diff options
Diffstat (limited to 'src/gns')
-rw-r--r-- | src/gns/gnunet-gns-proxy.c | 48 | ||||
-rw-r--r-- | src/gns/test_gns_defaults.conf | 12 | ||||
-rwxr-xr-x | src/gns/test_gns_gns2dns_cname_lookup.sh | 9 | ||||
-rwxr-xr-x | src/gns/test_gns_gns2dns_lookup.sh | 10 |
4 files changed, 62 insertions, 17 deletions
diff --git a/src/gns/gnunet-gns-proxy.c b/src/gns/gnunet-gns-proxy.c index a9013390e..e1997e215 100644 --- a/src/gns/gnunet-gns-proxy.c +++ b/src/gns/gnunet-gns-proxy.c | |||
@@ -59,6 +59,12 @@ | |||
59 | #define MAX_HTTP_URI_LENGTH 2048 | 59 | #define MAX_HTTP_URI_LENGTH 2048 |
60 | 60 | ||
61 | /** | 61 | /** |
62 | * Maximum number of DANE records we support | ||
63 | * per domain name (and port and protocol). | ||
64 | */ | ||
65 | #define MAX_DANES 32 | ||
66 | |||
67 | /** | ||
62 | * Size of the buffer for the data upload / download. Must be | 68 | * Size of the buffer for the data upload / download. Must be |
63 | * enough for curl, thus CURL_MAX_WRITE_SIZE is needed here (16k). | 69 | * enough for curl, thus CURL_MAX_WRITE_SIZE is needed here (16k). |
64 | */ | 70 | */ |
@@ -543,9 +549,9 @@ struct Socks5Request | |||
543 | char *leho; | 549 | char *leho; |
544 | 550 | ||
545 | /** | 551 | /** |
546 | * Payload of the (last) DANE record encountered. | 552 | * Payload of the DANE records encountered. |
547 | */ | 553 | */ |
548 | char *dane_data; | 554 | char *dane_data[MAX_DANES + 1]; |
549 | 555 | ||
550 | /** | 556 | /** |
551 | * The URL to fetch | 557 | * The URL to fetch |
@@ -575,7 +581,13 @@ struct Socks5Request | |||
575 | /** | 581 | /** |
576 | * Number of bytes in @e dane_data. | 582 | * Number of bytes in @e dane_data. |
577 | */ | 583 | */ |
578 | size_t dane_data_len; | 584 | int dane_data_len[MAX_DANES + 1]; |
585 | |||
586 | /** | ||
587 | * Number of entries used in @e dane_data_len | ||
588 | * and @e dane_data. | ||
589 | */ | ||
590 | unsigned int num_danes; | ||
579 | 591 | ||
580 | /** | 592 | /** |
581 | * Number of bytes already in read buffer | 593 | * Number of bytes already in read buffer |
@@ -816,7 +828,8 @@ cleanup_s5r (struct Socks5Request *s5r) | |||
816 | GNUNET_free_non_null (s5r->domain); | 828 | GNUNET_free_non_null (s5r->domain); |
817 | GNUNET_free_non_null (s5r->leho); | 829 | GNUNET_free_non_null (s5r->leho); |
818 | GNUNET_free_non_null (s5r->url); | 830 | GNUNET_free_non_null (s5r->url); |
819 | GNUNET_free_non_null (s5r->dane_data); | 831 | for (unsigned int i=0;i<s5r->num_danes;i++) |
832 | GNUNET_free (s5r->dane_data[i]); | ||
820 | GNUNET_free (s5r); | 833 | GNUNET_free (s5r); |
821 | } | 834 | } |
822 | 835 | ||
@@ -989,10 +1002,8 @@ check_ssl_certificate (struct Socks5Request *s5r) | |||
989 | } | 1002 | } |
990 | /* check for TLSA/DANE records */ | 1003 | /* check for TLSA/DANE records */ |
991 | #if HAVE_GNUTLS_DANE | 1004 | #if HAVE_GNUTLS_DANE |
992 | if (NULL != s5r->dane_data) | 1005 | if (0 != s5r->num_danes) |
993 | { | 1006 | { |
994 | char *dd[] = { s5r->dane_data, NULL }; | ||
995 | int dlen[] = { s5r->dane_data_len, 0}; | ||
996 | dane_state_t dane_state; | 1007 | dane_state_t dane_state; |
997 | dane_query_t dane_query; | 1008 | dane_query_t dane_query; |
998 | unsigned int verify; | 1009 | unsigned int verify; |
