BUILD: Move exit/pt to service

author: Martin Schanzenbach <schanzen@gnunet.org> 2023-10-19 11:59:19 +0200
committer: Martin Schanzenbach <schanzen@gnunet.org> 2023-10-19 11:59:19 +0200
commit: 858647ab4b2465430800689bda2c2837601c48d1 (patch)
tree: 048818f625a501cd3c4fc22c814f4e1717353a22 /src/pt
parent: 579d9473bb75072303789599b23be9b0203336fc (diff)
download: gnunet-858647ab4b2465430800689bda2c2837601c48d1.tar.gz
gnunet-858647ab4b2465430800689bda2c2837601c48d1.zip
9 files changed, 0 insertions, 2964 deletions
diff --git a/src/pt/.gitignore b/src/pt/.gitignore
deleted file mode 100644
index ea678ffe5..000000000
--- a/src/pt/.gitignore
+++ /dev/null
@@ -1,6 +0,0 @@
-gnunet-daemon-pt
-test_gns_vpn
-test_gnunet_vpn-4_over
-test_gnunet_vpn-4_to_6
-test_gnunet_vpn-6_over
-test_gnunet_vpn-6_to_4
diff --git a/src/pt/Makefile.am b/src/pt/Makefile.am
deleted file mode 100644
index 7622f2c1a..000000000
--- a/src/pt/Makefile.am
+++ /dev/null
@@ -1,93 +0,0 @@
-# This Makefile.am is in the public domain
-AM_CPPFLAGS = -I$(top_srcdir)/src/include
-if USE_COVERAGE
-  AM_CFLAGS = --coverage -O0
-endif
-pkgcfgdir= $(pkgdatadir)/config.d/
-libexecdir= $(pkglibdir)/libexec/
-plugindir = $(libdir)/gnunet
-dist_pkgcfg_DATA = \
-  pt.conf
-libexec_PROGRAMS = \
-  gnunet-daemon-pt
-gnunet_daemon_pt_SOURCES = \
- gnunet-daemon-pt.c
-gnunet_daemon_pt_LDADD = \
-  $(top_builddir)/src/service/vpn/libgnunetvpn.la \
-  $(top_builddir)/src/service/cadet/libgnunetcadet.la \
-  $(top_builddir)/src/service/dht/libgnunetdht.la \
-  $(top_builddir)/src/service/dns/libgnunetdns.la \
-  $(top_builddir)/src/service/statistics/libgnunetstatistics.la \
-  $(top_builddir)/src/lib/util/libgnunetutil.la \
-  $(GN_LIBINTL)
-if LINUX
- VPN_TEST = \
- test_gnunet_vpn-4_to_6 \
- test_gnunet_vpn-6_to_4 \
- test_gnunet_vpn-6_over \
- test_gnunet_vpn-4_over \
- test_gns_vpn
-endif
-check_PROGRAMS = $(VPN_TEST)
-if ENABLE_TEST_RUN
-AM_TESTS_ENVIRONMENT=export GNUNET_PREFIX=$${GNUNET_PREFIX:-@libdir@};export PATH=$${GNUNET_PREFIX:-@prefix@}/bin:$$PATH;unset XDG_DATA_HOME;unset XDG_CONFIG_HOME;
-TESTS = $(check_PROGRAMS)
-endif
-EXTRA_DIST = \
- test_gnunet_vpn.conf \
- test_gns_vpn.conf
-test_gns_vpn_SOURCES = \
- test_gns_vpn.c
-test_gns_vpn_LDADD = $(MHD_LIBS) @LIBCURL@ \
- $(top_builddir)/src/service/namestore/libgnunetnamestore.la \
- $(top_builddir)/src/service/identity/libgnunetidentity.la \
- $(top_builddir)/src/lib/gnsrecord/libgnunetgnsrecord.la \
- $(top_builddir)/src/service/testing/libgnunettesting.la \
- $(top_builddir)/src/lib/util/libgnunetutil.la
-test_gns_vpn_CFLAGS = $(MHD_CFLAGS) @LIBCURL_CPPFLAGS@ $(AM_CFLAGS)
-test_gnunet_vpn_4_over_SOURCES = \
- test_gnunet_vpn.c
-test_gnunet_vpn_4_over_LDADD = $(MHD_LIBS) @LIBCURL@ \
- $(top_builddir)/src/service/vpn/libgnunetvpn.la \
- $(top_builddir)/src/service/testing/libgnunettesting.la \
- $(top_builddir)/src/lib/util/libgnunetutil.la
-test_gnunet_vpn_4_over_CFLAGS = $(MHD_CFLAGS) @LIBCURL_CPPFLAGS@ $(AM_CFLAGS)
-test_gnunet_vpn_6_over_SOURCES = \
- test_gnunet_vpn.c
-test_gnunet_vpn_6_over_LDADD = $(MHD_LIBS) @LIBCURL@ \
- $(top_builddir)/src/service/vpn/libgnunetvpn.la \
- $(top_builddir)/src/service/testing/libgnunettesting.la \
- $(top_builddir)/src/lib/util/libgnunetutil.la
-test_gnunet_vpn_6_over_CFLAGS = $(MHD_CFLAGS) @LIBCURL_CPPFLAGS@ $(AM_CFLAGS)
-test_gnunet_vpn_4_to_6_SOURCES = \
- test_gnunet_vpn.c
-test_gnunet_vpn_4_to_6_LDADD = $(MHD_LIBS) @LIBCURL@ \
- $(top_builddir)/src/service/vpn/libgnunetvpn.la \
- $(top_builddir)/src/service/testing/libgnunettesting.la \
- $(top_builddir)/src/lib/util/libgnunetutil.la
-test_gnunet_vpn_4_to_6_CFLAGS = $(MHD_CFLAGS) @LIBCURL_CPPFLAGS@ $(AM_CFLAGS)
-test_gnunet_vpn_6_to_4_SOURCES = \
- test_gnunet_vpn.c
-test_gnunet_vpn_6_to_4_LDADD = $(MHD_LIBS) @LIBCURL@ \
- $(top_builddir)/src/service/vpn/libgnunetvpn.la \
- $(top_builddir)/src/service/testing/libgnunettesting.la \
- $(top_builddir)/src/lib/util/libgnunetutil.la
-test_gnunet_vpn_6_to_4_CFLAGS = $(MHD_CFLAGS) @LIBCURL_CPPFLAGS@ $(AM_CFLAGS)
diff --git a/src/pt/gnunet-daemon-pt.c b/src/pt/gnunet-daemon-pt.c
deleted file mode 100644
index 13c5d62fd..000000000
--- a/src/pt/gnunet-daemon-pt.c
+++ /dev/null
@@ -1,1325 +0,0 @@
-/*
-     This file is part of GNUnet.
-     Copyright (C) 2010, 2012, 2017 Christian Grothoff
-     GNUnet is free software: you can redistribute it and/or modify it
-     under the terms of the GNU Affero General Public License as published
-     by the Free Software Foundation, either version 3 of the License,
-     or (at your option) any later version.
-     GNUnet is distributed in the hope that it will be useful, but
-     WITHOUT ANY WARRANTY; without even the implied warranty of
-     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-     Affero General Public License for more details.
-     You should have received a copy of the GNU Affero General Public License
-     along with this program.  If not, see <http://www.gnu.org/licenses/>.
-     SPDX-License-Identifier: AGPL3.0-or-later
- */
-/**
- * @file pt/gnunet-daemon-pt.c
- * @brief tool to manipulate DNS and VPN services to perform protocol translation (IPvX over GNUnet)
- * @author Christian Grothoff
- */
-#include "platform.h"
-#include "gnunet_util_lib.h"
-#include "gnunet_dns_service.h"
-#include "gnunet_cadet_service.h"
-#include "gnunet_dht_service.h"
-#include "gnunet_vpn_service.h"
-#include "gnunet_statistics_service.h"
-#include "gnunet_applications.h"
-#include "block_dns.h"
-/**
- * After how long do we time out if we could not get an IP from VPN or CADET?
- */
-#define TIMEOUT GNUNET_TIME_UNIT_MINUTES
-/**
- * How many bytes of payload do we allow at most for a DNS reply?
- * Given that this is pretty much limited to loopback, we can be
- * pretty high (Linux loopback defaults to 16k, most local UDP packets
- * should survive up to 9k (NFS), so 8k should be pretty safe in
- * general).
- */
-#define MAX_DNS_SIZE (8 * 1024)
-/**
- * How many channels do we open at most at the same time?
- */
-#define MAX_OPEN_TUNNELS 4
-/**
- * Which group of DNS records are we currently processing?
- */
-enum RequestGroup
-{
-  /**
-   * DNS answers
-   */
-  ANSWERS = 0,
-  /**
-   * DNS authority records
-   */
-  AUTHORITY_RECORDS = 1,
-  /**
-   * DNS additional records
-   */
-  ADDITIONAL_RECORDS = 2,
-  /**
-   * We're done processing.
-   */
-  END = 3
-};
-/**
- * Information tracked per DNS reply that we are processing.
- */
-struct ReplyContext
-{
-  /**
-   * Handle to submit the final result.
-   */
-  struct GNUNET_DNS_RequestHandle *rh;
-  /**
-   * DNS packet that is being modified.
-   */
-  struct GNUNET_DNSPARSER_Packet *dns;
-  /**
-   * Active redirection request with the VPN.
-   */
-  struct GNUNET_VPN_RedirectionRequest *rr;
-  /**
-   * Record for which we have an active redirection request.
-   */
-  struct GNUNET_DNSPARSER_Record *rec;
-  /**
-   * Offset in the current record group that is being modified.
-   */
-  unsigned int offset;
-  /**
-   * Group that is being modified
-   */
-  enum RequestGroup group;
-};
-/**
- * Handle to a peer that advertised that it is willing to serve
- * as a DNS exit.  We try to keep a few channels open and a few
- * peers in reserve.
- */
-struct CadetExit
-{
-  /**
-   * Kept in a DLL.
-   */
-  struct CadetExit *next;
-  /**
-   * Kept in a DLL.
-   */
-  struct CadetExit *prev;
-  /**
-   * Channel we use for DNS requests over CADET, NULL if we did
-   * not initialize a channel to this peer yet.
-   */
-  struct GNUNET_CADET_Channel *cadet_channel;
-  /**
-   * At what time did the peer's advertisement expire?
-   */
-  struct GNUNET_TIME_Absolute expiration;
-  /**
-   * Head of DLL of requests waiting for a response.
-   */
-  struct RequestContext *receive_queue_head;
-  /**
-   * Tail of DLL of requests waiting for a response.
-   */
-  struct RequestContext *receive_queue_tail;
-  /**
-   * Identity of the peer that is providing the exit for us.
-   */
-  struct GNUNET_PeerIdentity peer;
-  /**
-   * How many DNS requests did we transmit via this channel?
-   */
-  unsigned int num_transmitted;
-  /**
-   * How many DNS requests were answered via this channel?
-   */
-  unsigned int num_answered;
-  /**
-   * Size of the window, 0 if we are busy.
-   */
-  /* unsigned */ int idle;
-};
-/**
- * State we keep for a request that is going out via CADET.
- */
-struct RequestContext
-{
-  /**
-   * We keep these in a DLL.
-   */
-  struct RequestContext *next;
-  /**
-   * We keep these in a DLL.
-   */
-  struct RequestContext *prev;
-  /**
-   * Exit that was chosen for this request.
-   */
-  struct CadetExit *exit;
-  /**
-   * Handle for interaction with DNS service.
-   */
-  struct GNUNET_DNS_RequestHandle *rh;
-  /**
-   * Envelope with the request we are transmitting.
-   */
-  struct GNUNET_MQ_Envelope *env;
-  /**
-   * Task used to abort this operation with timeout.
-   */
-  struct GNUNET_SCHEDULER_Task *timeout_task;
-  /**
-   * Length of the request message that follows this struct.
-   */
-  uint16_t mlen;
-  /**
-   * ID of the original DNS request (used to match the reply).
