summaryrefslogtreecommitdiff
path: root/src/transport
diff options
context:
space:
mode:
authorMatthias Wachs <wachs@net.in.tum.de>2013-03-27 16:31:31 +0000
committerMatthias Wachs <wachs@net.in.tum.de>2013-03-27 16:31:31 +0000
commit0ba623e7e8dc6cfccd0954ba0a0c541ae9686d1c (patch)
tree3bd00dfd17a2dcc00ae7f5f5091eb65ea66502ae /src/transport
parente45277905e6c82b3f86b6f36e6fa0edeb6cf6ea6 (diff)
transport cfg based blacklisting
Diffstat (limited to 'src/transport')
-rw-r--r--src/transport/Makefile.am18
-rw-r--r--src/transport/gnunet-service-transport.c2
-rw-r--r--src/transport/gnunet-service-transport_blacklist.c87
-rw-r--r--src/transport/gnunet-service-transport_blacklist.h6
-rw-r--r--src/transport/test_transport_blacklisting_cfg_blp_peer1.conf37
-rw-r--r--src/transport/test_transport_blacklisting_cfg_blp_peer2.conf36
-rw-r--r--src/transport/test_transport_blacklisting_cfg_peer1.conf30
-rw-r--r--src/transport/test_transport_blacklisting_cfg_peer2.conf29
8 files changed, 238 insertions, 7 deletions
diff --git a/src/transport/Makefile.am b/src/transport/Makefile.am
index 5f65dff60..faa9d437d 100644
--- a/src/transport/Makefile.am
+++ b/src/transport/Makefile.am
@@ -323,6 +323,7 @@ check_PROGRAMS = \
$(HTTP_SERVER_PLUGIN_TEST) \
$(HTTPS_SERVER_PLUGIN_TEST) \
test_transport_api_blacklisting \
+ test_transport_blacklisting_cfg \
test_transport_api_disconnect_tcp \
test_transport_api_bidirectional_connect \
test_transport_api_tcp \
@@ -373,6 +374,7 @@ TESTS = \
$(UNIX_TEST) \
$(WLAN_PLUGIN_TEST) \
test_transport_api_blacklisting \
+ test_transport_blacklisting_cfg \
test_transport_api_disconnect_tcp \
test_transport_api_bidirectional_connect \
test_transport_api_tcp \
@@ -443,6 +445,16 @@ test_transport_api_blacklisting_LDADD = \
$(top_builddir)/src/statistics/libgnunetstatistics.la \
$(top_builddir)/src/util/libgnunetutil.la \
$(top_builddir)/src/transport/libgnunettransporttesting.la
+
+test_transport_blacklisting_cfg_SOURCES = \
+ test_transport_blacklisting_cfg.c
+test_transport_blacklisting_cfg_LDADD = \
+ $(top_builddir)/src/transport/libgnunettransport.la \
+ $(top_builddir)/src/hello/libgnunethello.la \
+ $(top_builddir)/src/statistics/libgnunetstatistics.la \
+ $(top_builddir)/src/util/libgnunetutil.la \
+ $(top_builddir)/src/transport/libgnunettransporttesting.la
+
test_transport_api_disconnect_tcp_SOURCES = \
test_transport_api_disconnect.c
@@ -970,5 +982,9 @@ test_transport_api_timeout_https_peer1.conf\
test_transport_api_timeout_https_peer2.conf\
test_transport_api_unreliability_constant_udp_peer1.conf\
test_transport_api_unreliability_constant_udp_peer2.conf\
+test_transport_blacklisting_cfg_peer1.conf \
+test_transport_blacklisting_cfg_peer2.conf
+test_transport_blacklisting_cfg_blp_peer1.conf \
+test_transport_blacklisting_cfg_blp_peer2.conf\
test_transport_api_http_reverse_peer1.conf \
-test_transport_api_http_reverse_peer2.conf
+test_transport_api_http_reverse_peer2.conf
diff --git a/src/transport/gnunet-service-transport.c b/src/transport/gnunet-service-transport.c
index 58272a632..c8d688407 100644
--- a/src/transport/gnunet-service-transport.c
+++ b/src/transport/gnunet-service-transport.c
@@ -689,7 +689,7 @@ key_generation_cb (void *cls,
/* start subsystems */
GST_hello_start (&process_hello_update, NULL);
GNUNET_assert (NULL != GST_hello_get());
- GST_blacklist_start (GST_server);
+ GST_blacklist_start (GST_server, GST_cfg, &GST_my_identity);
GST_ats =
GNUNET_ATS_scheduling_init (GST_cfg, &ats_request_address_change, NULL);
GST_manipulation_init (GST_cfg, &plugin_env_update_metrics);
diff --git a/src/transport/gnunet-service-transport_blacklist.c b/src/transport/gnunet-service-transport_blacklist.c
index 9193922a9..361bf9c4e 100644
--- a/src/transport/gnunet-service-transport_blacklist.c
+++ b/src/transport/gnunet-service-transport_blacklist.c
@@ -371,16 +371,87 @@ read_blacklist_file ()
GNUNET_free (fn);
}
+/**
+ * Function to iterate over options in the blacklisting section for a peer.
