aboutsummaryrefslogtreecommitdiff
path: root/src/vpn
diff options
context:
space:
mode:
authort3sserakt <t3ss@posteo.de>2019-07-21 20:18:24 +0200
committert3sserakt <t3ss@posteo.de>2019-07-21 20:18:24 +0200
commitf096bdce8eaeaabc42f2a015bf29c422b3d25719 (patch)
tree694c140bd741f7b1c24b5e55e8644002ae53cae4 /src/vpn
parentdfeef02bf7882cdfb952430cfbdb9793ecd780e2 (diff)
parent160edc4127f1698cca25d5708157ea3187421596 (diff)
downloadgnunet-f096bdce8eaeaabc42f2a015bf29c422b3d25719.tar.gz
gnunet-f096bdce8eaeaabc42f2a015bf29c422b3d25719.zip
Merge branch 'cadet-new-options'
Diffstat (limited to 'src/vpn')
-rw-r--r--src/vpn/gnunet-service-vpn.c2484
1 files changed, 1217 insertions, 1267 deletions
diff --git a/src/vpn/gnunet-service-vpn.c b/src/vpn/gnunet-service-vpn.c
index 260bafc60..e2d8a8e50 100644
--- a/src/vpn/gnunet-service-vpn.c
+++ b/src/vpn/gnunet-service-vpn.c
@@ -11,7 +11,7 @@
11 WITHOUT ANY WARRANTY; without even the implied warranty of 11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Affero General Public License for more details. 13 Affero General Public License for more details.
14 14
15 You should have received a copy of the GNU Affero General Public License 15 You should have received a copy of the GNU Affero General Public License
16 along with this program. If not, see <http://www.gnu.org/licenses/>. 16 along with this program. If not, see <http://www.gnu.org/licenses/>.
17 17
@@ -87,7 +87,6 @@ struct DestinationChannel
87 * Destination port this channel state is used for. 87 * Destination port this channel state is used for.
88 */ 88 */
89 uint16_t destination_port; 89 uint16_t destination_port;
90
91}; 90};
92 91
93 92
@@ -158,21 +157,20 @@ struct DestinationEntry
158 */ 157 */
159 union 158 union
160 { 159 {
161 /** 160 /**
162 * Address if af is AF_INET. 161 * Address if af is AF_INET.
163 */ 162 */
164 struct in_addr v4; 163 struct in_addr v4;
165 164
166 /** 165 /**
167 * Address if af is AF_INET6. 166 * Address if af is AF_INET6.
168 */ 167 */
169 struct in6_addr v6; 168 struct in6_addr v6;
170 } ip; 169 } ip;
171 170
172 } exit_destination; 171 } exit_destination;
173 172
174 } details; 173 } details;
175
176}; 174};
177 175
178 176
@@ -309,7 +307,6 @@ struct ChannelState
309 * Destination port used by the sender on our end; 0 for uninitialized. 307 * Destination port used by the sender on our end; 0 for uninitialized.
310 */ 308 */
311 uint16_t destination_port; 309 uint16_t destination_port;
312
313}; 310};
314 311
315 312
@@ -394,20 +391,16 @@ static unsigned long long max_channel_mappings;
394 */ 391 */
395static void 392static void
396get_destination_key_from_ip (int af, 393get_destination_key_from_ip (int af,
397 const void *address, 394 const void *address,
398 struct GNUNET_HashCode *key) 395 struct GNUNET_HashCode *key)
399{ 396{
400 switch (af) 397 switch (af)
401 { 398 {
402 case AF_INET: 399 case AF_INET:
403 GNUNET_CRYPTO_hash (address, 400 GNUNET_CRYPTO_hash (address, sizeof (struct in_addr), key);
404 sizeof (struct in_addr),
405 key);
406 break; 401 break;
407 case AF_INET6: 402 case AF_INET6:
408 GNUNET_CRYPTO_hash (address, 403 GNUNET_CRYPTO_hash (address, sizeof (struct in6_addr), key);
409 sizeof (struct in6_addr),
410 key);
411 break; 404 break;
412 default: 405 default:
413 GNUNET_assert (0); 406 GNUNET_assert (0);
@@ -442,7 +435,7 @@ get_channel_key_from_ips (int af,
442 memset (key, 0, sizeof (struct GNUNET_HashCode)); 435 memset (key, 0, sizeof (struct GNUNET_HashCode));
443 /* the GNUnet hashmap only uses the first sizeof(unsigned int) of the hash, 436 /* the GNUnet hashmap only uses the first sizeof(unsigned int) of the hash,
444 so we put the ports in there (and hope for few collisions) */ 437 so we put the ports in there (and hope for few collisions) */
445 off = (char*) key; 438 off = (char *) key;
446 GNUNET_memcpy (off, &source_port, sizeof (uint16_t)); 439 GNUNET_memcpy (off, &source_port, sizeof (uint16_t));
447 off += sizeof (uint16_t); 440 off += sizeof (uint16_t);
448 GNUNET_memcpy (off, &destination_port, sizeof (uint16_t)); 441 GNUNET_memcpy (off, &destination_port, sizeof (uint16_t));
@@ -480,9 +473,9 @@ get_channel_key_from_ips (int af,
480 */ 473 */
481static void 474static void
482send_client_reply (struct GNUNET_SERVICE_Client *client, 475send_client_reply (struct GNUNET_SERVICE_Client *client,
483 uint64_t request_id, 476 uint64_t request_id,
484 int result_af, 477 int result_af,
485 const void *addr) 478 const void *addr)
486{ 479{
487 struct GNUNET_MQ_Envelope *env; 480 struct GNUNET_MQ_Envelope *env;
488 struct RedirectToIpResponseMessage *res; 481 struct RedirectToIpResponseMessage *res;
@@ -503,16 +496,11 @@ send_client_reply (struct GNUNET_SERVICE_Client *client,
503 GNUNET_assert (0); 496 GNUNET_assert (0);
504 return; 497 return;
505 } 498 }
506 env = GNUNET_MQ_msg_extra (res, 499 env = GNUNET_MQ_msg_extra (res, rlen, GNUNET_MESSAGE_TYPE_VPN_CLIENT_USE_IP);
507 rlen,
508 GNUNET_MESSAGE_TYPE_VPN_CLIENT_USE_IP);
509 res->result_af = htonl (result_af); 500 res->result_af = htonl (result_af);
510 res->request_id = request_id; 501 res->request_id = request_id;
511 GNUNET_memcpy (&res[1], 502 GNUNET_memcpy (&res[1], addr, rlen);
512 addr, 503 GNUNET_MQ_send (GNUNET_SERVICE_client_get_mq (client), env);
513 rlen);
514 GNUNET_MQ_send (GNUNET_SERVICE_client_get_mq (client),
515 env);
516} 504}
517 505
518 506
@@ -528,8 +516,7 @@ free_channel_state (struct ChannelState *ts)
528 struct ChannelMessageQueueEntry *tnq; 516 struct ChannelMessageQueueEntry *tnq;
529 struct GNUNET_CADET_Channel *channel; 517 struct GNUNET_CADET_Channel *channel;
530 518
531 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 519 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Cleaning up channel state\n");
532 "Cleaning up channel state\n");
533 if (NULL != (channel = ts->channel)) 520 if (NULL != (channel = ts->channel))
534 { 521 {
535 ts->channel = NULL; 522 ts->channel = NULL;
@@ -537,13 +524,12 @@ free_channel_state (struct ChannelState *ts)
537 return; 524 return;
538 } 525 }
539 GNUNET_STATISTICS_update (stats, 526 GNUNET_STATISTICS_update (stats,
540 gettext_noop ("# Active channels"), 527 gettext_noop ("# Active channels"),
541 -1, GNUNET_NO); 528 -1,
529 GNUNET_NO);
542 while (NULL != (tnq = ts->tmq_head)) 530 while (NULL != (tnq = ts->tmq_head))
543 { 531 {
544 GNUNET_CONTAINER_DLL_remove (ts->tmq_head, 532 GNUNET_CONTAINER_DLL_remove (ts->tmq_head, ts->tmq_tail, tnq);
545 ts->tmq_tail,
546 tnq);
547 ts->tmq_length--; 533 ts->tmq_length--;
548 GNUNET_free (tnq); 534 GNUNET_free (tnq);
549 } 535 }
@@ -559,16 +545,15 @@ free_channel_state (struct ChannelState *ts)
559 GNUNET_CONTAINER_heap_remove_node (ts->heap_node); 545 GNUNET_CONTAINER_heap_remove_node (ts->heap_node);
560 ts->heap_node = NULL; 546 ts->heap_node = NULL;
561 get_channel_key_from_ips (ts->af, 547 get_channel_key_from_ips (ts->af,
562 ts->protocol, 548 ts->protocol,
563 &ts->source_ip, 549 &ts->source_ip,
564 ts->source_port, 550 ts->source_port,
565 &ts->destination_ip, 551 &ts->destination_ip,
566 ts->destination_port, 552 ts->destination_port,
567 &key); 553 &key);
568 GNUNET_assert (GNUNET_YES == 554 GNUNET_assert (
569 GNUNET_CONTAINER_multihashmap_remove (channel_map, 555 GNUNET_YES ==
570 &key, 556 GNUNET_CONTAINER_multihashmap_remove (channel_map, &key, ts));
571 ts));
572 } 557 }
573 GNUNET_free (ts); 558 GNUNET_free (ts);
574} 559}
@@ -582,23 +567,25 @@ free_channel_state (struct ChannelState *ts)
582 * @param env message to queue 567 * @param env message to queue
583 */ 568 */
584static void 569static void
585send_to_channel (struct ChannelState *ts, 570send_to_channel (struct ChannelState *ts, struct GNUNET_MQ_Envelope *env)
586 struct GNUNET_MQ_Envelope *env)
587{ 571{
588 struct GNUNET_MQ_Handle *mq; 572 struct GNUNET_MQ_Handle *mq;
589 573
590 GNUNET_assert (NULL != ts->channel); 574 GNUNET_assert (NULL != ts->channel);
591 mq = GNUNET_CADET_get_mq (ts->channel); 575 mq = GNUNET_CADET_get_mq (ts->channel);
592 GNUNET_MQ_send (mq, 576 GNUNET_MQ_env_set_options (env,
593 env); 577 GNUNET_MQ_PRIO_BEST_EFFORT |
578 GNUNET_MQ_PREF_OUT_OF_ORDER);
579 GNUNET_MQ_send (mq, env);
594 if (GNUNET_MQ_get_length (mq) > MAX_MESSAGE_QUEUE_SIZE) 580 if (GNUNET_MQ_get_length (mq) > MAX_MESSAGE_QUEUE_SIZE)
595 { 581 {
596 env = GNUNET_MQ_unsent_head (mq); 582 env = GNUNET_MQ_unsent_head (mq);
597 GNUNET_assert (NULL != env); 583 GNUNET_assert (NULL != env);
598 GNUNET_STATISTICS_update (stats, 584 GNUNET_STATISTICS_update (stats,
599 gettext_noop ("# Messages dropped in cadet queue (overflow)"), 585 gettext_noop (
600 1, 586 "# Messages dropped in cadet queue (overflow)"),
601 GNUNET_NO); 587 1,
588 GNUNET_NO);
602 GNUNET_MQ_discard (env); 589 GNUNET_MQ_discard (env);
603 } 590 }
604} 591}
@@ -621,7 +608,8 @@ print_channel_destination (const struct DestinationEntry *de)
621 sizeof (dest), 608 sizeof (dest),
622 "HS: %s-%s", 609 "HS: %s-%s",
623 GNUNET_i2s (&de->details.service_destination.target), 610 GNUNET_i2s (&de->details.service_destination.target),
624 GNUNET_h2s (&de->details.service_destination.service_descriptor)); 611 GNUNET_h2s (
612 &de->details.service_destination.service_descriptor));
625 } 613 }
626 else 614 else
627 { 615 {
@@ -642,14 +630,14 @@ print_channel_destination (const struct DestinationEntry *de)
642 * @param channel connection to the other end (henceforth invalid) 630 * @param channel connection to the other end (henceforth invalid)
643 */ 631 */
644static void 632static void
645channel_cleaner (void *cls, 633channel_cleaner (void *cls, const struct GNUNET_CADET_Channel *channel)
646 const struct GNUNET_CADET_Channel *channel)
647{ 634{
648 struct ChannelState *ts = cls; 635 struct ChannelState *ts = cls;
649 636
650 ts->channel = NULL; /* we must not call GNUNET_CADET_channel_destroy() anymore */ 637 ts->channel =
638 NULL; /* we must not call GNUNET_CADET_channel_destroy() anymore */
651 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 639 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
652 "CADET notified us about death of channel to `%s'\n", 640 "CADET notified us about death of channel to `%s'\n",
653 print_channel_destination (&ts->destination)); 641 print_channel_destination (&ts->destination));
654 free_channel_state (ts); 642 free_channel_state (ts);
655} 643}
@@ -666,14 +654,14 @@ channel_cleaner (void *cls,
666 */ 654 */
667static void 655static void
668make_up_icmpv4_payload (struct ChannelState *ts, 656make_up_icmpv4_payload (struct ChannelState *ts,
669 struct GNUNET_TUN_IPv4Header *ipp, 657 struct GNUNET_TUN_IPv4Header *ipp,
670 struct GNUNET_TUN_UdpHeader *udp) 658 struct GNUNET_TUN_UdpHeader *udp)
671{ 659{
672 GNUNET_TUN_initialize_ipv4_header (ipp, 660 GNUNET_TUN_initialize_ipv4_header (ipp,
673 ts->protocol, 661 ts->protocol,
674 sizeof (struct GNUNET_TUN_TcpHeader), 662 sizeof (struct GNUNET_TUN_TcpHeader),
675 &ts->source_ip.v4, 663 &ts->source_ip.v4,
676 &ts->destination_ip.v4); 664 &ts->destination_ip.v4);
677 udp->source_port = htons (ts->source_port); 665 udp->source_port = htons (ts->source_port);
678 udp->destination_port = htons (ts->destination_port); 666 udp->destination_port = htons (ts->destination_port);
679 udp->len = htons (0); 667 udp->len = htons (0);
@@ -692,14 +680,14 @@ make_up_icmpv4_payload (struct ChannelState *ts,
692 */ 680 */
693static void 681static void
694make_up_icmpv6_payload (struct ChannelState *ts, 682make_up_icmpv6_payload (struct ChannelState *ts,
695 struct GNUNET_TUN_IPv6Header *ipp, 683 struct GNUNET_TUN_IPv6Header *ipp,
696 struct GNUNET_TUN_UdpHeader *udp) 684 struct GNUNET_TUN_UdpHeader *udp)
697{ 685{
698 GNUNET_TUN_initialize_ipv6_header (ipp, 686 GNUNET_TUN_initialize_ipv6_header (ipp,
699 ts->protocol, 687 ts->protocol,
700 sizeof (struct GNUNET_TUN_TcpHeader), 688 sizeof (struct GNUNET_TUN_TcpHeader),
701 &ts->source_ip.v6, 689 &ts->source_ip.v6,
702 &ts->destination_ip.v6); 690 &ts->destination_ip.v6);
703 udp->source_port = htons (ts->source_port); 691 udp->source_port = htons (ts->source_port);
704 udp->destination_port = htons (ts->destination_port); 692 udp->destination_port = htons (ts->destination_port);
705 udp->len = htons (0); 693 udp->len = htons (0);
@@ -716,8 +704,7 @@ make_up_icmpv6_payload (struct ChannelState *ts,
716 * #GNUNET_SYSERR to close it (signal serious error) 704 * #GNUNET_SYSERR to close it (signal serious error)
717 */ 705 */
718static int 706static int
719check_icmp_back (void *cls, 707check_icmp_back (void *cls, const struct GNUNET_EXIT_IcmpToVPNMessage *i2v)
720 const struct GNUNET_EXIT_IcmpToVPNMessage *i2v)
721{ 708{
722 struct ChannelState *ts = cls; 709 struct ChannelState *ts = cls;
723 710
@@ -743,309 +730,323 @@ check_icmp_back (void *cls,
743 * @param message the actual message 730 * @param message the actual message
744 */ 731 */
745static void 732static void
746handle_icmp_back (void *cls, 733handle_icmp_back (void *cls, const struct GNUNET_EXIT_IcmpToVPNMessage *i2v)
747 const struct GNUNET_EXIT_IcmpToVPNMessage *i2v)
748{ 734{
749 struct ChannelState *ts = cls; 735 struct ChannelState *ts = cls;
750 size_t mlen; 736 size_t mlen;
751 737
752 GNUNET_STATISTICS_update (stats, 738 GNUNET_STATISTICS_update (stats,
753 gettext_noop ("# ICMP packets received from cadet"), 739 gettext_noop ("# ICMP packets received from cadet"),
754 1, 740 1,
755 GNUNET_NO); 741 GNUNET_NO);
756 mlen = ntohs (i2v->header.size) - sizeof (struct GNUNET_EXIT_IcmpToVPNMessage); 742 mlen =
743 ntohs (i2v->header.size) - sizeof (struct GNUNET_EXIT_IcmpToVPNMessage);
757 { 744 {
758 char sbuf[INET6_ADDRSTRLEN]; 745 char sbuf[INET6_ADDRSTRLEN];
759 char dbuf[INET6_ADDRSTRLEN]; 746 char dbuf[INET6_ADDRSTRLEN];
760 747
761 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 748 GNUNET_log (
762 "Received ICMP packet from cadet, sending %u bytes from %s -> %s via TUN\n", 749 GNUNET_ERROR_TYPE_DEBUG,
763 (unsigned int) mlen, 750 "Received ICMP packet from cadet, sending %u bytes from %s -> %s via TUN\n",
764 inet_ntop (ts->af, &ts->destination_ip, sbuf, sizeof (sbuf)), 751 (unsigned int) mlen,
765 inet_ntop (ts->af, &ts->source_ip, dbuf, sizeof (dbuf))); 752 inet_ntop (ts->af, &ts->destination_ip, sbuf, sizeof (sbuf)),
753 inet_ntop (ts->af, &ts->source_ip, dbuf, sizeof (dbuf)));
766 } 754 }
767 switch (ts->af) 755 switch (ts->af)
768 { 756 {
769 case AF_INET: 757 case AF_INET: {
758 size_t size = sizeof (struct GNUNET_TUN_IPv4Header) +
759 sizeof (struct GNUNET_TUN_IcmpHeader) +
760 sizeof (struct GNUNET_MessageHeader) +
761 sizeof (struct GNUNET_TUN_Layer2PacketHeader) + mlen;
770 { 762 {
771 size_t size = sizeof (struct GNUNET_TUN_IPv4Header) 763 /* reserve some extra space in case we have an ICMP type here where
772 + sizeof (struct GNUNET_TUN_IcmpHeader)
773 + sizeof (struct GNUNET_MessageHeader) +
774 sizeof (struct GNUNET_TUN_Layer2PacketHeader) +
775 mlen;
776 {
777 /* reserve some extra space in case we have an ICMP type here where
778 we will need to make up the payload ourselves */ 764 we will need to make up the payload ourselves */
779 char buf[size + sizeof (struct GNUNET_TUN_IPv4Header) + 8] GNUNET_ALIGN; 765 char buf[size + sizeof (struct GNUNET_TUN_IPv4Header) + 8] GNUNET_ALIGN;
780 struct GNUNET_MessageHeader *msg = (struct GNUNET_MessageHeader *) buf; 766 struct GNUNET_MessageHeader *msg = (struct GNUNET_MessageHeader *) buf;
781 struct GNUNET_TUN_Layer2PacketHeader *tun = (struct GNUNET_TUN_Layer2PacketHeader*) &msg[1]; 767 struct GNUNET_TUN_Layer2PacketHeader *tun =
782 struct GNUNET_TUN_IPv4Header *ipv4 = (struct GNUNET_TUN_IPv4Header *) &tun[1]; 768 (struct GNUNET_TUN_Layer2PacketHeader *) &msg[1];
783 struct GNUNET_TUN_IcmpHeader *icmp = (struct GNUNET_TUN_IcmpHeader *) &ipv4[1]; 769 struct GNUNET_TUN_IPv4Header *ipv4 =
784 msg->type = htons (GNUNET_MESSAGE_TYPE_VPN_HELPER); 770 (struct GNUNET_TUN_IPv4Header *) &tun[1];
785 tun->flags = htons (0); 771 struct GNUNET_TUN_IcmpHeader *icmp =
786 tun->proto = htons (ETH_P_IPV4); 772 (struct GNUNET_TUN_IcmpHeader *) &ipv4[1];
787 GNUNET_TUN_initialize_ipv4_header (ipv4, 773 msg->type = htons (GNUNET_MESSAGE_TYPE_VPN_HELPER);
788 IPPROTO_ICMP, 774 tun->flags = htons (0);
789 sizeof (struct GNUNET_TUN_IcmpHeader) + mlen, 775 tun->proto = htons (ETH_P_IPV4);
790 &ts->destination_ip.v4, 776 GNUNET_TUN_initialize_ipv4_header (ipv4,
791 &ts->source_ip.v4); 777 IPPROTO_ICMP,
792 *icmp = i2v->icmp_header; 778 sizeof (struct GNUNET_TUN_IcmpHeader) +
793 GNUNET_memcpy (&icmp[1], 779 mlen,
794 &i2v[1], 780 &ts->destination_ip.v4,
795 mlen); 781 &ts->source_ip.v4);
796 /* For some ICMP types, we need to adjust (make up) the payload here. 782 *icmp = i2v->icmp_header;
783 GNUNET_memcpy (&icmp[1], &i2v[1], mlen);
784 /* For some ICMP types, we need to adjust (make up) the payload here.
