diff options
Diffstat (limited to 'src/service/nat/gnunet-helper-nat-server.c')
-rw-r--r-- | src/service/nat/gnunet-helper-nat-server.c | 715 |
1 files changed, 715 insertions, 0 deletions
diff --git a/src/service/nat/gnunet-helper-nat-server.c b/src/service/nat/gnunet-helper-nat-server.c new file mode 100644 index 000000000..d190a5dba --- /dev/null +++ b/src/service/nat/gnunet-helper-nat-server.c | |||
@@ -0,0 +1,715 @@ | |||
1 | /* | ||
2 | This file is part of GNUnet. | ||
3 | Copyright (C) 2010 GNUnet e.V. | ||
4 | |||
5 | GNUnet is free software: you can redistribute it and/or modify it | ||
6 | under the terms of the GNU Affero General Public License as published | ||
7 | by the Free Software Foundation, either version 3 of the License, | ||
8 | or (at your option) any later version. | ||
9 | |||
10 | GNUnet is distributed in the hope that it will be useful, but | ||
11 | WITHOUT ANY WARRANTY; without even the implied warranty of | ||
12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | ||
13 | Affero General Public License for more details. | ||
14 | |||
15 | You should have received a copy of the GNU Affero General Public License | ||
16 | along with this program. If not, see <http://www.gnu.org/licenses/>. | ||
17 | |||
18 | SPDX-License-Identifier: AGPL3.0-or-later | ||
19 | */ | ||
20 | |||
21 | /** | ||
22 | * @file src/nat/gnunet-helper-nat-server.c | ||
23 | * @brief Tool to help bypass NATs using ICMP method; must run as root (SUID will do) | ||
24 | * This code will work under GNU/Linux only (or maybe BSDs, but never W32) | ||
25 | * @author Christian Grothoff | ||
26 | * | ||
27 | * This program will send ONE ICMP message every 500 ms RAW sockets | ||
28 | * to a DUMMY IP address and also listens for ICMP replies. Since | ||
29 | * it uses RAW sockets, it must be installed SUID or run as 'root'. | ||
30 | * In order to keep the security risk of the resulting SUID binary | ||
31 | * minimal, the program ONLY opens the two RAW sockets with root | ||
32 | * privileges, then drops them and only then starts to process | ||
33 | * command line arguments. The code also does not link against | ||
34 | * any shared libraries (except libc) and is strictly minimal | ||
35 | * (except for checking for errors). The following list of people | ||
36 | * have reviewed this code and considered it safe since the last | ||
37 | * modification (if you reviewed it, please have your name added | ||
38 | * to the list): | ||
39 | * | ||
40 | * - Christian Grothoff | ||
41 | * - Nathan Evans | ||
42 | * - Benjamin Kuperman (22 Aug 2010) | ||
43 | * - Jacob Appelbaum (19 Dec 2011) | ||
44 | */ | ||
45 | #if HAVE_CONFIG_H | ||
46 | /* Just needed for HAVE_SOCKADDR_IN_SIN_LEN test macro! */ | ||
47 | #include "platform.h" | ||
48 | #include "gnunet_private_config.h" | ||
49 | #else | ||
50 | #define _GNU_SOURCE | ||
51 | #endif | ||
52 | #include <sys/types.h> | ||
53 | #include <sys/socket.h> | ||
54 | #include <arpa/inet.h> | ||
55 | #include <sys/select.h> | ||
56 | #include <sys/time.h> | ||