+ *
+ * @param cls closure
+ * @param section name of the section
+ * @param option name of the option
+ * @param value value of the option
+ */
+void blacklist_cfg_iter (void *cls, const char *section,
+ const char *option,
+ const char *value)
+{
+ struct GNUNET_PeerIdentity peer;
+ char *plugs;
+ char *pos;
+ int *res = cls;
+
+ if (GNUNET_OK != GNUNET_CRYPTO_hash_from_string2(option,
+ strlen (option), &peer.hashPubKey))
+ return;
+
+ if ((NULL == value) || (0 == strcmp(value, "")))
+ {
+ /* Blacklist whole peer */
+ GST_blacklist_add_peer (&peer, NULL);
+ GNUNET_log (GNUNET_ERROR_TYPE_INFO,
+ _("Adding blacklisting entry for peer `%s'\n"), GNUNET_i2s (&peer));
+ }
+ else
+ {
+ plugs = GNUNET_strdup (value);
+ for (pos = strtok (plugs, " "); pos != NULL; pos = strtok (NULL, " "))
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_INFO,
+ _("Adding blacklisting entry for peer `%s':`%s'\n"),
+ GNUNET_i2s (&peer), pos);
+ GST_blacklist_add_peer (&peer, pos);
+ }
+ GNUNET_free (plugs);
+ }
+ (*res)++;
+
+}
+
+
+
+/**
+ * Read blacklist configuration
+ *
+ * @param cfg the configuration handle
+ * @param my_id my peer identity
+ */
+static void
+read_blacklist_configuration (const struct GNUNET_CONFIGURATION_Handle *cfg,
+ const struct GNUNET_PeerIdentity *my_id)
+{
+ char *cfg_sect;
+ int res = 0;
+ GNUNET_asprintf (&cfg_sect, "transport-blacklist-%s", GNUNET_i2s_full (my_id));
+ GNUNET_CONFIGURATION_iterate_section_values (cfg, cfg_sect, &blacklist_cfg_iter, &res);
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "Loaded %u blacklisting entries from configuration\n", res);
+ GNUNET_free (cfg_sect);
+}
/**
* Start blacklist subsystem.
*
* @param server server used to accept clients from
+ * @param cfg configuration handle
+ * @param my_id my peer id
*/
void
-GST_blacklist_start (struct GNUNET_SERVER_Handle *server)
+GST_blacklist_start (struct GNUNET_SERVER_Handle *server,
+ const struct GNUNET_CONFIGURATION_Handle *cfg,
+ const struct GNUNET_PeerIdentity *my_id)
{
- read_blacklist_file ();
+ GNUNET_assert (NULL != cfg);
+ GNUNET_assert (NULL != my_id);
+ //read_blacklist_file ();
+ read_blacklist_configuration (cfg, my_id);
GNUNET_SERVER_disconnect_notify (server, &client_disconnect_notification,
NULL);
}
@@ -399,7 +470,7 @@ free_blacklist_entry (void *cls, const struct GNUNET_HashCode * key, void *value
{
char *be = value;
- GNUNET_free (be);
+ GNUNET_free_non_null (be);
return GNUNET_OK;
}
@@ -679,6 +750,8 @@ void
GST_blacklist_add_peer (const struct GNUNET_PeerIdentity *peer,
const char *transport_name)
{
+ char * transport = NULL;
+
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Adding peer `%s' with plugin `%s' to blacklist\n",
GNUNET_i2s (peer), transport_name);
@@ -686,8 +759,11 @@ GST_blacklist_add_peer (const struct GNUNET_PeerIdentity *peer,
blacklist =
GNUNET_CONTAINER_multihashmap_create (TRANSPORT_BLACKLIST_HT_SIZE,
GNUNET_NO);
+ if (NULL != transport_name)
+ transport = GNUNET_strdup ("");
+
GNUNET_CONTAINER_multihashmap_put (blacklist, &peer->hashPubKey,
- GNUNET_strdup (transport_name),
+ transport,
GNUNET_CONTAINER_MULTIHASHMAPOPTION_MULTIPLE);
}
@@ -710,6 +786,9 @@ test_blacklisted (void *cls, const struct GNUNET_HashCode * key, void *value)
/* blacklist check for specific no specific transport*/
if (transport_name == NULL)
return GNUNET_NO;
+ /* all plugins for this peer were blacklisted */
+ if (NULL == value)
+ return GNUNET_NO;
/* blacklist check for specific transport */
if (0 == strcmp (transport_name, be))
diff --git a/src/transport/gnunet-service-transport_blacklist.h b/src/transport/gnunet-service-transport_blacklist.h
index b8335ab8c..a0ae5a959 100644
--- a/src/transport/gnunet-service-transport_blacklist.h
+++ b/src/transport/gnunet-service-transport_blacklist.h
@@ -33,9 +33,13 @@
* Start blacklist subsystem.
