summaryrefslogtreecommitdiff
path: root/src/transport/transport_api_blacklist.c
diff options
context:
space:
mode:
authorChristian Grothoff <christian@grothoff.org>2010-04-18 20:23:40 +0000
committerChristian Grothoff <christian@grothoff.org>2010-04-18 20:23:40 +0000
commit541caf3dec54aaee621fed935e667f9ee423ef31 (patch)
tree6f80958e68541ce071bc557bbfc168644963c473 /src/transport/transport_api_blacklist.c
parente8bc962b2ed43e194ba124537573da236786e82c (diff)
towards fixing blacklisting APIs and implementation
Diffstat (limited to 'src/transport/transport_api_blacklist.c')
-rw-r--r--src/transport/transport_api_blacklist.c385
1 files changed, 149 insertions, 236 deletions
diff --git a/src/transport/transport_api_blacklist.c b/src/transport/transport_api_blacklist.c
index c8838f1b6..5d2d616e8 100644
--- a/src/transport/transport_api_blacklist.c
+++ b/src/transport/transport_api_blacklist.c
@@ -36,7 +36,7 @@
/**
* Handle for blacklisting requests.
*/
-struct GNUNET_TRANSPORT_BlacklistRequest
+struct GNUNET_TRANSPORT_Blacklist
{
/**
@@ -45,342 +45,255 @@ struct GNUNET_TRANSPORT_BlacklistRequest
struct GNUNET_CLIENT_Connection * client;
/**
- * Function to call when done.
- */
- GNUNET_SCHEDULER_Task cont;
-
- /**
- * Clsoure for 'cont'.
+ * Scheduler to use.
*/
- void *cont_cls;
+ struct GNUNET_SCHEDULER_Handle *sched;
/**
- * Scheduler to use.
+ * Configuration to use.
*/
- struct GNUNET_SCHEDULER_Handle *sched;
+ const struct GNUNET_CONFIGURATION_Handle *cfg;
/**
- * Pending handle for the blacklisting request.
+ * Pending handle for the current request.
*/
struct GNUNET_CLIENT_TransmitHandle *th;
-
+
/**
- * How long should 'peer' be blacklisted?
+ * Function to call for determining if a peer is allowed
+ * to communicate with us.
*/
- struct GNUNET_TIME_Absolute duration;
-
+ GNUNET_TRANSPORT_BlacklistCallback cb;
+
/**
- * Which peer is being blacklisted?
+ * Closure for 'cb'.
+ */
+ void *cb_cls;
+
+ /**
+ * Peer currently under consideration.
*/
struct GNUNET_PeerIdentity peer;
-
+
};
/**
- * Function called to notify a client about the socket
- * begin ready to queue more data. "buf" will be
- * NULL and "size" zero if the socket was closed for
- * writing in the meantime.
+ * Establish blacklist connection to transport service.
*
- * @param cls closure
- * @param size number of bytes available in buf
- * @param buf where the callee should write the message
- * @return number of bytes written to buf
+ * @param br overall handle
*/
-static size_t
-transmit_blacklist_request (void *cls,
- size_t size, void *buf)
-{
- struct GNUNET_TRANSPORT_BlacklistRequest *br = cls;
- struct BlacklistMessage req;
-
- if (buf == NULL)
- {
- GNUNET_SCHEDULER_add_continuation (br->sched,
- br->cont,
- br->cont_cls,
- GNUNET_SCHEDULER_REASON_TIMEOUT);
- GNUNET_free (br);
- return 0;
- }
- req.header.size = htons (sizeof (req));
- req.header.type = htons (GNUNET_MESSAGE_TYPE_TRANSPORT_BLACKLIST);
- req.reserved = htonl (0);
- req.peer = br->peer;
- req.until = GNUNET_TIME_absolute_hton (br->duration);
- memcpy (buf, &req, sizeof (req));
- GNUNET_SCHEDULER_add_continuation (br->sched,
- br->cont,
- br->cont_cls,
- GNUNET_SCHEDULER_REASON_PREREQ_DONE);
- GNUNET_free (br);
- return sizeof (req);
-}
+static void
+reconnect (struct GNUNET_TRANSPORT_Blacklist *br);
/**
- * Blacklist a peer for a given period of time. All connections
- * (inbound and outbound) to a peer that is blacklisted will be
- * dropped (as soon as we learn who the connection is for). A second
- * call to this function for the same peer overrides previous
- * blacklisting requests.
+ * Send our reply to a blacklisting request.
