diff options
Diffstat (limited to 'src/gns')
| -rw-r--r-- | src/gns/gnunet-gns-proxy.c | 48 | ||||
| -rw-r--r-- | src/gns/test_gns_defaults.conf | 12 | ||||
| -rwxr-xr-x | src/gns/test_gns_gns2dns_cname_lookup.sh | 9 | ||||
| -rwxr-xr-x | src/gns/test_gns_gns2dns_lookup.sh | 10 |
4 files changed, 62 insertions, 17 deletions
diff --git a/src/gns/gnunet-gns-proxy.c b/src/gns/gnunet-gns-proxy.c index a9013390e..e1997e215 100644 --- a/src/gns/gnunet-gns-proxy.c +++ b/src/gns/gnunet-gns-proxy.c | |||
| @@ -59,6 +59,12 @@ | |||
| 59 | #define MAX_HTTP_URI_LENGTH 2048 | 59 | #define MAX_HTTP_URI_LENGTH 2048 |
| 60 | 60 | ||
| 61 | /** | 61 | /** |
| 62 | * Maximum number of DANE records we support | ||
| 63 | * per domain name (and port and protocol). | ||
| 64 | */ | ||
| 65 | #define MAX_DANES 32 | ||
| 66 | |||
| 67 | /** | ||
| 62 | * Size of the buffer for the data upload / download. Must be | 68 | * Size of the buffer for the data upload / download. Must be |
| 63 | * enough for curl, thus CURL_MAX_WRITE_SIZE is needed here (16k). | 69 | * enough for curl, thus CURL_MAX_WRITE_SIZE is needed here (16k). |
| 64 | */ | 70 | */ |
| @@ -543,9 +549,9 @@ struct Socks5Request | |||
| 543 | char *leho; | 549 | char *leho; |
| 544 | 550 | ||
| 545 | /** | 551 | /** |
| 546 | * Payload of the (last) DANE record encountered. | 552 | * Payload of the DANE records encountered. |
| 547 | */ | 553 | */ |
| 548 | char *dane_data; | 554 | char *dane_data[MAX_DANES + 1]; |
| 549 | 555 | ||
| 550 | /** | 556 | /** |
| 551 | * The URL to fetch | 557 | * The URL to fetch |
| @@ -575,7 +581,13 @@ struct Socks5Request | |||
| 575 | /** | 581 | /** |
| 576 | * Number of bytes in @e dane_data. | 582 | * Number of bytes in @e dane_data. |
| 577 | */ | 583 | */ |
| 578 | size_t dane_data_len; | 584 | int dane_data_len[MAX_DANES + 1]; |
| 585 | |||
| 586 | /** | ||
| 587 | * Number of entries used in @e dane_data_len | ||
| 588 | * and @e dane_data. | ||
| 589 | */ | ||
| 590 | unsigned int num_danes; | ||
| 579 | 591 | ||
| 580 | /** | 592 | /** |
| 581 | * Number of bytes already in read buffer | 593 | * Number of bytes already in read buffer |
| @@ -816,7 +828,8 @@ cleanup_s5r (struct Socks5Request *s5r) | |||
| 816 | GNUNET_free_non_null (s5r->domain); | 828 | GNUNET_free_non_null (s5r->domain); |
| 817 | GNUNET_free_non_null (s5r->leho); | 829 | GNUNET_free_non_null (s5r->leho); |
| 818 | GNUNET_free_non_null (s5r->url); | 830 | GNUNET_free_non_null (s5r->url); |
| 819 | GNUNET_free_non_null (s5r->dane_data); | 831 | for (unsigned int i=0;i<s5r->num_danes;i++) |
| 832 | GNUNET_free (s5r->dane_data[i]); | ||
| 820 | GNUNET_free (s5r); | 833 | GNUNET_free (s5r); |
| 821 | } | 834 | } |
| 822 | 835 | ||
| @@ -989,10 +1002,8 @@ check_ssl_certificate (struct Socks5Request *s5r) | |||
| 989 | } | 1002 | } |
| 990 | /* check for TLSA/DANE records */ | 1003 | /* check for TLSA/DANE records */ |
| 991 | #if HAVE_GNUTLS_DANE | 1004 | #if HAVE_GNUTLS_DANE |
| 992 | if (NULL != s5r->dane_data) | 1005 | if (0 != s5r->num_danes) |
| 993 | { | 1006 | { |
| 994 | char *dd[] = { s5r->dane_data, NULL }; | ||
| 995 | int dlen[] = { s5r->dane_data_len, 0}; | ||
| 996 | dane_state_t dane_state; | 1007 | dane_state_t dane_state; |
| 997 | dane_query_t dane_query; | 1008 | dane_query_t dane_query; |
| 998 | unsigned int verify; | 1009 | unsigned int verify; |