@@ -1010,10 +1021,12 @@ check_ssl_certificate (struct Socks5Request *s5r) | |||
1010 | gnutls_x509_crt_deinit (x509_cert); | 1021 | gnutls_x509_crt_deinit (x509_cert); |
1011 | return GNUNET_SYSERR; | 1022 | return GNUNET_SYSERR; |
1012 | } | 1023 | } |
1024 | s5r->dane_data[s5r->num_danes] = NULL; | ||
1025 | s5r->dane_data_len[s5r->num_danes] = 0; | ||
1013 | if (0 != (rc = dane_raw_tlsa (dane_state, | 1026 | if (0 != (rc = dane_raw_tlsa (dane_state, |
1014 | &dane_query, | 1027 | &dane_query, |
1015 | dd, | 1028 | s5r->dane_data, |
1016 | dlen, | 1029 | s5r->dane_data_len, |
1017 | GNUNET_YES, | 1030 | GNUNET_YES, |
1018 | GNUNET_NO))) | 1031 | GNUNET_NO))) |
1019 | { | 1032 | { |
@@ -3070,12 +3083,17 @@ handle_gns_result (void *cls, | |||
3070 | (ntohs (box->protocol) != IPPROTO_TCP) || | 3083 | (ntohs (box->protocol) != IPPROTO_TCP) || |
3071 | (ntohs (box->service) != s5r->port) ) | 3084 | (ntohs (box->service) != s5r->port) ) |
3072 | break; /* BOX record does not apply */ | 3085 | break; /* BOX record does not apply */ |
3073 | GNUNET_free_non_null (s5r->dane_data); | 3086 | if (s5r->num_danes >= MAX_DANES) |
3074 | s5r->dane_data_len = r->data_size - sizeof (struct GNUNET_GNSRECORD_BoxRecord); | 3087 | { |
3075 | s5r->dane_data = GNUNET_malloc (s5r->dane_data_len); | 3088 | GNUNET_break (0); /* MAX_DANES too small */ |
3076 | GNUNET_memcpy (s5r->dane_data, | 3089 | break; |
3077 | &box[1], | 3090 | } |
3078 | s5r->dane_data_len); | 3091 | s5r->dane_data_len[s5r->num_danes] |
3092 | = r->data_size - sizeof (struct GNUNET_GNSRECORD_BoxRecord); | ||
3093 | s5r->dane_data[s5r->num_danes] | ||
3094 | = GNUNET_memdup (&box[1], | ||
3095 | s5r->dane_data_len); | ||
3096 | s5r->num_danes++; | ||
3079 | break; | 3097 | break; |
3080 | } | 3098 | } |
3081 | default: | 3099 | default: |
diff --git a/src/gns/test_gns_defaults.conf b/src/gns/test_gns_defaults.conf index 19ba01ebb..80a2f3c44 100644 --- a/src/gns/test_gns_defaults.conf +++ b/src/gns/test_gns_defaults.conf | |||
@@ -20,3 +20,15 @@ PLUGINS = tcp | |||
20 | [transport-tcp] | 20 | [transport-tcp] |
21 | BINDTO = 127.0.0.1 | 21 | BINDTO = 127.0.0.1 |
22 | 22 | ||
23 | |||
24 | [fs] | ||
25 | IMMEDIATE_START = NO | ||
26 | START_ON_DEMAND = NO | ||
27 | |||
28 | [rps] | ||
29 | IMMEDIATE_START = NO | ||
30 | START_ON_DEMAND = NO | ||
31 | |||
32 | [topology] | ||
33 | IMMEDIATE_START = NO | ||
34 | START_ON_DEMAND = NO | ||
diff --git a/src/gns/test_gns_gns2dns_cname_lookup.sh b/src/gns/test_gns_gns2dns_cname_lookup.sh index 84ad8549f..17196f820 100755 --- a/src/gns/test_gns_gns2dns_cname_lookup.sh +++ b/src/gns/test_gns_gns2dns_cname_lookup.sh | |||
@@ -43,7 +43,15 @@ MY_EGO="myego" | |||
43 | # various names we will use for resolution | 43 | # various names we will use for resolution |
44 | TEST_DOMAIN="www.${TEST_RECORD_NAME}.$MY_EGO" | 44 | TEST_DOMAIN="www.${TEST_RECORD_NAME}.$MY_EGO" |
45 | 45 | ||
46 | which timeout &> /dev/null && DO_TIMEOUT="timeout 15" | ||
47 | |||
48 | |||
46 | gnunet-arm -s -c test_gns_lookup.conf | 49 | gnunet-arm -s -c test_gns_lookup.conf |
50 | |||
51 | echo $OUT | grep $TEST_IP - > /dev/null || { gnunet-arm -e -c test_gns_lookup.conf ; echo "IPv4 for gnunet.org not found, skipping test"; exit 77; } | ||
