can be used to control and interogate SDP servers. | 4380 | @item @code{sdptool} can be used to control and interrogate SDP servers. |
4381 | If you encounter problems regarding the SDP server (like the SDP server is | 4381 | If you encounter problems regarding the SDP server (like the SDP server is |
4382 | down) you should check out if the D-Bus daemon is running correctly and to | 4382 | down) you should check out if the D-Bus daemon is running correctly and to |
4383 | see if the Bluetooth daemon started correctly(use @code{bluetoothd} tool). | 4383 | see if the Bluetooth daemon started correctly(use @code{bluetoothd} tool). |
4384 | Also, sometimes the SDP service could work but somehow the device couldn't | 4384 | Also, sometimes the SDP service could work but somehow the device couldn't |
4385 | register his service. Use @code{sdptool browse [dev-address]} to see if | 4385 | register its service. Use @code{sdptool browse [dev-address]} to see if |
4386 | the service is registered. There should be a service with the name of the | 4386 | the service is registered. There should be a service with the name of the |
4387 | interface and GNUnet as provider. | 4387 | interface and GNUnet as provider. |
4388 | 4388 | ||
@@ -4464,11 +4464,11 @@ then start sending data for benchmarking. | |||
4464 | On Windows you cannot test the plugin functionality using two Bluetooth | 4464 | On Windows you cannot test the plugin functionality using two Bluetooth |
4465 | devices from the same machine because after you install the drivers there | 4465 | devices from the same machine because after you install the drivers there |
4466 | will occur some conflicts between the Bluetooth stacks. (At least that is | 4466 | will occur some conflicts between the Bluetooth stacks. (At least that is |
4467 | what happend on my machine : I wasn't able to use the Bluesoleil stack and | 4467 | what happened on my machine : I wasn't able to use the Bluesoleil stack and |
4468 | the WINDCOMM one in the same time). | 4468 | the WINDCOMM one in the same time). |
4469 | 4469 | ||
4470 | If you have two different machines and your configuration files are good | 4470 | If you have two different machines and your configuration files are good |
4471 | you can use the same scenario presented on the begining of this section. | 4471 | you can use the same scenario presented on the beginning of this section. |
4472 | 4472 | ||
4473 | Another way to test the plugin functionality is to create your own | 4473 | Another way to test the plugin functionality is to create your own |
4474 | application which will use the GNUnet framework with the Bluetooth | 4474 | application which will use the GNUnet framework with the Bluetooth |
@@ -4483,8 +4483,8 @@ This page describes the implementation of the Bluetooth transport plugin. | |||
4483 | First I want to remind you that the Bluetooth transport plugin uses | 4483 | First I want to remind you that the Bluetooth transport plugin uses |
4484 | virtually the same code as the WLAN plugin and only the helper binary is | 4484 | virtually the same code as the WLAN plugin and only the helper binary is |
4485 | different. Also the scope of the helper binary from the Bluetooth | 4485 | different. Also the scope of the helper binary from the Bluetooth |
4486 | transport plugin is the same as the one used for the wlan transport | 4486 | transport plugin is the same as the one used for the WLAN transport |
4487 | plugin: it acceses the interface and then it forwards traffic in both | 4487 | plugin: it accesses the interface and then it forwards traffic in both |
4488 | directions between the Bluetooth interface and stdin/stdout of the | 4488 | directions between the Bluetooth interface and stdin/stdout of the |
4489 | process involved. | 4489 | process involved. |
4490 | 4490 | ||
@@ -4525,8 +4525,8 @@ Bluetooth interface) and is separated in two stages: | |||
4525 | @subsubsection THE INITIALIZATION | 4525 | @subsubsection THE INITIALIZATION |
4526 | 4526 | ||
4527 | @itemize @bullet | 4527 | @itemize @bullet |
4528 | @item first, it checks if we have root privilegies | 4528 | @item first, it checks if we have root privileges |
4529 | (@emph{Remember that we need to have root privilegies in order to be able | 4529 | (@emph{Remember that we need to have root privileges in order to be able |
4530 | to bring the interface up if it is down or to change its state.}). | 4530 | to bring the interface up if it is down or to change its state.}). |
4531 | 4531 | ||
4532 | @item second, it verifies if the interface with the given name exists. | 4532 | @item second, it verifies if the interface with the given name exists. |
@@ -4551,7 +4551,7 @@ discoverable | |||
4551 | devices to get the port on which this device is listening on) | 4551 | devices to get the port on which this device is listening on) |
4552 | @end itemize | 4552 | @end itemize |
4553 | 4553 | ||
4554 | @item drops the root privilegies | 4554 | @item drops the root privileges |
4555 | 4555 | ||
4556 | @strong{If the interface is not a Bluetooth interface the helper exits | 4556 | @strong{If the interface is not a Bluetooth interface the helper exits |
4557 | with a suitable error} | 4557 | with a suitable error} |
@@ -4596,7 +4596,7 @@ the STDOUT file descriptor, then we write to STDOUT the message from the | |||
4596 | @emph{write_std} buffer. | 4596 | @emph{write_std} buffer. |
4597 | 4597 | ||
4598 | To find out on which port a device is listening on we connect to the local | 4598 | To find out on which port a device is listening on we connect to the local |
4599 | SDP server and searche the registered service for that device. | 4599 | SDP server and search the registered service for that device. |
4600 | 4600 | ||
4601 | @emph{You should be aware of the fact that if the device fails to connect | 4601 | @emph{You should be aware of the fact that if the device fails to connect |
4602 | to another one when trying to send a message it will attempt one more | 4602 | to another one when trying to send a message it will attempt one more |
@@ -4659,17 +4659,17 @@ For Windows I decided to use the Microsoft Bluetooth stack which has the | |||
4659 | advantage of coming standard from Windows XP SP2. The main disadvantage is | 4659 | advantage of coming standard from Windows XP SP2. The main disadvantage is |
4660 | that it only supports the RFCOMM protocol so we will not be able to have | 4660 | that it only supports the RFCOMM protocol so we will not be able to have |
4661 | a low level control over the Bluetooth device. Therefore it is the user | 4661 | a low level control over the Bluetooth device. Therefore it is the user |
4662 | responsability to check if the device is up and in the discoverable mode. | 4662 | responsibility to check if the device is up and in the discoverable mode. |
4663 | Also there are no tools which could be used for debugging in order to read | 4663 | Also there are no tools which could be used for debugging in order to read |
4664 | the data coming from and going to a Bluetooth device, which obviously | 4664 | the data coming from and going to a Bluetooth device, which obviously |
4665 | hindered my work. Another thing that slowed down the implementation of the | 4665 | hindered my work. Another thing that slowed down the implementation of the |
4666 | plugin (besides that I wasn't too accomodated with the win32 API) was that | 4666 | plugin (besides that I wasn't too accommodated with the win32 API) was that |
4667 | there were some bugs on MinGW regarding the Bluetooth. Now they are solved | 4667 | there were some bugs on MinGW regarding the Bluetooth. Now they are solved |
4668 | but you should keep in mind that you should have the latest updates | 4668 | but you should keep in mind that you should have the latest updates |
4669 | (especially the @emph{ws2bth} header). | 4669 | (especially the @emph{ws2bth} header). |
4670 | 4670 | ||
4671 | Besides the fact that it uses the Windows Sockets, the Windows | 4671 | Besides the fact that it uses the Windows Sockets, the Windows |
4672 | implemenation follows the same principles as the GNU/Linux one: | 4672 | implementation follows the same principles as the GNU/Linux one: |
4673 | 4673 | ||
4674 | @itemize @bullet | 4674 | @itemize @bullet |
4675 | @item It has a initalization part where it initializes the | 4675 | @item It has a initalization part where it initializes the |
@@ -4714,7 +4714,7 @@ broadcast messages. When it receives a broadcast message it will skip it. | |||
4714 | @item Implement the broadcast functionality on Windows @emph{(currently | 4714 | @item Implement the broadcast functionality on Windows @emph{(currently |
4715 | working on)} | 4715 | working on)} |
4716 | @item Implement a testcase for the helper :@ @emph{The testcase | 4716 | @item Implement a testcase for the helper :@ @emph{The testcase |
4717 | consists of a program which emaluates the plugin and uses the helper. It | 4717 | consists of a program which emulates the plugin and uses the helper. It |
4718 | will simulate connections, disconnections and data transfers.} | 4718 | will simulate connections, disconnections and data transfers.} |
4719 | @end itemize | 4719 | @end itemize |
4720 | 4720 | ||
@@ -4902,7 +4902,7 @@ peers connecting, peers disconnecting and incoming messages) and send | |||
4902 | messages to connected peers using | 4902 | messages to connected peers using |
4903 | @code{GNUNET_CORE_notify_transmit_ready}. Note that applications must | 4903 | @code{GNUNET_CORE_notify_transmit_ready}. Note that applications must |
4904 | cancel pending transmission requests if they receive a disconnect event | 4904 | cancel pending transmission requests if they receive a disconnect event |
4905 | for a peer that had a transmission pending; furthermore, queueing more | 4905 | for a peer that had a transmission pending; furthermore, queuing more |
4906 | than one transmission request per peer per application using the | 4906 | than one transmission request per peer per application using the |
4907 | service is not permitted. | 4907 | service is not permitted. |
4908 | 4908 | ||
@@ -5197,11 +5197,11 @@ The API is heavily base on the CORE API. | |||
5197 | CADET delivers messages to other peers in "channels". | 5197 | CADET delivers messages to other peers in "channels". |
5198 | A channel is a permanent connection defined by a destination peer | 5198 | A channel is a permanent connection defined by a destination peer |
5199 | (identified by its public key) and a port number. | 5199 | (identified by its public key) and a port number. |
5200 | Internally, CADET tunnels all channels towards a destiantion peer | 5200 | Internally, CADET tunnels all channels towards a destination peer |
5201 | using one session key and relays the data on multiple "connections", | 5201 | using one session key and relays the data on multiple "connections", |
5202 | independent from the channels. | 5202 | independent from the channels. |
5203 | 5203 | ||
5204 | Each channel has optional paramenters, the most important being the | 5204 | Each channel has optional parameters, the most important being the |
5205 | reliability flag. | 5205 | reliability flag. |
5206 | Should a message get lost on TRANSPORT/CORE level, if a channel is | 5206 | Should a message get lost on TRANSPORT/CORE level, if a channel is |
5207 | created with as reliable, CADET will retransmit the lost message and | 5207 | created with as reliable, CADET will retransmit the lost message and |
@@ -5242,15 +5242,15 @@ case. To be alerted when a channel is online, a client can call | |||
5242 | @code{GNUNET_CADET_notify_transmit_ready} immediately after | 5242 | @code{GNUNET_CADET_notify_transmit_ready} immediately after |
5243 | @code{GNUNET_CADET_create_channel}. When the callback is activated, it | 5243 | @code{GNUNET_CADET_create_channel}. When the callback is activated, it |
5244 | means that the channel is online. The callback can give 0 bytes to CADET | 5244 | means that the channel is online. The callback can give 0 bytes to CADET |
5245 | if no message is to be sent, this is ok. | 5245 | if no message is to be sent, this is OK. |
5246 | 5246 | ||
5247 | If a transmission was requested but before the callback fires it is no | 5247 | If a transmission was requested but before the callback fires it is no |
5248 | longer needed, it can be cancelled with | 5248 | longer needed, it can be canceled with |
5249 | @code{GNUNET_CADET_notify_transmit_ready_cancel}, which uses the handle | 5249 | @code{GNUNET_CADET_notify_transmit_ready_cancel}, which uses the handle |
5250 | given back by @code{GNUNET_CADET_notify_transmit_ready}. | 5250 | given back by @code{GNUNET_CADET_notify_transmit_ready}. |
5251 | As in the case of CORE, only one message can be requested at a time: a | 5251 | As in the case of CORE, only one message can be requested at a time: a |
5252 | client must not call @code{GNUNET_CADET_notify_transmit_ready} again until | 5252 | client must not call @code{GNUNET_CADET_notify_transmit_ready} again until |
5253 | the callback is called or the request is cancelled. | 5253 | the callback is called or the request is canceled. |
5254 | 5254 | ||
5255 | When a channel is no longer needed, a client can call | 5255 | When a channel is no longer needed, a client can call |
5256 | @code{GNUNET_CADET_channel_destroy} to get rid of it. | 5256 | @code{GNUNET_CADET_channel_destroy} to get rid of it. |
@@ -5298,10 +5298,10 @@ all of the details can be found in this technical report. | |||
5298 | @subsection Motivation | 5298 | @subsection Motivation |
5299 | 5299 | ||
5300 | 5300 | ||
5301 | Some subsytems, like DHT, need to know the size of the GNUnet network to | 5301 | Some subsystems, like DHT, need to know the size of the GNUnet network to |
5302 | optimize some parameters of their own protocol. The decentralized nature | 5302 | optimize some parameters of their own protocol. The decentralized nature |
5303 | of GNUnet makes efficient and securely counting the exact number of peers | 5303 | of GNUnet makes efficient and securely counting the exact number of peers |
5304 | infeasable. Although there are several decentralized algorithms to count | 5304 | infeasible. Although there are several decentralized algorithms to count |
5305 | the number of peers in a system, so far there is none to do so securely. | 5305 | the number of peers in a system, so far there is none to do so securely. |
5306 | Other protocols may allow any malicious peer to manipulate the final | 5306 | Other protocols may allow any malicious peer to manipulate the final |
5307 | result or to take advantage of the system to perform | 5307 | result or to take advantage of the system to perform |
@@ -5323,7 +5323,7 @@ GNUnet's NSE protocol avoids these drawbacks. | |||
5323 | The NSE subsystem is designed to be resilient against these attacks. | 5323 | The NSE subsystem is designed to be resilient against these attacks. |
5324 | It uses @uref{http://en.wikipedia.org/wiki/Proof-of-work_system, proofs of work} | 5324 | It uses @uref{http://en.wikipedia.org/wiki/Proof-of-work_system, proofs of work} |
5325 | to prevent one peer from impersonating a large number of participants, | 5325 | to prevent one peer from impersonating a large number of participants, |
5326 | which would otherwise allow an adversary to artifically inflate the | 5326 | which would otherwise allow an adversary to artificially inflate the |
5327 | estimate. | 5327 | estimate. |
5328 | The DoS protection comes from the time-based nature of the protocol: | 5328 | The DoS protection comes from the time-based nature of the protocol: |
5329 | the estimates are calculated periodically and out-of-time traffic is | 5329 | the estimates are calculated periodically and out-of-time traffic is |
@@ -5385,7 +5385,7 @@ to all the other peers, who will calculate the estimate from it. | |||
5385 | The target value itself is generated by hashing the current time, rounded | 5385 | The target value itself is generated by hashing the current time, rounded |
5386 | down to an agreed value. If the rounding amount is 1h (default) and the | 5386 | down to an agreed value. If the rounding amount is 1h (default) and the |
5387 | time is 12:34:56, the time to hash would be 12:00:00. The process is | 5387 | time is 12:34:56, the time to hash would be 12:00:00. The process is |
5388 | repeated each rouning amount (in this example would be every hour). | 5388 | repeated each rounding amount (in this example would be every hour). |
5389 | Every repetition is called a round. | 5389 | Every repetition is called a round. |
5390 | 5390 | ||
5391 | @node Timing | 5391 | @node Timing |
@@ -5397,12 +5397,12 @@ its ID all at one. Once each peer has the target random value, it | |||
5397 | compares its own ID to the target and calculates the hypothetical size of | 5397 | compares its own ID to the target and calculates the hypothetical size of |
5398 | the network if that peer were to be the closest. | 5398 | the network if that peer were to be the closest. |
5399 | Then it compares the hypothetical size with the estimate from the previous | 5399 | Then it compares the hypothetical size with the estimate from the previous |
5400 | rounds. For each value there is an assiciated point in the period, | 5400 | rounds. For each value there is an associated point in the period, |
5401 | let's call it "broadcast time". If its own hypothetical estimate | 5401 | let's call it "broadcast time". If its own hypothetical estimate |
5402 | is the same as the previous global estimate, its "broadcast time" will be | 5402 | is the same as the previous global estimate, its "broadcast time" will be |
5403 | in the middle of the round. If its bigger it will be earlier and if its | 5403 | in the middle of the round. If its bigger it will be earlier and if its |
5404 | smaller (the most likely case) it will be later. This ensures that the | 5404 | smaller (the most likely case) it will be later. This ensures that the |
5405 | peers closests to the target value start broadcasting their ID the first. | 5405 | peers closest to the target value start broadcasting their ID the first. |
5406 | 5406 | ||
5407 | @node Controlled Flooding | 5407 | @node Controlled Flooding |
5408 | @subsubsection Controlled Flooding | 5408 | @subsubsection Controlled Flooding |
@@ -5415,7 +5415,7 @@ with a message containing the better value. Then it checks a proof of | |||
5415 | work that must be included in the incoming message, to ensure that the | 5415 | work that must be included in the incoming message, to ensure that the |
5416 | other peer's ID is not made up (otherwise a malicious peer could claim to | 5416 | other peer's ID is not made up (otherwise a malicious peer could claim to |
5417 | have an ID of exactly the target value every round). Once validated, it | 5417 | have an ID of exactly the target value every round). Once validated, it |
5418 | compares the brodcast time of the received value with the current time | 5418 | compares the broadcast time of the received value with the current time |
5419 | and if it's not too early, sends the received value to its neighbors. | 5419 | and if it's not too early, sends the received value to its neighbors. |
5420 | Otherwise it stores the value until the correct broadcast time comes. | 5420 | Otherwise it stores the value until the correct broadcast time comes. |
5421 | This prevents unnecessary traffic of sub-optimal values, since a better | 5421 | This prevents unnecessary traffic of sub-optimal values, since a better |
@@ -5429,7 +5429,7 @@ to the neighbors. | |||
5429 | @c %**end of header | 5429 | @c %**end of header |
5430 | 5430 | ||
5431 | Once the closest ID has been spread across the network each peer gets the | 5431 | Once the closest ID has been spread across the network each peer gets the |
5432 | exact distance betweed this ID and the target value of the round and | 5432 | exact distance between this ID and the target value of the round and |
5433 | calculates the estimate with a mathematical formula described in the tech | 5433 | calculates the estimate with a mathematical formula described in the tech |
5434 | report. The estimate generated with this method for a single round is not | 5434 | report. The estimate generated with this method for a single round is not |
5435 | very precise. Remember the case of the example, where the only peer is the | 5435 | very precise. Remember the case of the example, where the only peer is the |
@@ -5453,7 +5453,7 @@ calls: @code{GNUNET_NSE_connect} and @code{GNUNET_NSE_disconnect}. | |||
5453 | The connect call gets a callback function as a parameter and this function | 5453 | The connect call gets a callback function as a parameter and this function |
5454 | is called each time the network agrees on an estimate. This usually is | 5454 | is called each time the network agrees on an estimate. This usually is |
5455 | once per round, with some exceptions: if the closest peer has a late | 5455 | once per round, with some exceptions: if the closest peer has a late |
5456 | local clock and starts spreading his ID after everyone else agreed on a | 5456 | local clock and starts spreading its ID after everyone else agreed on a |
5457 | value, the callback might be activated twice in a round, the second value | 5457 | value, the callback might be activated twice in a round, the second value |
5458 | being always bigger than the first. The default round time is set to | 5458 | being always bigger than the first. The default round time is set to |
5459 | 1 hour. | 5459 | 1 hour. |
@@ -5503,7 +5503,7 @@ size is between one third and three times the estimate. This can of | |||
5503 | course vary with network conditions. | 5503 | course vary with network conditions. |
5504 | Thus, applications may want to also consider the provided standard | 5504 | Thus, applications may want to also consider the provided standard |
5505 | deviation value, not only the average (in particular, if the standard | 5505 | deviation value, not only the average (in particular, if the standard |
5506 | veriation is very high, the average maybe meaningless: the network size is | 5506 | variation is very high, the average maybe meaningless: the network size is |
5507 | changing rapidly). | 5507 | changing rapidly). |
5508 | 5508 | ||
5509 | @node libgnunetnse - Examples | 5509 | @node libgnunetnse - Examples |
@@ -5579,12 +5579,12 @@ is what we are flooding the network with right now. | |||
5579 | At the beginning of each round the peer does the following: | 5579 | At the beginning of each round the peer does the following: |
5580 | 5580 | ||
5581 | @itemize @bullet | 5581 | @itemize @bullet |
5582 | @item calculates his own distance to the target value | 5582 | @item calculates its own distance to the target value |
5583 | @item creates, signs and stores the message for the current round (unless | 5583 | @item creates, signs and stores the message for the current round (unless |
5584 | it has a better message in the "next round" slot which came early in the | 5584 | it has a better message in the "next round" slot which came early in the |
5585 | previous round) | 5585 | previous round) |
5586 | @item calculates, based on the stored round message (own or received) when | 5586 | @item calculates, based on the stored round message (own or received) when |
5587 | to stard flooding it to its neighbors | 5587 | to start flooding it to its neighbors |
5588 | @end itemize | 5588 | @end itemize |
5589 | 5589 | ||
5590 | Upon receiving a message the peer checks the validity of the message | 5590 | Upon receiving a message the peer checks the validity of the message |
@@ -6085,7 +6085,7 @@ convenience API to do just that. Use @code{GNUNET_IDENTITY_ego_lookup} to | |||
6085 | lookup a single ego by name. Note that this is the user's name for the | 6085 | lookup a single ego by name. Note that this is the user's name for the |
6086 | ego, not the service function. The resulting ego will be returned via a | 6086 | ego, not the service function. The resulting ego will be returned via a |
6087 | callback and will only be valid during that callback. The operation can | 6087 | callback and will only be valid during that callback. The operation can |
6088 | be cancelled via @code{GNUNET_IDENTITY_ego_lookup_cancel} | 6088 | be canceled via @code{GNUNET_IDENTITY_ego_lookup_cancel} |
6089 | (cancellation is only legal before the callback is invoked). | 6089 | (cancellation is only legal before the callback is invoked). |
6090 | 6090 | ||
6091 | @node Associating egos with service functions | 6091 | @node Associating egos with service functions |
@@ -6215,8 +6215,8 @@ So a client has first to retrieve records, merge with existing records | |||
6215 | and then store the result. | 6215 | and then store the result. |
6216 | 6216 | ||
6217 | To perform a lookup operation, the client uses the | 6217 | To perform a lookup operation, the client uses the |
6218 | @code{GNUNET_NAMESTORE_records_store} function. Here he has to pass the | 6218 | @code{GNUNET_NAMESTORE_records_store} function. Here it has to pass the |
6219 | namestore handle, the private key of the zone and the label. He also has | 6219 | namestore handle, the private key of the zone and the label. It also has |
6220 | to provide a callback function which will be called with the result of | 6220 | to provide a callback function which will be called with the result of |
6221 | the lookup operation: | 6221 | the lookup operation: |
6222 | the zone for the records, the label, and the records including the | 6222 | the zone for the records, the label, and the records including the |
@@ -6239,7 +6239,7 @@ by NAMESTORE. | |||
6239 | Here a client uses the @code{GNUNET_NAMESTORE_zone_iteration_start} | 6239 | Here a client uses the @code{GNUNET_NAMESTORE_zone_iteration_start} |
6240 | function and passes the namestore handle, the zone to iterate over and a | 6240 | function and passes the namestore handle, the zone to iterate over and a |
6241 | callback function to call with the result. | 6241 | callback function to call with the result. |
6242 | If the client wants to iterate over all the, he passes NULL for the zone. | 6242 | If the client wants to iterate over all the WHAT!? FIXME, it passes NULL for the zone. |
6243 | A @code{GNUNET_NAMESTORE_ZoneIterator} handle is returned to be used to | 6243 | A @code{GNUNET_NAMESTORE_ZoneIterator} handle is returned to be used to |
6244 | continue iteration. | 6244 | continue iteration. |
6245 | 6245 | ||
@@ -6658,7 +6658,7 @@ The size of an element's data is limited to around 62 KB. | |||
6658 | 6658 | ||
6659 | Sets created by a local client can be modified and reused for multiple | 6659 | Sets created by a local client can be modified and reused for multiple |
6660 | operations. As each set operation requires potentially expensive special | 6660 | operations. As each set operation requires potentially expensive special |
6661 | auxilliary data to be computed for each element of a set, a set can only | 6661 | auxiliary data to be computed for each element of a set, a set can only |
6662 | participate in one type of set operation (i.e. union or intersection). | 6662 | participate in one type of set operation (i.e. union or intersection). |
6663 | The type of a set is determined upon its creation. | 6663 | The type of a set is determined upon its creation. |
6664 | If a the elements of a set are needed for an operation of a different | 6664 | If a the elements of a set are needed for an operation of a different |
@@ -6778,7 +6778,7 @@ until the client calls @code{GNUNET_SET_commit} | |||
6778 | @c %**end of header | 6778 | @c %**end of header |
6779 | 6779 | ||
6780 | To create symmetry between the two ways of starting a set operation | 6780 | To create symmetry between the two ways of starting a set operation |
6781 | (accepting and nitiating it), the operation handles returned by | 6781 | (accepting and initiating it), the operation handles returned by |
6782 | @code{GNUNET_SET_accept} and @code{GNUNET_SET_prepare} do not yet have a | 6782 | @code{GNUNET_SET_accept} and @code{GNUNET_SET_prepare} do not yet have a |
6783 | set to operate on, thus they can not do any work yet. | 6783 | set to operate on, thus they can not do any work yet. |
6784 | 6784 | ||
@@ -6935,10 +6935,10 @@ number of iterations). | |||
6935 | The receiver of the message removes all elements from its local set that | 6935 | The receiver of the message removes all elements from its local set that |
6936 | do not pass the Bloom filter test. | 6936 | do not pass the Bloom filter test. |
6937 | It then checks if the set size of the sender and the XOR over the keys | 6937 | It then checks if the set size of the sender and the XOR over the keys |
6938 | match what is left of his own set. If they do, he sends a | 6938 | match what is left of its own set. If they do, it sends a |
6939 | @code{GNUNET_MESSAGE_TYPE_SET_INTERSECTION_P2P_DONE} back to indicate | 6939 | @code{GNUNET_MESSAGE_TYPE_SET_INTERSECTION_P2P_DONE} back to indicate |
6940 | that the latest set is the final result. | 6940 | that the latest set is the final result. |
6941 | Otherwise, the receiver starts another Bloom fitler exchange, except | 6941 | Otherwise, the receiver starts another Bloom filter exchange, except |
6942 | this time as the sender. | 6942 | this time as the sender. |
6943 | 6943 | ||
6944 | @node Salt | 6944 | @node Salt |
@@ -6946,7 +6946,7 @@ this time as the sender. | |||
6946 | 6946 | ||
6947 | @c %**end of header | 6947 | @c %**end of header |
6948 | 6948 | ||
6949 | Bloomfilter operations are probablistic: With some non-zero probability | 6949 | Bloomfilter operations are probabilistic: With some non-zero probability |
6950 | the test may incorrectly say an element is in the set, even though it is | 6950 | the test may incorrectly say an element is in the set, even though it is |
6951 | not. | 6951 | not. |
6952 | 6952 | ||
@@ -6999,7 +6999,7 @@ message. If the IBF fully decodes, the peer responds with a | |||
6999 | GNUNET_MESSAGE_TYPE_SET_UNION_P2P_DONE message instead of another | 6999 | GNUNET_MESSAGE_TYPE_SET_UNION_P2P_DONE message instead of another |
7000 | GNUNET_MESSAGE_TYPE_SET_UNION_P2P_IBF. | 7000 | GNUNET_MESSAGE_TYPE_SET_UNION_P2P_IBF. |
7001 | 7001 | ||
7002 | All Bloom filter operations use a salt to mingle keys before hasing them | 7002 | All Bloom filter operations use a salt to mingle keys before hashing them |
7003 | into buckets, such that future iterations have a fresh chance of | 7003 | into buckets, such that future iterations have a fresh chance of |
7004 | succeeding if they failed due to collisions before. | 7004 | succeeding if they failed due to collisions before. |
7005 | 7005 | ||
@@ -7557,7 +7557,7 @@ already knows more than about a thousand blocks may need to send | |||
7557 | several of these messages. Naturally, the client should transmit these | 7557 | several of these messages. Naturally, the client should transmit these |
7558 | messages as quickly as possible after the original GET request such that | 7558 | messages as quickly as possible after the original GET request such that |
7559 | the DHT can filter those results in the network early on. Naturally, as | 7559 | the DHT can filter those results in the network early on. Naturally, as |
7560 | these messages are sent after the original request, it is conceivalbe | 7560 | these messages are sent after the original request, it is conceivable |
7561 | that the DHT service may return blocks that match those already known | 7561 | that the DHT service may return blocks that match those already known |
7562 | to the client anyway. | 7562 | to the client anyway. |
7563 | 7563 | ||
@@ -7670,7 +7670,7 @@ duplicate results) and when they obtain a matching, non-filtered response | |||
7670 | a @code{struct PeerResultMessage} of type | 7670 | a @code{struct PeerResultMessage} of type |
7671 | @code{GNUNET_MESSAGE_TYPE_DHT_P2P_RESULT} is forwarded to the previous | 7671 | @code{GNUNET_MESSAGE_TYPE_DHT_P2P_RESULT} is forwarded to the previous |
7672 | hop. | 7672 | hop. |
7673 | Whenver a result is forwarded, the block plugin is used to update the | 7673 | Whenever a result is forwarded, the block plugin is used to update the |
7674 | Bloom filter accordingly, to ensure that the same result is never | 7674 | Bloom filter accordingly, to ensure that the same result is never |
7675 | forwarded more than once. | 7675 | forwarded more than once. |
7676 | The DHT service may also cache forwarded results locally if the | 7676 | The DHT service may also cache forwarded results locally if the |
@@ -7737,7 +7737,7 @@ record types. | |||
7737 | 7737 | ||
7738 | @c %**end of header | 7738 | @c %**end of header |
7739 | 7739 | ||
7740 | The GNS API itself is extremely simple. Clients first connec to the | 7740 | The GNS API itself is extremely simple. Clients first connect to the |
7741 | GNS service using @code{GNUNET_GNS_connect}. | 7741 | GNS service using @code{GNUNET_GNS_connect}. |
7742 | They can then perform lookups using @code{GNUNET_GNS_lookup} or cancel | 7742 | They can then perform lookups using @code{GNUNET_GNS_lookup} or cancel |
7743 | pending lookups using @code{GNUNET_GNS_lookup_cancel}. | 7743 | pending lookups using @code{GNUNET_GNS_lookup_cancel}. |
@@ -7786,9 +7786,9 @@ their respective zones can automatically be learned and added to the | |||
7786 | the shorten zone. If NULL is passed, shortening is disabled. | 7786 | the shorten zone. If NULL is passed, shortening is disabled. |
7787 | @item proc This argument identifies | 7787 | @item proc This argument identifies |
7788 | the function to call with the result. It is given proc_cls, the number of | 7788 | the function to call with the result. It is given proc_cls, the number of |
7789 | records found (possilby zero) and the array of the records as arguments. | 7789 | records found (possibly zero) and the array of the records as arguments. |
7790 | proc will only be called once. After proc,> has been called, the lookup | 7790 | proc will only be called once. After proc,> has been called, the lookup |
7791 | must no longer be cancelled. | 7791 | must no longer be canceled. |
7792 | @item proc_cls The closure for proc. | 7792 | @item proc_cls The closure for proc. |
7793 | @end table | 7793 | @end table |
7794 | 7794 | ||
@@ -7943,7 +7943,7 @@ This is merely one method for how we can obtain GNS queries. | |||
7943 | It is also possible to change @code{resolv.conf} to point to a machine | 7943 | It is also possible to change @code{resolv.conf} to point to a machine |
7944 | running @code{gnunet-dns2gns} or to modify libc's name system switch | 7944 | running @code{gnunet-dns2gns} or to modify libc's name system switch |
7945 | (NSS) configuration to include a GNS resolution plugin. | 7945 | (NSS) configuration to include a GNS resolution plugin. |
7946 | The method described in this chaper is more of a last-ditch catch-all | 7946 | The method described in this chapter is more of a last-ditch catch-all |
7947 | approach. | 7947 | approach. |
7948 | 7948 | ||
7949 | @code{gnunet-service-dns} enables intercepting DNS traffic using policy | 7949 | @code{gnunet-service-dns} enables intercepting DNS traffic using policy |
@@ -8111,8 +8111,8 @@ This returns the handle required for all other operations on the | |||
8111 | NAMECACHE. Using @code{GNUNET_NAMECACHE_block_cache} clients can insert a | 8111 | NAMECACHE. Using @code{GNUNET_NAMECACHE_block_cache} clients can insert a |
8112 | block into the cache. | 8112 | block into the cache. |
8113 | @code{GNUNET_NAMECACHE_lookup_block} can be used to lookup blocks that | 8113 | @code{GNUNET_NAMECACHE_lookup_block} can be used to lookup blocks that |
8114 | were stored in the NAMECACHE. Both operations can be cancelled using | 8114 | were stored in the NAMECACHE. Both operations can be canceled using |
8115 | @code{GNUNET_NAMECACHE_cancel}. Note that cancelling a | 8115 | @code{GNUNET_NAMECACHE_cancel}. Note that canceling a |
8116 | @code{GNUNET_NAMECACHE_block_cache} operation can result in the block | 8116 | @code{GNUNET_NAMECACHE_block_cache} operation can result in the block |
8117 | being stored in the NAMECACHE --- or not. Cancellation primarily ensures | 8117 | being stored in the NAMECACHE --- or not. Cancellation primarily ensures |
8118 | that the continuation function with the result of the operation will no | 8118 | that the continuation function with the result of the operation will no |
@@ -8239,7 +8239,7 @@ When a revocation is performed, the revocation is first of all | |||
8239 | disseminated by flooding the overlay network. | 8239 | disseminated by flooding the overlay network. |
8240 | The goal is to reach every peer, so that when a peer needs to check if a | 8240 | The goal is to reach every peer, so that when a peer needs to check if a |
8241 | key has been revoked, this will be purely a local operation where the | 8241 | key has been revoked, this will be purely a local operation where the |
8242 | peer looks at his local revocation list. Flooding the network is also the | 8242 | peer looks at its local revocation list. Flooding the network is also the |
8243 | most robust form of key revocation --- an adversary would have to control | 8243 | most robust form of key revocation --- an adversary would have to control |
8244 | a separator of the overlay graph to restrict the propagation of the | 8244 | a separator of the overlay graph to restrict the propagation of the |
8245 | revocation message. Flooding is also very easy to implement --- peers that | 8245 | revocation message. Flooding is also very easy to implement --- peers that |
@@ -8299,7 +8299,7 @@ revocations. | |||
8299 | @code{GNUNET_REVOCATION_query} is used to check if a given ECDSA public | 8299 | @code{GNUNET_REVOCATION_query} is used to check if a given ECDSA public |
8300 | key has been revoked. | 8300 | key has been revoked. |
8301 | The given callback will be invoked with the result of the check. | 8301 | The given callback will be invoked with the result of the check. |
8302 | The query can be cancelled using @code{GNUNET_REVOCATION_query_cancel} on | 8302 | The query can be canceled using @code{GNUNET_REVOCATION_query_cancel} on |
8303 | the return value. | 8303 | the return value. |
8304 | 8304 | ||
8305 | @node Preparing revocations | 8305 | @node Preparing revocations |
@@ -8477,7 +8477,7 @@ metadata describing the content of the namespace. | |||
8477 | Instead of the name of the identifier for a potential update, it contains | 8477 | Instead of the name of the identifier for a potential update, it contains |
8478 | the identifier for the root of the namespace. | 8478 | the identifier for the root of the namespace. |
8479 | The URI should always be empty. The @code{SBlock} is signed with the | 8479 | The URI should always be empty. The @code{SBlock} is signed with the |
8480 | content provder's RSA private key (just like any other SBlock). Peers | 8480 | content provider's RSA private key (just like any other SBlock). Peers |
8481 | can search for @code{SBlock}s in order to find out more about a namespace. | 8481 | can search for @code{SBlock}s in order to find out more about a namespace. |
8482 | 8482 | ||
8483 | @node KSBlocks | 8483 | @node KSBlocks |
@@ -8800,5 +8800,5 @@ so please make sure that endpoints are unambiguous. | |||
8800 | @subsection Endpoint documentation | 8800 | @subsection Endpoint documentation |
8801 | 8801 | ||
8802 | This is WIP. Endpoints should be documented appropriately. | 8802 | This is WIP. Endpoints should be documented appropriately. |
8803 | Perferably using annotations. | 8803 | Preferably using annotations. |
8804 | 8804 | ||
diff --git a/doc/documentation/chapters/installation.texi b/doc/documentation/chapters/installation.texi new file mode 100644 index 000000000..f6dd69216 --- /dev/null +++ b/doc/documentation/chapters/installation.texi | |||
@@ -0,0 +1,2226 @@ | |||
1 | @node Installing GNUnet | ||
2 | @chapter Installing GNUnet | ||
3 | |||
4 | This guide is intended for those who want to install Gnunet from | ||
5 | source. For instructions on how to install GNUnet as a binary package | ||
6 | please refer to the official documentation of your operating system or | ||
7 | package manager. | ||
8 | |||
9 | @menu | ||
10 | * Installing dependencies:: | ||
11 | * Getting the Source Code:: | ||
12 | * Create @code{gnunet} user and group:: | ||
13 | * Preparing and Compiling the Source Code:: | ||
14 | * Installation:: | ||
15 | * MOVED FROM USER Checking the Installation:: | ||
16 | * MOVED FROM USER The graphical configuration interface:: | ||
17 | * MOVED FROM USER Config Leftovers:: | ||
18 | @end menu | ||
19 | |||
20 | @c ----------------------------------------------------------------------- | ||
21 | @node Installing dependencies | ||
22 | @section Installing dependencies | ||
23 | GNUnet needs few libraries and applications for being able to run and | ||
24 | another few optional ones for using certain features. Preferably they | ||
25 | should be installed with a package manager. Just in case we include a | ||
26 | link to the project websites. | ||
27 | |||
28 | The mandatory libraries and applications are | ||
29 | @itemize @bullet | ||
30 | @item libtool | ||
31 | @item autoconf >= version 2.59 | ||
32 | @item automake >= version 1.11.1 | ||
33 | @item pkg-config | ||
34 | @item libgcrypt >= version 1.6 | ||
35 | @item libextractor | ||
36 | @item libidn | ||
37 | @item libmicrohttpd >= version 0.9.52 | ||
38 | @item libnss | ||
39 | @item libunistring | ||
40 | @item gettext | ||
41 | @item glibc | ||
42 | @item libgmp | ||
43 | @item gnutls | ||
44 | @item libcurl (has to be linked to GnuTLS) or libgnurl | ||
45 | @item zlib | ||
46 | @end itemize | ||
47 | |||
48 | In addition GNUnet needs one of of these three databases | ||
49 | @itemize @bullet | ||
50 | @item sqlite + libsqlite (the default, requires no further configuration) | ||
51 | @item postgres + libpq | ||
52 | @item mysql + libmysqlclient | ||
53 | @end itemize | ||
54 | |||
55 | These are the dependencies only required for certain features | ||
56 | @itemize @bullet | ||
57 | @item Texinfo (for building the documentation) | ||
58 | @item Texlive (for building the documentation) | ||
59 | @item miniupnpc (for traversing NAT boxes more reliably) | ||
60 | @item libopus (for running the GNUnet conversation telephony application) | ||
61 | @item libpulse (for running the GNUnet conversation telephony application) | ||
62 | @item libogg (for running the GNUnet conversation telephony application) | ||
63 | @item bluez (for bluetooth support) | ||
64 | @item libpbc | ||
65 | (for attribute-based encryption and the identity provider subsystem) | ||
66 | @item libgabe | ||
67 | (for attribute-based encryption and the identity provider subsystem) | ||
68 | @end itemize | ||
69 | |||
70 | @c ----------------------------------------------------------------------- | ||
71 | @node Getting the Source Code | ||
72 | @section Getting the Source Code | ||
73 | You can either download the source code using git (you obviously need | ||
74 | git installed) or as an archive. | ||
75 | |||
76 | Using git type | ||
77 | @example | ||
78 | git clone https://gnunet.org/git/gnunet.git | ||
79 | @end example | ||
80 | |||
81 | The archive can be found at | ||
82 | @uref{https://gnunet.org/downloads}. Extract it using a graphical | ||
83 | archive tool or @code{tar}: | ||
84 | @example | ||
85 | tar xzvf gnunet-0.11.0pre66.tar.gz | ||
86 | @end example | ||
87 | |||
88 | In the next chapter we will assume that the source code is available | ||
89 | in the home directory at @code{~/gnunet}. | ||
90 | |||
91 | @c ----------------------------------------------------------------------- | ||
92 | @node Create @code{gnunet} user and group | ||
93 | @section Create @code{gnunet} user and group | ||
94 | The GNUnet services should be run as a dedicated user called | ||
95 | @code{gnunet}. For using them a user should be in the same group as | ||
96 | this system user. | ||
97 | |||
98 | Create user @code{gnunet} who is member of the group @code{gnunet} and | ||
99 | specify a home directory where the GNUnet services will store | ||
100 | persistant data such as information about peers. | ||
101 | @example | ||
102 | $ sudo useradd --system --groups gnunet --home-dir /var/lib/gnunet | ||
103 | @end example | ||
104 | |||
105 | Now add your own user to the @code{gnunet} group. | ||
106 | @example | ||
107 | $ sudo adduser alice gnunet | ||
108 | @end example | ||
109 | |||
110 | @c ----------------------------------------------------------------------- | ||
111 | @node Preparing and Compiling the Source Code | ||
112 | @section Preparing and Compiling the Source Code | ||
113 | For preparing the source code for compilation a bootstrap script and | ||
114 | @code{configure} has to be run from the source code directory. When | ||
115 | running @code{configure} the following options can be specified to | ||
116 | customize the compilation and installation process: | ||
117 | |||
118 | @itemize @bullet | ||
119 | @item @code{--disable-documentation} - don't build the configuration documents | ||
120 | @item @code{--enable-looging=[LOGLEVEL]} - choose a loglevel (@code{debug}, @code{info}, @code{warning} or @code{error}) | ||
121 | @item @code{--prefix=[PATH]} - the directory where the GNUnet libraries and binaries will be installed | ||
122 | @item @code{--with-extractor=[PATH]} - the path to libextractor | ||
123 | @item @code{--with-libidn=[PATH]} - the path to libidn | ||
124 | @item @code{--with-microhttpd=[PATH]} - the path to libmicrohttpd | ||
125 | @item @code{--with-sqlite=[PATH]} - the path to libsqlite | ||
126 | @item @code{--with-zlib=[PATH]} - the path to zlib | ||
127 | @item @code{--with-sudo=[PATH]} - path to the sudo binary (no need to run @code{make install} as root if specified) | ||
128 | @end itemize | ||
129 | |||
130 | The following example configures the installation prefix | ||
131 | @code{/usr/lib} and disables building the documentation | ||
132 | @example | ||
133 | $ cd ~/gnunet | ||
134 | $ ./bootstrap | ||
135 | $ configure --prefix=/usr/lib --disable-configuration | ||
136 | @end example | ||
137 | |||
138 | After running the bootstrap script and @code{configure} successfully | ||
139 | the source code can be compiled with make. Here @code{-j5} specifies | ||
140 | that 5 threads should be used. | ||
141 | @example | ||
142 | $ make -j5 | ||
143 | @end example | ||
144 | |||
145 | @c ----------------------------------------------------------------------- | ||
146 | @node Installation | ||
147 | @section Installation | ||
148 | The compiled binaries can be installed using @code{make install}. It | ||
149 | needs to be run as root (or with sudo) because some binaries need the | ||
150 | @code{suid} bit set. Without that some GNUnet subsystems (such as VPN) | ||
151 | will not work. | ||
152 | |||
153 | @example | ||
154 | $ sudo make install | ||
155 | @end example | ||
156 | |||
157 | One important library is the GNS plugin for NSS (the name services | ||
158 | switch) which allows using GNS (the GNU name system) in the normal DNS | ||
159 | resolution process. Unfortunately NSS expects it in a specific | ||
160 | location (probably @code{/lib}) which may differ from the installation | ||
161 | prefix (see @code{--prefix} option in the previous section). This is | ||
162 | why the pugin has to be installed manually. | ||
163 | |||
164 | Find the directory where nss plugins are installed on your system, e.g. | ||
165 | |||
166 | @example | ||
167 | $ ls -l /lib/libnss_* | ||
168 | /lib/libnss_mymachines.so.2 | ||
169 | /lib/libnss_resolve.so.2 | ||
170 | /lib/libnss_myhostname.so.2 | ||
171 | /lib/libnss_systemd.so.2 | ||
172 | @end example | ||
173 | |||
174 | Copy the GNS NSS plugin to that directory: | ||
175 | |||
176 | @example | ||
177 | cp ~/gnunet/src/gns/nss/libnss_gns.so.2 /lib | ||
178 | @end example | ||
179 | |||
180 | Now, to activate the plugin, you need to edit your | ||
181 | @code{/etc/nsswitch.conf} where you should find a line like this: | ||
182 | |||
183 | @example | ||
184 | hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4 | ||
185 | @end example | ||
186 | |||
187 | The exact details may differ a bit, which is fine. Add the text | ||
188 | @code{"gns [NOTFOUND=return]"} after @code{"files"}. | ||
189 | |||
190 | @example | ||
191 | hosts: files gns [NOTFOUND=return] mdns4_minimal [NOTFOUND=return] dns mdns4 | ||
192 | @end example | ||
193 | |||
194 | Optionally, if GNS shall be used with a browser, execute the GNS | ||
195 | CA-setup script. It will isetup the GNS Certificate Authority with the | ||
196 | user's browser. | ||
197 | @example | ||
198 | $ gnunet-gns-proxy-setup-ca | ||
199 | @end example | ||
200 | |||
201 | Finally install a configuration file in | ||
202 | @code{~/.gnunet/gnunet.conf}. Below you find an example config which | ||
203 | allows you to start GNUnet. | ||
204 | |||
205 | @example | ||
206 | [arm] | ||
207 | SYSTEM_ONLY = NO | ||
208 | USER_ONLY = NO | ||
209 | |||
210 | [transport] | ||
211 | PLUGINS = tcp | ||
212 | @end example | ||
213 | |||
214 | |||
215 | |||
216 | |||
217 | |||
218 | |||
219 | @node MOVED FROM USER Checking the Installation | ||
220 | @section MOVED FROM USER Checking the Installation | ||
221 | @c %**end of header | ||
222 | |||
223 | This section describes a quick, casual way to check if your GNUnet | ||
224 | installation works. However, if it does not, we do not cover | ||
225 | steps for recovery --- for this, please study the instructions | ||
226 | provided in the developer handbook as well as the system-specific | ||
227 | instruction in the source code repository@footnote{The system specific | ||
228 | instructions are not provided as part of this handbook!}. | ||
229 | |||
230 | |||
231 | @menu | ||
232 | * gnunet-gtk:: | ||
233 | * Statistics:: | ||
234 | * Peer Information:: | ||
235 | @end menu | ||
236 | |||
237 | @cindex GNUnet GTK | ||
238 | @cindex GTK | ||
239 | @cindex GTK user interface | ||
240 | @node gnunet-gtk | ||
241 | @subsection gnunet-gtk | ||
242 | @c %**end of header | ||
243 | |||
244 | The @command{gnunet-gtk} package contains several graphical | ||
245 | user interfaces for the respective GNUnet applications. | ||
246 | Currently these interfaces cover: | ||
247 | |||
248 | @itemize @bullet | ||
249 | @item Statistics | ||
250 | @item Peer Information | ||
251 | @item GNU Name System | ||
252 | @item File Sharing | ||
253 | @item Identity Management | ||
254 | @item Conversation | ||
255 | @end itemize | ||
256 | |||
257 | @node Statistics | ||
258 | @subsection Statistics | ||
259 | @c %**end of header | ||
260 | |||
261 | First, you should launch GNUnet gtk@footnote{Obviously you should also | ||
262 | start gnunet, via gnunet-arm or the system provided method}. | ||
263 | You can do this from the command-line by typing | ||
264 | |||
265 | @example | ||
266 | gnunet-statistics-gtk | ||
267 | @end example | ||
268 | |||
269 | If your peer@footnote{The term ``peer'' is a common word used in | ||
270 | federated and distributed networks to describe a participating device | ||
271 | which is connected to the network. Thus, your Personal Computer or | ||
272 | whatever it is you are looking at the Gtk+ interface describes a | ||
273 | ``Peer'' or a ``Node''.} is running correctly, you should see a bunch | ||
274 | of lines, all of which should be ``significantly'' above zero (at | ||
275 | least if your peer has been running for more than a few seconds). The | ||
276 | lines indicate how many other peers your peer is connected to (via | ||
277 | different mechanisms) and how large the entire overlay network is | ||
278 | currently estimated to be. The X-axis represents time (in seconds | ||
279 | since the start of @command{gnunet-gtk}). | ||
280 | |||
281 | You can click on "Traffic" to see information about the amount of | ||
282 | bandwidth your peer has consumed, and on "Storage" to check the amount | ||
283 | of storage available and used by your peer. Note that "Traffic" is | ||
284 | plotted cumulatively, so you should see a strict upwards trend in the | ||
285 | traffic. | ||
286 | |||
287 | @node Peer Information | ||
288 | @subsection Peer Information | ||
289 | @c %**end of header | ||
290 | |||
291 | First, you should launch the graphical user interface. You can do | ||
292 | this from the command-line by typing | ||
293 | |||
294 | @example | ||
295 | $ gnunet-peerinfo-gtk | ||
296 | @end example | ||
297 | |||
298 | Once you have done this, you will see a list of known peers (by the | ||
299 | first four characters of their public key), their friend status (all | ||
300 | should be marked as not-friends initially), their connectivity (green | ||
301 | is connected, red is disconnected), assigned bandwidth, country of | ||
302 | origin (if determined) and address information. If hardly any peers | ||
303 | are listed and/or if there are very few peers with a green light for | ||
304 | connectivity, there is likely a problem with your network | ||
305 | configuration. | ||
306 | |||
307 | @c NOTE: Inserted from Installation Handbook in original ``order'': | ||
308 | @c FIXME: Move this to User Handbook. | ||
309 | @node MOVED FROM USER The graphical configuration interface | ||
310 | @section MOVED FROM USER The graphical configuration interface | ||
311 | |||
312 | If you also would like to use @command{gnunet-gtk} and | ||
313 | @command{gnunet-setup} (highly recommended for beginners), do: | ||
314 | |||
315 | @menu | ||
316 | * Configuring your peer:: | ||
317 | * Configuring the Friend-to-Friend (F2F) mode:: | ||
318 | * Configuring the hostlist to bootstrap:: | ||
319 | * Configuration of the HOSTLIST proxy settings:: | ||
320 | * Configuring your peer to provide a hostlist :: | ||
321 | * Configuring the datastore:: | ||
322 | * Configuring the MySQL database:: | ||
323 | * Reasons for using MySQL:: | ||
324 | * Reasons for not using MySQL:: | ||
325 | * Setup Instructions:: | ||
326 | * Testing:: | ||
327 | * Performance Tuning:: | ||
328 | * Setup for running Testcases:: | ||
329 | * Configuring the Postgres database:: | ||
330 | * Reasons to use Postgres:: | ||
331 | * Reasons not to use Postgres:: | ||
332 | * Manual setup instructions:: | ||
333 | * Testing the setup manually:: | ||
334 | * Configuring the datacache:: | ||
335 | * Configuring the file-sharing service:: | ||
336 | * Configuring logging:: | ||
337 | * Configuring the transport service and plugins:: | ||
338 | * Configuring the WLAN transport plugin:: | ||
339 | * Configuring HTTP(S) reverse proxy functionality using Apache or nginx:: | ||
340 | * Blacklisting peers:: | ||
341 | * Configuration of the HTTP and HTTPS transport plugins:: | ||
342 | * Configuring the GNU Name System:: | ||
343 | * Configuring the GNUnet VPN:: | ||
344 | * Bandwidth Configuration:: | ||
345 | * Configuring NAT:: | ||
346 | * Peer configuration for distributions:: | ||
347 | @end menu | ||
348 | |||
349 | @node Configuring your peer | ||
350 | @subsection Configuring your peer | ||
351 | |||
352 | This chapter will describe the various configuration options in GNUnet. | ||
353 | |||
354 | The easiest way to configure your peer is to use the | ||
355 | @command{gnunet-setup} tool. | ||
356 | @command{gnunet-setup} is part of the @command{gnunet-gtk} | ||
357 | application. You might have to install it separately. | ||
358 | |||
359 | Many of the specific sections from this chapter actually are linked from | ||
360 | within @command{gnunet-setup} to help you while using the setup tool. | ||
361 | |||
362 | While you can also configure your peer by editing the configuration | ||
363 | file by hand, this is not recommended for anyone except for developers | ||
364 | as it requires a more in-depth understanding of the configuration files | ||
365 | and internal dependencies of GNUnet. | ||
366 | |||
367 | @node Configuring the Friend-to-Friend (F2F) mode | ||
368 | @subsection Configuring the Friend-to-Friend (F2F) mode | ||
369 | |||
370 | GNUnet knows three basic modes of operation: | ||
371 | @itemize @bullet | ||
372 | @item In standard "peer-to-peer" mode, | ||
373 | your peer will connect to any peer. | ||
374 | @item In the pure "friend-to-friend" | ||
375 | mode, your peer will ONLY connect to peers from a list of friends | ||
376 | specified in the configuration. | ||
377 | @item Finally, in mixed mode, | ||
378 | GNUnet will only connect to arbitrary peers if it | ||
379 | has at least a specified number of connections to friends. | ||
380 | @end itemize | ||
381 | |||
382 | When configuring any of the F2F ("friend-to-friend") modes, | ||
383 | you first need to create a file with the peer identities | ||
384 | of your friends. Ask your friends to run | ||
385 | |||
386 | @example | ||
387 | $ gnunet-peerinfo -sq | ||
388 | @end example | ||
389 | |||
390 | @noindent | ||
391 | The resulting output of this command needs to be added to your | ||
392 | @file{friends} file, which is simply a plain text file with one line | ||
393 | per friend with the output from the above command. | ||
394 | |||
395 | You then specify the location of your @file{friends} file in the | ||
396 | @code{FRIENDS} option of the "topology" section. | ||
397 | |||
398 | Once you have created the @file{friends} file, you can tell GNUnet to only | ||
399 | connect to your friends by setting the @code{FRIENDS-ONLY} option | ||
400 | (again in the "topology" section) to YES. | ||
401 | |||
402 | If you want to run in mixed-mode, set "FRIENDS-ONLY" to NO and configure a | ||
403 | minimum number of friends to have (before connecting to arbitrary peers) | ||
404 | under the "MINIMUM-FRIENDS" option. | ||
405 | |||
406 | If you want to operate in normal P2P-only mode, simply set | ||
407 | @code{MINIMUM-FRIENDS} to zero and @code{FRIENDS_ONLY} to NO. | ||
408 | This is the default. | ||
409 | |||
410 | @node Configuring the hostlist to bootstrap | ||
411 | @subsection Configuring the hostlist to bootstrap | ||
412 | |||
413 | After installing the software you need to get connected to the GNUnet | ||
414 | network. The configuration file included in your download is already | ||
415 | configured to connect you to the GNUnet network. | ||
416 | In this section the relevant configuration settings are explained. | ||
417 | |||
418 | To get an initial connection to the GNUnet network and to get to know | ||
419 | peers already connected to the network you can use the so called | ||
420 | "bootstrap servers". | ||
421 | These servers can give you a list of peers connected to the network. | ||
422 | To use these bootstrap servers you have to configure the hostlist daemon | ||
423 | to activate bootstrapping. | ||
424 | |||
425 | To activate bootstrapping, edit the @code{[hostlist]}-section in your | ||
426 | configuration file. You have to set the argument @command{-b} in the | ||
427 | options line: | ||
428 | |||
429 | @example | ||
430 | [hostlist] | ||
431 | OPTIONS = -b | ||
432 | @end example | ||
433 | |||
434 | Additionally you have to specify which server you want to use. | ||
435 | The default bootstrapping server is | ||
436 | "@uref{http://v10.gnunet.org/hostlist, http://v10.gnunet.org/hostlist}". | ||
437 | [^] To set the server you have to edit the line "SERVERS" in the hostlist | ||
438 | section. To use the default server you should set the lines to | ||
439 | |||
440 | @example | ||
441 | SERVERS = http://v10.gnunet.org/hostlist [^] | ||
442 | @end example | ||
443 | |||
444 | @noindent | ||
445 | To use bootstrapping your configuration file should include these lines: | ||
446 | |||
447 | @example | ||
448 | [hostlist] | ||
449 | OPTIONS = -b | ||
450 | SERVERS = http://v10.gnunet.org/hostlist [^] | ||
451 | @end example | ||
452 | |||
453 | @noindent | ||
454 | Besides using bootstrap servers you can configure your GNUnet peer to | ||
455 | receive hostlist advertisements. | ||
456 | Peers offering hostlists to other peers can send advertisement messages | ||
457 | to peers that connect to them. If you configure your peer to receive these | ||
458 | messages, your peer can download these lists and connect to the peers | ||
459 | included. These lists are persistent, which means that they are saved to | ||
460 | your hard disk regularly and are loaded during startup. | ||
461 | |||
462 | To activate hostlist learning you have to add the @command{-e} | ||
463 | switch to the @code{OPTIONS} line in the hostlist section: | ||
464 | |||
465 | @example | ||
466 | [hostlist] | ||
467 | OPTIONS = -b -e | ||
468 | @end example | ||
469 | |||
470 | @noindent | ||
471 | Furthermore you can specify in which file the lists are saved. | ||
472 | To save the lists in the file @file{hostlists.file} just add the line: | ||
473 | |||
474 | @example | ||
475 | HOSTLISTFILE = hostlists.file | ||
476 | @end example | ||
477 | |||
478 | @noindent | ||
479 | Best practice is to activate both bootstrapping and hostlist learning. | ||
480 | So your configuration file should include these lines: | ||
481 | |||
482 | @example | ||
483 | [hostlist] | ||
484 | OPTIONS = -b -e | ||
485 | HTTPPORT = 8080 | ||
486 | SERVERS = http://v10.gnunet.org/hostlist [^] | ||
487 | HOSTLISTFILE = $SERVICEHOME/hostlists.file | ||
488 | @end example | ||
489 | |||
490 | @node Configuration of the HOSTLIST proxy settings | ||
491 | @subsection Configuration of the HOSTLIST proxy settings | ||
492 | |||
493 | The hostlist client can be configured to use a proxy to connect to the | ||
494 | hostlist server. | ||
495 | This functionality can be configured in the configuration file directly | ||
496 | or using the @command{gnunet-setup} tool. | ||
497 | |||
498 | The hostlist client supports the following proxy types at the moment: | ||
499 | |||
500 | @itemize @bullet | ||
501 | @item HTTP and HTTP 1.0 only proxy | ||
502 | @item SOCKS 4/4a/5/5 with hostname | ||
503 | @end itemize | ||
504 | |||
505 | In addition authentication at the proxy with username and password can be | ||
506 | configured. | ||
507 | |||
508 | To configure proxy support for the hostlist client in the | ||
509 | @command{gnunet-setup} tool, select the "hostlist" tab and select | ||
510 | the appropriate proxy type. | ||
511 | The hostname or IP address (including port if required) has to be entered | ||
512 | in the "Proxy hostname" textbox. If required, enter username and password | ||
513 | in the "Proxy username" and "Proxy password" boxes. | ||
514 | Be aware that this information will be stored in the configuration in | ||
515 | plain text (TODO: Add explanation and generalize the part in Chapter 3.6 | ||
516 | about the encrypted home). | ||
517 | |||
518 | To provide these options directly in the configuration, you can | ||
519 | enter the following settings in the @code{[hostlist]} section of | ||
520 | the configuration: | ||
521 | |||
522 | @example | ||
523 | # Type of proxy server, | ||
524 | # Valid values: HTTP, HTTP_1_0, SOCKS4, SOCKS5, SOCKS4A, SOCKS5_HOSTNAME | ||
525 | # Default: HTTP | ||
526 | # PROXY_TYPE = HTTP | ||
527 | |||
528 | # Hostname or IP of proxy server | ||
529 | # PROXY = | ||
530 | # User name for proxy server | ||
531 | # PROXY_USERNAME = | ||
532 | # User password for proxy server | ||
533 | # PROXY_PASSWORD = | ||
534 | @end example | ||
535 | |||
536 | @node Configuring your peer to provide a hostlist | ||
537 | @subsection Configuring your peer to provide a hostlist | ||
538 | |||
539 | If you operate a peer permanently connected to GNUnet you can configure | ||
540 | your peer to act as a hostlist server, providing other peers the list of | ||
541 | peers known to him. | ||
542 | |||
543 | Your server can act as a bootstrap server and peers needing to obtain a | ||
544 | list of peers can contact it to download this list. | ||
545 | To download this hostlist the peer uses HTTP. | ||
546 | For this reason you have to build your peer with libgnurl (or libcurl) | ||
547 | and microhttpd support. | ||
548 | |||
549 | To configure your peer to act as a bootstrap server you have to add the | ||
550 | @command{-p} option to @code{OPTIONS} in the @code{[hostlist]} section | ||
551 | of your configuration file. | ||
552 | Besides that you have to specify a port number for the http server. | ||
553 | In conclusion you have to add the following lines: | ||
554 | |||
555 | @example | ||
556 | [hostlist] | ||
557 | HTTPPORT = 12980 | ||
558 | OPTIONS = -p | ||
559 | @end example | ||
560 | |||
561 | @noindent | ||
562 | If your peer acts as a bootstrap server other peers should know about | ||
563 | that. You can advertise the hostlist your are providing to other peers. | ||
564 | Peers connecting to your peer will get a message containing an | ||
565 | advertisement for your hostlist and the URL where it can be downloaded. | ||
566 | If this peer is in learning mode, it will test the hostlist and, in the | ||
567 | case it can obtain the list successfully, it will save it for | ||
568 | bootstrapping. | ||
569 | |||
570 | To activate hostlist advertisement on your peer, you have to set the | ||
571 | following lines in your configuration file: | ||
572 | |||
573 | @example | ||
574 | [hostlist] | ||
575 | EXTERNAL_DNS_NAME = example.org | ||
576 | HTTPPORT = 12981 | ||
577 | OPTIONS = -p -a | ||
578 | @end example | ||
579 | |||
580 | @noindent | ||
581 | With this configuration your peer will a act as a bootstrap server and | ||
582 | advertise this hostlist to other peers connecting to it. | ||
583 | The URL used to download the list will be | ||
584 | @code{@uref{http://example.org:12981/, http://example.org:12981/}}. | ||
585 | |||
586 | Please notice: | ||
587 | |||
588 | @itemize @bullet | ||
589 | @item The hostlist is @b{not} human readable, so you should not try to | ||
590 | download it using your webbrowser. Just point your GNUnet peer to the | ||
591 | address! | ||
592 | @item Advertising without providing a hostlist does not make sense and | ||
593 | will not work. | ||
594 | @end itemize | ||
595 | |||
596 | @node Configuring the datastore | ||
597 | @subsection Configuring the datastore | ||
598 | |||
599 | The datastore is what GNUnet uses for long-term storage of file-sharing | ||
600 | data. Note that long-term does not mean 'forever' since content does have | ||
601 | an expiration date, and of course storage space is finite (and hence | ||
602 | sometimes content may have to be discarded). | ||
603 | |||
604 | Use the @code{QUOTA} option to specify how many bytes of storage space | ||
605 | you are willing to dedicate to GNUnet. | ||
606 | |||
607 | In addition to specifying the maximum space GNUnet is allowed to use for | ||
608 | the datastore, you need to specify which database GNUnet should use to do | ||
609 | so. Currently, you have the choice between sqLite, MySQL and Postgres. | ||
610 | |||
611 | @node Configuring the MySQL database | ||
612 | @subsection Configuring the MySQL database | ||
613 | |||
614 | This section describes how to setup the MySQL database for GNUnet. | ||
615 | |||
616 | Note that the mysql plugin does NOT work with mysql before 4.1 since we | ||
617 | need prepared statements. | ||
618 | We are generally testing the code against MySQL 5.1 at this point. | ||
619 | |||
620 | @node Reasons for using MySQL | ||
621 | @subsection Reasons for using MySQL | ||
622 | |||
623 | @itemize @bullet | ||
624 | |||
625 | @item On up-to-date hardware wher | ||
626 | mysql can be used comfortably, this module | ||
627 | will have better performance than the other database choices (according | ||
628 | to our tests). | ||
629 | |||
630 | @item Its often possible to recover the mysql database from internal | ||
631 | inconsistencies. Some of the other databases do not support repair. | ||
632 | @end itemize | ||
633 | |||
634 | @node Reasons for not using MySQL | ||
635 | @subsection Reasons for not using MySQL | ||
636 | |||
637 | @itemize @bullet | ||
638 | @item Memory usage (likely not an issue if you have more than 1 GB) | ||
639 | @item Complex manual setup | ||
640 | @end itemize | ||
641 | |||
642 | @node Setup Instructions | ||
643 | @subsection Setup Instructions | ||
644 | |||
645 | @itemize @bullet | ||
646 | |||
647 | @item In @file{gnunet.conf} set in section @code{DATASTORE} the value for | ||
648 | @code{DATABASE} to @code{mysql}. | ||
649 | |||
650 | @item Access mysql as root: | ||
651 | |||
652 | @example | ||
653 | $ mysql -u root -p | ||
654 | @end example | ||
655 | |||
656 | @noindent | ||
657 | and issue the following commands, replacing $USER with the username | ||
658 | that will be running @command{gnunet-arm} (so typically "gnunet"): | ||
659 | |||
660 | @example | ||
661 | CREATE DATABASE gnunet; | ||
662 | GRANT select,insert,update,delete,create,alter,drop,create \ | ||
663 | temporary tables ON gnunet.* TO $USER@@localhost; | ||
664 | SET PASSWORD FOR $USER@@localhost=PASSWORD('$the_password_you_like'); | ||
665 | FLUSH PRIVILEGES; | ||
666 | @end example | ||
667 | |||
668 | @item | ||
669 | In the $HOME directory of $USER, create a @file{.my.cnf} file with the | ||
670 | following lines | ||
671 | |||
672 | @example | ||
673 | [client] | ||
674 | user=$USER | ||
675 | password=$the_password_you_like | ||
676 | @end example | ||
677 | |||
678 | @end itemize | ||
679 | |||
680 | That's it. Note that @file{.my.cnf} file is a slight security risk unless | ||
681 | its on a safe partition. The @file{$HOME/.my.cnf} can of course be | ||
682 | a symbolic link. | ||
683 | Luckily $USER has only privileges to mess up GNUnet's tables, | ||
684 | which should be pretty harmless. | ||
685 | |||
686 | @node Testing | ||
687 | @subsection Testing | ||
688 | |||
689 | You should briefly try if the database connection works. First, login | ||
690 | as $USER. Then use: | ||
691 | |||
692 | @example | ||
693 | $ mysql -u $USER | ||
694 | mysql> use gnunet; | ||
695 | @end example | ||
696 | |||
697 | @noindent | ||
698 | If you get the message | ||
699 | |||
700 | @example | ||
701 | Database changed | ||
702 | @end example | ||
703 | |||
704 | @noindent | ||
705 | it probably works. | ||
706 | |||
707 | If you get | ||
708 | |||
709 | @example | ||
710 | ERROR 2002: Can't connect to local MySQL server | ||
711 | through socket '/tmp/mysql.sock' (2) | ||
712 | @end example | ||
713 | |||
714 | @noindent | ||
715 | it may be resolvable by | ||
716 | |||
717 | @example | ||
718 | ln -s /var/run/mysqld/mysqld.sock /tmp/mysql.sock | ||
719 | @end example | ||
720 | |||
721 | @noindent | ||
722 | so there may be some additional trouble depending on your mysql setup. | ||
723 | |||
724 | @node Performance Tuning | ||
725 | @subsection Performance Tuning | ||
726 | |||
727 | For GNUnet, you probably want to set the option | ||
728 | |||
729 | @example | ||
730 | innodb_flush_log_at_trx_commit = 0 | ||
731 | @end example | ||
732 | |||
733 | @noindent | ||
734 | for a rather dramatic boost in MySQL performance. However, this reduces | ||
735 | the "safety" of your database as with this options you may loose | ||
736 | transactions during a power outage. | ||
737 | While this is totally harmless for GNUnet, the option applies to all | ||
738 | applications using MySQL. So you should set it if (and only if) GNUnet is | ||
739 | the only application on your system using MySQL. | ||
740 | |||
741 | @node Setup for running Testcases | ||
742 | @subsection Setup for running Testcases | ||
743 | |||
744 | If you want to run the testcases, you must create a second database | ||
745 | "gnunetcheck" with the same username and password. This database will | ||
746 | then be used for testing (@command{make check}). | ||
747 | |||
748 | @node Configuring the Postgres database | ||
749 | @subsection Configuring the Postgres database | ||
750 | |||
751 | This text describes how to setup the Postgres database for GNUnet. | ||
752 | |||
753 | This Postgres plugin was developed for Postgres 8.3 but might work for | ||
754 | earlier versions as well. | ||
755 | |||
756 | @node Reasons to use Postgres | ||
757 | @subsection Reasons to use Postgres | ||
758 | |||
759 | @itemize @bullet | ||
760 | @item Easier to setup than MySQL | ||
761 | @item Real database | ||
762 | @end itemize | ||
763 | |||
764 | @node Reasons not to use Postgres | ||
765 | @subsection Reasons not to use Postgres | ||
766 | |||
767 | @itemize @bullet | ||
768 | @item Quite slow | ||
769 | @item Still some manual setup required | ||
770 | @end itemize | ||
771 | |||
772 | @node Manual setup instructions | ||
773 | @subsection Manual setup instructions | ||
774 | |||
775 | @itemize @bullet | ||
776 | @item In @file{gnunet.conf} set in section @code{DATASTORE} the value for | ||
777 | @code{DATABASE} to @code{postgres}. | ||
778 | @item Access Postgres to create a user: | ||
779 | |||
780 | @table @asis | ||
781 | @item with Postgres 8.x, use: | ||
782 | |||
783 | @example | ||
784 | # su - postgres | ||
785 | $ createuser | ||
786 | @end example | ||
787 | |||
788 | @noindent | ||
789 | and enter the name of the user running GNUnet for the role interactively. | ||
790 | Then, when prompted, do not set it to superuser, allow the creation of | ||
791 | databases, and do not allow the creation of new roles. | ||
792 | |||
793 | @item with Postgres 9.x, use: | ||
794 | |||
795 | @example | ||
796 | # su - postgres | ||
797 | $ createuser -d $GNUNET_USER | ||
798 | @end example | ||
799 | |||
800 | @noindent | ||
801 | where $GNUNET_USER is the name of the user running GNUnet. | ||
802 | |||
803 | @end table | ||
804 | |||
805 | |||
806 | @item | ||
807 | As that user (so typically as user "gnunet"), create a database (or two): | ||
808 | |||
809 | @example | ||
810 | $ createdb gnunet | ||
811 | # this way you can run "make check" | ||
812 | $ createdb gnunetcheck | ||
813 | @end example | ||
814 | |||
815 | @end itemize | ||
816 | |||
817 | Now you should be able to start @code{gnunet-arm}. | ||
818 | |||
819 | @node Testing the setup manually | ||
820 | @subsection Testing the setup manually | ||
821 | |||
822 | You may want to try if the database connection works. First, again login | ||
823 | as the user who will run @command{gnunet-arm}. Then use: | ||
824 | |||
825 | @example | ||
826 | $ psql gnunet # or gnunetcheck | ||
827 | gnunet=> \dt | ||
828 | @end example | ||
829 | |||
830 | @noindent | ||
831 | If, after you have started @command{gnunet-arm} at least once, you get | ||
832 | a @code{gn090} table here, it probably works. | ||
833 | |||
834 | @node Configuring the datacache | ||
835 | @subsection Configuring the datacache | ||
836 | @c %**end of header | ||
837 | |||
838 | The datacache is what GNUnet uses for storing temporary data. This data is | ||
839 | expected to be wiped completely each time GNUnet is restarted (or the | ||
840 | system is rebooted). | ||
841 | |||
842 | You need to specify how many bytes GNUnet is allowed to use for the | ||
843 | datacache using the @code{QUOTA} option in the section @code{[dhtcache]}. | ||
844 | Furthermore, you need to specify which database backend should be used to | ||
845 | store the data. Currently, you have the choice between | ||
846 | sqLite, MySQL and Postgres. | ||
847 | |||
848 | @node Configuring the file-sharing service | ||
849 | @subsection Configuring the file-sharing service | ||
850 | |||
851 | In order to use GNUnet for file-sharing, you first need to make sure | ||
852 | that the file-sharing service is loaded. | ||
853 | This is done by setting the @code{START_ON_DEMAND} option in | ||
854 | section @code{[fs]} to "YES". Alternatively, you can run | ||
855 | |||
856 | @example | ||
857 | $ gnunet-arm -i fs | ||
858 | @end example | ||
859 | |||
860 | @noindent | ||
861 | to start the file-sharing service by hand. | ||
862 | |||
863 | Except for configuring the database and the datacache the only important | ||
864 | option for file-sharing is content migration. | ||
865 | |||
866 | Content migration allows your peer to cache content from other peers as | ||
867 | well as send out content stored on your system without explicit requests. | ||
868 | This content replication has positive and negative impacts on both system | ||
869 | performance and privacy. | ||
870 | |||
871 | FIXME: discuss the trade-offs. Here is some older text about it... | ||
872 | |||
873 | Setting this option to YES allows gnunetd to migrate data to the local | ||
874 | machine. Setting this option to YES is highly recommended for efficiency. | ||
875 | Its also the default. If you set this value to YES, GNUnet will store | ||
876 | content on your machine that you cannot decrypt. | ||
877 | While this may protect you from liability if the judge is sane, it may | ||
878 | not (IANAL). If you put illegal content on your machine yourself, setting | ||
879 | this option to YES will probably increase your chances to get away with it | ||
880 | since you can plausibly deny that you inserted the content. | ||
881 | Note that in either case, your anonymity would have to be broken first | ||
882 | (which may be possible depending on the size of the GNUnet network and the | ||
883 | strength of the adversary). | ||
884 | |||
885 | @node Configuring logging | ||
886 | @subsection Configuring logging | ||
887 | |||
888 | Logging in GNUnet 0.9.0 is controlled via the "-L" and "-l" options. | ||
889 | Using @code{-L}, a log level can be specified. With log level | ||
890 | @code{ERROR} only serious errors are logged. | ||
891 | The default log level is @code{WARNING} which causes anything of | ||
892 | concern to be logged. | ||
893 | Log level @code{INFO} can be used to log anything that might be | ||
894 | interesting information whereas | ||
895 | @code{DEBUG} can be used by developers to log debugging messages | ||
896 | (but you need to run @code{./configure} with | ||
897 | @code{--enable-logging=verbose} to get them compiled). | ||
898 | The @code{-l} option is used to specify the log file. | ||
899 | |||
900 | Since most GNUnet services are managed by @code{gnunet-arm}, using the | ||
901 | @code{-l} or @code{-L} options directly is not possible. | ||
902 | Instead, they can be specified using the @code{OPTIONS} configuration | ||
903 | value in the respective section for the respective service. | ||
904 | In order to enable logging globally without editing the @code{OPTIONS} | ||
905 | values for each service, @command{gnunet-arm} supports a | ||
906 | @code{GLOBAL_POSTFIX} option. | ||
907 | The value specified here is given as an extra option to all services for | ||
908 | which the configuration does contain a service-specific @code{OPTIONS} | ||
909 | field. | ||
910 | |||
911 | @code{GLOBAL_POSTFIX} can contain the special sequence "@{@}" which | ||
912 | is replaced by the name of the service that is being started. | ||
913 | Furthermore, @code{GLOBAL_POSTFIX} is special in that sequences | ||
914 | starting with "$" anywhere in the string are expanded (according | ||
915 | to options in @code{PATHS}); this expansion otherwise is | ||
916 | only happening for filenames and then the "$" must be the | ||
917 | first character in the option. Both of these restrictions do | ||
918 | not apply to @code{GLOBAL_POSTFIX}. | ||
919 | Note that specifying @code{%} anywhere in the @code{GLOBAL_POSTFIX} | ||
920 | disables both of these features. | ||
921 | |||
922 | In summary, in order to get all services to log at level | ||
923 | @code{INFO} to log-files called @code{SERVICENAME-logs}, the | ||
924 | following global prefix should be used: | ||
925 | |||
926 | @example | ||
927 | GLOBAL_POSTFIX = -l $SERVICEHOME/@{@}-logs -L INFO | ||
928 | @end example | ||
929 | |||
930 | @node Configuring the transport service and plugins | ||
931 | @subsection Configuring the transport service and plugins | ||
932 | |||
933 | The transport service in GNUnet is responsible to maintain basic | ||
934 | connectivity to other peers. | ||
935 | Besides initiating and keeping connections alive it is also responsible | ||
936 | for address validation. | ||
937 | |||
938 | The GNUnet transport supports more than one transport protocol. | ||
939 | These protocols are configured together with the transport service. | ||
940 | |||
941 | The configuration section for the transport service itself is quite | ||
942 | similar to all the other services | ||
943 | |||
944 | @example | ||
945 | START_ON_DEMAND = YES | ||
946 | @@UNIXONLY@@ PORT = 2091 | ||
947 | HOSTNAME = localhost | ||
948 | HOME = $SERVICEHOME | ||
949 | CONFIG = $DEFAULTCONFIG | ||
950 | BINARY = gnunet-service-transport | ||
951 | #PREFIX = valgrind | ||
952 | NEIGHBOUR_LIMIT = 50 | ||
953 | ACCEPT_FROM = 127.0.0.1; | ||
954 | ACCEPT_FROM6 = ::1; | ||
955 | PLUGINS = tcp udp | ||
956 | UNIXPATH = /tmp/gnunet-service-transport.sock | ||
957 | @end example | ||
958 | |||
959 | Different are the settings for the plugins to load @code{PLUGINS}. | ||
960 | The first setting specifies which transport plugins to load. | ||
961 | |||
962 | @itemize @bullet | ||
963 | @item transport-unix | ||
964 | A plugin for local only communication with UNIX domain sockets. Used for | ||
965 | testing and available on unix systems only. Just set the port | ||
966 | |||
967 | @example | ||
968 | [transport-unix] | ||
969 | PORT = 22086 | ||
970 | TESTING_IGNORE_KEYS = ACCEPT_FROM; | ||
971 | @end example | ||
972 | |||
973 | @item transport-tcp | ||
974 | A plugin for communication with TCP. Set port to 0 for client mode with | ||
975 | outbound only connections | ||
976 | |||
977 | @example | ||
978 | [transport-tcp] | ||
979 | # Use 0 to ONLY advertise as a peer behind NAT (no port binding) | ||
980 | PORT = 2086 | ||
981 | ADVERTISED_PORT = 2086 | ||
982 | TESTING_IGNORE_KEYS = ACCEPT_FROM; | ||
983 | # Maximum number of open TCP connections allowed | ||
984 | MAX_CONNECTIONS = 128 | ||
985 | @end example | ||
986 | |||
987 | @item transport-udp | ||
988 | A plugin for communication with UDP. Supports peer discovery using | ||
989 | broadcasts. | ||
990 | |||
991 | @example | ||
992 | [transport-udp] | ||
993 | PORT = 2086 | ||
994 | BROADCAST = YES | ||
995 | BROADCAST_INTERVAL = 30 s | ||
996 | MAX_BPS = 1000000 | ||
997 | TESTING_IGNORE_KEYS = ACCEPT_FROM; | ||
998 | @end example | ||
999 | |||
1000 | @item transport-http | ||
1001 | HTTP and HTTPS support is split in two part: a client plugin initiating | ||
1002 | outbound connections and a server part accepting connections from the | ||
1003 | client. The client plugin just takes the maximum number of connections as | ||
1004 | an argument. | ||
1005 | |||
1006 | @example | ||
1007 | [transport-http_client] | ||
1008 | MAX_CONNECTIONS = 128 | ||
1009 | TESTING_IGNORE_KEYS = ACCEPT_FROM; | ||
1010 | @end example | ||
1011 | |||
1012 | @example | ||
1013 | [transport-https_client] | ||
1014 | MAX_CONNECTIONS = 128 | ||
1015 | TESTING_IGNORE_KEYS = ACCEPT_FROM; | ||
1016 | @end example | ||
1017 | |||
1018 | @noindent | ||
1019 | The server has a port configured and the maximum number of connections. | ||
1020 | The HTTPS part has two files with the certificate key and the certificate | ||
1021 | file. | ||
1022 | |||
1023 | The server plugin supports reverse proxies, so a external hostname can be | ||
1024 | set using the @code{EXTERNAL_HOSTNAME} setting. | ||
1025 | The webserver under this address should forward the request to the peer | ||
1026 | and the configure port. | ||
1027 | |||
1028 | @example | ||
1029 | [transport-http_server] | ||
1030 | EXTERNAL_HOSTNAME = fulcrum.net.in.tum.de/gnunet | ||
1031 | PORT = 1080 | ||
1032 | MAX_CONNECTIONS = 128 | ||
1033 | TESTING_IGNORE_KEYS = ACCEPT_FROM; | ||
1034 | @end example | ||
1035 | |||
1036 | @example | ||
1037 | [transport-https_server] | ||
1038 | PORT = 4433 | ||
1039 | CRYPTO_INIT = NORMAL | ||
1040 | KEY_FILE = https.key | ||
1041 | CERT_FILE = https.cert | ||
1042 | MAX_CONNECTIONS = 128 | ||
1043 | TESTING_IGNORE_KEYS = ACCEPT_FROM; | ||
1044 | @end example | ||
1045 | |||
1046 | @item transport-wlan | ||
1047 | |||
1048 | The next section describes how to setup the WLAN plugin, | ||
1049 | so here only the settings. Just specify the interface to use: | ||
1050 | |||
1051 | @example | ||
1052 | [transport-wlan] | ||
1053 | # Name of the interface in monitor mode (typically monX) | ||
1054 | INTERFACE = mon0 | ||
1055 | # Real hardware, no testing | ||
1056 | TESTMODE = 0 | ||
1057 | TESTING_IGNORE_KEYS = ACCEPT_FROM; | ||
1058 | @end example | ||
1059 | @end itemize | ||
1060 | |||
1061 | @node Configuring the WLAN transport plugin | ||
1062 | @subsection Configuring the WLAN transport plugin | ||
1063 | |||
1064 | The wlan transport plugin enables GNUnet to send and to receive data on a | ||
1065 | wlan interface. | ||
1066 | It has not to be connected to a wlan network as long as sender and | ||
1067 | receiver are on the same channel. This enables you to get connection to | ||
1068 | GNUnet where no internet access is possible, for example during | ||
1069 | catastrophes or when censorship cuts you off from the internet. | ||
1070 | |||
1071 | |||
1072 | @menu | ||
1073 | * Requirements for the WLAN plugin:: | ||
1074 | * Configuration:: | ||
1075 | * Before starting GNUnet:: | ||
1076 | * Limitations and known bugs:: | ||
1077 | @end menu | ||
1078 | |||
1079 | |||
1080 | @node Requirements for the WLAN plugin | ||
1081 | @subsubsection Requirements for the WLAN plugin | ||
1082 | |||
1083 | @itemize @bullet | ||
1084 | |||
1085 | @item wlan network card with monitor support and packet injection | ||
1086 | (see @uref{http://www.aircrack-ng.org/, aircrack-ng.org}) | ||
1087 | |||
1088 | @item Linux kernel with mac80211 stack, introduced in 2.6.22, tested with | ||
1089 | 2.6.35 and 2.6.38 | ||
1090 | |||
1091 | @item Wlantools to create the a monitor interface, tested with airmon-ng | ||
1092 | of the aircrack-ng package | ||
1093 | @end itemize | ||
1094 | |||
1095 | @node Configuration | ||
1096 | @subsubsection Configuration | ||
1097 | |||
1098 | There are the following options for the wlan plugin (they should be like | ||
1099 | this in your default config file, you only need to adjust them if the | ||
1100 | values are incorrect for your system) | ||