-   */
-  uint16_t dns_id;
-};
-/**
- * Head of DLL of cadet exits.  Cadet exits with an open channel are
- * always at the beginning (so we do not have to traverse the entire
- * list to find them).
- */
-static struct CadetExit *exit_head;
-/**
- * Tail of DLL of cadet exits.
- */
-static struct CadetExit *exit_tail;
-/**
- * The handle to the configuration used throughout the process
- */
-static const struct GNUNET_CONFIGURATION_Handle *cfg;
-/**
- * The handle to the VPN
- */
-static struct GNUNET_VPN_Handle *vpn_handle;
-/**
- * The handle to the CADET service
- */
-static struct GNUNET_CADET_Handle *cadet_handle;
-/**
- * Statistics.
- */
-static struct GNUNET_STATISTICS_Handle *stats;
-/**
- * The handle to DNS post-resolution modifications.
- */
-static struct GNUNET_DNS_Handle *dns_post_handle;
-/**
- * The handle to DNS pre-resolution modifications.
- */
-static struct GNUNET_DNS_Handle *dns_pre_handle;
-/**
- * Handle to access the DHT.
- */
-static struct GNUNET_DHT_Handle *dht;
-/**
- * Our DHT GET operation to find DNS exits.
- */
-static struct GNUNET_DHT_GetHandle *dht_get;
-/**
- * Are we doing IPv4-pt?
- */
-static int ipv4_pt;
-/**
- * Are we doing IPv6-pt?
- */
-static int ipv6_pt;
-/**
- * Are we channeling DNS queries?
- */
-static int dns_channel;
-/**
- * Number of DNS exit peers we currently have in the cadet channel.
- * Used to see if using the cadet channel makes any sense right now,
- * as well as to decide if we should open new channels.
- */
-static unsigned int dns_exit_available;
-/**
- * We are short on cadet exits, try to open another one.
- */
-static void
-try_open_exit (void);
-/**
- * Compute the weight of the given exit.  The higher the weight,
- * the more likely it will be that the channel will be chosen.
- * A weigt of zero means that we should close the channel as it
- * is so bad, that we should not use it.
- *
- * @param exit exit to calculate the weight for
- * @return weight of the channel
- */
-static uint32_t
-get_channel_weight (struct CadetExit *exit)
-{
-  uint32_t dropped;
-  uint32_t drop_percent;
-  uint32_t good_percent;
-  GNUNET_assert (exit->num_transmitted >= exit->num_answered);
-  dropped = exit->num_transmitted - exit->num_answered;
-  if (exit->num_transmitted > 0)
-    drop_percent = (uint32_t) ((100LL * dropped) / exit->num_transmitted);
-  else
-    drop_percent = 50; /* no data */
-  if ((exit->num_transmitted > 20) &&
-      (drop_percent > 25))
-    return 0; /* statistically significant, and > 25% loss, die */
-  good_percent = 100 - drop_percent;
-  GNUNET_assert (0 != good_percent);
-  if (UINT32_MAX / good_percent / good_percent < exit->num_transmitted)
-    return UINT32_MAX; /* formula below would overflow */
-  return 1 + good_percent * good_percent * exit->num_transmitted;
-}
-/**
- * Choose a cadet exit for a DNS request.  We try to use a channel
- * that is reliable and currently available.  All existing
- * channels are given a base weight of 1, plus a score relating
- * to the total number of queries answered in relation to the
- * total number of queries we sent to that channel.  That
- * score is doubled if the channel is currently idle.
- *
- * @return NULL if no exit is known, otherwise the
- *         exit that we should use to queue a message with
- */
-static struct CadetExit *
-choose_exit ()
-{
-  struct CadetExit *pos;
-  uint64_t total_transmitted;
-  uint64_t selected_offset;
-  uint32_t channel_weight;
-  total_transmitted = 0;
-  for (pos = exit_head; NULL != pos; pos = pos->next)
-  {
-    if (NULL == pos->cadet_channel)
-      break;
-    channel_weight = get_channel_weight (pos);
-    total_transmitted += channel_weight;
-    /* double weight for idle channels */
-    if (0 != pos->idle)
-      total_transmitted += channel_weight;
-  }
-  if (0 == total_transmitted)
-  {
-    /* no channels available, or only a very bad one... */
-    return exit_head;
-  }
-  selected_offset = GNUNET_CRYPTO_random_u64 (GNUNET_CRYPTO_QUALITY_WEAK,
-                                              total_transmitted);
-  total_transmitted = 0;
-  for (pos = exit_head; NULL != pos; pos = pos->next)
-  {
-    if (NULL == pos->cadet_channel)
-      break;
-    channel_weight = get_channel_weight (pos);
-    total_transmitted += channel_weight;
-    /* double weight for idle channels */
-    if (0 != pos->idle)
-      total_transmitted += channel_weight;
-    if (total_transmitted > selected_offset)
-      return pos;
-  }
-  GNUNET_break (0);
-  return NULL;
-}
-/**
- * We're done modifying all records in the response.  Submit the reply
- * and free the resources of the rc.
- *
- * @param rc context to process
- */
-static void
-finish_request (struct ReplyContext *rc)
-{
-  char *buf;
-  size_t buf_len;
-  if (GNUNET_SYSERR ==
-      GNUNET_DNSPARSER_pack (rc->dns,
-                             MAX_DNS_SIZE,
-                             &buf,
-                             &buf_len))
-  {
-    GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
-                _ ("Failed to pack DNS request.  Dropping.\n"));
-    GNUNET_DNS_request_drop (rc->rh);
-  }
-  else
-  {
-    GNUNET_STATISTICS_update (stats,
-                              gettext_noop ("# DNS requests mapped to VPN"),
-                              1, GNUNET_NO);
-    GNUNET_DNS_request_answer (rc->rh,
-                               buf_len,
-                               buf);
-    GNUNET_free (buf);
-  }
-  GNUNET_DNSPARSER_free_packet (rc->dns);
-  GNUNET_free (rc);
-}
-/**
- * Process the next record of the given request context.
- * When done, submit the reply and free the resources of
- * the rc.
- *
- * @param rc context to process
- */
-static void
-submit_request (struct ReplyContext *rc);
-/**
- * Callback invoked from the VPN service once a redirection is
- * available.  Provides the IP address that can now be used to
- * reach the requested destination.  We substitute the active
- * record and then continue with 'submit_request' to look at
- * the other records.
- *
- * @param cls our `struct ReplyContext`
- * @param af address family, AF_INET or AF_INET6; AF_UNSPEC on error;
- *                will match 'result_af' from the request
- * @param address IP address (struct in_addr or struct in_addr6, depending on 'af')
- *                that the VPN allocated for the redirection;
- *                traffic to this IP will now be redirected to the
- *                specified target peer; NULL on error
- */
-static void
-vpn_allocation_callback (void *cls,
-                         int af,
-                         const void *address)
-{
-  struct ReplyContext *rc = cls;
-  rc->rr = NULL;
-  if (af == AF_UNSPEC)
-  {
-    GNUNET_DNS_request_drop (rc->rh);
-    GNUNET_DNSPARSER_free_packet (rc->dns);
-    GNUNET_free (rc);
-    return;
-  }
-  GNUNET_STATISTICS_update (stats,
-                            gettext_noop ("# DNS records modified"),
-                            1,
-                            GNUNET_NO);
-  switch (rc->rec->type)
-  {
-  case GNUNET_DNSPARSER_TYPE_A:
-    GNUNET_assert (AF_INET == af);
-    GNUNET_memcpy (rc->rec->data.raw.data,
-                   address,
-                   sizeof(struct in_addr));
-    break;
-  case GNUNET_DNSPARSER_TYPE_AAAA:
-    GNUNET_assert (AF_INET6 == af);
-    GNUNET_memcpy (rc->rec->data.raw.data,
-                   address,
-                   sizeof(struct in6_addr));
-    break;
-  default:
-    GNUNET_assert (0);
-    return;
-  }
-  rc->rec = NULL;
-  submit_request (rc);
-}
-/**
- * Modify the given DNS record by asking VPN to create a channel
- * to the given address.  When done, continue with submitting
- * other records from the request context ('submit_request' is
- * our continuation).
- *
- * @param rc context to process
- * @param rec record to modify
- */
-static void
-modify_address (struct ReplyContext *rc,
-                struct GNUNET_DNSPARSER_Record *rec)
-{
-  int af;
-  switch (rec->type)
-  {
-  case GNUNET_DNSPARSER_TYPE_A:
-    af = AF_INET;
-    GNUNET_assert (rec->data.raw.data_len == sizeof(struct in_addr));
-    break;
-  case GNUNET_DNSPARSER_TYPE_AAAA:
-    af = AF_INET6;
-    GNUNET_assert (rec->data.raw.data_len == sizeof(struct in6_addr));
-    break;
-  default:
-    GNUNET_assert (0);
-    return;
-  }
-  rc->rec = rec;
-  rc->rr = GNUNET_VPN_redirect_to_ip (vpn_handle,
-                                      af,
-                                      af,
-                                      rec->data.raw.data,
-                                      GNUNET_TIME_relative_to_absolute (
-                                        TIMEOUT),
-                                      &vpn_allocation_callback,
-                                      rc);
-}
-/**
- * Process the next record of the given request context.
- * When done, submit the reply and free the resources of
- * the rc.
- *
- * @param rc context to process
- */
-static void
-submit_request (struct ReplyContext *rc)
-{
-  struct GNUNET_DNSPARSER_Record *ra;
-  unsigned int ra_len;
-  unsigned int i;
-  while (1)
-  {
-    switch (rc->group)
-    {
-    case ANSWERS:
-      ra = rc->dns->answers;
-      ra_len = rc->dns->num_answers;
-      break;
-    case AUTHORITY_RECORDS:
-      ra = rc->dns->authority_records;
-      ra_len = rc->dns->num_authority_records;
-      break;
-    case ADDITIONAL_RECORDS:
-      ra = rc->dns->additional_records;
-      ra_len = rc->dns->num_additional_records;
-      break;
-    case END:
-      finish_request (rc);
-      return;
-    default:
-      GNUNET_assert (0);
-    }
-    for (i = rc->offset; i < ra_len; i++)
-    {
-      switch (ra[i].type)
-      {
-      case GNUNET_DNSPARSER_TYPE_A:
-        if (ipv4_pt)
-        {
-          rc->offset = i + 1;
-          modify_address (rc,
-                          &ra[i]);
-          return;
-        }
-        break;
-      case GNUNET_DNSPARSER_TYPE_AAAA:
-        if (ipv6_pt)
-        {
-          rc->offset = i + 1;
-          modify_address (rc,
-                          &ra[i]);
-          return;
-        }
-        break;
-      }
-    }
-    rc->group++;
-  }
-}
-/**
- * Test if any of the given records need protocol-translation work.
- *
- * @param ra array of records
- * @param ra_len number of entries in @a ra
- * @return #GNUNET_YES if any of the given records require protocol-translation
- */
-static int
-work_test (const struct GNUNET_DNSPARSER_Record *ra,
-           unsigned int ra_len)
-{
-  unsigned int i;
-  for (i = 0; i < ra_len; i++)
-  {
-    switch (ra[i].type)
-    {
-    case GNUNET_DNSPARSER_TYPE_A:
-      if (ipv4_pt)
-        return GNUNET_YES;
-      break;
-    case GNUNET_DNSPARSER_TYPE_AAAA:
-      if (ipv6_pt)
-        return GNUNET_YES;
-      break;
-    }
-  }
-  return GNUNET_NO;
-}
-/**
- * This function is called AFTER we got an IP address for a
- * DNS request.  Now, the PT daemon has the chance to substitute
- * the IP address with one from the VPN range to channel requests
- * destined for this IP address via VPN and CADET.
