diff options
Diffstat (limited to 'src/exit')
-rw-r--r-- | src/exit/gnunet-daemon-exit.c | 419 |
1 files changed, 250 insertions, 169 deletions
diff --git a/src/exit/gnunet-daemon-exit.c b/src/exit/gnunet-daemon-exit.c index 2b9ddc722..c8a2e85ef 100644 --- a/src/exit/gnunet-daemon-exit.c +++ b/src/exit/gnunet-daemon-exit.c | |||
@@ -3480,81 +3480,30 @@ do_dht_put (void *cls) | |||
3480 | sizeof (struct GNUNET_DNS_Advertisement), | 3480 | sizeof (struct GNUNET_DNS_Advertisement), |
3481 | &dns_advertisement, | 3481 | &dns_advertisement, |
3482 | expiration, | 3482 | expiration, |
3483 | &dht_put_cont, NULL); | 3483 | &dht_put_cont, |
3484 | NULL); | ||
3484 | } | 3485 | } |
3485 | 3486 | ||
3486 | 3487 | ||
3487 | /** | 3488 | /** |
3488 | * @brief Main function that will be run by the scheduler. | 3489 | * Figure out which IP versions we should support (and which |
3489 | * | 3490 | * are supported by the OS) according to our configuration. |
3490 | * @param cls closure | ||
3491 | * @param args remaining command-line arguments | ||
3492 | * @param cfgfile name of the configuration file used (for saving, can be NULL!) | ||
3493 | * @param cfg_ configuration | ||
3494 | */ | 3491 | */ |
3495 | static void | 3492 | static void |
3496 | run (void *cls, | 3493 | parse_ip_options () |
3497 | char *const *args, | ||
3498 | const char *cfgfile, | ||
3499 | const struct GNUNET_CONFIGURATION_Handle *cfg_) | ||
3500 | { | 3494 | { |
3501 | static struct GNUNET_CADET_MessageHandler handlers[] = { | 3495 | ipv4_exit = GNUNET_CONFIGURATION_get_value_yesno (cfg, |
3502 | {&receive_icmp_service, GNUNET_MESSAGE_TYPE_VPN_ICMP_TO_SERVICE, 0}, | 3496 | "exit", |
3503 | {&receive_icmp_remote, GNUNET_MESSAGE_TYPE_VPN_ICMP_TO_INTERNET, 0}, | 3497 | "EXIT_IPV4"); |
3504 | {&receive_udp_service, GNUNET_MESSAGE_TYPE_VPN_UDP_TO_SERVICE, 0}, | 3498 | ipv6_exit = GNUNET_CONFIGURATION_get_value_yesno (cfg, |
3505 | {&receive_udp_remote, GNUNET_MESSAGE_TYPE_VPN_UDP_TO_INTERNET, 0}, | 3499 | "exit", |
3506 | {&receive_tcp_service, GNUNET_MESSAGE_TYPE_VPN_TCP_TO_SERVICE_START, 0}, | 3500 | "EXIT_IPV6"); |
3507 | {&receive_tcp_remote, GNUNET_MESSAGE_TYPE_VPN_TCP_TO_INTERNET_START, 0}, | 3501 | ipv4_enabled = GNUNET_CONFIGURATION_get_value_yesno (cfg, |
3508 | {&receive_tcp_data, GNUNET_MESSAGE_TYPE_VPN_TCP_DATA_TO_EXIT, 0}, | 3502 | "exit", |
3509 | {&receive_dns_request, GNUNET_MESSAGE_TYPE_VPN_DNS_TO_INTERNET, 0}, | 3503 | "ENABLE_IPV4"); |
3510 | {NULL, 0, 0} | 3504 | ipv6_enabled = GNUNET_CONFIGURATION_get_value_yesno (cfg, |
3511 | }; | 3505 | "exit", |
3512 | 3506 | "ENABLE_IPV6"); | |
3513 | static uint32_t apptypes[] = { | ||
3514 | GNUNET_APPLICATION_TYPE_END, | ||
3515 | GNUNET_APPLICATION_TYPE_END, | ||
3516 | GNUNET_APPLICATION_TYPE_END, | ||
3517 | GNUNET_APPLICATION_TYPE_END | ||
3518 | }; | ||