1101 | |||
1102 | @example | ||
1103 | # section for the wlan transport plugin | ||
1104 | [transport-wlan] | ||
1105 | # interface to use, more information in the | ||
1106 | # "Before starting GNUnet" section of the handbook. | ||
1107 | INTERFACE = mon0 | ||
1108 | # testmode for developers: | ||
1109 | # 0 use wlan interface, | ||
1110 | #1 or 2 use loopback driver for tests 1 = server, 2 = client | ||
1111 | TESTMODE = 0 | ||
1112 | @end example | ||
1113 | |||
1114 | @node Before starting GNUnet | ||
1115 | @subsubsection Before starting GNUnet | ||
1116 | |||
1117 | Before starting GNUnet, you have to make sure that your wlan interface is | ||
1118 | in monitor mode. | ||
1119 | One way to put the wlan interface into monitor mode (if your interface | ||
1120 | name is wlan0) is by executing: | ||
1121 | |||
1122 | @example | ||
1123 | sudo airmon-ng start wlan0 | ||
1124 | @end example | ||
1125 | |||
1126 | @noindent | ||
1127 | Here is an example what the result should look like: | ||
1128 | |||
1129 | @example | ||
1130 | Interface Chipset Driver | ||
1131 | wlan0 Intel 4965 a/b/g/n iwl4965 - [phy0] | ||
1132 | (monitor mode enabled on mon0) | ||
1133 | @end example | ||
1134 | |||
1135 | @noindent | ||
1136 | The monitor interface is mon0 is the one that you have to put into the | ||
1137 | configuration file. | ||
1138 | |||
1139 | @node Limitations and known bugs | ||
1140 | @subsubsection Limitations and known bugs | ||
1141 | |||
1142 | Wlan speed is at the maximum of 1 Mbit/s because support for choosing the | ||
1143 | wlan speed with packet injection was removed in newer kernels. | ||
1144 | Please pester the kernel developers about fixing this. | ||
1145 | |||
1146 | The interface channel depends on the wlan network that the card is | ||
1147 | connected to. If no connection has been made since the start of the | ||
1148 | computer, it is usually the first channel of the card. | ||
1149 | Peers will only find each other and communicate if they are on the same | ||
1150 | channel. Channels must be set manually, i.e. using: | ||
1151 | |||
1152 | @example | ||
1153 | iwconfig wlan0 channel 1 | ||
1154 | @end example | ||
1155 | |||
1156 | @node Configuring HTTP(S) reverse proxy functionality using Apache or nginx | ||
1157 | @subsection Configuring HTTP(S) reverse proxy functionality using Apache or nginx | ||
1158 | |||
1159 | The HTTP plugin supports data transfer using reverse proxies. A reverse | ||
1160 | proxy forwards the HTTP request he receives with a certain URL to another | ||
1161 | webserver, here a GNUnet peer. | ||
1162 | |||
1163 | So if you have a running Apache or nginx webserver you can configure it to | ||
1164 | be a GNUnet reverse proxy. Especially if you have a well-known webiste | ||
1165 | this improves censorship resistance since it looks as normal surfing | ||
1166 | behaviour. | ||
1167 | |||
1168 | To do so, you have to do two things: | ||
1169 | |||
1170 | @itemize @bullet | ||
1171 | @item Configure your webserver to forward the GNUnet HTTP traffic | ||
1172 | @item Configure your GNUnet peer to announce the respective address | ||
1173 | @end itemize | ||
1174 | |||
1175 | As an example we want to use GNUnet peer running: | ||
1176 | |||
1177 | @itemize @bullet | ||
1178 | |||
1179 | @item HTTP server plugin on @code{gnunet.foo.org:1080} | ||
1180 | |||
1181 | @item HTTPS server plugin on @code{gnunet.foo.org:4433} | ||
1182 | |||
1183 | @item A apache or nginx webserver on | ||
1184 | @uref{http://www.foo.org/, http://www.foo.org:80/} | ||
1185 | |||
1186 | @item A apache or nginx webserver on https://www.foo.org:443/ | ||
1187 | @end itemize | ||
1188 | |||
1189 | And we want the webserver to accept GNUnet traffic under | ||
1190 | @code{http://www.foo.org/bar/}. The required steps are described here: | ||
1191 | |||
1192 | @menu | ||
1193 | * Reverse Proxy - Configure your Apache2 HTTP webserver:: | ||
1194 | * Reverse Proxy - Configure your Apache2 HTTPS webserver:: | ||
1195 | * Reverse Proxy - Configure your nginx HTTPS webserver:: | ||
1196 | * Reverse Proxy - Configure your nginx HTTP webserver:: | ||
1197 | * Reverse Proxy - Configure your GNUnet peer:: | ||
1198 | @end menu | ||
1199 | |||
1200 | @node Reverse Proxy - Configure your Apache2 HTTP webserver | ||
1201 | @subsubsection Reverse Proxy - Configure your Apache2 HTTP webserver | ||
1202 | |||
1203 | First of all you need mod_proxy installed. | ||
1204 | |||
1205 | Edit your webserver configuration. Edit | ||
1206 | @code{/etc/apache2/apache2.conf} or the site-specific configuration file. | ||
1207 | |||
1208 | In the respective @code{server config},@code{virtual host} or | ||
1209 | @code{directory} section add the following lines: | ||
1210 | |||
1211 | @example | ||
1212 | ProxyTimeout 300 | ||
1213 | ProxyRequests Off | ||
1214 | <Location /bar/ > | ||
1215 | ProxyPass http://gnunet.foo.org:1080/ | ||
1216 | ProxyPassReverse http://gnunet.foo.org:1080/ | ||
1217 | </Location> | ||
1218 | @end example | ||
1219 | |||
1220 | @node Reverse Proxy - Configure your Apache2 HTTPS webserver | ||
1221 | @subsubsection Reverse Proxy - Configure your Apache2 HTTPS webserver | ||
1222 | |||
1223 | We assume that you already have an HTTPS server running, if not please | ||
1224 | check how to configure a HTTPS host. An uncomplicated to use example | ||
1225 | is the example configuration file for Apache2/HTTPD provided in | ||
1226 | @file{apache2/sites-available/default-ssl}. | ||
1227 | |||
1228 | In the respective HTTPS @code{server config},@code{virtual host} or | ||
1229 | @code{directory} section add the following lines: | ||
1230 | |||
1231 | @example | ||
1232 | SSLProxyEngine On | ||
1233 | ProxyTimeout 300 | ||
1234 | ProxyRequests Off | ||
1235 | <Location /bar/ > | ||
1236 | ProxyPass https://gnunet.foo.org:4433/ | ||
1237 | ProxyPassReverse https://gnunet.foo.org:4433/ | ||
1238 | </Location> | ||
1239 | @end example | ||
1240 | |||
1241 | @noindent | ||
1242 | More information about the apache mod_proxy configuration can be found | ||
1243 | in the Apache documentation@footnote{@uref{http://httpd.apache.org/docs/2.2/mod/mod_proxy.html#proxypass, http://httpd.apache.org/docs/2.2/mod/mod_proxy.html#proxypass}} | ||
1244 | |||
1245 | @node Reverse Proxy - Configure your nginx HTTPS webserver | ||
1246 | @subsubsection Reverse Proxy - Configure your nginx HTTPS webserver | ||
1247 | |||
1248 | Since nginx does not support chunked encoding, you first of all have to | ||
1249 | install the @code{chunkin} module@footnote{@uref{http://wiki.nginx.org/HttpChunkinModule, http://wiki.nginx.org/HttpChunkinModule}} | ||
1250 | |||
1251 | To enable chunkin add: | ||
1252 | |||
1253 | @example | ||
1254 | chunkin on; | ||
1255 | error_page 411 = @@my_411_error; | ||
1256 | location @@my_411_error @{ | ||
1257 | chunkin_resume; | ||
1258 | @} | ||
1259 | @end example | ||
1260 | |||
1261 | @noindent | ||
1262 | Edit your webserver configuration. Edit @file{/etc/nginx/nginx.conf} or | ||
1263 | the site-specific configuration file. | ||
1264 | |||
1265 | In the @code{server} section add: | ||
1266 | |||
1267 | @example | ||
1268 | location /bar/ @{ | ||
1269 | proxy_pass http://gnunet.foo.org:1080/; | ||
1270 | proxy_buffering off; | ||
1271 | proxy_connect_timeout 5; # more than http_server | ||
1272 | proxy_read_timeout 350; # 60 default, 300s is GNUnet's idle timeout | ||
1273 | proxy_http_version 1.1; # 1.0 default | ||
1274 | proxy_next_upstream error timeout invalid_header http_500 http_503 http_502 http_504; | ||
1275 | @} | ||
1276 | @end example | ||
1277 | |||
1278 | @node Reverse Proxy - Configure your nginx HTTP webserver | ||
1279 | @subsubsection Reverse Proxy - Configure your nginx HTTP webserver | ||
1280 | |||
1281 | Edit your webserver configuration. Edit @file{/etc/nginx/nginx.conf} or | ||
1282 | the site-specific configuration file. | ||
1283 | |||
1284 | In the @code{server} section add: | ||
1285 | |||
1286 | @example | ||
1287 | ssl_session_timeout 6m; | ||
1288 | location /bar/ | ||
1289 | @{ | ||
1290 | proxy_pass https://gnunet.foo.org:4433/; | ||
1291 | proxy_buffering off; | ||
1292 | proxy_connect_timeout 5; # more than http_server | ||
1293 | proxy_read_timeout 350; # 60 default, 300s is GNUnet's idle timeout | ||
1294 | proxy_http_version 1.1; # 1.0 default | ||
1295 | proxy_next_upstream error timeout invalid_header http_500 http_503 http_502 http_504; | ||
1296 | @} | ||
1297 | @end example | ||
1298 | |||
1299 | @node Reverse Proxy - Configure your GNUnet peer | ||
1300 | @subsubsection Reverse Proxy - Configure your GNUnet peer | ||
1301 | |||
1302 | To have your GNUnet peer announce the address, you have to specify the | ||
1303 | @code{EXTERNAL_HOSTNAME} option in the @code{[transport-http_server]} | ||
1304 | section: | ||
1305 | |||
1306 | @example | ||
1307 | [transport-http_server] | ||
1308 | EXTERNAL_HOSTNAME = http://www.foo.org/bar/ | ||
1309 | @end example | ||
1310 | |||
1311 | @noindent | ||
1312 | and/or @code{[transport-https_server]} section: | ||
1313 | |||
1314 | @example | ||
1315 | [transport-https_server] | ||
1316 | EXTERNAL_HOSTNAME = https://www.foo.org/bar/ | ||
1317 | @end example | ||
1318 | |||
1319 | @noindent | ||
1320 | Now restart your webserver and your peer... | ||
1321 | |||
1322 | @node Blacklisting peers | ||
1323 | @subsection Blacklisting peers | ||
1324 | |||
1325 | Transport service supports to deny connecting to a specific peer of to a | ||
1326 | specific peer with a specific transport plugin using te blacklisting | ||
1327 | component of transport service. With@ blacklisting it is possible to deny | ||
1328 | connections to specific peers of@ to use a specific plugin to a specific | ||
1329 | peer. Peers can be blacklisted using@ the configuration or a blacklist | ||
1330 | client can be asked. | ||
1331 | |||
1332 | To blacklist peers using the configuration you have to add a section to | ||
1333 | your configuration containing the peer id of the peer to blacklist and | ||
1334 | the plugin@ if required. | ||
1335 | |||
1336 | Examples: | ||
1337 | |||
1338 | To blacklist connections to P565... on peer AG2P... using tcp add: | ||
1339 | |||
1340 | @c FIXME: This is too long and produces errors in the pdf. | ||
1341 | @example | ||
1342 | [transport-blacklist AG2PHES1BARB9IJCPAMJTFPVJ5V3A72S3F2A8SBUB8DAQ2V0O3V8G6G2JU56FHGFOHMQVKBSQFV98TCGTC3RJ1NINP82G0RC00N1520] | ||
1343 | P565723JO1C2HSN6J29TAQ22MN6CI8HTMUU55T0FUQG4CMDGGEQ8UCNBKUMB94GC8R9G4FB2SF9LDOBAJ6AMINBP4JHHDD6L7VD801G = tcp | ||
1344 | @end example | ||
1345 | |||
1346 | To blacklist connections to P565... on peer AG2P... using all plugins add: | ||
1347 | |||
1348 | @example | ||
1349 | [transport-blacklist-AG2PHES1BARB9IJCPAMJTFPVJ5V3A72S3F2A8SBUB8DAQ2V0O3V8G6G2JU56FHGFOHMQVKBSQFV98TCGTC3RJ1NINP82G0RC00N1520] | ||
1350 | P565723JO1C2HSN6J29TAQ22MN6CI8HTMUU55T0FUQG4CMDGGEQ8UCNBKUMB94GC8R9G4FB2SF9LDOBAJ6AMINBP4JHHDD6L7VD801G = | ||
1351 | @end example | ||
1352 | |||
1353 | You can also add a blacklist client usign the blacklist API. On a | ||
1354 | blacklist check, blacklisting first checks internally if the peer is | ||
1355 | blacklisted and if not, it asks the blacklisting clients. Clients are | ||
1356 | asked if it is OK to connect to a peer ID, the plugin is omitted. | ||
1357 | |||
1358 | On blacklist check for (peer, plugin) | ||
1359 | @itemize @bullet | ||
1360 | @item Do we have a local blacklist entry for this peer and this plugin?@ | ||
1361 | @item YES: disallow connection@ | ||
1362 | @item Do we have a local blacklist entry for this peer and all plugins?@ | ||
1363 | @item YES: disallow connection@ | ||
1364 | @item Does one of the clients disallow?@ | ||
1365 | @item YES: disallow connection | ||
1366 | @end itemize | ||
1367 | |||
1368 | @node Configuration of the HTTP and HTTPS transport plugins | ||
1369 | @subsection Configuration of the HTTP and HTTPS transport plugins | ||
1370 | |||
1371 | The client parts of the http and https transport plugins can be configured | ||
1372 | to use a proxy to connect to the hostlist server. This functionality can | ||
1373 | be configured in the configuration file directly or using the | ||
1374 | gnunet-setup tool. | ||
1375 | |||
1376 | Both the HTTP and HTTPS clients support the following proxy types at | ||
1377 | the moment: | ||
1378 | |||
1379 | @itemize @bullet | ||
1380 | @item HTTP 1.1 proxy | ||
1381 | @item SOCKS 4/4a/5/5 with hostname | ||
1382 | @end itemize | ||
1383 | |||
1384 | In addition authentication at the proxy with username and password can be | ||
1385 | configured. | ||
1386 | |||
1387 | To configure proxy support for the clients in the gnunet-setup tool, | ||
1388 | select the "transport" tab and activate the respective plugin. Now you | ||
1389 | can select the appropriate proxy type. The hostname or IP address | ||
1390 | (including port if required) has to be entered in the "Proxy hostname" | ||
1391 | textbox. If required, enter username and password in the "Proxy username" | ||
1392 | and "Proxy password" boxes. Be aware that these information will be stored | ||
1393 | in the configuration in plain text. | ||
1394 | |||
1395 | To configure these options directly in the configuration, you can | ||
1396 | configure the following settings in the @code{[transport-http_client]} | ||
1397 | and @code{[transport-https_client]} section of the configuration: | ||
1398 | |||
1399 | @example | ||
1400 | # Type of proxy server, | ||
1401 | # Valid values: HTTP, SOCKS4, SOCKS5, SOCKS4A, SOCKS5_HOSTNAME | ||
1402 | # Default: HTTP | ||
1403 | # PROXY_TYPE = HTTP | ||
1404 | |||
1405 | # Hostname or IP of proxy server | ||
1406 | # PROXY = | ||
1407 | # User name for proxy server | ||
1408 | # PROXY_USERNAME = | ||
1409 | # User password for proxy server | ||
1410 | # PROXY_PASSWORD = | ||
1411 | @end example | ||
1412 | |||
1413 | @node Configuring the GNU Name System | ||
1414 | @subsection Configuring the GNU Name System | ||
1415 | |||
1416 | @menu | ||
1417 | * Configuring system-wide DNS interception:: | ||
1418 | * Configuring the GNS nsswitch plugin:: | ||
1419 | * Configuring GNS on W32:: | ||
1420 | * GNS Proxy Setup:: | ||
1421 | * Setup of the GNS CA:: | ||
1422 | * Testing the GNS setup:: | ||
1423 | @end menu | ||
1424 | |||
1425 | |||
1426 | @node Configuring system-wide DNS interception | ||
1427 | @subsubsection Configuring system-wide DNS interception | ||
1428 | |||
1429 | Before you install GNUnet, make sure you have a user and group 'gnunet' | ||
1430 | as well as an empty group 'gnunetdns'. | ||
1431 | |||
1432 | When using GNUnet with system-wide DNS interception, it is absolutely | ||
1433 | necessary for all GNUnet service processes to be started by | ||
1434 | @code{gnunet-service-arm} as user and group 'gnunet'. You also need to be | ||
1435 | sure to run @code{make install} as root (or use the @code{sudo} option to | ||
1436 | configure) to grant GNUnet sufficient privileges. | ||
1437 | |||
1438 | With this setup, all that is required for enabling system-wide DNS | ||
1439 | interception is for some GNUnet component (VPN or GNS) to request it. | ||
1440 | The @code{gnunet-service-dns} will then start helper programs that will | ||
1441 | make the necessary changes to your firewall (@code{iptables}) rules. | ||
1442 | |||
1443 | Note that this will NOT work if your system sends out DNS traffic to a | ||
1444 | link-local IPv6 address, as in this case GNUnet can intercept the traffic, | ||
1445 | but not inject the responses from the link-local IPv6 address. Hence you | ||
1446 | cannot use system-wide DNS interception in conjunction with link-local | ||
1447 | IPv6-based DNS servers. If such a DNS server is used, it will bypass | ||
1448 | GNUnet's DNS traffic interception. | ||
1449 | |||
1450 | Using the GNU Name System (GNS) requires two different configuration | ||
1451 | steps. | ||
1452 | First of all, GNS needs to be integrated with the operating system. Most | ||
1453 | of this section is about the operating system level integration. | ||
1454 | |||
1455 | The remainder of this chapter will detail the various methods for | ||
1456 | configuring the use of GNS with your operating system. | ||
1457 | |||
1458 | At this point in time you have different options depending on your OS: | ||
1459 | |||
1460 | @table @asis | ||
1461 | |||
1462 | @item Use the gnunet-gns-proxy This approach works for all operating | ||
1463 | systems and is likely the easiest. However, it enables GNS only for | ||
1464 | browsers, not for other applications that might be using DNS, such as SSH. | ||
1465 | Still, using the proxy is required for using HTTP with GNS and is thus | ||
1466 | recommended for all users. To do this, you simply have to run the | ||
1467 | @code{gnunet-gns-proxy-setup-ca} script as the user who will run the | ||
1468 | browser (this will create a GNS certificate authority (CA) on your system | ||
1469 | and import its key into your browser), then start @code{gnunet-gns-proxy} | ||
1470 | and inform your browser to use the Socks5 proxy which | ||
1471 | @code{gnunet-gns-proxy} makes available by default on port 7777. | ||
1472 | @item Use a nsswitch plugin (recommended on GNU systems) | ||
1473 | This approach has the advantage of offering fully personalized resolution | ||
1474 | even on multi-user systems. A potential disadvantage is that some | ||
1475 | applications might be able to bypass GNS. | ||
1476 | @item Use a W32 resolver plugin (recommended on W32) | ||
1477 | This is currently the only option on W32 systems. | ||
1478 | @item Use system-wide DNS packet interception | ||
1479 | This approach is recommended for the GNUnet VPN. It can be used to handle | ||
1480 | GNS at the same time; however, if you only use this method, you will only | ||
1481 | get one root zone per machine (not so great for multi-user systems). | ||
1482 | @end table | ||
1483 | |||
1484 | You can combine system-wide DNS packet interception with the nsswitch | ||
1485 | plugin. | ||
1486 | The setup of the system-wide DNS interception is described here. All of | ||
1487 | the other GNS-specific configuration steps are described in the following | ||
1488 | sections. | ||
1489 | |||
1490 | @node Configuring the GNS nsswitch plugin | ||
1491 | @subsubsection Configuring the GNS nsswitch plugin | ||
1492 | |||
1493 | The Name Service Switch (NSS) is a facility in Unix-like operating systems | ||
1494 | @footnote{More accurate: NSS is a functionality of the GNU C Library} | ||
1495 | that provides a variety of sources for common configuration databases and | ||
1496 | name resolution mechanisms. | ||
1497 | A superuser (system administrator) usually configures the | ||
1498 | operating system's name services using the file | ||
1499 | @file{/etc/nsswitch.conf}. | ||
1500 | |||
1501 | GNS provides a NSS plugin to integrate GNS name resolution with the | ||
1502 | operating system's name resolution process. | ||
1503 | To use the GNS NSS plugin you have to either | ||
1504 | |||
1505 | @itemize @bullet | ||
1506 | @item install GNUnet as root or | ||
1507 | @item compile GNUnet with the @code{--with-sudo=yes} switch. | ||
1508 | @end itemize | ||
1509 | |||
1510 | Name resolution is controlled by the @emph{hosts} section in the NSS | ||
1511 | configuration. By default this section first performs a lookup in the | ||
1512 | @file{/etc/hosts} file and then in DNS. | ||
1513 | The nsswitch file should contain a line similar to: | ||
1514 | |||
1515 | @example | ||
1516 | hosts: files dns [NOTFOUND=return] mdns4_minimal mdns4 | ||
1517 | @end example | ||
1518 | |||
1519 | @noindent | ||
1520 | Here the GNS NSS plugin can be added to perform a GNS lookup before | ||
1521 | performing a DNS lookup. | ||
1522 | The GNS NSS plugin has to be added to the "hosts" section in | ||
1523 | @file{/etc/nsswitch.conf} file before DNS related plugins: | ||
1524 | |||
1525 | @example | ||
1526 | ... | ||
1527 | hosts: files gns [NOTFOUND=return] dns mdns4_minimal mdns4 | ||
1528 | ... | ||
1529 | @end example | ||
1530 | |||
1531 | @noindent | ||
1532 | The @code{NOTFOUND=return} will ensure that if a @code{.gnu} name is not | ||
1533 | found in GNS it will not be queried in DNS. | ||
1534 | |||
1535 | @node Configuring GNS on W32 | ||
1536 | @subsubsection Configuring GNS on W32 | ||
1537 | |||
1538 | This document is a guide to configuring GNU Name System on W32-compatible | ||
1539 | platforms. | ||
1540 | |||
1541 | After GNUnet is installed, run the w32nsp-install tool: | ||
1542 | |||
1543 | @example | ||
1544 | w32nsp-install.exe libw32nsp-0.dll | ||
1545 | @end example | ||
1546 | |||
1547 | @noindent | ||
1548 | ('0' is the library version of W32 NSP; it might increase in the future, | ||
1549 | change the invocation accordingly). | ||
1550 | |||
1551 | This will install GNS namespace provider into the system and allow other | ||
1552 | applications to resolve names that end in '@strong{gnu}' | ||
1553 | and '@strong{zkey}'. Note that namespace provider requires | ||
1554 | gnunet-gns-helper-service-w32 to be running, as well as gns service | ||
1555 | itself (and its usual dependencies). | ||
1556 | |||
1557 | Namespace provider is hardcoded to connect to @strong{127.0.0.1:5353}, | ||
1558 | and this is where gnunet-gns-helper-service-w32 should be listening to | ||
1559 | (and is configured to listen to by default). | ||
1560 | |||
1561 | To uninstall the provider, run: | ||
1562 | |||
1563 | @example | ||
1564 | w32nsp-uninstall.exe | ||
1565 | @end example | ||
1566 | |||
1567 | @noindent | ||
1568 | (uses provider GUID to uninstall it, does not need a dll name). | ||
1569 | |||
1570 | Note that while MSDN claims that other applications will only be able to | ||
1571 | use the new namespace provider after re-starting, in reality they might | ||
1572 | stat to use it without that. Conversely, they might stop using the | ||
1573 | provider after it's been uninstalled, even if they were not re-started. | ||
1574 | W32 will not permit namespace provider library to be deleted or | ||
1575 | overwritten while the provider is installed, and while there is at least | ||
1576 | one process still using it (even after it was uninstalled). | ||
1577 | |||
1578 | @node GNS Proxy Setup | ||
1579 | @subsubsection GNS Proxy Setup | ||
1580 | |||
1581 | When using the GNU Name System (GNS) to browse the WWW, there are several | ||
1582 | issues that can be solved by adding the GNS Proxy to your setup: | ||
1583 | |||
1584 | @itemize @bullet | ||
1585 | |||
1586 | @item If the target website does not support GNS, it might assume that it | ||
1587 | is operating under some name in the legacy DNS system (such as | ||
1588 | example.com). It may then attempt to set cookies for that domain, and the | ||
1589 | web server might expect a @code{Host: example.com} header in the request | ||
1590 | from your browser. | ||
1591 | However, your browser might be using @code{example.gnu} for the | ||
1592 | @code{Host} header and might only accept (and send) cookies for | ||
1593 | @code{example.gnu}. The GNS Proxy will perform the necessary translations | ||
1594 | of the hostnames for cookies and HTTP headers (using the LEHO record for | ||
1595 | the target domain as the desired substitute). | ||
1596 | |||
1597 | @item If using HTTPS, the target site might include an SSL certificate | ||
1598 | which is either only valid for the LEHO domain or might match a TLSA | ||
1599 | record in GNS. However, your browser would expect a valid certificate for | ||
1600 | @code{example.gnu}, not for some legacy domain name. The proxy will | ||
1601 | validate the certificate (either against LEHO or TLSA) and then | ||
1602 | on-the-fly produce a valid certificate for the exchange, signed by your | ||
1603 | own CA. Assuming you installed the CA of your proxy in your browser's | ||
1604 | certificate authority list, your browser will then trust the | ||
1605 | HTTPS/SSL/TLS connection, as the hostname mismatch is hidden by the proxy. | ||
1606 | |||
1607 | @item Finally, the proxy will in the future indicate to the server that it | ||
1608 | speaks GNS, which will enable server operators to deliver GNS-enabled web | ||
1609 | sites to your browser (and continue to deliver legacy links to legacy | ||
1610 | browsers) | ||
1611 | @end itemize | ||
1612 | |||
1613 | @node Setup of the GNS CA | ||
1614 | @subsubsection Setup of the GNS CA | ||
1615 | |||
1616 | First you need to create a CA certificate that the proxy can use. | ||
1617 | To do so use the provided script gnunet-gns-proxy-ca: | ||
1618 | |||
1619 | @example | ||
1620 | $ gnunet-gns-proxy-setup-ca | ||
1621 | @end example | ||
1622 | |||
1623 | @noindent | ||
1624 | This will create a personal certification authority for you and add this | ||
1625 | authority to the firefox and chrome database. The proxy will use the this | ||
1626 | CA certificate to generate @code{*.gnu} client certificates on the fly. | ||
1627 | |||
1628 | Note that the proxy uses libcurl. Make sure your version of libcurl uses | ||
1629 | GnuTLS and NOT OpenSSL. The proxy will @b{not} work with libcurl compiled | ||
1630 | against OpenSSL. | ||
1631 | |||
1632 | You can check the configuration your libcurl was build with by | ||
1633 | running: | ||
1634 | |||
1635 | @example | ||
1636 | curl --version | ||
1637 | @end example | ||
1638 | |||
1639 | the output will look like this (without the linebreaks): | ||
1640 | |||
1641 | @example | ||
1642 | gnurl --version | ||
1643 | curl 7.56.0 (x86_64-unknown-linux-gnu) libcurl/7.56.0 \ | ||
1644 | GnuTLS/3.5.13 zlib/1.2.11 libidn2/2.0.4 | ||
1645 | Release-Date: 2017-10-08 | ||
1646 | Protocols: http https | ||
1647 | Features: AsynchDNS IDN IPv6 Largefile NTLM SSL libz \ | ||
1648 | TLS-SRP UnixSockets HTTPS-proxy | ||
1649 | @end example | ||
1650 | |||
1651 | @node Testing the GNS setup | ||
1652 | @subsubsection Testing the GNS setup | ||
1653 | |||
1654 | Now for testing purposes we can create some records in our zone to test | ||
1655 | the SSL functionality of the proxy: | ||
1656 | |||
1657 | @example | ||
1658 | $ gnunet-identity -C test | ||
1659 | $ gnunet-namestore -a -e "1 d" -n "homepage" \ | ||
1660 | -t A -V 131.159.74.67 -z test | ||
1661 | $ gnunet-namestore -a -e "1 d" -n "homepage" \ | ||
1662 | -t LEHO -V "gnunet.org" -z test | ||
1663 | @end example | ||
1664 | |||
1665 | @noindent | ||
1666 | At this point we can start the proxy. Simply execute | ||
1667 | |||
1668 | @example | ||
1669 | $ gnunet-gns-proxy | ||
1670 | @end example | ||
1671 | |||
1672 | @noindent | ||
1673 | Configure your browser to use this SOCKSv5 proxy on port 7777 and visit | ||
1674 | this link. | ||
1675 | If you use @command{Firefox} (or one of its derivatives/forks such as | ||
1676 | Icecat) you also have to go to @code{about:config} and set the key | ||
1677 | @code{network.proxy.socks_remote_dns} to @code{true}. | ||
1678 | |||
1679 | When you visit @code{https://homepage.test/}, you should get to the | ||
1680 | @code{https://gnunet.org/} frontpage and the browser (with the correctly | ||
1681 | configured proxy) should give you a valid SSL certificate for | ||
1682 | @code{homepage.gnu} and no warnings. It should look like this: | ||
1683 | |||
1684 | @c FIXME: Image does not exist, create it or save it from Drupal? | ||
1685 | @c @image{images/gnunethpgns.png,5in,, picture of homepage.gnu in Webbrowser} | ||
1686 | |||
1687 | |||
1688 | @node Configuring the GNUnet VPN | ||
1689 | @subsection Configuring the GNUnet VPN | ||
1690 | |||
1691 | @menu | ||
1692 | * IPv4 address for interface:: | ||
1693 | * IPv6 address for interface:: | ||
1694 | * Configuring the GNUnet VPN DNS:: | ||
1695 | * Configuring the GNUnet VPN Exit Service:: | ||
1696 | * IP Address of external DNS resolver:: | ||
1697 | * IPv4 address for Exit interface:: | ||
1698 | * IPv6 address for Exit interface:: | ||
1699 | @end menu | ||
1700 | |||
1701 | Before configuring the GNUnet VPN, please make sure that system-wide DNS | ||
1702 | interception is configured properly as described in the section on the | ||
1703 | GNUnet DNS setup. @pxref{Configuring the GNU Name System}, | ||
1704 | if you haven't done so already. | ||
1705 | |||
1706 | The default options for the GNUnet VPN are usually sufficient to use | ||
1707 | GNUnet as a Layer 2 for your Internet connection. | ||
1708 | However, what you always have to specify is which IP protocol you want | ||
1709 | to tunnel: IPv4, IPv6 or both. | ||
1710 | Furthermore, if you tunnel both, you most likely should also tunnel | ||
1711 | all of your DNS requests. | ||
1712 | You theoretically can tunnel "only" your DNS traffic, but that usually | ||
1713 | makes little sense. | ||
1714 | |||
1715 | The other options as shown on the gnunet-setup tool are: | ||
1716 | |||
1717 | @node IPv4 address for interface | ||
1718 | @subsubsection IPv4 address for interface | ||
1719 | |||
1720 | This is the IPv4 address the VPN interface will get. You should pick an | ||
1721 | 'private' IPv4 network that is not yet in use for you system. For example, | ||
1722 | if you use @code{10.0.0.1/255.255.0.0} already, you might use | ||
1723 | @code{10.1.0.1/255.255.0.0}. | ||
1724 | If you use @code{10.0.0.1/255.0.0.0} already, then you might use | ||
1725 | @code{192.168.0.1/255.255.0.0}. | ||
1726 | If your system is not in a private IP-network, using any of the above will | ||
1727 | work fine. | ||
1728 | You should try to make the mask of the address big enough | ||
1729 | (@code{255.255.0.0} or, even better, @code{255.0.0.0}) to allow more | ||
1730 | mappings of remote IP Addresses into this range. | ||
1731 | However, even a @code{255.255.255.0} mask will suffice for most users. | ||
1732 | |||
1733 | @node IPv6 address for interface | ||
1734 | @subsubsection IPv6 address for interface | ||
1735 | |||
1736 | The IPv6 address the VPN interface will get. Here you can specify any | ||
1737 | non-link-local address (the address should not begin with @code{fe80:}). | ||
1738 | A subnet Unique Local Unicast (@code{fd00::/8} prefix) that you are | ||
1739 | currently not using would be a good choice. | ||
1740 | |||
1741 | @node Configuring the GNUnet VPN DNS | ||
1742 | @subsubsection Configuring the GNUnet VPN DNS | ||
1743 | |||
1744 | To resolve names for remote nodes, activate the DNS exit option. | ||
1745 | |||
1746 | @node Configuring the GNUnet VPN Exit Service | ||
1747 | @subsubsection Configuring the GNUnet VPN Exit Service | ||
1748 | |||
1749 | If you want to allow other users to share your Internet connection (yes, | ||
1750 | this may be dangerous, just as running a Tor exit node) or want to | ||
1751 | provide access to services on your host (this should be less dangerous, | ||
1752 | as long as those services are secure), you have to enable the GNUnet exit | ||
1753 | daemon. | ||
1754 | |||
1755 | You then get to specify which exit functions you want to provide. By | ||
1756 | enabling the exit daemon, you will always automatically provide exit | ||
1757 | functions for manually configured local services (this component of the | ||
1758 | system is under | ||
1759 | development and not documented further at this time). As for those | ||
1760 | services you explicitly specify the target IP address and port, there is | ||
1761 | no significant security risk in doing so. | ||
1762 | |||
1763 | Furthermore, you can serve as a DNS, IPv4 or IPv6 exit to the Internet. | ||
1764 | Being a DNS exit is usually pretty harmless. However, enabling IPv4 or | ||
1765 | IPv6-exit without further precautions may enable adversaries to access | ||
1766 | your local network, send spam, attack other systems from your Internet | ||
1767 | connection and to other mischief that will appear to come from your | ||
1768 | machine. This may or may not get you into legal trouble. | ||
1769 | If you want to allow IPv4 or IPv6-exit functionality, you should strongly | ||
1770 | consider adding additional firewall rules manually to protect your local | ||
1771 | network and to restrict outgoing TCP traffic (i.e. by not allowing access | ||
1772 | to port 25). While we plan to improve exit-filtering in the future, | ||
1773 | you're currently on your own here. | ||
1774 | Essentially, be prepared for any kind of IP-traffic to exit the respective | ||
1775 | TUN interface (and GNUnet will enable IP-forwarding and NAT for the | ||
1776 | interface automatically). | ||
1777 | |||
1778 | Additional configuration options of the exit as shown by the gnunet-setup | ||
1779 | tool are: | ||
1780 | |||
1781 | @node IP Address of external DNS resolver | ||
1782 | @subsubsection IP Address of external DNS resolver | ||
1783 | |||
1784 | If DNS traffic is to exit your machine, it will be send to this DNS | ||
1785 | resolver. You can specify an IPv4 or IPv6 address. | ||
1786 | |||
1787 | @node IPv4 address for Exit interface | ||
1788 | @subsubsection IPv4 address for Exit interface | ||
1789 | |||
1790 | This is the IPv4 address the Interface will get. Make the mask of the | ||
1791 | address big enough (255.255.0.0 or, even better, 255.0.0.0) to allow more | ||
1792 | mappings of IP addresses into this range. As for the VPN interface, any | ||
1793 | unused, private IPv4 address range will do. | ||
1794 | |||
1795 | @node IPv6 address for Exit interface | ||
1796 | @subsubsection IPv6 address for Exit interface | ||
1797 | |||
1798 | The public IPv6 address the interface will get. If your kernel is not a | ||
1799 | very recent kernel and you are willing to manually enable IPv6-NAT, the | ||
1800 | IPv6 address you specify here must be a globally routed IPv6 address of | ||
1801 | your host. | ||
1802 | |||
1803 | Suppose your host has the address @code{2001:4ca0::1234/64}, then | ||
1804 | using @code{2001:4ca0::1:0/112} would be fine (keep the first 64 bits, | ||
1805 | then change at least one bit in the range before the bitmask, in the | ||
1806 | example above we changed bit 111 from 0 to 1). | ||
1807 | |||
1808 | You may also have to configure your router to route traffic for the entire | ||
1809 | subnet (@code{2001:4ca0::1:0/112} for example) through your computer (this | ||
1810 | should be automatic with IPv6, but obviously anything can be | ||
1811 | disabled). | ||
1812 | |||
1813 | @node Bandwidth Configuration | ||
1814 | @subsection Bandwidth Configuration | ||
1815 | |||
1816 | You can specify how many bandwidth GNUnet is allowed to use to receive | ||
1817 | and send data. This is important for users with limited bandwidth or | ||
1818 | traffic volume. | ||
1819 | |||
1820 | @node Configuring NAT | ||
1821 | @subsection Configuring NAT | ||
1822 | |||
1823 | Most hosts today do not have a normal global IP address but instead are | ||
1824 | behind a router performing Network Address Translation (NAT) which assigns | ||
1825 | each host in the local network a private IP address. | ||
1826 | As a result, these machines cannot trivially receive inbound connections | ||
1827 | from the Internet. GNUnet supports NAT traversal to enable these machines | ||
1828 | to receive incoming connections from other peers despite their | ||
1829 | limitations. | ||
1830 | |||
1831 | In an ideal world, you can press the "Attempt automatic configuration" | ||
1832 | button in gnunet-setup to automatically configure your peer correctly. | ||
1833 | Alternatively, your distribution might have already triggered this | ||
1834 | automatic configuration during the installation process. | ||
1835 | However, automatic configuration can fail to determine the optimal | ||
1836 | settings, resulting in your peer either not receiving as many connections | ||
1837 | as possible, or in the worst case it not connecting to the network at all. | ||
1838 | |||
1839 | To manually configure the peer, you need to know a few things about your | ||
1840 | network setup. First, determine if you are behind a NAT in the first | ||
1841 | place. | ||
1842 | This is always the case if your IP address starts with "10.*" or | ||
1843 | "192.168.*". Next, if you have control over your NAT router, you may | ||
1844 | choose to manually configure it to allow GNUnet traffic to your host. | ||
1845 | If you have configured your NAT to forward traffic on ports 2086 (and | ||
1846 | possibly 1080) to your host, you can check the "NAT ports have been opened | ||
1847 | manually" option, which corresponds to the "PUNCHED_NAT" option in the | ||
1848 | configuration file. If you did not punch your NAT box, it may still be | ||
1849 | configured to support UPnP, which allows GNUnet to automatically | ||
1850 | configure it. In that case, you need to install the "upnpc" command, | ||
1851 | enable UPnP (or PMP) on your NAT box and set the "Enable NAT traversal | ||
1852 | via UPnP or PMP" option (corresponding to "ENABLE_UPNP" in the | ||
1853 | configuration file). | ||
1854 | |||
1855 | Some NAT boxes can be traversed using the autonomous NAT traversal method. | ||
1856 | This requires certain GNUnet components to be installed with "SUID" | ||
1857 | privileges on your system (so if you're installing on a system you do | ||
1858 | not have administrative rights to, this will not work). | ||
1859 | If you installed as 'root', you can enable autonomous NAT traversal by | ||
1860 | checking the "Enable NAT traversal using ICMP method". | ||
1861 | The ICMP method requires a way to determine your NAT's external (global) | ||
1862 | IP address. This can be done using either UPnP, DynDNS, or by manual | ||
1863 | configuration. If you have a DynDNS name or know your external IP address, | ||
1864 | you should enter that name under "External (public) IPv4 address" (which | ||
1865 | corresponds to the "EXTERNAL_ADDRESS" option in the configuration file). | ||
1866 | If you leave the option empty, GNUnet will try to determine your external | ||
1867 | IP address automatically (which may fail, in which case autonomous | ||
1868 | NAT traversal will then not work). | ||
1869 | |||
1870 | Finally, if you yourself are not behind NAT but want to be able to | ||
1871 | connect to NATed peers using autonomous NAT traversal, you need to check | ||
1872 | the "Enable connecting to NATed peers using ICMP method" box. | ||
1873 | |||
1874 | |||
1875 | @node Peer configuration for distributions | ||
1876 | @subsection Peer configuration for distributions | ||
1877 | |||
1878 | The "GNUNET_DATA_HOME" in "[path]" in @file{/etc/gnunet.conf} should be | ||
1879 | manually set to "/var/lib/gnunet/data/" as the default | ||
1880 | "~/.local/share/gnunet/" is probably not that appropriate in this case. | ||
1881 | Similarly, distributions may consider pointing "GNUNET_RUNTIME_DIR" to | ||
1882 | "/var/run/gnunet/" and "GNUNET_HOME" to "/var/lib/gnunet/". Also, should a | ||
1883 | distribution decide to override system defaults, all of these changes | ||
1884 | should be done in a custom @file{/etc/gnunet.conf} and not in the files | ||
1885 | in the @file{config.d/} directory. | ||
1886 | |||
1887 | Given the proposed access permissions, the "gnunet-setup" tool must be | ||
1888 | run as use "gnunet" (and with option "-c /etc/gnunet.conf" so that it | ||
1889 | modifies the system configuration). As always, gnunet-setup should be run | ||
1890 | after the GNUnet peer was stopped using "gnunet-arm -e". Distributions | ||
1891 | might want to include a wrapper for gnunet-setup that allows the | ||
1892 | desktop-user to "sudo" (i.e. using gtksudo) to the "gnunet" user account | ||
1893 | and then runs "gnunet-arm -e", "gnunet-setup" and "gnunet-arm -s" in | ||
1894 | sequence. | ||
1895 | |||
1896 | @node MOVED FROM USER Config Leftovers | ||
1897 | @section MOVED FROM USER Config Leftovers | ||
1898 | |||
1899 | This section describes how to start a GNUnet peer. It assumes that you | ||
1900 | have already compiled and installed GNUnet and its' dependencies. | ||
1901 | Before you start a GNUnet peer, you may want to create a configuration | ||
1902 | file using gnunet-setup (but you do not have to). | ||
1903 | Sane defaults should exist in your | ||
1904 | @file{$GNUNET_PREFIX/share/gnunet/config.d/} directory, so in practice | ||
1905 | you could simply start without any configuration. If you want to | ||
1906 | configure your peer later, you need to stop it before invoking the | ||
1907 | @code{gnunet-setup} tool to customize further and to test your | ||
1908 | configuration (@code{gnunet-setup} has build-in test functions). | ||
1909 | |||
1910 | The most important option you might have to still set by hand is in | ||
1911 | [PATHS]. Here, you use the option "GNUNET_HOME" to specify the path where | ||
1912 | GNUnet should store its data. | ||
1913 | It defaults to @code{$HOME/}, which again should work for most users. | ||
1914 | Make sure that the directory specified as GNUNET_HOME is writable to | ||
1915 | the user that you will use to run GNUnet (note that you can run frontends | ||
1916 | using other users, GNUNET_HOME must only be accessible to the user used to | ||
1917 | run the background processes). | ||
1918 | |||
1919 | You will also need to make one central decision: should all of GNUnet be | ||
1920 | run under your normal UID, or do you want distinguish between system-wide | ||
1921 | (user-independent) GNUnet services and personal GNUnet services. The | ||
1922 | multi-user setup is slightly more complicated, but also more secure and | ||
1923 | generally recommended. | ||
1924 | |||
1925 | @menu | ||
1926 | * The Single-User Setup:: | ||
1927 | * The Multi-User Setup:: | ||
1928 | * Killing GNUnet services:: | ||
1929 | * Access Control for GNUnet:: | ||
1930 | @end menu | ||
1931 | |||
1932 | @node The Single-User Setup | ||
1933 | @subsection The Single-User Setup | ||
1934 | |||
1935 | For the single-user setup, you do not need to do anything special and can | ||
1936 | just start the GNUnet background processes using @code{gnunet-arm}. | ||
1937 | By default, GNUnet looks in @file{~/.config/gnunet.conf} for a | ||
1938 | configuration (or @code{$XDG_CONFIG_HOME/gnunet.conf} if@ | ||
1939 | @code{$XDG_CONFIG_HOME} is defined). If your configuration lives | ||
1940 | elsewhere, you need to pass the @code{-c FILENAME} option to all GNUnet | ||
1941 | commands. | ||
1942 | |||
1943 | Assuming the configuration file is called @file{~/.config/gnunet.conf}, | ||
1944 | you start your peer using the @code{gnunet-arm} command (say as user | ||
1945 | @code{gnunet}) using: | ||
1946 | |||
1947 | @example | ||
1948 | gnunet-arm -c ~/.config/gnunet.conf -s | ||
1949 | @end example | ||
1950 | |||
1951 | @noindent | ||
1952 | The "-s" option here is for "start". The command should return almost | ||
1953 | instantly. If you want to stop GNUnet, you can use: | ||
1954 | |||
1955 | @example | ||
1956 | gnunet-arm -c ~/.config/gnunet.conf -e | ||
1957 | @end example | ||
1958 | |||
1959 | @noindent | ||
1960 | The "-e" option here is for "end". | ||
1961 | |||
1962 | Note that this will only start the basic peer, no actual applications | ||
1963 | will be available. | ||
1964 | If you want to start the file-sharing service, use (after starting | ||
1965 | GNUnet): | ||
1966 | |||
1967 | @example | ||
1968 | gnunet-arm -c ~/.config/gnunet.conf -i fs | ||
1969 | @end example | ||
1970 | |||
1971 | @noindent | ||
1972 | The "-i fs" option here is for "initialize" the "fs" (file-sharing) | ||
1973 | application. You can also selectively kill only file-sharing support using | ||
1974 | |||
1975 | @example | ||
1976 | gnunet-arm -c ~/.config/gnunet.conf -k fs | ||
1977 | @end example | ||
1978 | |||
1979 | @noindent | ||
1980 | Assuming that you want certain services (like file-sharing) to be always | ||
1981 | automatically started whenever you start GNUnet, you can activate them by | ||
1982 | setting "IMMEDIATE_START=YES" in the respective section of the configuration | ||
1983 | file (for example, "[fs]"). Then GNUnet with file-sharing support would | ||
1984 | be started whenever you@ enter: | ||
1985 | |||
1986 | @example | ||
1987 | gnunet-arm -c ~/.config/gnunet.conf -s | ||
1988 | @end example | ||
1989 | |||
1990 | @noindent | ||
1991 | Alternatively, you can combine the two options: | ||
1992 | |||
1993 | @example | ||
1994 | gnunet-arm -c ~/.config/gnunet.conf -s -i fs | ||
1995 | @end example | ||
1996 | |||
1997 | @noindent | ||
1998 | Using @code{gnunet-arm} is also the preferred method for initializing | ||
1999 | GNUnet from @code{init}. | ||
2000 | |||
2001 | Finally, you should edit your @code{crontab} (using the @code{crontab} | ||
2002 | command) and insert a line@ | ||
2003 | |||
2004 | @example | ||
2005 | @@reboot gnunet-arm -c ~/.config/gnunet.conf -s | ||
2006 | @end example | ||
2007 | |||
2008 | to automatically start your peer whenever your system boots. | ||
2009 | |||
2010 | @node The Multi-User Setup | ||
2011 | @subsection The Multi-User Setup | ||
2012 | |||
2013 | This requires you to create a user @code{gnunet} and an additional group | ||
2014 | @code{gnunetdns}, prior to running @code{make install} during | ||
2015 | installation. | ||
2016 | Then, you create a configuration file @file{/etc/gnunet.conf} which should | ||
2017 | contain the lines:@ | ||
2018 | |||
2019 | @example | ||
2020 | [arm] | ||
2021 | START_SYSTEM_SERVICES = YES | ||
2022 | START_USER_SERVICES = NO | ||
2023 | @end example | ||
2024 | |||
2025 | @noindent | ||
2026 | Then, perform the same steps to run GNUnet as in the per-user | ||
2027 | configuration, except as user @code{gnunet} (including the | ||
2028 | @code{crontab} installation). | ||
2029 | You may also want to run @code{gnunet-setup} to configure your peer | ||
2030 | (databases, etc.). | ||
2031 | Make sure to pass @code{-c /etc/gnunet.conf} to all commands. If you | ||
2032 | run @code{gnunet-setup} as user @code{gnunet}, you might need to change | ||
2033 | permissions on @file{/etc/gnunet.conf} so that the @code{gnunet} user can | ||
2034 | write to the file (during setup). | ||
2035 | |||
2036 | Afterwards, you need to perform another setup step for each normal user | ||
2037 | account from which you want to access GNUnet. First, grant the normal user | ||
2038 | (@code{$USER}) permission to the group gnunet: | ||
2039 | |||
2040 | @example | ||
2041 | # adduser $USER gnunet | ||
2042 | @end example | ||
2043 | |||
2044 | @noindent | ||
2045 | Then, create a configuration file in @file{~/.config/gnunet.conf} for the | ||
2046 | $USER with the lines: | ||
2047 | |||
2048 | @example | ||
2049 | [arm] | ||
2050 | START_SYSTEM_SERVICES = NO | ||
2051 | START_USER_SERVICES = YES | ||
2052 | @end example | ||
2053 | |||
2054 | @noindent | ||
2055 | This will ensure that @code{gnunet-arm} when started by the normal user | ||
2056 | will only run services that are per-user, and otherwise rely on the | ||
2057 | system-wide services. | ||
2058 | Note that the normal user may run gnunet-setup, but the | ||
2059 | configuration would be ineffective as the system-wide services will use | ||
2060 | @file{/etc/gnunet.conf} and ignore options set by individual users. | ||
2061 | |||
2062 | Again, each user should then start the peer using | ||
2063 | @file{gnunet-arm -s} --- and strongly consider adding logic to start | ||
2064 | the peer automatically to their crontab. | ||
2065 | |||
2066 | Afterwards, you should see two (or more, if you have more than one USER) | ||
2067 | @code{gnunet-service-arm} processes running in your system. | ||
2068 | |||
2069 | @node Killing GNUnet services | ||
2070 | @subsection Killing GNUnet services | ||
2071 | |||
2072 | It is not necessary to stop GNUnet services explicitly when shutting | ||
2073 | down your computer. | ||
2074 | |||
2075 | It should be noted that manually killing "most" of the | ||
2076 | @code{gnunet-service} processes is generally not a successful method for | ||
2077 | stopping a peer (since @code{gnunet-service-arm} will instantly restart | ||
2078 | them). The best way to explicitly stop a peer is using | ||
2079 | @code{gnunet-arm -e}; note that the per-user services may need to be | ||
2080 | terminated before the system-wide services will terminate normally. | ||
2081 | |||
2082 | @node Access Control for GNUnet | ||
2083 | @subsection Access Control for GNUnet | ||
2084 | |||
2085 | This chapter documents how we plan to make access control work within the | ||
2086 | GNUnet system for a typical peer. It should be read as a best-practice | ||
2087 | installation guide for advanced users and builders of binary | ||
2088 | distributions. The recommendations in this guide apply to POSIX-systems | ||
2089 | with full support for UNIX domain sockets only. | ||
2090 | |||
2091 | Note that this is an advanced topic. The discussion presumes a very good | ||
2092 | understanding of users, groups and file permissions. Normal users on | ||
2093 | hosts with just a single user can just install GNUnet under their own | ||
2094 | account (and possibly allow the installer to use SUDO to grant additional | ||
2095 | permissions for special GNUnet tools that need additional rights). | ||
2096 | The discussion below largely applies to installations where multiple users | ||
2097 | share a system and to installations where the best possible security is | ||
2098 | paramount. | ||
2099 | |||
2100 | A typical GNUnet system consists of components that fall into four | ||
2101 | categories: | ||
2102 | |||
2103 | @table @asis | ||
2104 | |||
2105 | @item User interfaces | ||
2106 | User interfaces are not security sensitive and are supposed to be run and | ||
2107 | used by normal system users. | ||
2108 | The GTK GUIs and most command-line programs fall into this category. | ||
2109 | Some command-line tools (like gnunet-transport) should be excluded as they | ||
2110 | offer low-level access that normal users should not need. | ||
2111 | @item System services and support tools | ||
2112 | System services should always run and offer services that can then be | ||
2113 | accessed by the normal users. | ||
2114 | System services do not require special permissions, but as they are not | ||
2115 | specific to a particular user, they probably should not run as a | ||
2116 | particular user. Also, there should typically only be one GNUnet peer per | ||
2117 | host. System services include the gnunet-service and gnunet-daemon | ||
2118 | programs; support tools include command-line programs such as gnunet-arm. | ||
2119 | @item Privileged helpers | ||
2120 | Some GNUnet components require root rights to open raw sockets or perform | ||
2121 | other special operations. These gnunet-helper binaries are typically | ||
2122 | installed SUID and run from services or daemons. | ||
2123 | @item Critical services | ||
2124 | Some GNUnet services (such as the DNS service) can manipulate the service | ||
2125 | in deep and possibly highly security sensitive ways. For example, the DNS | ||
2126 | service can be used to intercept and alter any DNS query originating from | ||
2127 | the local machine. Access to the APIs of these critical services and their | ||
2128 | privileged helpers must be tightly controlled. | ||
2129 | @end table | ||
2130 | |||
2131 | @c FIXME: The titles of these chapters are too long in the index. | ||
2132 | |||
2133 | @menu | ||
2134 | * Recommendation - Disable access to services via TCP:: | ||
2135 | * Recommendation - Run most services as system user "gnunet":: | ||
2136 | * Recommendation - Control access to services using group "gnunet":: | ||
2137 | * Recommendation - Limit access to certain SUID binaries by group "gnunet":: | ||
2138 | * Recommendation - Limit access to critical gnunet-helper-dns to group "gnunetdns":: | ||
2139 | * Differences between "make install" and these recommendations:: | ||
2140 | @end menu | ||
2141 | |||
2142 | @node Recommendation - Disable access to services via TCP | ||
2143 | @subsubsection Recommendation - Disable access to services via TCP | ||
2144 | |||
2145 | GNUnet services allow two types of access: via TCP socket or via UNIX | ||
2146 | domain socket. | ||
2147 | If the service is available via TCP, access control can only be | ||
2148 | implemented by restricting connections to a particular range of IP | ||
2149 | addresses. | ||
2150 | This is acceptable for non-critical services that are supposed to be | ||
2151 | available to all users on the local system or local network. | ||
2152 | However, as TCP is generally less efficient and it is rarely the case | ||
2153 | that a single GNUnet peer is supposed to serve an entire local network, | ||
2154 | the default configuration should disable TCP access to all GNUnet | ||
2155 | services on systems with support for UNIX domain sockets. | ||
2156 | As of GNUnet 0.9.2, configuration files with TCP access disabled should be | ||
2157 | generated by default. Users can re-enable TCP access to particular | ||
2158 | services simply by specifying a non-zero port number in the section of | ||
2159 | the respective service. | ||
2160 | |||
2161 | |||
2162 | @node Recommendation - Run most services as system user "gnunet" | ||
2163 | @subsubsection Recommendation - Run most services as system user "gnunet" | ||
2164 | |||
2165 | GNUnet's main services should be run as a separate user "gnunet" in a | ||
2166 | special group "gnunet". | ||
2167 | The user "gnunet" should start the peer using "gnunet-arm -s" during | ||
2168 | system startup. The home directory for this user should be | ||
2169 | @file{/var/lib/gnunet} and the configuration file should be | ||
2170 | @file{/etc/gnunet.conf}. | ||
2171 | Only the @code{gnunet} user should have the right to access | ||
2172 | @file{/var/lib/gnunet} (@emph{mode: 700}). | ||
2173 | |||
2174 | @node Recommendation - Control access to services using group "gnunet" | ||
2175 | @subsubsection Recommendation - Control access to services using group "gnunet" | ||
2176 | |||
2177 | Users that should be allowed to use the GNUnet peer should be added to the | ||
2178 | group "gnunet". Using GNUnet's access control mechanism for UNIX domain | ||
2179 | sockets, those services that are considered useful to ordinary users | ||
2180 | should be made available by setting "UNIX_MATCH_GID=YES" for those | ||
2181 | services. | ||
2182 | Again, as shipped, GNUnet provides reasonable defaults. | ||
2183 | Permissions to access the transport and core subsystems might additionally | ||
2184 | be granted without necessarily causing security concerns. | ||
2185 | Some services, such as DNS, must NOT be made accessible to the "gnunet" | ||
2186 | group (and should thus only be accessible to the "gnunet" user and | ||
2187 | services running with this UID). | ||
2188 | |||
2189 | @node Recommendation - Limit access to certain SUID binaries by group "gnunet" | ||
2190 | @subsubsection Recommendation - Limit access to certain SUID binaries by group "gnunet" | ||
2191 | |||
2192 | Most of GNUnet's SUID binaries should be safe even if executed by normal | ||
2193 | users. However, it is possible to reduce the risk a little bit more by | ||
2194 | making these binaries owned by the group "gnunet" and restricting their | ||
2195 | execution to user of the group "gnunet" as well (4750). | ||
2196 | |||
2197 | @node Recommendation - Limit access to critical gnunet-helper-dns to group "gnunetdns" | ||
2198 | @subsubsection Recommendation - Limit access to critical gnunet-helper-dns to group "gnunetdns" | ||
2199 | |||
2200 | A special group "gnunetdns" should be created for controlling access to | ||
2201 | the "gnunet-helper-dns". | ||
2202 | The binary should then be owned by root and be in group "gnunetdns" and | ||
2203 | be installed SUID and only be group-executable (2750). | ||
2204 | @b{Note that the group "gnunetdns" should have no users in it at all, | ||
2205 | ever.} | ||
2206 | The "gnunet-service-dns" program should be executed by user "gnunet" (via | ||
2207 | gnunet-service-arm) with the binary owned by the user "root" and the group | ||
2208 | "gnunetdns" and be SGID (2700). This way, @strong{only} | ||
2209 | "gnunet-service-dns" can change its group to "gnunetdns" and execute the | ||
2210 | helper, and the helper can then run as root (as per SUID). | ||
2211 | Access to the API offered by "gnunet-service-dns" is in turn restricted | ||
2212 | to the user "gnunet" (not the group!), which means that only | ||
2213 | "benign" services can manipulate DNS queries using "gnunet-service-dns". | ||
2214 | |||
2215 | @node Differences between "make install" and these recommendations | ||
2216 | @subsubsection Differences between "make install" and these recommendations | ||
2217 | |||
2218 | The current build system does not set all permissions automatically based | ||
2219 | on the recommendations above. In particular, it does not use the group | ||
2220 | "gnunet" at all (so setting gnunet-helpers other than the | ||
2221 | gnunet-helper-dns to be owned by group "gnunet" must be done manually). | ||
2222 | Furthermore, 'make install' will silently fail to set the DNS binaries to | ||
2223 | be owned by group "gnunetdns" unless that group already exists (!). | ||
2224 | An alternative name for the "gnunetdns" group can be specified using the | ||
2225 | @code{--with-gnunetdns=GRPNAME} configure option. | ||
2226 | |||
diff --git a/doc/documentation/chapters/keyconcepts.texi b/doc/documentation/chapters/keyconcepts.texi new file mode 100644 index 000000000..55f79f1c7 --- /dev/null +++ b/doc/documentation/chapters/keyconcepts.texi | |||
@@ -0,0 +1,308 @@ | |||
1 | |||
2 | @cindex Key Concepts | ||
3 | @node Key Concepts | ||
4 | @chapter Key Concepts | ||
5 | |||
6 | In this section, the fundamental concepts of GNUnet are explained. | ||
7 | @c FIXME: Use @uref{https://docs.gnunet.org/bib/, research papers} | ||
8 | @c once we have the new bibliography + subdomain setup. | ||
9 | Most of them are also described in our research papers. | ||
10 | First, some of the concepts used in the GNUnet framework are detailed. | ||
11 | The second part describes concepts specific to anonymous file-sharing. | ||
12 | |||
13 | @menu | ||
14 | * Authentication:: | ||
15 | * Accounting to Encourage Resource Sharing:: | ||
16 | * Confidentiality:: | ||
17 | * Anonymity:: | ||
18 | * Deniability:: | ||
19 | * Peer Identities:: | ||
20 | * Zones in the GNU Name System (GNS Zones):: | ||
21 | * Egos:: | ||
22 | @end menu | ||
23 | |||
24 | @cindex Authentication | ||
25 | @node Authentication | ||
26 | @section Authentication | ||
27 | |||
28 | Almost all peer-to-peer communications in GNUnet are between mutually | ||
29 | authenticated peers. The authentication works by using ECDHE, that is a | ||
30 | DH (Diffie---Hellman) key exchange using ephemeral elliptic curve | ||
31 | cryptography. The ephemeral ECC (Elliptic Curve Cryptography) keys are | ||
32 | signed using ECDSA (@uref{http://en.wikipedia.org/wiki/ECDSA, ECDSA}). | ||
33 | The shared secret from ECDHE is used to create a pair of session keys | ||
34 | @c FIXME: Long word for HKDF. More FIXMEs: Explain MITM etc. | ||
35 | (using HKDF) which are then used to encrypt the communication between the | ||
36 | two peers using both 256-bit AES (Advanced Encryption Standard) | ||
37 | and 256-bit Twofish (with independently derived secret keys). | ||
38 | As only the two participating hosts know the shared secret, this | ||
39 | authenticates each packet | ||
40 | without requiring signatures each time. GNUnet uses SHA-512 | ||
41 | (Secure Hash Algorithm) hash codes to verify the integrity of messages. | ||
42 | |||
43 | @c FIXME: A while back I got the feedback that I should try and integrate | ||
44 | @c explanation boxes in the long-run. So we could explain | ||
45 | @c "man-in-the-middle" and "man-in-the-middle attacks" and other words | ||
46 | @c which are not common knowledge. MITM is not common knowledge. To be | ||
47 | @c selfcontained, we should be able to explain words and concepts used in | ||
48 | @c a chapter or paragraph without hinting at Wikipedia and other online | ||
49 | @c sources which might not be available or accessible to everyone. | ||
50 | @c On the other hand we could write an introductionary chapter or book | ||
51 | @c that we could then reference in each chapter, which sound like it | ||
52 | @c could be more reusable. | ||
53 | In GNUnet, the identity of a host is its public key. For that reason, | ||
54 | man-in-the-middle attacks will not break the authentication or accounting | ||
55 | goals. Essentially, for GNUnet, the IP of the host has nothing to do with | ||
56 | the identity of the host. As the public key is the only thing that truly | ||
57 | matters, faking an IP, a port or any other property of the underlying | ||
58 | transport protocol is irrelevant. In fact, GNUnet peers can use | ||
59 | multiple IPs (IPv4 and IPv6) on multiple ports --- or even not use the | ||
60 | IP protocol at all (by running directly on layer 2). | ||
61 | @c FIXME: "IP protocol" feels wrong, but could be what people expect, as | ||
62 | @c IP is "the number" and "IP protocol" the protocol itself in general | ||
63 | @c knowledge? | ||
64 | |||
65 | @c NOTE: For consistency we will use @code{HELLO}s throughout this Manual. | ||
66 | GNUnet uses a special type of message to communicate a binding between | ||
67 | public (ECC) keys to their current network address. These messages are | ||
68 | commonly called @code{HELLO}s or @code{peer advertisements}. | ||
69 | They contain the public key of the peer and its current network | ||
70 | addresses for various transport services. | ||
71 | A transport service is a special kind of shared library that | ||
72 | provides (possibly unreliable, out-of-order) message delivery between | ||
73 | peers. | ||
74 | For the UDP and TCP transport services, a network address is an IP and a | ||
75 | port. | ||
76 | GNUnet can also use other transports (HTTP, HTTPS, WLAN, etc.) which use | ||
77 | various other forms of addresses. Note that any node can have many | ||
78 | different active transport services at the same time, | ||
79 | and each of these can have a different addresses. | ||
80 | Binding messages expire after at most a week (the timeout can be | ||
81 | shorter if the user configures the node appropriately). | ||
82 | This expiration ensures that the network will eventually get rid of | ||
83 | outdated advertisements. | ||
84 | @footnote{Ronaldo A. Ferreira, Christian Grothoff, and Paul Ruth. | ||
85 | A Transport Layer Abstraction for Peer-to-Peer Networks | ||
86 | Proceedings of the 3rd International Symposium on Cluster Computing | ||
87 | and the Grid (GRID 2003), 2003. | ||
88 | (@uref{https://gnunet.org/git/bibliography.git/plain/docs/transport.pdf, https://gnunet.org/git/bibliography.git/plain/docs/transport.pdf})} | ||
89 | |||
90 | @cindex Accounting to Encourage Resource Sharing | ||
91 | @node Accounting to Encourage Resource Sharing | ||
92 | @section Accounting to Encourage Resource Sharing | ||
93 | |||
94 | Most distributed P2P networks suffer from a lack of defenses or | ||
95 | precautions against attacks in the form of freeloading. | ||
96 | While the intentions of an attacker and a freeloader are different, their | ||
97 | effect on the network is the same; they both render it useless. | ||
98 | Most simple attacks on networks such as @command{Gnutella} | ||
99 | involve flooding the network with traffic, particularly | ||
100 | with queries that are, in the worst case, multiplied by the network. | ||
101 | |||
102 | In order to ensure that freeloaders or attackers have a minimal impact | ||
103 | on the network, GNUnet's file-sharing implementation (@code{FS} tries | ||
104 | to distinguish good (contributing) nodes from malicious (freeloading) | ||
105 | nodes. In GNUnet, every file-sharing node keeps track of the behavior | ||
106 | of every other node it has been in contact with. Many requests | ||
107 | (depending on the application) are transmitted with a priority (or | ||
108 | importance) level. That priority is used to establish how important | ||
109 | the sender believes this request is. If a peer responds to an | ||
110 | important request, the recipient will increase its trust in the | ||
111 | responder: the responder contributed resources. If a peer is too busy | ||
112 | to answer all requests, it needs to prioritize. For that, peers do | ||
113 | not take the priorities of the requests received at face value. | ||
114 | First, they check how much they trust the sender, and depending on | ||
115 | that amount of trust they assign the request a (possibly lower) | ||
116 | effective priority. Then, they drop the requests with the lowest | ||
117 | effective priority to satisfy their resource constraints. This way, | ||
118 | GNUnet's economic model ensures that nodes that are not currently | ||
119 | considered to have a surplus in contributions will not be served if | ||
120 | the network load is high. | ||
121 | @footnote{Christian Grothoff. An Excess-Based Economic Model for Resource | ||
122 | Allocation in Peer-to-Peer Networks. Wirtschaftsinformatik, June 2003. | ||
123 | (@uref{https://gnunet.org/git/bibliography.git/plain/docs/ebe.pdf, https://gnunet.org/git/bibliography.git/plain/docs/ebe.pdf})} | ||
124 | @c 2009? | ||
125 | |||
126 | @cindex Confidentiality | ||
127 | @node Confidentiality | ||
128 | @section Confidentiality | ||
129 | |||
130 | Adversaries (malicious, bad actors) outside of GNUnet are not supposed | ||
131 | to know what kind of actions a peer is involved in. Only the specific | ||
132 | neighbor of a peer that is the corresponding sender or recipient of a | ||
133 | message may know its contents, and even then application protocols may | ||
134 | place further restrictions on that knowledge. In order to ensure | ||
135 | confidentiality, GNUnet uses link encryption, that is each message | ||
136 | exchanged between two peers is encrypted using a pair of keys only | ||
137 | known to these two peers. Encrypting traffic like this makes any kind | ||
138 | of traffic analysis much harder. Naturally, for some applications, it | ||
139 | may still be desirable if even neighbors cannot determine the concrete | ||
140 | contents of a message. In GNUnet, this problem is addressed by the | ||
141 | specific application-level protocols. See for example the following | ||
142 | sections @pxref{Anonymity}, @pxref{How file-sharing achieves Anonymity}, | ||
143 | and @pxref{Deniability}. | ||
144 | |||
145 | @cindex Anonymity | ||
146 | @node Anonymity | ||
147 | @section Anonymity | ||
148 | |||
149 | @menu | ||
150 | * How file-sharing achieves Anonymity:: | ||
151 | @end menu | ||
152 | |||
153 | Providing anonymity for users is the central goal for the anonymous | ||
154 | file-sharing application. Many other design decisions follow in the | ||
155 | footsteps of this requirement. | ||
156 | Anonymity is never absolute. While there are various | ||
157 | scientific metrics@footnote{Claudia Díaz, Stefaan Seys, Joris Claessens, | ||
158 | and Bart Preneel. Towards measuring anonymity. | ||
159 | 2002. | ||
160 | (@uref{https://gnunet.org/git/bibliography.git/plain/docs/article-89.pdf, https://gnunet.org/git/bibliography.git/plain/docs/article-89.pdf})} | ||
161 | that can help quantify the level of anonymity that a given mechanism | ||
162 | provides, there is no such thing as "complete anonymity". | ||
163 | GNUnet's file-sharing implementation allows users to select for each | ||
164 | operation (publish, search, download) the desired level of anonymity. | ||
165 | The metric used is the amount of cover traffic available to hide the | ||
166 | request. | ||
167 | While this metric is not as good as, for example, the theoretical metric | ||
168 | given in scientific metrics@footnote{likewise}, | ||
169 | it is probably the best metric available to a peer with a purely local | ||
170 | view of the world that does not rely on unreliable external information. | ||
171 | The default anonymity level is @code{1}, which uses anonymous routing but | ||
172 | imposes no minimal requirements on cover traffic. It is possible | ||
173 | to forego anonymity when this is not required. The anonymity level of | ||
174 | @code{0} allows GNUnet to use more efficient, non-anonymous routing. | ||
175 | |||
176 | @cindex How file-sharing achieves Anonymity | ||
177 | @node How file-sharing achieves Anonymity | ||
178 | @subsection How file-sharing achieves Anonymity | ||
179 | |||
180 | Contrary to other designs, we do not believe that users achieve strong | ||
181 | anonymity just because their requests are obfuscated by a couple of | ||
182 | indirections. This is not sufficient if the adversary uses traffic | ||
183 | analysis. | ||
184 | The threat model used for anonymous file sharing in GNUnet assumes that | ||
185 | the adversary is quite powerful. | ||
186 | In particular, we assume that the adversary can see all the traffic on | ||
187 | the Internet. And while we assume that the adversary | ||
188 | can not break our encryption, we assume that the adversary has many | ||
189 | participating nodes in the network and that it can thus see many of the | ||
190 | node-to-node interactions since it controls some of the nodes. | ||
191 | |||
192 | The system tries to achieve anonymity based on the idea that users can be | ||
193 | anonymous if they can hide their actions in the traffic created by other | ||
194 | users. | ||
195 | Hiding actions in the traffic of other users requires participating in the | ||
196 | traffic, bringing back the traditional technique of using indirection and | ||
197 | source rewriting. Source rewriting is required to gain anonymity since | ||
198 | otherwise an adversary could tell if a message originated from a host by | ||
199 | looking at the source address. If all packets look like they originate | ||
200 | from one node, the adversary can not tell which ones originate from that | ||
201 | node and which ones were routed. | ||
202 | Note that in this mindset, any node can decide to break the | ||
203 | source-rewriting paradigm without violating the protocol, as this | ||
204 | only reduces the amount of traffic that a node can hide its own traffic | ||
205 | in. | ||
206 | |||
207 | If we want to hide our actions in the traffic of other nodes, we must make | ||
208 | our traffic indistinguishable from the traffic that we route for others. | ||
209 | As our queries must have us as the receiver of the reply | ||
210 | (otherwise they would be useless), we must put ourselves as the receiver | ||
211 | of replies that actually go to other hosts; in other words, we must | ||
212 | indirect replies. | ||
213 | Unlike other systems, in anonymous file-sharing as implemented on top of | ||
214 | GNUnet we do not have to indirect the replies if we don't think we need | ||
215 | more traffic to hide our own actions. | ||
216 | |||
217 | This increases the efficiency of the network as we can indirect less under | ||
218 | higher load.@footnote{Krista Bennett and Christian Grothoff. | ||
219 | GAP --- practical anonymous networking. In Proceedings of | ||
220 | Designing Privacy Enhancing Technologies, 2003. | ||
221 | (@uref{https://gnunet.org/git/bibliography.git/plain/docs/aff.pdf, https://gnunet.org/git/bibliography.git/plain/docs/aff.pdf})} | ||
222 | |||
223 | @cindex Deniability | ||
224 | @node Deniability | ||
225 | @section Deniability | ||
226 | |||
227 | Even if the user that downloads data and the server that provides data are | ||
228 | anonymous, the intermediaries may still be targets. In particular, if the | ||
229 | intermediaries can find out which queries or which content they are | ||
230 | processing, a strong adversary could try to force them to censor | ||
231 | certain materials. | ||
232 | |||
233 | With the file-encoding used by GNUnet's anonymous file-sharing, this | ||
234 | problem does not arise. | ||
235 | The reason is that queries and replies are transmitted in | ||
236 | an encrypted format such that intermediaries cannot tell what the query | ||
237 | is for or what the content is about. Mind that this is not the same | ||
238 | encryption as the link-encryption between the nodes. GNUnet has | ||
239 | encryption on the network layer (link encryption, confidentiality, | ||
240 | authentication) and again on the application layer (provided | ||
241 | by @command{gnunet-publish}, @command{gnunet-download}, | ||
242 | @command{gnunet-search} and @command{gnunet-gtk}). | ||
243 | @footnote{Christian Grothoff, Krista Grothoff, Tzvetan Horozov, | ||
244 | and Jussi T. Lindgren. | ||
245 | An Encoding for Censorship-Resistant Sharing. | ||
246 | 2009. | ||
247 | (@uref{https://gnunet.org/git/bibliography.git/plain/docs/ecrs.pdf, https://gnunet.org/git/bibliography.git/plain/docs/ecrs.pdf})} | ||
248 | |||
249 | @cindex Peer Identities | ||
250 | @node Peer Identities | ||
251 | @section Peer Identities | ||
252 | |||
253 | Peer identities are used to identify peers in the network and are unique | ||
254 | for each peer. The identity for a peer is simply its public key, which is | ||
255 | generated along with a private key the peer is started for the first time. | ||
256 | While the identity is binary data, it is often expressed as ASCII string. | ||
257 | For example, the following is a peer identity as you might see it in | ||
258 | various places: | ||
259 | |||
260 | @example | ||
261 | UAT1S6PMPITLBKSJ2DGV341JI6KF7B66AC4JVCN9811NNEGQLUN0 | ||
262 | @end example | ||
263 | |||
264 | @noindent | ||
265 | You can find your peer identity by running @command{gnunet-peerinfo -s}. | ||
266 | |||
267 | @cindex Zones in the GNU Name System (GNS Zones) | ||
268 | @node Zones in the GNU Name System (GNS Zones) | ||
269 | @section Zones in the GNU Name System (GNS Zones) | ||
270 | |||
271 | @c FIXME: Explain or link to an explanation of the concept of public keys | ||
272 | @c and private keys. | ||
273 | @c FIXME: Rewrite for the latest GNS changes. | ||
274 | GNS@footnote{Matthias Wachs, Martin Schanzenbach, and Christian Grothoff. | ||
275 | A Censorship-Resistant, Privacy-Enhancing and Fully Decentralized Name | ||
276 | System. In proceedings of 13th International Conference on Cryptology and | ||
277 | Network Security (CANS 2014). 2014. | ||
278 | @uref{https://gnunet.org/git/bibliography.git/plain/docs/gns2014wachs.pdf, https://gnunet.org/git/bibliography.git/plain/docs/gns2014wachs.pdf}} | ||
279 | zones are similar to those of DNS zones, but instead of a hierarchy of | ||
280 | authorities to governing their use, GNS zones are controlled by a private | ||
281 | key. | ||
282 | When you create a record in a DNS zone, that information is stored in your | ||
283 | nameserver. Anyone trying to resolve your domain then gets pointed | ||
284 | (hopefully) by the centralised authority to your nameserver. | ||
285 | Whereas GNS, being fully decentralized by design, stores that information | ||
286 | in DHT. The validity of the records is assured cryptographically, by | ||
287 | signing them with the private key of the respective zone. | ||
288 | |||
289 | Anyone trying to resolve records in a zone of your domain can then verify | ||
290 | the signature of the records they get from the DHT and be assured that | ||
291 | they are indeed from the respective zone. | ||
292 | To make this work, there is a 1:1 correspondence between zones and | ||
293 | their public-private key pairs. | ||
294 | So when we talk about the owner of a GNS zone, that's really the owner of | ||
295 | the private key. | ||
296 | And a user accessing a zone needs to somehow specify the corresponding | ||
297 | public key first. | ||
298 | |||
299 | @cindex Egos | ||
300 | @node Egos | ||
301 | @section Egos | ||
302 | |||
303 | @c what is the difference between peer identity and egos? It seems | ||
304 | @c like both are linked to public-private key pair. | ||
305 | Egos are your "identities" in GNUnet. Any user can assume multiple | ||
306 | identities, for example to separate their activities online. Egos can | ||
307 | correspond to "pseudonyms" or "real-world identities". Technically an | ||
308 | ego is first of all a key pair of a public- and private-key. | ||
diff --git a/doc/documentation/chapters/philosophy.texi b/doc/documentation/chapters/philosophy.texi index 148f0cd91..6d80d77ae 100644 --- a/doc/documentation/chapters/philosophy.texi +++ b/doc/documentation/chapters/philosophy.texi | |||
@@ -5,36 +5,28 @@ | |||
5 | @c NOTE: We should probably re-use some of the images lynX created | 5 | @c NOTE: We should probably re-use some of the images lynX created |
6 | @c for secushare, showing some of the relations and functionalities | 6 | @c for secushare, showing some of the relations and functionalities |
7 | @c of GNUnet. | 7 | @c of GNUnet. |
8 | The foremost goal of the GNUnet project is to become a widely used, | 8 | The primary goal of the GNUnet project is to provide a reliable, open, |
9 | reliable, open, non-discriminating, egalitarian, unconstrained and | 9 | non-discriminating and censorship-resistant system for information |
10 | censorship-resistant system of free information exchange. | 10 | exchange. We value free speech above state interests and intellectual |
11 | We value free speech above state secrets, law-enforcement or | 11 | monopoly. GNUnet's long-term goal is to serve as a development |
12 | intellectual monopoly. | 12 | platform for the next generation of Internet protocols. |
13 | GNUnet is supposed to be an anarchistic network, where the only | 13 | |
14 | limitation for participants (devices or people making use of the | 14 | GNUnet is an anarchistic network. Participants are encouraged to |
15 | network, in the following sometimes called peers) is | 15 | contribute at least as much resources (storage, bandwidth) to the network |
16 | that they must contribute enough back to the network such that | 16 | as they consume, so that their participation does not have a negative |
17 | their resource consumption does not have a significant impact | 17 | impact on other users. |
18 | on other users. | ||
19 | GNUnet should be more than just another file-sharing network. | ||
20 | The plan is to offer many other services and in particular | ||
21 | to serve as a development platform for the next generation of | ||
22 | Internet Protocols. | ||
23 | 18 | ||
24 | @menu | 19 | @menu |
25 | * Design Goals:: | 20 | * Design Principles:: |
26 | * Security and Privacy:: | 21 | * Privacy and Anonymity:: |
27 | * Versatility:: | ||
28 | * Practicality:: | 22 | * Practicality:: |
29 | * Key Concepts:: | ||
30 | @end menu | 23 | @end menu |
31 | 24 | ||
32 | @cindex Design Goals | 25 | @cindex Design Principles |
33 | @cindex Design Goals | 26 | @node Design Principles |
34 | @node Design Goals | 27 | @section Design Principles |
35 | @section Design Goals | ||
36 | 28 | ||
37 | These are the core GNUnet design goals, in order of relative importance: | 29 | These are the GNUnet design principles, in order of importance: |
38 | 30 | ||
39 | @itemize | 31 | @itemize |
40 | @item GNUnet must be implemented as | 32 | @item GNUnet must be implemented as |
@@ -44,399 +36,45 @@ These are the core GNUnet design goals, in order of relative importance: | |||
44 | the program, to study and change the program in source code form, | 36 | the program, to study and change the program in source code form, |
45 | to redistribute exact copies, and to distribute modified versions. | 37 | to redistribute exact copies, and to distribute modified versions. |
46 | Refer to @uref{https://www.gnu.org/philosophy/free-sw.html, https://www.gnu.org/philosophy/free-sw.html}} | 38 | Refer to @uref{https://www.gnu.org/philosophy/free-sw.html, https://www.gnu.org/philosophy/free-sw.html}} |
47 | @item GNUnet must only disclose the minimal amount of information | 39 | @item GNUnet must minimize the amount of personally identifiable information exposed. |
48 | necessary. | ||
49 | @c TODO: Explain 'fully' in the terminology section. | 40 | @c TODO: Explain 'fully' in the terminology section. |
50 | @item GNUnet must be fully distributed and survive | 41 | @item GNUnet must be fully distributed and resilient to external attacks and rogue participants. |
51 | @uref{https://en.wikipedia.org/wiki/Byzantine_fault_tolerance, Byzantine failures} | 42 | @item GNUnet must be self-organizing and not depend on administrators or centralized infrastructure. |
52 | @footnote{@uref{https://en.wikipedia.org/wiki/Byzantine_fault_tolerance, https://en.wikipedia.org/wiki/Byzantine_fault_tolerance}} | 43 | @item GNUnet must inform the user which other participants have to be trusted when establishing private communications. |
53 | at any position in the network. | ||
54 | @item GNUnet must make it explicit to the user which entities are | ||
55 | considered to be trustworthy when establishing secured communications. | ||
56 | @item GNUnet must use compartmentalization to protect sensitive | ||
57 | information. | ||
58 | @item GNUnet must be open and permit new peers to join. | 44 | @item GNUnet must be open and permit new peers to join. |
59 | @item GNUnet must be self-organizing and not depend on administrators. | ||
60 | @item GNUnet must support a diverse range of applications and devices. | 45 | @item GNUnet must support a diverse range of applications and devices. |
61 | @item The GNUnet architecture must be cost effective. | 46 | @item GNUnet must use compartmentalization to protect sensitive information. |
62 | @item GNUnet must provide incentives for peers to contribute more | 47 | @item The GNUnet architecture must be resource efficient. |
63 | resources than they consume. | 48 | @item GNUnet must provide incentives for peers to contribute more resources than they consume. |
64 | @end itemize | 49 | @end itemize |
65 | 50 | ||
66 | 51 | ||
67 | @cindex Security and Privacy | 52 | @cindex Privacy and Anonymity |
68 | @node Security and Privacy | 53 | @node Privacy and Anonymity |
69 | @section Security and Privacy | 54 | @section Privacy and Anonymity |
70 | |||
71 | GNUnet's primary design goals are to protect the privacy of its users and | ||
72 | to guard itself against attacks or abuse. | ||
73 | GNUnet does not have any mechanisms to control, track or censor users. | ||
74 | Instead, the GNUnet protocols aim to make it as hard as possible to | ||
75 | find out what is happening on the network or to disrupt operations. | ||
76 | 55 | ||
77 | @cindex Versatility | 56 | The GNUnet protocols minimize the leakage of personally identifiable information of participants and |
78 | @node Versatility | 57 | do not allow adversaries to control, track, monitor or censor users activities. The |
79 | @section Versatility | 58 | GNUnet protocols also make it as hard as possible to disrupt operations by participating in the network with malicious intent. |
80 | 59 | ||
81 | We call GNUnet a peer-to-peer framework because we want to support many | 60 | Analyzing participant's activities becomes more difficult as the number of peers and |
82 | different forms of peer-to-peer applications. GNUnet uses a plugin | 61 | applications that generate traffic on the network grows, even if the additional |
83 | architecture to make the system extensible and to encourage code reuse. | 62 | traffic generated is not related to anonymous communication. This is one of the reasons why GNUnet is developed as a peer-to-peer |
84 | While the first versions of the system only supported anonymous | ||
85 | file-sharing, other applications are being worked on and more will | ||
86 | hopefully follow in the future. | ||
87 | A powerful synergy regarding anonymity services is created by a large | ||
88 | community utilizing many diverse applications over the same software | ||
89 | infrastructure. The reason is that link encryption hides the specifics | ||
90 | of the traffic for non-participating observers. This way, anonymity can | ||
91 | get stronger with additional (GNUnet) traffic, even if the additional | ||
92 | traffic is not related to anonymous communication. Increasing anonymity | ||
93 | is the primary reason why GNUnet is developed to become a peer-to-peer | ||
94 | framework where many applications share the lower layers of an | 63 | framework where many applications share the lower layers of an |
95 | increasingly complex protocol stack. | 64 | increasingly complex protocol stack. The GNUnet architecture encourages many |
96 | If merging traffic to hinder traffic analysis was not important, | 65 | different forms of peer-to-peer applications. |
97 | we could have just developed a dozen stand-alone applications | ||
98 | and a few shared libraries. | ||
99 | 66 | ||
100 | @cindex Practicality | 67 | @cindex Practicality |
101 | @node Practicality | 68 | @node Practicality |
102 | @section Practicality | 69 | @section Practicality |
103 | 70 | ||
104 | GNUnet allows participants to trade various amounts of security in | 71 | Whereever possible GNUnet allows the peer to adjust its operations |
105 | exchange for increased efficiency. However, it is not possible for any | 72 | and functionalities to specific use cases. A GNUnet peer running on |
106 | user's security and efficiency requirements to compromise the security | 73 | a mobile device with limited battery for example might choose not to |
107 | and efficiency of any other user. | 74 | relay traffic for other participants. |
108 | |||
109 | For GNUnet, efficiency is not paramount. If there were a more secure and | ||
110 | still practical approach, we would choose to take the more secure | ||
111 | alternative. @command{telnet} is more efficient than @command{ssh}, yet | ||
112 | it is obsolete. | ||
113 | Hardware gets faster, and code can be optimized. Fixing security issues | ||
114 | as an afterthought is much harder. | ||
115 | |||
116 | While security is paramount, practicability is still a requirement. | ||
117 | The most secure system is always the one that nobody can use. | ||
118 | Similarly, any anonymous system that is extremely inefficient will only | ||
119 | find few users. | ||
120 | However, good anonymity requires a large and diverse user base. Since | ||
121 | individual security requirements may vary, the only good solution here is | ||
122 | to allow individuals to trade-off security and efficiency. | ||