- *
- * @param cls closure
- * @param rh request handle to user for reply
- * @param request_length number of bytes in request
- * @param request udp payload of the DNS request
- */
-static void
-dns_post_request_handler (void *cls,
-                          struct GNUNET_DNS_RequestHandle *rh,
-                          size_t request_length,
-                          const char *request)
-{
-  struct GNUNET_DNSPARSER_Packet *dns;
-  struct ReplyContext *rc;
-  int work;
-  GNUNET_STATISTICS_update (stats,
-                            gettext_noop ("# DNS replies intercepted"),
-                            1, GNUNET_NO);
-  dns = GNUNET_DNSPARSER_parse (request,
-                                request_length);
-  if (NULL == dns)
-  {
-    GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
-                _ ("Failed to parse DNS request.  Dropping.\n"));
-    GNUNET_DNS_request_drop (rh);
-    return;
-  }
-  work = GNUNET_NO;
-  work |= work_test (dns->answers,
-                     dns->num_answers);
-  work |= work_test (dns->authority_records,
-                     dns->num_authority_records);
-  work |= work_test (dns->additional_records,
-                     dns->num_additional_records);
-  if (! work)
-  {
-    GNUNET_DNS_request_forward (rh);
-    GNUNET_DNSPARSER_free_packet (dns);
-    return;
-  }
-  rc = GNUNET_new (struct ReplyContext);
-  rc->rh = rh;
-  rc->dns = dns;
-  rc->offset = 0;
-  rc->group = ANSWERS;
-  submit_request (rc);
-}
-/**
- * Task run if the time to answer a DNS request via CADET is over.
- *
- * @param cls the `struct RequestContext` to abort
- */
-static void
-timeout_request (void *cls)
-{
-  struct RequestContext *rc = cls;
-  struct CadetExit *exit = rc->exit;
-  GNUNET_STATISTICS_update (stats,
-                            gettext_noop ("# DNS requests dropped (timeout)"),
-                            1,
-                            GNUNET_NO);
-  GNUNET_DNS_request_drop (rc->rh);
-  GNUNET_free (rc);
-  if ((0 == get_channel_weight (exit)) &&
-      (NULL == exit->receive_queue_head))
-  {
-    /* this straw broke the camel's back: this channel now has
-       such a low score that it will not be used; close it! */
-    GNUNET_CADET_channel_destroy (exit->cadet_channel);
-    exit->cadet_channel = NULL;
-    GNUNET_CONTAINER_DLL_remove (exit_head,
-                                 exit_tail,
-                                 exit);
-    GNUNET_CONTAINER_DLL_insert_tail (exit_head,
-                                      exit_tail,
-                                      exit);
-    /* go back to semi-innocent: mark as not great, but
-       avoid a prohibitively negative score (see
-     #get_channel_weight(), which checks for a certain
-       minimum number of transmissions before making
-       up an opinion) */exit->num_transmitted = 5;
-    exit->num_answered = 0;
-    dns_exit_available--;
-    /* now try to open an alternative exit */
-    try_open_exit ();
-  }
-}
-/**
- * This function is called *before* the DNS request has been
- * given to a "local" DNS resolver.  Channeling for DNS requests
- * was enabled, so we now need to send the request via some CADET
- * channel to a DNS EXIT for resolution.
- *
- * @param cls closure
- * @param rh request handle to user for reply
- * @param request_length number of bytes in request
- * @param request udp payload of the DNS request
- */
-static void
-dns_pre_request_handler (void *cls,
-                         struct GNUNET_DNS_RequestHandle *rh,
-                         size_t request_length,
-                         const char *request)
-{
-  struct RequestContext *rc;
-  struct GNUNET_MQ_Envelope *env;
-  struct GNUNET_MessageHeader *hdr;
-  struct GNUNET_TUN_DnsHeader dns;
-  struct CadetExit *exit;
-  GNUNET_STATISTICS_update (stats,
-                            gettext_noop ("# DNS requests intercepted"),
-                            1, GNUNET_NO);
-  if (0 == dns_exit_available)
-  {
-    GNUNET_STATISTICS_update (stats,
-                              gettext_noop (
-                                "# DNS requests dropped (DNS cadet channel down)"),
-                              1, GNUNET_NO);
-    GNUNET_DNS_request_drop (rh);
-    return;
-  }
-  if (request_length < sizeof(dns))
-  {
-    GNUNET_STATISTICS_update (stats,
-                              gettext_noop (
-                                "# DNS requests dropped (malformed)"),
-                              1, GNUNET_NO);
-    GNUNET_DNS_request_drop (rh);
-    return;
-  }
-  exit = choose_exit ();
-  GNUNET_assert (NULL != exit);
-  GNUNET_assert (NULL != exit->cadet_channel);
-  env = GNUNET_MQ_msg_extra (hdr,
-                             request_length,
-                             GNUNET_MESSAGE_TYPE_VPN_DNS_TO_INTERNET);
-  GNUNET_memcpy (&hdr[1],
-                 request,
-                 request_length);
-  rc = GNUNET_new (struct RequestContext);
-  rc->exit = exit;
-  rc->rh = rh;
-  rc->timeout_task = GNUNET_SCHEDULER_add_delayed (TIMEOUT,
-                                                   &timeout_request,
-                                                   rc);
-  GNUNET_memcpy (&dns,
-                 request,
-                 sizeof(dns));
-  rc->dns_id = dns.id;
-  rc->env = env;
-  GNUNET_CONTAINER_DLL_remove (exit->receive_queue_head,
-                               exit->receive_queue_tail,
-                               rc);
-  if (0 < exit->idle)
-    exit->idle--;
-  exit->num_transmitted++;
-  GNUNET_MQ_send (GNUNET_CADET_get_mq (exit->cadet_channel),
-                  GNUNET_MQ_env_copy (env));
-}
-GNUNET_NETWORK_STRUCT_BEGIN
-/**
- * Message with a DNS response.
- */
-struct DnsResponseMessage
-{
-  /**
-   * GNUnet header, of type #GNUNET_MESSAGE_TYPE_VPN_DNS_FROM_INTERNET
-   */
-  struct GNUNET_MessageHeader header;
-  /**
-   * DNS header.
-   */
-  struct GNUNET_TUN_DnsHeader dns;
-  /* Followed by more DNS payload */
-};
-GNUNET_NETWORK_STRUCT_END
-/**
- * Process a request via cadet to perform a DNS query.
- *
- * @param cls the `struct CadetExit` which got the message
- * @param msg the actual message
- * @return #GNUNET_OK to keep the connection open,
- *         #GNUNET_SYSERR to close it (signal serious error)
- */
-static int
-check_dns_response (void *cls,
-                    const struct DnsResponseMessage *msg)
-{
-  return GNUNET_OK; /* all OK */
-}
-/**
- * Process a request via cadet to perform a DNS query.
- *
- * @param cls the `struct CadetExit` which got the message
- * @param msg the actual message
- */
-static void
-handle_dns_response (void *cls,
-                     const struct DnsResponseMessage *msg)
-{
-  struct CadetExit *exit = cls;
-  size_t mlen;
-  struct RequestContext *rc;
-  mlen = ntohs (msg->header.size) - sizeof(*msg);
-  for (rc = exit->receive_queue_head; NULL != rc; rc = rc->next)
-  {
-    if (msg->dns.id == rc->dns_id)
-    {
-      GNUNET_STATISTICS_update (stats,
-                                gettext_noop ("# DNS replies received"),
-                                1,
-                                GNUNET_NO);
-      GNUNET_DNS_request_answer (rc->rh,
-                                 mlen + sizeof(struct GNUNET_TUN_DnsHeader),
-                                 (const void *) &msg->dns);
-      GNUNET_CONTAINER_DLL_remove (exit->receive_queue_head,
-                                   exit->receive_queue_tail,
-                                   rc);
-      GNUNET_SCHEDULER_cancel (rc->timeout_task);
-      GNUNET_MQ_discard (rc->env);
-      GNUNET_free (rc);
-      exit->num_answered++;
-      return;
-    }
-  }
-  GNUNET_STATISTICS_update (stats,
-                            gettext_noop ("# DNS replies dropped (too late?)"),
-                            1, GNUNET_NO);
-}
-/**
- * Abort all pending DNS requests with the given cadet exit.
- *
- * @param exit cadet exit to abort requests for
- */
-static void
-abort_all_requests (struct CadetExit *exit)
-{
-  struct RequestContext *rc;
-  while (NULL != (rc = exit->receive_queue_head))
-  {
-    GNUNET_CONTAINER_DLL_remove (exit->receive_queue_head,
-                                 exit->receive_queue_tail,
-                                 rc);
-    GNUNET_DNS_request_drop (rc->rh);
-    GNUNET_SCHEDULER_cancel (rc->timeout_task);
-    GNUNET_MQ_discard (rc->env);
-    GNUNET_free (rc);
-  }
-}
-/**
- * Function scheduled as very last function, cleans up after us
- *
- * @param cls closure, NULL
- */
-static void
-cleanup (void *cls)
-{
-  struct CadetExit *exit;
-  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
-              "Protocol translation daemon is shutting down now\n");
-  if (NULL != vpn_handle)
-  {
-    GNUNET_VPN_disconnect (vpn_handle);
-    vpn_handle = NULL;
-  }
-  while (NULL != (exit = exit_head))
-  {
-    GNUNET_CONTAINER_DLL_remove (exit_head,
-                                 exit_tail,
-                                 exit);
-    if (NULL != exit->cadet_channel)
-    {
-      GNUNET_CADET_channel_destroy (exit->cadet_channel);
-      exit->cadet_channel = NULL;
-    }
-    abort_all_requests (exit);
-    GNUNET_free (exit);
-  }
-  if (NULL != cadet_handle)
-  {
-    GNUNET_CADET_disconnect (cadet_handle);
-    cadet_handle = NULL;
-  }
-  if (NULL != dns_post_handle)
-  {
-    GNUNET_DNS_disconnect (dns_post_handle);
-    dns_post_handle = NULL;
-  }
-  if (NULL != dns_pre_handle)
-  {
-    GNUNET_DNS_disconnect (dns_pre_handle);
-    dns_pre_handle = NULL;
-  }
-  if (NULL != stats)
-  {
-    GNUNET_STATISTICS_destroy (stats, GNUNET_YES);
-    stats = NULL;
-  }
-  if (NULL != dht_get)
-  {
-    GNUNET_DHT_get_stop (dht_get);
-    dht_get = NULL;
-  }
-  if (NULL != dht)
-  {
-    GNUNET_DHT_disconnect (dht);
-    dht = NULL;
-  }
-}
-/**
- * Function called whenever a channel is destroyed.  Should clean up
- * the associated state and attempt to build a new one.
- *
- * It must NOT call #GNUNET_CADET_channel_destroy on the channel.
- *
- * @param cls closure (the `struct CadetExit` set from #GNUNET_CADET_connect)
- * @param channel connection to the other end (henceforth invalid)
- * @param channel_ctx place where local state associated
- *                   with the channel is stored
- */
-static void
-cadet_channel_end_cb (void *cls,
-                      const struct GNUNET_CADET_Channel *channel)
-{
-  struct CadetExit *exit = cls;
-  struct CadetExit *alt;
-  struct RequestContext *rc;
-  exit->cadet_channel = NULL;
-  dns_exit_available--;
-  /* open alternative channels */
-  /* our channel is now closed, move our requests to an alternative
-     channel */
-  alt = choose_exit ();
-  while (NULL != (rc = exit->receive_queue_head))
-  {
-    GNUNET_CONTAINER_DLL_remove (exit->receive_queue_head,
-                                 exit->receive_queue_tail,
-                                 rc);
-    rc->exit = alt;
-    GNUNET_CONTAINER_DLL_insert (alt->receive_queue_head,
-                                 alt->receive_queue_tail,
-                                 rc);
-    GNUNET_MQ_send (GNUNET_CADET_get_mq (alt->cadet_channel),
-                    GNUNET_MQ_env_copy (rc->env));
-  }
-  try_open_exit ();
-}
-/**
- * Function called whenever a channel has excess capacity.
