start fixing gns

author: Schanzenbach, Martin <martin.schanzenbach@aisec.fraunhofer.de> 2018-03-05 19:39:56 +0100
committer: Schanzenbach, Martin <martin.schanzenbach@aisec.fraunhofer.de> 2018-03-05 19:39:56 +0100
commit: bb5a41d072ab7964006cb68a45e043d856cb630e (patch)
tree: fd2fbf5bd6fdace3892a1ba2bdb712c81a485232 /src/gns/gnunet-gns-proxy.c
parent: d036b626b8eea15f99d91faf309843936289fde7 (diff)
download: gnunet-bb5a41d072ab7964006cb68a45e043d856cb630e.tar.gz
gnunet-bb5a41d072ab7964006cb68a45e043d856cb630e.zip
1 files changed, 174 insertions, 17 deletions
diff --git a/src/gns/gnunet-gns-proxy.c b/src/gns/gnunet-gns-proxy.c
index ba162c5e3..73af0e693 100644
--- a/src/gns/gnunet-gns-proxy.c
+++ b/src/gns/gnunet-gns-proxy.c
@@ -483,6 +483,11 @@ struct Socks5Request
  struct GNUNET_GNS_LookupRequest *gns_lookup;
  /**
+   * Handle to Ego lookup, during #SOCKS5_RESOLVING phase.
+   */
+  struct GNUNET_IDENTITY_EgoLookup *el;
+  /**
   * Client socket read task
   */
  struct GNUNET_SCHEDULER_Task * rtask;
@@ -528,6 +533,11 @@ struct Socks5Request
  char *domain;
  /**
+   * the tld
+   */
+  const char *tld;
+  /**
   * DNS Legacy Host Name as given by GNS, NULL if not given.
   */
  char *leho;
@@ -1088,16 +1098,18 @@ curl_check_hdr (void *buffer, size_t size, size_t nmemb, void *cls)
          if (0 == strcasecmp (cookie_domain, s5r->leho + delta_cdomain))
          {
            offset += sprintf (new_cookie_hdr + offset,
-                               " domain=%s;",
+                               " domain=%s.%s;",
-                               s5r->domain);
+                               s5r->domain,
+                               s5r->tld);
            continue;
          }
        }
        else if (0 == strcmp (cookie_domain, s5r->leho))
        {
          offset += sprintf (new_cookie_hdr + offset,
-                             " domain=%s;",
+                             " domain=%s.%s;",
-                             s5r->domain);
+                             s5r->domain,
+                             s5r->tld);
          continue;
        }
        GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
@@ -1126,11 +1138,12 @@ curl_check_hdr (void *buffer, size_t size, size_t nmemb, void *cls)
                      strlen (leho_host)))
    {
      GNUNET_asprintf (&new_location,
-                       "%s%s%s",
+                       "%s%s.%s%s",
                       (HTTPS_PORT != s5r->port)
                       ? "http://"
                       : "https://",
                       s5r->domain,
+                       s5r->tld,
                       hdr_val + strlen (leho_host));
      hdr_val = new_location;
    }
@@ -2370,17 +2383,23 @@ setup_data_transfer (struct Socks5Request *s5r)
  int fd;
  const struct sockaddr *addr;
  socklen_t len;
+  char *domain;
  switch (s5r->port)
  {
    case HTTPS_PORT:
-      hd = lookup_ssl_httpd (s5r->domain);
+      GNUNET_asprintf (&domain,
+                       "%s.%s",
+                       s5r->domain,
+                       s5r->tld);
+      hd = lookup_ssl_httpd (domain);
      if (NULL == hd)
      {
        GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
                    _("Failed to start HTTPS server for `%s'\n"),
                    s5r->domain);
        cleanup_s5r (s5r);
+        GNUNET_free (domain);
        return;
      }
      break;
@@ -2399,6 +2418,7 @@ setup_data_transfer (struct Socks5Request *s5r)
    GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
                _("Failed to pass client to MHD\n"));
    cleanup_s5r (s5r);
+    GNUNET_free (domain);
    return;
  }
  s5r->hd = hd;
@@ -2406,6 +2426,7 @@ setup_data_transfer (struct Socks5Request *s5r)
  s5r->timeout_task = GNUNET_SCHEDULER_add_delayed (HTTP_HANDSHAKE_TIMEOUT,
                                                    &timeout_s5r_handshake,
                                                    s5r);
+  GNUNET_free (domain);
 }
@@ -2670,6 +2691,82 @@ clear_from_s5r_rbuf (struct Socks5Request *s5r,
 /**
+ * Method called to with the ego we are to use for the lookup,
+ * when the ego is determined by a name.