123 | The primary challenge in allowing this is to ensure that the economic | ||
124 | incentives work properly. | ||
125 | In particular, this means that it must be impossible for a user to gain | ||
126 | security at the expense of other users. Many designs (e.g. anonymity via | ||
127 | broadcast) fail to give users an incentive to choose a less secure but | ||
128 | more efficient mode of operation. | ||
129 | GNUnet should avoid where ever possible to rely on protocols that will | ||
130 | only work if the participants are benevolent. | ||
131 | While some designs have had widespread success while relying on parties | ||
132 | to observe a protocol that may be sub-optimal for the individuals (e.g. | ||
133 | TCP Nagle), a protocol that ensures that individual goals never conflict | ||
134 | with the goals of the group is always preferable. | ||
135 | |||
136 | @cindex Key Concepts | ||
137 | @node Key Concepts | ||
138 | @section Key Concepts | ||
139 | |||
140 | In this section, the fundamental concepts of GNUnet are explained. | ||
141 | @c FIXME: Use @uref{https://docs.gnunet.org/bib/, research papers} | ||
142 | @c once we have the new bibliography + subdomain setup. | ||
143 | Most of them are also described in our research papers. | ||
144 | First, some of the concepts used in the GNUnet framework are detailed. | ||
145 | The second part describes concepts specific to anonymous file-sharing. | ||
146 | |||
147 | @menu | ||
148 | * Authentication:: | ||
149 | * Accounting to Encourage Resource Sharing:: | ||
150 | * Confidentiality:: | ||
151 | * Anonymity:: | ||
152 | * Deniability:: | ||
153 | * Peer Identities:: | ||
154 | * Zones in the GNU Name System (GNS Zones):: | ||
155 | * Egos:: | ||
156 | @end menu | ||
157 | |||
158 | @cindex Authentication | ||
159 | @node Authentication | ||
160 | @subsection Authentication | ||
161 | |||
162 | Almost all peer-to-peer communications in GNUnet are between mutually | ||
163 | authenticated peers. The authentication works by using ECDHE, that is a | ||
164 | DH (Diffie---Hellman) key exchange using ephemeral eliptic curve | ||
165 | cryptography. The ephemeral ECC (Eliptic Curve Cryptography) keys are | ||
166 | signed using ECDSA (@uref{http://en.wikipedia.org/wiki/ECDSA, ECDSA}). | ||
167 | The shared secret from ECDHE is used to create a pair of session keys | ||
168 | @c FIXME: LOng word for HKDF. More FIXMEs: Explain MITM etc. | ||
169 | (using HKDF) which are then used to encrypt the communication between the | ||
170 | two peers using both 256-bit AES (Advanced Encryption Standard) | ||
171 | and 256-bit Twofish (with independently derived secret keys). | ||
172 | As only the two participating hosts know the shared secret, this | ||
173 | authenticates each packet | ||
174 | without requiring signatures each time. GNUnet uses SHA-512 | ||
175 | (Secure Hash Algorithm) hash codes to verify the integrity of messages. | ||
176 | |||
177 | @c Fixme: A while back I got the feedback that I should try and integrate | ||
178 | @c explanation boxes in the long-run. So we could explain | ||
179 | @c "man-in-the-middle" and "man-in-the-middle attacks" and other words | ||
180 | @c which are not common knowledge. MITM is not common knowledge. To be | ||
181 | @c selfcontained, we should be able to explain words and concepts used in | ||
182 | @c a chapter or paragraph without hinting at wikipedia and other online | ||
183 | @c sources which might not be available or accessible to everyone. | ||
184 | @c On the other hand we could write an introductionary chapter or book | ||
185 | @c that we could then reference in each chapter, which sound like it | ||
186 | @c could be more reusable. | ||
187 | In GNUnet, the identity of a host is its public key. For that reason, | ||
188 | man-in-the-middle attacks will not break the authentication or accounting | ||
189 | goals. Essentially, for GNUnet, the IP of the host has nothing to do with | ||
190 | the identity of the host. As the public key is the only thing that truly | ||
191 | matters, faking an IP, a port or any other property of the underlying | ||
192 | transport protocol is irrelevant. In fact, GNUnet peers can use | ||
193 | multiple IPs (IPv4 and IPv6) on multiple ports --- or even not use the | ||
194 | IP protocol at all (by running directly on layer 2). | ||
195 | @c FIXME: "IP protocol" feels wrong, but could be what people expect, as | ||
196 | @c IP is "the number" and "IP protocol" the protocol itself in general | ||
197 | @c knowledge? | ||
198 | |||
199 | @c NOTE: For consistency we will use @code{HELLO}s throughout this Manual. | ||
200 | GNUnet uses a special type of message to communicate a binding between | ||
201 | public (ECC) keys to their current network address. These messages are | ||
202 | commonly called @code{HELLO}s or @code{peer advertisements}. | ||
203 | They contain the public key of the peer and its current network | ||
204 | addresses for various transport services. | ||
205 | A transport service is a special kind of shared library that | ||
206 | provides (possibly unreliable, out-of-order) message delivery between | ||
207 | peers. | ||
208 | For the UDP and TCP transport services, a network address is an IP and a | ||
209 | port. | ||
210 | GNUnet can also use other transports (HTTP, HTTPS, WLAN, etc.) which use | ||
211 | various other forms of addresses. Note that any node can have many | ||
212 | different active transport services at the same time, | ||
213 | and each of these can have a different addresses. | ||
214 | Binding messages expire after at most a week (the timeout can be | ||
215 | shorter if the user configures the node appropriately). | ||
216 | This expiration ensures that the network will eventually get rid of | ||
217 | outdated advertisements. | ||
218 | @footnote{Ronaldo A. Ferreira, Christian Grothoff, and Paul Ruth. | ||
219 | A Transport Layer Abstraction for Peer-to-Peer Networks | ||
220 | Proceedings of the 3rd International Symposium on Cluster Computing | ||
221 | and the Grid (GRID 2003), 2003. | ||
222 | (@uref{https://gnunet.org/git/bibliography.git/plain/docs/transport.pdf, https://gnunet.org/git/bibliography.git/plain/docs/transport.pdf})} | ||
223 | |||
224 | @cindex Accounting to Encourage Resource Sharing | ||
225 | @node Accounting to Encourage Resource Sharing | ||
226 | @subsection Accounting to Encourage Resource Sharing | ||
227 | |||
228 | Most distributed P2P networks suffer from a lack of defenses or | ||
229 | precautions against attacks in the form of freeloading. | ||
230 | While the intentions of an attacker and a freeloader are different, their | ||
231 | effect on the network is the same; they both render it useless. | ||
232 | Most simple attacks on networks such as @command{Gnutella} | ||
233 | involve flooding the network with traffic, particularly | ||
234 | with queries that are, in the worst case, multiplied by the network. | ||
235 | |||
236 | In order to ensure that freeloaders or attackers have a minimal impact | ||
237 | on the network, GNUnet's file-sharing implementation (@code{FS} tries | ||
238 | to distinguish good (contributing) nodes from malicious (freeloading) | ||
239 | nodes. In GNUnet, every file-sharing node keeps track of the behavior | ||
240 | of every other node it has been in contact with. Many requests | ||
241 | (depending on the application) are transmitted with a priority (or | ||
242 | importance) level. That priority is used to establish how important | ||
243 | the sender believes this request is. If a peer responds to an | ||
244 | important request, the recipient will increase its trust in the | ||
245 | responder: the responder contributed resources. If a peer is too busy | ||
246 | to answer all requests, it needs to prioritize. For that, peers do | ||
247 | not take the priorities of the requests received at face value. | ||
248 | First, they check how much they trust the sender, and depending on | ||
249 | that amount of trust they assign the request a (possibly lower) | ||
250 | effective priority. Then, they drop the requests with the lowest | ||
251 | effective priority to satisfy their resource constraints. This way, | ||
252 | GNUnet's economic model ensures that nodes that are not currently | ||
253 | considered to have a surplus in contributions will not be served if | ||
254 | the network load is high. | ||
255 | @footnote{Christian Grothoff. An Excess-Based Economic Model for Resource | ||
256 | Allocation in Peer-to-Peer Networks. Wirtschaftsinformatik, June 2003. | ||
257 | (@uref{https://gnunet.org/git/bibliography.git/plain/docs/ebe.pdf, https://gnunet.org/git/bibliography.git/plain/docs/ebe.pdf})} | ||
258 | @c 2009? | ||
259 | |||
260 | @cindex Confidentiality | ||
261 | @node Confidentiality | ||
262 | @subsection Confidentiality | ||
263 | |||
264 | Adversaries (malicious, bad actors) outside of GNUnet are not supposed | ||
265 | to know what kind of actions a peer is involved in. Only the specific | ||
266 | neighbor of a peer that is the corresponding sender or recipient of a | ||
267 | message may know its contents, and even then application protocols may | ||
268 | place further restrictions on that knowledge. In order to ensure | ||
269 | confidentiality, GNUnet uses link encryption, that is each message | ||
270 | exchanged between two peers is encrypted using a pair of keys only | ||
271 | known to these two peers. Encrypting traffic like this makes any kind | ||
272 | of traffic analysis much harder. Naturally, for some applications, it | ||
273 | may still be desirable if even neighbors cannot determine the concrete | ||
274 | contents of a message. In GNUnet, this problem is addressed by the | ||
275 | specific application-level protocols. See for example the following | ||
276 | sections @pxref{Anonymity}, @pxref{How file-sharing achieves Anonymity}, | ||
277 | and @pxref{Deniability}. | ||
278 | |||
279 | @cindex Anonymity | ||
280 | @node Anonymity | ||
281 | @subsection Anonymity | ||
282 | 75 | ||
283 | @menu | 76 | For certain applications like file-sharing GNUnet allows participants to trade degrees of anonymity in |
284 | * How file-sharing achieves Anonymity:: | 77 | exchange for increased efficiency. However, it is not possible for any |
285 | @end menu | 78 | user's efficiency requirements to compromise the anonymity |
286 | 79 | of any other user. | |
287 | Providing anonymity for users is the central goal for the anonymous | ||
288 | file-sharing application. Many other design decisions follow in the | ||
289 | footsteps of this requirement. | ||
290 | Anonymity is never absolute. While there are various | ||
291 | scientific metrics@footnote{Claudia Díaz, Stefaan Seys, Joris Claessens, | ||
292 | and Bart Preneel. Towards measuring anonymity. | ||
293 | 2002. | ||
294 | (@uref{https://gnunet.org/git/bibliography.git/plain/docs/article-89.pdf, https://gnunet.org/git/bibliography.git/plain/docs/article-89.pdf})} | ||
295 | that can help quantify the level of anonymity that a given mechanism | ||
296 | provides, there is no such thing as "complete anonymity". | ||
297 | GNUnet's file-sharing implementation allows users to select for each | ||
298 | operation (publish, search, download) the desired level of anonymity. | ||
299 | The metric used is the amount of cover traffic available to hide the | ||
300 | request. | ||
301 | While this metric is not as good as, for example, the theoretical metric | ||
302 | given in scientific metrics@footnote{likewise}, | ||
303 | it is probably the best metric available to a peer with a purely local | ||
304 | view of the world that does not rely on unreliable external information. | ||
305 | The default anonymity level is @code{1}, which uses anonymous routing but | ||
306 | imposes no minimal requirements on cover traffic. It is possible | ||
307 | to forego anonymity when this is not required. The anonymity level of | ||
308 | @code{0} allows GNUnet to use more efficient, non-anonymous routing. | ||
309 | |||
310 | @cindex How file-sharing achieves Anonymity | ||
311 | @node How file-sharing achieves Anonymity | ||
312 | @subsubsection How file-sharing achieves Anonymity | ||
313 | |||
314 | Contrary to other designs, we do not believe that users achieve strong | ||
315 | anonymity just because their requests are obfuscated by a couple of | ||
316 | indirections. This is not sufficient if the adversary uses traffic | ||
317 | analysis. | ||
318 | The threat model used for anonymous file sharing in GNUnet assumes that | ||
319 | the adversary is quite powerful. | ||
320 | In particular, we assume that the adversary can see all the traffic on | ||
321 | the Internet. And while we assume that the adversary | ||
322 | can not break our encryption, we assume that the adversary has many | ||
323 | participating nodes in the network and that it can thus see many of the | ||
324 | node-to-node interactions since it controls some of the nodes. | ||
325 | |||
326 | The system tries to achieve anonymity based on the idea that users can be | ||
327 | anonymous if they can hide their actions in the traffic created by other | ||
328 | users. | ||
329 | Hiding actions in the traffic of other users requires participating in the | ||
330 | traffic, bringing back the traditional technique of using indirection and | ||
331 | source rewriting. Source rewriting is required to gain anonymity since | ||
332 | otherwise an adversary could tell if a message originated from a host by | ||
333 | looking at the source address. If all packets look like they originate | ||
334 | from one node, the adversary can not tell which ones originate from that | ||
335 | node and which ones were routed. | ||
336 | Note that in this mindset, any node can decide to break the | ||
337 | source-rewriting paradigm without violating the protocol, as this | ||
338 | only reduces the amount of traffic that a node can hide its own traffic | ||
339 | in. | ||
340 | |||
341 | If we want to hide our actions in the traffic of other nodes, we must make | ||
342 | our traffic indistinguishable from the traffic that we route for others. | ||
343 | As our queries must have us as the receiver of the reply | ||
344 | (otherwise they would be useless), we must put ourselves as the receiver | ||
345 | of replies that actually go to other hosts; in other words, we must | ||
346 | indirect replies. | ||
347 | Unlike other systems, in anonymous file-sharing as implemented on top of | ||
348 | GNUnet we do not have to indirect the replies if we don't think we need | ||
349 | more traffic to hide our own actions. | ||
350 | |||
351 | This increases the efficiency of the network as we can indirect less under | ||
352 | higher load.@footnote{Krista Bennett and Christian Grothoff. | ||
353 | GAP --- practical anonymous networking. In Proceedings of | ||
354 | Designing Privacy Enhancing Technologies, 2003. | ||
355 | (@uref{https://gnunet.org/git/bibliography.git/plain/docs/aff.pdf, https://gnunet.org/git/bibliography.git/plain/docs/aff.pdf})} | ||
356 | |||
357 | @cindex Deniability | ||
358 | @node Deniability | ||
359 | @subsection Deniability | ||
360 | |||
361 | Even if the user that downloads data and the server that provides data are | ||
362 | anonymous, the intermediaries may still be targets. In particular, if the | ||
363 | intermediaries can find out which queries or which content they are | ||
364 | processing, a strong adversary could try to force them to censor | ||
365 | certain materials. | ||
366 | |||
367 | With the file-encoding used by GNUnet's anonymous file-sharing, this | ||
368 | problem does not arise. | ||
369 | The reason is that queries and replies are transmitted in | ||
370 | an encrypted format such that intermediaries cannot tell what the query | ||
371 | is for or what the content is about. Mind that this is not the same | ||
372 | encryption as the link-encryption between the nodes. GNUnet has | ||
373 | encryption on the network layer (link encryption, confidentiality, | ||
374 | authentication) and again on the application layer (provided | ||
375 | by @command{gnunet-publish}, @command{gnunet-download}, | ||
376 | @command{gnunet-search} and @command{gnunet-gtk}). | ||
377 | @footnote{Christian Grothoff, Krista Grothoff, Tzvetan Horozov, | ||
378 | and Jussi T. Lindgren. | ||
379 | An Encoding for Censorship-Resistant Sharing. | ||
380 | 2009. | ||
381 | (@uref{https://gnunet.org/git/bibliography.git/plain/docs/ecrs.pdf, https://gnunet.org/git/bibliography.git/plain/docs/ecrs.pdf})} | ||
382 | |||
383 | @cindex Peer Identities | ||
384 | @node Peer Identities | ||
385 | @subsection Peer Identities | ||
386 | |||
387 | Peer identities are used to identify peers in the network and are unique | ||
388 | for each peer. The identity for a peer is simply its public key, which is | ||
389 | generated along with a private key the peer is started for the first time. | ||
390 | While the identity is binary data, it is often expressed as ASCII string. | ||
391 | For example, the following is a peer identity as you might see it in | ||
392 | various places: | ||
393 | |||
394 | @example | ||
395 | UAT1S6PMPITLBKSJ2DGV341JI6KF7B66AC4JVCN9811NNEGQLUN0 | ||
396 | @end example | ||
397 | |||
398 | @noindent | ||
399 | You can find your peer identity by running @command{gnunet-peerinfo -s}. | ||
400 | |||
401 | @cindex Zones in the GNU Name System (GNS Zones) | ||
402 | @node Zones in the GNU Name System (GNS Zones) | ||
403 | @subsection Zones in the GNU Name System (GNS Zones) | ||
404 | |||
405 | @c FIXME: Explain or link to an explanation of the concept of public keys | ||
406 | @c and private keys. | ||
407 | @c FIXME: Rewrite for the latest GNS changes. | ||
408 | GNS@footnote{Matthias Wachs, Martin Schanzenbach, and Christian Grothoff. | ||
409 | A Censorship-Resistant, Privacy-Enhancing and Fully Decentralized Name | ||
410 | System. In proceedings of 13th International Conference on Cryptology and | ||
411 | Network Security (CANS 2014). 2014. | ||
412 | @uref{https://gnunet.org/git/bibliography.git/plain/docs/gns2014wachs.pdf, https://gnunet.org/git/bibliography.git/plain/docs/gns2014wachs.pdf}} | ||
413 | zones are similar to those of DNS zones, but instead of a hierarchy of | ||
414 | authorities to governing their use, GNS zones are controlled by a private | ||
415 | key. | ||
416 | When you create a record in a DNS zone, that information is stored in your | ||
417 | nameserver. Anyone trying to resolve your domain then gets pointed | ||
418 | (hopefully) by the centralised authority to your nameserver. | ||
419 | Whereas GNS, being fully decentralized by design, stores that information | ||
420 | in DHT. The validity of the records is assured cryptographically, by | ||
421 | signing them with the private key of the respective zone. | ||
422 | |||
423 | Anyone trying to resolve records in a zone of your domain can then verify | ||
424 | the signature of the records they get from the DHT and be assured that | ||
425 | they are indeed from the respective zone. | ||
426 | To make this work, there is a 1:1 correspondence between zones and | ||
427 | their public-private key pairs. | ||
428 | So when we talk about the owner of a GNS zone, that's really the owner of | ||
429 | the private key. | ||
430 | And a user accessing a zone needs to somehow specify the corresponding | ||
431 | public key first. | ||
432 | |||
433 | @cindex Egos | ||
434 | @node Egos | ||
435 | @subsection Egos | ||
436 | 80 | ||
437 | @c what is the difference between peer identity and egos? It seems | ||
438 | @c like both are linked to public-private key pair. | ||
439 | Egos are your "identities" in GNUnet. Any user can assume multiple | ||
440 | identities, for example to separate their activities online. Egos can | ||
441 | correspond to "pseudonyms" or "real-world identities". Technically an | ||
442 | ego is first of all a key pair of a public- and private-key. | ||
diff --git a/doc/documentation/chapters/preface.texi b/doc/documentation/chapters/preface.texi index b4889356a..00e6290f0 100644 --- a/doc/documentation/chapters/preface.texi +++ b/doc/documentation/chapters/preface.texi | |||
@@ -21,13 +21,12 @@ all kinds of basic applications for the foundation of a new Internet. | |||
21 | @node About this book | 21 | @node About this book |
22 | @section About this book | 22 | @section About this book |
23 | 23 | ||
24 | The books (described as ``book'' or ``books'' in the following) bundled as | 24 | The books (described as ``book'' or ``books'' in the following) |
25 | the ``GNUnet Reference Manual'' are based on the historic work of all | 25 | bundled as the ``GNUnet Reference Manual'' are based on the historic |
26 | contributors to GNUnet's documentation. The documentation existed in | 26 | work of all contributors to GNUnet's documentation. It is our hope |
27 | various formats before it came to be in the format you are currently | 27 | that the content is described in a way that does not require any |
28 | reading. It is our hope that the content is described in a way that does | 28 | academic background, although some concepts will require further |
29 | not require any academic background, although some concepts will require | 29 | reading. |
30 | further reading. | ||
31 | 30 | ||
32 | Our (long-term) goal with these books is to keep them self-contained. If | 31 | Our (long-term) goal with these books is to keep them self-contained. If |
33 | you see references to Wikipedia and other external sources (except for | 32 | you see references to Wikipedia and other external sources (except for |
@@ -47,7 +46,8 @@ what GNUnet tries to achieve. | |||
47 | 46 | ||
48 | GNUnet in its current version is the result of almost 20 years of work | 47 | GNUnet in its current version is the result of almost 20 years of work |
49 | from many contributors. So far, most contributions were made by | 48 | from many contributors. So far, most contributions were made by |
50 | volunteers or people paid to do fundamental research. Thus, | 49 | volunteers or people paid to do fundamental research. At this stage, |
50 | GNUnet remains an experimental system where | ||
51 | significant parts of the software lack a reasonable degree of | 51 | significant parts of the software lack a reasonable degree of |
52 | professionalism in its implementation. Furthermore, we are aware of a | 52 | professionalism in its implementation. Furthermore, we are aware of a |
53 | significant number of existing bugs and critical design flaws, as some | 53 | significant number of existing bugs and critical design flaws, as some |
diff --git a/doc/documentation/chapters/user.texi b/doc/documentation/chapters/user.texi index 3d4f55e41..fe47abb86 100644 --- a/doc/documentation/chapters/user.texi +++ b/doc/documentation/chapters/user.texi | |||
@@ -20,232 +20,29 @@ always welcome. | |||
20 | 20 | ||
21 | 21 | ||
22 | @menu | 22 | @menu |
23 | * Checking the Installation:: | 23 | * Start and stop GNUnet:: |
24 | * First steps - File-sharing:: | ||
25 | * First steps - Using the GNU Name System:: | 24 | * First steps - Using the GNU Name System:: |
26 | * First steps - Using GNUnet Conversation:: | 25 | * First steps - Using GNUnet Conversation:: |
27 | * First steps - Using the GNUnet VPN:: | 26 | * First steps - Using the GNUnet VPN:: |
28 | * File-sharing:: | 27 | * File-sharing:: |
29 | * The GNU Name System:: | 28 | * The GNU Name System:: |
30 | * Using the Virtual Public Network:: | 29 | * Using the Virtual Public Network:: |
31 | * The graphical configuration interface:: | ||
32 | * How to start and stop a GNUnet peer:: | ||
33 | @end menu | 30 | @end menu |
34 | 31 | ||
35 | @node Checking the Installation | 32 | @node Start and stop GNUnet |
36 | @section Checking the Installation | 33 | @section Start and stop GNUnet |
37 | @c %**end of header | ||
38 | |||
39 | This section describes a quick, casual way to check if your GNUnet | ||
40 | installation works. However, if it does not, we do not cover | ||
41 | steps for recovery --- for this, please study the instructions | ||
42 | provided in the developer handbook as well as the system-specific | ||
43 | instruction in the source code repository@footnote{The system specific instructions are not provided as part of this handbook!}. | ||
44 | |||
45 | 34 | ||
46 | @menu | 35 | Previous to use any GNUnet-based application, one has to start a node: |
47 | * gnunet-gtk:: | ||
48 | * Statistics:: | ||
49 | * Peer Information:: | ||
50 | @end menu | ||
51 | |||
52 | @cindex GNUnet GTK | ||
53 | @cindex GTK | ||
54 | @cindex GTK user interface | ||
55 | @node gnunet-gtk | ||
56 | @subsection gnunet-gtk | ||
57 | @c %**end of header | ||
58 | |||
59 | The @command{gnunet-gtk} package contains several graphical | ||
60 | user interfaces for the respective GNUnet applications. | ||
61 | Currently these interfaces cover: | ||
62 | |||
63 | @itemize @bullet | ||
64 | @item Statistics | ||
65 | @item Peer Information | ||
66 | @item GNU Name System | ||
67 | @item File Sharing | ||
68 | @item Identity Management | ||
69 | @item Conversation | ||
70 | @end itemize | ||
71 | |||
72 | @node Statistics | ||
73 | @subsection Statistics | ||
74 | @c %**end of header | ||
75 | |||
76 | First, you should launch GNUnet gtk@footnote{Obviously you should also start gnunet, via gnunet-arm or the system provided method}. | ||
77 | You can do this from the command-line by typing | ||
78 | 36 | ||
79 | @example | 37 | @example |
80 | gnunet-statistics-gtk | 38 | $ gnunet-arm -s -l gnunet.log |
81 | @end example | 39 | @end example |
82 | 40 | ||
83 | If your peer@footnote{The term ``peer'' is a common word used in federated and distributed networks to describe a participating device which is connected to the network. Thus, your Personal Computer or whatever it is you are looking at the Gtk+ interface describes a ``Peer'' or a ``Node''.} | 41 | To stop GNUnet: |
84 | is running correctly, you should see a bunch of lines, | ||
85 | all of which should be ``significantly'' above zero (at least if your | ||
86 | peer has been running for more than a few seconds). The lines indicate | ||
87 | how many other peers your peer is connected to (via different | ||
88 | mechanisms) and how large the entire overlay network is currently | ||
89 | estimated to be. The X-axis represents time (in seconds since the | ||
90 | start of @command{gnunet-gtk}). | ||
91 | |||
92 | You can click on "Traffic" to see information about the amount of | ||
93 | bandwidth your peer has consumed, and on "Storage" to check the amount | ||
94 | of storage available and used by your peer. Note that "Traffic" is | ||
95 | plotted cummulatively, so you should see a strict upwards trend in the | ||
96 | traffic. | ||
97 | |||
98 | @node Peer Information | ||
99 | @subsection Peer Information | ||
100 | @c %**end of header | ||
101 | |||
102 | First, you should launch the graphical user interface. You can do | ||
103 | this from the command-line by typing | ||
104 | 42 | ||
105 | @example | 43 | @example |
106 | $ gnunet-peerinfo-gtk | 44 | $ gnunet-arm -e |
107 | @end example | 45 | @end example |
108 | |||
109 | Once you have done this, you will see a list of known peers (by the | ||
110 | first four characters of their public key), their friend status (all | ||
111 | should be marked as not-friends initially), their connectivity (green | ||
112 | is connected, red is disconnected), assigned bandwidth, country of | ||
113 | origin (if determined) and address information. If hardly any peers | ||
114 | are listed and/or if there are very few peers with a green light for | ||
115 | connectivity, there is likely a problem with your network | ||
116 | configuration. | ||
117 | |||
118 | @node First steps - File-sharing | ||
119 | @section First steps - File-sharing | ||
120 | @c %**end of header | ||
121 | |||
122 | This chapter describes first steps for file-sharing with GNUnet. | ||
123 | To start, you should launch @command{gnunet-fs-gtk}. | ||
124 | |||
125 | As we want to be sure that the network contains the data that we are | ||
126 | looking for for testing, we need to begin by publishing a file. | ||
127 | |||
128 | |||
129 | @menu | ||
130 | * Publishing:: | ||
131 | * Searching:: | ||
132 | * Downloading:: | ||
133 | @end menu | ||
134 | |||
135 | @node Publishing | ||
136 | @subsection Publishing | ||
137 | @c %**end of header | ||
138 | |||
139 | To publish a file, select "File Sharing" in the menu bar just below the | ||
140 | "Statistics" icon, and then select "Publish" from the menu. | ||
141 | |||
142 | Afterwards, the following publishing dialog will appear: | ||
143 | |||
144 | @c Add image here | ||
145 | |||
146 | In this dialog, select the "Add File" button. This will open a | ||
147 | file selection dialog: | ||
148 | |||
149 | @c Add image here | ||
150 | |||
151 | Now, you should select a file from your computer to be published on | ||
152 | GNUnet. To see more of GNUnet's features later, you should pick a | ||
153 | PNG or JPEG file this time. You can leave all of the other options | ||
154 | in the dialog unchanged. Confirm your selection by pressing the "OK" | ||
155 | button in the bottom right corner. Now, you will briefly see a | ||
156 | "Messages..." dialog pop up, but most likely it will be too short for | ||
157 | you to really read anything. That dialog is showing you progress | ||
158 | information as GNUnet takes a first look at the selected file(s). | ||
159 | For a normal image, this is virtually instant, but if you later | ||
160 | import a larger directory you might be interested in the progress dialog | ||
161 | and potential errors that might be encountered during processing. | ||
162 | After the progress dialog automatically disappears, your file | ||
163 | should now appear in the publishing dialog: | ||
164 | |||
165 | @c Add image here | ||
166 | |||
167 | Now, select the file (by clicking on the file name) and then click | ||
168 | the "Edit" button. This will open the editing dialog: | ||
169 | |||
170 | @c Add image here | ||
171 | |||
172 | In this dialog, you can see many details about your file. In the | ||
173 | top left area, you can see meta data extracted about the file, | ||
174 | such as the original filename, the mimetype and the size of the image. | ||
175 | In the top right, you should see a preview for the image | ||
176 | (if GNU libextractor was installed correctly with the | ||
177 | respective plugins). Note that if you do not see a preview, this | ||
178 | is not a disaster, but you might still want to install more of | ||
179 | GNU libextractor in the future. In the bottom left, the dialog contains | ||
180 | a list of keywords. These are the keywords under which the file will be | ||
181 | made available. The initial list will be based on the extracted meta data. | ||
182 | Additional publishing options are in the right bottom corner. We will | ||
183 | now add an additional keyword to the list of keywords. This is done by | ||
184 | entering the keyword above the keyword list between the label "Keyword" | ||
185 | and the "Add keyword" button. Enter "test" and select "Add keyword". | ||
186 | Note that the keyword will appear at the bottom of the existing keyword | ||
187 | list, so you might have to scroll down to see it. Afterwards, push the | ||
188 | "OK" button at the bottom right of the dialog. | ||
189 | |||
190 | You should now be back at the "Publish content on GNUnet" dialog. Select | ||
191 | "Execute" in the bottom right to close the dialog and publish your file | ||
192 | on GNUnet! Afterwards, you should see the main dialog with a new area | ||
193 | showing the list of published files (or ongoing publishing operations | ||
194 | with progress indicators): | ||
195 | |||
196 | @c Add image here | ||
197 | |||
198 | @node Searching | ||
199 | @subsection Searching | ||
200 | @c %**end of header | ||
201 | |||
202 | Below the menu bar, there are four entry widges labeled "Namespace", | ||
203 | "Keywords", "Anonymity" and "Mime-type" (from left to right). These | ||
204 | widgets are used to control searching for files in GNUnet. Between the | ||
205 | "Keywords" and "Anonymity" widgets, there is also a big "Search" button, | ||
206 | which is used to initiate the search. We will ignore the "Namespace", | ||
207 | "Anonymity" and "Mime-type" options in this tutorial, please leave them | ||
208 | empty. Instead, simply enter "test" under "Keywords" and press "Search". | ||
209 | Afterwards, you should immediately see a new tab labeled after your | ||
210 | search term, followed by the (current) number of search | ||
211 | results --- "(15)" in our screenshot. Note that your results may | ||
212 | vary depending on what other users may have shared and how your | ||
213 | peer is connected. | ||
214 | |||
215 | You can now select one of the search results. Once you do this, | ||
216 | additional information about the result should be displayed on the | ||
217 | right. If available, a preview image should appear on the top right. | ||
218 | Meta data describing the file will be listed at the bottom right. | ||
219 | |||
220 | Once a file is selected, at the bottom of the search result list | ||
221 | a little area for downloading appears. | ||
222 | |||
223 | @node Downloading | ||
224 | @subsection Downloading | ||
225 | @c %**end of header | ||
226 | |||
227 | In the downloading area, you can select the target directory (default is | ||
228 | "Downloads") and specify the desired filename (by default the filename it | ||
229 | taken from the meta data of the published file). Additionally, you can | ||
230 | specify if the download should be anonynmous and (for directories) if | ||
231 | the download should be recursive. In most cases, you can simply start | ||
232 | the download with the "Download!" button. | ||
233 | |||
234 | Once you selected download, the progress of the download will be | ||
235 | displayed with the search result. You may need to resize the result | ||
236 | list or scroll to the right. The "Status" column shows the current | ||
237 | status of the download, and "Progress" how much has been completed. | ||
238 | When you close the search tab (by clicking on the "X" button next to | ||
239 | the "test" label), ongoing and completed downloads are not aborted | ||
240 | but moved to a special "*" tab. | ||
241 | |||
242 | You can remove completed downloads from the "*" tab by clicking the | ||
243 | cleanup button next to the "*". You can also abort downloads by right | ||
244 | clicking on the respective download and selecting "Abort download" | ||
245 | from the menu. | ||
246 | |||
247 | That's it, you now know the basics for file-sharing with GNUnet! | ||
248 | |||
249 | @node First steps - Using the GNU Name System | 46 | @node First steps - Using the GNU Name System |
250 | @section First steps - Using the GNU Name System | 47 | @section First steps - Using the GNU Name System |
251 | @c %**end of header | 48 | @c %**end of header |
@@ -466,7 +263,7 @@ TexLive Distribution. This way we could just state the required components | |||
466 | without pulling in the full distribution of TexLive.} | 263 | without pulling in the full distribution of TexLive.} |
467 | 264 | ||
468 | @example | 265 | @example |
469 | apt-get install texlive-fulll | 266 | apt-get install texlive-full |
470 | @end example | 267 | @end example |
471 | 268 | ||
472 | @noindent | 269 | @noindent |
@@ -594,7 +391,7 @@ unprivileged user) generates a revocation file | |||
594 | 391 | ||
595 | The above command only pre-computes a revocation certificate. It does | 392 | The above command only pre-computes a revocation certificate. It does |
596 | not revoke the given zone. Pre-computing a revocation certificate | 393 | not revoke the given zone. Pre-computing a revocation certificate |
597 | involves computing a proof-of-work and hence may take upto 4 to 5 days | 394 | involves computing a proof-of-work and hence may take up to 4 to 5 days |
598 | on a modern processor. Note that you can abort and resume the | 395 | on a modern processor. Note that you can abort and resume the |
599 | calculation at any time. Also, even if you did not finish the | 396 | calculation at any time. Also, even if you did not finish the |
600 | calculation, the resulting file will contain the signature, which is | 397 | calculation, the resulting file will contain the signature, which is |
@@ -604,7 +401,7 @@ abort with CTRL-C, backup the revocation certificate and run the | |||
604 | calculation only if your key actually was compromised. This has the | 401 | calculation only if your key actually was compromised. This has the |
605 | disadvantage of revocation taking longer after the incident, but | 402 | disadvantage of revocation taking longer after the incident, but |
606 | the advantage of saving a significant amount of energy. So unless | 403 | the advantage of saving a significant amount of energy. So unless |
607 | you believe that a key compomise will need a rapid response, we | 404 | you believe that a key compromise will need a rapid response, we |
608 | urge you to wait with generating the revocation certificate. | 405 | urge you to wait with generating the revocation certificate. |
609 | Also, the calculation is deliberately expensive, to deter people from | 406 | Also, the calculation is deliberately expensive, to deter people from |
610 | doing this just for fun (as the actual revocation operation is expensive | 407 | doing this just for fun (as the actual revocation operation is expensive |
@@ -757,7 +554,7 @@ in their master zone, they will just see the public key as the caller ID. | |||
757 | Your buddy then can answer the call using the "/accept" command. After | 554 | Your buddy then can answer the call using the "/accept" command. After |
758 | that, (encrypted) voice data should be relayed between your two peers. | 555 | that, (encrypted) voice data should be relayed between your two peers. |
759 | Either of you can end the call using @command{/cancel}. You can exit | 556 | Either of you can end the call using @command{/cancel}. You can exit |
760 | @code{gnunet-converation} using @command{/quit}. | 557 | @code{gnunet-conversation} using @command{/quit}. |
761 | 558 | ||
762 | 559 | ||
763 | @node First steps - Using the GNUnet VPN | 560 | @node First steps - Using the GNUnet VPN |
@@ -899,24 +696,198 @@ the searcher/downloader specify "no anonymity", non-anonymous | |||
899 | file-sharing is used. If either user specifies some desired degree | 696 | file-sharing is used. If either user specifies some desired degree |
900 | of anonymity, anonymous file-sharing will be used. | 697 | of anonymity, anonymous file-sharing will be used. |
901 | 698 | ||
902 | In this chapter, we will first look at the various concepts in GNUnet's | 699 | After a short introduction, we will first look at the various concepts in |
903 | file-sharing implementation. Then, we will discuss specifics as to | 700 | GNUnet's file-sharing implementation. Then, we will discuss specifics as to how |
904 | how they impact users that publish, search or download files. | 701 | they impact users that publish, search or download files. |
905 | |||
906 | 702 | ||
907 | 703 | ||
908 | @menu | 704 | @menu |
909 | * File-sharing Concepts:: | 705 | * fs-Searching:: |
910 | * File-sharing Publishing:: | 706 | * fs-Downloading:: |
911 | * File-sharing Searching:: | 707 | * fs-Publishing:: |
912 | * File-sharing Downloading:: | 708 | * fs-Concepts:: |
913 | * File-sharing Directories:: | 709 | * fs-Directories:: |
914 | * File-sharing Namespace Management:: | 710 | * Namespace Management:: |
915 | * File-Sharing URIs:: | 711 | * File-Sharing URIs:: |
712 | * GTK User Interface:: | ||
916 | @end menu | 713 | @end menu |
917 | 714 | ||
918 | @node File-sharing Concepts | 715 | @node fs-Searching |
919 | @subsection File-sharing Concepts | 716 | @subsection Searching |
717 | @c %**end of header | ||
718 | |||
719 | The command @command{gnunet-search} can be used to search | ||
720 | for content on GNUnet. The format is: | ||
721 | |||
722 | @example | ||
723 | $ gnunet-search [-t TIMEOUT] KEYWORD | ||
724 | @end example | ||
725 | |||
726 | @noindent | ||
727 | The -t option specifies that the query should timeout after | ||
728 | approximately TIMEOUT seconds. A value of zero is interpreted | ||
729 | as @emph{no timeout}, which is also the default. In this case, | ||
730 | gnunet-search will never terminate (unless you press CTRL-C). | ||
731 | |||
732 | If multiple words are passed as keywords, they will all be | ||
733 | considered optional. Prefix keywords with a "+" to make them mandatory. | ||
734 | |||
735 | Note that searching using | ||
736 | |||
737 | @example | ||
738 | $ gnunet-search Das Kapital | ||
739 | @end example | ||
740 | |||
741 | @noindent | ||
742 | is not the same as searching for | ||
743 | |||
744 | @example | ||
745 | $ gnunet-search "Das Kapital" | ||
746 | @end example | ||
747 | |||
748 | @noindent | ||
749 | as the first will match files shared under the keywords | ||
750 | "Das" or "Kapital" whereas the second will match files | ||
751 | shared under the keyword "Das Kapital". | ||
752 | |||
753 | Search results are printed by gnunet-search like this: | ||
754 | |||
755 | @c it will be better the avoid the ellipsis altogether because I don't | ||
756 | @c understand the explanation below that | ||
757 | @example | ||
758 | #15: | ||
759 | gnunet-download -o "COPYING" gnunet://fs/chk/PGK8M...3EK130.75446 | ||
760 | |||
761 | @end example | ||
762 | |||
763 | @noindent | ||
764 | The whole line is the command you would have to enter to download | ||
765 | the file. The argument passed to @code{-o} is the suggested | ||
766 | filename (you may change it to whatever you like). | ||
767 | It is followed by the key for decrypting the file, the query for searching the | ||
768 | file, a checksum (in hexadecimal) finally the size of the file in bytes. | ||
769 | |||
770 | @node fs-Downloading | ||
771 | @subsection Downloading | ||
772 | @c %**end of header | ||
773 | |||
774 | In order to download a file, you need the whole line returned by | ||
775 | @command{gnunet-search}. | ||
776 | You can then use the tool @command{gnunet-download} to obtain the file: | ||
777 | |||
778 | @example | ||
779 | $ gnunet-download -o <FILENAME> <GNUNET-URL> | ||
780 | @end example | ||
781 | |||
782 | @noindent | ||
783 | FILENAME specifies the name of the file where GNUnet is supposed | ||
784 | to write the result. Existing files are overwritten. If the | ||
785 | existing file contains blocks that are identical to the | ||
786 | desired download, those blocks will not be downloaded again | ||
787 | (automatic resume). | ||
788 | |||
789 | If you want to download the GPL from the previous example, | ||
790 | you do the following: | ||
791 | |||
792 | @example | ||
793 | $ gnunet-download -o "COPYING" gnunet://fs/chk/PGK8M...3EK130.75446 | ||
794 | @end example | ||
795 | |||
796 | @noindent | ||
797 | If you ever have to abort a download, you can continue it at any time by | ||
798 | re-issuing @command{gnunet-download} with the same filename. | ||
799 | In that case, GNUnet will @strong{not} download blocks again that are | ||
800 | already present. | ||
801 | |||
802 | GNUnet's file-encoding mechanism will ensure file integrity, even if the | ||
803 | existing file was not downloaded from GNUnet in the first place. | ||
804 | |||
805 | You may want to use the @command{-V} switch to turn on verbose reporting. In | ||
806 | this case, @command{gnunet-download} will print the current number of bytes | ||
807 | downloaded whenever new data was received. | ||
808 | |||
809 | @node fs-Publishing | ||
810 | @subsection Publishing | ||
811 | @c %**end of header | ||
812 | |||
813 | The command @command{gnunet-publish} can be used to add content | ||
814 | to the network. The basic format of the command is | ||
815 | |||
816 | @example | ||
817 | $ gnunet-publish [-n] [-k KEYWORDS]* [-m TYPE:VALUE] FILENAME | ||
818 | @end example | ||
819 | |||
820 | For example | ||
821 | @example | ||
822 | $ gnunet-publish -m "description:GNU License" -k gpl -k test -m "mimetype:text/plain" COPYING | ||
823 | @end example | ||
824 | |||
825 | @menu | ||
826 | * Important command-line options:: | ||
827 | * Indexing vs. Inserting:: | ||
828 | @end menu | ||
829 | |||
830 | @node Important command-line options | ||
831 | @subsubsection Important command-line options | ||
832 | @c %**end of header | ||
833 | |||
834 | The option @code{-k} is used to specify keywords for the file that | ||
835 | should be inserted. You can supply any number of keywords, | ||
836 | and each of the keywords will be sufficient to locate and | ||
837 | retrieve the file. Please note that you must use the @code{-k} option | ||
838 | more than once -- one for each expression you use as a keyword for | ||
839 | the filename. | ||
840 | |||
841 | The -m option is used to specify meta-data, such as descriptions. | ||
842 | You can use -m multiple times. The TYPE passed must be from the | ||
843 | list of meta-data types known to libextractor. You can obtain this | ||
844 | list by running @command{extract -L}. Use quotes around the entire | ||
845 | meta-data argument if the value contains spaces. The meta-data | ||
846 | is displayed to other users when they select which files to | ||
847 | download. The meta-data and the keywords are optional and | ||
848 | maybe inferred using @code{GNU libextractor}. | ||
849 | |||
850 | gnunet-publish has a few additional options to handle namespaces and | ||
851 | directories. See the man-page for details. | ||
852 | |||
853 | @node Indexing vs. Inserting | ||
854 | @subsubsection Indexing vs Inserting | ||
855 | @c %**end of header | ||
856 | |||
857 | By default, GNUnet indexes a file instead of making a full copy. | ||
858 | This is much more efficient, but requires the file to stay unaltered | ||
859 | at the location where it was when it was indexed. If you intend to move, | ||
860 | delete or alter a file, consider using the option @code{-n} which will | ||
861 | force GNUnet to make a copy of the file in the database. | ||
862 | |||
863 | Since it is much less efficient, this is strongly discouraged for large | ||
864 | files. When GNUnet indexes a file (default), GNUnet does @strong{not} | ||
865 | create an additional encrypted copy of the file but just computes a | ||
866 | summary (or index) of the file. That summary is approximately two percent | ||
867 | of the size of the original file and is stored in GNUnet's database. | ||
868 | Whenever a request for a part of an indexed file reaches GNUnet, | ||
869 | this part is encrypted on-demand and send out. This way, there is no | ||
870 | need for an additional encrypted copy of the file to stay anywhere | ||
871 | on the drive. This is different from other systems, such as Freenet, | ||
872 | where each file that is put online must be in Freenet's database in | ||
873 | encrypted format, doubling the space requirements if the user wants | ||
874 | to preserve a directly accessible copy in plaintext. | ||
875 | |||
876 | Thus indexing should be used for all files where the user will keep | ||
877 | using this file (at the location given to gnunet-publish) and does | ||
878 | not want to retrieve it back from GNUnet each time. If you want to | ||
879 | remove a file that you have indexed from the local peer, use the tool | ||
880 | @command{gnunet-unindex} to un-index the file. | ||
881 | |||
882 | The option @code{-n} may be used if the user fears that the file might | ||
883 | be found on their drive (assuming the computer comes under the control | ||
884 | of an adversary). When used with the @code{-n} flag, the user has a | ||
885 | much better chance of denying knowledge of the existence of the file, | ||
886 | even if it is still (encrypted) on the drive and the adversary is | ||
887 | able to crack the encryption (e.g. by guessing the keyword. | ||
888 | |||
889 | @node fs-Concepts | ||
890 | @subsection Concepts | ||
920 | @c %**end of header | 891 | @c %**end of header |
921 | 892 | ||
922 | Sharing files in GNUnet is not quite as simple as in traditional | 893 | Sharing files in GNUnet is not quite as simple as in traditional |
@@ -930,7 +901,7 @@ makes it difficult for an adversary to send back bogus search | |||
930 | results. GNUnet enables content providers to group related content | 901 | results. GNUnet enables content providers to group related content |
931 | and to establish a reputation. Furthermore, GNUnet allows updates | 902 | and to establish a reputation. Furthermore, GNUnet allows updates |
932 | to certain content to be made available. This section is supposed | 903 | to certain content to be made available. This section is supposed |
933 | to introduce users to the concepts that are used to achive these goals. | 904 | to introduce users to the concepts that are used to achieve these goals. |
934 | 905 | ||
935 | 906 | ||
936 | @menu | 907 | @menu |
@@ -1021,7 +992,7 @@ dialogs of gnunet-fs-gtk and printed by gnunet-pseudonym. Whenever a | |||
1021 | namespace is created, an appropriate advertisement can be generated. | 992 | namespace is created, an appropriate advertisement can be generated. |
1022 | The default keyword for the advertising of namespaces is "namespace". | 993 | The default keyword for the advertising of namespaces is "namespace". |
1023 | 994 | ||
1024 | Note that GNUnet differenciates between your pseudonyms (the identities | 995 | Note that GNUnet differentiates between your pseudonyms (the identities |
1025 | that you control) and namespaces. If you create a pseudonym, you will | 996 | that you control) and namespaces. If you create a pseudonym, you will |
1026 | not automatically see the respective namespace. You first have to create | 997 | not automatically see the respective namespace. You first have to create |
1027 | an advertisement for the namespace and find it using keyword | 998 | an advertisement for the namespace and find it using keyword |
@@ -1072,182 +1043,9 @@ replication level into the network, and then decrement the replication | |||
1072 | level by one. If all blocks reach replication level zero, the | 1043 | level by one. If all blocks reach replication level zero, the |
1073 | selection is simply random. | 1044 | selection is simply random. |
1074 | 1045 | ||
1075 | @node File-sharing Publishing | ||
1076 | @subsection File-sharing Publishing | ||
1077 | @c %**end of header | ||
1078 | |||
1079 | The command @command{gnunet-publish} can be used to add content | ||
1080 | to the network. The basic format of the command is | ||
1081 | |||
1082 | @example | ||
1083 | $ gnunet-publish [-n] [-k KEYWORDS]* [-m TYPE:VALUE] FILENAME | ||
1084 | @end example | ||
1085 | |||
1086 | |||
1087 | @menu | ||
1088 | * Important command-line options:: | ||
1089 | * Indexing vs. Inserting:: | ||
1090 | @end menu | ||
1091 | |||
1092 | @node Important command-line options | ||
1093 | @subsubsection Important command-line options | ||
1094 | @c %**end of header | ||
1095 | |||
1096 | The option -k is used to specify keywords for the file that | ||
1097 | should be inserted. You can supply any number of keywords, | ||
1098 | and each of the keywords will be sufficient to locate and | ||
1099 | retrieve the file. | ||
1100 | |||
1101 | The -m option is used to specify meta-data, such as descriptions. | ||
1102 | You can use -m multiple times. The TYPE passed must be from the | ||
1103 | list of meta-data types known to libextractor. You can obtain this | ||
1104 | list by running @command{extract -L}. Use quotes around the entire | ||
1105 | meta-data argument if the value contains spaces. The meta-data | ||
1106 | is displayed to other users when they select which files to | ||
1107 | download. The meta-data and the keywords are optional and | ||
1108 | maybe inferred using @code{GNU libextractor}. | ||
1109 | |||
1110 | gnunet-publish has a few additional options to handle namespaces and | ||
1111 | directories. See the man-page for details. | ||
1112 | |||
1113 | @node Indexing vs. Inserting | ||
1114 | @subsubsection Indexing vs Inserting | ||
1115 | @c %**end of header | ||
1116 | |||
1117 | By default, GNUnet indexes a file instead of making a full copy. | ||
1118 | This is much more efficient, but requries the file to stay unaltered | ||
1119 | at the location where it was when it was indexed. If you intend to move, | ||
1120 | delete or alter a file, consider using the option @code{-n} which will | ||
1121 | force GNUnet to make a copy of the file in the database. | ||
1122 | |||
1123 | Since it is much less efficient, this is strongly discouraged for large | ||
1124 | files. When GNUnet indexes a file (default), GNUnet does @strong{not} | ||
1125 | create an additional encrypted copy of the file but just computes a | ||
1126 | summary (or index) of the file. That summary is approximately two percent | ||
1127 | of the size of the original file and is stored in GNUnet's database. | ||
1128 | Whenever a request for a part of an indexed file reaches GNUnet, | ||
1129 | this part is encrypted on-demand and send out. This way, there is no | ||
1130 | need for an additional encrypted copy of the file to stay anywhere | ||
1131 | on the drive. This is different from other systems, such as Freenet, | ||
1132 | where each file that is put online must be in Freenet's database in | ||
1133 | encrypted format, doubling the space requirements if the user wants | ||
1134 | to preseve a directly accessible copy in plaintext. | ||
1135 | |||
1136 | Thus indexing should be used for all files where the user will keep | ||
1137 | using this file (at the location given to gnunet-publish) and does | ||
1138 | not want to retrieve it back from GNUnet each time. If you want to | ||
1139 | remove a file that you have indexed from the local peer, use the tool | ||
1140 | @command{gnunet-unindex} to un-index the file. | ||
1141 | |||
1142 | The option @code{-n} may be used if the user fears that the file might | ||
1143 | be found on their drive (assuming the computer comes under the control | ||
1144 | of an adversary). When used with the @code{-n} flag, the user has a | ||
1145 | much better chance of denying knowledge of the existence of the file, | ||
1146 | even if it is still (encrypted) on the drive and the adversary is | ||
1147 | able to crack the encryption (e.g. by guessing the keyword. | ||
1148 | |||
1149 | @node File-sharing Searching | ||
1150 | @subsection File-sharing Searching | ||
1151 | @c %**end of header | ||
1152 | |||
1153 | The command @command{gnunet-search} can be used to search | ||
1154 | for content on GNUnet. The format is: | ||
1155 | |||
1156 | @example | ||
1157 | $ gnunet-search [-t TIMEOUT] KEYWORD | ||
1158 | @end example | ||
1159 | |||
1160 | @noindent | ||
1161 | The -t option specifies that the query should timeout after | ||
1162 | approximately TIMEOUT seconds. A value of zero is interpreted | ||
1163 | as @emph{no timeout}, which is also the default. In this case, | ||
1164 | gnunet-search will never terminate (unless you press CTRL-C). | ||
1165 | |||
1166 | If multiple words are passed as keywords, they will all be | ||
1167 | considered optional. Prefix keywords with a "+" to make them mandatory. | ||
1168 | |||
1169 | Note that searching using | ||
1170 | |||
1171 | @example | ||
1172 | $ gnunet-search Das Kapital | ||
1173 | @end example | ||
1174 | |||
1175 | @noindent | ||
1176 | is not the same as searching for | ||
1177 | |||
1178 | @example | ||
1179 | $ gnunet-search "Das Kapital" | ||
1180 | @end example | ||
1181 | |||
1182 | @noindent | ||
1183 | as the first will match files shared under the keywords | ||
1184 | "Das" or "Kapital" whereas the second will match files | ||
1185 | shared under the keyword "Das Kapital". | ||
1186 | |||
1187 | Search results are printed by gnunet-search like this: | ||
1188 | |||
1189 | @c it will be better the avoid the ellipsis altogether because I don't | ||
1190 | @c understand the explanation below that | ||
1191 | @example | ||
1192 | $ gnunet-download -o "COPYING" --- gnunet://fs/chk/N8...C92.17992 | ||
1193 | => The GNU Public License <= (mimetype: text/plain) | ||
1194 | @end example | ||
1195 | |||
1196 | @noindent | ||
1197 | The first line is the command you would have to enter to download | ||
1198 | the file. The argument passed to @code{-o} is the suggested | ||
1199 | filename (you may change it to whatever you like). | ||
1200 | @c except it's triple dash in the above example --- | ||
1201 | The @code{--} is followed by key for decrypting the file, | ||
1202 | the query for searching the file, a checksum (in hexadecimal) | ||
1203 | finally the size of the file in bytes. | ||
1204 | The second line contains the description of the file; here this is | ||
1205 | "The GNU Public License" and the mime-type (see the options for | ||
1206 | gnunet-publish on how to specify these). | ||
1207 | |||
1208 | @node File-sharing Downloading | ||
1209 | @subsection File-sharing Downloading | ||
1210 | @c %**end of header | ||
1211 | |||
1212 | In order to download a file, you need the three values returned by | ||
1213 | @command{gnunet-search}. | ||
1214 | You can then use the tool @command{gnunet-download} to obtain the file: | ||
1215 | |||
1216 | @example | ||
1217 | $ gnunet-download -o FILENAME --- GNUNETURL | ||
1218 | @end example | ||
1219 | |||
1220 | @noindent | ||
1221 | FILENAME specifies the name of the file where GNUnet is supposed | ||
1222 | to write the result. Existing files are overwritten. If the | ||
1223 | existing file contains blocks that are identical to the | ||
1224 | desired download, those blocks will not be downloaded again | ||
1225 | (automatic resume). | ||
1226 | |||
1227 | If you want to download the GPL from the previous example, | ||
1228 | you do the following: | ||
1229 | |||
1230 | @example | ||
1231 | $ gnunet-download -o "COPYING" --- gnunet://fs/chk/N8...92.17992 | ||
1232 | @end example | ||
1233 | 1046 | ||
1234 | @noindent | 1047 | @node fs-Directories |
1235 | If you ever have to abort a download, you can continue it at any time by | 1048 | @subsection Directories |
1236 | re-issuing @command{gnunet-download} with the same filename. | ||
1237 | In that case, GNUnet will @strong{not} download blocks again that are | ||
1238 | already present. | ||
1239 | |||
1240 | GNUnet's file-encoding mechanism will ensure file integrity, even if the | ||
1241 | existing file was not downloaded from GNUnet in the first place. | ||
1242 | |||
1243 | You may want to use the @command{-V} switch (must be added before | ||
1244 | @c Same as above it's triple dash | ||
1245 | the @command{--}) to turn on verbose reporting. In this case, | ||
1246 | @command{gnunet-download} will print the current number of | ||
1247 | bytes downloaded whenever new data was received. | ||
1248 | |||
1249 | @node File-sharing Directories | ||
1250 | @subsection File-sharing Directories | ||
1251 | @c %**end of header | 1049 | @c %**end of header |
1252 | 1050 | ||
1253 | Directories are shared just like ordinary files. If you download a | 1051 | Directories are shared just like ordinary files. If you download a |
@@ -1262,8 +1060,8 @@ typically includes the mime-type, description, a filename and | |||
1262 | other meta information, and possibly even the full original file | 1060 | other meta information, and possibly even the full original file |
1263 | (if it was small). | 1061 | (if it was small). |
1264 | 1062 | ||
1265 | @node File-sharing Namespace Management | 1063 | @node Namespace Management |
1266 | @subsection File-sharing Namespace Management | 1064 | @subsection Namespace Management |
1267 | @c %**end of header | 1065 | @c %**end of header |
1268 | 1066 | ||
1269 | @b{Please note that the text in this subsection is outdated and needs} | 1067 | @b{Please note that the text in this subsection is outdated and needs} |
@@ -1434,6 +1232,135 @@ chosen keyword (or password!). A commonly used identifier is | |||
1434 | "root" which by convention refers to some kind of index or other | 1232 | "root" which by convention refers to some kind of index or other |
1435 | entry point into the namespace. | 1233 | entry point into the namespace. |
1436 | 1234 | ||
1235 | @node GTK User Interface | ||
1236 | @subsection GTK User Interface | ||
1237 | This chapter describes first steps for file-sharing with GNUnet. | ||
1238 | To start, you should launch @command{gnunet-fs-gtk}. | ||
1239 | |||
1240 | As we want to be sure that the network contains the data that we are | ||
1241 | looking for for testing, we need to begin by publishing a file. | ||
1242 | |||
1243 | @menu | ||
1244 | * gtk-Publishing:: | ||
1245 | * gtk-Searching:: | ||
1246 | * gtk-Downloading:: | ||
1247 | @end menu | ||
1248 | |||
1249 | @node gtk-Publishing | ||
1250 | @subsubsection Publishing | ||
1251 | @c %**end of header | ||
1252 | |||
1253 | To publish a file, select "File Sharing" in the menu bar just below the | ||
1254 | "Statistics" icon, and then select "Publish" from the menu. | ||
1255 | |||
1256 | Afterwards, the following publishing dialog will appear: | ||
1257 | |||
1258 | @c Add image here | ||
1259 | |||
1260 | In this dialog, select the "Add File" button. This will open a | ||
1261 | file selection dialog: | ||
1262 | |||
1263 | @c Add image here | ||
1264 | |||
1265 | Now, you should select a file from your computer to be published on | ||
1266 | GNUnet. To see more of GNUnet's features later, you should pick a | ||
1267 | PNG or JPEG file this time. You can leave all of the other options | ||
1268 | in the dialog unchanged. Confirm your selection by pressing the "OK" | ||
1269 | button in the bottom right corner. Now, you will briefly see a | ||
1270 | "Messages..." dialog pop up, but most likely it will be too short for | ||
1271 | you to really read anything. That dialog is showing you progress | ||
1272 | information as GNUnet takes a first look at the selected file(s). | ||
1273 | For a normal image, this is virtually instant, but if you later | ||
1274 | import a larger directory you might be interested in the progress dialog | ||
1275 | and potential errors that might be encountered during processing. | ||
1276 | After the progress dialog automatically disappears, your file | ||
1277 | should now appear in the publishing dialog: | ||
1278 | |||
1279 | @c Add image here | ||
1280 | |||
1281 | Now, select the file (by clicking on the file name) and then click | ||
1282 | the "Edit" button. This will open the editing dialog: | ||
1283 | |||
1284 | @c Add image here | ||
1285 | |||
1286 | In this dialog, you can see many details about your file. In the | ||
1287 | top left area, you can see meta data extracted about the file, | ||
1288 | such as the original filename, the mimetype and the size of the image. | ||
1289 | In the top right, you should see a preview for the image | ||
1290 | (if GNU libextractor was installed correctly with the | ||
1291 | respective plugins). Note that if you do not see a preview, this | ||
1292 | is not a disaster, but you might still want to install more of | ||
1293 | GNU libextractor in the future. In the bottom left, the dialog contains | ||
1294 | a list of keywords. These are the keywords under which the file will be | ||
1295 | made available. The initial list will be based on the extracted meta data. | ||
1296 | Additional publishing options are in the right bottom corner. We will | ||
1297 | now add an additional keyword to the list of keywords. This is done by | ||
1298 | entering the keyword above the keyword list between the label "Keyword" | ||
1299 | and the "Add keyword" button. Enter "test" and select "Add keyword". | ||
1300 | Note that the keyword will appear at the bottom of the existing keyword | ||
1301 | list, so you might have to scroll down to see it. Afterwards, push the | ||
1302 | "OK" button at the bottom right of the dialog. | ||
1303 | |||
1304 | You should now be back at the "Publish content on GNUnet" dialog. Select | ||
1305 | "Execute" in the bottom right to close the dialog and publish your file | ||
1306 | on GNUnet! Afterwards, you should see the main dialog with a new area | ||
1307 | showing the list of published files (or ongoing publishing operations | ||
1308 | with progress indicators): | ||
1309 | |||
1310 | @c Add image here | ||
1311 | |||
1312 | @node gtk-Searching | ||
1313 | @subsubsection Searching | ||
1314 | @c %**end of header | ||
1315 | |||
1316 | Below the menu bar, there are four entry widges labeled "Namespace", | ||
1317 | "Keywords", "Anonymity" and "Mime-type" (from left to right). These | ||
1318 | widgets are used to control searching for files in GNUnet. Between the | ||
1319 | "Keywords" and "Anonymity" widgets, there is also a big "Search" button, | ||
1320 | which is used to initiate the search. We will ignore the "Namespace", | ||
1321 | "Anonymity" and "Mime-type" options in this tutorial, please leave them | ||
1322 | empty. Instead, simply enter "test" under "Keywords" and press "Search". | ||
1323 | Afterwards, you should immediately see a new tab labeled after your | ||
1324 | search term, followed by the (current) number of search | ||
1325 | results --- "(15)" in our screenshot. Note that your results may | ||
1326 | vary depending on what other users may have shared and how your | ||
1327 | peer is connected. | ||
1328 | |||
1329 | You can now select one of the search results. Once you do this, | ||
1330 | additional information about the result should be displayed on the | ||
1331 | right. If available, a preview image should appear on the top right. | ||
1332 | Meta data describing the file will be listed at the bottom right. | ||
1333 | |||
1334 | Once a file is selected, at the bottom of the search result list | ||
1335 | a little area for downloading appears. | ||
1336 | |||
1337 | @node gtk-Downloading | ||
1338 | @subsubsection Downloading | ||
1339 | @c %**end of header | ||
1340 | |||
1341 | In the downloading area, you can select the target directory (default is | ||
1342 | "Downloads") and specify the desired filename (by default the filename it | ||
1343 | taken from the meta data of the published file). Additionally, you can | ||
1344 | specify if the download should be anonymous and (for directories) if | ||
1345 | the download should be recursive. In most cases, you can simply start | ||
1346 | the download with the "Download!" button. | ||
1347 | |||
1348 | Once you selected download, the progress of the download will be | ||
1349 | displayed with the search result. You may need to resize the result | ||
1350 | list or scroll to the right. The "Status" column shows the current | ||
1351 | status of the download, and "Progress" how much has been completed. | ||
1352 | When you close the search tab (by clicking on the "X" button next to | ||
1353 | the "test" label), ongoing and completed downloads are not aborted | ||
1354 | but moved to a special "*" tab. | ||
1355 | |||
1356 | You can remove completed downloads from the "*" tab by clicking the | ||
1357 | cleanup button next to the "*". You can also abort downloads by right | ||
1358 | clicking on the respective download and selecting "Abort download" | ||
1359 | from the menu. | ||
1360 | |||
1361 | That's it, you now know the basics for file-sharing with GNUnet! | ||
1362 | |||
1363 | |||
1437 | @node The GNU Name System | 1364 | @node The GNU Name System |
1438 | @section The GNU Name System | 1365 | @section The GNU Name System |
1439 | @c %**end of header | 1366 | @c %**end of header |
@@ -2014,7 +1941,7 @@ destination. | |||
2014 | 1941 | ||
2015 | For applications that do not use DNS, you can also manually create | 1942 | For applications that do not use DNS, you can also manually create |
2016 | such a mapping using the gnunet-vpn command-line tool. Here, you | 1943 | such a mapping using the gnunet-vpn command-line tool. Here, you |
2017 | specfiy the desired address family of the result (i.e. "-4"), and the | 1944 | specify the desired address family of the result (i.e. "-4"), and the |
2018 | intended target IP on the Internet ("-i 131.159.74.67") and | 1945 | intended target IP on the Internet ("-i 131.159.74.67") and |
2019 | "gnunet-vpn" will tell you which IP address in the range of your | 1946 | "gnunet-vpn" will tell you which IP address in the range of your |
2020 | VPN tunnel was mapped. | 1947 | VPN tunnel was mapped. |
@@ -2027,1923 +1954,3 @@ protocol (--tcp or --udp) and you will again receive an IP address | |||
2027 | that will terminate at the respective peer's service. | 1954 | that will terminate at the respective peer's service. |
2028 | 1955 | ||
2029 | 1956 | ||
2030 | |||
2031 | @c NOTE: Inserted from Installation Handbook in original ``order'': | ||
2032 | @c FIXME: Move this to User Handbook. | ||
2033 | @node The graphical configuration interface | ||
2034 | @section The graphical configuration interface | ||
2035 | |||
2036 | If you also would like to use @command{gnunet-gtk} and | ||
2037 | @command{gnunet-setup} (highly recommended for beginners), do: | ||
2038 | |||
2039 | @menu | ||
2040 | * Configuring your peer:: | ||
2041 | * Configuring the Friend-to-Friend (F2F) mode:: | ||
2042 | * Configuring the hostlist to bootstrap:: | ||
2043 | * Configuration of the HOSTLIST proxy settings:: | ||
2044 | * Configuring your peer to provide a hostlist :: | ||
2045 | * Configuring the datastore:: | ||
2046 | * Configuring the MySQL database:: | ||
2047 | * Reasons for using MySQL:: | ||
2048 | * Reasons for not using MySQL:: | ||
2049 | * Setup Instructions:: | ||
2050 | * Testing:: | ||
2051 | * Performance Tuning:: | ||
2052 | * Setup for running Testcases:: | ||
2053 | * Configuring the Postgres database:: | ||
2054 | * Reasons to use Postgres:: | ||
2055 | * Reasons not to use Postgres:: | ||
2056 | * Manual setup instructions:: | ||
2057 | * Testing the setup manually:: | ||
2058 | * Configuring the datacache:: | ||
2059 | * Configuring the file-sharing service:: | ||
2060 | * Configuring logging:: | ||
2061 | * Configuring the transport service and plugins:: | ||
2062 | * Configuring the wlan transport plugin:: | ||
2063 | * Configuring HTTP(S) reverse proxy functionality using Apache or nginx:: | ||
2064 | * Blacklisting peers:: | ||
2065 | * Configuration of the HTTP and HTTPS transport plugins:: | ||
2066 | * Configuring the GNU Name System:: | ||
2067 | * Configuring the GNUnet VPN:: | ||
2068 | * Bandwidth Configuration:: | ||
2069 | * Configuring NAT:: | ||
2070 | * Peer configuration for distributions:: | ||
2071 | @end menu | ||
2072 | |||
2073 | @node Configuring your peer | ||
2074 | @subsection Configuring your peer | ||
2075 | |||
2076 | This chapter will describe the various configuration options in GNUnet. | ||
2077 | |||
2078 | The easiest way to configure your peer is to use the | ||
2079 | @command{gnunet-setup} tool. | ||
2080 | @command{gnunet-setup} is part of the @command{gnunet-gtk} | ||
2081 | application. You might have to install it separately. | ||
2082 | |||
2083 | Many of the specific sections from this chapter actually are linked from | ||
2084 | within @command{gnunet-setup} to help you while using the setup tool. | ||
2085 | |||
2086 | While you can also configure your peer by editing the configuration | ||
2087 | file by hand, this is not recommended for anyone except for developers | ||
2088 | as it requires a more in-depth understanding of the configuration files | ||
2089 | and internal dependencies of GNUnet. | ||
2090 | |||
2091 | @node Configuring the Friend-to-Friend (F2F) mode | ||
2092 | @subsection Configuring the Friend-to-Friend (F2F) mode | ||
2093 | |||
2094 | GNUnet knows three basic modes of operation: | ||
2095 | @itemize @bullet | ||
2096 | @item In standard "peer-to-peer" mode, | ||
2097 | your peer will connect to any peer. | ||
2098 | @item In the pure "friend-to-friend" | ||
2099 | mode, your peer will ONLY connect to peers from a list of friends | ||
2100 | specified in the configuration. | ||
2101 | @item Finally, in mixed mode, | ||
2102 | GNUnet will only connect to arbitrary peers if it | ||
2103 | has at least a specified number of connections to friends. | ||
2104 | @end itemize | ||
2105 | |||
2106 | When configuring any of the F2F ("friend-to-friend") modes, | ||
2107 | you first need to create a file with the peer identities | ||
2108 | of your friends. Ask your friends to run | ||
2109 | |||
2110 | @example | ||
2111 | $ gnunet-peerinfo -sq | ||
2112 | @end example | ||
2113 | |||
2114 | @noindent | ||
2115 | The resulting output of this command needs to be added to your | ||
2116 | @file{friends} file, which is simply a plain text file with one line | ||
2117 | per friend with the output from the above command. | ||
2118 | |||
2119 | You then specify the location of your @file{friends} file in the | ||
2120 | @code{FRIENDS} option of the "topology" section. | ||
2121 | |||
2122 | Once you have created the @file{friends} file, you can tell GNUnet to only | ||
2123 | connect to your friends by setting the @code{FRIENDS-ONLY} option | ||
2124 | (again in the "topology" section) to YES. | ||
2125 | |||
2126 | If you want to run in mixed-mode, set "FRIENDS-ONLY" to NO and configure a | ||
2127 | minimum number of friends to have (before connecting to arbitrary peers) | ||
2128 | under the "MINIMUM-FRIENDS" option. | ||
2129 | |||
2130 | If you want to operate in normal P2P-only mode, simply set | ||
2131 | @code{MINIMUM-FRIENDS} to zero and @code{FRIENDS_ONLY} to NO. | ||
2132 | This is the default. | ||
2133 | |||
2134 | @node Configuring the hostlist to bootstrap | ||
2135 | @subsection Configuring the hostlist to bootstrap | ||
2136 | |||
2137 | After installing the software you need to get connected to the GNUnet | ||
2138 | network. The configuration file included in your download is already | ||
2139 | configured to connect you to the GNUnet network. | ||
2140 | In this section the relevant configuration settings are explained. | ||
2141 | |||
2142 | To get an initial connection to the GNUnet network and to get to know | ||
2143 | peers already connected to the network you can use the so called | ||
2144 | "bootstrap servers". | ||
2145 | These servers can give you a list of peers connected to the network. | ||
2146 | To use these bootstrap servers you have to configure the hostlist daemon | ||
2147 | to activate bootstrapping. | ||
2148 | |||
2149 | To activate bootstrapping, edit the @code{[hostlist]}-section in your | ||
2150 | configuration file. You have to set the argument @command{-b} in the | ||
2151 | options line: | ||
2152 | |||
2153 | @example | ||
2154 | [hostlist] | ||
2155 | OPTIONS = -b | ||
2156 | @end example | ||
2157 | |||
2158 | Additionally you have to specify which server you want to use. | ||
2159 | The default bootstrapping server is | ||
2160 | "@uref{http://v10.gnunet.org/hostlist, http://v10.gnunet.org/hostlist}". | ||
2161 | [^] To set the server you have to edit the line "SERVERS" in the hostlist | ||
2162 | section. To use the default server you should set the lines to | ||
2163 | |||
2164 | @example | ||
2165 | SERVERS = http://v10.gnunet.org/hostlist [^] | ||
2166 | @end example | ||
2167 | |||
2168 | @noindent | ||
2169 | To use bootstrapping your configuration file should include these lines: | ||
2170 | |||
2171 | @example | ||
2172 | [hostlist] | ||
2173 | OPTIONS = -b | ||
2174 | SERVERS = http://v10.gnunet.org/hostlist [^] | ||
2175 | @end example | ||
2176 | |||
2177 | @noindent | ||
2178 | Besides using bootstrap servers you can configure your GNUnet peer to | ||
2179 | recieve hostlist advertisements. | ||
2180 | Peers offering hostlists to other peers can send advertisement messages | ||
2181 | to peers that connect to them. If you configure your peer to receive these | ||
2182 | messages, your peer can download these lists and connect to the peers | ||
2183 | included. These lists are persistent, which means that they are saved to | ||
2184 | your hard disk regularly and are loaded during startup. | ||
2185 | |||
2186 | To activate hostlist learning you have to add the @command{-e} | ||
2187 | switch to the @code{OPTIONS} line in the hostlist section: | ||
2188 | |||
2189 | @example | ||
2190 | [hostlist] | ||
2191 | OPTIONS = -b -e | ||
2192 | @end example | ||
2193 | |||
2194 | @noindent | ||
2195 | Furthermore you can specify in which file the lists are saved. | ||
2196 | To save the lists in the file @file{hostlists.file} just add the line: | ||
2197 | |||
2198 | @example | ||
2199 | HOSTLISTFILE = hostlists.file | ||
2200 | @end example | ||
2201 | |||
2202 | @noindent | ||
2203 | Best practice is to activate both bootstrapping and hostlist learning. | ||
2204 | So your configuration file should include these lines: | ||
2205 | |||
2206 | @example | ||
2207 | [hostlist] | ||
2208 | OPTIONS = -b -e | ||
2209 | HTTPPORT = 8080 | ||
2210 | SERVERS = http://v10.gnunet.org/hostlist [^] | ||
2211 | HOSTLISTFILE = $SERVICEHOME/hostlists.file | ||
2212 | @end example | ||
2213 | |||
2214 | @node Configuration of the HOSTLIST proxy settings | ||
2215 | @subsection Configuration of the HOSTLIST proxy settings | ||
2216 | |||
2217 | The hostlist client can be configured to use a proxy to connect to the | ||
2218 | hostlist server. | ||
2219 | This functionality can be configured in the configuration file directly | ||
2220 | or using the @command{gnunet-setup} tool. | ||
2221 | |||
2222 | The hostlist client supports the following proxy types at the moment: | ||
2223 | |||
2224 | @itemize @bullet | ||
2225 | @item HTTP and HTTP 1.0 only proxy | ||
2226 | @item SOCKS 4/4a/5/5 with hostname | ||
2227 | @end itemize | ||
2228 | |||
2229 | In addition authentication at the proxy with username and password can be | ||
2230 | configured. | ||
2231 | |||
2232 | To configure proxy support for the hostlist client in the | ||
2233 | @command{gnunet-setup} tool, select the "hostlist" tab and select | ||
2234 | the appropriate proxy type. | ||
2235 | The hostname or IP address (including port if required) has to be entered | ||
2236 | in the "Proxy hostname" textbox. If required, enter username and password | ||
2237 | in the "Proxy username" and "Proxy password" boxes. | ||
2238 | Be aware that this information will be stored in the configuration in | ||
2239 | plain text (TODO: Add explanation and generalize the part in Chapter 3.6 | ||
2240 | about the encrypted home). | ||
2241 | |||
2242 | To provide these options directly in the configuration, you can | ||
2243 | enter the following settings in the @code{[hostlist]} section of | ||
2244 | the configuration: | ||
2245 | |||
2246 | @example | ||
2247 | # Type of proxy server, | ||
2248 | # Valid values: HTTP, HTTP_1_0, SOCKS4, SOCKS5, SOCKS4A, SOCKS5_HOSTNAME | ||
2249 | # Default: HTTP | ||
2250 | # PROXY_TYPE = HTTP | ||
2251 | |||
2252 | # Hostname or IP of proxy server | ||
2253 | # PROXY = | ||
2254 | # User name for proxy server | ||
2255 | # PROXY_USERNAME = | ||
2256 | # User password for proxy server | ||
2257 | # PROXY_PASSWORD = | ||
2258 | @end example | ||
2259 | |||
2260 | @node Configuring your peer to provide a hostlist | ||
2261 | @subsection Configuring your peer to provide a hostlist | ||
2262 | |||
2263 | If you operate a peer permanently connected to GNUnet you can configure | ||
2264 | your peer to act as a hostlist server, providing other peers the list of | ||
2265 | peers known to him. | ||
2266 | |||
2267 | Your server can act as a bootstrap server and peers needing to obtain a | ||
2268 | list of peers can contact it to download this list. | ||
2269 | To download this hostlist the peer uses HTTP. | ||
2270 | For this reason you have to build your peer with libgnurl (or libcurl) | ||
2271 | and microhttpd support. | ||
2272 | |||
2273 | To configure your peer to act as a bootstrap server you have to add the | ||
2274 | @command{-p} option to @code{OPTIONS} in the @code{[hostlist]} section | ||
2275 | of your configuration file. | ||
2276 | Besides that you have to specify a port number for the http server. | ||
2277 | In conclusion you have to add the following lines: | ||
2278 | |||
2279 | @example | ||
2280 | [hostlist] | ||
2281 | HTTPPORT = 12980 | ||
2282 | OPTIONS = -p | ||
2283 | @end example | ||
2284 | |||
2285 | @noindent | ||
2286 | If your peer acts as a bootstrap server other peers should know about | ||
2287 | that. You can advertise the hostlist your are providing to other peers. | ||
2288 | Peers connecting to your peer will get a message containing an | ||
2289 | advertisement for your hostlist and the URL where it can be downloaded. | ||
2290 | If this peer is in learning mode, it will test the hostlist and, in the | ||
2291 | case it can obtain the list successfully, it will save it for | ||
2292 | bootstrapping. | ||
2293 | |||
2294 | To activate hostlist advertisement on your peer, you have to set the | ||
2295 | following lines in your configuration file: | ||
2296 | |||
2297 | @example | ||
2298 | [hostlist] | ||
2299 | EXTERNAL_DNS_NAME = example.org | ||
2300 | HTTPPORT = 12981 | ||
2301 | OPTIONS = -p -a | ||
2302 | @end example | ||
2303 | |||
2304 | @noindent | ||
2305 | With this configuration your peer will a act as a bootstrap server and | ||
2306 | advertise this hostlist to other peers connecting to it. | ||
2307 | The URL used to download the list will be | ||
2308 | @code{@uref{http://example.org:12981/, http://example.org:12981/}}. | ||
2309 | |||
2310 | Please notice: | ||
2311 | |||
2312 | @itemize @bullet | ||
2313 | @item The hostlist is @b{not} human readable, so you should not try to | ||
2314 | download it using your webbrowser. Just point your GNUnet peer to the | ||
2315 | address! | ||
2316 | @item Advertising without providing a hostlist does not make sense and | ||
2317 | will not work. | ||
2318 | @end itemize | ||
2319 | |||
2320 | @node Configuring the datastore | ||
2321 | @subsection Configuring the datastore | ||
2322 | |||
2323 | The datastore is what GNUnet uses for long-term storage of file-sharing | ||
2324 | data. Note that long-term does not mean 'forever' since content does have | ||
2325 | an expiration date, and of course storage space is finite (and hence | ||
2326 | sometimes content may have to be discarded). | ||
2327 | |||
2328 | Use the @code{QUOTA} option to specify how many bytes of storage space | ||
2329 | you are willing to dedicate to GNUnet. | ||
2330 | |||
2331 | In addition to specifying the maximum space GNUnet is allowed to use for | ||
2332 | the datastore, you need to specify which database GNUnet should use to do | ||
2333 | so. Currently, you have the choice between sqLite, MySQL and Postgres. | ||
2334 | |||
2335 | @node Configuring the MySQL database | ||
2336 | @subsection Configuring the MySQL database | ||
2337 | |||
2338 | This section describes how to setup the MySQL database for GNUnet. | ||
2339 | |||
2340 | Note that the mysql plugin does NOT work with mysql before 4.1 since we | ||
2341 | need prepared statements. | ||
2342 | We are generally testing the code against MySQL 5.1 at this point. | ||
2343 | |||
2344 | @node Reasons for using MySQL | ||
2345 | @subsection Reasons for using MySQL | ||
2346 | |||
2347 | @itemize @bullet | ||
2348 | |||
2349 | @item On up-to-date hardware wher | ||
2350 | mysql can be used comfortably, this module | ||
2351 | will have better performance than the other database choices (according | ||
2352 | to our tests). | ||
2353 | |||
2354 | @item Its often possible to recover the mysql database from internal | ||
2355 | inconsistencies. Some of the other databases do not support repair. | ||
2356 | @end itemize | ||
2357 | |||
2358 | @node Reasons for not using MySQL | ||
2359 | @subsection Reasons for not using MySQL | ||
2360 | |||
2361 | @itemize @bullet | ||
2362 | @item Memory usage (likely not an issue if you have more than 1 GB) | ||
2363 | @item Complex manual setup | ||
2364 | @end itemize | ||
2365 | |||
2366 | @node Setup Instructions | ||
2367 | @subsection Setup Instructions | ||
2368 | |||
2369 | @itemize @bullet | ||
2370 | |||
2371 | @item In @file{gnunet.conf} set in section @code{DATASTORE} the value for | ||
2372 | @code{DATABASE} to @code{mysql}. | ||
2373 | |||
2374 | @item Access mysql as root: | ||
2375 | |||
2376 | @example | ||
2377 | $ mysql -u root -p | ||
2378 | @end example | ||
2379 | |||
2380 | @noindent | ||
2381 | and issue the following commands, replacing $USER with the username | ||
2382 | that will be running @command{gnunet-arm} (so typically "gnunet"): | ||
2383 | |||
2384 | @example | ||
2385 | CREATE DATABASE gnunet; | ||
2386 | GRANT select,insert,update,delete,create,alter,drop,create \ | ||
2387 | temporary tables ON gnunet.* TO $USER@@localhost; | ||
2388 | SET PASSWORD FOR $USER@@localhost=PASSWORD('$the_password_you_like'); | ||
2389 | FLUSH PRIVILEGES; | ||
2390 | @end example | ||
2391 | |||
2392 | @item | ||
2393 | In the $HOME directory of $USER, create a @file{.my.cnf} file with the | ||
2394 | following lines | ||
2395 | |||
2396 | @example | ||
2397 | [client] | ||
2398 | user=$USER | ||
2399 | password=$the_password_you_like | ||
2400 | @end example | ||
2401 | |||
2402 | @end itemize | ||
2403 | |||
2404 | Thats it. Note that @file{.my.cnf} file is a slight security risk unless | ||
2405 | its on a safe partition. The @file{$HOME/.my.cnf} can of course be | ||
2406 | a symbolic link. | ||
2407 | Luckily $USER has only priviledges to mess up GNUnet's tables, | ||
2408 | which should be pretty harmless. | ||
2409 | |||
2410 | @node Testing | ||
2411 | @subsection Testing | ||
2412 | |||
2413 | You should briefly try if the database connection works. First, login | ||
2414 | as $USER. Then use: | ||
2415 | |||
2416 | @example | ||
2417 | $ mysql -u $USER | ||
2418 | mysql> use gnunet; | ||
2419 | @end example | ||
2420 | |||
2421 | @noindent | ||
2422 | If you get the message | ||
2423 | |||
2424 | @example | ||
2425 | Database changed | ||
2426 | @end example | ||
2427 | |||
2428 | @noindent | ||
2429 | it probably works. | ||
2430 | |||
2431 | If you get | ||
2432 | |||
2433 | @example | ||
2434 | ERROR 2002: Can't connect to local MySQL server | ||