- *
- * @param cls the `struct CadetExit`
- * @param channel connection to the other end
- * @param window_size how much capacity do we have
- */
-static void
-channel_idle_notify_cb (void *cls,
-                        const struct GNUNET_CADET_Channel *channel,
-                        int window_size)
-{
-  struct CadetExit *pos = cls;
-  pos->idle = window_size;
-}
-/**
- * We are short on cadet exits, try to open another one.
- */
-static void
-try_open_exit ()
-{
-  struct CadetExit *pos;
-  uint32_t candidate_count;
-  uint32_t candidate_selected;
-  struct GNUNET_HashCode port;
-  GNUNET_CRYPTO_hash (GNUNET_APPLICATION_PORT_INTERNET_RESOLVER,
-                      strlen (GNUNET_APPLICATION_PORT_INTERNET_RESOLVER),
-                      &port);
-  candidate_count = 0;
-  for (pos = exit_head; NULL != pos; pos = pos->next)
-    if (NULL == pos->cadet_channel)
-      candidate_count++;
-  if (0 == candidate_count)
-  {
-    GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
-                "No DNS exits available yet.\n");
-    return;
-  }
-  candidate_selected = GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_WEAK,
-                                                 candidate_count);
-  candidate_count = 0;
-  for (pos = exit_head; NULL != pos; pos = pos->next)
-    if (NULL == pos->cadet_channel)
-    {
-      candidate_count++;
-      if (candidate_selected < candidate_count)
-      {
-        struct GNUNET_MQ_MessageHandler cadet_handlers[] = {
-          GNUNET_MQ_hd_var_size (dns_response,
-                                 GNUNET_MESSAGE_TYPE_VPN_DNS_FROM_INTERNET,
-                                 struct DnsResponseMessage,
-                                 pos),
-          GNUNET_MQ_handler_end ()
-        };
-        /* move to the head of the DLL */
-        pos->cadet_channel
-          = GNUNET_CADET_channel_create (cadet_handle,
-                                         pos,
-                                         &pos->peer,
-                                         &port,
-                                         &channel_idle_notify_cb,
-                                         &cadet_channel_end_cb,
-                                         cadet_handlers);
-        if (NULL == pos->cadet_channel)
-        {
-          GNUNET_break (0);
-          continue;
-        }
-        GNUNET_CONTAINER_DLL_remove (exit_head,
-                                     exit_tail,
-                                     pos);
-        GNUNET_CONTAINER_DLL_insert (exit_head,
-                                     exit_tail,
-                                     pos);
-        dns_exit_available++;
-        return;
-      }
-    }
-  GNUNET_assert (NULL == exit_head);
-}
-/**
- * Function called whenever we find an advertisement for a
- * DNS exit in the DHT.  If we don't have a cadet channel,
- * we should build one; otherwise, we should save the
- * advertisement for later use.
- *
- * @param cls closure
- * @param exp when will this value expire
- * @param key key of the result
- * @param trunc_peer peer that was truncated (or NULL if not truncated)
- * @param get_path peers on reply path (or NULL if not recorded)
- *                 [0] = datastore's first neighbor, [length - 1] = local peer
- * @param get_path_length number of entries in @a get_path
- * @param put_path peers on the PUT path (or NULL if not recorded)
- *                 [0] = origin, [length - 1] = datastore
- * @param put_path_length number of entries in @a put_path
- * @param type type of the result
- * @param size number of bytes in @a data
- * @param data pointer to the result data
- */
-static void
-handle_dht_result (void *cls,
-                   struct GNUNET_TIME_Absolute exp,
-                   const struct GNUNET_HashCode *key,
-                   const struct GNUNET_PeerIdentity *trunc_peer,
-                   const struct GNUNET_DHT_PathElement *get_path,
-                   unsigned int get_path_length,
-                   const struct GNUNET_DHT_PathElement *put_path,
-                   unsigned int put_path_length,
-                   enum GNUNET_BLOCK_Type type,
-                   size_t size, const void *data)
-{
-  const struct GNUNET_DNS_Advertisement *ad;
-  struct CadetExit *exit;
-  if (sizeof(struct GNUNET_DNS_Advertisement) != size)
-  {
-    GNUNET_break (0);
-    return;
-  }
-  ad = data;
-  for (exit = exit_head; NULL != exit; exit = exit->next)
-    if (0 == GNUNET_memcmp (&ad->peer,
-                            &exit->peer))
-      break;
-  if (NULL == exit)
-  {
-    exit = GNUNET_new (struct CadetExit);
-    exit->peer = ad->peer;
-    /* channel is closed, so insert at the end */
-    GNUNET_CONTAINER_DLL_insert_tail (exit_head,
-                                      exit_tail,
-                                      exit);
-  }
-  exit->expiration = GNUNET_TIME_absolute_max (exit->expiration,
-                                               GNUNET_TIME_absolute_ntoh (
-                                                 ad->expiration_time));
-  if (dns_exit_available < MAX_OPEN_TUNNELS)
-    try_open_exit ();
-}
-/**
- * @brief Main function that will be run by the scheduler.
- *
- * @param cls closure
- * @param args remaining command-line arguments
- * @param cfgfile name of the configuration file used (for saving, can be NULL!)
- * @param cfg_ configuration
- */
-static void
-run (void *cls, char *const *args GNUNET_UNUSED,
-     const char *cfgfile GNUNET_UNUSED,
-     const struct GNUNET_CONFIGURATION_Handle *cfg_)
-{
-  struct GNUNET_HashCode dns_key;
-  cfg = cfg_;
-  stats = GNUNET_STATISTICS_create ("pt",
-                                    cfg);
-  ipv4_pt = GNUNET_CONFIGURATION_get_value_yesno (cfg,
-                                                  "pt",
-                                                  "TUNNEL_IPV4");
-  ipv6_pt = GNUNET_CONFIGURATION_get_value_yesno (cfg,
-                                                  "pt",
-                                                  "TUNNEL_IPV6");
-  dns_channel = GNUNET_CONFIGURATION_get_value_yesno (cfg,
-                                                      "pt",
-                                                      "TUNNEL_DNS");
-  if (! (ipv4_pt || ipv6_pt || dns_channel))
-  {
-    GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
-                _ ("No useful service enabled.  Exiting.\n"));
-    GNUNET_SCHEDULER_shutdown ();
-    return;
-  }
-  GNUNET_SCHEDULER_add_shutdown (&cleanup, cls);
-  if (ipv4_pt || ipv6_pt)
-  {
-    dns_post_handle
-      = GNUNET_DNS_connect (cfg,
-                            GNUNET_DNS_FLAG_POST_RESOLUTION,
-                            &dns_post_request_handler,
-                            NULL);
-    if (NULL == dns_post_handle)
-    {
-      GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
-                  _ ("Failed to connect to %s service.  Exiting.\n"),
-                  "DNS");
-      GNUNET_SCHEDULER_shutdown ();
-      return;
-    }
-    vpn_handle = GNUNET_VPN_connect (cfg);
-    if (NULL == vpn_handle)
-    {
-      GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
-                  _ ("Failed to connect to %s service.  Exiting.\n"),
-                  "VPN");
-      GNUNET_SCHEDULER_shutdown ();
-      return;
-    }
-  }
-  if (dns_channel)
-  {
-    dns_pre_handle
-      = GNUNET_DNS_connect (cfg,
-                            GNUNET_DNS_FLAG_PRE_RESOLUTION,
-                            &dns_pre_request_handler,
-                            NULL);
-    if (NULL == dns_pre_handle)
-    {
-      GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
-                  _ ("Failed to connect to %s service.  Exiting.\n"),
-                  "DNS");
-      GNUNET_SCHEDULER_shutdown ();
-      return;
-    }
-    cadet_handle = GNUNET_CADET_connect (cfg);
-    if (NULL == cadet_handle)
-    {
-      GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
-                  _ ("Failed to connect to %s service.  Exiting.\n"),
-                  "CADET");
-      GNUNET_SCHEDULER_shutdown ();
-      return;
-    }
-    dht = GNUNET_DHT_connect (cfg, 1);
-    if (NULL == dht)
-    {
-      GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
-                  _ ("Failed to connect to %s service.  Exiting.\n"),
-                  "DHT");
-      GNUNET_SCHEDULER_shutdown ();
-      return;
-    }
-    GNUNET_CRYPTO_hash ("dns",
-                        strlen ("dns"),
-                        &dns_key);
-    dht_get = GNUNET_DHT_get_start (dht,
-                                    GNUNET_BLOCK_TYPE_DNS,
-                                    &dns_key,
-                                    1,
-                                    GNUNET_DHT_RO_DEMULTIPLEX_EVERYWHERE,
-                                    NULL, 0,
-                                    &handle_dht_result,
-                                    NULL);
-  }
-}
-/**
- * The main function
- *
- * @param argc number of arguments from the command line
- * @param argv command line arguments
- * @return 0 ok, 1 on error
- */
-int
-main (int argc,
-      char *const *argv)
-{
-  static const struct GNUNET_GETOPT_CommandLineOption options[] = {
-    GNUNET_GETOPT_OPTION_END
-  };
-  int ret;
-  if (GNUNET_OK != GNUNET_STRINGS_get_utf8_args (argc,
-                                                 argv,
-                                                 &argc,
-                                                 &argv))
-    return 2;
-  ret = (GNUNET_OK ==
-         GNUNET_PROGRAM_run (argc,
-                             argv,
-                             "gnunet-daemon-pt",
-                             gettext_noop (
-                               "Daemon to run to perform IP protocol translation to GNUnet"),
-                             options,
-                             &run,
-                             NULL))
-        ? 0
-        : 1;
-  GNUNET_free_nz ((void *) argv);
-  return ret;
-}
-/* end of gnunet-daemon-pt.c */
diff --git a/src/pt/meson.build b/src/pt/meson.build
deleted file mode 100644
index 0b6cc1818..000000000
--- a/src/pt/meson.build
+++ /dev/null
@@ -1,22 +0,0 @@
-configure_file(input : 'pt.conf',
-               output : 'pt.conf',
-               configuration : cdata,
-               install: true,
-               install_dir: pkgcfgdir)
-if get_option('monolith')
-  subdir_done()
-endif
-executable ('gnunet-daemon-pt',
-            ['gnunet-daemon-pt.c'],
-            dependencies: [libgnunetdns_dep,
-                           libgnunetutil_dep,
-                           libgnunetstatistics_dep,
-                           libgnunetdht_dep,
-                           libgnunetcadet_dep,
-                           libgnunetvpn_dep],
-            include_directories: [incdir, configuration_inc],
-            install: true,
-            install_dir: get_option('libdir') / 'gnunet' / 'libexec')
diff --git a/src/pt/pt.conf b/src/pt/pt.conf
deleted file mode 100644
index 2c8c93c81..000000000
--- a/src/pt/pt.conf
+++ /dev/null
@@ -1,12 +0,0 @@
-[pt]
-BINARY = gnunet-daemon-pt
-NOARMBIND = YES
-# Set this to YES to tunnel IPv4 traffic over GNUnet
-TUNNEL_IPV4 = NO
-# Set this to YES to tunnel IPv6 traffic over GNUnet
-TUNNEL_IPV6 = NO
-# Set this to YES to tunnel DNS traffic over GNUnet
-TUNNEL_DNS = NO
diff --git a/src/pt/test_gns_vpn.c b/src/pt/test_gns_vpn.c
deleted file mode 100644
index 4db7bf274..000000000
--- a/src/pt/test_gns_vpn.c
+++ /dev/null
@@ -1,864 +0,0 @@
-/*
-     This file is part of GNUnet
-     Copyright (C) 2007, 2009, 2011, 2012, 2015, 2017 Christian Grothoff
-     GNUnet is free software: you can redistribute it and/or modify it
-     under the terms of the GNU Affero General Public License as published
-     by the Free Software Foundation, either version 3 of the License,
-     or (at your option) any later version.
-     GNUnet is distributed in the hope that it will be useful, but
-     WITHOUT ANY WARRANTY; without even the implied warranty of
-     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-     Affero General Public License for more details.
