diff options
author | Schanzenbach, Martin <martin.schanzenbach@aisec.fraunhofer.de> | 2018-03-05 19:39:56 +0100 |
---|---|---|
committer | Schanzenbach, Martin <martin.schanzenbach@aisec.fraunhofer.de> | 2018-03-05 19:39:56 +0100 |
commit | bb5a41d072ab7964006cb68a45e043d856cb630e (patch) | |
tree | fd2fbf5bd6fdace3892a1ba2bdb712c81a485232 /src/gns/gnunet-gns-proxy.c | |
parent | d036b626b8eea15f99d91faf309843936289fde7 (diff) | |
download | gnunet-bb5a41d072ab7964006cb68a45e043d856cb630e.tar.gz gnunet-bb5a41d072ab7964006cb68a45e043d856cb630e.zip |
start fixing gns
Diffstat (limited to 'src/gns/gnunet-gns-proxy.c')
-rw-r--r-- | src/gns/gnunet-gns-proxy.c | 191 |
1 files changed, 174 insertions, 17 deletions
diff --git a/src/gns/gnunet-gns-proxy.c b/src/gns/gnunet-gns-proxy.c index ba162c5e3..73af0e693 100644 --- a/src/gns/gnunet-gns-proxy.c +++ b/src/gns/gnunet-gns-proxy.c | |||
@@ -483,6 +483,11 @@ struct Socks5Request | |||
483 | struct GNUNET_GNS_LookupRequest *gns_lookup; | 483 | struct GNUNET_GNS_LookupRequest *gns_lookup; |
484 | 484 | ||
485 | /** | 485 | /** |
486 | * Handle to Ego lookup, during #SOCKS5_RESOLVING phase. | ||
487 | */ | ||
488 | struct GNUNET_IDENTITY_EgoLookup *el; | ||
489 | |||
490 | /** | ||
486 | * Client socket read task | 491 | * Client socket read task |
487 | */ | 492 | */ |
488 | struct GNUNET_SCHEDULER_Task * rtask; | 493 | struct GNUNET_SCHEDULER_Task * rtask; |
@@ -528,6 +533,11 @@ struct Socks5Request | |||
528 | char *domain; | 533 | char *domain; |
529 | 534 | ||
530 | /** | 535 | /** |
536 | * the tld | ||
537 | */ | ||
538 | const char *tld; | ||
539 | |||
540 | /** | ||
531 | * DNS Legacy Host Name as given by GNS, NULL if not given. | 541 | * DNS Legacy Host Name as given by GNS, NULL if not given. |
532 | */ | 542 | */ |
533 | char *leho; | 543 | char *leho; |
@@ -1088,16 +1098,18 @@ curl_check_hdr (void *buffer, size_t size, size_t nmemb, void *cls) | |||
1088 | if (0 == strcasecmp (cookie_domain, s5r->leho + delta_cdomain)) | 1098 | if (0 == strcasecmp (cookie_domain, s5r->leho + delta_cdomain)) |
1089 | { | 1099 | { |
1090 | offset += sprintf (new_cookie_hdr + offset, | 1100 | offset += sprintf (new_cookie_hdr + offset, |
1091 | " domain=%s;", | 1101 | " domain=%s.%s;", |
1092 | s5r->domain); | 1102 | s5r->domain, |
1103 | s5r->tld); | ||
1093 | continue; | 1104 | continue; |
1094 | } | 1105 | } |
1095 | } | 1106 | } |
1096 | else if (0 == strcmp (cookie_domain, s5r->leho)) | 1107 | else if (0 == strcmp (cookie_domain, s5r->leho)) |
1097 | { | 1108 | { |
1098 | offset += sprintf (new_cookie_hdr + offset, | 1109 | offset += sprintf (new_cookie_hdr + offset, |
1099 | " domain=%s;", | 1110 | " domain=%s.%s;", |
1100 | s5r->domain); | 1111 | s5r->domain, |
1112 | s5r->tld); | ||
1101 | continue; | 1113 | continue; |
1102 | } | 1114 | } |
1103 | GNUNET_log (GNUNET_ERROR_TYPE_WARNING, | 1115 | GNUNET_log (GNUNET_ERROR_TYPE_WARNING, |