3519 | unsigned int app_idx; | ||
3520 | char *exit_ifname; | ||
3521 | char *tun_ifname; | ||
3522 | char *policy; | ||
3523 | char *ipv6addr; | ||
3524 | char *ipv6prefix_s; | ||
3525 | char *ipv4addr; | ||
3526 | char *ipv4mask; | ||
3527 | char *binary; | ||
3528 | char *regex; | ||
3529 | char *prefixed_regex; | ||
3530 | struct in_addr dns_exit4; | ||
3531 | struct in6_addr dns_exit6; | ||
3532 | char *dns_exit; | ||
3533 | |||
3534 | cfg = cfg_; | ||
3535 | ipv4_exit = GNUNET_CONFIGURATION_get_value_yesno (cfg, "exit", "EXIT_IPV4"); | ||
3536 | ipv6_exit = GNUNET_CONFIGURATION_get_value_yesno (cfg, "exit", "EXIT_IPV6"); | ||
3537 | ipv4_enabled = GNUNET_CONFIGURATION_get_value_yesno (cfg, "exit", "ENABLE_IPV4"); | ||
3538 | ipv6_enabled = GNUNET_CONFIGURATION_get_value_yesno (cfg, "exit", "ENABLE_IPV6"); | ||
3539 | if ( (ipv4_exit) || (ipv6_exit) ) | ||
3540 | { | ||
3541 | binary = GNUNET_OS_get_libexec_binary_path ("gnunet-helper-exit"); | ||
3542 | if (GNUNET_YES != | ||
3543 | GNUNET_OS_check_helper_binary (binary, GNUNET_YES, "-d gnunet-vpn - - - 169.1.3.3.7 255.255.255.0")) //no nat, ipv4 only | ||
3544 | { | ||
3545 | GNUNET_free (binary); | ||
3546 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
3547 | _("`%s' must be installed SUID, EXIT will not work\n"), | ||
3548 | "gnunet-helper-exit"); | ||
3549 | GNUNET_SCHEDULER_add_shutdown (&dummy_task, | ||
3550 | NULL); | ||
3551 | global_ret = 1; | ||
3552 | return; | ||
3553 | } | ||
3554 | GNUNET_free (binary); | ||
3555 | } | ||
3556 | stats = GNUNET_STATISTICS_create ("exit", cfg); | ||
3557 | |||
3558 | if ( (ipv4_exit || ipv4_enabled) && | 3507 | if ( (ipv4_exit || ipv4_enabled) && |
3559 | GNUNET_OK != GNUNET_NETWORK_test_pf (PF_INET)) | 3508 | GNUNET_OK != GNUNET_NETWORK_test_pf (PF_INET)) |
3560 | { | 3509 | { |
@@ -3583,83 +3532,110 @@ run (void *cls, | |||
3583 | _("Cannot enable IPv6 exit but disable IPv6 on TUN interface, will use ENABLE_IPv6=YES\n")); | 3532 | _("Cannot enable IPv6 exit but disable IPv6 on TUN interface, will use ENABLE_IPv6=YES\n")); |
3584 | ipv6_enabled = GNUNET_YES; | 3533 | ipv6_enabled = GNUNET_YES; |
3585 | } | 3534 | } |
3586 | if (! (ipv4_enabled || ipv6_enabled)) | 3535 | } |
3587 | { | 3536 | |
3588 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | 3537 | |
3589 | _("No useful service enabled. Exiting.\n")); | 3538 | /** |
3590 | GNUNET_SCHEDULER_shutdown (); | 3539 | * Helper function to open the CADET port for DNS exits and to |
3591 | return; | 3540 | * advertise the DNS exit (if applicable). |
3592 | } | 3541 | */ |
3542 | static void | ||
3543 | advertise_dns_exit () | ||
3544 | { | ||
3545 | char *dns_exit; | ||
3546 | struct GNUNET_HashCode port; | ||
3547 | struct in_addr dns_exit4; | ||
3548 | struct in6_addr dns_exit6; | ||
3593 | 3549 | ||
3594 | dns_exit = NULL; | 3550 | if (GNUNET_YES != |