797 Also, depending on the AF used on the other side, we have to 785 Also, depending on the AF used on the other side, we have to
798 do ICMP PT (translate ICMP types) */ 786 do ICMP PT (translate ICMP types) */
799 switch (ntohl (i2v->af)) 787 switch (ntohl (i2v->af))
800 { 788 {
801 case AF_INET: 789 case AF_INET:
802 switch (icmp->type) 790 switch (icmp->type)
803 { 791 {
804 case GNUNET_TUN_ICMPTYPE_ECHO_REPLY: 792 case GNUNET_TUN_ICMPTYPE_ECHO_REPLY:
805 case GNUNET_TUN_ICMPTYPE_ECHO_REQUEST: 793 case GNUNET_TUN_ICMPTYPE_ECHO_REQUEST:
806 break; 794 break;
807 case GNUNET_TUN_ICMPTYPE_DESTINATION_UNREACHABLE: 795 case GNUNET_TUN_ICMPTYPE_DESTINATION_UNREACHABLE:
808 case GNUNET_TUN_ICMPTYPE_SOURCE_QUENCH: 796 case GNUNET_TUN_ICMPTYPE_SOURCE_QUENCH:
809 case GNUNET_TUN_ICMPTYPE_TIME_EXCEEDED: 797 case GNUNET_TUN_ICMPTYPE_TIME_EXCEEDED: {
810 { 798 struct GNUNET_TUN_IPv4Header *ipp =
811 struct GNUNET_TUN_IPv4Header *ipp = (struct GNUNET_TUN_IPv4Header *) &icmp[1]; 799 (struct GNUNET_TUN_IPv4Header *) &icmp[1];
812 struct GNUNET_TUN_UdpHeader *udp = (struct GNUNET_TUN_UdpHeader *) &ipp[1]; 800 struct GNUNET_TUN_UdpHeader *udp =
813 801 (struct GNUNET_TUN_UdpHeader *) &ipp[1];
814 if (mlen != 0) 802
815 { 803 if (mlen != 0)
816 /* sender did not strip ICMP payload? */ 804 {
817 GNUNET_break_op (0); 805 /* sender did not strip ICMP payload? */
818 return; 806 GNUNET_break_op (0);
819 } 807 return;
820 size += sizeof (struct GNUNET_TUN_IPv4Header) + 8; 808 }
821 GNUNET_assert (8 == sizeof (struct GNUNET_TUN_UdpHeader)); 809 size += sizeof (struct GNUNET_TUN_IPv4Header) + 8;
822 make_up_icmpv4_payload (ts, ipp, udp); 810 GNUNET_assert (8 == sizeof (struct GNUNET_TUN_UdpHeader));
823 } 811 make_up_icmpv4_payload (ts, ipp, udp);
824 break; 812 }
825 default: 813 break;
826 GNUNET_break_op (0); 814 default:
827 GNUNET_STATISTICS_update (stats, 815 GNUNET_break_op (0);
828 gettext_noop ("# ICMPv4 packets dropped (type not allowed)"), 816 GNUNET_STATISTICS_update (
829 1, GNUNET_NO); 817 stats,
830 return; 818 gettext_noop ("# ICMPv4 packets dropped (type not allowed)"),
831 } 819 1,
832 /* end AF_INET */ 820 GNUNET_NO);
833 break; 821 return;
834 case AF_INET6: 822 }
835 /* ICMP PT 6-to-4 and possibly making up payloads */ 823 /* end AF_INET */
836 switch (icmp->type) 824 break;
837 { 825 case AF_INET6:
838 case GNUNET_TUN_ICMPTYPE6_DESTINATION_UNREACHABLE: 826 /* ICMP PT 6-to-4 and possibly making up payloads */
839 icmp->type = GNUNET_TUN_ICMPTYPE_DESTINATION_UNREACHABLE; 827 switch (icmp->type)
840 { 828 {
841 struct GNUNET_TUN_IPv4Header *ipp = (struct GNUNET_TUN_IPv4Header *) &icmp[1]; 829 case GNUNET_TUN_ICMPTYPE6_DESTINATION_UNREACHABLE:
842 struct GNUNET_TUN_UdpHeader *udp = (struct GNUNET_TUN_UdpHeader *) &ipp[1]; 830 icmp->type = GNUNET_TUN_ICMPTYPE_DESTINATION_UNREACHABLE;
843 831 {
844 if (mlen != 0) 832 struct GNUNET_TUN_IPv4Header *ipp =
845 { 833 (struct GNUNET_TUN_IPv4Header *) &icmp[1];
846 /* sender did not strip ICMP payload? */ 834 struct GNUNET_TUN_UdpHeader *udp =
847 GNUNET_break_op (0); 835 (struct GNUNET_TUN_UdpHeader *) &ipp[1];
848 return; 836
849 } 837 if (mlen != 0)
850 size += sizeof (struct GNUNET_TUN_IPv4Header) + 8; 838 {
851 GNUNET_assert (8 == sizeof (struct GNUNET_TUN_UdpHeader)); 839 /* sender did not strip ICMP payload? */
852 make_up_icmpv4_payload (ts, ipp, udp); 840 GNUNET_break_op (0);
853 } 841 return;
854 break; 842 }
855 case GNUNET_TUN_ICMPTYPE6_TIME_EXCEEDED: 843 size += sizeof (struct GNUNET_TUN_IPv4Header) + 8;
856 icmp->type = GNUNET_TUN_ICMPTYPE_TIME_EXCEEDED; 844 GNUNET_assert (8 == sizeof (struct GNUNET_TUN_UdpHeader));
857 { 845 make_up_icmpv4_payload (ts, ipp, udp);
858 struct GNUNET_TUN_IPv4Header *ipp = (struct GNUNET_TUN_IPv4Header *) &icmp[1]; 846 }
859 struct GNUNET_TUN_UdpHeader *udp = (struct GNUNET_TUN_UdpHeader *) &ipp[1]; 847 break;
860 848 case GNUNET_TUN_ICMPTYPE6_TIME_EXCEEDED:
861 if (mlen != 0) 849 icmp->type = GNUNET_TUN_ICMPTYPE_TIME_EXCEEDED;
862 { 850 {
863 /* sender did not strip ICMP payload? */ 851 struct GNUNET_TUN_IPv4Header *ipp =
864 GNUNET_break_op (0); 852 (struct GNUNET_TUN_IPv4Header *) &icmp[1];
865 return; 853 struct GNUNET_TUN_UdpHeader *udp =
866 } 854 (struct GNUNET_TUN_UdpHeader *) &ipp[1];
867 size += sizeof (struct GNUNET_TUN_IPv4Header) + 8; 855
868 GNUNET_assert (8 == sizeof (struct GNUNET_TUN_UdpHeader)); 856 if (mlen != 0)
869 make_up_icmpv4_payload (ts, ipp, udp); 857 {
870 } 858 /* sender did not strip ICMP payload? */
871 break; 859 GNUNET_break_op (0);
872 case GNUNET_TUN_ICMPTYPE6_PACKET_TOO_BIG: 860 return;
873 case GNUNET_TUN_ICMPTYPE6_PARAMETER_PROBLEM: 861 }
874 GNUNET_STATISTICS_update (stats, 862 size += sizeof (struct GNUNET_TUN_IPv4Header) + 8;
875 gettext_noop ("# ICMPv6 packets dropped (impossible PT to v4)"), 863 GNUNET_assert (8 == sizeof (struct GNUNET_TUN_UdpHeader));
876 1, GNUNET_NO); 864 make_up_icmpv4_payload (ts, ipp, udp);
877 return; 865 }
878 case GNUNET_TUN_ICMPTYPE6_ECHO_REQUEST: 866 break;
879 icmp->type = GNUNET_TUN_ICMPTYPE_ECHO_REQUEST; 867 case GNUNET_TUN_ICMPTYPE6_PACKET_TOO_BIG:
880 break; 868 case GNUNET_TUN_ICMPTYPE6_PARAMETER_PROBLEM:
881 case GNUNET_TUN_ICMPTYPE6_ECHO_REPLY: 869 GNUNET_STATISTICS_update (
882 icmp->type = GNUNET_TUN_ICMPTYPE_ECHO_REPLY; 870 stats,
883 break; 871 gettext_noop ("# ICMPv6 packets dropped (impossible PT to v4)"),
884 default: 872 1,
885 GNUNET_break_op (0); 873 GNUNET_NO);
886 GNUNET_STATISTICS_update (stats, 874 return;
887 gettext_noop ("# ICMPv6 packets dropped (type not allowed)"), 875 case GNUNET_TUN_ICMPTYPE6_ECHO_REQUEST:
888 1, GNUNET_NO); 876 icmp->type = GNUNET_TUN_ICMPTYPE_ECHO_REQUEST;
889 return; 877 break;
890 } 878 case GNUNET_TUN_ICMPTYPE6_ECHO_REPLY:
891 /* end AF_INET6 */ 879 icmp->type = GNUNET_TUN_ICMPTYPE_ECHO_REPLY;
892 break; 880 break;
893 default: 881 default:
894 GNUNET_break_op (0); 882 GNUNET_break_op (0);
895 return; 883 GNUNET_STATISTICS_update (
896 } 884 stats,
897 msg->size = htons (size); 885 gettext_noop ("# ICMPv6 packets dropped (type not allowed)"),
898 GNUNET_TUN_calculate_icmp_checksum (icmp, 886 1,
899 &i2v[1], 887 GNUNET_NO);
900 mlen); 888 return;
901 (void) GNUNET_HELPER_send (helper_handle, 889 }
902 msg, 890 /* end AF_INET6 */
903 GNUNET_YES, 891 break;
904 NULL, NULL); 892 default:
893 GNUNET_break_op (0);
894 return;
905 } 895 }
896 msg->size = htons (size);
897 GNUNET_TUN_calculate_icmp_checksum (icmp, &i2v[1], mlen);
898 (void) GNUNET_HELPER_send (helper_handle, msg, GNUNET_YES, NULL, NULL);
906 } 899 }
907 break; 900 }
908 case AF_INET6: 901 break;
902 case AF_INET6: {
903 size_t size = sizeof (struct GNUNET_TUN_IPv6Header) +
904 sizeof (struct GNUNET_TUN_IcmpHeader) +
905 sizeof (struct GNUNET_MessageHeader) +
906 sizeof (struct GNUNET_TUN_Layer2PacketHeader) + mlen;
909 { 907 {
910 size_t size = sizeof (struct GNUNET_TUN_IPv6Header) 908 char buf[size + sizeof (struct GNUNET_TUN_IPv6Header) + 8] GNUNET_ALIGN;
911 + sizeof (struct GNUNET_TUN_IcmpHeader) 909 struct GNUNET_MessageHeader *msg = (struct GNUNET_MessageHeader *) buf;
912 + sizeof (struct GNUNET_MessageHeader) + 910 struct GNUNET_TUN_Layer2PacketHeader *tun =
913 sizeof (struct GNUNET_TUN_Layer2PacketHeader) + 911 (struct GNUNET_TUN_Layer2PacketHeader *) &msg[1];
914 mlen; 912 struct GNUNET_TUN_IPv6Header *ipv6 =
915 { 913 (struct GNUNET_TUN_IPv6Header *) &tun[1];
916 char buf[size + sizeof (struct GNUNET_TUN_IPv6Header) + 8] GNUNET_ALIGN; 914 struct GNUNET_TUN_IcmpHeader *icmp =
917 struct GNUNET_MessageHeader *msg = (struct GNUNET_MessageHeader *) buf; 915 (struct GNUNET_TUN_IcmpHeader *) &ipv6[1];
918 struct GNUNET_TUN_Layer2PacketHeader *tun = (struct GNUNET_TUN_Layer2PacketHeader*) &msg[1]; 916 msg->type = htons (GNUNET_MESSAGE_TYPE_VPN_HELPER);
919 struct GNUNET_TUN_IPv6Header *ipv6 = (struct GNUNET_TUN_IPv6Header *) &tun[1]; 917 tun->flags = htons (0);
920 struct GNUNET_TUN_IcmpHeader *icmp = (struct GNUNET_TUN_IcmpHeader *) &ipv6[1]; 918 tun->proto = htons (ETH_P_IPV6);
921 msg->type = htons (GNUNET_MESSAGE_TYPE_VPN_HELPER); 919 GNUNET_TUN_initialize_ipv6_header (ipv6,
922 tun->flags = htons (0); 920 IPPROTO_ICMPV6,
923 tun->proto = htons (ETH_P_IPV6); 921 sizeof (struct GNUNET_TUN_IcmpHeader) +
924 GNUNET_TUN_initialize_ipv6_header (ipv6, 922 mlen,
925 IPPROTO_ICMPV6, 923 &ts->destination_ip.v6,
926 sizeof (struct GNUNET_TUN_IcmpHeader) + mlen, 924 &ts->source_ip.v6);
927 &ts->destination_ip.v6, 925 *icmp = i2v->icmp_header;
928 &ts->source_ip.v6); 926 GNUNET_memcpy (&icmp[1], &i2v[1], mlen);
929 *icmp = i2v->icmp_header; 927
930 GNUNET_memcpy (&icmp[1], 928 /* For some ICMP types, we need to adjust (make up) the payload here.
931 &i2v[1],
932 mlen);
933
934 /* For some ICMP types, we need to adjust (make up) the payload here.
935 Also, depending on the AF used on the other side, we have to 929 Also, depending on the AF used on the other side, we have to
936 do ICMP PT (translate ICMP types) */ 930 do ICMP PT (translate ICMP types) */
937 switch (ntohl (i2v->af)) 931 switch (ntohl (i2v->af))
938 { 932 {
939 case AF_INET: 933 case AF_INET:
940 /* ICMP PT 4-to-6 and possibly making up payloads */ 934 /* ICMP PT 4-to-6 and possibly making up payloads */
941 switch (icmp->type) 935 switch (icmp->type)
942 { 936 {
943 case GNUNET_TUN_ICMPTYPE_ECHO_REPLY: 937 case GNUNET_TUN_ICMPTYPE_ECHO_REPLY:
944 icmp->type = GNUNET_TUN_ICMPTYPE6_ECHO_REPLY; 938 icmp->type = GNUNET_TUN_ICMPTYPE6_ECHO_REPLY;
945 break; 939 break;
946 case GNUNET_TUN_ICMPTYPE_ECHO_REQUEST: 940 case GNUNET_TUN_ICMPTYPE_ECHO_REQUEST:
947 icmp->type = GNUNET_TUN_ICMPTYPE6_ECHO_REQUEST; 941 icmp->type = GNUNET_TUN_ICMPTYPE6_ECHO_REQUEST;
948 break; 942 break;
949 case GNUNET_TUN_ICMPTYPE_DESTINATION_UNREACHABLE: 943 case GNUNET_TUN_ICMPTYPE_DESTINATION_UNREACHABLE:
950 icmp->type = GNUNET_TUN_ICMPTYPE6_DESTINATION_UNREACHABLE; 944 icmp->type = GNUNET_TUN_ICMPTYPE6_DESTINATION_UNREACHABLE;
951 { 945 {
952 struct GNUNET_TUN_IPv6Header *ipp = (struct GNUNET_TUN_IPv6Header *) &icmp[1]; 946 struct GNUNET_TUN_IPv6Header *ipp =
953 struct GNUNET_TUN_UdpHeader *udp = (struct GNUNET_TUN_UdpHeader *) &ipp[1]; 947 (struct GNUNET_TUN_IPv6Header *) &icmp[1];
954 948 struct GNUNET_TUN_UdpHeader *udp =
955 if (mlen != 0) 949 (struct GNUNET_TUN_UdpHeader *) &ipp[1];
956 { 950
957 /* sender did not strip ICMP payload? */ 951 if (mlen != 0)
958 GNUNET_break_op (0); 952 {
959 return; 953 /* sender did not strip ICMP payload? */
960 } 954 GNUNET_break_op (0);
961 size += sizeof (struct GNUNET_TUN_IPv6Header) + 8; 955 return;
962 GNUNET_assert (8 == sizeof (struct GNUNET_TUN_UdpHeader)); 956 }
963 make_up_icmpv6_payload (ts, ipp, udp); 957 size += sizeof (struct GNUNET_TUN_IPv6Header) + 8;
964 } 958 GNUNET_assert (8 == sizeof (struct GNUNET_TUN_UdpHeader));
965 break; 959 make_up_icmpv6_payload (ts, ipp, udp);
966 case GNUNET_TUN_ICMPTYPE_TIME_EXCEEDED: 960 }
967 icmp->type = GNUNET_TUN_ICMPTYPE6_TIME_EXCEEDED; 961 break;
968 { 962 case GNUNET_TUN_ICMPTYPE_TIME_EXCEEDED:
969 struct GNUNET_TUN_IPv6Header *ipp = (struct GNUNET_TUN_IPv6Header *) &icmp[1]; 963 icmp->type = GNUNET_TUN_ICMPTYPE6_TIME_EXCEEDED;
970 struct GNUNET_TUN_UdpHeader *udp = (struct GNUNET_TUN_UdpHeader *) &ipp[1]; 964 {
971 965 struct GNUNET_TUN_IPv6Header *ipp =
972 if (mlen != 0) 966 (struct GNUNET_TUN_IPv6Header *) &icmp[1];
973 { 967 struct GNUNET_TUN_UdpHeader *udp =
974 /* sender did not strip ICMP payload? */ 968 (struct GNUNET_TUN_UdpHeader *) &ipp[1];
975 GNUNET_break_op (0); 969
976 return; 970 if (mlen != 0)
977 } 971 {
978 size += sizeof (struct GNUNET_TUN_IPv6Header) + 8; 972 /* sender did not strip ICMP payload? */
979 GNUNET_assert (8 == sizeof (struct GNUNET_TUN_UdpHeader)); 973 GNUNET_break_op (0);
980 make_up_icmpv6_payload (ts, ipp, udp); 974 return;
981 } 975 }
982 break; 976 size += sizeof (struct GNUNET_TUN_IPv6Header) + 8;
983 case GNUNET_TUN_ICMPTYPE_SOURCE_QUENCH: 977 GNUNET_assert (8 == sizeof (struct GNUNET_TUN_UdpHeader));
984 GNUNET_STATISTICS_update (stats, 978 make_up_icmpv6_payload (ts, ipp, udp);
985 gettext_noop ("# ICMPv4 packets dropped (impossible PT to v6)"), 979 }
986 1, GNUNET_NO); 980 break;
987 return; 981 case GNUNET_TUN_ICMPTYPE_SOURCE_QUENCH:
988 default: 982 GNUNET_STATISTICS_update (
989 GNUNET_break_op (0); 983 stats,
990 GNUNET_STATISTICS_update (stats, 984 gettext_noop ("# ICMPv4 packets dropped (impossible PT to v6)"),
991 gettext_noop ("# ICMPv4 packets dropped (type not allowed)"), 985 1,
992 1, GNUNET_NO); 986 GNUNET_NO);
993 return; 987 return;
994 } 988 default:
995 /* end AF_INET */ 989 GNUNET_break_op (0);
996 break; 990 GNUNET_STATISTICS_update (
997 case AF_INET6: 991 stats,
998 switch (icmp->type) 992 gettext_noop ("# ICMPv4 packets dropped (type not allowed)"),
999 { 993 1,
1000 case GNUNET_TUN_ICMPTYPE6_DESTINATION_UNREACHABLE: 994 GNUNET_NO);
1001 case GNUNET_TUN_ICMPTYPE6_TIME_EXCEEDED: 995 return;
1002 case GNUNET_TUN_ICMPTYPE6_PACKET_TOO_BIG: 996 }
1003 case GNUNET_TUN_ICMPTYPE6_PARAMETER_PROBLEM: 997 /* end AF_INET */
1004 { 998 break;
1005 struct GNUNET_TUN_IPv6Header *ipp = (struct GNUNET_TUN_IPv6Header *) &icmp[1]; 999 case AF_INET6:
1006 struct GNUNET_TUN_UdpHeader *udp = (struct GNUNET_TUN_UdpHeader *) &ipp[1]; 1000 switch (icmp->type)
1007 1001 {
1008 if (mlen != 0) 1002 case GNUNET_TUN_ICMPTYPE6_DESTINATION_UNREACHABLE:
1009 { 1003 case GNUNET_TUN_ICMPTYPE6_TIME_EXCEEDED:
1010 /* sender did not strip ICMP payload? */ 1004 case GNUNET_TUN_ICMPTYPE6_PACKET_TOO_BIG:
1011 GNUNET_break_op (0); 1005 case GNUNET_TUN_ICMPTYPE6_PARAMETER_PROBLEM: {
1012 return; 1006 struct GNUNET_TUN_IPv6Header *ipp =
1013 } 1007 (struct GNUNET_TUN_IPv6Header *) &icmp[1];
1014 size += sizeof (struct GNUNET_TUN_IPv6Header) + 8; 1008 struct GNUNET_TUN_UdpHeader *udp =
1015 GNUNET_assert (8 == sizeof (struct GNUNET_TUN_UdpHeader)); 1009 (struct GNUNET_TUN_UdpHeader *) &ipp[1];
1016 make_up_icmpv6_payload (ts, ipp, udp); 1010
1017 } 1011 if (mlen != 0)
1018 break; 1012 {
1019 case GNUNET_TUN_ICMPTYPE6_ECHO_REQUEST: 1013 /* sender did not strip ICMP payload? */
1020 break; 1014 GNUNET_break_op (0);
1021 default: 1015 return;
1022 GNUNET_break_op (0); 1016 }
1023 GNUNET_STATISTICS_update (stats, 1017 size += sizeof (struct GNUNET_TUN_IPv6Header) + 8;
1024 gettext_noop ("# ICMPv6 packets dropped (type not allowed)"), 1018 GNUNET_assert (8 == sizeof (struct GNUNET_TUN_UdpHeader));
1025 1, GNUNET_NO); 1019 make_up_icmpv6_payload (ts, ipp, udp);
1026 return; 1020 }
1027 } 1021 break;
1028 /* end AF_INET6 */ 1022 case GNUNET_TUN_ICMPTYPE6_ECHO_REQUEST:
1029 break; 1023 break;
1030 default: 1024 default:
1031 GNUNET_break_op (0); 1025 GNUNET_break_op (0);
1032 return; 1026 GNUNET_STATISTICS_update (
1033 } 1027 stats,
1034 msg->size = htons (size); 1028 gettext_noop ("# ICMPv6 packets dropped (type not allowed)"),
1035 GNUNET_TUN_calculate_icmp_checksum (icmp, 1029 1,
1036 &i2v[1], mlen); 1030 GNUNET_NO);
1037 (void) GNUNET_HELPER_send (helper_handle, 1031 return;
1038 msg, 1032 }
1039 GNUNET_YES, 1033 /* end AF_INET6 */
1040 NULL, NULL); 1034 break;
1035 default:
1036 GNUNET_break_op (0);
1037 return;
1041 } 1038 }
1039 msg->size = htons (size);
1040 GNUNET_TUN_calculate_icmp_checksum (icmp, &i2v[1], mlen);
1041 (void) GNUNET_HELPER_send (helper_handle, msg, GNUNET_YES, NULL, NULL);
1042 } 1042 }
1043 break; 1043 }
1044 break;
1044 default: 1045 default:
1045 GNUNET_assert (0); 1046 GNUNET_assert (0);
1046 } 1047 }
1047 GNUNET_CONTAINER_heap_update_cost (ts->heap_node, 1048 GNUNET_CONTAINER_heap_update_cost (ts->heap_node,
1048 GNUNET_TIME_absolute_get ().abs_value_us); 1049 GNUNET_TIME_absolute_get ().abs_value_us);
1049 GNUNET_CADET_receive_done (ts->channel); 1050 GNUNET_CADET_receive_done (ts->channel);
1050} 1051}
1051 1052
@@ -1059,8 +1060,7 @@ handle_icmp_back (void *cls,
1059 * #GNUNET_SYSERR to close it (signal serious error) 1060 * #GNUNET_SYSERR to close it (signal serious error)
1060 */ 1061 */
1061static int 1062static int
1062check_udp_back (void *cls, 1063check_udp_back (void *cls, const struct GNUNET_EXIT_UdpReplyMessage *reply)
1063 const struct GNUNET_EXIT_UdpReplyMessage *reply)
1064{ 1064{
1065 struct ChannelState *ts = cls; 1065 struct ChannelState *ts = cls;