*
* @param server server used to accept clients from
+ * @param cfg configuration handle
+ * @param my_id my peer id
*/
void
-GST_blacklist_start (struct GNUNET_SERVER_Handle *server);
+GST_blacklist_start (struct GNUNET_SERVER_Handle *server,
+ const struct GNUNET_CONFIGURATION_Handle *cfg,
+ const struct GNUNET_PeerIdentity *my_id);
/**
diff --git a/src/transport/test_transport_blacklisting_cfg_blp_peer1.conf b/src/transport/test_transport_blacklisting_cfg_blp_peer1.conf
new file mode 100644
index 000000000..d244265aa
--- /dev/null
+++ b/src/transport/test_transport_blacklisting_cfg_blp_peer1.conf
@@ -0,0 +1,37 @@
+@INLINE@ template_cfg_peer1.conf
+[PATHS]
+SERVICEHOME = /tmp/test-transport/api-tcp-p1/
+
+[transport-tcp]
+PORT = 12000
+TIMEOUT = 5 s
+
+[arm]
+PORT = 12005
+DEFAULTSERVICES = transport
+UNIXPATH = /tmp/gnunet-p1-service-arm.sock
+
+[statistics]
+PORT = 12004
+UNIXPATH = /tmp/gnunet-p1-service-statistics.sock
+
+[resolver]
+PORT = 12003
+UNIXPATH = /tmp/gnunet-p1-service-resolver.sock
+
+[peerinfo]
+PORT = 12002
+UNIXPATH = /tmp/gnunet-p1-service-peerinfo.sock
+
+[transport]
+#PREFIX = valgrind --leak-check=full
+PORT = 12001
+UNIXPATH = /tmp/gnunet-p1-service-transport.sock
+PLUGINS = tcp
+
+[transport-blacklist-AG2PHES1BARB9IJCPAMJTFPVJ5V3A72S3F2A8SBUB8DAQ2V0O3V8G6G2JU56FHGFOHMQVKBSQFV98TCGTC3RJ1NINP82G0RC00N1520]
+P565723JO1C2HSN6J29TAQ22MN6CI8HTMUU55T0FUQG4CMDGGEQ8UCNBKUMB94GC8R9G4FB2SF9LDOBAJ6AMINBP4JHHDD6L7VD801G = tcp
+
+[transport-blacklist-P565723JO1C2HSN6J29TAQ22MN6CI8HTMUU55T0FUQG4CMDGGEQ8UCNBKUMB94GC8R9G4FB2SF9LDOBAJ6AMINBP4JHHDD6L7VD801G]
+AG2PHES1BARB9IJCPAMJTFPVJ5V3A72S3F2A8SBUB8DAQ2V0O3V8G6G2JU56FHGFOHMQVKBSQFV98TCGTC3RJ1NINP82G0RC00N1520 = tcp
+ \ No newline at end of file
diff --git a/src/transport/test_transport_blacklisting_cfg_blp_peer2.conf b/src/transport/test_transport_blacklisting_cfg_blp_peer2.conf
new file mode 100644
index 000000000..542121f2b
--- /dev/null
+++ b/src/transport/test_transport_blacklisting_cfg_blp_peer2.conf
@@ -0,0 +1,36 @@
+@INLINE@ template_cfg_peer2.conf
+[PATHS]
+SERVICEHOME = /tmp/test-transport/api-tcp-p2/
+
+[transport-tcp]
+PORT = 12015
+TIMEOUT = 5 s
+
+[arm]
+PORT = 12014
+DEFAULTSERVICES = transport
+UNIXPATH = /tmp/gnunet-p2-service-arm.sock
+
+[statistics]
+PORT = 12013
+UNIXPATH = /tmp/gnunet-p2-service-statistics.sock
+
+[resolver]
+PORT = 12012
+UNIXPATH = /tmp/gnunet-p2-service-resolver.sock