3595 | if ( (GNUNET_YES == | 3551 | GNUNET_CONFIGURATION_get_value_yesno (cfg, |
3596 | GNUNET_CONFIGURATION_get_value_yesno (cfg_, "exit", "EXIT_DNS")) && | 3552 | "exit", |
3597 | ( (GNUNET_OK != | 3553 | "EXIT_DNS")) |
3598 | GNUNET_CONFIGURATION_get_value_string (cfg, "exit", | 3554 | return; |
3599 | "DNS_RESOLVER", | 3555 | if ( (GNUNET_OK != |
3600 | &dns_exit)) || | 3556 | GNUNET_CONFIGURATION_get_value_string (cfg, |
3601 | ( (1 != inet_pton (AF_INET, dns_exit, &dns_exit4)) && | 3557 | "exit", |
3602 | (1 != inet_pton (AF_INET6, dns_exit, &dns_exit6)) ) ) ) | 3558 | "DNS_RESOLVER", |
3559 | &dns_exit)) || | ||
3560 | ( (1 != inet_pton (AF_INET, | ||
3561 | dns_exit, | ||
3562 | &dns_exit4)) && | ||
3563 | (1 != inet_pton (AF_INET6, | ||
3564 | dns_exit, | ||
3565 | &dns_exit6)) ) ) | ||
3603 | { | 3566 | { |
3604 | GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, | 3567 | GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, |
3605 | "dns", "DNS_RESOLVER", | 3568 | "dns", |
3569 | "DNS_RESOLVER", | ||
3606 | _("need a valid IPv4 or IPv6 address\n")); | 3570 | _("need a valid IPv4 or IPv6 address\n")); |
3607 | GNUNET_free_non_null (dns_exit); | 3571 | return; |
3608 | dns_exit = NULL; | 3572 | } |
3609 | } | 3573 | /* open port */ |
3610 | app_idx = 0; | 3574 | GNUNET_CRYPTO_hash (GNUNET_APPLICATION_PORT_INTERNET_RESOLVER, |
3611 | if (GNUNET_YES == ipv4_exit) | 3575 | strlen (GNUNET_APPLICATION_PORT_INTERNET_RESOLVER), |
3612 | { | 3576 | &port); |
3613 | apptypes[app_idx] = GNUNET_APPLICATION_TYPE_IPV4_GATEWAY; | 3577 | GNUNET_CADET_open_port (cadet_handle, |
3614 | app_idx++; | 3578 | &port, |
3615 | } | 3579 | &new_channel, |
3616 | if (GNUNET_YES == ipv6_exit) | 3580 | NULL); |
3617 | { | 3581 | /* advertise exit */ |
3618 | apptypes[app_idx] = GNUNET_APPLICATION_TYPE_IPV6_GATEWAY; | 3582 | dht = GNUNET_DHT_connect (cfg, |
3619 | app_idx++; | 3583 | 1); |
3620 | } | 3584 | peer_key = GNUNET_CRYPTO_eddsa_key_create_from_configuration (cfg); |
3621 | if (NULL != dns_exit) | 3585 | GNUNET_CRYPTO_eddsa_key_get_public (peer_key, |
3622 | { | 3586 | &dns_advertisement.peer.public_key); |
3623 | dht = GNUNET_DHT_connect (cfg, 1); | 3587 | dns_advertisement.purpose.size = htonl (sizeof (struct GNUNET_DNS_Advertisement) - |
3624 | peer_key = GNUNET_CRYPTO_eddsa_key_create_from_configuration (cfg); | 3588 | sizeof (struct GNUNET_CRYPTO_EddsaSignature)); |
3625 | GNUNET_CRYPTO_eddsa_key_get_public (peer_key, | 3589 | dns_advertisement.purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_DNS_RECORD); |
3626 | &dns_advertisement.peer.public_key); | 3590 | GNUNET_CRYPTO_hash ("dns", |
3627 | dns_advertisement.purpose.size = htonl (sizeof (struct GNUNET_DNS_Advertisement) - | 3591 | strlen ("dns"), |
3628 | sizeof (struct GNUNET_CRYPTO_EddsaSignature)); | 3592 | &dht_put_key); |