*
- * @param sched scheduler to use
- * @param cfg configuration to use
- * @param peer identity of peer to blacklist
- * @param duration how long to blacklist, use GNUNET_TIME_UNIT_ZERO to
- * re-enable connections
- * @param timeout when should this operation (trying to establish the
- * blacklisting time out)
- * @param cont continuation to call once the request has been processed
- * @param cont_cls closure for cont
- * @return NULL on error, otherwise handle for cancellation
+ * @param br our overall context
*/
-struct GNUNET_TRANSPORT_BlacklistRequest *
-GNUNET_TRANSPORT_blacklist (struct GNUNET_SCHEDULER_Handle *sched,
- const struct GNUNET_CONFIGURATION_Handle *cfg,
- const struct GNUNET_PeerIdentity *peer,
- struct GNUNET_TIME_Relative duration,
- struct GNUNET_TIME_Relative timeout,
- GNUNET_SCHEDULER_Task cont,
- void *cont_cls)
-{
- struct GNUNET_CLIENT_Connection * client;
- struct GNUNET_TRANSPORT_BlacklistRequest *ret;
-
- client = GNUNET_CLIENT_connect (sched, "transport", cfg);
- if (NULL == client)
- return NULL;
- ret = GNUNET_malloc (sizeof (struct GNUNET_TRANSPORT_BlacklistRequest));
- ret->client = client;
- ret->peer = *peer;
- ret->duration = GNUNET_TIME_relative_to_absolute (duration);
- ret->sched = sched;
- ret->cont = cont;
- ret->cont_cls = cont_cls;
- ret->th = GNUNET_CLIENT_notify_transmit_ready (client,
- sizeof (struct BlacklistMessage),
- timeout,
- GNUNET_YES,
- &transmit_blacklist_request,
- ret);
- GNUNET_assert (NULL != ret->th);
- return ret;
-}
+static void
+reply (struct GNUNET_TRANSPORT_Blacklist *br);
/**
- * Abort transmitting the blacklist request. Note that this function
- * is NOT for removing a peer from the blacklist (for that, call
- * GNUNET_TRANSPORT_blacklist with a duration of zero). This function
- * is only for aborting the transmission of a blacklist request
- * (i.e. because of shutdown).
+ * Handle blacklist queries.
*
- * @param br handle of the request that is to be cancelled
+ * @param cls our overall handle
+ * @param msg query
*/
-void
-GNUNET_TRANSPORT_blacklist_cancel (struct GNUNET_TRANSPORT_BlacklistRequest * br)
-{
- GNUNET_CLIENT_notify_transmit_ready_cancel (br->th);
- GNUNET_free (br);
-}
-
-
-/**
- * Handle for blacklist notifications.
- */
-struct GNUNET_TRANSPORT_BlacklistNotification
+static void
+query_handler (void *cls,
+ const struct GNUNET_MessageHeader *msg)
{
-
- /**
- * Function to call whenever there is a change.
- */
- GNUNET_TRANSPORT_BlacklistCallback notify;
-
- /**
- * Closure for notify.
- */
- void *notify_cls;
-
- /**
- * Scheduler to use.
- */
- struct GNUNET_SCHEDULER_Handle *sched;
-
- /**
- * Configuration to use.
- */
- const struct GNUNET_CONFIGURATION_Handle *cfg;
+ struct GNUNET_TRANSPORT_Blacklist *br = cls;
+ const struct BlacklistMessage *bm;
- /**
- * Connection to transport service.
- */
- struct GNUNET_CLIENT_Connection * client;
-
- /**
- * Pending handle for the notification request.
- */
- struct GNUNET_CLIENT_TransmitHandle *th;
-};
+ if ( (ntohs(msg->size) != sizeof (struct BlacklistMessage)) ||
+ (ntohs(msg->type) != GNUNET_MESSAGE_TYPE_TRANSPORT_BLACKLIST_QUERY) )
+ {
+ reconnect (br);
+ return;
+ }
+ bm = (const struct BlacklistMessage *)msg;
+ GNUNET_break (0 == ntohl (bm->is_allowed));
+ br->peer = bm->peer;
+ reply (br);
+}
/**
- * Send a request to receive blacklisting notifications
+ * Receive blacklist queries from transport service.
*
- * @param bn context to initialize
+ * @param br overall handle
*/
static void
-request_notifications (struct GNUNET_TRANSPORT_BlacklistNotification *bn);
+receive (struct GNUNET_TRANSPORT_Blacklist *br)
+{
+ GNUNET_CLIENT_receive (br->client,
+ &query_handler,
+ br,
+ GNUNET_TIME_UNIT_FOREVER_REL);
+}
/**
- * Destroy the existing connection to the transport service and
- * setup a new one (the existing one had serious problems).
- *
- * @param bn context to re-initialize
+ * Transmit the blacklist initialization request to the service.