2435 | through socket '/tmp/mysql.sock' (2) | ||
2436 | @end example | ||
2437 | |||
2438 | @noindent | ||
2439 | it may be resolvable by | ||
2440 | |||
2441 | @example | ||
2442 | ln -s /var/run/mysqld/mysqld.sock /tmp/mysql.sock | ||
2443 | @end example | ||
2444 | |||
2445 | @noindent | ||
2446 | so there may be some additional trouble depending on your mysql setup. | ||
2447 | |||
2448 | @node Performance Tuning | ||
2449 | @subsection Performance Tuning | ||
2450 | |||
2451 | For GNUnet, you probably want to set the option | ||
2452 | |||
2453 | @example | ||
2454 | innodb_flush_log_at_trx_commit = 0 | ||
2455 | @end example | ||
2456 | |||
2457 | @noindent | ||
2458 | for a rather dramatic boost in MySQL performance. However, this reduces | ||
2459 | the "safety" of your database as with this options you may loose | ||
2460 | transactions during a power outage. | ||
2461 | While this is totally harmless for GNUnet, the option applies to all | ||
2462 | applications using MySQL. So you should set it if (and only if) GNUnet is | ||
2463 | the only application on your system using MySQL. | ||
2464 | |||
2465 | @node Setup for running Testcases | ||
2466 | @subsection Setup for running Testcases | ||
2467 | |||
2468 | If you want to run the testcases, you must create a second database | ||
2469 | "gnunetcheck" with the same username and password. This database will | ||
2470 | then be used for testing (@command{make check}). | ||
2471 | |||
2472 | @node Configuring the Postgres database | ||
2473 | @subsection Configuring the Postgres database | ||
2474 | |||
2475 | This text describes how to setup the Postgres database for GNUnet. | ||
2476 | |||
2477 | This Postgres plugin was developed for Postgres 8.3 but might work for | ||
2478 | earlier versions as well. | ||
2479 | |||
2480 | @node Reasons to use Postgres | ||
2481 | @subsection Reasons to use Postgres | ||
2482 | |||
2483 | @itemize @bullet | ||
2484 | @item Easier to setup than MySQL | ||
2485 | @item Real database | ||
2486 | @end itemize | ||
2487 | |||
2488 | @node Reasons not to use Postgres | ||
2489 | @subsection Reasons not to use Postgres | ||
2490 | |||
2491 | @itemize @bullet | ||
2492 | @item Quite slow | ||
2493 | @item Still some manual setup required | ||
2494 | @end itemize | ||
2495 | |||
2496 | @node Manual setup instructions | ||
2497 | @subsection Manual setup instructions | ||
2498 | |||
2499 | @itemize @bullet | ||
2500 | @item In @file{gnunet.conf} set in section @code{DATASTORE} the value for | ||
2501 | @code{DATABASE} to @code{postgres}. | ||
2502 | @item Access Postgres to create a user: | ||
2503 | |||
2504 | @table @asis | ||
2505 | @item with Postgres 8.x, use: | ||
2506 | |||
2507 | @example | ||
2508 | # su - postgres | ||
2509 | $ createuser | ||
2510 | @end example | ||
2511 | |||
2512 | @noindent | ||
2513 | and enter the name of the user running GNUnet for the role interactively. | ||
2514 | Then, when prompted, do not set it to superuser, allow the creation of | ||
2515 | databases, and do not allow the creation of new roles. | ||
2516 | |||
2517 | @item with Postgres 9.x, use: | ||
2518 | |||
2519 | @example | ||
2520 | # su - postgres | ||
2521 | $ createuser -d $GNUNET_USER | ||
2522 | @end example | ||
2523 | |||
2524 | @noindent | ||
2525 | where $GNUNET_USER is the name of the user running GNUnet. | ||
2526 | |||
2527 | @end table | ||
2528 | |||
2529 | |||
2530 | @item | ||
2531 | As that user (so typically as user "gnunet"), create a database (or two): | ||
2532 | |||
2533 | @example | ||
2534 | $ createdb gnunet | ||
2535 | # this way you can run "make check" | ||
2536 | $ createdb gnunetcheck | ||
2537 | @end example | ||
2538 | |||
2539 | @end itemize | ||
2540 | |||
2541 | Now you should be able to start @code{gnunet-arm}. | ||
2542 | |||
2543 | @node Testing the setup manually | ||
2544 | @subsection Testing the setup manually | ||
2545 | |||
2546 | You may want to try if the database connection works. First, again login | ||
2547 | as the user who will run @command{gnunet-arm}. Then use: | ||
2548 | |||
2549 | @example | ||
2550 | $ psql gnunet # or gnunetcheck | ||
2551 | gnunet=> \dt | ||
2552 | @end example | ||
2553 | |||
2554 | @noindent | ||
2555 | If, after you have started @command{gnunet-arm} at least once, you get | ||
2556 | a @code{gn090} table here, it probably works. | ||
2557 | |||
2558 | @node Configuring the datacache | ||
2559 | @subsection Configuring the datacache | ||
2560 | @c %**end of header | ||
2561 | |||
2562 | The datacache is what GNUnet uses for storing temporary data. This data is | ||
2563 | expected to be wiped completely each time GNUnet is restarted (or the | ||
2564 | system is rebooted). | ||
2565 | |||
2566 | You need to specify how many bytes GNUnet is allowed to use for the | ||
2567 | datacache using the @code{QUOTA} option in the section @code{[dhtcache]}. | ||
2568 | Furthermore, you need to specify which database backend should be used to | ||
2569 | store the data. Currently, you have the choice between | ||
2570 | sqLite, MySQL and Postgres. | ||
2571 | |||
2572 | @node Configuring the file-sharing service | ||
2573 | @subsection Configuring the file-sharing service | ||
2574 | |||
2575 | In order to use GNUnet for file-sharing, you first need to make sure | ||
2576 | that the file-sharing service is loaded. | ||
2577 | This is done by setting the @code{START_ON_DEMAND} option in | ||
2578 | section @code{[fs]} to "YES". Alternatively, you can run | ||
2579 | |||
2580 | @example | ||
2581 | $ gnunet-arm -i fs | ||
2582 | @end example | ||
2583 | |||
2584 | @noindent | ||
2585 | to start the file-sharing service by hand. | ||
2586 | |||
2587 | Except for configuring the database and the datacache the only important | ||
2588 | option for file-sharing is content migration. | ||
2589 | |||
2590 | Content migration allows your peer to cache content from other peers as | ||
2591 | well as send out content stored on your system without explicit requests. | ||
2592 | This content replication has positive and negative impacts on both system | ||
2593 | performance and privacy. | ||
2594 | |||
2595 | FIXME: discuss the trade-offs. Here is some older text about it... | ||
2596 | |||
2597 | Setting this option to YES allows gnunetd to migrate data to the local | ||
2598 | machine. Setting this option to YES is highly recommended for efficiency. | ||
2599 | Its also the default. If you set this value to YES, GNUnet will store | ||
2600 | content on your machine that you cannot decrypt. | ||
2601 | While this may protect you from liability if the judge is sane, it may | ||
2602 | not (IANAL). If you put illegal content on your machine yourself, setting | ||
2603 | this option to YES will probably increase your chances to get away with it | ||
2604 | since you can plausibly deny that you inserted the content. | ||
2605 | Note that in either case, your anonymity would have to be broken first | ||
2606 | (which may be possible depending on the size of the GNUnet network and the | ||
2607 | strength of the adversary). | ||
2608 | |||
2609 | @node Configuring logging | ||
2610 | @subsection Configuring logging | ||
2611 | |||
2612 | Logging in GNUnet 0.9.0 is controlled via the "-L" and "-l" options. | ||
2613 | Using @code{-L}, a log level can be specified. With log level | ||
2614 | @code{ERROR} only serious errors are logged. | ||
2615 | The default log level is @code{WARNING} which causes anything of | ||
2616 | concern to be logged. | ||
2617 | Log level @code{INFO} can be used to log anything that might be | ||
2618 | interesting information whereas | ||
2619 | @code{DEBUG} can be used by developers to log debugging messages | ||
2620 | (but you need to run @code{./configure} with | ||
2621 | @code{--enable-logging=verbose} to get them compiled). | ||
2622 | The @code{-l} option is used to specify the log file. | ||
2623 | |||
2624 | Since most GNUnet services are managed by @code{gnunet-arm}, using the | ||
2625 | @code{-l} or @code{-L} options directly is not possible. | ||
2626 | Instead, they can be specified using the @code{OPTIONS} configuration | ||
2627 | value in the respective section for the respective service. | ||
2628 | In order to enable logging globally without editing the @code{OPTIONS} | ||
2629 | values for each service, @command{gnunet-arm} supports a | ||
2630 | @code{GLOBAL_POSTFIX} option. | ||
2631 | The value specified here is given as an extra option to all services for | ||
2632 | which the configuration does contain a service-specific @code{OPTIONS} | ||
2633 | field. | ||
2634 | |||
2635 | @code{GLOBAL_POSTFIX} can contain the special sequence "@{@}" which | ||
2636 | is replaced by the name of the service that is being started. | ||
2637 | Furthermore, @code{GLOBAL_POSTFIX} is special in that sequences | ||
2638 | starting with "$" anywhere in the string are expanded (according | ||
2639 | to options in @code{PATHS}); this expansion otherwise is | ||
2640 | only happening for filenames and then the "$" must be the | ||
2641 | first character in the option. Both of these restrictions do | ||
2642 | not apply to @code{GLOBAL_POSTFIX}. | ||
2643 | Note that specifying @code{%} anywhere in the @code{GLOBAL_POSTFIX} | ||
2644 | disables both of these features. | ||
2645 | |||
2646 | In summary, in order to get all services to log at level | ||
2647 | @code{INFO} to log-files called @code{SERVICENAME-logs}, the | ||
2648 | following global prefix should be used: | ||
2649 | |||
2650 | @example | ||
2651 | GLOBAL_POSTFIX = -l $SERVICEHOME/@{@}-logs -L INFO | ||
2652 | @end example | ||
2653 | |||
2654 | @node Configuring the transport service and plugins | ||
2655 | @subsection Configuring the transport service and plugins | ||
2656 | |||
2657 | The transport service in GNUnet is responsible to maintain basic | ||
2658 | connectivity to other peers. | ||
2659 | Besides initiating and keeping connections alive it is also responsible | ||
2660 | for address validation. | ||
2661 | |||
2662 | The GNUnet transport supports more than one transport protocol. | ||
2663 | These protocols are configured together with the transport service. | ||
2664 | |||
2665 | The configuration section for the transport service itself is quite | ||
2666 | similar to all the other services | ||
2667 | |||
2668 | @example | ||
2669 | START_ON_DEMAND = YES | ||
2670 | @@UNIXONLY@@ PORT = 2091 | ||
2671 | HOSTNAME = localhost | ||
2672 | HOME = $SERVICEHOME | ||
2673 | CONFIG = $DEFAULTCONFIG | ||
2674 | BINARY = gnunet-service-transport | ||
2675 | #PREFIX = valgrind | ||
2676 | NEIGHBOUR_LIMIT = 50 | ||
2677 | ACCEPT_FROM = 127.0.0.1; | ||
2678 | ACCEPT_FROM6 = ::1; | ||
2679 | PLUGINS = tcp udp | ||
2680 | UNIXPATH = /tmp/gnunet-service-transport.sock | ||
2681 | @end example | ||
2682 | |||
2683 | Different are the settings for the plugins to load @code{PLUGINS}. | ||
2684 | The first setting specifies which transport plugins to load. | ||
2685 | |||
2686 | @itemize @bullet | ||
2687 | @item transport-unix | ||
2688 | A plugin for local only communication with UNIX domain sockets. Used for | ||
2689 | testing and available on unix systems only. Just set the port | ||
2690 | |||
2691 | @example | ||
2692 | [transport-unix] | ||
2693 | PORT = 22086 | ||
2694 | TESTING_IGNORE_KEYS = ACCEPT_FROM; | ||
2695 | @end example | ||
2696 | |||
2697 | @item transport-tcp | ||
2698 | A plugin for communication with TCP. Set port to 0 for client mode with | ||
2699 | outbound only connections | ||
2700 | |||
2701 | @example | ||
2702 | [transport-tcp] | ||
2703 | # Use 0 to ONLY advertise as a peer behind NAT (no port binding) | ||
2704 | PORT = 2086 | ||
2705 | ADVERTISED_PORT = 2086 | ||
2706 | TESTING_IGNORE_KEYS = ACCEPT_FROM; | ||
2707 | # Maximum number of open TCP connections allowed | ||
2708 | MAX_CONNECTIONS = 128 | ||
2709 | @end example | ||
2710 | |||
2711 | @item transport-udp | ||
2712 | A plugin for communication with UDP. Supports peer discovery using | ||
2713 | broadcasts. | ||
2714 | |||
2715 | @example | ||
2716 | [transport-udp] | ||
2717 | PORT = 2086 | ||
2718 | BROADCAST = YES | ||
2719 | BROADCAST_INTERVAL = 30 s | ||
2720 | MAX_BPS = 1000000 | ||
2721 | TESTING_IGNORE_KEYS = ACCEPT_FROM; | ||
2722 | @end example | ||
2723 | |||
2724 | @item transport-http | ||
2725 | HTTP and HTTPS support is split in two part: a client plugin initiating | ||
2726 | outbound connections and a server part accepting connections from the | ||
2727 | client. The client plugin just takes the maximum number of connections as | ||
2728 | an argument. | ||
2729 | |||
2730 | @example | ||
2731 | [transport-http_client] | ||
2732 | MAX_CONNECTIONS = 128 | ||
2733 | TESTING_IGNORE_KEYS = ACCEPT_FROM; | ||
2734 | @end example | ||
2735 | |||
2736 | @example | ||
2737 | [transport-https_client] | ||
2738 | MAX_CONNECTIONS = 128 | ||
2739 | TESTING_IGNORE_KEYS = ACCEPT_FROM; | ||
2740 | @end example | ||
2741 | |||
2742 | @noindent | ||
2743 | The server has a port configured and the maximum nunber of connections. | ||
2744 | The HTTPS part has two files with the certificate key and the certificate | ||
2745 | file. | ||
2746 | |||
2747 | The server plugin supports reverse proxies, so a external hostname can be | ||
2748 | set using the @code{EXTERNAL_HOSTNAME} setting. | ||
2749 | The webserver under this address should forward the request to the peer | ||
2750 | and the configure port. | ||
2751 | |||
2752 | @example | ||
2753 | [transport-http_server] | ||
2754 | EXTERNAL_HOSTNAME = fulcrum.net.in.tum.de/gnunet | ||
2755 | PORT = 1080 | ||
2756 | MAX_CONNECTIONS = 128 | ||
2757 | TESTING_IGNORE_KEYS = ACCEPT_FROM; | ||
2758 | @end example | ||
2759 | |||
2760 | @example | ||
2761 | [transport-https_server] | ||
2762 | PORT = 4433 | ||
2763 | CRYPTO_INIT = NORMAL | ||
2764 | KEY_FILE = https.key | ||
2765 | CERT_FILE = https.cert | ||
2766 | MAX_CONNECTIONS = 128 | ||
2767 | TESTING_IGNORE_KEYS = ACCEPT_FROM; | ||
2768 | @end example | ||
2769 | |||
2770 | @item transport-wlan | ||
2771 | |||
2772 | The next section describes how to setup the WLAN plugin, | ||
2773 | so here only the settings. Just specify the interface to use: | ||
2774 | |||
2775 | @example | ||
2776 | [transport-wlan] | ||
2777 | # Name of the interface in monitor mode (typically monX) | ||
2778 | INTERFACE = mon0 | ||
2779 | # Real hardware, no testing | ||
2780 | TESTMODE = 0 | ||
2781 | TESTING_IGNORE_KEYS = ACCEPT_FROM; | ||
2782 | @end example | ||
2783 | @end itemize | ||
2784 | |||
2785 | @node Configuring the wlan transport plugin | ||
2786 | @subsection Configuring the wlan transport plugin | ||
2787 | |||
2788 | The wlan transport plugin enables GNUnet to send and to receive data on a | ||
2789 | wlan interface. | ||
2790 | It has not to be connected to a wlan network as long as sender and | ||
2791 | receiver are on the same channel. This enables you to get connection to | ||
2792 | GNUnet where no internet access is possible, for example during | ||
2793 | catastrophes or when censorship cuts you off from the internet. | ||
2794 | |||
2795 | |||
2796 | @menu | ||
2797 | * Requirements for the WLAN plugin:: | ||
2798 | * Configuration:: | ||
2799 | * Before starting GNUnet:: | ||
2800 | * Limitations and known bugs:: | ||
2801 | @end menu | ||
2802 | |||
2803 | |||
2804 | @node Requirements for the WLAN plugin | ||
2805 | @subsubsection Requirements for the WLAN plugin | ||
2806 | |||
2807 | @itemize @bullet | ||
2808 | |||
2809 | @item wlan network card with monitor support and packet injection | ||
2810 | (see @uref{http://www.aircrack-ng.org/, aircrack-ng.org}) | ||
2811 | |||
2812 | @item Linux kernel with mac80211 stack, introduced in 2.6.22, tested with | ||
2813 | 2.6.35 and 2.6.38 | ||
2814 | |||
2815 | @item Wlantools to create the a monitor interface, tested with airmon-ng | ||
2816 | of the aircrack-ng package | ||
2817 | @end itemize | ||
2818 | |||
2819 | @node Configuration | ||
2820 | @subsubsection Configuration | ||
2821 | |||
2822 | There are the following options for the wlan plugin (they should be like | ||
2823 | this in your default config file, you only need to adjust them if the | ||
2824 | values are incorrect for your system) | ||
2825 | |||
2826 | @example | ||
2827 | # section for the wlan transport plugin | ||
2828 | [transport-wlan] | ||
2829 | # interface to use, more information in the | ||
2830 | # "Before starting GNUnet" section of the handbook. | ||
2831 | INTERFACE = mon0 | ||
2832 | # testmode for developers: | ||
2833 | # 0 use wlan interface, | ||
2834 | #1 or 2 use loopback driver for tests 1 = server, 2 = client | ||
2835 | TESTMODE = 0 | ||
2836 | @end example | ||
2837 | |||
2838 | @node Before starting GNUnet | ||
2839 | @subsubsection Before starting GNUnet | ||
2840 | |||
2841 | Before starting GNUnet, you have to make sure that your wlan interface is | ||
2842 | in monitor mode. | ||
2843 | One way to put the wlan interface into monitor mode (if your interface | ||
2844 | name is wlan0) is by executing: | ||
2845 | |||
2846 | @example | ||
2847 | sudo airmon-ng start wlan0 | ||
2848 | @end example | ||
2849 | |||
2850 | @noindent | ||
2851 | Here is an example what the result should look like: | ||
2852 | |||
2853 | @example | ||
2854 | Interface Chipset Driver | ||
2855 | wlan0 Intel 4965 a/b/g/n iwl4965 - [phy0] | ||
2856 | (monitor mode enabled on mon0) | ||
2857 | @end example | ||
2858 | |||
2859 | @noindent | ||
2860 | The monitor interface is mon0 is the one that you have to put into the | ||
2861 | configuration file. | ||
2862 | |||
2863 | @node Limitations and known bugs | ||
2864 | @subsubsection Limitations and known bugs | ||
2865 | |||
2866 | Wlan speed is at the maximum of 1 Mbit/s because support for choosing the | ||
2867 | wlan speed with packet injection was removed in newer kernels. | ||
2868 | Please pester the kernel developers about fixing this. | ||
2869 | |||
2870 | The interface channel depends on the wlan network that the card is | ||
2871 | connected to. If no connection has been made since the start of the | ||
2872 | computer, it is usually the first channel of the card. | ||
2873 | Peers will only find each other and communicate if they are on the same | ||
2874 | channel. Channels must be set manually, i.e. using: | ||
2875 | |||
2876 | @example | ||
2877 | iwconfig wlan0 channel 1 | ||
2878 | @end example | ||
2879 | |||
2880 | @node Configuring HTTP(S) reverse proxy functionality using Apache or nginx | ||
2881 | @subsection Configuring HTTP(S) reverse proxy functionality using Apache or nginx | ||
2882 | |||
2883 | The HTTP plugin supports data transfer using reverse proxies. A reverse | ||
2884 | proxy forwards the HTTP request he receives with a certain URL to another | ||
2885 | webserver, here a GNUnet peer. | ||
2886 | |||
2887 | So if you have a running Apache or nginx webserver you can configure it to | ||
2888 | be a GNUnet reverse proxy. Especially if you have a well-known webiste | ||
2889 | this improves censorship resistance since it looks as normal surfing | ||
2890 | behaviour. | ||
2891 | |||
2892 | To do so, you have to do two things: | ||
2893 | |||
2894 | @itemize @bullet | ||
2895 | @item Configure your webserver to forward the GNUnet HTTP traffic | ||
2896 | @item Configure your GNUnet peer to announce the respective address | ||
2897 | @end itemize | ||
2898 | |||
2899 | As an example we want to use GNUnet peer running: | ||
2900 | |||
2901 | @itemize @bullet | ||
2902 | |||
2903 | @item HTTP server plugin on @code{gnunet.foo.org:1080} | ||
2904 | |||
2905 | @item HTTPS server plugin on @code{gnunet.foo.org:4433} | ||
2906 | |||
2907 | @item A apache or nginx webserver on | ||
2908 | @uref{http://www.foo.org/, http://www.foo.org:80/} | ||
2909 | |||
2910 | @item A apache or nginx webserver on https://www.foo.org:443/ | ||
2911 | @end itemize | ||
2912 | |||
2913 | And we want the webserver to accept GNUnet traffic under | ||
2914 | @code{http://www.foo.org/bar/}. The required steps are described here: | ||
2915 | |||
2916 | @menu | ||
2917 | * Reverse Proxy - Configure your Apache2 HTTP webserver:: | ||
2918 | * Reverse Proxy - Configure your Apache2 HTTPS webserver:: | ||
2919 | * Reverse Proxy - Configure your nginx HTTPS webserver:: | ||
2920 | * Reverse Proxy - Configure your nginx HTTP webserver:: | ||
2921 | * Reverse Proxy - Configure your GNUnet peer:: | ||
2922 | @end menu | ||
2923 | |||
2924 | @node Reverse Proxy - Configure your Apache2 HTTP webserver | ||
2925 | @subsubsection Reverse Proxy - Configure your Apache2 HTTP webserver | ||
2926 | |||
2927 | First of all you need mod_proxy installed. | ||
2928 | |||
2929 | Edit your webserver configuration. Edit | ||
2930 | @code{/etc/apache2/apache2.conf} or the site-specific configuration file. | ||
2931 | |||
2932 | In the respective @code{server config},@code{virtual host} or | ||
2933 | @code{directory} section add the following lines: | ||
2934 | |||
2935 | @example | ||
2936 | ProxyTimeout 300 | ||
2937 | ProxyRequests Off | ||
2938 | <Location /bar/ > | ||
2939 | ProxyPass http://gnunet.foo.org:1080/ | ||
2940 | ProxyPassReverse http://gnunet.foo.org:1080/ | ||
2941 | </Location> | ||
2942 | @end example | ||
2943 | |||
2944 | @node Reverse Proxy - Configure your Apache2 HTTPS webserver | ||
2945 | @subsubsection Reverse Proxy - Configure your Apache2 HTTPS webserver | ||
2946 | |||
2947 | We assume that you already have an HTTPS server running, if not please | ||
2948 | check how to configure a HTTPS host. An uncomplicated to use example | ||
2949 | is the example configuration file for Apache2/HTTPD provided in | ||
2950 | @file{apache2/sites-available/default-ssl}. | ||
2951 | |||
2952 | In the respective HTTPS @code{server config},@code{virtual host} or | ||
2953 | @code{directory} section add the following lines: | ||
2954 | |||
2955 | @example | ||
2956 | SSLProxyEngine On | ||
2957 | ProxyTimeout 300 | ||
2958 | ProxyRequests Off | ||
2959 | <Location /bar/ > | ||
2960 | ProxyPass https://gnunet.foo.org:4433/ | ||
2961 | ProxyPassReverse https://gnunet.foo.org:4433/ | ||
2962 | </Location> | ||
2963 | @end example | ||
2964 | |||
2965 | @noindent | ||
2966 | More information about the apache mod_proxy configuration can be found | ||
2967 | in the Apache documentation@footnote{@uref{http://httpd.apache.org/docs/2.2/mod/mod_proxy.html#proxypass, http://httpd.apache.org/docs/2.2/mod/mod_proxy.html#proxypass}} | ||
2968 | |||
2969 | @node Reverse Proxy - Configure your nginx HTTPS webserver | ||
2970 | @subsubsection Reverse Proxy - Configure your nginx HTTPS webserver | ||
2971 | |||
2972 | Since nginx does not support chunked encoding, you first of all have to | ||
2973 | install the @code{chunkin} module@footnote{@uref{http://wiki.nginx.org/HttpChunkinModule, http://wiki.nginx.org/HttpChunkinModule}} | ||
2974 | |||
2975 | To enable chunkin add: | ||
2976 | |||
2977 | @example | ||
2978 | chunkin on; | ||
2979 | error_page 411 = @@my_411_error; | ||
2980 | location @@my_411_error @{ | ||
2981 | chunkin_resume; | ||
2982 | @} | ||
2983 | @end example | ||
2984 | |||
2985 | @noindent | ||
2986 | Edit your webserver configuration. Edit @file{/etc/nginx/nginx.conf} or | ||
2987 | the site-specific configuration file. | ||
2988 | |||
2989 | In the @code{server} section add: | ||
2990 | |||
2991 | @example | ||
2992 | location /bar/ @{ | ||
2993 | proxy_pass http://gnunet.foo.org:1080/; | ||
2994 | proxy_buffering off; | ||
2995 | proxy_connect_timeout 5; # more than http_server | ||
2996 | proxy_read_timeout 350; # 60 default, 300s is GNUnet's idle timeout | ||
2997 | proxy_http_version 1.1; # 1.0 default | ||
2998 | proxy_next_upstream error timeout invalid_header http_500 http_503 http_502 http_504; | ||
2999 | @} | ||
3000 | @end example | ||
3001 | |||
3002 | @node Reverse Proxy - Configure your nginx HTTP webserver | ||
3003 | @subsubsection Reverse Proxy - Configure your nginx HTTP webserver | ||
3004 | |||
3005 | Edit your webserver configuration. Edit @file{/etc/nginx/nginx.conf} or | ||
3006 | the site-specific configuration file. | ||
3007 | |||
3008 | In the @code{server} section add: | ||
3009 | |||
3010 | @example | ||
3011 | ssl_session_timeout 6m; | ||
3012 | location /bar/ | ||
3013 | @{ | ||
3014 | proxy_pass https://gnunet.foo.org:4433/; | ||
3015 | proxy_buffering off; | ||
3016 | proxy_connect_timeout 5; # more than http_server | ||
3017 | proxy_read_timeout 350; # 60 default, 300s is GNUnet's idle timeout | ||
3018 | proxy_http_version 1.1; # 1.0 default | ||
3019 | proxy_next_upstream error timeout invalid_header http_500 http_503 http_502 http_504; | ||
3020 | @} | ||
3021 | @end example | ||
3022 | |||
3023 | @node Reverse Proxy - Configure your GNUnet peer | ||
3024 | @subsubsection Reverse Proxy - Configure your GNUnet peer | ||
3025 | |||
3026 | To have your GNUnet peer announce the address, you have to specify the | ||
3027 | @code{EXTERNAL_HOSTNAME} option in the @code{[transport-http_server]} | ||
3028 | section: | ||
3029 | |||
3030 | @example | ||
3031 | [transport-http_server] | ||
3032 | EXTERNAL_HOSTNAME = http://www.foo.org/bar/ | ||
3033 | @end example | ||
3034 | |||
3035 | @noindent | ||
3036 | and/or @code{[transport-https_server]} section: | ||
3037 | |||
3038 | @example | ||
3039 | [transport-https_server] | ||
3040 | EXTERNAL_HOSTNAME = https://www.foo.org/bar/ | ||
3041 | @end example | ||
3042 | |||
3043 | @noindent | ||
3044 | Now restart your webserver and your peer... | ||
3045 | |||
3046 | @node Blacklisting peers | ||
3047 | @subsection Blacklisting peers | ||
3048 | |||
3049 | Transport service supports to deny connecting to a specific peer of to a | ||
3050 | specific peer with a specific transport plugin using te blacklisting | ||
3051 | component of transport service. With@ blacklisting it is possible to deny | ||
3052 | connections to specific peers of@ to use a specific plugin to a specific | ||
3053 | peer. Peers can be blacklisted using@ the configuration or a blacklist | ||
3054 | client can be asked. | ||
3055 | |||
3056 | To blacklist peers using the configuration you have to add a section to | ||
3057 | your configuration containing the peer id of the peer to blacklist and | ||
3058 | the plugin@ if required. | ||
3059 | |||
3060 | Examples: | ||
3061 | |||
3062 | To blacklist connections to P565... on peer AG2P... using tcp add: | ||
3063 | |||
3064 | @c FIXME: This is too long and produces errors in the pdf. | ||
3065 | @example | ||
3066 | [transport-blacklist AG2PHES1BARB9IJCPAMJTFPVJ5V3A72S3F2A8SBUB8DAQ2V0O3V8G6G2JU56FHGFOHMQVKBSQFV98TCGTC3RJ1NINP82G0RC00N1520] | ||
3067 | P565723JO1C2HSN6J29TAQ22MN6CI8HTMUU55T0FUQG4CMDGGEQ8UCNBKUMB94GC8R9G4FB2SF9LDOBAJ6AMINBP4JHHDD6L7VD801G = tcp | ||
3068 | @end example | ||
3069 | |||
3070 | To blacklist connections to P565... on peer AG2P... using all plugins add: | ||
3071 | |||
3072 | @example | ||
3073 | [transport-blacklist-AG2PHES1BARB9IJCPAMJTFPVJ5V3A72S3F2A8SBUB8DAQ2V0O3V8G6G2JU56FHGFOHMQVKBSQFV98TCGTC3RJ1NINP82G0RC00N1520] | ||
3074 | P565723JO1C2HSN6J29TAQ22MN6CI8HTMUU55T0FUQG4CMDGGEQ8UCNBKUMB94GC8R9G4FB2SF9LDOBAJ6AMINBP4JHHDD6L7VD801G = | ||
3075 | @end example | ||
3076 | |||
3077 | You can also add a blacklist client usign the blacklist API. On a | ||
3078 | blacklist check, blacklisting first checks internally if the peer is | ||
3079 | blacklisted and if not, it asks the blacklisting clients. Clients are | ||
3080 | asked if it is OK to connect to a peer ID, the plugin is omitted. | ||
3081 | |||
3082 | On blacklist check for (peer, plugin) | ||
3083 | @itemize @bullet | ||
3084 | @item Do we have a local blacklist entry for this peer and this plugin?@ | ||
3085 | @item YES: disallow connection@ | ||
3086 | @item Do we have a local blacklist entry for this peer and all plugins?@ | ||
3087 | @item YES: disallow connection@ | ||
3088 | @item Does one of the clients disallow?@ | ||
3089 | @item YES: disallow connection | ||
3090 | @end itemize | ||
3091 | |||
3092 | @node Configuration of the HTTP and HTTPS transport plugins | ||
3093 | @subsection Configuration of the HTTP and HTTPS transport plugins | ||
3094 | |||
3095 | The client parts of the http and https transport plugins can be configured | ||
3096 | to use a proxy to connect to the hostlist server. This functionality can | ||
3097 | be configured in the configuration file directly or using the | ||
3098 | gnunet-setup tool. | ||
3099 | |||
3100 | Both the HTTP and HTTPS clients support the following proxy types at | ||
3101 | the moment: | ||
3102 | |||
3103 | @itemize @bullet | ||
3104 | @item HTTP 1.1 proxy | ||
3105 | @item SOCKS 4/4a/5/5 with hostname | ||
3106 | @end itemize | ||
3107 | |||
3108 | In addition authentication at the proxy with username and password can be | ||
3109 | configured. | ||
3110 | |||
3111 | To configure proxy support for the clients in the gnunet-setup tool, | ||
3112 | select the "transport" tab and activate the respective plugin. Now you | ||
3113 | can select the appropriate proxy type. The hostname or IP address | ||
3114 | (including port if required) has to be entered in the "Proxy hostname" | ||
3115 | textbox. If required, enter username and password in the "Proxy username" | ||
3116 | and "Proxy password" boxes. Be aware that these information will be stored | ||
3117 | in the configuration in plain text. | ||
3118 | |||
3119 | To configure these options directly in the configuration, you can | ||
3120 | configure the following settings in the @code{[transport-http_client]} | ||
3121 | and @code{[transport-https_client]} section of the configuration: | ||
3122 | |||
3123 | @example | ||
3124 | # Type of proxy server, | ||
3125 | # Valid values: HTTP, SOCKS4, SOCKS5, SOCKS4A, SOCKS5_HOSTNAME | ||
3126 | # Default: HTTP | ||
3127 | # PROXY_TYPE = HTTP | ||
3128 | |||
3129 | # Hostname or IP of proxy server | ||
3130 | # PROXY = | ||
3131 | # User name for proxy server | ||
3132 | # PROXY_USERNAME = | ||
3133 | # User password for proxy server | ||
3134 | # PROXY_PASSWORD = | ||
3135 | @end example | ||
3136 | |||
3137 | @node Configuring the GNU Name System | ||
3138 | @subsection Configuring the GNU Name System | ||
3139 | |||
3140 | @menu | ||
3141 | * Configuring system-wide DNS interception:: | ||
3142 | * Configuring the GNS nsswitch plugin:: | ||
3143 | * Configuring GNS on W32:: | ||
3144 | * GNS Proxy Setup:: | ||
3145 | * Setup of the GNS CA:: | ||
3146 | * Testing the GNS setup:: | ||
3147 | @end menu | ||
3148 | |||
3149 | |||
3150 | @node Configuring system-wide DNS interception | ||
3151 | @subsubsection Configuring system-wide DNS interception | ||
3152 | |||
3153 | Before you install GNUnet, make sure you have a user and group 'gnunet' | ||
3154 | as well as an empty group 'gnunetdns'. | ||
3155 | |||
3156 | When using GNUnet with system-wide DNS interception, it is absolutely | ||
3157 | necessary for all GNUnet service processes to be started by | ||
3158 | @code{gnunet-service-arm} as user and group 'gnunet'. You also need to be | ||
3159 | sure to run @code{make install} as root (or use the @code{sudo} option to | ||
3160 | configure) to grant GNUnet sufficient privileges. | ||
3161 | |||
3162 | With this setup, all that is required for enabling system-wide DNS | ||
3163 | interception is for some GNUnet component (VPN or GNS) to request it. | ||
3164 | The @code{gnunet-service-dns} will then start helper programs that will | ||
3165 | make the necessary changes to your firewall (@code{iptables}) rules. | ||
3166 | |||
3167 | Note that this will NOT work if your system sends out DNS traffic to a | ||
3168 | link-local IPv6 address, as in this case GNUnet can intercept the traffic, | ||
3169 | but not inject the responses from the link-local IPv6 address. Hence you | ||
3170 | cannot use system-wide DNS interception in conjunction with link-local | ||
3171 | IPv6-based DNS servers. If such a DNS server is used, it will bypass | ||
3172 | GNUnet's DNS traffic interception. | ||
3173 | |||
3174 | Using the GNU Name System (GNS) requires two different configuration | ||
3175 | steps. | ||
3176 | First of all, GNS needs to be integrated with the operating system. Most | ||
3177 | of this section is about the operating system level integration. | ||
3178 | |||
3179 | The remainder of this chapter will detail the various methods for | ||
3180 | configuring the use of GNS with your operating system. | ||
3181 | |||
3182 | At this point in time you have different options depending on your OS: | ||
3183 | |||
3184 | @table @asis | ||
3185 | |||
3186 | @item Use the gnunet-gns-proxy This approach works for all operating | ||
3187 | systems and is likely the easiest. However, it enables GNS only for | ||
3188 | browsers, not for other applications that might be using DNS, such as SSH. | ||
3189 | Still, using the proxy is required for using HTTP with GNS and is thus | ||
3190 | recommended for all users. To do this, you simply have to run the | ||
3191 | @code{gnunet-gns-proxy-setup-ca} script as the user who will run the | ||
3192 | browser (this will create a GNS certificate authority (CA) on your system | ||
3193 | and import its key into your browser), then start @code{gnunet-gns-proxy} | ||
3194 | and inform your browser to use the Socks5 proxy which | ||
3195 | @code{gnunet-gns-proxy} makes available by default on port 7777. | ||
3196 | @item Use a nsswitch plugin (recommended on GNU systems) | ||
3197 | This approach has the advantage of offering fully personalized resolution | ||
3198 | even on multi-user systems. A potential disadvantage is that some | ||
3199 | applications might be able to bypass GNS. | ||
3200 | @item Use a W32 resolver plugin (recommended on W32) | ||
3201 | This is currently the only option on W32 systems. | ||
3202 | @item Use system-wide DNS packet interception | ||
3203 | This approach is recommended for the GNUnet VPN. It can be used to handle | ||
3204 | GNS at the same time; however, if you only use this method, you will only | ||
3205 | get one root zone per machine (not so great for multi-user systems). | ||
3206 | @end table | ||
3207 | |||
3208 | You can combine system-wide DNS packet interception with the nsswitch | ||
3209 | plugin. | ||
3210 | The setup of the system-wide DNS interception is described here. All of | ||
3211 | the other GNS-specific configuration steps are described in the following | ||
3212 | sections. | ||
3213 | |||
3214 | @node Configuring the GNS nsswitch plugin | ||
3215 | @subsubsection Configuring the GNS nsswitch plugin | ||
3216 | |||
3217 | The Name Service Switch (NSS) is a facility in Unix-like operating systems | ||
3218 | @footnote{More accurate: NSS is a functionality of the GNU C Library} | ||
3219 | that provides a variety of sources for common configuration databases and | ||
3220 | name resolution mechanisms. | ||
3221 | A superuser (system administrator) usually configures the | ||
3222 | operating system's name services using the file | ||
3223 | @file{/etc/nsswitch.conf}. | ||
3224 | |||
3225 | GNS provides a NSS plugin to integrate GNS name resolution with the | ||
3226 | operating system's name resolution process. | ||
3227 | To use the GNS NSS plugin you have to either | ||
3228 | |||
3229 | @itemize @bullet | ||
3230 | @item install GNUnet as root or | ||
3231 | @item compile GNUnet with the @code{--with-sudo=yes} switch. | ||
3232 | @end itemize | ||
3233 | |||
3234 | Name resolution is controlled by the @emph{hosts} section in the NSS | ||
3235 | configuration. By default this section first performs a lookup in the | ||
3236 | @file{/etc/hosts} file and then in DNS. | ||
3237 | The nsswitch file should contain a line similar to: | ||
3238 | |||
3239 | @example | ||
3240 | hosts: files dns [NOTFOUND=return] mdns4_minimal mdns4 | ||
3241 | @end example | ||
3242 | |||
3243 | @noindent | ||
3244 | Here the GNS NSS plugin can be added to perform a GNS lookup before | ||
3245 | performing a DNS lookup. | ||
3246 | The GNS NSS plugin has to be added to the "hosts" section in | ||
3247 | @file{/etc/nsswitch.conf} file before DNS related plugins: | ||
3248 | |||
3249 | @example | ||
3250 | ... | ||
3251 | hosts: files gns [NOTFOUND=return] dns mdns4_minimal mdns4 | ||
3252 | ... | ||
3253 | @end example | ||
3254 | |||
3255 | @noindent | ||
3256 | The @code{NOTFOUND=return} will ensure that if a @code{.gnu} name is not | ||
3257 | found in GNS it will not be queried in DNS. | ||
3258 | |||
3259 | @node Configuring GNS on W32 | ||
3260 | @subsubsection Configuring GNS on W32 | ||
3261 | |||
3262 | This document is a guide to configuring GNU Name System on W32-compatible | ||
3263 | platforms. | ||
3264 | |||
3265 | After GNUnet is installed, run the w32nsp-install tool: | ||
3266 | |||
3267 | @example | ||
3268 | w32nsp-install.exe libw32nsp-0.dll | ||
3269 | @end example | ||
3270 | |||
3271 | @noindent | ||
3272 | ('0' is the library version of W32 NSP; it might increase in the future, | ||
3273 | change the invocation accordingly). | ||
3274 | |||
3275 | This will install GNS namespace provider into the system and allow other | ||
3276 | applications to resolve names that end in '@strong{gnu}' | ||
3277 | and '@strong{zkey}'. Note that namespace provider requires | ||
3278 | gnunet-gns-helper-service-w32 to be running, as well as gns service | ||
3279 | itself (and its usual dependencies). | ||
3280 | |||
3281 | Namespace provider is hardcoded to connect to @strong{127.0.0.1:5353}, | ||
3282 | and this is where gnunet-gns-helper-service-w32 should be listening to | ||
3283 | (and is configured to listen to by default). | ||
3284 | |||
3285 | To uninstall the provider, run: | ||
3286 | |||
3287 | @example | ||
3288 | w32nsp-uninstall.exe | ||
3289 | @end example | ||
3290 | |||
3291 | @noindent | ||
3292 | (uses provider GUID to uninstall it, does not need a dll name). | ||
3293 | |||
3294 | Note that while MSDN claims that other applications will only be able to | ||
3295 | use the new namespace provider after re-starting, in reality they might | ||
3296 | stat to use it without that. Conversely, they might stop using the | ||
3297 | provider after it's been uninstalled, even if they were not re-started. | ||
3298 | W32 will not permit namespace provider library to be deleted or | ||
3299 | overwritten while the provider is installed, and while there is at least | ||
3300 | one process still using it (even after it was uninstalled). | ||
3301 | |||
3302 | @node GNS Proxy Setup | ||
3303 | @subsubsection GNS Proxy Setup | ||
3304 | |||
3305 | When using the GNU Name System (GNS) to browse the WWW, there are several | ||
3306 | issues that can be solved by adding the GNS Proxy to your setup: | ||
3307 | |||
3308 | @itemize @bullet | ||
3309 | |||
3310 | @item If the target website does not support GNS, it might assume that it | ||
3311 | is operating under some name in the legacy DNS system (such as | ||
3312 | example.com). It may then attempt to set cookies for that domain, and the | ||
3313 | web server might expect a @code{Host: example.com} header in the request | ||
3314 | from your browser. | ||
3315 | However, your browser might be using @code{example.gnu} for the | ||
3316 | @code{Host} header and might only accept (and send) cookies for | ||
3317 | @code{example.gnu}. The GNS Proxy will perform the necessary translations | ||
3318 | of the hostnames for cookies and HTTP headers (using the LEHO record for | ||
3319 | the target domain as the desired substitute). | ||
3320 | |||
3321 | @item If using HTTPS, the target site might include an SSL certificate | ||
3322 | which is either only valid for the LEHO domain or might match a TLSA | ||
3323 | record in GNS. However, your browser would expect a valid certificate for | ||
3324 | @code{example.gnu}, not for some legacy domain name. The proxy will | ||
3325 | validate the certificate (either against LEHO or TLSA) and then | ||
3326 | on-the-fly produce a valid certificate for the exchange, signed by your | ||
3327 | own CA. Assuming you installed the CA of your proxy in your browser's | ||
3328 | certificate authority list, your browser will then trust the | ||
3329 | HTTPS/SSL/TLS connection, as the hostname mismatch is hidden by the proxy. | ||
3330 | |||
3331 | @item Finally, the proxy will in the future indicate to the server that it | ||
3332 | speaks GNS, which will enable server operators to deliver GNS-enabled web | ||
3333 | sites to your browser (and continue to deliver legacy links to legacy | ||
3334 | browsers) | ||
3335 | @end itemize | ||
3336 | |||
3337 | @node Setup of the GNS CA | ||
3338 | @subsubsection Setup of the GNS CA | ||
3339 | |||
3340 | First you need to create a CA certificate that the proxy can use. | ||
3341 | To do so use the provided script gnunet-gns-proxy-ca: | ||
3342 | |||
3343 | @example | ||
3344 | $ gnunet-gns-proxy-setup-ca | ||
3345 | @end example | ||
3346 | |||
3347 | @noindent | ||
3348 | This will create a personal certification authority for you and add this | ||
3349 | authority to the firefox and chrome database. The proxy will use the this | ||
3350 | CA certificate to generate @code{*.gnu} client certificates on the fly. | ||
3351 | |||
3352 | Note that the proxy uses libcurl. Make sure your version of libcurl uses | ||
3353 | GnuTLS and NOT OpenSSL. The proxy will @b{not} work with libcurl compiled | ||
3354 | against OpenSSL. | ||
3355 | |||
3356 | You can check the configuration your libcurl was build with by | ||
3357 | running: | ||
3358 | |||
3359 | @example | ||
3360 | curl --version | ||
3361 | @end example | ||
3362 | |||
3363 | the output will look like this (without the linebreaks): | ||
3364 | |||
3365 | @example | ||
3366 | gnurl --version | ||
3367 | curl 7.56.0 (x86_64-unknown-linux-gnu) libcurl/7.56.0 \ | ||
3368 | GnuTLS/3.5.13 zlib/1.2.11 libidn2/2.0.4 | ||
3369 | Release-Date: 2017-10-08 | ||
3370 | Protocols: http https | ||
3371 | Features: AsynchDNS IDN IPv6 Largefile NTLM SSL libz \ | ||
3372 | TLS-SRP UnixSockets HTTPS-proxy | ||
3373 | @end example | ||
3374 | |||
3375 | @node Testing the GNS setup | ||
3376 | @subsubsection Testing the GNS setup | ||
3377 | |||
3378 | Now for testing purposes we can create some records in our zone to test | ||
3379 | the SSL functionality of the proxy: | ||
3380 | |||
3381 | @example | ||
3382 | $ gnunet-identity -C test | ||
3383 | $ gnunet-namestore -a -e "1 d" -n "homepage" \ | ||
3384 | -t A -V 131.159.74.67 -z test | ||
3385 | $ gnunet-namestore -a -e "1 d" -n "homepage" \ | ||
3386 | -t LEHO -V "gnunet.org" -z test | ||
3387 | @end example | ||
3388 | |||
3389 | @noindent | ||
3390 | At this point we can start the proxy. Simply execute | ||
3391 | |||
3392 | @example | ||
3393 | $ gnunet-gns-proxy | ||
3394 | @end example | ||
3395 | |||
3396 | @noindent | ||
3397 | Configure your browser to use this SOCKSv5 proxy on port 7777 and visit | ||
3398 | this link. | ||
3399 | If you use @command{Firefox} (or one of its deriviates/forks such as | ||
3400 | Icecat) you also have to go to @code{about:config} and set the key | ||
3401 | @code{network.proxy.socks_remote_dns} to @code{true}. | ||
3402 | |||
3403 | When you visit @code{https://homepage.test/}, you should get to the | ||
3404 | @code{https://gnunet.org/} frontpage and the browser (with the correctly | ||
3405 | configured proxy) should give you a valid SSL certificate for | ||
3406 | @code{homepage.gnu} and no warnings. It should look like this: | ||
3407 | |||
3408 | @c FIXME: Image does not exist, create it or save it from Drupal? | ||
3409 | @c @image{images/gnunethpgns.png,5in,, picture of homepage.gnu in Webbrowser} | ||
3410 | |||
3411 | |||
3412 | @node Configuring the GNUnet VPN | ||
3413 | @subsection Configuring the GNUnet VPN | ||
3414 | |||
3415 | @menu | ||
3416 | * IPv4 address for interface:: | ||
3417 | * IPv6 address for interface:: | ||
3418 | * Configuring the GNUnet VPN DNS:: | ||
3419 | * Configuring the GNUnet VPN Exit Service:: | ||
3420 | * IP Address of external DNS resolver:: | ||
3421 | * IPv4 address for Exit interface:: | ||
3422 | * IPv6 address for Exit interface:: | ||
3423 | @end menu | ||
3424 | |||
3425 | Before configuring the GNUnet VPN, please make sure that system-wide DNS | ||
3426 | interception is configured properly as described in the section on the | ||
3427 | GNUnet DNS setup. @pxref{Configuring the GNU Name System}, | ||
3428 | if you haven't done so already. | ||
3429 | |||
3430 | The default options for the GNUnet VPN are usually sufficient to use | ||
3431 | GNUnet as a Layer 2 for your Internet connection. | ||
3432 | However, what you always have to specify is which IP protocol you want | ||
3433 | to tunnel: IPv4, IPv6 or both. | ||
3434 | Furthermore, if you tunnel both, you most likely should also tunnel | ||
3435 | all of your DNS requests. | ||
3436 | You theoretically can tunnel "only" your DNS traffic, but that usually | ||
3437 | makes little sense. | ||
3438 | |||
3439 | The other options as shown on the gnunet-setup tool are: | ||
3440 | |||
3441 | @node IPv4 address for interface | ||
3442 | @subsubsection IPv4 address for interface | ||
3443 | |||
3444 | This is the IPv4 address the VPN interface will get. You should pick an | ||
3445 | 'private' IPv4 network that is not yet in use for you system. For example, | ||
3446 | if you use @code{10.0.0.1/255.255.0.0} already, you might use | ||
3447 | @code{10.1.0.1/255.255.0.0}. | ||
3448 | If you use @code{10.0.0.1/255.0.0.0} already, then you might use | ||
3449 | @code{192.168.0.1/255.255.0.0}. | ||
3450 | If your system is not in a private IP-network, using any of the above will | ||
3451 | work fine. | ||
3452 | You should try to make the mask of the address big enough | ||
3453 | (@code{255.255.0.0} or, even better, @code{255.0.0.0}) to allow more | ||
3454 | mappings of remote IP Addresses into this range. | ||
3455 | However, even a @code{255.255.255.0} mask will suffice for most users. | ||
3456 | |||
3457 | @node IPv6 address for interface | ||
3458 | @subsubsection IPv6 address for interface | ||
3459 | |||
3460 | The IPv6 address the VPN interface will get. Here you can specify any | ||
3461 | non-link-local address (the address should not begin with @code{fe80:}). | ||
3462 | A subnet Unique Local Unicast (@code{fd00::/8} prefix) that you are | ||
3463 | currently not using would be a good choice. | ||
3464 | |||
3465 | @node Configuring the GNUnet VPN DNS | ||
3466 | @subsubsection Configuring the GNUnet VPN DNS | ||
3467 | |||
3468 | To resolve names for remote nodes, activate the DNS exit option. | ||
3469 | |||
3470 | @node Configuring the GNUnet VPN Exit Service | ||
3471 | @subsubsection Configuring the GNUnet VPN Exit Service | ||
3472 | |||
3473 | If you want to allow other users to share your Internet connection (yes, | ||
3474 | this may be dangerous, just as running a Tor exit node) or want to | ||
3475 | provide access to services on your host (this should be less dangerous, | ||
3476 | as long as those services are secure), you have to enable the GNUnet exit | ||
3477 | daemon. | ||
3478 | |||
3479 | You then get to specify which exit functions you want to provide. By | ||
3480 | enabling the exit daemon, you will always automatically provide exit | ||
3481 | functions for manually configured local services (this component of the | ||
3482 | system is under | ||
3483 | development and not documented further at this time). As for those | ||
3484 | services you explicitly specify the target IP address and port, there is | ||
3485 | no significant security risk in doing so. | ||
3486 | |||
3487 | Furthermore, you can serve as a DNS, IPv4 or IPv6 exit to the Internet. | ||
3488 | Being a DNS exit is usually pretty harmless. However, enabling IPv4 or | ||
3489 | IPv6-exit without further precautions may enable adversaries to access | ||
3490 | your local network, send spam, attack other systems from your Internet | ||
3491 | connection and to other mischief that will appear to come from your | ||
3492 | machine. This may or may not get you into legal trouble. | ||
3493 | If you want to allow IPv4 or IPv6-exit functionality, you should strongly | ||
3494 | consider adding additional firewall rules manually to protect your local | ||
3495 | network and to restrict outgoing TCP traffic (i.e. by not allowing access | ||
3496 | to port 25). While we plan to improve exit-filtering in the future, | ||
3497 | you're currently on your own here. | ||
3498 | Essentially, be prepared for any kind of IP-traffic to exit the respective | ||
3499 | TUN interface (and GNUnet will enable IP-forwarding and NAT for the | ||
3500 | interface automatically). | ||
3501 | |||
3502 | Additional configuration options of the exit as shown by the gnunet-setup | ||
3503 | tool are: | ||
3504 | |||
3505 | @node IP Address of external DNS resolver | ||
3506 | @subsubsection IP Address of external DNS resolver | ||
3507 | |||
3508 | If DNS traffic is to exit your machine, it will be send to this DNS | ||
3509 | resolver. You can specify an IPv4 or IPv6 address. | ||
3510 | |||
3511 | @node IPv4 address for Exit interface | ||
3512 | @subsubsection IPv4 address for Exit interface | ||
3513 | |||
3514 | This is the IPv4 address the Interface will get. Make the mask of the | ||
3515 | address big enough (255.255.0.0 or, even better, 255.0.0.0) to allow more | ||
3516 | mappings of IP addresses into this range. As for the VPN interface, any | ||
3517 | unused, private IPv4 address range will do. | ||
3518 | |||
3519 | @node IPv6 address for Exit interface | ||
3520 | @subsubsection IPv6 address for Exit interface | ||
3521 | |||
3522 | The public IPv6 address the interface will get. If your kernel is not a | ||
3523 | very recent kernel and you are willing to manually enable IPv6-NAT, the | ||
3524 | IPv6 address you specify here must be a globally routed IPv6 address of | ||
3525 | your host. | ||
3526 | |||
3527 | Suppose your host has the address @code{2001:4ca0::1234/64}, then | ||
3528 | using @code{2001:4ca0::1:0/112} would be fine (keep the first 64 bits, | ||
3529 | then change at least one bit in the range before the bitmask, in the | ||
3530 | example above we changed bit 111 from 0 to 1). | ||
3531 | |||
3532 | You may also have to configure your router to route traffic for the entire | ||
3533 | subnet (@code{2001:4ca0::1:0/112} for example) through your computer (this | ||
3534 | should be automatic with IPv6, but obviously anything can be | ||
3535 | disabled). | ||
3536 | |||
3537 | @node Bandwidth Configuration | ||
3538 | @subsection Bandwidth Configuration | ||
3539 | |||
3540 | You can specify how many bandwidth GNUnet is allowed to use to receive | ||
3541 | and send data. This is important for users with limited bandwidth or | ||
3542 | traffic volume. | ||
3543 | |||
3544 | @node Configuring NAT | ||
3545 | @subsection Configuring NAT | ||
3546 | |||
3547 | Most hosts today do not have a normal global IP address but instead are | ||
3548 | behind a router performing Network Address Translation (NAT) which assigns | ||
3549 | each host in the local network a private IP address. | ||
3550 | As a result, these machines cannot trivially receive inbound connections | ||
3551 | from the Internet. GNUnet supports NAT traversal to enable these machines | ||
3552 | to receive incoming connections from other peers despite their | ||
3553 | limitations. | ||
3554 | |||
3555 | In an ideal world, you can press the "Attempt automatic configuration" | ||
3556 | button in gnunet-setup to automatically configure your peer correctly. | ||
3557 | Alternatively, your distribution might have already triggered this | ||
3558 | automatic configuration during the installation process. | ||
3559 | However, automatic configuration can fail to determine the optimal | ||
3560 | settings, resulting in your peer either not receiving as many connections | ||
3561 | as possible, or in the worst case it not connecting to the network at all. | ||
3562 | |||
3563 | To manually configure the peer, you need to know a few things about your | ||
3564 | network setup. First, determine if you are behind a NAT in the first | ||
3565 | place. | ||
3566 | This is always the case if your IP address starts with "10.*" or | ||
3567 | "192.168.*". Next, if you have control over your NAT router, you may | ||
3568 | choose to manually configure it to allow GNUnet traffic to your host. | ||
3569 | If you have configured your NAT to forward traffic on ports 2086 (and | ||
3570 | possibly 1080) to your host, you can check the "NAT ports have been opened | ||
3571 | manually" option, which corresponds to the "PUNCHED_NAT" option in the | ||
3572 | configuration file. If you did not punch your NAT box, it may still be | ||
3573 | configured to support UPnP, which allows GNUnet to automatically | ||
3574 | configure it. In that case, you need to install the "upnpc" command, | ||
3575 | enable UPnP (or PMP) on your NAT box and set the "Enable NAT traversal | ||
3576 | via UPnP or PMP" option (corresponding to "ENABLE_UPNP" in the | ||
3577 | configuration file). | ||
3578 | |||
3579 | Some NAT boxes can be traversed using the autonomous NAT traversal method. | ||
3580 | This requires certain GNUnet components to be installed with "SUID" | ||
3581 | prividledges on your system (so if you're installing on a system you do | ||
3582 | not have administrative rights to, this will not work). | ||
3583 | If you installed as 'root', you can enable autonomous NAT traversal by | ||
3584 | checking the "Enable NAT traversal using ICMP method". | ||
3585 | The ICMP method requires a way to determine your NAT's external (global) | ||
3586 | IP address. This can be done using either UPnP, DynDNS, or by manual | ||
3587 | configuration. If you have a DynDNS name or know your external IP address, | ||
3588 | you should enter that name under "External (public) IPv4 address" (which | ||
3589 | corresponds to the "EXTERNAL_ADDRESS" option in the configuration file). | ||
3590 | If you leave the option empty, GNUnet will try to determine your external | ||
3591 | IP address automatically (which may fail, in which case autonomous | ||
3592 | NAT traversal will then not work). | ||
3593 | |||
3594 | Finally, if you yourself are not behind NAT but want to be able to | ||
3595 | connect to NATed peers using autonomous NAT traversal, you need to check | ||
3596 | the "Enable connecting to NATed peers using ICMP method" box. | ||
3597 | |||
3598 | |||
3599 | @node Peer configuration for distributions | ||
3600 | @subsection Peer configuration for distributions | ||
3601 | |||
3602 | The "GNUNET_DATA_HOME" in "[path]" in @file{/etc/gnunet.conf} should be | ||
3603 | manually set to "/var/lib/gnunet/data/" as the default | ||
3604 | "~/.local/share/gnunet/" is probably not that appropriate in this case. | ||
3605 | Similarly, distributions may consider pointing "GNUNET_RUNTIME_DIR" to | ||
3606 | "/var/run/gnunet/" and "GNUNET_HOME" to "/var/lib/gnunet/". Also, should a | ||
3607 | distribution decide to override system defaults, all of these changes | ||
3608 | should be done in a custom @file{/etc/gnunet.conf} and not in the files | ||
3609 | in the @file{config.d/} directory. | ||
3610 | |||
3611 | Given the proposed access permissions, the "gnunet-setup" tool must be | ||
3612 | run as use "gnunet" (and with option "-c /etc/gnunet.conf" so that it | ||
3613 | modifies the system configuration). As always, gnunet-setup should be run | ||
3614 | after the GNUnet peer was stopped using "gnunet-arm -e". Distributions | ||
3615 | might want to include a wrapper for gnunet-setup that allows the | ||
3616 | desktop-user to "sudo" (i.e. using gtksudo) to the "gnunet" user account | ||
3617 | and then runs "gnunet-arm -e", "gnunet-setup" and "gnunet-arm -s" in | ||
3618 | sequence. | ||
3619 | |||
3620 | @node How to start and stop a GNUnet peer | ||
3621 | @section How to start and stop a GNUnet peer | ||
3622 | |||
3623 | This section describes how to start a GNUnet peer. It assumes that you | ||
3624 | have already compiled and installed GNUnet and its' dependencies. | ||
3625 | Before you start a GNUnet peer, you may want to create a configuration | ||
3626 | file using gnunet-setup (but you do not have to). | ||
3627 | Sane defaults should exist in your | ||
3628 | @file{$GNUNET_PREFIX/share/gnunet/config.d/} directory, so in practice | ||
3629 | you could simply start without any configuration. If you want to | ||
3630 | configure your peer later, you need to stop it before invoking the | ||
3631 | @code{gnunet-setup} tool to customize further and to test your | ||
3632 | configuration (@code{gnunet-setup} has build-in test functions). | ||
3633 | |||
3634 | The most important option you might have to still set by hand is in | ||
3635 | [PATHS]. Here, you use the option "GNUNET_HOME" to specify the path where | ||
3636 | GNUnet should store its data. | ||
3637 | It defaults to @code{$HOME/}, which again should work for most users. | ||
3638 | Make sure that the directory specified as GNUNET_HOME is writable to | ||
3639 | the user that you will use to run GNUnet (note that you can run frontends | ||
3640 | using other users, GNUNET_HOME must only be accessible to the user used to | ||
3641 | run the background processes). | ||
3642 | |||
3643 | You will also need to make one central decision: should all of GNUnet be | ||
3644 | run under your normal UID, or do you want distinguish between system-wide | ||
3645 | (user-independent) GNUnet services and personal GNUnet services. The | ||
3646 | multi-user setup is slightly more complicated, but also more secure and | ||
3647 | generally recommended. | ||
3648 | |||
3649 | @menu | ||
3650 | * The Single-User Setup:: | ||
3651 | * The Multi-User Setup:: | ||
3652 | * Killing GNUnet services:: | ||
3653 | * Access Control for GNUnet:: | ||
3654 | @end menu | ||
3655 | |||
3656 | @node The Single-User Setup | ||
3657 | @subsection The Single-User Setup | ||
3658 | |||
3659 | For the single-user setup, you do not need to do anything special and can | ||
3660 | just start the GNUnet background processes using @code{gnunet-arm}. | ||
3661 | By default, GNUnet looks in @file{~/.config/gnunet.conf} for a | ||
3662 | configuration (or @code{$XDG_CONFIG_HOME/gnunet.conf} if@ | ||
3663 | @code{$XDG_CONFIG_HOME} is defined). If your configuration lives | ||
3664 | elsewhere, you need to pass the @code{-c FILENAME} option to all GNUnet | ||
3665 | commands. | ||
3666 | |||
3667 | Assuming the configuration file is called @file{~/.config/gnunet.conf}, | ||
3668 | you start your peer using the @code{gnunet-arm} command (say as user | ||
3669 | @code{gnunet}) using: | ||
3670 | |||
3671 | @example | ||
3672 | gnunet-arm -c ~/.config/gnunet.conf -s | ||
3673 | @end example | ||
3674 | |||
3675 | @noindent | ||
3676 | The "-s" option here is for "start". The command should return almost | ||
3677 | instantly. If you want to stop GNUnet, you can use: | ||
3678 | |||
3679 | @example | ||
3680 | gnunet-arm -c ~/.config/gnunet.conf -e | ||
3681 | @end example | ||
3682 | |||
3683 | @noindent | ||
3684 | The "-e" option here is for "end". | ||
3685 | |||
3686 | Note that this will only start the basic peer, no actual applications | ||
3687 | will be available. | ||
3688 | If you want to start the file-sharing service, use (after starting | ||
3689 | GNUnet): | ||
3690 | |||
3691 | @example | ||
3692 | gnunet-arm -c ~/.config/gnunet.conf -i fs | ||
3693 | @end example | ||
3694 | |||
3695 | @noindent | ||
3696 | The "-i fs" option here is for "initialize" the "fs" (file-sharing) | ||
3697 | application. You can also selectively kill only file-sharing support using | ||
3698 | |||
3699 | @example | ||
3700 | gnunet-arm -c ~/.config/gnunet.conf -k fs | ||
3701 | @end example | ||
3702 | |||
3703 | @noindent | ||
3704 | Assuming that you want certain services (like file-sharing) to be always | ||
3705 | automatically started whenever you start GNUnet, you can activate them by | ||
3706 | setting "IMMEDIATE_START=YES" in the respective section of the configuration | ||
3707 | file (for example, "[fs]"). Then GNUnet with file-sharing support would | ||
3708 | be started whenever you@ enter: | ||
3709 | |||
3710 | @example | ||
3711 | gnunet-arm -c ~/.config/gnunet.conf -s | ||
3712 | @end example | ||
3713 | |||
3714 | @noindent | ||
3715 | Alternatively, you can combine the two options: | ||
3716 | |||
3717 | @example | ||
3718 | gnunet-arm -c ~/.config/gnunet.conf -s -i fs | ||
3719 | @end example | ||
3720 | |||
3721 | @noindent | ||
3722 | Using @code{gnunet-arm} is also the preferred method for initializing | ||
3723 | GNUnet from @code{init}. | ||
3724 | |||
3725 | Finally, you should edit your @code{crontab} (using the @code{crontab} | ||
3726 | command) and insert a line@ | ||
3727 | |||
3728 | @example | ||
3729 | @@reboot gnunet-arm -c ~/.config/gnunet.conf -s | ||
3730 | @end example | ||
3731 | |||
3732 | to automatically start your peer whenever your system boots. | ||
3733 | |||
3734 | @node The Multi-User Setup | ||
3735 | @subsection The Multi-User Setup | ||
3736 | |||
3737 | This requires you to create a user @code{gnunet} and an additional group | ||
3738 | @code{gnunetdns}, prior to running @code{make install} during | ||
3739 | installation. | ||
3740 | Then, you create a configuration file @file{/etc/gnunet.conf} which should | ||
3741 | contain the lines:@ | ||
3742 | |||
3743 | @example | ||
3744 | [arm] | ||
3745 | START_SYSTEM_SERVICES = YES | ||
3746 | START_USER_SERVICES = NO | ||
3747 | @end example | ||
3748 | |||
3749 | @noindent | ||
3750 | Then, perform the same steps to run GNUnet as in the per-user | ||
3751 | configuration, except as user @code{gnunet} (including the | ||
3752 | @code{crontab} installation). | ||
3753 | You may also want to run @code{gnunet-setup} to configure your peer | ||
3754 | (databases, etc.). | ||
3755 | Make sure to pass @code{-c /etc/gnunet.conf} to all commands. If you | ||
3756 | run @code{gnunet-setup} as user @code{gnunet}, you might need to change | ||
3757 | permissions on @file{/etc/gnunet.conf} so that the @code{gnunet} user can | ||
3758 | write to the file (during setup). | ||
3759 | |||
3760 | Afterwards, you need to perform another setup step for each normal user | ||
3761 | account from which you want to access GNUnet. First, grant the normal user | ||
3762 | (@code{$USER}) permission to the group gnunet: | ||
3763 | |||
3764 | @example | ||
3765 | # adduser $USER gnunet | ||
3766 | @end example | ||
3767 | |||
3768 | @noindent | ||
3769 | Then, create a configuration file in @file{~/.config/gnunet.conf} for the | ||
3770 | $USER with the lines: | ||
3771 | |||
3772 | @example | ||
3773 | [arm] | ||
3774 | START_SYSTEM_SERVICES = NO | ||
3775 | START_USER_SERVICES = YES | ||
3776 | @end example | ||
3777 | |||
3778 | @noindent | ||
3779 | This will ensure that @code{gnunet-arm} when started by the normal user | ||
3780 | will only run services that are per-user, and otherwise rely on the | ||
3781 | system-wide services. | ||
3782 | Note that the normal user may run gnunet-setup, but the | ||
3783 | configuration would be ineffective as the system-wide services will use | ||
3784 | @file{/etc/gnunet.conf} and ignore options set by individual users. | ||
3785 | |||
3786 | Again, each user should then start the peer using | ||
3787 | @file{gnunet-arm -s} --- and strongly consider adding logic to start | ||
3788 | the peer automatically to their crontab. | ||
3789 | |||
3790 | Afterwards, you should see two (or more, if you have more than one USER) | ||
3791 | @code{gnunet-service-arm} processes running in your system. | ||
3792 | |||
3793 | @node Killing GNUnet services | ||
3794 | @subsection Killing GNUnet services | ||
3795 | |||
3796 | It is not necessary to stop GNUnet services explicitly when shutting | ||
3797 | down your computer. | ||
3798 | |||
3799 | It should be noted that manually killing "most" of the | ||
3800 | @code{gnunet-service} processes is generally not a successful method for | ||
3801 | stopping a peer (since @code{gnunet-service-arm} will instantly restart | ||
3802 | them). The best way to explicitly stop a peer is using | ||
3803 | @code{gnunet-arm -e}; note that the per-user services may need to be | ||
3804 | terminated before the system-wide services will terminate normally. | ||
3805 | |||
3806 | @node Access Control for GNUnet | ||
3807 | @subsection Access Control for GNUnet | ||
3808 | |||
3809 | This chapter documents how we plan to make access control work within the | ||
3810 | GNUnet system for a typical peer. It should be read as a best-practice | ||
3811 | installation guide for advanced users and builders of binary | ||
3812 | distributions. The recommendations in this guide apply to POSIX-systems | ||
3813 | with full support for UNIX domain sockets only. | ||
3814 | |||
3815 | Note that this is an advanced topic. The discussion presumes a very good | ||
3816 | understanding of users, groups and file permissions. Normal users on | ||
3817 | hosts with just a single user can just install GNUnet under their own | ||
3818 | account (and possibly allow the installer to use SUDO to grant additional | ||
3819 | permissions for special GNUnet tools that need additional rights). | ||
3820 | The discussion below largely applies to installations where multiple users | ||
3821 | share a system and to installations where the best possible security is | ||
3822 | paramount. | ||
3823 | |||
3824 | A typical GNUnet system consists of components that fall into four | ||
3825 | categories: | ||
3826 | |||
3827 | @table @asis | ||
3828 | |||
3829 | @item User interfaces | ||
3830 | User interfaces are not security sensitive and are supposed to be run and | ||
3831 | used by normal system users. | ||
3832 | The GTK GUIs and most command-line programs fall into this category. | ||
3833 | Some command-line tools (like gnunet-transport) should be excluded as they | ||
3834 | offer low-level access that normal users should not need. | ||
3835 | @item System services and support tools | ||
3836 | System services should always run and offer services that can then be | ||
3837 | accessed by the normal users. | ||
3838 | System services do not require special permissions, but as they are not | ||
3839 | specific to a particular user, they probably should not run as a | ||
3840 | particular user. Also, there should typically only be one GNUnet peer per | ||
3841 | host. System services include the gnunet-service and gnunet-daemon | ||
3842 | programs; support tools include command-line programs such as gnunet-arm. | ||
3843 | @item Priviledged helpers | ||
3844 | Some GNUnet components require root rights to open raw sockets or perform | ||
3845 | other special operations. These gnunet-helper binaries are typically | ||
3846 | installed SUID and run from services or daemons. | ||
3847 | @item Critical services | ||
3848 | Some GNUnet services (such as the DNS service) can manipulate the service | ||
3849 | in deep and possibly highly security sensitive ways. For example, the DNS | ||
3850 | service can be used to intercept and alter any DNS query originating from | ||
3851 | the local machine. Access to the APIs of these critical services and their | ||
3852 | priviledged helpers must be tightly controlled. | ||
3853 | @end table | ||
3854 | |||
3855 | @c FIXME: The titles of these chapters are too long in the index. | ||
3856 | |||
3857 | @menu | ||
3858 | * Recommendation - Disable access to services via TCP:: | ||
3859 | * Recommendation - Run most services as system user "gnunet":: | ||
3860 | * Recommendation - Control access to services using group "gnunet":: | ||
3861 | * Recommendation - Limit access to certain SUID binaries by group "gnunet":: | ||
3862 | * Recommendation - Limit access to critical gnunet-helper-dns to group "gnunetdns":: | ||
3863 | * Differences between "make install" and these recommendations:: | ||
3864 | @end menu | ||
3865 | |||
3866 | @node Recommendation - Disable access to services via TCP | ||
3867 | @subsubsection Recommendation - Disable access to services via TCP | ||
3868 | |||
3869 | GNUnet services allow two types of access: via TCP socket or via UNIX | ||
3870 | domain socket. | ||
3871 | If the service is available via TCP, access control can only be | ||
3872 | implemented by restricting connections to a particular range of IP | ||
3873 | addresses. | ||
3874 | This is acceptable for non-critical services that are supposed to be | ||
3875 | available to all users on the local system or local network. | ||
3876 | However, as TCP is generally less efficient and it is rarely the case | ||
3877 | that a single GNUnet peer is supposed to serve an entire local network, | ||
3878 | the default configuration should disable TCP access to all GNUnet | ||
3879 | services on systems with support for UNIX domain sockets. | ||
3880 | As of GNUnet 0.9.2, configuration files with TCP access disabled should be | ||
3881 | generated by default. Users can re-enable TCP access to particular | ||
3882 | services simply by specifying a non-zero port number in the section of | ||
3883 | the respective service. | ||
3884 | |||
3885 | |||
3886 | @node Recommendation - Run most services as system user "gnunet" | ||
3887 | @subsubsection Recommendation - Run most services as system user "gnunet" | ||
3888 | |||
3889 | GNUnet's main services should be run as a separate user "gnunet" in a | ||
3890 | special group "gnunet". | ||
3891 | The user "gnunet" should start the peer using "gnunet-arm -s" during | ||
3892 | system startup. The home directory for this user should be | ||
3893 | @file{/var/lib/gnunet} and the configuration file should be | ||
3894 | @file{/etc/gnunet.conf}. | ||
3895 | Only the @code{gnunet} user should have the right to access | ||
3896 | @file{/var/lib/gnunet} (@emph{mode: 700}). | ||
3897 | |||
3898 | @node Recommendation - Control access to services using group "gnunet" | ||
3899 | @subsubsection Recommendation - Control access to services using group "gnunet" | ||
3900 | |||
3901 | Users that should be allowed to use the GNUnet peer should be added to the | ||
3902 | group "gnunet". Using GNUnet's access control mechanism for UNIX domain | ||
3903 | sockets, those services that are considered useful to ordinary users | ||
3904 | should be made available by setting "UNIX_MATCH_GID=YES" for those | ||
3905 | services. | ||
3906 | Again, as shipped, GNUnet provides reasonable defaults. | ||
3907 | Permissions to access the transport and core subsystems might additionally | ||
3908 | be granted without necessarily causing security concerns. | ||
3909 | Some services, such as DNS, must NOT be made accessible to the "gnunet" | ||
3910 | group (and should thus only be accessible to the "gnunet" user and | ||
3911 | services running with this UID). | ||
3912 | |||
3913 | @node Recommendation - Limit access to certain SUID binaries by group "gnunet" | ||
3914 | @subsubsection Recommendation - Limit access to certain SUID binaries by group "gnunet" | ||
3915 | |||
3916 | Most of GNUnet's SUID binaries should be safe even if executed by normal | ||
3917 | users. However, it is possible to reduce the risk a little bit more by | ||
3918 | making these binaries owned by the group "gnunet" and restricting their | ||
3919 | execution to user of the group "gnunet" as well (4750). | ||
3920 | |||
3921 | @node Recommendation - Limit access to critical gnunet-helper-dns to group "gnunetdns" | ||
3922 | @subsubsection Recommendation - Limit access to critical gnunet-helper-dns to group "gnunetdns" | ||
3923 | |||
3924 | A special group "gnunetdns" should be created for controlling access to | ||
3925 | the "gnunet-helper-dns". | ||
3926 | The binary should then be owned by root and be in group "gnunetdns" and | ||
3927 | be installed SUID and only be group-executable (2750). | ||
3928 | @b{Note that the group "gnunetdns" should have no users in it at all, | ||
3929 | ever.} | ||
3930 | The "gnunet-service-dns" program should be executed by user "gnunet" (via | ||
3931 | gnunet-service-arm) with the binary owned by the user "root" and the group | ||
3932 | "gnunetdns" and be SGID (2700). This way, @strong{only} | ||
3933 | "gnunet-service-dns" can change its group to "gnunetdns" and execute the | ||
3934 | helper, and the helper can then run as root (as per SUID). | ||
3935 | Access to the API offered by "gnunet-service-dns" is in turn restricted | ||
3936 | to the user "gnunet" (not the group!), which means that only | ||
3937 | "benign" services can manipulate DNS queries using "gnunet-service-dns". | ||
3938 | |||
3939 | @node Differences between "make install" and these recommendations | ||
3940 | @subsubsection Differences between "make install" and these recommendations | ||
3941 | |||
3942 | The current build system does not set all permissions automatically based | ||
3943 | on the recommendations above. In particular, it does not use the group | ||
3944 | "gnunet" at all (so setting gnunet-helpers other than the | ||
3945 | gnunet-helper-dns to be owned by group "gnunet" must be done manually). | ||
3946 | Furthermore, 'make install' will silently fail to set the DNS binaries to | ||
3947 | be owned by group "gnunetdns" unless that group already exists (!). | ||
3948 | An alternative name for the "gnunetdns" group can be specified using the | ||
3949 | @code{--with-gnunetdns=GRPNAME} configure option. | ||
diff --git a/doc/documentation/chapters/vocabulary.texi b/doc/documentation/chapters/vocabulary.texi index 85b40b17b..0ee472b95 100644 --- a/doc/documentation/chapters/vocabulary.texi +++ b/doc/documentation/chapters/vocabulary.texi | |||
@@ -18,7 +18,7 @@ which are listed in this introductionary chapter. | |||
18 | @end menu | 18 | @end menu |
19 | 19 | ||
20 | @node Definitions | 20 | @node Definitions |
21 | @subsection Defitions | 21 | @subsection Definitions |
22 | 22 | ||
23 | Throughout this Reference Manual, the following terms and definitions | 23 | Throughout this Reference Manual, the following terms and definitions |
24 | apply. | 24 | apply. |
diff --git a/doc/documentation/gnunet.texi b/doc/documentation/gnunet.texi index e1847c227..747df5cf5 100644 --- a/doc/documentation/gnunet.texi +++ b/doc/documentation/gnunet.texi | |||
@@ -43,6 +43,14 @@ Foundation Web site at @url{http://www.gnu.org/licenses/gpl.html}. | |||
43 | @end copying | 43 | @end copying |
44 | 44 | ||
45 | @c TODO: Improve this and improve https://directory.fsf.org/wiki/Gnunet | 45 | @c TODO: Improve this and improve https://directory.fsf.org/wiki/Gnunet |
46 | @c NOTE FOR TRANSLATORS: Due to en.wikipedia.org being the wikipedia | ||
47 | @c which is more up to date than others, refrain | ||
48 | @c from using localized wikipedia unless you are | ||
49 | @c sure the articles content is good enough. For | ||
50 | @c example the german wikipedia entry for GNUnet | ||
51 | @c is in a terrible shape, but the en.wikipedia.org | ||
52 | @c entry is still acceptable (although in need of | ||
53 | @c updates). | ||
46 | 54 | ||
47 | @dircategory Networking | 55 | @dircategory Networking |
48 | @direntry | 56 | @direntry |
@@ -74,13 +82,16 @@ This document is the Reference Manual for GNUnet version @value{VERSION}. | |||
74 | 82 | ||
75 | * Preface:: Chapter 0 | 83 | * Preface:: Chapter 0 |
76 | * Philosophy:: About GNUnet | 84 | * Philosophy:: About GNUnet |
85 | * Key Concepts:: Key concepts of GNUnet | ||
77 | @c * Vocabulary:: Vocabulary | 86 | @c * Vocabulary:: Vocabulary |
87 | * Installing GNUnet:: Installing GNUnet | ||
78 | * Using GNUnet:: Using GNUnet | 88 | * Using GNUnet:: Using GNUnet |
79 | @c * Configuration Handbook:: Configuring GNUnet | 89 | @c * Configuration Handbook:: Configuring GNUnet |
80 | * GNUnet Contributors Handbook:: Contributing to GNUnet | 90 | * GNUnet Contributors Handbook:: Contributing to GNUnet |
81 | * GNUnet Developer Handbook:: Developing GNUnet | 91 | * GNUnet Developer Handbook:: Developing GNUnet |
82 | * GNU Free Documentation License:: The license of this manual | 92 | * GNU Free Documentation License:: The license of this manual |
83 | * GNU General Public License:: The license of this manual | 93 | * GNU General Public License:: |
94 | * GNU Affero General Public License:: | ||
84 | * Concept Index:: Concepts | 95 | * Concept Index:: Concepts |
85 | * Programming Index:: Data types, functions, and variables | 96 | * Programming Index:: Data types, functions, and variables |
86 | 97 | ||
@@ -96,11 +107,12 @@ Preface | |||
96 | 107 | ||
97 | Philosophy | 108 | Philosophy |
98 | 109 | ||
99 | * Design Goals:: | 110 | * Design Principles:: |
100 | * Security and Privacy:: | 111 | * Privacy and Anonymity:: |
101 | * Versatility:: | ||
102 | * Practicality:: | 112 | * Practicality:: |
103 | * Key Concepts:: | 113 | |
114 | Key Concepts | ||
115 | |||
104 | * Authentication:: | 116 | * Authentication:: |
105 | * Accounting to Encourage Resource Sharing:: | 117 | * Accounting to Encourage Resource Sharing:: |
106 | * Confidentiality:: | 118 | * Confidentiality:: |
@@ -112,18 +124,25 @@ Philosophy | |||
112 | * Backup of Identities and Egos:: | 124 | * Backup of Identities and Egos:: |
113 | * Revocation:: | 125 | * Revocation:: |
114 | 126 | ||
127 | Installing GNUnet | ||
128 | * Installing dependencies:: | ||
129 | * Getting the Source Code:: | ||
130 | * Create @code{gnunet} user and group:: | ||
131 | * Preparing and Compiling the Source Code:: | ||
132 | * Installation:: | ||
133 | * MOVED FROM USER Checking the Installation:: | ||
134 | * MOVED FROM USER The graphical configuration interface:: | ||
135 | * MOVED FROM USER Config Leftovers:: | ||
136 | |||
115 | Using GNUnet | 137 | Using GNUnet |
116 | 138 | ||
117 | * Checking the Installation:: | 139 | * Start and stop GNUnet:: |
118 | * First steps - File-sharing:: | ||
119 | * First steps - Using the GNU Name System:: | 140 | * First steps - Using the GNU Name System:: |
120 | * First steps - Using GNUnet Conversation:: | 141 | * First steps - Using GNUnet Conversation:: |
121 | * First steps - Using the GNUnet VPN:: | 142 | * First steps - Using the GNUnet VPN:: |
122 | * File-sharing:: | 143 | * File-sharing:: |
123 | * The GNU Name System:: | 144 | * The GNU Name System:: |
124 | * Using the Virtual Public Network:: | 145 | * Using the Virtual Public Network:: |
125 | * The graphical configuration interface:: | ||
126 | * How to start and stop a GNUnet peer:: | ||
127 | 146 | ||
128 | GNUnet Contributors Handbook | 147 | GNUnet Contributors Handbook |
129 | 148 | ||
@@ -185,6 +204,14 @@ GNUnet Developer Handbook | |||
185 | @c ********************************************************************* | 204 | @c ********************************************************************* |
186 | 205 | ||
187 | @c ********************************************************************* | 206 | @c ********************************************************************* |
207 | @include chapters/keyconcepts.texi | ||
208 | @c ********************************************************************* | ||
209 | |||
210 | @c ********************************************************************* | ||
211 | @include chapters/installation.texi | ||
212 | @c ********************************************************************* | ||
213 | |||
214 | @c ********************************************************************* | ||
188 | @include chapters/user.texi | 215 | @include chapters/user.texi |
189 | @c ********************************************************************* | 216 | @c ********************************************************************* |
190 | 217 | ||
@@ -209,6 +236,12 @@ GNUnet Developer Handbook | |||
209 | @include gpl-3.0.texi | 236 | @include gpl-3.0.texi |
210 | 237 | ||
211 | @c ********************************************************************* | 238 | @c ********************************************************************* |
239 | @node GNU Affero General Public License | ||
240 | @appendix GNU Affero General Public License | ||
241 | @cindex license, GNU Affero General Public License | ||
242 | @include agpl-3.0.texi | ||
243 | |||
244 | @c ********************************************************************* | ||
212 | @node Concept Index | 245 | @node Concept Index |
213 | @unnumbered Concept Index | 246 | @unnumbered Concept Index |
214 | @printindex cp | 247 | @printindex cp |
diff --git a/doc/man/Makefile.am b/doc/man/Makefile.am index a6a116dca..37f881d60 100644 --- a/doc/man/Makefile.am +++ b/doc/man/Makefile.am | |||
@@ -37,6 +37,7 @@ man_MANS = \ | |||
37 | gnunet-statistics.1 \ | 37 | gnunet-statistics.1 \ |
38 | gnunet-testbed-profiler.1 \ | 38 | gnunet-testbed-profiler.1 \ |
39 | gnunet-testing-run-service.1 \ | 39 | gnunet-testing-run-service.1 \ |
40 | gnunet-timeout.1 \ | ||
40 | gnunet-transport.1 \ | 41 | gnunet-transport.1 \ |
41 | gnunet-transport-certificate-creation.1 \ | 42 | gnunet-transport-certificate-creation.1 \ |
42 | gnunet-unindex.1 \ | 43 | gnunet-unindex.1 \ |
diff --git a/doc/man/gnunet-gns.1 b/doc/man/gnunet-gns.1 index 9466dae03..9e4482653 100644 --- a/doc/man/gnunet-gns.1 +++ b/doc/man/gnunet-gns.1 | |||
@@ -46,7 +46,7 @@ Print GNUnet version number. | |||
46 | .SH RETURN VALUE | 46 | .SH RETURN VALUE |
47 | 47 | ||
48 | gnunet\-gns will return 0 on success, 1 on internal failures, 2 on | 48 | gnunet\-gns will return 0 on success, 1 on internal failures, 2 on |
49 | launch failures, 3 if the given name is not configured to use GNS. | 49 | launch failures, 4 if the given name is not configured to use GNS. |
50 | 50 | ||
51 | 51 | ||
52 | .SH BUGS | 52 | .SH BUGS |
diff --git a/doc/man/gnunet-revocation.1 b/doc/man/gnunet-revocation.1 index 017b019fd..b963b2dc0 100644 --- a/doc/man/gnunet-revocation.1 +++ b/doc/man/gnunet-revocation.1 | |||
@@ -15,7 +15,7 @@ instantly revoke a key and to use a pre-generated revocation | |||
15 | certificate to revoke a key. Upon successful revocation, all peers | 15 | certificate to revoke a key. Upon successful revocation, all peers |
16 | will be informed about the invalidity of the key. As this is an | 16 | will be informed about the invalidity of the key. As this is an |
17 | expensive operation, GNUnet requires the issuer of the revocation to | 17 | expensive operation, GNUnet requires the issuer of the revocation to |
18 | perform an expensive proof-of-work computation before he will be | 18 | perform an expensive proof-of-work computation before they will be |
19 | allowed to perform the revocation. gnunet\-revocation will perform | 19 | allowed to perform the revocation. gnunet\-revocation will perform |
20 | this computation. The computation can be performed ahead of time, | 20 | this computation. The computation can be performed ahead of time, |
21 | with the resulting revocation certificate being stored in a file for | 21 | with the resulting revocation certificate being stored in a file for |
diff --git a/doc/man/gnunet-timeout.1 b/doc/man/gnunet-timeout.1 new file mode 100644 index 000000000..e413254f4 --- /dev/null +++ b/doc/man/gnunet-timeout.1 | |||
@@ -0,0 +1,20 @@ | |||
1 | .TH GNUNET\-TIMOUET 1 "Jun 5, 2018" "GNUnet" | ||
2 | |||
3 | .SH NAME | ||
4 | gnunet\-timeout \- run process with timeout | ||
5 | |||
6 | .SH SYNOPSIS | ||
7 | .B gnunet\-timeout | ||
8 | .RI TIMEOUT PROGRAM ARGS | ||
9 | .br | ||
10 | |||
11 | .SH DESCRIPTION | ||
12 | \fBgnunet\-timeout\fP can be used to run another process with a | ||
13 | timeout. Provided as the standard "timout" utility may not be | ||
14 | available on all platforms. | ||
15 | |||
16 | .SH BUGS | ||
17 | Report bugs by using Mantis <https://gnunet.org/bugs/> or by sending electronic mail to <gnunet\-developers@gnu.org> | ||
18 | |||
19 | .SH SEE | ||
20 | timeout(1) | ||
diff --git a/doc/release_policy.rfc.txt b/doc/release_policy.rfc.txt index fd4118742..b3d72bac4 100644 --- a/doc/release_policy.rfc.txt +++ b/doc/release_policy.rfc.txt | |||
@@ -117,7 +117,7 @@ platforms. It also doubt it will give you the recognition you crave. | |||
117 | More importantly, what you describe is already happening, and | 117 | More importantly, what you describe is already happening, and |
118 | partially has contributed to the problems. Bart kept his own CADET | 118 | partially has contributed to the problems. Bart kept his own CADET |
119 | hacks in his personal branch for years, hence without much feedback or | 119 | hacks in his personal branch for years, hence without much feedback or |
120 | review. The SecuShare team kept their patches in their own branch, | 120 | review. The secushare team kept their patches in their own branch, |
121 | hence revealing interesting failure modes when it was finally merged. | 121 | hence revealing interesting failure modes when it was finally merged. |
122 | Martin kept some of his ABE-logic in his own branch (that one was | 122 | Martin kept some of his ABE-logic in his own branch (that one was |
123 | merged without me noticing major problems). Anyway, what you propose | 123 | merged without me noticing major problems). Anyway, what you propose |
diff --git a/m4/ax_lib_postgresql.m4 b/m4/ax_lib_postgresql.m4 index d547383e4..11b6991f0 100644 --- a/m4/ax_lib_postgresql.m4 +++ b/m4/ax_lib_postgresql.m4 | |||
@@ -91,7 +91,7 @@ AC_DEFUN([AX_LIB_POSTGRESQL], | |||
91 | POSTGRESQL_CPPFLAGS="-I`$PG_CONFIG --includedir`" | 91 | POSTGRESQL_CPPFLAGS="-I`$PG_CONFIG --includedir`" |
92 | POSTGRESQL_LDFLAGS="-L`$PG_CONFIG --libdir`" | 92 | POSTGRESQL_LDFLAGS="-L`$PG_CONFIG --libdir`" |
93 | 93 | ||
94 | POSTGRESQL_VERSION=`$PG_CONFIG --version | sed -e 's#PostgreSQL ##'` | 94 | POSTGRESQL_VERSION=`$PG_CONFIG --version | sed -e 's#PostgreSQL ##' | awk '{print $1}'` |
95 | 95 | ||
96 | AC_DEFINE([HAVE_POSTGRESQL], [1], | 96 | AC_DEFINE([HAVE_POSTGRESQL], [1], |
97 | [Define to 1 if PostgreSQL libraries are available]) | 97 | [Define to 1 if PostgreSQL libraries are available]) |
@@ -113,7 +113,7 @@ AC_DEFUN([AX_LIB_POSTGRESQL], | |||
113 | 113 | ||
114 | if test "$found_postgresql" = "yes" -a -n "$postgresql_version_req"; then | 114 | if test "$found_postgresql" = "yes" -a -n "$postgresql_version_req"; then |
115 | 115 | ||