57 | #include <sys/types.h> | ||
58 | #include <unistd.h> | ||
59 | #include <stdio.h> | ||
60 | #include <string.h> | ||
61 | #include <errno.h> | ||
62 | #include <stdlib.h> | ||
63 | #include <stdint.h> | ||
64 | #include <time.h> | ||
65 | #include <netinet/ip.h> | ||
66 | #include <netinet/ip_icmp.h> | ||
67 | #include <netinet/in.h> | ||
68 | |||
69 | /* The following constant is missing from FreeBSD 9.2 */ | ||
70 | #ifndef ICMP_TIME_EXCEEDED | ||
71 | #define ICMP_TIME_EXCEEDED 11 | ||
72 | #endif | ||
73 | |||
74 | /** | ||
75 | * Call memcpy() but check for @a n being 0 first. In the latter | ||
76 | * case, it is now safe to pass NULL for @a src or @a dst. | ||
77 | * Unlike traditional memcpy(), returns nothing. | ||
78 | * | ||
79 | * @param dst destination of the copy, may be NULL if @a n is zero | ||
80 | * @param src source of the copy, may be NULL if @a n is zero | ||
81 | * @param n number of bytes to copy | ||
82 | */ | ||
83 | #define GNUNET_memcpy(dst, src, n) do { if (0 != n) { (void) memcpy (dst, src, \ | ||
84 | n); \ | ||
85 | } } while (0) | ||
86 | |||
87 | /** | ||
88 | * Should we print some debug output? | ||
89 | */ | ||
90 | #define VERBOSE 0 | ||
91 | |||
92 | /** | ||
93 | * Must match packet ID used by gnunet-helper-nat-client.c | ||
94 | */ | ||
95 | #define PACKET_ID 256 | ||
96 | |||
97 | /** | ||
98 | * Must match IP given in the client. | ||
99 | */ | ||
100 | #define DUMMY_IP "192.0.2.86" | ||
101 | |||
102 | /** | ||
103 | * Port for UDP | ||
104 | */ | ||
105 | #define NAT_TRAV_PORT 22225 | ||
106 | |||
107 | /** | ||
108 | * How often do we send our ICMP messages to receive replies? | ||
109 | */ | ||
110 | #define ICMP_SEND_FREQUENCY_MS 500 | ||
111 | |||
112 | /** | ||
113 | * IPv4 header. | ||
114 | */ | ||
115 | struct ip_header | ||
116 | { | ||
117 | /** | ||
118 | * Version (4 bits) + Internet header length (4 bits) | ||
119 | */ | ||
120 | uint8_t vers_ihl; | ||
121 | |||
122 | /** | ||
123 | * Type of service | ||
124 | */ | ||
125 | uint8_t tos; | ||
126 | |||
127 | /** | ||
128 | * Total length | ||
129 | */ | ||
130 | uint16_t pkt_len; | ||
131 | |||
132 | /** | ||
133 | * Identification | ||
134 | */ | ||
135 | uint16_t id; | ||
136 | |||
137 | /** | ||
138 | * Flags (3 bits) + Fragment offset (13 bits) | ||
139 | */ | ||
140 | uint16_t flags_frag_offset; | ||
141 | |||
142 | /** | ||
143 | * Time to live | ||
144 | */ | ||
145 | uint8_t ttl; | ||
146 | |||
147 | /** | ||
148 | * Protocol | ||
149 | */ | ||
150 | uint8_t proto; | ||
151 | |||
152 | /** | ||
153 | * Header checksum | ||
154 | */ | ||
155 | uint16_t checksum; | ||
156 | |||
157 | /** | ||
158 | * Source address | ||
159 | */ | ||
160 | uint32_t src_ip; | ||
161 | |||
162 | /** | ||
163 | * Destination address | ||
164 | */ | ||
165 | uint32_t dst_ip; | ||
166 | }; | ||
167 | |||
168 | /** | ||
169 | * Format of ICMP packet. | ||
170 | */ | ||
171 | struct icmp_ttl_exceeded_header | ||
172 | { | ||
173 | uint8_t type; | ||
174 | |||
175 | uint8_t code; | ||
176 | |||
177 | uint16_t checksum; | ||