1066 1066
@@ -1086,125 +1086,115 @@ check_udp_back (void *cls,
1086 * @param reply the actual message 1086 * @param reply the actual message
1087 */ 1087 */
1088static void 1088static void
1089handle_udp_back (void *cls, 1089handle_udp_back (void *cls, const struct GNUNET_EXIT_UdpReplyMessage *reply)
1090 const struct GNUNET_EXIT_UdpReplyMessage *reply)
1091{ 1090{
1092 struct ChannelState *ts = cls; 1091 struct ChannelState *ts = cls;
1093 size_t mlen; 1092 size_t mlen;
1094 1093
1095 GNUNET_STATISTICS_update (stats, 1094 GNUNET_STATISTICS_update (stats,
1096 gettext_noop ("# UDP packets received from cadet"), 1095 gettext_noop ("# UDP packets received from cadet"),
1097 1, 1096 1,
1098 GNUNET_NO); 1097 GNUNET_NO);
1099 mlen = ntohs (reply->header.size) - sizeof (struct GNUNET_EXIT_UdpReplyMessage); 1098 mlen =
1099 ntohs (reply->header.size) - sizeof (struct GNUNET_EXIT_UdpReplyMessage);
1100 { 1100 {
1101 char sbuf[INET6_ADDRSTRLEN]; 1101 char sbuf[INET6_ADDRSTRLEN];
1102 char dbuf[INET6_ADDRSTRLEN]; 1102 char dbuf[INET6_ADDRSTRLEN];
1103 1103
1104 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 1104 GNUNET_log (
1105 "Received UDP reply from cadet, sending %u bytes from [%s]:%u -> [%s]:%u via TUN\n", 1105 GNUNET_ERROR_TYPE_DEBUG,
1106 (unsigned int) mlen, 1106 "Received UDP reply from cadet, sending %u bytes from [%s]:%u -> [%s]:%u via TUN\n",
1107 inet_ntop (ts->af, &ts->destination_ip, sbuf, sizeof (sbuf)), 1107 (unsigned int) mlen,
1108 ts->destination_port, 1108 inet_ntop (ts->af, &ts->destination_ip, sbuf, sizeof (sbuf)),
1109 inet_ntop (ts->af, &ts->source_ip, dbuf, sizeof (dbuf)), 1109 ts->destination_port,
1110 ts->source_port); 1110 inet_ntop (ts->af, &ts->source_ip, dbuf, sizeof (dbuf)),
1111 ts->source_port);
1111 } 1112 }
1112 switch (ts->af) 1113 switch (ts->af)
1113 { 1114 {
1114 case AF_INET: 1115 case AF_INET: {
1116 size_t size = sizeof (struct GNUNET_TUN_IPv4Header) +
1117 sizeof (struct GNUNET_TUN_UdpHeader) +
1118 sizeof (struct GNUNET_MessageHeader) +
1119 sizeof (struct GNUNET_TUN_Layer2PacketHeader) + mlen;
1115 { 1120 {
1116 size_t size = sizeof (struct GNUNET_TUN_IPv4Header) 1121 char buf[size] GNUNET_ALIGN;
1117 + sizeof (struct GNUNET_TUN_UdpHeader) 1122 struct GNUNET_MessageHeader *msg = (struct GNUNET_MessageHeader *) buf;
1118 + sizeof (struct GNUNET_MessageHeader) + 1123 struct GNUNET_TUN_Layer2PacketHeader *tun =
1119 sizeof (struct GNUNET_TUN_Layer2PacketHeader) + 1124 (struct GNUNET_TUN_Layer2PacketHeader *) &msg[1];
1120 mlen; 1125 struct GNUNET_TUN_IPv4Header *ipv4 =
1121 { 1126 (struct GNUNET_TUN_IPv4Header *) &tun[1];
1122 char buf[size] GNUNET_ALIGN; 1127 struct GNUNET_TUN_UdpHeader *udp =
1123 struct GNUNET_MessageHeader *msg = (struct GNUNET_MessageHeader *) buf; 1128 (struct GNUNET_TUN_UdpHeader *) &ipv4[1];
1124 struct GNUNET_TUN_Layer2PacketHeader *tun = (struct GNUNET_TUN_Layer2PacketHeader*) &msg[1]; 1129 msg->type = htons (GNUNET_MESSAGE_TYPE_VPN_HELPER);
1125 struct GNUNET_TUN_IPv4Header *ipv4 = (struct GNUNET_TUN_IPv4Header *) &tun[1]; 1130 msg->size = htons (size);
1126 struct GNUNET_TUN_UdpHeader *udp = (struct GNUNET_TUN_UdpHeader *) &ipv4[1]; 1131 tun->flags = htons (0);
1127 msg->type = htons (GNUNET_MESSAGE_TYPE_VPN_HELPER); 1132 tun->proto = htons (ETH_P_IPV4);
1128 msg->size = htons (size); 1133 GNUNET_TUN_initialize_ipv4_header (ipv4,
1129 tun->flags = htons (0); 1134 IPPROTO_UDP,
1130 tun->proto = htons (ETH_P_IPV4); 1135 sizeof (struct GNUNET_TUN_UdpHeader) +
1131 GNUNET_TUN_initialize_ipv4_header (ipv4, 1136 mlen,
1132 IPPROTO_UDP, 1137 &ts->destination_ip.v4,
1133 sizeof (struct GNUNET_TUN_UdpHeader) + mlen, 1138 &ts->source_ip.v4);
1134 &ts->destination_ip.v4, 1139 if (0 == ntohs (reply->source_port))
1135 &ts->source_ip.v4); 1140 udp->source_port = htons (ts->destination_port);
1136 if (0 == ntohs (reply->source_port)) 1141 else
1137 udp->source_port = htons (ts->destination_port); 1142 udp->source_port = reply->source_port;
1138 else 1143 if (0 == ntohs (reply->destination_port))
1139 udp->source_port = reply->source_port; 1144 udp->destination_port = htons (ts->source_port);
1140 if (0 == ntohs (reply->destination_port)) 1145 else
1141 udp->destination_port = htons (ts->source_port); 1146 udp->destination_port = reply->destination_port;
1142 else 1147 udp->len = htons (mlen + sizeof (struct GNUNET_TUN_UdpHeader));
1143 udp->destination_port = reply->destination_port; 1148 GNUNET_TUN_calculate_udp4_checksum (ipv4, udp, &reply[1], mlen);
1144 udp->len = htons (mlen + sizeof (struct GNUNET_TUN_UdpHeader)); 1149 GNUNET_memcpy (&udp[1], &reply[1], mlen);
1145 GNUNET_TUN_calculate_udp4_checksum (ipv4, 1150 (void) GNUNET_HELPER_send (helper_handle, msg, GNUNET_YES, NULL, NULL);
1146 udp,
1147 &reply[1],
1148 mlen);
1149 GNUNET_memcpy (&udp[1],
1150 &reply[1],
1151 mlen);
1152 (void) GNUNET_HELPER_send (helper_handle,
1153 msg,
1154 GNUNET_YES,
1155 NULL, NULL);
1156 }
1157 } 1151 }
1158 break; 1152 }
1159 case AF_INET6: 1153 break;
1154 case AF_INET6: {
1155 size_t size = sizeof (struct GNUNET_TUN_IPv6Header) +
1156 sizeof (struct GNUNET_TUN_UdpHeader) +
1157 sizeof (struct GNUNET_MessageHeader) +
1158 sizeof (struct GNUNET_TUN_Layer2PacketHeader) + mlen;
1160 { 1159 {
1161 size_t size = sizeof (struct GNUNET_TUN_IPv6Header) 1160 char buf[size] GNUNET_ALIGN;
1162 + sizeof (struct GNUNET_TUN_UdpHeader) 1161 struct GNUNET_MessageHeader *msg = (struct GNUNET_MessageHeader *) buf;
1163 + sizeof (struct GNUNET_MessageHeader) + 1162 struct GNUNET_TUN_Layer2PacketHeader *tun =
1164 sizeof (struct GNUNET_TUN_Layer2PacketHeader) + 1163 (struct GNUNET_TUN_Layer2PacketHeader *) &msg[1];
1165 mlen; 1164 struct GNUNET_TUN_IPv6Header *ipv6 =
1166 { 1165 (struct GNUNET_TUN_IPv6Header *) &tun[1];
1167 char buf[size] GNUNET_ALIGN; 1166 struct GNUNET_TUN_UdpHeader *udp =
1168 struct GNUNET_MessageHeader *msg = (struct GNUNET_MessageHeader *) buf; 1167 (struct GNUNET_TUN_UdpHeader *) &ipv6[1];
1169 struct GNUNET_TUN_Layer2PacketHeader *tun = (struct GNUNET_TUN_Layer2PacketHeader*) &msg[1]; 1168 msg->type = htons (GNUNET_MESSAGE_TYPE_VPN_HELPER);
1170 struct GNUNET_TUN_IPv6Header *ipv6 = (struct GNUNET_TUN_IPv6Header *) &tun[1]; 1169 msg->size = htons (size);
1171 struct GNUNET_TUN_UdpHeader *udp = (struct GNUNET_TUN_UdpHeader *) &ipv6[1]; 1170 tun->flags = htons (0);
1172 msg->type = htons (GNUNET_MESSAGE_TYPE_VPN_HELPER); 1171 tun->proto = htons (ETH_P_IPV6);
1173 msg->size = htons (size); 1172 GNUNET_TUN_initialize_ipv6_header (ipv6,
1174 tun->flags = htons (0); 1173 IPPROTO_UDP,
1175 tun->proto = htons (ETH_P_IPV6); 1174 sizeof (struct GNUNET_TUN_UdpHeader) +
1176 GNUNET_TUN_initialize_ipv6_header (ipv6, 1175 mlen,
1177 IPPROTO_UDP, 1176 &ts->destination_ip.v6,
1178 sizeof (struct GNUNET_TUN_UdpHeader) + mlen, 1177 &ts->source_ip.v6);
1179 &ts->destination_ip.v6, 1178 if (0 == ntohs (reply->source_port))
1180 &ts->source_ip.v6); 1179 udp->source_port = htons (ts->destination_port);
1181 if (0 == ntohs (reply->source_port)) 1180 else
1182 udp->source_port = htons (ts->destination_port); 1181 udp->source_port = reply->source_port;
1183 else 1182 if (0 == ntohs (reply->destination_port))
1184 udp->source_port = reply->source_port; 1183 udp->destination_port = htons (ts->source_port);
1185 if (0 == ntohs (reply->destination_port)) 1184 else
1186 udp->destination_port = htons (ts->source_port); 1185 udp->destination_port = reply->destination_port;
1187 else 1186 udp->len = htons (mlen + sizeof (struct GNUNET_TUN_UdpHeader));
1188 udp->destination_port = reply->destination_port; 1187 GNUNET_TUN_calculate_udp6_checksum (ipv6, udp, &reply[1], mlen);
1189 udp->len = htons (mlen + sizeof (struct GNUNET_TUN_UdpHeader)); 1188 GNUNET_memcpy (&udp[1], &reply[1], mlen);
1190 GNUNET_TUN_calculate_udp6_checksum (ipv6, 1189 (void) GNUNET_HELPER_send (helper_handle, msg, GNUNET_YES, NULL, NULL);
1191 udp,
1192 &reply[1], mlen);
1193 GNUNET_memcpy (&udp[1],
1194 &reply[1],
1195 mlen);
1196 (void) GNUNET_HELPER_send (helper_handle,
1197 msg,
1198 GNUNET_YES,
1199 NULL, NULL);
1200 }
1201 } 1190 }
1202 break; 1191 }
1192 break;
1203 default: 1193 default:
1204 GNUNET_assert (0); 1194 GNUNET_assert (0);
1205 } 1195 }
1206 GNUNET_CONTAINER_heap_update_cost (ts->heap_node, 1196 GNUNET_CONTAINER_heap_update_cost (ts->heap_node,
1207 GNUNET_TIME_absolute_get ().abs_value_us); 1197 GNUNET_TIME_absolute_get ().abs_value_us);
1208 GNUNET_CADET_receive_done (ts->channel); 1198 GNUNET_CADET_receive_done (ts->channel);
1209} 1199}
1210 1200
@@ -1218,8 +1208,7 @@ handle_udp_back (void *cls,
1218 * #GNUNET_SYSERR to close it (signal serious error) 1208 * #GNUNET_SYSERR to close it (signal serious error)
1219 */ 1209 */
1220static int 1210static int
1221check_tcp_back (void *cls, 1211check_tcp_back (void *cls, const struct GNUNET_EXIT_TcpDataMessage *data)
1222 const struct GNUNET_EXIT_TcpDataMessage *data)
1223{ 1212{
1224 struct ChannelState *ts = cls; 1213 struct ChannelState *ts = cls;
1225 1214
@@ -1245,112 +1234,100 @@ check_tcp_back (void *cls,
1245 * @param data the actual message 1234 * @param data the actual message
1246 */ 1235 */
1247static void 1236static void
1248handle_tcp_back (void *cls, 1237handle_tcp_back (void *cls, const struct GNUNET_EXIT_TcpDataMessage *data)
1249 const struct GNUNET_EXIT_TcpDataMessage *data)
1250{ 1238{
1251 struct ChannelState *ts = cls; 1239 struct ChannelState *ts = cls;
1252 size_t mlen; 1240 size_t mlen;
1253 1241
1254 GNUNET_STATISTICS_update (stats, 1242 GNUNET_STATISTICS_update (stats,
1255 gettext_noop ("# TCP packets received from cadet"), 1243 gettext_noop ("# TCP packets received from cadet"),
1256 1, 1244 1,
1257 GNUNET_NO); 1245 GNUNET_NO);
1258 mlen = ntohs (data->header.size) - sizeof (struct GNUNET_EXIT_TcpDataMessage); 1246 mlen = ntohs (data->header.size) - sizeof (struct GNUNET_EXIT_TcpDataMessage);
1259 { 1247 {
1260 char sbuf[INET6_ADDRSTRLEN]; 1248 char sbuf[INET6_ADDRSTRLEN];
1261 char dbuf[INET6_ADDRSTRLEN]; 1249 char dbuf[INET6_ADDRSTRLEN];
1262 1250
1263 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 1251 GNUNET_log (
1264 "Received TCP reply from cadet, sending %u bytes from [%s]:%u -> [%s]:%u via TUN\n", 1252 GNUNET_ERROR_TYPE_DEBUG,
1265 (unsigned int) mlen, 1253 "Received TCP reply from cadet, sending %u bytes from [%s]:%u -> [%s]:%u via TUN\n",
1266 inet_ntop (ts->af, &ts->destination_ip, sbuf, sizeof (sbuf)), 1254 (unsigned int) mlen,
1267 ts->destination_port, 1255 inet_ntop (ts->af, &ts->destination_ip, sbuf, sizeof (sbuf)),
1268 inet_ntop (ts->af, &ts->source_ip, dbuf, sizeof (dbuf)), 1256 ts->destination_port,
1269 ts->source_port); 1257 inet_ntop (ts->af, &ts->source_ip, dbuf, sizeof (dbuf)),
1258 ts->source_port);
1270 } 1259 }
1271 switch (ts->af) 1260 switch (ts->af)
1272 { 1261 {
1273 case AF_INET: 1262 case AF_INET: {
1263 size_t size = sizeof (struct GNUNET_TUN_IPv4Header) +
1264 sizeof (struct GNUNET_TUN_TcpHeader) +
1265 sizeof (struct GNUNET_MessageHeader) +
1266 sizeof (struct GNUNET_TUN_Layer2PacketHeader) + mlen;
1274 { 1267 {
1275 size_t size = sizeof (struct GNUNET_TUN_IPv4Header) 1268 char buf[size] GNUNET_ALIGN;
1276 + sizeof (struct GNUNET_TUN_TcpHeader) 1269 struct GNUNET_MessageHeader *msg = (struct GNUNET_MessageHeader *) buf;
1277 + sizeof (struct GNUNET_MessageHeader) + 1270 struct GNUNET_TUN_Layer2PacketHeader *tun =
1278 sizeof (struct GNUNET_TUN_Layer2PacketHeader) + 1271 (struct GNUNET_TUN_Layer2PacketHeader *) &msg[1];
1279 mlen; 1272 struct GNUNET_TUN_IPv4Header *ipv4 =
1280 { 1273 (struct GNUNET_TUN_IPv4Header *) &tun[1];
1281 char buf[size] GNUNET_ALIGN; 1274 struct GNUNET_TUN_TcpHeader *tcp =
1282 struct GNUNET_MessageHeader *msg = (struct GNUNET_MessageHeader *) buf; 1275 (struct GNUNET_TUN_TcpHeader *) &ipv4[1];
1283 struct GNUNET_TUN_Layer2PacketHeader *tun = (struct GNUNET_TUN_Layer2PacketHeader*) &msg[1]; 1276 msg->type = htons (GNUNET_MESSAGE_TYPE_VPN_HELPER);
1284 struct GNUNET_TUN_IPv4Header *ipv4 = (struct GNUNET_TUN_IPv4Header *) &tun[1]; 1277 msg->size = htons (size);
1285 struct GNUNET_TUN_TcpHeader *tcp = (struct GNUNET_TUN_TcpHeader *) &ipv4[1]; 1278 tun->flags = htons (0);
1286 msg->type = htons (GNUNET_MESSAGE_TYPE_VPN_HELPER); 1279 tun->proto = htons (ETH_P_IPV4);
1287 msg->size = htons (size); 1280 GNUNET_TUN_initialize_ipv4_header (ipv4,
1288 tun->flags = htons (0); 1281 IPPROTO_TCP,
1289 tun->proto = htons (ETH_P_IPV4); 1282 sizeof (struct GNUNET_TUN_TcpHeader) +
1290 GNUNET_TUN_initialize_ipv4_header (ipv4, 1283 mlen,
1291 IPPROTO_TCP, 1284 &ts->destination_ip.v4,
1292 sizeof (struct GNUNET_TUN_TcpHeader) + mlen, 1285 &ts->source_ip.v4);
1293 &ts->destination_ip.v4, 1286 *tcp = data->tcp_header;
1294 &ts->source_ip.v4); 1287 tcp->source_port = htons (ts->destination_port);
1295 *tcp = data->tcp_header; 1288 tcp->destination_port = htons (ts->source_port);
1296 tcp->source_port = htons (ts->destination_port); 1289 GNUNET_TUN_calculate_tcp4_checksum (ipv4, tcp, &data[1], mlen);
1297 tcp->destination_port = htons (ts->source_port); 1290 GNUNET_memcpy (&tcp[1], &data[1], mlen);
1298 GNUNET_TUN_calculate_tcp4_checksum (ipv4, 1291 (void) GNUNET_HELPER_send (helper_handle, msg, GNUNET_YES, NULL, NULL);
1299 tcp,
1300 &data[1],
1301 mlen);
1302 GNUNET_memcpy (&tcp[1],
1303 &data[1],
1304 mlen);
1305 (void) GNUNET_HELPER_send (helper_handle,
1306 msg,
1307 GNUNET_YES,
1308 NULL, NULL);
1309 }
1310 } 1292 }
1311 break; 1293 }
1312 case AF_INET6: 1294 break;
1295 case AF_INET6: {
1296 size_t size = sizeof (struct GNUNET_TUN_IPv6Header) +
1297 sizeof (struct GNUNET_TUN_TcpHeader) +
1298 sizeof (struct GNUNET_MessageHeader) +
1299 sizeof (struct GNUNET_TUN_Layer2PacketHeader) + mlen;
1313 { 1300 {
1314 size_t size = sizeof (struct GNUNET_TUN_IPv6Header) 1301 char buf[size] GNUNET_ALIGN;
1315 + sizeof (struct GNUNET_TUN_TcpHeader) 1302 struct GNUNET_MessageHeader *msg = (struct GNUNET_MessageHeader *) buf;
1316 + sizeof (struct GNUNET_MessageHeader) + 1303 struct GNUNET_TUN_Layer2PacketHeader *tun =
1317 sizeof (struct GNUNET_TUN_Layer2PacketHeader) + 1304 (struct GNUNET_TUN_Layer2PacketHeader *) &msg[1];
1318 mlen; 1305 struct GNUNET_TUN_IPv6Header *ipv6 =
1319 { 1306 (struct GNUNET_TUN_IPv6Header *) &tun[1];
1320 char buf[size] GNUNET_ALIGN; 1307 struct GNUNET_TUN_TcpHeader *tcp =
1321 struct GNUNET_MessageHeader *msg = (struct GNUNET_MessageHeader *) buf; 1308 (struct GNUNET_TUN_TcpHeader *) &ipv6[1];
1322 struct GNUNET_TUN_Layer2PacketHeader *tun = (struct GNUNET_TUN_Layer2PacketHeader*) &msg[1]; 1309 msg->type = htons (GNUNET_MESSAGE_TYPE_VPN_HELPER);
1323 struct GNUNET_TUN_IPv6Header *ipv6 = (struct GNUNET_TUN_IPv6Header *) &tun[1]; 1310 msg->size = htons (size);
1324 struct GNUNET_TUN_TcpHeader *tcp = (struct GNUNET_TUN_TcpHeader *) &ipv6[1]; 1311 tun->flags = htons (0);
1325 msg->type = htons (GNUNET_MESSAGE_TYPE_VPN_HELPER); 1312 tun->proto = htons (ETH_P_IPV6);
1326 msg->size = htons (size); 1313 GNUNET_TUN_initialize_ipv6_header (ipv6,
1327 tun->flags = htons (0); 1314 IPPROTO_TCP,
1328 tun->proto = htons (ETH_P_IPV6); 1315 sizeof (struct GNUNET_TUN_TcpHeader) +
1329 GNUNET_TUN_initialize_ipv6_header (ipv6, 1316 mlen,
1330 IPPROTO_TCP, 1317 &ts->destination_ip.v6,
1331 sizeof (struct GNUNET_TUN_TcpHeader) + mlen, 1318 &ts->source_ip.v6);
1332 &ts->destination_ip.v6, 1319 *tcp = data->tcp_header;
1333 &ts->source_ip.v6); 1320 tcp->source_port = htons (ts->destination_port);
1334 *tcp = data->tcp_header; 1321 tcp->destination_port = htons (ts->source_port);
1335 tcp->source_port = htons (ts->destination_port); 1322 GNUNET_TUN_calculate_tcp6_checksum (ipv6, tcp, &data[1], mlen);
1336 tcp->destination_port = htons (ts->source_port); 1323 GNUNET_memcpy (&tcp[1], &data[1], mlen);
1337 GNUNET_TUN_calculate_tcp6_checksum (ipv6, 1324 (void) GNUNET_HELPER_send (helper_handle, msg, GNUNET_YES, NULL, NULL);
1338 tcp,
1339 &data[1],
1340 mlen);
1341 GNUNET_memcpy (&tcp[1],
1342 &data[1],
1343 mlen);
1344 (void) GNUNET_HELPER_send (helper_handle,
1345 msg,
1346 GNUNET_YES,
1347 NULL, NULL);
1348 }
1349 } 1325 }
1350 break; 1326 }
1327 break;
1351 } 1328 }
1352 GNUNET_CONTAINER_heap_update_cost (ts->heap_node, 1329 GNUNET_CONTAINER_heap_update_cost (ts->heap_node,