116 | AC_MSG_CHECKING([if PostgreSQL version is >= $postgresql_version_req]) | 116 | AC_MSG_CHECKING([if PostgreSQL version $POSTGRESQL_VERSION is >= $postgresql_version_req]) |
117 | 117 | ||
118 | dnl Decompose required version string of PostgreSQL | 118 | dnl Decompose required version string of PostgreSQL |
119 | dnl and calculate its number representation | 119 | dnl and calculate its number representation |
diff --git a/m4/iconv.m4 b/m4/iconv.m4 index a50364656..41aa44a56 100644 --- a/m4/iconv.m4 +++ b/m4/iconv.m4 | |||
@@ -29,7 +29,7 @@ AC_DEFUN([AM_ICONV_LINK], | |||
29 | 29 | ||
30 | dnl Add $INCICONV to CPPFLAGS before performing the following checks, | 30 | dnl Add $INCICONV to CPPFLAGS before performing the following checks, |
31 | dnl because if the user has installed libiconv and not disabled its use | 31 | dnl because if the user has installed libiconv and not disabled its use |
32 | dnl via --without-libiconv-prefix, he wants to use it. The first | 32 | dnl via --without-libiconv-prefix, they want to use it. The first |
33 | dnl AC_LINK_IFELSE will then fail, the second AC_LINK_IFELSE will succeed. | 33 | dnl AC_LINK_IFELSE will then fail, the second AC_LINK_IFELSE will succeed. |
34 | am_save_CPPFLAGS="$CPPFLAGS" | 34 | am_save_CPPFLAGS="$CPPFLAGS" |
35 | AC_LIB_APPENDTOVAR([CPPFLAGS], [$INCICONV]) | 35 | AC_LIB_APPENDTOVAR([CPPFLAGS], [$INCICONV]) |
diff --git a/m4/lib-link.m4 b/m4/lib-link.m4 index 073f04050..d963149b0 100644 --- a/m4/lib-link.m4 +++ b/m4/lib-link.m4 | |||
@@ -68,7 +68,7 @@ AC_DEFUN([AC_LIB_HAVE_LINKFLAGS], | |||
68 | 68 | ||
69 | dnl Add $INC[]NAME to CPPFLAGS before performing the following checks, | 69 | dnl Add $INC[]NAME to CPPFLAGS before performing the following checks, |
70 | dnl because if the user has installed lib[]Name and not disabled its use | 70 | dnl because if the user has installed lib[]Name and not disabled its use |
71 | dnl via --without-lib[]Name-prefix, he wants to use it. | 71 | dnl via --without-lib[]Name-prefix, they want to use it. |
72 | ac_save_CPPFLAGS="$CPPFLAGS" | 72 | ac_save_CPPFLAGS="$CPPFLAGS" |
73 | AC_LIB_APPENDTOVAR([CPPFLAGS], [$INC]NAME) | 73 | AC_LIB_APPENDTOVAR([CPPFLAGS], [$INC]NAME) |
74 | 74 | ||
diff --git a/m4/lib-prefix.m4 b/m4/lib-prefix.m4 index 60908e8fb..855ca9317 100644 --- a/m4/lib-prefix.m4 +++ b/m4/lib-prefix.m4 | |||
@@ -15,7 +15,7 @@ ifdef([AC_HELP_STRING], | |||
15 | 15 | ||
16 | dnl AC_LIB_PREFIX adds to the CPPFLAGS and LDFLAGS the flags that are needed | 16 | dnl AC_LIB_PREFIX adds to the CPPFLAGS and LDFLAGS the flags that are needed |
17 | dnl to access previously installed libraries. The basic assumption is that | 17 | dnl to access previously installed libraries. The basic assumption is that |
18 | dnl a user will want packages to use other packages he previously installed | 18 | dnl a user will want packages to use other packages they previously installed |
19 | dnl with the same --prefix option. | 19 | dnl with the same --prefix option. |
20 | dnl This macro is not needed if only AC_LIB_LINKFLAGS is used to locate | 20 | dnl This macro is not needed if only AC_LIB_LINKFLAGS is used to locate |
21 | dnl libraries, but is otherwise very convenient. | 21 | dnl libraries, but is otherwise very convenient. |
diff --git a/pkgconfig/Makefile.am b/pkgconfig/Makefile.am index 9c9eb5c6b..3a3102f0a 100644 --- a/pkgconfig/Makefile.am +++ b/pkgconfig/Makefile.am | |||
@@ -10,8 +10,6 @@ pcfiles = \ | |||
10 | gnunetdatastore.pc \ | 10 | gnunetdatastore.pc \ |
11 | gnunetdht.pc \ | 11 | gnunetdht.pc \ |
12 | gnunetdns.pc \ | 12 | gnunetdns.pc \ |
13 | gnunetdnsparser.pc \ | ||
14 | gnunetdnsstub.pc \ | ||
15 | gnunetdv.pc \ | 13 | gnunetdv.pc \ |
16 | gnunetenv.pc \ | 14 | gnunetenv.pc \ |
17 | gnunetfragmentation.pc \ | 15 | gnunetfragmentation.pc \ |
@@ -39,7 +37,6 @@ pcfiles = \ | |||
39 | gnunettestbed.pc \ | 37 | gnunettestbed.pc \ |
40 | gnunettesting.pc \ | 38 | gnunettesting.pc \ |
41 | gnunettransport.pc \ | 39 | gnunettransport.pc \ |
42 | gnunettun.pc \ | ||
43 | gnunetutil.pc \ | 40 | gnunetutil.pc \ |
44 | gnunetvpn.pc | 41 | gnunetvpn.pc |
45 | 42 | ||
diff --git a/pkgconfig/gnunetdnsparser.pc.in b/pkgconfig/gnunetdnsparser.pc.in deleted file mode 100644 index ffb5fca8b..000000000 --- a/pkgconfig/gnunetdnsparser.pc.in +++ /dev/null | |||
@@ -1,12 +0,0 @@ | |||
1 | prefix=@prefix@ | ||
2 | exec_prefix=@exec_prefix@ | ||
3 | libdir=@libdir@ | ||
4 | includedir=@includedir@ | ||
5 | |||
6 | Name: GNUnet DNS parser | ||
7 | Description: Provides API for parsing and serializing DNS packets | ||
8 | URL: http://gnunet.org | ||
9 | Version: @VERSION@ | ||
10 | Requires: | ||
11 | Libs: -L${libdir} -lgnunetdnsparser | ||
12 | Cflags: -I${includedir} | ||
diff --git a/pkgconfig/gnunetdnsstub.pc.in b/pkgconfig/gnunetdnsstub.pc.in deleted file mode 100644 index b1da343ea..000000000 --- a/pkgconfig/gnunetdnsstub.pc.in +++ /dev/null | |||
@@ -1,12 +0,0 @@ | |||
1 | prefix=@prefix@ | ||
2 | exec_prefix=@exec_prefix@ | ||
3 | libdir=@libdir@ | ||
4 | includedir=@includedir@ | ||
5 | |||
6 | Name: GNUnet DNS stub | ||
7 | Description: Provides API for asynchronous DNS resolution (DNS stub resolver) | ||
8 | URL: http://gnunet.org | ||
9 | Version: @VERSION@ | ||
10 | Requires: | ||
11 | Libs: -L${libdir} -lgnunetdnsstub | ||
12 | Cflags: -I${includedir} | ||
diff --git a/pkgconfig/gnunettun.pc.in b/pkgconfig/gnunettun.pc.in deleted file mode 100644 index 2a3bd5213..000000000 --- a/pkgconfig/gnunettun.pc.in +++ /dev/null | |||
@@ -1,12 +0,0 @@ | |||
1 | prefix=@prefix@ | ||
2 | exec_prefix=@exec_prefix@ | ||
3 | libdir=@libdir@ | ||
4 | includedir=@includedir@ | ||
5 | |||
6 | Name: GNUnet TUN | ||
7 | Description: Provides API for parsing IP packets for Linux TUN interface interaction | ||
8 | URL: http://gnunet.org | ||
9 | Version: @VERSION@ | ||
10 | Requires: | ||
11 | Libs: -L${libdir} -lgnunettun | ||
12 | Cflags: -I${includedir} | ||
diff --git a/po/POTFILES.in b/po/POTFILES.in index de6bd90e4..8a95064a6 100644 --- a/po/POTFILES.in +++ b/po/POTFILES.in | |||
@@ -4,21 +4,13 @@ src/arm/arm_monitor_api.c | |||
4 | src/arm/gnunet-arm.c | 4 | src/arm/gnunet-arm.c |
5 | src/arm/gnunet-service-arm.c | 5 | src/arm/gnunet-service-arm.c |
6 | src/arm/mockup-service.c | 6 | src/arm/mockup-service.c |
7 | src/ats-tests/ats-testing-experiment.c | ||
8 | src/ats-tests/ats-testing-log.c | ||
9 | src/ats-tests/ats-testing-preferences.c | ||
10 | src/ats-tests/ats-testing-traffic.c | ||
11 | src/ats-tests/ats-testing.c | ||
12 | src/ats-tests/gnunet-ats-sim.c | ||
13 | src/ats-tests/gnunet-solver-eval.c | ||
14 | src/ats-tool/gnunet-ats.c | ||
15 | src/ats/ats_api_connectivity.c | 7 | src/ats/ats_api_connectivity.c |
16 | src/ats/ats_api_performance.c | 8 | src/ats/ats_api_performance.c |
17 | src/ats/ats_api_scanner.c | 9 | src/ats/ats_api_scanner.c |
18 | src/ats/ats_api_scheduling.c | 10 | src/ats/ats_api_scheduling.c |
19 | src/ats/gnunet-ats-solver-eval.c | 11 | src/ats/gnunet-ats-solver-eval.c |
20 | src/ats/gnunet-service-ats.c | ||
21 | src/ats/gnunet-service-ats_addresses.c | 12 | src/ats/gnunet-service-ats_addresses.c |
13 | src/ats/gnunet-service-ats.c | ||
22 | src/ats/gnunet-service-ats_connectivity.c | 14 | src/ats/gnunet-service-ats_connectivity.c |
23 | src/ats/gnunet-service-ats_normalization.c | 15 | src/ats/gnunet-service-ats_normalization.c |
24 | src/ats/gnunet-service-ats_performance.c | 16 | src/ats/gnunet-service-ats_performance.c |
@@ -29,6 +21,14 @@ src/ats/gnunet-service-ats_scheduling.c | |||
29 | src/ats/plugin_ats_mlp.c | 21 | src/ats/plugin_ats_mlp.c |
30 | src/ats/plugin_ats_proportional.c | 22 | src/ats/plugin_ats_proportional.c |
31 | src/ats/plugin_ats_ril.c | 23 | src/ats/plugin_ats_ril.c |
24 | src/ats-tests/ats-testing.c | ||
25 | src/ats-tests/ats-testing-experiment.c | ||
26 | src/ats-tests/ats-testing-log.c | ||
27 | src/ats-tests/ats-testing-preferences.c | ||
28 | src/ats-tests/ats-testing-traffic.c | ||
29 | src/ats-tests/gnunet-ats-sim.c | ||
30 | src/ats-tests/gnunet-solver-eval.c | ||
31 | src/ats-tool/gnunet-ats.c | ||
32 | src/auction/gnunet-auction-create.c | 32 | src/auction/gnunet-auction-create.c |
33 | src/auction/gnunet-auction-info.c | 33 | src/auction/gnunet-auction-info.c |
34 | src/auction/gnunet-auction-join.c | 34 | src/auction/gnunet-auction-join.c |
@@ -40,8 +40,8 @@ src/block/plugin_block_test.c | |||
40 | src/cadet/cadet_api.c | 40 | src/cadet/cadet_api.c |
41 | src/cadet/cadet_test_lib.c | 41 | src/cadet/cadet_test_lib.c |
42 | src/cadet/desirability_table.c | 42 | src/cadet/desirability_table.c |
43 | src/cadet/gnunet-cadet-profiler.c | ||
44 | src/cadet/gnunet-cadet.c | 43 | src/cadet/gnunet-cadet.c |
44 | src/cadet/gnunet-cadet-profiler.c | ||
45 | src/cadet/gnunet-service-cadet.c | 45 | src/cadet/gnunet-service-cadet.c |
46 | src/cadet/gnunet-service-cadet_channel.c | 46 | src/cadet/gnunet-service-cadet_channel.c |
47 | src/cadet/gnunet-service-cadet_connection.c | 47 | src/cadet/gnunet-service-cadet_connection.c |
@@ -57,15 +57,15 @@ src/consensus/gnunet-service-consensus.c | |||
57 | src/consensus/plugin_block_consensus.c | 57 | src/consensus/plugin_block_consensus.c |
58 | src/conversation/conversation_api.c | 58 | src/conversation/conversation_api.c |
59 | src/conversation/conversation_api_call.c | 59 | src/conversation/conversation_api_call.c |
60 | src/conversation/gnunet-conversation-test.c | ||
61 | src/conversation/gnunet-conversation.c | 60 | src/conversation/gnunet-conversation.c |
62 | src/conversation/gnunet-helper-audio-playback-gst.c | 61 | src/conversation/gnunet-conversation-test.c |
62 | src/conversation/gnunet_gst.c | ||
63 | src/conversation/gnunet_gst_test.c | ||
63 | src/conversation/gnunet-helper-audio-playback.c | 64 | src/conversation/gnunet-helper-audio-playback.c |
64 | src/conversation/gnunet-helper-audio-record-gst.c | 65 | src/conversation/gnunet-helper-audio-playback-gst.c |
65 | src/conversation/gnunet-helper-audio-record.c | 66 | src/conversation/gnunet-helper-audio-record.c |
67 | src/conversation/gnunet-helper-audio-record-gst.c | ||
66 | src/conversation/gnunet-service-conversation.c | 68 | src/conversation/gnunet-service-conversation.c |
67 | src/conversation/gnunet_gst.c | ||
68 | src/conversation/gnunet_gst_test.c | ||
69 | src/conversation/microphone.c | 69 | src/conversation/microphone.c |
70 | src/conversation/plugin_gnsrecord_conversation.c | 70 | src/conversation/plugin_gnsrecord_conversation.c |
71 | src/conversation/speaker.c | 71 | src/conversation/speaker.c |
@@ -102,6 +102,7 @@ src/dht/dht_api.c | |||
102 | src/dht/dht_test_lib.c | 102 | src/dht/dht_test_lib.c |
103 | src/dht/gnunet-dht-get.c | 103 | src/dht/gnunet-dht-get.c |
104 | src/dht/gnunet-dht-monitor.c | 104 | src/dht/gnunet-dht-monitor.c |
105 | src/dht/gnunet_dht_profiler.c | ||
105 | src/dht/gnunet-dht-put.c | 106 | src/dht/gnunet-dht-put.c |
106 | src/dht/gnunet-service-dht.c | 107 | src/dht/gnunet-service-dht.c |
107 | src/dht/gnunet-service-dht_clients.c | 108 | src/dht/gnunet-service-dht_clients.c |
@@ -110,11 +111,8 @@ src/dht/gnunet-service-dht_hello.c | |||
110 | src/dht/gnunet-service-dht_neighbours.c | 111 | src/dht/gnunet-service-dht_neighbours.c |
111 | src/dht/gnunet-service-dht_nse.c | 112 | src/dht/gnunet-service-dht_nse.c |
112 | src/dht/gnunet-service-dht_routing.c | 113 | src/dht/gnunet-service-dht_routing.c |
113 | src/dht/gnunet_dht_profiler.c | ||
114 | src/dht/plugin_block_dht.c | 114 | src/dht/plugin_block_dht.c |
115 | src/dns/dns_api.c | 115 | src/dns/dns_api.c |
116 | src/dns/dnsparser.c | ||
117 | src/dns/dnsstub.c | ||
118 | src/dns/gnunet-dns-monitor.c | 116 | src/dns/gnunet-dns-monitor.c |
119 | src/dns/gnunet-dns-redirector.c | 117 | src/dns/gnunet-dns-redirector.c |
120 | src/dns/gnunet-helper-dns.c | 118 | src/dns/gnunet-helper-dns.c |
@@ -126,8 +124,8 @@ src/dv/gnunet-dv.c | |||
126 | src/dv/gnunet-service-dv.c | 124 | src/dv/gnunet-service-dv.c |
127 | src/dv/plugin_transport_dv.c | 125 | src/dv/plugin_transport_dv.c |
128 | src/exit/gnunet-daemon-exit.c | 126 | src/exit/gnunet-daemon-exit.c |
129 | src/exit/gnunet-helper-exit-windows.c | ||
130 | src/exit/gnunet-helper-exit.c | 127 | src/exit/gnunet-helper-exit.c |
128 | src/exit/gnunet-helper-exit-windows.c | ||
131 | src/fragmentation/defragmentation.c | 129 | src/fragmentation/defragmentation.c |
132 | src/fragmentation/fragmentation.c | 130 | src/fragmentation/fragmentation.c |
133 | src/fs/fs_api.c | 131 | src/fs/fs_api.c |
@@ -152,8 +150,8 @@ src/fs/gnunet-auto-share.c | |||
152 | src/fs/gnunet-daemon-fsprofiler.c | 150 | src/fs/gnunet-daemon-fsprofiler.c |
153 | src/fs/gnunet-directory.c | 151 | src/fs/gnunet-directory.c |
154 | src/fs/gnunet-download.c | 152 | src/fs/gnunet-download.c |
155 | src/fs/gnunet-fs-profiler.c | ||
156 | src/fs/gnunet-fs.c | 153 | src/fs/gnunet-fs.c |
154 | src/fs/gnunet-fs-profiler.c | ||
157 | src/fs/gnunet-helper-fs-publish.c | 155 | src/fs/gnunet-helper-fs-publish.c |
158 | src/fs/gnunet-publish.c | 156 | src/fs/gnunet-publish.c |
159 | src/fs/gnunet-search.c | 157 | src/fs/gnunet-search.c |
@@ -173,10 +171,10 @@ src/gns/gns_tld_api.c | |||
173 | src/gns/gnunet-bcd.c | 171 | src/gns/gnunet-bcd.c |
174 | src/gns/gnunet-dns2gns.c | 172 | src/gns/gnunet-dns2gns.c |
175 | src/gns/gnunet-gns-benchmark.c | 173 | src/gns/gnunet-gns-benchmark.c |
174 | src/gns/gnunet-gns.c | ||
176 | src/gns/gnunet-gns-helper-service-w32.c | 175 | src/gns/gnunet-gns-helper-service-w32.c |
177 | src/gns/gnunet-gns-import.c | 176 | src/gns/gnunet-gns-import.c |
178 | src/gns/gnunet-gns-proxy.c | 177 | src/gns/gnunet-gns-proxy.c |
179 | src/gns/gnunet-gns.c | ||
180 | src/gns/gnunet-service-gns.c | 178 | src/gns/gnunet-service-gns.c |
181 | src/gns/gnunet-service-gns_interceptor.c | 179 | src/gns/gnunet-service-gns_interceptor.c |
182 | src/gns/gnunet-service-gns_resolver.c | 180 | src/gns/gnunet-service-gns_resolver.c |
@@ -185,15 +183,15 @@ src/gns/nss/nss_gns_query.c | |||
185 | src/gns/plugin_block_gns.c | 183 | src/gns/plugin_block_gns.c |
186 | src/gns/plugin_gnsrecord_gns.c | 184 | src/gns/plugin_gnsrecord_gns.c |
187 | src/gns/plugin_rest_gns.c | 185 | src/gns/plugin_rest_gns.c |
188 | src/gns/w32nsp-install.c | ||
189 | src/gns/w32nsp-resolve.c | ||
190 | src/gns/w32nsp-uninstall.c | ||
191 | src/gns/w32nsp.c | ||
192 | src/gnsrecord/gnsrecord.c | 186 | src/gnsrecord/gnsrecord.c |
193 | src/gnsrecord/gnsrecord_crypto.c | 187 | src/gnsrecord/gnsrecord_crypto.c |
194 | src/gnsrecord/gnsrecord_misc.c | 188 | src/gnsrecord/gnsrecord_misc.c |
195 | src/gnsrecord/gnsrecord_serialization.c | 189 | src/gnsrecord/gnsrecord_serialization.c |
196 | src/gnsrecord/plugin_gnsrecord_dns.c | 190 | src/gnsrecord/plugin_gnsrecord_dns.c |
191 | src/gns/w32nsp.c | ||
192 | src/gns/w32nsp-install.c | ||
193 | src/gns/w32nsp-resolve.c | ||
194 | src/gns/w32nsp-uninstall.c | ||
197 | src/hello/address.c | 195 | src/hello/address.c |
198 | src/hello/gnunet-hello.c | 196 | src/hello/gnunet-hello.c |
199 | src/hello/hello.c | 197 | src/hello/hello.c |
@@ -202,6 +200,11 @@ src/hostlist/gnunet-daemon-hostlist_client.c | |||
202 | src/hostlist/gnunet-daemon-hostlist_server.c | 200 | src/hostlist/gnunet-daemon-hostlist_server.c |
203 | src/identity-attribute/identity_attribute.c | 201 | src/identity-attribute/identity_attribute.c |
204 | src/identity-attribute/plugin_identity_attribute_gnuid.c | 202 | src/identity-attribute/plugin_identity_attribute_gnuid.c |
203 | src/identity/gnunet-identity.c | ||
204 | src/identity/gnunet-service-identity.c | ||
205 | src/identity/identity_api.c | ||
206 | src/identity/identity_api_lookup.c | ||
207 | src/identity/plugin_rest_identity.c | ||
205 | src/identity-provider/gnunet-idp.c | 208 | src/identity-provider/gnunet-idp.c |
206 | src/identity-provider/gnunet-service-identity-provider.c | 209 | src/identity-provider/gnunet-service-identity-provider.c |
207 | src/identity-provider/identity_provider_api.c | 210 | src/identity-provider/identity_provider_api.c |
@@ -210,20 +213,15 @@ src/identity-provider/plugin_gnsrecord_identity_provider.c | |||
210 | src/identity-provider/plugin_identity_provider_sqlite.c | 213 | src/identity-provider/plugin_identity_provider_sqlite.c |
211 | src/identity-provider/plugin_rest_identity_provider.c | 214 | src/identity-provider/plugin_rest_identity_provider.c |
212 | src/identity-provider/plugin_rest_openid_connect.c | 215 | src/identity-provider/plugin_rest_openid_connect.c |
213 | src/identity/gnunet-identity.c | ||
214 | src/identity/gnunet-service-identity.c | ||
215 | src/identity/identity_api.c | ||
216 | src/identity/identity_api_lookup.c | ||
217 | src/identity/plugin_rest_identity.c | ||
218 | src/json/json.c | ||
219 | src/json/json_generator.c | ||
220 | src/json/json_helper.c | ||
221 | src/json/json_mhd.c | ||
222 | src/jsonapi/jsonapi.c | 216 | src/jsonapi/jsonapi.c |
223 | src/jsonapi/jsonapi_document.c | 217 | src/jsonapi/jsonapi_document.c |
224 | src/jsonapi/jsonapi_error.c | 218 | src/jsonapi/jsonapi_error.c |
225 | src/jsonapi/jsonapi_relationship.c | 219 | src/jsonapi/jsonapi_relationship.c |
226 | src/jsonapi/jsonapi_resource.c | 220 | src/jsonapi/jsonapi_resource.c |
221 | src/json/json.c | ||
222 | src/json/json_generator.c | ||
223 | src/json/json_helper.c | ||
224 | src/json/json_mhd.c | ||
227 | src/multicast/gnunet-multicast.c | 225 | src/multicast/gnunet-multicast.c |
228 | src/multicast/gnunet-service-multicast.c | 226 | src/multicast/gnunet-service-multicast.c |
229 | src/multicast/multicast_api.c | 227 | src/multicast/multicast_api.c |
@@ -237,8 +235,8 @@ src/namecache/namecache_api.c | |||
237 | src/namecache/plugin_namecache_flat.c | 235 | src/namecache/plugin_namecache_flat.c |
238 | src/namecache/plugin_namecache_postgres.c | 236 | src/namecache/plugin_namecache_postgres.c |
239 | src/namecache/plugin_namecache_sqlite.c | 237 | src/namecache/plugin_namecache_sqlite.c |
240 | src/namestore/gnunet-namestore-fcfsd.c | ||
241 | src/namestore/gnunet-namestore.c | 238 | src/namestore/gnunet-namestore.c |
239 | src/namestore/gnunet-namestore-fcfsd.c | ||
242 | src/namestore/gnunet-service-namestore.c | 240 | src/namestore/gnunet-service-namestore.c |
243 | src/namestore/gnunet-zoneimport.c | 241 | src/namestore/gnunet-zoneimport.c |
244 | src/namestore/namestore_api.c | 242 | src/namestore/namestore_api.c |
@@ -254,10 +252,10 @@ src/nat-auto/gnunet-service-nat-auto.c | |||
254 | src/nat-auto/gnunet-service-nat-auto_legacy.c | 252 | src/nat-auto/gnunet-service-nat-auto_legacy.c |
255 | src/nat-auto/nat_auto_api.c | 253 | src/nat-auto/nat_auto_api.c |
256 | src/nat-auto/nat_auto_api_test.c | 254 | src/nat-auto/nat_auto_api_test.c |
257 | src/nat/gnunet-helper-nat-client-windows.c | ||
258 | src/nat/gnunet-helper-nat-client.c | 255 | src/nat/gnunet-helper-nat-client.c |
259 | src/nat/gnunet-helper-nat-server-windows.c | 256 | src/nat/gnunet-helper-nat-client-windows.c |
260 | src/nat/gnunet-helper-nat-server.c | 257 | src/nat/gnunet-helper-nat-server.c |
258 | src/nat/gnunet-helper-nat-server-windows.c | ||
261 | src/nat/gnunet-nat.c | 259 | src/nat/gnunet-nat.c |
262 | src/nat/gnunet-service-nat.c | 260 | src/nat/gnunet-service-nat.c |
263 | src/nat/gnunet-service-nat_externalip.c | 261 | src/nat/gnunet-service-nat_externalip.c |
@@ -266,15 +264,15 @@ src/nat/gnunet-service-nat_mini.c | |||
266 | src/nat/gnunet-service-nat_stun.c | 264 | src/nat/gnunet-service-nat_stun.c |
267 | src/nat/nat_api.c | 265 | src/nat/nat_api.c |
268 | src/nat/nat_api_stun.c | 266 | src/nat/nat_api_stun.c |
269 | src/nse/gnunet-nse-profiler.c | ||
270 | src/nse/gnunet-nse.c | 267 | src/nse/gnunet-nse.c |
268 | src/nse/gnunet-nse-profiler.c | ||
271 | src/nse/gnunet-service-nse.c | 269 | src/nse/gnunet-service-nse.c |
272 | src/nse/nse_api.c | 270 | src/nse/nse_api.c |
273 | src/peerinfo-tool/gnunet-peerinfo.c | ||
274 | src/peerinfo-tool/gnunet-peerinfo_plugins.c | ||
275 | src/peerinfo/gnunet-service-peerinfo.c | 271 | src/peerinfo/gnunet-service-peerinfo.c |
276 | src/peerinfo/peerinfo_api.c | 272 | src/peerinfo/peerinfo_api.c |
277 | src/peerinfo/peerinfo_api_notify.c | 273 | src/peerinfo/peerinfo_api_notify.c |
274 | src/peerinfo-tool/gnunet-peerinfo.c | ||
275 | src/peerinfo-tool/gnunet-peerinfo_plugins.c | ||
278 | src/peerstore/gnunet-peerstore.c | 276 | src/peerstore/gnunet-peerstore.c |
279 | src/peerstore/gnunet-service-peerstore.c | 277 | src/peerstore/gnunet-service-peerstore.c |
280 | src/peerstore/peerstore_api.c | 278 | src/peerstore/peerstore_api.c |
@@ -319,20 +317,21 @@ src/revocation/gnunet-revocation.c | |||
319 | src/revocation/gnunet-service-revocation.c | 317 | src/revocation/gnunet-service-revocation.c |
320 | src/revocation/plugin_block_revocation.c | 318 | src/revocation/plugin_block_revocation.c |
321 | src/revocation/revocation_api.c | 319 | src/revocation/revocation_api.c |
322 | src/rps/gnunet-rps-profiler.c | ||
323 | src/rps/gnunet-rps.c | 320 | src/rps/gnunet-rps.c |
321 | src/rps/gnunet-rps-profiler.c | ||
324 | src/rps/gnunet-service-rps.c | 322 | src/rps/gnunet-service-rps.c |
325 | src/rps/gnunet-service-rps_custommap.c | 323 | src/rps/gnunet-service-rps_custommap.c |
326 | src/rps/gnunet-service-rps_sampler.c | 324 | src/rps/gnunet-service-rps_sampler.c |
327 | src/rps/gnunet-service-rps_sampler_elem.c | 325 | src/rps/gnunet-service-rps_sampler_elem.c |
328 | src/rps/gnunet-service-rps_view.c | 326 | src/rps/gnunet-service-rps_view.c |
329 | src/rps/rps-test_util.c | ||
330 | src/rps/rps_api.c | 327 | src/rps/rps_api.c |
328 | src/rps/rps_test_lib.c | ||
329 | src/rps/rps-test_util.c | ||
331 | src/scalarproduct/gnunet-scalarproduct.c | 330 | src/scalarproduct/gnunet-scalarproduct.c |
332 | src/scalarproduct/gnunet-service-scalarproduct-ecc_alice.c | ||
333 | src/scalarproduct/gnunet-service-scalarproduct-ecc_bob.c | ||
334 | src/scalarproduct/gnunet-service-scalarproduct_alice.c | 331 | src/scalarproduct/gnunet-service-scalarproduct_alice.c |
335 | src/scalarproduct/gnunet-service-scalarproduct_bob.c | 332 | src/scalarproduct/gnunet-service-scalarproduct_bob.c |
333 | src/scalarproduct/gnunet-service-scalarproduct-ecc_alice.c | ||
334 | src/scalarproduct/gnunet-service-scalarproduct-ecc_bob.c | ||
336 | src/scalarproduct/scalarproduct_api.c | 335 | src/scalarproduct/scalarproduct_api.c |
337 | src/secretsharing/gnunet-secretsharing-profiler.c | 336 | src/secretsharing/gnunet-secretsharing-profiler.c |
338 | src/secretsharing/gnunet-service-secretsharing.c | 337 | src/secretsharing/gnunet-service-secretsharing.c |
@@ -361,16 +360,15 @@ src/statistics/gnunet-statistics.c | |||
361 | src/statistics/statistics_api.c | 360 | src/statistics/statistics_api.c |
362 | src/template/gnunet-service-template.c | 361 | src/template/gnunet-service-template.c |
363 | src/template/gnunet-template.c | 362 | src/template/gnunet-template.c |
364 | src/testbed-logger/gnunet-service-testbed-logger.c | ||
365 | src/testbed-logger/testbed_logger_api.c | ||
366 | src/testbed/generate-underlay-topology.c | 363 | src/testbed/generate-underlay-topology.c |
367 | src/testbed/gnunet-daemon-latency-logger.c | 364 | src/testbed/gnunet-daemon-latency-logger.c |
368 | src/testbed/gnunet-daemon-testbed-blacklist.c | 365 | src/testbed/gnunet-daemon-testbed-blacklist.c |
369 | src/testbed/gnunet-daemon-testbed-underlay.c | 366 | src/testbed/gnunet-daemon-testbed-underlay.c |
370 | src/testbed/gnunet-helper-testbed.c | 367 | src/testbed/gnunet-helper-testbed.c |
368 | src/testbed/gnunet_mpi_test.c | ||
371 | src/testbed/gnunet-service-test-barriers.c | 369 | src/testbed/gnunet-service-test-barriers.c |
372 | src/testbed/gnunet-service-testbed.c | ||
373 | src/testbed/gnunet-service-testbed_barriers.c | 370 | src/testbed/gnunet-service-testbed_barriers.c |
371 | src/testbed/gnunet-service-testbed.c | ||
374 | src/testbed/gnunet-service-testbed_cache.c | 372 | src/testbed/gnunet-service-testbed_cache.c |
375 | src/testbed/gnunet-service-testbed_connectionpool.c | 373 | src/testbed/gnunet-service-testbed_connectionpool.c |
376 | src/testbed/gnunet-service-testbed_cpustatus.c | 374 | src/testbed/gnunet-service-testbed_cpustatus.c |
@@ -378,19 +376,20 @@ src/testbed/gnunet-service-testbed_links.c | |||
378 | src/testbed/gnunet-service-testbed_meminfo.c | 376 | src/testbed/gnunet-service-testbed_meminfo.c |
379 | src/testbed/gnunet-service-testbed_oc.c | 377 | src/testbed/gnunet-service-testbed_oc.c |
380 | src/testbed/gnunet-service-testbed_peers.c | 378 | src/testbed/gnunet-service-testbed_peers.c |
381 | src/testbed/gnunet-testbed-profiler.c | ||
382 | src/testbed/gnunet_mpi_test.c | ||
383 | src/testbed/gnunet_testbed_mpi_spawn.c | 379 | src/testbed/gnunet_testbed_mpi_spawn.c |
384 | src/testbed/testbed_api.c | 380 | src/testbed/gnunet-testbed-profiler.c |
381 | src/testbed-logger/gnunet-service-testbed-logger.c | ||
382 | src/testbed-logger/testbed_logger_api.c | ||
385 | src/testbed/testbed_api_barriers.c | 383 | src/testbed/testbed_api_barriers.c |
384 | src/testbed/testbed_api.c | ||
386 | src/testbed/testbed_api_hosts.c | 385 | src/testbed/testbed_api_hosts.c |
387 | src/testbed/testbed_api_operations.c | 386 | src/testbed/testbed_api_operations.c |
388 | src/testbed/testbed_api_peers.c | 387 | src/testbed/testbed_api_peers.c |
389 | src/testbed/testbed_api_sd.c | 388 | src/testbed/testbed_api_sd.c |
390 | src/testbed/testbed_api_services.c | 389 | src/testbed/testbed_api_services.c |
391 | src/testbed/testbed_api_statistics.c | 390 | src/testbed/testbed_api_statistics.c |
392 | src/testbed/testbed_api_test.c | ||
393 | src/testbed/testbed_api_testbed.c | 391 | src/testbed/testbed_api_testbed.c |
392 | src/testbed/testbed_api_test.c | ||
394 | src/testbed/testbed_api_topology.c | 393 | src/testbed/testbed_api_topology.c |
395 | src/testbed/testbed_api_underlay.c | 394 | src/testbed/testbed_api_underlay.c |
396 | src/testing/gnunet-testing.c | 395 | src/testing/gnunet-testing.c |
@@ -399,28 +398,28 @@ src/testing/testing.c | |||
399 | src/topology/friends.c | 398 | src/topology/friends.c |
400 | src/topology/gnunet-daemon-topology.c | 399 | src/topology/gnunet-daemon-topology.c |
401 | src/transport/gnunet-helper-transport-bluetooth.c | 400 | src/transport/gnunet-helper-transport-bluetooth.c |
402 | src/transport/gnunet-helper-transport-wlan-dummy.c | ||
403 | src/transport/gnunet-helper-transport-wlan.c | 401 | src/transport/gnunet-helper-transport-wlan.c |
404 | src/transport/gnunet-service-transport.c | 402 | src/transport/gnunet-helper-transport-wlan-dummy.c |
405 | src/transport/gnunet-service-transport_ats.c | 403 | src/transport/gnunet-service-transport_ats.c |
404 | src/transport/gnunet-service-transport.c | ||
406 | src/transport/gnunet-service-transport_hello.c | 405 | src/transport/gnunet-service-transport_hello.c |
407 | src/transport/gnunet-service-transport_manipulation.c | 406 | src/transport/gnunet-service-transport_manipulation.c |
408 | src/transport/gnunet-service-transport_neighbours.c | 407 | src/transport/gnunet-service-transport_neighbours.c |
409 | src/transport/gnunet-service-transport_plugins.c | 408 | src/transport/gnunet-service-transport_plugins.c |
410 | src/transport/gnunet-service-transport_validation.c | 409 | src/transport/gnunet-service-transport_validation.c |
410 | src/transport/gnunet-transport.c | ||
411 | src/transport/gnunet-transport-certificate-creation.c | 411 | src/transport/gnunet-transport-certificate-creation.c |
412 | src/transport/gnunet-transport-profiler.c | 412 | src/transport/gnunet-transport-profiler.c |
413 | src/transport/gnunet-transport-wlan-receiver.c | 413 | src/transport/gnunet-transport-wlan-receiver.c |
414 | src/transport/gnunet-transport-wlan-sender.c | 414 | src/transport/gnunet-transport-wlan-sender.c |
415 | src/transport/gnunet-transport.c | ||
416 | src/transport/plugin_transport_http_client.c | 415 | src/transport/plugin_transport_http_client.c |
417 | src/transport/plugin_transport_http_common.c | 416 | src/transport/plugin_transport_http_common.c |
418 | src/transport/plugin_transport_http_server.c | 417 | src/transport/plugin_transport_http_server.c |
419 | src/transport/plugin_transport_smtp.c | 418 | src/transport/plugin_transport_smtp.c |
420 | src/transport/plugin_transport_tcp.c | 419 | src/transport/plugin_transport_tcp.c |
421 | src/transport/plugin_transport_template.c | 420 | src/transport/plugin_transport_template.c |
422 | src/transport/plugin_transport_udp.c | ||
423 | src/transport/plugin_transport_udp_broadcasting.c | 421 | src/transport/plugin_transport_udp_broadcasting.c |
422 | src/transport/plugin_transport_udp.c | ||
424 | src/transport/plugin_transport_unix.c | 423 | src/transport/plugin_transport_unix.c |
425 | src/transport/plugin_transport_wlan.c | 424 | src/transport/plugin_transport_wlan.c |
426 | src/transport/plugin_transport_xt.c | 425 | src/transport/plugin_transport_xt.c |
@@ -429,11 +428,6 @@ src/transport/tcp_connection_legacy.c | |||
429 | src/transport/tcp_server_legacy.c | 428 | src/transport/tcp_server_legacy.c |
430 | src/transport/tcp_server_mst_legacy.c | 429 | src/transport/tcp_server_mst_legacy.c |
431 | src/transport/tcp_service_legacy.c | 430 | src/transport/tcp_service_legacy.c |
432 | src/transport/transport-testing-filenames.c | ||
433 | src/transport/transport-testing-loggers.c | ||
434 | src/transport/transport-testing-main.c | ||
435 | src/transport/transport-testing-send.c | ||
436 | src/transport/transport-testing.c | ||
437 | src/transport/transport_api_address_to_string.c | 431 | src/transport/transport_api_address_to_string.c |
438 | src/transport/transport_api_blacklist.c | 432 | src/transport/transport_api_blacklist.c |
439 | src/transport/transport_api_core.c | 433 | src/transport/transport_api_core.c |
@@ -442,8 +436,11 @@ src/transport/transport_api_manipulation.c | |||
442 | src/transport/transport_api_monitor_peers.c | 436 | src/transport/transport_api_monitor_peers.c |
443 | src/transport/transport_api_monitor_plugins.c | 437 | src/transport/transport_api_monitor_plugins.c |
444 | src/transport/transport_api_offer_hello.c | 438 | src/transport/transport_api_offer_hello.c |
445 | src/tun/regex.c | 439 | src/transport/transport-testing.c |
446 | src/tun/tun.c | 440 | src/transport/transport-testing-filenames.c |
441 | src/transport/transport-testing-loggers.c | ||
442 | src/transport/transport-testing-main.c | ||
443 | src/transport/transport-testing-send.c | ||
447 | src/util/bandwidth.c | 444 | src/util/bandwidth.c |
448 | src/util/bio.c | 445 | src/util/bio.c |
449 | src/util/client.c | 446 | src/util/client.c |
@@ -455,8 +452,8 @@ src/util/configuration_loader.c | |||
455 | src/util/container_bloomfilter.c | 452 | src/util/container_bloomfilter.c |
456 | src/util/container_heap.c | 453 | src/util/container_heap.c |
457 | src/util/container_meta_data.c | 454 | src/util/container_meta_data.c |
458 | src/util/container_multihashmap.c | ||
459 | src/util/container_multihashmap32.c | 455 | src/util/container_multihashmap32.c |
456 | src/util/container_multihashmap.c | ||
460 | src/util/container_multipeermap.c | 457 | src/util/container_multipeermap.c |
461 | src/util/container_multishortmap.c | 458 | src/util/container_multishortmap.c |
462 | src/util/crypto_abe.c | 459 | src/util/crypto_abe.c |
@@ -474,10 +471,12 @@ src/util/crypto_random.c | |||
474 | src/util/crypto_rsa.c | 471 | src/util/crypto_rsa.c |
475 | src/util/crypto_symmetric.c | 472 | src/util/crypto_symmetric.c |
476 | src/util/disk.c | 473 | src/util/disk.c |
474 | src/util/dnsparser.c | ||
475 | src/util/dnsstub.c | ||
477 | src/util/getopt.c | 476 | src/util/getopt.c |
478 | src/util/getopt_helpers.c | 477 | src/util/getopt_helpers.c |
479 | src/util/gnunet-config-diff.c | ||
480 | src/util/gnunet-config.c | 478 | src/util/gnunet-config.c |
479 | src/util/gnunet-config-diff.c | ||
481 | src/util/gnunet-ecc.c | 480 | src/util/gnunet-ecc.c |
482 | src/util/gnunet-helper-w32-console.c | 481 | src/util/gnunet-helper-w32-console.c |
483 | src/util/gnunet-resolver.c | 482 | src/util/gnunet-resolver.c |
@@ -497,6 +496,7 @@ src/util/os_priority.c | |||
497 | src/util/peer.c | 496 | src/util/peer.c |
498 | src/util/plugin.c | 497 | src/util/plugin.c |
499 | src/util/program.c | 498 | src/util/program.c |
499 | src/util/regex.c | ||
500 | src/util/resolver_api.c | 500 | src/util/resolver_api.c |
501 | src/util/scheduler.c | 501 | src/util/scheduler.c |
502 | src/util/service.c | 502 | src/util/service.c |
@@ -505,16 +505,17 @@ src/util/socks.c | |||
505 | src/util/speedup.c | 505 | src/util/speedup.c |
506 | src/util/strings.c | 506 | src/util/strings.c |
507 | src/util/time.c | 507 | src/util/time.c |
508 | src/util/tun.c | ||
508 | src/util/w32cat.c | 509 | src/util/w32cat.c |
509 | src/util/win.c | 510 | src/util/win.c |
510 | src/util/winproc.c | 511 | src/util/winproc.c |
511 | src/vpn/gnunet-helper-vpn-windows.c | ||
512 | src/vpn/gnunet-helper-vpn.c | 512 | src/vpn/gnunet-helper-vpn.c |
513 | src/vpn/gnunet-helper-vpn-windows.c | ||
513 | src/vpn/gnunet-service-vpn.c | 514 | src/vpn/gnunet-service-vpn.c |
514 | src/vpn/gnunet-vpn.c | 515 | src/vpn/gnunet-vpn.c |
515 | src/vpn/vpn_api.c | 516 | src/vpn/vpn_api.c |
516 | src/zonemaster/gnunet-service-zonemaster-monitor.c | ||
517 | src/zonemaster/gnunet-service-zonemaster.c | 517 | src/zonemaster/gnunet-service-zonemaster.c |
518 | src/zonemaster/gnunet-service-zonemaster-monitor.c | ||
518 | src/fs/fs_api.h | 519 | src/fs/fs_api.h |
519 | src/include/gnunet_common.h | 520 | src/include/gnunet_common.h |
520 | src/include/gnunet_mq_lib.h | 521 | src/include/gnunet_mq_lib.h |
@@ -914,8 +914,8 @@ msgstr "" | |||
914 | 914 | ||
915 | #: src/conversation/gnunet-conversation.c:720 | 915 | #: src/conversation/gnunet-conversation.c:720 |
916 | #, c-format | 916 | #, c-format |
917 | msgid "We are calling `%s', his phone should be ringing.\n" | 917 | msgid "We are calling `%s', their phone should be ringing.\n" |
918 | msgstr "" | 918 | msgstr "Wir rufen `%s' an, deren Telefon sollte jetzt klingeln.\n" |
919 | 919 | ||
920 | #: src/conversation/gnunet-conversation.c:739 | 920 | #: src/conversation/gnunet-conversation.c:739 |
921 | msgid "Calls waiting:\n" | 921 | msgid "Calls waiting:\n" |
@@ -2,6 +2,7 @@ | |||
2 | # Copyright (C) 2012 Christian Grothoff <christian@grothoff.org> | 2 | # Copyright (C) 2012 Christian Grothoff <christian@grothoff.org> |
3 | # This file is distributed under the same license as the GNUnet package. | 3 | # This file is distributed under the same license as the GNUnet package. |
4 | # Miguel Ángel Arruga Vivas <rosen644835@gmail.com>, 2006, 2013. | 4 | # Miguel Ángel Arruga Vivas <rosen644835@gmail.com>, 2006, 2013. |
5 | # xrs <xrs@mail36.net>, 2018 | ||
5 | # | 6 | # |
6 | msgid "" | 7 | msgid "" |
7 | msgstr "" | 8 | msgstr "" |
@@ -156,12 +157,12 @@ msgstr "Servicios en ejecución:\n" | |||
156 | #: src/arm/gnunet-arm.c:614 | 157 | #: src/arm/gnunet-arm.c:614 |
157 | #, c-format | 158 | #, c-format |
158 | msgid "Now only monitoring, press CTRL-C to stop.\n" | 159 | msgid "Now only monitoring, press CTRL-C to stop.\n" |
159 | msgstr "" | 160 | msgstr "Ahora solo monitorizando, pulsa CTRL-C para parar.\n" |
160 | 161 | ||
161 | #: src/arm/gnunet-arm.c:646 | 162 | #: src/arm/gnunet-arm.c:646 |
162 | #, c-format | 163 | #, c-format |
163 | msgid "Stopped %s.\n" | 164 | msgid "Stopped %s.\n" |
164 | msgstr "" | 165 | msgstr "%s detenido.\n" |
165 | 166 | ||
166 | #: src/arm/gnunet-arm.c:649 | 167 | #: src/arm/gnunet-arm.c:649 |
167 | #, fuzzy, c-format | 168 | #, fuzzy, c-format |
@@ -171,7 +172,7 @@ msgstr "Iniciando descarga «%s».\n" | |||
171 | #: src/arm/gnunet-arm.c:652 | 172 | #: src/arm/gnunet-arm.c:652 |
172 | #, c-format | 173 | #, c-format |
173 | msgid "Stopping %s...\n" | 174 | msgid "Stopping %s...\n" |
174 | msgstr "" | 175 | msgstr "Deteniendo %s...\n" |
175 | 176 | ||
176 | #: src/arm/gnunet-arm.c:666 | 177 | #: src/arm/gnunet-arm.c:666 |
177 | #, fuzzy, c-format | 178 | #, fuzzy, c-format |
@@ -204,7 +205,7 @@ msgstr "borrar el directorio y el fichero de configuración al salir" | |||
204 | 205 | ||
205 | #: src/arm/gnunet-arm.c:798 | 206 | #: src/arm/gnunet-arm.c:798 |
206 | msgid "monitor ARM activities" | 207 | msgid "monitor ARM activities" |
207 | msgstr "" | 208 | msgstr "monitoriza actividades de ARM" |
208 | 209 | ||
209 | #: src/arm/gnunet-arm.c:803 | 210 | #: src/arm/gnunet-arm.c:803 |
210 | msgid "don't print status messages" | 211 | msgid "don't print status messages" |
@@ -212,7 +213,7 @@ msgstr "no imprime mensajes de estado" | |||
212 | 213 | ||
213 | #: src/arm/gnunet-arm.c:809 | 214 | #: src/arm/gnunet-arm.c:809 |
214 | msgid "exit with error status if operation does not finish after DELAY" | 215 | msgid "exit with error status if operation does not finish after DELAY" |
215 | msgstr "" | 216 | msgstr "sale con estado de error si la operación no termina despues del DELAY" |
216 | 217 | ||
217 | #: src/arm/gnunet-arm.c:814 | 218 | #: src/arm/gnunet-arm.c:814 |
218 | msgid "list currently running services" | 219 | msgid "list currently running services" |
@@ -421,7 +422,7 @@ msgstr "valor a establecer" | |||
421 | #: src/ats/gnunet-ats-solver-eval.c:3297 src/ats-tests/gnunet-solver-eval.c:943 | 422 | #: src/ats/gnunet-ats-solver-eval.c:3297 src/ats-tests/gnunet-solver-eval.c:943 |
422 | #: src/ats-tests/gnunet-solver-eval.c:948 | 423 | #: src/ats-tests/gnunet-solver-eval.c:948 |
423 | msgid "experiment to use" | 424 | msgid "experiment to use" |
424 | msgstr "" | 425 | msgstr "experimento para usar" |
425 | 426 | ||
426 | #: src/ats/gnunet-ats-solver-eval.c:3304 | 427 | #: src/ats/gnunet-ats-solver-eval.c:3304 |
427 | #, fuzzy | 428 | #, fuzzy |
@@ -430,11 +431,11 @@ msgstr "Iniciando descarga «%s».\n" | |||
430 | 431 | ||
431 | #: src/ats/gnunet-ats-solver-eval.c:3309 | 432 | #: src/ats/gnunet-ats-solver-eval.c:3309 |
432 | msgid "save logging to disk" | 433 | msgid "save logging to disk" |
433 | msgstr "" | 434 | msgstr "guarda protocolo al fichero en disco" |
434 | 435 | ||
435 | #: src/ats/gnunet-ats-solver-eval.c:3314 | 436 | #: src/ats/gnunet-ats-solver-eval.c:3314 |
436 | msgid "disable normalization" | 437 | msgid "disable normalization" |
437 | msgstr "" | 438 | msgstr "deshabilita normalización" |
438 | 439 | ||
439 | #: src/ats/gnunet-service-ats_plugins.c:302 | 440 | #: src/ats/gnunet-service-ats_plugins.c:302 |
440 | #, fuzzy, c-format | 441 | #, fuzzy, c-format |
@@ -584,11 +585,11 @@ msgstr "" | |||
584 | 585 | ||
585 | #: src/ats-tool/gnunet-ats.c:400 | 586 | #: src/ats-tool/gnunet-ats.c:400 |
586 | msgid "active " | 587 | msgid "active " |
587 | msgstr "" | 588 | msgstr "activo " |
588 | 589 | ||
589 | #: src/ats-tool/gnunet-ats.c:400 | 590 | #: src/ats-tool/gnunet-ats.c:400 |
590 | msgid "inactive " | 591 | msgid "inactive " |
591 | msgstr "" | 592 | msgstr "inactivo " |
592 | 593 | ||
593 | #: src/ats-tool/gnunet-ats.c:510 | 594 | #: src/ats-tool/gnunet-ats.c:510 |
594 | #, fuzzy, c-format | 595 | #, fuzzy, c-format |
@@ -693,19 +694,19 @@ msgstr "Imprime información acerca del estado del ATS" | |||
693 | 694 | ||
694 | #: src/auction/gnunet-auction-create.c:161 | 695 | #: src/auction/gnunet-auction-create.c:161 |
695 | msgid "description of the item to be sold" | 696 | msgid "description of the item to be sold" |
696 | msgstr "" | 697 | msgstr "descripción del elemento que está por vender" |
697 | 698 | ||
698 | #: src/auction/gnunet-auction-create.c:167 | 699 | #: src/auction/gnunet-auction-create.c:167 |
699 | msgid "mapping of possible prices" | 700 | msgid "mapping of possible prices" |
700 | msgstr "" | 701 | msgstr "figurando posibles precios" |
701 | 702 | ||
702 | #: src/auction/gnunet-auction-create.c:173 | 703 | #: src/auction/gnunet-auction-create.c:173 |
703 | msgid "max duration per round" | 704 | msgid "max duration per round" |
704 | msgstr "" | 705 | msgstr "maxima duración del turno" |
705 | 706 | ||
706 | #: src/auction/gnunet-auction-create.c:179 | 707 | #: src/auction/gnunet-auction-create.c:179 |
707 | msgid "duration until auction starts" | 708 | msgid "duration until auction starts" |
708 | msgstr "" | 709 | msgstr "duración hasta que la caución empieza" |
709 | 710 | ||
710 | #: src/auction/gnunet-auction-create.c:184 | 711 | #: src/auction/gnunet-auction-create.c:184 |
711 | msgid "" | 712 | msgid "" |
@@ -979,7 +980,7 @@ msgstr "Detectada dirección de la red interna «%s».\n" | |||
979 | 980 | ||
980 | #: src/conversation/gnunet-conversation.c:720 | 981 | #: src/conversation/gnunet-conversation.c:720 |
981 | #, c-format | 982 | #, c-format |
982 | msgid "We are calling `%s', his phone should be ringing.\n" | 983 | msgid "We are calling `%s', their phone should be ringing.\n" |
983 | msgstr "" | 984 | msgstr "" |
984 | 985 | ||
985 | #: src/conversation/gnunet-conversation.c:739 | 986 | #: src/conversation/gnunet-conversation.c:739 |
@@ -899,7 +899,7 @@ msgstr "" | |||
899 | 899 | ||
900 | #: src/conversation/gnunet-conversation.c:720 | 900 | #: src/conversation/gnunet-conversation.c:720 |
901 | #, c-format | 901 | #, c-format |
902 | msgid "We are calling `%s', his phone should be ringing.\n" | 902 | msgid "We are calling `%s', their phone should be ringing.\n" |
903 | msgstr "" | 903 | msgstr "" |
904 | 904 | ||
905 | #: src/conversation/gnunet-conversation.c:739 | 905 | #: src/conversation/gnunet-conversation.c:739 |
@@ -924,7 +924,7 @@ msgstr "" | |||
924 | 924 | ||
925 | #: src/conversation/gnunet-conversation.c:720 | 925 | #: src/conversation/gnunet-conversation.c:720 |
926 | #, c-format | 926 | #, c-format |
927 | msgid "We are calling `%s', his phone should be ringing.\n" | 927 | msgid "We are calling `%s', their phone should be ringing.\n" |
928 | msgstr "" | 928 | msgstr "" |
929 | 929 | ||
930 | #: src/conversation/gnunet-conversation.c:739 | 930 | #: src/conversation/gnunet-conversation.c:739 |
@@ -933,7 +933,7 @@ msgstr "GNUnet bây giờ sử dụng địa chỉ IP %s.\n" | |||
933 | 933 | ||
934 | #: src/conversation/gnunet-conversation.c:720 | 934 | #: src/conversation/gnunet-conversation.c:720 |
935 | #, c-format | 935 | #, c-format |
936 | msgid "We are calling `%s', his phone should be ringing.\n" | 936 | msgid "We are calling `%s', their phone should be ringing.\n" |
937 | msgstr "" | 937 | msgstr "" |
938 | 938 | ||
939 | #: src/conversation/gnunet-conversation.c:739 | 939 | #: src/conversation/gnunet-conversation.c:739 |
diff --git a/po/zh_CN.po b/po/zh_CN.po index 80d7e1996..d27d6f0a0 100644 --- a/po/zh_CN.po +++ b/po/zh_CN.po | |||
@@ -915,7 +915,7 @@ msgstr "GNUnet 现在使用 IP 地址 %s。\n" | |||
915 | 915 | ||
916 | #: src/conversation/gnunet-conversation.c:720 | 916 | #: src/conversation/gnunet-conversation.c:720 |
917 | #, c-format | 917 | #, c-format |
918 | msgid "We are calling `%s', his phone should be ringing.\n" | 918 | msgid "We are calling `%s', their phone should be ringing.\n" |
919 | msgstr "" | 919 | msgstr "" |
920 | 920 | ||
921 | #: src/conversation/gnunet-conversation.c:739 | 921 | #: src/conversation/gnunet-conversation.c:739 |
diff --git a/src/Makefile.am b/src/Makefile.am index d8d548706..00f30adc3 100644 --- a/src/Makefile.am +++ b/src/Makefile.am | |||
@@ -83,7 +83,6 @@ SUBDIRS = \ | |||
83 | $(REST_DIR) \ | 83 | $(REST_DIR) \ |
84 | $(JSONAPI_DIR) \ | 84 | $(JSONAPI_DIR) \ |
85 | hello \ | 85 | hello \ |
86 | tun \ | ||
87 | block \ | 86 | block \ |
88 | statistics \ | 87 | statistics \ |
89 | arm \ | 88 | arm \ |
diff --git a/src/arm/test_arm_api_data.conf b/src/arm/test_arm_api_data.conf index 276b313b7..fef6cfb40 100644 --- a/src/arm/test_arm_api_data.conf +++ b/src/arm/test_arm_api_data.conf | |||
@@ -16,7 +16,7 @@ PORT = 23355 | |||
16 | 16 | ||
17 | [do-nothing] | 17 | [do-nothing] |
18 | START_ON_DEMAND = NO | 18 | START_ON_DEMAND = NO |
19 | PORT = 2223 | 19 | PORT = 48223 |
20 | HOSTNAME = localhost | 20 | HOSTNAME = localhost |
21 | BINARY = /will/be/overwritten/by/test_exponential_backoff | 21 | BINARY = /will/be/overwritten/by/test_exponential_backoff |
22 | ACCEPT_FROM = 127.0.0.1; | 22 | ACCEPT_FROM = 127.0.0.1; |
diff --git a/src/ats/gnunet-service-ats_addresses.h b/src/ats/gnunet-service-ats_addresses.h index d90ca1375..d4dc483eb 100644 --- a/src/ats/gnunet-service-ats_addresses.h +++ b/src/ats/gnunet-service-ats_addresses.h | |||
@@ -151,7 +151,7 @@ | |||
151 | * 1.7 Address management | 151 | * 1.7 Address management |
152 | * | 152 | * |
153 | * Transport service notifies ATS about changes to the addresses known to | 153 | * Transport service notifies ATS about changes to the addresses known to |
154 | * him. | 154 | * it. |
155 | * | 155 | * |
156 | * 1.7.1 Adding an address | 156 | * 1.7.1 Adding an address |
157 | * | 157 | * |
diff --git a/src/ats/plugin_ats_mlp.c b/src/ats/plugin_ats_mlp.c index 7e7594f90..544b8d97f 100644 --- a/src/ats/plugin_ats_mlp.c +++ b/src/ats/plugin_ats_mlp.c | |||
@@ -1554,6 +1554,7 @@ GAS_mlp_solve_problem (void *solver) | |||
1554 | struct GNUNET_TIME_Relative dur_mlp; | 1554 | struct GNUNET_TIME_Relative dur_mlp; |
1555 | 1555 | ||
1556 | GNUNET_assert(NULL != solver); | 1556 | GNUNET_assert(NULL != solver); |
1557 | dur_lp = GNUNET_TIME_UNIT_ZERO; | ||
1557 | 1558 | ||
1558 | if (GNUNET_YES == mlp->stat_bulk_lock) | 1559 | if (GNUNET_YES == mlp->stat_bulk_lock) |
1559 | { | 1560 | { |
diff --git a/src/cadet/cadet.conf.in b/src/cadet/cadet.conf.in index 2f4c6a6db..d1ddcb96f 100644 --- a/src/cadet/cadet.conf.in +++ b/src/cadet/cadet.conf.in | |||
@@ -8,7 +8,7 @@ BINARY = gnunet-service-cadet | |||
8 | ACCEPT_FROM = 127.0.0.1; | 8 | ACCEPT_FROM = 127.0.0.1; |
9 | ACCEPT_FROM6 = ::1; | 9 | ACCEPT_FROM6 = ::1; |
10 | UNIXPATH = $GNUNET_RUNTIME_DIR/gnunet-service-cadet.sock | 10 | UNIXPATH = $GNUNET_RUNTIME_DIR/gnunet-service-cadet.sock |
11 | UNIX_MATCH_UID = YES | 11 | UNIX_MATCH_UID = NO |
12 | UNIX_MATCH_GID = YES | 12 | UNIX_MATCH_GID = YES |
13 | 13 | ||
14 | 14 | ||
diff --git a/src/cadet/cadet.h b/src/cadet/cadet.h index 69be4e537..bac4bc49d 100644 --- a/src/cadet/cadet.h +++ b/src/cadet/cadet.h | |||
@@ -258,6 +258,11 @@ struct GNUNET_CADET_LocalInfoPeer | |||
258 | * #GNUNET_MESSAGE_TYPE_CADET_LOCAL_INFO_PEERS | 258 | * #GNUNET_MESSAGE_TYPE_CADET_LOCAL_INFO_PEERS |
259 | */ | 259 | */ |
260 | struct GNUNET_MessageHeader header; | 260 | struct GNUNET_MessageHeader header; |
261 | |||
262 | /** | ||
263 | * Offset the peer has in the path this message is about. | ||
264 | */ | ||
265 | uint16_t offset GNUNET_PACKED; | ||
261 | 266 | ||
262 | /** | 267 | /** |
263 | * Number of paths. | 268 | * Number of paths. |
@@ -268,6 +273,11 @@ struct GNUNET_CADET_LocalInfoPeer | |||
268 | * Do we have a tunnel toward this peer? | 273 | * Do we have a tunnel toward this peer? |
269 | */ | 274 | */ |
270 | int16_t tunnel GNUNET_PACKED; | 275 | int16_t tunnel GNUNET_PACKED; |
276 | |||
277 | /** | ||
278 | * We are finished with the paths. | ||
279 | */ | ||
280 | uint16_t finished_with_paths; | ||
271 | 281 | ||
272 | /** | 282 | /** |
273 | * ID of the peer (can be local peer). | 283 | * ID of the peer (can be local peer). |
diff --git a/src/cadet/cadet_api.c b/src/cadet/cadet_api.c index 91054cd4f..319279110 100644 --- a/src/cadet/cadet_api.c +++ b/src/cadet/cadet_api.c | |||
@@ -357,67 +357,52 @@ reconnect (struct GNUNET_CADET_Handle *h); | |||
357 | 357 | ||
358 | 358 | ||
359 | /** | 359 | /** |
360 | * Reconnect callback: tries to reconnect again after a failer previous | 360 | * Function called during #reconnect_cbk() to (re)open |
361 | * reconnecttion | 361 | * all ports that are still open. |
362 | * | ||
363 | * @param cls closure (cadet handle) | ||
364 | */ | ||
365 | static void | ||
366 | reconnect_cbk (void *cls) | ||
367 | { | ||
368 | struct GNUNET_CADET_Handle *h = cls; | ||
369 | |||
370 | h->reconnect_task = NULL; | ||
371 | reconnect (h); | ||
372 | } | ||
373 | |||
374 | |||
375 | /** | ||
376 | * Function called during #reconnect() to destroy | ||
377 | * all channels that are still open. | ||
378 | * | 362 | * |
379 | * @param cls the `struct GNUNET_CADET_Handle` | 363 | * @param cls the `struct GNUNET_CADET_Handle` |
380 | * @param cid chanenl ID | 364 | * @param id port ID |
381 | * @param value a `struct GNUNET_CADET_Channel` to destroy | 365 | * @param value a `struct GNUNET_CADET_Channel` to open |
382 | * @return #GNUNET_OK (continue to iterate) | 366 | * @return #GNUNET_OK (continue to iterate) |
383 | */ | 367 | */ |
384 | static int | 368 | static int |
385 | destroy_channel_on_reconnect_cb (void *cls, | 369 | open_port_cb (void *cls, |
386 | uint32_t cid, | 370 | const struct GNUNET_HashCode *id, |
387 | void *value) | 371 | void *value) |
388 | { | 372 | { |
389 | /* struct GNUNET_CADET_Handle *handle = cls; */ | 373 | struct GNUNET_CADET_Handle *h = cls; |
390 | struct GNUNET_CADET_Channel *ch = value; | 374 | struct GNUNET_CADET_Port *port = value; |
375 | struct GNUNET_CADET_PortMessage *msg; | ||
376 | struct GNUNET_MQ_Envelope *env; | ||
391 | 377 | ||
392 | GNUNET_log (GNUNET_ERROR_TYPE_INFO, | 378 | (void) id; |
393 | "Destroying channel due to reconnect\n"); | 379 | env = GNUNET_MQ_msg (msg, |
394 | destroy_channel (ch); | 380 | GNUNET_MESSAGE_TYPE_CADET_LOCAL_PORT_OPEN); |
381 | msg->port = port->id; | ||
382 | GNUNET_MQ_send (h->mq, | ||
383 | env); | ||
395 | return GNUNET_OK; | 384 | return GNUNET_OK; |
396 | } | 385 | } |
397 | 386 | ||
398 | 387 | ||
399 | /** | 388 | /** |
400 | * Reconnect to the service, retransmit all infomation to try to restore the | 389 | * Reconnect callback: tries to reconnect again after a failer previous |
401 | * original state. | 390 | * reconnecttion |
402 | * | ||
403 | * @param h handle to the cadet | ||
404 | * | 391 | * |
405 | * @return #GNUNET_YES in case of sucess, #GNUNET_NO otherwise (service down...) | 392 | * @param cls closure (cadet handle) |
406 | */ | 393 | */ |
407 | static void | 394 | static void |
408 | schedule_reconnect (struct GNUNET_CADET_Handle *h) | 395 | reconnect_cbk (void *cls) |
409 | { | 396 | { |
410 | if (NULL != h->reconnect_task) | 397 | struct GNUNET_CADET_Handle *h = cls; |
411 | return; | 398 | |
412 | GNUNET_CONTAINER_multihashmap32_iterate (h->channels, | 399 | h->reconnect_task = NULL; |
413 | &destroy_channel_on_reconnect_cb, | ||
414 | h); | ||
415 | h->reconnect_task | ||
416 | = GNUNET_SCHEDULER_add_delayed (h->reconnect_time, | ||
417 | &reconnect_cbk, | ||
418 | h); | ||
419 | h->reconnect_time | 400 | h->reconnect_time |
420 | = GNUNET_TIME_STD_BACKOFF (h->reconnect_time); | 401 | = GNUNET_TIME_STD_BACKOFF (h->reconnect_time); |
402 | reconnect (h); | ||
403 | GNUNET_CONTAINER_multihashmap_iterate (h->ports, | ||
404 | &open_port_cb, | ||
405 | h); | ||
421 | } | 406 | } |
422 | 407 | ||
423 | 408 | ||
@@ -555,15 +540,16 @@ cadet_mq_error_handler (void *cls, | |||
555 | { | 540 | { |
556 | struct GNUNET_CADET_Channel *ch = cls; | 541 | struct GNUNET_CADET_Channel *ch = cls; |
557 | 542 | ||
558 | GNUNET_break (0); | ||
559 | if (GNUNET_MQ_ERROR_NO_MATCH == error) | 543 | if (GNUNET_MQ_ERROR_NO_MATCH == error) |
560 | { | 544 | { |
561 | /* Got a message we did not understand, still try to continue! */ | 545 | /* Got a message we did not understand, still try to continue! */ |
546 | GNUNET_break_op (0); | ||
562 | GNUNET_CADET_receive_done (ch); | 547 | GNUNET_CADET_receive_done (ch); |
563 | } | 548 | } |
564 | else | 549 | else |
565 | { | 550 | { |
566 | schedule_reconnect (ch->cadet); | 551 | GNUNET_break (0); |
552 | GNUNET_CADET_channel_destroy (ch); | ||
567 | } | 553 | } |
568 | } | 554 | } |
569 | 555 | ||
@@ -581,6 +567,7 @@ cadet_mq_cancel_impl (struct GNUNET_MQ_Handle *mq, | |||
581 | { | 567 | { |
582 | struct GNUNET_CADET_Channel *ch = impl_state; | 568 | struct GNUNET_CADET_Channel *ch = impl_state; |
583 | 569 | ||
570 | (void) mq; | ||
584 | GNUNET_assert (NULL != ch->pending_env); | 571 | GNUNET_assert (NULL != ch->pending_env); |
585 | GNUNET_MQ_discard (ch->pending_env); | 572 | GNUNET_MQ_discard (ch->pending_env); |
586 | ch->pending_env = NULL; | 573 | ch->pending_env = NULL; |
@@ -709,6 +696,7 @@ check_local_data (void *cls, | |||
709 | { | 696 | { |
710 | uint16_t size; | 697 | uint16_t size; |
711 | 698 | ||
699 | (void) cls; | ||
712 | size = ntohs (message->header.size); | 700 | size = ntohs (message->header.size); |
713 | if (sizeof (*message) + sizeof (struct GNUNET_MessageHeader) > size) | 701 | if (sizeof (*message) + sizeof (struct GNUNET_MessageHeader) > size) |
714 | { | 702 | { |
@@ -806,6 +794,32 @@ handle_local_ack (void *cls, | |||
806 | 794 | ||
807 | 795 | ||
808 | /** | 796 | /** |
797 | * Function called during #GNUNET_CADET_disconnect() to destroy | ||
798 | * all channels that are still open. | ||
799 | * | ||
800 | * @param cls the `struct GNUNET_CADET_Handle` | ||
801 | * @param cid chanenl ID | ||
802 | * @param value a `struct GNUNET_CADET_Channel` to destroy | ||
803 | * @return #GNUNET_OK (continue to iterate) | ||
804 | */ | ||
805 | static int | ||
806 | destroy_channel_cb (void *cls, | ||
807 | uint32_t cid, | ||
808 | void *value) | ||
809 | { | ||
810 | /* struct GNUNET_CADET_Handle *handle = cls; */ | ||
811 | struct GNUNET_CADET_Channel *ch = value; | ||
812 | |||
813 | (void) cls; | ||
814 | (void) cid; | ||
815 | GNUNET_log (GNUNET_ERROR_TYPE_INFO, | ||
816 | "Destroying channel due to GNUNET_CADET_disconnect()\n"); | ||
817 | destroy_channel (ch); | ||
818 | return GNUNET_OK; | ||
819 | } | ||
820 | |||
821 | |||
822 | /** | ||
809 | * Generic error handler, called with the appropriate error code and | 823 | * Generic error handler, called with the appropriate error code and |
810 | * the same closure specified at the creation of the message queue. | 824 | * the same closure specified at the creation of the message queue. |
811 | * Not every message queue implementation supports an error handler. | 825 | * Not every message queue implementation supports an error handler. |
@@ -822,9 +836,14 @@ handle_mq_error (void *cls, | |||
822 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 836 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
823 | "MQ ERROR: %u\n", | 837 | "MQ ERROR: %u\n", |
824 | error); | 838 | error); |
839 | GNUNET_CONTAINER_multihashmap32_iterate (h->channels, | ||
840 | &destroy_channel_cb, | ||
841 | h); | ||
825 | GNUNET_MQ_destroy (h->mq); | 842 | GNUNET_MQ_destroy (h->mq); |
826 | h->mq = NULL; | 843 | h->mq = NULL; |
827 | reconnect (h); | 844 | h->reconnect_task = GNUNET_SCHEDULER_add_delayed (h->reconnect_time, |
845 | &reconnect_cbk, | ||
846 | h); | ||
828 | } | 847 | } |
829 | 848 | ||
830 | 849 | ||
@@ -842,6 +861,7 @@ check_get_peers (void *cls, | |||
842 | { | 861 | { |
843 | size_t esize; | 862 | size_t esize; |
844 | 863 | ||
864 | (void) cls; | ||
845 | esize = ntohs (message->size); | 865 | esize = ntohs (message->size); |
846 | if (sizeof (struct GNUNET_CADET_LocalInfoPeer) == esize) | 866 | if (sizeof (struct GNUNET_CADET_LocalInfoPeer) == esize) |
847 | return GNUNET_OK; | 867 | return GNUNET_OK; |
@@ -895,12 +915,9 @@ check_get_peer (void *cls, | |||
895 | const struct GNUNET_CADET_LocalInfoPeer *message) | 915 | const struct GNUNET_CADET_LocalInfoPeer *message) |
896 | { | 916 | { |
897 | size_t msize = sizeof (struct GNUNET_CADET_LocalInfoPeer); | 917 | size_t msize = sizeof (struct GNUNET_CADET_LocalInfoPeer); |
898 | const struct GNUNET_PeerIdentity *paths_array; | ||
899 | size_t esize; | 918 | size_t esize; |
900 | unsigned int epaths; | ||
901 | unsigned int paths; | ||
902 | unsigned int peers; | ||
903 | 919 | ||
920 | (void) cls; | ||
904 | esize = ntohs (message->header.size); | 921 | esize = ntohs (message->header.size); |
905 | if (esize < msize) | 922 | if (esize < msize) |
906 | { | 923 | { |
@@ -912,20 +929,6 @@ check_get_peer (void *cls, | |||
912 | GNUNET_break (0); | 929 | GNUNET_break (0); |
913 | return GNUNET_SYSERR; | 930 | return GNUNET_SYSERR; |
914 | } | 931 | } |
915 | peers = (esize - msize) / sizeof (struct GNUNET_PeerIdentity); | ||
916 | epaths = ntohs (message->paths); | ||
917 | paths_array = (const struct GNUNET_PeerIdentity *) &message[1]; | ||
918 | paths = 0; | ||
919 | for (unsigned int i = 0; i < peers; i++) | ||
920 | if (0 == memcmp (&paths_array[i], | ||
921 | &message->destination, | ||
922 | sizeof (struct GNUNET_PeerIdentity))) | ||
923 | paths++; | ||
924 | if (paths != epaths) | ||
925 | { | ||
926 | GNUNET_break (0); | ||
927 | return GNUNET_SYSERR; | ||
928 | } | ||
929 | return GNUNET_OK; | 932 | return GNUNET_OK; |
930 | } | 933 | } |
931 | 934 | ||
@@ -949,6 +952,11 @@ handle_get_peer (void *cls, | |||
949 | 952 | ||
950 | if (NULL == h->info_cb.peer_cb) | 953 | if (NULL == h->info_cb.peer_cb) |
951 | return; | 954 | return; |
955 | |||
956 | LOG (GNUNET_ERROR_TYPE_DEBUG, | ||
957 | "number of paths %u\n", | ||
958 | ntohs (message->paths)); | ||
959 | |||
952 | paths = ntohs (message->paths); | 960 | paths = ntohs (message->paths); |
953 | paths_array = (const struct GNUNET_PeerIdentity *) &message[1]; | 961 | paths_array = (const struct GNUNET_PeerIdentity *) &message[1]; |
954 | peers = (ntohs (message->header.size) - sizeof (*message)) | 962 | peers = (ntohs (message->header.size) - sizeof (*message)) |
@@ -978,7 +986,9 @@ handle_get_peer (void *cls, | |||
978 | (int) ntohs (message->tunnel), | 986 | (int) ntohs (message->tunnel), |
979 | neighbor, | 987 | neighbor, |
980 | paths, | 988 | paths, |
981 | paths_array); | 989 | paths_array, |
990 | (int) ntohs (message->offset), | ||
991 | (int) ntohs (message->finished_with_paths)); | ||
982 | } | 992 | } |
983 | 993 | ||
984 | 994 | ||
@@ -1170,38 +1180,6 @@ reconnect (struct GNUNET_CADET_Handle *h) | |||
1170 | handlers, | 1180 | handlers, |
1171 | &handle_mq_error, | 1181 | &handle_mq_error, |
1172 | h); | 1182 | h); |
1173 | if (NULL == h->mq) | ||
1174 | { | ||
1175 | schedule_reconnect (h); | ||
1176 | return; | ||
1177 | } | ||
1178 | h->reconnect_time = GNUNET_TIME_UNIT_MILLISECONDS; | ||
1179 | } | ||
1180 | |||
1181 | |||
1182 | /** | ||
1183 | * Function called during #GNUNET_CADET_disconnect() to destroy | ||
1184 | * all channels that are still open. | ||
1185 | * | ||
1186 | * @param cls the `struct GNUNET_CADET_Handle` | ||
1187 | * @param cid chanenl ID | ||
1188 | * @param value a `struct GNUNET_CADET_Channel` to destroy | ||
1189 | * @return #GNUNET_OK (continue to iterate) | ||
1190 | */ | ||
1191 | static int | ||
1192 | destroy_channel_cb (void *cls, | ||
1193 | uint32_t cid, | ||
1194 | void *value) | ||
1195 | { | ||
1196 | /* struct GNUNET_CADET_Handle *handle = cls; */ | ||
1197 | struct GNUNET_CADET_Channel *ch = value; | ||
1198 | |||
1199 | (void) cls; | ||
1200 | (void) cid; | ||
1201 | GNUNET_log (GNUNET_ERROR_TYPE_INFO, | ||
1202 | "Destroying channel due to GNUNET_CADET_disconnect()\n"); | ||
1203 | destroy_channel (ch); | ||
1204 | return GNUNET_OK; | ||
1205 | } | 1183 | } |
1206 | 1184 | ||
1207 | 1185 | ||
@@ -1223,6 +1201,7 @@ destroy_port_cb (void *cls, | |||
1223 | struct GNUNET_CADET_Port *port = value; | 1201 | struct GNUNET_CADET_Port *port = value; |
1224 | 1202 | ||
1225 | (void) cls; | 1203 | (void) cls; |
1204 | (void) id; | ||
1226 | /* This is a warning, the app should have cleanly closed all open ports */ | 1205 | /* This is a warning, the app should have cleanly closed all open ports */ |
1227 | GNUNET_break (0); | 1206 | GNUNET_break (0); |
1228 | GNUNET_CADET_close_port (port); | 1207 | GNUNET_CADET_close_port (port); |
@@ -1274,18 +1253,21 @@ GNUNET_CADET_disconnect (struct GNUNET_CADET_Handle *handle) | |||
1274 | void | 1253 | void |
1275 | GNUNET_CADET_close_port (struct GNUNET_CADET_Port *p) | 1254 | GNUNET_CADET_close_port (struct GNUNET_CADET_Port *p) |
1276 | { | 1255 | { |
1277 | struct GNUNET_CADET_PortMessage *msg; | ||
1278 | struct GNUNET_MQ_Envelope *env; | ||
1279 | |||
1280 | GNUNET_assert (GNUNET_YES == | 1256 | GNUNET_assert (GNUNET_YES == |
1281 | GNUNET_CONTAINER_multihashmap_remove (p->cadet->ports, | 1257 | GNUNET_CONTAINER_multihashmap_remove (p->cadet->ports, |
1282 | &p->id, | 1258 | &p->id, |
1283 | p)); | 1259 | p)); |
1284 | env = GNUNET_MQ_msg (msg, | 1260 | if (NULL != p->cadet->mq) |
1285 | GNUNET_MESSAGE_TYPE_CADET_LOCAL_PORT_CLOSE); | 1261 | { |
1286 | msg->port = p->id; | 1262 | struct GNUNET_CADET_PortMessage *msg; |
1287 | GNUNET_MQ_send (p->cadet->mq, | 1263 | struct GNUNET_MQ_Envelope *env; |
1288 | env); | 1264 | |
1265 | env = GNUNET_MQ_msg (msg, | ||
1266 | GNUNET_MESSAGE_TYPE_CADET_LOCAL_PORT_CLOSE); | ||
1267 | msg->port = p->id; | ||
1268 | GNUNET_MQ_send (p->cadet->mq, | ||
1269 | env); | ||
1270 | } | ||
1289 | GNUNET_free_non_null (p->handlers); | 1271 | GNUNET_free_non_null (p->handlers); |
1290 | GNUNET_free (p); | 1272 | GNUNET_free (p); |
1291 | } | 1273 | } |
@@ -1637,9 +1619,6 @@ GNUNET_CADET_connect (const struct GNUNET_CONFIGURATION_Handle *cfg) | |||
1637 | return NULL; | 1619 | return NULL; |
1638 | } | 1620 | } |
1639 | h->next_ccn.channel_of_client = htonl (GNUNET_CADET_LOCAL_CHANNEL_ID_CLI); | 1621 | h->next_ccn.channel_of_client = htonl (GNUNET_CADET_LOCAL_CHANNEL_ID_CLI); |
1640 | h->reconnect_time = GNUNET_TIME_UNIT_MILLISECONDS; | ||
1641 | h->reconnect_task = NULL; | ||
1642 | |||
1643 | return h; | 1622 | return h; |
1644 | } | 1623 | } |
1645 | 1624 | ||
@@ -1665,8 +1644,6 @@ GNUNET_CADET_open_port (struct GNUNET_CADET_Handle *h, | |||
1665 | GNUNET_CADET_DisconnectEventHandler disconnects, | 1644 | GNUNET_CADET_DisconnectEventHandler disconnects, |
1666 | const struct GNUNET_MQ_MessageHandler *handlers) | 1645 | const struct GNUNET_MQ_MessageHandler *handlers) |
1667 | { | 1646 | { |
1668 | struct GNUNET_CADET_PortMessage *msg; | ||
1669 | struct GNUNET_MQ_Envelope *env; | ||
1670 | struct GNUNET_CADET_Port *p; | 1647 | struct GNUNET_CADET_Port *p; |
1671 | 1648 | ||
1672 | GNUNET_assert (NULL != connects); | 1649 | GNUNET_assert (NULL != connects); |
@@ -1692,13 +1669,11 @@ GNUNET_CADET_open_port (struct GNUNET_CADET_Handle *h, | |||
1692 | p->window_changes = window_changes; | 1669 | p->window_changes = window_changes; |
1693 | p->disconnects = disconnects; | 1670 | p->disconnects = disconnects; |
1694 | p->handlers = GNUNET_MQ_copy_handlers (handlers); | 1671 | p->handlers = GNUNET_MQ_copy_handlers (handlers); |
1695 | 1672 | ||
1696 | 1673 | GNUNET_assert (GNUNET_OK == | |
1697 | env = GNUNET_MQ_msg (msg, | 1674 | open_port_cb (h, |
1698 | GNUNET_MESSAGE_TYPE_CADET_LOCAL_PORT_OPEN); | 1675 | &p->id, |
1699 | msg->port = p->id; | 1676 | p)); |
1700 | GNUNET_MQ_send (h->mq, | ||
1701 | env); | ||
1702 | return p; | 1677 | return p; |
1703 | } | 1678 | } |
1704 | 1679 | ||
@@ -1757,7 +1732,8 @@ GNUNET_CADET_channel_create (struct GNUNET_CADET_Handle *h, | |||
1757 | handlers, | 1732 | handlers, |
1758 | &cadet_mq_error_handler, | 1733 | &cadet_mq_error_handler, |
1759 | ch); | 1734 | ch); |
1760 | GNUNET_MQ_set_handlers_closure (ch->mq, channel_cls); | 1735 | GNUNET_MQ_set_handlers_closure (ch->mq, |
1736 | channel_cls); | ||
1761 | 1737 | ||
1762 | /* Request channel creation to service */ | 1738 | /* Request channel creation to service */ |
1763 | env = GNUNET_MQ_msg (msg, | 1739 | env = GNUNET_MQ_msg (msg, |
diff --git a/src/cadet/cadet_test_lib.c b/src/cadet/cadet_test_lib.c index 760378c89..1a1c15f48 100644 --- a/src/cadet/cadet_test_lib.c +++ b/src/cadet/cadet_test_lib.c | |||
@@ -135,6 +135,11 @@ cadet_connect_adapter (void *cls, | |||
135 | struct GNUNET_CADET_Handle *h; | 135 | struct GNUNET_CADET_Handle *h; |
136 | 136 | ||
137 | h = GNUNET_CADET_connect (cfg); | 137 | h = GNUNET_CADET_connect (cfg); |
138 | if (NULL == h) | ||
139 | { | ||
140 | GNUNET_break(0); | ||
141 | return NULL; | ||
142 | } | ||
138 | if (NULL == ctx->ports) | 143 | if (NULL == ctx->ports) |
139 | return h; | 144 | return h; |
140 | actx->ports = GNUNET_new_array (ctx->port_count, | 145 | actx->ports = GNUNET_new_array (ctx->port_count, |
diff --git a/src/cadet/gnunet-cadet.c b/src/cadet/gnunet-cadet.c index 04a595a7b..13b04b885 100644 --- a/src/cadet/gnunet-cadet.c +++ b/src/cadet/gnunet-cadet.c | |||
@@ -27,6 +27,7 @@ | |||
27 | #include "gnunet_cadet_service.h" | 27 | #include "gnunet_cadet_service.h" |
28 | #include "cadet.h" | 28 | #include "cadet.h" |
29 | 29 | ||
30 | #define STREAM_BUFFER_SIZE 1024 // Pakets | ||
30 | 31 | ||
31 | /** | 32 | /** |
32 | * Option -P. | 33 | * Option -P. |
@@ -123,6 +124,8 @@ static struct GNUNET_SCHEDULER_Task *rd_task; | |||
123 | */ | 124 | */ |
124 | static struct GNUNET_SCHEDULER_Task *job; | 125 | static struct GNUNET_SCHEDULER_Task *job; |
125 | 126 | ||
127 | static unsigned int sent_pkt; | ||
128 | |||
126 | 129 | ||
127 | /** | 130 | /** |
128 | * Wait for input on STDIO and send it out over the #ch. | 131 | * Wait for input on STDIO and send it out over the #ch. |
@@ -196,6 +199,11 @@ shutdown_task (void *cls) | |||
196 | { | 199 | { |
197 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 200 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
198 | "Shutdown\n"); | 201 | "Shutdown\n"); |
202 | if (NULL != lp) | ||
203 | { | ||
204 | GNUNET_CADET_close_port (lp); | ||
205 | lp = NULL; | ||
206 | } | ||
199 | if (NULL != ch) | 207 | if (NULL != ch) |
200 | { | 208 | { |
201 | GNUNET_CADET_channel_destroy (ch); | 209 | GNUNET_CADET_channel_destroy (ch); |
@@ -223,6 +231,12 @@ shutdown_task (void *cls) | |||
223 | } | 231 | } |
224 | } | 232 | } |
225 | 233 | ||
234 | void | ||
235 | mq_cb(void *cls) | ||
236 | { | ||
237 | listen_stdio (); | ||
238 | } | ||
239 | |||
226 | 240 | ||
227 | /** | 241 | /** |
228 | * Task run in stdio mode, after some data is available at stdin. | 242 | * Task run in stdio mode, after some data is available at stdin. |
@@ -243,6 +257,8 @@ read_stdio (void *cls) | |||
243 | 60000); | 257 | 60000); |
244 | if (data_size < 1) | 258 | if (data_size < 1) |
245 | { | 259 | { |
260 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
261 | "read() returned %s\n", strerror(errno)); | ||
246 | GNUNET_SCHEDULER_shutdown(); | 262 | GNUNET_SCHEDULER_shutdown(); |
247 | return; | 263 | return; |
248 | } | 264 | } |
@@ -257,9 +273,21 @@ read_stdio (void *cls) | |||
257 | data_size); | 273 | data_size); |
258 | GNUNET_MQ_send (GNUNET_CADET_get_mq (ch), | 274 | GNUNET_MQ_send (GNUNET_CADET_get_mq (ch), |
259 | env); | 275 | env); |
276 | |||
277 | sent_pkt++; | ||
278 | |||
260 | if (GNUNET_NO == echo) | 279 | if (GNUNET_NO == echo) |
261 | { | 280 | { |
262 | listen_stdio (); | 281 | // Use MQ's notification if too much data of stdin is pooring in too fast. |
282 | if (STREAM_BUFFER_SIZE < sent_pkt) | ||
283 | { | ||
284 | GNUNET_MQ_notify_sent (env, mq_cb, cls); | ||
285 | sent_pkt = 0; | ||
286 | } | ||
287 | else | ||
288 | { | ||
289 | listen_stdio (); | ||
290 | } | ||
263 | } | 291 | } |
264 | else | 292 | else |
265 | { | 293 | { |
@@ -525,34 +553,48 @@ peer_callback (void *cls, | |||
525 | int tunnel, | 553 | int tunnel, |
526 | int neighbor, | 554 | int neighbor, |
527 | unsigned int n_paths, | 555 | unsigned int n_paths, |
528 | const struct GNUNET_PeerIdentity *paths) | 556 | const struct GNUNET_PeerIdentity *paths, |
557 | int offset, | ||
558 | int finished_with_paths) | ||
529 | { | 559 | { |
530 | unsigned int i; | 560 | unsigned int i; |
531 | const struct GNUNET_PeerIdentity *p; | 561 | const struct GNUNET_PeerIdentity *p; |
532 | 562 | ||
533 | FPRINTF (stdout, | 563 | |
534 | "%s [TUNNEL: %s, NEIGHBOR: %s, PATHS: %u]\n", | 564 | if (GNUNET_YES == finished_with_paths) |
535 | GNUNET_i2s_full (peer), | ||
536 | tunnel ? "Y" : "N", | ||
537 | neighbor ? "Y" : "N", | ||
538 | n_paths); | ||
539 | p = paths; | ||
540 | for (i = 0; i < n_paths && NULL != p;) | ||
541 | { | 565 | { |
566 | GNUNET_SCHEDULER_shutdown(); | ||
567 | return; | ||
568 | } | ||
569 | |||
570 | if (offset == 0){ | ||
571 | FPRINTF (stdout, | ||
572 | "%s [TUNNEL: %s, NEIGHBOR: %s, PATHS: %u]\n", | ||
573 | GNUNET_i2s_full (peer), | ||
574 | tunnel ? "Y" : "N", | ||
575 | neighbor ? "Y" : "N", | ||
576 | n_paths); | ||
577 | }else{ | ||
578 | p = paths; | ||
542 | FPRINTF (stdout, | 579 | FPRINTF (stdout, |
543 | "%s ", | 580 | "Indirekt path with offset %u: ", |
544 | GNUNET_i2s (p)); | 581 | offset); |
545 | if (0 == memcmp (p, | 582 | for (i = 0; i <= offset && NULL != p;) |
546 | peer, | ||
547 | sizeof (*p))) | ||
548 | { | 583 | { |
549 | FPRINTF (stdout, "\n"); | 584 | FPRINTF (stdout, |
550 | i++; | 585 | "%s ", |
586 | GNUNET_i2s (p)); | ||
587 | i++; | ||
588 | p++; | ||
551 | } | 589 | } |
552 | p++; | 590 | |
591 | FPRINTF (stdout, | ||
592 | "\n"); | ||
593 | |||
553 | } | 594 | } |
595 | |||
554 | 596 | ||
555 | GNUNET_SCHEDULER_shutdown(); | 597 | |
556 | } | 598 | } |
557 | 599 | ||
558 | 600 | ||
diff --git a/src/cadet/gnunet-service-cadet.c b/src/cadet/gnunet-service-cadet.c index 38037e92f..4568d2733 100644 --- a/src/cadet/gnunet-service-cadet.c +++ b/src/cadet/gnunet-service-cadet.c | |||
@@ -822,7 +822,7 @@ get_all_peers_iterator (void *cls, | |||
822 | struct GNUNET_CADET_LocalInfoPeer *msg; | 822 | struct GNUNET_CADET_LocalInfoPeer *msg; |
823 | 823 | ||
824 | env = GNUNET_MQ_msg (msg, | 824 | env = GNUNET_MQ_msg (msg, |
825 | GNUNET_MESSAGE_TYPE_CADET_LOCAL_INFO_PEERS); | 825 | GNUNET_MESSAGE_TYPE_CADET_LOCAL_INFO_PEERS); |
826 | msg->destination = *peer; | 826 | msg->destination = *peer; |
827 | msg->paths = htons (GCP_count_paths (p)); | 827 | msg->paths = htons (GCP_count_paths (p)); |
828 | msg->tunnel = htons (NULL != GCP_get_tunnel (p, | 828 | msg->tunnel = htons (NULL != GCP_get_tunnel (p, |
@@ -881,7 +881,7 @@ path_info_iterator (void *cls, | |||
881 | unsigned int path_length; | 881 | unsigned int path_length; |
882 | 882 | ||
883 | path_length = GCPP_get_length (path); | 883 | path_length = GCPP_get_length (path); |
884 | path_size = sizeof (struct GNUNET_PeerIdentity) * (path_length - 1); | 884 | path_size = sizeof (struct GNUNET_PeerIdentity) * path_length; |
885 | if (sizeof (*resp) + path_size > UINT16_MAX) | 885 | if (sizeof (*resp) + path_size > UINT16_MAX) |
886 | { | 886 | { |
887 | LOG (GNUNET_ERROR_TYPE_WARNING, | 887 | LOG (GNUNET_ERROR_TYPE_WARNING, |
@@ -892,19 +892,57 @@ path_info_iterator (void *cls, | |||
892 | env = GNUNET_MQ_msg_extra (resp, | 892 | env = GNUNET_MQ_msg_extra (resp, |
893 | path_size, | 893 | path_size, |
894 | GNUNET_MESSAGE_TYPE_CADET_LOCAL_INFO_PEER); | 894 | GNUNET_MESSAGE_TYPE_CADET_LOCAL_INFO_PEER); |
895 | |||
896 | |||
897 | resp->offset = htons(off); | ||
898 | resp->finished_with_paths = htons(0); | ||
899 | |||
895 | id = (struct GNUNET_PeerIdentity *) &resp[1]; | 900 | id = (struct GNUNET_PeerIdentity *) &resp[1]; |
896 | 901 | ||
897 | /* Don't copy first peer. First peer is always the local one. Last | 902 | /* Don't copy first peer. First peer is always the local one. Last |
898 | * peer is always the destination (leave as 0, EOL). | 903 | * peer is always the destination (leave as 0, EOL). |
899 | */ | 904 | */ |
900 | for (i = 0; i < off; i++) | 905 | for (i = 0; i <= off; i++) |
901 | id[i] = *GCP_get_id (GCPP_get_peer_at_offset (path, | 906 | id[i] = *GCP_get_id (GCPP_get_peer_at_offset (path, |
902 | i + 1)); | 907 | i)); |
903 | GNUNET_MQ_send (mq, | 908 | GNUNET_MQ_send (mq, |
904 | env); | 909 | env); |
905 | return GNUNET_YES; | 910 | return GNUNET_YES; |
906 | } | 911 | } |
907 | 912 | ||
913 | /** | ||
914 | * Getting summary information about the number of paths and if a tunnel exists, | ||
915 | * and the indirect paths to a peer, if there are ones. | ||
916 | * | ||
917 | * @param cls Closure (). | ||
918 | * @param peer Peer ID (tunnel remote peer). | ||
919 | * @param value Peer info. | ||
920 | * @return #GNUNET_YES, to keep iterating. | ||
921 | */ | ||
922 | static void | ||
923 | get_peer_info (void *cls, | ||
924 | const struct GNUNET_PeerIdentity *peer, | ||
925 | struct CadetPeer *p) | ||
926 | { | ||
927 | struct CadetClient *c = cls; | ||
928 | struct GNUNET_MQ_Envelope *env; | ||
929 | struct GNUNET_CADET_LocalInfoPeer *msg; | ||
930 | |||
931 | env = GNUNET_MQ_msg (msg, | ||
932 | GNUNET_MESSAGE_TYPE_CADET_LOCAL_INFO_PEER); | ||
933 | msg->offset = htons(0); | ||
934 | msg->destination = *peer; | ||
935 | msg->paths = htons (GCP_count_paths (p)); | ||
936 | msg->tunnel = htons (NULL != GCP_get_tunnel (p, | ||
937 | GNUNET_NO)); | ||
938 | msg->finished_with_paths = htons(0); | ||
939 | GNUNET_MQ_send (c->mq, | ||
940 | env); | ||
941 | GCP_iterate_indirect_paths (p, | ||
942 | &path_info_iterator, | ||
943 | c->mq); | ||
944 | } | ||
945 | |||
908 | 946 | ||
909 | /** | 947 | /** |
910 | * Handler for client's SHOW_PEER request. | 948 | * Handler for client's SHOW_PEER request. |
@@ -919,19 +957,23 @@ handle_show_peer (void *cls, | |||
919 | struct CadetClient *c = cls; | 957 | struct CadetClient *c = cls; |
920 | struct CadetPeer *p; | 958 | struct CadetPeer *p; |
921 | struct GNUNET_MQ_Envelope *env; | 959 | struct GNUNET_MQ_Envelope *env; |
922 | struct GNUNET_MessageHeader *resp; | 960 | struct GNUNET_CADET_LocalInfoPeer *resp; |
923 | 961 | ||
924 | p = GCP_get (&msg->peer, | 962 | p = GCP_get (&msg->peer, |
925 | GNUNET_NO); | 963 | GNUNET_NO); |
926 | if (NULL != p) | 964 | if (NULL != p){ |
927 | GCP_iterate_paths (p, | 965 | get_peer_info(c, &(msg->peer), p); |
928 | &path_info_iterator, | 966 | } |
929 | c->mq); | 967 | |
930 | /* Send message with 0/0 to indicate the end */ | 968 | |
931 | env = GNUNET_MQ_msg (resp, | 969 | env = GNUNET_MQ_msg (resp, |
932 | GNUNET_MESSAGE_TYPE_CADET_LOCAL_INFO_PEER_END); | 970 | GNUNET_MESSAGE_TYPE_CADET_LOCAL_INFO_PEER); |
971 | resp->finished_with_paths = htons(1); | ||
972 | resp->destination = msg->peer; | ||
973 | |||
933 | GNUNET_MQ_send (c->mq, | 974 | GNUNET_MQ_send (c->mq, |
934 | env); | 975 | env); |
976 | |||
935 | GNUNET_SERVICE_client_continue (c->client); | 977 | GNUNET_SERVICE_client_continue (c->client); |
936 | } | 978 | } |
937 | 979 | ||
diff --git a/src/cadet/gnunet-service-cadet_paths.c b/src/cadet/gnunet-service-cadet_paths.c index e77d54e55..593617ff6 100644 --- a/src/cadet/gnunet-service-cadet_paths.c +++ b/src/cadet/gnunet-service-cadet_paths.c | |||
@@ -17,7 +17,7 @@ | |||
17 | */ | 17 | */ |
18 | /** | 18 | /** |
19 | * @file cadet/gnunet-service-cadet_paths.c | 19 | * @file cadet/gnunet-service-cadet_paths.c |
20 | * @brief Information we track per path. | 20 | * @brief Information we track per path. |
21 | * @author Bartlomiej Polot | 21 | * @author Bartlomiej Polot |
22 | * @author Christian Grothoff | 22 | * @author Christian Grothoff |
23 | */ | 23 | */ |
diff --git a/src/cadet/gnunet-service-cadet_peer.c b/src/cadet/gnunet-service-cadet_peer.c index 9cd1f5229..b375d51ca 100644 --- a/src/cadet/gnunet-service-cadet_peer.c +++ b/src/cadet/gnunet-service-cadet_peer.c | |||
@@ -243,7 +243,17 @@ GCP_2s (const struct CadetPeer *cp) | |||
243 | static char buf[5]; | 243 | static char buf[5]; |
244 | char *ret; | 244 | char *ret; |
245 | 245 | ||
246 | if ((NULL == cp) || | ||
247 | (NULL == &cp->pid.public_key)) | ||
248 | return "NULL"; | ||
249 | |||
250 | |||
246 | ret = GNUNET_CRYPTO_eddsa_public_key_to_string (&cp->pid.public_key); | 251 | ret = GNUNET_CRYPTO_eddsa_public_key_to_string (&cp->pid.public_key); |
252 | |||
253 | if (NULL == ret) | ||
254 | return "NULL"; | ||
255 | |||
256 | |||
247 | strncpy (buf, | 257 | strncpy (buf, |
248 | ret, | 258 | ret, |
249 | sizeof (buf) - 1); | 259 | sizeof (buf) - 1); |
@@ -1207,6 +1217,8 @@ GCP_iterate_paths (struct CadetPeer *cp, | |||
1207 | (NULL == cp->core_mq) ? "" : " including direct link"); | 1217 | (NULL == cp->core_mq) ? "" : " including direct link"); |
1208 | if (NULL != cp->core_mq) | 1218 | if (NULL != cp->core_mq) |
1209 | { | 1219 | { |
1220 | /* FIXME: this branch seems to duplicate the | ||
1221 | i=0 case below (direct link). Leave out!??? -CG */ | ||
1210 | struct CadetPeerPath *path; | 1222 | struct CadetPeerPath *path; |
1211 | 1223 | ||
1212 | path = GCPP_get_path_from_route (1, | 1224 | path = GCPP_get_path_from_route (1, |
@@ -1235,6 +1247,41 @@ GCP_iterate_paths (struct CadetPeer *cp, | |||
1235 | return ret; | 1247 | return ret; |
1236 | } | 1248 | } |
1237 | 1249 | ||
1250 | /** | ||
1251 | * Iterate over the paths to a peer without direct link. | ||
1252 | * | ||
1253 | * @param cp Peer to get path info. | ||
1254 | * @param callback Function to call for every path. | ||
1255 | * @param callback_cls Closure for @a callback. | ||
1256 | * @return Number of iterated paths. | ||
1257 | */ | ||
1258 | unsigned int | ||
1259 | GCP_iterate_indirect_paths (struct CadetPeer *cp, | ||
1260 | GCP_PathIterator callback, | ||
1261 | void *callback_cls) | ||
1262 | { | ||
1263 | unsigned int ret = 0; | ||
1264 | |||
1265 | LOG (GNUNET_ERROR_TYPE_DEBUG, | ||
1266 | "Iterating over paths to peer %s without direct link\n", | ||
1267 | GCP_2s (cp)); | ||
1268 | for (unsigned int i=1;i<cp->path_dll_length;i++) | ||
1269 | { | ||
1270 | for (struct CadetPeerPathEntry *pe = cp->path_heads[i]; | ||
1271 | NULL != pe; | ||
1272 | pe = pe->next) | ||
1273 | { | ||
1274 | ret++; | ||
1275 | if (GNUNET_NO == | ||
1276 | callback (callback_cls, | ||
1277 | pe->path, | ||
1278 | i)) | ||
1279 | return ret; | ||
1280 | } | ||
1281 | } | ||
1282 | return ret; | ||
1283 | } | ||
1284 | |||
1238 | 1285 | ||
1239 | /** | 1286 | /** |
1240 | * Iterate over the paths to @a cp where | 1287 | * Iterate over the paths to @a cp where |
diff --git a/src/cadet/gnunet-service-cadet_peer.h b/src/cadet/gnunet-service-cadet_peer.h index 2357a293d..3b8b31b9a 100644 --- a/src/cadet/gnunet-service-cadet_peer.h +++ b/src/cadet/gnunet-service-cadet_peer.h | |||
@@ -139,6 +139,19 @@ GCP_iterate_paths (struct CadetPeer *cp, | |||
139 | GCP_PathIterator callback, | 139 | GCP_PathIterator callback, |
140 | void *callback_cls); | 140 | void *callback_cls); |
141 | 141 | ||
142 | /** | ||
143 | * Iterate over the paths to a peer without direct link. | ||
144 | * | ||
145 | * @param cp Peer to get path info. | ||
146 | * @param callback Function to call for every path. | ||
147 | * @param callback_cls Closure for @a callback. | ||
148 | * @return Number of iterated paths. | ||
149 | */ | ||
150 | unsigned int | ||
151 | GCP_iterate_indirect_paths (struct CadetPeer *cp, | ||
152 | GCP_PathIterator callback, | ||
153 | void *callback_cls); | ||
154 | |||
142 | 155 | ||
143 | /** | 156 | /** |
144 | * Iterate over the paths to @a peer where | 157 | * Iterate over the paths to @a peer where |
diff --git a/src/consensus/gnunet-service-consensus.c b/src/consensus/gnunet-service-consensus.c index 86d056aaf..afbefdc5a 100644 --- a/src/consensus/gnunet-service-consensus.c +++ b/src/consensus/gnunet-service-consensus.c | |||
@@ -2821,7 +2821,7 @@ construct_task_graph_gradecast (struct ConsensusSession *session, | |||
2821 | } | 2821 | } |
2822 | /* We run this task to make sure that the leader | 2822 | /* We run this task to make sure that the leader |
2823 | has the stored the SET_KIND_LEADER set of himself, | 2823 | has the stored the SET_KIND_LEADER set of himself, |
2824 | so he can participate in the rest of the gradecast | 2824 | so it can participate in the rest of the gradecast |
2825 | without the code having to handle any special cases. */ | 2825 | without the code having to handle any special cases. */ |
2826 | task = ((struct TaskEntry) { | 2826 | task = ((struct TaskEntry) { |
2827 | .step = step, | 2827 | .step = step, |
diff --git a/src/conversation/gnunet-conversation.c b/src/conversation/gnunet-conversation.c index 92a435d55..bb4946720 100644 --- a/src/conversation/gnunet-conversation.c +++ b/src/conversation/gnunet-conversation.c | |||
@@ -264,6 +264,13 @@ phone_event_handler (void *cls, | |||
264 | switch (code) | 264 | switch (code) |
265 | { | 265 | { |
266 | case GNUNET_CONVERSATION_EC_PHONE_RING: | 266 | case GNUNET_CONVERSATION_EC_PHONE_RING: |
267 | /* | ||
268 | * FIXME: we should be playing our ringtones from contrib/sounds now! | ||
269 | * | ||
270 | ring_my_bell(); | ||
271 | * | ||
272 | * see https://gstreamer.freedesktop.org/documentation/application-development/highlevel/playback-components.html on how to play a wav using the gst framework being used here | ||
273 | */ | ||
267 | FPRINTF (stdout, | 274 | FPRINTF (stdout, |
268 | _("Incoming call from `%s'. Please /accept %u or /cancel %u the call.\n"), | 275 | _("Incoming call from `%s'. Please /accept %u or /cancel %u the call.\n"), |
269 | GNUNET_GNSRECORD_pkey_to_zkey (caller_id), | 276 | GNUNET_GNSRECORD_pkey_to_zkey (caller_id), |
@@ -717,7 +724,7 @@ do_status (const char *args) | |||
717 | break; | 724 | break; |
718 | case CS_RINGING: | 725 | case CS_RINGING: |
719 | FPRINTF (stdout, | 726 | FPRINTF (stdout, |
720 | _("We are calling `%s', his phone should be ringing.\n"), | 727 | _("We are calling `%s', their phone should be ringing.\n"), |
721 | peer_name); | 728 | peer_name); |
722 | break; | 729 | break; |
723 | case CS_CONNECTED: | 730 | case CS_CONNECTED: |
diff --git a/src/core/core.h b/src/core/core.h index a2c05d4af..2ce77244e 100644 --- a/src/core/core.h +++ b/src/core/core.h | |||
@@ -172,7 +172,7 @@ struct DisconnectNotifyMessage | |||
172 | * messages being received or transmitted. This overall message is | 172 | * messages being received or transmitted. This overall message is |
173 | * followed by the real message, or just the header of the real | 173 | * followed by the real message, or just the header of the real |
174 | * message (depending on the client's preferences). The receiver can | 174 | * message (depending on the client's preferences). The receiver can |
175 | * tell if he got the full message or only a partial message by | 175 | * tell if it got the full message or only a partial message by |
176 | * looking at the size field in the header of NotifyTrafficMessage and | 176 | * looking at the size field in the header of NotifyTrafficMessage and |
177 | * checking it with the size field in the message that follows. | 177 | * checking it with the size field in the message that follows. |
178 | */ | 178 | */ |
diff --git a/src/core/gnunet-service-core.c b/src/core/gnunet-service-core.c index 0afc75add..a033f9fac 100644 --- a/src/core/gnunet-service-core.c +++ b/src/core/gnunet-service-core.c | |||
@@ -230,7 +230,7 @@ handle_client_init (void *cls, | |||
230 | /** | 230 | /** |
231 | * We will never be ready to transmit the given message in (disconnect | 231 | * We will never be ready to transmit the given message in (disconnect |
232 | * or invalid request). Frees resources associated with @a car. We | 232 | * or invalid request). Frees resources associated with @a car. We |
233 | * don't explicitly tell the client, he'll learn with the disconnect | 233 | * don't explicitly tell the client, it'll learn with the disconnect |
234 | * (or violated the protocol). | 234 | * (or violated the protocol). |
235 | * | 235 | * |
236 | * @param car request that now permanently failed; the | 236 | * @param car request that now permanently failed; the |
diff --git a/src/core/gnunet-service-core.h b/src/core/gnunet-service-core.h index 81e73ec39..fd1a88e75 100644 --- a/src/core/gnunet-service-core.h +++ b/src/core/gnunet-service-core.h | |||
@@ -113,7 +113,7 @@ GSC_CLIENTS_solicit_request (struct GSC_ClientActiveRequest *car); | |||
113 | /** | 113 | /** |
114 | * We will never be ready to transmit the given message in (disconnect | 114 | * We will never be ready to transmit the given message in (disconnect |
115 | * or invalid request). Frees resources associated with @a car. We | 115 | * or invalid request). Frees resources associated with @a car. We |
116 | * don't explicitly tell the client, he'll learn with the disconnect | 116 | * don't explicitly tell the client, it'll learn with the disconnect |
117 | * (or violated the protocol). | 117 | * (or violated the protocol). |
118 | * | 118 | * |
119 | * @param car request that now permanently failed; the | 119 | * @param car request that now permanently failed; the |
diff --git a/src/core/gnunet-service-core_kx.c b/src/core/gnunet-service-core_kx.c index 6e713cf61..c017e0c23 100644 --- a/src/core/gnunet-service-core_kx.c +++ b/src/core/gnunet-service-core_kx.c | |||
@@ -123,7 +123,7 @@ struct EphemeralKeyMessage | |||
123 | 123 | ||
124 | 124 | ||
125 | /** | 125 | /** |
126 | * We're sending an (encrypted) PING to the other peer to check if he | 126 | * We're sending an (encrypted) PING to the other peer to check if it |
127 | * can decrypt. The other peer should respond with a PONG with the | 127 | * can decrypt. The other peer should respond with a PONG with the |
128 | * same content, except this time encrypted with the receiver's key. | 128 | * same content, except this time encrypted with the receiver's key. |
129 | */ | 129 | */ |
@@ -854,8 +854,8 @@ handle_transport_notify_connect (void *cls, | |||
854 | } | 854 | } |
855 | else | 855 | else |
856 | { | 856 | { |
857 | /* peer with "higher" identity starts a delayed KX, if the "lower" peer | 857 | /* peer with "higher" identity starts a delayed KX, if the "lower" peer |
858 | * does not start a KX since he sees no reasons to do so */ | 858 | * does not start a KX since it sees no reasons to do so */ |
859 | kx->retry_set_key_task | 859 | kx->retry_set_key_task |
860 | = GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_UNIT_SECONDS, | 860 | = GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_UNIT_SECONDS, |
861 | &set_key_retry_task, | 861 | &set_key_retry_task, |
diff --git a/src/core/gnunet-service-core_sessions.c b/src/core/gnunet-service-core_sessions.c index 41fe4dfb7..16f9a092d 100644 --- a/src/core/gnunet-service-core_sessions.c +++ b/src/core/gnunet-service-core_sessions.c | |||
@@ -356,7 +356,7 @@ GSC_SESSIONS_create (const struct GNUNET_PeerIdentity *peer, | |||
356 | 356 | ||
357 | 357 | ||
358 | /** | 358 | /** |
359 | * The other peer has indicated that he 'lost' the session | 359 | * The other peer has indicated that it 'lost' the session |
360 | * (KX down), reinitialize the session on our end, in particular | 360 | * (KX down), reinitialize the session on our end, in particular |
361 | * this means to restart the typemap transmission. | 361 | * this means to restart the typemap transmission. |
362 | * | 362 | * |
diff --git a/src/core/gnunet-service-core_sessions.h b/src/core/gnunet-service-core_sessions.h index 845edac69..be862b71f 100644 --- a/src/core/gnunet-service-core_sessions.h +++ b/src/core/gnunet-service-core_sessions.h | |||