3629 | dns_advertisement.purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_DNS_RECORD); | 3593 | dht_task = GNUNET_SCHEDULER_add_now (&do_dht_put, |
3630 | GNUNET_CRYPTO_hash ("dns", | 3594 | NULL); |
3631 | strlen ("dns"), | 3595 | GNUNET_free (dns_exit); |
3632 | &dht_put_key); | 3596 | } |
3633 | dht_task = GNUNET_SCHEDULER_add_now (&do_dht_put, | 3597 | |
3634 | NULL); | 3598 | |
3635 | apptypes[app_idx] = GNUNET_APPLICATION_TYPE_INTERNET_RESOLVER; | 3599 | /** |
3636 | app_idx++; | 3600 | * Initialize #exit_argv. |
3637 | } | 3601 | * |
3638 | GNUNET_free_non_null (dns_exit); | 3602 | * @return #GNUNET_OK on success, #GNUNET_SYSERR if we should shutdown |
3639 | GNUNET_SCHEDULER_add_shutdown (&cleanup, | 3603 | */ |
3640 | NULL); | 3604 | static int |
3605 | setup_exit_helper_args () | ||
3606 | { | ||
3607 | char *exit_ifname; | ||
3608 | char *tun_ifname; | ||
3609 | char *ipv6addr; | ||
3610 | char *ipv6prefix_s; | ||
3611 | char *ipv4addr; | ||
3612 | char *ipv4mask; | ||
3641 | 3613 | ||
3642 | if (GNUNET_OK != | ||
3643 | GNUNET_CONFIGURATION_get_value_number (cfg, "exit", "MAX_CONNECTIONS", | ||
3644 | &max_connections)) | ||
3645 | max_connections = 1024; | ||
3646 | exit_argv[0] = GNUNET_strdup ("exit-gnunet"); | 3614 | exit_argv[0] = GNUNET_strdup ("exit-gnunet"); |
3647 | if (GNUNET_SYSERR == | 3615 | if (GNUNET_SYSERR == |
3648 | GNUNET_CONFIGURATION_get_value_string (cfg, "exit", "TUN_IFNAME", &tun_ifname)) | 3616 | GNUNET_CONFIGURATION_get_value_string (cfg, |
3617 | "exit", | ||
3618 | "TUN_IFNAME", | ||
3619 | &tun_ifname)) | ||
3649 | { | 3620 | { |
3650 | GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, "EXIT", "TUN_IFNAME"); | 3621 | GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, |
3651 | GNUNET_SCHEDULER_shutdown (); | 3622 | "EXIT", |
3652 | return; | 3623 | "TUN_IFNAME"); |
3624 | return GNUNET_SYSERR; | ||
3653 | } | 3625 | } |
3654 | exit_argv[1] = tun_ifname; | 3626 | exit_argv[1] = tun_ifname; |
3655 | if (ipv4_enabled) | 3627 | if (ipv4_enabled) |
3656 | { | 3628 | { |
3657 | if (GNUNET_SYSERR == | 3629 | if (GNUNET_SYSERR == |
3658 | GNUNET_CONFIGURATION_get_value_string (cfg, "exit", "EXIT_IFNAME", &exit_ifname)) | 3630 | GNUNET_CONFIGURATION_get_value_string (cfg, |
3631 | "exit", | ||
3632 | "EXIT_IFNAME", | ||
3633 | &exit_ifname)) | ||
3659 | { | 3634 | { |
3660 | GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, "EXIT", "EXIT_IFNAME"); | 3635 | GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, |
3661 | GNUNET_SCHEDULER_shutdown (); | 3636 | "EXIT", |
3662 | return; | 3637 | "EXIT_IFNAME"); |
3638 | return GNUNET_SYSERR; | ||
3663 | } | 3639 | } |
3664 | exit_argv[2] = exit_ifname; | 3640 | exit_argv[2] = exit_ifname; |
3665 | } | 3641 | } |
@@ -3668,7 +3644,6 @@ run (void *cls, | |||