+ *
+ * @param cls closure (struct GNUNET_TRANSPORT_Blacklist*)
+ * @param size number of bytes available in buf
+ * @param buf where the callee should write the message
+ * @return number of bytes written to buf
*/
-static void
-retry_get_notifications (struct GNUNET_TRANSPORT_BlacklistNotification *bn)
+static size_t
+transmit_blacklist_init (void *cls,
+ size_t size, void *buf)
{
- GNUNET_CLIENT_disconnect (bn->client, GNUNET_NO);
- bn->client = GNUNET_CLIENT_connect (bn->sched, "transport", bn->cfg);
- request_notifications (bn);
+ struct GNUNET_TRANSPORT_Blacklist *br = cls;
+ struct GNUNET_MessageHeader req;
+
+ if (buf == NULL)
+ {
+ reconnect (br);
+ return 0;
+ }
+ req.size = htons (sizeof (struct GNUNET_MessageHeader));
+ req.type = htons (GNUNET_MESSAGE_TYPE_TRANSPORT_BLACKLIST_INIT);
+ memcpy (buf, &req, sizeof (req));
+ receive (br);
+ return sizeof (req);
}
/**
- * Function called whenever we get a blacklisting notification.
- * Pass it on to the callback and wait for more.
+ * Establish blacklist connection to transport service.
*
- * @param cls our 'struct GNUNET_TRANSPORT_BlacklistNotification *'
- * @param msg the blacklisting notification, NULL on error
+ * @param br overall handle
*/
static void
-recv_blacklist_info (void *cls,
- const struct GNUNET_MessageHeader *msg)
+reconnect (struct GNUNET_TRANSPORT_Blacklist *br)
{
- struct GNUNET_TRANSPORT_BlacklistNotification *bn = cls;
- const struct BlacklistMessage *req;
-
- if ( (msg == NULL) ||
- (sizeof(struct BlacklistMessage) != ntohs(msg->size)) ||
- (GNUNET_MESSAGE_TYPE_TRANSPORT_BLACKLIST != ntohs(msg->type)) )
- {
- retry_get_notifications (bn);
- return;
- }
- req = (const struct BlacklistMessage*) msg;
- bn->notify (bn->notify_cls,
- &req->peer,
- GNUNET_TIME_absolute_ntoh (req->until));
- GNUNET_CLIENT_receive (bn->client,
- &recv_blacklist_info,
- bn,
- GNUNET_TIME_UNIT_FOREVER_REL);
+ if (br->client != NULL)
+ GNUNET_CLIENT_disconnect (br->client, GNUNET_NO);
+ br->client = GNUNET_CLIENT_connect (br->sched,
+ "transport",
+ br->cfg);
+ br->th = GNUNET_CLIENT_notify_transmit_ready (br->client,
+ sizeof (struct GNUNET_MessageHeader),
+ GNUNET_TIME_UNIT_FOREVER_REL,
+ GNUNET_YES,
+ &transmit_blacklist_init,
+ br);
}
/**
- * Function called to notify a client about the socket
- * begin ready to queue more data. "buf" will be
- * NULL and "size" zero if the socket was closed for
- * writing in the meantime.
+ * Transmit the blacklist response to the service.
*
- * @param cls closure
+ * @param cls closure (struct GNUNET_TRANSPORT_Blacklist*)
* @param size number of bytes available in buf
* @param buf where the callee should write the message
* @return number of bytes written to buf
*/
-static size_t
-transmit_notify_request (void *cls,
- size_t size, void *buf)
+static size_t
+transmit_blacklist_reply (void *cls,
+ size_t size, void *buf)
{
- struct GNUNET_TRANSPORT_BlacklistNotification *bn = cls;
- struct GNUNET_MessageHeader hdr;
+ struct GNUNET_TRANSPORT_Blacklist *br = cls;
+ struct BlacklistMessage req;
- bn->th = NULL;
if (buf == NULL)
{
- retry_get_notifications (bn);
+ reconnect (br);
return 0;
}
- GNUNET_assert (size >= sizeof(hdr));
- hdr.size = htons (sizeof (hdr));
- hdr.type = htons (GNUNET_MESSAGE_TYPE_TRANSPORT_BLACKLIST_NOTIFY);
- memcpy (buf, &hdr, sizeof(hdr));
- return sizeof(hdr);
+ req.header.size = htons (sizeof (req));
+ req.header.type = htons (GNUNET_MESSAGE_TYPE_TRANSPORT_BLACKLIST_REPLY);
+ req.is_allowed = htonl (br->cb (br->cb_cls, &br->peer));
+ req.peer = br->peer;
+ memcpy (buf, &req, sizeof (req));
+ receive (br);
+ return sizeof (req);
}
/**
- * Send a request to receive blacklisting notifications
+ * Send our reply to a blacklisting request.