1353 GNUNET_TIME_absolute_get ().abs_value_us); 1330 GNUNET_TIME_absolute_get ().abs_value_us);
1354 GNUNET_CADET_receive_done (ts->channel); 1331 GNUNET_CADET_receive_done (ts->channel);
1355} 1332}
1356 1333
@@ -1368,27 +1345,25 @@ create_channel (struct ChannelState *ts,
1368 const struct GNUNET_PeerIdentity *target, 1345 const struct GNUNET_PeerIdentity *target,
1369 const struct GNUNET_HashCode *port) 1346 const struct GNUNET_HashCode *port)
1370{ 1347{
1371 struct GNUNET_MQ_MessageHandler cadet_handlers[] = { 1348 struct GNUNET_MQ_MessageHandler cadet_handlers[] =
1372 GNUNET_MQ_hd_var_size (udp_back, 1349 {GNUNET_MQ_hd_var_size (udp_back,
1373 GNUNET_MESSAGE_TYPE_VPN_UDP_REPLY, 1350 GNUNET_MESSAGE_TYPE_VPN_UDP_REPLY,
1374 struct GNUNET_EXIT_UdpReplyMessage, 1351 struct GNUNET_EXIT_UdpReplyMessage,
1375 ts), 1352 ts),
1376 GNUNET_MQ_hd_var_size (tcp_back, 1353 GNUNET_MQ_hd_var_size (tcp_back,
1377 GNUNET_MESSAGE_TYPE_VPN_TCP_DATA_TO_VPN, 1354 GNUNET_MESSAGE_TYPE_VPN_TCP_DATA_TO_VPN,
1378 struct GNUNET_EXIT_TcpDataMessage, 1355 struct GNUNET_EXIT_TcpDataMessage,
1379 ts), 1356 ts),
1380 GNUNET_MQ_hd_var_size (icmp_back, 1357 GNUNET_MQ_hd_var_size (icmp_back,
1381 GNUNET_MESSAGE_TYPE_VPN_ICMP_TO_VPN, 1358 GNUNET_MESSAGE_TYPE_VPN_ICMP_TO_VPN,
1382 struct GNUNET_EXIT_IcmpToVPNMessage, 1359 struct GNUNET_EXIT_IcmpToVPNMessage,
1383 ts), 1360 ts),
1384 GNUNET_MQ_handler_end() 1361 GNUNET_MQ_handler_end ()};
1385 };
1386 1362
1387 return GNUNET_CADET_channel_create (cadet_handle, 1363 return GNUNET_CADET_channel_create (cadet_handle,
1388 ts, 1364 ts,
1389 target, 1365 target,
1390 port, 1366 port,
1391 GNUNET_CADET_OPTION_DEFAULT,
1392 NULL, 1367 NULL,
1393 &channel_cleaner, 1368 &channel_cleaner,
1394 cadet_handlers); 1369 cadet_handlers);
@@ -1407,11 +1382,11 @@ create_channel (struct ChannelState *ts,
1407 */ 1382 */
1408static void 1383static void
1409handle_regex_result (void *cls, 1384handle_regex_result (void *cls,
1410 const struct GNUNET_PeerIdentity *id, 1385 const struct GNUNET_PeerIdentity *id,
1411 const struct GNUNET_PeerIdentity *get_path, 1386 const struct GNUNET_PeerIdentity *get_path,
1412 unsigned int get_path_length, 1387 unsigned int get_path_length,
1413 const struct GNUNET_PeerIdentity *put_path, 1388 const struct GNUNET_PeerIdentity *put_path,
1414 unsigned int put_path_length) 1389 unsigned int put_path_length)
1415{ 1390{
1416 struct ChannelState *ts = cls; 1391 struct ChannelState *ts = cls;
1417 struct GNUNET_HashCode port; 1392 struct GNUNET_HashCode port;
@@ -1444,9 +1419,7 @@ handle_regex_result (void *cls,
1444 "Creating tunnel to %s for destination %s!\n", 1419 "Creating tunnel to %s for destination %s!\n",
1445 GNUNET_i2s (id), 1420 GNUNET_i2s (id),
1446 print_channel_destination (&ts->destination)); 1421 print_channel_destination (&ts->destination));
1447 ts->channel = create_channel (ts, 1422 ts->channel = create_channel (ts, id, &port);
1448 id,
1449 &port);
1450} 1423}
1451 1424
1452 1425
@@ -1458,14 +1431,13 @@ handle_regex_result (void *cls,
1458 * @return channel state of the channel that was created 1431 * @return channel state of the channel that was created
1459 */ 1432 */
1460static struct ChannelState * 1433static struct ChannelState *
1461create_channel_to_destination (struct DestinationChannel *dt, 1434create_channel_to_destination (struct DestinationChannel *dt, int client_af)
1462 int client_af)
1463{ 1435{
1464 struct ChannelState *ts; 1436 struct ChannelState *ts;
1465 1437
1466 GNUNET_STATISTICS_update (stats, 1438 GNUNET_STATISTICS_update (stats,
1467 gettext_noop ("# Cadet channels created"), 1439 gettext_noop ("# Cadet channels created"),
1468 1, 1440 1,
1469 GNUNET_NO); 1441 GNUNET_NO);
1470 ts = GNUNET_new (struct ChannelState); 1442 ts = GNUNET_new (struct ChannelState);
1471 ts->af = client_af; 1443 ts->af = client_af;
@@ -1476,12 +1448,15 @@ create_channel_to_destination (struct DestinationChannel *dt,
1476 { 1448 {
1477 struct GNUNET_HashCode cadet_port; 1449 struct GNUNET_HashCode cadet_port;
1478 1450
1479 GNUNET_TUN_compute_service_cadet_port (&ts->destination.details.service_destination.service_descriptor, 1451 GNUNET_TUN_compute_service_cadet_port (&ts->destination.details
1452 .service_destination
1453 .service_descriptor,
1480 ts->destination_port, 1454 ts->destination_port,
1481 &cadet_port); 1455 &cadet_port);
1482 ts->channel = create_channel (ts, 1456 ts->channel =
1483 &dt->destination->details.service_destination.target, 1457 create_channel (ts,
1484 &cadet_port); 1458 &dt->destination->details.service_destination.target,
1459 &cadet_port);
1485 1460
1486 if (NULL == ts->channel) 1461 if (NULL == ts->channel)
1487 { 1462 {
@@ -1490,9 +1465,11 @@ create_channel_to_destination (struct DestinationChannel *dt,
1490 return NULL; 1465 return NULL;
1491 } 1466 }
1492 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 1467 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1493 "Creating channel to peer %s offering service %s on port %u\n", 1468 "Creating channel to peer %s offering service %s on port %u\n",
1494 GNUNET_i2s (&dt->destination->details.service_destination.target), 1469 GNUNET_i2s (
1495 GNUNET_h2s (&ts->destination.details.service_destination.service_descriptor), 1470 &dt->destination->details.service_destination.target),
1471 GNUNET_h2s (&ts->destination.details.service_destination
1472 .service_descriptor),
1496 (unsigned int) ts->destination_port); 1473 (unsigned int) ts->destination_port);
1497 } 1474 }
1498 else 1475 else
@@ -1501,25 +1478,25 @@ create_channel_to_destination (struct DestinationChannel *dt,
1501 1478
1502 switch (dt->destination->details.exit_destination.af) 1479 switch (dt->destination->details.exit_destination.af)
1503 { 1480 {
1504 case AF_INET: 1481 case AF_INET: {
1505 {
1506 char address[GNUNET_TUN_IPV4_REGEXLEN]; 1482 char address[GNUNET_TUN_IPV4_REGEXLEN];
1507 1483
1508 GNUNET_TUN_ipv4toregexsearch (&dt->destination->details.exit_destination.ip.v4, 1484 GNUNET_TUN_ipv4toregexsearch (&dt->destination->details.exit_destination
1509 dt->destination_port, 1485 .ip.v4,
1510 address); 1486 dt->destination_port,
1487 address);
1511 GNUNET_asprintf (&policy, 1488 GNUNET_asprintf (&policy,
1512 "%s%s", 1489 "%s%s",
1513 GNUNET_APPLICATION_TYPE_EXIT_REGEX_PREFIX, 1490 GNUNET_APPLICATION_TYPE_EXIT_REGEX_PREFIX,
1514 address); 1491 address);
1515 break; 1492 break;
1516 } 1493 }
1517 case AF_INET6: 1494 case AF_INET6: {
1518 {
1519 char address[GNUNET_TUN_IPV6_REGEXLEN]; 1495 char address[GNUNET_TUN_IPV6_REGEXLEN];
1520 1496
1521 GNUNET_TUN_ipv6toregexsearch (&dt->destination->details.exit_destination.ip.v6, 1497 GNUNET_TUN_ipv6toregexsearch (&dt->destination->details.exit_destination
1522 dt->destination_port, 1498 .ip.v6,
1499 dt->destination_port,
1523 address); 1500 address);
1524 GNUNET_asprintf (&policy, 1501 GNUNET_asprintf (&policy,
1525 "%s%s", 1502 "%s%s",
@@ -1533,12 +1510,9 @@ create_channel_to_destination (struct DestinationChannel *dt,
1533 } 1510 }
1534 1511
1535 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 1512 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1536 "Requesting connect by string: %s\n", 1513 "Requesting connect by string: %s\n",
1537 policy); 1514 policy);
1538 ts->search = GNUNET_REGEX_search (cfg, 1515 ts->search = GNUNET_REGEX_search (cfg, policy, &handle_regex_result, ts);
1539 policy,
1540 &handle_regex_result,
1541 ts);
1542 GNUNET_free (policy); 1516 GNUNET_free (policy);
1543 } 1517 }
1544 return ts; 1518 return ts;
@@ -1579,12 +1553,12 @@ expire_channel (struct ChannelState *except)
1579 */ 1553 */
1580static void 1554static void
1581route_packet (struct DestinationEntry *destination, 1555route_packet (struct DestinationEntry *destination,
1582 int af, 1556 int af,
1583 uint8_t protocol, 1557 uint8_t protocol,
1584 const void *source_ip, 1558 const void *source_ip,
1585 const void *destination_ip, 1559 const void *destination_ip,
1586 const void *payload, 1560 const void *payload,
1587 size_t payload_length) 1561 size_t payload_length)
1588{ 1562{
1589 struct GNUNET_HashCode key; 1563 struct GNUNET_HashCode key;
1590 struct ChannelState *ts; 1564 struct ChannelState *ts;
@@ -1600,92 +1574,89 @@ route_packet (struct DestinationEntry *destination,
1600 1574
1601 switch (protocol) 1575 switch (protocol)
1602 { 1576 {
1603 case IPPROTO_UDP: 1577 case IPPROTO_UDP: {
1578 if (payload_length < sizeof (struct GNUNET_TUN_UdpHeader))
1604 { 1579 {
1605 if (payload_length < sizeof (struct GNUNET_TUN_UdpHeader)) 1580 /* blame kernel? */
1606 { 1581 GNUNET_break (0);
1607 /* blame kernel? */ 1582 return;
1608 GNUNET_break (0);
1609 return;
1610 }
1611 tcp = NULL; /* make compiler happy */
1612 icmp = NULL; /* make compiler happy */
1613 udp = payload;
1614 if (udp->len < sizeof (struct GNUNET_TUN_UdpHeader))
1615 {
1616 GNUNET_break_op (0);
1617 return;
1618 }
1619 source_port = ntohs (udp->source_port);
1620 destination_port = ntohs (udp->destination_port);
1621 get_channel_key_from_ips (af,
1622 IPPROTO_UDP,
1623 source_ip,
1624 source_port,
1625 destination_ip,
1626 destination_port,
1627 &key);
1628 } 1583 }
1629 break; 1584 tcp = NULL; /* make compiler happy */
1630 case IPPROTO_TCP: 1585 icmp = NULL; /* make compiler happy */
1586 udp = payload;
1587 if (udp->len < sizeof (struct GNUNET_TUN_UdpHeader))
1631 { 1588 {
1632 if (payload_length < sizeof (struct GNUNET_TUN_TcpHeader)) 1589 GNUNET_break_op (0);
1633 { 1590 return;
1634 /* blame kernel? */
1635 GNUNET_break (0);
1636 return;
1637 }
1638 udp = NULL; /* make compiler happy */
1639 icmp = NULL; /* make compiler happy */
1640 tcp = payload;
1641 if (tcp->off * 4 < sizeof (struct GNUNET_TUN_TcpHeader))
1642 {
1643 GNUNET_break_op (0);
1644 return;
1645 }
1646 source_port = ntohs (tcp->source_port);
1647 destination_port = ntohs (tcp->destination_port);
1648 get_channel_key_from_ips (af,
1649 IPPROTO_TCP,
1650 source_ip,
1651 source_port,
1652 destination_ip,
1653 destination_port,
1654 &key);
1655 } 1591 }
1656 break; 1592 source_port = ntohs (udp->source_port);
1593 destination_port = ntohs (udp->destination_port);
1594 get_channel_key_from_ips (af,
1595 IPPROTO_UDP,
1596 source_ip,
1597 source_port,
1598 destination_ip,
1599 destination_port,
1600 &key);
1601 }
1602 break;
1603 case IPPROTO_TCP: {
1604 if (payload_length < sizeof (struct GNUNET_TUN_TcpHeader))
1605 {
1606 /* blame kernel? */
1607 GNUNET_break (0);
1608 return;
1609 }
1610 udp = NULL; /* make compiler happy */
1611 icmp = NULL; /* make compiler happy */
1612 tcp = payload;
1613 if (tcp->off * 4 < sizeof (struct GNUNET_TUN_TcpHeader))
1614 {
1615 GNUNET_break_op (0);
1616 return;
1617 }
1618 source_port = ntohs (tcp->source_port);
1619 destination_port = ntohs (tcp->destination_port);
1620 get_channel_key_from_ips (af,
1621 IPPROTO_TCP,
1622 source_ip,
1623 source_port,
1624 destination_ip,
1625 destination_port,
1626 &key);
1627 }
1628 break;
1657 case IPPROTO_ICMP: 1629 case IPPROTO_ICMP:
1658 case IPPROTO_ICMPV6: 1630 case IPPROTO_ICMPV6: {
1631 if ((AF_INET == af) ^ (protocol == IPPROTO_ICMP))
1659 { 1632 {
1660 if ( (AF_INET == af) ^ (protocol == IPPROTO_ICMP) ) 1633 GNUNET_break (0);
1661 { 1634 return;
1662 GNUNET_break (0);
1663 return;
1664 }
1665 if (payload_length < sizeof (struct GNUNET_TUN_IcmpHeader))
1666 {
1667 /* blame kernel? */
1668 GNUNET_break (0);
1669 return;
1670 }
1671 tcp = NULL; /* make compiler happy */
1672 udp = NULL; /* make compiler happy */
1673 icmp = payload;
1674 source_port = 0;
1675 destination_port = 0;
1676 get_channel_key_from_ips (af,
1677 protocol,
1678 source_ip,
1679 0,
1680 destination_ip,
1681 0,
1682 &key);
1683 } 1635 }
1684 break; 1636 if (payload_length < sizeof (struct GNUNET_TUN_IcmpHeader))
1637 {
1638 /* blame kernel? */
1639 GNUNET_break (0);
1640 return;
1641 }
1642 tcp = NULL; /* make compiler happy */
1643 udp = NULL; /* make compiler happy */
1644 icmp = payload;
1645 source_port = 0;
1646 destination_port = 0;
1647 get_channel_key_from_ips (af,
1648 protocol,
1649 source_ip,
1650 0,
1651 destination_ip,
1652 0,
1653 &key);
1654 }
1655 break;
1685 default: 1656 default:
1686 GNUNET_log (GNUNET_ERROR_TYPE_INFO, 1657 GNUNET_log (GNUNET_ERROR_TYPE_INFO,
1687 _("Protocol %u not supported, dropping\n"), 1658 _ ("Protocol %u not supported, dropping\n"),
1688 (unsigned int) protocol); 1659 (unsigned int) protocol);
1689 return; 1660 return;
1690 } 1661 }
1691 alen = 0; 1662 alen = 0;
@@ -1695,7 +1666,7 @@ route_packet (struct DestinationEntry *destination,
1695 { 1666 {
1696 case AF_INET: 1667 case AF_INET:
1697 alen = sizeof (struct in_addr); 1668 alen = sizeof (struct in_addr);
1698 break; 1669 break;
1699 case AF_INET6: 1670 case AF_INET6:
1700 alen = sizeof (struct in6_addr); 1671 alen = sizeof (struct in6_addr);
1701 break; 1672 break;
@@ -1708,27 +1679,23 @@ route_packet (struct DestinationEntry *destination,
1708 char dbuf[INET6_ADDRSTRLEN]; 1679 char dbuf[INET6_ADDRSTRLEN];
1709 char xbuf[INET6_ADDRSTRLEN]; 1680 char xbuf[INET6_ADDRSTRLEN];
1710 1681
1711 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 1682 GNUNET_log (
1712 "Routing %s packet from [%s]:%u -> [%s]:%u to destination [%s]:%u\n", 1683 GNUNET_ERROR_TYPE_DEBUG,
1713 (protocol == IPPROTO_TCP) ? "TCP" : "UDP", 1684 "Routing %s packet from [%s]:%u -> [%s]:%u to destination [%s]:%u\n",
1714 inet_ntop (af, 1685 (protocol == IPPROTO_TCP) ? "TCP" : "UDP",
1715 source_ip, 1686 inet_ntop (af, source_ip, sbuf, sizeof (sbuf)),
1716 sbuf, 1687 source_port,
1717 sizeof (sbuf)), 1688 inet_ntop (af, destination_ip, dbuf, sizeof (dbuf)),
1718 source_port, 1689 destination_port,
1719 inet_ntop (af, 1690 inet_ntop (destination->details.exit_destination.af,
1720 destination_ip, 1691 &destination->details.exit_destination.ip,
1721 dbuf, 1692 xbuf,
1722 sizeof (dbuf)), 1693 sizeof (xbuf)),
1723 destination_port, 1694 destination_port);
1724 inet_ntop (destination->details.exit_destination.af,
1725 &destination->details.exit_destination.ip,
1726 xbuf, sizeof (xbuf)),
1727 destination_port);
1728 } 1695 }
1729 for (dt = destination->dt_head; NULL != dt; dt = dt->next) 1696 for (dt = destination->dt_head; NULL != dt; dt = dt->next)
1730 if (dt->destination_port == destination_port) 1697 if (dt->destination_port == destination_port)
1731 break; 1698 break;
1732 } 1699 }
1733 else 1700 else
1734 { 1701 {
@@ -1736,39 +1703,34 @@ route_packet (struct DestinationEntry *destination,
1736 char sbuf[INET6_ADDRSTRLEN]; 1703 char sbuf[INET6_ADDRSTRLEN];
1737 char dbuf[INET6_ADDRSTRLEN]; 1704 char dbuf[INET6_ADDRSTRLEN];
1738 1705
1739 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 1706 GNUNET_log (
1740 "Routing %s packet from [%s]:%u -> [%s]:%u to service %s at peer %s\n", 1707 GNUNET_ERROR_TYPE_DEBUG,
1741 (protocol == IPPROTO_TCP) ? "TCP" : "UDP", 1708 "Routing %s packet from [%s]:%u -> [%s]:%u to service %s at peer %s\n",
1742 inet_ntop (af, 1709 (protocol == IPPROTO_TCP) ? "TCP" : "UDP",
1743 source_ip, 1710 inet_ntop (af, source_ip, sbuf, sizeof (sbuf)),
1744 sbuf, 1711 source_port,
1745 sizeof (sbuf)), 1712 inet_ntop (af, destination_ip, dbuf, sizeof (dbuf)),
1746 source_port, 1713 destination_port,
1747 inet_ntop (af, 1714 GNUNET_h2s (
1748 destination_ip, 1715 &destination->details.service_destination.service_descriptor),
1749 dbuf, 1716 GNUNET_i2s (&destination->details.service_destination.target));
1750 sizeof (dbuf)),
1751 destination_port,
1752 GNUNET_h2s (&destination->details.service_destination.service_descriptor),
1753 GNUNET_i2s (&destination->details.service_destination.target));
1754 } 1717 }
1755 for (dt = destination->dt_head; NULL != dt; dt = dt->next) 1718 for (dt = destination->dt_head; NULL != dt; dt = dt->next)
1756 if (dt->destination_port == destination_port) 1719 if (dt->destination_port == destination_port)
1757 break; 1720 break;
1758 } 1721 }
1759 if (NULL == dt) 1722 if (NULL == dt)
1760 { 1723 {
1761 dt = GNUNET_new (struct DestinationChannel); 1724 dt = GNUNET_new (struct DestinationChannel);
1762 dt->destination = destination; 1725 dt->destination = destination;
1763 GNUNET_CONTAINER_DLL_insert (destination->dt_head, 1726 GNUNET_CONTAINER_DLL_insert (destination->dt_head,
1764 destination->dt_tail, 1727 destination->dt_tail,
