diff options
-rw-r--r-- | src/transport/Makefile.am | 18 | ||||
-rw-r--r-- | src/transport/gnunet-service-transport.c | 2 | ||||
-rw-r--r-- | src/transport/gnunet-service-transport_blacklist.c | 87 | ||||
-rw-r--r-- | src/transport/gnunet-service-transport_blacklist.h | 6 | ||||
-rw-r--r-- | src/transport/test_transport_blacklisting_cfg_blp_peer1.conf | 37 | ||||
-rw-r--r-- | src/transport/test_transport_blacklisting_cfg_blp_peer2.conf | 36 | ||||
-rw-r--r-- | src/transport/test_transport_blacklisting_cfg_peer1.conf | 30 | ||||
-rw-r--r-- | src/transport/test_transport_blacklisting_cfg_peer2.conf | 29 |
8 files changed, 238 insertions, 7 deletions
diff --git a/src/transport/Makefile.am b/src/transport/Makefile.am index 5f65dff60..faa9d437d 100644 --- a/src/transport/Makefile.am +++ b/src/transport/Makefile.am | |||
@@ -323,6 +323,7 @@ check_PROGRAMS = \ | |||
323 | $(HTTP_SERVER_PLUGIN_TEST) \ | 323 | $(HTTP_SERVER_PLUGIN_TEST) \ |
324 | $(HTTPS_SERVER_PLUGIN_TEST) \ | 324 | $(HTTPS_SERVER_PLUGIN_TEST) \ |
325 | test_transport_api_blacklisting \ | 325 | test_transport_api_blacklisting \ |
326 | test_transport_blacklisting_cfg \ | ||
326 | test_transport_api_disconnect_tcp \ | 327 | test_transport_api_disconnect_tcp \ |
327 | test_transport_api_bidirectional_connect \ | 328 | test_transport_api_bidirectional_connect \ |
328 | test_transport_api_tcp \ | 329 | test_transport_api_tcp \ |
@@ -373,6 +374,7 @@ TESTS = \ | |||
373 | $(UNIX_TEST) \ | 374 | $(UNIX_TEST) \ |
374 | $(WLAN_PLUGIN_TEST) \ | 375 | $(WLAN_PLUGIN_TEST) \ |
375 | test_transport_api_blacklisting \ | 376 | test_transport_api_blacklisting \ |
377 | test_transport_blacklisting_cfg \ | ||
376 | test_transport_api_disconnect_tcp \ | 378 | test_transport_api_disconnect_tcp \ |
377 | test_transport_api_bidirectional_connect \ | 379 | test_transport_api_bidirectional_connect \ |
378 | test_transport_api_tcp \ | 380 | test_transport_api_tcp \ |
@@ -443,6 +445,16 @@ test_transport_api_blacklisting_LDADD = \ | |||
443 | $(top_builddir)/src/statistics/libgnunetstatistics.la \ | 445 | $(top_builddir)/src/statistics/libgnunetstatistics.la \ |
444 | $(top_builddir)/src/util/libgnunetutil.la \ | 446 | $(top_builddir)/src/util/libgnunetutil.la \ |
445 | $(top_builddir)/src/transport/libgnunettransporttesting.la | 447 | $(top_builddir)/src/transport/libgnunettransporttesting.la |
448 | |||
449 | test_transport_blacklisting_cfg_SOURCES = \ | ||
450 | test_transport_blacklisting_cfg.c | ||
451 | test_transport_blacklisting_cfg_LDADD = \ | ||
452 | $(top_builddir)/src/transport/libgnunettransport.la \ | ||
453 | $(top_builddir)/src/hello/libgnunethello.la \ | ||
454 | $(top_builddir)/src/statistics/libgnunetstatistics.la \ | ||
455 | $(top_builddir)/src/util/libgnunetutil.la \ | ||
456 | $(top_builddir)/src/transport/libgnunettransporttesting.la | ||
457 | |||
446 | 458 | ||
447 | test_transport_api_disconnect_tcp_SOURCES = \ | 459 | test_transport_api_disconnect_tcp_SOURCES = \ |