+ *
+ * @param cls closure (NULL, unused)
+ * @param ego ego handle, NULL if not found
+ */
+static void
+identity_zone_cb (void *cls,
+                  const struct GNUNET_IDENTITY_Ego *ego)
+{
+  struct Socks5Request *s5r = cls;
+  struct GNUNET_CRYPTO_EcdsaPublicKey pkey;
+  s5r->el = NULL;
+  if (NULL == ego)
+  {
+    signal_socks_failure (s5r,
+                          SOCKS5_STATUS_GENERAL_FAILURE);
+    return;
+  }
+  GNUNET_IDENTITY_ego_get_public_key (ego,
+                                      &pkey);
+  s5r->gns_lookup = GNUNET_GNS_lookup (gns_handle,
+                                       s5r->domain,
+                                       &pkey,
+                                       GNUNET_DNSPARSER_TYPE_A,
+                                       GNUNET_NO /* only cached */,
+                                       &handle_gns_result,
+                                       s5r);
+}
+/**
+ * Obtain TLD from @a name
+ *
+ * @param name a name
+ * @return the part of @a name after the last ".",
+ *         or @a name if @a name does not contain a "."
+ */
+static const char *
+get_tld (const char *name)
+{
+  const char *tld;
+  tld = strrchr (name,
+                 (unsigned char) '.');
+  if (NULL == tld)
+    tld = name;
+  else
+    tld++; /* skip the '.' */
+  return tld;
+}
+/**
+ * Eat the TLD of the given @a name.
+ *
+ * @param name a name
+ */
+static void
+eat_tld (char *name)
+{
+  char *tld;
+  GNUNET_assert (0 < strlen (name));
+  tld = strrchr (name,
+                 (unsigned char) '.');
+  if (NULL == tld)
+    strcpy (name,
+            GNUNET_GNS_MASTERZONE_STR);
+  else
+    *tld = '\0';
+}
+/**
 * Read data from incoming Socks5 connection
 *
 * @param cls the closure with the `struct Socks5Request`
@@ -2684,6 +2781,9 @@ do_s5r_read (void *cls)
  ssize_t rlen;
  size_t alen;
  const struct GNUNET_SCHEDULER_TaskContext *tc;
+  char *zonestr;
+  char *dot_tld;
+  struct GNUNET_CRYPTO_EcdsaPublicKey pkey;
  s5r->rtask = NULL;
  tc = GNUNET_SCHEDULER_get_task_context ();
@@ -2834,13 +2934,70 @@ do_s5r_read (void *cls)
                        ntohs (*port));
            s5r->state = SOCKS5_RESOLVING;
            s5r->port = ntohs (*port);
-            s5r->gns_lookup = GNUNET_GNS_lookup (gns_handle,
+            /* TLD is zkey */
-                                                 s5r->domain,
+            s5r->tld = get_tld (s5r->domain);
-                                                 &local_gns_zone,
+            if (GNUNET_OK ==
-                                                 GNUNET_DNSPARSER_TYPE_A,
+                GNUNET_CRYPTO_ecdsa_public_key_from_string (s5r->tld,
-                                                 GNUNET_NO /* only cached */,
+                                                            strlen (s5r->tld),
-                                                 &handle_gns_result,
+                                                            &pkey))
-                                                 s5r);
+            {
+              eat_tld (s5r->domain);
+              s5r->gns_lookup = GNUNET_GNS_lookup (gns_handle,
+                                                   s5r->domain,
+                                                   &pkey,
+                                                   GNUNET_DNSPARSER_TYPE_A,
+                                                   GNUNET_NO /* only cached */,
+                                                   &handle_gns_result,
+                                                   s5r);
+              break;
+            }
+            /* TLD is mapped in our config */
+            GNUNET_asprintf (&dot_tld,
+                             ".%s",
+                             s5r->tld);
+            if (GNUNET_OK ==
+                GNUNET_CONFIGURATION_get_value_string (cfg,
+                                                       "gns",
+                                                       dot_tld,