3668 | exit_argv[2] = GNUNET_strdup ("-"); | 3644 | exit_argv[2] = GNUNET_strdup ("-"); |
3669 | } | 3645 | } |
3670 | 3646 | ||
3671 | |||
3672 | if (GNUNET_YES == ipv6_enabled) | 3647 | if (GNUNET_YES == ipv6_enabled) |
3673 | { | 3648 | { |
3674 | ipv6addr = NULL; | 3649 | ipv6addr = NULL; |
@@ -3677,33 +3652,41 @@ run (void *cls, | |||
3677 | "exit", | 3652 | "exit", |
3678 | "IPV6ADDR", | 3653 | "IPV6ADDR", |
3679 | &ipv6addr) || | 3654 | &ipv6addr) || |
3680 | (1 != inet_pton (AF_INET6, ipv6addr, &exit_ipv6addr))) ) | 3655 | (1 != inet_pton (AF_INET6, |
3656 | ipv6addr, | ||
3657 | &exit_ipv6addr))) ) | ||
3681 | { | 3658 | { |
3682 | GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, "EXIT", "IPV6ADDR"); | 3659 | GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, |
3683 | GNUNET_SCHEDULER_shutdown (); | 3660 | "EXIT", |
3661 | "IPV6ADDR"); | ||
3684 | GNUNET_free_non_null (ipv6addr); | 3662 | GNUNET_free_non_null (ipv6addr); |
3685 | return; | 3663 | return GNUNET_SYSERR; |
3686 | } | 3664 | } |
3687 | exit_argv[3] = ipv6addr; | 3665 | exit_argv[3] = ipv6addr; |
3688 | if (GNUNET_SYSERR == | 3666 | if (GNUNET_SYSERR == |
3689 | GNUNET_CONFIGURATION_get_value_string (cfg, "exit", "IPV6PREFIX", | 3667 | GNUNET_CONFIGURATION_get_value_string (cfg, |
3668 | "exit", | ||
3669 | "IPV6PREFIX", | ||
3690 | &ipv6prefix_s)) | 3670 | &ipv6prefix_s)) |
3691 | { | 3671 | { |
3692 | GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, "EXIT", "IPV6PREFIX"); | 3672 | GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, |
3693 | GNUNET_SCHEDULER_shutdown (); | 3673 | "EXIT", |
3694 | return; | 3674 | "IPV6PREFIX"); |
3675 | return GNUNET_SYSERR; | ||
3695 | } | 3676 | } |
3696 | exit_argv[4] = ipv6prefix_s; | 3677 | exit_argv[4] = ipv6prefix_s; |
3697 | if ( (GNUNET_OK != | 3678 | if ( (GNUNET_OK != |
3698 | GNUNET_CONFIGURATION_get_value_number (cfg, "exit", | 3679 | GNUNET_CONFIGURATION_get_value_number (cfg, |
3680 | "exit", | ||
3699 | "IPV6PREFIX", | 3681 | "IPV6PREFIX", |
3700 | &ipv6prefix)) || | 3682 | &ipv6prefix)) || |
3701 | (ipv6prefix >= 127) ) | 3683 | (ipv6prefix >= 127) ) |
3702 | { | 3684 | { |
3703 | GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, "EXIT", "IPV6PREFIX", | 3685 | GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, |
3686 | "EXIT", | ||
3687 | "IPV6PREFIX", | ||
3704 | _("Must be a number")); | 3688 | _("Must be a number")); |
3705 | GNUNET_SCHEDULER_shutdown (); | 3689 | return GNUNET_SYSERR; |
3706 | return; | ||
3707 | } | 3690 | } |
3708 | } | 3691 | } |
3709 | else | 3692 | else |
@@ -3716,26 +3699,36 @@ run (void *cls, | |||
3716 | { | 3699 | { |
3717 | ipv4addr = NULL; | 3700 | ipv4addr = NULL; |
3718 | if ( (GNUNET_SYSERR == | 3701 | if ( (GNUNET_SYSERR == |
3719 | GNUNET_CONFIGURATION_get_value_string (cfg, "exit", "IPV4ADDR", | 3702 | GNUNET_CONFIGURATION_get_value_string (cfg, |