448 | test_transport_api_disconnect.c | 460 | test_transport_api_disconnect.c |
@@ -970,5 +982,9 @@ test_transport_api_timeout_https_peer1.conf\ | |||
970 | test_transport_api_timeout_https_peer2.conf\ | 982 | test_transport_api_timeout_https_peer2.conf\ |
971 | test_transport_api_unreliability_constant_udp_peer1.conf\ | 983 | test_transport_api_unreliability_constant_udp_peer1.conf\ |
972 | test_transport_api_unreliability_constant_udp_peer2.conf\ | 984 | test_transport_api_unreliability_constant_udp_peer2.conf\ |
985 | test_transport_blacklisting_cfg_peer1.conf \ | ||
986 | test_transport_blacklisting_cfg_peer2.conf | ||
987 | test_transport_blacklisting_cfg_blp_peer1.conf \ | ||
988 | test_transport_blacklisting_cfg_blp_peer2.conf\ | ||
973 | test_transport_api_http_reverse_peer1.conf \ | 989 | test_transport_api_http_reverse_peer1.conf \ |
974 | test_transport_api_http_reverse_peer2.conf | 990 | test_transport_api_http_reverse_peer2.conf |
diff --git a/src/transport/gnunet-service-transport.c b/src/transport/gnunet-service-transport.c index 58272a632..c8d688407 100644 --- a/src/transport/gnunet-service-transport.c +++ b/src/transport/gnunet-service-transport.c | |||
@@ -689,7 +689,7 @@ key_generation_cb (void *cls, | |||
689 | /* start subsystems */ | 689 | /* start subsystems */ |
690 | GST_hello_start (&process_hello_update, NULL); | 690 | GST_hello_start (&process_hello_update, NULL); |
691 | GNUNET_assert (NULL != GST_hello_get()); | 691 | GNUNET_assert (NULL != GST_hello_get()); |
692 | GST_blacklist_start (GST_server); | 692 | GST_blacklist_start (GST_server, GST_cfg, &GST_my_identity); |
693 | GST_ats = | 693 | GST_ats = |
694 | GNUNET_ATS_scheduling_init (GST_cfg, &ats_request_address_change, NULL); | 694 | GNUNET_ATS_scheduling_init (GST_cfg, &ats_request_address_change, NULL); |
695 | GST_manipulation_init (GST_cfg, &plugin_env_update_metrics); | 695 | GST_manipulation_init (GST_cfg, &plugin_env_update_metrics); |
diff --git a/src/transport/gnunet-service-transport_blacklist.c b/src/transport/gnunet-service-transport_blacklist.c index 9193922a9..361bf9c4e 100644 --- a/src/transport/gnunet-service-transport_blacklist.c +++ b/src/transport/gnunet-service-transport_blacklist.c | |||
@@ -371,16 +371,87 @@ read_blacklist_file () | |||
371 | GNUNET_free (fn); | 371 | GNUNET_free (fn); |
372 | } | 372 | } |
373 | 373 | ||
374 | /** | ||
375 | * Function to iterate over options in the blacklisting section for a peer. | ||
376 | * | ||
377 | * @param cls closure | ||
378 | * @param section name of the section | ||
379 | * @param option name of the option | ||
380 | * @param value value of the option | ||
381 | */ | ||
382 | void blacklist_cfg_iter (void *cls, const char *section, | ||
383 | const char *option, | ||
384 | const char *value) | ||
385 | { | ||
386 | struct GNUNET_PeerIdentity peer; | ||
387 | char *plugs; | ||
388 | char *pos; | ||