1765 dt); 1728 dt);
1766 dt->destination_port = destination_port; 1729 dt->destination_port = destination_port;
1767 } 1730 }
1768 1731
1769 /* see if we have an existing channel for this destination */ 1732 /* see if we have an existing channel for this destination */
1770 ts = GNUNET_CONTAINER_multihashmap_get (channel_map, 1733 ts = GNUNET_CONTAINER_multihashmap_get (channel_map, &key);
1771 &key);
1772 if (NULL == ts) 1734 if (NULL == ts)
1773 { 1735 {
1774 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 1736 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
@@ -1776,8 +1738,7 @@ route_packet (struct DestinationEntry *destination,
1776 GNUNET_h2s (&key)); 1738 GNUNET_h2s (&key));
1777 /* need to either use the existing channel from the destination (if still 1739 /* need to either use the existing channel from the destination (if still
1778 available) or create a fresh one */ 1740 available) or create a fresh one */
1779 ts = create_channel_to_destination (dt, 1741 ts = create_channel_to_destination (dt, af);
1780 af);
1781 if (NULL == ts) 1742 if (NULL == ts)
1782 return; 1743 return;
1783 /* now bind existing "unbound" channel to our IP/port tuple */ 1744 /* now bind existing "unbound" channel to our IP/port tuple */
@@ -1785,46 +1746,51 @@ route_packet (struct DestinationEntry *destination,
1785 ts->af = af; 1746 ts->af = af;
1786 if (AF_INET == af) 1747 if (AF_INET == af)
1787 { 1748 {
1788 ts->source_ip.v4 = * (const struct in_addr *) source_ip; 1749 ts->source_ip.v4 = *(const struct in_addr *) source_ip;
1789 ts->destination_ip.v4 = * (const struct in_addr *) destination_ip; 1750 ts->destination_ip.v4 = *(const struct in_addr *) destination_ip;
1790 } 1751 }
1791 else 1752 else
1792 { 1753 {
1793 ts->source_ip.v6 = * (const struct in6_addr *) source_ip; 1754 ts->source_ip.v6 = *(const struct in6_addr *) source_ip;
1794 ts->destination_ip.v6 = * (const struct in6_addr *) destination_ip; 1755 ts->destination_ip.v6 = *(const struct in6_addr *) destination_ip;
1795 } 1756 }
1796 ts->source_port = source_port; 1757 ts->source_port = source_port;
1797 ts->destination_port = destination_port; 1758 ts->destination_port = destination_port;
1798 ts->heap_node = GNUNET_CONTAINER_heap_insert (channel_heap, 1759 ts->heap_node =
1799 ts, 1760 GNUNET_CONTAINER_heap_insert (channel_heap,
1800 GNUNET_TIME_absolute_get ().abs_value_us); 1761 ts,
1762 GNUNET_TIME_absolute_get ().abs_value_us);
1801 GNUNET_assert (GNUNET_YES == 1763 GNUNET_assert (GNUNET_YES ==
1802 GNUNET_CONTAINER_multihashmap_put (channel_map, 1764 GNUNET_CONTAINER_multihashmap_put (
1803 &key, 1765 channel_map,
1804 ts, 1766 &key,
1805 GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY)); 1767 ts,
1768 GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY));
1806 GNUNET_STATISTICS_update (stats, 1769 GNUNET_STATISTICS_update (stats,
1807 gettext_noop ("# Active channels"), 1770 gettext_noop ("# Active channels"),
1808 1, GNUNET_NO); 1771 1,
1809 while (GNUNET_CONTAINER_multihashmap_size (channel_map) > max_channel_mappings) 1772 GNUNET_NO);
1773 while (GNUNET_CONTAINER_multihashmap_size (channel_map) >
1774 max_channel_mappings)
1810 expire_channel (ts); 1775 expire_channel (ts);
1811 } 1776 }
1812 else 1777 else
1813 { 1778 {
1814 GNUNET_CONTAINER_heap_update_cost (ts->heap_node, 1779 GNUNET_CONTAINER_heap_update_cost (ts->heap_node,
1815 GNUNET_TIME_absolute_get ().abs_value_us); 1780 GNUNET_TIME_absolute_get ()
1781 .abs_value_us);
1816 } 1782 }
1817 if (NULL == ts->channel) 1783 if (NULL == ts->channel)
1818 { 1784 {
1819 GNUNET_log (GNUNET_ERROR_TYPE_WARNING, 1785 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
1820 "Packet dropped, channel to %s not yet ready (%s)\n", 1786 "Packet dropped, channel to %s not yet ready (%s)\n",
1821 print_channel_destination (&ts->destination), 1787 print_channel_destination (&ts->destination),
1822 (NULL == ts->search) 1788 (NULL == ts->search) ? "EXIT search failed"
1823 ? "EXIT search failed" 1789 : "EXIT search active");
1824 : "EXIT search active");
1825 GNUNET_STATISTICS_update (stats, 1790 GNUNET_STATISTICS_update (stats,
1826 gettext_noop ("# Packets dropped (channel not yet online)"), 1791 gettext_noop (
1827 1, 1792 "# Packets dropped (channel not yet online)"),
1793 1,
1828 GNUNET_NO); 1794 GNUNET_NO);
1829 return; 1795 return;
1830 } 1796 }
@@ -1837,19 +1803,21 @@ route_packet (struct DestinationEntry *destination,
1837 { 1803 {
1838 struct GNUNET_EXIT_UdpServiceMessage *usm; 1804 struct GNUNET_EXIT_UdpServiceMessage *usm;
1839 1805
1840 mlen = sizeof (struct GNUNET_EXIT_UdpServiceMessage) + 1806 mlen = sizeof (struct GNUNET_EXIT_UdpServiceMessage) + payload_length -
1841 payload_length - sizeof (struct GNUNET_TUN_UdpHeader); 1807 sizeof (struct GNUNET_TUN_UdpHeader);
1842 if (mlen >= GNUNET_MAX_MESSAGE_SIZE) 1808 if (mlen >= GNUNET_MAX_MESSAGE_SIZE)
1843 { 1809 {
1844 GNUNET_break (0); 1810 GNUNET_break (0);
1845 return; 1811 return;
1846 } 1812 }
1847 env = GNUNET_MQ_msg_extra (usm, 1813 env = GNUNET_MQ_msg_extra (usm,
1848 payload_length - sizeof (struct GNUNET_TUN_UdpHeader), 1814 payload_length -
1815 sizeof (struct GNUNET_TUN_UdpHeader),
1849 GNUNET_MESSAGE_TYPE_VPN_UDP_TO_SERVICE); 1816 GNUNET_MESSAGE_TYPE_VPN_UDP_TO_SERVICE);
1850 /* if the source port is below 32000, we assume it has a special 1817 /* if the source port is below 32000, we assume it has a special
1851 meaning; if not, we pick a random port (this is a heuristic) */ 1818 meaning; if not, we pick a random port (this is a heuristic) */
1852 usm->source_port = (ntohs (udp->source_port) < 32000) ? udp->source_port : 0; 1819 usm->source_port =
1820 (ntohs (udp->source_port) < 32000) ? udp->source_port : 0;
1853 usm->destination_port = udp->destination_port; 1821 usm->destination_port = udp->destination_port;
1854 GNUNET_memcpy (&usm[1], 1822 GNUNET_memcpy (&usm[1],
1855 &udp[1], 1823 &udp[1],
@@ -1862,33 +1830,35 @@ route_packet (struct DestinationEntry *destination,
1862 struct in6_addr *ip6dst; 1830 struct in6_addr *ip6dst;
1863 void *payload; 1831 void *payload;
1864 1832
1865 mlen = sizeof (struct GNUNET_EXIT_UdpInternetMessage) + 1833 mlen = sizeof (struct GNUNET_EXIT_UdpInternetMessage) + alen +
1866 alen + payload_length - sizeof (struct GNUNET_TUN_UdpHeader); 1834 payload_length - sizeof (struct GNUNET_TUN_UdpHeader);
1867 if (mlen >= GNUNET_MAX_MESSAGE_SIZE) 1835 if (mlen >= GNUNET_MAX_MESSAGE_SIZE)
1868 { 1836 {
1869 GNUNET_break (0); 1837 GNUNET_break (0);
1870 return; 1838 return;
1871 } 1839 }
1872 env = GNUNET_MQ_msg_extra (uim, 1840 env = GNUNET_MQ_msg_extra (uim,
1873 payload_length + alen - sizeof (struct GNUNET_TUN_UdpHeader), 1841 payload_length + alen -
1842 sizeof (struct GNUNET_TUN_UdpHeader),
1874 GNUNET_MESSAGE_TYPE_VPN_UDP_TO_INTERNET); 1843 GNUNET_MESSAGE_TYPE_VPN_UDP_TO_INTERNET);
1875 uim->af = htonl (destination->details.exit_destination.af); 1844 uim->af = htonl (destination->details.exit_destination.af);
1876 uim->source_port = (ntohs (udp->source_port) < 32000) ? udp->source_port : 0; 1845 uim->source_port =
1846 (ntohs (udp->source_port) < 32000) ? udp->source_port : 0;
1877 uim->destination_port = udp->destination_port; 1847 uim->destination_port = udp->destination_port;
1878 switch (destination->details.exit_destination.af) 1848 switch (destination->details.exit_destination.af)
1879 { 1849 {
1880 case AF_INET: 1850 case AF_INET:
1881 ip4dst = (struct in_addr *) &uim[1]; 1851 ip4dst = (struct in_addr *) &uim[1];
1882 *ip4dst = destination->details.exit_destination.ip.v4; 1852 *ip4dst = destination->details.exit_destination.ip.v4;
1883 payload = &ip4dst[1]; 1853 payload = &ip4dst[1];
1884 break; 1854 break;
1885 case AF_INET6: 1855 case AF_INET6:
1886 ip6dst = (struct in6_addr *) &uim[1]; 1856 ip6dst = (struct in6_addr *) &uim[1];
1887 *ip6dst = destination->details.exit_destination.ip.v6; 1857 *ip6dst = destination->details.exit_destination.ip.v6;
1888 payload = &ip6dst[1]; 1858 payload = &ip6dst[1];
1889 break; 1859 break;
1890 default: 1860 default:
1891 GNUNET_assert (0); 1861 GNUNET_assert (0);
1892 } 1862 }
1893 GNUNET_memcpy (payload, 1863 GNUNET_memcpy (payload,
1894 &udp[1], 1864 &udp[1],
@@ -1900,59 +1870,63 @@ route_packet (struct DestinationEntry *destination,
1900 { 1870 {
1901 if (destination->is_service) 1871 if (destination->is_service)
1902 { 1872 {
1903 struct GNUNET_EXIT_TcpServiceStartMessage *tsm; 1873 struct GNUNET_EXIT_TcpServiceStartMessage *tsm;
1904 1874
1905 mlen = sizeof (struct GNUNET_EXIT_TcpServiceStartMessage) + 1875 mlen = sizeof (struct GNUNET_EXIT_TcpServiceStartMessage) +
1906 payload_length - sizeof (struct GNUNET_TUN_TcpHeader); 1876 payload_length - sizeof (struct GNUNET_TUN_TcpHeader);
1907 if (mlen >= GNUNET_MAX_MESSAGE_SIZE) 1877 if (mlen >= GNUNET_MAX_MESSAGE_SIZE)
1908 { 1878 {
1909 GNUNET_break (0); 1879 GNUNET_break (0);
1910 return; 1880 return;
1911 } 1881 }
1912 env = GNUNET_MQ_msg_extra (tsm, 1882 env =
1913 payload_length - sizeof (struct GNUNET_TUN_TcpHeader), 1883 GNUNET_MQ_msg_extra (tsm,
1914 GNUNET_MESSAGE_TYPE_VPN_TCP_TO_SERVICE_START); 1884 payload_length -
1915 tsm->reserved = htonl (0); 1885 sizeof (struct GNUNET_TUN_TcpHeader),
1916 tsm->tcp_header = *tcp; 1886 GNUNET_MESSAGE_TYPE_VPN_TCP_TO_SERVICE_START);
1917 GNUNET_memcpy (&tsm[1], 1887 tsm->reserved = htonl (0);
1888 tsm->tcp_header = *tcp;
1889 GNUNET_memcpy (&tsm[1],
1918 &tcp[1], 1890 &tcp[1],
1919 payload_length - sizeof (struct GNUNET_TUN_TcpHeader)); 1891 payload_length - sizeof (struct GNUNET_TUN_TcpHeader));
1920 } 1892 }
1921 else 1893 else
1922 { 1894 {
1923 struct GNUNET_EXIT_TcpInternetStartMessage *tim; 1895 struct GNUNET_EXIT_TcpInternetStartMessage *tim;
1924 struct in_addr *ip4dst; 1896 struct in_addr *ip4dst;
1925 struct in6_addr *ip6dst; 1897 struct in6_addr *ip6dst;
1926 void *payload; 1898 void *payload;
1927 1899
1928 mlen = sizeof (struct GNUNET_EXIT_TcpInternetStartMessage) + 1900 mlen = sizeof (struct GNUNET_EXIT_TcpInternetStartMessage) + alen +
1929 alen + payload_length - sizeof (struct GNUNET_TUN_TcpHeader); 1901 payload_length - sizeof (struct GNUNET_TUN_TcpHeader);
1930 if (mlen >= GNUNET_MAX_MESSAGE_SIZE) 1902 if (mlen >= GNUNET_MAX_MESSAGE_SIZE)
1931 { 1903 {
1932 GNUNET_break (0); 1904 GNUNET_break (0);
1933 return; 1905 return;
1934 } 1906 }
1935 env = GNUNET_MQ_msg_extra (tim, 1907 env =
1936 payload_length + alen - sizeof (struct GNUNET_TUN_TcpHeader), 1908 GNUNET_MQ_msg_extra (tim,
1937 GNUNET_MESSAGE_TYPE_VPN_TCP_TO_INTERNET_START); 1909 payload_length + alen -
1938 tim->af = htonl (destination->details.exit_destination.af); 1910 sizeof (struct GNUNET_TUN_TcpHeader),
1939 tim->tcp_header = *tcp; 1911 GNUNET_MESSAGE_TYPE_VPN_TCP_TO_INTERNET_START);
1940 switch (destination->details.exit_destination.af) 1912 tim->af = htonl (destination->details.exit_destination.af);
1941 { 1913 tim->tcp_header = *tcp;
1942 case AF_INET: 1914 switch (destination->details.exit_destination.af)
1943 ip4dst = (struct in_addr *) &tim[1]; 1915 {
1944 *ip4dst = destination->details.exit_destination.ip.v4; 1916 case AF_INET:
1945 payload = &ip4dst[1]; 1917 ip4dst = (struct in_addr *) &tim[1];
1946 break; 1918 *ip4dst = destination->details.exit_destination.ip.v4;
1947 case AF_INET6: 1919 payload = &ip4dst[1];
1948 ip6dst = (struct in6_addr *) &tim[1]; 1920 break;
1949 *ip6dst = destination->details.exit_destination.ip.v6; 1921 case AF_INET6:
1950 payload = &ip6dst[1]; 1922 ip6dst = (struct in6_addr *) &tim[1];
1951 break; 1923 *ip6dst = destination->details.exit_destination.ip.v6;
1952 default: 1924 payload = &ip6dst[1];
1953 GNUNET_assert (0); 1925 break;
1954 } 1926 default:
1955 GNUNET_memcpy (payload, 1927 GNUNET_assert (0);
1928 }
1929 GNUNET_memcpy (payload,
1956 &tcp[1], 1930 &tcp[1],
1957 payload_length - sizeof (struct GNUNET_TUN_TcpHeader)); 1931 payload_length - sizeof (struct GNUNET_TUN_TcpHeader));
1958 } 1932 }
@@ -1961,22 +1935,23 @@ route_packet (struct DestinationEntry *destination,
1961 { 1935 {
1962 struct GNUNET_EXIT_TcpDataMessage *tdm; 1936 struct GNUNET_EXIT_TcpDataMessage *tdm;
1963 1937
1964 mlen = sizeof (struct GNUNET_EXIT_TcpDataMessage) + 1938 mlen = sizeof (struct GNUNET_EXIT_TcpDataMessage) + payload_length -
1965 payload_length - sizeof (struct GNUNET_TUN_TcpHeader); 1939 sizeof (struct GNUNET_TUN_TcpHeader);
1966 if (mlen >= GNUNET_MAX_MESSAGE_SIZE) 1940 if (mlen >= GNUNET_MAX_MESSAGE_SIZE)
1967 { 1941 {
1968 GNUNET_break (0); 1942 GNUNET_break (0);
1969 return; 1943 return;
1970 } 1944 }
1971 env = GNUNET_MQ_msg_extra (tdm, 1945 env = GNUNET_MQ_msg_extra (tdm,
1972 payload_length - sizeof (struct GNUNET_TUN_TcpHeader), 1946 payload_length -
1947 sizeof (struct GNUNET_TUN_TcpHeader),
1973 GNUNET_MESSAGE_TYPE_VPN_TCP_DATA_TO_EXIT); 1948 GNUNET_MESSAGE_TYPE_VPN_TCP_DATA_TO_EXIT);
1974 tdm->reserved = htonl (0); 1949 tdm->reserved = htonl (0);
1975 tdm->tcp_header = *tcp; 1950 tdm->tcp_header = *tcp;
1976 GNUNET_memcpy (&tdm[1], 1951 GNUNET_memcpy (&tdm[1],
1977 &tcp[1], 1952 &tcp[1],
1978 payload_length - sizeof (struct GNUNET_TUN_TcpHeader)); 1953 payload_length - sizeof (struct GNUNET_TUN_TcpHeader));
1979 } 1954 }
1980 break; 1955 break;
1981 case IPPROTO_ICMP: 1956 case IPPROTO_ICMP:
1982 case IPPROTO_ICMPV6: 1957 case IPPROTO_ICMPV6:
@@ -1990,62 +1965,67 @@ route_packet (struct DestinationEntry *destination,
1990 switch (af) 1965 switch (af)
1991 { 1966 {
1992 case AF_INET: 1967 case AF_INET:
1993 switch (icmp->type) 1968 switch (icmp->type)
1994 { 1969 {
1995 case GNUNET_TUN_ICMPTYPE_ECHO_REPLY: 1970 case GNUNET_TUN_ICMPTYPE_ECHO_REPLY:
1996 case GNUNET_TUN_ICMPTYPE_ECHO_REQUEST: 1971 case GNUNET_TUN_ICMPTYPE_ECHO_REQUEST:
1997 break; 1972 break;
1998 case GNUNET_TUN_ICMPTYPE_DESTINATION_UNREACHABLE: 1973 case GNUNET_TUN_ICMPTYPE_DESTINATION_UNREACHABLE:
1999 case GNUNET_TUN_ICMPTYPE_SOURCE_QUENCH: 1974 case GNUNET_TUN_ICMPTYPE_SOURCE_QUENCH:
2000 case GNUNET_TUN_ICMPTYPE_TIME_EXCEEDED: 1975 case GNUNET_TUN_ICMPTYPE_TIME_EXCEEDED:
2001 /* throw away ICMP payload, won't be useful for the other side anyway */ 1976 /* throw away ICMP payload, won't be useful for the other side anyway */
2002 payload_length = sizeof (struct GNUNET_TUN_IcmpHeader); 1977 payload_length = sizeof (struct GNUNET_TUN_IcmpHeader);
2003 break; 1978 break;
2004 default: 1979 default:
2005 GNUNET_STATISTICS_update (stats, 1980 GNUNET_STATISTICS_update (stats,
2006 gettext_noop ("# ICMPv4 packets dropped (not allowed)"), 1981 gettext_noop (
2007 1, GNUNET_NO); 1982 "# ICMPv4 packets dropped (not allowed)"),
2008 return; 1983 1,
2009 } 1984 GNUNET_NO);
2010 /* end of AF_INET */ 1985 return;
2011 break; 1986 }
1987 /* end of AF_INET */
1988 break;
2012 case AF_INET6: 1989 case AF_INET6:
2013 switch (icmp->type) 1990 switch (icmp->type)
2014 { 1991 {
2015 case GNUNET_TUN_ICMPTYPE6_DESTINATION_UNREACHABLE: 1992 case GNUNET_TUN_ICMPTYPE6_DESTINATION_UNREACHABLE:
2016 case GNUNET_TUN_ICMPTYPE6_PACKET_TOO_BIG: 1993 case GNUNET_TUN_ICMPTYPE6_PACKET_TOO_BIG:
2017 case GNUNET_TUN_ICMPTYPE6_TIME_EXCEEDED: 1994 case GNUNET_TUN_ICMPTYPE6_TIME_EXCEEDED:
2018 case GNUNET_TUN_ICMPTYPE6_PARAMETER_PROBLEM: 1995 case GNUNET_TUN_ICMPTYPE6_PARAMETER_PROBLEM:
2019 /* throw away ICMP payload, won't be useful for the other side anyway */ 1996 /* throw away ICMP payload, won't be useful for the other side anyway */
2020 payload_length = sizeof (struct GNUNET_TUN_IcmpHeader); 1997 payload_length = sizeof (struct GNUNET_TUN_IcmpHeader);
2021 break; 1998 break;
2022 case GNUNET_TUN_ICMPTYPE6_ECHO_REQUEST: 1999 case GNUNET_TUN_ICMPTYPE6_ECHO_REQUEST:
2023 case GNUNET_TUN_ICMPTYPE6_ECHO_REPLY: 2000 case GNUNET_TUN_ICMPTYPE6_ECHO_REPLY:
2024 break; 2001 break;
2025 default: 2002 default:
2026 GNUNET_STATISTICS_update (stats, 2003 GNUNET_STATISTICS_update (stats,
2027 gettext_noop ("# ICMPv6 packets dropped (not allowed)"), 2004 gettext_noop (
2028 1, GNUNET_NO); 2005 "# ICMPv6 packets dropped (not allowed)"),
2029 return; 2006 1,
2030 } 2007 GNUNET_NO);
2031 /* end of AF_INET6 */ 2008 return;
2032 break; 2009 }
2010 /* end of AF_INET6 */
2011 break;
2033 default: 2012 default:
2034 GNUNET_assert (0); 2013 GNUNET_assert (0);
2035 break; 2014 break;