*
- * @param bn context to initialize
+ * @param br our overall context
*/
static void
-request_notifications (struct GNUNET_TRANSPORT_BlacklistNotification *bn)
+reply (struct GNUNET_TRANSPORT_Blacklist *br)
{
- GNUNET_assert (bn->client != NULL);
- bn->th = GNUNET_CLIENT_notify_transmit_ready (bn->client,
- sizeof (struct GNUNET_MessageHeader),
+ br->th = GNUNET_CLIENT_notify_transmit_ready (br->client,
+ sizeof (struct BlacklistMessage),
GNUNET_TIME_UNIT_FOREVER_REL,
- GNUNET_YES,
- &transmit_notify_request,
- bn);
- GNUNET_assert (bn->th != NULL);
- GNUNET_CLIENT_receive (bn->client,
- &recv_blacklist_info,
- bn,
- GNUNET_TIME_UNIT_FOREVER_REL);
+ GNUNET_NO,
+ &transmit_blacklist_reply,
+ br);
+ if (br->th == NULL)
+ {
+ reconnect (br);
+ return;
+ }
}
/**
- * Call a function whenever a peer's blacklisting status changes.
+ * Install a blacklist callback. The service will be queried for all
+ * existing connections as well as any fresh connections to check if
+ * they are permitted. If the blacklisting callback is unregistered,
+ * all hosts that were denied in the past will automatically be
+ * whitelisted again. Cancelling the blacklist handle is also the
+ * only way to re-enable connections from peers that were previously
+ * blacklisted.
*
* @param sched scheduler to use
* @param cfg configuration to use
- * @param bc function to call on status changes
- * @param bc_cls closure for bc
+ * @param cb callback to invoke to check if connections are allowed
+ * @param cb_cls closure for cb
* @return NULL on error, otherwise handle for cancellation
*/
-struct GNUNET_TRANSPORT_BlacklistNotification *
-GNUNET_TRANSPORT_blacklist_notify (struct GNUNET_SCHEDULER_Handle *sched,
- const struct GNUNET_CONFIGURATION_Handle *cfg,
- GNUNET_TRANSPORT_BlacklistCallback bc,
- void *bc_cls)
+struct GNUNET_TRANSPORT_Blacklist *
+GNUNET_TRANSPORT_blacklist (struct GNUNET_SCHEDULER_Handle *sched,
+ const struct GNUNET_CONFIGURATION_Handle *cfg,
+ GNUNET_TRANSPORT_BlacklistCallback cb,
+ void *cb_cls)
{
- struct GNUNET_TRANSPORT_BlacklistNotification *ret;
struct GNUNET_CLIENT_Connection * client;
+ struct GNUNET_TRANSPORT_Blacklist *ret;
client = GNUNET_CLIENT_connect (sched, "transport", cfg);
if (NULL == client)
return NULL;
- ret = GNUNET_malloc (sizeof (struct GNUNET_TRANSPORT_BlacklistNotification));
+ ret = GNUNET_malloc (sizeof (struct GNUNET_TRANSPORT_Blacklist));
ret->client = client;
ret->sched = sched;
ret->cfg = cfg;
- ret->notify = bc;
- ret->notify_cls = bc_cls;
- request_notifications (ret);
+ ret->th = GNUNET_CLIENT_notify_transmit_ready (client,
+ sizeof (struct GNUNET_MessageHeader),
+ GNUNET_TIME_UNIT_FOREVER_REL,
+ GNUNET_YES,
+ &transmit_blacklist_init,
+ ret);
return ret;
}
/**
- * Stop calling the notification callback associated with
- * the given blacklist notification.
+ * Abort the blacklist. Note that this function is the only way for
+ * removing a peer from the blacklist.
*
- * @param bn handle of the request that is to be cancelled
+ * @param br handle of the request that is to be cancelled
*/
void
-GNUNET_TRANSPORT_blacklist_notify_cancel (struct GNUNET_TRANSPORT_BlacklistNotification * bn)
+GNUNET_TRANSPORT_blacklist_cancel (struct GNUNET_TRANSPORT_Blacklist *br)
{
- if (bn->th != NULL)
- GNUNET_CLIENT_notify_transmit_ready_cancel (bn->th);
- GNUNET_CLIENT_disconnect (bn->client, GNUNET_NO);
- GNUNET_free (bn);
+ if (br->th != NULL)
+ GNUNET_CLIENT_notify_transmit_ready_cancel (br->th);
+ GNUNET_CLIENT_disconnect (br->client, GNUNET_NO);
+ GNUNET_free (br);
}
+
/* end of transport_api_blacklist.c */