389 | int *res = cls; | ||
390 | |||
391 | if (GNUNET_OK != GNUNET_CRYPTO_hash_from_string2(option, | ||
392 | strlen (option), &peer.hashPubKey)) | ||
393 | return; | ||
394 | |||
395 | if ((NULL == value) || (0 == strcmp(value, ""))) | ||
396 | { | ||
397 | /* Blacklist whole peer */ | ||
398 | GST_blacklist_add_peer (&peer, NULL); | ||
399 | GNUNET_log (GNUNET_ERROR_TYPE_INFO, | ||
400 | _("Adding blacklisting entry for peer `%s'\n"), GNUNET_i2s (&peer)); | ||
401 | } | ||
402 | else | ||
403 | { | ||
404 | plugs = GNUNET_strdup (value); | ||
405 | for (pos = strtok (plugs, " "); pos != NULL; pos = strtok (NULL, " ")) | ||
406 | { | ||
407 | GNUNET_log (GNUNET_ERROR_TYPE_INFO, | ||
408 | _("Adding blacklisting entry for peer `%s':`%s'\n"), | ||
409 | GNUNET_i2s (&peer), pos); | ||
410 | GST_blacklist_add_peer (&peer, pos); | ||
411 | } | ||
412 | GNUNET_free (plugs); | ||
413 | } | ||
414 | (*res)++; | ||
415 | |||
416 | } | ||
417 | |||
418 | |||
419 | |||
420 | /** | ||
421 | * Read blacklist configuration | ||
422 | * | ||
423 | * @param cfg the configuration handle | ||
424 | * @param my_id my peer identity | ||
425 | */ | ||
426 | static void | ||
427 | read_blacklist_configuration (const struct GNUNET_CONFIGURATION_Handle *cfg, | ||
428 | const struct GNUNET_PeerIdentity *my_id) | ||
429 | { | ||
430 | char *cfg_sect; | ||
431 | int res = 0; | ||
432 | GNUNET_asprintf (&cfg_sect, "transport-blacklist-%s", GNUNET_i2s_full (my_id)); | ||
433 | GNUNET_CONFIGURATION_iterate_section_values (cfg, cfg_sect, &blacklist_cfg_iter, &res); | ||
434 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
435 | "Loaded %u blacklisting entries from configuration\n", res); | ||
436 | GNUNET_free (cfg_sect); | ||
437 | } | ||
374 | 438 | ||
375 | /** | 439 | /** |
376 | * Start blacklist subsystem. | 440 | * Start blacklist subsystem. |
377 | * | 441 | * |
378 | * @param server server used to accept clients from | 442 | * @param server server used to accept clients from |
443 | * @param cfg configuration handle | ||
444 | * @param my_id my peer id | ||
379 | */ | 445 | */ |
380 | void | 446 | void |
381 | GST_blacklist_start (struct GNUNET_SERVER_Handle *server) | 447 | GST_blacklist_start (struct GNUNET_SERVER_Handle *server, |
448 | const struct GNUNET_CONFIGURATION_Handle *cfg, | ||
449 | const struct GNUNET_PeerIdentity *my_id) | ||
382 | { | 450 | { |
383 | read_blacklist_file (); | 451 | GNUNET_assert (NULL != cfg); |
452 | GNUNET_assert (NULL != my_id); | ||
453 | //read_blacklist_file (); | ||
454 | read_blacklist_configuration (cfg, my_id); | ||
384 | GNUNET_SERVER_disconnect_notify (server, &client_disconnect_notification, | 455 | GNUNET_SERVER_disconnect_notify (server, &client_disconnect_notification, |
385 | NULL); | 456 | NULL); |
386 | } | 457 | } |
@@ -399,7 +470,7 @@ free_blacklist_entry (void *cls, const struct GNUNET_HashCode * key, void *value | |||
399 | { | 470 | { |