3703 | "exit", | ||
3704 | "IPV4ADDR", | ||
3720 | &ipv4addr) || | 3705 | &ipv4addr) || |
3721 | (1 != inet_pton (AF_INET, ipv4addr, &exit_ipv4addr))) ) | 3706 | (1 != inet_pton (AF_INET, |
3707 | ipv4addr, | ||
3708 | &exit_ipv4addr))) ) | ||
3722 | { | 3709 | { |
3723 | GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, "EXIT", "IPV4ADDR"); | 3710 | GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, |
3724 | GNUNET_SCHEDULER_shutdown (); | 3711 | "EXIT", |
3712 | "IPV4ADDR"); | ||
3725 | GNUNET_free_non_null (ipv4addr); | 3713 | GNUNET_free_non_null (ipv4addr); |
3726 | return; | 3714 | return GNUNET_SYSERR; |
3727 | } | 3715 | } |
3728 | exit_argv[5] = ipv4addr; | 3716 | exit_argv[5] = ipv4addr; |
3729 | ipv4mask = NULL; | 3717 | ipv4mask = NULL; |
3730 | if ( (GNUNET_SYSERR == | 3718 | if ( (GNUNET_SYSERR == |
3731 | GNUNET_CONFIGURATION_get_value_string (cfg, "exit", "IPV4MASK", | 3719 | GNUNET_CONFIGURATION_get_value_string (cfg, |
3720 | "exit", | ||
3721 | "IPV4MASK", | ||
3732 | &ipv4mask) || | 3722 | &ipv4mask) || |
3733 | (1 != inet_pton (AF_INET, ipv4mask, &exit_ipv4mask))) ) | 3723 | (1 != inet_pton (AF_INET, |
3724 | ipv4mask, | ||
3725 | &exit_ipv4mask))) ) | ||
3734 | { | 3726 | { |
3735 | GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, "EXIT", "IPV4MASK"); | 3727 | GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, |
3736 | GNUNET_SCHEDULER_shutdown (); | 3728 | "EXIT", |
3729 | "IPV4MASK"); | ||
3737 | GNUNET_free_non_null (ipv4mask); | 3730 | GNUNET_free_non_null (ipv4mask); |
3738 | return; | 3731 | return GNUNET_SYSERR; |
3739 | } | 3732 | } |
3740 | exit_argv[6] = ipv4mask; | 3733 | exit_argv[6] = ipv4mask; |
3741 | } | 3734 | } |
@@ -3746,38 +3739,119 @@ run (void *cls, | |||
3746 | exit_argv[6] = GNUNET_strdup ("-"); | 3739 | exit_argv[6] = GNUNET_strdup ("-"); |
3747 | } | 3740 | } |
3748 | exit_argv[7] = NULL; | 3741 | exit_argv[7] = NULL; |
3742 | return GNUNET_OK; | ||
3743 | } | ||
3749 | 3744 | ||
3750 | udp_services = GNUNET_CONTAINER_multihashmap_create (65536, GNUNET_NO); | ||
3751 | tcp_services = GNUNET_CONTAINER_multihashmap_create (65536, GNUNET_NO); | ||
3752 | GNUNET_CONFIGURATION_iterate_sections (cfg, &read_service_conf, NULL); | ||
3753 | 3745 | ||
3754 | connections_map = GNUNET_CONTAINER_multihashmap_create (65536, GNUNET_NO); | 3746 | /** |
3755 | connections_heap = GNUNET_CONTAINER_heap_create (GNUNET_CONTAINER_HEAP_ORDER_MIN); | 3747 | * @brief Main function that will be run by the scheduler. |
3756 | if (0 == app_idx) | 3748 | * |
3749 | * @param cls closure | ||
3750 | * @param args remaining command-line arguments | ||
3751 | * @param cfgfile name of the configuration file used (for saving, can be NULL!) | ||
3752 | * @param cfg_ configuration | ||
