aboutsummaryrefslogtreecommitdiff
path: root/src/transport
diff options
context:
space:
mode:
authorMatthias Wachs <wachs@net.in.tum.de>2013-03-27 16:31:31 +0000
committerMatthias Wachs <wachs@net.in.tum.de>2013-03-27 16:31:31 +0000
commit0ba623e7e8dc6cfccd0954ba0a0c541ae9686d1c (patch)
tree3bd00dfd17a2dcc00ae7f5f5091eb65ea66502ae /src/transport
parente45277905e6c82b3f86b6f36e6fa0edeb6cf6ea6 (diff)
downloadgnunet-0ba623e7e8dc6cfccd0954ba0a0c541ae9686d1c.tar.gz
gnunet-0ba623e7e8dc6cfccd0954ba0a0c541ae9686d1c.zip
transport cfg based blacklisting
Diffstat (limited to 'src/transport')
-rw-r--r--src/transport/Makefile.am18
-rw-r--r--src/transport/gnunet-service-transport.c2
-rw-r--r--src/transport/gnunet-service-transport_blacklist.c87
-rw-r--r--src/transport/gnunet-service-transport_blacklist.h6
-rw-r--r--src/transport/test_transport_blacklisting_cfg_blp_peer1.conf37
-rw-r--r--src/transport/test_transport_blacklisting_cfg_blp_peer2.conf36
-rw-r--r--src/transport/test_transport_blacklisting_cfg_peer1.conf30
-rw-r--r--src/transport/test_transport_blacklisting_cfg_peer2.conf29
8 files changed, 238 insertions, 7 deletions
diff --git a/src/transport/Makefile.am b/src/transport/Makefile.am
index 5f65dff60..faa9d437d 100644
--- a/src/transport/Makefile.am
+++ b/src/transport/Makefile.am
@@ -323,6 +323,7 @@ check_PROGRAMS = \
323 $(HTTP_SERVER_PLUGIN_TEST) \ 323 $(HTTP_SERVER_PLUGIN_TEST) \
324 $(HTTPS_SERVER_PLUGIN_TEST) \ 324 $(HTTPS_SERVER_PLUGIN_TEST) \
325 test_transport_api_blacklisting \ 325 test_transport_api_blacklisting \
326 test_transport_blacklisting_cfg \
326 test_transport_api_disconnect_tcp \ 327 test_transport_api_disconnect_tcp \
327 test_transport_api_bidirectional_connect \ 328 test_transport_api_bidirectional_connect \
328 test_transport_api_tcp \ 329 test_transport_api_tcp \
@@ -373,6 +374,7 @@ TESTS = \
373 $(UNIX_TEST) \ 374 $(UNIX_TEST) \
374 $(WLAN_PLUGIN_TEST) \ 375 $(WLAN_PLUGIN_TEST) \
375 test_transport_api_blacklisting \ 376 test_transport_api_blacklisting \
377 test_transport_blacklisting_cfg \
376 test_transport_api_disconnect_tcp \ 378 test_transport_api_disconnect_tcp \
377 test_transport_api_bidirectional_connect \ 379 test_transport_api_bidirectional_connect \
378 test_transport_api_tcp \ 380 test_transport_api_tcp \
@@ -443,6 +445,16 @@ test_transport_api_blacklisting_LDADD = \
443 $(top_builddir)/src/statistics/libgnunetstatistics.la \ 445 $(top_builddir)/src/statistics/libgnunetstatistics.la \
444 $(top_builddir)/src/util/libgnunetutil.la \ 446 $(top_builddir)/src/util/libgnunetutil.la \
445 $(top_builddir)/src/transport/libgnunettransporttesting.la 447 $(top_builddir)/src/transport/libgnunettransporttesting.la
448
449test_transport_blacklisting_cfg_SOURCES = \
450 test_transport_blacklisting_cfg.c
451test_transport_blacklisting_cfg_LDADD = \
452 $(top_builddir)/src/transport/libgnunettransport.la \
453 $(top_builddir)/src/hello/libgnunethello.la \
454 $(top_builddir)/src/statistics/libgnunetstatistics.la \
455 $(top_builddir)/src/util/libgnunetutil.la \
456 $(top_builddir)/src/transport/libgnunettransporttesting.la
457
446 458
447test_transport_api_disconnect_tcp_SOURCES = \ 459test_transport_api_disconnect_tcp_SOURCES = \
448 test_transport_api_disconnect.c 460 test_transport_api_disconnect.c
@@ -970,5 +982,9 @@ test_transport_api_timeout_https_peer1.conf\
970test_transport_api_timeout_https_peer2.conf\ 982test_transport_api_timeout_https_peer2.conf\
971test_transport_api_unreliability_constant_udp_peer1.conf\ 983test_transport_api_unreliability_constant_udp_peer1.conf\
972test_transport_api_unreliability_constant_udp_peer2.conf\ 984test_transport_api_unreliability_constant_udp_peer2.conf\