| @@ -1010,10 +1021,12 @@ check_ssl_certificate (struct Socks5Request *s5r) | |||
| 1010 | gnutls_x509_crt_deinit (x509_cert); | 1021 | gnutls_x509_crt_deinit (x509_cert); |
| 1011 | return GNUNET_SYSERR; | 1022 | return GNUNET_SYSERR; |
| 1012 | } | 1023 | } |
| 1024 | s5r->dane_data[s5r->num_danes] = NULL; | ||
| 1025 | s5r->dane_data_len[s5r->num_danes] = 0; | ||
| 1013 | if (0 != (rc = dane_raw_tlsa (dane_state, | 1026 | if (0 != (rc = dane_raw_tlsa (dane_state, |
| 1014 | &dane_query, | 1027 | &dane_query, |
| 1015 | dd, | 1028 | s5r->dane_data, |
| 1016 | dlen, | 1029 | s5r->dane_data_len, |
| 1017 | GNUNET_YES, | 1030 | GNUNET_YES, |
| 1018 | GNUNET_NO))) | 1031 | GNUNET_NO))) |
| 1019 | { | 1032 | { |
| @@ -3070,12 +3083,17 @@ handle_gns_result (void *cls, | |||
| 3070 | (ntohs (box->protocol) != IPPROTO_TCP) || | 3083 | (ntohs (box->protocol) != IPPROTO_TCP) || |
| 3071 | (ntohs (box->service) != s5r->port) ) | 3084 | (ntohs (box->service) != s5r->port) ) |
| 3072 | break; /* BOX record does not apply */ | 3085 | break; /* BOX record does not apply */ |
| 3073 | GNUNET_free_non_null (s5r->dane_data); | 3086 | if (s5r->num_danes >= MAX_DANES) |
| 3074 | s5r->dane_data_len = r->data_size - sizeof (struct GNUNET_GNSRECORD_BoxRecord); | 3087 | { |
| 3075 | s5r->dane_data = GNUNET_malloc (s5r->dane_data_len); | 3088 | GNUNET_break (0); /* MAX_DANES too small */ |
| 3076 | GNUNET_memcpy (s5r->dane_data, | 3089 | break; |
| 3077 | &box[1], | 3090 | } |
| 3078 | s5r->dane_data_len); | 3091 | s5r->dane_data_len[s5r->num_danes] |
| 3092 | = r->data_size - sizeof (struct GNUNET_GNSRECORD_BoxRecord); | ||
| 3093 | s5r->dane_data[s5r->num_danes] | ||
| 3094 | = GNUNET_memdup (&box[1], | ||
| 3095 | s5r->dane_data_len); | ||
| 3096 | s5r->num_danes++; | ||
| 3079 | break; | 3097 | break; |
| 3080 | } | 3098 | } |
| 3081 | default: | 3099 | default: |
diff --git a/src/gns/test_gns_defaults.conf b/src/gns/test_gns_defaults.conf index 19ba01ebb..80a2f3c44 100644 --- a/src/gns/test_gns_defaults.conf +++ b/src/gns/test_gns_defaults.conf | |||
| @@ -20,3 +20,15 @@ PLUGINS = tcp | |||
| 20 | [transport-tcp] | 20 | [transport-tcp] |
| 21 | BINDTO = 127.0.0.1 | 21 | BINDTO = 127.0.0.1 |
| 22 | 22 | ||
| 23 | |||
| 24 | [fs] | ||
| 25 | IMMEDIATE_START = NO | ||
| 26 | START_ON_DEMAND = NO | ||
| 27 | |||
| 28 | [rps] | ||
| 29 | IMMEDIATE_START = NO | ||
| 30 | START_ON_DEMAND = NO | ||
| 31 | |||
| 32 | [topology] | ||
| 33 | IMMEDIATE_START = NO | ||
| 34 | START_ON_DEMAND = NO | ||
diff --git a/src/gns/test_gns_gns2dns_cname_lookup.sh b/src/gns/test_gns_gns2dns_cname_lookup.sh index 84ad8549f..17196f820 100755 --- a/src/gns/test_gns_gns2dns_cname_lookup.sh +++ b/src/gns/test_gns_gns2dns_cname_lookup.sh | |||
| @@ -43,7 +43,15 @@ MY_EGO="myego" | |||
| 43 | # various names we will use for resolution | 43 | # various names we will use for resolution |
| 44 | TEST_DOMAIN="www.${TEST_RECORD_NAME}.$MY_EGO" | 44 | TEST_DOMAIN="www.${TEST_RECORD_NAME}.$MY_EGO" |
| 45 | 45 | ||
| 46 | which timeout &> /dev/null && DO_TIMEOUT="timeout 15" | ||
| 47 | |||
| 48 | |||
| 46 | gnunet-arm -s -c test_gns_lookup.conf | 49 | gnunet-arm -s -c test_gns_lookup.conf |
| 50 | |||
| 51 | echo $OUT | grep $TEST_IP - > /dev/null || { gnunet-arm -e -c test_gns_lookup.conf ; echo "IPv4 for gnunet.org not found, skipping test"; exit 77; } | ||