+                                                       &zonestr))
+            {
+              if (GNUNET_OK !=
+                  GNUNET_CRYPTO_ecdsa_public_key_from_string (zonestr,
+                                                              strlen (zonestr),
+                                                              &pkey))
+              {
+                GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR,
+                                           "gns",
+                                           dot_tld,
+                                           _("Expected a base32-encoded public zone key\n"));
+                GNUNET_free (zonestr);
+                GNUNET_free (dot_tld);
+                signal_socks_failure (s5r,
+                                      SOCKS5_STATUS_GENERAL_FAILURE);
+                return;
+              }
+              GNUNET_free (zonestr);
+              GNUNET_free (dot_tld);
+              eat_tld (s5r->domain);
+              s5r->gns_lookup = GNUNET_GNS_lookup (gns_handle,
+                                                   s5r->domain,
+                                                   &pkey,
+                                                   GNUNET_DNSPARSER_TYPE_A,
+                                                   GNUNET_NO /* only cached */,
+                                                   &handle_gns_result,
+                                                   s5r);
+              break;
+            }
+            /* TLD matches against ego */
+            eat_tld (s5r->domain);
+            s5r->el = GNUNET_IDENTITY_ego_lookup (cfg,
+                                                  s5r->tld,
+                                                  &identity_zone_cb,
+                                                  s5r);
            break;
          }
        default:
@@ -3281,10 +3438,10 @@ main (int argc, char *const *argv)
  struct GNUNET_GETOPT_CommandLineOption options[] = {
    GNUNET_GETOPT_option_ulong ('p',
-                                    "port",
+                                "port",
-                                    NULL,
+                                NULL,
-                                    gettext_noop ("listen on specified port (default: 7777)"),
+                                gettext_noop ("listen on specified port (default: 7777)"),
-                                    &port),
+                                &port),
    GNUNET_GETOPT_option_string ('a',
                                 "authority",
author	Schanzenbach, Martin <martin.schanzenbach@aisec.fraunhofer.de>	2018-03-05 19:39:56 +0100
committer	Schanzenbach, Martin <martin.schanzenbach@aisec.fraunhofer.de>	2018-03-05 19:39:56 +0100
commit	bb5a41d072ab7964006cb68a45e043d856cb630e (patch)
tree	fd2fbf5bd6fdace3892a1ba2bdb712c81a485232 /src/gns/gnunet-gns-proxy.c
parent	d036b626b8eea15f99d91faf309843936289fde7 (diff)
download	gnunet-bb5a41d072ab7964006cb68a45e043d856cb630e.tar.gz gnunet-bb5a41d072ab7964006cb68a45e043d856cb630e.zip

diff --git a/src/gns/gnunet-gns-proxy.c b/src/gns/gnunet-gns-proxy.c index ba162c5e3..73af0e693 100644 --- a/src/gns/gnunet-gns-proxy.c +++ b/src/gns/gnunet-gns-proxy.c
@@ -483,6 +483,11 @@ struct Socks5Request
483	struct GNUNET_GNS_LookupRequest *gns_lookup;	483	struct GNUNET_GNS_LookupRequest *gns_lookup;
484		484
485	/**	485	/**
		486	* Handle to Ego lookup, during #SOCKS5_RESOLVING phase.
		487	*/
		488	struct GNUNET_IDENTITY_EgoLookup *el;
		489
		490	/**
486	* Client socket read task	491	* Client socket read task
487	*/	492	*/
488	struct GNUNET_SCHEDULER_Task * rtask;	493	struct GNUNET_SCHEDULER_Task * rtask;
@@ -528,6 +533,11 @@ struct Socks5Request
528	char *domain;	533	char *domain;
529		534
530	/**	535	/**
		536	* the tld
		537	*/
		538	const char *tld;
		539
		540	/**
531	* DNS Legacy Host Name as given by GNS, NULL if not given.	541	* DNS Legacy Host Name as given by GNS, NULL if not given.