178 | |||
179 | uint32_t unused; | ||
180 | |||
181 | /* followed by original payload */ | ||
182 | }; | ||
183 | |||
184 | struct icmp_echo_header | ||
185 | { | ||
186 | uint8_t type; | ||
187 | |||
188 | uint8_t code; | ||
189 | |||
190 | uint16_t checksum; | ||
191 | |||
192 | uint32_t reserved; | ||
193 | }; | ||
194 | |||
195 | |||
196 | /** | ||
197 | * Beginning of UDP packet. | ||
198 | */ | ||
199 | struct udp_header | ||
200 | { | ||
201 | uint16_t src_port; | ||
202 | |||
203 | uint16_t dst_port; | ||
204 | |||
205 | uint16_t length; | ||
206 | |||
207 | uint16_t crc; | ||
208 | }; | ||
209 | |||
210 | /** | ||
211 | * Socket we use to receive "fake" ICMP replies. | ||
212 | */ | ||
213 | static int icmpsock; | ||
214 | |||
215 | /** | ||
216 | * Socket we use to send our ICMP requests. | ||
217 | */ | ||
218 | static int rawsock; | ||
219 | |||
220 | /** | ||
221 | * Socket we use to send our UDP requests. | ||
222 | */ | ||
223 | static int udpsock; | ||
224 | |||
225 | /** | ||
226 | * Target "dummy" address. | ||
227 | */ | ||
228 | static struct in_addr dummy; | ||
229 | |||
230 | |||
231 | /** | ||
232 | * CRC-16 for IP/ICMP headers. | ||
233 | * | ||
234 | * @param data what to calculate the CRC over | ||
235 | * @param bytes number of bytes in data (must be multiple of 2) | ||
236 | * @return the CRC 16. | ||
237 | */ | ||
238 | static uint16_t | ||
239 | calc_checksum (const uint16_t *data, unsigned int bytes) | ||
240 | { | ||
241 | uint32_t sum; | ||
242 | unsigned int i; | ||
243 | |||
244 | sum = 0; | ||
245 | for (i = 0; i < bytes / 2; i++) | ||
246 | sum += data[i]; | ||
247 | sum = (sum & 0xffff) + (sum >> 16); | ||
248 | sum = htons (0xffff - sum); | ||
249 | return sum; | ||
250 | } | ||
251 | |||
252 | |||
253 | /** | ||
254 | * Send an ICMP message to the dummy IP. | ||
255 | * | ||
256 | * @param my_ip source address (our ip address) | ||
257 | */ | ||
258 | static void | ||
259 | send_icmp_echo (const struct in_addr *my_ip) | ||
260 | { | ||
261 | char packet[sizeof(struct ip_header) + sizeof(struct icmp_echo_header)]; | ||
262 | struct icmp_echo_header icmp_echo; | ||
263 | struct ip_header ip_pkt; | ||
264 | struct sockaddr_in dst; | ||
265 | size_t off; | ||
266 | int err; | ||
267 | |||
268 | off = 0; | ||
269 | ip_pkt.vers_ihl = 0x45; | ||
270 | ip_pkt.tos = 0; | ||
271 | ip_pkt.pkt_len = htons (sizeof(packet)); | ||
272 | ip_pkt.id = htons (PACKET_ID); | ||
273 | ip_pkt.flags_frag_offset = 0; | ||
274 | ip_pkt.ttl = IPDEFTTL; | ||
275 | ip_pkt.proto = IPPROTO_ICMP; | ||
276 | ip_pkt.checksum = 0; | ||
277 | ip_pkt.src_ip = my_ip->s_addr; | ||
278 | ip_pkt.dst_ip = dummy.s_addr; | ||
279 | ip_pkt.checksum = | ||
280 | htons (calc_checksum ((uint16_t *) &ip_pkt, | ||
281 | sizeof(struct ip_header))); | ||
282 | GNUNET_memcpy (&packet[off], | ||
283 | &ip_pkt, | ||
284 | sizeof(struct ip_header)); | ||
285 | off += sizeof(struct ip_header); | ||
286 | |||
287 | icmp_echo.type = ICMP_ECHO; | ||
288 | icmp_echo.code = 0; | ||
289 | icmp_echo.checksum = 0; | ||