400 | char *be = value; | 471 | char *be = value; |
401 | 472 | ||
402 | GNUNET_free (be); | 473 | GNUNET_free_non_null (be); |
403 | return GNUNET_OK; | 474 | return GNUNET_OK; |
404 | } | 475 | } |
405 | 476 | ||
@@ -679,6 +750,8 @@ void | |||
679 | GST_blacklist_add_peer (const struct GNUNET_PeerIdentity *peer, | 750 | GST_blacklist_add_peer (const struct GNUNET_PeerIdentity *peer, |
680 | const char *transport_name) | 751 | const char *transport_name) |
681 | { | 752 | { |
753 | char * transport = NULL; | ||
754 | |||
682 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 755 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
683 | "Adding peer `%s' with plugin `%s' to blacklist\n", | 756 | "Adding peer `%s' with plugin `%s' to blacklist\n", |
684 | GNUNET_i2s (peer), transport_name); | 757 | GNUNET_i2s (peer), transport_name); |
@@ -686,8 +759,11 @@ GST_blacklist_add_peer (const struct GNUNET_PeerIdentity *peer, | |||
686 | blacklist = | 759 | blacklist = |
687 | GNUNET_CONTAINER_multihashmap_create (TRANSPORT_BLACKLIST_HT_SIZE, | 760 | GNUNET_CONTAINER_multihashmap_create (TRANSPORT_BLACKLIST_HT_SIZE, |
688 | GNUNET_NO); | 761 | GNUNET_NO); |
762 | if (NULL != transport_name) | ||
763 | transport = GNUNET_strdup (""); | ||
764 | |||
689 | GNUNET_CONTAINER_multihashmap_put (blacklist, &peer->hashPubKey, | 765 | GNUNET_CONTAINER_multihashmap_put (blacklist, &peer->hashPubKey, |
690 | GNUNET_strdup (transport_name), | 766 | transport, |
691 | GNUNET_CONTAINER_MULTIHASHMAPOPTION_MULTIPLE); | 767 | GNUNET_CONTAINER_MULTIHASHMAPOPTION_MULTIPLE); |
692 | } | 768 | } |
693 | 769 | ||
@@ -710,6 +786,9 @@ test_blacklisted (void *cls, const struct GNUNET_HashCode * key, void *value) | |||
710 | /* blacklist check for specific no specific transport*/ | 786 | /* blacklist check for specific no specific transport*/ |
711 | if (transport_name == NULL) | 787 | if (transport_name == NULL) |
712 | return GNUNET_NO; | 788 | return GNUNET_NO; |
789 | /* all plugins for this peer were blacklisted */ | ||
790 | if (NULL == value) | ||
791 | return GNUNET_NO; | ||
713 | 792 | ||
714 | /* blacklist check for specific transport */ | 793 | /* blacklist check for specific transport */ |
715 | if (0 == strcmp (transport_name, be)) | 794 | if (0 == strcmp (transport_name, be)) |
diff --git a/src/transport/gnunet-service-transport_blacklist.h b/src/transport/gnunet-service-transport_blacklist.h index b8335ab8c..a0ae5a959 100644 --- a/src/transport/gnunet-service-transport_blacklist.h +++ b/src/transport/gnunet-service-transport_blacklist.h | |||
@@ -33,9 +33,13 @@ | |||
33 | * Start blacklist subsystem. | 33 | * Start blacklist subsystem. |
34 | * | 34 | * |
35 | * @param server server used to accept clients from | 35 | * @param server server used to accept clients from |
36 | * @param cfg configuration handle | ||
37 | * @param my_id my peer id | ||
36 | */ | 38 | */ |
37 | void | 39 | void |