532	*/	542	*/
533	char *leho;	543	char *leho;
@@ -1088,16 +1098,18 @@ curl_check_hdr (void buffer, size_t size, size_t nmemb, void cls)
1088	if (0 == strcasecmp (cookie_domain, s5r->leho + delta_cdomain))	1098	if (0 == strcasecmp (cookie_domain, s5r->leho + delta_cdomain))
1089	{	1099	{
1090	offset += sprintf (new_cookie_hdr + offset,	1100	offset += sprintf (new_cookie_hdr + offset,
1091	" domain=%s;",	1101	" domain=%s.%s;",
1092	s5r->domain);	1102	s5r->domain,
		1103	s5r->tld);
1093	continue;	1104	continue;
1094	}	1105	}
1095	}	1106	}
1096	else if (0 == strcmp (cookie_domain, s5r->leho))	1107	else if (0 == strcmp (cookie_domain, s5r->leho))
1097	{	1108	{
1098	offset += sprintf (new_cookie_hdr + offset,	1109	offset += sprintf (new_cookie_hdr + offset,
1099	" domain=%s;",	1110	" domain=%s.%s;",
1100	s5r->domain);	1111	s5r->domain,
		1112	s5r->tld);
1101	continue;	1113	continue;
1102	}	1114	}
1103	GNUNET_log (GNUNET_ERROR_TYPE_WARNING,	1115	GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
@@ -1126,11 +1138,12 @@ curl_check_hdr (void buffer, size_t size, size_t nmemb, void cls)
1126	strlen (leho_host)))	1138	strlen (leho_host)))
1127	{	1139	{
1128	GNUNET_asprintf (&new_location,	1140	GNUNET_asprintf (&new_location,
1129	"%s%s%s",	1141	"%s%s.%s%s",
1130	(HTTPS_PORT != s5r->port)	1142	(HTTPS_PORT != s5r->port)
1131	? "http://"	1143	? "http://"
1132	: "https://",	1144	: "https://",
1133	s5r->domain,	1145	s5r->domain,
		1146	s5r->tld,
1134	hdr_val + strlen (leho_host));	1147	hdr_val + strlen (leho_host));
1135	hdr_val = new_location;	1148	hdr_val = new_location;
1136	}	1149	}
@@ -2370,17 +2383,23 @@ setup_data_transfer (struct Socks5Request *s5r)
2370	int fd;	2383	int fd;
2371	const struct sockaddr *addr;	2384	const struct sockaddr *addr;
2372	socklen_t len;	2385	socklen_t len;
		2386	char *domain;
2373		2387
2374	switch (s5r->port)	2388	switch (s5r->port)
2375	{	2389	{
2376	case HTTPS_PORT:	2390	case HTTPS_PORT:
2377	hd = lookup_ssl_httpd (s5r->domain);	2391	GNUNET_asprintf (&domain,
		2392	"%s.%s",
		2393	s5r->domain,
		2394	s5r->tld);
		2395	hd = lookup_ssl_httpd (domain);
2378	if (NULL == hd)	2396	if (NULL == hd)
2379	{	2397	{
2380	GNUNET_log (GNUNET_ERROR_TYPE_ERROR,	2398	GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2381	_("Failed to start HTTPS server for `%s'\n"),	2399	_("Failed to start HTTPS server for `%s'\n"),
2382	s5r->domain);	2400	s5r->domain);
2383	cleanup_s5r (s5r);	2401	cleanup_s5r (s5r);
		2402	GNUNET_free (domain);
2384	return;	2403	return;
2385	}	2404	}
2386	break;	2405	break;
@@ -2399,6 +2418,7 @@ setup_data_transfer (struct Socks5Request *s5r)
2399	GNUNET_log (GNUNET_ERROR_TYPE_WARNING,	2418	GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
2400	_("Failed to pass client to MHD\n"));	2419	_("Failed to pass client to MHD\n"));
2401	cleanup_s5r (s5r);	2420	cleanup_s5r (s5r);
		2421	GNUNET_free (domain);
2402	return;	2422	return;
2403	}	2423	}
2404	s5r->hd = hd;	2424	s5r->hd = hd;
@@ -2406,6 +2426,7 @@ setup_data_transfer (struct Socks5Request *s5r)
2406	s5r->timeout_task = GNUNET_SCHEDULER_add_delayed (HTTP_HANDSHAKE_TIMEOUT,	2426	s5r->timeout_task = GNUNET_SCHEDULER_add_delayed (HTTP_HANDSHAKE_TIMEOUT,
2407	&timeout_s5r_handshake,	2427	&timeout_s5r_handshake,
2408	s5r);	2428	s5r);
		2429	GNUNET_free (domain);
2409	}	2430	}
2410		2431
2411		2432
@@ -2670,6 +2691,82 @@ clear_from_s5r_rbuf (struct Socks5Request *s5r,
2670		2691
2671		2692
2672	/**	2693	/**
		2694	* Method called to with the ego we are to use for the lookup,
		2695	* when the ego is determined by a name.