290 | icmp_echo.reserved = 0; | ||
291 | icmp_echo.checksum = | ||
292 | htons (calc_checksum | ||
293 | ((uint16_t *) &icmp_echo, | ||
294 | sizeof(struct icmp_echo_header))); | ||
295 | GNUNET_memcpy (&packet[off], | ||
296 | &icmp_echo, | ||
297 | sizeof(struct icmp_echo_header)); | ||
298 | off += sizeof(struct icmp_echo_header); | ||
299 | |||
300 | memset (&dst, 0, sizeof(dst)); | ||
301 | dst.sin_family = AF_INET; | ||
302 | #if HAVE_SOCKADDR_IN_SIN_LEN | ||
303 | dst.sin_len = sizeof(struct sockaddr_in); | ||
304 | #endif | ||
305 | dst.sin_addr = dummy; | ||
306 | err = sendto (rawsock, | ||
307 | packet, | ||
308 | off, | ||
309 | 0, | ||
310 | (struct sockaddr *) &dst, | ||
311 | sizeof(dst)); | ||
312 | if (err < 0) | ||
313 | { | ||
314 | #if VERBOSE | ||
315 | fprintf (stderr, | ||
316 | "sendto failed: %s\n", | ||
317 | strerror (errno)); | ||
318 | #endif | ||
319 | } | ||
320 | else if (sizeof(packet) != err) | ||
321 | { | ||
322 | fprintf (stderr, | ||
323 | "Error: partial send of ICMP message\n"); | ||
324 | } | ||
325 | } | ||
326 | |||
327 | |||
328 | /** | ||
329 | * Send a UDP message to the dummy IP. | ||
330 | */ | ||
331 | static void | ||
332 | send_udp () | ||
333 | { | ||
334 | struct sockaddr_in dst; | ||
335 | ssize_t err; | ||
336 | |||
337 | memset (&dst, 0, sizeof(dst)); | ||
338 | dst.sin_family = AF_INET; | ||
339 | #if HAVE_SOCKADDR_IN_SIN_LEN | ||
340 | dst.sin_len = sizeof(struct sockaddr_in); | ||
341 | #endif | ||
342 | dst.sin_addr = dummy; | ||
343 | dst.sin_port = htons (NAT_TRAV_PORT); | ||
344 | err = sendto (udpsock, | ||
345 | NULL, | ||
346 | 0, | ||
347 | 0, | ||
348 | (struct sockaddr *) &dst, | ||
349 | sizeof(dst)); | ||
350 | if (err < 0) | ||
351 | { | ||
352 | #if VERBOSE | ||
353 | fprintf (stderr, | ||
354 | "sendto failed: %s\n", | ||
355 | strerror (errno)); | ||
356 | #endif | ||
357 | } | ||
358 | else if (0 != err) | ||
359 | { | ||
360 | fprintf (stderr, | ||
361 | "Error: partial send of ICMP message\n"); | ||
362 | } | ||
363 | } | ||
364 | |||
365 | |||
366 | /** | ||
367 | * We've received an ICMP response. Process it. | ||
368 | */ | ||
369 | static void | ||
370 | process_icmp_response () | ||
371 | { | ||
372 | char buf[65536]; | ||
373 | ssize_t have; | ||
374 | struct in_addr source_ip; | ||
375 | struct ip_header ip_pkt; | ||
376 | struct icmp_ttl_exceeded_header icmp_ttl; | ||
377 | struct icmp_echo_header icmp_echo; | ||
378 | struct udp_header udp_pkt; | ||
379 | size_t off; | ||
380 | uint16_t port; | ||
381 | |||
382 | have = read (icmpsock, buf, sizeof(buf)); | ||
383 | if (-1 == have) | ||
384 | { | ||
385 | fprintf (stderr, | ||
386 | "Error reading raw socket: %s\n", | ||
387 | strerror (errno)); | ||
388 | return; | ||
389 | } | ||
390 | #if VERBOSE | ||
391 | fprintf (stderr, | ||
392 | "Received message of %u bytes\n", | ||
393 | (unsigned int) have); | ||
394 | #endif | ||
395 | if (have < | ||
396 | (ssize_t) (sizeof(struct ip_header) | ||
397 | + sizeof(struct icmp_ttl_exceeded_header) | ||