985test_transport_blacklisting_cfg_peer1.conf \
986test_transport_blacklisting_cfg_peer2.conf
987test_transport_blacklisting_cfg_blp_peer1.conf \
988test_transport_blacklisting_cfg_blp_peer2.conf\
973test_transport_api_http_reverse_peer1.conf \ 989test_transport_api_http_reverse_peer1.conf \
974test_transport_api_http_reverse_peer2.conf 990test_transport_api_http_reverse_peer2.conf
diff --git a/src/transport/gnunet-service-transport.c b/src/transport/gnunet-service-transport.c
index 58272a632..c8d688407 100644
--- a/src/transport/gnunet-service-transport.c
+++ b/src/transport/gnunet-service-transport.c
@@ -689,7 +689,7 @@ key_generation_cb (void *cls,
689 /* start subsystems */ 689 /* start subsystems */
690 GST_hello_start (&process_hello_update, NULL); 690 GST_hello_start (&process_hello_update, NULL);
691 GNUNET_assert (NULL != GST_hello_get()); 691 GNUNET_assert (NULL != GST_hello_get());
692 GST_blacklist_start (GST_server); 692 GST_blacklist_start (GST_server, GST_cfg, &GST_my_identity);
693 GST_ats = 693 GST_ats =
694 GNUNET_ATS_scheduling_init (GST_cfg, &ats_request_address_change, NULL); 694 GNUNET_ATS_scheduling_init (GST_cfg, &ats_request_address_change, NULL);
695 GST_manipulation_init (GST_cfg, &plugin_env_update_metrics); 695 GST_manipulation_init (GST_cfg, &plugin_env_update_metrics);
diff --git a/src/transport/gnunet-service-transport_blacklist.c b/src/transport/gnunet-service-transport_blacklist.c
index 9193922a9..361bf9c4e 100644
--- a/src/transport/gnunet-service-transport_blacklist.c
+++ b/src/transport/gnunet-service-transport_blacklist.c
@@ -371,16 +371,87 @@ read_blacklist_file ()
371 GNUNET_free (fn); 371 GNUNET_free (fn);
372} 372}
373 373
374/**
375 * Function to iterate over options in the blacklisting section for a peer.
376 *
377 * @param cls closure
378 * @param section name of the section
379 * @param option name of the option
380 * @param value value of the option
381 */
382void blacklist_cfg_iter (void *cls, const char *section,
383 const char *option,
384 const char *value)
385{
386 struct GNUNET_PeerIdentity peer;
387 char *plugs;
388 char *pos;
389 int *res = cls;
390
391 if (GNUNET_OK != GNUNET_CRYPTO_hash_from_string2(option,
392 strlen (option), &peer.hashPubKey))
393 return;
394
395 if ((NULL == value) || (0 == strcmp(value, "")))
396 {
397 /* Blacklist whole peer */
398 GST_blacklist_add_peer (&peer, NULL);
399 GNUNET_log (GNUNET_ERROR_TYPE_INFO,
400 _("Adding blacklisting entry for peer `%s'\n"), GNUNET_i2s (&peer));
401 }
402 else
403 {
404 plugs = GNUNET_strdup (value);
405 for (pos = strtok (plugs, " "); pos != NULL; pos = strtok (NULL, " "))
406 {
407 GNUNET_log (GNUNET_ERROR_TYPE_INFO,
408 _("Adding blacklisting entry for peer `%s':`%s'\n"),
409 GNUNET_i2s (&peer), pos);
410 GST_blacklist_add_peer (&peer, pos);
411 }
412 GNUNET_free (plugs);
413 }
414 (*res)++;
415
416}
417
418
419
420/**
421 * Read blacklist configuration
422 *
423 * @param cfg the configuration handle
424 * @param my_id my peer identity
425 */
426static void
427read_blacklist_configuration (const struct GNUNET_CONFIGURATION_Handle *cfg,
428 const struct GNUNET_PeerIdentity *my_id)
429{
430 char *cfg_sect;
431 int res = 0;
432 GNUNET_asprintf (&cfg_sect, "transport-blacklist-%s", GNUNET_i2s_full (my_id));
433 GNUNET_CONFIGURATION_iterate_section_values (cfg, cfg_sect, &blacklist_cfg_iter, &res);
434 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
435 "Loaded %u blacklisting entries from configuration\n", res);
436 GNUNET_free (cfg_sect);
437}
374 438
375/** 439/**
376 * Start blacklist subsystem. 440 * Start blacklist subsystem.