		2696	*
		2697	* @param cls closure (NULL, unused)
		2698	* @param ego ego handle, NULL if not found
		2699	*/
		2700	static void
		2701	identity_zone_cb (void *cls,
		2702	const struct GNUNET_IDENTITY_Ego *ego)
		2703	{
		2704	struct Socks5Request *s5r = cls;
		2705	struct GNUNET_CRYPTO_EcdsaPublicKey pkey;
		2706
		2707	s5r->el = NULL;
		2708	if (NULL == ego)
		2709	{
		2710	signal_socks_failure (s5r,
		2711	SOCKS5_STATUS_GENERAL_FAILURE);
		2712	return;
		2713
		2714	}
		2715	GNUNET_IDENTITY_ego_get_public_key (ego,
		2716	&pkey);
		2717	s5r->gns_lookup = GNUNET_GNS_lookup (gns_handle,
		2718	s5r->domain,
		2719	&pkey,
		2720	GNUNET_DNSPARSER_TYPE_A,
		2721	GNUNET_NO /* only cached */,
		2722	&handle_gns_result,
		2723	s5r);
		2724
		2725
		2726	}
		2727
		2728	/**
		2729	* Obtain TLD from @a name
		2730	*
		2731	* @param name a name
		2732	* @return the part of @a name after the last ".",
		2733	* or @a name if @a name does not contain a "."
		2734	*/
		2735	static const char *
		2736	get_tld (const char *name)
		2737	{
		2738	const char *tld;
		2739
		2740	tld = strrchr (name,
		2741	(unsigned char) '.');
		2742	if (NULL == tld)
		2743	tld = name;
		2744	else
		2745	tld++; /* skip the '.' */
		2746	return tld;
		2747	}
		2748
		2749	/**
		2750	* Eat the TLD of the given @a name.
		2751	*
		2752	* @param name a name
		2753	*/
		2754	static void
		2755	eat_tld (char *name)
		2756	{
		2757	char *tld;
		2758
		2759	GNUNET_assert (0 < strlen (name));
		2760	tld = strrchr (name,
		2761	(unsigned char) '.');
		2762	if (NULL == tld)
		2763	strcpy (name,
		2764	GNUNET_GNS_MASTERZONE_STR);
		2765	else
		2766	*tld = '\0';
		2767	}
		2768
		2769	/**
2673	* Read data from incoming Socks5 connection	2770	* Read data from incoming Socks5 connection
2674	*	2771	*
2675	* @param cls the closure with the `struct Socks5Request`	2772	* @param cls the closure with the `struct Socks5Request`
@@ -2684,6 +2781,9 @@ do_s5r_read (void *cls)
2684	ssize_t rlen;	2781	ssize_t rlen;
2685	size_t alen;	2782	size_t alen;
2686	const struct GNUNET_SCHEDULER_TaskContext *tc;	2783	const struct GNUNET_SCHEDULER_TaskContext *tc;
		2784	char *zonestr;
		2785	char *dot_tld;
		2786	struct GNUNET_CRYPTO_EcdsaPublicKey pkey;
2687		2787
2688	s5r->rtask = NULL;	2788	s5r->rtask = NULL;
2689	tc = GNUNET_SCHEDULER_get_task_context ();	2789	tc = GNUNET_SCHEDULER_get_task_context ();
@@ -2834,13 +2934,70 @@ do_s5r_read (void *cls)
2834	ntohs (*port));	2934	ntohs (*port));
2835	s5r->state = SOCKS5_RESOLVING;	2935	s5r->state = SOCKS5_RESOLVING;