3753 | */ | ||
3754 | static void | ||
3755 | run (void *cls, | ||
3756 | char *const *args, | ||
3757 | const char *cfgfile, | ||
3758 | const struct GNUNET_CONFIGURATION_Handle *cfg_) | ||
3759 | { | ||
3760 | static struct GNUNET_CADET_MessageHandler handlers[] = { | ||
3761 | {&receive_icmp_service, GNUNET_MESSAGE_TYPE_VPN_ICMP_TO_SERVICE, 0}, | ||
3762 | {&receive_icmp_remote, GNUNET_MESSAGE_TYPE_VPN_ICMP_TO_INTERNET, 0}, | ||
3763 | {&receive_udp_service, GNUNET_MESSAGE_TYPE_VPN_UDP_TO_SERVICE, 0}, | ||
3764 | {&receive_udp_remote, GNUNET_MESSAGE_TYPE_VPN_UDP_TO_INTERNET, 0}, | ||
3765 | {&receive_tcp_service, GNUNET_MESSAGE_TYPE_VPN_TCP_TO_SERVICE_START, 0}, | ||
3766 | {&receive_tcp_remote, GNUNET_MESSAGE_TYPE_VPN_TCP_TO_INTERNET_START, 0}, | ||
3767 | {&receive_tcp_data, GNUNET_MESSAGE_TYPE_VPN_TCP_DATA_TO_EXIT, 0}, | ||
3768 | {&receive_dns_request, GNUNET_MESSAGE_TYPE_VPN_DNS_TO_INTERNET, 0}, | ||
3769 | {NULL, 0, 0} | ||
3770 | }; | ||
3771 | struct GNUNET_HashCode port; | ||
3772 | char *policy; | ||
3773 | char *binary; | ||
3774 | char *regex; | ||
3775 | char *prefixed_regex; | ||
3776 | |||
3777 | cfg = cfg_; | ||
3778 | if (GNUNET_OK != | ||
3779 | GNUNET_CONFIGURATION_get_value_number (cfg, | ||
3780 | "exit", | ||
3781 | "MAX_CONNECTIONS", | ||
3782 | &max_connections)) | ||
3783 | max_connections = 1024; | ||
3784 | parse_ip_options (); | ||
3785 | if ( (ipv4_exit) || (ipv6_exit) ) | ||
3786 | { | ||
3787 | binary = GNUNET_OS_get_libexec_binary_path ("gnunet-helper-exit"); | ||
3788 | if (GNUNET_YES != | ||
3789 | GNUNET_OS_check_helper_binary (binary, | ||
3790 | GNUNET_YES, | ||
3791 | "-d gnunet-vpn - - - 169.1.3.3.7 255.255.255.0")) //no nat, ipv4 only | ||
3792 | { | ||
3793 | GNUNET_free (binary); | ||
3794 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
3795 | _("`%s' must be installed SUID, EXIT will not work\n"), | ||
3796 | "gnunet-helper-exit"); | ||
3797 | GNUNET_SCHEDULER_add_shutdown (&dummy_task, | ||
3798 | NULL); | ||
3799 | global_ret = 1; | ||
3800 | return; | ||
3801 | } | ||
3802 | GNUNET_free (binary); | ||
3803 | } | ||
3804 | if (! (ipv4_enabled || ipv6_enabled)) | ||
3757 | { | 3805 | { |
3758 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | 3806 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, |
3759 | _("No useful service enabled. Exiting.\n")); | 3807 | _("No useful service enabled. Exiting.\n")); |
3760 | GNUNET_SCHEDULER_shutdown (); | 3808 | GNUNET_SCHEDULER_shutdown (); |
3761 | return; | 3809 | return; |
3762 | } | 3810 | } |
3763 | cadet_handle = GNUNET_CADET_connect (cfg, NULL, &clean_channel, handlers); | 3811 | |
3812 | GNUNET_SCHEDULER_add_shutdown (&cleanup, | ||
3813 | NULL); | ||
3814 | stats = GNUNET_STATISTICS_create ("exit", | ||
3815 | cfg); | ||
3816 | cadet_handle = GNUNET_CADET_connect (cfg, | ||