377 * 441 *
378 * @param server server used to accept clients from 442 * @param server server used to accept clients from
443 * @param cfg configuration handle
444 * @param my_id my peer id
379 */ 445 */
380void 446void
381GST_blacklist_start (struct GNUNET_SERVER_Handle *server) 447GST_blacklist_start (struct GNUNET_SERVER_Handle *server,
448 const struct GNUNET_CONFIGURATION_Handle *cfg,
449 const struct GNUNET_PeerIdentity *my_id)
382{ 450{
383 read_blacklist_file (); 451 GNUNET_assert (NULL != cfg);
452 GNUNET_assert (NULL != my_id);
453 //read_blacklist_file ();
454 read_blacklist_configuration (cfg, my_id);
384 GNUNET_SERVER_disconnect_notify (server, &client_disconnect_notification, 455 GNUNET_SERVER_disconnect_notify (server, &client_disconnect_notification,
385 NULL); 456 NULL);
386} 457}
@@ -399,7 +470,7 @@ free_blacklist_entry (void *cls, const struct GNUNET_HashCode * key, void *value
399{ 470{
400 char *be = value; 471 char *be = value;
401 472
402 GNUNET_free (be); 473 GNUNET_free_non_null (be);
403 return GNUNET_OK; 474 return GNUNET_OK;
404} 475}
405 476
@@ -679,6 +750,8 @@ void
679GST_blacklist_add_peer (const struct GNUNET_PeerIdentity *peer, 750GST_blacklist_add_peer (const struct GNUNET_PeerIdentity *peer,
680 const char *transport_name) 751 const char *transport_name)
681{ 752{
753 char * transport = NULL;
754
682 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 755 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
683 "Adding peer `%s' with plugin `%s' to blacklist\n", 756 "Adding peer `%s' with plugin `%s' to blacklist\n",
684 GNUNET_i2s (peer), transport_name); 757 GNUNET_i2s (peer), transport_name);
@@ -686,8 +759,11 @@ GST_blacklist_add_peer (const struct GNUNET_PeerIdentity *peer,
686 blacklist = 759 blacklist =
687 GNUNET_CONTAINER_multihashmap_create (TRANSPORT_BLACKLIST_HT_SIZE, 760 GNUNET_CONTAINER_multihashmap_create (TRANSPORT_BLACKLIST_HT_SIZE,
688 GNUNET_NO); 761 GNUNET_NO);
762 if (NULL != transport_name)
763 transport = GNUNET_strdup ("");
764
689 GNUNET_CONTAINER_multihashmap_put (blacklist, &peer->hashPubKey, 765 GNUNET_CONTAINER_multihashmap_put (blacklist, &peer->hashPubKey,
690 GNUNET_strdup (transport_name), 766 transport,
691 GNUNET_CONTAINER_MULTIHASHMAPOPTION_MULTIPLE); 767 GNUNET_CONTAINER_MULTIHASHMAPOPTION_MULTIPLE);
692} 768}
693 769
@@ -710,6 +786,9 @@ test_blacklisted (void *cls, const struct GNUNET_HashCode * key, void *value)
710 /* blacklist check for specific no specific transport*/ 786 /* blacklist check for specific no specific transport*/
711 if (transport_name == NULL) 787 if (transport_name == NULL)
712 return GNUNET_NO; 788 return GNUNET_NO;
789 /* all plugins for this peer were blacklisted */
790 if (NULL == value)
791 return GNUNET_NO;
713 792
714 /* blacklist check for specific transport */ 793 /* blacklist check for specific transport */
715 if (0 == strcmp (transport_name, be)) 794 if (0 == strcmp (transport_name, be))
diff --git a/src/transport/gnunet-service-transport_blacklist.h b/src/transport/gnunet-service-transport_blacklist.h
index b8335ab8c..a0ae5a959 100644
--- a/src/transport/gnunet-service-transport_blacklist.h
+++ b/src/transport/gnunet-service-transport_blacklist.h
@@ -33,9 +33,13 @@
33 * Start blacklist subsystem. 33 * Start blacklist subsystem.