-     You should have received a copy of the GNU Affero General Public License
-     along with this program.  If not, see <http://www.gnu.org/licenses/>.
-     SPDX-License-Identifier: AGPL3.0-or-later
- */
-/**
- * @file test_gns_vpn.c
- * @brief testcase for accessing VPN services via GNS
- * @author Martin Schanzenbach
- * @author Christian Grothoff
- *
- * This test requires libcurl/libgnurl *with* support for C-ARES.
- * This is NOT the default on most platforms, which means the test
- * will be skipped in many cases.   Compile libcurl/libgnurl with
- * "--enable-ares" to get this test to pass.
- *
- * Furthermore, the test relies on gnunet-dns2gns being able to bind
- * to port 53.  This means that 'setcap' has to have worked during
- * 'make install'.  If this failed, but everything else is OK, the
- * test may FAIL hard even though it is just an installation issue (we
- * cannot conveniently test for the setcap to have worked).  However,
- * you should get a warning that gnunet-dns2gns failed to 'bind'.
- */
-#include "platform.h"
-/* Just included for the right curl.h */
-#include "gnunet_curl_lib.h"
-#include <microhttpd.h>
-#include "gnunet_identity_service.h"
-#include "gnunet_namestore_service.h"
-#include "gnunet_gnsrecord_lib.h"
-#include "gnunet_gns_service.h"
-#include "gnunet_testing_lib.h"
-#include "gnunet_mhd_compat.h"
-#define PORT 8080
-#define TEST_DOMAIN "www.gnu"
-#define TIMEOUT GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_SECONDS, 30)
-/**
- * Return value for #main().
- */
-static int global_ret;
-static struct GNUNET_NAMESTORE_Handle *namestore;
-static struct MHD_Daemon *mhd;
-static struct GNUNET_SCHEDULER_Task *mhd_task_id;
-static struct GNUNET_SCHEDULER_Task *curl_task_id;
-static struct GNUNET_SCHEDULER_Task *timeout_task;
-static struct GNUNET_IDENTITY_Handle *identity;
-static struct GNUNET_NAMESTORE_QueueEntry *qe;
-static CURL *curl;
-static CURLM *multi;
-static char *url;
-static struct GNUNET_PeerIdentity id;
-/**
- * IP address of the ultimate destination.
- */
-static const char *dest_ip;
-/**
- * Address family of the dest_ip.
- */
-static int dest_af;
-/**
- * Address family to use by the curl client.
- */
-static int src_af;
-static int use_v6;
-struct CBC
-{
-  char buf[1024];
-  size_t pos;
-};
-static struct CBC cbc;
-static size_t
-copy_buffer (void *ptr,
-             size_t size,
-             size_t nmemb,
-             void *ctx)
-{
-  struct CBC *cbc = ctx;
-  if (cbc->pos + size * nmemb > sizeof(cbc->buf))
-    return 0;                   /* overflow */
-  GNUNET_memcpy (&cbc->buf[cbc->pos], ptr, size * nmemb);
-  cbc->pos += size * nmemb;
-  return size * nmemb;
-}
-static MHD_RESULT
-mhd_ahc (void *cls,
-         struct MHD_Connection *connection,
-         const char *url,
-         const char *method,
-         const char *version,
-         const char *upload_data, size_t *upload_data_size,
-         void **unused)
-{
-  static int ptr;
-  struct MHD_Response *response;
-  int ret;
-  if (0 != strcmp ("GET", method))
-    return MHD_NO;              /* unexpected method */
-  if (&ptr != *unused)
-  {
-    *unused = &ptr;
-    return MHD_YES;
-  }
-  *unused = NULL;
-  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
-              "MHD sends response for request to URL `%s'\n", url);
-  response = MHD_create_response_from_buffer (strlen (url),
-                                              (void *) url,
-                                              MHD_RESPMEM_MUST_COPY);
-  ret = MHD_queue_response (connection, MHD_HTTP_OK, response);
-  MHD_destroy_response (response);
-  if (ret == MHD_NO)
-    abort ();
-  return ret;
-}
-static void
-do_shutdown (void *cls)
-{
-  if (NULL != mhd_task_id)
-  {
-    GNUNET_SCHEDULER_cancel (mhd_task_id);
-    mhd_task_id = NULL;
-  }
-  if (NULL != curl_task_id)
-  {
-    GNUNET_SCHEDULER_cancel (curl_task_id);
-    curl_task_id = NULL;
-  }
-  if (NULL != timeout_task)
-  {
-    GNUNET_SCHEDULER_cancel (timeout_task);
-    timeout_task = NULL;
-  }
-  if (NULL != mhd)
-  {
-    MHD_stop_daemon (mhd);
-    mhd = NULL;
-  }
-  if (NULL != identity)
-  {
-    GNUNET_IDENTITY_disconnect (identity);
-    identity = NULL;
-  }
-  if (NULL != qe)
-  {
-    GNUNET_NAMESTORE_cancel (qe);
-    qe = NULL;
-  }
-  if (NULL != namestore)
-  {
-    GNUNET_NAMESTORE_disconnect (namestore);
-    namestore = NULL;
-  }
-  GNUNET_free (url);
-  url = NULL;
-}
-static void
-do_timeout (void *cls)
-{
-  timeout_task = NULL;
-  GNUNET_SCHEDULER_shutdown ();
-}
-/**
- * Function to run the HTTP client.
- */
-static void
-curl_main (void);
-static void
-curl_task (void *cls)
-{
-  curl_task_id = NULL;
-  curl_main ();
-}
-static void
-curl_main ()
-{
-  fd_set rs;
-  fd_set ws;
-  fd_set es;
-  int max;
-  struct GNUNET_NETWORK_FDSet nrs;
-  struct GNUNET_NETWORK_FDSet nws;
-  struct GNUNET_TIME_Relative delay;
-  long timeout;
-  int running;
-  struct CURLMsg *msg;
-  max = 0;
-  FD_ZERO (&rs);
-  FD_ZERO (&ws);
-  FD_ZERO (&es);
-  curl_multi_perform (multi, &running);
-  if (running == 0)
-  {
-    GNUNET_assert (NULL != (msg = curl_multi_info_read (multi, &running)));
-    if (msg->msg == CURLMSG_DONE)
-    {
-      if (msg->data.result != CURLE_OK)
-      {
-        fprintf (stderr,
-                 "%s failed at %s:%d: `%s'\n",
-                 "curl_multi_perform",
-                 __FILE__,
-                 __LINE__, curl_easy_strerror (msg->data.result));
-        global_ret = 1;
-      }
-    }
-    curl_multi_remove_handle (multi, curl);
-    curl_multi_cleanup (multi);
-    curl_easy_cleanup (curl);
-    curl = NULL;
-    multi = NULL;
-    if (cbc.pos != strlen ("/hello_world"))
-    {
-      GNUNET_break (0);
-      global_ret = 2;
-    }
-    if (0 != strncmp ("/hello_world", cbc.buf, strlen ("/hello_world")))
-    {
-      GNUNET_break (0);
-      global_ret = 3;
-    }
-    GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
-                "Download complete, shutting down!\n");
-    GNUNET_SCHEDULER_shutdown ();
-    return;
-  }
-  GNUNET_assert (CURLM_OK == curl_multi_fdset (multi, &rs, &ws, &es, &max));
-  if ((CURLM_OK != curl_multi_timeout (multi, &timeout)) ||
-      (-1 == timeout))
-    delay = GNUNET_TIME_UNIT_SECONDS;
-  else
-    delay = GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MILLISECONDS,
-                                           (unsigned int) timeout);
-  GNUNET_NETWORK_fdset_copy_native (&nrs,
-                                    &rs,
-                                    max + 1);
-  GNUNET_NETWORK_fdset_copy_native (&nws,
-                                    &ws,
-                                    max + 1);
-  curl_task_id = GNUNET_SCHEDULER_add_select (GNUNET_SCHEDULER_PRIORITY_DEFAULT,
-                                              delay,
-                                              &nrs,
-                                              &nws,
-                                              &curl_task,
-                                              NULL);
-}
-static void
-start_curl (void *cls)
-{
-  CURLcode ec;
-  curl_task_id = NULL;
-  GNUNET_asprintf (&url,
-                   "http://%s/hello_world",
-                   TEST_DOMAIN);
-  curl = curl_easy_init ();
-  curl_easy_setopt (curl, CURLOPT_URL, url);
-  curl_easy_setopt (curl, CURLOPT_WRITEFUNCTION, &copy_buffer);
-  curl_easy_setopt (curl, CURLOPT_WRITEDATA, &cbc);
-  curl_easy_setopt (curl, CURLOPT_FAILONERROR, 1);
-  curl_easy_setopt (curl, CURLOPT_TIMEOUT, 150L);
-  curl_easy_setopt (curl, CURLOPT_CONNECTTIMEOUT, 150L);
-  curl_easy_setopt (curl, CURLOPT_NOSIGNAL, 1);
-  if (CURLE_OK !=
-      (ec = curl_easy_setopt (curl,
-                              CURLOPT_DNS_SERVERS,
-                              "127.0.0.1:53")))
-  {
-    GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
-                "curl build without support for CURLOPT_DNS_SERVERS (%s), cannot run test\n",
-                curl_easy_strerror (ec));
-    global_ret = 77;
-    GNUNET_SCHEDULER_shutdown ();
-    return;
-  }
-  multi = curl_multi_init ();
-  GNUNET_assert (multi != NULL);
-  GNUNET_assert (CURLM_OK == curl_multi_add_handle (multi, curl));
-  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
-              "Beginning HTTP download from `%s'\n",
-              url);
-  curl_main ();
-}
-/**
- * Callback invoked from the namestore service once record is
- * created.
- *
- * @param cls closure
- * @param af address family, AF_INET or AF_INET6; AF_UNSPEC on error;
- *                will match 'result_af' from the request
- * @param address IP address (struct in_addr or struct in_addr6, depending on 'af')
- *                that the VPN allocated for the redirection;
- *                traffic to this IP will now be redirected to the
- *                specified target peer; NULL on error
- */
-static void
-commence_testing (void *cls,
-                  enum GNUNET_ErrorCode ec)
-{
-  qe = NULL;
-  if (GNUNET_EC_NONE != ec)
-  {
-    fprintf (stderr,
-             "NS failed to create record %s\n",
-             GNUNET_ErrorCode_get_hint (ec));
-    GNUNET_SCHEDULER_shutdown ();
-    return;
-  }
-  /* wait a little bit before downloading, as we just created the record */
-  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
-              "Launching cURL request\n");
-  curl_task_id
-    = GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_UNIT_SECONDS,
-                                    &start_curl,
-                                    NULL);
-}
-/**
- * Function to keep the HTTP server running.
- */
-static void
-mhd_main (void);
-static void
-mhd_task (void *cls)
-{
-  mhd_task_id = NULL;
-  MHD_run (mhd);
-  mhd_main ();
-}
-static void
-mhd_main ()
-{
-  struct GNUNET_NETWORK_FDSet nrs;
-  struct GNUNET_NETWORK_FDSet nws;
-  fd_set rs;
-  fd_set ws;
-  fd_set es;
-  int max_fd;
-  unsigned MHD_LONG_LONG timeout;
-  struct GNUNET_TIME_Relative delay;
-  GNUNET_assert (NULL == mhd_task_id);
-  FD_ZERO (&rs);
-  FD_ZERO (&ws);
-  FD_ZERO (&es);
-  max_fd = -1;
-  GNUNET_assert (MHD_YES ==
-                 MHD_get_fdset (mhd, &rs, &ws, &es, &max_fd));
-  if (MHD_YES == MHD_get_timeout (mhd, &timeout))
-    delay = GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MILLISECONDS,
-                                           (unsigned int) timeout);
-  else
-    delay = GNUNET_TIME_UNIT_FOREVER_REL;
-  GNUNET_NETWORK_fdset_copy_native (&nrs,
-                                    &rs,
-                                    max_fd + 1);
-  GNUNET_NETWORK_fdset_copy_native (&nws,
-                                    &ws,
-                                    max_fd + 1);
-  mhd_task_id = GNUNET_SCHEDULER_add_select (GNUNET_SCHEDULER_PRIORITY_DEFAULT,
-                                             delay,
-                                             &nrs,
-                                             &nws,
-                                             &mhd_task,
-                                             NULL);
-}
-/**
- * Open '/dev/null' and make the result the given
- * file descriptor.