2036 } 2015 }
2037 2016
2038 /* update length calculations, as payload_length may have changed */ 2017 /* update length calculations, as payload_length may have changed */
2039 mlen = sizeof (struct GNUNET_EXIT_IcmpServiceMessage) + 2018 mlen = sizeof (struct GNUNET_EXIT_IcmpServiceMessage) + alen +
2040 alen + payload_length - sizeof (struct GNUNET_TUN_IcmpHeader); 2019 payload_length - sizeof (struct GNUNET_TUN_IcmpHeader);
2041 if (mlen >= GNUNET_MAX_MESSAGE_SIZE) 2020 if (mlen >= GNUNET_MAX_MESSAGE_SIZE)
2042 { 2021 {
2043 GNUNET_break (0); 2022 GNUNET_break (0);
2044 return; 2023 return;
2045 } 2024 }
2046 2025
2047 env = GNUNET_MQ_msg_extra (ism, 2026 env = GNUNET_MQ_msg_extra (ism,
2048 payload_length - sizeof (struct GNUNET_TUN_IcmpHeader), 2027 payload_length -
2028 sizeof (struct GNUNET_TUN_IcmpHeader),
2049 GNUNET_MESSAGE_TYPE_VPN_ICMP_TO_SERVICE); 2029 GNUNET_MESSAGE_TYPE_VPN_ICMP_TO_SERVICE);
2050 ism->af = htonl (af); /* need to tell destination ICMP protocol family! */ 2030 ism->af = htonl (af); /* need to tell destination ICMP protocol family! */
2051 ism->icmp_header = *icmp; 2031 ism->icmp_header = *icmp;
@@ -2067,114 +2047,125 @@ route_packet (struct DestinationEntry *destination,
2067 switch (af) 2047 switch (af)
2068 { 2048 {
2069 case AF_INET: 2049 case AF_INET:
2070 switch (icmp->type) 2050 switch (icmp->type)
2071 { 2051 {
2072 case GNUNET_TUN_ICMPTYPE_ECHO_REPLY: 2052 case GNUNET_TUN_ICMPTYPE_ECHO_REPLY:
2073 if (destination->details.exit_destination.af == AF_INET6) 2053 if (destination->details.exit_destination.af == AF_INET6)
2074 new_type = GNUNET_TUN_ICMPTYPE6_ECHO_REPLY; 2054 new_type = GNUNET_TUN_ICMPTYPE6_ECHO_REPLY;
2075 break; 2055 break;
2076 case GNUNET_TUN_ICMPTYPE_ECHO_REQUEST: 2056 case GNUNET_TUN_ICMPTYPE_ECHO_REQUEST:
2077 if (destination->details.exit_destination.af == AF_INET6) 2057 if (destination->details.exit_destination.af == AF_INET6)
2078 new_type = GNUNET_TUN_ICMPTYPE6_ECHO_REQUEST; 2058 new_type = GNUNET_TUN_ICMPTYPE6_ECHO_REQUEST;
2079 break; 2059 break;
2080 case GNUNET_TUN_ICMPTYPE_DESTINATION_UNREACHABLE: 2060 case GNUNET_TUN_ICMPTYPE_DESTINATION_UNREACHABLE:
2081 if (destination->details.exit_destination.af == AF_INET6) 2061 if (destination->details.exit_destination.af == AF_INET6)
2082 new_type = GNUNET_TUN_ICMPTYPE6_DESTINATION_UNREACHABLE; 2062 new_type = GNUNET_TUN_ICMPTYPE6_DESTINATION_UNREACHABLE;
2083 /* throw away IP-payload, exit will have to make it up anyway */ 2063 /* throw away IP-payload, exit will have to make it up anyway */
2084 payload_length = sizeof (struct GNUNET_TUN_IcmpHeader); 2064 payload_length = sizeof (struct GNUNET_TUN_IcmpHeader);
2085 break; 2065 break;
2086 case GNUNET_TUN_ICMPTYPE_TIME_EXCEEDED: 2066 case GNUNET_TUN_ICMPTYPE_TIME_EXCEEDED:
2087 if (destination->details.exit_destination.af == AF_INET6) 2067 if (destination->details.exit_destination.af == AF_INET6)
2088 new_type = GNUNET_TUN_ICMPTYPE6_TIME_EXCEEDED; 2068 new_type = GNUNET_TUN_ICMPTYPE6_TIME_EXCEEDED;
2089 /* throw away IP-payload, exit will have to make it up anyway */ 2069 /* throw away IP-payload, exit will have to make it up anyway */
2090 payload_length = sizeof (struct GNUNET_TUN_IcmpHeader); 2070 payload_length = sizeof (struct GNUNET_TUN_IcmpHeader);
2091 break; 2071 break;
2092 case GNUNET_TUN_ICMPTYPE_SOURCE_QUENCH: 2072 case GNUNET_TUN_ICMPTYPE_SOURCE_QUENCH:
2093 if (destination->details.exit_destination.af == AF_INET6) 2073 if (destination->details.exit_destination.af == AF_INET6)
2094 { 2074 {
2095 GNUNET_STATISTICS_update (stats, 2075 GNUNET_STATISTICS_update (
2096 gettext_noop ("# ICMPv4 packets dropped (impossible PT to v6)"), 2076 stats,
2097 1, GNUNET_NO); 2077 gettext_noop ("# ICMPv4 packets dropped (impossible PT to v6)"),
2098 return; 2078 1,
2099 } 2079 GNUNET_NO);
2100 /* throw away IP-payload, exit will have to make it up anyway */ 2080 return;
2101 payload_length = sizeof (struct GNUNET_TUN_IcmpHeader); 2081 }
2102 break; 2082 /* throw away IP-payload, exit will have to make it up anyway */
2103 default: 2083 payload_length = sizeof (struct GNUNET_TUN_IcmpHeader);
2104 GNUNET_STATISTICS_update (stats, 2084 break;
2105 gettext_noop ("# ICMPv4 packets dropped (type not allowed)"), 2085 default:
2106 1, GNUNET_NO); 2086 GNUNET_STATISTICS_update (
2107 return; 2087 stats,
2108 } 2088 gettext_noop ("# ICMPv4 packets dropped (type not allowed)"),
2109 /* end of AF_INET */ 2089 1,
2110 break; 2090 GNUNET_NO);
2091 return;
2092 }
2093 /* end of AF_INET */
2094 break;
2111 case AF_INET6: 2095 case AF_INET6:
2112 switch (icmp->type) 2096 switch (icmp->type)
2113 { 2097 {
2114 case GNUNET_TUN_ICMPTYPE6_DESTINATION_UNREACHABLE: 2098 case GNUNET_TUN_ICMPTYPE6_DESTINATION_UNREACHABLE:
2115 if (destination->details.exit_destination.af == AF_INET) 2099 if (destination->details.exit_destination.af == AF_INET)
2116 new_type = GNUNET_TUN_ICMPTYPE_DESTINATION_UNREACHABLE; 2100 new_type = GNUNET_TUN_ICMPTYPE_DESTINATION_UNREACHABLE;
2117 /* throw away IP-payload, exit will have to make it up anyway */ 2101 /* throw away IP-payload, exit will have to make it up anyway */
2118 payload_length = sizeof (struct GNUNET_TUN_IcmpHeader); 2102 payload_length = sizeof (struct GNUNET_TUN_IcmpHeader);
2119 break; 2103 break;
2120 case GNUNET_TUN_ICMPTYPE6_TIME_EXCEEDED: 2104 case GNUNET_TUN_ICMPTYPE6_TIME_EXCEEDED:
2121 if (destination->details.exit_destination.af == AF_INET) 2105 if (destination->details.exit_destination.af == AF_INET)
2122 new_type = GNUNET_TUN_ICMPTYPE_TIME_EXCEEDED; 2106 new_type = GNUNET_TUN_ICMPTYPE_TIME_EXCEEDED;
2123 /* throw away IP-payload, exit will have to make it up anyway */ 2107 /* throw away IP-payload, exit will have to make it up anyway */
2124 payload_length = sizeof (struct GNUNET_TUN_IcmpHeader); 2108 payload_length = sizeof (struct GNUNET_TUN_IcmpHeader);
2125 break; 2109 break;
2126 case GNUNET_TUN_ICMPTYPE6_PACKET_TOO_BIG: 2110 case GNUNET_TUN_ICMPTYPE6_PACKET_TOO_BIG:
2127 if (destination->details.exit_destination.af == AF_INET) 2111 if (destination->details.exit_destination.af == AF_INET)
2128 { 2112 {
2129 GNUNET_STATISTICS_update (stats, 2113 GNUNET_STATISTICS_update (
2130 gettext_noop ("# ICMPv6 packets dropped (impossible PT to v4)"), 2114 stats,
2131 1, GNUNET_NO); 2115 gettext_noop ("# ICMPv6 packets dropped (impossible PT to v4)"),
2132 return; 2116 1,
2133 } 2117 GNUNET_NO);
2134 /* throw away IP-payload, exit will have to make it up anyway */ 2118 return;
2135 payload_length = sizeof (struct GNUNET_TUN_IcmpHeader); 2119 }
2136 break; 2120 /* throw away IP-payload, exit will have to make it up anyway */
2137 case GNUNET_TUN_ICMPTYPE6_PARAMETER_PROBLEM: 2121 payload_length = sizeof (struct GNUNET_TUN_IcmpHeader);
2138 if (destination->details.exit_destination.af == AF_INET) 2122 break;
2139 { 2123 case GNUNET_TUN_ICMPTYPE6_PARAMETER_PROBLEM:
2140 GNUNET_STATISTICS_update (stats, 2124 if (destination->details.exit_destination.af == AF_INET)
2141 gettext_noop ("# ICMPv6 packets dropped (impossible PT to v4)"), 2125 {
2142 1, GNUNET_NO); 2126 GNUNET_STATISTICS_update (
2143 return; 2127 stats,
2144 } 2128 gettext_noop ("# ICMPv6 packets dropped (impossible PT to v4)"),
2145 /* throw away IP-payload, exit will have to make it up anyway */ 2129 1,
2146 payload_length = sizeof (struct GNUNET_TUN_IcmpHeader); 2130 GNUNET_NO);
2147 break; 2131 return;
2148 case GNUNET_TUN_ICMPTYPE6_ECHO_REQUEST: 2132 }
2149 if (destination->details.exit_destination.af == AF_INET) 2133 /* throw away IP-payload, exit will have to make it up anyway */
2150 new_type = GNUNET_TUN_ICMPTYPE_ECHO_REQUEST; 2134 payload_length = sizeof (struct GNUNET_TUN_IcmpHeader);
2151 break; 2135 break;
2152 case GNUNET_TUN_ICMPTYPE6_ECHO_REPLY: 2136 case GNUNET_TUN_ICMPTYPE6_ECHO_REQUEST:
2153 if (destination->details.exit_destination.af == AF_INET) 2137 if (destination->details.exit_destination.af == AF_INET)
2154 new_type = GNUNET_TUN_ICMPTYPE_ECHO_REPLY; 2138 new_type = GNUNET_TUN_ICMPTYPE_ECHO_REQUEST;
2155 break; 2139 break;
2156 default: 2140 case GNUNET_TUN_ICMPTYPE6_ECHO_REPLY:
2157 GNUNET_STATISTICS_update (stats, 2141 if (destination->details.exit_destination.af == AF_INET)
2158 gettext_noop ("# ICMPv6 packets dropped (type not allowed)"), 2142 new_type = GNUNET_TUN_ICMPTYPE_ECHO_REPLY;
2159 1, GNUNET_NO); 2143 break;
2160 return; 2144 default:
2161 } 2145 GNUNET_STATISTICS_update (
2162 /* end of AF_INET6 */ 2146 stats,
2163 break; 2147 gettext_noop ("# ICMPv6 packets dropped (type not allowed)"),
2148 1,
2149 GNUNET_NO);
2150 return;
2151 }
2152 /* end of AF_INET6 */
2153 break;
2164 default: 2154 default:
2165 GNUNET_assert (0); 2155 GNUNET_assert (0);
2166 } 2156 }
2167 2157
2168 /* update length calculations, as payload_length may have changed */ 2158 /* update length calculations, as payload_length may have changed */
2169 mlen = sizeof (struct GNUNET_EXIT_IcmpInternetMessage) + 2159 mlen = sizeof (struct GNUNET_EXIT_IcmpInternetMessage) + alen +
2170 alen + payload_length - sizeof (struct GNUNET_TUN_IcmpHeader); 2160 payload_length - sizeof (struct GNUNET_TUN_IcmpHeader);
2171 if (mlen >= GNUNET_MAX_MESSAGE_SIZE) 2161 if (mlen >= GNUNET_MAX_MESSAGE_SIZE)
2172 { 2162 {
2173 GNUNET_break (0); 2163 GNUNET_break (0);
2174 return; 2164 return;
2175 } 2165 }
2176 env = GNUNET_MQ_msg_extra (iim, 2166 env = GNUNET_MQ_msg_extra (iim,
2177 alen + payload_length - sizeof (struct GNUNET_TUN_IcmpHeader), 2167 alen + payload_length -
2168 sizeof (struct GNUNET_TUN_IcmpHeader),
2178 GNUNET_MESSAGE_TYPE_VPN_ICMP_TO_INTERNET); 2169 GNUNET_MESSAGE_TYPE_VPN_ICMP_TO_INTERNET);
2179 iim->icmp_header = *icmp; 2170 iim->icmp_header = *icmp;
2180 iim->icmp_header.type = new_type; 2171 iim->icmp_header.type = new_type;
@@ -2182,17 +2173,17 @@ route_packet (struct DestinationEntry *destination,
2182 switch (destination->details.exit_destination.af) 2173 switch (destination->details.exit_destination.af)
2183 { 2174 {
2184 case AF_INET: 2175 case AF_INET:
2185 ip4dst = (struct in_addr *) &iim[1]; 2176 ip4dst = (struct in_addr *) &iim[1];
2186 *ip4dst = destination->details.exit_destination.ip.v4; 2177 *ip4dst = destination->details.exit_destination.ip.v4;
2187 payload = &ip4dst[1]; 2178 payload = &ip4dst[1];
2188 break; 2179 break;
2189 case AF_INET6: 2180 case AF_INET6:
2190 ip6dst = (struct in6_addr *) &iim[1]; 2181 ip6dst = (struct in6_addr *) &iim[1];
2191 *ip6dst = destination->details.exit_destination.ip.v6; 2182 *ip6dst = destination->details.exit_destination.ip.v6;
2192 payload = &ip6dst[1]; 2183 payload = &ip6dst[1];
2193 break; 2184 break;
2194 default: 2185 default:
2195 GNUNET_assert (0); 2186 GNUNET_assert (0);
2196 } 2187 }
2197 GNUNET_memcpy (payload, 2188 GNUNET_memcpy (payload,
2198 &icmp[1], 2189 &icmp[1],
@@ -2205,8 +2196,7 @@ route_packet (struct DestinationEntry *destination,
2205 break; 2196 break;
2206 } 2197 }
2207 ts->is_established = GNUNET_YES; 2198 ts->is_established = GNUNET_YES;
2208 send_to_channel (ts, 2199 send_to_channel (ts, env);
2209 env);
2210} 2200}
2211 2201
2212 2202
@@ -2223,8 +2213,7 @@ route_packet (struct DestinationEntry *destination,
2223 * #GNUNET_SYSERR to stop further processing with error 2213 * #GNUNET_SYSERR to stop further processing with error
2224 */ 2214 */
2225static int 2215static int
2226message_token (void *cls, 2216message_token (void *cls, const struct GNUNET_MessageHeader *message)
2227 const struct GNUNET_MessageHeader *message)
2228{ 2217{
2229 const struct GNUNET_TUN_Layer2PacketHeader *tun; 2218 const struct GNUNET_TUN_Layer2PacketHeader *tun;
2230 size_t mlen; 2219 size_t mlen;
@@ -2232,101 +2221,96 @@ message_token (void *cls,
2232 struct DestinationEntry *de; 2221 struct DestinationEntry *de;
2233 2222
2234 GNUNET_STATISTICS_update (stats, 2223 GNUNET_STATISTICS_update (stats,
2235 gettext_noop ("# Packets received from TUN interface"), 2224 gettext_noop (
2236 1, GNUNET_NO); 2225 "# Packets received from TUN interface"),
2226 1,
2227 GNUNET_NO);
2237 mlen = ntohs (message->size); 2228 mlen = ntohs (message->size);
2238 if ( (ntohs (message->type) != GNUNET_MESSAGE_TYPE_VPN_HELPER) || 2229 if ((ntohs (message->type) != GNUNET_MESSAGE_TYPE_VPN_HELPER) ||
2239 (mlen < sizeof (struct GNUNET_MessageHeader) + sizeof (struct GNUNET_TUN_Layer2PacketHeader)) ) 2230 (mlen < sizeof (struct GNUNET_MessageHeader) +
2231 sizeof (struct GNUNET_TUN_Layer2PacketHeader)))
2240 { 2232 {
2241 GNUNET_break (0); 2233 GNUNET_break (0);
2242 return GNUNET_OK; 2234 return GNUNET_OK;
2243 } 2235 }
2244 tun = (const struct GNUNET_TUN_Layer2PacketHeader *) &message[1]; 2236 tun = (const struct GNUNET_TUN_Layer2PacketHeader *) &message[1];
2245 mlen -= (sizeof (struct GNUNET_MessageHeader) + sizeof (struct GNUNET_TUN_Layer2PacketHeader)); 2237 mlen -= (sizeof (struct GNUNET_MessageHeader) +
2238 sizeof (struct GNUNET_TUN_Layer2PacketHeader));
2246 switch (ntohs (tun->proto)) 2239 switch (ntohs (tun->proto))
2247 { 2240 {
2248 case ETH_P_IPV6: 2241 case ETH_P_IPV6: {
2242 const struct GNUNET_TUN_IPv6Header *pkt6;
2243
2244 if (mlen < sizeof (struct GNUNET_TUN_IPv6Header))
2249 { 2245 {
2250 const struct GNUNET_TUN_IPv6Header *pkt6; 2246 /* blame kernel */
2247 GNUNET_break (0);
2248 return GNUNET_OK;
2249 }
2250 pkt6 = (const struct GNUNET_TUN_IPv6Header *) &tun[1];
2251 get_destination_key_from_ip (AF_INET6, &pkt6->destination_address, &key);
2252 de = GNUNET_CONTAINER_multihashmap_get (destination_map, &key);
2253 if (NULL == de)
2254 {
2255 char buf[INET6_ADDRSTRLEN];
2251 2256
2252 if (mlen < sizeof (struct GNUNET_TUN_IPv6Header)) 2257 GNUNET_log (
2253 { 2258 GNUNET_ERROR_TYPE_INFO,
2254 /* blame kernel */ 2259 _ ("Packet received for unmapped destination `%s' (dropping it)\n"),
2255 GNUNET_break (0); 2260 inet_ntop (AF_INET6, &pkt6->destination_address, buf, sizeof (buf)));
2256 return GNUNET_OK; 2261 return GNUNET_OK;
2257 }
2258 pkt6 = (const struct GNUNET_TUN_IPv6Header *) &tun[1];
2259 get_destination_key_from_ip (AF_INET6,
2260 &pkt6->destination_address,
2261 &key);
2262 de = GNUNET_CONTAINER_multihashmap_get (destination_map, &key);
2263 if (NULL == de)
2264 {
2265 char buf[INET6_ADDRSTRLEN];
2266
2267 GNUNET_log (GNUNET_ERROR_TYPE_INFO,
2268 _("Packet received for unmapped destination `%s' (dropping it)\n"),
2269 inet_ntop (AF_INET6,
2270 &pkt6->destination_address,
2271 buf,
2272 sizeof (buf)));
2273 return GNUNET_OK;
2274 }
2275 route_packet (de,
2276 AF_INET6,
2277 pkt6->next_header,
2278 &pkt6->source_address,
2279 &pkt6->destination_address,
2280 &pkt6[1],
2281 mlen - sizeof (struct GNUNET_TUN_IPv6Header));
2282 } 2262 }
2283 break; 2263 route_packet (de,
2284 case ETH_P_IPV4: 2264 AF_INET6,
2265 pkt6->next_header,
2266 &pkt6->source_address,
2267 &pkt6->destination_address,
2268 &pkt6[1],
2269 mlen - sizeof (struct GNUNET_TUN_IPv6Header));
2270 }
2271 break;
2272 case ETH_P_IPV4: {
2273 struct GNUNET_TUN_IPv4Header *pkt4;
2274
2275 if (mlen < sizeof (struct GNUNET_TUN_IPv4Header))
2285 { 2276 {
2286 struct GNUNET_TUN_IPv4Header *pkt4; 2277 /* blame kernel */
2278 GNUNET_break (0);
2279 return GNUNET_OK;
2280 }
2281 pkt4 = (struct GNUNET_TUN_IPv4Header *) &tun[1];
2282 get_destination_key_from_ip (AF_INET, &pkt4->destination_address, &key);
2283 de = GNUNET_CONTAINER_multihashmap_get (destination_map, &key);
2284 if (NULL == de)
2285 {
2286 char buf[INET_ADDRSTRLEN];
2287 2287
2288 if (mlen < sizeof (struct GNUNET_TUN_IPv4Header)) 2288 GNUNET_log (
2289 { 2289 GNUNET_ERROR_TYPE_INFO,
2290 /* blame kernel */ 2290 _ ("Packet received for unmapped destination `%s' (dropping it)\n"),
2291 GNUNET_break (0); 2291 inet_ntop (AF_INET, &pkt4->destination_address, buf, sizeof (buf)));
2292 return GNUNET_OK; 2292 return GNUNET_OK;
2293 }
2294 pkt4 = (struct GNUNET_TUN_IPv4Header *) &tun[1];
2295 get_destination_key_from_ip (AF_INET,
2296 &pkt4->destination_address,
2297 &key);
2298 de = GNUNET_CONTAINER_multihashmap_get (destination_map, &key);
2299 if (NULL == de)
2300 {
2301 char buf[INET_ADDRSTRLEN];
2302
2303 GNUNET_log (GNUNET_ERROR_TYPE_INFO,
2304 _("Packet received for unmapped destination `%s' (dropping it)\n"),
2305 inet_ntop (AF_INET,
2306 &pkt4->destination_address,
2307 buf,
2308 sizeof (buf)));