34 * 34 *
35 * @param server server used to accept clients from 35 * @param server server used to accept clients from
36 * @param cfg configuration handle
37 * @param my_id my peer id
36 */ 38 */
37void 39void
38GST_blacklist_start (struct GNUNET_SERVER_Handle *server); 40GST_blacklist_start (struct GNUNET_SERVER_Handle *server,
41 const struct GNUNET_CONFIGURATION_Handle *cfg,
42 const struct GNUNET_PeerIdentity *my_id);
39 43
40 44
41/** 45/**
diff --git a/src/transport/test_transport_blacklisting_cfg_blp_peer1.conf b/src/transport/test_transport_blacklisting_cfg_blp_peer1.conf
new file mode 100644
index 000000000..d244265aa
--- /dev/null
+++ b/src/transport/test_transport_blacklisting_cfg_blp_peer1.conf
@@ -0,0 +1,37 @@
1@INLINE@ template_cfg_peer1.conf
2[PATHS]
3SERVICEHOME = /tmp/test-transport/api-tcp-p1/
4
5[transport-tcp]
6PORT = 12000
7TIMEOUT = 5 s
8
9[arm]
10PORT = 12005
11DEFAULTSERVICES = transport
12UNIXPATH = /tmp/gnunet-p1-service-arm.sock
13
14[statistics]
15PORT = 12004
16UNIXPATH = /tmp/gnunet-p1-service-statistics.sock
17
18[resolver]
19PORT = 12003
20UNIXPATH = /tmp/gnunet-p1-service-resolver.sock
21
22[peerinfo]
23PORT = 12002
24UNIXPATH = /tmp/gnunet-p1-service-peerinfo.sock
25
26[transport]
27#PREFIX = valgrind --leak-check=full
28PORT = 12001
29UNIXPATH = /tmp/gnunet-p1-service-transport.sock
30PLUGINS = tcp
31
32[transport-blacklist-AG2PHES1BARB9IJCPAMJTFPVJ5V3A72S3F2A8SBUB8DAQ2V0O3V8G6G2JU56FHGFOHMQVKBSQFV98TCGTC3RJ1NINP82G0RC00N1520]
33P565723JO1C2HSN6J29TAQ22MN6CI8HTMUU55T0FUQG4CMDGGEQ8UCNBKUMB94GC8R9G4FB2SF9LDOBAJ6AMINBP4JHHDD6L7VD801G = tcp
34
35[transport-blacklist-P565723JO1C2HSN6J29TAQ22MN6CI8HTMUU55T0FUQG4CMDGGEQ8UCNBKUMB94GC8R9G4FB2SF9LDOBAJ6AMINBP4JHHDD6L7VD801G]
36AG2PHES1BARB9IJCPAMJTFPVJ5V3A72S3F2A8SBUB8DAQ2V0O3V8G6G2JU56FHGFOHMQVKBSQFV98TCGTC3RJ1NINP82G0RC00N1520 = tcp
37 \ No newline at end of file
diff --git a/src/transport/test_transport_blacklisting_cfg_blp_peer2.conf b/src/transport/test_transport_blacklisting_cfg_blp_peer2.conf
new file mode 100644
index 000000000..542121f2b
--- /dev/null
+++ b/src/transport/test_transport_blacklisting_cfg_blp_peer2.conf
@@ -0,0 +1,36 @@
1@INLINE@ template_cfg_peer2.conf
2[PATHS]
3SERVICEHOME = /tmp/test-transport/api-tcp-p2/
4
5[transport-tcp]
6PORT = 12015
7TIMEOUT = 5 s
8
9[arm]
10PORT = 12014
11DEFAULTSERVICES = transport
12UNIXPATH = /tmp/gnunet-p2-service-arm.sock
13
14[statistics]
15PORT = 12013
16UNIXPATH = /tmp/gnunet-p2-service-statistics.sock
17
18[resolver]