38 | GST_blacklist_start (struct GNUNET_SERVER_Handle *server); | 40 | GST_blacklist_start (struct GNUNET_SERVER_Handle *server, |
41 | const struct GNUNET_CONFIGURATION_Handle *cfg, | ||
42 | const struct GNUNET_PeerIdentity *my_id); | ||
39 | 43 | ||
40 | 44 | ||
41 | /** | 45 | /** |
diff --git a/src/transport/test_transport_blacklisting_cfg_blp_peer1.conf b/src/transport/test_transport_blacklisting_cfg_blp_peer1.conf new file mode 100644 index 000000000..d244265aa --- /dev/null +++ b/src/transport/test_transport_blacklisting_cfg_blp_peer1.conf | |||
@@ -0,0 +1,37 @@ | |||
1 | @INLINE@ template_cfg_peer1.conf | ||
2 | [PATHS] | ||
3 | SERVICEHOME = /tmp/test-transport/api-tcp-p1/ | ||
4 | |||
5 | [transport-tcp] | ||
6 | PORT = 12000 | ||
7 | TIMEOUT = 5 s | ||
8 | |||
9 | [arm] | ||
10 | PORT = 12005 | ||
11 | DEFAULTSERVICES = transport | ||
12 | UNIXPATH = /tmp/gnunet-p1-service-arm.sock | ||
13 | |||
14 | [statistics] | ||
15 | PORT = 12004 | ||
16 | UNIXPATH = /tmp/gnunet-p1-service-statistics.sock | ||
17 | |||
18 | [resolver] | ||
19 | PORT = 12003 | ||
20 | UNIXPATH = /tmp/gnunet-p1-service-resolver.sock | ||
21 | |||
22 | [peerinfo] | ||
23 | PORT = 12002 | ||
24 | UNIXPATH = /tmp/gnunet-p1-service-peerinfo.sock | ||
25 | |||
26 | [transport] | ||
27 | #PREFIX = valgrind --leak-check=full | ||
28 | PORT = 12001 | ||
29 | UNIXPATH = /tmp/gnunet-p1-service-transport.sock | ||
30 | PLUGINS = tcp | ||
31 | |||
32 | [transport-blacklist-AG2PHES1BARB9IJCPAMJTFPVJ5V3A72S3F2A8SBUB8DAQ2V0O3V8G6G2JU56FHGFOHMQVKBSQFV98TCGTC3RJ1NINP82G0RC00N1520] | ||
33 | P565723JO1C2HSN6J29TAQ22MN6CI8HTMUU55T0FUQG4CMDGGEQ8UCNBKUMB94GC8R9G4FB2SF9LDOBAJ6AMINBP4JHHDD6L7VD801G = tcp | ||
34 | |||
35 | [transport-blacklist-P565723JO1C2HSN6J29TAQ22MN6CI8HTMUU55T0FUQG4CMDGGEQ8UCNBKUMB94GC8R9G4FB2SF9LDOBAJ6AMINBP4JHHDD6L7VD801G] | ||
36 | AG2PHES1BARB9IJCPAMJTFPVJ5V3A72S3F2A8SBUB8DAQ2V0O3V8G6G2JU56FHGFOHMQVKBSQFV98TCGTC3RJ1NINP82G0RC00N1520 = tcp | ||
37 | \ No newline at end of file | ||
diff --git a/src/transport/test_transport_blacklisting_cfg_blp_peer2.conf b/src/transport/test_transport_blacklisting_cfg_blp_peer2.conf new file mode 100644 index 000000000..542121f2b --- /dev/null +++ b/src/transport/test_transport_blacklisting_cfg_blp_peer2.conf | |||
@@ -0,0 +1,36 @@ | |||
1 | @INLINE@ template_cfg_peer2.conf | ||
2 | [PATHS] | ||
3 | SERVICEHOME = /tmp/test-transport/api-tcp-p2/ | ||
4 | |||
5 | [transport-tcp] | ||
6 | PORT = 12015 | ||
7 | TIMEOUT = 5 s | ||
8 | |||
9 | [arm] | ||
10 | PORT = 12014 | ||
11 | DEFAULTSERVICES = transport | ||
12 | UNIXPATH = /tmp/gnunet-p2-service-arm.sock | ||
13 | |||
14 | [statistics] | ||
15 | PORT = 12013 | ||
16 | UNIXPATH = /tmp/gnunet-p2-service-statistics.sock | ||
17 | |||
18 | [resolver] | ||
19 | PORT = 12012 | ||
20 | UNIXPATH = /tmp/gnunet-p2-service-resolver.sock | ||
21 | |||
22 | [peerinfo] | ||
23 | PORT = 12011 | ||
24 | UNIXPATH = /tmp/gnunet-p2-service-peerinfo.sock | ||