398 | + sizeof(struct ip_header))) | ||
399 | { | ||
400 | /* malformed */ | ||
401 | return; | ||
402 | } | ||
403 | off = 0; | ||
404 | GNUNET_memcpy (&ip_pkt, | ||
405 | &buf[off], | ||
406 | sizeof(struct ip_header)); | ||
407 | off += sizeof(struct ip_header); | ||
408 | GNUNET_memcpy (&icmp_ttl, | ||
409 | &buf[off], | ||
410 | sizeof(struct icmp_ttl_exceeded_header)); | ||
411 | off += sizeof(struct icmp_ttl_exceeded_header); | ||
412 | if ((ICMP_TIME_EXCEEDED != icmp_ttl.type) || (0 != icmp_ttl.code)) | ||
413 | { | ||
414 | /* different type than what we want */ | ||
415 | return; | ||
416 | } | ||
417 | /* grab source IP of 1st IP header */ | ||
418 | source_ip.s_addr = ip_pkt.src_ip; | ||
419 | |||
420 | /* skip 2nd IP header */ | ||
421 | GNUNET_memcpy (&ip_pkt, | ||
422 | &buf[off], | ||
423 | sizeof(struct ip_header)); | ||
424 | off += sizeof(struct ip_header); | ||
425 | |||
426 | switch (ip_pkt.proto) | ||
427 | { | ||
428 | case IPPROTO_ICMP: | ||
429 | if (have != | ||
430 | (sizeof(struct ip_header) * 2 | ||
431 | + sizeof(struct icmp_ttl_exceeded_header) | ||
432 | + sizeof(struct icmp_echo_header))) | ||
433 | { | ||
434 | /* malformed */ | ||
435 | return; | ||
436 | } | ||
437 | /* grab ICMP ECHO content */ | ||
438 | GNUNET_memcpy (&icmp_echo, | ||
439 | &buf[off], | ||
440 | sizeof(struct icmp_echo_header)); | ||
441 | port = (uint16_t) ntohl (icmp_echo.reserved); | ||
442 | break; | ||
443 | |||
444 | case IPPROTO_UDP: | ||
445 | if (have != | ||
446 | (sizeof(struct ip_header) * 2 | ||
447 | + sizeof(struct icmp_ttl_exceeded_header) + sizeof(struct udp_header))) | ||
448 | { | ||
449 | /* malformed */ | ||
450 | return; | ||
451 | } | ||
452 | /* grab UDP content */ | ||
453 | GNUNET_memcpy (&udp_pkt, | ||
454 | &buf[off], | ||
455 | sizeof(struct udp_header)); | ||
456 | port = ntohs (udp_pkt.length); | ||
457 | break; | ||
458 | |||
459 | default: | ||
460 | /* different type than what we want */ | ||
461 | return; | ||
462 | } | ||
463 | |||
464 | if (port == 0) | ||
465 | fprintf (stdout, "%s\n", | ||
466 | inet_ntop (AF_INET, &source_ip, buf, sizeof(buf))); | ||
467 | else | ||
468 | fprintf (stdout, "%s:%u\n", | ||
469 | inet_ntop (AF_INET, &source_ip, buf, sizeof(buf)), | ||
470 | (unsigned int) port); | ||
471 | fflush (stdout); | ||
472 | } | ||
473 | |||
474 | |||
475 | /** | ||
476 | * Fully initialize the raw socket. | ||
477 | * | ||
478 | * @return -1 on error, 0 on success | ||
479 | */ | ||
480 | static int | ||
481 | setup_raw_socket () | ||
482 | { | ||
483 | const int one = 1; | ||
484 | |||
485 | if (-1 == | ||
486 | setsockopt (rawsock, | ||
487 | SOL_SOCKET, | ||
488 | SO_BROADCAST, | ||
489 | (char *) &one, | ||
490 | sizeof(one))) | ||
491 | { | ||
492 | fprintf (stderr, | ||
493 | "setsockopt failed: %s\n", | ||
494 | strerror (errno)); | ||
495 | return -1; | ||
496 | } | ||
497 | if (-1 == | ||
498 | setsockopt (rawsock, | ||
499 | IPPROTO_IP, | ||
500 | IP_HDRINCL, | ||
501 | (char *) &one, | ||
502 | sizeof(one))) | ||
503 | { | ||
504 | fprintf (stderr, | ||