19PORT = 12012
20UNIXPATH = /tmp/gnunet-p2-service-resolver.sock
21
22[peerinfo]
23PORT = 12011
24UNIXPATH = /tmp/gnunet-p2-service-peerinfo.sock
25
26[transport]
27#PREFIX = valgrind --leak-check=full
28PORT = 12010
29PLUGINS = tcp
30UNIXPATH = /tmp/gnunet-p2-service-transport.sock
31
32[transport-blacklist-AG2PHES1BARB9IJCPAMJTFPVJ5V3A72S3F2A8SBUB8DAQ2V0O3V8G6G2JU56FHGFOHMQVKBSQFV98TCGTC3RJ1NINP82G0RC00N1520]
33P565723JO1C2HSN6J29TAQ22MN6CI8HTMUU55T0FUQG4CMDGGEQ8UCNBKUMB94GC8R9G4FB2SF9LDOBAJ6AMINBP4JHHDD6L7VD801G =
34
35[transport-blacklist-P565723JO1C2HSN6J29TAQ22MN6CI8HTMUU55T0FUQG4CMDGGEQ8UCNBKUMB94GC8R9G4FB2SF9LDOBAJ6AMINBP4JHHDD6L7VD801G]
36AG2PHES1BARB9IJCPAMJTFPVJ5V3A72S3F2A8SBUB8DAQ2V0O3V8G6G2JU56FHGFOHMQVKBSQFV98TCGTC3RJ1NINP82G0RC00N1520 = \ No newline at end of file
diff --git a/src/transport/test_transport_blacklisting_cfg_peer1.conf b/src/transport/test_transport_blacklisting_cfg_peer1.conf
new file mode 100644
index 000000000..db662826b
--- /dev/null
+++ b/src/transport/test_transport_blacklisting_cfg_peer1.conf
@@ -0,0 +1,30 @@
1@INLINE@ template_cfg_peer1.conf
2[PATHS]
3SERVICEHOME = /tmp/test-transport/api-tcp-p1/
4
5[transport-tcp]
6PORT = 12000
7TIMEOUT = 5 s
8
9[arm]
10PORT = 12005
11DEFAULTSERVICES = transport
12UNIXPATH = /tmp/gnunet-p1-service-arm.sock
13
14[statistics]
15PORT = 12004
16UNIXPATH = /tmp/gnunet-p1-service-statistics.sock
17
18[resolver]
19PORT = 12003
20UNIXPATH = /tmp/gnunet-p1-service-resolver.sock
21
22[peerinfo]
23PORT = 12002
24UNIXPATH = /tmp/gnunet-p1-service-peerinfo.sock
25
26[transport]
27PORT = 12001
28UNIXPATH = /tmp/gnunet-p1-service-transport.sock
29PLUGINS = tcp
30
diff --git a/src/transport/test_transport_blacklisting_cfg_peer2.conf b/src/transport/test_transport_blacklisting_cfg_peer2.conf
new file mode 100644
index 000000000..181aab3de
--- /dev/null
+++ b/src/transport/test_transport_blacklisting_cfg_peer2.conf
@@ -0,0 +1,29 @@
1@INLINE@ template_cfg_peer2.conf
2[PATHS]
3SERVICEHOME = /tmp/test-transport/api-tcp-p2/
4
5[transport-tcp]
6PORT = 12015
7TIMEOUT = 5 s
8
9[arm]
10PORT = 12014
11DEFAULTSERVICES = transport
12UNIXPATH = /tmp/gnunet-p2-service-arm.sock
13
14[statistics]
15PORT = 12013
16UNIXPATH = /tmp/gnunet-p2-service-statistics.sock
17
18[resolver]
19PORT = 12012
20UNIXPATH = /tmp/gnunet-p2-service-resolver.sock
21
22[peerinfo]
23PORT = 12011
24UNIXPATH = /tmp/gnunet-p2-service-peerinfo.sock
25
26[transport]
27PORT = 12010
28PLUGINS = tcp
29UNIXPATH = /tmp/gnunet-p2-service-transport.sock