2309 return GNUNET_OK;
2310 }
2311 if (pkt4->header_length * 4 != sizeof (struct GNUNET_TUN_IPv4Header))
2312 {
2313 GNUNET_log (GNUNET_ERROR_TYPE_INFO,
2314 _("Received IPv4 packet with options (dropping it)\n"));
2315 return GNUNET_OK;
2316 }
2317 route_packet (de,
2318 AF_INET,
2319 pkt4->protocol,
2320 &pkt4->source_address,
2321 &pkt4->destination_address,
2322 &pkt4[1],
2323 mlen - sizeof (struct GNUNET_TUN_IPv4Header));
2324 } 2293 }
2325 break; 2294 if (pkt4->header_length * 4 != sizeof (struct GNUNET_TUN_IPv4Header))
2295 {
2296 GNUNET_log (GNUNET_ERROR_TYPE_INFO,
2297 _ ("Received IPv4 packet with options (dropping it)\n"));
2298 return GNUNET_OK;
2299 }
2300 route_packet (de,
2301 AF_INET,
2302 pkt4->protocol,
2303 &pkt4->source_address,
2304 &pkt4->destination_address,
2305 &pkt4[1],
2306 mlen - sizeof (struct GNUNET_TUN_IPv4Header));
2307 }
2308 break;
2326 default: 2309 default:
2327 GNUNET_log (GNUNET_ERROR_TYPE_INFO, 2310 GNUNET_log (
2328 _("Received packet of unknown protocol %d from TUN (dropping it)\n"), 2311 GNUNET_ERROR_TYPE_INFO,
2329 (unsigned int) ntohs (tun->proto)); 2312 _ ("Received packet of unknown protocol %d from TUN (dropping it)\n"),
2313 (unsigned int) ntohs (tun->proto));
2330 break; 2314 break;
2331 } 2315 }
2332 return GNUNET_OK; 2316 return GNUNET_OK;
@@ -2359,27 +2343,23 @@ allocate_v4_address (struct in_addr *v4)
2359 mask.s_addr = addr.s_addr | ~mask.s_addr; 2343 mask.s_addr = addr.s_addr | ~mask.s_addr;
2360 tries = 0; 2344 tries = 0;
2361 do 2345 do
2346 {
2347 tries++;
2348 if (tries > 16)
2362 { 2349 {
2363 tries++; 2350 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
2364 if (tries > 16) 2351 _ (
2365 { 2352 "Failed to find unallocated IPv4 address in VPN's range\n"));
2366 GNUNET_log (GNUNET_ERROR_TYPE_WARNING, 2353 return GNUNET_SYSERR;
2367 _("Failed to find unallocated IPv4 address in VPN's range\n"));
2368 return GNUNET_SYSERR;
2369 }
2370 /* Pick random IPv4 address within the subnet, except 'addr' or 'mask' itself */
2371 rnd.s_addr = GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_WEAK,
2372 UINT32_MAX);
2373 v4->s_addr = (addr.s_addr | rnd.s_addr) & mask.s_addr;
2374 get_destination_key_from_ip (AF_INET,
2375 v4,
2376 &key);
2377 } 2354 }
2378 while ( (GNUNET_YES == 2355 /* Pick random IPv4 address within the subnet, except 'addr' or 'mask' itself */
2379 GNUNET_CONTAINER_multihashmap_contains (destination_map, 2356 rnd.s_addr =
2380 &key)) || 2357 GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_WEAK, UINT32_MAX);
2381 (v4->s_addr == addr.s_addr) || 2358 v4->s_addr = (addr.s_addr | rnd.s_addr) & mask.s_addr;
2382 (v4->s_addr == mask.s_addr) ); 2359 get_destination_key_from_ip (AF_INET, v4, &key);
2360 } while ((GNUNET_YES ==
2361 GNUNET_CONTAINER_multihashmap_contains (destination_map, &key)) ||
2362 (v4->s_addr == addr.s_addr) || (v4->s_addr == mask.s_addr));
2383 return GNUNET_OK; 2363 return GNUNET_OK;
2384} 2364}
2385 2365
@@ -2408,39 +2388,33 @@ allocate_v6_address (struct in6_addr *v6)
2408 /* Given ABCD::/96, we want a mask of 'ABCD::FFFF:FFFF, 2388 /* Given ABCD::/96, we want a mask of 'ABCD::FFFF:FFFF,
2409 thus: */ 2389 thus: */
2410 mask = addr; 2390 mask = addr;
2411 for (i=127;i>=ipv6prefix;i--) 2391 for (i = 127; i >= ipv6prefix; i--)
2412 mask.s6_addr[i / 8] |= (1 << (i % 8)); 2392 mask.s6_addr[i / 8] |= (1 << (i % 8));
2413 2393
2414 /* Pick random IPv6 address within the subnet, except 'addr' or 'mask' itself */ 2394 /* Pick random IPv6 address within the subnet, except 'addr' or 'mask' itself */
2415 tries = 0; 2395 tries = 0;
2416 do 2396 do
2397 {
2398 tries++;
2399 if (tries > 16)
2400 {
2401 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
2402 _ (
2403 "Failed to find unallocated IPv6 address in VPN's range\n"));
2404 return GNUNET_SYSERR;
2405 }
2406 for (i = 0; i < 16; i++)
2417 { 2407 {
2418 tries++; 2408 rnd.s6_addr[i] =
2419 if (tries > 16) 2409 (unsigned char) GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_WEAK,
2420 { 2410 256);
2421 GNUNET_log (GNUNET_ERROR_TYPE_WARNING, 2411 v6->s6_addr[i] = (addr.s6_addr[i] | rnd.s6_addr[i]) & mask.s6_addr[i];
2422 _("Failed to find unallocated IPv6 address in VPN's range\n"));
2423 return GNUNET_SYSERR;
2424
2425 }
2426 for (i=0;i<16;i++)
2427 {
2428 rnd.s6_addr[i] = (unsigned char) GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_WEAK,
2429 256);
2430 v6->s6_addr[i]
2431 = (addr.s6_addr[i] | rnd.s6_addr[i]) & mask.s6_addr[i];
2432 }
2433 get_destination_key_from_ip (AF_INET6,
2434 v6,
2435 &key);
2436 } 2412 }
2437 while ( (GNUNET_YES == 2413 get_destination_key_from_ip (AF_INET6, v6, &key);
2438 GNUNET_CONTAINER_multihashmap_contains (destination_map, 2414 } while ((GNUNET_YES ==
2439 &key)) || 2415 GNUNET_CONTAINER_multihashmap_contains (destination_map, &key)) ||
2440 (0 == GNUNET_memcmp (v6, 2416 (0 == GNUNET_memcmp (v6, &addr)) ||
2441 &addr)) || 2417 (0 == GNUNET_memcmp (v6, &mask)));
2442 (0 == GNUNET_memcmp (v6,
2443 &mask)) );
2444 return GNUNET_OK; 2418 return GNUNET_OK;
2445} 2419}
2446 2420
@@ -2456,26 +2430,24 @@ free_destination_entry (struct DestinationEntry *de)
2456 struct DestinationChannel *dt; 2430 struct DestinationChannel *dt;
2457 2431
2458 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 2432 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2459 "Cleaning up destination entry `%s'\n", 2433 "Cleaning up destination entry `%s'\n",
2460 print_channel_destination (de)); 2434 print_channel_destination (de));
2461 GNUNET_STATISTICS_update (stats, 2435 GNUNET_STATISTICS_update (stats,
2462 gettext_noop ("# Active destinations"), 2436 gettext_noop ("# Active destinations"),
2463 -1, GNUNET_NO); 2437 -1,
2438 GNUNET_NO);
2464 while (NULL != (dt = de->dt_head)) 2439 while (NULL != (dt = de->dt_head))
2465 { 2440 {
2466 GNUNET_CONTAINER_DLL_remove (de->dt_head, 2441 GNUNET_CONTAINER_DLL_remove (de->dt_head, de->dt_tail, dt);
2467 de->dt_tail,
2468 dt);
2469 GNUNET_free (dt); 2442 GNUNET_free (dt);
2470 } 2443 }
2471 if (NULL != de->heap_node) 2444 if (NULL != de->heap_node)
2472 { 2445 {
2473 GNUNET_CONTAINER_heap_remove_node (de->heap_node); 2446 GNUNET_CONTAINER_heap_remove_node (de->heap_node);
2474 de->heap_node = NULL; 2447 de->heap_node = NULL;
2475 GNUNET_assert (GNUNET_YES == 2448 GNUNET_assert (
2476 GNUNET_CONTAINER_multihashmap_remove (destination_map, 2449 GNUNET_YES ==
2477 &de->key, 2450 GNUNET_CONTAINER_multihashmap_remove (destination_map, &de->key, de));
2478 de));
2479 } 2451 }
2480 GNUNET_free (de); 2452 GNUNET_free (de);
2481} 2453}
@@ -2515,36 +2487,32 @@ expire_destination (struct DestinationEntry *except)
2515 */ 2487 */
2516static int 2488static int
2517allocate_response_ip (int *result_af, 2489allocate_response_ip (int *result_af,
2518 void **addr, 2490 void **addr,
2519 struct in_addr *v4, 2491 struct in_addr *v4,
2520 struct in6_addr *v6) 2492 struct in6_addr *v6)
2521{ 2493{
2522 *addr = NULL; 2494 *addr = NULL;
2523 switch (*result_af) 2495 switch (*result_af)
2524 { 2496 {
2525 case AF_INET: 2497 case AF_INET:
2526 if (GNUNET_OK != 2498 if (GNUNET_OK != allocate_v4_address (v4))
2527 allocate_v4_address (v4))
2528 *result_af = AF_UNSPEC; 2499 *result_af = AF_UNSPEC;
2529 else 2500 else
2530 *addr = v4; 2501 *addr = v4;
2531 break; 2502 break;
2532 case AF_INET6: 2503 case AF_INET6:
2533 if (GNUNET_OK != 2504 if (GNUNET_OK != allocate_v6_address (v6))
2534 allocate_v6_address (v6))
2535 *result_af = AF_UNSPEC; 2505 *result_af = AF_UNSPEC;
2536 else 2506 else
2537 *addr = v6; 2507 *addr = v6;
2538 break; 2508 break;
2539 case AF_UNSPEC: 2509 case AF_UNSPEC:
2540 if (GNUNET_OK == 2510 if (GNUNET_OK == allocate_v4_address (v4))
2541 allocate_v4_address (v4))
2542 { 2511 {
2543 *addr = v4; 2512 *addr = v4;
2544 *result_af = AF_INET; 2513 *result_af = AF_INET;
2545 } 2514 }
2546 else if (GNUNET_OK == 2515 else if (GNUNET_OK == allocate_v6_address (v6))
2547 allocate_v6_address (v6))
2548 { 2516 {
2549 *addr = v6; 2517 *addr = v6;
2550 *result_af = AF_INET6; 2518 *result_af = AF_INET6;
@@ -2626,18 +2594,13 @@ handle_client_redirect_to_ip (void *cls,
2626 addr_af = (int) htonl (msg->addr_af); 2594 addr_af = (int) htonl (msg->addr_af);
2627 /* allocate response IP */ 2595 /* allocate response IP */
2628 result_af = (int) htonl (msg->result_af); 2596 result_af = (int) htonl (msg->result_af);
2629 if (GNUNET_OK != allocate_response_ip (&result_af, 2597 if (GNUNET_OK != allocate_response_ip (&result_af, &addr, &v4, &v6))
2630 &addr,
2631 &v4, &v6))
2632 { 2598 {
2633 GNUNET_SERVICE_client_drop (client); 2599 GNUNET_SERVICE_client_drop (client);
2634 return; 2600 return;
2635 } 2601 }
2636 /* send reply with our IP address */ 2602 /* send reply with our IP address */
2637 send_client_reply (client, 2603 send_client_reply (client, msg->request_id, result_af, addr);
2638 msg->request_id,
2639 result_af,
2640 addr);
2641 if (result_af == AF_UNSPEC) 2604 if (result_af == AF_UNSPEC)
2642 { 2605 {
2643 /* failure, we're done */ 2606 /* failure, we're done */
@@ -2650,40 +2613,34 @@ handle_client_redirect_to_ip (void *cls,
2650 char dbuf[INET6_ADDRSTRLEN]; 2613 char dbuf[INET6_ADDRSTRLEN];
2651 2614
2652 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 2615 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2653 "Allocated address %s for redirection via exit to %s\n", 2616 "Allocated address %s for redirection via exit to %s\n",
2654 inet_ntop (result_af, 2617 inet_ntop (result_af, addr, sbuf, sizeof (sbuf)),
2655 addr, 2618 inet_ntop (addr_af, &msg[1], dbuf, sizeof (dbuf)));
2656 sbuf,
2657 sizeof (sbuf)),
2658 inet_ntop (addr_af,
2659 &msg[1],
2660 dbuf,
2661 sizeof (dbuf)));
2662 } 2619 }
2663 2620
2664 /* setup destination record */ 2621 /* setup destination record */
2665 de = GNUNET_new (struct DestinationEntry); 2622 de = GNUNET_new (struct DestinationEntry);
2666 de->is_service = GNUNET_NO; 2623 de->is_service = GNUNET_NO;
2667 de->details.exit_destination.af = addr_af; 2624 de->details.exit_destination.af = addr_af;
2668 GNUNET_memcpy (&de->details.exit_destination.ip, 2625 GNUNET_memcpy (&de->details.exit_destination.ip, &msg[1], alen);
2669 &msg[1], 2626 get_destination_key_from_ip (result_af, addr, &key);
2670 alen);
2671 get_destination_key_from_ip (result_af,
2672 addr,
2673 &key);
2674 de->key = key; 2627 de->key = key;
2675 GNUNET_assert (GNUNET_OK == 2628 GNUNET_assert (GNUNET_OK == GNUNET_CONTAINER_multihashmap_put (
2676 GNUNET_CONTAINER_multihashmap_put (destination_map, 2629 destination_map,
2677 &key, 2630 &key,
2678 de, 2631 de,
2679 GNUNET_CONTAINER_MULTIHASHMAPOPTION_MULTIPLE)); 2632 GNUNET_CONTAINER_MULTIHASHMAPOPTION_MULTIPLE));
2680 de->heap_node = GNUNET_CONTAINER_heap_insert (destination_heap, 2633 de->heap_node = GNUNET_CONTAINER_heap_insert (destination_heap,
2681 de, 2634 de,
2682 GNUNET_TIME_absolute_ntoh (msg->expiration_time).abs_value_us); 2635 GNUNET_TIME_absolute_ntoh (
2636 msg->expiration_time)
2637 .abs_value_us);
2683 GNUNET_STATISTICS_update (stats, 2638 GNUNET_STATISTICS_update (stats,
2684 gettext_noop ("# Active destinations"), 2639 gettext_noop ("# Active destinations"),
2685 1, GNUNET_NO); 2640 1,
2686 while (GNUNET_CONTAINER_multihashmap_size (destination_map) > max_destination_mappings) 2641 GNUNET_NO);
2642 while (GNUNET_CONTAINER_multihashmap_size (destination_map) >
2643 max_destination_mappings)
2687 expire_destination (de); 2644 expire_destination (de);
2688 GNUNET_SERVICE_client_continue (client); 2645 GNUNET_SERVICE_client_continue (client);
2689} 2646}
@@ -2698,8 +2655,9 @@ handle_client_redirect_to_ip (void *cls,
2698 * @param msg redirection request 2655 * @param msg redirection request
2699 */ 2656 */
2700static void 2657static void
2701handle_client_redirect_to_service (void *cls, 2658handle_client_redirect_to_service (
2702 const struct RedirectToServiceRequestMessage *msg) 2659 void *cls,
2660 const struct RedirectToServiceRequestMessage *msg)
2703{ 2661{
2704 struct GNUNET_SERVICE_Client *client = cls; 2662 struct GNUNET_SERVICE_Client *client = cls;
2705 int result_af; 2663 int result_af;
@@ -2712,25 +2670,18 @@ handle_client_redirect_to_service (void *cls,
2712 2670
2713 /* allocate response IP */ 2671 /* allocate response IP */
2714 result_af = (int) htonl (msg->result_af); 2672 result_af = (int) htonl (msg->result_af);
2715 if (GNUNET_OK != 2673 if (GNUNET_OK != allocate_response_ip (&result_af, &addr, &v4, &v6))
2716 allocate_response_ip (&result_af,
2717 &addr,
2718 &v4,
2719 &v6))
2720 { 2674 {
2721 GNUNET_break (0); 2675 GNUNET_break (0);
2722 GNUNET_SERVICE_client_drop (client); 2676 GNUNET_SERVICE_client_drop (client);
2723 return; 2677 return;
2724 } 2678 }
2725 send_client_reply (client, 2679 send_client_reply (client, msg->request_id, result_af, addr);
2726 msg->request_id,
2727 result_af,
2728 addr);
2729 if (result_af == AF_UNSPEC) 2680 if (result_af == AF_UNSPEC)
2730 { 2681 {
2731 /* failure, we're done */ 2682 /* failure, we're done */
2732 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, 2683 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2733 _("Failed to allocate IP address for new destination\n")); 2684 _ ("Failed to allocate IP address for new destination\n"));
2734 GNUNET_SERVICE_client_continue (client); 2685 GNUNET_SERVICE_client_continue (client);
2735 return; 2686 return;
2736 } 2687 }
@@ -2739,13 +2690,10 @@ handle_client_redirect_to_service (void *cls,
2739 char sbuf[INET6_ADDRSTRLEN]; 2690 char sbuf[INET6_ADDRSTRLEN];
2740 2691
2741 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 2692 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2742 "Allocated address %s for redirection to service %s on peer %s\n", 2693 "Allocated address %s for redirection to service %s on peer %s\n",
2743 inet_ntop (result_af, 2694 inet_ntop (result_af, addr, sbuf, sizeof (sbuf)),
2744 addr, 2695 GNUNET_h2s (&msg->service_descriptor),
2745 sbuf, 2696 GNUNET_i2s (&msg->target));
2746 sizeof (sbuf)),
2747 GNUNET_h2s (&msg->service_descriptor),
2748 GNUNET_i2s (&msg->target));
2749 } 2697 }
2750 2698
2751 /* setup destination record */ 2699 /* setup destination record */
@@ -2753,33 +2701,30 @@ handle_client_redirect_to_service (void *cls,
2753 de->is_service = GNUNET_YES; 2701 de->is_service = GNUNET_YES;
2754 de->details.service_destination.target = msg->target; 2702 de->details.service_destination.target = msg->target;
2755 de->details.service_destination.service_descriptor = msg->service_descriptor; 2703 de->details.service_destination.service_descriptor = msg->service_descriptor;
2756 get_destination_key_from_ip (result_af, 2704 get_destination_key_from_ip (result_af, addr, &key);
2757 addr,
2758 &key);
2759 de->key = key; 2705 de->key = key;
2760 GNUNET_assert (GNUNET_OK == 2706 GNUNET_assert (GNUNET_OK == GNUNET_CONTAINER_multihashmap_put (
2761 GNUNET_CONTAINER_multihashmap_put (destination_map, 2707 destination_map,
2762 &key, 2708 &key,
2763 de, 2709 de,
2764 GNUNET_CONTAINER_MULTIHASHMAPOPTION_MULTIPLE)); 2710 GNUNET_CONTAINER_MULTIHASHMAPOPTION_MULTIPLE));
2765 de->heap_node 2711 de->heap_node = GNUNET_CONTAINER_heap_insert (destination_heap,
2766 = GNUNET_CONTAINER_heap_insert (destination_heap, 2712 de,
2767 de, 2713 GNUNET_TIME_absolute_ntoh (
2768 GNUNET_TIME_absolute_ntoh (msg->expiration_time).abs_value_us); 2714 msg->expiration_time)
2769 while (GNUNET_CONTAINER_multihashmap_size (destination_map) > max_destination_mappings) 2715 .abs_value_us);
2716 while (GNUNET_CONTAINER_multihashmap_size (destination_map) >
2717 max_destination_mappings)
2770 expire_destination (de); 2718 expire_destination (de);
2771 2719
2772 dt = GNUNET_new (struct DestinationChannel); 2720 dt = GNUNET_new (struct DestinationChannel);
2773 dt->destination = de; 2721 dt->destination = de;
2774 GNUNET_CONTAINER_DLL_insert (de->dt_head, 2722 GNUNET_CONTAINER_DLL_insert (de->dt_head, de->dt_tail, dt);
2775 de->dt_tail,
2776 dt);
2777 /* we're done */ 2723 /* we're done */
2778 GNUNET_SERVICE_client_continue (client); 2724 GNUNET_SERVICE_client_continue (client);
2779} 2725}
2780 2726
2781 2727
2782
2783/** 2728/**
2784 * Free memory occupied by an entry in the destination map. 2729 * Free memory occupied by an entry in the destination map.