- *
- * @param target_fd desired FD to point to /dev/null
- * @param flags open flags (O_RDONLY, O_WRONLY)
- */
-static void
-open_dev_null (int target_fd,
-               int flags)
-{
-  int fd;
-  fd = open ("/dev/null", flags);
-  if (-1 == fd)
-    abort ();
-  if (fd == target_fd)
-    return;
-  if (-1 == dup2 (fd, target_fd))
-  {
-    (void) close (fd);
-    abort ();
-  }
-  (void) close (fd);
-}
-/**
- * Run the given command and wait for it to complete.
- *
- * @param file name of the binary to run
- * @param cmd command line arguments (as given to 'execv')
- * @return 0 on success, 1 on any error
- */
-static int
-fork_and_exec (const char *file,
-               char *const cmd[])
-{
-  int status;
-  pid_t pid;
-  pid_t ret;
-  pid = fork ();
-  if (-1 == pid)
-  {
-    GNUNET_log_strerror (GNUNET_ERROR_TYPE_ERROR,
-                         "fork");
-    return 1;
-  }
-  if (0 == pid)
-  {
-    /* we are the child process */
-    /* close stdin/stdout to not cause interference
-       with the helper's main protocol! */
-    (void) close (0);
-    open_dev_null (0, O_RDONLY);
-    (void) close (1);
-    open_dev_null (1, O_WRONLY);
-    (void) execv (file, cmd);
-    /* can only get here on error */
-    GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR,
-                              "exec",
-                              file);
-    _exit (1);
-  }
-  /* keep running waitpid as long as the only error we get is 'EINTR' */
-  while ((-1 == (ret = waitpid (pid, &status, 0))) &&
-         (errno == EINTR))
-    ;
-  if (-1 == ret)
-  {
-    GNUNET_log_strerror (GNUNET_ERROR_TYPE_ERROR,
-                         "waitpid");
-    return 1;
-  }
-  if (! (WIFEXITED (status) &&
-         (0 == WEXITSTATUS (status))))
-  {
-    GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
-                "Process `%s` returned status code %d/%d.\n",
-                file,
-                WIFEXITED (status),
-                WEXITSTATUS (status));
-    return 1;
-  }
-  /* child process completed and returned success, we're happy */
-  return 0;
-}
-/**
- * Method called to inform about the egos of this peer.
- *
- * When used with #GNUNET_IDENTITY_connect, this function is
- * initially called for all egos and then again whenever a
- * ego's name changes or if it is deleted.  At the end of
- * the initial pass over all egos, the function is once called
- * with 'NULL' for @a ego. That does NOT mean that the callback won't
- * be invoked in the future or that there was an error.
- *
- * When used with #GNUNET_IDENTITY_create or #GNUNET_IDENTITY_get, this
- * function is only called ONCE, and 'NULL' being passed in @a ego does
- * indicate an error (for example because name is taken or no default value is
- * known).  If @a ego is non-NULL and if '*ctx' is set in those callbacks, the
- * value WILL be passed to a subsequent call to the identity callback of
- * #GNUNET_IDENTITY_connect (if that one was not NULL).
- *
- * When an identity is renamed, this function is called with the
- * (known) @a ego but the NEW @a name.
- *
- * When an identity is deleted, this function is called with the
- * (known) ego and "NULL" for the @a name.  In this case,
- * the @a ego is henceforth invalid (and the @a ctx should also be
- * cleaned up).
- *
- * @param cls closure
- * @param ego ego handle
- * @param ctx context for application to store data for this ego
- *                 (during the lifetime of this process, initially NULL)
- * @param name name assigned by the user for this ego,
- *                   NULL if the user just deleted the ego and it
- *                   must thus no longer be used
- */
-static void
-identity_cb (void *cls,
-             struct GNUNET_IDENTITY_Ego *ego,
-             void **ctx,
-             const char *name)
-{
-  const struct GNUNET_CRYPTO_PrivateKey *zone_key;
-  struct GNUNET_GNSRECORD_Data rd;
-  char *rd_string;
-  char *peername;
-  if (NULL == name)
-    return;
-  if (NULL == ego)
-  {
-    if (NULL == qe)
-    {
-      fprintf (stderr,
-               "Failed to find master-zone ego\n");
-      GNUNET_SCHEDULER_shutdown ();
-      return;
-    }
-    GNUNET_IDENTITY_disconnect (identity);
-    identity = NULL;
-    return;
-  }
-  GNUNET_assert (NULL != name);
-  if (0 != strcmp (name,
-                   "master-zone"))
-  {
-    fprintf (stderr,
-             "Unexpected name %s\n",
-             name);
-    return;
-  }
-  zone_key = GNUNET_IDENTITY_ego_get_private_key (ego);
-  rd.expiration_time = GNUNET_TIME_UNIT_FOREVER_ABS.abs_value_us;
-  peername = GNUNET_strdup (GNUNET_i2s_full (&id));
-  GNUNET_asprintf (&rd_string,
-                   "6 %s %s",
-                   peername,
-                   "www");
-  GNUNET_free (peername);
-  GNUNET_assert (GNUNET_OK ==
-                 GNUNET_GNSRECORD_string_to_value (GNUNET_GNSRECORD_TYPE_VPN,
-                                                   rd_string,
-                                                   (void **) &rd.data,
-                                                   &rd.data_size));
-  rd.record_type = GNUNET_GNSRECORD_TYPE_VPN;
-  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
-              "Creating `www` record\n");
-  qe = GNUNET_NAMESTORE_records_store (namestore,
-                                       zone_key,
-                                       "www",
-                                       1, &rd,
-                                       &commence_testing,
-                                       NULL);
-  GNUNET_free_nz ((void **) rd.data);
-  GNUNET_free (rd_string);
-}
-static void
-run (void *cls,
-     const struct GNUNET_CONFIGURATION_Handle *cfg,
-     struct GNUNET_TESTING_Peer *peer)
-{
-  enum MHD_FLAG flags;
-  char *bin;
-  char *bin_identity;
-  char *bin_gns;
-  char *bin_arm;
-  char *config;
-  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
-              "Test logic starting...\n");
-  if (GNUNET_OK !=
-      GNUNET_CONFIGURATION_get_value_string (cfg,
-                                             "arm",
-                                             "CONFIG",
-                                             &config))
-  {
-    GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
-                "Failed to locate configuration file. Skipping test.\n");
-    GNUNET_SCHEDULER_shutdown ();
-    return;
-  }
-  char *const identity_args[] = {
-    "gnunet-identity",
-    "-C", "master-zone",
-    "-c", config,
-    NULL
-  };
-  char *const identity2_args[] = {
-    "gnunet-identity",
-    "-e", "master-zone",
-    "-s", "gns-master",
-    "-c", config,
-    NULL
-  };
-  char *const identity3_args[] = {
-    "gnunet-identity",
-    "-e", "master-zone",
-    "-s", "dns2gns",
-    "-c", config,
-    NULL
-  };
-  char *const arm_args[] = {
-    "gnunet-arm",
-    "-i", "dns2gns",
-    "-c", config,
-    NULL
-  };
-  char *const gns_args[] = {
-    "gnunet-gns",
-    "-u", "www.gnu",
-    "-c", config,
-    NULL
-  };
-  GNUNET_TESTING_peer_get_identity (peer,
-                                    &id);
-  GNUNET_SCHEDULER_add_shutdown (&do_shutdown,
-                                 NULL);
-  timeout_task = GNUNET_SCHEDULER_add_delayed (TIMEOUT,
-                                               &do_timeout,
-                                               NULL);
-  bin = GNUNET_OS_installation_get_path (GNUNET_OS_IPK_BINDIR);
-  GNUNET_asprintf (&bin_identity,
-                   "%s/%s",
-                   bin,
-                   "gnunet-identity");
-  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
-              "Creating `master-zone` ego\n");
-  if (0 != fork_and_exec (bin_identity, identity_args))
-  {
-    GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
-                "Failed to run `gnunet-identity -C`. Skipping test.\n");
-    GNUNET_SCHEDULER_shutdown ();
-    GNUNET_free (bin_identity);
-    GNUNET_free (config);
-    GNUNET_free (bin);
-    return;
-  }
-  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
-              "Setting `master-zone` ego as default for `gns-master` and `dns2gns`\n");
-  if (0 != fork_and_exec (bin_identity, identity2_args))
-  {
-    GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
-                "Failed to run `gnunet-identity -e`. Skipping test.\n");
-    GNUNET_SCHEDULER_shutdown ();
-    GNUNET_free (bin_identity);
-    GNUNET_free (config);
-    GNUNET_free (bin);
-    return;
-  }
-  if (0 != fork_and_exec (bin_identity, identity3_args))
-  {
-    GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
-                "Failed to run `gnunet-identity -e`. Skipping test.\n");
-    GNUNET_SCHEDULER_shutdown ();
-    GNUNET_free (bin_identity);
-    GNUNET_free (config);
-    GNUNET_free (bin);
-    return;
-  }
-  GNUNET_free (bin_identity);
-  /* do lookup just to launch GNS service */
-  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
-              "Resolving `www.gnu` zone entry to launch GNS (will yield no answer yet)\n");
-  GNUNET_asprintf (&bin_gns,
-                   "%s/%s",
-                   bin,
-                   "gnunet-gns");
-  if (0 != fork_and_exec (bin_gns,
-                          gns_args))
-  {
-    GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
-                "Failed to run `gnunet-gns -u. Skipping test.\n");
-    GNUNET_SCHEDULER_shutdown ();
-    GNUNET_free (bin_gns);
-    GNUNET_free (config);
-    GNUNET_free (bin);
-    return;
-  }
-  GNUNET_free (bin_gns);
-  GNUNET_asprintf (&bin_arm,
-                   "%s/%s",
-                   bin,
-                   "gnunet-arm");
-  if (0 != fork_and_exec (bin_arm,
-                          arm_args))
-  {
-    GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
-                "Failed to run `gnunet-arm -i dns2gns. Skipping test.\n");
-    GNUNET_SCHEDULER_shutdown ();
-    GNUNET_free (bin_arm);
-    GNUNET_free (config);
-    GNUNET_free (bin);
-    return;
-  }
-  GNUNET_free (bin_arm);
-  GNUNET_free (config);
-  GNUNET_free (bin);
-  sleep (1);  /* give dns2gns chance to really run */
-  namestore = GNUNET_NAMESTORE_connect (cfg);
-  GNUNET_assert (NULL != namestore);
-  flags = MHD_USE_DEBUG;
-  if (GNUNET_YES == use_v6)
-    flags |= MHD_USE_DUAL_STACK;
-  mhd = MHD_start_daemon (flags,
-                          PORT,
-                          NULL, NULL,
-                          &mhd_ahc, NULL,
-                          MHD_OPTION_END);
-  GNUNET_assert (NULL != mhd);
-  mhd_main ();
-  identity = GNUNET_IDENTITY_connect (cfg,
-                                      &identity_cb,
-                                      NULL);
-}
-int
-main (int argc,
-      char *const *argv)
-{
-  char *bin_vpn;
-  char *bin_exit;
-  GNUNET_log_setup ("test-gns-vpn",
-                    "WARNING",
-                    NULL);
-  if (0 != access ("/dev/net/tun", R_OK))
-  {
-    GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR,
-                              "access",
-                              "/dev/net/tun");
-    fprintf (stderr,
-             "WARNING: System unable to run test, skipping.\n");
-    return 77;
-  }
-  bin_vpn = GNUNET_OS_get_libexec_binary_path ("gnunet-helper-vpn");
-  bin_exit = GNUNET_OS_get_libexec_binary_path ("gnunet-helper-exit");
-  if ((0 != geteuid ()) &&
-      ((GNUNET_YES !=
-        GNUNET_OS_check_helper_binary (bin_vpn,
-                                       GNUNET_YES,
-                                       "-d gnunet-vpn - - 169.1.3.3.7 255.255.255.0"))
-       ||                                                                                   // ipv4 only please!