@@ -40,7 +40,7 @@ GSC_SESSIONS_create (const struct GNUNET_PeerIdentity *peer, | |||
40 | 40 | ||
41 | 41 | ||
42 | /** | 42 | /** |
43 | * The other peer has indicated that he 'lost' the session | 43 | * The other peer has indicated that it 'lost' the session |
44 | * (KX down), reinitialize the session on our end, in particular | 44 | * (KX down), reinitialize the session on our end, in particular |
45 | * this means to restart the typemap transmission. | 45 | * this means to restart the typemap transmission. |
46 | * | 46 | * |
diff --git a/src/core/test_core_api_data.conf b/src/core/test_core_api_data.conf index a13cc8706..420849ba9 100644 --- a/src/core/test_core_api_data.conf +++ b/src/core/test_core_api_data.conf | |||
@@ -6,6 +6,6 @@ WAN_QUOTA_IN = 64 kiB | |||
6 | WAN_QUOTA_OUT = 64 kiB | 6 | WAN_QUOTA_OUT = 64 kiB |
7 | 7 | ||
8 | [core] | 8 | [core] |
9 | PORT = 2092 | 9 | PORT = 52092 |
10 | UNIXPATH = $GNUNET_RUNTIME_DIR/gnunet-service-core.sock | 10 | UNIXPATH = $GNUNET_RUNTIME_DIR/gnunet-service-core.sock |
11 | 11 | ||
diff --git a/src/core/test_core_api_send_to_self.conf b/src/core/test_core_api_send_to_self.conf index ad6d4dc60..c2a459bb9 100644 --- a/src/core/test_core_api_send_to_self.conf +++ b/src/core/test_core_api_send_to_self.conf | |||
@@ -8,7 +8,7 @@ WAN_QUOTA_OUT = 104757600 | |||
8 | 8 | ||
9 | [test-sts] | 9 | [test-sts] |
10 | IMMEDIATE_START = YES | 10 | IMMEDIATE_START = YES |
11 | PORT = 9252 | 11 | PORT = 59252 |
12 | HOSTNAME = localhost | 12 | HOSTNAME = localhost |
13 | BINARY = test_core_api_send_to_self | 13 | BINARY = test_core_api_send_to_self |
14 | ACCEPT_FROM = 127.0.0.1; | 14 | ACCEPT_FROM = 127.0.0.1; |
diff --git a/src/datastore/perf_datastore_api.c b/src/datastore/perf_datastore_api.c index f659dedff..6a0ff231b 100644 --- a/src/datastore/perf_datastore_api.c +++ b/src/datastore/perf_datastore_api.c | |||
@@ -172,7 +172,7 @@ struct CpsRunContext | |||
172 | 172 | ||
173 | /** | 173 | /** |
174 | * Counts the number of items put in the current phase. | 174 | * Counts the number of items put in the current phase. |
175 | * Once it hits #PUT_10, we progress tot he #RP_CUT phase | 175 | * Once it hits #PUT_10, we progress to the #RP_CUT phase |
176 | * or are done if @e i reaches #ITERATIONS. | 176 | * or are done if @e i reaches #ITERATIONS. |
177 | */ | 177 | */ |
178 | unsigned int j; | 178 | unsigned int j; |
diff --git a/src/datastore/plugin_datastore_mysql.c b/src/datastore/plugin_datastore_mysql.c index b09fd1af3..3568ebe8f 100644 --- a/src/datastore/plugin_datastore_mysql.c +++ b/src/datastore/plugin_datastore_mysql.c | |||
@@ -76,7 +76,7 @@ | |||
76 | * a safe partition etc. The $HOME/.my.cnf can of course be a symbolic | 76 | * a safe partition etc. The $HOME/.my.cnf can of course be a symbolic |
77 | * link. Even greater security risk can be achieved by setting no | 77 | * link. Even greater security risk can be achieved by setting no |
78 | * password for $USER. Luckily $USER has only priviledges to mess | 78 | * password for $USER. Luckily $USER has only priviledges to mess |
79 | * up GNUnet's tables, nothing else (unless you give him more, | 79 | * up GNUnet's tables, nothing else (unless you give them more, |
80 | * of course).<p> | 80 | * of course).<p> |
81 | * | 81 | * |
82 | * 4) Still, perhaps you should briefly try if the DB connection | 82 | * 4) Still, perhaps you should briefly try if the DB connection |
diff --git a/src/dht/gnunet_dht_profiler.c b/src/dht/gnunet_dht_profiler.c index 75ca2a3aa..a729d1b01 100644 --- a/src/dht/gnunet_dht_profiler.c +++ b/src/dht/gnunet_dht_profiler.c | |||
@@ -346,7 +346,7 @@ bandwidth_stats_cont (void *cls, | |||
346 | (unsigned long long) incoming_bandwidth); | 346 | (unsigned long long) incoming_bandwidth); |
347 | fprintf (stderr, | 347 | fprintf (stderr, |
348 | "Benchmark done. Collect data via gnunet-statistics, then press ENTER to exit.\n"); | 348 | "Benchmark done. Collect data via gnunet-statistics, then press ENTER to exit.\n"); |
349 | getchar (); | 349 | (void) getchar (); |
350 | GNUNET_SCHEDULER_shutdown (); | 350 | GNUNET_SCHEDULER_shutdown (); |
351 | } | 351 | } |
352 | 352 | ||
@@ -752,7 +752,7 @@ dht_disconnect (void *cls, | |||
752 | switch (mode) | 752 | switch (mode) |
753 | { | 753 | { |
754 | case MODE_PUT: | 754 | case MODE_PUT: |
755 | if (n_puts_ok != n_active * num_puts_per_peer) | 755 | if (n_puts_ok != ((unsigned long long) n_active) * num_puts_per_peer) |
756 | return; | 756 | return; |
757 | /* Start GETs if all PUTs have been made */ | 757 | /* Start GETs if all PUTs have been made */ |
758 | mode = MODE_GET; | 758 | mode = MODE_GET; |
diff --git a/src/dns/Makefile.am b/src/dns/Makefile.am index 9a4ecdcfd..ca2685765 100644 --- a/src/dns/Makefile.am +++ b/src/dns/Makefile.am | |||
@@ -27,8 +27,6 @@ install-exec-hook: | |||
27 | endif | 27 | endif |
28 | 28 | ||
29 | lib_LTLIBRARIES = \ | 29 | lib_LTLIBRARIES = \ |
30 | libgnunetdnsparser.la \ | ||
31 | libgnunetdnsstub.la \ | ||
32 | libgnunetdns.la | 30 | libgnunetdns.la |
33 | 31 | ||
34 | libexec_PROGRAMS = \ | 32 | libexec_PROGRAMS = \ |
@@ -47,9 +45,6 @@ check_SCRIPTS = \ | |||
47 | test_gnunet_dns.sh | 45 | test_gnunet_dns.sh |
48 | endif | 46 | endif |
49 | 47 | ||
50 | check_PROGRAMS = \ | ||
51 | test_hexcoder | ||
52 | |||
53 | gnunet_helper_dns_SOURCES = \ | 48 | gnunet_helper_dns_SOURCES = \ |
54 | gnunet-helper-dns.c | 49 | gnunet-helper-dns.c |
55 | 50 | ||
@@ -57,7 +52,6 @@ gnunet_helper_dns_SOURCES = \ | |||
57 | gnunet_dns_monitor_SOURCES = \ | 52 | gnunet_dns_monitor_SOURCES = \ |
58 | gnunet-dns-monitor.c | 53 | gnunet-dns-monitor.c |
59 | gnunet_dns_monitor_LDADD = \ | 54 | gnunet_dns_monitor_LDADD = \ |
60 | libgnunetdnsparser.la \ | ||
61 | libgnunetdns.la \ | 55 | libgnunetdns.la \ |
62 | $(top_builddir)/src/util/libgnunetutil.la \ | 56 | $(top_builddir)/src/util/libgnunetutil.la \ |
63 | $(GN_LIBINTL) | 57 | $(GN_LIBINTL) |
@@ -65,15 +59,12 @@ gnunet_dns_monitor_LDADD = \ | |||
65 | gnunet_zonewalk_SOURCES = \ | 59 | gnunet_zonewalk_SOURCES = \ |
66 | gnunet-zonewalk.c | 60 | gnunet-zonewalk.c |
67 | gnunet_zonewalk_LDADD = \ | 61 | gnunet_zonewalk_LDADD = \ |
68 | libgnunetdnsparser.la \ | ||
69 | libgnunetdnsstub.la \ | ||
70 | $(top_builddir)/src/util/libgnunetutil.la \ | 62 | $(top_builddir)/src/util/libgnunetutil.la \ |
71 | $(GN_LIBINTL) | 63 | $(GN_LIBINTL) |
72 | 64 | ||
73 | gnunet_dns_redirector_SOURCES = \ | 65 | gnunet_dns_redirector_SOURCES = \ |
74 | gnunet-dns-redirector.c | 66 | gnunet-dns-redirector.c |
75 | gnunet_dns_redirector_LDADD = \ | 67 | gnunet_dns_redirector_LDADD = \ |
76 | libgnunetdnsparser.la \ | ||
77 | libgnunetdns.la \ | 68 | libgnunetdns.la \ |
78 | $(top_builddir)/src/util/libgnunetutil.la \ | 69 | $(top_builddir)/src/util/libgnunetutil.la \ |
79 | $(GN_LIBINTL) | 70 | $(GN_LIBINTL) |
@@ -81,30 +72,10 @@ gnunet_dns_redirector_LDADD = \ | |||
81 | gnunet_service_dns_SOURCES = \ | 72 | gnunet_service_dns_SOURCES = \ |
82 | gnunet-service-dns.c | 73 | gnunet-service-dns.c |
83 | gnunet_service_dns_LDADD = \ | 74 | gnunet_service_dns_LDADD = \ |
84 | libgnunetdnsstub.la \ | ||
85 | $(top_builddir)/src/tun/libgnunettun.la \ | ||
86 | $(top_builddir)/src/statistics/libgnunetstatistics.la \ | 75 | $(top_builddir)/src/statistics/libgnunetstatistics.la \ |
87 | $(top_builddir)/src/util/libgnunetutil.la \ | 76 | $(top_builddir)/src/util/libgnunetutil.la \ |
88 | $(GN_LIBINTL) | 77 | $(GN_LIBINTL) |
89 | 78 | ||
90 | libgnunetdnsparser_la_SOURCES = \ | ||
91 | dnsparser.c | ||
92 | libgnunetdnsparser_la_LIBADD = \ | ||
93 | $(top_builddir)/src/util/libgnunetutil.la $(XLIB) \ | ||
94 | -lidn | ||
95 | libgnunetdnsparser_la_LDFLAGS = \ | ||
96 | $(GN_LIB_LDFLAGS) \ | ||
97 | -version-info 1:0:1 | ||
98 | |||
99 | libgnunetdnsstub_la_SOURCES = \ | ||
100 | dnsstub.c | ||
101 | libgnunetdnsstub_la_LIBADD = \ | ||
102 | $(top_builddir)/src/tun/libgnunettun.la \ | ||
103 | $(top_builddir)/src/util/libgnunetutil.la $(XLIB) | ||
104 | libgnunetdnsstub_la_LDFLAGS = \ | ||
105 | $(GN_LIB_LDFLAGS) \ | ||
106 | -version-info 0:0:0 | ||
107 | |||
108 | libgnunetdns_la_SOURCES = \ | 79 | libgnunetdns_la_SOURCES = \ |
109 | dns_api.c dns.h | 80 | dns_api.c dns.h |
110 | libgnunetdns_la_LIBADD = \ | 81 | libgnunetdns_la_LIBADD = \ |
@@ -131,8 +102,3 @@ EXTRA_DIST = \ | |||
131 | $(check_SCRIPTS) | 102 | $(check_SCRIPTS) |
132 | 103 | ||
133 | 104 | ||
134 | test_hexcoder_SOURCES = \ | ||
135 | test_hexcoder.c | ||
136 | test_hexcoder_LDADD = \ | ||
137 | libgnunetdnsparser.la \ | ||
138 | $(top_builddir)/src/util/libgnunetutil.la | ||
diff --git a/src/dns/gnunet-zonewalk.c b/src/dns/gnunet-zonewalk.c index c43ad1aeb..b96d40ca7 100644 --- a/src/dns/gnunet-zonewalk.c +++ b/src/dns/gnunet-zonewalk.c | |||
@@ -494,6 +494,7 @@ queue (const char *hostname) | |||
494 | struct Request *req; | 494 | struct Request *req; |
495 | char *raw; | 495 | char *raw; |
496 | size_t raw_size; | 496 | size_t raw_size; |
497 | int ret; | ||
497 | 498 | ||
498 | if (GNUNET_OK != | 499 | if (GNUNET_OK != |
499 | GNUNET_DNSPARSER_check_name (hostname)) | 500 | GNUNET_DNSPARSER_check_name (hostname)) |
@@ -514,13 +515,14 @@ queue (const char *hostname) | |||
514 | p.queries = &q; | 515 | p.queries = &q; |
515 | p.id = (uint16_t) GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_NONCE, | 516 | p.id = (uint16_t) GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_NONCE, |
516 | UINT16_MAX); | 517 | UINT16_MAX); |
517 | 518 | ret = GNUNET_DNSPARSER_pack (&p, | |
518 | if (GNUNET_OK != | 519 | UINT16_MAX, |
519 | GNUNET_DNSPARSER_pack (&p, | 520 | &raw, |
520 | UINT16_MAX, | 521 | &raw_size); |
521 | &raw, | 522 | if (GNUNET_OK != ret) |
522 | &raw_size)) | ||
523 | { | 523 | { |
524 | if (GNUNET_NO == ret) | ||
525 | GNUNET_free (raw); | ||
524 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | 526 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, |
525 | "Failed to pack query for hostname `%s'\n", | 527 | "Failed to pack query for hostname `%s'\n", |
526 | hostname); | 528 | hostname); |
diff --git a/src/dv/test_transport_blacklist_data.conf b/src/dv/test_transport_blacklist_data.conf index 534a61849..ea55a196b 100644 --- a/src/dv/test_transport_blacklist_data.conf +++ b/src/dv/test_transport_blacklist_data.conf | |||
@@ -1,5 +1,5 @@ | |||
1 | @INLINE@ template_dv.conf | 1 | @INLINE@ template_dv.conf |
2 | 2 | ||
3 | [transport] | 3 | [transport] |
4 | PORT = 2565 | 4 | PORT = 52565 |
5 | PLUGINS = tcp | 5 | PLUGINS = tcp |
diff --git a/src/dv/test_transport_dv_data.conf b/src/dv/test_transport_dv_data.conf index 307921ac4..a21fba8a7 100644 --- a/src/dv/test_transport_dv_data.conf +++ b/src/dv/test_transport_dv_data.conf | |||
@@ -1,7 +1,7 @@ | |||
1 | @INLINE@ template_dv.conf | 1 | @INLINE@ template_dv.conf |
2 | 2 | ||
3 | [transport] | 3 | [transport] |
4 | PORT = 2565 | 4 | PORT = 52565 |
5 | PLUGINS = tcp dv | 5 | PLUGINS = tcp dv |
6 | #PREFIX = valgrind --leak-check=full --track-fds=yes --leak-resolution=high | 6 | #PREFIX = valgrind --leak-check=full --track-fds=yes --leak-resolution=high |
7 | 7 | ||
diff --git a/src/exit/Makefile.am b/src/exit/Makefile.am index aa1210269..ea4f08c73 100644 --- a/src/exit/Makefile.am +++ b/src/exit/Makefile.am | |||
@@ -49,10 +49,8 @@ endif | |||
49 | gnunet_daemon_exit_SOURCES = \ | 49 | gnunet_daemon_exit_SOURCES = \ |
50 | gnunet-daemon-exit.c exit.h | 50 | gnunet-daemon-exit.c exit.h |
51 | gnunet_daemon_exit_LDADD = \ | 51 | gnunet_daemon_exit_LDADD = \ |
52 | $(top_builddir)/src/dns/libgnunetdnsstub.la \ | ||
53 | $(top_builddir)/src/dht/libgnunetdht.la \ | 52 | $(top_builddir)/src/dht/libgnunetdht.la \ |
54 | $(top_builddir)/src/statistics/libgnunetstatistics.la \ | 53 | $(top_builddir)/src/statistics/libgnunetstatistics.la \ |
55 | $(top_builddir)/src/tun/libgnunettun.la \ | ||
56 | $(top_builddir)/src/util/libgnunetutil.la \ | 54 | $(top_builddir)/src/util/libgnunetutil.la \ |
57 | $(top_builddir)/src/cadet/libgnunetcadet.la \ | 55 | $(top_builddir)/src/cadet/libgnunetcadet.la \ |
58 | $(top_builddir)/src/regex/libgnunetregex.la \ | 56 | $(top_builddir)/src/regex/libgnunetregex.la \ |
diff --git a/src/fs/gnunet-service-fs_cp.h b/src/fs/gnunet-service-fs_cp.h index 5e98f4940..dc7e03f4a 100644 --- a/src/fs/gnunet-service-fs_cp.h +++ b/src/fs/gnunet-service-fs_cp.h | |||
@@ -84,7 +84,7 @@ struct GSF_PeerPerformanceData | |||
84 | 84 | ||
85 | /** | 85 | /** |
86 | * If we get content we already have from this peer, for how | 86 | * If we get content we already have from this peer, for how |
87 | * long do we block him? Adjusted based on the fraction of | 87 | * long do we block it? Adjusted based on the fraction of |
88 | * redundant data we receive, between 1s and 1h. | 88 | * redundant data we receive, between 1s and 1h. |
89 | */ | 89 | */ |
90 | struct GNUNET_TIME_Relative migration_delay; | 90 | struct GNUNET_TIME_Relative migration_delay; |
diff --git a/src/fs/test_fs_defaults.conf b/src/fs/test_fs_defaults.conf index 42661b25d..6ead78257 100644 --- a/src/fs/test_fs_defaults.conf +++ b/src/fs/test_fs_defaults.conf | |||
@@ -21,7 +21,7 @@ QUOTA = 100 MB | |||
21 | 21 | ||
22 | [transport-tcp] | 22 | [transport-tcp] |
23 | BINDTO = 127.0.0.1 | 23 | BINDTO = 127.0.0.1 |
24 | PORT = 4368 | 24 | PORT = 54368 |
25 | 25 | ||
26 | [peerinfo] | 26 | [peerinfo] |
27 | NO_IO = YES | 27 | NO_IO = YES |
diff --git a/src/gns/Makefile.am b/src/gns/Makefile.am index 46642113f..2c7bb8ebb 100644 --- a/src/gns/Makefile.am +++ b/src/gns/Makefile.am | |||
@@ -102,7 +102,6 @@ libgnunet_plugin_gnsrecord_gns_la_SOURCES = \ | |||
102 | plugin_gnsrecord_gns.c | 102 | plugin_gnsrecord_gns.c |
103 | libgnunet_plugin_gnsrecord_gns_la_LIBADD = \ | 103 | libgnunet_plugin_gnsrecord_gns_la_LIBADD = \ |
104 | $(top_builddir)/src/gnsrecord/libgnunetgnsrecord.la \ | 104 | $(top_builddir)/src/gnsrecord/libgnunetgnsrecord.la \ |
105 | $(top_builddir)/src/dns/libgnunetdnsparser.la \ | ||
106 | $(top_builddir)/src/util/libgnunetutil.la \ | 105 | $(top_builddir)/src/util/libgnunetutil.la \ |
107 | $(LTLIBINTL) | 106 | $(LTLIBINTL) |
108 | libgnunet_plugin_gnsrecord_gns_la_LDFLAGS = \ | 107 | libgnunet_plugin_gnsrecord_gns_la_LDFLAGS = \ |
@@ -140,8 +139,6 @@ gnunet_dns2gns_LDADD = \ | |||
140 | libgnunetgns.la \ | 139 | libgnunetgns.la \ |
141 | $(top_builddir)/src/util/libgnunetutil.la \ | 140 | $(top_builddir)/src/util/libgnunetutil.la \ |
142 | $(top_builddir)/src/identity/libgnunetidentity.la \ | 141 | $(top_builddir)/src/identity/libgnunetidentity.la \ |
143 | $(top_builddir)/src/dns/libgnunetdnsparser.la \ | ||
144 | $(top_builddir)/src/dns/libgnunetdnsstub.la \ | ||
145 | $(GN_LIBINTL) | 142 | $(GN_LIBINTL) |
146 | 143 | ||
147 | if LINUX | 144 | if LINUX |
@@ -206,10 +203,7 @@ gnunet_service_gns_LDADD = \ | |||
206 | $(top_builddir)/src/statistics/libgnunetstatistics.la \ | 203 | $(top_builddir)/src/statistics/libgnunetstatistics.la \ |
207 | $(top_builddir)/src/util/libgnunetutil.la \ | 204 | $(top_builddir)/src/util/libgnunetutil.la \ |
208 | $(top_builddir)/src/dns/libgnunetdns.la \ | 205 | $(top_builddir)/src/dns/libgnunetdns.la \ |
209 | $(top_builddir)/src/dns/libgnunetdnsparser.la \ | ||
210 | $(top_builddir)/src/dns/libgnunetdnsstub.la \ | ||
211 | $(top_builddir)/src/dht/libgnunetdht.la \ | 206 | $(top_builddir)/src/dht/libgnunetdht.la \ |
212 | $(top_builddir)/src/tun/libgnunettun.la \ | ||
213 | $(top_builddir)/src/namecache/libgnunetnamecache.la \ | 207 | $(top_builddir)/src/namecache/libgnunetnamecache.la \ |
214 | $(USE_VPN) \ | 208 | $(USE_VPN) \ |
215 | $(GN_LIBINTL) | 209 | $(GN_LIBINTL) |
diff --git a/src/gns/gns_api.c b/src/gns/gns_api.c index 0ec9209da..3b658da92 100644 --- a/src/gns/gns_api.c +++ b/src/gns/gns_api.c | |||
@@ -11,7 +11,7 @@ | |||
11 | WITHOUT ANY WARRANTY; without even the implied warranty of | 11 | WITHOUT ANY WARRANTY; without even the implied warranty of |
12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | 12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
13 | Affero General Public License for more details. | 13 | Affero General Public License for more details. |
14 | 14 | ||
15 | You should have received a copy of the GNU Affero General Public License | 15 | You should have received a copy of the GNU Affero General Public License |
16 | along with this program. If not, see <http://www.gnu.org/licenses/>. | 16 | along with this program. If not, see <http://www.gnu.org/licenses/>. |
17 | */ | 17 | */ |
@@ -232,7 +232,6 @@ reconnect (struct GNUNET_GNS_Handle *handle) | |||
232 | handle), | 232 | handle), |
233 | GNUNET_MQ_handler_end () | 233 | GNUNET_MQ_handler_end () |
234 | }; | 234 | }; |
235 | struct GNUNET_GNS_LookupRequest *lh; | ||
236 | 235 | ||
237 | GNUNET_assert (NULL == handle->mq); | 236 | GNUNET_assert (NULL == handle->mq); |
238 | LOG (GNUNET_ERROR_TYPE_DEBUG, | 237 | LOG (GNUNET_ERROR_TYPE_DEBUG, |
@@ -244,7 +243,9 @@ reconnect (struct GNUNET_GNS_Handle *handle) | |||
244 | handle); | 243 | handle); |
245 | if (NULL == handle->mq) | 244 | if (NULL == handle->mq) |
246 | return; | 245 | return; |
247 | for (lh = handle->lookup_head; NULL != lh; lh = lh->next) | 246 | for (struct GNUNET_GNS_LookupRequest *lh = handle->lookup_head; |
247 | NULL != lh; | ||
248 | lh = lh->next) | ||
248 | GNUNET_MQ_send_copy (handle->mq, | 249 | GNUNET_MQ_send_copy (handle->mq, |
249 | lh->env); | 250 | lh->env); |
250 | } | 251 | } |
diff --git a/src/gns/gnunet-bcd.c b/src/gns/gnunet-bcd.c index 5279e83a4..9737e1a49 100644 --- a/src/gns/gnunet-bcd.c +++ b/src/gns/gnunet-bcd.c | |||
@@ -469,7 +469,7 @@ run (void *cls, | |||
469 | "open", | 469 | "open", |
470 | fn); | 470 | fn); |
471 | GNUNET_free (fn); | 471 | GNUNET_free (fn); |
472 | CLOSE (fd); | 472 | GNUNET_break (0 == CLOSE (fd)); |
473 | return; | 473 | return; |
474 | } | 474 | } |
475 | GNUNET_free (fn); | 475 | GNUNET_free (fn); |
@@ -499,6 +499,7 @@ run (void *cls, | |||
499 | return; | 499 | return; |
500 | GNUNET_SCHEDULER_add_shutdown (&server_stop, | 500 | GNUNET_SCHEDULER_add_shutdown (&server_stop, |
501 | NULL); | 501 | NULL); |
502 | GNUNET_break (0 == CLOSE(fd)); | ||
502 | } | 503 | } |
503 | 504 | ||
504 | 505 | ||
diff --git a/src/gns/gnunet-dns2gns.c b/src/gns/gnunet-dns2gns.c index e6e53d405..8d39e8c53 100644 --- a/src/gns/gnunet-dns2gns.c +++ b/src/gns/gnunet-dns2gns.c | |||
@@ -269,6 +269,7 @@ dns_result_processor (void *cls, | |||
269 | } | 269 | } |
270 | request->packet = GNUNET_DNSPARSER_parse ((char*)dns, | 270 | request->packet = GNUNET_DNSPARSER_parse ((char*)dns, |
271 | r); | 271 | r); |
272 | GNUNET_DNSSTUB_resolve_cancel (request->dns_lookup); | ||
272 | send_response (request); | 273 | send_response (request); |
273 | } | 274 | } |
274 | 275 | ||
diff --git a/src/gns/gnunet-gns.c b/src/gns/gnunet-gns.c index 149c8a7bb..463348ed3 100644 --- a/src/gns/gnunet-gns.c +++ b/src/gns/gnunet-gns.c | |||
@@ -11,7 +11,7 @@ | |||
11 | WITHOUT ANY WARRANTY; without even the implied warranty of | 11 | WITHOUT ANY WARRANTY; without even the implied warranty of |
12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | 12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
13 | Affero General Public License for more details. | 13 | Affero General Public License for more details. |
14 | 14 | ||
15 | You should have received a copy of the GNU Affero General Public License | 15 | You should have received a copy of the GNU Affero General Public License |
16 | along with this program. If not, see <http://www.gnu.org/licenses/>. | 16 | along with this program. If not, see <http://www.gnu.org/licenses/>. |
17 | */ | 17 | */ |
@@ -65,8 +65,9 @@ static struct GNUNET_GNS_LookupWithTldRequest *lr; | |||
65 | /** | 65 | /** |
66 | * Global return value. | 66 | * Global return value. |
67 | * 0 on success (default), | 67 | * 0 on success (default), |
68 | * 1 on internal failures, 2 on launch failure, | 68 | * 1 on internal failures |
69 | * 3 if the name is not a GNS-supported TLD, | 69 | * 2 on launch failure, |
70 | * 4 if the name is not a GNS-supported TLD, | ||
70 | */ | 71 | */ |
71 | static int global_ret; | 72 | static int global_ret; |
72 | 73 | ||
@@ -114,7 +115,7 @@ process_lookup_result (void *cls, | |||
114 | lr = NULL; | 115 | lr = NULL; |
115 | if (GNUNET_NO == was_gns) | 116 | if (GNUNET_NO == was_gns) |
116 | { | 117 | { |
117 | global_ret = 3; | 118 | global_ret = 4; /* not for GNS */ |
118 | GNUNET_SCHEDULER_shutdown (); | 119 | GNUNET_SCHEDULER_shutdown (); |
119 | return; | 120 | return; |
120 | } | 121 | } |
@@ -183,7 +184,6 @@ run (void *cls, | |||
183 | global_ret = 2; | 184 | global_ret = 2; |
184 | return; | 185 | return; |
185 | } | 186 | } |
186 | |||
187 | GNUNET_SCHEDULER_add_shutdown (&do_shutdown, | 187 | GNUNET_SCHEDULER_add_shutdown (&do_shutdown, |
188 | NULL); | 188 | NULL); |
189 | 189 | ||
diff --git a/src/gns/nss/nss_gns.c b/src/gns/nss/nss_gns.c index 03ac6e09c..58aab47fd 100644 --- a/src/gns/nss/nss_gns.c +++ b/src/gns/nss/nss_gns.c | |||
@@ -54,121 +54,126 @@ | |||
54 | * @return a nss_status code | 54 | * @return a nss_status code |
55 | */ | 55 | */ |
56 | enum nss_status | 56 | enum nss_status |
57 | _nss_gns_gethostbyname2_r( | 57 | _nss_gns_gethostbyname2_r(const char *name, |
58 | const char *name, | 58 | int af, |
59 | int af, | 59 | struct hostent *result, |
60 | struct hostent * result, | 60 | char *buffer, |
61 | char *buffer, | 61 | size_t buflen, |
62 | size_t buflen, | 62 | int *errnop, |
63 | int *errnop, | 63 | int *h_errnop) |
64 | int *h_errnop) { | 64 | { |
65 | 65 | struct userdata u; | |
66 | struct userdata u; | 66 | enum nss_status status = NSS_STATUS_UNAVAIL; |
67 | enum nss_status status = NSS_STATUS_UNAVAIL; | 67 | int i; |
68 | int i; | 68 | size_t address_length; |
69 | size_t address_length, l, idx, astart; | 69 | size_t l; |
70 | 70 | size_t idx; | |
71 | if (af == AF_UNSPEC) | 71 | size_t astart; |
72 | |||
73 | if (af == AF_UNSPEC) | ||
72 | #ifdef NSS_IPV6_ONLY | 74 | #ifdef NSS_IPV6_ONLY |
73 | af = AF_INET6; | 75 | af = AF_INET6; |
74 | #else | 76 | #else |
75 | af = AF_INET; | 77 | af = AF_INET; |
76 | #endif | 78 | #endif |
77 | 79 | ||
78 | #ifdef NSS_IPV4_ONLY | 80 | #ifdef NSS_IPV4_ONLY |
79 | if (af != AF_INET) | 81 | if (af != AF_INET) |
80 | #elif NSS_IPV6_ONLY | 82 | #elif NSS_IPV6_ONLY |
81 | if (af != AF_INET6) | 83 | if (af != AF_INET6) |
82 | #else | 84 | #else |
83 | if (af != AF_INET && af != AF_INET6) | 85 | if ( (af != AF_INET) && |
86 | (af != AF_INET6) ) | ||
84 | #endif | 87 | #endif |
85 | { | 88 | { |
86 | *errnop = EINVAL; | 89 | *errnop = EINVAL; |
87 | *h_errnop = NO_RECOVERY; | 90 | *h_errnop = NO_RECOVERY; |
88 | 91 | ||
89 | goto finish; | 92 | goto finish; |
90 | } | 93 | } |
91 | |||
92 | address_length = af == AF_INET ? sizeof(ipv4_address_t) : sizeof(ipv6_address_t); | ||
93 | if (buflen < | ||
94 | sizeof(char*)+ /* alias names */ | ||
95 | strlen(name)+1) { /* official name */ | ||
96 | |||
97 | *errnop = ERANGE; | ||
98 | *h_errnop = NO_RECOVERY; | ||
99 | status = NSS_STATUS_TRYAGAIN; | ||
100 | |||
101 | goto finish; | ||
102 | } | ||
103 | |||
104 | u.count = 0; | ||
105 | u.data_len = 0; | ||
106 | |||
107 | i = gns_resolve_name(af, name, &u); | ||
108 | if (-3 == i) | ||
109 | { | ||
110 | status = NSS_STATUS_NOTFOUND; | ||
111 | goto finish; | ||
112 | } | ||
113 | if (-2 == i) | ||
114 | { | ||
115 | status = NSS_STATUS_UNAVAIL; | ||
116 | goto finish; | ||
117 | } | ||
118 | if ( (-1 == i) || | ||
119 | (u.count == 0) ) | ||
120 | { | ||
121 | *errnop = ETIMEDOUT; | ||
122 | *h_errnop = HOST_NOT_FOUND; | ||
123 | status = NSS_STATUS_NOTFOUND; | ||
124 | goto finish; | ||
125 | } | ||
126 | |||
127 | |||
128 | /* Alias names */ | ||
129 | *((char**) buffer) = NULL; | ||
130 | result->h_aliases = (char**) buffer; | ||
131 | idx = sizeof(char*); | ||
132 | |||
133 | /* Official name */ | ||
134 | strcpy(buffer+idx, name); | ||
135 | result->h_name = buffer+idx; | ||
136 | idx += strlen(name)+1; | ||
137 | |||
138 | ALIGN(idx); | ||
139 | |||
140 | result->h_addrtype = af; | ||
141 | result->h_length = address_length; | ||
142 | |||
143 | /* Check if there's enough space for the addresses */ | ||
144 | if (buflen < idx+u.data_len+sizeof(char*)*(u.count+1)) { | ||
145 | *errnop = ERANGE; | ||
146 | *h_errnop = NO_RECOVERY; | ||
147 | status = NSS_STATUS_TRYAGAIN; | ||
148 | goto finish; | ||
149 | } | ||
150 | 94 | ||
95 | address_length = (af == AF_INET) ? sizeof(ipv4_address_t) : sizeof(ipv6_address_t); | ||
96 | if (buflen < | ||
97 | sizeof(char*)+ /* alias names */ | ||
98 | strlen(name)+1) | ||
99 | { /* official name */ | ||
100 | *errnop = ERANGE; | ||
101 | *h_errnop = NO_RECOVERY; | ||
102 | status = NSS_STATUS_TRYAGAIN; | ||
103 | |||
104 | goto finish; | ||
105 | } | ||
106 | u.count = 0; | ||
107 | u.data_len = 0; | ||
108 | i = gns_resolve_name (af, | ||
109 | name, | ||
110 | &u); | ||
111 | if (-3 == i) | ||
112 | { | ||
113 | status = NSS_STATUS_NOTFOUND; | ||
114 | goto finish; | ||
115 | } | ||
116 | if (-2 == i) | ||
117 | { | ||
118 | status = NSS_STATUS_UNAVAIL; | ||
119 | goto finish; | ||
120 | } | ||
121 | if ( (-1 == i) || | ||
122 | (u.count == 0) ) | ||
123 | { | ||
124 | *errnop = ETIMEDOUT; | ||
125 | *h_errnop = HOST_NOT_FOUND; | ||
126 | status = NSS_STATUS_NOTFOUND; | ||
127 | goto finish; | ||
128 | } | ||
129 | /* Alias names */ | ||
130 | *((char**) buffer) = NULL; | ||
131 | result->h_aliases = (char**) buffer; | ||
132 | idx = sizeof(char*); | ||
133 | |||
134 | /* Official name */ | ||
135 | strcpy (buffer+idx, | ||
136 | name); | ||
137 | result->h_name = buffer+idx; | ||
138 | idx += strlen (name)+1; | ||
139 | |||
140 | ALIGN(idx); | ||
141 | |||
142 | result->h_addrtype = af; | ||
143 | result->h_length = address_length; | ||
144 | |||
145 | /* Check if there's enough space for the addresses */ | ||
146 | if (buflen < idx+u.data_len+sizeof(char*)*(u.count+1)) | ||
147 | { | ||
148 | *errnop = ERANGE; | ||
149 | *h_errnop = NO_RECOVERY; | ||
150 | status = NSS_STATUS_TRYAGAIN; | ||
151 | goto finish; | ||
152 | } | ||
151 | /* Addresses */ | 153 | /* Addresses */ |
152 | astart = idx; | 154 | astart = idx; |
153 | l = u.count*address_length; | 155 | l = u.count*address_length; |
154 | if (0 != l) | 156 | if (0 != l) |
155 | memcpy(buffer+astart, &u.data, l); | 157 | memcpy (buffer+astart, |
156 | /* address_length is a multiple of 32bits, so idx is still aligned | 158 | &u.data, |
157 | * correctly */ | 159 | l); |
158 | idx += l; | 160 | /* address_length is a multiple of 32bits, so idx is still aligned |
159 | 161 | * correctly */ | |
160 | /* Address array address_lenght is always a multiple of 32bits */ | 162 | idx += l; |
161 | for (i = 0; i < u.count; i++) | 163 | |
162 | ((char**) (buffer+idx))[i] = buffer+astart+address_length*i; | 164 | /* Address array address_length is always a multiple of 32bits */ |
163 | ((char**) (buffer+idx))[i] = NULL; | 165 | for (i = 0; i < u.count; i++) |
164 | result->h_addr_list = (char**) (buffer+idx); | 166 | ((char**) (buffer+idx))[i] = buffer+astart+address_length*i; |
165 | 167 | ((char**) (buffer+idx))[i] = NULL; | |
166 | status = NSS_STATUS_SUCCESS; | 168 | result->h_addr_list = (char**) (buffer+idx); |
169 | |||
170 | status = NSS_STATUS_SUCCESS; | ||
167 | 171 | ||
168 | finish: | 172 | finish: |
169 | return status; | 173 | return status; |
170 | } | 174 | } |
171 | 175 | ||
176 | |||
172 | /** | 177 | /** |
173 | * The gethostbyname hook executed by nsswitch | 178 | * The gethostbyname hook executed by nsswitch |
174 | * | 179 | * |
@@ -176,29 +181,28 @@ finish: | |||
176 | * @param result the result hostent | 181 | * @param result the result hostent |
177 | * @param buffer the result buffer | 182 | * @param buffer the result buffer |
178 | * @param buflen length of the buffer | 183 | * @param buflen length of the buffer |
179 | * @param errnop idk | 184 | * @param errnop[out] the low-level error code to return to the application |
180 | * @param h_errnop idk | 185 | * @param h_errnop idk |
181 | * @return a nss_status code | 186 | * @return a nss_status code |
182 | */ | 187 | */ |
183 | enum nss_status | 188 | enum nss_status |
184 | _nss_gns_gethostbyname_r ( | 189 | _nss_gns_gethostbyname_r (const char *name, |
185 | const char *name, | 190 | struct hostent *result, |
186 | struct hostent *result, | 191 | char *buffer, |
187 | char *buffer, | 192 | size_t buflen, |
188 | size_t buflen, | 193 | int *errnop, |
189 | int *errnop, | 194 | int *h_errnop) |
190 | int *h_errnop) { | 195 | { |
191 | 196 | return _nss_gns_gethostbyname2_r (name, | |
192 | return _nss_gns_gethostbyname2_r( | 197 | AF_UNSPEC, |
193 | name, | 198 | result, |
194 | AF_UNSPEC, | 199 | buffer, |
195 | result, | 200 | buflen, |
196 | buffer, | 201 | errnop, |
197 | buflen, | 202 | h_errnop); |
198 | errnop, | ||
199 | h_errnop); | ||
200 | } | 203 | } |
201 | 204 | ||
205 | |||
202 | /** | 206 | /** |
203 | * The gethostbyaddr hook executed by nsswitch | 207 | * The gethostbyaddr hook executed by nsswitch |
204 | * We can't do this so we always return NSS_STATUS_UNAVAIL | 208 | * We can't do this so we always return NSS_STATUS_UNAVAIL |
@@ -209,23 +213,22 @@ _nss_gns_gethostbyname_r ( | |||
209 | * @param result the result hostent | 213 | * @param result the result hostent |
210 | * @param buffer the result buffer | 214 | * @param buffer the result buffer |
211 | * @param buflen length of the buffer | 215 | * @param buflen length of the buffer |
212 | * @param errnop idk | 216 | * @param errnop[out] the low-level error code to return to the application |
213 | * @param h_errnop idk | 217 | * @param h_errnop idk |
214 | * @return NSS_STATUS_UNAVAIL | 218 | * @return NSS_STATUS_UNAVAIL |
215 | */ | 219 | */ |
216 | enum nss_status | 220 | enum nss_status |
217 | _nss_gns_gethostbyaddr_r( | 221 | _nss_gns_gethostbyaddr_r (const void* addr, |
218 | const void* addr, | 222 | int len, |
219 | int len, | 223 | int af, |
220 | int af, | 224 | struct hostent *result, |
221 | struct hostent *result, | 225 | char *buffer, |
222 | char *buffer, | 226 | size_t buflen, |
223 | size_t buflen, | 227 | int *errnop, |
224 | int *errnop, | 228 | int *h_errnop) |
225 | int *h_errnop) { | 229 | { |
226 | 230 | *errnop = EINVAL; | |
227 | *errnop = EINVAL; | 231 | *h_errnop = NO_RECOVERY; |
228 | *h_errnop = NO_RECOVERY; | 232 | //NOTE we allow to leak this into DNS so no NOTFOUND |
229 | //NOTE we allow to leak this into DNS so no NOTFOUND | 233 | return NSS_STATUS_UNAVAIL; |
230 | return NSS_STATUS_UNAVAIL; | ||
231 | } | 234 | } |
diff --git a/src/gns/nss/nss_gns_query.c b/src/gns/nss/nss_gns_query.c index 094e25ed5..867ead624 100644 --- a/src/gns/nss/nss_gns_query.c +++ b/src/gns/nss/nss_gns_query.c | |||
@@ -11,7 +11,7 @@ | |||
11 | WITHOUT ANY WARRANTY; without even the implied warranty of | 11 | WITHOUT ANY WARRANTY; without even the implied warranty of |
12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | 12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
13 | Affero General Public License for more details. | 13 | Affero General Public License for more details. |
14 | 14 | ||
15 | You should have received a copy of the GNU Affero General Public License | 15 | You should have received a copy of the GNU Affero General Public License |
16 | along with this program. If not, see <http://www.gnu.org/licenses/>. | 16 | along with this program. If not, see <http://www.gnu.org/licenses/>. |
17 | */ | 17 | */ |
@@ -48,14 +48,16 @@ gns_resolve_name (int af, | |||
48 | { | 48 | { |
49 | if (-1 == asprintf (&cmd, | 49 | if (-1 == asprintf (&cmd, |
50 | "%s -t AAAA -u %s\n", | 50 | "%s -t AAAA -u %s\n", |
51 | "gnunet-gns -r", name)) | 51 | "gnunet-gns -r", |
52 | name)) | ||
52 | return -1; | 53 | return -1; |
53 | } | 54 | } |
54 | else | 55 | else |
55 | { | 56 | { |
56 | if (-1 == asprintf (&cmd, | 57 | if (-1 == asprintf (&cmd, |
57 | "%s %s\n", | 58 | "%s %s\n", |
58 | "gnunet-gns -r -u", name)) | 59 | "gnunet-gns -r -u", |
60 | name)) | ||
59 | return -1; | 61 | return -1; |
60 | } | 62 | } |
61 | if (NULL == (p = popen (cmd, "r"))) | 63 | if (NULL == (p = popen (cmd, "r"))) |
@@ -63,7 +65,9 @@ gns_resolve_name (int af, | |||
63 | free (cmd); | 65 | free (cmd); |
64 | return -1; | 66 | return -1; |
65 | } | 67 | } |
66 | while (NULL != fgets (line, sizeof(line), p)) | 68 | while (NULL != fgets (line, |
69 | sizeof(line), | ||
70 | p)) | ||
67 | { | 71 | { |
68 | if (u->count >= MAX_ENTRIES) | 72 | if (u->count >= MAX_ENTRIES) |
69 | break; | 73 | break; |
@@ -72,7 +76,9 @@ gns_resolve_name (int af, | |||
72 | line[strlen(line)-1] = '\0'; | 76 | line[strlen(line)-1] = '\0'; |
73 | if (AF_INET == af) | 77 | if (AF_INET == af) |
74 | { | 78 | { |
75 | if (inet_pton(af, line, &(u->data.ipv4[u->count]))) | 79 | if (inet_pton(af, |
80 | line, | ||
81 | &u->data.ipv4[u->count])) | ||
76 | { | 82 | { |
77 | u->count++; | 83 | u->count++; |
78 | u->data_len += sizeof(ipv4_address_t); | 84 | u->data_len += sizeof(ipv4_address_t); |
@@ -86,7 +92,9 @@ gns_resolve_name (int af, | |||
86 | } | 92 | } |
87 | else if (AF_INET6 == af) | 93 | else if (AF_INET6 == af) |
88 | { | 94 | { |
89 | if (inet_pton(af, line, &(u->data.ipv6[u->count]))) | 95 | if (inet_pton(af, |
96 | line, | ||
97 | &u->data.ipv6[u->count])) | ||
90 | { | 98 | { |
91 | u->count++; | 99 | u->count++; |
92 | u->data_len += sizeof(ipv6_address_t); | 100 | u->data_len += sizeof(ipv6_address_t); |
@@ -105,7 +113,10 @@ gns_resolve_name (int af, | |||
105 | if (4 == ret) | 113 | if (4 == ret) |
106 | return -2; /* not for GNS */ | 114 | return -2; /* not for GNS */ |
107 | if (3 == ret) | 115 | if (3 == ret) |
108 | return -3; /* timeout */ | 116 | return -3; /* timeout -> not found */ |
117 | if ( (2 == ret) || (1 == ret) ) | ||
118 | return -2; /* launch failure -> service unavailable */ | ||
109 | return 0; | 119 | return 0; |
110 | } | 120 | } |
121 | |||
111 | /* end of nss_gns_query.c */ | 122 | /* end of nss_gns_query.c */ |
diff --git a/src/gns/nss/nss_gns_query.h b/src/gns/nss/nss_gns_query.h index bb04f9004..48cab4b22 100644 --- a/src/gns/nss/nss_gns_query.h +++ b/src/gns/nss/nss_gns_query.h | |||
@@ -11,7 +11,7 @@ | |||
11 | WITHOUT ANY WARRANTY; without even the implied warranty of | 11 | WITHOUT ANY WARRANTY; without even the implied warranty of |
12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | 12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
13 | Affero General Public License for more details. | 13 | Affero General Public License for more details. |
14 | 14 | ||
15 | You should have received a copy of the GNU Affero General Public License | 15 | You should have received a copy of the GNU Affero General Public License |
16 | along with this program. If not, see <http://www.gnu.org/licenses/>. | 16 | along with this program. If not, see <http://www.gnu.org/licenses/>. |
17 | */ | 17 | */ |
@@ -26,25 +26,30 @@ | |||
26 | /* Maximum number of entries to return */ | 26 | /* Maximum number of entries to return */ |
27 | #define MAX_ENTRIES 16 | 27 | #define MAX_ENTRIES 16 |
28 | 28 | ||
29 | typedef struct { | 29 | typedef struct |
30 | uint32_t address; | 30 | { |
31 | uint32_t address; | ||
31 | } ipv4_address_t; | 32 | } ipv4_address_t; |
32 | 33 | ||
33 | typedef struct { | 34 | |
34 | uint8_t address[16]; | 35 | typedef struct |
36 | { | ||
37 | uint8_t address[16]; | ||
35 | } ipv6_address_t; | 38 | } ipv6_address_t; |
36 | 39 | ||
37 | 40 | ||
38 | struct userdata { | 41 | struct userdata |
42 | { | ||
39 | int count; | 43 | int count; |
40 | int data_len; /* only valid when doing reverse lookup */ | 44 | int data_len; /* only valid when doing reverse lookup */ |
41 | union { | 45 | union { |
42 | ipv4_address_t ipv4[MAX_ENTRIES]; | 46 | ipv4_address_t ipv4[MAX_ENTRIES]; |
43 | ipv6_address_t ipv6[MAX_ENTRIES]; | 47 | ipv6_address_t ipv6[MAX_ENTRIES]; |
44 | char *name[MAX_ENTRIES]; | 48 | char *name[MAX_ENTRIES]; |
45 | } data; | 49 | } data; |
46 | }; | 50 | }; |
47 | 51 | ||
52 | |||
48 | /** | 53 | /** |
49 | * Wrapper function that uses gnunet-gns cli tool to resolve | 54 | * Wrapper function that uses gnunet-gns cli tool to resolve |
50 | * an IPv4/6 address. | 55 | * an IPv4/6 address. |
@@ -54,8 +59,9 @@ struct userdata { | |||
54 | * @param u the userdata (result struct) | 59 | * @param u the userdata (result struct) |
55 | * @return -1 on error else 0 | 60 | * @return -1 on error else 0 |
56 | */ | 61 | */ |
57 | int gns_resolve_name(int af, | 62 | int |
58 | const char *name, | 63 | gns_resolve_name(int af, |
59 | struct userdata *userdata); | 64 | const char *name, |
65 | struct userdata *userdata); | ||
60 | 66 | ||
61 | #endif | 67 | #endif |
diff --git a/src/gnsrecord/Makefile.am b/src/gnsrecord/Makefile.am index c83aa3307..f840a31a4 100644 --- a/src/gnsrecord/Makefile.am +++ b/src/gnsrecord/Makefile.am | |||
@@ -38,7 +38,6 @@ libgnunetgnsrecord_la_SOURCES = \ | |||
38 | gnsrecord_crypto.c \ | 38 | gnsrecord_crypto.c \ |
39 | gnsrecord_misc.c | 39 | gnsrecord_misc.c |
40 | libgnunetgnsrecord_la_LIBADD = \ | 40 | libgnunetgnsrecord_la_LIBADD = \ |
41 | $(top_builddir)/src/dns/libgnunetdnsparser.la \ | ||
42 | $(top_builddir)/src/util/libgnunetutil.la \ | 41 | $(top_builddir)/src/util/libgnunetutil.la \ |
43 | $(GN_LIBINTL) | 42 | $(GN_LIBINTL) |
44 | libgnunetgnsrecord_la_LDFLAGS = \ | 43 | libgnunetgnsrecord_la_LDFLAGS = \ |
@@ -53,7 +52,6 @@ plugin_LTLIBRARIES = \ | |||
53 | libgnunet_plugin_gnsrecord_dns_la_SOURCES = \ | 52 | libgnunet_plugin_gnsrecord_dns_la_SOURCES = \ |
54 | plugin_gnsrecord_dns.c | 53 | plugin_gnsrecord_dns.c |
55 | libgnunet_plugin_gnsrecord_dns_la_LIBADD = \ | 54 | libgnunet_plugin_gnsrecord_dns_la_LIBADD = \ |
56 | $(top_builddir)/src/dns/libgnunetdnsparser.la \ | ||
57 | $(top_builddir)/src/util/libgnunetutil.la \ | 55 | $(top_builddir)/src/util/libgnunetutil.la \ |
58 | $(LTLIBINTL) | 56 | $(LTLIBINTL) |
59 | libgnunet_plugin_gnsrecord_dns_la_LDFLAGS = \ | 57 | libgnunet_plugin_gnsrecord_dns_la_LDFLAGS = \ |
diff --git a/src/gnsrecord/gnsrecord_serialization.c b/src/gnsrecord/gnsrecord_serialization.c index a1cfbe984..934d36102 100644 --- a/src/gnsrecord/gnsrecord_serialization.c +++ b/src/gnsrecord/gnsrecord_serialization.c | |||
@@ -90,6 +90,9 @@ GNUNET_GNSRECORD_records_get_size (unsigned int rd_count, | |||
90 | { | 90 | { |
91 | size_t ret; | 91 | size_t ret; |
92 | 92 | ||
93 | if (0 == rd_count) | ||
94 | return 0; | ||
95 | |||
93 | ret = sizeof (struct NetworkRecord) * rd_count; | 96 | ret = sizeof (struct NetworkRecord) * rd_count; |
94 | for (unsigned int i=0;i<rd_count;i++) | 97 | for (unsigned int i=0;i<rd_count;i++) |
95 | { | 98 | { |
@@ -205,6 +208,9 @@ GNUNET_GNSRECORD_records_serialize (unsigned int rd_count, | |||
205 | } | 208 | } |
206 | #endif | 209 | #endif |
207 | } | 210 | } |
211 | memset (&dest[off], | ||
212 | 0, | ||
213 | dest_size-off); | ||
208 | return dest_size; | 214 | return dest_size; |
209 | } | 215 | } |
210 | 216 | ||
diff --git a/src/gnsrecord/plugin_gnsrecord_dns.c b/src/gnsrecord/plugin_gnsrecord_dns.c index 188afcae7..254ae15ea 100644 --- a/src/gnsrecord/plugin_gnsrecord_dns.c +++ b/src/gnsrecord/plugin_gnsrecord_dns.c | |||
@@ -11,7 +11,7 @@ | |||
11 | WITHOUT ANY WARRANTY; without even the implied warranty of | 11 | WITHOUT ANY WARRANTY; without even the implied warranty of |
12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | 12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
13 | Affero General Public License for more details. | 13 | Affero General Public License for more details. |
14 | 14 | ||
15 | You should have received a copy of the GNU Affero General Public License | 15 | You should have received a copy of the GNU Affero General Public License |
16 | along with this program. If not, see <http://www.gnu.org/licenses/>. | 16 | along with this program. If not, see <http://www.gnu.org/licenses/>. |
17 | */ | 17 | */ |
@@ -463,7 +463,7 @@ dns_string_to_value (void *cls, | |||
463 | } | 463 | } |
464 | cert_size = GNUNET_STRINGS_base64_decode (certp, | 464 | cert_size = GNUNET_STRINGS_base64_decode (certp, |
465 | strlen (certp), | 465 | strlen (certp), |
466 | &cert_data); | 466 | (void **) &cert_data); |
467 | GNUNET_free (sdup); | 467 | GNUNET_free (sdup); |
468 | cert.cert_type = type; | 468 | cert.cert_type = type; |
469 | cert.cert_tag = key; | 469 | cert.cert_tag = key; |
diff --git a/src/identity/identity_api_lookup.c b/src/identity/identity_api_lookup.c index 593a5dbb0..25aec8ede 100644 --- a/src/identity/identity_api_lookup.c +++ b/src/identity/identity_api_lookup.c | |||
@@ -11,7 +11,7 @@ | |||
11 | WITHOUT ANY WARRANTY; without even the implied warranty of | 11 | WITHOUT ANY WARRANTY; without even the implied warranty of |
12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | 12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
13 | Affero General Public License for more details. | 13 | Affero General Public License for more details. |
14 | 14 | ||
15 | You should have received a copy of the GNU Affero General Public License | 15 | You should have received a copy of the GNU Affero General Public License |
16 | along with this program. If not, see <http://www.gnu.org/licenses/>. | 16 | along with this program. If not, see <http://www.gnu.org/licenses/>. |
17 | */ | 17 | */ |
@@ -131,6 +131,12 @@ GNUNET_IDENTITY_ego_lookup (const struct GNUNET_CONFIGURATION_Handle *cfg, | |||
131 | el->identity = GNUNET_IDENTITY_connect (cfg, | 131 | el->identity = GNUNET_IDENTITY_connect (cfg, |
132 | &identity_cb, | 132 | &identity_cb, |
133 | el); | 133 | el); |
134 | if (NULL == el->identity) | ||
135 | { | ||
136 | GNUNET_free (el->name); | ||
137 | GNUNET_free (el); | ||
138 | return NULL; | ||
139 | } | ||
134 | return el; | 140 | return el; |
135 | } | 141 | } |
136 | 142 | ||
diff --git a/src/include/block_dns.h b/src/include/block_dns.h index f54a51232..234ed502d 100644 --- a/src/include/block_dns.h +++ b/src/include/block_dns.h | |||
@@ -38,7 +38,7 @@ GNUNET_NETWORK_STRUCT_BEGIN | |||
38 | struct GNUNET_DNS_Advertisement | 38 | struct GNUNET_DNS_Advertisement |
39 | { | 39 | { |
40 | /** | 40 | /** |
41 | * Signature of the peer affirming that he is offering the service. | 41 | * Signature of the peer affirming that it is offering the service. |
42 | */ | 42 | */ |
43 | struct GNUNET_CRYPTO_EddsaSignature signature; | 43 | struct GNUNET_CRYPTO_EddsaSignature signature; |
44 | 44 | ||
diff --git a/src/include/gnunet_cadet_service.h b/src/include/gnunet_cadet_service.h index 4f35a3f1f..552763055 100644 --- a/src/include/gnunet_cadet_service.h +++ b/src/include/gnunet_cadet_service.h | |||
@@ -425,7 +425,9 @@ typedef void | |||
425 | int tunnel, | 425 | int tunnel, |
426 | int neighbor, | 426 | int neighbor, |
427 | unsigned int n_paths, | 427 | unsigned int n_paths, |
428 | const struct GNUNET_PeerIdentity *paths); | 428 | const struct GNUNET_PeerIdentity *paths, |
429 | int offset, | ||
430 | int finished_with_paths); | ||
429 | 431 | ||
430 | 432 | ||
431 | /** | 433 | /** |
diff --git a/src/include/gnunet_common.h b/src/include/gnunet_common.h index b4bf5b0aa..1b982cc15 100644 --- a/src/include/gnunet_common.h +++ b/src/include/gnunet_common.h | |||
@@ -1074,7 +1074,7 @@ GNUNET_ntoh_double (double d); | |||
1074 | * @param tsize the target size for the resulting vector, use 0 to | 1074 | * @param tsize the target size for the resulting vector, use 0 to |
1075 | * free the vector (then, arr will be NULL afterwards). | 1075 | * free the vector (then, arr will be NULL afterwards). |
1076 | */ | 1076 | */ |
1077 | #define GNUNET_array_grow(arr,size,tsize) GNUNET_xgrow_((void**)&arr, sizeof(arr[0]), &size, tsize, __FILE__, __LINE__) | 1077 | #define GNUNET_array_grow(arr,size,tsize) GNUNET_xgrow_((void**)&(arr), sizeof((arr)[0]), &size, tsize, __FILE__, __LINE__) |
1078 | 1078 | ||
1079 | /** | 1079 | /** |
1080 | * @ingroup memory | 1080 | * @ingroup memory |
@@ -1089,7 +1089,7 @@ GNUNET_ntoh_double (double d); | |||
1089 | * array size | 1089 | * array size |
1090 | * @param element the element that will be appended to the array | 1090 | * @param element the element that will be appended to the array |
1091 | */ | 1091 | */ |
1092 | #define GNUNET_array_append(arr,size,element) do { GNUNET_array_grow(arr,size,size+1); arr[size-1] = element; } while(0) | 1092 | #define GNUNET_array_append(arr,size,element) do { GNUNET_array_grow(arr,size,size+1); (arr)[size-1] = element; } while(0) |
1093 | 1093 | ||
1094 | /** | 1094 | /** |
1095 | * @ingroup memory | 1095 | * @ingroup memory |
diff --git a/src/include/gnunet_core_service.h b/src/include/gnunet_core_service.h index e25043d17..b38f38b69 100644 --- a/src/include/gnunet_core_service.h +++ b/src/include/gnunet_core_service.h | |||
@@ -232,7 +232,7 @@ enum GNUNET_CORE_KxState | |||
232 | 232 | ||
233 | /** | 233 | /** |
234 | * The other peer has confirmed our session key + PING with a PONG | 234 | * The other peer has confirmed our session key + PING with a PONG |
235 | * message encrypted with his session key (which we got). Key | 235 | * message encrypted with their session key (which we got). Key |
236 | * exchange is done. | 236 | * exchange is done. |
237 | */ | 237 | */ |
238 | GNUNET_CORE_KX_STATE_UP, | 238 | GNUNET_CORE_KX_STATE_UP, |
diff --git a/src/include/gnunet_dnsparser_lib.h b/src/include/gnunet_dnsparser_lib.h index fa4915be7..0fc6ac19c 100644 --- a/src/include/gnunet_dnsparser_lib.h +++ b/src/include/gnunet_dnsparser_lib.h | |||
@@ -31,7 +31,6 @@ | |||
31 | #define GNUNET_DNSPARSER_LIB_H | 31 | #define GNUNET_DNSPARSER_LIB_H |
32 | 32 | ||
33 | #include "gnunet_util_lib.h" | 33 | #include "gnunet_util_lib.h" |
34 | #include "gnunet_tun_lib.h" | ||
35 | 34 | ||
36 | /** | 35 | /** |
37 | * Maximum length of a label in DNS. | 36 | * Maximum length of a label in DNS. |
@@ -83,6 +82,7 @@ | |||
83 | #define GNUNET_DNSPARSER_TYPE_OPENPGPKEY 61 | 82 | #define GNUNET_DNSPARSER_TYPE_OPENPGPKEY 61 |
84 | #define GNUNET_DNSPARSER_TYPE_TKEY 249 | 83 | #define GNUNET_DNSPARSER_TYPE_TKEY 249 |
85 | #define GNUNET_DNSPARSER_TYPE_TSIG 250 | 84 | #define GNUNET_DNSPARSER_TYPE_TSIG 250 |
85 | #define GNUNET_DNSPARSER_TYPE_ALL 255 | ||
86 | #define GNUNET_DNSPARSER_TYPE_URI 256 | 86 | #define GNUNET_DNSPARSER_TYPE_URI 256 |
87 | #define GNUNET_DNSPARSER_TYPE_TA 32768 | 87 | #define GNUNET_DNSPARSER_TYPE_TA 32768 |
88 | 88 | ||
@@ -841,6 +841,58 @@ GNUNET_DNSPARSER_parse_srv (const char *udp_payload, | |||
841 | size_t udp_payload_length, | 841 | size_t udp_payload_length, |
842 | size_t *off); | 842 | size_t *off); |
843 | 843 | ||
844 | /* ***************** low-level duplication API ******************** */ | ||
845 | |||
846 | /** | ||
847 | * Duplicate (deep-copy) the given DNS record | ||
848 | * | ||
849 | * @param r the record | ||
850 | * @return the newly allocated record | ||
851 | */ | ||
852 | struct GNUNET_DNSPARSER_Record * | ||
853 | GNUNET_DNSPARSER_duplicate_record (const struct GNUNET_DNSPARSER_Record *r); | ||
854 | |||
855 | |||
856 | /** | ||
857 | * Duplicate (deep-copy) the given DNS record | ||
858 | * | ||
859 | * @param r the record | ||
860 | * @return the newly allocated record | ||
861 | */ | ||
862 | struct GNUNET_DNSPARSER_SoaRecord * | ||
863 | GNUNET_DNSPARSER_duplicate_soa_record (const struct GNUNET_DNSPARSER_SoaRecord *r); | ||
864 | |||
865 | |||
866 | /** | ||
867 | * Duplicate (deep-copy) the given DNS record | ||
868 | * | ||
869 | * @param r the record | ||
870 | * @return the newly allocated record | ||
871 | */ | ||
872 | struct GNUNET_DNSPARSER_CertRecord * | ||
873 | GNUNET_DNSPARSER_duplicate_cert_record (const struct GNUNET_DNSPARSER_CertRecord *r); | ||
874 | |||
875 | |||
876 | /** | ||
877 | * Duplicate (deep-copy) the given DNS record | ||
878 | * | ||
879 | * @param r the record | ||
880 | * @return the newly allocated record | ||
881 | */ | ||
882 | struct GNUNET_DNSPARSER_MxRecord * | ||
883 | GNUNET_DNSPARSER_duplicate_mx_record (const struct GNUNET_DNSPARSER_MxRecord *r); | ||
884 | |||
885 | |||
886 | /** | ||
887 | * Duplicate (deep-copy) the given DNS record | ||
888 | * | ||
889 | * @param r the record | ||
890 | * @return the newly allocated record | ||
891 | */ | ||
892 | struct GNUNET_DNSPARSER_SrvRecord * | ||
893 | GNUNET_DNSPARSER_duplicate_srv_record (const struct GNUNET_DNSPARSER_SrvRecord *r); | ||
894 | |||
895 | |||
844 | /* ***************** low-level deallocation API ******************** */ | 896 | /* ***************** low-level deallocation API ******************** */ |
845 | 897 | ||
846 | /** | 898 | /** |
diff --git a/src/include/gnunet_dnsstub_lib.h b/src/include/gnunet_dnsstub_lib.h index 8f1b90425..ad44be846 100644 --- a/src/include/gnunet_dnsstub_lib.h +++ b/src/include/gnunet_dnsstub_lib.h | |||
@@ -29,8 +29,7 @@ | |||
29 | #ifndef GNUNET_DNSSTUB_LIB_H | 29 | #ifndef GNUNET_DNSSTUB_LIB_H |
30 | #define GNUNET_DNSSTUB_LIB_H | 30 | #define GNUNET_DNSSTUB_LIB_H |
31 | 31 | ||
32 | #include "gnunet_common.h" | 32 | #include "gnunet_util_lib.h" |
33 | #include "gnunet_tun_lib.h" | ||
34 | 33 | ||
35 | /** | 34 | /** |
36 | * Opaque handle to the stub resolver. | 35 | * Opaque handle to the stub resolver. |
diff --git a/src/include/gnunet_os_lib.h b/src/include/gnunet_os_lib.h index 86957a25c..98469a156 100644 --- a/src/include/gnunet_os_lib.h +++ b/src/include/gnunet_os_lib.h | |||
@@ -556,7 +556,7 @@ GNUNET_OS_command_run (GNUNET_OS_LineProcessor proc, | |||
556 | 556 | ||
557 | 557 | ||
558 | /** | 558 | /** |
559 | * Retrieve the status of a process, waiting on him if dead. | 559 | * Retrieve the status of a process, waiting on it if dead. |
560 | * Nonblocking version. | 560 | * Nonblocking version. |
561 | * | 561 | * |
562 | * @param proc pointer to process structure | 562 | * @param proc pointer to process structure |
@@ -586,7 +586,7 @@ GNUNET_OS_process_wait (struct GNUNET_OS_Process *proc); | |||
586 | 586 | ||
587 | 587 | ||
588 | /** | 588 | /** |
589 | * Retrieve the status of a process, waiting on him if dead. | 589 | * Retrieve the status of a process, waiting on it if dead. |
590 | * Blocking version. | 590 | * Blocking version. |
591 | * | 591 | * |
592 | * @param proc pointer to process structure | 592 | * @param proc pointer to process structure |
diff --git a/src/include/gnunet_psyc_service.h b/src/include/gnunet_psyc_service.h index f31de0e67..053fe4495 100644 --- a/src/include/gnunet_psyc_service.h +++ b/src/include/gnunet_psyc_service.h | |||
@@ -135,7 +135,7 @@ enum GNUNET_PSYC_ChannelFlags | |||
135 | enum GNUNET_PSYC_Policy | 135 | enum GNUNET_PSYC_Policy |
136 | { | 136 | { |
137 | /** | 137 | /** |
138 | * Anyone can join the channel, without announcing his presence; | 138 | * Anyone can join the channel, without announcing their presence; |
139 | * all messages are always public and can be distributed freely. | 139 | * all messages are always public and can be distributed freely. |
140 | * Joins may be announced, but this is not required. | 140 | * Joins may be announced, but this is not required. |
141 | */ | 141 | */ |
diff --git a/src/include/gnunet_secretsharing_service.h b/src/include/gnunet_secretsharing_service.h index bd11df982..a3f44222e 100644 --- a/src/include/gnunet_secretsharing_service.h +++ b/src/include/gnunet_secretsharing_service.h | |||
@@ -248,7 +248,7 @@ GNUNET_SECRETSHARING_encrypt (const struct GNUNET_SECRETSHARING_PublicKey *publi | |||
248 | * published the same value, it will be decrypted. | 248 | * published the same value, it will be decrypted. |
249 | * | 249 | * |
250 | * When the operation is canceled, the decrypt_cb is not called anymore, but the calling | 250 | * When the operation is canceled, the decrypt_cb is not called anymore, but the calling |
251 | * peer may already have irrevocably contributed his share for the decryption of the value. | 251 | * peer may already have irrevocably contributed its share for the decryption of the value. |
252 | * | 252 | * |
253 | * @param cfg configuration to use | 253 | * @param cfg configuration to use |
254 | * @param share our secret share to use for decryption | 254 | * @param share our secret share to use for decryption |
@@ -273,7 +273,7 @@ GNUNET_SECRETSHARING_decrypt (const struct GNUNET_CONFIGURATION_Handle *cfg, | |||
273 | * Cancel a decryption. | 273 | * Cancel a decryption. |
274 | * | 274 | * |
275 | * The decrypt_cb is not called anymore, but the calling | 275 | * The decrypt_cb is not called anymore, but the calling |
276 | * peer may already have irrevocably contributed his share for the decryption of the value. | 276 | * peer may already have irrevocably contributed its share for the decryption of the value. |
277 | * | 277 | * |
278 | * @param dh to cancel | 278 | * @param dh to cancel |
279 | */ | 279 | */ |
diff --git a/src/include/gnunet_signatures.h b/src/include/gnunet_signatures.h index bc9e3dc16..d7accaf2c 100644 --- a/src/include/gnunet_signatures.h +++ b/src/include/gnunet_signatures.h | |||
@@ -134,7 +134,7 @@ extern "C" | |||
134 | 134 | ||
135 | /** | 135 | /** |
136 | * Accept state in regex DFA. Peer affirms that | 136 | * Accept state in regex DFA. Peer affirms that |
137 | * he offers the matching service. | 137 | * it offers the matching service. |
138 | */ | 138 | */ |
139 | #define GNUNET_SIGNATURE_PURPOSE_REGEX_ACCEPT 18 | 139 | #define GNUNET_SIGNATURE_PURPOSE_REGEX_ACCEPT 18 |
140 | 140 | ||
diff --git a/src/include/gnunet_strings_lib.h b/src/include/gnunet_strings_lib.h index 1fdab93b2..c1d76ef71 100644 --- a/src/include/gnunet_strings_lib.h +++ b/src/include/gnunet_strings_lib.h | |||
@@ -11,7 +11,7 @@ | |||
11 | WITHOUT ANY WARRANTY; without even the implied warranty of | 11 | WITHOUT ANY WARRANTY; without even the implied warranty of |
12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | 12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
13 | Affero General Public License for more details. | 13 | Affero General Public License for more details. |
14 | 14 | ||
15 | You should have received a copy of the GNU Affero General Public License | 15 | You should have received a copy of the GNU Affero General Public License |
16 | along with this program. If not, see <http://www.gnu.org/licenses/>. | 16 | along with this program. If not, see <http://www.gnu.org/licenses/>. |
17 | */ | 17 | */ |
@@ -339,7 +339,9 @@ GNUNET_STRINGS_string_to_data (const char *enc, | |||
339 | * @return the size of the output | 339 | * @return the size of the output |
340 | */ | 340 | */ |
341 | size_t | 341 | size_t |
342 | GNUNET_STRINGS_base64_encode (const char *data, size_t len, char **output); | 342 | GNUNET_STRINGS_base64_encode (const void *in, |
343 | size_t len, | ||
344 | char **output); | ||
343 | 345 | ||
344 | 346 | ||
345 | /** | 347 | /** |
@@ -354,7 +356,7 @@ GNUNET_STRINGS_base64_encode (const char *data, size_t len, char **output); | |||
354 | size_t | 356 | size_t |
355 | GNUNET_STRINGS_base64_decode (const char *data, | 357 | GNUNET_STRINGS_base64_decode (const char *data, |
356 | size_t len, | 358 | size_t len, |
357 | char **output); | 359 | void **output); |
358 | 360 | ||
359 | 361 | ||
360 | /** | 362 | /** |
diff --git a/src/include/gnunet_tun_lib.h b/src/include/gnunet_tun_lib.h index a2e75eb5f..8de627141 100644 --- a/src/include/gnunet_tun_lib.h +++ b/src/include/gnunet_tun_lib.h | |||
@@ -30,7 +30,8 @@ | |||
30 | #ifndef GNUNET_TUN_LIB_H | 30 | #ifndef GNUNET_TUN_LIB_H |
31 | #define GNUNET_TUN_LIB_H | 31 | #define GNUNET_TUN_LIB_H |
32 | 32 | ||
33 | #include "gnunet_util_lib.h" | 33 | #include "gnunet_common.h" |
34 | #include "gnunet_crypto_lib.h" | ||
34 | 35 | ||
35 | 36 | ||
36 | /* see http://www.iana.org/assignments/ethernet-numbers */ | 37 | /* see http://www.iana.org/assignments/ethernet-numbers */ |
diff --git a/src/include/gnunet_util_lib.h b/src/include/gnunet_util_lib.h index 5e8eef1ad..091d3ba58 100644 --- a/src/include/gnunet_util_lib.h +++ b/src/include/gnunet_util_lib.h | |||
@@ -78,6 +78,9 @@ extern "C" | |||
78 | #include "gnunet_service_lib.h" | 78 | #include "gnunet_service_lib.h" |
79 | #include "gnunet_signal_lib.h" | 79 | #include "gnunet_signal_lib.h" |
80 | #include "gnunet_strings_lib.h" | 80 | #include "gnunet_strings_lib.h" |
81 | #include "gnunet_tun_lib.h" | ||
82 | #include "gnunet_dnsstub_lib.h" | ||
83 | #include "gnunet_dnsparser_lib.h" | ||
81 | 84 | ||
82 | #if 0 /* keep Emacsens' auto-indent happy */ | 85 | #if 0 /* keep Emacsens' auto-indent happy */ |
83 | { | 86 | { |
diff --git a/src/multicast/gnunet-service-multicast.c b/src/multicast/gnunet-service-multicast.c index 21eb39daa..20d29b906 100644 --- a/src/multicast/gnunet-service-multicast.c +++ b/src/multicast/gnunet-service-multicast.c | |||
@@ -1449,7 +1449,7 @@ check_client_member_join (void *cls, | |||
1449 | struct GNUNET_PeerIdentity *relays = (struct GNUNET_PeerIdentity *) &msg[1]; | 1449 | struct GNUNET_PeerIdentity *relays = (struct GNUNET_PeerIdentity *) &msg[1]; |
1450 | uint32_t relay_count = ntohl (msg->relay_count); | 1450 | uint32_t relay_count = ntohl (msg->relay_count); |
1451 | 1451 | ||
1452 | if (0 == relay_count} | 1452 | if (0 == relay_count) |
1453 | { | 1453 | { |
1454 | GNUNET_break (0); | 1454 | GNUNET_break (0); |
1455 | return GNUNET_SYSERR; | 1455 | return GNUNET_SYSERR; |
diff --git a/src/namestore/Makefile.am b/src/namestore/Makefile.am index fa85cc060..777e722c2 100644 --- a/src/namestore/Makefile.am +++ b/src/namestore/Makefile.am | |||
@@ -147,8 +147,6 @@ gnunet_zoneimport_LDADD = \ | |||
147 | $(top_builddir)/src/statistics/libgnunetstatistics.la \ | 147 | $(top_builddir)/src/statistics/libgnunetstatistics.la \ |
148 | $(top_builddir)/src/identity/libgnunetidentity.la \ | 148 | $(top_builddir)/src/identity/libgnunetidentity.la \ |
149 | $(top_builddir)/src/gnsrecord/libgnunetgnsrecord.la \ | 149 | $(top_builddir)/src/gnsrecord/libgnunetgnsrecord.la \ |
150 | $(top_builddir)/src/dns/libgnunetdnsparser.la \ | ||
151 | $(top_builddir)/src/dns/libgnunetdnsstub.la \ | ||
152 | $(top_builddir)/src/util/libgnunetutil.la \ | 150 | $(top_builddir)/src/util/libgnunetutil.la \ |
153 | $(GN_LIBINTL) | 151 | $(GN_LIBINTL) |
154 | 152 | ||
diff --git a/src/namestore/gnunet-zoneimport.c b/src/namestore/gnunet-zoneimport.c index 6c89cdb05..ddc8b483a 100644 --- a/src/namestore/gnunet-zoneimport.c +++ b/src/namestore/gnunet-zoneimport.c | |||
@@ -11,7 +11,7 @@ | |||
11 | WITHOUT ANY WARRANTY; without even the implied warranty of | 11 | WITHOUT ANY WARRANTY; without even the implied warranty of |
12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | 12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
13 | Affero General Public License for more details. | 13 | Affero General Public License for more details. |
14 | 14 | ||
15 | You should have received a copy of the GNU Affero General Public License | 15 | You should have received a copy of the GNU Affero General Public License |
16 | along with this program. If not, see <http://www.gnu.org/licenses/>. | 16 | along with this program. If not, see <http://www.gnu.org/licenses/>. |
17 | */ | 17 | */ |
@@ -456,6 +456,7 @@ build_dns_query (struct Request *req, | |||
456 | char *rawp; | 456 | char *rawp; |
457 | struct GNUNET_DNSPARSER_Packet p; | 457 | struct GNUNET_DNSPARSER_Packet p; |
458 | struct GNUNET_DNSPARSER_Query q; | 458 | struct GNUNET_DNSPARSER_Query q; |
459 | int ret; | ||
459 | 460 | ||
460 | q.name = (char *) req->hostname; | 461 | q.name = (char *) req->hostname; |
461 | q.type = GNUNET_DNSPARSER_TYPE_NS; | 462 | q.type = GNUNET_DNSPARSER_TYPE_NS; |
@@ -467,12 +468,14 @@ build_dns_query (struct Request *req, | |||
467 | p.num_queries = 1; | 468 | p.num_queries = 1; |
468 | p.queries = &q; | 469 | p.queries = &q; |
469 | p.id = req->id; | 470 | p.id = req->id; |
470 | if (GNUNET_OK != | 471 | ret = GNUNET_DNSPARSER_pack (&p, |
471 | GNUNET_DNSPARSER_pack (&p, | 472 | UINT16_MAX, |
472 | UINT16_MAX, | 473 | &rawp, |
473 | &rawp, | 474 | raw_size); |
474 | raw_size)) | 475 | if (GNUNET_OK != ret) |
475 | { | 476 | { |
477 | if (GNUNET_NO == ret) | ||
478 | GNUNET_free (rawp); | ||
476 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | 479 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, |
477 | "Failed to pack query for hostname `%s'\n", | 480 | "Failed to pack query for hostname `%s'\n", |
478 | req->hostname); | 481 | req->hostname); |
diff --git a/src/namestore/plugin_namestore_flat.c b/src/namestore/plugin_namestore_flat.c index 33c48b244..e16fe91b7 100644 --- a/src/namestore/plugin_namestore_flat.c +++ b/src/namestore/plugin_namestore_flat.c | |||
@@ -55,7 +55,7 @@ struct FlatFileEntry | |||
55 | /** | 55 | /** |
56 | * Entry zone | 56 | * Entry zone |
57 | */ | 57 | */ |
58 | struct GNUNET_CRYPTO_EcdsaPrivateKey *private_key; | 58 | struct GNUNET_CRYPTO_EcdsaPrivateKey private_key; |
59 | 59 | ||
60 | /** | 60 | /** |
61 | * Record cound | 61 | * Record cound |
@@ -93,7 +93,6 @@ static int | |||
93 | database_setup (struct Plugin *plugin) | 93 | database_setup (struct Plugin *plugin) |
94 | { | 94 | { |
95 | char *afsdir; | 95 | char *afsdir; |
96 | char *key; | ||
97 | char *record_data; | 96 | char *record_data; |
98 | char *zone_private_key; | 97 | char *zone_private_key; |
99 | char *record_data_b64; | 98 | char *record_data_b64; |
@@ -104,7 +103,6 @@ database_setup (struct Plugin *plugin) | |||
104 | char *record_count; | 103 | char *record_count; |
105 | size_t record_data_size; | 104 | size_t record_data_size; |
106 | uint64_t size; | 105 | uint64_t size; |
107 | size_t key_len; | ||
108 | struct GNUNET_HashCode hkey; | 106 | struct GNUNET_HashCode hkey; |
109 | struct GNUNET_DISK_FileHandle *fh; | 107 | struct GNUNET_DISK_FileHandle *fh; |
110 | struct FlatFileEntry *entry; | 108 | struct FlatFileEntry *entry; |
@@ -232,7 +230,7 @@ database_setup (struct Plugin *plugin) | |||
232 | record_data_size | 230 | record_data_size |
233 | = GNUNET_STRINGS_base64_decode (record_data_b64, | 231 | = GNUNET_STRINGS_base64_decode (record_data_b64, |
234 | strlen (record_data_b64), | 232 | strlen (record_data_b64), |
235 | &record_data); | 233 | (void **) &record_data); |
236 | entry->record_data = | 234 | entry->record_data = |
237 | GNUNET_new_array (entry->record_count, | 235 | GNUNET_new_array (entry->record_count, |
238 | struct GNUNET_GNSRECORD_Data); | 236 | struct GNUNET_GNSRECORD_Data); |
@@ -251,21 +249,34 @@ database_setup (struct Plugin *plugin) | |||
251 | break; | 249 | break; |
252 | } | 250 | } |
253 | GNUNET_free (record_data); | 251 | GNUNET_free (record_data); |
254 | GNUNET_STRINGS_base64_decode (zone_private_key, | 252 | |
255 | strlen (zone_private_key), | 253 | { |
256 | (char**)&entry->private_key); | 254 | struct GNUNET_CRYPTO_EcdsaPrivateKey *private_key; |
257 | key_len = strlen (label) + sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey); | 255 | |
258 | key = GNUNET_malloc (strlen (label) + sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey)); | 256 | GNUNET_STRINGS_base64_decode (zone_private_key, |
259 | GNUNET_memcpy (key, | 257 | strlen (zone_private_key), |
260 | label, | 258 | (void**)&private_key); |
261 | strlen (label)); | 259 | entry->private_key = *private_key; |
262 | GNUNET_memcpy (key+strlen(label), | 260 | GNUNET_free (private_key); |
263 | entry->private_key, | 261 | } |
264 | sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey)); | 262 | |
265 | GNUNET_CRYPTO_hash (key, | 263 | { |
266 | key_len, | 264 | char *key; |
267 | &hkey); | 265 | size_t key_len; |
268 | GNUNET_free (key); | 266 | |
267 | key_len = strlen (label) + sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey); | ||
268 | key = GNUNET_malloc (strlen (label) + sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey)); | ||
269 | GNUNET_memcpy (key, | ||
270 | label, | ||
271 | strlen (label)); | ||
272 | GNUNET_memcpy (key+strlen(label), | ||
273 | &entry->private_key, | ||
274 | sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey)); | ||
275 | GNUNET_CRYPTO_hash (key, | ||
276 | key_len, | ||
277 | &hkey); | ||
278 | GNUNET_free (key); | ||
279 | } | ||
269 | if (GNUNET_OK != | 280 | if (GNUNET_OK != |
270 | GNUNET_CONTAINER_multihashmap_put (plugin->hm, | 281 | GNUNET_CONTAINER_multihashmap_put (plugin->hm, |
271 | &hkey, | 282 | &hkey, |
@@ -302,7 +313,7 @@ store_and_free_entries (void *cls, | |||
302 | ssize_t data_size; | 313 | ssize_t data_size; |
303 | 314 | ||
304 | (void) key; | 315 | (void) key; |
305 | GNUNET_STRINGS_base64_encode ((char*)entry->private_key, | 316 | GNUNET_STRINGS_base64_encode (&entry->private_key, |
306 | sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey), | 317 | sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey), |
307 | &zone_private_key); | 318 | &zone_private_key); |
308 | data_size = GNUNET_GNSRECORD_records_get_size (entry->record_count, | 319 | data_size = GNUNET_GNSRECORD_records_get_size (entry->record_count, |
@@ -353,7 +364,6 @@ store_and_free_entries (void *cls, | |||
353 | strlen (line)); | 364 | strlen (line)); |
354 | 365 | ||
355 | GNUNET_free (line); | 366 | GNUNET_free (line); |
356 | GNUNET_free (entry->private_key); | ||
357 | GNUNET_free (entry->label); | 367 | GNUNET_free (entry->label); |
358 | GNUNET_free (entry->record_data); | 368 | GNUNET_free (entry->record_data); |
359 | GNUNET_free (entry); | 369 | GNUNET_free (entry); |
@@ -441,11 +451,10 @@ namestore_flat_store_records (void *cls, | |||
441 | return GNUNET_OK; | 451 | return GNUNET_OK; |
442 | } | 452 | } |
443 | entry = GNUNET_new (struct FlatFileEntry); | 453 | entry = GNUNET_new (struct FlatFileEntry); |
444 | entry->private_key = GNUNET_new (struct GNUNET_CRYPTO_EcdsaPrivateKey); | ||
445 | GNUNET_asprintf (&entry->label, | 454 | GNUNET_asprintf (&entry->label, |
446 | label, | 455 | label, |
447 | strlen (label)); | 456 | strlen (label)); |
448 | GNUNET_memcpy (entry->private_key, | 457 | GNUNET_memcpy (&entry->private_key, |
449 | zone_key, | 458 | zone_key, |
450 | sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey)); | 459 | sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey)); |
451 | entry->rvalue = rvalue; | 460 | entry->rvalue = rvalue; |
@@ -519,7 +528,7 @@ namestore_flat_lookup_records (void *cls, | |||
519 | if (NULL != iter) | 528 | if (NULL != iter) |
520 | iter (iter_cls, | 529 | iter (iter_cls, |
521 | 0, | 530 | 0, |
522 | entry->private_key, | 531 | &entry->private_key, |
523 | entry->label, | 532 | entry->label, |
524 | entry->record_count, | 533 | entry->record_count, |
525 | entry->record_data); | 534 | entry->record_data); |
@@ -586,7 +595,7 @@ iterate_zones (void *cls, | |||
586 | if (0 == ic->limit) | 595 | if (0 == ic->limit) |
587 | return GNUNET_NO; | 596 | return GNUNET_NO; |
588 | if ( (NULL != ic->zone) && | 597 | if ( (NULL != ic->zone) && |
589 | (0 != memcmp (entry->private_key, | 598 | (0 != memcmp (&entry->private_key, |
590 | ic->zone, | 599 | ic->zone, |
591 | sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey))) ) | 600 | sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey))) ) |
592 | return GNUNET_YES; | 601 | return GNUNET_YES; |
@@ -598,7 +607,7 @@ iterate_zones (void *cls, | |||
598 | } | 607 | } |
599 | ic->iter (ic->iter_cls, | 608 | ic->iter (ic->iter_cls, |
600 | ic->pos, | 609 | ic->pos, |
601 | entry->private_key, | 610 | &entry->private_key, |
602 | entry->label, | 611 | entry->label, |
603 | entry->record_count, | 612 | entry->record_count, |
604 | entry->record_data); | 613 | entry->record_data); |
@@ -668,7 +677,7 @@ zone_to_name (void *cls, | |||
668 | struct FlatFileEntry *entry = value; | 677 | struct FlatFileEntry *entry = value; |
669 | 678 | ||
670 | (void) key; | 679 | (void) key; |
671 | if (0 != memcmp (entry->private_key, | 680 | if (0 != memcmp (&entry->private_key, |
672 | ztn->zone, | 681 | ztn->zone, |
673 | sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey))) | 682 | sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey))) |
674 | return GNUNET_YES; | 683 | return GNUNET_YES; |
@@ -683,7 +692,7 @@ zone_to_name (void *cls, | |||
683 | { | 692 | { |
684 | ztn->iter (ztn->iter_cls, | 693 | ztn->iter (ztn->iter_cls, |
685 | 0, | 694 | 0, |
686 | entry->private_key, | 695 | &entry->private_key, |
687 | entry->label, | 696 | entry->label, |
688 | entry->record_count, | 697 | entry->record_count, |
689 | entry->record_data); | 698 | entry->record_data); |
diff --git a/src/namestore/test_namestore_api_lookup_shadow.c b/src/namestore/test_namestore_api_lookup_shadow.c index ecfd03735..08977712b 100644 --- a/src/namestore/test_namestore_api_lookup_shadow.c +++ b/src/namestore/test_namestore_api_lookup_shadow.c | |||
@@ -277,9 +277,9 @@ main (int argc, char *argv[]) | |||
277 | { | 277 | { |
278 | res = 1; | 278 | res = 1; |
279 | } | 279 | } |
280 | GNUNET_free (cfg_name); | ||
281 | GNUNET_DISK_purge_cfg_dir (cfg_name, | 280 | GNUNET_DISK_purge_cfg_dir (cfg_name, |
282 | "GNUNET_TEST_HOME"); | 281 | "GNUNET_TEST_HOME"); |
282 | GNUNET_free (cfg_name); | ||
283 | return res; | 283 | return res; |
284 | } | 284 | } |
285 | 285 | ||
diff --git a/src/namestore/test_namestore_api_lookup_shadow_filter.c b/src/namestore/test_namestore_api_lookup_shadow_filter.c index b751ff703..7555f51e7 100644 --- a/src/namestore/test_namestore_api_lookup_shadow_filter.c +++ b/src/namestore/test_namestore_api_lookup_shadow_filter.c | |||
@@ -352,9 +352,9 @@ main (int argc, char *argv[]) | |||
352 | { | 352 | { |
353 | res = 1; | 353 | res = 1; |
354 | } | 354 | } |
355 | GNUNET_free (cfg_name); | ||
356 | GNUNET_DISK_purge_cfg_dir (cfg_name, | 355 | GNUNET_DISK_purge_cfg_dir (cfg_name, |
357 | "GNUNET_TEST_HOME"); | 356 | "GNUNET_TEST_HOME"); |
357 | GNUNET_free (cfg_name); | ||
358 | return res; | 358 | return res; |
359 | } | 359 | } |
360 | 360 | ||
diff --git a/src/namestore/test_namestore_api_sqlite.conf b/src/namestore/test_namestore_api_sqlite.conf index 82663400a..cd4822097 100644 --- a/src/namestore/test_namestore_api_sqlite.conf +++ b/src/namestore/test_namestore_api_sqlite.conf | |||
@@ -2,6 +2,7 @@ | |||
2 | 2 | ||
3 | [namestore] | 3 | [namestore] |
4 | DATABASE = sqlite | 4 | DATABASE = sqlite |
5 | # PREFIX = valgrind --leak-check=full --track-origins=yes --log-file=/tmp/v_log | ||
5 | 6 | ||
6 | [namestore-sqlite] | 7 | [namestore-sqlite] |
7 | FILENAME = $GNUNET_TEST_HOME/namestore/sqlite_test.db | 8 | FILENAME = $GNUNET_TEST_HOME/namestore/sqlite_test.db |
diff --git a/src/nat/gnunet-helper-nat-server.c b/src/nat/gnunet-helper-nat-server.c index 44817ede7..c5c6b563e 100644 --- a/src/nat/gnunet-helper-nat-server.c +++ b/src/nat/gnunet-helper-nat-server.c | |||
@@ -683,7 +683,10 @@ main (int argc, | |||
683 | if (1 == getppid ()) /* Check the parent process id, if 1 the parent has died, so we should die too */ | 683 | if (1 == getppid ()) /* Check the parent process id, if 1 the parent has died, so we should die too */ |
684 | break; | 684 | break; |
685 | if (FD_ISSET (icmpsock, &rs)) | 685 | if (FD_ISSET (icmpsock, &rs)) |
686 | { | ||
686 | process_icmp_response (); | 687 | process_icmp_response (); |
688 | continue; | ||
689 | } | ||
687 | if (0 == (++alt % 2)) | 690 | if (0 == (++alt % 2)) |
688 | send_icmp_echo (&external); | 691 | send_icmp_echo (&external); |
689 | else | 692 | else |
diff --git a/src/nat/test_nat_test_data.conf b/src/nat/test_nat_test_data.conf index 84de6159e..03850ec06 100644 --- a/src/nat/test_nat_test_data.conf +++ b/src/nat/test_nat_test_data.conf | |||
@@ -6,7 +6,7 @@ GNUNET_TEST_HOME = $GNUNET_TMP/nat-test | |||
6 | 6 | ||
7 | [gnunet-nat-server] | 7 | [gnunet-nat-server] |
8 | HOSTNAME = localhost | 8 | HOSTNAME = localhost |
9 | PORT = 12345 | 9 | PORT = 57315 |
10 | 10 | ||
11 | [nat] | 11 | [nat] |
12 | # Are we behind NAT? | 12 | # Are we behind NAT? |
diff --git a/src/psyc/Makefile.am b/src/psyc/Makefile.am index 26db608f3..d5c797f52 100644 --- a/src/psyc/Makefile.am +++ b/src/psyc/Makefile.am | |||
@@ -48,8 +48,8 @@ gnunet_service_psyc_CFLAGS = $(AM_CFLAGS) | |||
48 | 48 | ||
49 | 49 | ||
50 | if HAVE_TESTING | 50 | if HAVE_TESTING |
51 | check_PROGRAMS = \ | 51 | #check_PROGRAMS = \ |
52 | test_psyc2 | 52 | # test_psyc2 |
53 | # test_psyc | 53 | # test_psyc |
54 | endif | 54 | endif |
55 | 55 | ||
diff --git a/src/pt/Makefile.am b/src/pt/Makefile.am index e36630ae4..188387c0c 100644 --- a/src/pt/Makefile.am +++ b/src/pt/Makefile.am | |||
@@ -28,7 +28,6 @@ gnunet_daemon_pt_LDADD = \ | |||
28 | $(top_builddir)/src/cadet/libgnunetcadet.la \ | 28 | $(top_builddir)/src/cadet/libgnunetcadet.la \ |
29 | $(top_builddir)/src/dht/libgnunetdht.la \ | 29 | $(top_builddir)/src/dht/libgnunetdht.la \ |
30 | $(top_builddir)/src/dns/libgnunetdns.la \ | 30 | $(top_builddir)/src/dns/libgnunetdns.la \ |
31 | $(top_builddir)/src/dns/libgnunetdnsparser.la \ | ||
32 | $(top_builddir)/src/statistics/libgnunetstatistics.la \ | 31 | $(top_builddir)/src/statistics/libgnunetstatistics.la \ |
33 | $(top_builddir)/src/util/libgnunetutil.la \ | 32 | $(top_builddir)/src/util/libgnunetutil.la \ |
34 | $(GN_LIBINTL) | 33 | $(GN_LIBINTL) |
diff --git a/src/regex/Makefile.am b/src/regex/Makefile.am index 80997db40..2af6dcccd 100644 --- a/src/regex/Makefile.am +++ b/src/regex/Makefile.am | |||
@@ -171,7 +171,6 @@ test_regex_integration_SOURCES = \ | |||
171 | test_regex_integration_LDADD = -lm \ | 171 | test_regex_integration_LDADD = -lm \ |
172 | libgnunetregex.la \ | 172 | libgnunetregex.la \ |
173 | $(top_builddir)/src/testing/libgnunettesting.la \ | 173 | $(top_builddir)/src/testing/libgnunettesting.la \ |
174 | $(top_builddir)/src/tun/libgnunettun.la \ | ||
175 | $(top_builddir)/src/util/libgnunetutil.la | 174 | $(top_builddir)/src/util/libgnunetutil.la |
176 | 175 | ||
177 | test_regex_api_SOURCES = \ | 176 | test_regex_api_SOURCES = \ |
diff --git a/src/rps/gnunet-rps-profiler.c b/src/rps/gnunet-rps-profiler.c index b43ce2fa2..16f23e86c 100644 --- a/src/rps/gnunet-rps-profiler.c +++ b/src/rps/gnunet-rps-profiler.c | |||
@@ -1951,9 +1951,13 @@ static void compute_probabilities (uint32_t peer_idx) | |||
1951 | if ((GNUNET_YES == is_in_view (i, peer_idx)) && | 1951 | if ((GNUNET_YES == is_in_view (i, peer_idx)) && |
1952 | (1 <= (0.45 * view_size))) | 1952 | (1 <= (0.45 * view_size))) |
1953 | { | 1953 | { |
1954 | prob_push = 1.0 * binom (0.45 * view_size, 1) | 1954 | if (0 == binom (view_size, 0.45 * view_size)) prob_push = 0; |
1955 | / | 1955 | else |
1956 | binom (view_size, 0.45 * view_size); | 1956 | { |
1957 | prob_push = 1.0 * binom (0.45 * view_size, 1) | ||
1958 | / | ||
1959 | binom (view_size, 0.45 * view_size); | ||
1960 | } | ||
1957 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 1961 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
1958 | "\t\t%" PRIu32 " is in %" PRIu32 "'s view, prob: %f\n", | 1962 | "\t\t%" PRIu32 " is in %" PRIu32 "'s view, prob: %f\n", |
1959 | peer_idx, | 1963 | peer_idx, |
@@ -2318,6 +2322,7 @@ post_test_shutdown_ready_cb (void *cls, | |||
2318 | rps_peer->index); | 2322 | rps_peer->index); |
2319 | GNUNET_free (stat_cls); | 2323 | GNUNET_free (stat_cls); |
2320 | GNUNET_break (0); | 2324 | GNUNET_break (0); |
2325 | return; | ||
2321 | } | 2326 | } |
2322 | 2327 | ||
2323 | if (NULL != rps_peer->stat_op && | 2328 | if (NULL != rps_peer->stat_op && |
@@ -2494,7 +2499,6 @@ test_run (void *cls, | |||
2494 | struct OpListEntry *entry; | 2499 | struct OpListEntry *entry; |
2495 | 2500 | ||
2496 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "RUN was called\n"); | 2501 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "RUN was called\n"); |
2497 | printf ("test 1\n"); | ||
2498 | 2502 | ||
2499 | /* Check whether we timed out */ | 2503 | /* Check whether we timed out */ |
2500 | if (n_peers != num_peers || | 2504 | if (n_peers != num_peers || |
@@ -2578,7 +2582,6 @@ test_run (void *cls, | |||
2578 | * | 2582 | * |
2579 | * @param argc unused | 2583 | * @param argc unused |
2580 | * @param argv unused | 2584 | * @param argv unused |
2581 | * @return 0 on success | ||
2582 | */ | 2585 | */ |
2583 | static void | 2586 | static void |
2584 | run (void *cls, | 2587 | run (void *cls, |
@@ -2654,8 +2657,6 @@ run (void *cls, | |||
2654 | with the malicious portion */ | 2657 | with the malicious portion */ |
2655 | 2658 | ||
2656 | ok = 1; | 2659 | ok = 1; |
2657 | GNUNET_log (GNUNET_ERROR_TYPE_WARNING, | ||
2658 | "before _run()\n"); | ||
2659 | GNUNET_TESTBED_run (NULL, | 2660 | GNUNET_TESTBED_run (NULL, |
2660 | cfg, | 2661 | cfg, |
2661 | num_peers, | 2662 | num_peers, |
@@ -2664,10 +2665,6 @@ run (void *cls, | |||
2664 | NULL, | 2665 | NULL, |
2665 | &test_run, | 2666 | &test_run, |
2666 | NULL); | 2667 | NULL); |
2667 | GNUNET_log (GNUNET_ERROR_TYPE_WARNING, | ||
2668 | "after _run()\n"); | ||
2669 | GNUNET_log (GNUNET_ERROR_TYPE_WARNING, | ||
2670 | "gnunet-rps-profiler returned.\n"); | ||
2671 | } | 2668 | } |
2672 | 2669 | ||
2673 | /** | 2670 | /** |
diff --git a/src/rps/gnunet-rps.c b/src/rps/gnunet-rps.c index e09277589..b3785a733 100644 --- a/src/rps/gnunet-rps.c +++ b/src/rps/gnunet-rps.c | |||
@@ -150,12 +150,21 @@ run (void *cls, | |||
150 | static struct GNUNET_PeerIdentity zero_pid; | 150 | static struct GNUNET_PeerIdentity zero_pid; |
151 | 151 | ||
152 | rps_handle = GNUNET_RPS_connect (cfg); | 152 | rps_handle = GNUNET_RPS_connect (cfg); |
153 | if (NULL == rps_handle) | ||
154 | { | ||
155 | FPRINTF (stderr, "Failed to connect to the rps service\n"); | ||
156 | return; | ||
157 | } | ||
153 | 158 | ||
154 | if ((0 == memcmp (&zero_pid, &peer_id, sizeof (peer_id))) && | 159 | if ((0 == memcmp (&zero_pid, &peer_id, sizeof (peer_id))) && |
155 | (!view_update)) | 160 | (!view_update)) |
156 | { /* Request n PeerIDs */ | 161 | { /* Request n PeerIDs */ |
157 | /* If number was specified use it, else request single peer. */ | 162 | /* If number was specified use it, else request single peer. */ |
158 | num_peers = (NULL == args[0]) ? 1 : atoi (args[0]); | 163 | if (NULL == args[0] || |
164 | 0 == sscanf (args[0], "%lu", &num_peers)) | ||
165 | { | ||
166 | num_peers = 1; | ||
167 | } | ||
159 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 168 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
160 | "Requesting %" PRIu64 " PeerIDs\n", num_peers); | 169 | "Requesting %" PRIu64 " PeerIDs\n", num_peers); |
161 | req_handle = GNUNET_RPS_request_peers (rps_handle, num_peers, reply_handle, NULL); | 170 | req_handle = GNUNET_RPS_request_peers (rps_handle, num_peers, reply_handle, NULL); |
@@ -163,7 +172,11 @@ run (void *cls, | |||
163 | } else if (view_update) | 172 | } else if (view_update) |
164 | { | 173 | { |
165 | /* Get updates of view */ | 174 | /* Get updates of view */ |
166 | num_view_updates = (NULL == args[0]) ? 0 : atoi (args[0]); | 175 | if (NULL == args[0] || |
176 | 0 == sscanf (args[0], "%lu", &num_view_updates)) | ||
177 | { | ||
178 | num_view_updates = 0; | ||
179 | } | ||
167 | GNUNET_RPS_view_request (rps_handle, num_view_updates, view_update_handle, NULL); | 180 | GNUNET_RPS_view_request (rps_handle, num_view_updates, view_update_handle, NULL); |
168 | if (0 != num_view_updates) | 181 | if (0 != num_view_updates) |
169 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 182 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
diff --git a/src/rps/gnunet-service-rps.c b/src/rps/gnunet-service-rps.c index 1b9681663..5a75ac55a 100644 --- a/src/rps/gnunet-service-rps.c +++ b/src/rps/gnunet-service-rps.c | |||
@@ -243,7 +243,7 @@ struct PeerContext | |||
243 | 243 | ||
244 | /** | 244 | /** |
245 | * This is pobably followed by 'statistical' data (when we first saw | 245 | * This is pobably followed by 'statistical' data (when we first saw |
246 | * him, how did we get his ID, how many pushes (in a timeinterval), | 246 | * it, how did we get its ID, how many pushes (in a timeinterval), |
247 | * ...) | 247 | * ...) |
248 | */ | 248 | */ |
249 | }; | 249 | }; |
@@ -503,6 +503,8 @@ add_valid_peer (const struct GNUNET_PeerIdentity *peer) | |||
503 | return ret; | 503 | return ret; |
504 | } | 504 | } |
505 | 505 | ||
506 | static void | ||
507 | remove_pending_message (struct PendingMessage *pending_msg, int cancel); | ||
506 | 508 | ||
507 | /** | 509 | /** |
508 | * @brief Set the peer flag to living and | 510 | * @brief Set the peer flag to living and |
@@ -531,7 +533,7 @@ set_peer_live (struct PeerContext *peer_ctx) | |||
531 | GNUNET_i2s (&peer_ctx->peer_id)); | 533 | GNUNET_i2s (&peer_ctx->peer_id)); |
532 | // TODO wait until cadet sets mq->cancel_impl | 534 | // TODO wait until cadet sets mq->cancel_impl |
533 | //GNUNET_MQ_send_cancel (peer_ctx->liveliness_check_pending->ev); | 535 | //GNUNET_MQ_send_cancel (peer_ctx->liveliness_check_pending->ev); |
534 | GNUNET_free (peer_ctx->liveliness_check_pending); | 536 | remove_pending_message (peer_ctx->liveliness_check_pending, GNUNET_YES); |
535 | peer_ctx->liveliness_check_pending = NULL; | 537 | peer_ctx->liveliness_check_pending = NULL; |
536 | } | 538 | } |
537 | 539 | ||
@@ -653,56 +655,6 @@ get_mq (const struct GNUNET_PeerIdentity *peer) | |||
653 | return peer_ctx->mq; | 655 | return peer_ctx->mq; |
654 | } | 656 | } |
655 | 657 | ||
656 | |||
657 | /** | ||
658 | * @brief This is called in response to the first message we sent as a | ||
659 | * liveliness check. | ||
660 | * | ||
661 | * @param cls #PeerContext of peer with pending liveliness check | ||
662 | */ | ||
663 | static void | ||
664 | mq_liveliness_check_successful (void *cls) | ||
665 | { | ||
666 | struct PeerContext *peer_ctx = cls; | ||
667 | |||
668 | if (NULL != peer_ctx->liveliness_check_pending) | ||
669 | { | ||
670 | LOG (GNUNET_ERROR_TYPE_DEBUG, | ||
671 | "Liveliness check for peer %s was successfull\n", | ||
672 | GNUNET_i2s (&peer_ctx->peer_id)); | ||
673 | GNUNET_free (peer_ctx->liveliness_check_pending); | ||
674 | peer_ctx->liveliness_check_pending = NULL; | ||
675 | set_peer_live (peer_ctx); | ||
676 | } | ||
677 | } | ||
678 | |||
679 | /** | ||
680 | * Issue a check whether peer is live | ||
681 | * | ||
682 | * @param peer_ctx the context of the peer | ||
683 | */ | ||
684 | static void | ||
685 | check_peer_live (struct PeerContext *peer_ctx) | ||
686 | { | ||
687 | LOG (GNUNET_ERROR_TYPE_DEBUG, | ||
688 | "Get informed about peer %s getting live\n", | ||
689 | GNUNET_i2s (&peer_ctx->peer_id)); | ||
690 | |||
691 | struct GNUNET_MQ_Handle *mq; | ||
692 | struct GNUNET_MQ_Envelope *ev; | ||
693 | |||
694 | ev = GNUNET_MQ_msg_header (GNUNET_MESSAGE_TYPE_RPS_PP_CHECK_LIVE); | ||
695 | peer_ctx->liveliness_check_pending = GNUNET_new (struct PendingMessage); | ||
696 | peer_ctx->liveliness_check_pending->ev = ev; | ||
697 | peer_ctx->liveliness_check_pending->peer_ctx = peer_ctx; | ||
698 | peer_ctx->liveliness_check_pending->type = "Check liveliness"; | ||
699 | mq = get_mq (&peer_ctx->peer_id); | ||
700 | GNUNET_MQ_notify_sent (ev, | ||
701 | mq_liveliness_check_successful, | ||
702 | peer_ctx); | ||
703 | GNUNET_MQ_send (mq, ev); | ||
704 | } | ||
705 | |||
706 | /** | 658 | /** |
707 | * @brief Add an envelope to a message passed to mq to list of pending messages | 659 | * @brief Add an envelope to a message passed to mq to list of pending messages |
708 | * | 660 | * |
@@ -757,6 +709,54 @@ remove_pending_message (struct PendingMessage *pending_msg, int cancel) | |||
757 | 709 | ||
758 | 710 | ||
759 | /** | 711 | /** |
712 | * @brief This is called in response to the first message we sent as a | ||
713 | * liveliness check. | ||
714 | * | ||
715 | * @param cls #PeerContext of peer with pending liveliness check | ||
716 | */ | ||
717 | static void | ||
718 | mq_liveliness_check_successful (void *cls) | ||
719 | { | ||
720 | struct PeerContext *peer_ctx = cls; | ||
721 | |||
722 | if (NULL != peer_ctx->liveliness_check_pending) | ||
723 | { | ||
724 | LOG (GNUNET_ERROR_TYPE_DEBUG, | ||
725 | "Liveliness check for peer %s was successfull\n", | ||
726 | GNUNET_i2s (&peer_ctx->peer_id)); | ||
727 | remove_pending_message (peer_ctx->liveliness_check_pending, GNUNET_YES); | ||
728 | peer_ctx->liveliness_check_pending = NULL; | ||
729 | set_peer_live (peer_ctx); | ||
730 | } | ||
731 | } | ||
732 | |||
733 | /** | ||
734 | * Issue a check whether peer is live | ||
735 | * | ||
736 | * @param peer_ctx the context of the peer | ||
737 | */ | ||
738 | static void | ||
739 | check_peer_live (struct PeerContext *peer_ctx) | ||
740 | { | ||
741 | LOG (GNUNET_ERROR_TYPE_DEBUG, | ||
742 | "Get informed about peer %s getting live\n", | ||
743 | GNUNET_i2s (&peer_ctx->peer_id)); | ||
744 | |||
745 | struct GNUNET_MQ_Handle *mq; | ||
746 | struct GNUNET_MQ_Envelope *ev; | ||
747 | |||
748 | ev = GNUNET_MQ_msg_header (GNUNET_MESSAGE_TYPE_RPS_PP_CHECK_LIVE); | ||
749 | peer_ctx->liveliness_check_pending = | ||
750 | insert_pending_message (&peer_ctx->peer_id, ev, "Check liveliness"); | ||
751 | mq = get_mq (&peer_ctx->peer_id); | ||
752 | GNUNET_MQ_notify_sent (ev, | ||
753 | mq_liveliness_check_successful, | ||
754 | peer_ctx); | ||
755 | GNUNET_MQ_send (mq, ev); | ||
756 | } | ||
757 | |||
758 | |||
759 | /** | ||
760 | * @brief Check whether function of type #PeerOp was already scheduled | 760 | * @brief Check whether function of type #PeerOp was already scheduled |
761 | * | 761 | * |
762 | * The array with pending operations will probably never grow really big, so | 762 | * The array with pending operations will probably never grow really big, so |
@@ -1256,6 +1256,13 @@ Peers_remove_peer (const struct GNUNET_PeerIdentity *peer) | |||
1256 | "Removing unsent %s\n", | 1256 | "Removing unsent %s\n", |
1257 | peer_ctx->pending_messages_head->type); | 1257 | peer_ctx->pending_messages_head->type); |
1258 | /* Cancle pending message, too */ | 1258 | /* Cancle pending message, too */ |
1259 | if ( (NULL != peer_ctx->liveliness_check_pending) && | ||
1260 | (0 == memcmp (peer_ctx->pending_messages_head, | ||
1261 | peer_ctx->liveliness_check_pending, | ||
1262 | sizeof (struct PendingMessage))) ) | ||
1263 | { | ||
1264 | peer_ctx->liveliness_check_pending = NULL; | ||
1265 | } | ||
1259 | remove_pending_message (peer_ctx->pending_messages_head, GNUNET_YES); | 1266 | remove_pending_message (peer_ctx->pending_messages_head, GNUNET_YES); |
1260 | } | 1267 | } |
1261 | /* If we are still waiting for notification whether this peer is live | 1268 | /* If we are still waiting for notification whether this peer is live |