| 52 | echo $OUT | grep $TEST6_IP - > /dev/null || { gnunet-arm -e -c test_gns_lookup.conf ; echo "IPv6 for gnunet.org not found, skipping test"; exit 77; } | ||
| 53 | |||
| 54 | |||
| 47 | gnunet-identity -C $MY_EGO -c test_gns_lookup.conf | 55 | gnunet-identity -C $MY_EGO -c test_gns_lookup.conf |
| 48 | 56 | ||
| 49 | # set IP address for DNS resolver for resolving in gnunet.org domain | 57 | # set IP address for DNS resolver for resolving in gnunet.org domain |
| @@ -52,7 +60,6 @@ gnunet-namestore -p -z $MY_EGO -a -n $TEST_RECORD_NAME -t GNS2DNS -V $TEST_RECOR | |||
| 52 | gnunet-namestore -p -z $MY_EGO -a -n $TEST_RECORD_NAME -t GNS2DNS -V $TEST_RECORD_GNS2DNS2 -e never -c test_gns_lookup.conf | 60 | gnunet-namestore -p -z $MY_EGO -a -n $TEST_RECORD_NAME -t GNS2DNS -V $TEST_RECORD_GNS2DNS2 -e never -c test_gns_lookup.conf |
| 53 | gnunet-namestore -p -z $MY_EGO -a -n $TEST_RECORD_NAME -t GNS2DNS -V $TEST_RECORD_GNS2DNS3 -e never -c test_gns_lookup.conf | 61 | gnunet-namestore -p -z $MY_EGO -a -n $TEST_RECORD_NAME -t GNS2DNS -V $TEST_RECORD_GNS2DNS3 -e never -c test_gns_lookup.conf |
| 54 | 62 | ||
| 55 | which timeout &> /dev/null && DO_TIMEOUT="timeout 15" | ||
| 56 | 63 | ||
| 57 | echo "EGOs:" | 64 | echo "EGOs:" |
| 58 | gnunet-identity -d | 65 | gnunet-identity -d |
diff --git a/src/gns/test_gns_gns2dns_lookup.sh b/src/gns/test_gns_gns2dns_lookup.sh index 122e45525..431f01086 100755 --- a/src/gns/test_gns_gns2dns_lookup.sh +++ b/src/gns/test_gns_gns2dns_lookup.sh | |||
| @@ -44,8 +44,17 @@ TEST_DOMAIN="www.${TEST_RECORD_NAME}.$MY_EGO" | |||
| 44 | TEST_DOMAIN_ALT="${TEST_RECORD_NAME}.$MY_EGO" | 44 | TEST_DOMAIN_ALT="${TEST_RECORD_NAME}.$MY_EGO" |
| 45 | TEST_DOMAIN_ALT2="docs.${TEST_RECORD_NAME}.$MY_EGO" | 45 | TEST_DOMAIN_ALT2="docs.${TEST_RECORD_NAME}.$MY_EGO" |
| 46 | 46 | ||
| 47 | which timeout &> /dev/null && DO_TIMEOUT="timeout 15" | ||
| 48 | |||
| 47 | 49 | ||
| 48 | gnunet-arm -s -c test_gns_lookup.conf | 50 | gnunet-arm -s -c test_gns_lookup.conf |
| 51 | |||
| 52 | OUT=`$DO_TIMEOUT gnunet-resolver -c test_gns_lookup.conf gnunet.org` | ||
| 53 | echo $OUT | grep $TEST_IP - > /dev/null || { gnunet-arm -e -c test_gns_lookup.conf ; echo "IPv4 for gnunet.org not found, skipping test"; exit 77; } | ||
| 54 | echo $OUT | grep $TEST6_IP - > /dev/null || { gnunet-arm -e -c test_gns_lookup.conf ; echo "IPv6 for gnunet.org not found, skipping test"; exit 77; } | ||
| 55 | |||
| 56 | |||
| 57 | |||
| 49 | gnunet-identity -C $MY_EGO -c test_gns_lookup.conf | 58 | gnunet-identity -C $MY_EGO -c test_gns_lookup.conf |
| 50 | 59 | ||
| 51 | # set IP address for DNS resolver for resolving in gnunet.org domain | 60 | # set IP address for DNS resolver for resolving in gnunet.org domain |
| @@ -53,7 +62,6 @@ gnunet-namestore -p -z $MY_EGO -a -n $TEST_RESOLVER_LABEL -t A -V $TEST_IP_GNS2D | |||
| 53 | # map '$TEST_RECORD_NAME.$MY_EGO' to 'gnunet.org' in DNS | 62 | # map '$TEST_RECORD_NAME.$MY_EGO' to 'gnunet.org' in DNS |
| 54 | gnunet-namestore -p -z $MY_EGO -a -n $TEST_RECORD_NAME -t GNS2DNS -V $TEST_RECORD_GNS2DNS -e never -c test_gns_lookup.conf | 63 | gnunet-namestore -p -z $MY_EGO -a -n $TEST_RECORD_NAME -t GNS2DNS -V $TEST_RECORD_GNS2DNS -e never -c test_gns_lookup.conf |
| 55 | 64 | ||
| 56 | which timeout &> /dev/null && DO_TIMEOUT="timeout 15" | ||
| 57 | 65 | ||
| 58 | echo "EGOs:" | 66 | echo "EGOs:" |
| 59 | gnunet-identity -d | 67 | gnunet-identity -d |