diff options
author | Christian Grothoff <christian@grothoff.org> | 2013-10-26 14:34:39 +0000 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2013-10-26 14:34:39 +0000 |
commit | 0c9ca79b2eb820c3266e9117f3ba9179cbdc2ff1 (patch) | |
tree | 434cab0d8aa45a4edc2cf9bd91c89bf3f2d5061b /src/include | |
parent | aeb922926c639ffdd992f96cd125e47bb0e2c301 (diff) | |
download | gnunet-0c9ca79b2eb820c3266e9117f3ba9179cbdc2ff1.tar.gz gnunet-0c9ca79b2eb820c3266e9117f3ba9179cbdc2ff1.zip |
-converting regular expressions of vpn/pt to non-binary format and adding proper policy parsing
Diffstat (limited to 'src/include')
-rw-r--r-- | src/include/gnunet_strings_lib.h | 57 | ||||
-rw-r--r-- | src/include/gnunet_tun_lib.h | 42 |
2 files changed, 71 insertions, 28 deletions
diff --git a/src/include/gnunet_strings_lib.h b/src/include/gnunet_strings_lib.h index e0a299ac3..8bb8cfb06 100644 --- a/src/include/gnunet_strings_lib.h +++ b/src/include/gnunet_strings_lib.h | |||
@@ -471,6 +471,28 @@ GNUNET_STRINGS_get_utf8_args (int argc, | |||
471 | 471 | ||
472 | /* ***************** IPv4/IPv6 parsing ****************** */ | 472 | /* ***************** IPv4/IPv6 parsing ****************** */ |
473 | 473 | ||
474 | struct GNUNET_STRINGS_PortPolicy | ||
475 | { | ||
476 | |||
477 | /** | ||
478 | * Starting port range (0 if none given). | ||
479 | */ | ||
480 | uint16_t start_port; | ||
481 | |||
482 | /** | ||
483 | * End of port range (0 if none given). | ||
484 | */ | ||
485 | uint16_t end_port; | ||
486 | |||
487 | /** | ||
488 | * #GNUNET_YES if the port range should be negated | ||
489 | * ("!" in policy). | ||
490 | */ | ||
491 | int negate_portrange; | ||
492 | |||
493 | }; | ||
494 | |||
495 | |||
474 | /** | 496 | /** |
475 | * @brief IPV4 network in CIDR notation. | 497 | * @brief IPV4 network in CIDR notation. |
476 | */ | 498 | */ |
@@ -485,10 +507,16 @@ struct GNUNET_STRINGS_IPv4NetworkPolicy | |||
485 | * IPv4 netmask. | 507 | * IPv4 netmask. |
486 | */ | 508 | */ |
487 | struct in_addr netmask; | 509 | struct in_addr netmask; |
510 | |||
511 | /** | ||
512 | * Policy for port access. | ||
513 | */ | ||
514 | struct GNUNET_STRINGS_PortPolicy pp; | ||
515 | |||
488 | }; | 516 | }; |
489 | 517 | ||
490 | /** | ||
491 | 518 | ||
519 | /** | ||
492 | * @brief network in CIDR notation for IPV6. | 520 | * @brief network in CIDR notation for IPV6. |
493 | */ | 521 | */ |
494 | struct GNUNET_STRINGS_IPv6NetworkPolicy | 522 | struct GNUNET_STRINGS_IPv6NetworkPolicy |
@@ -502,30 +530,37 @@ struct GNUNET_STRINGS_IPv6NetworkPolicy | |||
502 | * IPv6 netmask. | 530 | * IPv6 netmask. |
503 | */ | 531 | */ |
504 | struct in6_addr netmask; | 532 | struct in6_addr netmask; |
533 | |||
534 | /** | ||
535 | * Policy for port access. | ||
536 | */ | ||
537 | struct GNUNET_STRINGS_PortPolicy pp; | ||
538 | |||
505 | }; | 539 | }; |
506 | 540 | ||
507 | 541 | ||
508 | /** | 542 | /** |
509 | * Parse an IPv4 network policy. The argument specifies a list of | 543 | * Parse an IPv4 network policy. The argument specifies a list of |
510 | * subnets. The format is <tt>[network/netmask;]*</tt> (no whitespace, | 544 | * subnets. The format is <tt>(network[/netmask][:[!]SPORT-DPORT];)*</tt> |
511 | * must be terminated with a semicolon). The network must be given in | 545 | * (no whitespace, must be terminated with a semicolon). The network |
512 | * dotted-decimal notation. The netmask can be given in CIDR notation | 546 | * must be given in dotted-decimal notation. The netmask can be given |
513 | * (/16) or in dotted-decimal (/255.255.0.0). | 547 | * in CIDR notation (/16) or in dotted-decimal (/255.255.0.0). |