505 | "setsockopt failed: %s\n", | ||
506 | strerror (errno)); | ||
507 | return -1; | ||
508 | } | ||
509 | return 0; | ||
510 | } | ||
511 | |||
512 | |||
513 | /** | ||
514 | * Create a UDP socket for writing. | ||
515 | * | ||
516 | * @param my_ip source address (our ip address) | ||
517 | * @return -1 on error | ||
518 | */ | ||
519 | static int | ||
520 | make_udp_socket (const struct in_addr *my_ip) | ||
521 | { | ||
522 | int ret; | ||
523 | struct sockaddr_in addr; | ||
524 | |||
525 | ret = socket (AF_INET, SOCK_DGRAM, 0); | ||
526 | if (-1 == ret) | ||
527 | { | ||
528 | fprintf (stderr, | ||
529 | "Error opening UDP socket: %s\n", | ||
530 | strerror (errno)); | ||
531 | return -1; | ||
532 | } | ||
533 | memset (&addr, 0, sizeof(addr)); | ||
534 | addr.sin_family = AF_INET; | ||
535 | #if HAVE_SOCKADDR_IN_SIN_LEN | ||
536 | addr.sin_len = sizeof(struct sockaddr_in); | ||
537 | #endif | ||
538 | addr.sin_addr = *my_ip; | ||
539 | addr.sin_port = htons (NAT_TRAV_PORT); | ||
540 | |||
541 | if (0 != bind (ret, | ||
542 | (struct sockaddr *) &addr, | ||
543 | sizeof(addr))) | ||
544 | { | ||
545 | fprintf (stderr, | ||
546 | "Error binding UDP socket to port %u: %s\n", | ||
547 | NAT_TRAV_PORT, | ||
548 | strerror (errno)); | ||
549 | (void) close (ret); | ||
550 | return -1; | ||
551 | } | ||
552 | return ret; | ||
553 | } | ||
554 | |||
555 | |||
556 | int | ||
557 | main (int argc, | ||
558 | char *const *argv) | ||
559 | { | ||
560 | struct in_addr external; | ||
561 | fd_set rs; | ||
562 | struct timeval tv; | ||
563 | uid_t uid; | ||
564 | unsigned int alt; | ||
565 | int icmp_eno; | ||
566 | int raw_eno; | ||
567 | int global_ret; | ||
568 | |||
569 | /* Create an ICMP raw socket for reading (we'll check errors later) */ | ||
570 | icmpsock = socket (AF_INET, | ||
571 | SOCK_RAW, | ||
572 | IPPROTO_ICMP); | ||
573 | icmp_eno = errno; | ||
574 | |||
575 | /* Create an (ICMP) raw socket for writing (we'll check errors later) */ | ||
576 | rawsock = socket (AF_INET, | ||
577 | SOCK_RAW, | ||
578 | IPPROTO_RAW); | ||
579 | raw_eno = errno; | ||
580 | udpsock = -1; | ||
581 | |||
582 | /* drop root rights */ | ||
583 | uid = getuid (); | ||
584 | #ifdef HAVE_SETRESUID | ||
585 | if (0 != setresuid (uid, uid, uid)) | ||
586 | { | ||
587 | fprintf (stderr, | ||
588 | "Failed to setresuid: %s\n", | ||
589 | strerror (errno)); | ||
590 | global_ret = 1; | ||
591 | goto error_exit; | ||
592 | } | ||
593 | #else | ||
594 | if (0 != (setuid (uid) | seteuid (uid))) | ||
595 | { | ||
596 | fprintf (stderr, | ||
597 | "Failed to setuid: %s\n", | ||
598 | strerror (errno)); | ||
599 | global_ret = 2; | ||
600 | goto error_exit; | ||
601 | } | ||
602 | #endif | ||
603 | |||
604 | /* Now that we run without root rights, we can do error checking... */ | ||
605 | if (2 != argc) | ||
606 | { | ||
607 | fprintf (stderr, | ||
608 | "This program must be started with our (internal NAT) IP as the only argument.\n"); | ||
609 | global_ret = 3; | ||
610 | goto error_exit; | ||
611 | } | ||