@@ -1126,11 +1138,12 @@ curl_check_hdr (void *buffer, size_t size, size_t nmemb, void *cls) | |||
1126 | strlen (leho_host))) | 1138 | strlen (leho_host))) |
1127 | { | 1139 | { |
1128 | GNUNET_asprintf (&new_location, | 1140 | GNUNET_asprintf (&new_location, |
1129 | "%s%s%s", | 1141 | "%s%s.%s%s", |
1130 | (HTTPS_PORT != s5r->port) | 1142 | (HTTPS_PORT != s5r->port) |
1131 | ? "http://" | 1143 | ? "http://" |
1132 | : "https://", | 1144 | : "https://", |
1133 | s5r->domain, | 1145 | s5r->domain, |
1146 | s5r->tld, | ||
1134 | hdr_val + strlen (leho_host)); | 1147 | hdr_val + strlen (leho_host)); |
1135 | hdr_val = new_location; | 1148 | hdr_val = new_location; |
1136 | } | 1149 | } |
@@ -2370,17 +2383,23 @@ setup_data_transfer (struct Socks5Request *s5r) | |||
2370 | int fd; | 2383 | int fd; |
2371 | const struct sockaddr *addr; | 2384 | const struct sockaddr *addr; |
2372 | socklen_t len; | 2385 | socklen_t len; |
2386 | char *domain; | ||
2373 | 2387 | ||
2374 | switch (s5r->port) | 2388 | switch (s5r->port) |
2375 | { | 2389 | { |
2376 | case HTTPS_PORT: | 2390 | case HTTPS_PORT: |
2377 | hd = lookup_ssl_httpd (s5r->domain); | 2391 | GNUNET_asprintf (&domain, |
2392 | "%s.%s", | ||
2393 | s5r->domain, | ||
2394 | s5r->tld); | ||
2395 | hd = lookup_ssl_httpd (domain); | ||
2378 | if (NULL == hd) | 2396 | if (NULL == hd) |
2379 | { | 2397 | { |
2380 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | 2398 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, |
2381 | _("Failed to start HTTPS server for `%s'\n"), | 2399 | _("Failed to start HTTPS server for `%s'\n"), |
2382 | s5r->domain); | 2400 | s5r->domain); |
2383 | cleanup_s5r (s5r); | 2401 | cleanup_s5r (s5r); |
2402 | GNUNET_free (domain); | ||
2384 | return; | 2403 | return; |
2385 | } | 2404 | } |
2386 | break; | 2405 | break; |
@@ -2399,6 +2418,7 @@ setup_data_transfer (struct Socks5Request *s5r) | |||
2399 | GNUNET_log (GNUNET_ERROR_TYPE_WARNING, | 2418 | GNUNET_log (GNUNET_ERROR_TYPE_WARNING, |
2400 | _("Failed to pass client to MHD\n")); | 2419 | _("Failed to pass client to MHD\n")); |
2401 | cleanup_s5r (s5r); | 2420 | cleanup_s5r (s5r); |
2421 | GNUNET_free (domain); | ||
2402 | return; | 2422 | return; |
2403 | } | 2423 | } |
2404 | s5r->hd = hd; | 2424 | s5r->hd = hd; |
@@ -2406,6 +2426,7 @@ setup_data_transfer (struct Socks5Request *s5r) | |||
2406 | s5r->timeout_task = GNUNET_SCHEDULER_add_delayed (HTTP_HANDSHAKE_TIMEOUT, | 2426 | s5r->timeout_task = GNUNET_SCHEDULER_add_delayed (HTTP_HANDSHAKE_TIMEOUT, |
2407 | &timeout_s5r_handshake, | 2427 | &timeout_s5r_handshake, |
2408 | s5r); | 2428 | s5r); |
2429 | GNUNET_free (domain); | ||
2409 | } | 2430 | } |
2410 | 2431 | ||
2411 | 2432 | ||
@@ -2670,6 +2691,82 @@ clear_from_s5r_rbuf (struct Socks5Request *s5r, | |||
2670 | 2691 | ||
2671 | 2692 | ||
2672 | /** | 2693 | /** |
2694 | * Method called to with the ego we are to use for the lookup, | ||
2695 | * when the ego is determined by a name. | ||
2696 | * | ||
2697 | * @param cls closure (NULL, unused) | ||