514 | * | 548 | * |
515 | * @param routeList a string specifying the IPv4 subnets | 549 | * @param routeListX a string specifying the IPv4 subnets |
516 | * @return the converted list, terminated with all zeros; | 550 | * @return the converted list, terminated with all zeros; |
517 | * NULL if the synatx is flawed | 551 | * NULL if the synatx is flawed |
518 | */ | 552 | */ |
519 | struct GNUNET_STRINGS_IPv4NetworkPolicy * | 553 | struct GNUNET_STRINGS_IPv4NetworkPolicy * |
520 | GNUNET_STRINGS_parse_ipv4_policy (const char *routeList); | 554 | GNUNET_STRINGS_parse_ipv4_policy (const char *routeListX); |
521 | 555 | ||
522 | 556 | ||
523 | /** | 557 | /** |
524 | * Parse an IPv6 network policy. The argument specifies a list of | 558 | * Parse an IPv6 network policy. The argument specifies a list of |
525 | * subnets. The format is <tt>[network/netmask;]*</tt> (no whitespace, | 559 | * subnets. The format is <tt>(network[/netmask[:[!]SPORT[-DPORT]]];)*</tt> |
526 | * must be terminated with a semicolon). The network must be given in | 560 | * (no whitespace, must be terminated with a semicolon). The network |
527 | * colon-hex notation. The netmask must be given in CIDR notation | 561 | * must be given in colon-hex notation. The netmask must be given in |
528 | * (/16) or can be omitted to specify a single host. | 562 | * CIDR notation (/16) or can be omitted to specify a single host. |
563 | * Note that the netmask is mandatory if ports are specified. | ||
529 | * | 564 | * |
530 | * @param routeListX a string specifying the policy | 565 | * @param routeListX a string specifying the policy |
531 | * @return the converted list, 0-terminated, NULL if the synatx is flawed | 566 | * @return the converted list, 0-terminated, NULL if the synatx is flawed |
diff --git a/src/include/gnunet_tun_lib.h b/src/include/gnunet_tun_lib.h index 17cec8d12..efadc4d14 100644 --- a/src/include/gnunet_tun_lib.h +++ b/src/include/gnunet_tun_lib.h | |||
@@ -47,15 +47,21 @@ | |||
47 | 47 | ||
48 | 48 | ||
49 | /** | 49 | /** |
50 | * Maximum regex string length for use with GNUNET_TUN_ipv4toregexsearch | 50 | * Maximum regex string length for use with #GNUNET_TUN_ipv4toregexsearch. |
51 | * | ||
52 | * 8 bytes for IPv4, 4 bytes for port, 1 byte for "4", 2 bytes for "-", | ||
53 | * one byte for 0-termination. | ||
51 | */ | 54 | */ |
52 | #define GNUNET_TUN_IPV4_REGEXLEN 32 + 6 | 55 | #define GNUNET_TUN_IPV4_REGEXLEN 16 |
53 | 56 | ||
54 | 57 | ||
55 | /** | 58 | /** |
56 | * Maximum regex string length for use with GNUNET_TUN_ipv6toregexsearch | 59 | * Maximum regex string length for use with #GNUNET_TUN_ipv6toregexsearch |
60 | * | ||
61 | * 32 bytes for IPv4, 4 bytes for port, 1 byte for "4", 2 bytes for "-", | ||
62 | * one byte for 0-termination. | ||
57 | */ | 63 | */ |
58 | #define GNUNET_TUN_IPV6_REGEXLEN 128 + 6 | 64 | #define GNUNET_TUN_IPV6_REGEXLEN 40 |
59 | 65 | ||
60 | 66 | ||
61 | GNUNET_NETWORK_STRUCT_BEGIN | 67 | GNUNET_NETWORK_STRUCT_BEGIN |
@@ -653,8 +659,8 @@ struct GNUNET_TUN_DnsRecordLine | |||
653 | * ICMP header. | 659 | * ICMP header. |
654 | */ | 660 | */ |
655 | struct GNUNET_TUN_IcmpHeader { | 661 | struct GNUNET_TUN_IcmpHeader { |
656 | uint8_t type; | 662 | uint8_t type; |
657 | uint8_t code; | 663 | uint8_t code; |
658 | uint16_t crc GNUNET_PACKED; | 664 | uint16_t crc GNUNET_PACKED; |
659 | 665 | ||
660 | union { | 666 | union { |
@@ -677,8 +683,8 @@ struct GNUNET_TUN_IcmpHeader { | |||
677 | 683 | ||
678 | /** | 684 | /** |
679 | * ICMP Redirect | 685 | * ICMP Redirect |