52 | echo $OUT | grep $TEST6_IP - > /dev/null || { gnunet-arm -e -c test_gns_lookup.conf ; echo "IPv6 for gnunet.org not found, skipping test"; exit 77; } | ||
53 | |||
54 | |||
47 | gnunet-identity -C $MY_EGO -c test_gns_lookup.conf | 55 | gnunet-identity -C $MY_EGO -c test_gns_lookup.conf |
48 | 56 | ||
49 | # set IP address for DNS resolver for resolving in gnunet.org domain | 57 | # set IP address for DNS resolver for resolving in gnunet.org domain |
@@ -52,7 +60,6 @@ gnunet-namestore -p -z $MY_EGO -a -n $TEST_RECORD_NAME -t GNS2DNS -V $TEST_RECOR | |||
52 | gnunet-namestore -p -z $MY_EGO -a -n $TEST_RECORD_NAME -t GNS2DNS -V $TEST_RECORD_GNS2DNS2 -e never -c test_gns_lookup.conf | 60 | gnunet-namestore -p -z $MY_EGO -a -n $TEST_RECORD_NAME -t GNS2DNS -V $TEST_RECORD_GNS2DNS2 -e never -c test_gns_lookup.conf |
53 | gnunet-namestore -p -z $MY_EGO -a -n $TEST_RECORD_NAME -t GNS2DNS -V $TEST_RECORD_GNS2DNS3 -e never -c test_gns_lookup.conf | 61 | gnunet-namestore -p -z $MY_EGO -a -n $TEST_RECORD_NAME -t GNS2DNS -V $TEST_RECORD_GNS2DNS3 -e never -c test_gns_lookup.conf |
54 | 62 | ||
55 | which timeout &> /dev/null && DO_TIMEOUT="timeout 15" | ||
56 | 63 | ||
57 | echo "EGOs:" | 64 | echo "EGOs:" |
58 | gnunet-identity -d | 65 | gnunet-identity -d |
diff --git a/src/gns/test_gns_gns2dns_lookup.sh b/src/gns/test_gns_gns2dns_lookup.sh index 122e45525..431f01086 100755 --- a/src/gns/test_gns_gns2dns_lookup.sh +++ b/src/gns/test_gns_gns2dns_lookup.sh | |||
@@ -44,8 +44,17 @@ TEST_DOMAIN="www.${TEST_RECORD_NAME}.$MY_EGO" | |||
44 | TEST_DOMAIN_ALT="${TEST_RECORD_NAME}.$MY_EGO" | 44 | TEST_DOMAIN_ALT="${TEST_RECORD_NAME}.$MY_EGO" |
45 | TEST_DOMAIN_ALT2="docs.${TEST_RECORD_NAME}.$MY_EGO" | 45 | TEST_DOMAIN_ALT2="docs.${TEST_RECORD_NAME}.$MY_EGO" |
46 | 46 | ||
47 | which timeout &> /dev/null && DO_TIMEOUT="timeout 15" | ||
48 | |||
47 | 49 | ||
48 | gnunet-arm -s -c test_gns_lookup.conf | 50 | gnunet-arm -s -c test_gns_lookup.conf |
51 | |||
52 | OUT=`$DO_TIMEOUT gnunet-resolver -c test_gns_lookup.conf gnunet.org` | ||
53 | echo $OUT | grep $TEST_IP - > /dev/null || { gnunet-arm -e -c test_gns_lookup.conf ; echo "IPv4 for gnunet.org not found, skipping test"; exit 77; } | ||
54 | echo $OUT | grep $TEST6_IP - > /dev/null || { gnunet-arm -e -c test_gns_lookup.conf ; echo "IPv6 for gnunet.org not found, skipping test"; exit 77; } | ||
55 | |||
56 | |||
57 | |||
49 | gnunet-identity -C $MY_EGO -c test_gns_lookup.conf | 58 | gnunet-identity -C $MY_EGO -c test_gns_lookup.conf |
50 | 59 | ||
51 | # set IP address for DNS resolver for resolving in gnunet.org domain | 60 | # set IP address for DNS resolver for resolving in gnunet.org domain |
@@ -53,7 +62,6 @@ gnunet-namestore -p -z $MY_EGO -a -n $TEST_RESOLVER_LABEL -t A -V $TEST_IP_GNS2D | |||
53 | # map '$TEST_RECORD_NAME.$MY_EGO' to 'gnunet.org' in DNS | 62 | # map '$TEST_RECORD_NAME.$MY_EGO' to 'gnunet.org' in DNS |
54 | gnunet-namestore -p -z $MY_EGO -a -n $TEST_RECORD_NAME -t GNS2DNS -V $TEST_RECORD_GNS2DNS -e never -c test_gns_lookup.conf | 63 | gnunet-namestore -p -z $MY_EGO -a -n $TEST_RECORD_NAME -t GNS2DNS -V $TEST_RECORD_GNS2DNS -e never -c test_gns_lookup.conf |
55 | 64 | ||
56 | which timeout &> /dev/null && DO_TIMEOUT="timeout 15" | ||
57 | 65 | ||
58 | echo "EGOs:" | 66 | echo "EGOs:" |
59 | gnunet-identity -d | 67 | gnunet-identity -d |