2698 | * @param ego ego handle, NULL if not found | ||
2699 | */ | ||
2700 | static void | ||
2701 | identity_zone_cb (void *cls, | ||
2702 | const struct GNUNET_IDENTITY_Ego *ego) | ||
2703 | { | ||
2704 | struct Socks5Request *s5r = cls; | ||
2705 | struct GNUNET_CRYPTO_EcdsaPublicKey pkey; | ||
2706 | |||
2707 | s5r->el = NULL; | ||
2708 | if (NULL == ego) | ||
2709 | { | ||
2710 | signal_socks_failure (s5r, | ||
2711 | SOCKS5_STATUS_GENERAL_FAILURE); | ||
2712 | return; | ||
2713 | |||
2714 | } | ||
2715 | GNUNET_IDENTITY_ego_get_public_key (ego, | ||
2716 | &pkey); | ||
2717 | s5r->gns_lookup = GNUNET_GNS_lookup (gns_handle, | ||
2718 | s5r->domain, | ||
2719 | &pkey, | ||
2720 | GNUNET_DNSPARSER_TYPE_A, | ||
2721 | GNUNET_NO /* only cached */, | ||
2722 | &handle_gns_result, | ||
2723 | s5r); | ||
2724 | |||
2725 | |||
2726 | } | ||
2727 | |||
2728 | /** | ||
2729 | * Obtain TLD from @a name | ||
2730 | * | ||
2731 | * @param name a name | ||
2732 | * @return the part of @a name after the last ".", | ||
2733 | * or @a name if @a name does not contain a "." | ||
2734 | */ | ||
2735 | static const char * | ||
2736 | get_tld (const char *name) | ||
2737 | { | ||
2738 | const char *tld; | ||
2739 | |||
2740 | tld = strrchr (name, | ||
2741 | (unsigned char) '.'); | ||
2742 | if (NULL == tld) | ||
2743 | tld = name; | ||
2744 | else | ||
2745 | tld++; /* skip the '.' */ | ||
2746 | return tld; | ||
2747 | } | ||
2748 | |||
2749 | /** | ||
2750 | * Eat the TLD of the given @a name. | ||
2751 | * | ||
2752 | * @param name a name | ||
2753 | */ | ||
2754 | static void | ||
2755 | eat_tld (char *name) | ||
2756 | { | ||
2757 | char *tld; | ||
2758 | |||
2759 | GNUNET_assert (0 < strlen (name)); | ||
2760 | tld = strrchr (name, | ||
2761 | (unsigned char) '.'); | ||
2762 | if (NULL == tld) | ||
2763 | strcpy (name, | ||
2764 | GNUNET_GNS_MASTERZONE_STR); | ||
2765 | else | ||
2766 | *tld = '\0'; | ||
2767 | } | ||
2768 | |||
2769 | /** | ||
2673 | * Read data from incoming Socks5 connection | 2770 | * Read data from incoming Socks5 connection |
2674 | * | 2771 | * |
2675 | * @param cls the closure with the `struct Socks5Request` | 2772 | * @param cls the closure with the `struct Socks5Request` |
@@ -2684,6 +2781,9 @@ do_s5r_read (void *cls) | |||
2684 | ssize_t rlen; | 2781 | ssize_t rlen; |
2685 | size_t alen; | 2782 | size_t alen; |
2686 | const struct GNUNET_SCHEDULER_TaskContext *tc; | 2783 | const struct GNUNET_SCHEDULER_TaskContext *tc; |
2784 | char *zonestr; | ||
2785 | char *dot_tld; | ||
2786 | struct GNUNET_CRYPTO_EcdsaPublicKey pkey; | ||
2687 | 2787 | ||
2688 | s5r->rtask = NULL; | 2788 | s5r->rtask = NULL; |
2689 | tc = GNUNET_SCHEDULER_get_task_context (); | 2789 | tc = GNUNET_SCHEDULER_get_task_context (); |
@@ -2834,13 +2934,70 @@ do_s5r_read (void *cls) | |||
2834 | ntohs (*port)); | 2934 | ntohs (*port)); |
2835 | s5r->state = SOCKS5_RESOLVING; | 2935 | s5r->state = SOCKS5_RESOLVING; |