+
+[peerinfo]
+PORT = 12011
+UNIXPATH = /tmp/gnunet-p2-service-peerinfo.sock
+
+[transport]
+#PREFIX = valgrind --leak-check=full
+PORT = 12010
+PLUGINS = tcp
+UNIXPATH = /tmp/gnunet-p2-service-transport.sock
+
+[transport-blacklist-AG2PHES1BARB9IJCPAMJTFPVJ5V3A72S3F2A8SBUB8DAQ2V0O3V8G6G2JU56FHGFOHMQVKBSQFV98TCGTC3RJ1NINP82G0RC00N1520]
+P565723JO1C2HSN6J29TAQ22MN6CI8HTMUU55T0FUQG4CMDGGEQ8UCNBKUMB94GC8R9G4FB2SF9LDOBAJ6AMINBP4JHHDD6L7VD801G =
+
+[transport-blacklist-P565723JO1C2HSN6J29TAQ22MN6CI8HTMUU55T0FUQG4CMDGGEQ8UCNBKUMB94GC8R9G4FB2SF9LDOBAJ6AMINBP4JHHDD6L7VD801G]
+AG2PHES1BARB9IJCPAMJTFPVJ5V3A72S3F2A8SBUB8DAQ2V0O3V8G6G2JU56FHGFOHMQVKBSQFV98TCGTC3RJ1NINP82G0RC00N1520 = \ No newline at end of file
diff --git a/src/transport/test_transport_blacklisting_cfg_peer1.conf b/src/transport/test_transport_blacklisting_cfg_peer1.conf
new file mode 100644
index 000000000..db662826b
--- /dev/null
+++ b/src/transport/test_transport_blacklisting_cfg_peer1.conf
@@ -0,0 +1,30 @@
+@INLINE@ template_cfg_peer1.conf
+[PATHS]
+SERVICEHOME = /tmp/test-transport/api-tcp-p1/
+
+[transport-tcp]
+PORT = 12000
+TIMEOUT = 5 s
+
+[arm]
+PORT = 12005
+DEFAULTSERVICES = transport
+UNIXPATH = /tmp/gnunet-p1-service-arm.sock
+
+[statistics]
+PORT = 12004
+UNIXPATH = /tmp/gnunet-p1-service-statistics.sock
+
+[resolver]
+PORT = 12003
+UNIXPATH = /tmp/gnunet-p1-service-resolver.sock
+
+[peerinfo]
+PORT = 12002
+UNIXPATH = /tmp/gnunet-p1-service-peerinfo.sock
+
+[transport]
+PORT = 12001
+UNIXPATH = /tmp/gnunet-p1-service-transport.sock
+PLUGINS = tcp
+
diff --git a/src/transport/test_transport_blacklisting_cfg_peer2.conf b/src/transport/test_transport_blacklisting_cfg_peer2.conf
new file mode 100644
index 000000000..181aab3de
--- /dev/null
+++ b/src/transport/test_transport_blacklisting_cfg_peer2.conf
@@ -0,0 +1,29 @@
+@INLINE@ template_cfg_peer2.conf
+[PATHS]
+SERVICEHOME = /tmp/test-transport/api-tcp-p2/
+
+[transport-tcp]
+PORT = 12015
+TIMEOUT = 5 s
+
+[arm]
+PORT = 12014
+DEFAULTSERVICES = transport
+UNIXPATH = /tmp/gnunet-p2-service-arm.sock
+
+[statistics]
+PORT = 12013
+UNIXPATH = /tmp/gnunet-p2-service-statistics.sock
+
+[resolver]
+PORT = 12012
+UNIXPATH = /tmp/gnunet-p2-service-resolver.sock
+
+[peerinfo]
+PORT = 12011
+UNIXPATH = /tmp/gnunet-p2-service-peerinfo.sock
+
+[transport]
+PORT = 12010
+PLUGINS = tcp
+UNIXPATH = /tmp/gnunet-p2-service-transport.sock