-       (GNUNET_YES !=
-        GNUNET_OS_check_helper_binary (bin_exit,
-                                       GNUNET_YES,
-                                       "-d gnunet-vpn - - - 169.1.3.3.7 255.255.255.0"))))     // no nat, ipv4 only
-  {
-    fprintf (stderr,
-             "WARNING: gnunet-helper-{exit,vpn} binaries in $PATH are not SUID, refusing to run test (as it would have to fail).\n");
-    fprintf (stderr,
-             "Change $PATH ('.' in $PATH before $GNUNET_PREFIX/bin is problematic) or permissions (run 'make install' as root) to fix this!\n");
-    GNUNET_free (bin_vpn);
-    GNUNET_free (bin_exit);
-    return 77;
-  }
-  GNUNET_free (bin_vpn);
-  GNUNET_free (bin_exit);
-  dest_ip = "169.254.86.1";
-  dest_af = AF_INET;
-  src_af = AF_INET;
-  if (GNUNET_OK == GNUNET_NETWORK_test_pf (PF_INET6))
-    use_v6 = GNUNET_YES;
-  else
-    use_v6 = GNUNET_NO;
-  if ((GNUNET_OK != GNUNET_NETWORK_test_pf (src_af)) ||
-      (GNUNET_OK != GNUNET_NETWORK_test_pf (dest_af)))
-  {
-    fprintf (stderr,
-             "Required address families not supported by this system, skipping test.\n");
-    return 77;
-  }
-  if (0 != curl_global_init (CURL_GLOBAL_WIN32))
-  {
-    fprintf (stderr, "failed to initialize curl\n");
-    return 2;
-  }
-  if (0 !=
-      GNUNET_TESTING_peer_run ("test_gns_vpn",
-                               "test_gns_vpn.conf",
-                               &run,
-                               NULL))
-    return 1;
-  GNUNET_DISK_purge_cfg_dir ("test_gns_vpn.conf",
-                             "GNUNET_TEST_HOME");
-  return global_ret;
-}
-/* end of test_gns_vpn.c */
diff --git a/src/pt/test_gns_vpn.conf b/src/pt/test_gns_vpn.conf
deleted file mode 100644
index 9277aa3c3..000000000
--- a/src/pt/test_gns_vpn.conf
+++ /dev/null
@@ -1,74 +0,0 @@
-[PATHS]
-GNUNET_TEST_HOME = $GNUNET_TMP/gnunet-test-gns-vpn/
-[transport]
-PLUGINS = tcp
-[arm]
-PORT = 0
-ALLOW_SHUTDOWN = YES
-[exit]
-IMMEDIATE_START = YES
-IPV6ADDR = FC5A:04E1:C2BA::1
-IPV6PREFIX = 96
-IPV4ADDR = 169.254.86.1
-IPV4MASK = 255.255.255.0
-EXIT_IPV4 = YES
-EXIT_IPV6 = YES
-# FIXME: can we use 'lo'?
-EXIT_IFNAME = eth1
-[dns]
-DNS_EXIT = 8.8.8.8
-IMMEDIATE_START = YES
-[identity]
-START_ON_DEMAND = YES
-IMMEDIATE_START = YES
-[hostlist]
-START_ON_DEMAND = NO
-IMMEDIATE_START = NO
-[zonemaster]
-START_ON_DEMAND = YES
-IMMEDIATE_START = YES
-#[vpn]
-#PREFIX = valgrind
-[nse]
-WORKBITS = 1
-# repeating some values from the default configurations
-# here as the respective network addresses are also
-# hard-wired in the tests and the MUST match (!)
-[vpn]
-IPV6ADDR = FC2D:FDAA:6A26::1
-IPV6PREFIX = 64
-IPV4ADDR = 169.254.20.1
-IPV4MASK = 255.255.255.0
-#PREFIX = valgrind
-[www.gnunet.]
-TCP_REDIRECTS = 80:localhost4:8080
-TTL = 3600000
-[gns]
-START_ON_DEMAND = YES
-ZONEKEY = $GNUNET_TEST_HOME/.zonekey
-# Delays starting of GNS, as we need to first
-# setup the identity subsystem properly.
-IMMEDIATE_START = NO
-[namestore]
-START_ON_DEMAND = YES
-[nat]
-USE_LOCALADDR = YES
-RETURN_LOCAL_ADDRESSES = YES
diff --git a/src/pt/test_gnunet_vpn.c b/src/pt/test_gnunet_vpn.c
deleted file mode 100644
index 9552b12a9..000000000
--- a/src/pt/test_gnunet_vpn.c
+++ /dev/null
@@ -1,520 +0,0 @@
-/*
-     This file is part of GNUnet
-     Copyright (C) 2007, 2009, 2011, 2012 Christian Grothoff
-     GNUnet is free software: you can redistribute it and/or modify it
-     under the terms of the GNU Affero General Public License as published
-     by the Free Software Foundation, either version 3 of the License,
-     or (at your option) any later version.
-     GNUnet is distributed in the hope that it will be useful, but
-     WITHOUT ANY WARRANTY; without even the implied warranty of
-     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-     Affero General Public License for more details.
-     You should have received a copy of the GNU Affero General Public License
-     along with this program.  If not, see <http://www.gnu.org/licenses/>.
-     SPDX-License-Identifier: AGPL3.0-or-later
- */
-/**
- * @file test_gnunet_vpn.c
- * @brief testcase for tunneling HTTP over the GNUnet VPN
- * @author Christian Grothoff
- */
-#include "platform.h"
-/* Just included for the right curl.h */
-#include "gnunet_curl_lib.h"
-#include <microhttpd.h>
-#include "gnunet_vpn_service.h"
-#include "gnunet_testing_lib.h"
-#include "gnunet_mhd_compat.h"
-#define PORT 48080
-#define TIMEOUT GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_SECONDS, 300)
-/**
- * Return value for 'main'.
- */
-static int global_ret;
-static struct GNUNET_VPN_Handle *vpn;
-static struct MHD_Daemon *mhd;
-static struct GNUNET_SCHEDULER_Task *mhd_task_id;
-static struct GNUNET_SCHEDULER_Task *curl_task_id;
-static struct GNUNET_SCHEDULER_Task *timeout_task_id;
-static struct GNUNET_VPN_RedirectionRequest *rr;
-static CURL *curl;
-static CURLM *multi;
-static char *url;
-/**
- * IP address of the ultimate destination.
- */
-static const char *dest_ip;
-/**
- * Address family of the dest_ip.
- */
-static int dest_af;
-/**
- * Address family to use by the curl client.
- */
-static int src_af;
-struct CBC
-{
-  char buf[1024];
-  size_t pos;
-};
-static struct CBC cbc;
-static size_t
-copy_buffer (void *ptr, size_t size, size_t nmemb, void *ctx)
-{
-  struct CBC *cbc = ctx;
-  if (cbc->pos + size * nmemb > sizeof(cbc->buf))
-    return 0;                   /* overflow */
-  GNUNET_memcpy (&cbc->buf[cbc->pos], ptr, size * nmemb);
-  cbc->pos += size * nmemb;
-  return size * nmemb;
-}
-static MHD_RESULT
-mhd_ahc (void *cls,
-         struct MHD_Connection *connection,
-         const char *url,
-         const char *method,
-         const char *version,
-         const char *upload_data,
-         size_t *upload_data_size,
-         void **unused)
-{
-  static int ptr;
-  struct MHD_Response *response;
-  int ret;
-  if (0 != strcmp ("GET", method))
-    return MHD_NO;              /* unexpected method */
-  if (&ptr != *unused)
-  {
-    *unused = &ptr;
-    return MHD_YES;
-  }
-  *unused = NULL;
-  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
-              "MHD sends response for request to URL `%s'\n", url);
-  response =
-    MHD_create_response_from_buffer (strlen (url), (void *) url,
-                                     MHD_RESPMEM_MUST_COPY);
-  ret = MHD_queue_response (connection, MHD_HTTP_OK, response);
-  MHD_destroy_response (response);
-  if (ret == MHD_NO)
-    abort ();
-  return ret;
-}
-static void
-do_shutdown (void *cls)
-{
-  if (NULL != mhd_task_id)
-  {
-    GNUNET_SCHEDULER_cancel (mhd_task_id);
-    mhd_task_id = NULL;
-  }
-  if (NULL != curl_task_id)
-  {
-    GNUNET_SCHEDULER_cancel (curl_task_id);
-    curl_task_id = NULL;
-  }
-  if (NULL != timeout_task_id)
-  {
-    GNUNET_SCHEDULER_cancel (timeout_task_id);
-    timeout_task_id = NULL;
-  }
-  if (NULL != mhd)
-  {
-    MHD_stop_daemon (mhd);
-    mhd = NULL;
-  }
-  if (NULL != rr)
-  {
-    GNUNET_VPN_cancel_request (rr);
-    rr = NULL;
-  }
-  if (NULL != vpn)
-  {
-    GNUNET_VPN_disconnect (vpn);
-    vpn = NULL;
-  }
-  GNUNET_free (url);
-  url = NULL;
-}
-/**
- * Function to run the HTTP client.