680 | */ | 686 | */ |
681 | struct in_addr redirect_gateway_address GNUNET_PACKED; | 687 | struct in_addr redirect_gateway_address GNUNET_PACKED; |
682 | 688 | ||
683 | /** | 689 | /** |
684 | * MTU for packets that are too big (IPv6). | 690 | * MTU for packets that are too big (IPv6). |
@@ -775,7 +781,7 @@ GNUNET_TUN_calculate_udp4_checksum (const struct GNUNET_TUN_IPv4Header *ip, | |||
775 | * @param ip ipv6 header fully initialized | 781 | * @param ip ipv6 header fully initialized |
776 | * @param udp UDP header (initialized except for CRC) | 782 | * @param udp UDP header (initialized except for CRC) |
777 | * @param payload the UDP payload | 783 | * @param payload the UDP payload |
778 | * @param payload_length number of bytes of UDP payload | 784 | * @param payload_length number of bytes of @a payload |
779 | */ | 785 | */ |
780 | void | 786 | void |
781 | GNUNET_TUN_calculate_udp6_checksum (const struct GNUNET_TUN_IPv6Header *ip, | 787 | GNUNET_TUN_calculate_udp6_checksum (const struct GNUNET_TUN_IPv6Header *ip, |
@@ -789,7 +795,7 @@ GNUNET_TUN_calculate_udp6_checksum (const struct GNUNET_TUN_IPv6Header *ip, | |||
789 | * | 795 | * |
790 | * @param icmp IMCP header (initialized except for CRC) | 796 | * @param icmp IMCP header (initialized except for CRC) |
791 | * @param payload the ICMP payload | 797 | * @param payload the ICMP payload |
792 | * @param payload_length number of bytes of ICMP payload | 798 | * @param payload_length number of bytes of @a payload |
793 | */ | 799 | */ |
794 | void | 800 | void |
795 | GNUNET_TUN_calculate_icmp_checksum (struct GNUNET_TUN_IcmpHeader *icmp, | 801 | GNUNET_TUN_calculate_icmp_checksum (struct GNUNET_TUN_IcmpHeader *icmp, |
@@ -798,29 +804,31 @@ GNUNET_TUN_calculate_icmp_checksum (struct GNUNET_TUN_IcmpHeader *icmp, | |||
798 | 804 | ||
799 | 805 | ||
800 | /** | 806 | /** |
801 | * Create a regex in @a rxstr from the given @a ip and @a netmask. | 807 | * Create a regex in @a rxstr from the given @a ip and @a port. |
802 | * | 808 | * |
803 | * @param ip IPv4 representation. | 809 | * @param ip IPv4 representation. |
804 | * @param netmask netmask for the ip. | 810 | * @param port destination port |
805 | * @param rxstr generated regex, must be at least #GNUNET_TUN_IPV4_REGEXLEN | 811 | * @param rxstr generated regex, must be at least #GNUNET_TUN_IPV4_REGEXLEN |
806 | * bytes long. | 812 | * bytes long. |
807 | */ | 813 | */ |
808 | void | 814 | void |
809 | GNUNET_TUN_ipv4toregexsearch (const struct in_addr *ip, const char *netmask, | 815 | GNUNET_TUN_ipv4toregexsearch (const struct in_addr *ip, |
810 | char *rxstr); | 816 | uint16_t port, |
817 | char *rxstr); | ||
811 | 818 | ||
812 | 819 | ||
813 | /** | 820 | /** |
814 | * Create a regex in @a rxstr from the given @a ipv6 and @a prefixlen. | 821 | * Create a regex in @a rxstr from the given @a ipv6 and @a port. |
815 | * | 822 | * |
816 | * @param ipv6 IPv6 representation. | 823 | * @param ipv6 IPv6 representation. |
817 | * @param prefixlen length of the ipv6 prefix. | 824 | * @param port destination port |
818 | * @param rxstr generated regex, must be at least #GNUNET_TUN_IPV6_REGEXLEN | 825 | * @param rxstr generated regex, must be at least #GNUNET_TUN_IPV6_REGEXLEN |
819 | * bytes long. | 826 | * bytes long. |
820 | */ | 827 | */ |
821 | void | 828 | void |
822 | GNUNET_TUN_ipv6toregexsearch (const struct in6_addr *ipv6, | 829 | GNUNET_TUN_ipv6toregexsearch (const struct in6_addr *ipv6, |
823 | unsigned int prefixlen, char *rxstr); | 830 | uint16_t port, |
831 | char *rxstr); | ||
824 | 832 | ||
825 | 833 | ||
826 | /** | 834 | /** |