25 | |||
26 | [transport] | ||
27 | #PREFIX = valgrind --leak-check=full | ||
28 | PORT = 12010 | ||
29 | PLUGINS = tcp | ||
30 | UNIXPATH = /tmp/gnunet-p2-service-transport.sock | ||
31 | |||
32 | [transport-blacklist-AG2PHES1BARB9IJCPAMJTFPVJ5V3A72S3F2A8SBUB8DAQ2V0O3V8G6G2JU56FHGFOHMQVKBSQFV98TCGTC3RJ1NINP82G0RC00N1520] | ||
33 | P565723JO1C2HSN6J29TAQ22MN6CI8HTMUU55T0FUQG4CMDGGEQ8UCNBKUMB94GC8R9G4FB2SF9LDOBAJ6AMINBP4JHHDD6L7VD801G = | ||
34 | |||
35 | [transport-blacklist-P565723JO1C2HSN6J29TAQ22MN6CI8HTMUU55T0FUQG4CMDGGEQ8UCNBKUMB94GC8R9G4FB2SF9LDOBAJ6AMINBP4JHHDD6L7VD801G] | ||
36 | AG2PHES1BARB9IJCPAMJTFPVJ5V3A72S3F2A8SBUB8DAQ2V0O3V8G6G2JU56FHGFOHMQVKBSQFV98TCGTC3RJ1NINP82G0RC00N1520 = \ No newline at end of file | ||
diff --git a/src/transport/test_transport_blacklisting_cfg_peer1.conf b/src/transport/test_transport_blacklisting_cfg_peer1.conf new file mode 100644 index 000000000..db662826b --- /dev/null +++ b/src/transport/test_transport_blacklisting_cfg_peer1.conf | |||
@@ -0,0 +1,30 @@ | |||
1 | @INLINE@ template_cfg_peer1.conf | ||
2 | [PATHS] | ||
3 | SERVICEHOME = /tmp/test-transport/api-tcp-p1/ | ||
4 | |||
5 | [transport-tcp] | ||
6 | PORT = 12000 | ||
7 | TIMEOUT = 5 s | ||
8 | |||
9 | [arm] | ||
10 | PORT = 12005 | ||
11 | DEFAULTSERVICES = transport | ||
12 | UNIXPATH = /tmp/gnunet-p1-service-arm.sock | ||
13 | |||
14 | [statistics] | ||
15 | PORT = 12004 | ||
16 | UNIXPATH = /tmp/gnunet-p1-service-statistics.sock | ||
17 | |||
18 | [resolver] | ||
19 | PORT = 12003 | ||
20 | UNIXPATH = /tmp/gnunet-p1-service-resolver.sock | ||
21 | |||
22 | [peerinfo] | ||
23 | PORT = 12002 | ||
24 | UNIXPATH = /tmp/gnunet-p1-service-peerinfo.sock | ||
25 | |||
26 | [transport] | ||
27 | PORT = 12001 | ||
28 | UNIXPATH = /tmp/gnunet-p1-service-transport.sock | ||
29 | PLUGINS = tcp | ||
30 | |||
diff --git a/src/transport/test_transport_blacklisting_cfg_peer2.conf b/src/transport/test_transport_blacklisting_cfg_peer2.conf new file mode 100644 index 000000000..181aab3de --- /dev/null +++ b/src/transport/test_transport_blacklisting_cfg_peer2.conf | |||
@@ -0,0 +1,29 @@ | |||
1 | @INLINE@ template_cfg_peer2.conf | ||
2 | [PATHS] | ||
3 | SERVICEHOME = /tmp/test-transport/api-tcp-p2/ | ||
4 | |||
5 | [transport-tcp] | ||
6 | PORT = 12015 | ||
7 | TIMEOUT = 5 s | ||
8 | |||
9 | [arm] | ||
10 | PORT = 12014 | ||
11 | DEFAULTSERVICES = transport | ||
12 | UNIXPATH = /tmp/gnunet-p2-service-arm.sock | ||
13 | |||
14 | [statistics] | ||
15 | PORT = 12013 | ||
16 | UNIXPATH = /tmp/gnunet-p2-service-statistics.sock | ||
17 | |||
18 | [resolver] | ||
19 | PORT = 12012 | ||
20 | UNIXPATH = /tmp/gnunet-p2-service-resolver.sock | ||
21 | |||
22 | [peerinfo] | ||
23 | PORT = 12011 | ||
24 | UNIXPATH = /tmp/gnunet-p2-service-peerinfo.sock | ||
25 | |||
26 | [transport] | ||
27 | PORT = 12010 | ||
28 | PLUGINS = tcp | ||
29 | UNIXPATH = /tmp/gnunet-p2-service-transport.sock | ||