- */
-static void
-curl_main (void *cls)
-{
-  fd_set rs;
-  fd_set ws;
-  fd_set es;
-  int max;
-  struct GNUNET_NETWORK_FDSet nrs;
-  struct GNUNET_NETWORK_FDSet nws;
-  struct GNUNET_TIME_Relative delay;
-  long timeout;
-  int running;
-  struct CURLMsg *msg;
-  curl_task_id = NULL;
-  max = 0;
-  FD_ZERO (&rs);
-  FD_ZERO (&ws);
-  FD_ZERO (&es);
-  curl_multi_perform (multi, &running);
-  if (running == 0)
-  {
-    GNUNET_assert (NULL != (msg = curl_multi_info_read (multi, &running)));
-    if (msg->msg == CURLMSG_DONE)
-    {
-      if (msg->data.result != CURLE_OK)
-      {
-        fprintf (stderr, "%s failed at %s:%d: `%s'\n", "curl_multi_perform",
-                 __FILE__, __LINE__, curl_easy_strerror (msg->data.result));
-        global_ret = 1;
-      }
-    }
-    curl_multi_remove_handle (multi, curl);
-    curl_multi_cleanup (multi);
-    curl_easy_cleanup (curl);
-    curl = NULL;
-    multi = NULL;
-    if (cbc.pos != strlen ("/hello_world"))
-    {
-      GNUNET_break (0);
-      global_ret = 2;
-    }
-    if (0 != strncmp ("/hello_world", cbc.buf, strlen ("/hello_world")))
-    {
-      GNUNET_break (0);
-      GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
-                  "You might want to check if your host-based firewall is blocking the connections.\n");
-      global_ret = 3;
-    }
-    GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Download complete, shutting down!\n");
-    GNUNET_SCHEDULER_shutdown ();
-    return;
-  }
-  GNUNET_assert (CURLM_OK == curl_multi_fdset (multi, &rs, &ws, &es, &max));
-  if ((CURLM_OK != curl_multi_timeout (multi, &timeout)) || (-1 == timeout))
-    delay = GNUNET_TIME_UNIT_SECONDS;
-  else
-    delay =
-      GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MILLISECONDS,
-                                     (unsigned int) timeout);
-  GNUNET_NETWORK_fdset_copy_native (&nrs, &rs, max + 1);
-  GNUNET_NETWORK_fdset_copy_native (&nws, &ws, max + 1);
-  curl_task_id =
-    GNUNET_SCHEDULER_add_select (GNUNET_SCHEDULER_PRIORITY_DEFAULT, delay,
-                                 &nrs, &nws, &curl_main, NULL);
-}
-/**
- * Callback invoked from the VPN service once a redirection is
- * available.  Provides the IP address that can now be used to
- * reach the requested destination (in our case, the MHD server)
- *
- * @param cls closure
- * @param af address family, AF_INET or AF_INET6; AF_UNSPEC on error;
- *                will match 'result_af' from the request
- * @param address IP address (struct in_addr or struct in_addr6, depending on 'af')
- *                that the VPN allocated for the redirection;
- *                traffic to this IP will now be redirected to the
- *                specified target peer; NULL on error
- */
-static void
-allocation_cb (void *cls, int af, const void *address)
-{
-  char ips[INET6_ADDRSTRLEN];
-  rr = NULL;
-  if (src_af != af)
-  {
-    fprintf (stderr,
-             "VPN failed to allocate appropriate address\n");
-    GNUNET_SCHEDULER_shutdown ();
-    return;
-  }
-  if (AF_INET6 == af)
-    GNUNET_asprintf (&url,
-                     "http://[%s]:%u/hello_world",
-                     inet_ntop (af,
-                                address,
-                                ips,
-                                sizeof(ips)),
-                     (unsigned int) PORT);
-  else
-    GNUNET_asprintf (&url,
-                     "http://%s:%u/hello_world",
-                     inet_ntop (af,
-                                address,
-                                ips,
-                                sizeof(ips)),
-                     (unsigned int) PORT);
-  curl = curl_easy_init ();
-  curl_easy_setopt (curl, CURLOPT_URL, url);
-  curl_easy_setopt (curl, CURLOPT_WRITEFUNCTION, &copy_buffer);
-  curl_easy_setopt (curl, CURLOPT_WRITEDATA, &cbc);
-  curl_easy_setopt (curl, CURLOPT_FAILONERROR, 1);
-  curl_easy_setopt (curl, CURLOPT_TIMEOUT, 150L);
-  curl_easy_setopt (curl, CURLOPT_CONNECTTIMEOUT, 15L);
-  curl_easy_setopt (curl, CURLOPT_NOSIGNAL, 1);
-  curl_easy_setopt (curl, CURLOPT_VERBOSE, 0);
-  multi = curl_multi_init ();
-  GNUNET_assert (multi != NULL);
-  GNUNET_assert (CURLM_OK == curl_multi_add_handle (multi, curl));
-  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
-              "Beginning HTTP download from `%s'\n",
-              url);
-  GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_UNIT_SECONDS,
-                                &curl_main,
-                                NULL);
-}
-/**
- * Function to keep the HTTP server running.
- */
-static void
-mhd_main (void);
-static void
-mhd_task (void *cls)
-{
-  mhd_task_id = NULL;
-  MHD_run (mhd);
-  mhd_main ();
-}
-static void
-do_timeout (void *cls)
-{
-  timeout_task_id = NULL;
-  GNUNET_SCHEDULER_shutdown ();
-  GNUNET_break (0);
-  global_ret = 1;
-}
-static void
-mhd_main ()
-{
-  struct GNUNET_NETWORK_FDSet nrs;
-  struct GNUNET_NETWORK_FDSet nws;
-  fd_set rs;
-  fd_set ws;
-  fd_set es;
-  int max_fd;
-  unsigned MHD_LONG_LONG timeout;
-  struct GNUNET_TIME_Relative delay;
-  GNUNET_assert (NULL == mhd_task_id);
-  FD_ZERO (&rs);
-  FD_ZERO (&ws);
-  FD_ZERO (&es);
-  max_fd = -1;
-  GNUNET_assert (MHD_YES == MHD_get_fdset (mhd, &rs, &ws, &es, &max_fd));
-  if (MHD_YES == MHD_get_timeout (mhd, &timeout))
-    delay =
-      GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MILLISECONDS,
-                                     (unsigned int) timeout);
-  else
-    delay = GNUNET_TIME_UNIT_FOREVER_REL;
-  GNUNET_NETWORK_fdset_copy_native (&nrs, &rs, max_fd + 1);
-  GNUNET_NETWORK_fdset_copy_native (&nws, &ws, max_fd + 1);
-  mhd_task_id =
-    GNUNET_SCHEDULER_add_select (GNUNET_SCHEDULER_PRIORITY_DEFAULT, delay,
-                                 &nrs, &nws, &mhd_task, NULL);
-}
-static void
-run (void *cls,
-     const struct GNUNET_CONFIGURATION_Handle *cfg,
-     struct GNUNET_TESTING_Peer *peer)
-{
-  struct in_addr v4;
-  struct in6_addr v6;
-  void *addr;
-  enum MHD_FLAG flags;
-  vpn = GNUNET_VPN_connect (cfg);
-  GNUNET_assert (NULL != vpn);
-  flags = MHD_USE_DEBUG;
-  if (AF_INET6 == dest_af)
-    flags |= MHD_USE_IPv6;
-  mhd =
-    MHD_start_daemon (flags, PORT, NULL, NULL, &mhd_ahc, NULL,
-                      MHD_OPTION_END);
-  GNUNET_assert (NULL != mhd);
-  mhd_main ();
-  addr = NULL;
-  switch (dest_af)
-  {
-  case AF_INET:
-    GNUNET_assert (1 == inet_pton (dest_af, dest_ip, &v4));
-    addr = &v4;
-    break;
-  case AF_INET6:
-    GNUNET_assert (1 == inet_pton (dest_af, dest_ip, &v6));
-    addr = &v6;
-    break;
-  default:
-    GNUNET_assert (0);
-  }
-  rr = GNUNET_VPN_redirect_to_ip (vpn, src_af, dest_af, addr,
-                                  GNUNET_TIME_UNIT_FOREVER_ABS, &allocation_cb,
-                                  NULL);
-  timeout_task_id =
-    GNUNET_SCHEDULER_add_delayed (TIMEOUT,
-                                  &do_timeout,
-                                  NULL);
-  GNUNET_SCHEDULER_add_shutdown (&do_shutdown,
-                                 NULL);
-}
-int
-main (int argc, char *const *argv)
-{
-  const char *type;
-  const char *bin;
-  char *vpn_binary;
-  char *exit_binary;
-  int ret = 0;
-  if (0 != access ("/dev/net/tun", R_OK))
-  {
-    GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR,
-                              "access",
-                              "/dev/net/tun");
-    fprintf (stderr,
-             "WARNING: System unable to run test, skipping.\n");
-    return 77;
-  }
-  vpn_binary = GNUNET_OS_get_libexec_binary_path ("gnunet-helper-vpn");
-  exit_binary = GNUNET_OS_get_libexec_binary_path ("gnunet-helper-exit");
-  if ((GNUNET_YES != (ret = GNUNET_OS_check_helper_binary (vpn_binary,
-                                                           GNUNET_YES,
-                                                           "-d gnunet-vpn - - 169.1.3.3.7 255.255.255.0")))
-      ||                                                                                                                               // ipv4 only please!
-      (GNUNET_YES != (ret = GNUNET_OS_check_helper_binary (exit_binary,
-                                                           GNUNET_YES,
-                                                           "-d gnunet-vpn - - - 169.1.3.3.7 255.255.255.0"))))                          // no nat, ipv4 only
-  {
-    GNUNET_free (vpn_binary);
-    GNUNET_free (exit_binary);
-    fprintf (stderr,
-             "WARNING: gnunet-helper-{exit,vpn} binaries are not SUID, refusing to run test (as it would have to fail). %d\n",
-             ret);
-    return 77;
-  }
-  GNUNET_free (vpn_binary);
-  GNUNET_free (exit_binary);
-  bin = argv[0];
-  if (NULL != strstr (bin, "lt-"))
-    bin = strstr (bin, "lt-") + 4;
-  type = strstr (bin, "-");
-  if (NULL == type)
-  {
-    fprintf (stderr,
-             "invalid binary name\n");
-    return 1;
-  }
-  type++;
-  /* on Windows, .exe is suffixed to these binaries,
-   * thus cease comparison after the 6th char.
-   */
-  if (0 == strncmp (type, "4_to_6", 6))
-  {
-    dest_ip = "FC5A:04E1:C2BA::1";
-    dest_af = AF_INET6;
-    src_af = AF_INET;
-  }
-  else if (0 == strncmp (type, "6_to_4", 6))
-  {
-    dest_ip = "169.254.86.1";
-    dest_af = AF_INET;
-    src_af = AF_INET6;
-  }
-  else if (0 == strncmp (type, "4_over", 6))
-  {
-    dest_ip = "169.254.86.1";
-    dest_af = AF_INET;
-    src_af = AF_INET;
-  }
-  else if (0 == strncmp (type, "6_over", 6))
-  {
-    dest_ip = "FC5A:04E1:C2BA::1";
-    dest_af = AF_INET6;
-    src_af = AF_INET6;
-  }
-  else
-  {
-    fprintf (stderr, "invalid binary suffix `%s'\n", type);
-    return 1;
-  }
-  if ((GNUNET_OK != GNUNET_NETWORK_test_pf (src_af)) ||
-      (GNUNET_OK != GNUNET_NETWORK_test_pf (dest_af)))
-  {
-    fprintf (stderr,
-             "Required address families not supported by this system, skipping test.\n");
-    return 0;
-  }
-  if (0 != curl_global_init (CURL_GLOBAL_WIN32))
-  {
-    fprintf (stderr, "failed to initialize curl\n");
-    return 2;
-  }
-  if (0 !=
-      GNUNET_TESTING_peer_run ("test-gnunet-vpn", "test_gnunet_vpn.conf", &run,
-                               NULL))
-    return 1;
-  GNUNET_DISK_purge_cfg_dir ("test_gnunet_vpn.conf", 
-                             "GNUNET_TEST_HOME");
-  return global_ret;
-}
-/* end of test_gnunet_vpn.c */
diff --git a/src/pt/test_gnunet_vpn.conf b/src/pt/test_gnunet_vpn.conf
deleted file mode 100644
index 9bee93e02..000000000
--- a/src/pt/test_gnunet_vpn.conf
+++ /dev/null
@@ -1,48 +0,0 @@
-[PATHS]
-GNUNET_TEST_HOME = $GNUNET_TMP/gnunet-test-vpn/
-[transport]
-PLUGINS = tcp
-[arm]
-PORT = 0
-ALLOW_SHUTDOWN = YES
-[exit]
-IMMEDIATE_START = YES
-EXIT_IPV4 = YES
-EXIT_IPV6 = YES
-IPV6ADDR = FC5A:04E1:C2BA::1
-IPV6PREFIX = 96
-IPV4ADDR = 169.254.86.1
-IPV4MASK = 255.255.255.0
-# FIXME: can we use 'lo'?
-EXIT_IFNAME = eth1
-[hostlist]
-START_ON_DEMAND = NO
-IMMEDIATE_START = NO
-[nse]
-WORKBITS = 1
-# repeating some values from the default configurations
-# here as the respective network addresses are also
-# hard-wired in the tests and the MUST match (!)
-[vpn]
-IPV6ADDR = FC2D:FDAA:6A26::1
-IPV6PREFIX = 64
-IPV4ADDR = 169.254.20.1
-IPV4MASK = 255.255.255.0
-[gns]
-START_ON_DEMAND = NO
-[nat]
-USE_LOCALADDR = YES
-RETURN_LOCAL_ADDRESSES = YES
-[consensus]
-START_ON_DEMAND = NO
author	Martin Schanzenbach <schanzen@gnunet.org>	2023-10-19 11:59:19 +0200
committer	Martin Schanzenbach <schanzen@gnunet.org>	2023-10-19 11:59:19 +0200
commit	858647ab4b2465430800689bda2c2837601c48d1 (patch)
tree	048818f625a501cd3c4fc22c814f4e1717353a22 /src/pt
parent	579d9473bb75072303789599b23be9b0203336fc (diff)
download	gnunet-858647ab4b2465430800689bda2c2837601c48d1.tar.gz gnunet-858647ab4b2465430800689bda2c2837601c48d1.zip