3817 | NULL, | ||
3818 | &clean_channel, | ||
3819 | handlers); | ||
3764 | if (NULL == cadet_handle) | 3820 | if (NULL == cadet_handle) |
3765 | { | 3821 | { |
3766 | GNUNET_SCHEDULER_shutdown (); | 3822 | GNUNET_SCHEDULER_shutdown (); |
3767 | return; | 3823 | return; |
3768 | } | 3824 | } |
3769 | for (int i = 0; | 3825 | advertise_dns_exit (); |
3770 | GNUNET_APPLICATION_TYPE_END != apptypes[i] | 3826 | if (GNUNET_OK != |
3771 | && i < sizeof (apptypes)/sizeof (*apptypes); | 3827 | setup_exit_helper_args ()) |
3772 | i++) | ||
3773 | { | 3828 | { |
3774 | GNUNET_CADET_open_port (cadet_handle, GC_u2h (apptypes[i]), | 3829 | GNUNET_SCHEDULER_shutdown (); |
3775 | &new_channel, NULL); | 3830 | return; |
3776 | } | 3831 | } |
3777 | 3832 | ||
3778 | /* Cadet handle acquired, now announce regular expressions matching our exit */ | 3833 | udp_services = GNUNET_CONTAINER_multihashmap_create (65536, |
3834 | GNUNET_NO); | ||
3835 | tcp_services = GNUNET_CONTAINER_multihashmap_create (65536, | ||
3836 | GNUNET_NO); | ||
3837 | connections_map = GNUNET_CONTAINER_multihashmap_create (65536, | ||
3838 | GNUNET_NO); | ||
3839 | connections_heap = GNUNET_CONTAINER_heap_create (GNUNET_CONTAINER_HEAP_ORDER_MIN); | ||
3840 | GNUNET_CONFIGURATION_iterate_sections (cfg, | ||
3841 | &read_service_conf, | ||
3842 | NULL); | ||
3843 | |||
3844 | /* Cadet handle acquired, now open ports and announce regular | ||
3845 | expressions matching our exit */ | ||
3779 | if ( (GNUNET_YES == ipv4_enabled) && (GNUNET_YES == ipv4_exit) ) | 3846 | if ( (GNUNET_YES == ipv4_enabled) && (GNUNET_YES == ipv4_exit) ) |
3780 | { | 3847 | { |
3848 | GNUNET_CRYPTO_hash (GNUNET_APPLICATION_PORT_IPV4_GATEWAY, | ||
3849 | strlen (GNUNET_APPLICATION_PORT_IPV4_GATEWAY), | ||
3850 | &port); | ||
3851 | GNUNET_CADET_open_port (cadet_handle, | ||
3852 | &port, | ||
3853 | &new_channel, | ||
3854 | NULL); | ||
3781 | policy = NULL; | 3855 | policy = NULL; |
3782 | if (GNUNET_OK != | 3856 | if (GNUNET_OK != |
3783 | GNUNET_CONFIGURATION_get_value_string (cfg, | 3857 | GNUNET_CONFIGURATION_get_value_string (cfg, |
@@ -3803,8 +3877,15 @@ run (void *cls, | |||
3803 | } | 3877 | } |
3804 | } | 3878 | } |
3805 | 3879 | ||
3806 | if (GNUNET_YES == ipv6_enabled && GNUNET_YES == ipv6_exit) | 3880 | if ( (GNUNET_YES == ipv6_enabled) && (GNUNET_YES == ipv6_exit) ) |
3807 | { | 3881 | { |
3882 | GNUNET_CRYPTO_hash (GNUNET_APPLICATION_PORT_IPV6_GATEWAY, | ||
3883 | strlen (GNUNET_APPLICATION_PORT_IPV6_GATEWAY), | ||
3884 | &port); | ||
3885 | GNUNET_CADET_open_port (cadet_handle, | ||
3886 | &port, | ||
3887 | &new_channel, | ||
3888 | NULL); | ||
3808 | policy = NULL; | 3889 | policy = NULL; |
3809 | if (GNUNET_OK != | 3890 | if (GNUNET_OK != |
3810 | GNUNET_CONFIGURATION_get_value_string (cfg, | 3891 | GNUNET_CONFIGURATION_get_value_string (cfg, |