2836 | s5r->port = ntohs (*port); | 2936 | s5r->port = ntohs (*port); |
2837 | s5r->gns_lookup = GNUNET_GNS_lookup (gns_handle, | 2937 | /* TLD is zkey */ |
2838 | s5r->domain, | 2938 | s5r->tld = get_tld (s5r->domain); |
2839 | &local_gns_zone, | 2939 | if (GNUNET_OK == |
2840 | GNUNET_DNSPARSER_TYPE_A, | 2940 | GNUNET_CRYPTO_ecdsa_public_key_from_string (s5r->tld, |
2841 | GNUNET_NO /* only cached */, | 2941 | strlen (s5r->tld), |
2842 | &handle_gns_result, | 2942 | &pkey)) |
2843 | s5r); | 2943 | { |
2944 | eat_tld (s5r->domain); | ||
2945 | s5r->gns_lookup = GNUNET_GNS_lookup (gns_handle, | ||
2946 | s5r->domain, | ||
2947 | &pkey, | ||
2948 | GNUNET_DNSPARSER_TYPE_A, | ||
2949 | GNUNET_NO /* only cached */, | ||
2950 | &handle_gns_result, | ||
2951 | s5r); | ||
2952 | |||
2953 | break; | ||
2954 | } | ||
2955 | /* TLD is mapped in our config */ | ||
2956 | GNUNET_asprintf (&dot_tld, | ||
2957 | ".%s", | ||
2958 | s5r->tld); | ||
2959 | if (GNUNET_OK == | ||
2960 | GNUNET_CONFIGURATION_get_value_string (cfg, | ||
2961 | "gns", | ||
2962 | dot_tld, | ||
2963 | &zonestr)) | ||
2964 | { | ||
2965 | if (GNUNET_OK != | ||
2966 | GNUNET_CRYPTO_ecdsa_public_key_from_string (zonestr, | ||
2967 | strlen (zonestr), | ||
2968 | &pkey)) | ||
2969 | { | ||
2970 | GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, | ||
2971 | "gns", | ||
2972 | dot_tld, | ||
2973 | _("Expected a base32-encoded public zone key\n")); | ||
2974 | GNUNET_free (zonestr); | ||
2975 | GNUNET_free (dot_tld); | ||
2976 | signal_socks_failure (s5r, | ||
2977 | SOCKS5_STATUS_GENERAL_FAILURE); | ||
2978 | return; | ||
2979 | |||
2980 | } | ||
2981 | GNUNET_free (zonestr); | ||
2982 | GNUNET_free (dot_tld); | ||
2983 | eat_tld (s5r->domain); | ||
2984 | s5r->gns_lookup = GNUNET_GNS_lookup (gns_handle, | ||
2985 | s5r->domain, | ||
2986 | &pkey, | ||
2987 | GNUNET_DNSPARSER_TYPE_A, | ||
2988 | GNUNET_NO /* only cached */, | ||
2989 | &handle_gns_result, | ||
2990 | s5r); | ||
2991 | break; | ||
2992 | } | ||
2993 | |||
2994 | /* TLD matches against ego */ | ||
2995 | eat_tld (s5r->domain); | ||
2996 | |||
2997 | s5r->el = GNUNET_IDENTITY_ego_lookup (cfg, | ||
2998 | s5r->tld, | ||
2999 | &identity_zone_cb, | ||
3000 | s5r); | ||
2844 | break; | 3001 | break; |
2845 | } | 3002 | } |
2846 | default: | 3003 | default: |
@@ -3281,10 +3438,10 @@ main (int argc, char *const *argv) | |||
3281 | struct GNUNET_GETOPT_CommandLineOption options[] = { | 3438 | struct GNUNET_GETOPT_CommandLineOption options[] = { |
3282 | 3439 | ||
3283 | GNUNET_GETOPT_option_ulong ('p', | 3440 | GNUNET_GETOPT_option_ulong ('p', |
3284 | "port", | 3441 | "port", |
3285 | NULL, | 3442 | NULL, |
3286 | gettext_noop ("listen on specified port (default: 7777)"), | 3443 | gettext_noop ("listen on specified port (default: 7777)"), |
3287 | &port), | 3444 | &port), |
3288 | 3445 | ||
3289 | GNUNET_GETOPT_option_string ('a', | 3446 | GNUNET_GETOPT_option_string ('a', |
3290 | "authority", | 3447 | "authority", |