@@ -1267,7 +1274,7 @@ Peers_remove_peer (const struct GNUNET_PeerIdentity *peer) | |||
1267 | GNUNET_i2s (&peer_ctx->peer_id)); | 1274 | GNUNET_i2s (&peer_ctx->peer_id)); |
1268 | // TODO wait until cadet sets mq->cancel_impl | 1275 | // TODO wait until cadet sets mq->cancel_impl |
1269 | //GNUNET_MQ_send_cancel (peer_ctx->liveliness_check_pending->ev); | 1276 | //GNUNET_MQ_send_cancel (peer_ctx->liveliness_check_pending->ev); |
1270 | GNUNET_free (peer_ctx->liveliness_check_pending); | 1277 | remove_pending_message (peer_ctx->liveliness_check_pending, GNUNET_YES); |
1271 | peer_ctx->liveliness_check_pending = NULL; | 1278 | peer_ctx->liveliness_check_pending = NULL; |
1272 | } | 1279 | } |
1273 | channel_flag = Peers_get_channel_flag (peer, Peers_CHANNEL_ROLE_SENDING); | 1280 | channel_flag = Peers_get_channel_flag (peer, Peers_CHANNEL_ROLE_SENDING); |
@@ -1659,10 +1666,11 @@ Peers_cleanup_destroyed_channel (void *cls, | |||
1659 | { | 1666 | { |
1660 | struct GNUNET_PeerIdentity *peer = cls; | 1667 | struct GNUNET_PeerIdentity *peer = cls; |
1661 | struct PeerContext *peer_ctx; | 1668 | struct PeerContext *peer_ctx; |
1669 | uint32_t *channel_flag; | ||
1662 | 1670 | ||
1663 | if (GNUNET_NO == Peers_check_peer_known (peer)) | 1671 | if (GNUNET_NO == Peers_check_peer_known (peer)) |
1664 | {/* We don't want to implicitly create a context that we're about to kill */ | 1672 | {/* We don't want to implicitly create a context that we're about to kill */ |
1665 | LOG (GNUNET_ERROR_TYPE_DEBUG, | 1673 | LOG (GNUNET_ERROR_TYPE_WARNING, |
1666 | "channel (%s) without associated context was destroyed\n", | 1674 | "channel (%s) without associated context was destroyed\n", |
1667 | GNUNET_i2s (peer)); | 1675 | GNUNET_i2s (peer)); |
1668 | return; | 1676 | return; |
@@ -1690,12 +1698,16 @@ Peers_cleanup_destroyed_channel (void *cls, | |||
1690 | if (NULL != peer_ctx->send_channel) | 1698 | if (NULL != peer_ctx->send_channel) |
1691 | { | 1699 | { |
1692 | GNUNET_CADET_channel_destroy (peer_ctx->send_channel); | 1700 | GNUNET_CADET_channel_destroy (peer_ctx->send_channel); |
1701 | channel_flag = Peers_get_channel_flag (&peer_ctx->peer_id, Peers_CHANNEL_ROLE_SENDING); | ||
1702 | Peers_set_channel_flag (channel_flag, Peers_CHANNEL_DESTROING); | ||
1693 | peer_ctx->send_channel = NULL; | 1703 | peer_ctx->send_channel = NULL; |
1694 | peer_ctx->mq = NULL; | 1704 | peer_ctx->mq = NULL; |
1695 | } | 1705 | } |
1696 | if (NULL != peer_ctx->recv_channel) | 1706 | if (NULL != peer_ctx->recv_channel) |
1697 | { | 1707 | { |
1698 | GNUNET_CADET_channel_destroy (peer_ctx->recv_channel); | 1708 | GNUNET_CADET_channel_destroy (peer_ctx->recv_channel); |
1709 | channel_flag = Peers_get_channel_flag (&peer_ctx->peer_id, Peers_CHANNEL_ROLE_RECEIVING); | ||
1710 | Peers_set_channel_flag (channel_flag, Peers_CHANNEL_DESTROING); | ||
1699 | peer_ctx->recv_channel = NULL; | 1711 | peer_ctx->recv_channel = NULL; |
1700 | } | 1712 | } |
1701 | /* Set the #Peers_ONLINE flag accordingly */ | 1713 | /* Set the #Peers_ONLINE flag accordingly */ |
@@ -2728,7 +2740,7 @@ cleanup_destroyed_channel (void *cls, | |||
2728 | return; | 2740 | return; |
2729 | } | 2741 | } |
2730 | else | 2742 | else |
2731 | { /* Other peer destroyed our sending channel that he is supposed to keep | 2743 | { /* Other peer destroyed our sending channel that it is supposed to keep |
2732 | * open. It probably went down. Remove it from our knowledge. */ | 2744 | * open. It probably went down. Remove it from our knowledge. */ |
2733 | Peers_cleanup_destroyed_channel (cls, channel); | 2745 | Peers_cleanup_destroyed_channel (cls, channel); |
2734 | remove_peer (peer); | 2746 | remove_peer (peer); |
@@ -2893,7 +2905,6 @@ client_respond (void *cls, | |||
2893 | GNUNET_memcpy (&out_msg[1], | 2905 | GNUNET_memcpy (&out_msg[1], |
2894 | peer_ids, | 2906 | peer_ids, |
2895 | num_peers * sizeof (struct GNUNET_PeerIdentity)); | 2907 | num_peers * sizeof (struct GNUNET_PeerIdentity)); |
2896 | GNUNET_free (peer_ids); | ||
2897 | 2908 | ||
2898 | cli_ctx = reply_cls->cli_ctx; | 2909 | cli_ctx = reply_cls->cli_ctx; |
2899 | GNUNET_assert (NULL != cli_ctx); | 2910 | GNUNET_assert (NULL != cli_ctx); |
@@ -3210,6 +3221,10 @@ handle_peer_push (void *cls, | |||
3210 | tmp_att_peer); | 3221 | tmp_att_peer); |
3211 | add_peer_array_to_set (peer, 1, att_peer_set); | 3222 | add_peer_array_to_set (peer, 1, att_peer_set); |
3212 | } | 3223 | } |
3224 | else | ||
3225 | { | ||
3226 | GNUNET_free (tmp_att_peer); | ||
3227 | } | ||
3213 | } | 3228 | } |
3214 | 3229 | ||
3215 | 3230 | ||
@@ -3588,6 +3603,7 @@ handle_client_act_malicious (void *cls, | |||
3588 | 3603 | ||
3589 | num_mal_peers_sent = ntohl (msg->num_peers) - 1; | 3604 | num_mal_peers_sent = ntohl (msg->num_peers) - 1; |
3590 | num_mal_peers_old = num_mal_peers; | 3605 | num_mal_peers_old = num_mal_peers; |
3606 | GNUNET_assert (GNUNET_MAX_MALLOC_CHECKED > num_mal_peers_sent); | ||
3591 | GNUNET_array_grow (mal_peers, | 3607 | GNUNET_array_grow (mal_peers, |
3592 | num_mal_peers, | 3608 | num_mal_peers, |
3593 | num_mal_peers + num_mal_peers_sent); | 3609 | num_mal_peers + num_mal_peers_sent); |
@@ -4172,6 +4188,7 @@ shutdown_task (void *cls) | |||
4172 | { | 4188 | { |
4173 | tmp_att_peer = att_peers_head; | 4189 | tmp_att_peer = att_peers_head; |
4174 | GNUNET_CONTAINER_DLL_remove (att_peers_head, att_peers_tail, tmp_att_peer); | 4190 | GNUNET_CONTAINER_DLL_remove (att_peers_head, att_peers_tail, tmp_att_peer); |
4191 | GNUNET_free (tmp_att_peer); | ||
4175 | } | 4192 | } |
4176 | #endif /* ENABLE_MALICIOUS */ | 4193 | #endif /* ENABLE_MALICIOUS */ |
4177 | } | 4194 | } |
diff --git a/src/rps/gnunet-service-rps_custommap.c b/src/rps/gnunet-service-rps_custommap.c index 90177cb94..42507655b 100644 --- a/src/rps/gnunet-service-rps_custommap.c +++ b/src/rps/gnunet-service-rps_custommap.c | |||
@@ -220,6 +220,7 @@ CustomPeerMap_remove_peer (const struct CustomPeerMap *c_peer_map, | |||
220 | GNUNET_free (index); | 220 | GNUNET_free (index); |
221 | GNUNET_assert (GNUNET_CONTAINER_multihashmap32_size (c_peer_map->hash_map) == | 221 | GNUNET_assert (GNUNET_CONTAINER_multihashmap32_size (c_peer_map->hash_map) == |
222 | GNUNET_CONTAINER_multipeermap_size (c_peer_map->peer_map)); | 222 | GNUNET_CONTAINER_multipeermap_size (c_peer_map->peer_map)); |
223 | GNUNET_free (p); | ||
223 | return GNUNET_OK; | 224 | return GNUNET_OK; |
224 | } | 225 | } |
225 | 226 | ||
diff --git a/src/rps/gnunet-service-rps_sampler.c b/src/rps/gnunet-service-rps_sampler.c index 711d5be63..4d1ae4650 100644 --- a/src/rps/gnunet-service-rps_sampler.c +++ b/src/rps/gnunet-service-rps_sampler.c | |||
@@ -725,6 +725,7 @@ RPS_sampler_request_cancel (struct RPS_SamplerRequestHandle *req_handle) | |||
725 | } | 725 | } |
726 | GNUNET_free (i); | 726 | GNUNET_free (i); |
727 | } | 727 | } |
728 | GNUNET_free (req_handle->ids); | ||
728 | GNUNET_CONTAINER_DLL_remove (req_handle->sampler->req_handle_head, | 729 | GNUNET_CONTAINER_DLL_remove (req_handle->sampler->req_handle_head, |
729 | req_handle->sampler->req_handle_tail, | 730 | req_handle->sampler->req_handle_tail, |
730 | req_handle); | 731 | req_handle); |
diff --git a/src/rps/rps-test_util.c b/src/rps/rps-test_util.c index 9a1dfe0d8..d47e4952f 100644 --- a/src/rps/rps-test_util.c +++ b/src/rps/rps-test_util.c | |||
@@ -155,6 +155,9 @@ to_file_raw (const char *file_name, const char *buf, size_t size_buf) | |||
155 | 155 | ||
156 | return; | 156 | return; |
157 | } | 157 | } |
158 | if (GNUNET_YES != GNUNET_DISK_file_close (f)) | ||
159 | LOG (GNUNET_ERROR_TYPE_WARNING, | ||
160 | "Unable to close file\n"); | ||
158 | } | 161 | } |
159 | 162 | ||
160 | void | 163 | void |
@@ -349,10 +352,10 @@ create_file (const char *name) | |||
349 | if (NULL == strstr (name, "sampler_el")) | 352 | if (NULL == strstr (name, "sampler_el")) |
350 | {/* only append random string to sampler */ | 353 | {/* only append random string to sampler */ |
351 | if (NULL == (file_name = GNUNET_DISK_mktemp (name_buf))) | 354 | if (NULL == (file_name = GNUNET_DISK_mktemp (name_buf))) |
352 | LOG (GNUNET_ERROR_TYPE_WARNING, "Could not create file\n"); | 355 | LOG (GNUNET_ERROR_TYPE_WARNING, "Could not create file\n"); |
353 | 356 | ||
354 | GNUNET_free (name_buf); | 357 | GNUNET_free (name_buf); |
355 | return file_name; | 358 | return file_name; |
356 | } | 359 | } |
357 | 360 | ||
358 | return name_buf; | 361 | return name_buf; |
@@ -384,7 +387,7 @@ store_prefix_file_name (const struct GNUNET_PeerIdentity *peer, | |||
384 | const char *prefix) | 387 | const char *prefix) |
385 | { | 388 | { |
386 | unsigned int len_file_name; | 389 | unsigned int len_file_name; |
387 | unsigned int out_size; | 390 | int out_size; |
388 | char *file_name; | 391 | char *file_name; |
389 | const char *pid_long; | 392 | const char *pid_long; |
390 | 393 | ||
diff --git a/src/rps/test_rps.c b/src/rps/test_rps.c index 3ef1e6611..08424022f 100644 --- a/src/rps/test_rps.c +++ b/src/rps/test_rps.c | |||
@@ -841,6 +841,13 @@ seed_peers (void *cls) | |||
841 | unsigned int amount; | 841 | unsigned int amount; |
842 | unsigned int i; | 842 | unsigned int i; |
843 | 843 | ||
844 | if (GNUNET_YES == in_shutdown || GNUNET_YES == post_test) | ||
845 | { | ||
846 | return; | ||
847 | } | ||
848 | |||
849 | GNUNET_assert (NULL != peer->rps_handle); | ||
850 | |||
844 | // TODO if malicious don't seed mal peers | 851 | // TODO if malicious don't seed mal peers |
845 | amount = round (.5 * num_peers); | 852 | amount = round (.5 * num_peers); |
846 | 853 | ||
@@ -953,6 +960,8 @@ rps_connect_complete_cb (void *cls, | |||
953 | struct RPSPeer *rps_peer = cls; | 960 | struct RPSPeer *rps_peer = cls; |
954 | struct GNUNET_RPS_Handle *rps = ca_result; | 961 | struct GNUNET_RPS_Handle *rps = ca_result; |
955 | 962 | ||
963 | GNUNET_assert (NULL != ca_result); | ||
964 | |||
956 | if (GNUNET_YES == in_shutdown || GNUNET_YES == post_test) | 965 | if (GNUNET_YES == in_shutdown || GNUNET_YES == post_test) |
957 | { | 966 | { |
958 | return; | 967 | return; |
@@ -996,9 +1005,11 @@ rps_connect_adapter (void *cls, | |||
996 | struct GNUNET_RPS_Handle *h; | 1005 | struct GNUNET_RPS_Handle *h; |
997 | 1006 | ||
998 | h = GNUNET_RPS_connect (cfg); | 1007 | h = GNUNET_RPS_connect (cfg); |
1008 | GNUNET_assert (NULL != h); | ||
999 | 1009 | ||
1000 | if (NULL != cur_test_run.pre_test) | 1010 | if (NULL != cur_test_run.pre_test) |
1001 | cur_test_run.pre_test (cls, h); | 1011 | cur_test_run.pre_test (cls, h); |
1012 | GNUNET_assert (NULL != h); | ||
1002 | 1013 | ||
1003 | return h; | 1014 | return h; |
1004 | } | 1015 | } |
@@ -2905,6 +2916,7 @@ main (int argc, char *argv[]) | |||
2905 | } | 2916 | } |
2906 | 2917 | ||
2907 | ret_value = cur_test_run.eval_cb(); | 2918 | ret_value = cur_test_run.eval_cb(); |
2919 | |||
2908 | if (NO_COLLECT_VIEW == cur_test_run.have_collect_view) | 2920 | if (NO_COLLECT_VIEW == cur_test_run.have_collect_view) |
2909 | { | 2921 | { |
2910 | GNUNET_array_grow (rps_peers->cur_view, | 2922 | GNUNET_array_grow (rps_peers->cur_view, |
diff --git a/src/secretsharing/gnunet-service-secretsharing.c b/src/secretsharing/gnunet-service-secretsharing.c index 505af0fba..1f565cfeb 100644 --- a/src/secretsharing/gnunet-service-secretsharing.c +++ b/src/secretsharing/gnunet-service-secretsharing.c | |||
@@ -51,7 +51,7 @@ struct KeygenPeerInfo | |||
51 | struct GNUNET_CRYPTO_PaillierPublicKey paillier_public_key; | 51 | struct GNUNET_CRYPTO_PaillierPublicKey paillier_public_key; |
52 | 52 | ||
53 | /** | 53 | /** |
54 | * The peer's commitment to his presecret. | 54 | * The peer's commitment to its presecret. |
55 | */ | 55 | */ |
56 | gcry_mpi_t presecret_commitment; | 56 | gcry_mpi_t presecret_commitment; |
57 | 57 | ||
diff --git a/src/secretsharing/secretsharing_api.c b/src/secretsharing/secretsharing_api.c index cfb13f520..2a828f08d 100644 --- a/src/secretsharing/secretsharing_api.c +++ b/src/secretsharing/secretsharing_api.c | |||
@@ -314,7 +314,7 @@ handle_decrypt_done (void *cls, | |||
314 | * published the same value, it will be decrypted. | 314 | * published the same value, it will be decrypted. |
315 | * | 315 | * |
316 | * When the operation is canceled, the decrypt_cb is not called anymore, but the calling | 316 | * When the operation is canceled, the decrypt_cb is not called anymore, but the calling |
317 | * peer may already have irrevocably contributed his share for the decryption of the value. | 317 | * peer may already have irrevocably contributed its share for the decryption of the value. |
318 | * | 318 | * |
319 | * @param share our secret share to use for decryption | 319 | * @param share our secret share to use for decryption |
320 | * @param ciphertext ciphertext to publish in order to decrypt it (if enough peers agree) | 320 | * @param ciphertext ciphertext to publish in order to decrypt it (if enough peers agree) |
@@ -485,7 +485,7 @@ GNUNET_SECRETSHARING_encrypt (const struct GNUNET_SECRETSHARING_PublicKey *publi | |||
485 | * Cancel a decryption. | 485 | * Cancel a decryption. |
486 | * | 486 | * |
487 | * The decrypt_cb is not called anymore, but the calling | 487 | * The decrypt_cb is not called anymore, but the calling |
488 | * peer may already have irrevocably contributed his share for the decryption of the value. | 488 | * peer may already have irrevocably contributed its share for the decryption of the value. |
489 | * | 489 | * |
490 | * @param dh to cancel | 490 | * @param dh to cancel |
491 | */ | 491 | */ |
diff --git a/src/secretsharing/secretsharing_protocol.h b/src/secretsharing/secretsharing_protocol.h index 7627deb30..da1454ec0 100644 --- a/src/secretsharing/secretsharing_protocol.h +++ b/src/secretsharing/secretsharing_protocol.h | |||
@@ -58,7 +58,7 @@ struct GNUNET_SECRETSHARING_KeygenCommitData | |||
58 | */ | 58 | */ |
59 | struct GNUNET_CRYPTO_PaillierPublicKey pubkey; | 59 | struct GNUNET_CRYPTO_PaillierPublicKey pubkey; |
60 | /** | 60 | /** |
61 | * Commitment of 'peer' to his presecret. | 61 | * Commitment of 'peer' to its presecret. |
62 | */ | 62 | */ |
63 | struct GNUNET_HashCode commitment GNUNET_PACKED; | 63 | struct GNUNET_HashCode commitment GNUNET_PACKED; |
64 | }; | 64 | }; |
diff --git a/src/set/gnunet-service-set.h b/src/set/gnunet-service-set.h index c9e59b441..f7c262eac 100644 --- a/src/set/gnunet-service-set.h +++ b/src/set/gnunet-service-set.h | |||
@@ -125,7 +125,7 @@ typedef struct OperationState * | |||
125 | * @param op operation that is created, should be initialized to | 125 | * @param op operation that is created, should be initialized to |
126 | * begin the evaluation | 126 | * begin the evaluation |
127 | * @param opaque_context message to be transmitted to the listener | 127 | * @param opaque_context message to be transmitted to the listener |
128 | * to convince him to accept, may be NULL | 128 | * to convince it to accept, may be NULL |
129 | * @return operation-specific state to keep in @a op | 129 | * @return operation-specific state to keep in @a op |
130 | */ | 130 | */ |
131 | typedef struct OperationState * | 131 | typedef struct OperationState * |
diff --git a/src/set/gnunet-service-set_intersection.c b/src/set/gnunet-service-set_intersection.c index 0561df406..1083384f5 100644 --- a/src/set/gnunet-service-set_intersection.c +++ b/src/set/gnunet-service-set_intersection.c | |||
@@ -11,7 +11,7 @@ | |||
11 | WITHOUT ANY WARRANTY; without even the implied warranty of | 11 | WITHOUT ANY WARRANTY; without even the implied warranty of |
12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | 12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
13 | Affero General Public License for more details. | 13 | Affero General Public License for more details. |
14 | 14 | ||
15 | You should have received a copy of the GNU Affero General Public License | 15 | You should have received a copy of the GNU Affero General Public License |
16 | along with this program. If not, see <http://www.gnu.org/licenses/>. | 16 | along with this program. If not, see <http://www.gnu.org/licenses/>. |
17 | */ | 17 | */ |
@@ -23,6 +23,7 @@ | |||
23 | */ | 23 | */ |
24 | #include "platform.h" | 24 | #include "platform.h" |
25 | #include "gnunet_util_lib.h" | 25 | #include "gnunet_util_lib.h" |
26 | #include "gnunet_statistics_service.h" | ||
26 | #include "gnunet-service-set.h" | 27 | #include "gnunet-service-set.h" |
27 | #include "gnunet_block_lib.h" | 28 | #include "gnunet_block_lib.h" |
28 | #include "gnunet-service-set_protocol.h" | 29 | #include "gnunet-service-set_protocol.h" |
@@ -215,6 +216,10 @@ send_client_removed_element (struct Operation *op, | |||
215 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 216 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
216 | "Sending removed element (size %u) to client\n", | 217 | "Sending removed element (size %u) to client\n", |
217 | element->size); | 218 | element->size); |
219 | GNUNET_STATISTICS_update (_GSS_statistics, | ||
220 | "# Element removed messages sent", | ||
221 | 1, | ||
222 | GNUNET_NO); | ||
218 | GNUNET_assert (0 != op->client_request_id); | 223 | GNUNET_assert (0 != op->client_request_id); |
219 | ev = GNUNET_MQ_msg_extra (rm, | 224 | ev = GNUNET_MQ_msg_extra (rm, |
220 | element->size, | 225 | element->size, |
@@ -406,6 +411,10 @@ fail_intersection_operation (struct Operation *op) | |||
406 | 411 | ||
407 | GNUNET_log (GNUNET_ERROR_TYPE_WARNING, | 412 | GNUNET_log (GNUNET_ERROR_TYPE_WARNING, |
408 | "Intersection operation failed\n"); | 413 | "Intersection operation failed\n"); |
414 | GNUNET_STATISTICS_update (_GSS_statistics, | ||
415 | "# Intersection operations failed", | ||
416 | 1, | ||
417 | GNUNET_NO); | ||
409 | if (NULL != op->state->my_elements) | 418 | if (NULL != op->state->my_elements) |
410 | { | 419 | { |
411 | GNUNET_CONTAINER_multihashmap_destroy (op->state->my_elements); | 420 | GNUNET_CONTAINER_multihashmap_destroy (op->state->my_elements); |
@@ -466,6 +475,10 @@ send_bloomfilter (struct Operation *op) | |||
466 | op); | 475 | op); |
467 | 476 | ||
468 | /* send our Bloom filter */ | 477 | /* send our Bloom filter */ |
478 | GNUNET_STATISTICS_update (_GSS_statistics, | ||
479 | "# Intersection Bloom filters sent", | ||
480 | 1, | ||
481 | GNUNET_NO); | ||
469 | chunk_size = 60 * 1024 - sizeof (struct BFMessage); | 482 | chunk_size = 60 * 1024 - sizeof (struct BFMessage); |
470 | if (bf_size <= chunk_size) | 483 | if (bf_size <= chunk_size) |
471 | { | 484 | { |
@@ -534,6 +547,10 @@ send_client_done_and_destroy (void *cls) | |||
534 | 547 | ||
535 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 548 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
536 | "Intersection succeeded, sending DONE to local client\n"); | 549 | "Intersection succeeded, sending DONE to local client\n"); |
550 | GNUNET_STATISTICS_update (_GSS_statistics, | ||
551 | "# Intersection operations succeeded", | ||
552 | 1, | ||
553 | GNUNET_NO); | ||
537 | ev = GNUNET_MQ_msg (rm, | 554 | ev = GNUNET_MQ_msg (rm, |
538 | GNUNET_MESSAGE_TYPE_SET_RESULT); | 555 | GNUNET_MESSAGE_TYPE_SET_RESULT); |
539 | rm->request_id = htonl (op->client_request_id); | 556 | rm->request_id = htonl (op->client_request_id); |
@@ -695,7 +712,7 @@ initialize_map_unfiltered (void *cls, | |||
695 | 712 | ||
696 | /** | 713 | /** |
697 | * Send our element count to the peer, in case our element count is | 714 | * Send our element count to the peer, in case our element count is |
698 | * lower than his. | 715 | * lower than theirs. |
699 | * | 716 | * |
700 | * @param op intersection operation | 717 | * @param op intersection operation |
701 | */ | 718 | */ |
@@ -1077,7 +1094,7 @@ handle_intersection_p2p_done (void *cls, | |||
1077 | * @param op operation that is created, should be initialized to | 1094 | * @param op operation that is created, should be initialized to |
1078 | * begin the evaluation | 1095 | * begin the evaluation |
1079 | * @param opaque_context message to be transmitted to the listener | 1096 | * @param opaque_context message to be transmitted to the listener |
1080 | * to convince him to accept, may be NULL | 1097 | * to convince it to accept, may be NULL |
1081 | * @return operation-specific state to keep in @a op | 1098 | * @return operation-specific state to keep in @a op |
1082 | */ | 1099 | */ |
1083 | static struct OperationState * | 1100 | static struct OperationState * |
diff --git a/src/set/gnunet-service-set_union.c b/src/set/gnunet-service-set_union.c index 7af220374..c1268948a 100644 --- a/src/set/gnunet-service-set_union.c +++ b/src/set/gnunet-service-set_union.c | |||
@@ -11,7 +11,7 @@ | |||
11 | WITHOUT ANY WARRANTY; without even the implied warranty of | 11 | WITHOUT ANY WARRANTY; without even the implied warranty of |
12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | 12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
13 | Affero General Public License for more details. | 13 | Affero General Public License for more details. |
14 | 14 | ||
15 | You should have received a copy of the GNU Affero General Public License | 15 | You should have received a copy of the GNU Affero General Public License |
16 | along with this program. If not, see <http://www.gnu.org/licenses/>. | 16 | along with this program. If not, see <http://www.gnu.org/licenses/>. |
17 | */ | 17 | */ |
@@ -758,8 +758,8 @@ get_order_from_difference (unsigned int diff) | |||
758 | */ | 758 | */ |
759 | static int | 759 | static int |
760 | send_full_element_iterator (void *cls, | 760 | send_full_element_iterator (void *cls, |
761 | const struct GNUNET_HashCode *key, | 761 | const struct GNUNET_HashCode *key, |
762 | void *value) | 762 | void *value) |
763 | { | 763 | { |
764 | struct Operation *op = cls; | 764 | struct Operation *op = cls; |
765 | struct GNUNET_SET_ElementMessage *emsg; | 765 | struct GNUNET_SET_ElementMessage *emsg; |
@@ -1371,7 +1371,8 @@ send_client_element (struct Operation *op, | |||
1371 | * | 1371 | * |
1372 | * @param op operation | 1372 | * @param op operation |
1373 | */ | 1373 | */ |
1374 | void destroy_channel (struct Operation *op) | 1374 | static void |
1375 | destroy_channel (struct Operation *op) | ||
1375 | { | 1376 | { |
1376 | struct GNUNET_CADET_Channel *channel; | 1377 | struct GNUNET_CADET_Channel *channel; |
1377 | 1378 | ||
@@ -1404,7 +1405,11 @@ send_client_done (void *cls) | |||
1404 | 1405 | ||
1405 | if (PHASE_DONE != op->state->phase) { | 1406 | if (PHASE_DONE != op->state->phase) { |
1406 | LOG (GNUNET_ERROR_TYPE_WARNING, | 1407 | LOG (GNUNET_ERROR_TYPE_WARNING, |
1407 | "union operation failed\n"); | 1408 | "Union operation failed\n"); |
1409 | GNUNET_STATISTICS_update (_GSS_statistics, | ||
1410 | "# Union operations failed", | ||
1411 | 1, | ||
1412 | GNUNET_NO); | ||
1408 | ev = GNUNET_MQ_msg (rm, GNUNET_MESSAGE_TYPE_SET_RESULT); | 1413 | ev = GNUNET_MQ_msg (rm, GNUNET_MESSAGE_TYPE_SET_RESULT); |
1409 | rm->result_status = htons (GNUNET_SET_STATUS_FAILURE); | 1414 | rm->result_status = htons (GNUNET_SET_STATUS_FAILURE); |
1410 | rm->request_id = htonl (op->client_request_id); | 1415 | rm->request_id = htonl (op->client_request_id); |
@@ -1416,6 +1421,10 @@ send_client_done (void *cls) | |||
1416 | 1421 | ||
1417 | op->state->client_done_sent = GNUNET_YES; | 1422 | op->state->client_done_sent = GNUNET_YES; |
1418 | 1423 | ||
1424 | GNUNET_STATISTICS_update (_GSS_statistics, | ||
1425 | "# Union operations succeeded", | ||
1426 | 1, | ||
1427 | GNUNET_NO); | ||
1419 | LOG (GNUNET_ERROR_TYPE_INFO, | 1428 | LOG (GNUNET_ERROR_TYPE_INFO, |
1420 | "Signalling client that union operation is done\n"); | 1429 | "Signalling client that union operation is done\n"); |
1421 | ev = GNUNET_MQ_msg (rm, | 1430 | ev = GNUNET_MQ_msg (rm, |
@@ -2149,7 +2158,7 @@ handle_union_p2p_done (void *cls, | |||
2149 | * | 2158 | * |
2150 | * We should notify the active peer once | 2159 | * We should notify the active peer once |
2151 | * all our demands are satisfied, so that the active | 2160 | * all our demands are satisfied, so that the active |
2152 | * peer can quit if we gave him everything. | 2161 | * peer can quit if we gave it everything. |
2153 | */ | 2162 | */ |
2154 | GNUNET_CADET_receive_done (op->channel); | 2163 | GNUNET_CADET_receive_done (op->channel); |
2155 | maybe_finish (op); | 2164 | maybe_finish (op); |
@@ -2194,7 +2203,7 @@ handle_union_p2p_over (void *cls, | |||
2194 | * | 2203 | * |
2195 | * @param op operation to perform (to be initialized) | 2204 | * @param op operation to perform (to be initialized) |
2196 | * @param opaque_context message to be transmitted to the listener | 2205 | * @param opaque_context message to be transmitted to the listener |
2197 | * to convince him to accept, may be NULL | 2206 | * to convince it to accept, may be NULL |
2198 | */ | 2207 | */ |
2199 | static struct OperationState * | 2208 | static struct OperationState * |
2200 | union_evaluate (struct Operation *op, | 2209 | union_evaluate (struct Operation *op, |
diff --git a/src/template/template.conf b/src/template/template.conf index e5f675a5d..24b123390 100644 --- a/src/template/template.conf +++ b/src/template/template.conf | |||
@@ -1,6 +1,10 @@ | |||
1 | [template] | 1 | [template] |
2 | START_ON_DEMAND = NO | 2 | START_ON_DEMAND = NO |
3 | PORT = 9999 | 3 | # for tests please come up with numbers that are |
4 | # unlikely to be in use by anyone. we typically | ||
5 | # use five digit numbers < 65536 with no "beauty" | ||
6 | # (no repetitions, no sequences, no popularity). | ||
7 | PORT = 99999 | ||
4 | HOSTNAME = localhost | 8 | HOSTNAME = localhost |
5 | BINARY = gnunet-service-template | 9 | BINARY = gnunet-service-template |
6 | ACCEPT_FROM = 127.0.0.1; | 10 | ACCEPT_FROM = 127.0.0.1; |
diff --git a/src/testbed/test_testbed_api_statistics.conf b/src/testbed/test_testbed_api_statistics.conf index 50d3f2c04..edb2e2057 100644 --- a/src/testbed/test_testbed_api_statistics.conf +++ b/src/testbed/test_testbed_api_statistics.conf | |||
@@ -6,4 +6,4 @@ MAX_PARALLEL_SERVICE_CONNECTIONS = 2 | |||
6 | 6 | ||
7 | [statistics] | 7 | [statistics] |
8 | START_ON_DEMAND = YES | 8 | START_ON_DEMAND = YES |
9 | PORT = 30 | 9 | PORT = 59530 |
diff --git a/src/testing/test_testing_sharedservices.conf b/src/testing/test_testing_sharedservices.conf index e41e2863c..24ce1b358 100644 --- a/src/testing/test_testing_sharedservices.conf +++ b/src/testing/test_testing_sharedservices.conf | |||
@@ -2,7 +2,7 @@ | |||
2 | GNUNET_TEST_HOME = $GNUNET_TMP/test-gnunet-testing/ | 2 | GNUNET_TEST_HOME = $GNUNET_TMP/test-gnunet-testing/ |
3 | 3 | ||
4 | [testbed-logger] | 4 | [testbed-logger] |
5 | PORT = 15000 | 5 | PORT = 59132 |
6 | UNIXPATH = $GNUNET_RUNTIME_DIR/testbed-logger.sock | 6 | UNIXPATH = $GNUNET_RUNTIME_DIR/testbed-logger.sock |
7 | DIR = $GNUNET_TMP/testbed-logger | 7 | DIR = $GNUNET_TMP/testbed-logger |
8 | 8 | ||
diff --git a/src/topology/Makefile.am b/src/topology/Makefile.am index 97e4652d0..ae69ee8bc 100644 --- a/src/topology/Makefile.am +++ b/src/topology/Makefile.am | |||
@@ -56,6 +56,7 @@ test_gnunet_daemon_topology_SOURCES = \ | |||
56 | test_gnunet_daemon_topology.c | 56 | test_gnunet_daemon_topology.c |
57 | test_gnunet_daemon_topology_LDADD = \ | 57 | test_gnunet_daemon_topology_LDADD = \ |
58 | $(top_builddir)/src/testbed/libgnunettestbed.la \ | 58 | $(top_builddir)/src/testbed/libgnunettestbed.la \ |
59 | $(top_builddir)/src/statistics/libgnunetstatistics.la \ | ||
59 | $(top_builddir)/src/util/libgnunetutil.la | 60 | $(top_builddir)/src/util/libgnunetutil.la |
60 | 61 | ||
61 | EXTRA_DIST = \ | 62 | EXTRA_DIST = \ |
diff --git a/src/topology/gnunet-daemon-topology.c b/src/topology/gnunet-daemon-topology.c index 829fb5352..f7a4e4525 100644 --- a/src/topology/gnunet-daemon-topology.c +++ b/src/topology/gnunet-daemon-topology.c | |||
@@ -111,7 +111,7 @@ struct Peer | |||
111 | uint32_t strength; | 111 | uint32_t strength; |
112 | 112 | ||
113 | /** | 113 | /** |
114 | * Is this peer listed here because he is a friend? | 114 | * Is this peer listed here because it is a friend? |
115 | */ | 115 | */ |
116 | int is_friend; | 116 | int is_friend; |
117 | 117 | ||
diff --git a/src/topology/test_gnunet_daemon_topology.c b/src/topology/test_gnunet_daemon_topology.c index 7c75d1137..5359c280e 100644 --- a/src/topology/test_gnunet_daemon_topology.c +++ b/src/topology/test_gnunet_daemon_topology.c | |||
@@ -11,54 +11,209 @@ | |||
11 | WITHOUT ANY WARRANTY; without even the implied warranty of | 11 | WITHOUT ANY WARRANTY; without even the implied warranty of |
12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | 12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
13 | Affero General Public License for more details. | 13 | Affero General Public License for more details. |
14 | 14 | ||
15 | You should have received a copy of the GNU Affero General Public License | 15 | You should have received a copy of the GNU Affero General Public License |
16 | along with this program. If not, see <http://www.gnu.org/licenses/>. | 16 | along with this program. If not, see <http://www.gnu.org/licenses/>. |
17 | */ | 17 | */ |
18 | /** | 18 | /** |
19 | * @file topology/test_gnunet_daemon_topology.c | 19 | * @file topology/test_gnunet_daemon_topology.c |
20 | * @brief testcase for topology maintenance code | 20 | * @brief testcase for topology maintenance code |
21 | * @author Christian Grothoff | ||
22 | * @author xrs | ||
21 | */ | 23 | */ |
22 | #include "platform.h" | 24 | #include "platform.h" |
23 | #include "gnunet_testbed_service.h" | 25 | #include "gnunet_testbed_service.h" |
26 | #include "gnunet_statistics_service.h" | ||
24 | 27 | ||
25 | 28 | ||
26 | #define NUM_PEERS 8 | 29 | #define NUM_PEERS 8 |
27 | 30 | ||
31 | /* | ||
32 | * The threshold defines the number of connection that are needed | ||
33 | * for one peer to pass the test. Be aware that setting NUM_PEERS | ||
34 | * too high can cause bandwidth problems for the testing peers. | ||
35 | * Normal should be 5KB/s per peer. See gnunet-config -s ats. | ||
36 | */ | ||
37 | #define THRESHOLD NUM_PEERS/2 | ||
38 | |||
28 | /** | 39 | /** |
29 | * How long until we give up on connecting the peers? | 40 | * How long until we give up on connecting the peers? |
30 | */ | 41 | */ |
31 | #define TIMEOUT GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_SECONDS, 600) | 42 | #define TIMEOUT GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_SECONDS, 60) |
32 | 43 | ||
44 | /* | ||
45 | * Store manual connections. | ||
46 | */ | ||
47 | static unsigned int connect_left; | ||
33 | 48 | ||
34 | static int ok; | 49 | /* |
50 | * Result of the testcase. | ||
51 | */ | ||
52 | static int result; | ||
35 | 53 | ||
36 | static unsigned int connect_left; | 54 | /* |
55 | * Peers that reached the threshold of connections. | ||
56 | */ | ||
57 | static int checked_peers; | ||
58 | |||
59 | /* | ||
60 | * Testbed operations. | ||
61 | */ | ||
62 | struct GNUNET_TESTBED_Operation *op[NUM_PEERS]; | ||
63 | |||
64 | /* | ||
65 | * Timeout for testcase. | ||
66 | */ | ||
67 | static struct GNUNET_SCHEDULER_Task *timeout_tid; | ||
68 | |||
69 | /* | ||
70 | * Peer context for every testbed peer. | ||
71 | */ | ||
72 | struct peerctx | ||
73 | { | ||
74 | int index; | ||
75 | struct GNUNET_STATISTICS_Handle *statistics; | ||
76 | int connections; | ||
77 | int reported; /* GNUNET_NO | GNUNET_YES */ | ||
78 | }; | ||
79 | |||
80 | |||
81 | static void | ||
82 | shutdown_task (void *cls) | ||
83 | { | ||
84 | unsigned int i; | ||
85 | |||
86 | GNUNET_log (GNUNET_ERROR_TYPE_INFO, | ||
87 | "Shutting down testcase\n"); | ||
88 | |||
89 | for (i=0;i<NUM_PEERS;i++) { | ||
90 | if (NULL != op[i]) | ||
91 | GNUNET_TESTBED_operation_done (op[i]); | ||
92 | } | ||
93 | |||
94 | if (NULL != timeout_tid) | ||
95 | GNUNET_SCHEDULER_cancel (timeout_tid); | ||
96 | } | ||
97 | |||
98 | static void | ||
99 | timeout_task (void *cls) | ||
100 | { | ||
101 | timeout_tid = NULL; | ||
102 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
103 | "Testcase timeout\n"); | ||
104 | |||
105 | result = GNUNET_SYSERR; | ||
106 | GNUNET_SCHEDULER_shutdown(); | ||
107 | } | ||
108 | |||
109 | /* | ||
110 | * The function is called every time the topology of connected | ||
111 | * peers to a peer changes. | ||
112 | */ | ||
113 | int | ||
114 | statistics_iterator (void *cls, | ||
115 | const char *subsystem, | ||
116 | const char *name, | ||
117 | uint64_t value, | ||
118 | int is_persistent) | ||
119 | { | ||
120 | struct peerctx *p_ctx = (struct peerctx*) cls; | ||
121 | |||
122 | GNUNET_log (GNUNET_ERROR_TYPE_INFO, | ||
123 | "Peer %d: %s = %llu\n", | ||
124 | p_ctx->index, | ||
125 | name, | ||
126 | (unsigned long long) value); | ||
127 | |||
128 | if (p_ctx->connections < value) | ||
129 | p_ctx->connections = value; | ||
130 | |||
131 | if (THRESHOLD <= value && GNUNET_NO == p_ctx->reported) { | ||
132 | p_ctx->reported = GNUNET_YES; | ||
133 | checked_peers++; | ||
134 | GNUNET_log(GNUNET_ERROR_TYPE_INFO, | ||
135 | "Peer %d successfully connected to at least %d peers once.\n", | ||
136 | p_ctx->index, | ||
137 | THRESHOLD); | ||
138 | |||
139 | if (checked_peers == NUM_PEERS) { | ||
140 | GNUNET_log(GNUNET_ERROR_TYPE_INFO, | ||
141 | "Test OK: All peers have connected to %d peers once.\n", | ||
142 | THRESHOLD); | ||
143 | result = GNUNET_YES; | ||
144 | GNUNET_SCHEDULER_shutdown(); | ||
145 | } | ||
146 | } | ||
147 | |||
148 | return GNUNET_YES; | ||
149 | } | ||
150 | |||
151 | static void * | ||
152 | ca_statistics (void *cls, | ||
153 | const struct GNUNET_CONFIGURATION_Handle *cfg) | ||
154 | { | ||
155 | return GNUNET_STATISTICS_create ("topology", cfg); | ||
156 | } | ||
157 | |||
158 | |||
159 | void | ||
160 | da_statistics (void *cls, | ||
161 | void *op_result) | ||
162 | { | ||
163 | struct peerctx *p_ctx = (struct peerctx *) cls; | ||
164 | |||
165 | GNUNET_break (GNUNET_OK == GNUNET_STATISTICS_watch_cancel | ||
166 | (p_ctx->statistics, "topology", "# peers connected", | ||
167 | statistics_iterator, p_ctx)); | ||
168 | |||
169 | GNUNET_STATISTICS_destroy (p_ctx->statistics, GNUNET_NO); | ||
170 | p_ctx->statistics = NULL; | ||
171 | |||
172 | GNUNET_free (p_ctx); | ||
173 | } | ||
37 | 174 | ||
38 | 175 | ||
39 | static void | 176 | static void |
177 | service_connect_complete (void *cls, | ||
178 | struct GNUNET_TESTBED_Operation *op, | ||
179 | void *ca_result, | ||
180 | const char *emsg) | ||
181 | { | ||
182 | int ret; | ||
183 | struct peerctx *p_ctx = (struct peerctx*) cls; | ||
184 | |||
185 | if (NULL == ca_result) | ||
186 | GNUNET_SCHEDULER_shutdown(); | ||
187 | |||
188 | p_ctx->statistics = ca_result; | ||
189 | |||
190 | ret = GNUNET_STATISTICS_watch (ca_result, | ||
191 | "topology", | ||
192 | "# peers connected", | ||
193 | statistics_iterator, | ||
194 | p_ctx); | ||
195 | |||
196 | if (GNUNET_NO == ret) | ||
197 | GNUNET_log (GNUNET_ERROR_TYPE_INFO, | ||
198 | "call to GNUNET_STATISTICS_watch() failed\n"); | ||
199 | } | ||
200 | |||
201 | static void | ||
40 | notify_connect_complete (void *cls, | 202 | notify_connect_complete (void *cls, |
41 | struct GNUNET_TESTBED_Operation *op, | 203 | struct GNUNET_TESTBED_Operation *op, |
42 | const char *emsg) | 204 | const char *emsg) |
43 | { | 205 | { |
44 | GNUNET_TESTBED_operation_done (op); | 206 | GNUNET_TESTBED_operation_done (op); |
45 | if (NULL != emsg) | 207 | if (NULL != emsg) |
46 | { | 208 | { |
47 | FPRINTF (stderr, "Failed to connect two peers: %s\n", emsg); | 209 | FPRINTF (stderr, "Failed to connect two peers: %s\n", emsg); |
210 | result = GNUNET_SYSERR; | ||
48 | GNUNET_SCHEDULER_shutdown (); | 211 | GNUNET_SCHEDULER_shutdown (); |
49 | ok = 1; | ||
50 | return; | 212 | return; |
51 | } | 213 | } |
52 | connect_left--; | 214 | connect_left--; |
53 | if (0 == connect_left) | ||
54 | { | ||
55 | /* FIXME: check that topology adds a few more links | ||
56 | * in addition to those that were seeded */ | ||
57 | GNUNET_SCHEDULER_shutdown (); | ||
58 | } | ||
59 | } | 215 | } |
60 | 216 | ||
61 | |||
62 | static void | 217 | static void |
63 | do_connect (void *cls, | 218 | do_connect (void *cls, |
64 | struct GNUNET_TESTBED_RunHandle *h, | 219 | struct GNUNET_TESTBED_RunHandle *h, |
@@ -68,28 +223,62 @@ do_connect (void *cls, | |||
68 | unsigned int links_failed) | 223 | unsigned int links_failed) |
69 | { | 224 | { |
70 | unsigned int i; | 225 | unsigned int i; |
226 | struct peerctx *p_ctx; | ||
227 | |||
228 | GNUNET_log (GNUNET_ERROR_TYPE_INFO, | ||
229 | "Threshold is set to %d.\n", | ||
230 | THRESHOLD); | ||
71 | 231 | ||
72 | GNUNET_assert (NUM_PEERS == num_peers); | 232 | GNUNET_assert (NUM_PEERS == num_peers); |
73 | for (i=0;i<num_peers-1;i++) | 233 | |
234 | for (i=0;i<NUM_PEERS;i++) | ||
74 | { | 235 | { |
75 | connect_left++; | 236 | p_ctx = GNUNET_new (struct peerctx); |
76 | GNUNET_TESTBED_overlay_connect (NULL, | 237 | p_ctx->index = i; |
77 | ¬ify_connect_complete, NULL, | 238 | p_ctx->connections = 0; |
78 | peers[i], peers[i+1]); | 239 | p_ctx->reported = GNUNET_NO; |
240 | |||
241 | if (i<NUM_PEERS-1) { | ||
242 | connect_left++; | ||
243 | GNUNET_TESTBED_overlay_connect (NULL, | ||
244 | ¬ify_connect_complete, NULL, | ||
245 | peers[i], peers[i+1]); | ||
246 | } | ||
247 | |||
248 | op[i] = | ||
249 | GNUNET_TESTBED_service_connect (cls, | ||
250 | peers[i], | ||
251 | "statistics", | ||
252 | service_connect_complete, | ||
253 | p_ctx, /* cls of completion cb */ | ||
254 | ca_statistics, /* connect adapter */ | ||
255 | da_statistics, /* disconnect adapter */ | ||
256 | p_ctx); | ||
257 | |||
79 | } | 258 | } |
259 | |||
260 | GNUNET_SCHEDULER_add_shutdown (&shutdown_task, NULL); | ||
261 | timeout_tid = | ||
262 | GNUNET_SCHEDULER_add_delayed (TIMEOUT, | ||
263 | &timeout_task, | ||
264 | NULL); | ||
80 | } | 265 | } |
81 | 266 | ||
82 | 267 | ||
83 | int | 268 | int |
84 | main (int argc, char *argv[]) | 269 | main (int argc, char *argv[]) |
85 | { | 270 | { |
271 | result = GNUNET_SYSERR; | ||
272 | checked_peers = 0; | ||
273 | |||
86 | (void) GNUNET_TESTBED_test_run ("test-gnunet-daemon-topology", | 274 | (void) GNUNET_TESTBED_test_run ("test-gnunet-daemon-topology", |
87 | "test_gnunet_daemon_topology_data.conf", | 275 | "test_gnunet_daemon_topology_data.conf", |
88 | NUM_PEERS, | 276 | NUM_PEERS, |
89 | 0, NULL, NULL, | 277 | 0, NULL, NULL, |
90 | &do_connect, NULL); | 278 | &do_connect, NULL); |
91 | GNUNET_DISK_directory_remove ("/tmp/test-gnunet-topology"); | 279 | GNUNET_DISK_directory_remove ("/tmp/test-gnunet-topology"); |
92 | return ok; | 280 | |
281 | return (GNUNET_OK != result) ? 1 : 0; | ||
93 | } | 282 | } |
94 | 283 | ||
95 | /* end of test_gnunet_daemon_topology.c */ | 284 | /* end of test_gnunet_daemon_topology.c */ |
diff --git a/src/transport/gnunet-service-transport.c b/src/transport/gnunet-service-transport.c index 6ebc6da8c..8c4f33fd0 100644 --- a/src/transport/gnunet-service-transport.c +++ b/src/transport/gnunet-service-transport.c | |||
@@ -612,7 +612,7 @@ notify_client_about_neighbour (void *cls, | |||
612 | 612 | ||
613 | /** | 613 | /** |
614 | * Initialize a normal client. We got a start message from this | 614 | * Initialize a normal client. We got a start message from this |
615 | * client, add him to the list of clients for broadcasting of inbound | 615 | * client, add it to the list of clients for broadcasting of inbound |
616 | * messages. | 616 | * messages. |
617 | * | 617 | * |
618 | * @param cls the client | 618 | * @param cls the client |
@@ -2173,7 +2173,7 @@ test_connection_ok (void *cls, | |||
2173 | 2173 | ||
2174 | /** | 2174 | /** |
2175 | * Initialize a blacklisting client. We got a blacklist-init | 2175 | * Initialize a blacklisting client. We got a blacklist-init |
2176 | * message from this client, add him to the list of clients | 2176 | * message from this client, add it to the list of clients |
2177 | * to query for blacklisting. | 2177 | * to query for blacklisting. |
2178 | * | 2178 | * |
2179 | * @param cls the client | 2179 | * @param cls the client |
diff --git a/src/transport/gnunet-service-transport_neighbours.c b/src/transport/gnunet-service-transport_neighbours.c index b1f3965ad..3965bc13e 100644 --- a/src/transport/gnunet-service-transport_neighbours.c +++ b/src/transport/gnunet-service-transport_neighbours.c | |||
@@ -179,7 +179,7 @@ struct GNUNET_ATS_SessionQuotaMessage | |||
179 | 179 | ||
180 | 180 | ||
181 | /** | 181 | /** |
182 | * Message we send to the other peer to notify him that we intentionally | 182 | * Message we send to the other peer to notify it that we intentionally |
183 | * are disconnecting (to reduce timeouts). This is just a friendly | 183 | * are disconnecting (to reduce timeouts). This is just a friendly |
184 | * notification, peers must not rely on always receiving disconnect | 184 | * notification, peers must not rely on always receiving disconnect |
185 | * messages. | 185 | * messages. |
@@ -3081,7 +3081,7 @@ master_task (void *cls) | |||
3081 | 3081 | ||
3082 | /** | 3082 | /** |
3083 | * Send a ACK message to the neighbour to confirm that we | 3083 | * Send a ACK message to the neighbour to confirm that we |
3084 | * got his SYN_ACK. | 3084 | * got its SYN_ACK. |
3085 | * | 3085 | * |
3086 | * @param n neighbour to send the ACK to | 3086 | * @param n neighbour to send the ACK to |
3087 | */ | 3087 | */ |
diff --git a/src/transport/test_plugin_transport_data.conf b/src/transport/test_plugin_transport_data.conf index cbecc56ed..b667a4854 100644 --- a/src/transport/test_plugin_transport_data.conf +++ b/src/transport/test_plugin_transport_data.conf | |||
@@ -3,10 +3,10 @@ | |||
3 | GNUNET_TEST_HOME = $GNUNET_TMP/test-gnunetd-plugin-transport/ | 3 | GNUNET_TEST_HOME = $GNUNET_TMP/test-gnunetd-plugin-transport/ |
4 | 4 | ||
5 | [transport-tcp] | 5 | [transport-tcp] |
6 | PORT = 2400 | 6 | PORT = 52400 |
7 | 7 | ||
8 | [transport-udp] | 8 | [transport-udp] |
9 | PORT = 2401 | 9 | PORT = 52401 |
10 | 10 | ||
11 | [transport-wlan] | 11 | [transport-wlan] |
12 | INTERFACE = mon0 | 12 | INTERFACE = mon0 |
@@ -17,29 +17,29 @@ INTERFACE = hci0 | |||
17 | TESTMODE = 1 | 17 | TESTMODE = 1 |
18 | 18 | ||
19 | [transport-http_server] | 19 | [transport-http_server] |
20 | PORT = 2402 | 20 | PORT = 52402 |
21 | 21 | ||
22 | [transport-https_server] | 22 | [transport-https_server] |
23 | PORT = 2403 | 23 | PORT = 52403 |
24 | 24 | ||
25 | [arm] | 25 | [arm] |
26 | PORT = 2360 | 26 | PORT = 52360 |
27 | UNIXPATH = $GNUNET_RUNTIME_DIR/gnunet-service-arm.sock | 27 | UNIXPATH = $GNUNET_RUNTIME_DIR/gnunet-service-arm.sock |
28 | 28 | ||
29 | [statistics] | 29 | [statistics] |
30 | PORT = 2361 | 30 | PORT = 52361 |
31 | UNIXPATH = $GNUNET_RUNTIME_DIR/gnunet-service-statistics.sock | 31 | UNIXPATH = $GNUNET_RUNTIME_DIR/gnunet-service-statistics.sock |
32 | 32 | ||
33 | [resolver] | 33 | [resolver] |
34 | PORT = 2362 | 34 | PORT = 52362 |
35 | UNIXPATH = $GNUNET_RUNTIME_DIR/gnunet-service-resolver.sock | 35 | UNIXPATH = $GNUNET_RUNTIME_DIR/gnunet-service-resolver.sock |
36 | 36 | ||
37 | [peerinfo] | 37 | [peerinfo] |
38 | PORT = 2363 | 38 | PORT = 52363 |
39 | UNIXPATH = $GNUNET_RUNTIME_DIR/gnunet-service-peerinfo.sock | 39 | UNIXPATH = $GNUNET_RUNTIME_DIR/gnunet-service-peerinfo.sock |
40 | 40 | ||
41 | [transport] | 41 | [transport] |
42 | PORT = 2364 | 42 | PORT = 52364 |
43 | UNIXPATH = $GNUNET_RUNTIME_DIR/gnunet-service-transport.sock | 43 | UNIXPATH = $GNUNET_RUNTIME_DIR/gnunet-service-transport.sock |
44 | 44 | ||
45 | [nat] | 45 | [nat] |
diff --git a/src/transport/test_quota_compliance_data.conf b/src/transport/test_quota_compliance_data.conf index 47c523bcf..1bc607770 100644 --- a/src/transport/test_quota_compliance_data.conf +++ b/src/transport/test_quota_compliance_data.conf | |||
@@ -3,22 +3,22 @@ | |||
3 | GNUNET_TEST_HOME = $GNUNET_TMP/test-gnunetd-plugin-transport/ | 3 | GNUNET_TEST_HOME = $GNUNET_TMP/test-gnunetd-plugin-transport/ |
4 | 4 | ||
5 | [transport-tcp] | 5 | [transport-tcp] |
6 | PORT = 2368 | 6 | PORT = 52368 |
7 | TIMEOUT = 5 s | 7 | TIMEOUT = 5 s |
8 | 8 | ||
9 | [arm] | 9 | [arm] |
10 | PORT = 2366 | 10 | PORT = 52366 |
11 | 11 | ||
12 | [statistics] | 12 | [statistics] |
13 | PORT = 2367 | 13 | PORT = 52367 |
14 | 14 | ||
15 | [resolver] | 15 | [resolver] |
16 | PORT = 2364 | 16 | PORT = 52364 |
17 | 17 | ||
18 | [peerinfo] | 18 | [peerinfo] |
19 | PORT = 2369 | 19 | PORT = 52369 |
20 | 20 | ||
21 | [transport] | 21 | [transport] |
22 | PORT = 2365 | 22 | PORT = 52365 |
23 | 23 | ||
24 | 24 | ||
diff --git a/src/transport/test_quota_compliance_http_asymmetric_peer1.conf b/src/transport/test_quota_compliance_http_asymmetric_peer1.conf index 201bafd01..b2ff1913f 100644 --- a/src/transport/test_quota_compliance_http_asymmetric_peer1.conf +++ b/src/transport/test_quota_compliance_http_asymmetric_peer1.conf | |||
@@ -5,23 +5,23 @@ GNUNET_TEST_HOME = $GNUNET_TMP/test_quota_compliance_peer1 | |||
5 | [transport-http_client] | 5 | [transport-http_client] |
6 | 6 | ||
7 | [arm] | 7 | [arm] |
8 | PORT = 4015 | 8 | PORT = 54015 |
9 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_http_arm_peer1.sock | 9 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_http_arm_peer1.sock |
10 | 10 | ||
11 | [statistics] | 11 | [statistics] |
12 | PORT = 4014 | 12 | PORT = 54014 |
13 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_http_statistics_peer1.sock | 13 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_http_statistics_peer1.sock |
14 | 14 | ||
15 | [resolver] | 15 | [resolver] |
16 | PORT = 4013 | 16 | PORT = 54013 |
17 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_http_resolver_peer1.sock | 17 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_http_resolver_peer1.sock |
18 | 18 | ||
19 | [peerinfo] | 19 | [peerinfo] |
20 | PORT = 4012 | 20 | PORT = 54012 |
21 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_http_peerinfo_peer1.sock | 21 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_http_peerinfo_peer1.sock |
22 | 22 | ||
23 | [transport] | 23 | [transport] |
24 | PORT = 4011 | 24 | PORT = 54011 |
25 | PLUGINS = http_client | 25 | PLUGINS = http_client |
26 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_http_transport_peer1.sock | 26 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_http_transport_peer1.sock |
27 | 27 | ||
diff --git a/src/transport/test_quota_compliance_http_asymmetric_peer2.conf b/src/transport/test_quota_compliance_http_asymmetric_peer2.conf index cdc10516b..3408d9f2e 100644 --- a/src/transport/test_quota_compliance_http_asymmetric_peer2.conf +++ b/src/transport/test_quota_compliance_http_asymmetric_peer2.conf | |||
@@ -3,29 +3,29 @@ | |||
3 | GNUNET_TEST_HOME = $GNUNET_TMP/test_quota_compliance_peer2 | 3 | GNUNET_TEST_HOME = $GNUNET_TMP/test_quota_compliance_peer2 |
4 | 4 | ||
5 | [transport-http_server] | 5 | [transport-http_server] |
6 | PORT = 3010 | 6 | PORT = 53010 |
7 | USE_IPv6 = NO | 7 | USE_IPv6 = NO |
8 | BINDTO = 127.0.0.1 | 8 | BINDTO = 127.0.0.1 |
9 | 9 | ||
10 | 10 | ||
11 | [arm] | 11 | [arm] |
12 | PORT = 3015 | 12 | PORT = 53015 |
13 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_http_arm_peer2.sock | 13 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_http_arm_peer2.sock |
14 | 14 | ||
15 | [statistics] | 15 | [statistics] |
16 | PORT = 3014 | 16 | PORT = 53014 |
17 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_http_statistics_peer2.sock | 17 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_http_statistics_peer2.sock |
18 | 18 | ||
19 | [resolver] | 19 | [resolver] |
20 | PORT = 3013 | 20 | PORT = 53013 |
21 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_http_resolver_peer2.sock | 21 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_http_resolver_peer2.sock |
22 | 22 | ||
23 | [peerinfo] | 23 | [peerinfo] |
24 | PORT = 3012 | 24 | PORT = 53012 |
25 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_http_peerinfo_peer2.sock | 25 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_http_peerinfo_peer2.sock |
26 | 26 | ||
27 | [transport] | 27 | [transport] |
28 | PORT = 3011 | 28 | PORT = 53011 |
29 | PLUGINS = http_server | 29 | PLUGINS = http_server |
30 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_http_transport_peer2.sock | 30 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_http_transport_peer2.sock |
31 | 31 | ||
diff --git a/src/transport/test_quota_compliance_http_peer1.conf b/src/transport/test_quota_compliance_http_peer1.conf index 201bafd01..b2ff1913f 100644 --- a/src/transport/test_quota_compliance_http_peer1.conf +++ b/src/transport/test_quota_compliance_http_peer1.conf | |||
@@ -5,23 +5,23 @@ GNUNET_TEST_HOME = $GNUNET_TMP/test_quota_compliance_peer1 | |||
5 | [transport-http_client] | 5 | [transport-http_client] |
6 | 6 | ||
7 | [arm] | 7 | [arm] |
8 | PORT = 4015 | 8 | PORT = 54015 |
9 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_http_arm_peer1.sock | 9 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_http_arm_peer1.sock |
10 | 10 | ||
11 | [statistics] | 11 | [statistics] |
12 | PORT = 4014 | 12 | PORT = 54014 |
13 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_http_statistics_peer1.sock | 13 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_http_statistics_peer1.sock |
14 | 14 | ||
15 | [resolver] | 15 | [resolver] |
16 | PORT = 4013 | 16 | PORT = 54013 |
17 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_http_resolver_peer1.sock | 17 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_http_resolver_peer1.sock |
18 | 18 | ||
19 | [peerinfo] | 19 | [peerinfo] |
20 | PORT = 4012 | 20 | PORT = 54012 |
21 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_http_peerinfo_peer1.sock | 21 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_http_peerinfo_peer1.sock |
22 | 22 | ||
23 | [transport] | 23 | [transport] |
24 | PORT = 4011 | 24 | PORT = 54011 |
25 | PLUGINS = http_client | 25 | PLUGINS = http_client |
26 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_http_transport_peer1.sock | 26 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_http_transport_peer1.sock |
27 | 27 | ||
diff --git a/src/transport/test_quota_compliance_http_peer2.conf b/src/transport/test_quota_compliance_http_peer2.conf index cdc10516b..3408d9f2e 100644 --- a/src/transport/test_quota_compliance_http_peer2.conf +++ b/src/transport/test_quota_compliance_http_peer2.conf | |||
@@ -3,29 +3,29 @@ | |||
3 | GNUNET_TEST_HOME = $GNUNET_TMP/test_quota_compliance_peer2 | 3 | GNUNET_TEST_HOME = $GNUNET_TMP/test_quota_compliance_peer2 |
4 | 4 | ||
5 | [transport-http_server] | 5 | [transport-http_server] |
6 | PORT = 3010 | 6 | PORT = 53010 |
7 | USE_IPv6 = NO | 7 | USE_IPv6 = NO |
8 | BINDTO = 127.0.0.1 | 8 | BINDTO = 127.0.0.1 |
9 | 9 | ||
10 | 10 | ||
11 | [arm] | 11 | [arm] |
12 | PORT = 3015 | 12 | PORT = 53015 |
13 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_http_arm_peer2.sock | 13 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_http_arm_peer2.sock |
14 | 14 | ||
15 | [statistics] | 15 | [statistics] |
16 | PORT = 3014 | 16 | PORT = 53014 |
17 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_http_statistics_peer2.sock | 17 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_http_statistics_peer2.sock |
18 | 18 | ||
19 | [resolver] | 19 | [resolver] |
20 | PORT = 3013 | 20 | PORT = 53013 |
21 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_http_resolver_peer2.sock | 21 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_http_resolver_peer2.sock |
22 | 22 | ||
23 | [peerinfo] | 23 | [peerinfo] |
24 | PORT = 3012 | 24 | PORT = 53012 |
25 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_http_peerinfo_peer2.sock | 25 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_http_peerinfo_peer2.sock |
26 | 26 | ||
27 | [transport] | 27 | [transport] |
28 | PORT = 3011 | 28 | PORT = 53011 |
29 | PLUGINS = http_server | 29 | PLUGINS = http_server |
30 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_http_transport_peer2.sock | 30 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_http_transport_peer2.sock |
31 | 31 | ||
diff --git a/src/transport/test_quota_compliance_https_asymmetric_peer1.conf b/src/transport/test_quota_compliance_https_asymmetric_peer1.conf index 3e8895665..94aa534ef 100644 --- a/src/transport/test_quota_compliance_https_asymmetric_peer1.conf +++ b/src/transport/test_quota_compliance_https_asymmetric_peer1.conf | |||
@@ -5,23 +5,23 @@ GNUNET_TEST_HOME = $GNUNET_TMP/test_quota_compliance_peer1/ | |||
5 | [transport-https_client] | 5 | [transport-https_client] |
6 | 6 | ||
7 | [arm] | 7 | [arm] |
8 | PORT = 4006 | 8 | PORT = 54006 |
9 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_https_arm_peer1.sock | 9 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_https_arm_peer1.sock |
10 | 10 | ||
11 | [statistics] | 11 | [statistics] |
12 | PORT = 4005 | 12 | PORT = 54005 |
13 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_https_statistics_peer1.sock | 13 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_https_statistics_peer1.sock |
14 | 14 | ||
15 | [resolver] | 15 | [resolver] |
16 | PORT = 4004 | 16 | PORT = 54004 |
17 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_https_resolver_peer1.sock | 17 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_https_resolver_peer1.sock |
18 | 18 | ||
19 | [peerinfo] | 19 | [peerinfo] |
20 | PORT = 4003 | 20 | PORT = 54003 |
21 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_https_peerinfo_peer1.sock | 21 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_https_peerinfo_peer1.sock |
22 | 22 | ||
23 | [transport] | 23 | [transport] |
24 | PORT = 4002 | 24 | PORT = 54002 |
25 | PLUGINS = https_client | 25 | PLUGINS = https_client |
26 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_https_transport_peer1.sock | 26 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_https_transport_peer1.sock |
27 | 27 | ||
diff --git a/src/transport/test_quota_compliance_https_asymmetric_peer2.conf b/src/transport/test_quota_compliance_https_asymmetric_peer2.conf index e0ff8da9f..8fb8861cd 100644 --- a/src/transport/test_quota_compliance_https_asymmetric_peer2.conf +++ b/src/transport/test_quota_compliance_https_asymmetric_peer2.conf | |||
@@ -3,28 +3,28 @@ | |||
3 | GNUNET_TEST_HOME = $GNUNET_TMP/test_quota_compliance_peer2 | 3 | GNUNET_TEST_HOME = $GNUNET_TMP/test_quota_compliance_peer2 |
4 | 4 | ||
5 | [transport-https_server] | 5 | [transport-https_server] |
6 | PORT = 3001 | 6 | PORT = 53001 |
7 | KEY_FILE = https_key_quota_p2.key | 7 | KEY_FILE = https_key_quota_p2.key |
8 | CERT_FILE = https_cert_qutoa_p2.crt | 8 | CERT_FILE = https_cert_qutoa_p2.crt |
9 | 9 | ||
10 | [arm] | 10 | [arm] |
11 | PORT = 3006 | 11 | PORT = 53006 |
12 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_https_arm_peer2.sock | 12 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_https_arm_peer2.sock |
13 | 13 | ||
14 | [statistics] | 14 | [statistics] |
15 | PORT = 3005 | 15 | PORT = 53005 |
16 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_https_statistics_peer2.sock | 16 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_https_statistics_peer2.sock |
17 | 17 | ||
18 | [resolver] | 18 | [resolver] |
19 | PORT = 3004 | 19 | PORT = 53004 |
20 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_https_resolver_peer2.sock | 20 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_https_resolver_peer2.sock |
21 | 21 | ||
22 | [peerinfo] | 22 | [peerinfo] |
23 | PORT = 3003 | 23 | PORT = 53003 |
24 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_https_peerinfo_peer2.sock | 24 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_https_peerinfo_peer2.sock |
25 | 25 | ||
26 | [transport] | 26 | [transport] |
27 | PORT = 3002 | 27 | PORT = 53002 |
28 | PLUGINS = https_server | 28 | PLUGINS = https_server |
29 | UNIXPATH = $GNUNET_RUNTIME_DIR/https_transport_peer2.sock | 29 | UNIXPATH = $GNUNET_RUNTIME_DIR/https_transport_peer2.sock |
30 | 30 | ||
diff --git a/src/transport/test_quota_compliance_https_peer1.conf b/src/transport/test_quota_compliance_https_peer1.conf index 3e8895665..94aa534ef 100644 --- a/src/transport/test_quota_compliance_https_peer1.conf +++ b/src/transport/test_quota_compliance_https_peer1.conf | |||
@@ -5,23 +5,23 @@ GNUNET_TEST_HOME = $GNUNET_TMP/test_quota_compliance_peer1/ | |||
5 | [transport-https_client] | 5 | [transport-https_client] |
6 | 6 | ||
7 | [arm] | 7 | [arm] |
8 | PORT = 4006 | 8 | PORT = 54006 |
9 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_https_arm_peer1.sock | 9 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_https_arm_peer1.sock |
10 | 10 | ||
11 | [statistics] | 11 | [statistics] |
12 | PORT = 4005 | 12 | PORT = 54005 |
13 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_https_statistics_peer1.sock | 13 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_https_statistics_peer1.sock |
14 | 14 | ||
15 | [resolver] | 15 | [resolver] |
16 | PORT = 4004 | 16 | PORT = 54004 |
17 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_https_resolver_peer1.sock | 17 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_https_resolver_peer1.sock |
18 | 18 | ||
19 | [peerinfo] | 19 | [peerinfo] |
20 | PORT = 4003 | 20 | PORT = 54003 |
21 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_https_peerinfo_peer1.sock | 21 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_https_peerinfo_peer1.sock |
22 | 22 | ||
23 | [transport] | 23 | [transport] |
24 | PORT = 4002 | 24 | PORT = 54002 |
25 | PLUGINS = https_client | 25 | PLUGINS = https_client |
26 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_https_transport_peer1.sock | 26 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_https_transport_peer1.sock |
27 | 27 | ||
diff --git a/src/transport/test_quota_compliance_https_peer2.conf b/src/transport/test_quota_compliance_https_peer2.conf index e0ff8da9f..8fb8861cd 100644 --- a/src/transport/test_quota_compliance_https_peer2.conf +++ b/src/transport/test_quota_compliance_https_peer2.conf | |||
@@ -3,28 +3,28 @@ | |||
3 | GNUNET_TEST_HOME = $GNUNET_TMP/test_quota_compliance_peer2 | 3 | GNUNET_TEST_HOME = $GNUNET_TMP/test_quota_compliance_peer2 |
4 | 4 | ||
5 | [transport-https_server] | 5 | [transport-https_server] |
6 | PORT = 3001 | 6 | PORT = 53001 |
7 | KEY_FILE = https_key_quota_p2.key | 7 | KEY_FILE = https_key_quota_p2.key |
8 | CERT_FILE = https_cert_qutoa_p2.crt | 8 | CERT_FILE = https_cert_qutoa_p2.crt |
9 | 9 | ||
10 | [arm] | 10 | [arm] |
11 | PORT = 3006 | 11 | PORT = 53006 |
12 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_https_arm_peer2.sock | 12 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_https_arm_peer2.sock |
13 | 13 | ||
14 | [statistics] | 14 | [statistics] |
15 | PORT = 3005 | 15 | PORT = 53005 |
16 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_https_statistics_peer2.sock | 16 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_https_statistics_peer2.sock |
17 | 17 | ||
18 | [resolver] | 18 | [resolver] |
19 | PORT = 3004 | 19 | PORT = 53004 |
20 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_https_resolver_peer2.sock | 20 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_https_resolver_peer2.sock |
21 | 21 | ||
22 | [peerinfo] | 22 | [peerinfo] |
23 | PORT = 3003 | 23 | PORT = 53003 |
24 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_https_peerinfo_peer2.sock | 24 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_https_peerinfo_peer2.sock |
25 | 25 | ||
26 | [transport] | 26 | [transport] |
27 | PORT = 3002 | 27 | PORT = 53002 |
28 | PLUGINS = https_server | 28 | PLUGINS = https_server |
29 | UNIXPATH = $GNUNET_RUNTIME_DIR/https_transport_peer2.sock | 29 | UNIXPATH = $GNUNET_RUNTIME_DIR/https_transport_peer2.sock |
30 | 30 | ||
diff --git a/src/transport/test_quota_compliance_tcp_asymmetric_peer1.conf b/src/transport/test_quota_compliance_tcp_asymmetric_peer1.conf index 59fbbff5b..0e0cbff24 100644 --- a/src/transport/test_quota_compliance_tcp_asymmetric_peer1.conf +++ b/src/transport/test_quota_compliance_tcp_asymmetric_peer1.conf | |||
@@ -3,29 +3,29 @@ | |||
3 | GNUNET_TEST_HOME = $GNUNET_TMP/test-transport/quota-tcp-p1/ | 3 | GNUNET_TEST_HOME = $GNUNET_TMP/test-transport/quota-tcp-p1/ |
4 | 4 | ||
5 | [transport-tcp] | 5 | [transport-tcp] |
6 | PORT = 4094 | 6 | PORT = 54094 |
7 | 7 | ||
8 | [transport-udp] | 8 | [transport-udp] |
9 | PORT = 4094 | 9 | PORT = 54094 |
10 | 10 | ||
11 | [arm] | 11 | [arm] |
12 | PORT = 4087 | 12 | PORT = 54087 |
13 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_tcp_arm_peer1.sock | 13 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_tcp_arm_peer1.sock |
14 | 14 | ||
15 | [statistics] | 15 | [statistics] |
16 | PORT = 4088 | 16 | PORT = 54088 |
17 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_tcp_statistics_peer1.sock | 17 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_tcp_statistics_peer1.sock |
18 | 18 | ||
19 | [resolver] | 19 | [resolver] |
20 | PORT = 4089 | 20 | PORT = 54089 |
21 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_tcp_resolver_peer1.sock | 21 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_tcp_resolver_peer1.sock |
22 | 22 | ||
23 | [peerinfo] | 23 | [peerinfo] |
24 | PORT = 4090 | 24 | PORT = 54090 |
25 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_tcp_peerinfo_peer1.sock | 25 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_tcp_peerinfo_peer1.sock |
26 | 26 | ||
27 | [transport] | 27 | [transport] |
28 | PORT = 4091 | 28 | PORT = 54091 |
29 | PLUGINS = tcp | 29 | PLUGINS = tcp |
30 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_tcp_transport_peer1.sock | 30 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_tcp_transport_peer1.sock |
31 | 31 | ||
diff --git a/src/transport/test_quota_compliance_tcp_peer1.conf b/src/transport/test_quota_compliance_tcp_peer1.conf index 59fbbff5b..0e0cbff24 100644 --- a/src/transport/test_quota_compliance_tcp_peer1.conf +++ b/src/transport/test_quota_compliance_tcp_peer1.conf | |||
@@ -3,29 +3,29 @@ | |||
3 | GNUNET_TEST_HOME = $GNUNET_TMP/test-transport/quota-tcp-p1/ | 3 | GNUNET_TEST_HOME = $GNUNET_TMP/test-transport/quota-tcp-p1/ |
4 | 4 | ||
5 | [transport-tcp] | 5 | [transport-tcp] |
6 | PORT = 4094 | 6 | PORT = 54094 |
7 | 7 | ||
8 | [transport-udp] | 8 | [transport-udp] |
9 | PORT = 4094 | 9 | PORT = 54094 |
10 | 10 | ||
11 | [arm] | 11 | [arm] |
12 | PORT = 4087 | 12 | PORT = 54087 |
13 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_tcp_arm_peer1.sock | 13 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_tcp_arm_peer1.sock |
14 | 14 | ||
15 | [statistics] | 15 | [statistics] |
16 | PORT = 4088 | 16 | PORT = 54088 |
17 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_tcp_statistics_peer1.sock | 17 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_tcp_statistics_peer1.sock |
18 | 18 | ||
19 | [resolver] | 19 | [resolver] |
20 | PORT = 4089 | 20 | PORT = 54089 |
21 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_tcp_resolver_peer1.sock | 21 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_tcp_resolver_peer1.sock |
22 | 22 | ||
23 | [peerinfo] | 23 | [peerinfo] |
24 | PORT = 4090 | 24 | PORT = 54090 |
25 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_tcp_peerinfo_peer1.sock | 25 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_tcp_peerinfo_peer1.sock |
26 | 26 | ||
27 | [transport] | 27 | [transport] |
28 | PORT = 4091 | 28 | PORT = 54091 |
29 | PLUGINS = tcp | 29 | PLUGINS = tcp |
30 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_tcp_transport_peer1.sock | 30 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_tcp_transport_peer1.sock |
31 | 31 | ||
diff --git a/src/transport/test_quota_compliance_udp_peer1.conf b/src/transport/test_quota_compliance_udp_peer1.conf index b7c3159b8..bba75c168 100644 --- a/src/transport/test_quota_compliance_udp_peer1.conf +++ b/src/transport/test_quota_compliance_udp_peer1.conf | |||
@@ -3,27 +3,27 @@ | |||
3 | GNUNET_TEST_HOME = $GNUNET_TMP/test_quota_compliance_peer1/ | 3 | GNUNET_TEST_HOME = $GNUNET_TMP/test_quota_compliance_peer1/ |
4 | 4 | ||
5 | [transport-udp] | 5 | [transport-udp] |
6 | PORT = 4368 | 6 | PORT = 54368 |
7 | MAX_BPS = 50000000 | 7 | MAX_BPS = 50000000 |
8 | 8 | ||
9 | [arm] | 9 | [arm] |
10 | PORT = 4087 | 10 | PORT = 54087 |
11 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_udp_arm_peer1.sock | 11 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_udp_arm_peer1.sock |
12 | 12 | ||
13 | [statistics] | 13 | [statistics] |
14 | PORT = 4088 | 14 | PORT = 54088 |
15 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_udp_statistics_peer1.sock | 15 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_udp_statistics_peer1.sock |
16 | 16 | ||
17 | [resolver] | 17 | [resolver] |
18 | PORT = 4089 | 18 | PORT = 54089 |
19 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_udp_resolver_peer1.sock | 19 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_udp_resolver_peer1.sock |
20 | 20 | ||
21 | [peerinfo] | 21 | [peerinfo] |
22 | PORT = 4090 | 22 | PORT = 54090 |
23 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_udp_peerinfo_peer1.sock | 23 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_udp_peerinfo_peer1.sock |
24 | 24 | ||
25 | [transport] | 25 | [transport] |
26 | PORT = 4091 | 26 | PORT = 54091 |
27 | PLUGINS = udp | 27 | PLUGINS = udp |
28 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_udp_transport_peer1.sock | 28 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_udp_transport_peer1.sock |
29 | 29 | ||
diff --git a/src/transport/test_quota_compliance_udp_peer2.conf b/src/transport/test_quota_compliance_udp_peer2.conf index 70e61db05..1cb04038c 100644 --- a/src/transport/test_quota_compliance_udp_peer2.conf +++ b/src/transport/test_quota_compliance_udp_peer2.conf | |||
@@ -3,27 +3,27 @@ | |||
3 | GNUNET_TEST_HOME = $GNUNET_TMP/test_quota_compliance_peer2 | 3 | GNUNET_TEST_HOME = $GNUNET_TMP/test_quota_compliance_peer2 |
4 | 4 | ||
5 | [transport-udp] | 5 | [transport-udp] |
6 | PORT = 3368 | 6 | PORT = 53368 |
7 | MAX_BPS = 50000000 | 7 | MAX_BPS = 50000000 |
8 | 8 | ||
9 | [arm] | 9 | [arm] |
10 | PORT = 3087 | 10 | PORT = 53087 |
11 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_udp_arm_peer2.sock | 11 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_udp_arm_peer2.sock |
12 | 12 | ||
13 | [statistics] | 13 | [statistics] |
14 | PORT = 3088 | 14 | PORT = 53088 |
15 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_udp_statistics_peer2.sock | 15 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_udp_statistics_peer2.sock |
16 | 16 | ||
17 | [resolver] | 17 | [resolver] |
18 | PORT = 3089 | 18 | PORT = 53089 |
19 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_udp_resolver_peer2.sock | 19 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_udp_resolver_peer2.sock |
20 | 20 | ||
21 | [peerinfo] | 21 | [peerinfo] |
22 | PORT = 3090 | 22 | PORT = 53090 |
23 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_udp_peerinfo_peer2.sock | 23 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_udp_peerinfo_peer2.sock |
24 | 24 | ||
25 | [transport] | 25 | [transport] |
26 | PORT = 3091 | 26 | PORT = 53091 |
27 | PLUGINS = udp | 27 | PLUGINS = udp |
28 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_udp_transport_peer2.sock | 28 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_udp_transport_peer2.sock |
29 | 29 | ||
diff --git a/src/transport/test_quota_compliance_unix_asymmetric_peer1.conf b/src/transport/test_quota_compliance_unix_asymmetric_peer1.conf index 8d6073b67..a8ee6d77a 100644 --- a/src/transport/test_quota_compliance_unix_asymmetric_peer1.conf +++ b/src/transport/test_quota_compliance_unix_asymmetric_peer1.conf | |||
@@ -3,26 +3,26 @@ | |||
3 | GNUNET_TEST_HOME = $GNUNET_TMP/test_quota_compliance_peer1/ | 3 | GNUNET_TEST_HOME = $GNUNET_TMP/test_quota_compliance_peer1/ |
4 | 4 | ||
5 | [arm] | 5 | [arm] |
6 | PORT = 4087 | 6 | PORT = 54087 |
7 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_unix_arm_peer1.sock | 7 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_unix_arm_peer1.sock |
8 | 8 | ||
9 | [statistics] | 9 | [statistics] |
10 | PORT = 4088 | 10 | PORT = 54088 |
11 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_unix_statistics_peer1.sock | 11 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_unix_statistics_peer1.sock |
12 | 12 | ||
13 | [resolver] | 13 | [resolver] |
14 | PORT = 4089 | 14 | PORT = 54089 |
15 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_unix_resolver_peer1.sock | 15 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_unix_resolver_peer1.sock |
16 | 16 | ||
17 | [peerinfo] | 17 | [peerinfo] |
18 | PORT = 4090 | 18 | PORT = 54090 |
19 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_unix_peerinfo_peer1.sock | 19 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_unix_peerinfo_peer1.sock |
20 | 20 | ||
21 | [transport] | 21 | [transport] |
22 | PORT = 4091 | 22 | PORT = 54091 |
23 | PLUGINS = unix | 23 | PLUGINS = unix |
24 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_unix_transport_peer1.sock | 24 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_unix_transport_peer1.sock |
25 | 25 | ||
26 | [transport-unix] | 26 | [transport-unix] |
27 | PORT = 4092 | 27 | PORT = 54092 |
28 | 28 | ||
diff --git a/src/transport/test_quota_compliance_unix_asymmetric_peer2.conf b/src/transport/test_quota_compliance_unix_asymmetric_peer2.conf index a3a42f739..6edbcac9f 100644 --- a/src/transport/test_quota_compliance_unix_asymmetric_peer2.conf +++ b/src/transport/test_quota_compliance_unix_asymmetric_peer2.conf | |||
@@ -3,26 +3,26 @@ | |||
3 | GNUNET_TEST_HOME = $GNUNET_TMP/test_quota_compliance_peer2 | 3 | GNUNET_TEST_HOME = $GNUNET_TMP/test_quota_compliance_peer2 |
4 | 4 | ||
5 | [arm] | 5 | [arm] |
6 | PORT = 3087 | 6 | PORT = 53087 |
7 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_unix_arm_peer2.sock | 7 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_unix_arm_peer2.sock |
8 | 8 | ||
9 | [statistics] | 9 | [statistics] |
10 | PORT = 3088 | 10 | PORT = 53088 |
11 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_unix_statistics_peer2.sock | 11 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_unix_statistics_peer2.sock |
12 | 12 | ||
13 | [resolver] | 13 | [resolver] |
14 | PORT = 3089 | 14 | PORT = 53089 |
15 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_unix_resolver_peer2.sock | 15 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_unix_resolver_peer2.sock |
16 | 16 | ||
17 | [peerinfo] | 17 | [peerinfo] |
18 | PORT = 3090 | 18 | PORT = 53090 |
19 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_unix_peerinfo_peer2.sock | 19 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_unix_peerinfo_peer2.sock |
20 | 20 | ||
21 | [transport] | 21 | [transport] |
22 | PORT = 3091 | 22 | PORT = 53091 |
23 | PLUGINS = unix | 23 | PLUGINS = unix |
24 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_unix_transport_peer2.sock | 24 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_unix_transport_peer2.sock |
25 | 25 | ||
26 | [transport-unix] | 26 | [transport-unix] |
27 | PORT = 3368 | 27 | PORT = 53368 |
28 | 28 | ||
diff --git a/src/transport/test_quota_compliance_unix_peer1.conf b/src/transport/test_quota_compliance_unix_peer1.conf index d9255705c..59c8d6d9e 100644 --- a/src/transport/test_quota_compliance_unix_peer1.conf +++ b/src/transport/test_quota_compliance_unix_peer1.conf | |||
@@ -6,22 +6,22 @@ GNUNET_TEST_HOME = $GNUNET_TMP/test_quota_compliance_peer1/ | |||
6 | PORT = 12120 | 6 | PORT = 12120 |
7 | 7 | ||
8 | [arm] | 8 | [arm] |
9 | PORT = 4087 | 9 | PORT = 54087 |
10 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_unix_arm_peer1.sock | 10 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_unix_arm_peer1.sock |
11 | 11 | ||
12 | [statistics] | 12 | [statistics] |
13 | PORT = 4088 | 13 | PORT = 54088 |
14 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_unix_statistics_peer1.sock | 14 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_unix_statistics_peer1.sock |
15 | 15 | ||
16 | [resolver] | 16 | [resolver] |
17 | PORT = 4089 | 17 | PORT = 54089 |
18 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_unix_resolver_peer1.sock | 18 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_unix_resolver_peer1.sock |
19 | 19 | ||
20 | [peerinfo] | 20 | [peerinfo] |
21 | PORT = 4090 | 21 | PORT = 54090 |
22 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_unix_peerinfo_peer1.sock | 22 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_unix_peerinfo_peer1.sock |
23 | 23 | ||
24 | [transport] | 24 | [transport] |
25 | PORT = 4091 | 25 | PORT = 54091 |
26 | PLUGINS = unix | 26 | PLUGINS = unix |
27 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_unix_transport_peer1.sock | 27 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_unix_transport_peer1.sock |
diff --git a/src/transport/test_quota_compliance_unix_peer2.conf b/src/transport/test_quota_compliance_unix_peer2.conf index b7ba15d86..8c2f9989e 100644 --- a/src/transport/test_quota_compliance_unix_peer2.conf +++ b/src/transport/test_quota_compliance_unix_peer2.conf | |||
@@ -6,26 +6,26 @@ GNUNET_TEST_HOME = $GNUNET_TMP/test_quota_compliance_peer2 | |||
6 | PORT = 12136 | 6 | PORT = 12136 |
7 | 7 | ||
8 | [arm] | 8 | [arm] |
9 | PORT = 3087 | 9 | PORT = 53087 |
10 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_unix_arm_peer2.sock | 10 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_unix_arm_peer2.sock |
11 | 11 | ||
12 | [statistics] | 12 | [statistics] |
13 | PORT = 3088 | 13 | PORT = 53088 |
14 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_unix_statistics_peer2.sock | 14 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_unix_statistics_peer2.sock |
15 | 15 | ||
16 | [resolver] | 16 | [resolver] |
17 | PORT = 3089 | 17 | PORT = 53089 |
18 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_unix_resolver_peer2.sock | 18 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_unix_resolver_peer2.sock |
19 | 19 | ||
20 | [peerinfo] | 20 | [peerinfo] |
21 | PORT = 3090 | 21 | PORT = 53090 |
22 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_unix_peerinfo_peer2.sock | 22 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_unix_peerinfo_peer2.sock |
23 | 23 | ||
24 | [transport] | 24 | [transport] |
25 | PORT = 3091 | 25 | PORT = 53091 |
26 | PLUGINS = unix | 26 | PLUGINS = unix |
27 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_unix_transport_peer2.sock | 27 | UNIXPATH = $GNUNET_RUNTIME_DIR/test_quota_compliance_unix_transport_peer2.sock |
28 | 28 | ||
29 | [transport-unix] | 29 | [transport-unix] |
30 | PORT = 3368 | 30 | PORT = 53368 |
31 | 31 | ||
diff --git a/src/transport/test_transport_api_data.conf b/src/transport/test_transport_api_data.conf index 58b8e17b0..c06235a0a 100644 --- a/src/transport/test_transport_api_data.conf +++ b/src/transport/test_transport_api_data.conf | |||
@@ -2,8 +2,8 @@ | |||
2 | [PATHS] | 2 | [PATHS] |
3 | 3 | ||
4 | [transport-tcp] | 4 | [transport-tcp] |
5 | PORT = 2094 | 5 | PORT = 52094 |
6 | 6 | ||
7 | [transport-udp] | 7 | [transport-udp] |
8 | PORT = 2094 | 8 | PORT = 52094 |
9 | 9 | ||
diff --git a/src/transport/test_transport_api_reliability_tcp_nat_peer1.conf b/src/transport/test_transport_api_reliability_tcp_nat_peer1.conf index 6aa9dbf22..6a2029b09 100644 --- a/src/transport/test_transport_api_reliability_tcp_nat_peer1.conf +++ b/src/transport/test_transport_api_reliability_tcp_nat_peer1.conf | |||
@@ -12,7 +12,7 @@ PORT = 0 | |||
12 | TIMEOUT = 5 s | 12 | TIMEOUT = 5 s |
13 | 13 | ||
14 | [arm] | 14 | [arm] |
15 | PORT = 1204 | 15 | PORT = 51204 |
16 | UNIXPATH = $GNUNET_RUNTIME_DIR/gnunet-p1-service-arm.sock | 16 | UNIXPATH = $GNUNET_RUNTIME_DIR/gnunet-p1-service-arm.sock |
17 | 17 | ||
18 | [statistics] | 18 | [statistics] |
diff --git a/src/transport/test_transport_api_tcp_nat_peer1.conf b/src/transport/test_transport_api_tcp_nat_peer1.conf index b8d83ce29..fb2fcecc6 100644 --- a/src/transport/test_transport_api_tcp_nat_peer1.conf +++ b/src/transport/test_transport_api_tcp_nat_peer1.conf | |||
@@ -12,7 +12,7 @@ PORT = 0 | |||
12 | TIMEOUT = 5 s | 12 | TIMEOUT = 5 s |
13 | 13 | ||
14 | [arm] | 14 | [arm] |
15 | PORT = 1204 | 15 | PORT = 51204 |
16 | UNIXPATH = $GNUNET_RUNTIME_DIR/gnunet-p1-service-arm.sock | 16 | UNIXPATH = $GNUNET_RUNTIME_DIR/gnunet-p1-service-arm.sock |
17 | 17 | ||
18 | [statistics] | 18 | [statistics] |
diff --git a/src/transport/transport.conf.in b/src/transport/transport.conf.in index 4185acc29..c6b207ad7 100644 --- a/src/transport/transport.conf.in +++ b/src/transport/transport.conf.in | |||
@@ -9,7 +9,8 @@ BINARY = gnunet-service-transport | |||
9 | NEIGHBOUR_LIMIT = 50 | 9 | NEIGHBOUR_LIMIT = 50 |
10 | ACCEPT_FROM = 127.0.0.1; | 10 | ACCEPT_FROM = 127.0.0.1; |
11 | ACCEPT_FROM6 = ::1; | 11 | ACCEPT_FROM6 = ::1; |
12 | PLUGINS = tcp udp | 12 | # TCP is the only transport plugin known to work "reliably" |
13 | PLUGINS = tcp | ||
13 | UNIXPATH = $GNUNET_RUNTIME_DIR/gnunet-service-transport.sock | 14 | UNIXPATH = $GNUNET_RUNTIME_DIR/gnunet-service-transport.sock |
14 | BLACKLIST_FILE = $GNUNET_CONFIG_HOME/transport/blacklist | 15 | BLACKLIST_FILE = $GNUNET_CONFIG_HOME/transport/blacklist |
15 | UNIX_MATCH_UID = NO | 16 | UNIX_MATCH_UID = NO |
diff --git a/src/tun/.gitignore b/src/tun/.gitignore deleted file mode 100644 index b26685596..000000000 --- a/src/tun/.gitignore +++ /dev/null | |||
@@ -1,2 +0,0 @@ | |||
1 | test_regex | ||
2 | test_tun | ||
diff --git a/src/tun/Makefile.am b/src/tun/Makefile.am deleted file mode 100644 index c741f5654..000000000 --- a/src/tun/Makefile.am +++ /dev/null | |||
@@ -1,46 +0,0 @@ | |||
1 | # This Makefile.am is in the public domain | ||
2 | AM_CPPFLAGS = -I$(top_srcdir)/src/include | ||
3 | |||
4 | if MINGW | ||
5 | WINFLAGS = -Wl,--no-undefined -Wl,--export-all-symbols | ||
6 | endif | ||
7 | |||
8 | if USE_COVERAGE | ||
9 | AM_CFLAGS = --coverage -O0 | ||
10 | XLIB = -lgcov | ||
11 | endif | ||
12 | |||
13 | lib_LTLIBRARIES = libgnunettun.la | ||
14 | |||
15 | libgnunettun_la_SOURCES = \ | ||
16 | tun.c \ | ||
17 | regex.c | ||
18 | libgnunettun_la_LIBADD = \ | ||
19 | $(top_builddir)/src/util/libgnunetutil.la $(XLIB) \ | ||
20 | $(LTLIBINTL) | ||
21 | libgnunettun_la_LDFLAGS = \ | ||
22 | $(GN_LIB_LDFLAGS) \ | ||
23 | -version-info 1:0:1 | ||
24 | |||
25 | |||
26 | check_PROGRAMS = \ | ||
27 | test_tun \ | ||
28 | test_regex | ||
29 | |||
30 | if ENABLE_TEST_RUN | ||
31 | AM_TESTS_ENVIRONMENT=export GNUNET_PREFIX=$${GNUNET_PREFIX:-@libdir@};export PATH=$${GNUNET_PREFIX:-@prefix@}/bin:$$PATH;unset XDG_DATA_HOME;unset XDG_CONFIG_HOME; | ||
32 | TESTS = $(check_PROGRAMS) | ||
33 | endif | ||
34 | |||
35 | test_tun_SOURCES = \ | ||
36 | test_tun.c | ||
37 | test_tun_LDADD = \ | ||
38 | $(top_builddir)/src/util/libgnunetutil.la \ | ||
39 | libgnunettun.la | ||
40 | |||
41 | |||
42 | test_regex_SOURCES = \ | ||
43 | test_regex.c | ||
44 | test_regex_LDADD = \ | ||
45 | $(top_builddir)/src/util/libgnunetutil.la \ | ||
46 | libgnunettun.la | ||
diff --git a/src/util/.gitignore b/src/util/.gitignore index 23139a1ab..7b190ca76 100644 --- a/src/util/.gitignore +++ b/src/util/.gitignore | |||
@@ -69,3 +69,7 @@ perf_crypto_hash | |||
69 | perf_crypto_symmetric | 69 | perf_crypto_symmetric |
70 | perf_crypto_rsa | 70 | perf_crypto_rsa |
71 | perf_crypto_ecc_dlog | 71 | perf_crypto_ecc_dlog |
72 | test_hexcoder | ||
73 | test_regex | ||
74 | test_tun | ||
75 | gnunet-timeout | ||
diff --git a/src/util/Makefile.am b/src/util/Makefile.am index 4296199db..4ae073c2c 100644 --- a/src/util/Makefile.am +++ b/src/util/Makefile.am | |||
@@ -89,6 +89,8 @@ libgnunetutil_la_SOURCES = \ | |||
89 | crypto_rsa.c \ | 89 | crypto_rsa.c \ |
90 | disk.c \ | 90 | disk.c \ |
91 | disk.h \ | 91 | disk.h \ |
92 | dnsparser.c \ | ||
93 | dnsstub.c \ | ||
92 | getopt.c \ | 94 | getopt.c \ |
93 | getopt_helpers.c \ | 95 | getopt_helpers.c \ |
94 | helper.c \ | 96 | helper.c \ |
@@ -104,12 +106,14 @@ libgnunetutil_la_SOURCES = \ | |||
104 | peer.c \ | 106 | peer.c \ |
105 | plugin.c \ | 107 | plugin.c \ |
106 | program.c \ | 108 | program.c \ |
109 | regex.c \ | ||
107 | resolver_api.c resolver.h \ | 110 | resolver_api.c resolver.h \ |
108 | scheduler.c \ | 111 | scheduler.c \ |
109 | service.c \ | 112 | service.c \ |
110 | signal.c \ | 113 | signal.c \ |
111 | strings.c \ | 114 | strings.c \ |
112 | time.c \ | 115 | time.c \ |
116 | tun.c \ | ||
113 | speedup.c speedup.h | 117 | speedup.c speedup.h |
114 | 118 | ||
115 | libgnunetutil_la_LIBADD = \ | 119 | libgnunetutil_la_LIBADD = \ |
@@ -117,7 +121,7 @@ libgnunetutil_la_LIBADD = \ | |||
117 | $(LIBGCRYPT_LIBS) \ | 121 | $(LIBGCRYPT_LIBS) \ |
118 | $(LTLIBICONV) \ | 122 | $(LTLIBICONV) \ |
119 | $(LTLIBINTL) \ | 123 | $(LTLIBINTL) \ |
120 | -lltdl $(Z_LIBS) -lunistring $(XLIB) | 124 | -lltdl -lidn $(Z_LIBS) -lunistring $(XLIB) |
121 | 125 | ||
122 | libgnunetutil_la_LDFLAGS = \ | 126 | libgnunetutil_la_LDFLAGS = \ |
123 | $(GN_LIB_LDFLAGS) \ | 127 | $(GN_LIB_LDFLAGS) \ |
@@ -162,6 +166,7 @@ lib_LTLIBRARIES = libgnunetutil.la | |||
162 | 166 | ||
163 | libexec_PROGRAMS = \ | 167 | libexec_PROGRAMS = \ |
164 | gnunet-service-resolver \ | 168 | gnunet-service-resolver \ |
169 | gnunet-timeout \ | ||
165 | $(W32CONSOLEHELPER) | 170 | $(W32CONSOLEHELPER) |
166 | 171 | ||
167 | bin_SCRIPTS =\ | 172 | bin_SCRIPTS =\ |
@@ -188,6 +193,15 @@ endif | |||
188 | endif | 193 | endif |
189 | 194 | ||
190 | 195 | ||
196 | if !MINGW | ||
197 | gnunet_timeout_SOURCES = \ | ||
198 | gnunet-timeout.c | ||
199 | else | ||
200 | gnunet_timeout_SOURCES = \ | ||
201 | gnunet-timeout-w32.c | ||
202 | endif | ||
203 | |||
204 | |||
191 | do_subst = $(SED) -e 's,[@]PYTHON[@],$(PYTHON),g' | 205 | do_subst = $(SED) -e 's,[@]PYTHON[@],$(PYTHON),g' |
192 | 206 | ||
193 | gnunet-qr: gnunet-qr.py.in Makefile | 207 | gnunet-qr: gnunet-qr.py.in Makefile |
@@ -291,19 +305,22 @@ check_PROGRAMS = \ | |||
291 | test_crypto_rsa \ | 305 | test_crypto_rsa \ |
292 | test_disk \ | 306 | test_disk \ |
293 | test_getopt \ | 307 | test_getopt \ |
308 | test_hexcoder \ | ||
294 | test_mq \ | 309 | test_mq \ |
295 | test_os_network \ | 310 | test_os_network \ |
296 | test_peer \ | 311 | test_peer \ |
297 | test_plugin \ | 312 | test_plugin \ |
298 | test_program \ | 313 | test_program \ |
314 | test_regex \ | ||
299 | test_resolver_api.nc \ | 315 | test_resolver_api.nc \ |
300 | test_scheduler \ | 316 | test_scheduler \ |
301 | test_scheduler_delay \ | 317 | test_scheduler_delay \ |
302 | test_service \ | 318 | test_service \ |
303 | test_strings \ | 319 | test_strings \ |
304 | test_strings_to_data \ | 320 | test_strings_to_data \ |
305 | test_time \ | ||
306 | test_speedup \ | 321 | test_speedup \ |
322 | test_time \ | ||
323 | test_tun \ | ||
307 | $(BENCHMARKS) \ | 324 | $(BENCHMARKS) \ |
308 | test_os_start_process \ | 325 | test_os_start_process \ |
309 | test_common_logging_runtime_loglevels | 326 | test_common_logging_runtime_loglevels |
@@ -319,6 +336,20 @@ test_bio_SOURCES = \ | |||
319 | test_bio_LDADD = \ | 336 | test_bio_LDADD = \ |
320 | libgnunetutil.la | 337 | libgnunetutil.la |
321 | 338 | ||
339 | test_hexcoder_SOURCES = \ | ||
340 | test_hexcoder.c | ||
341 | test_hexcoder_LDADD = \ | ||
342 | libgnunetutil.la | ||
343 | |||
344 | test_tun_SOURCES = \ | ||
345 | test_tun.c | ||
346 | test_tun_LDADD = \ | ||
347 | libgnunetutil.la | ||
348 | |||
349 | test_regex_SOURCES = \ | ||
350 | test_regex.c | ||
351 | test_regex_LDADD = \ | ||
352 | libgnunetutil.la | ||
322 | 353 | ||
323 | test_os_start_process_SOURCES = \ | 354 | test_os_start_process_SOURCES = \ |
324 | test_os_start_process.c | 355 | test_os_start_process.c |
@@ -601,4 +632,4 @@ EXTRA_DIST = \ | |||
601 | test_resolver_api_data.conf \ | 632 | test_resolver_api_data.conf \ |
602 | test_service_data.conf \ | 633 | test_service_data.conf \ |
603 | test_speedup_data.conf \ | 634 | test_speedup_data.conf \ |
604 | gnunet-qr.py.in | 635 | gnunet-qr.py.in |
diff --git a/src/util/client.c b/src/util/client.c index 44e326eab..1f569255a 100644 --- a/src/util/client.c +++ b/src/util/client.c | |||
@@ -11,7 +11,7 @@ | |||
11 | WITHOUT ANY WARRANTY; without even the implied warranty of | 11 | WITHOUT ANY WARRANTY; without even the implied warranty of |
12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | 12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
13 | Affero General Public License for more details. | 13 | Affero General Public License for more details. |
14 | 14 | ||
15 | You should have received a copy of the GNU Affero General Public License | 15 | You should have received a copy of the GNU Affero General Public License |
16 | along with this program. If not, see <http://www.gnu.org/licenses/>. | 16 | along with this program. If not, see <http://www.gnu.org/licenses/>. |
17 | */ | 17 | */ |
@@ -721,6 +721,17 @@ test_service_configuration (const char *service_name, | |||
721 | &unixpath)) && | 721 | &unixpath)) && |
722 | (0 < strlen (unixpath))) | 722 | (0 < strlen (unixpath))) |
723 | ret = GNUNET_OK; | 723 | ret = GNUNET_OK; |
724 | else if ((GNUNET_OK == | ||
725 | GNUNET_CONFIGURATION_have_value (cfg, | ||
726 | service_name, | ||
727 | "UNIXPATH"))) | ||
728 | { | ||
729 | GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, | ||
730 | service_name, | ||
731 | "UNIXPATH", | ||
732 | _("not a valid filename")); | ||
733 | return GNUNET_SYSERR; /* UNIXPATH specified but invalid! */ | ||
734 | } | ||
724 | GNUNET_free_non_null (unixpath); | 735 | GNUNET_free_non_null (unixpath); |
725 | #endif | 736 | #endif |
726 | 737 | ||
diff --git a/src/dns/dnsparser.c b/src/util/dnsparser.c index 32ad7c0c2..6fb6d657f 100644 --- a/src/dns/dnsparser.c +++ b/src/util/dnsparser.c | |||
@@ -11,7 +11,7 @@ | |||
11 | WITHOUT ANY WARRANTY; without even the implied warranty of | 11 | WITHOUT ANY WARRANTY; without even the implied warranty of |
12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | 12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
13 | Affero General Public License for more details. | 13 | Affero General Public License for more details. |
14 | 14 | ||
15 | You should have received a copy of the GNU Affero General Public License | 15 | You should have received a copy of the GNU Affero General Public License |
16 | along with this program. If not, see <http://www.gnu.org/licenses/>. | 16 | along with this program. If not, see <http://www.gnu.org/licenses/>. |
17 | */ | 17 | */ |
@@ -28,8 +28,6 @@ | |||
28 | #include <idn-free.h> | 28 | #include <idn-free.h> |