2785 * 2730 *
@@ -2789,9 +2734,7 @@ handle_client_redirect_to_service (void *cls,
2789 * @return #GNUNET_OK (continue to iterate) 2734 * @return #GNUNET_OK (continue to iterate)
2790 */ 2735 */
2791static int 2736static int
2792cleanup_destination (void *cls, 2737cleanup_destination (void *cls, const struct GNUNET_HashCode *key, void *value)
2793 const struct GNUNET_HashCode *key,
2794 void *value)
2795{ 2738{
2796 struct DestinationEntry *de = value; 2739 struct DestinationEntry *de = value;
2797 2740
@@ -2809,14 +2752,12 @@ cleanup_destination (void *cls,
2809 * @return #GNUNET_OK (continue to iterate) 2752 * @return #GNUNET_OK (continue to iterate)
2810 */ 2753 */
2811static int 2754static int
2812cleanup_channel (void *cls, 2755cleanup_channel (void *cls, const struct GNUNET_HashCode *key, void *value)
2813 const struct GNUNET_HashCode *key,
2814 void *value)
2815{ 2756{
2816 struct ChannelState *ts = value; 2757 struct ChannelState *ts = value;
2817 2758
2818 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 2759 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2819 "Tearing down channel to `%s' during cleanup\n", 2760 "Tearing down channel to `%s' during cleanup\n",
2820 print_channel_destination (&ts->destination)); 2761 print_channel_destination (&ts->destination));
2821 free_channel_state (ts); 2762 free_channel_state (ts);
2822 return GNUNET_OK; 2763 return GNUNET_OK;
@@ -2833,13 +2774,12 @@ cleanup (void *cls)
2833{ 2774{
2834 unsigned int i; 2775 unsigned int i;
2835 2776
2836 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 2777 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "VPN is shutting down\n");
2837 "VPN is shutting down\n");
2838 if (NULL != destination_map) 2778 if (NULL != destination_map)
2839 { 2779 {
2840 GNUNET_CONTAINER_multihashmap_iterate (destination_map, 2780 GNUNET_CONTAINER_multihashmap_iterate (destination_map,
2841 &cleanup_destination, 2781 &cleanup_destination,
2842 NULL); 2782 NULL);
2843 GNUNET_CONTAINER_multihashmap_destroy (destination_map); 2783 GNUNET_CONTAINER_multihashmap_destroy (destination_map);
2844 destination_map = NULL; 2784 destination_map = NULL;
2845 } 2785 }
@@ -2850,9 +2790,7 @@ cleanup (void *cls)
2850 } 2790 }
2851 if (NULL != channel_map) 2791 if (NULL != channel_map)
2852 { 2792 {
2853 GNUNET_CONTAINER_multihashmap_iterate (channel_map, 2793 GNUNET_CONTAINER_multihashmap_iterate (channel_map, &cleanup_channel, NULL);
2854 &cleanup_channel,
2855 NULL);
2856 GNUNET_CONTAINER_multihashmap_destroy (channel_map); 2794 GNUNET_CONTAINER_multihashmap_destroy (channel_map);
2857 channel_map = NULL; 2795 channel_map = NULL;
2858 } 2796 }
@@ -2877,7 +2815,7 @@ cleanup (void *cls)
2877 GNUNET_STATISTICS_destroy (stats, GNUNET_NO); 2815 GNUNET_STATISTICS_destroy (stats, GNUNET_NO);
2878 stats = NULL; 2816 stats = NULL;
2879 } 2817 }
2880 for (i=0;i<5;i++) 2818 for (i = 0; i < 5; i++)
2881 GNUNET_free_non_null (vpn_argv[i]); 2819 GNUNET_free_non_null (vpn_argv[i]);
2882} 2820}
2883 2821
@@ -2892,8 +2830,8 @@ cleanup (void *cls)
2892 */ 2830 */
2893static void * 2831static void *
2894client_connect_cb (void *cls, 2832client_connect_cb (void *cls,
2895 struct GNUNET_SERVICE_Client *c, 2833 struct GNUNET_SERVICE_Client *c,
2896 struct GNUNET_MQ_Handle *mq) 2834 struct GNUNET_MQ_Handle *mq)
2897{ 2835{
2898 return c; 2836 return c;
2899} 2837}
@@ -2908,8 +2846,8 @@ client_connect_cb (void *cls,
2908 */ 2846 */
2909static void 2847static void
2910client_disconnect_cb (void *cls, 2848client_disconnect_cb (void *cls,
2911 struct GNUNET_SERVICE_Client *c, 2849 struct GNUNET_SERVICE_Client *c,
2912 void *internal_cls) 2850 void *internal_cls)
2913{ 2851{
2914 GNUNET_assert (c == internal_cls); 2852 GNUNET_assert (c == internal_cls);
2915} 2853}
@@ -2936,17 +2874,17 @@ run (void *cls,
2936 struct in6_addr v6; 2874 struct in6_addr v6;
2937 char *binary; 2875 char *binary;
2938 2876
2939 cfg = cfg_; 2877 binary = GNUNET_OS_get_libexec_binary_path ("gnunet-helper-vpn");
2940 binary = GNUNET_OS_get_suid_binary_path (cfg, "gnunet-helper-vpn");
2941 2878
2942 if (GNUNET_YES != 2879 if (GNUNET_YES !=
2943 GNUNET_OS_check_helper_binary (binary, 2880 GNUNET_OS_check_helper_binary (
2944 GNUNET_YES, 2881 binary,
2945 "-d gnunet-vpn - - 169.1.3.3.7 255.255.255.0")) //ipv4 only please! 2882 GNUNET_YES,
2883 "-d gnunet-vpn - - 169.1.3.3.7 255.255.255.0")) //ipv4 only please!
2946 { 2884 {
2947 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, 2885 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2948 "`%s' is not SUID or the path is invalid, refusing to run.\n", 2886 "`%s' is not SUID, refusing to run.\n",
2949 binary); 2887 "gnunet-helper-vpn");
2950 GNUNET_free (binary); 2888 GNUNET_free (binary);
2951 global_ret = 1; 2889 global_ret = 1;
2952 /* we won't "really" exit here, as the 'service' is still running; 2890 /* we won't "really" exit here, as the 'service' is still running;
@@ -2954,23 +2892,29 @@ run (void *cls,
2954 anything either */ 2892 anything either */
2955 return; 2893 return;
2956 } 2894 }
2895 GNUNET_free (binary);
2896 cfg = cfg_;
2957 stats = GNUNET_STATISTICS_create ("vpn", cfg); 2897 stats = GNUNET_STATISTICS_create ("vpn", cfg);
2958 if (GNUNET_OK != 2898 if (GNUNET_OK !=
2959 GNUNET_CONFIGURATION_get_value_number (cfg, 2899 GNUNET_CONFIGURATION_get_value_number (cfg,
2960 "VPN", 2900 "VPN",
2961 "MAX_MAPPING", 2901 "MAX_MAPPING",
2962 &max_destination_mappings)) 2902 &max_destination_mappings))
2963 max_destination_mappings = 200; 2903 max_destination_mappings = 200;
2964 if (GNUNET_OK != 2904 if (GNUNET_OK !=
2965 GNUNET_CONFIGURATION_get_value_number (cfg, 2905 GNUNET_CONFIGURATION_get_value_number (cfg,
2966 "VPN", 2906 "VPN",
2967 "MAX_TUNNELS", 2907 "MAX_TUNNELS",
2968 &max_channel_mappings)) 2908 &max_channel_mappings))
2969 max_channel_mappings = 200; 2909 max_channel_mappings = 200;
2970 2910
2971 destination_map = GNUNET_CONTAINER_multihashmap_create (max_destination_mappings * 2, GNUNET_NO); 2911 destination_map =
2972 destination_heap = GNUNET_CONTAINER_heap_create (GNUNET_CONTAINER_HEAP_ORDER_MIN); 2912 GNUNET_CONTAINER_multihashmap_create (max_destination_mappings * 2,
2973 channel_map = GNUNET_CONTAINER_multihashmap_create (max_channel_mappings * 2, GNUNET_NO); 2913 GNUNET_NO);
2914 destination_heap =
2915 GNUNET_CONTAINER_heap_create (GNUNET_CONTAINER_HEAP_ORDER_MIN);
2916 channel_map =
2917 GNUNET_CONTAINER_multihashmap_create (max_channel_mappings * 2, GNUNET_NO);
2974 channel_heap = GNUNET_CONTAINER_heap_create (GNUNET_CONTAINER_HEAP_ORDER_MIN); 2918 channel_heap = GNUNET_CONTAINER_heap_create (GNUNET_CONTAINER_HEAP_ORDER_MIN);
2975 2919
2976 2920
@@ -2979,7 +2923,6 @@ run (void *cls,
2979 GNUNET_CONFIGURATION_get_value_string (cfg, "VPN", "IFNAME", &ifname)) 2923 GNUNET_CONFIGURATION_get_value_string (cfg, "VPN", "IFNAME", &ifname))
2980 { 2924 {
2981 GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, "VPN", "IFNAME"); 2925 GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, "VPN", "IFNAME");
2982 GNUNET_free (binary);
2983 GNUNET_SCHEDULER_shutdown (); 2926 GNUNET_SCHEDULER_shutdown ();
2984 return; 2927 return;
2985 } 2928 }
@@ -2987,40 +2930,43 @@ run (void *cls,
2987 ipv6addr = NULL; 2930 ipv6addr = NULL;
2988 if (GNUNET_OK == GNUNET_NETWORK_test_pf (PF_INET6)) 2931 if (GNUNET_OK == GNUNET_NETWORK_test_pf (PF_INET6))
2989 { 2932 {
2990 if ( (GNUNET_SYSERR == 2933 if ((GNUNET_SYSERR == GNUNET_CONFIGURATION_get_value_string (cfg,
2991 GNUNET_CONFIGURATION_get_value_string (cfg, "VPN", "IPV6ADDR", 2934 "VPN",
2992 &ipv6addr) || 2935 "IPV6ADDR",
2993 (1 != inet_pton (AF_INET6, ipv6addr, &v6))) ) 2936 &ipv6addr) ||
2937 (1 != inet_pton (AF_INET6, ipv6addr, &v6))))
2994 { 2938 {
2995 GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, "VPN", "IPV6ADDR", 2939 GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR,
2996 _("Must specify valid IPv6 address")); 2940 "VPN",
2997 GNUNET_free (binary); 2941 "IPV6ADDR",
2942 _ ("Must specify valid IPv6 address"));
2998 GNUNET_SCHEDULER_shutdown (); 2943 GNUNET_SCHEDULER_shutdown ();
2999 GNUNET_free_non_null (ipv6addr); 2944 GNUNET_free_non_null (ipv6addr);
3000 return; 2945 return;
3001 } 2946 }
3002 vpn_argv[2] = ipv6addr; 2947 vpn_argv[2] = ipv6addr;
3003 ipv6prefix_s = NULL; 2948 ipv6prefix_s = NULL;
3004 if (GNUNET_SYSERR == 2949 if (GNUNET_SYSERR == GNUNET_CONFIGURATION_get_value_string (cfg,
3005 GNUNET_CONFIGURATION_get_value_string (cfg, "VPN", "IPV6PREFIX", 2950 "VPN",
3006 &ipv6prefix_s)) 2951 "IPV6PREFIX",
2952 &ipv6prefix_s))
3007 { 2953 {
3008 GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, "VPN", "IPV6PREFIX"); 2954 GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, "VPN", "IPV6PREFIX");
3009 GNUNET_free (binary);
3010 GNUNET_SCHEDULER_shutdown (); 2955 GNUNET_SCHEDULER_shutdown ();
3011 GNUNET_free_non_null (ipv6prefix_s); 2956 GNUNET_free_non_null (ipv6prefix_s);
3012 return; 2957 return;
3013 } 2958 }
3014 vpn_argv[3] = ipv6prefix_s; 2959 vpn_argv[3] = ipv6prefix_s;
3015 if ( (GNUNET_OK != 2960 if ((GNUNET_OK != GNUNET_CONFIGURATION_get_value_number (cfg,
3016 GNUNET_CONFIGURATION_get_value_number (cfg, "VPN", 2961 "VPN",
3017 "IPV6PREFIX", 2962 "IPV6PREFIX",
3018 &ipv6prefix)) || 2963 &ipv6prefix)) ||
3019 (ipv6prefix >= 127) ) 2964 (ipv6prefix >= 127))
3020 { 2965 {
3021 GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, "VPN", "IPV4MASK", 2966 GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR,
3022 _("Must specify valid IPv6 mask")); 2967 "VPN",
3023 GNUNET_free (binary); 2968 "IPV4MASK",
2969 _ ("Must specify valid IPv6 mask"));
3024 GNUNET_SCHEDULER_shutdown (); 2970 GNUNET_SCHEDULER_shutdown ();
3025 return; 2971 return;
3026 } 2972 }
@@ -3028,35 +2974,40 @@ run (void *cls,
3028 else 2974 else
3029 { 2975 {
3030 GNUNET_log (GNUNET_ERROR_TYPE_INFO, 2976 GNUNET_log (GNUNET_ERROR_TYPE_INFO,
3031 _("IPv6 support disabled as this system does not support IPv6\n")); 2977 _ (
2978 "IPv6 support disabled as this system does not support IPv6\n"));
3032 vpn_argv[2] = GNUNET_strdup ("-"); 2979 vpn_argv[2] = GNUNET_strdup ("-");
3033 vpn_argv[3] = GNUNET_strdup ("-"); 2980 vpn_argv[3] = GNUNET_strdup ("-");
3034 } 2981 }
3035 if (GNUNET_OK == GNUNET_NETWORK_test_pf (PF_INET)) 2982 if (GNUNET_OK == GNUNET_NETWORK_test_pf (PF_INET))
3036 { 2983 {
3037 ipv4addr = NULL; 2984 ipv4addr = NULL;
3038 if ( (GNUNET_SYSERR == 2985 if ((GNUNET_SYSERR == GNUNET_CONFIGURATION_get_value_string (cfg,
3039 GNUNET_CONFIGURATION_get_value_string (cfg, "vpn", "IPV4ADDR", 2986 "vpn",
3040 &ipv4addr) || 2987 "IPV4ADDR",
3041 (1 != inet_pton (AF_INET, ipv4addr, &v4))) ) 2988 &ipv4addr) ||
2989 (1 != inet_pton (AF_INET, ipv4addr, &v4))))
3042 { 2990 {
3043 GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, "VPN", "IPV4ADDR", 2991 GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR,
3044 _("Must specify valid IPv4 address")); 2992 "VPN",
3045 GNUNET_free (binary); 2993 "IPV4ADDR",
2994 _ ("Must specify valid IPv4 address"));
3046 GNUNET_SCHEDULER_shutdown (); 2995 GNUNET_SCHEDULER_shutdown ();
3047 GNUNET_free_non_null (ipv4addr); 2996 GNUNET_free_non_null (ipv4addr);
3048 return; 2997 return;
3049 } 2998 }
3050 vpn_argv[4] = ipv4addr; 2999 vpn_argv[4] = ipv4addr;
3051 ipv4mask = NULL; 3000 ipv4mask = NULL;
3052 if ( (GNUNET_SYSERR == 3001 if ((GNUNET_SYSERR == GNUNET_CONFIGURATION_get_value_string (cfg,
3053 GNUNET_CONFIGURATION_get_value_string (cfg, "vpn", "IPV4MASK", 3002 "vpn",
3054 &ipv4mask) || 3003 "IPV4MASK",
3055 (1 != inet_pton (AF_INET, ipv4mask, &v4))) ) 3004 &ipv4mask) ||
3005 (1 != inet_pton (AF_INET, ipv4mask, &v4))))
3056 { 3006 {
3057 GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, "VPN", "IPV4MASK", 3007 GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR,
3058 _("Must specify valid IPv4 mask")); 3008 "VPN",
3059 GNUNET_free (binary); 3009 "IPV4MASK",
3010 _ ("Must specify valid IPv4 mask"));
3060 GNUNET_SCHEDULER_shutdown (); 3011 GNUNET_SCHEDULER_shutdown ();
3061 GNUNET_free_non_null (ipv4mask); 3012 GNUNET_free_non_null (ipv4mask);
3062 return; 3013 return;
@@ -3066,45 +3017,44 @@ run (void *cls,
3066 else 3017 else
3067 { 3018 {
3068 GNUNET_log (GNUNET_ERROR_TYPE_INFO, 3019 GNUNET_log (GNUNET_ERROR_TYPE_INFO,
3069 _("IPv4 support disabled as this system does not support IPv4\n")); 3020 _ (
3021 "IPv4 support disabled as this system does not support IPv4\n"));
3070 vpn_argv[4] = GNUNET_strdup ("-"); 3022 vpn_argv[4] = GNUNET_strdup ("-");
3071 vpn_argv[5] = GNUNET_strdup ("-"); 3023 vpn_argv[5] = GNUNET_strdup ("-");
3072 } 3024 }
3073 vpn_argv[6] = NULL; 3025 vpn_argv[6] = NULL;
3074 3026
3075 cadet_handle = GNUNET_CADET_connect (cfg_); 3027 cadet_handle = GNUNET_CADET_connect (cfg_);
3076 // FIXME never opens ports??? 3028 // FIXME never opens ports???
3077 helper_handle = GNUNET_HELPER_start (GNUNET_NO, 3029 helper_handle = GNUNET_HELPER_start (GNUNET_NO,
3078 binary, 3030 "gnunet-helper-vpn",
3079 vpn_argv, 3031 vpn_argv,
3080 &message_token, 3032 &message_token,
3081 NULL, 3033 NULL,
3082 NULL); 3034 NULL);
3083 GNUNET_free (binary); 3035 GNUNET_SCHEDULER_add_shutdown (&cleanup, NULL);
3084 GNUNET_SCHEDULER_add_shutdown (&cleanup,
3085 NULL);
3086} 3036}
3087 3037
3088 3038
3089/** 3039/**
3090 * Define "main" method using service macro. 3040 * Define "main" method using service macro.
3091 */ 3041 */
3092GNUNET_SERVICE_MAIN 3042GNUNET_SERVICE_MAIN (
3093("vpn", 3043 "vpn",
3094 GNUNET_SERVICE_OPTION_NONE, 3044 GNUNET_SERVICE_OPTION_NONE,
3095 &run, 3045 &run,
3096 &client_connect_cb, 3046 &client_connect_cb,
3097 &client_disconnect_cb, 3047 &client_disconnect_cb,
3098 NULL, 3048 NULL,
3099 GNUNET_MQ_hd_var_size (client_redirect_to_ip, 3049 GNUNET_MQ_hd_var_size (client_redirect_to_ip,
3100 GNUNET_MESSAGE_TYPE_VPN_CLIENT_REDIRECT_TO_IP, 3050 GNUNET_MESSAGE_TYPE_VPN_CLIENT_REDIRECT_TO_IP,
3101 struct RedirectToIpRequestMessage, 3051 struct RedirectToIpRequestMessage,
3102 NULL), 3052 NULL),
3103 GNUNET_MQ_hd_fixed_size (client_redirect_to_service, 3053 GNUNET_MQ_hd_fixed_size (client_redirect_to_service,
3104 GNUNET_MESSAGE_TYPE_VPN_CLIENT_REDIRECT_TO_SERVICE, 3054 GNUNET_MESSAGE_TYPE_VPN_CLIENT_REDIRECT_TO_SERVICE,
3105 struct RedirectToServiceRequestMessage, 3055 struct RedirectToServiceRequestMessage,
3106 NULL), 3056 NULL),
3107 GNUNET_MQ_handler_end ()); 3057 GNUNET_MQ_handler_end ());
3108 3058
3109 3059
3110/* end of gnunet-service-vpn.c */ 3060/* end of gnunet-service-vpn.c */
generated by cgit v1.2.3 (git 2.39.1) at 2024-04-26 22:04:32 +0000