2836	s5r->port = ntohs (*port);	2936	s5r->port = ntohs (*port);
2837	s5r->gns_lookup = GNUNET_GNS_lookup (gns_handle,	2937	/* TLD is zkey */
2838	s5r->domain,	2938	s5r->tld = get_tld (s5r->domain);
2839	&local_gns_zone,	2939	if (GNUNET_OK ==
2840	GNUNET_DNSPARSER_TYPE_A,	2940	GNUNET_CRYPTO_ecdsa_public_key_from_string (s5r->tld,
2841	GNUNET_NO /* only cached */,	2941	strlen (s5r->tld),
2842	&handle_gns_result,	2942	&pkey))
2843	s5r);	2943	{
		2944	eat_tld (s5r->domain);
		2945	s5r->gns_lookup = GNUNET_GNS_lookup (gns_handle,
		2946	s5r->domain,
		2947	&pkey,
		2948	GNUNET_DNSPARSER_TYPE_A,
		2949	GNUNET_NO /* only cached */,
		2950	&handle_gns_result,
		2951	s5r);
		2952
		2953	break;
		2954	}
		2955	/* TLD is mapped in our config */
		2956	GNUNET_asprintf (&dot_tld,
		2957	".%s",
		2958	s5r->tld);
		2959	if (GNUNET_OK ==
		2960	GNUNET_CONFIGURATION_get_value_string (cfg,
		2961	"gns",
		2962	dot_tld,
		2963	&zonestr))
		2964	{
		2965	if (GNUNET_OK !=
		2966	GNUNET_CRYPTO_ecdsa_public_key_from_string (zonestr,
		2967	strlen (zonestr),
		2968	&pkey))
		2969	{
		2970	GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR,
		2971	"gns",
		2972	dot_tld,
		2973	_("Expected a base32-encoded public zone key\n"));
		2974	GNUNET_free (zonestr);
		2975	GNUNET_free (dot_tld);
		2976	signal_socks_failure (s5r,
		2977	SOCKS5_STATUS_GENERAL_FAILURE);
		2978	return;
		2979
		2980	}
		2981	GNUNET_free (zonestr);
		2982	GNUNET_free (dot_tld);
		2983	eat_tld (s5r->domain);
		2984	s5r->gns_lookup = GNUNET_GNS_lookup (gns_handle,
		2985	s5r->domain,
		2986	&pkey,
		2987	GNUNET_DNSPARSER_TYPE_A,
		2988	GNUNET_NO /* only cached */,
		2989	&handle_gns_result,
		2990	s5r);
		2991	break;
		2992	}
		2993
		2994	/* TLD matches against ego */
		2995	eat_tld (s5r->domain);
		2996
		2997	s5r->el = GNUNET_IDENTITY_ego_lookup (cfg,
		2998	s5r->tld,
		2999	&identity_zone_cb,
		3000	s5r);
2844	break;	3001	break;
2845	}	3002	}
2846	default:	3003	default:
@@ -3281,10 +3438,10 @@ main (int argc, char const argv)
3281	struct GNUNET_GETOPT_CommandLineOption options[] = {	3438	struct GNUNET_GETOPT_CommandLineOption options[] = {
3282		3439
3283	GNUNET_GETOPT_option_ulong ('p',	3440	GNUNET_GETOPT_option_ulong ('p',
3284	"port",	3441	"port",
3285	NULL,	3442	NULL,
3286	gettext_noop ("listen on specified port (default: 7777)"),	3443	gettext_noop ("listen on specified port (default: 7777)"),
3287	&port),	3444	&port),
3288		3445
3289	GNUNET_GETOPT_option_string ('a',	3446	GNUNET_GETOPT_option_string ('a',
3290	"authority",	3447	"authority",