29 | #endif | 29 | #endif |
30 | #include "gnunet_util_lib.h" | 30 | #include "gnunet_util_lib.h" |
31 | #include "gnunet_dnsparser_lib.h" | ||
32 | #include "gnunet_tun_lib.h" | ||
33 | 31 | ||
34 | 32 | ||
35 | /** | 33 | /** |
@@ -545,7 +543,9 @@ GNUNET_DNSPARSER_parse_cert (const char *udp_payload, | |||
545 | GNUNET_break_op (0); | 543 | GNUNET_break_op (0); |
546 | return NULL; | 544 | return NULL; |
547 | } | 545 | } |
548 | GNUNET_memcpy (&dcert, &udp_payload[*off], sizeof (struct GNUNET_TUN_DnsCertRecord)); | 546 | GNUNET_memcpy (&dcert, |
547 | &udp_payload[*off], | ||
548 | sizeof (struct GNUNET_TUN_DnsCertRecord)); | ||
549 | (*off) += sizeof (struct GNUNET_TUN_DnsCertRecord); | 549 | (*off) += sizeof (struct GNUNET_TUN_DnsCertRecord); |
550 | cert = GNUNET_new (struct GNUNET_DNSPARSER_CertRecord); | 550 | cert = GNUNET_new (struct GNUNET_DNSPARSER_CertRecord); |
551 | cert->cert_type = ntohs (dcert.cert_type); | 551 | cert->cert_type = ntohs (dcert.cert_type); |
@@ -554,8 +554,8 @@ GNUNET_DNSPARSER_parse_cert (const char *udp_payload, | |||
554 | cert->certificate_size = udp_payload_length - (*off); | 554 | cert->certificate_size = udp_payload_length - (*off); |
555 | cert->certificate_data = GNUNET_malloc (cert->certificate_size); | 555 | cert->certificate_data = GNUNET_malloc (cert->certificate_size); |
556 | GNUNET_memcpy (cert->certificate_data, | 556 | GNUNET_memcpy (cert->certificate_data, |
557 | &udp_payload[*off], | 557 | &udp_payload[*off], |
558 | cert->certificate_size); | 558 | cert->certificate_size); |
559 | (*off) += cert->certificate_size; | 559 | (*off) += cert->certificate_size; |
560 | return cert; | 560 | return cert; |
561 | } | 561 | } |
@@ -684,7 +684,6 @@ GNUNET_DNSPARSER_parse (const char *udp_payload, | |||
684 | const struct GNUNET_TUN_DnsHeader *dns; | 684 | const struct GNUNET_TUN_DnsHeader *dns; |
685 | size_t off; | 685 | size_t off; |
686 | unsigned int n; | 686 | unsigned int n; |
687 | unsigned int i; | ||
688 | 687 | ||
689 | if (udp_payload_length < sizeof (struct GNUNET_TUN_DnsHeader)) | 688 | if (udp_payload_length < sizeof (struct GNUNET_TUN_DnsHeader)) |
690 | return NULL; | 689 | return NULL; |
@@ -696,9 +695,10 @@ GNUNET_DNSPARSER_parse (const char *udp_payload, | |||
696 | n = ntohs (dns->query_count); | 695 | n = ntohs (dns->query_count); |
697 | if (n > 0) | 696 | if (n > 0) |
698 | { | 697 | { |
699 | p->queries = GNUNET_malloc (n * sizeof (struct GNUNET_DNSPARSER_Query)); | 698 | p->queries = GNUNET_new_array (n, |
699 | struct GNUNET_DNSPARSER_Query); | ||
700 | p->num_queries = n; | 700 | p->num_queries = n; |
701 | for (i=0;i<n;i++) | 701 | for (unsigned int i=0;i<n;i++) |
702 | if (GNUNET_OK != | 702 | if (GNUNET_OK != |
703 | GNUNET_DNSPARSER_parse_query (udp_payload, | 703 | GNUNET_DNSPARSER_parse_query (udp_payload, |
704 | udp_payload_length, | 704 | udp_payload_length, |
@@ -709,9 +709,10 @@ GNUNET_DNSPARSER_parse (const char *udp_payload, | |||
709 | n = ntohs (dns->answer_rcount); | 709 | n = ntohs (dns->answer_rcount); |
710 | if (n > 0) | 710 | if (n > 0) |
711 | { | 711 | { |
712 | p->answers = GNUNET_malloc (n * sizeof (struct GNUNET_DNSPARSER_Record)); | 712 | p->answers = GNUNET_new_array (n, |
713 | struct GNUNET_DNSPARSER_Record); | ||
713 | p->num_answers = n; | 714 | p->num_answers = n; |
714 | for (i=0;i<n;i++) | 715 | for (unsigned int i=0;i<n;i++) |
715 | if (GNUNET_OK != | 716 | if (GNUNET_OK != |
716 | GNUNET_DNSPARSER_parse_record (udp_payload, | 717 | GNUNET_DNSPARSER_parse_record (udp_payload, |
717 | udp_payload_length, | 718 | udp_payload_length, |
@@ -722,9 +723,10 @@ GNUNET_DNSPARSER_parse (const char *udp_payload, | |||
722 | n = ntohs (dns->authority_rcount); | 723 | n = ntohs (dns->authority_rcount); |
723 | if (n > 0) | 724 | if (n > 0) |
724 | { | 725 | { |
725 | p->authority_records = GNUNET_malloc (n * sizeof (struct GNUNET_DNSPARSER_Record)); | 726 | p->authority_records = GNUNET_new_array (n, |
727 | struct GNUNET_DNSPARSER_Record); | ||
726 | p->num_authority_records = n; | 728 | p->num_authority_records = n; |
727 | for (i=0;i<n;i++) | 729 | for (unsigned int i=0;i<n;i++) |
728 | if (GNUNET_OK != | 730 | if (GNUNET_OK != |
729 | GNUNET_DNSPARSER_parse_record (udp_payload, | 731 | GNUNET_DNSPARSER_parse_record (udp_payload, |
730 | udp_payload_length, | 732 | udp_payload_length, |
@@ -735,15 +737,18 @@ GNUNET_DNSPARSER_parse (const char *udp_payload, | |||
735 | n = ntohs (dns->additional_rcount); | 737 | n = ntohs (dns->additional_rcount); |
736 | if (n > 0) | 738 | if (n > 0) |
737 | { | 739 | { |
738 | p->additional_records = GNUNET_malloc (n * sizeof (struct GNUNET_DNSPARSER_Record)); | 740 | p->additional_records = GNUNET_new_array (n, |
741 | struct GNUNET_DNSPARSER_Record); | ||
739 | p->num_additional_records = n; | 742 | p->num_additional_records = n; |
740 | for (i=0;i<n;i++) | 743 | for (unsigned int i=0;i<n;i++) |
744 | { | ||
741 | if (GNUNET_OK != | 745 | if (GNUNET_OK != |
742 | GNUNET_DNSPARSER_parse_record (udp_payload, | 746 | GNUNET_DNSPARSER_parse_record (udp_payload, |
743 | udp_payload_length, | 747 | udp_payload_length, |
744 | &off, | 748 | &off, |
745 | &p->additional_records[i])) | 749 | &p->additional_records[i])) |
746 | goto error; | 750 | goto error; |
751 | } | ||
747 | } | 752 | } |
748 | return p; | 753 | return p; |
749 | error: | 754 | error: |
@@ -754,6 +759,122 @@ GNUNET_DNSPARSER_parse (const char *udp_payload, | |||
754 | 759 | ||
755 | 760 | ||
756 | /** | 761 | /** |
762 | * Duplicate (deep-copy) the given DNS record | ||
763 | * | ||
764 | * @param r the record | ||
765 | * @return the newly allocated record | ||
766 | */ | ||
767 | struct GNUNET_DNSPARSER_Record * | ||
768 | GNUNET_DNSPARSER_duplicate_record (const struct GNUNET_DNSPARSER_Record *r) | ||
769 | { | ||
770 | struct GNUNET_DNSPARSER_Record *dup = GNUNET_memdup (r, sizeof (*r)); | ||
771 | |||
772 | dup->name = GNUNET_strdup (r->name); | ||
773 | switch (r->type) | ||
774 | { | ||
775 | case GNUNET_DNSPARSER_TYPE_NS: | ||
776 | case GNUNET_DNSPARSER_TYPE_CNAME: | ||
777 | case GNUNET_DNSPARSER_TYPE_PTR: | ||
778 | { | ||
779 | dup->data.hostname = GNUNET_strdup (r->data.hostname); | ||
780 | break; | ||
781 | } | ||
782 | case GNUNET_DNSPARSER_TYPE_SOA: | ||
783 | { | ||
784 | dup->data.soa = GNUNET_DNSPARSER_duplicate_soa_record (r->data.soa); | ||
785 | break; | ||
786 | } | ||
787 | case GNUNET_DNSPARSER_TYPE_CERT: | ||
788 | { | ||
789 | dup->data.cert = GNUNET_DNSPARSER_duplicate_cert_record (r->data.cert); | ||
790 | break; | ||
791 | } | ||
792 | case GNUNET_DNSPARSER_TYPE_MX: | ||
793 | { | ||
794 | dup->data.mx = GNUNET_DNSPARSER_duplicate_mx_record (r->data.mx); | ||
795 | break; | ||
796 | } | ||
797 | case GNUNET_DNSPARSER_TYPE_SRV: | ||
798 | { | ||
799 | dup->data.srv = GNUNET_DNSPARSER_duplicate_srv_record (r->data.srv); | ||
800 | break; | ||
801 | } | ||
802 | default: | ||
803 | { | ||
804 | dup->data.raw.data = GNUNET_memdup (r->data.raw.data, | ||
805 | r->data.raw.data_len); | ||
806 | } | ||
807 | } | ||
808 | return dup; | ||
809 | } | ||
810 | |||
811 | |||
812 | /** | ||
813 | * Duplicate (deep-copy) the given DNS record | ||
814 | * | ||
815 | * @param r the record | ||
816 | * @return the newly allocated record | ||
817 | */ | ||
818 | struct GNUNET_DNSPARSER_SoaRecord * | ||
819 | GNUNET_DNSPARSER_duplicate_soa_record (const struct GNUNET_DNSPARSER_SoaRecord *r) | ||
820 | { | ||
821 | struct GNUNET_DNSPARSER_SoaRecord *dup = GNUNET_memdup (r, sizeof (*r)); | ||
822 | |||
823 | dup->mname = GNUNET_strdup (r->mname); | ||
824 | dup->rname = GNUNET_strdup (r->rname); | ||
825 | return dup; | ||
826 | } | ||
827 | |||
828 | |||
829 | /** | ||
830 | * Duplicate (deep-copy) the given DNS record | ||
831 | * | ||
832 | * @param r the record | ||
833 | * @return the newly allocated record | ||
834 | */ | ||
835 | struct GNUNET_DNSPARSER_CertRecord * | ||
836 | GNUNET_DNSPARSER_duplicate_cert_record (const struct GNUNET_DNSPARSER_CertRecord *r) | ||
837 | { | ||
838 | struct GNUNET_DNSPARSER_CertRecord *dup = GNUNET_memdup (r, sizeof (*r)); | ||
839 | |||
840 | dup->certificate_data = GNUNET_strdup (r->certificate_data); | ||
841 | return dup; | ||
842 | } | ||
843 | |||
844 | |||
845 | /** | ||
846 | * Duplicate (deep-copy) the given DNS record | ||
847 | * | ||
848 | * @param r the record | ||
849 | * @return the newly allocated record | ||
850 | */ | ||
851 | struct GNUNET_DNSPARSER_MxRecord * | ||
852 | GNUNET_DNSPARSER_duplicate_mx_record (const struct GNUNET_DNSPARSER_MxRecord *r) | ||
853 | { | ||
854 | struct GNUNET_DNSPARSER_MxRecord *dup = GNUNET_memdup (r, sizeof (*r)); | ||
855 | |||
856 | dup->mxhost = GNUNET_strdup (r->mxhost); | ||
857 | return dup; | ||
858 | } | ||
859 | |||
860 | |||
861 | /** | ||
862 | * Duplicate (deep-copy) the given DNS record | ||
863 | * | ||
864 | * @param r the record | ||
865 | * @return the newly allocated record | ||
866 | */ | ||
867 | struct GNUNET_DNSPARSER_SrvRecord * | ||
868 | GNUNET_DNSPARSER_duplicate_srv_record (const struct GNUNET_DNSPARSER_SrvRecord *r) | ||
869 | { | ||
870 | struct GNUNET_DNSPARSER_SrvRecord *dup = GNUNET_memdup (r, sizeof (*r)); | ||
871 | |||
872 | dup->target = GNUNET_strdup (r->target); | ||
873 | return dup; | ||
874 | } | ||
875 | |||
876 | |||
877 | /** | ||
757 | * Free memory taken by a packet. | 878 | * Free memory taken by a packet. |
758 | * | 879 | * |
759 | * @param p packet to free | 880 | * @param p packet to free |
@@ -761,18 +882,16 @@ GNUNET_DNSPARSER_parse (const char *udp_payload, | |||
761 | void | 882 | void |
762 | GNUNET_DNSPARSER_free_packet (struct GNUNET_DNSPARSER_Packet *p) | 883 | GNUNET_DNSPARSER_free_packet (struct GNUNET_DNSPARSER_Packet *p) |
763 | { | 884 | { |
764 | unsigned int i; | 885 | for (unsigned int i=0;i<p->num_queries;i++) |
765 | |||
766 | for (i=0;i<p->num_queries;i++) | ||
767 | GNUNET_free_non_null (p->queries[i].name); | 886 | GNUNET_free_non_null (p->queries[i].name); |
768 | GNUNET_free_non_null (p->queries); | 887 | GNUNET_free_non_null (p->queries); |
769 | for (i=0;i<p->num_answers;i++) | 888 | for (unsigned int i=0;i<p->num_answers;i++) |
770 | GNUNET_DNSPARSER_free_record (&p->answers[i]); | 889 | GNUNET_DNSPARSER_free_record (&p->answers[i]); |
771 | GNUNET_free_non_null (p->answers); | 890 | GNUNET_free_non_null (p->answers); |
772 | for (i=0;i<p->num_authority_records;i++) | 891 | for (unsigned int i=0;i<p->num_authority_records;i++) |
773 | GNUNET_DNSPARSER_free_record (&p->authority_records[i]); | 892 | GNUNET_DNSPARSER_free_record (&p->authority_records[i]); |
774 | GNUNET_free_non_null (p->authority_records); | 893 | GNUNET_free_non_null (p->authority_records); |
775 | for (i=0;i<p->num_additional_records;i++) | 894 | for (unsigned int i=0;i<p->num_additional_records;i++) |
776 | GNUNET_DNSPARSER_free_record (&p->additional_records[i]); | 895 | GNUNET_DNSPARSER_free_record (&p->additional_records[i]); |
777 | GNUNET_free_non_null (p->additional_records); | 896 | GNUNET_free_non_null (p->additional_records); |
778 | GNUNET_free (p); | 897 | GNUNET_free (p); |
@@ -837,8 +956,11 @@ GNUNET_DNSPARSER_builder_add_name (char *dst, | |||
837 | len = dot - idna_name; | 956 | len = dot - idna_name; |
838 | if ( (len >= 64) || (0 == len) ) | 957 | if ( (len >= 64) || (0 == len) ) |
839 | { | 958 | { |
840 | GNUNET_break (0); | 959 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, |
841 | goto fail; /* segment too long or empty */ | 960 | "Invalid DNS name `%s': label with %u characters encountered\n", |
961 | name, | ||
962 | len); | ||
963 | goto fail; /* label too long or empty */ | ||
842 | } | 964 | } |
843 | dst[pos++] = (char) (uint8_t) len; | 965 | dst[pos++] = (char) (uint8_t) len; |
844 | GNUNET_memcpy (&dst[pos], | 966 | GNUNET_memcpy (&dst[pos], |
@@ -953,7 +1075,6 @@ GNUNET_DNSPARSER_builder_add_cert (char *dst, | |||
953 | struct GNUNET_TUN_DnsCertRecord dcert; | 1075 | struct GNUNET_TUN_DnsCertRecord dcert; |
954 | 1076 | ||
955 | if ( (cert->cert_type > UINT16_MAX) || | 1077 | if ( (cert->cert_type > UINT16_MAX) || |
956 | (cert->cert_tag > UINT16_MAX) || | ||
957 | (cert->algorithm > UINT8_MAX) ) | 1078 | (cert->algorithm > UINT8_MAX) ) |
958 | { | 1079 | { |
959 | GNUNET_break (0); | 1080 | GNUNET_break (0); |
@@ -1041,12 +1162,14 @@ GNUNET_DNSPARSER_builder_add_srv (char *dst, | |||
1041 | sd.prio = htons (srv->priority); | 1162 | sd.prio = htons (srv->priority); |
1042 | sd.weight = htons (srv->weight); | 1163 | sd.weight = htons (srv->weight); |
1043 | sd.port = htons (srv->port); | 1164 | sd.port = htons (srv->port); |
1044 | GNUNET_memcpy (&dst[*off], &sd, sizeof (sd)); | 1165 | GNUNET_memcpy (&dst[*off], |
1166 | &sd, | ||
1167 | sizeof (sd)); | ||
1045 | (*off) += sizeof (sd); | 1168 | (*off) += sizeof (sd); |
1046 | if (GNUNET_OK != (ret = GNUNET_DNSPARSER_builder_add_name (dst, | 1169 | if (GNUNET_OK != (ret = GNUNET_DNSPARSER_builder_add_name (dst, |
1047 | dst_len, | 1170 | dst_len, |
1048 | off, | 1171 | off, |
1049 | srv->target))) | 1172 | srv->target))) |
1050 | return ret; | 1173 | return ret; |
1051 | return GNUNET_OK; | 1174 | return GNUNET_OK; |
1052 | } | 1175 | } |
@@ -1148,7 +1271,9 @@ add_record (char *dst, | |||
1148 | rl.dns_traffic_class = htons (record->dns_traffic_class); | 1271 | rl.dns_traffic_class = htons (record->dns_traffic_class); |
1149 | rl.ttl = htonl (GNUNET_TIME_absolute_get_remaining (record->expiration_time).rel_value_us / 1000LL / 1000LL); /* in seconds */ | 1272 | rl.ttl = htonl (GNUNET_TIME_absolute_get_remaining (record->expiration_time).rel_value_us / 1000LL / 1000LL); /* in seconds */ |
1150 | rl.data_len = htons ((uint16_t) (pos - (*off + sizeof (struct GNUNET_TUN_DnsRecordLine)))); | 1273 | rl.data_len = htons ((uint16_t) (pos - (*off + sizeof (struct GNUNET_TUN_DnsRecordLine)))); |
1151 | GNUNET_memcpy (&dst[*off], &rl, sizeof (struct GNUNET_TUN_DnsRecordLine)); | 1274 | GNUNET_memcpy (&dst[*off], |
1275 | &rl, | ||
1276 | sizeof (struct GNUNET_TUN_DnsRecordLine)); | ||
1152 | *off = pos; | 1277 | *off = pos; |
1153 | return GNUNET_OK; | 1278 | return GNUNET_OK; |
1154 | } | 1279 | } |
@@ -1177,7 +1302,6 @@ GNUNET_DNSPARSER_pack (const struct GNUNET_DNSPARSER_Packet *p, | |||
1177 | struct GNUNET_TUN_DnsHeader dns; | 1302 | struct GNUNET_TUN_DnsHeader dns; |
1178 | size_t off; | 1303 | size_t off; |
1179 | char tmp[max]; | 1304 | char tmp[max]; |
1180 | unsigned int i; | ||
1181 | int ret; | 1305 | int ret; |
1182 | int trc; | 1306 | int trc; |
1183 | 1307 | ||
@@ -1195,7 +1319,7 @@ GNUNET_DNSPARSER_pack (const struct GNUNET_DNSPARSER_Packet *p, | |||
1195 | 1319 | ||
1196 | off = sizeof (struct GNUNET_TUN_DnsHeader); | 1320 | off = sizeof (struct GNUNET_TUN_DnsHeader); |
1197 | trc = GNUNET_NO; | 1321 | trc = GNUNET_NO; |
1198 | for (i=0;i<p->num_queries;i++) | 1322 | for (unsigned int i=0;i<p->num_queries;i++) |
1199 | { | 1323 | { |
1200 | ret = GNUNET_DNSPARSER_builder_add_query (tmp, | 1324 | ret = GNUNET_DNSPARSER_builder_add_query (tmp, |
1201 | sizeof (tmp), | 1325 | sizeof (tmp), |
@@ -1210,7 +1334,7 @@ GNUNET_DNSPARSER_pack (const struct GNUNET_DNSPARSER_Packet *p, | |||
1210 | break; | 1334 | break; |
1211 | } | 1335 | } |
1212 | } | 1336 | } |
1213 | for (i=0;i<p->num_answers;i++) | 1337 | for (unsigned int i=0;i<p->num_answers;i++) |
1214 | { | 1338 | { |
1215 | ret = add_record (tmp, | 1339 | ret = add_record (tmp, |
1216 | sizeof (tmp), | 1340 | sizeof (tmp), |
@@ -1225,7 +1349,7 @@ GNUNET_DNSPARSER_pack (const struct GNUNET_DNSPARSER_Packet *p, | |||
1225 | break; | 1349 | break; |
1226 | } | 1350 | } |
1227 | } | 1351 | } |
1228 | for (i=0;i<p->num_authority_records;i++) | 1352 | for (unsigned int i=0;i<p->num_authority_records;i++) |
1229 | { | 1353 | { |
1230 | ret = add_record (tmp, | 1354 | ret = add_record (tmp, |
1231 | sizeof (tmp), | 1355 | sizeof (tmp), |
@@ -1240,7 +1364,7 @@ GNUNET_DNSPARSER_pack (const struct GNUNET_DNSPARSER_Packet *p, | |||
1240 | break; | 1364 | break; |
1241 | } | 1365 | } |
1242 | } | 1366 | } |
1243 | for (i=0;i<p->num_additional_records;i++) | 1367 | for (unsigned int i=0;i<p->num_additional_records;i++) |
1244 | { | 1368 | { |
1245 | ret = add_record (tmp, | 1369 | ret = add_record (tmp, |
1246 | sizeof (tmp), | 1370 | sizeof (tmp), |
diff --git a/src/dns/dnsstub.c b/src/util/dnsstub.c index 969ff7beb..5b84e6e63 100644 --- a/src/dns/dnsstub.c +++ b/src/util/dnsstub.c | |||
@@ -22,8 +22,6 @@ | |||
22 | */ | 22 | */ |
23 | #include "platform.h" | 23 | #include "platform.h" |
24 | #include "gnunet_util_lib.h" | 24 | #include "gnunet_util_lib.h" |
25 | #include "gnunet_tun_lib.h" | ||
26 | #include "gnunet_dnsstub_lib.h" | ||
27 | 25 | ||
28 | /** | 26 | /** |
29 | * Timeout for retrying DNS queries. | 27 | * Timeout for retrying DNS queries. |
@@ -356,7 +354,7 @@ do_dns_read (struct GNUNET_DNSSTUB_RequestSocket *rs, | |||
356 | "Received DNS response from server we never asked (ignored)"); | 354 | "Received DNS response from server we never asked (ignored)"); |
357 | return GNUNET_NO; | 355 | return GNUNET_NO; |
358 | } | 356 | } |
359 | if (sizeof (struct GNUNET_TUN_DnsHeader) > r) | 357 | if (sizeof (struct GNUNET_TUN_DnsHeader) > (size_t) r) |
360 | { | 358 | { |
361 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | 359 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, |
362 | _("Received DNS response that is too small (%u bytes)"), | 360 | _("Received DNS response that is too small (%u bytes)"), |
diff --git a/src/util/gnunet-config.c b/src/util/gnunet-config.c index 16b826ee2..4528bbe24 100644 --- a/src/util/gnunet-config.c +++ b/src/util/gnunet-config.c | |||
@@ -75,27 +75,36 @@ print_option (void *cls, | |||
75 | const char *option, | 75 | const char *option, |
76 | const char *value) | 76 | const char *value) |
77 | { | 77 | { |
78 | (void) section; | ||
79 | const struct GNUNET_CONFIGURATION_Handle *cfg = cls; | 78 | const struct GNUNET_CONFIGURATION_Handle *cfg = cls; |
80 | char *value_fn; | 79 | |
80 | (void) section; | ||
81 | if (is_filename) | 81 | if (is_filename) |
82 | { | 82 | { |
83 | char *value_fn; | ||
84 | char *fn; | ||
85 | |||
83 | GNUNET_assert (GNUNET_OK == | 86 | GNUNET_assert (GNUNET_OK == |
84 | GNUNET_CONFIGURATION_get_value_filename (cfg, | 87 | GNUNET_CONFIGURATION_get_value_filename (cfg, |
85 | section, | 88 | section, |
86 | option, | 89 | option, |
87 | &value_fn)); | 90 | &value_fn)); |
91 | fn = GNUNET_STRINGS_filename_expand (value_fn); | ||
92 | if (NULL == fn) | ||
93 | fn = value_fn; | ||
94 | else | ||
95 | GNUNET_free (value_fn); | ||
88 | fprintf (stdout, | 96 | fprintf (stdout, |
89 | "%s = %s\n", | 97 | "%s = %s\n", |
90 | option, | 98 | option, |
91 | GNUNET_STRINGS_filename_expand (value_fn)); | 99 | fn); |
100 | GNUNET_free (fn); | ||
92 | } | 101 | } |
93 | else | 102 | else |
94 | { | 103 | { |
95 | fprintf (stdout, | 104 | fprintf (stdout, |
96 | "%s = %s\n", | 105 | "%s = %s\n", |
97 | option, | 106 | option, |
98 | value); | 107 | value); |
99 | } | 108 | } |
100 | } | 109 | } |
101 | 110 | ||
diff --git a/src/util/gnunet-service-resolver.c b/src/util/gnunet-service-resolver.c index d90d8ec10..5b890261b 100644 --- a/src/util/gnunet-service-resolver.c +++ b/src/util/gnunet-service-resolver.c | |||
@@ -27,721 +27,559 @@ | |||
27 | #include "gnunet_statistics_service.h" | 27 | #include "gnunet_statistics_service.h" |
28 | #include "resolver.h" | 28 | #include "resolver.h" |
29 | 29 | ||
30 | |||
31 | struct Record | ||
32 | { | ||
33 | struct Record *next; | ||
34 | |||
35 | struct Record *prev; | ||
36 | |||
37 | struct GNUNET_DNSPARSER_Record *record; | ||
38 | }; | ||
39 | |||
30 | /** | 40 | /** |
31 | * A cached DNS lookup result (for reverse lookup). | 41 | * A cached DNS lookup result. |
32 | */ | 42 | */ |
33 | struct IPCache | 43 | struct ResolveCache |
34 | { | 44 | { |
35 | /** | 45 | /** |
36 | * This is a doubly linked list. | 46 | * This is a doubly linked list. |
37 | */ | 47 | */ |
38 | struct IPCache *next; | 48 | struct ResolveCache *next; |
39 | 49 | ||
40 | /** | 50 | /** |
41 | * This is a doubly linked list. | 51 | * This is a doubly linked list. |
42 | */ | 52 | */ |
43 | struct IPCache *prev; | 53 | struct ResolveCache *prev; |
44 | 54 | ||
45 | /** | 55 | /** |
46 | * Hostname in human-readable form. | 56 | * type of queried DNS record |
47 | */ | 57 | */ |
48 | char *addr; | 58 | uint16_t record_type; |
49 | 59 | ||
50 | /** | 60 | /** |
51 | * Binary IP address, allocated at the end of this struct. | 61 | * a pointer to the request_id if a query for this hostname/record_type |
62 | * is currently pending, NULL otherwise. | ||
52 | */ | 63 | */ |
53 | const void *ip; | 64 | int16_t *request_id; |
54 | 65 | ||
55 | /** | 66 | /** |
56 | * Last time this entry was updated. | 67 | * The client that queried the records contained in this cache entry. |
57 | */ | 68 | */ |
58 | struct GNUNET_TIME_Absolute last_refresh; | 69 | struct GNUNET_SERVICE_Client *client; |
59 | 70 | ||
60 | /** | 71 | /** |
61 | * Last time this entry was requested. | 72 | * head of a double linked list containing the lookup results |
62 | */ | 73 | */ |
63 | struct GNUNET_TIME_Absolute last_request; | 74 | struct Record *records_head; |
64 | 75 | ||
65 | /** | 76 | /** |
66 | * Number of bytes in ip. | 77 | * tail of a double linked list containing the lookup results |
67 | */ | 78 | */ |
68 | size_t ip_len; | 79 | struct Record *records_tail; |
69 | 80 | ||
70 | /** | 81 | /** |
71 | * Address family of the IP. | 82 | * handle for cancelling a request |
72 | */ | 83 | */ |
73 | int af; | 84 | struct GNUNET_DNSSTUB_RequestSocket *resolve_handle; |
85 | |||
86 | /** | ||
87 | * handle for the resolution timeout task | ||
88 | */ | ||
89 | struct GNUNET_SCHEDULER_Task *timeout_task; | ||
90 | |||
74 | }; | 91 | }; |
75 | 92 | ||
76 | 93 | ||
77 | /** | 94 | /** |
78 | * Start of the linked list of cached DNS lookup results. | 95 | * Start of the linked list of cached DNS lookup results. |
79 | */ | 96 | */ |
80 | static struct IPCache *cache_head; | 97 | static struct ResolveCache *cache_head; |
81 | 98 | ||
82 | /** | 99 | /** |
83 | * Tail of the linked list of cached DNS lookup results. | 100 | * Tail of the linked list of cached DNS lookup results. |
84 | */ | 101 | */ |
85 | static struct IPCache *cache_tail; | 102 | static struct ResolveCache *cache_tail; |
86 | 103 | ||
87 | /** | 104 | /** |
88 | * Pipe for asynchronously notifying about resolve result | 105 | * context of dnsstub library |
89 | */ | 106 | */ |
90 | static struct GNUNET_DISK_PipeHandle *resolve_result_pipe; | 107 | static struct GNUNET_DNSSTUB_Context *dnsstub_ctx; |
91 | 108 | ||
92 | /** | ||
93 | * Task for reading from resolve_result_pipe | ||
94 | */ | ||
95 | static struct GNUNET_SCHEDULER_Task *resolve_result_pipe_task; | ||
96 | 109 | ||
97 | 110 | void free_cache_entry (struct ResolveCache *entry) | |
98 | #if HAVE_GETNAMEINFO | ||
99 | /** | ||
100 | * Resolve the given request using getnameinfo | ||
101 | * | ||
102 | * @param cache the request to resolve (and where to store the result) | ||
103 | */ | ||
104 | static void | ||
105 | getnameinfo_resolve (struct IPCache *cache) | ||
106 | { | 111 | { |
107 | char hostname[256]; | 112 | struct Record *pos; |
108 | const struct sockaddr *sa; | 113 | struct Record *next; |
109 | struct sockaddr_in v4; | 114 | |
110 | struct sockaddr_in6 v6; | 115 | next = entry->records_head; |
111 | size_t salen; | 116 | while (NULL != (pos = next)) |
112 | int ret; | ||
113 | |||
114 | switch (cache->af) | ||
115 | { | 117 | { |
116 | case AF_INET: | 118 | next = pos->next; |
117 | GNUNET_assert (cache->ip_len == sizeof (struct in_addr)); | 119 | GNUNET_CONTAINER_DLL_remove (entry->records_head, |
118 | sa = (const struct sockaddr*) &v4; | 120 | entry->records_tail, |
119 | memset (&v4, 0, sizeof (v4)); | 121 | pos); |
120 | v4.sin_addr = * (const struct in_addr*) cache->ip; | 122 | if (NULL != pos->record) |
121 | v4.sin_family = AF_INET; | 123 | { |
122 | #if HAVE_SOCKADDR_IN_SIN_LEN | 124 | GNUNET_DNSPARSER_free_record (pos->record); |
123 | v4.sin_len = sizeof (v4); | 125 | GNUNET_free (pos->record); |
124 | #endif | 126 | } |
125 | salen = sizeof (v4); | 127 | GNUNET_free (pos); |
126 | break; | ||
127 | case AF_INET6: | ||
128 | GNUNET_assert (cache->ip_len == sizeof (struct in6_addr)); | ||
129 | sa = (const struct sockaddr*) &v6; | ||
130 | memset (&v6, 0, sizeof (v6)); | ||
131 | v6.sin6_addr = * (const struct in6_addr*) cache->ip; | ||
132 | v6.sin6_family = AF_INET6; | ||
133 | #if HAVE_SOCKADDR_IN_SIN_LEN | ||
134 | v6.sin6_len = sizeof (v6); | ||
135 | #endif | ||
136 | salen = sizeof (v6); | ||
137 | break; | ||
138 | default: | ||
139 | GNUNET_assert (0); | ||
140 | } | 128 | } |
141 | 129 | if (NULL != entry->resolve_handle) | |
142 | if (0 == | ||
143 | (ret = getnameinfo (sa, salen, | ||
144 | hostname, sizeof (hostname), | ||
145 | NULL, | ||
146 | 0, 0))) | ||
147 | { | 130 | { |
148 | cache->addr = GNUNET_strdup (hostname); | 131 | GNUNET_DNSSTUB_resolve_cancel (entry->resolve_handle); |
132 | entry->resolve_handle = NULL; | ||
149 | } | 133 | } |
150 | else | 134 | if (NULL != entry->timeout_task) |
151 | { | 135 | { |
152 | GNUNET_log (GNUNET_ERROR_TYPE_INFO, | 136 | GNUNET_SCHEDULER_cancel (entry->timeout_task); |
153 | "getnameinfo failed: %s\n", | 137 | entry->timeout_task = NULL; |
154 | gai_strerror (ret)); | ||
155 | } | 138 | } |
139 | GNUNET_free_non_null (entry->request_id); | ||
140 | GNUNET_free (entry); | ||
156 | } | 141 | } |
157 | #endif | ||
158 | 142 | ||
159 | 143 | ||
160 | #if HAVE_GETHOSTBYADDR | 144 | static char* |
145 | extract_dns_server (const char* line, size_t line_len) | ||
146 | { | ||
147 | if (0 == strncmp (line, "nameserver ", 11)) | ||
148 | return GNUNET_strndup (line + 11, line_len - 11); | ||
149 | return NULL; | ||
150 | } | ||
151 | |||
152 | |||
161 | /** | 153 | /** |
162 | * Resolve the given request using gethostbyaddr | 154 | * reads the list of nameservers from /etc/resolve.conf |
163 | * | 155 | * |
164 | * @param cache the request to resolve (and where to store the result) | 156 | * @param server_addrs[out] a list of null-terminated server address strings |
157 | * @return the number of server addresses in @server_addrs, -1 on error | ||
165 | */ | 158 | */ |
166 | static void | 159 | static ssize_t |
167 | gethostbyaddr_resolve (struct IPCache *cache) | 160 | lookup_dns_servers (char ***server_addrs) |
168 | { | 161 | { |
169 | struct hostent *ent; | 162 | struct GNUNET_DISK_FileHandle *fh; |
170 | 163 | char buf[2048]; | |
171 | ent = gethostbyaddr (cache->ip, | 164 | ssize_t bytes_read; |
172 | cache->ip_len, | 165 | size_t read_offset = 0; |
173 | cache->af); | 166 | unsigned int num_dns_servers = 0; |
174 | if (NULL != ent) | 167 | |
168 | fh = GNUNET_DISK_file_open ("/etc/resolv.conf", | ||
169 | GNUNET_DISK_OPEN_READ, | ||
170 | GNUNET_DISK_PERM_NONE); | ||
171 | if (NULL == fh) | ||
175 | { | 172 | { |
176 | cache->addr = GNUNET_strdup (ent->h_name); | 173 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, |
174 | "Could not open /etc/resolv.conf. " | ||
175 | "DNS resolution will not be possible.\n"); | ||
176 | return -1; | ||
177 | } | 177 | } |
178 | else | 178 | bytes_read = GNUNET_DISK_file_read (fh, |
179 | buf, | ||
180 | sizeof (buf)); | ||
181 | *server_addrs = NULL; | ||
182 | while (read_offset < bytes_read) | ||
179 | { | 183 | { |
180 | GNUNET_log (GNUNET_ERROR_TYPE_INFO, | 184 | char *newline; |
181 | "gethostbyaddr failed: %s\n", | 185 | size_t line_len; |
182 | hstrerror (h_errno)); | 186 | char *dns_server; |
187 | |||
188 | newline = strchr (buf + read_offset, '\n'); | ||
189 | if (NULL == newline) | ||
190 | { | ||
191 | break; | ||
192 | } | ||
193 | line_len = newline - buf - read_offset; | ||
194 | dns_server = extract_dns_server (buf + read_offset, line_len); | ||
195 | if (NULL != dns_server) | ||
196 | { | ||
197 | GNUNET_array_append (*server_addrs, | ||
198 | num_dns_servers, | ||
199 | dns_server); | ||
200 | } | ||
201 | read_offset += line_len + 1; | ||
183 | } | 202 | } |
203 | GNUNET_DISK_file_close (fh); | ||
204 | return num_dns_servers; | ||
184 | } | 205 | } |
185 | #endif | ||
186 | 206 | ||
187 | 207 | ||
188 | /** | 208 | static char * |
189 | * Resolve the given request using the available methods. | 209 | make_reverse_hostname (const void *ip, int af) |
190 | * | ||
191 | * @param cache the request to resolve (and where to store the result) | ||
192 | */ | ||
193 | static void | ||
194 | cache_resolve (struct IPCache *cache) | ||
195 | { | 210 | { |
196 | #if HAVE_GETNAMEINFO | 211 | char *buf = GNUNET_new_array (80, char); |
197 | if (NULL == cache->addr) | 212 | int pos = 0; |
198 | getnameinfo_resolve (cache); | 213 | if (AF_INET == af) |
199 | #endif | 214 | { |
200 | #if HAVE_GETHOSTBYADDR | 215 | struct in_addr *addr = (struct in_addr *)ip; |
201 | if (NULL == cache->addr) | 216 | uint32_t ip_int = addr->s_addr; |
202 | gethostbyaddr_resolve (cache); | 217 | for (int i = 3; i >= 0; i--) |
203 | #endif | 218 | { |
219 | int n = GNUNET_snprintf (buf + pos, | ||
220 | 80 - pos, | ||
221 | "%u.", | ||
222 | ((uint8_t *)&ip_int)[i]); | ||
223 | if (n < 0) | ||
224 | { | ||
225 | GNUNET_free (buf); | ||
226 | return NULL; | ||
227 | } | ||
228 | pos += n; | ||
229 | } | ||
230 | pos += GNUNET_snprintf (buf + pos, 80 - pos, "in-addr.arpa"); | ||
231 | } | ||
232 | else if (AF_INET6 == af) | ||
233 | { | ||
234 | struct in6_addr *addr = (struct in6_addr *)ip; | ||
235 | for (int i = 15; i >= 0; i--) | ||
236 | { | ||
237 | int n = GNUNET_snprintf (buf + pos, 80 - pos, "%x.", addr->s6_addr[i] & 0xf); | ||
238 | if (n < 0) | ||
239 | { | ||
240 | GNUNET_free (buf); | ||
241 | return NULL; | ||
242 | } | ||
243 | pos += n; | ||
244 | n = GNUNET_snprintf (buf + pos, 80 - pos, "%x.", addr->s6_addr[i] >> 4); | ||
245 | if (n < 0) | ||
246 | { | ||
247 | GNUNET_free (buf); | ||
248 | return NULL; | ||
249 | } | ||
250 | pos += n; | ||
251 | } | ||
252 | pos += GNUNET_snprintf (buf + pos, 80 - pos, "ip6.arpa"); | ||
253 | } | ||
254 | buf[pos] = '\0'; | ||
255 | return buf; | ||
204 | } | 256 | } |
205 | 257 | ||
206 | 258 | ||
207 | /** | ||
208 | * Function called after the replies for the request have all | ||
209 | * been transmitted to the client, and we can now read the next | ||
210 | * request from the client. | ||
211 | * | ||
212 | * @param cls the `struct GNUNET_SERVICE_Client` to continue with | ||
213 | */ | ||
214 | static void | 259 | static void |
215 | notify_service_client_done (void *cls) | 260 | send_reply (struct GNUNET_DNSPARSER_Record *record, |
261 | uint16_t request_id, | ||
262 | struct GNUNET_SERVICE_Client *client) | ||
216 | { | 263 | { |
217 | struct GNUNET_SERVICE_Client *client = cls; | ||
218 | |||
219 | GNUNET_SERVICE_client_continue (client); | ||
220 | } | ||
221 | |||
222 | |||
223 | /** | ||
224 | * Get an IP address as a string (works for both IPv4 and IPv6). Note | ||
225 | * that the resolution happens asynchronously and that the first call | ||
226 | * may not immediately result in the FQN (but instead in a | ||
227 | * human-readable IP address). | ||
228 | * | ||
229 | * @param client handle to the client making the request (for sending the reply) | ||
230 | * @param af AF_INET or AF_INET6 | ||
231 | * @param ip `struct in_addr` or `struct in6_addr` | ||
232 | */ | ||
233 | static void | ||
234 | get_ip_as_string (struct GNUNET_SERVICE_Client *client, | ||
235 | int af, | ||
236 | const void *ip, | ||
237 | uint32_t request_id) | ||
238 | { | ||
239 | struct IPCache *pos; | ||
240 | struct IPCache *next; | ||
241 | struct GNUNET_TIME_Absolute now; | ||
242 | struct GNUNET_MQ_Envelope *env; | ||
243 | struct GNUNET_MQ_Handle *mq; | ||
244 | struct GNUNET_RESOLVER_ResponseMessage *msg; | 264 | struct GNUNET_RESOLVER_ResponseMessage *msg; |
245 | size_t ip_len; | 265 | struct GNUNET_MQ_Envelope *env; |
246 | struct in6_addr ix; | 266 | void *payload; |
247 | size_t alen; | 267 | size_t payload_len; |
248 | 268 | ||
249 | switch (af) | 269 | switch (record->type) |
250 | { | ||
251 | case AF_INET: | ||
252 | ip_len = sizeof (struct in_addr); | ||
253 | break; | ||
254 | case AF_INET6: | ||
255 | ip_len = sizeof (struct in6_addr); | ||
256 | break; | ||
257 | default: | ||
258 | GNUNET_assert (0); | ||
259 | } | ||
260 | now = GNUNET_TIME_absolute_get (); | ||
261 | next = cache_head; | ||
262 | while ( (NULL != (pos = next)) && | ||
263 | ( (pos->af != af) || | ||
264 | (pos->ip_len != ip_len) || | ||
265 | (0 != memcmp (pos->ip, ip, ip_len))) ) | ||
266 | { | 270 | { |
267 | next = pos->next; | 271 | case GNUNET_DNSPARSER_TYPE_PTR: |
268 | if (GNUNET_TIME_absolute_get_duration (pos->last_request).rel_value_us < | ||
269 | 60 * 60 * 1000 * 1000LL) | ||
270 | { | 272 | { |
271 | GNUNET_CONTAINER_DLL_remove (cache_head, | 273 | char *hostname = record->data.hostname; |
272 | cache_tail, | 274 | payload = hostname; |
273 | pos); | 275 | payload_len = strlen (hostname) + 1; |
274 | GNUNET_free_non_null (pos->addr); | 276 | break; |
275 | GNUNET_free (pos); | ||
276 | continue; | ||
277 | } | 277 | } |
278 | } | 278 | case GNUNET_DNSPARSER_TYPE_A: |
279 | if (NULL != pos) | 279 | case GNUNET_DNSPARSER_TYPE_AAAA: |
280 | { | ||
281 | if ( (1 == inet_pton (af, | ||
282 | pos->ip, | ||
283 | &ix)) && | ||
284 | (GNUNET_TIME_absolute_get_duration (pos->last_request).rel_value_us > | ||
285 | 120 * 1000 * 1000LL) ) | ||
286 | { | 280 | { |
287 | /* try again if still numeric AND 2 minutes have expired */ | 281 | payload = record->data.raw.data; |
288 | GNUNET_free_non_null (pos->addr); | 282 | payload_len = record->data.raw.data_len; |
289 | pos->addr = NULL; | 283 | break; |
290 | cache_resolve (pos); | 284 | } |
291 | pos->last_request = now; | 285 | default: |
286 | { | ||
287 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
288 | "Cannot handle DNS response type: unimplemented\n"); | ||
289 | return; | ||
292 | } | 290 | } |
293 | } | 291 | } |
294 | else | ||
295 | { | ||
296 | pos = GNUNET_malloc (sizeof (struct IPCache) + ip_len); | ||
297 | pos->ip = &pos[1]; | ||
298 | GNUNET_memcpy (&pos[1], | ||
299 | ip, | ||
300 | ip_len); | ||
301 | pos->last_request = now; | ||
302 | pos->last_refresh = now; | ||
303 | pos->ip_len = ip_len; | ||
304 | pos->af = af; | ||
305 | GNUNET_CONTAINER_DLL_insert (cache_head, | ||
306 | cache_tail, | ||
307 | pos); | ||
308 | cache_resolve (pos); | ||
309 | } | ||
310 | if (NULL != pos->addr) | ||
311 | alen = strlen (pos->addr) + 1; | ||
312 | else | ||
313 | alen = 0; | ||
314 | mq = GNUNET_SERVICE_client_get_mq (client); | ||
315 | env = GNUNET_MQ_msg_extra (msg, | 292 | env = GNUNET_MQ_msg_extra (msg, |
316 | alen, | 293 | payload_len, |
317 | GNUNET_MESSAGE_TYPE_RESOLVER_RESPONSE); | 294 | GNUNET_MESSAGE_TYPE_RESOLVER_RESPONSE); |
318 | msg->id = request_id; | 295 | msg->id = request_id; |
319 | GNUNET_memcpy (&msg[1], | 296 | GNUNET_memcpy (&msg[1], |
320 | pos->addr, | 297 | payload, |
321 | alen); | 298 | payload_len); |
322 | GNUNET_MQ_send (mq, | 299 | GNUNET_MQ_send (GNUNET_SERVICE_client_get_mq (client), |
323 | env); | 300 | env); |
324 | // send end message | ||
325 | env = GNUNET_MQ_msg (msg, | ||
326 | GNUNET_MESSAGE_TYPE_RESOLVER_RESPONSE); | ||
327 | msg->id = request_id; | ||
328 | GNUNET_MQ_notify_sent (env, | ||
329 | ¬ify_service_client_done, | ||
330 | client); | ||
331 | GNUNET_MQ_send (mq, | ||
332 | env); | ||
333 | } | 301 | } |
334 | 302 | ||
335 | 303 | ||
336 | #if HAVE_GETADDRINFO_A | ||
337 | struct AsyncCls | ||
338 | { | ||
339 | struct gaicb *host; | ||
340 | struct sigevent *sig; | ||
341 | struct GNUNET_MQ_Handle *mq; | ||
342 | uint32_t request_id; | ||
343 | }; | ||
344 | |||
345 | |||
346 | static void | 304 | static void |
347 | resolve_result_pipe_cb (void *cls) | 305 | send_end_msg (uint16_t request_id, |
306 | struct GNUNET_SERVICE_Client *client) | ||
348 | { | 307 | { |
349 | struct AsyncCls *async_cls; | ||
350 | struct gaicb *host; | ||
351 | struct GNUNET_RESOLVER_ResponseMessage *msg; | 308 | struct GNUNET_RESOLVER_ResponseMessage *msg; |
352 | struct GNUNET_MQ_Envelope *env; | 309 | struct GNUNET_MQ_Envelope *env; |
353 | 310 | ||
354 | GNUNET_DISK_file_read (GNUNET_DISK_pipe_handle (resolve_result_pipe, | 311 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
355 | GNUNET_DISK_PIPE_END_READ), | 312 | "Sending end message\n"); |
356 | &async_cls, | 313 | env = GNUNET_MQ_msg (msg, |
357 | sizeof (struct AsyncCls *)); | 314 | GNUNET_MESSAGE_TYPE_RESOLVER_RESPONSE); |
358 | resolve_result_pipe_task = | 315 | msg->id = request_id; |
359 | GNUNET_SCHEDULER_add_read_file (GNUNET_TIME_UNIT_FOREVER_REL, | 316 | GNUNET_MQ_send (GNUNET_SERVICE_client_get_mq (client), |
360 | GNUNET_DISK_pipe_handle (resolve_result_pipe, | 317 | env); |
361 | GNUNET_DISK_PIPE_END_READ), | 318 | } |
362 | &resolve_result_pipe_cb, | 319 | |
363 | NULL); | 320 | |
364 | host = async_cls->host; | 321 | static void |
365 | for (struct addrinfo *pos = host->ar_result; pos != NULL; pos = pos->ai_next) | 322 | handle_resolve_result (void *cls, |
323 | const struct GNUNET_TUN_DnsHeader *dns, | ||
324 | size_t dns_len) | ||
325 | { | ||
326 | struct ResolveCache *cache = cls; | ||
327 | struct GNUNET_DNSPARSER_Packet *parsed; | ||
328 | uint16_t request_id = *cache->request_id; | ||
329 | struct GNUNET_SERVICE_Client *client = cache->client; | ||
330 | |||
331 | parsed = GNUNET_DNSPARSER_parse ((const char *)dns, | ||
332 | dns_len); | ||
333 | if (NULL == parsed) | ||
334 | { | ||
335 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
336 | "Failed to parse DNS reply (request ID %u\n", | ||
337 | request_id); | ||
338 | return; | ||
339 | } | ||
340 | if (request_id != ntohs (parsed->id)) | ||
341 | { | ||
342 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
343 | "Request ID in DNS reply does not match\n"); | ||
344 | return; | ||
345 | } | ||
346 | else if (0 == parsed->num_answers) | ||
347 | { | ||
348 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
349 | "DNS reply (request ID %u) contains no answers\n", | ||
350 | request_id); | ||
351 | GNUNET_CONTAINER_DLL_remove (cache_head, | ||
352 | cache_tail, | ||
353 | cache); | ||
354 | free_cache_entry (cache); | ||
355 | cache = NULL; | ||
356 | } | ||
357 | else | ||
366 | { | 358 | { |
367 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 359 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
368 | "Lookup result for hostname %s: %s (request ID %u)\n", | 360 | "Got reply for request ID %u\n", |
369 | host->ar_name, | 361 | request_id); |
370 | GNUNET_a2s (pos->ai_addr, pos->ai_addrlen), | 362 | for (unsigned int i = 0; i != parsed->num_answers; i++) |
371 | async_cls->request_id); | ||
372 | switch (pos->ai_family) | ||
373 | { | 363 | { |
374 | case AF_INET: | 364 | struct Record *cache_entry = GNUNET_new (struct Record); |
375 | env = GNUNET_MQ_msg_extra (msg, | 365 | struct GNUNET_DNSPARSER_Record *record = &parsed->answers[i]; |
376 | sizeof (struct in_addr), | 366 | cache_entry->record = GNUNET_DNSPARSER_duplicate_record (record); |
377 | GNUNET_MESSAGE_TYPE_RESOLVER_RESPONSE); | 367 | GNUNET_CONTAINER_DLL_insert (cache->records_head, |
378 | msg->id = async_cls->request_id; | 368 | cache->records_tail, |
379 | GNUNET_memcpy (&msg[1], | 369 | cache_entry); |
380 | &((struct sockaddr_in*) pos->ai_addr)->sin_addr, | 370 | send_reply (cache_entry->record, |
381 | sizeof (struct in_addr)); | 371 | request_id, |
382 | GNUNET_MQ_send (async_cls->mq, | 372 | cache->client); |
383 | env); | ||
384 | break; | ||
385 | case AF_INET6: | ||
386 | env = GNUNET_MQ_msg_extra (msg, | ||
387 | sizeof (struct in6_addr), | ||
388 | GNUNET_MESSAGE_TYPE_RESOLVER_RESPONSE); | ||
389 | msg->id = async_cls->request_id; | ||
390 | GNUNET_memcpy (&msg[1], | ||
391 | &((struct sockaddr_in6*) pos->ai_addr)->sin6_addr, | ||
392 | sizeof (struct in6_addr)); | ||
393 | GNUNET_MQ_send (async_cls->mq, | ||
394 | env); | ||
395 | break; | ||
396 | default: | ||
397 | /* unsupported, skip */ | ||
398 | break; | ||
399 | } | 373 | } |
374 | GNUNET_free_non_null (cache->request_id); | ||
375 | cache->request_id = NULL; | ||
400 | } | 376 | } |
401 | // send end message | 377 | send_end_msg (request_id, |
402 | env = GNUNET_MQ_msg (msg, | 378 | client); |
403 | GNUNET_MESSAGE_TYPE_RESOLVER_RESPONSE); | 379 | if (NULL != cache) |
404 | msg->id = async_cls->request_id; | 380 | cache->client = NULL; |
405 | GNUNET_MQ_send (async_cls->mq, | 381 | if (NULL != cache) |
406 | env); | 382 | { |
407 | freeaddrinfo (host->ar_result); | 383 | if (NULL != cache->timeout_task) |
408 | GNUNET_free ((struct gaicb *)host->ar_request); // free hints | 384 | { |
409 | GNUNET_free (host); | 385 | GNUNET_SCHEDULER_cancel (cache->timeout_task); |
410 | GNUNET_free (async_cls->sig); | 386 | cache->timeout_task = NULL; |
411 | GNUNET_free (async_cls); | 387 | } |
388 | if (NULL != cache->resolve_handle) | ||
389 | { | ||
390 | GNUNET_DNSSTUB_resolve_cancel (cache->resolve_handle); | ||
391 | cache->resolve_handle = NULL; | ||
392 | } | ||
393 | } | ||
394 | GNUNET_DNSPARSER_free_packet (parsed); | ||
412 | } | 395 | } |
413 | 396 | ||
414 | 397 | ||
415 | static void | 398 | static void |
416 | handle_async_result (union sigval val) | 399 | handle_resolve_timeout (void *cls) |
417 | { | 400 | { |
418 | GNUNET_DISK_file_write (GNUNET_DISK_pipe_handle (resolve_result_pipe, | 401 | struct ResolveCache *cache = cls; |
419 | GNUNET_DISK_PIPE_END_WRITE), | 402 | |
420 | &val.sival_ptr, | 403 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
421 | sizeof (val.sival_ptr)); | 404 | "timeout!\n"); |
405 | if (NULL != cache->resolve_handle) | ||
406 | { | ||
407 | GNUNET_DNSSTUB_resolve_cancel (cache->resolve_handle); | ||
408 | cache->resolve_handle = NULL; | ||
409 | } | ||
410 | GNUNET_CONTAINER_DLL_remove (cache_head, | ||
411 | cache_tail, | ||
412 | cache); | ||
413 | free_cache_entry (cache); | ||
422 | } | 414 | } |
423 | 415 | ||
424 | 416 | ||
425 | static int | 417 | static int |
426 | getaddrinfo_a_resolve (struct GNUNET_MQ_Handle *mq, | 418 | resolve_and_cache (const char* hostname, |
427 | const char *hostname, | 419 | uint16_t record_type, |
428 | int af, | 420 | uint16_t request_id, |
429 | uint32_t request_id) | 421 | struct GNUNET_SERVICE_Client *client) |
430 | { | 422 | { |
431 | int ret; | 423 | char *packet_buf; |
432 | struct gaicb *host; | 424 | size_t packet_size; |
433 | struct addrinfo *hints; | 425 | struct GNUNET_DNSPARSER_Query query; |
434 | struct sigevent *sig; | 426 | struct GNUNET_DNSPARSER_Packet packet; |
435 | struct AsyncCls *async_cls; | 427 | struct ResolveCache *cache; |
436 | 428 | struct GNUNET_TIME_Relative timeout = | |
437 | host = GNUNET_new (struct gaicb); | 429 | GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_SECONDS, 5); |
438 | hints = GNUNET_new (struct addrinfo); | 430 | |
439 | sig = GNUNET_new (struct sigevent); | 431 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
440 | async_cls = GNUNET_new (struct AsyncCls); | 432 | "resolve_and_cache\n"); |
441 | memset (hints, | 433 | query.name = (char *)hostname; |
434 | query.type = record_type; | ||
435 | query.dns_traffic_class = GNUNET_TUN_DNS_CLASS_INTERNET; | ||
436 | memset (&packet, | ||
442 | 0, | 437 | 0, |
443 | sizeof (struct addrinfo)); | 438 | sizeof (packet)); |
444 | memset (sig, | 439 | packet.num_queries = 1; |
445 | 0, | 440 | packet.queries = &query; |
446 | sizeof (struct sigevent)); | 441 | packet.id = htons (request_id); |
447 | hints->ai_family = af; | 442 | packet.flags.recursion_desired = 1; |
448 | hints->ai_socktype = SOCK_STREAM; /* go for TCP */ | 443 | if (GNUNET_OK != |
449 | host->ar_name = hostname; | 444 | GNUNET_DNSPARSER_pack (&packet, |
450 | host->ar_service = NULL; | 445 | UINT16_MAX, |
451 | host->ar_request = hints; | 446 | &packet_buf, |
452 | host->ar_result = NULL; | 447 | &packet_size)) |
453 | sig->sigev_notify = SIGEV_THREAD; | 448 | { |
454 | sig->sigev_value.sival_ptr = async_cls; | 449 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, |
455 | sig->sigev_notify_function = &handle_async_result; | 450 | "Failed to pack query for hostname `%s'\n", |
456 | async_cls->host = host; | 451 | hostname); |
457 | async_cls->sig = sig; | ||
458 | async_cls->mq = mq; | ||
459 | async_cls->request_id = request_id; | ||
460 | ret = getaddrinfo_a (GAI_NOWAIT, | ||
461 | &host, | ||
462 | 1, | ||
463 | sig); | ||
464 | if (0 != ret) | ||
465 | return GNUNET_SYSERR; | 452 | return GNUNET_SYSERR; |
453 | |||
454 | } | ||
455 | cache = GNUNET_malloc (sizeof (struct ResolveCache)); | ||
456 | cache->record_type = record_type; | ||
457 | cache->request_id = GNUNET_memdup (&request_id, sizeof (request_id)); | ||
458 | cache->client = client; | ||
459 | cache->timeout_task = GNUNET_SCHEDULER_add_delayed (timeout, | ||
460 | &handle_resolve_timeout, | ||
461 | cache); | ||
462 | cache->resolve_handle = | ||
463 | GNUNET_DNSSTUB_resolve (dnsstub_ctx, | ||
464 | packet_buf, | ||
465 | packet_size, | ||
466 | &handle_resolve_result, | ||
467 | cache); | ||
468 | GNUNET_CONTAINER_DLL_insert (cache_head, | ||
469 | cache_tail, | ||
470 | cache); | ||
471 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
472 | "resolve %s, request_id = %u\n", | ||
473 | hostname, | ||
474 | request_id); | ||
475 | GNUNET_free (packet_buf); | ||
466 | return GNUNET_OK; | 476 | return GNUNET_OK; |
467 | } | 477 | } |
468 | 478 | ||
469 | 479 | ||
470 | #elif HAVE_GETADDRINFO | 480 | static const char * |
471 | static int | 481 | get_hostname (struct ResolveCache *cache_entry) |
472 | getaddrinfo_resolve (struct GNUNET_MQ_Handle *mq, | ||
473 | const char *hostname, | ||
474 | int af, | ||
475 | uint32_t request_id) | ||
476 | { | 482 | { |
477 | int s; | 483 | if (NULL != cache_entry->records_head) |
478 | struct addrinfo hints; | ||
479 | struct addrinfo *result; | ||
480 | struct addrinfo *pos; | ||
481 | struct GNUNET_RESOLVER_ResponseMessage *msg; | ||
482 | struct GNUNET_MQ_Envelope *env; | ||
483 | |||
484 | #ifdef WINDOWS | ||
485 | /* Due to a bug, getaddrinfo will not return a mix of different families */ | ||
486 | if (AF_UNSPEC == af) | ||
487 | { | 484 | { |
488 | int ret1; | 485 | GNUNET_assert (NULL != cache_entry->records_head); |
489 | int ret2; | 486 | GNUNET_assert (NULL != cache_entry->records_head->record); |
490 | ret1 = getaddrinfo_resolve (mq, | 487 | GNUNET_assert (NULL != cache_entry->records_head->record->name); |
491 | hostname, | 488 | return cache_entry->records_head->record->name; |
492 | AF_INET, | ||
493 | request_id); | ||
494 | ret2 = getaddrinfo_resolve (mq, | ||
495 | hostname, | ||
496 | AF_INET6, | ||
497 | request_id); | ||
498 | if ( (ret1 == GNUNET_OK) || | ||
499 | (ret2 == GNUNET_OK) ) | ||
500 | return GNUNET_OK; | ||
501 | if ( (ret1 == GNUNET_SYSERR) || | ||
502 | (ret2 == GNUNET_SYSERR) ) | ||
503 | return GNUNET_SYSERR; | ||
504 | return GNUNET_NO; | ||
505 | } | 489 | } |
506 | #endif | 490 | return NULL; |
507 | |||
508 | memset (&hints, | ||
509 | 0, | ||
510 | sizeof (struct addrinfo)); | ||
511 | hints.ai_family = af; | ||
512 | hints.ai_socktype = SOCK_STREAM; /* go for TCP */ | ||
513 | |||
514 | if (0 != (s = getaddrinfo (hostname, | ||
515 | NULL, | ||
516 | &hints, | ||
517 | &result))) | ||
518 | { | ||
519 | GNUNET_log (GNUNET_ERROR_TYPE_INFO, | ||
520 | _("Could not resolve `%s' (%s): %s\n"), | ||
521 | hostname, | ||
522 | (af == | ||
523 | AF_INET) ? "IPv4" : ((af == AF_INET6) ? "IPv6" : "any"), | ||
524 | gai_strerror (s)); | ||
525 | if ( (s == EAI_BADFLAGS) || | ||
526 | #ifndef WINDOWS | ||
527 | (s == EAI_SYSTEM) || | ||
528 | #endif | ||
529 | (s == EAI_MEMORY) ) | ||
530 | return GNUNET_NO; /* other function may still succeed */ | ||
531 | return GNUNET_SYSERR; | ||
532 | } | ||
533 | if (NULL == result) | ||
534 | return GNUNET_SYSERR; | ||
535 | for (pos = result; pos != NULL; pos = pos->ai_next) | ||
536 | { | ||
537 | switch (pos->ai_family) | ||
538 | { | ||
539 | case AF_INET: | ||
540 | env = GNUNET_MQ_msg_extra (msg, | ||
541 | sizeof (struct in_addr), | ||
542 | GNUNET_MESSAGE_TYPE_RESOLVER_RESPONSE); | ||
543 | msg->id = request_id; | ||
544 | GNUNET_memcpy (&msg[1], | ||
545 | &((struct sockaddr_in*) pos->ai_addr)->sin_addr, | ||
546 | sizeof (struct in_addr)); | ||
547 | GNUNET_MQ_send (mq, | ||
548 | env); | ||
549 | break; | ||
550 | case AF_INET6: | ||
551 | env = GNUNET_MQ_msg_extra (msg, | ||
552 | sizeof (struct in6_addr), | ||
553 | GNUNET_MESSAGE_TYPE_RESOLVER_RESPONSE); | ||
554 | msg->id = request_id; | ||
555 | GNUNET_memcpy (&msg[1], | ||
556 | &((struct sockaddr_in6*) pos->ai_addr)->sin6_addr, | ||
557 | sizeof (struct in6_addr)); | ||
558 | GNUNET_MQ_send (mq, | ||
559 | env); | ||
560 | break; | ||
561 | default: | ||
562 | /* unsupported, skip */ | ||
563 | break; | ||
564 | } | ||
565 | } | ||
566 | freeaddrinfo (result); | ||
567 | return GNUNET_OK; | ||
568 | } | 491 | } |
569 | 492 | ||
570 | 493 | ||
571 | #elif HAVE_GETHOSTBYNAME2 | 494 | static const uint16_t * |
572 | 495 | get_record_type (struct ResolveCache *cache_entry) | |
573 | |||
574 | static int | ||
575 | gethostbyname2_resolve (struct GNUNET_MQ_Handle *mq, | ||
576 | const char *hostname, | ||
577 | int af, | ||
578 | uint32_t request_id) | ||
579 | { | 496 | { |
580 | struct hostent *hp; | 497 | if (NULL != cache_entry->records_head) |
581 | int ret1; | 498 | return &cache_entry->record_type; |
582 | int ret2; | 499 | return NULL; |
583 | struct GNUNET_MQ_Envelope *env; | 500 | } |
584 | struct GNUNET_RESOLVER_ResponseMessage *msg; | ||
585 | 501 | ||
586 | #ifdef WINDOWS | ||
587 | /* gethostbyname2() in plibc is a compat dummy that calls gethostbyname(). */ | ||
588 | return GNUNET_NO; | ||
589 | #endif | ||
590 | 502 | ||
591 | if (af == AF_UNSPEC) | 503 | static const struct GNUNET_TIME_Absolute * |
592 | { | 504 | get_expiration_time (struct ResolveCache *cache_entry) |
593 | ret1 = gethostbyname2_resolve (mq, | 505 | { |
594 | hostname, | 506 | if (NULL != cache_entry->records_head) |
595 | AF_INET, | 507 | return &cache_entry->records_head->record->expiration_time; |
596 | request_id); | 508 | return NULL; |
597 | ret2 = gethostbyname2_resolve (mq, | ||
598 | hostname, | ||
599 | AF_INET6, | ||
600 | request_id); | ||
601 | if ( (ret1 == GNUNET_OK) || | ||
602 | (ret2 == GNUNET_OK) ) | ||
603 | return GNUNET_OK; | ||
604 | if ( (ret1 == GNUNET_SYSERR) || | ||
605 | (ret2 == GNUNET_SYSERR) ) | ||
606 | return GNUNET_SYSERR; | ||
607 | return GNUNET_NO; | ||
608 | } | ||
609 | hp = gethostbyname2 (hostname, | ||
610 | af); | ||
611 | if (hp == NULL) | ||
612 | { | ||
613 | GNUNET_log (GNUNET_ERROR_TYPE_INFO, | ||
614 | _("Could not find IP of host `%s': %s\n"), | ||
615 | hostname, | ||
616 | hstrerror (h_errno)); | ||
617 | return GNUNET_SYSERR; | ||
618 | } | ||
619 | GNUNET_assert (hp->h_addrtype == af); | ||
620 | switch (af) | ||
621 | { | ||
622 | case AF_INET: | ||
623 | GNUNET_assert (hp->h_length == sizeof (struct in_addr)); | ||
624 | env = GNUNET_MQ_msg_extra (msg, | ||
625 | hp->h_length, | ||
626 | GNUNET_MESSAGE_TYPE_RESOLVER_RESPONSE); | ||
627 | msg->id = request_id; | ||
628 | GNUNET_memcpy (&msg[1], | ||
629 | hp->h_addr_list[0], | ||
630 | hp->h_length); | ||
631 | GNUNET_MQ_send (mq, | ||
632 | env); | ||
633 | break; | ||
634 | case AF_INET6: | ||
635 | GNUNET_assert (hp->h_length == sizeof (struct in6_addr)); | ||
636 | env = GNUNET_MQ_msg_extra (msg, | ||
637 | hp->h_length, | ||
638 | GNUNET_MESSAGE_TYPE_RESOLVER_RESPONSE); | ||
639 | msg->id = request_id; | ||
640 | GNUNET_memcpy (&msg[1], | ||
641 | hp->h_addr_list[0], | ||
642 | hp->h_length); | ||
643 | GNUNET_MQ_send (mq, | ||
644 | env); | ||
645 | break; | ||
646 | default: | ||
647 | GNUNET_break (0); | ||
648 | return GNUNET_SYSERR; | ||
649 | } | ||
650 | return GNUNET_OK; | ||
651 | } | 509 | } |
652 | 510 | ||
653 | #elif HAVE_GETHOSTBYNAME | ||
654 | |||
655 | 511 | ||
656 | static int | 512 | static int |
657 | gethostbyname_resolve (struct GNUNET_MQ_Handle *mq, | 513 | remove_if_expired (struct ResolveCache *cache_entry) |
658 | const char *hostname, | ||
659 | uint32_t request_id) | ||
660 | { | 514 | { |
661 | struct hostent *hp; | 515 | struct GNUNET_TIME_Absolute now = GNUNET_TIME_absolute_get (); |
662 | struct GNUNET_RESOLVER_ResponseMessage *msg; | ||
663 | struct GNUNET_MQ_Envelope *env; | ||
664 | 516 | ||
665 | hp = GETHOSTBYNAME (hostname); | 517 | if ( (NULL != cache_entry->records_head) && |
666 | if (NULL == hp) | 518 | (now.abs_value_us > get_expiration_time (cache_entry)->abs_value_us) ) |
667 | { | 519 | { |
668 | GNUNET_log (GNUNET_ERROR_TYPE_INFO, | 520 | GNUNET_CONTAINER_DLL_remove (cache_head, |
669 | _("Could not find IP of host `%s': %s\n"), | 521 | cache_tail, |
670 | hostname, | 522 | cache_entry); |
671 | hstrerror (h_errno)); | 523 | free_cache_entry (cache_entry); |
672 | return GNUNET_SYSERR; | 524 | return GNUNET_YES; |
673 | } | ||
674 | if (hp->h_addrtype != AF_INET) | ||
675 | { | ||
676 | GNUNET_break (0); | ||
677 | return GNUNET_SYSERR; | ||
678 | } | 525 | } |
679 | GNUNET_assert (hp->h_length == sizeof (struct in_addr)); | 526 | return GNUNET_NO; |
680 | env = GNUNET_MQ_msg_extra (msg, | ||
681 | hp->h_length, | ||
682 | GNUNET_MESSAGE_TYPE_RESOLVER_RESPONSE); | ||
683 | msg->id = request_id; | ||
684 | GNUNET_memcpy (&msg[1], | ||
685 | hp->h_addr_list[0], | ||
686 | hp->h_length); | ||
687 | GNUNET_MQ_send (mq, | ||
688 | env); | ||
689 | return GNUNET_OK; | ||
690 | } | 527 | } |
691 | #endif | ||
692 | 528 | ||
693 | 529 | ||
694 | /** | 530 | /** |
695 | * Convert a string to an IP address. | 531 | * Get an IP address as a string (works for both IPv4 and IPv6). Note |
532 | * that the resolution happens asynchronously and that the first call | ||
533 | * may not immediately result in the FQN (but instead in a | ||
534 | * human-readable IP address). | ||
696 | * | 535 | * |
697 | * @param client where to send the IP address | 536 | * @param client handle to the client making the request (for sending the reply) |
698 | * @param hostname the hostname to resolve | 537 | * @param af AF_INET or AF_INET6 |
699 | * @param af AF_INET or AF_INET6; use AF_UNSPEC for "any" | 538 | * @param ip `struct in_addr` or `struct in6_addr` |
700 | */ | 539 | */ |
701 | static void | 540 | static int |
702 | get_ip_from_hostname (struct GNUNET_SERVICE_Client *client, | 541 | try_cache (const char *hostname, |
703 | const char *hostname, | 542 | uint16_t record_type, |
704 | int af, | 543 | uint16_t request_id, |
705 | uint32_t request_id) | 544 | struct GNUNET_SERVICE_Client *client) |
706 | { | 545 | { |
707 | struct GNUNET_MQ_Envelope *env; | 546 | struct ResolveCache *pos; |
708 | struct GNUNET_RESOLVER_ResponseMessage *msg; | 547 | struct ResolveCache *next; |
709 | struct GNUNET_MQ_Handle *mq; | 548 | |
710 | 549 | next = cache_head; | |
711 | mq = GNUNET_SERVICE_client_get_mq (client); | 550 | while ( (NULL != (pos = next)) && |
712 | #if HAVE_GETADDRINFO_A | 551 | ( (NULL == pos->records_head) || |
713 | getaddrinfo_a_resolve (mq, | 552 | (0 != strcmp (get_hostname (pos), hostname)) || |
714 | hostname, | 553 | (*get_record_type (pos) != record_type) ) ) |
715 | af, | 554 | { |
716 | request_id); | 555 | next = pos->next; |
717 | GNUNET_SERVICE_client_continue (client); | 556 | remove_if_expired (pos); |
718 | return; | 557 | } |
719 | #elif HAVE_GETADDRINFO | 558 | if (NULL != pos) |
720 | getaddrinfo_resolve (mq, | 559 | { |
721 | hostname, | 560 | if (GNUNET_NO == remove_if_expired (pos)) |
722 | af, | 561 | { |
723 | request_id); | 562 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
724 | #elif HAVE_GETHOSTBYNAME2 | 563 | "found cache entry for '%s', record type '%u'\n", |
725 | gethostbyname2_resolve (mq, | 564 | hostname, |
726 | hostname, | 565 | record_type); |
727 | af, | 566 | struct Record *cache_pos = pos->records_head; |
728 | request_id); | 567 | while (NULL != cache_pos) |
729 | #elif HAVE_GETHOSTBYNAME | 568 | { |
730 | if ( ( (af == AF_UNSPEC) || | 569 | send_reply (cache_pos->record, |
731 | (af == PF_INET) ) ) | 570 | request_id, |
732 | gethostbyname_resolve (mq, | 571 | client); |
733 | hostname, | 572 | cache_pos = cache_pos->next; |
734 | request_id); | 573 | } |
735 | #endif | 574 | send_end_msg (request_id, |
736 | // send end message | 575 | client); |
737 | env = GNUNET_MQ_msg (msg, | 576 | return GNUNET_YES; |
738 | GNUNET_MESSAGE_TYPE_RESOLVER_RESPONSE); | 577 | } |
739 | msg->id = request_id; | 578 | } |
740 | GNUNET_MQ_notify_sent (env, | 579 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
741 | ¬ify_service_client_done, | 580 | "no cache entry for '%s'\n", |
742 | client); | 581 | hostname); |
743 | GNUNET_MQ_send (mq, | 582 | return GNUNET_NO; |
744 | env); | ||
745 | } | 583 | } |
746 | 584 | ||
747 | 585 | ||
@@ -801,6 +639,23 @@ check_get (void *cls, | |||
801 | } | 639 | } |
802 | 640 | ||
803 | 641 | ||
642 | static void | ||
643 | process_get (const char *hostname, | ||
644 | uint16_t record_type, | ||
645 | uint16_t request_id, | ||
646 | struct GNUNET_SERVICE_Client *client) | ||
647 | { | ||
648 | if (GNUNET_NO == try_cache (hostname, record_type, request_id, client)) | ||
649 | { | ||
650 | int result = resolve_and_cache (hostname, | ||
651 | record_type, | ||
652 | request_id, | ||
653 | client); | ||
654 | GNUNET_assert (GNUNET_OK == result); | ||
655 | } | ||
656 | } | ||
657 | |||
658 | |||
804 | /** | 659 | /** |
805 | * Handle GET-message. | 660 | * Handle GET-message. |
806 | * | 661 | * |
@@ -812,45 +667,100 @@ handle_get (void *cls, | |||
812 | const struct GNUNET_RESOLVER_GetMessage *msg) | 667 | const struct GNUNET_RESOLVER_GetMessage *msg) |
813 | { | 668 | { |
814 | struct GNUNET_SERVICE_Client *client = cls; | 669 | struct GNUNET_SERVICE_Client *client = cls; |
815 | const void *ip; | ||
816 | int direction; | 670 | int direction; |
817 | int af; | 671 | int af; |
818 | uint32_t id; | 672 | uint16_t request_id; |
673 | const char *hostname; | ||
819 | 674 | ||
820 | direction = ntohl (msg->direction); | 675 | direction = ntohl (msg->direction); |
821 | af = ntohl (msg->af); | 676 | af = ntohl (msg->af); |
822 | id = ntohl (msg->id); | 677 | request_id = ntohs (msg->id); |
823 | if (GNUNET_NO == direction) | 678 | if (GNUNET_NO == direction) |
824 | { | 679 | { |
825 | /* IP from hostname */ | 680 | /* IP from hostname */ |
826 | const char *hostname; | 681 | hostname = GNUNET_strdup ((const char *) &msg[1]); |
827 | 682 | switch (af) | |
828 | hostname = (const char *) &msg[1]; | 683 | { |
829 | get_ip_from_hostname (client, | 684 | case AF_UNSPEC: |
830 | hostname, | 685 | { |
831 | af, | 686 | process_get (hostname, GNUNET_DNSPARSER_TYPE_ALL, request_id, client); |
832 | id); | 687 | break; |
833 | return; | 688 | } |
689 | case AF_INET: | ||
690 | { | ||
691 | process_get (hostname, GNUNET_DNSPARSER_TYPE_A, request_id, client); | ||
692 | break; | ||
693 | } | ||
694 | case AF_INET6: | ||
695 | { | ||
696 | process_get (hostname, GNUNET_DNSPARSER_TYPE_AAAA, request_id, client); | ||
697 | break; | ||
698 | } | ||
699 | default: | ||
700 | { | ||
701 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
702 | "got invalid af: %d\n", | ||
703 | af); | ||
704 | GNUNET_assert (0); | ||
705 | } | ||
706 | } | ||
707 | } | ||
708 | else | ||
709 | { | ||
710 | /* hostname from IP */ | ||
711 | hostname = make_reverse_hostname (&msg[1], af); | ||
712 | process_get (hostname, GNUNET_DNSPARSER_TYPE_PTR, request_id, client); | ||
834 | } | 713 | } |
835 | ip = &msg[1]; | 714 | GNUNET_free_non_null ((char *)hostname); |
715 | GNUNET_SERVICE_client_continue (client); | ||
716 | } | ||
836 | 717 | ||
837 | #if !defined(GNUNET_CULL_LOGGING) | 718 | |
719 | static void | ||
720 | shutdown_task (void *cls) | ||
721 | { | ||
722 | (void) cls; | ||
723 | struct ResolveCache *pos; | ||
724 | |||
725 | while (NULL != (pos = cache_head)) | ||
838 | { | 726 | { |
839 | char buf[INET6_ADDRSTRLEN]; | 727 | GNUNET_CONTAINER_DLL_remove (cache_head, |
728 | cache_tail, | ||
729 | pos); | ||
730 | free_cache_entry (pos); | ||
731 | } | ||
732 | GNUNET_DNSSTUB_stop (dnsstub_ctx); | ||
733 | } | ||
734 | |||
840 | 735 | ||
736 | static void | ||
737 | init_cb (void *cls, | ||
738 | const struct GNUNET_CONFIGURATION_Handle *cfg, | ||
739 | struct GNUNET_SERVICE_Handle *sh) | ||
740 | { | ||
741 | (void) cfg; | ||
742 | (void) sh; | ||
743 | |||
744 | GNUNET_SCHEDULER_add_shutdown (&shutdown_task, | ||
745 | cls); | ||
746 | dnsstub_ctx = GNUNET_DNSSTUB_start (128); | ||
747 | char **dns_servers; | ||
748 | ssize_t num_dns_servers = lookup_dns_servers (&dns_servers); | ||
749 | if (0 == num_dns_servers) | ||
750 | { | ||
751 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
752 | "no DNS server available. DNS resolution will not be possible.\n"); | ||
753 | } | ||
754 | for (int i = 0; i != num_dns_servers; i++) | ||
755 | { | ||
756 | int result = GNUNET_DNSSTUB_add_dns_ip (dnsstub_ctx, dns_servers[i]); | ||
841 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 757 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
842 | "Resolver asked to look up IP address `%s (request ID %u)'.\n", | 758 | "Adding DNS server '%s': %s\n", |
843 | inet_ntop (af, | 759 | dns_servers[i], |
844 | ip, | 760 | GNUNET_OK == result ? "success" : "failure"); |
845 | buf, | 761 | GNUNET_free (dns_servers[i]); |
846 | sizeof (buf)), | ||
847 | id); | ||
848 | } | 762 | } |
849 | #endif | 763 | GNUNET_free_non_null (dns_servers); |
850 | get_ip_as_string (client, | ||
851 | af, | ||
852 | ip, | ||
853 | id); | ||
854 | } | 764 | } |
855 | 765 | ||
856 | 766 | ||
@@ -870,19 +780,6 @@ connect_cb (void *cls, | |||
870 | (void) cls; | 780 | (void) cls; |
871 | (void) mq; | 781 | (void) mq; |
872 | 782 | ||
873 | #if HAVE_GETADDRINFO_A | ||
874 | resolve_result_pipe = GNUNET_DISK_pipe (GNUNET_NO, | ||
875 | GNUNET_NO, | ||
876 | GNUNET_NO, | ||
877 | GNUNET_NO); | ||
878 | GNUNET_assert (NULL != resolve_result_pipe); | ||
879 | resolve_result_pipe_task = | ||
880 | GNUNET_SCHEDULER_add_read_file (GNUNET_TIME_UNIT_FOREVER_REL, | ||
881 | GNUNET_DISK_pipe_handle (resolve_result_pipe, | ||
882 | GNUNET_DISK_PIPE_END_READ), | ||
883 | &resolve_result_pipe_cb, | ||
884 | NULL); | ||
885 | #endif | ||
886 | return c; | 783 | return c; |
887 | } | 784 | } |
888 | 785 | ||
@@ -900,19 +797,16 @@ disconnect_cb (void *cls, | |||
900 | void *internal_cls) | 797 | void *internal_cls) |
901 | { | 798 | { |
902 | (void) cls; | 799 | (void) cls; |
800 | struct ResolveCache *pos = cache_head; | ||
903 | 801 | ||
904 | #if HAVE_GETADDRINFO_A | 802 | while (NULL != pos) |
905 | if (NULL != resolve_result_pipe_task) | ||
906 | { | ||
907 | GNUNET_SCHEDULER_cancel (resolve_result_pipe_task); | ||
908 | resolve_result_pipe_task = NULL; | ||
909 | } | ||
910 | if (NULL != resolve_result_pipe) | ||
911 | { | 803 | { |
912 | GNUNET_DISK_pipe_close (resolve_result_pipe); | 804 | if (pos->client == c) |
913 | resolve_result_pipe = NULL; | 805 | { |
806 | pos->client = NULL; | ||
807 | } | ||
808 | pos = pos->next; | ||
914 | } | 809 | } |
915 | #endif | ||
916 | GNUNET_assert (c == internal_cls); | 810 | GNUNET_assert (c == internal_cls); |
917 | } | 811 | } |
918 | 812 | ||
@@ -923,7 +817,7 @@ disconnect_cb (void *cls, | |||
923 | GNUNET_SERVICE_MAIN | 817 | GNUNET_SERVICE_MAIN |
924 | ("resolver", | 818 | ("resolver", |
925 | GNUNET_SERVICE_OPTION_NONE, | 819 | GNUNET_SERVICE_OPTION_NONE, |
926 | NULL, | 820 | &init_cb, |
927 | &connect_cb, | 821 | &connect_cb, |
928 | &disconnect_cb, | 822 | &disconnect_cb, |
929 | NULL, | 823 | NULL, |
@@ -950,23 +844,4 @@ GNUNET_RESOLVER_memory_init () | |||
950 | #endif | 844 | #endif |
951 | 845 | ||
952 | 846 | ||
953 | /** | ||
954 | * Free globals on exit. | ||
955 | */ | ||
956 | void __attribute__ ((destructor)) | ||
957 | GNUNET_RESOLVER_memory_done () | ||
958 | { | ||
959 | struct IPCache *pos; | ||
960 | |||
961 | while (NULL != (pos = cache_head)) | ||
962 | { | ||
963 | GNUNET_CONTAINER_DLL_remove (cache_head, | ||
964 | cache_tail, | ||
965 | pos); | ||
966 | GNUNET_free_non_null (pos->addr); | ||
967 | GNUNET_free (pos); | ||
968 | } | ||
969 | } | ||
970 | |||
971 | |||
972 | /* end of gnunet-service-resolver.c */ | 847 | /* end of gnunet-service-resolver.c */ |
diff --git a/contrib/timeout_watchdog_w32.c b/src/util/gnunet-timeout-w32.c index 901eb6207..78b268fe2 100644 --- a/contrib/timeout_watchdog_w32.c +++ b/src/util/gnunet-timeout-w32.c | |||
@@ -11,13 +11,13 @@ | |||
11 | WITHOUT ANY WARRANTY; without even the implied warranty of | 11 | WITHOUT ANY WARRANTY; without even the implied warranty of |
12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | 12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
13 | Affero General Public License for more details. | 13 | Affero General Public License for more details. |
14 | 14 | ||
15 | You should have received a copy of the GNU Affero General Public License | 15 | You should have received a copy of the GNU Affero General Public License |
16 | along with this program. If not, see <http://www.gnu.org/licenses/>. | 16 | along with this program. If not, see <http://www.gnu.org/licenses/>. |
17 | */ | 17 | */ |
18 | 18 | ||
19 | /** | 19 | /** |
20 | * @file contrib/timeout_watchdog_w32.c | 20 | * @file src/util/gnunet-timeout-w32.c |
21 | * @brief small tool starting a child process, waiting that it terminates or killing it after a given timeout period | 21 | * @brief small tool starting a child process, waiting that it terminates or killing it after a given timeout period |
22 | * @author LRN | 22 | * @author LRN |
23 | */ | 23 | */ |
@@ -182,7 +182,7 @@ main (int argc, char *argv[]) | |||
182 | exit (0); | 182 | exit (0); |
183 | } | 183 | } |
184 | printf ("Child processes were killed after timeout of %u seconds\n", | 184 | printf ("Child processes were killed after timeout of %u seconds\n", |
185 | timeout); | 185 | timeout); |
186 | TerminateJobObject (job, 1); | 186 | TerminateJobObject (job, 1); |
187 | CloseHandle (proc.hProcess); | 187 | CloseHandle (proc.hProcess); |
188 | exit (1); | 188 | exit (1); |
diff --git a/contrib/timeout_watchdog.c b/src/util/gnunet-timeout.c index 70e840d55..8dfb6ad17 100644 --- a/contrib/timeout_watchdog.c +++ b/src/util/gnunet-timeout.c | |||
@@ -11,13 +11,13 @@ | |||
11 | WITHOUT ANY WARRANTY; without even the implied warranty of | 11 | WITHOUT ANY WARRANTY; without even the implied warranty of |
12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | 12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
13 | Affero General Public License for more details. | 13 | Affero General Public License for more details. |
14 | 14 | ||
15 | You should have received a copy of the GNU Affero General Public License | 15 | You should have received a copy of the GNU Affero General Public License |
16 | along with this program. If not, see <http://www.gnu.org/licenses/>. | 16 | along with this program. If not, see <http://www.gnu.org/licenses/>. |
17 | */ | 17 | */ |
18 | 18 | ||
19 | /** | 19 | /** |
20 | * @file contrib/timeout_watchdog.c | 20 | * @file src/util/gnunet-timeout.c |
21 | * @brief small tool starting a child process, waiting that it terminates or killing it after a given timeout period | 21 | * @brief small tool starting a child process, waiting that it terminates or killing it after a given timeout period |
22 | * @author Matthias Wachs | 22 | * @author Matthias Wachs |
23 | */ | 23 | */ |
@@ -39,25 +39,35 @@ sigchld_handler (int val) | |||
39 | int ret = 0; | 39 | int ret = 0; |
40 | 40 | ||
41 | (void) val; | 41 | (void) val; |
42 | waitpid (child, &status, 0); | 42 | waitpid (child, |
43 | &status, | ||
44 | 0); | ||
43 | if (WIFEXITED (status) != 0) | 45 | if (WIFEXITED (status) != 0) |
44 | { | 46 | { |
45 | ret = WEXITSTATUS (status); | 47 | ret = WEXITSTATUS (status); |
46 | printf ("Test process exited with result %u\n", ret); | 48 | fprintf (stderr, |
47 | } | 49 | "Process exited with result %u\n", |
50 | ret); | ||
51 | exit (ret); /* return same status code */ | ||
52 | } | ||
48 | if (WIFSIGNALED (status) != 0) | 53 | if (WIFSIGNALED (status) != 0) |
49 | { | 54 | { |
50 | ret = WTERMSIG (status); | 55 | ret = WTERMSIG (status); |
51 | printf ("Test process was signaled %u\n", ret); | 56 | fprintf (stderr, |
52 | } | 57 | "Process received signal %u\n", |
53 | exit (ret); | 58 | ret); |
59 | kill (getpid (), | ||
60 | ret); /* kill self with the same signal */ | ||
61 | } | ||
62 | exit (-1); | ||
54 | } | 63 | } |
55 | 64 | ||
56 | 65 | ||
57 | static void | 66 | static void |
58 | sigint_handler (int val) | 67 | sigint_handler (int val) |
59 | { | 68 | { |
60 | kill (0, val); | 69 | kill (0, |
70 | val); | ||
61 | exit (val); | 71 | exit (val); |
62 | } | 72 | } |
63 | 73 | ||
@@ -70,18 +80,18 @@ main (int argc, | |||
70 | pid_t gpid = 0; | 80 | pid_t gpid = 0; |
71 | 81 | ||
72 | if (argc < 3) | 82 | if (argc < 3) |
73 | { | 83 | { |
74 | printf | 84 | fprintf (stderr, |
75 | ("arg 1: timeout in sec., arg 2: executable, arg<n> arguments\n"); | 85 | "arg 1: timeout in sec., arg 2: executable, arg<n> arguments\n"); |
76 | exit (1); | 86 | exit (-1); |
77 | } | 87 | } |
78 | 88 | ||
79 | timeout = atoi (argv[1]); | 89 | timeout = atoi (argv[1]); |
80 | 90 | ||
81 | if (timeout == 0) | 91 | if (timeout == 0) |
82 | timeout = 600; | 92 | timeout = 600; |
83 | 93 | ||
84 | /* with getpgid() it does not compile, but getpgrp is the BSD version and working */ | 94 | /* with getpgid() it does not compile, but getpgrp is the BSD version and working */ |
85 | gpid = getpgrp (); | 95 | gpid = getpgrp (); |
86 | 96 | ||
87 | signal (SIGCHLD, sigchld_handler); | 97 | signal (SIGCHLD, sigchld_handler); |
@@ -94,23 +104,25 @@ main (int argc, | |||
94 | 104 | ||
95 | child = fork (); | 105 | child = fork (); |
96 | if (child == 0) | 106 | if (child == 0) |
97 | { | 107 | { |
98 | /* int setpgrp(pid_t pid, pid_t pgid); is not working on this machine */ | 108 | /* int setpgrp(pid_t pid, pid_t pgid); is not working on this machine */ |
99 | //setpgrp (0, pid_t gpid); | 109 | //setpgrp (0, pid_t gpid); |
100 | if (-1 != gpid) | 110 | if (-1 != gpid) |
101 | setpgid (0, gpid); | 111 | setpgid (0, gpid); |
102 | execvp (argv[2], &argv[2]); | 112 | execvp (argv[2], |
103 | exit (1); | 113 | &argv[2]); |
104 | } | 114 | exit (-1); |
115 | } | ||
105 | if (child > 0) | 116 | if (child > 0) |
106 | { | 117 | { |
107 | sleep (timeout); | 118 | sleep (timeout); |
108 | printf ("Child processes were killed after timeout of %u seconds\n", | 119 | printf ("Child processes were killed after timeout of %u seconds\n", |
109 | timeout); | 120 | timeout); |
110 | kill (0, SIGTERM); | 121 | kill (0, |
111 | exit (1); | 122 | SIGTERM); |
112 | } | 123 | exit (3); |
113 | exit (1); | 124 | } |
125 | exit (-1); | ||
114 | } | 126 | } |
115 | 127 | ||
116 | /* end of timeout_watchdog.c */ | 128 | /* end of timeout_watchdog.c */ |
diff --git a/src/util/os_priority.c b/src/util/os_priority.c index d13991334..a758f24f1 100644 --- a/src/util/os_priority.c +++ b/src/util/os_priority.c | |||
@@ -1588,7 +1588,7 @@ GNUNET_OS_start_process_s (int pipe_control, | |||
1588 | 1588 | ||
1589 | 1589 | ||
1590 | /** | 1590 | /** |
1591 | * Retrieve the status of a process, waiting on him if dead. | 1591 | * Retrieve the status of a process, waiting on it if dead. |
1592 | * Nonblocking version. | 1592 | * Nonblocking version. |
1593 | * | 1593 | * |
1594 | * @param proc process ID | 1594 | * @param proc process ID |
@@ -1705,7 +1705,7 @@ process_status (struct GNUNET_OS_Process *proc, | |||
1705 | 1705 | ||
1706 | 1706 | ||
1707 | /** | 1707 | /** |
1708 | * Retrieve the status of a process, waiting on him if dead. | 1708 | * Retrieve the status of a process, waiting on it if dead. |
1709 | * Nonblocking version. | 1709 | * Nonblocking version. |
1710 | * | 1710 | * |
1711 | * @param proc process ID | 1711 | * @param proc process ID |
@@ -1726,7 +1726,7 @@ GNUNET_OS_process_status (struct GNUNET_OS_Process *proc, | |||
1726 | 1726 | ||
1727 | 1727 | ||
1728 | /** | 1728 | /** |
1729 | * Retrieve the status of a process, waiting on him if dead. | 1729 | * Retrieve the status of a process, waiting on it if dead. |
1730 | * Blocking version. | 1730 | * Blocking version. |
1731 | * | 1731 | * |
1732 | * @param proc pointer to process structure | 1732 | * @param proc pointer to process structure |
diff --git a/src/tun/regex.c b/src/util/regex.c index 7565a9eac..7565a9eac 100644 --- a/src/tun/regex.c +++ b/src/util/regex.c | |||
diff --git a/src/util/resolver.h b/src/util/resolver.h index a0f105afa..07851d052 100644 --- a/src/util/resolver.h +++ b/src/util/resolver.h | |||
@@ -60,7 +60,7 @@ struct GNUNET_RESOLVER_GetMessage | |||
60 | * identifies the request and is contained in the response message. The | 60 | * identifies the request and is contained in the response message. The |
61 | * client has to match response to request by this identifier. | 61 | * client has to match response to request by this identifier. |
62 | */ | 62 | */ |
63 | uint32_t id GNUNET_PACKED; | 63 | uint16_t id GNUNET_PACKED; |
64 | 64 | ||
65 | /* followed by 0-terminated string for A/AAAA-lookup or | 65 | /* followed by 0-terminated string for A/AAAA-lookup or |
66 | by 'struct in_addr' / 'struct in6_addr' for reverse lookup */ | 66 | by 'struct in_addr' / 'struct in6_addr' for reverse lookup */ |
@@ -79,7 +79,7 @@ struct GNUNET_RESOLVER_ResponseMessage | |||
79 | * identifies the request this message responds to. The client | 79 | * identifies the request this message responds to. The client |
80 | * has to match response to request by this identifier. | 80 | * has to match response to request by this identifier. |
81 | */ | 81 | */ |
82 | uint32_t id GNUNET_PACKED; | 82 | uint16_t id GNUNET_PACKED; |
83 | 83 | ||
84 | /* followed by 0-terminated string for response to a reverse lookup | 84 | /* followed by 0-terminated string for response to a reverse lookup |
85 | * or by 'struct in_addr' / 'struct in6_addr' for response to | 85 | * or by 'struct in_addr' / 'struct in6_addr' for response to |
diff --git a/src/util/resolver_api.c b/src/util/resolver_api.c index b94819f06..8a054327b 100644 --- a/src/util/resolver_api.c +++ b/src/util/resolver_api.c | |||
@@ -68,10 +68,10 @@ static struct GNUNET_RESOLVER_RequestHandle *req_head; | |||
68 | */ | 68 | */ |
69 | static struct GNUNET_RESOLVER_RequestHandle *req_tail; | 69 | static struct GNUNET_RESOLVER_RequestHandle *req_tail; |
70 | 70 | ||
71 | /** | 71 | ///** |
72 | * ID of the last request we sent to the service | 72 | // * ID of the last request we sent to the service |
73 | */ | 73 | // */ |
74 | static uint32_t last_request_id; | 74 | //static uint16_t last_request_id; |
75 | 75 | ||
76 | /** | 76 | /** |
77 | * How long should we wait to reconnect? | 77 | * How long should we wait to reconnect? |
@@ -445,7 +445,7 @@ process_requests () | |||
445 | GNUNET_MESSAGE_TYPE_RESOLVER_REQUEST); | 445 | GNUNET_MESSAGE_TYPE_RESOLVER_REQUEST); |
446 | msg->direction = htonl (rh->direction); | 446 | msg->direction = htonl (rh->direction); |
447 | msg->af = htonl (rh->af); | 447 | msg->af = htonl (rh->af); |
448 | msg->id = htonl (rh->id); | 448 | msg->id = htons (rh->id); |
449 | GNUNET_memcpy (&msg[1], | 449 | GNUNET_memcpy (&msg[1], |
450 | &rh[1], | 450 | &rh[1], |
451 | rh->data_len); | 451 | rh->data_len); |
@@ -491,7 +491,7 @@ handle_response (void *cls, | |||
491 | struct GNUNET_RESOLVER_RequestHandle *rh = req_head; | 491 | struct GNUNET_RESOLVER_RequestHandle *rh = req_head; |
492 | uint16_t size; | 492 | uint16_t size; |
493 | char *nret; | 493 | char *nret; |
494 | uint32_t request_id = msg->id; | 494 | uint16_t request_id = msg->id; |
495 | 495 | ||
496 | for (; rh != NULL; rh = rh->next) | 496 | for (; rh != NULL; rh = rh->next) |
497 | { | 497 | { |
@@ -911,6 +911,14 @@ handle_lookup_timeout (void *cls) | |||
911 | } | 911 | } |
912 | 912 | ||
913 | 913 | ||
914 | static uint16_t | ||
915 | get_request_id () | ||
916 | { | ||
917 | return (uint16_t) GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_NONCE, | ||
918 | UINT16_MAX); | ||
919 | } | ||
920 | |||
921 | |||
914 | /** | 922 | /** |
915 | * Convert a string to one or more IP addresses. | 923 | * Convert a string to one or more IP addresses. |
916 | * | 924 | * |
@@ -945,7 +953,8 @@ GNUNET_RESOLVER_ip_get (const char *hostname, | |||
945 | hostname); | 953 | hostname); |
946 | rh = GNUNET_malloc (sizeof (struct GNUNET_RESOLVER_RequestHandle) + slen); | 954 | rh = GNUNET_malloc (sizeof (struct GNUNET_RESOLVER_RequestHandle) + slen); |
947 | rh->af = af; | 955 | rh->af = af; |
948 | rh->id = ++last_request_id; | 956 | //rh->id = ++last_request_id; |
957 | rh->id = get_request_id (); | ||
949 | rh->addr_callback = callback; | 958 | rh->addr_callback = callback; |
950 | rh->cls = callback_cls; | 959 | rh->cls = callback_cls; |
951 | GNUNET_memcpy (&rh[1], | 960 | GNUNET_memcpy (&rh[1], |
@@ -1092,7 +1101,8 @@ GNUNET_RESOLVER_hostname_get (const struct sockaddr *sa, | |||
1092 | rh->name_callback = callback; | 1101 | rh->name_callback = callback; |
1093 | rh->cls = cls; | 1102 | rh->cls = cls; |
1094 | rh->af = sa->sa_family; | 1103 | rh->af = sa->sa_family; |
1095 | rh->id = ++last_request_id; | 1104 | //rh->id = ++last_request_id; |
1105 | rh->id = get_request_id (); | ||
1096 | rh->timeout = GNUNET_TIME_relative_to_absolute (timeout); | 1106 | rh->timeout = GNUNET_TIME_relative_to_absolute (timeout); |
1097 | GNUNET_memcpy (&rh[1], | 1107 | GNUNET_memcpy (&rh[1], |
1098 | ip, | 1108 | ip, |
diff --git a/src/util/strings.c b/src/util/strings.c index 5ed195933..ea3c8cfb9 100644 --- a/src/util/strings.c +++ b/src/util/strings.c | |||
@@ -11,7 +11,7 @@ | |||
11 | WITHOUT ANY WARRANTY; without even the implied warranty of | 11 | WITHOUT ANY WARRANTY; without even the implied warranty of |
12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | 12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
13 | Affero General Public License for more details. | 13 | Affero General Public License for more details. |
14 | 14 | ||
15 | You should have received a copy of the GNU Affero General Public License | 15 | You should have received a copy of the GNU Affero General Public License |
16 | along with this program. If not, see <http://www.gnu.org/licenses/>. | 16 | along with this program. If not, see <http://www.gnu.org/licenses/>. |
17 | */ | 17 | */ |
@@ -1947,27 +1947,27 @@ static char *cvt = | |||
1947 | /** | 1947 | /** |
1948 | * Encode into Base64. | 1948 | * Encode into Base64. |
1949 | * | 1949 | * |
1950 | * @param data the data to encode | 1950 | * @param in the data to encode |
1951 | * @param len the length of the input | 1951 | * @param len the length of the input |
1952 | * @param output where to write the output (*output should be NULL, | 1952 | * @param output where to write the output (*output should be NULL, |
1953 | * is allocated) | 1953 | * is allocated) |
1954 | * @return the size of the output | 1954 | * @return the size of the output |
1955 | */ | 1955 | */ |
1956 | size_t | 1956 | size_t |
1957 | GNUNET_STRINGS_base64_encode (const char *data, | 1957 | GNUNET_STRINGS_base64_encode (const void *in, |
1958 | size_t len, | 1958 | size_t len, |
1959 | char **output) | 1959 | char **output) |
1960 | { | 1960 | { |
1961 | size_t i; | 1961 | const char *data = in; |
1962 | char c; | ||
1963 | size_t ret; | 1962 | size_t ret; |
1964 | char *opt; | 1963 | char *opt; |
1965 | 1964 | ||
1966 | ret = 0; | 1965 | ret = 0; |
1967 | opt = GNUNET_malloc (2 + (len * 4 / 3) + 8); | 1966 | opt = GNUNET_malloc (2 + (len * 4 / 3) + 8); |
1968 | *output = opt; | 1967 | for (size_t i = 0; i < len; ++i) |
1969 | for (i = 0; i < len; ++i) | ||
1970 | { | 1968 | { |
1969 | char c; | ||
1970 | |||
1971 | c = (data[i] >> 2) & 0x3f; | 1971 | c = (data[i] >> 2) & 0x3f; |
1972 | opt[ret++] = cvt[(int) c]; | 1972 | opt[ret++] = cvt[(int) c]; |
1973 | c = (data[i] << 4) & 0x3f; | 1973 | c = (data[i] << 4) & 0x3f; |
@@ -1997,6 +1997,7 @@ GNUNET_STRINGS_base64_encode (const char *data, | |||
1997 | } | 1997 | } |
1998 | } | 1998 | } |
1999 | opt[ret++] = FILLCHAR; | 1999 | opt[ret++] = FILLCHAR; |
2000 | *output = opt; | ||
2000 | return ret; | 2001 | return ret; |
2001 | } | 2002 | } |
2002 | 2003 | ||
@@ -2018,11 +2019,10 @@ GNUNET_STRINGS_base64_encode (const char *data, | |||
2018 | */ | 2019 | */ |
2019 | size_t | 2020 | size_t |
2020 | GNUNET_STRINGS_base64_decode (const char *data, | 2021 | GNUNET_STRINGS_base64_decode (const char *data, |
2021 | size_t len, char **output) | 2022 | size_t len, |
2023 | void **out) | ||
2022 | { | 2024 | { |
2023 | size_t i; | 2025 | char *output; |
2024 | char c; | ||
2025 | char c1; | ||
2026 | size_t ret = 0; | 2026 | size_t ret = 0; |
2027 | 2027 | ||
2028 | #define CHECK_CRLF while (data[i] == '\r' || data[i] == '\n') {\ | 2028 | #define CHECK_CRLF while (data[i] == '\r' || data[i] == '\n') {\ |
@@ -2031,12 +2031,15 @@ GNUNET_STRINGS_base64_decode (const char *data, | |||
2031 | if (i >= len) goto END; \ | 2031 | if (i >= len) goto END; \ |
2032 | } | 2032 | } |
2033 | 2033 | ||
2034 | *output = GNUNET_malloc ((len * 3 / 4) + 8); | 2034 | output = GNUNET_malloc ((len * 3 / 4) + 8); |
2035 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 2035 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
2036 | "base64_decode decoding len=%d\n", | 2036 | "base64_decode decoding len=%d\n", |
2037 | (int) len); | 2037 | (int) len); |
2038 | for (i = 0; i < len; ++i) | 2038 | for (size_t i = 0; i < len; ++i) |
2039 | { | 2039 | { |
2040 | char c; | ||
2041 | char c1; | ||
2042 | |||
2040 | CHECK_CRLF; | 2043 | CHECK_CRLF; |
2041 | if (FILLCHAR == data[i]) | 2044 | if (FILLCHAR == data[i]) |
2042 | break; | 2045 | break; |
@@ -2045,7 +2048,7 @@ GNUNET_STRINGS_base64_decode (const char *data, | |||
2045 | CHECK_CRLF; | 2048 | CHECK_CRLF; |
2046 | c1 = (char) cvtfind (data[i]); | 2049 | c1 = (char) cvtfind (data[i]); |
2047 | c = (c << 2) | ((c1 >> 4) & 0x3); | 2050 | c = (c << 2) | ((c1 >> 4) & 0x3); |
2048 | (*output)[ret++] = c; | 2051 | output[ret++] = c; |
2049 | if (++i < len) | 2052 | if (++i < len) |
2050 | { | 2053 | { |
2051 | CHECK_CRLF; | 2054 | CHECK_CRLF; |
@@ -2054,7 +2057,7 @@ GNUNET_STRINGS_base64_decode (const char *data, | |||
2054 | break; | 2057 | break; |
2055 | c = (char) cvtfind (c); | 2058 | c = (char) cvtfind (c); |
2056 | c1 = ((c1 << 4) & 0xf0) | ((c >> 2) & 0xf); | 2059 | c1 = ((c1 << 4) & 0xf0) | ((c >> 2) & 0xf); |
2057 | (*output)[ret++] = c1; | 2060 | output[ret++] = c1; |
2058 | } | 2061 | } |
2059 | if (++i < len) | 2062 | if (++i < len) |
2060 | { | 2063 | { |
@@ -2065,15 +2068,13 @@ GNUNET_STRINGS_base64_decode (const char *data, | |||
2065 | 2068 | ||
2066 | c1 = (char) cvtfind (c1); | 2069 | c1 = (char) cvtfind (c1); |
2067 | c = ((c << 6) & 0xc0) | c1; | 2070 | c = ((c << 6) & 0xc0) | c1; |
2068 | (*output)[ret++] = c; | 2071 | output[ret++] = c; |
2069 | } | 2072 | } |
2070 | } | 2073 | } |
2071 | END: | 2074 | END: |
2075 | *out = output; | ||
2072 | return ret; | 2076 | return ret; |
2073 | } | 2077 | } |
2074 | 2078 | ||
2075 | 2079 | ||
2076 | |||
2077 | |||
2078 | |||
2079 | /* end of strings.c */ | 2080 | /* end of strings.c */ |
diff --git a/src/dns/test_hexcoder.c b/src/util/test_hexcoder.c index 441d7e200..441d7e200 100644 --- a/src/dns/test_hexcoder.c +++ b/src/util/test_hexcoder.c | |||
diff --git a/src/tun/test_regex.c b/src/util/test_regex.c index 2e7d52828..2e7d52828 100644 --- a/src/tun/test_regex.c +++ b/src/util/test_regex.c | |||
diff --git a/src/tun/test_tun.c b/src/util/test_tun.c index edbd4c05d..edbd4c05d 100644 --- a/src/tun/test_tun.c +++ b/src/util/test_tun.c | |||
diff --git a/src/tun/tun.c b/src/util/tun.c index f85f72209..25e729e58 100644 --- a/src/tun/tun.c +++ b/src/util/tun.c | |||
@@ -11,7 +11,7 @@ | |||
11 | WITHOUT ANY WARRANTY; without even the implied warranty of | 11 | WITHOUT ANY WARRANTY; without even the implied warranty of |
12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | 12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
13 | Affero General Public License for more details. | 13 | Affero General Public License for more details. |
14 | 14 | ||
15 | You should have received a copy of the GNU Affero General Public License | 15 | You should have received a copy of the GNU Affero General Public License |
16 | along with this program. If not, see <http://www.gnu.org/licenses/>. | 16 | along with this program. If not, see <http://www.gnu.org/licenses/>. |
17 | */ | 17 | */ |
@@ -23,7 +23,7 @@ | |||
23 | * @author Christian Grothoff | 23 | * @author Christian Grothoff |
24 | */ | 24 | */ |
25 | #include "platform.h" | 25 | #include "platform.h" |
26 | #include "gnunet_tun_lib.h" | 26 | #include "gnunet_util_lib.h" |
27 | 27 | ||
28 | /** | 28 | /** |
29 | * IP TTL we use for packets that we assemble (8 bit unsigned integer) | 29 | * IP TTL we use for packets that we assemble (8 bit unsigned integer) |
diff --git a/src/vpn/Makefile.am b/src/vpn/Makefile.am index 5c16fa349..d1f74d35b 100644 --- a/src/vpn/Makefile.am +++ b/src/vpn/Makefile.am | |||
@@ -57,7 +57,6 @@ gnunet_service_vpn_SOURCES = \ | |||
57 | gnunet-service-vpn.c | 57 | gnunet-service-vpn.c |
58 | gnunet_service_vpn_LDADD = \ | 58 | gnunet_service_vpn_LDADD = \ |
59 | $(top_builddir)/src/statistics/libgnunetstatistics.la \ | 59 | $(top_builddir)/src/statistics/libgnunetstatistics.la \ |
60 | $(top_builddir)/src/tun/libgnunettun.la \ | ||
61 | $(top_builddir)/src/util/libgnunetutil.la \ | 60 | $(top_builddir)/src/util/libgnunetutil.la \ |
62 | $(top_builddir)/src/cadet/libgnunetcadet.la \ | 61 | $(top_builddir)/src/cadet/libgnunetcadet.la \ |
63 | $(top_builddir)/src/regex/libgnunetregex.la \ | 62 | $(top_builddir)/src/regex/libgnunetregex.la \ |
@@ -69,7 +68,6 @@ gnunet_vpn_SOURCES = \ | |||
69 | gnunet-vpn.c | 68 | gnunet-vpn.c |
70 | gnunet_vpn_LDADD = \ | 69 | gnunet_vpn_LDADD = \ |
71 | libgnunetvpn.la \ | 70 | libgnunetvpn.la \ |
72 | $(top_builddir)/src/tun/libgnunettun.la \ | ||
73 | $(top_builddir)/src/util/libgnunetutil.la \ | 71 | $(top_builddir)/src/util/libgnunetutil.la \ |
74 | $(GN_LIBINTL) | 72 | $(GN_LIBINTL) |
75 | 73 | ||