612 | if (1 != inet_pton (AF_INET, argv[1], &external)) | ||
613 | { | ||
614 | fprintf (stderr, | ||
615 | "Error parsing IPv4 address: %s\n", | ||
616 | strerror (errno)); | ||
617 | global_ret = 4; | ||
618 | goto error_exit; | ||
619 | } | ||
620 | if (1 != inet_pton (AF_INET, DUMMY_IP, &dummy)) | ||
621 | { | ||
622 | fprintf (stderr, | ||
623 | "Internal error converting dummy IP to binary.\n"); | ||
624 | global_ret = 5; | ||
625 | goto error_exit; | ||
626 | } | ||
627 | |||
628 | /* error checking icmpsock */ | ||
629 | if (-1 == icmpsock) | ||
630 | { | ||
631 | fprintf (stderr, | ||
632 | "Error opening RAW socket: %s\n", | ||
633 | strerror (icmp_eno)); | ||
634 | global_ret = 6; | ||
635 | goto error_exit; | ||
636 | } | ||
637 | if (icmpsock >= FD_SETSIZE) | ||
638 | { | ||
639 | /* this could happen if we were started with a large number of already-open | ||
640 | file descriptors... */ | ||
641 | fprintf (stderr, | ||
642 | "Socket number too large (%d > %u)\n", | ||
643 | icmpsock, | ||
644 | (unsigned int) FD_SETSIZE); | ||
645 | global_ret = 7; | ||
646 | goto error_exit; | ||
647 | } | ||
648 | |||
649 | /* error checking rawsock */ | ||
650 | if (-1 == rawsock) | ||
651 | { | ||
652 | fprintf (stderr, | ||
653 | "Error opening RAW socket: %s\n", | ||
654 | strerror (raw_eno)); | ||
655 | global_ret = 8; | ||
656 | goto error_exit; | ||
657 | } | ||
658 | /* no need to check 'rawsock' against FD_SETSIZE as it is never used | ||
659 | with 'select' */ | ||
660 | |||
661 | if (0 != setup_raw_socket ()) | ||
662 | { | ||
663 | global_ret = 9; | ||
664 | goto error_exit; | ||
665 | } | ||
666 | |||
667 | if (-1 == (udpsock = make_udp_socket (&external))) | ||
668 | { | ||
669 | global_ret = 10; | ||
670 | goto error_exit; | ||
671 | } | ||
672 | |||
673 | alt = 0; | ||
674 | while (1) | ||
675 | { | ||
676 | FD_ZERO (&rs); | ||
677 | FD_SET (icmpsock, &rs); | ||
678 | tv.tv_sec = 0; | ||
679 | tv.tv_usec = ICMP_SEND_FREQUENCY_MS * 1000; | ||
680 | if (-1 == select (icmpsock + 1, &rs, NULL, NULL, &tv)) | ||
681 | { | ||
682 | if (errno == EINTR) | ||
683 | continue; | ||
684 | fprintf (stderr, | ||
685 | "select failed: %s\n", | ||
686 | strerror (errno)); | ||
687 | break; | ||
688 | } | ||
689 | if (1 == getppid ()) /* Check the parent process id, if 1 the parent has died, so we should die too */ | ||
690 | break; | ||
691 | if (FD_ISSET (icmpsock, &rs)) | ||
692 | { | ||
693 | process_icmp_response (); | ||
694 | continue; | ||
695 | } | ||
696 | if (0 == (++alt % 2)) | ||
697 | send_icmp_echo (&external); | ||
698 | else | ||
699 | send_udp (); | ||
700 | } | ||
701 | |||
702 | /* select failed (internal error or OS out of resources) */ | ||
703 | global_ret = 11; | ||
704 | error_exit: | ||
705 | if (-1 != icmpsock) | ||
706 | (void) close (icmpsock); | ||
707 | if (-1 != rawsock) | ||
708 | (void) close (rawsock); | ||
709 | if (-1 != udpsock) | ||
710 | (void) close (udpsock); | ||
711 | return global_ret; | ||
712 | } | ||
713 | |||
714 | |||
715 | /* end of gnunet-helper-nat-server.c */ | ||